UM Stops working if database is moved to other DAG member RRS feed

  • Question

  • I have Lync 2013 and Exchange 2013 installed.  Exchange is 3 node DAG, Lync is 2 server pool.  Exchange servers are Exchangesvr01, Exchangesvr02, and ExchangesvrDR in another DataCenter.  Svr02 was the first one built.  Svr01 was added several weeks later.  If a UM enabled user's mailbox database is mounted on svr02, they can call the SA number, enter their extension, and get to UM OVA.  However, if I move the database to either svr01 or svrDR, when they call the SA number they will get a message saying "Sorry, this mailbox is on a server that does not support Unified Messaging".  Moving the mailbox back to svr02 solves the issue immediately.  Both servers are on the dialplan, UM service is running, they share the same UM certificate with both servers listed as SAN names.

    Anyone have any ideas?  I have re-run ExchUCUtil.ps1 and OcsUMUtil.exe.


    Thursday, February 27, 2014 9:50 PM

All replies

  • Double check that the cert is assigned to the UM role, that it's starting up as TLS, run the Lync logger and watch for SipStack traffic to see if you get a server not responding or TLS issue or something telling.  Also, make sure your UM roles are enabled on your CAS servers, especially at the DR site.

    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer". SWC Unified Communications

    Friday, February 28, 2014 2:30 AM
  • Do you have any firewalls (windows firewall?) that would prevent connections to exchange on ports other than 5060/5061?

    UM calling works as follows..

    Call comes to the UM System attendant from Lync on 5060 or 5061 (secure)

    The SA will look up the location of the users mailbox and issue a redirect 302 move temporary on port 5062/5063 (secure) to route the call to the server where the users mailbox DB is active.

    If the redirect fails UM will play the error ""Sorry, this mailbox is on a server that does not support Unified Messaging"

    If the redirect is successful the DB server receiving the redirect will issue a 2nd move temporary to itself on one of the following ports. 5065 and 5067 for TCP (unsecured). 5066 and 5068 for mutual TLS (secured)

    At this point the audio data starts..

    The fact that you get audio shows you are at least reaching the SA on 5060-5061.

    You need to figure out what is causing the redirect to fail.

    Monday, March 10, 2014 4:27 PM
  • No, there is no firewall between the Mediation Servers, FE servers, or Exchange servers.  The FE's are Virtual Hyper-V machines on separate hosts (firewall is disabled on host as well as VM).  The Mediation servers are physical boxes on same subnet(s) as FE servers and Database servers as well as Exchange servers (which are physical).  If mailbox Database is on EX02, UM works...call to SA number with ext. and PIN gets caller in.  Move mailbox database to either EX01 (same site) or EX03 (DR Site) and the same caller cannot get in and gets error posted in initial message.

    Cert has been double checked.  Subject name is "mail.domain.com" and SAN names include each of the 3 Exchange server names.  Same cert is used on all servers.  Cert is issued by internal Enterprise CA and all are domain members so CA is trusted by all (confirmed).


    Monday, March 10, 2014 4:47 PM