locked
Error 32053 - Cannot find configured issuer that matches the accepted Issuer(s). RRS feed

  • Question

  • Hi,

    I've been working through some errors we have on our Skype servers. We have a hybrid environment, and it appears Skype is struggling to talk to Exchange on-premise and Office 365 through Autodiscover.

    When running the CsExStorageConnectivity test we were getting Autodiscover service can not be located. This morning I spotted that redirectAllowed was False for autodiscover-s.outlook.com, so I added the following domains: *.<company>.mail.onmicrosoft.com, *.microsoft.com, and *.outlook.com.

    This stopped that error, but now we have the following problem:

    Storage Service had an OAuth authentication failure.

    #CTX#{ctx:{traceId:599231007, activityId:"593ace9a-448d-4497-9b0a-3ecf39c87f12"}}#CTX#
    CreateAppActAsToken failed, ex=StoreConfigException: code=ErrorOAuthConfigIssuer, reason=Cannot find configured issuer that matches the accepted Issuer(s).  Use CSOAuthServer to ensure configured local/tenant/global issuers are accepted, host=autodiscover-s.outlook.com, acceptedIssuers=00000001-0000-0000-c000-000000000000@*

    So hopefully one step close, although I unsure to what the next step should be.

    Any help greatly received.

    Andrew


    Andrew France - http://andrewsprivatecloud.wordpress.com

    Tuesday, June 26, 2018 9:51 AM

Answers

All replies

  • Following on from before. I found and ran a test script, Validate-CsOWAOnlineOAuth-SfbOnPremConfiguration.ps1, to check our current setup.

    The result produced the following errors:

    ERROR: 06-26-2018 11:28:35 MetadataURL (https://accounts.accesscontrol.windows.net/eeb29dae-1730-4763-9fad-0800d8f7669f/metadata/json/1) Not Found
    ERROR: 06-26-2018 11:28:35 MetadataURL configured on CsOAuthServer =

    ERROR: 06-26-2018 11:28:35 Exchange Partner Application name "microsoft.exchange" is missing

    ERROR: 06-26-2018 11:28:38 oAuth Certificate is not found in the online tenant



    Andrew France - http://andrewsprivatecloud.wordpress.com

    Tuesday, June 26, 2018 10:52 AM
  • Ok after folllowing this guide: https://adam-hand.com/2015/12/02/configure-lyncsfb-with-office-365-for-server-to-server-authentication/ I've now cleared the above errors...

    Sadly I'm now getting a different error...

    The remote server returned an error: (403) Forbidden!


    Andrew France - http://andrewsprivatecloud.wordpress.com

    Tuesday, June 26, 2018 1:31 PM
  • Well, switched my Autodiscover URL from HTTP to HTTPS, and it all worked. It worked for about 30 minutes. Now I'm getting...

    (503) Server Unavailable!!!

     

    Andrew France - http://andrewsprivatecloud.wordpress.com


    Tuesday, June 26, 2018 2:47 PM
  • Hi,

    Where do you get the “503” server unavailable error?

    According your description, if I understand correctly, you seem want to deploy integration between on-premise Lync server and Exchange hybrid environment (On-premise and online).

    Usually we may follow the steps:

    Step 1: Setup OAuth between Lync Server and Exchange Server.

    Prerequisites for integrating Microsoft Lync Server 2013 and Microsoft Exchange Server 2013 (Setup Autodiscover service from Exchange server and create CsOAuthConfiguration from Lync Server.)

    Configuring partner applications in Microsoft Lync Server 2013 and Microsoft Exchange Server 2013 (Configure partner applications in Lync Server and Exchange Server.) 

    Step 2: Setup integration between Lync Server and Exchange Online. 

    Configure integration between on-premises Skype for Business Server 2015 and Outlook Web App

    Configure a hybrid environment in Skype for Business Server 2015

    You may review your configuration first.

    Regards,

    Shaw Lu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    • Marked as answer by Andrew France Thursday, July 5, 2018 8:44 AM
    Wednesday, June 27, 2018 2:58 AM
  • Hi,

    Is there any update or any other assistance I could provide on this case? Please feel free to drop us a note if there is any result.

    Regards,

    Shaw Lu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Monday, July 2, 2018 8:51 AM
  • Sorry for the late reply.

    I have managed to get it all fixed in the end. It turns out Skype for Business hadn't been configured at all to work with Office 365. So it took a little while, but I worked through a guide and got it fixed up.

    Andrew


    Andrew France - http://andrewsprivatecloud.wordpress.com

    • Proposed as answer by Shaw_Lu Thursday, July 5, 2018 8:38 AM
    Thursday, July 5, 2018 8:23 AM
  • Hi,

    Thank you for your reply and sharing. I am glad to hear that the issue has been resolved.

    You could mark the reply as answer to help others who have same problems.


    Regards,

    Shaw Lu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Thursday, July 5, 2018 8:39 AM