登入
 
首頁文件庫學習園地下載支援社群論壇
IT 專業人員的技術資源 >
Federation with MSN issue..

Answered Federation with MSN issue..

  • 2012年3月29日 下午 12:14
     
     
    登入以投票
    0

    Hi all,

    I used msn federation for 3-4 days and now suddenly its not working. I know there are so many reasons out there but i dont know how to troubleshoot this one. I run the sip stack and s4 loggings and tried to send message to a msn users and then checked the logs but there was no error or warning with this?

    How may i proceed pls advise.

    Thanks.

     

所有回覆

  • 2012年3月29日 下午 12:54
     
     
    登入以投票
    0

    Hi ,

    Can you run following command and let us know the outcome ?

    Test-CsFederatedPartner –TargetFqdn EdgeInternalFQDN –Domain live.com –ProxyFqdn federation.messenger.msn.com

    Ideally, MSN federation would take 7-30 days. Problem could be with MS side as well.

    Thanks
    Saleesh

    If answer is helpful, please hit the green arrow on the left, or mark as answer.


     
  • 2012年3月29日 下午 02:23
     
     
    登入以投票
    0

    Dear Saleesh,

    Here is the output of the command.

    Test-CsFederatedPartner : Unable to establish a connection.
    At line:1 char:24
    + Test-CsFederatedPartner <<<<  -TargetFqdn lyncedge.mydomain.local -Domain live.com -ProxyFqdn federation.messenger.msn.com
        + CategoryInfo          : OperationStopped: (:) [Test-CsFederatedPartner],
        ConnectionFailureException
        + FullyQualifiedErrorId : WorkflowNotCompleted,Microsoft.Rtc.Management.SyntheticTransactions.TestFederatedPartnerCmdlet

     
  • 2012年3月29日 下午 03:51
     
     
    登入以投票
    0

    Is federation working with yahoo or other lync partners ?

    If remote access and federation is working for other PIC domains , I would suggest you to wait for some time and check MSN federation.

    Let me know your thoughts.

    Thanks
    Saleesh

    If answer is helpful, please hit the green arrow on the left, or mark as answer.

     
  • 2012年3月30日 上午 06:26
     
     
    登入以投票
    0

    Hi,

     

    I suggest referring to the following tips to check the issue.

    1. Please check if the federation is allowed in the Control Panel and in topology builder.

    2. Please check the firewall if it allow port 5061 for inbound and outbound traffic.

    3. The SRV entry _sipfederationtls._tcp.domain.com is required for automatic DNS discovery of federated partners known as “Allowed SIP Domain”.

    4. Please check if the setting of Federation Route is correct in the properties of your site in Topology Builder and enabled your users for federation.

     

    Regards,

    Kent

     
  • 2012年3月30日 上午 06:34
     
     
    登入以投票
    0

    Salesh hi,

    Federation is not working with the other PIC domains. I tested it with a yahoo account and have no connection.

     
  • 2012年3月30日 下午 01:22
     
     
    登入以投票
    0

    Hi Kent,

    I checked all the four areas and they seem to ok. It WAS working, so most of the settings should be true, i was suspicious about the firewall (no error logs support it) but 5061 is open both incoming and ongoing.

    Any other suggestions?

    Thank you.

     
  • 2012年4月3日 上午 01:41
    版主
     
     
    登入以投票
    0

    Hi,Bora,

    Have you checked and validated the Edge certificate?Generally if it worked before but suddenly failed it maybe caused by certificate expired or broken.Besides please verify you have disabled IPv6 on your Edge server.

    Please also go to https://www.testocsconnectivity.com/ to test the connectivity for more information.

    B/R

    Sharon

    Sharon Shen

    TechNet Community Support

    ************************************************************************************************************************

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question.

     
  • 2012年4月3日 下午 03:24
     
     
    登入以投票
    0

    Hi Sharon,

    I think i found the root of the problem. Im getting certificate errors

    Over the past 15 minutes, Lync Server has experienced TLS outgoing connection failures 384 time(s). The error code of the last failure is 0x80090322 (The target principal name is incorrect.) while trying to connect to the server "lyncedge.domain.local" at address [192.168.40.2:5061], and the display name in the peer certificate is "Unavailable".

    My certificate has lyncedge.domain.com so which connection parameter should be changed with .com instead of .local so that certificate mismatch error will be gone? (My default sip domain is .local)


    • 已編輯 Bora Engin 2012年4月3日 下午 03:25
    •  
     
  • 2012年4月5日 上午 02:01
     
     
    登入以投票
    0

    Hi,

    Would you try to double check the DNS records for Edge Server? Here is a resolved case for this error message:

     

    http://social.technet.microsoft.com/Forums/en-US/ocscertificates/thread/e9f95f14-350a-4648-a425-d7785c2e3b91/

     

    Regards,

    Kent

     
  • 2012年4月6日 上午 08:47
     
     已答覆
    登入以投票
    0

    Hi all,

    I reissued local certificate and TLS error was gone. But then i still had no connection to the msn then i started the s4 and sip logs and found out FE couldnt connect edge via 5061. Theeenn with a little fury in my head i checked the edge with a netstat command and there was no listening on 5061. I smiled in a weird way and checked the services to see access edge service was stopped somehow. Once i started it everything is working as it should be.

    Thanks everyone.

    • 已標示為解答 Bora Engin 2012年4月6日 上午 08:48
    • 已取消標示為解答 Bora Engin 2012年4月6日 上午 08:49
    • 已標示為解答 Bora Engin 2012年4月6日 上午 08:49
    •