Event 14425 "exap.um.outlook.com" failures. Split domain (cross-premise) routing is disabled
-
14 iunie 2012 18:30
BACKGROUND:
I have Lync Enterprise on-premises. I have Exchange Online (O365) in the cloud.
The errors I have been getting led me to the following URL:
http://lab.technet.microsoft.com/en-us/library/hh533880.aspx
All fine and good.
When I use the following command:
New-CsHostingProvider -Identity "Exchange Online" -Enabled $True -EnabledSharedAddressSpace
$True -HostsOCSUsers $False -ProxyFqdn "exap.um.outlook.com" -IsLocal $False
-VerificationLevel UseSourceVerification
the command breaks communication to federated partners. I see presence, but the IM fails to send to them. When I delete the hosting provider ... the communication is restored. My recollection is that when the command is intact, the error in the event log (below) subsides.
Here is one error in my event log (Event ID 14499) Lync Server (LS Protocol Stack)
Federated partner exap.um.outlook.com has sent a significant number of messages
that have resulted in domain validation failures. There have been 204 such
failures in the last 15 minutes.There have been 570 errors in total. This can happen
when messages are sent to local users that don't exist, messages are sent from domains
that the partner isn't allowed to send from, or when the partner sends messages destined
to domains that this organization isn't responsible for.
Another error is: Event id 14425 Lync Server (LS Protocol Stack)
Many security events have been identified by the proxy stack. In the past 49 seconds, 30 security events have been identified by the proxy stack. A large number
of security events could indicate that the server is under attack. The last event was: $$begin_record LogType: security Text: Split domain (cross-premise) routing is disabled Result-Code: 0xc3e93d8c SIPPROXY_E_EPROUTING_MSG_SPLIT_DOMAIN_DISABLED Connection-ID: 0x1100 Peer-IP: 207.46.5.84:60646 Peer: exap.um.outlook.com:60646 SIP-Start-Line: REGISTER mydomain.com SIP/2.0 SIP-Call-ID: dcf19e5e71564a4fa01c856b20600777 SIP-CSeq: 1 REGISTER Data: external-domain="mydomain.com";external-type="domain-type-local";internal-domain="mydomain.com";
internal-type="domain-type-local" $$end_record
I'm really confused as I don't have a federated partner or provider with "Exap.um.Outlook.com" in it yet I get thousands of errors regarding it. When I do actually add the FQDN as a "New-CsHostingProvider" per the instructions - it breaks federation. I would also like to be able to complete the integration as it fits my current setup.
Anybody seen this one?
-G
if my post is helpful - please click on the green arrow. (please excuse, in advance, any perceived sarcasm/humor - as I often forget it does not translate through text) :)
- Editat de Greg Seeber 14 iunie 2012 18:35
Toate mesajele
-
14 iunie 2012 18:38i have verified that my SRV record exists (and also that the edge servers can get the record). _sipfederationtls._tcp.domain.com pointing to external FQDN of my edge as per the document in the URL.
if my post is helpful - please click on the green arrow. (please excuse, in advance, any perceived sarcasm/humor - as I often forget it does not translate through text) :)
-
19 iunie 2012 09:45Moderator
Hi Greg,
The Exap.um.Outlook.com is Exchange Online UM proxy server. Please make sure your on-premises Lync server integrates with Exchange Online UM correctly.
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
-
25 iunie 2012 01:57Moderator
Hi,
Any update?
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
-
28 iunie 2012 14:52
Sean,
I don't quite understand "make sure that your op Lync server integrates with EX online UM correctly".
I mean, I did the few powershell script and whatnot on Lyn c... but, when I do that it kills everything. Is there something on the Exchange side that needs to be done? I am still getting TONS of these errors ... even though I have pretty much REVERSED the powershell scrips tha tI have run to "federate" to that EXUM provider as per the instructions. Any ideas?
if my post is helpful - please click on the green arrow. (please excuse, in advance, any perceived sarcasm/humor - as I often forget it does not translate through text) :)
-
29 iunie 2012 20:42
Hi, I am having this exact same issue!
Running a trace on the edge server I noticed the following error after doing a SIP INVITE to a federated partner:
Data: Domain "mydomain.com" did not resolve by DNS SRV. The request returned a negative result from the internal cache
It seems when the EnableSharedAddressSpace option is configured, the edge server wants to use a DNS SRV lookup for the local domain??? It should be sending the traffic directly to the director/front end.
In my case, the edge server is configured to use our internal DNS zone, which does not have the external DNS SRV records for our domain. This has worked fine before now.
-
4 iulie 2012 11:51
It seems we are all stuck in the same thing! I'm trying to get Voice mail to work for my on Premise Lync with Exchange on O365 but i'm getting this error message on Lync Front end when calling to Voice mail.
Attempts to route to servers in an Exchange UM Dialplan failed
No server in the dialplan [Hosted__exap.um.outlook.com__mydomain.com] accepted the call with id [76621a51-935d-4cee-b7d3-c10a01c6da2d].
Cause: Dialplan is not configured properly.
Resolution:
Check the configuration of the dialplan on Exchange UM Servers.----
On Edge server I have the following :
Federated partner exap.um.outlook.com has sent a significant number of messages that have resulted in domain validation failures. There have been 8 such failures in the last 16 minutes.There have been 84 errors in total. This can happen when messages are sent to local users that don't exist, messages are sent from domains that the partner isn't allowed to send from, or when the partner sends messages destined to domains that this organization isn't responsible for.
Mohammed JH
-
4 iulie 2012 15:08I solved it! I re-ran the cmdlets from scratch and it turns that in some Blog that I followed there was a missing command.
Greg! make sure you are not missing those commands on Lync FE Shell
Set-CsAccessEdgeConfiguration -AllowFederatedUsers $True
Set-CsHostedVoiceMailPolicy -Destination exap.um.outlook.com -Organization mydomain.onmicrosoft.com
Also run the command Get-CsHostedVoicemailPolicy and make sure that you didn't enter any of the not authorized domains in the organization value.
you need to run this command to check what's ur tenant authorized domain by Microsft.
Get-AcceptedDomains
To run all these commands, You need to provide credentials and connect to remote CMD Shell.
$cred = Get-Credential (Hit Enter)
Note: A small window will pop up asking for your credentials! You should enter your username with the actual domain which is verified on O365 on cloud e.g. (mydomain.com) and the password.
$t = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection (Hit Enter)
$importresults = Import-PSSession $t (Hit Enter)
If you didn't face any issues running these commands, run
Get-CsHostedVoicemailPolicy
and then
Get-AcceptedDomains
hope this helps
cheersMohammed JH
.png)
