none
iOS Lync2010 Issue - You must update Lync to log in

    Question

  • Hi all,

    After a couple of days working fine with Android devices, today the iOS version of lync 2010 was published. But, as expected :(, it is not working.

    Both internally and externally it keeps saying that I must update lync lo log in, and that I should contact technical support to help me obtain the correct version. 

    Any help?

    Tuesday, December 20, 2011 10:11 AM

Answers

  • The main test is:

    http://lyncdiscover.yourdomain.com/autodiscover/autodiscoverservice.svc/root  should give you a file with the information of your reverse proxy. If it fails... you have a problem.

    Be careful because even if with https:// works, the iphone fails. 

    In order to solve this I had to create an additional binding on the iis with the hostname and port that my hardware balancer was using. Once done everything is working fine. (except the exchange connection from the ios device that does not work...).

    In short, make sure your http:// is working.

    • Marked as answer by elchepas1 Tuesday, December 20, 2011 6:38 PM
    Tuesday, December 20, 2011 6:38 PM

All replies

  • Hi, same here. Newly released iPhone version doesn't work while version for Android does. But for me it only says Logging in... and than freezes. Changing servers to manual intead of autodiscover doesn't help.

    VM

    Tuesday, December 20, 2011 10:30 AM
  • try loggin in from outside your network @vm_2011.

    might be cert issue if your trying from inside lan.


    +Say thanks and observe basic forum courtesy:
    +If this post answered your question, Mark As Answer
    +If this post was helpful, Vote as Helpful

    windowspbx blog: my thots/howtos
    see/submit Lync suggestions here: simple and public
    Tuesday, December 20, 2011 10:47 AM
  • try loggin in from outside your network @vm_2011.

    might be cert issue if your trying from inside lan.


    +Say thanks and observe basic forum courtesy:
    +If this post answered your question, Mark As Answer
    +If this post was helpful, Vote as Helpful

    windowspbx blog: my thots/howtos
    see/submit Lync suggestions here: simple and public

    I am trying it from outside. I have HTTP publishing rule on TMG to lyncdiscover url and I can see the redirection warning on the client stating that it's trying to redirect me to real reverse proxy HTTPS url of Lync web services and after accepting, it freezes. If I put that long web services urls to the client manually it skips the redirection warning and freezes immediately.

    VM

    Tuesday, December 20, 2011 10:59 AM
  • I have the same, lyncdiscover by http and then redirects to https. I have managed to make it work if I manually enter

    https://ucc-rp.mydomain.com/Autodiscover/autodiscoverservice.svc/Root

    Being ucc-rp the response I get if I manually try https://lyncdiscover.mydomain.com/Autodiscover/autodiscoverservice.svc/Root

    No idea why the redirection is not working, in android just go fine.

    • Edited by elchepas1 Tuesday, December 20, 2011 11:44 AM
    Tuesday, December 20, 2011 11:29 AM
  • Here is the part of the log files from the client if anyone can help me

    2011-12-20 13:23:07.011 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/private/CHttpRequestProcessor.cpp/266:Sending event to main thread for request(0x6fbf28)
    2011-12-20 13:23:07.013 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataManager.cpp/495:Received response for meta data request of type 120 with status 0
    2011-12-20 13:23:07.014 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataManager.cpp/565:Endpoint url constructed from unauth-get response is https://lync.domain.tld/autodiscover/autodiscoverservice.svc/root
    2011-12-20 13:23:07.015 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataManager.cpp/573:Base service url constructed from unauth-get-response is https://lync.domain.tld/autodiscover/autodiscoverservice.svc/root
    2011-12-20 13:23:07.016 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataManager.cpp/620:Added a binding based on the unauth-get response
    2011-12-20 13:23:07.017 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../authenticationResolver/private/CAuthenticationResolver.cpp/492:MetaData retrieval for url https://lync.domain.tld/autodiscover/autodiscoverservice.svc/root/user completed with status 0
    2011-12-20 13:23:07.018 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../authenticationResolver/private/CAuthenticationResolver.cpp/521:Deleting 1 pended Meta data requests for url https://lync.domain.tld/autodiscover/autodiscoverservice.svc/root/user
    2011-12-20 13:23:07.019 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../authenticationResolver/private/CAuthenticationResolver.cpp/552:Executing request after meta data successfully retrieved
    2011-12-20 13:23:07.020 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../authenticationResolver/private/CAuthenticationResolver.cpp/392:Executing request of type UcwaAutoDiscoveryRequest destined for https://lync.domain.tld/autodiscover/autodiscoverservice.svc/root/user
    2011-12-20 13:23:07.021 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataManager.cpp/322:Received a request to get the meta data of type 0 for url https://lync.domain.tld/autodiscover/autodiscoverservice.svc/root/user
    2011-12-20 13:23:07.023 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataManager.cpp/344:Base service url constructed is https://lync.domain.tld/autodiscover/autodiscoverservice.svc/root
    2011-12-20 13:23:07.024 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../authenticationResolver/private/CAuthenticationResolver.cpp/862:Found a binding with AuthType 16
    2011-12-20 13:23:07.025 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../credentialManager/private/CCredentialManager.cpp/264:getSpecificCredential returning the following credential for credType (1) serviceId (1)
    2011-12-20 13:23:07.026 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../credentialManager/private/CCredentialManager.cpp/161:Credential information: credType (1) signInName (my_sip_uri@sipdomain.com) domain (veoliawater) username (my_sip_uri) password.empty() (0) compatibleServiceIds(0)
    2011-12-20 13:23:07.029 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../webTicket/private/CWebTicketSession.cpp/141:Request to get web ticket for https://lync.domain.tld/autodiscover/autodiscoverservice.svc/root
    2011-12-20 13:23:07.030 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../webTicket/private/CWebTicketSession.cpp/254:No Cached web-ticket found.
    2011-12-20 13:23:07.032 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../webTicket/private/CWebTicketSession.cpp/291:Received request for a new token for https://lync.domain.tld/autodiscover/autodiscoverservice.svc/root
    2011-12-20 13:23:07.033 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../credentialManager/private/CCredentialManager.cpp/264:getSpecificCredential returning the following credential for credType (1) serviceId (4)
    2011-12-20 13:23:07.034 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../credentialManager/private/CCredentialManager.cpp/161:Credential information: credType (1) signInName () domain () username () password.empty() (1) compatibleServiceIds(0)
    2011-12-20 13:23:07.035 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../authenticationResolver/private/CAuthenticationResolver.cpp/392:Executing request of type WebTicketRequest destined for https://lync.domain.tld/webticket/webticketservice.svc
    2011-12-20 13:23:07.036 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataManager.cpp/322:Received a request to get the meta data of type 2 for url https://lync.domain.tld/webticket/webticketservice.svc
    2011-12-20 13:23:07.037 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataManager.cpp/414:Sending Mex request get the meta data for the endpoint
    2011-12-20 13:23:07.039 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../credentialManager/private/CCredentialManager.cpp/264:getSpecificCredential returning the following credential for credType (1) serviceId (4)
    2011-12-20 13:23:07.040 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../credentialManager/private/CCredentialManager.cpp/161:Credential information: credType (1) signInName () domain () username () password.empty() (1) compatibleServiceIds(0)
    2011-12-20 13:23:07.041 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/privateIos/CTransportThread.cpp/156:Added Request(MetaDataRequest) to Request Processor queue
    2011-12-20 13:23:07.042 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../authenticationResolver/private/CAuthenticationResolver.cpp/410:Waiting on Meta Data from https://lync.domain.tld/webticket/webticketservice.svc
    2011-12-20 13:23:07.043 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../authenticationResolver/private/CAuthenticationResolver.cpp/207:Waiting on the token
    2011-12-20 13:23:07.049 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/privateIos/CTransportThread.cpp/339:Sent Request(MetaDataRequest) to Request Processor
    2011-12-20 13:23:07.052 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/private/CHttpRequestProcessor.cpp/362:Sending request(MetaDataRequest) to server type = 1
    2011-12-20 13:23:07.056 Lync[2011:5e0b] PERFORMANCE TESTPERF /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/platform/_buildIos/../tracing/privateIos/CMPerfTrace.mm/75:PerfBegin|16|Time=2011-12-20T13:23:07.054|MemoryUsage=17764352|UsedTick=461839.000000|TotalTick=10754534.000000|BatteryLevel=0.850000|WifiSent=1619402|WifiReceived=2120076|WwanSent=5849643|WwanReceived=73260369
    2011-12-20 13:23:07.058 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/privateIos/CHttpStreamPool.cpp/124:Setting url - https://lync.domain.tld/webticket/webticketservice.svc/mex persistent id as 3 
    2011-12-20 13:23:08.915 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/privateIos/CHttpConnection.cpp/462:Received stream event = 2 for MetaDataRequest
    2011-12-20 13:23:09.184 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/privateIos/CHttpConnection.cpp/462:Received stream event = 2 for MetaDataRequest
    2011-12-20 13:23:09.215 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/privateIos/CHttpConnection.cpp/462:Received stream event = 2 for MetaDataRequest
    2011-12-20 13:23:09.218 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/privateIos/CHttpConnection.cpp/462:Received stream event = 16 for MetaDataRequest
    2011-12-20 13:23:09.220 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/privateIos/CHttpConnection.cpp/506:Received kCFStreamEventEndEncountered (MetaDataRequest)isHeadersAvailable = true  responseHeadersHandle = 6bf8a0
    2011-12-20 13:23:09.222 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/privateIos/CHttpConnection.cpp/548:Response status = 200 for request MetaDataRequest
    2011-12-20 13:23:09.224 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/private/CHttpRequestProcessor.cpp/137:Received response of request(MetaDataRequest) with status = 0x0
    2011-12-20 13:23:09.230 Lync[2011:5e0b] PERFORMANCE TESTPERF /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/platform/_buildIos/../tracing/privateIos/CMPerfTrace.mm/95:PerfEnd|16|Time=2011-12-20T13:23:09.228|MemoryUsage=17895424|UsedTick=461864.000000|TotalTick=10754751.000000|BatteryLevel=0.850000|WifiSent=1619402|WifiReceived=2120076|WwanSent=5851683|WwanReceived=73280317
    2011-12-20 13:23:09.234 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataRequest.cpp/86:MEX response received.
    2011-12-20 13:23:09.235 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/422:<ReceivedResponse>
    2011-12-20 13:23:09.236 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:Cache-Control private
    2011-12-20 13:23:09.237 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:Connection Keep-Alive
    2011-12-20 13:23:09.238 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:Content-Length 18306
    2011-12-20 13:23:09.239 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:Content-Type application/soap+xml; charset=utf-8
    2011-12-20 13:23:09.240 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:Date Tue, 20 Dec 2011 12:23:08 GMT
    2011-12-20 13:23:09.242 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:MobileLyncInternalUse-x509-CertificateData 0Ç Æ0Ç ñ†      f∑kAE¬0
     	*ÜHܘ
        
    2011-12-20 13:23:09.243 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:Server Microsoft-IIS/7.5
    2011-12-20 13:23:09.246 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:StatusCode 200
    2011-12-20 13:23:09.247 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:X-AspNet-Version 2.0.50727
    2011-12-20 13:23:09.249 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:X-MS-Server-Fqdn poolname.domain.tld
    2011-12-20 13:23:09.250 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/430:HttpHeader:X-Powered-By ASP.NET
    2011-12-20 13:23:09.252 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/435:<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2004/09/transfer/GetResponse</a:Action></s:Header><s:Body><Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"><wsx:MetadataSection Dialect="http://schemas.xmlsoap.org/wsdl/" Identifier="http://tempuri.org/" xmlns=""><wsdl:definitions name="WebTicketService" targetNamespace="http://tempuri.org/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:tns="http://tempuri.org/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsa10="http://www.w3.org/2005/08/addressing"><wsp:Policy wsu:Id="WebTicketServiceWinNtlm_policy"><wsp:ExactlyOne><wsp:All><http:NtlmAuthentication xmlns:http="http://schemas.microsoft.com/ws/06/2004/policy/http"/><af:Binding xmlns:af="urn:component:Microsoft.Rtc.WebAuthentication.2010"/><sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:TransportToken><wsp:Policy><sp:HttpsToken RequireClientCertificate="false"/></wsp:Policy></sp:TransportToken><sp:AlgorithmSuite><wsp:Policy><sp:Basic256/></wsp:Policy></sp:AlgorithmSuite><sp:Layout><wsp:Policy><sp:Strict/></wsp:Policy></sp:Layout></wsp:Policy></sp:TransportBinding></wsp:All></wsp:ExactlyOne></wsp:Policy><wsp:Policy wsu:Id="WebTicketServiceCert_policy"><wsp:ExactlyOne><wsp:All><af:Binding xmlns:af="urn:component:Microsoft.Rtc.WebAuthentication.2010"/><sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:TransportToken><wsp:Policy><sp:HttpsToken RequireClientCertificate="false"/></wsp:Policy></sp:TransportToken><sp:AlgorithmSuite><wsp:Policy><sp:Basic256/></wsp:Policy></sp:AlgorithmSuite><sp:Layout><wsp:Policy><sp:Strict/></wsp:Policy></sp:Layout><sp:IncludeTimestamp/></wsp:Policy></sp:TransportBinding><sp:EndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"><wsp:Policy><sp:RequireThumbprintReference/><sp:WssX509V3Token10/></wsp:Policy></sp:X509Token><sp:SignedParts><sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/></sp:SignedParts></wsp:Policy></sp:EndorsingSupportingTokens><sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:MustSupportRefKeyIdentifier/><sp:MustSupportRefIssuerSerial/><sp:MustSupportRefThumbprint/><sp:MustSupportRefEncryptedKey/></wsp:Policy></sp:Wss11><sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:MustSupportIssuedTokens/><sp:RequireClientEntropy/><sp:RequireServerEntropy/></wsp:Policy></sp:Trust10><wsaw:UsingAddressing/></wsp:All></wsp:ExactlyOne></wsp:Policy><wsp:Policy wsu:Id="WebTicketServiceMachineCert_policy"><wsp:ExactlyOne><wsp:All><sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:TransportToken><wsp:Policy><sp:HttpsToken RequireClientCertificate="false"/></wsp:Policy></sp:TransportToken><sp:AlgorithmSuite><wsp:Policy><sp:Basic256/></wsp:Policy></sp:AlgorithmSuite><sp:Layout><wsp:Policy><sp:Strict/></wsp:Policy></sp:Layout><sp:IncludeTimestamp/></wsp:Policy></sp:TransportBinding><sp:EndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"><wsp:Policy><sp:RequireThumbprintReference/><sp:WssX509V3Token10/></wsp:Policy></sp:X509Token><sp:SignedParts><sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/></sp:SignedParts></wsp:Policy></sp:EndorsingSupportingTokens><sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:MustSupportRefKeyIdentifier/><sp:MustSupportRefIssuerSerial/><sp:MustSupportRefThumbprint/><sp:MustSupportRefEncryptedKey/></wsp:Policy></sp:Wss11><sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:MustSupportIssuedTokens/><sp:RequireClientEntropy/><sp:RequireServerEntropy/></wsp:Policy></sp:Trust10><wsaw:UsingAddressing/></wsp:All></wsp:ExactlyOne></wsp:Policy><wsp:Policy wsu:Id="WebTicketServiceAuth_policy"><wsp:ExactlyOne><wsp:All><af:FormsAuthentication xmlns:af="urn:component:Microsoft.Rtc.WebAuthentication.2010"/><af:Binding xmlns:af="urn:component:Microsoft.Rtc.WebAuthentication.2010"/><sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:TransportToken><wsp:Policy><sp:HttpsToken RequireClientCertificate="false"/></wsp:Policy></sp:TransportToken><sp:AlgorithmSuite><wsp:Policy><sp:Basic256/></wsp:Policy></sp:AlgorithmSuite><sp:Layout><wsp:Policy><sp:Lax/></wsp:Policy></sp:Layout></wsp:Policy></sp:TransportBinding><sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"><wsp:Policy><sp:WssUsernameToken10/></wsp:Policy></sp:UsernameToken></wsp:Policy></sp:SignedSupportingTokens><sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:MustSupportRefKeyIdentifier/><sp:MustSupportRefIssuerSerial/></wsp:Policy></sp:Wss10></wsp:All></wsp:ExactlyOne></wsp:Policy><wsp:Policy wsu:Id="WebTicketServiceAnon_policy"><wsp:ExactlyOne><wsp:All><af:AnonAuthentication xmlns:af="urn:component:Microsoft.Rtc.WebAuthentication.2010"/><af:Binding xmlns:af="urn:component:Microsoft.Rtc.WebAuthentication.2010"/><sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:TransportToken><wsp:Policy><sp:HttpsToken RequireClientCertificate="false"/></wsp:Policy></sp:TransportToken><sp:AlgorithmSuite><wsp:Policy><sp:Basic256/></wsp:Policy></sp:AlgorithmSuite><sp:Layout><wsp:Policy><sp:Lax/></wsp:Policy></sp:Layout></wsp:Policy></sp:TransportBinding><sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"><wsp:Policy><sp:WssUsernameToken10/></wsp:Policy></sp:UsernameToken></wsp:Policy></sp:SignedSupportingTokens><sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:MustSupportRefKeyIdentifier/><sp:MustSupportRefIssuerSerial/></wsp:Policy></sp:Wss10></wsp:All></wsp:ExactlyOne></wsp:Policy><wsdl:types><xsd:schema targetNamespace="http://tempuri.org/Imports"><xsd:import namespace="http://schemas.microsoft.com/Message"/><xsd:import namespace="urn:component:Microsoft.Rtc.WebAuthentication.2010"/><xsd:import namespace="http://schemas.microsoft.com/2003/10/Serialization/"/><xsd:import namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/></xsd:schema></wsdl:types><wsdl:message name="IWebTicketService_IssueToken_InputMessage"><wsdl:part name="rst" type="q1:MessageBody" xmlns:q1="http://schemas.microsoft.com/Message"/></wsdl:message><wsdl:message name="IWebTicketService_IssueToken_OutputMessage"><wsdl:part name="IssueTokenResult" type="q2:MessageBody" xmlns:q2="http://schemas.microsoft.com/Message"/></wsdl:message><wsdl:message name="IWebTicketService_IssueToken_OCSDiagnosticsFaultFault_FaultMessage"><wsdl:part name="detail" element="q3:OCSDiagnosticsFault" xmlns:q3="urn:component:Microsoft.Rtc.WebAuthentication.2010"/></wsdl:message><wsdl:portType name="IWebTicketService"><wsdl:operation name="IssueToken"><wsdl:input wsaw:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" message="tns:IWebTicketService_IssueToken_InputMessage"/><wsdl:output wsaw:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal" message="tns:IWebTicketService_IssueToken_OutputMessage"/><wsdl:fault wsaw:Action="http://tempuri.org/IWebTicketService/IssueTokenOCSDiagnosticsFaultFault" name="OCSDiagnosticsFaultFault" message="tns:IWebTicketService_IssueToken_OCSDiagnosticsFaultFault_FaultMessage"/></wsdl:operation></wsdl:portType><wsdl:binding name="WebTicketServiceWinNtlm" type="tns:IWebTicketService"><wsp:PolicyReference URI="#WebTicketServiceWinNtlm_policy"/><soap:binding transport="http://schemas.xmlsoap.org/soap/http"/><wsdl:operation name="IssueToken"><soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" style="document"/><wsdl:input><soap:body use="literal"/></wsdl:input><wsdl:output><soap:body use="literal"/></wsdl:output><wsdl:fault name="OCSDiagnosticsFaultFault"><soap:fault name="OCSDiagnosticsFaultFault" use="literal"/></wsdl:fault></wsdl:operation></wsdl:binding><wsdl:binding name="WebTicketServiceCert" type="tns:IWebTicketService"><wsp:PolicyReference URI="#WebTicketServiceCert_policy"/><soap:binding transport="http://schemas.xmlsoap.org/soap/http"/><wsdl:operation name="IssueToken"><soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" style="document"/><wsdl:input><soap:body use="literal"/></wsdl:input><wsdl:output><soap:body use="literal"/></wsdl:output><wsdl:fault name="OCSDiagnosticsFaultFault"><soap:fault name="OCSDiagnosticsFaultFault" use="literal"/></wsdl:fault></wsdl:operation></wsdl:binding><wsdl:binding name="WebTicketServiceMachineCert" type="tns:IWebTicketService"><wsp:PolicyReference URI="#WebTicketServiceMachineCert_policy"/><soap:binding transport="http://schemas.xmlsoap.org/soap/http"/><wsdl:operation name="IssueToken"><soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" style="document"/><wsdl:input><soap:body use="literal"/></wsdl:input><wsdl:output><soap:body use="literal"/></wsdl:output><wsdl:fault name="OCSDiagnosticsFaultFault"><soap:fault name="OCSDiagnosticsFaultFault" use="literal"/></wsdl:fault></wsdl:operation></wsdl:binding><wsdl:binding name="WebTicketServiceAuth" type="tns:IWebTicketService"><wsp:PolicyReference URI="#WebTicketServiceAuth_policy"/><soap:binding transport="http://schemas.xmlsoap.org/soap/http"/><wsdl:operation name="IssueToken"><soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" style="document"/><wsdl:input><soap:body use="literal"/></wsdl:input><wsdl:output><soap:body use="literal"/></wsdl:output><wsdl:fault name="OCSDiagnosticsFaultFault"><soap:fault name="OCSDiagnosticsFaultFault" use="literal"/></wsdl:fault></wsdl:operation></wsdl:binding><wsdl:binding name="WebTicketServiceAnon" type="tns:IWebTicketService"><wsp:PolicyReference URI="#WebTicketServiceAnon_policy"/><soap:binding transport="http://schemas.xmlsoap.org/soap/http"/><wsdl:operation name="IssueToken"><soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" style="document"/><wsdl:input><soap:body use="literal"/></wsdl:input><wsdl:output><soap:body use="literal"/></wsdl:output><wsdl:fault name="OCSDiagnosticsFaultFault"><soap:fault name="OCSDiagnosticsFaultFault" use="literal"/></wsdl:fault></wsdl:operation></wsdl:binding><wsdl:service name="WebTicketService"><wsdl:port name="WebTicketServiceWinNtlm" binding="tns:WebTicketServiceWinNtlm"><soap:address location="https://lync.domain.tld/WebTicket/WebTicketService.svc"/></wsdl:port><wsdl:port name="WebTicketServiceCert" binding="tns:WebTicketServiceCert"><soap:address location="https://lync.domain.tld/WebTicket/WebTicketService.svc/cert"/><wsa10:EndpointReference><wsa10:Address>https://lync.domain.tld/WebTicket/WebTicketService.svc/cert</wsa10:Address></wsa10:EndpointReference></wsdl:port><wsdl:port name="WebTicketServiceMachineCert" binding="tns:WebTicketServiceMachineCert"><soap:address location="https://lync.domain.tld/WebTicket/WebTicketService.svc/MachineCert"/><wsa10:EndpointReference><wsa10:Address>https://lync.domain.tld/WebTicket/WebTicketService.svc/MachineCert</wsa10:Address></wsa10:EndpointReference></wsdl:port><wsdl:port name="WebTicketServiceAuth" binding="tns:WebTicketServiceAuth"><soap:address location="https://lync.domain.tld/WebTicket/WebTicketService.svc/Auth"/></wsdl:port><wsdl:port name="WebTicketServiceAnon" binding="tns:WebTicketServiceAnon"><soap:address location="https://lync.domain.tld/WebTicket/WebTicketService.svc/Anon"/></wsdl:port></wsdl:service></wsdl:definitions></wsx:MetadataSection><wsx:MetadataSection Dialect="http://www.w3.org/2001/XMLSchema" Identifier="http://schemas.microsoft.com/Message" xmlns=""><xs:schema elementFormDefault="qualified" targetNamespace="http://schemas.microsoft.com/Message" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://schemas.microsoft.com/Message"><xs:complexType name="MessageBody"><xs:sequence><xs:any minOccurs="0" maxOccurs="unbounded" namespace="##any"/></xs:sequence></xs:complexType></xs:schema></wsx:MetadataSection><wsx:MetadataSection Dialect="http://www.w3.org/2001/XMLSchema" Identifier="http://schemas.microsoft.com/2003/10/Serialization/" xmlns=""><xs:schema attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://schemas.microsoft.com/2003/10/Serialization/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://schemas.microsoft.com/2003/10/Serialization/"><xs:element name="anyType" nillable="true" type="xs:anyType"/><xs:element name="anyURI" nillable="true" type="xs:anyURI"/><xs:element name="base64Binary" nillable="true" type="xs:base64Binary"/><xs:element name="boolean" nillable="true" type="xs:boolean"/><xs:element name="byte" nillable="true" type="xs:byte"/><xs:element name="dateTime" nillable="true" type="xs:dateTime"/><xs:element name="decimal" nillable="true" type="xs:decimal"/><xs:element name="double" nillable="true" type="xs:double"/><xs:element name="float" nillable="true" type="xs:float"/><xs:element name="int" nillable="true" type="xs:int"/><xs:element name="long" nillable="true" type="xs:long"/><xs:element name="QName" nillable="true" type="xs:QName"/><xs:element name="short" nillable="true" type="xs:short"/><xs:element name="string" nillable="true" type="xs:string"/><xs:element name="unsignedByte" nillable="true" type="xs:unsignedByte"/><xs:element name="unsignedInt" nillable="true" type="xs:unsignedInt"/><xs:element name="unsignedLong" nillable="true" type="xs:unsignedLong"/><xs:element name="unsignedShort" nillable="true" type="xs:unsignedShort"/><xs:element name="char" nillable="true" type="tns:char"/><xs:simpleType name="char"><xs:restriction base="xs:int"/></xs:simpleType><xs:element name="duration" nillable="true" type="tns:duration"/><xs:simpleType name="duration"><xs:restriction base="xs:duration"><xs:pattern value="\-?P(\d*D)?(T(\d*H)?(\d*M)?(\d*(\.\d*)?S)?)?"/><xs:minInclusive value="-P10675199DT2H48M5.4775808S"/><xs:maxInclusive value="P10675199DT2H48M5.4775807S"/></xs:restriction></xs:simpleType><xs:element name="guid" nillable="true" type="tns:guid"/><xs:simpleType name="guid"><xs:restriction base="xs:string"><xs:pattern value="[\da-fA-F]{8}-[\da-fA-F]{4}-[\da-fA-F]{4}-[\da-fA-F]{4}-[\da-fA-F]{12}"/></xs:restriction></xs:simpleType><xs:attribute name="FactoryType" type="xs:QName"/><xs:attribute name="Id" type="xs:ID"/><xs:attribute name="Ref" type="xs:IDREF"/></xs:schema></wsx:MetadataSection><wsx:MetadataSection Dialect="http://www.w3.org/2001/XMLSchema" Identifier="urn:component:Microsoft.Rtc.WebAuthentication.2010" xmlns=""><xs:schema elementFormDefault="qualified" targetNamespace="urn:component:Microsoft.Rtc.WebAuthentication.2010" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="urn:component:Microsoft.Rtc.WebAuthentication.2010"><xs:import namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/><xs:complexType name="OCSDiagnosticsFault"><xs:sequence><xs:element minOccurs="0" name="Ms-Diagnostics-Fault" nillable="true" type="tns:FaultMsDiagnosticsMetaData"/><xs:element minOccurs="0" name="NameValuePairs" nillable="true" type="q1:ArrayOfKeyValueOfstringstring" xmlns:q1="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/></xs:sequence></xs:complexType><xs:element name="OCSDiagnosticsFault" nillable="true" type="tns:OCSDiagnosticsFault"/><xs:complexType name="FaultMsDiagnosticsMetaData"><xs:sequence><xs:element minOccurs="0" name="ErrorId" type="xs:unsignedInt"/><xs:element minOccurs="0" name="Reason" nillable="true" type="xs:string"/></xs:sequence></xs:complexType><xs:element name="FaultMsDiagnosticsMetaData" nillable="true" type="tns:FaultMsDiagnosticsMetaData"/></xs:schema></wsx:MetadataSection><wsx:MetadataSection Dialect="http://www.w3.org/2001/XMLSchema" Identifier="http://schemas.microsoft.com/2003/10/Serialization/Arrays" xmlns=""><xs:schema elementFormDefault="qualified" targetNamespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><xs:complexType name="ArrayOfKeyValueOfstringstring"><xs:annotation><xs:appinfo><IsDictionary xmlns="http://schemas.microsoft.com/2003/10/Serialization/">true</IsDictionary></xs:appinfo></xs:annotation><xs:sequence><xs:element minOccurs="0" maxOccurs="unbounded" name="KeyValueOfstringstring"><xs:complexType><xs:sequence><xs:element name="Key" nillable="true" type="xs:string"/><xs:element name="Value" nillable="true" type="xs:string"/></xs:sequence></xs:complexType></xs:element></xs:sequence></xs:complexType><xs:element name="ArrayOfKeyValueOfstringstring" nillable="true" type="tns:ArrayOfKeyValueOfstringstring"/></xs:schema></wsx:MetadataSection></Metadata></s:Body></s:Envelope>
    2011-12-20 13:23:09.256 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../common/TransportUtilityFunctions.cpp/438:</ReceivedResponse>
    2011-12-20 13:23:09.313 Lync[2011:5e0b] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../requestProcessor/private/CHttpRequestProcessor.cpp/266:Sending event to main thread for request(0x6bd320)
    2011-12-20 13:23:09.315 Lync[2011:707] INFO TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataManager.cpp/495:Received response for meta data request of type 80 with status 0
    2011-12-20 13:23:09.316 Lync[2011:707] ERROR TRANSPORT /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/transport/_buildIos/../metaDataManager/private/CMetaDataManager.cpp/654:No relevent bindings parsed from the mex response
    2011-12-20 13:23:09.320 Lync[2011:707] ERROR APPLICATION /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/platform/_buildIos/../errorHandling/privateIos/ErrorMacros.mm/219:Stack back trace:
     1   Lync                                0x0036d4d5 _ZdlPvS_ + 2814264
     2   Lync                                0x00134085 _ZdlPvS_ + 482536
     3   Lync                                0x000d715b _ZdlPvS_ + 101822
     4   Lync                                0x0036fdcd _ZdlPvS_ + 2824752
     5   Lync                                0x0036ff45 _ZdlPvS_ + 2825128
     6   CoreFoundation                      0x3108db03 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 14
     7   CoreFoundation                      0x3108d2cf __CFRunLoopDoSources0 + 214
     8   CoreFoundation                      0x3108c075 __CFRunLoopRun + 652
     9   CoreFoundation                      0x3100f4dd CFRunLoopRunSpecific + 300
     10  CoreFoundation                      0x3100f3a5 CFRunLoopRunInMode + 104
     11  GraphicsServices                    0x33c3dfed GSEventRunModal + 156
     12  UIKit                               0x33081743 UIApplicationMain + 1090
     13  Lync                                0x00075503 Lync + 476419
     14  Lync                                0x000030ac Lync + 8364
    1 Lync 0x36d4d5
    2 Lync 0x134085
    3 Lync 0xd715b
    4 Lync 0x36fdcd
    5 Lync 0x36ff45
    6 Lync 0x3108db03
    7 Lync 0x3108d2cf
    8 Lync 0x3108c075
    9 Lync 0x3100f4dd
    10 Lync 0x3100f3a5
    11 Lync 0x33c3dfed
    12 Lync 0x33081743
    13 Lync 0x75503
    14 Lync 0x30ac
    0x0000 - 0x0000 +Lync armv7 <0> ...
    2011-12-20 13:23:09.322 Lync[2011:707] ERROR UI /Users/comobuildadmin/se_wave1_idx/src/dev/CoMo/platform/_buildIos/../errorHandling/privateIos/ErrorMacros.mm/102:Handle ASSERT Message:
    No relevent bindings parsed from the mex response


    Tuesday, December 20, 2011 12:44 PM
  • We have the same problem :(

    iOS client is not working because it does bad initial requests to TMG. Android client is working ok.

    Tuesday, December 20, 2011 4:11 PM
  • If you config TMG rule to "Public Name" - All requests, all is working. But we use TMG to publish more URLs, so we need to put public names.
    Tuesday, December 20, 2011 4:12 PM
  • The main test is:

    http://lyncdiscover.yourdomain.com/autodiscover/autodiscoverservice.svc/root  should give you a file with the information of your reverse proxy. If it fails... you have a problem.

    Be careful because even if with https:// works, the iphone fails. 

    In order to solve this I had to create an additional binding on the iis with the hostname and port that my hardware balancer was using. Once done everything is working fine. (except the exchange connection from the ios device that does not work...).

    In short, make sure your http:// is working.

    • Marked as answer by elchepas1 Tuesday, December 20, 2011 6:38 PM
    Tuesday, December 20, 2011 6:38 PM
  • I have the exact same problem, Android clients work fine. iPhone with autodiscovery freezes because it can't find a "relevent" binding in the WebTicketService metadata.

    Is there a workaround other than enabling http-based autodiscovery?

    Tuesday, December 20, 2011 10:50 PM
  • I have found this also, I can browse to the http site and get the prompt for the download but as soon as I try the https site I get an error.

     

    I'm not sure how you can add a binding with a hostname for an ssl site??
    Tuesday, December 20, 2011 11:00 PM
  • The binding in question is not a web server IP/hostname binding, but a webservice binding (URL). The metadata (mex) file the client retrieves contains anumber of URL's which clients can use.

    I can see in the IIS logs that the android client requests the same metadatafile, and then it requests one of the URLs from the file (/WebTicket/WebTicketService.svc/Auth), whereas the iPhone client apparently can't parse the file to get the URL it wants.

    Wednesday, December 21, 2011 8:54 AM
  • information for ipad/iphone:

    wrong mex response:

     

    wsaw:Action="http://tempuri.org/IWebTicketService/IssueTokenOCSDiagnosticsFaultFault" name="OCSDiagnosticsFaultFault" message="tns:IWebTicketService_IssueToken_OCSDiagnosticsFaultFault_FaultMessage"/></wsdl:operation></wsdl:portType><wsdl:binding name="WebTicketServiceWinNtlm"

     

    correct mex response:

    wsaw:Action="http://tempuri.org/IWebTicketService/IssueTokenOCSDiagnosticsFaultFault" name="OCSDiagnosticsFaultFault" message="tns:IWebTicketService_IssueToken_OCSDiagnosticsFaultFault_FaultMessage"/></wsdl:operation></wsdl:portType><wsdl:binding name="WebTicketServiceWinNegotiate"

    resolution: lync control panel -> security - Web Service -> change windows authentication to "Negotiate"

    • Proposed as answer by Milos Zsolt Tuesday, January 03, 2012 11:49 AM
    Tuesday, January 03, 2012 11:39 AM
  • Thank you, Milos.

    Negotiate authentication solved it for me. Android clients also still work.

    Tuesday, January 03, 2012 1:55 PM
  • The main test is:

    http://lyncdiscover.yourdomain.com/autodiscover/autodiscoverservice.svc/root  should give you a file with the information of your reverse proxy. If it fails... you have a problem.

    Be careful because even if with https:// works, the iphone fails. 

    In order to solve this I had to create an additional binding on the iis with the hostname and port that my hardware balancer was using. Once done everything is working fine. (except the exchange connection from the ios device that does not work...).

    In short, make sure your http:// is working.

    can you clarify EXACTLY what it is that you did?  Are you saying that you went into IIS and on the "external web site" you added a binding for the "external FQDN" and port 8080 specifically as an additional binding (now you have 3 bindings in total?)   
    Wednesday, February 08, 2012 7:29 PM
  • Thank you, Milos.

    Negotiate authentication solved it for me. Android clients also still work.

    Fixed for me as well!!!!! Thanks
    Friday, February 17, 2012 2:07 AM
  • The main test is:

    http://lyncdiscover.yourdomain.com/autodiscover/autodiscoverservice.svc/root  should give you a file with the information of your reverse proxy. If it fails... you have a problem.

    Be careful because even if with https:// works, the iphone fails. 

    In order to solve this I had to create an additional binding on the iis with the hostname and port that my hardware balancer was using. Once done everything is working fine. (except the exchange connection from the ios device that does not work...).

    In short, make sure your http:// is working.

    can you clarify EXACTLY what it is that you did?  Are you saying that you went into IIS and on the "external web site" you added a binding for the "external FQDN" and port 8080 specifically as an additional binding (now you have 3 bindings in total?)   
    I would like to know this as well. I would guess that this needs to be done on the internal and external websites on both front end and director servers.
    Tuesday, February 21, 2012 6:29 PM
  • Well, as I was previously throwing the kitchen sink at this iphone issue i was curious as to what this user had to do.  However, I have not seen anything at all about this and I can confirm that after I got my reverse proxy issues resolved things started working and I did NOT do anything of this sort.  I would be cautious to mess around with the IIS settings.   I'm going to search your ID for open threads  - but if you dont' have a thread - can you start a new thread with whatever issue that you're working on?
    Tuesday, February 21, 2012 6:32 PM
  • Well, as I was previously throwing the kitchen sink at this iphone issue i was curious as to what this user had to do.  However, I have not seen anything at all about this and I can confirm that after I got my reverse proxy issues resolved things started working and I did NOT do anything of this sort.  I would be cautious to mess around with the IIS settings.   I'm going to search your ID for open threads  - but if you dont' have a thread - can you start a new thread with whatever issue that you're working on?

    Greg, what load balancer hardware are you running. My DSE mentioned there was a issue with the Iphone when using Citrix netscalers as the load balancer hardware, specifically concerning cookie inserts. We run this compination and our load balancer also serves as our reverse proxy. I would be interesting is knowing what your reverse proxy issues were.
    Tuesday, February 21, 2012 7:04 PM
  • I am using apache as my reverse proxy and my issue was port based affinity.  From my conversations with Josh at Microsoft - there are to types that they try and use - cookie based affinity and port based affinity.   All I know was that iPhone just choked on this (but, Android worked fine).   I put "KeepAlive On" in the apache config and everything started working.  Without a doubt, comlpetely - my issue was persistence (sticky sessions/affinity) through my reverse proxy.  If your Netscaler has something like that in your admin guide I'd sure as heck explore that.   -G
    Tuesday, February 21, 2012 7:22 PM
  • I am using apache as my reverse proxy and my issue was port based affinity.  From my conversations with Josh at Microsoft - there are to types that they try and use - cookie based affinity and port based affinity.   All I know was that iPhone just choked on this (but, Android worked fine).   I put "KeepAlive On" in the apache config and everything started working.  Without a doubt, comlpetely - my issue was persistence (sticky sessions/affinity) through my reverse proxy.  If your Netscaler has something like that in your admin guide I'd sure as heck explore that.   -G

    Any trouble with your Windows Mobile devices, because they are not working either on my end?
    Tuesday, February 21, 2012 7:34 PM
  • yes. Windows Mobile and iOS unable to log in.  Android logs in just fine.   Are your Android clients working i presume?
    Tuesday, February 21, 2012 7:38 PM
  • yes. Windows Mobile and iOS unable to log in.  Android logs in just fine.   Are your Android clients working i presume?

    Correct, Android is running fine. It worked in staging, but in that config, I didn't have multiple front ends, which leads me down the path of me believing that this is a persistence issue.
    Tuesday, February 21, 2012 7:42 PM
  • Right. I'll pretend that I'm a wireshark specialist for a second ... and if you do a wireshark sniff you'll see something like REQ -> ACK -REQ -> ACK - RESET over and over again on the sniffer logs.  It's the reset that is the killer and that's what gets resovled when persistence is put in there.  I mean, seriously - why in the world does it only affect Windows Phone and iOS?  Probably because of the additional functionality that those devices have.  Im just guessing though.
    Tuesday, February 21, 2012 7:45 PM
  • Thanks Greg, it appears we are getting a cookie, but we don't get a web ticket from the registrar. Not sure if that is attributed to a persitence issue or not. Looks like I will be parsing network traces.

    Tuesday, February 21, 2012 7:54 PM
  • We got our environment working. It was a cookie insert issue with both Iphone and Win7. While we were passing the cookie, the device wasn't accepting it. This may be because we globally set cookies to HTTP only. We enabled source IP based persistence as a backup on the directors and front end servers and it is now working.
    Thursday, February 23, 2012 7:05 PM
  • That's great.  I am glad that I was able to help you determine that this was in fact a persistance issue.  Please mark my Tuesday, February 21, 2012 7:22 PM post as helpful.  thank you for the update.
    Thursday, February 23, 2012 8:36 PM
  • Same message here... Problem was we had the internal address in the topology builder pushed out to the iPhone's.

    Double check your root autodiscover file in notepad from a browser and see if that is correct first.

    Friday, March 23, 2012 12:26 PM