locked
Local Skype For Business Server - Only Domain Controller Logs On RRS feed

  • Question

  • Well met everyone!

    As a simple college project I tried to start a server Skype For Business and follow exactly this tutorial:

    https://www.youtube.com/watch?v=uNIm5YNIY6Q&t=285s

    In summation, the tutorial asks to prepare ambient to receive Skype For Business (by send a Power Shell cmdlet that install all the resources), install and run all the Deployment Wizard preparation tools in proper order, and creating the necessary DNS records (sipinternaltls, admin, meet, dialin) for it to work. After all that deploy and publish the topology, and creating the users. Got no issues in any of the steps.

    -

    I created this simple virtual network to develop the scenario:

    svr01.domain.com - 192.168.0.1 - Domain Controller (ADDS/Certification Authority)

    svr02.domain.com - 192.168.0.2 - Skype For Business Server

    desk01.domain.com - 192.168.0.10 - Windows 10 Client

    -

    In Domain Controller I added these DNS Records in the domain zone:

    SRV: sipinternaltls.domain.com - 5060 - _sipinternaltls - _tcp - svr02.domain.com

    A: admin.domain.com - 192.168.0.2

    A: meet.domain.com - 192.168.0.2

    A: dialin.domain.com - 192.168.0.2

    -

    My problem is that only my Domain Controller is able to logon in Skype For Business Client. Tested with three different users.

    The Skype For Business Server and Windows 10 Client got stuck on "Contacting the server and signing in..." and unfortunately returns no error after that.

    I suspected on a DNS error maybe. I wish I could add some screenshots of the scenario to make it easier, but the forums won't allow it. Is there anyone who got any ideas of the causes on this particular problem? If more information is needed I will respond immediately.

    Friday, November 25, 2016 6:47 AM

Answers

  • Deleted
    • Marked as answer by LucasMDOC Monday, November 28, 2016 11:58 AM
    Friday, November 25, 2016 8:57 AM
  • Deleted
    • Marked as answer by LucasMDOC Monday, November 28, 2016 11:57 AM
    Saturday, November 26, 2016 3:51 PM
  • Update:

    Success! I'm not quite sure why, but at some point my clients did ask for Password (This happens after I bring up a Forefront TMG Server and provide external access to Internet to my clients, Windows Update was turned off, but I don't know if Skype for Business Server/Client did updated for their own and corrected the error by themselves).

    After ask for the password, they did return the certificate error, which I solve by enabling IIS Server on my Domain Controller and provide the root certificate for my clients.

    I was even able to connect to Skype for Business Server through VPN (with Forefront TMG in PPTP), all the functions worked perfectly.

    Thanks for the support, I would like to post this here and solve the post so people can later use this thread as solution o/

    • Marked as answer by LucasMDOC Monday, November 28, 2016 11:57 AM
    • Unmarked as answer by LucasMDOC Monday, November 28, 2016 11:59 AM
    • Proposed as answer by Liinus Tuesday, November 29, 2016 9:18 AM
    • Marked as answer by LucasMDOC Wednesday, November 30, 2016 2:36 AM
    Monday, November 28, 2016 11:57 AM

All replies

  • Deleted
    • Marked as answer by LucasMDOC Monday, November 28, 2016 11:58 AM
    Friday, November 25, 2016 8:57 AM
  • Good Morning/Afternoon/Evening Shankar,

    First off, thanks for the response and sorry for the delay, I wasn't able to sit down and run the tests.

    I added the records as requested.

    Unfortunately my telnet test results wasn't a good notice (tested on domain controller and skype for business server):

    C:\Users\Administrator>telnet 192.168.0.2 5061
    Connecting To  192.168.0.2...Could not open connection to the host, on port 5061
    : Connect failed

    [Update: Turned off Windows Firewall on both servers for a quick test and the test was successful, returning the black screen. Clients still cant logon on skype, DC can logon, maybe something here?]

    The clients are domain joined (domain.com).

    My client configurations are manual configuration and svr02.domain.com for Internal/External Server which works on Domain Controller (but I test your suggestion of set only Internal as well).

    After the tests, my client and front end server still cant logon, the domain controller logs on normally with all of the three users I've created.

    Here are some images of my ambient: imgur dot com/a/IIL9j (before I added the records).

    Thank you for your help, can you think of something else?



    • Edited by LucasMDOC Saturday, November 26, 2016 11:47 AM
    Saturday, November 26, 2016 11:40 AM
  • Deleted
    • Marked as answer by LucasMDOC Monday, November 28, 2016 11:57 AM
    Saturday, November 26, 2016 3:51 PM
  • If I did understand well the use of the tool, I start the scan in the moment of logon in the Server and the Client and filter the latest warnings and errors:

    imgur dot com/a/uXuNs

    Sunday, November 27, 2016 12:47 AM
  • Update:

    Success! I'm not quite sure why, but at some point my clients did ask for Password (This happens after I bring up a Forefront TMG Server and provide external access to Internet to my clients, Windows Update was turned off, but I don't know if Skype for Business Server/Client did updated for their own and corrected the error by themselves).

    After ask for the password, they did return the certificate error, which I solve by enabling IIS Server on my Domain Controller and provide the root certificate for my clients.

    I was even able to connect to Skype for Business Server through VPN (with Forefront TMG in PPTP), all the functions worked perfectly.

    Thanks for the support, I would like to post this here and solve the post so people can later use this thread as solution o/

    • Marked as answer by LucasMDOC Monday, November 28, 2016 11:57 AM
    • Unmarked as answer by LucasMDOC Monday, November 28, 2016 11:59 AM
    • Proposed as answer by Liinus Tuesday, November 29, 2016 9:18 AM
    • Marked as answer by LucasMDOC Wednesday, November 30, 2016 2:36 AM
    Monday, November 28, 2016 11:57 AM