Lync MX client not logging into Lync 2010 server.

All replies

• 

  

  0

  Sign in to vote

  I want to mention that we do have the October 2012 CU for Lync installed.

  Monday, November 5, 2012 5:19 PM
• 

  

  0

  Sign in to vote

  Are you testing the MX client from the same workstation(s) which can already sign in using the standard client?

  ---

  Jeff Schertz | Microsoft Solutions Architect - Polycom | Lync MVP

  Monday, November 5, 2012 10:41 PM
• 

  

  0

  Sign in to vote

  Yes I am.  

  Monday, November 5, 2012 10:50 PM
• 

  

  0

  Sign in to vote

  The Lync MX client does not the support DNS-based autodiscover (SRV, A records) and requires that the LyncDiscover solution provided originally for the mobility clients is correctly deployed.

  The MX client is still a SIP client, but uses the LyncDiscover (and LyncDiscoverInternal) DNS records to locate the autodiscover web service, which provides the proper registrar FQDN to the client.

  ---

  Jeff Schertz | Microsoft Solutions Architect - Polycom | Lync MVP

  Tuesday, November 6, 2012 1:47 PM
• 

  

  0

  Sign in to vote

  I have A records for lyncdiscover and LyncDiscoverInternal in my DNS records.   They point to my FE server.

  Tuesday, November 6, 2012 2:27 PM
• 

  

  0

  Sign in to vote

  Hi,

  Do you deploy the Lync server mobility service correctly? Please refer this article about deploying lync mobility step by step:http://blog.schertz.name/2011/12/deploying-the-lync-2010-mobility-service/

  ---

  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

  

  Friday, November 16, 2012 7:34 AM
• 

  

  0

  Sign in to vote

  LYNC MX seems to work fine from outside the company.   But internally it's not working.   Mobile devices work fine internally and externally, so I'm at a bit of a loss.

  Monday, November 19, 2012 2:41 PM
• 

  

  0

  Sign in to vote

  We are having the same exact problem as John Owens. Lync Server 2010 Standard updated with the October update (CU7 I believe). Because I did this work from home, I tested Lync MX from outside the network successfully. Inside the network is a problem both on the same non-domain Win8 Pro tablet as well as my domain-joined workstation. We are looking for a solution quickly so we can deploy some tablets soon.

  Thanks

  Mike Sirois

  Wednesday, November 28, 2012 3:28 PM
• 

  

  0

  Sign in to vote

  We have a customer with the exact same issue.  We are still reviewing logs.

  ---

  Chad McGreanor Lync Server 2010 MCM https://cmcgreanor.wordpress.net

  Wednesday, November 28, 2012 6:43 PM
• 

  

  0

  Sign in to vote

  I too am having this issue.  Only thing I can see in our log on the client is below.  I can ping the FE from that machine though.

  VerifyOnEnableEvent result return 10
       ONENABLE_FAIL_SERVER_NOT_REACHABLE
     status=0x80ee0067
      ACTION: SERVER NOT REACHABLE

  Thursday, November 29, 2012 9:02 PM
• 

  

  1

  Sign in to vote

  So this is it so far? Is Lync MX DOA, or perhaps still beta? If not, we would love to hear from someone at Microsoft that can at least give us a status on the fix. We would require a fix that allows it to connect like all other Lync clients and won't require strange work-around configs to our systems to accommodate what should otherwise work out of the box. Please give us an update.

  Thank you,

  Mike

  Wednesday, December 5, 2012 6:07 PM
• 

  

  0

  Sign in to vote

  I'm seeing the same error from the lynx MX client when it's attempting to do a redirect. 

  redirectedServersList=yyy.xxx.com:443, external, discovered;   newState=14   statusCode=0]]><![CDATA[ VerifyOnEnableEvent result return 10     ONENABLE_FAIL_SERVER_NOT_REACHABLE   status=0x80ee0067    ACTION: SERVER NOT REACHABLE

  When i look in topology builder this server is the redirect for the edge pool. Also looks like it requires TLS. Could it be failing on TLS connection. It can ping the server. (Via Hosts file)

  Wednesday, December 5, 2012 7:21 PM
• 

  

  0

  Sign in to vote

  Same story at my end with Lync 2013 deployed. MX clients can connect externally, but internally no go. Also Lync 2013 client to non-domain joined machines is a no go as well. 

  Wednesday, December 5, 2012 9:04 PM
• 

  

  0

  Sign in to vote

  We are seeing the same thing. Everything was working correctly now suddenly stopped with the same error. I am next to certan nothing changed in terms of Lync topology

  Monday, December 17, 2012 1:59 PM
• 

  

  0

  Sign in to vote

  We were having this same issue. For us it turns out it was because of the number of root cert authorities we had in that store on the server. The issue started for us after we updated the root cert list to accommodate federation. We noticed Schannel events with ID 36885. This led us to the following article: http://support.microsoft.com/kb/2464556

  Once we update our registry on the Lync servers so that Schannel no longer sent the list of trusted root cert authorities during the TLS/SSL handshake the client started working.

  Hope this helps!

  • Proposed as answer by tgskiman Monday, December 17, 2012 3:20 PM
  • Unproposed as answer by tgskiman Wednesday, January 9, 2013 2:50 PM
  • Proposed as answer by klaus.landes Thursday, April 11, 2013 1:36 PM

  Monday, December 17, 2012 3:20 PM
• 

  

  0

  Sign in to vote

  I've got the same issue: MX works external but not internal.

  I have looked at your suggestion, tgskiman, but I already had the registry key in place (and wasn't seeing SCHANNEL errors anyway -- also this workround isn't needed any more, see other thread you're on that I replied to).

  So I'm not certain this is the answer.

  Friday, January 4, 2013 4:42 PM
• 

  

  0

  Sign in to vote

  Rick,

  I agree if you are not seeing SCHANNEL issues, then the root CA certs are most likely not your issue.  There is another thread with a similar problem that you may want to check out: http://social.technet.microsoft.com/Forums/en-US/lyncprofile/thread/41718327-203f-445f-8657-87b0a8545ead/

  On that thread Matt resolved a similar issue using the following (I am quoting):

  I have been working with Microsoft for a couple of weeks on this and we have identified a workaround that resolves the issue.

  To be clear on my environment: I am using Windows Server 2012 with Lync Server 2013.  The issue was that the Lync 2013 Client could not login to the Lync 2013 Server while the Windows 8 Lync APP and the Lync 2010 client could log in.  We were receiving a lot of SChannel error messages (36888 and 36874) in the System log indicating TLS errors 10 and 40 and SChannel errors 1205 and 1203.  Basically the Lync 2013 client was unable to negotiate TLS 1.2 with the Lync 2013 Server.

  To Resolve this issue do the following:

  - On the Lync 2013 server open the registry and browse to the following location: HKLM\System\CurrentControlSet\SecurityProviders\SChannel\Protocols

  - Create the following Key under Protocol: TLS 1.2

  - Create the following two Keys under TLS 1.2: Client and Server

  - Create the following DWORDs under both the Client and Server Key: DisabledByDefault and Enabled

  - Under both Client and Server set the following: DisabledByDefault=1 and Enabled =0

  - Reboot the server.

  Entering these keys Disables TLS 1.2 on the server forcing the client and server to communicate over TLS 1.1.

  Good Luck,

  Matt

  Hope this may help!

  Tim

  • Marked as answer by John Owens - Maximus Monday, January 28, 2013 9:41 PM

  Wednesday, January 9, 2013 2:55 PM
• 

  

  0

  Sign in to vote

  Although this is nothing to do with my scenario (my Lync 2013 client works fine, it's only the Win 8 APP internally that doesn't connect) it's another thing to try: thanks for pointing it out.

  Rick

  Wednesday, January 9, 2013 3:43 PM
• 

  

  0

  Sign in to vote

  We had the same problem, thanks for the solution!

  Thursday, April 11, 2013 1:35 PM