locked
Cannot sign in Skype for Business client external RRS feed

  • Question

  • Hi

    I deployed Skype for business Edge Server in an environment.All services are running however when User try to connect externally then mention error received

    "Skype for Business Couldn't find a Skype for Business Server for 'my domain Name'. there might be an issue with the Domain Name system (DNS) configuration for your domain. See KB2566790 for details and contact your system admin"  

    Kindly suggest at which end there is problem either on certificate side or organization networking DNS issue.

    What I need to check first? Can anyone please guide.


    • Edited by Saad9837 Wednesday, December 27, 2017 10:24 AM
    Wednesday, December 27, 2017 10:19 AM

All replies

  • Hello Saad,

    Check the Technical Diagrams:

    http://go.microsoft.com/fwlink/p/?LinkId=550989

    These records are needed:

    DNS Type Value Resolution Purpose
    SRV _sipfederationtls._tcp.<sip-domain> Access Edge FQDN: access.<sip-domain> Federation and public IM connectivity
    SRV _sip._tls.<sip-domain> Access Edge FQDN: access.<sip-domain> external user access
    SRV _xmpp-server._tcp.<sip-domain> Access Edge FQDN: access.<sip-domain> XMPP federation
    A sip.<sip-domain> Access Edge FQDN: access.<sip-domain> locate Edge Server
    A Access Edge FQDN: access.<sip-domain> Access Edge IP address Edge Server Access edge
    A A/V Edge FQDN: av.<sip-domain> A/V Edge IP address Edge Server A/V edge
    A Conf Edge FQDN: conf.<sip-domain> Conf Edge IP address Edge Server Conf edge
    A/CNAME lyncdiscover.<sip-domain> reverse proxy public IP address external AutoDiscover Service
    A meet URL reverse proxy public IP address proxied to Lync Server Web Service
    A dial-in URL reverse proxy public IP address proxied to Lync Server Web Service
    A external Web Services FQDN reverse proxy public IP address

    proxied to Lync Server Web Service

    Also check the control panel:

    Externall Access Policy

    and

    Access Edge Configuration

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    • Proposed as answer by Er-D Thursday, December 28, 2017 1:02 PM
    Wednesday, December 27, 2017 12:03 PM
  • Hi Er-D,

    Thanks for guide I checked the control panel and do exaclty same setting mentioned above 

    Also will you please confirm where to add these record in Public DNS where I get services?

    DNS Type Value Resolution Purpose
    SRV _sipfederationtls._tcp.<sip-domain> Access Edge FQDN: access.<sip-domain> Federation and public IM connectivity
    SRV _sip._tls.<sip-domain> Access Edge FQDN: access.<sip-domain> external user access
    SRV _xmpp-server._tcp.<sip-domain> Access Edge FQDN: access.<sip-domain> XMPP federation
    A sip.<sip-domain> Access Edge FQDN: access.<sip-domain> locate Edge Server
    A Access Edge FQDN: access.<sip-domain> Access Edge IP address Edge Server Access edge
    A A/V Edge FQDN: av.<sip-domain> A/V Edge IP address Edge Server A/V edge
    A Conf Edge FQDN: conf.<sip-domain> Conf Edge IP address Edge Server Conf edge
    A/CNAME lyncdiscover.<sip-domain> reverse proxy public IP address external AutoDiscover Service
    A meet URL reverse proxy public IP address proxied to Lync Server Web Service
    A dial-in URL reverse proxy public IP address proxied to Lync Server Web Service
    A external Web Services FQDN reverse proxy public IP address

    Since I already Added Mention Records in Public DNS


    Access Edge Service Type

         FQDN

    IP Address

    A

    sip.domain.com.pk

    (Live or External IP address)

     

    Web Conferencing Edge Service Type

    FQDN

    IP Address

    A

    Wconf.domain.com.pk

    (Live or External IP address)

     

     

    Audio Video Edge Service Type

    FQDN

    IP Address

    A

    av.domain.com.pk

    (Live or External Ip)

     

     


    SRV Records Name

    Host

    Port

    Reason

    _sip._tls.domain.com.pk

    sip.domain.com.pk

    443

    Auto login for external client

    _sipfederationtls._tcp.domain.com.pk

    sip.domain.com.pk

    5061

    Federation discovery

    _xmpp-server._tcp.domain.com.pk

    sip.domain.com.pk

    5269

    XMPP gateway locator

     

    Wednesday, December 27, 2017 12:12 PM
  • Hi Saad,

    I dont see the lyncdiscover, it is used for your reverse proxy. The client can do autodiscover then. Do you have installed a Reverse Proxy ? 

    You can also run the: https://testconnectivity.microsoft.com

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Wednesday, December 27, 2017 12:20 PM
  • Hi Saad9837,

    Accroding to your reply, you need add the A record “Access Edge FQDN: access.<sip-domain>” to the Public DNS. You could try to login the SFB server manually,like the following picture.if you could login ,you lack the lyncdiscover;In the “Skype For Business Options” window that opens click “Advanced”, select “Manual configuration”, and then enter Internal and External server names.

    .Check if the certificate for Edge Server meets the following requirement.

    3. Use Lync connectivity analyzer to see if there is any error.

    https://testconnectivity.microsoft.com/


    Regards,

    Leon Lu


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.




    Wednesday, December 27, 2017 12:23 PM
  • Hi Erdem,

    I just added mention records in my External Certificate that I download from GO Daddy

    DNS Name=sip.domain.com.pk
    DNS Name=www.sip.domain.com.pk
    DNS Name=wconf.domain.com.pk
    DNS Name=av.domain.com.pk
    DNS Name=sfbedge.domain.com.pk
    DNS Name=meet.domain.com.pk
    DNS Name=domain.com.pk
    DNS Name=lyncdiscover.domain.com.pk

    Also where I have to run that test

    https://testconnectivity.microsoft.com

    Either On my Skype for business Front End Server Machine or Edge Server Machine?

    Also I Reverse Proxy is essential for Edge Server I didn't see any tab of that I just follow Tech net Guide

    https://gallery.technet.microsoft.com/Step-By-Step-Deploy-Skype-1e24428e

    Is the only A records consider Reverse Proxy.Do I need to add that records too in Public DNS?

    Type              FQDN                                                          IP Address

    A                  meet.domain.com.pk                                               (External IP address)

    A                   lyncdiscover.domain.com.pk                (External IP address)




    • Edited by Saad9837 Wednesday, December 27, 2017 3:05 PM
    Wednesday, December 27, 2017 12:35 PM
  • Hi Leon

    Thanks for input.

    For Access Edge FQDN I add : sip.domain.com.pk in Public DNS

    Does it impact as per guide and many blogs they prefer to add A record as :

    sip.domain.com.pk instead of access.domain.com.pk

    As per tech net guide

    https://gallery.technet.microsoft.com/Step-By-Step-Deploy-Skype-1e24428e



    • Edited by Saad9837 Wednesday, December 27, 2017 2:49 PM
    Wednesday, December 27, 2017 2:46 PM
  • Hi Saad,

    Reverse proxy is needed for your webservices, it is not connected to your Edge server. 

    Your SIP domain must be added on the external certificate for your edge server and the FQDN of your access edge what you have defined in your topology builder.

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Wednesday, December 27, 2017 3:04 PM
  • Hi Erdem,

    Thanks for guide since I added records for external certificate that i download form go daddy

    DNS Name=sip.domain.com.pk
    DNS Name=www.sip.domain.com.pk
    DNS Name=wconf.domain.com.pk
    DNS Name=av.domain.com.pk
    DNS Name=sfbedge.domain.com.pk
    DNS Name=meet.domain.com.pk
    DNS Name=domain.com.pk
    DNS Name=lyncdiscover.domain.com.pk

    Bur I didnot Add mention A records in Public DNS

    Type              FQDN                                                          IP Address

    A                  meet.domain.com.pk                                               (External IP address)

    A                   lyncdiscover.domain.com.pk                (External IP address)

    Once I added that Records then I try to connect and let you Know.

    Thanks for such a support hope so it will sort out my issue.

    Wednesday, December 27, 2017 3:40 PM
  • Hi Saad9837,

    You could try to use manual configuration to login SFB like the following screenshot , if you could login ,the problem is caused by the lyncdiscover


    Regards,

    Leon Lu


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Thursday, December 28, 2017 9:51 AM
  • Hi Leon,

    Thanks for support and guidance finally I am able to connect on external network as per above setting.

    One thing I need to ask.I want to communicate with other domain User

    Like My domain is abc.com.pk and client connect successfully internally & externally on same and even different Network.

    However if some User of abc.com.pk Domain wants to communicate or Add other Domain User like def.com.pk then what procedure need to be follow.Which configuration required  

    Please need your valuable guidance too on that matter.


    • Edited by Saad9837 Thursday, December 28, 2017 11:40 AM
    Thursday, December 28, 2017 10:05 AM
  • Hi Saad,

    Depens if you want open or closed federation. For autodiscover your domain for federation you need public SRV for with sipfederationtls._tcp.<sip-domain> pointing to Access Edge FQDN: access.<sip-domain>

    Check also this blog if you want partner discovery turned on for open federation:

    https://blogs.technet.microsoft.com/uclobby/2013/09/30/difference-between-open-and-closed-federation-in-lync-20102013/

    Greetings,

    Erdem

    _sipfederationtls._tcp.<sip-domain>
    _sipfederationtls._tcp.<sip-domain>

    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Thursday, December 28, 2017 1:04 PM
  • Hi Erdem,

    Thanks for guide I will add these SRV records in Public DNS

    _sipfederationtls._tcp.domain.com.pk

    _sipfederationtls._tcp.domain.com.pk

    and let you know if it allows.

    Thanks once again.

    Thursday, December 28, 2017 1:11 PM
  • Hi Erdem,

    What port i need to mention against these record

    _sipfederationtls._tcp.domain.com.pk

    Port 443 or 5061

    Thursday, December 28, 2017 1:22 PM
  • Hi Erdem,

    After checked Public DNS the record already added:

    _sipfederationtls._tcp.domain.com.pk  that point my Access Edge FQDN :  sip.domain.com.pk over 5061 port.

    But still other domain user not able to communicate with my domain

    please guide?


    • Edited by Saad9837 Thursday, December 28, 2017 1:54 PM
    Thursday, December 28, 2017 1:46 PM
  • Hi Saad,

    It is 5061.

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Thursday, December 28, 2017 1:57 PM
  • Hi Erdem,

    SRV record added still not able to connect with other domain user.

    Thursday, December 28, 2017 4:05 PM
  • Hi Saad,

    Depens if the other side have also open federation or not and or even the DNS records are inplace. 

    If the other side have closed federation they need to add your domain to the allow list.

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.


    • Edited by Er-D Thursday, December 28, 2017 4:09 PM
    Thursday, December 28, 2017 4:09 PM
  • Hi Erdem,

    In that case I had to add every organization domain in allowed list.Am I right?

    Since Users of my Domain wants to communicate with different organization Users having different domains

    Let Suppose

    Test@abc.com.pk wants to communicate with Test2@def.com.pk or Test3@efg@com.pk?

    So I need to allow that DEF.COM.PK & EFG.COM.PK domain in Lync Control Panel Domain Allowed List?

    I just want that User of my organization communicate anyone and to any domain without added the domains in control panel wizard.

    Please suggest.


    • Edited by Saad9837 Thursday, December 28, 2017 5:32 PM
    Thursday, December 28, 2017 4:37 PM
  • Hi Erdem,

    Kindly guide on above matter

    Also whenever User try to log in Skype for business client at Android or Iphone it gave error since I make setting in advance option 

    For Internal Server : sip.domain.com.pk:5061

     For External Server : sip.domain.com.pk:5061

    "We cannot connect to the server.Check your network connection and server address and try again"

    Do i need to add A records in  DNS internally and externally like mention format for Mobile connectivity?

    A                    lyncdiscoverinternal.doamin.com.pk             Internal Web Services IP address

    A                    lyncdiscover.doamin.com.pk                           Public Ip Address

    OR that format

    A                    lyncdiscoverinternal.sip.domain.com.pk             Internal Web Services IP address

    A                    lyncdiscover.sip.doamin.com.pk                           Public Ip Address

    Which records need to be added.

    Please Guide on that too.



    • Edited by Saad9837 Friday, December 29, 2017 7:49 AM
    Friday, December 29, 2017 7:06 AM
  • Hi Erdem,

    In that case I had to add every organization domain in allowed list.Am I right?

    Since Users of my Domain wants to communicate with different organization Users having different domains

    Let Suppose

    Test@abc.com.pk wants to communicate with Test2@def.com.pk or Test3@efg@com.pk?

    So I need to allow that DEF.COM.PK & EFG.COM.PK domain in Lync Control Panel Domain Allowed List?

    I just want that User of my organization communicate anyone and to any domain without added the domains in control panel wizard.

    Please suggest.


    Hi Saad,

    you need to enable partner discovery to turn on Open federation:

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Friday, December 29, 2017 9:16 AM
  • Hi Erdem,

    Kindly guide on above matter

    Also whenever User try to log in Skype for business client at Android or Iphone it gave error since I make setting in advance option 

    For Internal Server : sip.domain.com.pk:5061

     For External Server : sip.domain.com.pk:5061

    "We cannot connect to the server.Check your network connection and server address and try again"

    Do i need to add A records in  DNS internally and externally like mention format for Mobile connectivity?

    A                    lyncdiscoverinternal.doamin.com.pk             Internal Web Services IP address

    A                    lyncdiscover.doamin.com.pk                           Public Ip Address

    OR that format

    A                    lyncdiscoverinternal.sip.domain.com.pk             Internal Web Services IP address

    A                    lyncdiscover.sip.doamin.com.pk                           Public Ip Address

    Which records need to be added.

    Please Guide on that too.



    You need for external DNS only the lyncdiscover.contonso.com. For internal DNS you add lyncdiscoverinternal.contonso.com and lyncdiscover.contonso.com. But the external lyncdiscover is mostly pointed to the reverse proxy, check the Skype diagram that i have linked before.

    http://go.microsoft.com/fwlink/p/?LinkId=550989

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Friday, December 29, 2017 9:20 AM
  • Hi Erdem,

    Thanks for share details I will follow the instructions by adding ALL Records and setting.

    Then I will come to know.

    Thanks once again.

    Friday, December 29, 2017 9:41 AM
  • Hi Erdem,

    I need to ask one thing:

    Is Federation Services require at Active Directory Level so that Skype User of one domain communicate with other Domain Users?

    DO I need to install ADFS or just above setting shared by your side fulfill that requirement?

    Kindly guide on that matter too.

    Monday, January 1, 2018 5:46 AM
  • Hi Saas9837,

    Have you added all records and settings?did you have update for this issue?if you have solve the problem,please mark the helpful reply as answer,it will help others who have similar issue.


    Regards,

    Leon Lu


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Monday, January 1, 2018 5:51 AM
  • Hi Leon,

    The record takes time to add and its for Mobile Integration records.

    However Now the issue is the USER of my organization not able to communicate with other Domain Users.

    What I suppose to do .DO i need to Install ADFS role or just records and setting mentioned above are enough for that?

    Please guide accordingly.

    Monday, January 1, 2018 6:01 AM
  • Also client sign in at external network but not able to connect at internal network?

    Kindly guide on that.

     
    Monday, January 1, 2018 11:08 AM
  • Hi Saad,

    No ADFS is not needed for Skype for business.

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Tuesday, January 2, 2018 7:20 AM
  • Hi Erdem/Leon,

    Thanks for support and guide now Skype for business connectivity is fine and run smoothly internally & externally & at different domain.

    however while make conference call internally or same domain user cannot add participants.Whenever User try to add Participant internally 

    like

    abc@domain.com.pk make call to def.domain.com.pk successfully but when they need to add the 3rd person having  same domain internally efg@domain.com.pk then it show on Skype Window

    "An Error Occured"

    I checked every setting at Control Wizard of Skype.

    Please suggest.

    Tuesday, January 2, 2018 10:02 AM
  • Hi Saad,

    Check your conference policy, different settings applies when adding external or anonymous contacts.

    you can also run my script to add different policy's: https://gallery.technet.microsoft.com/Create-CAL-Conferencing-9c527a34?redir=0

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Tuesday, January 2, 2018 12:30 PM
  • Hi Erdem,

    I just checked conference setting and keep global setting also mark checked on all setting that needs 

    Thanks for share script but unfortunately due to complicated infrastructure I am not able to run that script .Will you please suggest other setting or share any conferencing setting?



    • Edited by Saad9837 Tuesday, January 2, 2018 4:57 PM
    Tuesday, January 2, 2018 1:17 PM
  • Hi Erdem,

    I just checked conference setting and keep global setting at SFB Control Wizard and also mark checked on all setting that needs for conference call.

    Since Internal Domain client i-e abc.com can make conference call to other or different domain Users i-e def.com and also able to add participant of other domain users externally 

    Also Internal domain USERS i-e abc.com make call to other abc.com User.

    But Issue is  when ABC user try to add 3rd Participant of same abc.com domain User  then it prompt 

    "An Error Occured"

    The Issue occur on organization level internally 

    Thanks for share script but unfortunately due to complicated infrastructure I am not able to run that script .Will you please suggest other setting or share any conferencing setting?

    Wednesday, January 3, 2018 9:25 AM
  • Hi Saas9837,

    Have you added all records and settings?did you have update for this issue?if you have solve the problem,please mark the helpful reply as answer,it will help others who have similar issue.


    Hi Leon,

    I added records 

    Type              FQDN                                                          IP Address

    A                    meet.domain.com.pk                                 Live or Public Ip

    A                   lyncdiscover.domain.com.pk                          Live or Public IP

    A                   owaent.domain.com.pk                                   Live or Public IP

    Add these records in your DC-DNS

    A                    lyncdiscoverinternal.domain.com.pk             Internal Web Services IP address

    A                    lyncdiscover.domain.com.pk                        Internal Web Services IP address


    SRV Records Name

    Host

    Port

    Reason

    _sip._tls.domain.com.pk

    sip.domain.com.pk

    443

    Auto login for external client

    But Still Mobile not configured.

    Did I correctly make entry of   DNS records that mentioned above? Please suggest

    Is there any setting require at SFB Control Wizard or Records also please confirm Ports?



    • Edited by Saad9837 Thursday, January 4, 2018 10:11 AM
    Thursday, January 4, 2018 6:19 AM
  • Hi Experts,

    Thanks for guide for the deployment of Edge Server. However Two Issues I faced:

    1) Same Domain Users not able to add 3rd participant in conference call,Whenever user try to add Participant it show:

    "An Error Occurred"

    however for external domain conference call working fine and participant are added smoothly.

    Any Suggestion  or setting that need to be checked Internally?

    2) 

    I added records for Mobile Android & Iphone connectivity 

    Type              FQDN                                                          IP Address

    A                    meet.domain.com.pk                                 Live or Public Ip

    A                   lyncdiscover.domain.com.pk                          Live or Public IP

    A                   owaent.domain.com.pk                                   Live or Public IP

    Add these records in your DC-DNS

    A                    lyncdiscoverinternal.domain.com.pk             Internal Web Services IP address

    A                    lyncdiscover.domain.com.pk                        Internal Web Services IP address

    _sip._tls.domain.com.pk

    sip.domain.com.pk

    443

    Auto login for external client


    Did I correctly make entry of   DNS records that mentioned above? Please suggest

    Friday, January 5, 2018 5:36 AM
  • Hi Saad,

    This is the conference policy that is use standard:

    It also could be that the firewall is blocking, check if SRTP/UDP:49152-65535 from the user to the Front end pool is allowed internally. 

    These ports are needed for federated conferencing:

    Source IP Destination IP Source Port Destination Port
    A/V Edge Any TCP 50,000-59,999 TCP 443
    A/V Edge Any UDP 3478 UDP 3478
    Any A/V Edge Any TCP 443
    Any A/V Edge Any UDP 3478

    The DNS records are correct. 


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.


    • Edited by Er-D Friday, January 5, 2018 7:01 AM
    Friday, January 5, 2018 7:00 AM
  • Hi Er-D,

    Thanks for sharing setting and confirm records entry.I am going to check that setting and firewall ports then I will let you inform.


    Friday, January 5, 2018 7:09 AM
  • did you have any update?

    Regards,

    Leon Lu


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Monday, January 8, 2018 10:48 AM
  • Hi Leon,

    After all setting I am not able to Log in Skype for business in Android or Iphone Mobile

    However Skype for Business Client Log in on Desktop smoothly.

    Is there any URL require that need to be add manually in Mobile

    I also go with Auto discover but Error shows but When I try to Enter Manual

    • Internal discovery address: https://lyncdiscover.domain.com.pk/Autodiscover/autodiscoverservice.svc/Root
    • External discovery address: https://lyncdiscover.domain.com.pk/Autodiscover/autodiscoverservice.svc/Root

    Then Skype for Business Client Keep trying to Sign In but didnot get any response



    • Edited by Saad9837 Monday, January 8, 2018 1:50 PM
    Monday, January 8, 2018 1:26 PM
  • Hi Leon,

    Kindly review the Records entry again

    I added records for Mobile Android & Iphone connectivity 

    Type              FQDN                                                          IP Address

    A                    meet.domain.com.pk                                 Live or Public Ip

    A                   lyncdiscover.domain.com.pk                          Live or Public IP

    A                   owaent.domain.com.pk                                   Live or Public IP

    Add these records in your DC-DNS

    A                    lyncdiscoverinternal.domain.com.pk             Internal Web Services IP address

    A                    lyncdiscover.domain.com.pk                        Internal Web Services IP address

    _sip._tls.domain.com.pk

    sip.domain.com.pk

    443

    Auto login for external client

    Please confirm lyncdiscoverinternal.domain.com.pk             Internal Web Services IP address 

                                     lyncdiscover.domain.com.pk                        Internal Web Services IP address

    Which IP address I need to enter either FE Server  or Edge Server IP Address having 2 NIC Internal and External

    I specify FE Server IP address for both Is that correct?

    Please suggest


    • Edited by Saad9837 Tuesday, January 9, 2018 6:38 AM
    Tuesday, January 9, 2018 5:24 AM
  • Second Issue is that Same Domain Users not able to do conference call internally

    1 to 1 A/V calls work perfectly fine internally

    As try to add 3rd participant it show

    "An error occurred"

    however external domain users make conference call smoothly and also able to add internal domain users & External Domain Users.

    Kindly guide Is that Port or firewall issue internally since all FE services are running kindly share ports details that need to be allow for internal conference call or any firewall rule.



    • Edited by Saad9837 Tuesday, January 9, 2018 7:59 AM
    Tuesday, January 9, 2018 6:57 AM
  • Hi Saad,

    Do you see also errors in the event viewer? Try also to log and trace with CLS logger and read it with snooper. Also check the reports of skype.

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Tuesday, January 9, 2018 8:34 AM
  • Thanks Erdem,

    I will review the logs and share the status.

    Kindly specify  Log file name that will be responsible for conference call details? 

    After View Client Log History of LYNC i found:

    <convErrorMessage xmlns="http://schemas.microsoft.com/2008/10/sip/convItems" ts="2018-01-09T10:01:00Z" mode="lcsConf" action="none" hr="-2131820136">

    <errorInfo participantUri="sip:skypetest@domain.com.pk"/>

    </convErrorMessage>

    <convErrorMessage xmlns="http://schemas.microsoft.com/2008/10/sip/convItems" ts="2018-01-09T10:01:00Z" mode="voice" action="start" hr="-2131687933">

    <errorInfo participantUri="sip:skypetest@domain.com.pk"/>

    </convErrorMessage>

    <convNotification xmlns="http://schemas.microsoft.com/2008/10/sip/convItems" ts="2018-01-09T10:01:00Z" id="72" mode="im" hr="-2131820136"/>

    <convErrorMessage xmlns="http://schemas.microsoft.com/2008/10/sip/convItems" ts="2018-01-09T10:01:00Z" mode="lcsConf" action="none" hr="-2131820136">

    <extendedStatusCode hrServerDiag="-2131689331" hrClientDiag="-2131689331" hrSipStatus="-2131689331" hrSipWarning="-2131689331" hrResultCode="-2131689331" hrAggregatedCode="-2131689331"/>

    </convErrorMessage>

    <convErrorMessage xmlns="http://schemas.microsoft.com/2008/10/sip/convItems" ts="2018-01-09T10:01:00Z" mode="im" action="message" hr="-2131572912">

    <extendedStatusCode hrServerDiag="-2131689331" hrClientDiag="-2131689331" hrSipStatus="-2131689331" hrSipWarning="-2131689331" hrResultCode="-2131689331" hrAggregatedCode="-2131572912"/>

    <messageInfo type="text/rtf" msgid="{DEA309E7-7398-42E9-907F-03B46587B191}" storyTitle="">{\rtf1\fbidis\ansi\ansicpg1252\deff0\nouicompat\deflang1033{\fonttbl{\f0\fnil\fcharset0 Segoe UI;}{\f1\fnil Segoe UI;}}

    {\colortbl ;\red0\green0\blue0;}

    {\*\generator Riched20 16.0.8730}\viewkind4\uc1

    \pard\cf1\f0\fs20 Heloo\f1\par

    {\*\lyncflags&lt;rtf=1&gt;}}

    </messageInfo>

    </convErrorMessage>

    </conversationXml></conversations> !   AdOJMIGPgmFEjcfmQoiwOgacO5hALw== ,   {D61AE06E-AE36-4B6C-852E-DE73D6DD3552}.hist D   sip:test1@domain.com,sip:test2@domain.com     @¬Yé0‰Ó


    If you can provide any further guidance regarding ports/firewall or services that need to be checked? 

    The Mention Error Occur if I try to do MEET NOW 



    However If I try to add 3rd Participant the mention error occur:

    1 on 1 A/V call occur smoothly internally but issue only occur If Internal Domain User try to add 3rd participant in conference call either external or same domain users then mention issue show

    


    
    • Edited by Saad9837 Tuesday, January 9, 2018 12:29 PM
    Tuesday, January 9, 2018 9:21 AM
  • Hi Experts

    Any suggestion on above issue and error.Please Guide

    Also when I try to Started Services at Front End Server

    Skype for Business Web Conferencing

    Skype for business server Audio/Video Conferencing

    It shows "The Skype for business server Audio/Video Conferencing Service on Local Computer started and then stopped.Some Services stop automatically if they are not in use by other services or programs."

    I try different solution to resolve but still error

    http://communicationsknowledge.blogspot.com/2014/02/the-lync-server-audiovideo.html

    http://www.aspdotnet-suresh.com/2011/06/service-on-local-computer-started-and.html

    I also Enable Conferencing/Dial In Feature from  existing Front End Server Topology by right click on Edit Properties .Do I need to Publish Topology again after enable the features or it will replicate automatically.

    Kindly suggest


    • Edited by Saad9837 Wednesday, January 10, 2018 10:40 AM
    Wednesday, January 10, 2018 6:17 AM
  • Hi Experts

    Any suggestion on above issue and error.Please Guide

    Also when I try to Started Services at Front End Server

    Skype for Business Web Conferencing

    Skype for business server Audio/Video Conferencing

    It shows "The Skype for business server Audio/Video Conferencing Service on Local Computer started and then stopped.Some Services stop automatically if they are not in use by other services or programs."

    I try different solution to resolve but still error

    http://communicationsknowledge.blogspot.com/2014/02/the-lync-server-audiovideo.html

    http://www.aspdotnet-suresh.com/2011/06/service-on-local-computer-started-and.html

    I also Enable Conferencing/Dial In Feature from  existing Front End Server Topology by right click on Edit Properties .Do I need to Publish Topology again after enable the features or it will replicate automatically.Does It impact my internal infrastructure if I publish new topology with existing topology. 

    Kindly suggest

    Wednesday, January 10, 2018 10:42 AM
  • Hi Saad,

    You need always to publish topology if you have made changes or the changes wouldt not be applied. Did you also configure the simple urls etc ?

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Thursday, January 11, 2018 9:11 AM
  • Hi Erdem,

    Thanks for guide the topology is published however now the new issue is at Front End Server while Assign Internal Certificate it show error as mention in snap?

    Will you please guide what i need to check?

    Thursday, January 11, 2018 1:00 PM
  • Hi Experts,

    Kindly suggest on mention issue since on Front End Server when I try to assign Certificate it show mention error 

    Previously it works fine but now certificate assignment create problem,I also request a fresh CSR and download certificate from CA but still same error

    Please guide

    Friday, January 12, 2018 5:36 AM
  • Can Anyone please share suggestion on above issue?
    Friday, January 12, 2018 9:26 AM
  • Hi Saad,

    It seems that the binding in IIS are not correct, check if the ports are correctly binded for internal and external webservices.

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Friday, January 12, 2018 11:11 AM
  • Thanks will you please share how to check? Please share steps to check and configure that
    Friday, January 12, 2018 11:24 AM
  • Also I tried to publish again then mention error show in topology builder

    "you must provide an active meeting url for each sip domain and all urls must be unique"

    Kindly guide to resolve that

    At started my Front End server working all fine now the Issue is related to IIS binding and certificate how to resolve it?

    Kindly guide

     
    • Edited by Saad9837 Friday, January 12, 2018 3:03 PM
    Friday, January 12, 2018 2:25 PM
  • Hi Saad,

    Try also to check: https://social.technet.microsoft.com/Forums/en-US/a6989e7b-3a66-44ad-ba8e-4f540f8c5224/certificate-assignment-fails-https-binding-not-found-on-the-web-site?forum=ocsplanningdeployment

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Saturday, January 13, 2018 7:38 PM
  • Hi Erdem,

    Thanks for sharing Reference blogs since I just verify IIS setting at 

    I Click on bindings find HTTP on port 8080 and HTTPS on port 4443 address   this is for the external lync web site

    and  HTTP on port 80 and HTTPS on port 443 for the internal Lync web site 

    What Else I need to check  or need to be enable?

     

    Monday, January 15, 2018 7:04 AM
  • Please guide as still face same error"

    Warning : Set-CSCertificate Failed

    Did I need to export New certificate from CA and import it to my Front End Server machine 

    Kindly guide



    • Edited by Saad9837 Monday, January 15, 2018 10:23 AM
    Monday, January 15, 2018 10:05 AM
  • Hi Saad,

    You can request your certificate directly from the CA if it is in the same domain or else you need to do it manually. Also you need import the certificate chain. 

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Monday, January 15, 2018 10:59 AM
  • Ok let me check.

    Will you please share steps for certificate request since it is in same domain?

    • Edited by Saad9837 Monday, January 15, 2018 11:26 AM
    Monday, January 15, 2018 11:24 AM
  • Hi,

    There you go: https://blogs.technet.microsoft.com/uclobby/2015/05/15/renewing-skype-for-business-server-2015-certificates/

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Monday, January 15, 2018 2:03 PM
  • Hi Erdem,

    Certificate is Assigned successfully with warnings however All Services are started except 

    "Skype for Business Server Front End"

    The Mention Error Occur

    Windows Could not Start Skype for Business Server Front-End on Local Computer.Error code- 1007781640

    I run the Step 2: Setup or Remove Lync Server Components with Lync Server 2013 Deployment Wizard.  check the certificate on Lync Front End Server that was not expired. Try to re-request the certificate for Lync Front End Server.

    Also open Lync Management Shell and enter the following command.

    Reset-CsPoolRegistrarState -PoolFqdn “server.domain.local” -ResetType FullReset

    Then restart Lync Server Standard Server 

    Still the issue persist

    Please Guide what need to be checked?Is that any Rights issue?




    • Edited by Saad9837 Tuesday, January 16, 2018 2:53 PM
    Tuesday, January 16, 2018 8:16 AM
  • Anyone please help me out on mention issue

    "Skype for Business Server Front End"

    The Mention Error Occur

    Windows Could not Start Skype for Business Server Front-End on Local Computer.Error code- 1007781640

    Tuesday, January 16, 2018 2:56 PM
  • Hi Saad,

    What is the event viewer saying?

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Thursday, January 18, 2018 12:54 PM
  • Hi Erdem,

    Thanks for the support however there was machine Issue having 2008 r2 OU installed and due to some malicious stuff in the system it causes  Front End services stopped

    so  at last I just do Fresh Installation of Front end Server on  new Machine Server 2016 & deploy edge server too.All services and communication done fine and smoothly.

    Just need support further about Mobility for Skype For business in Andriod & Iphone

    Is there any guide or steps that need to be follow for Mobile Configuration



    • Edited by Saad9837 Thursday, January 18, 2018 2:21 PM
    Thursday, January 18, 2018 1:09 PM
  • Hi Saad,

    For mobile clients you need a reverse proxy, it relies on the webservices. Also it look up first trought DNS with lyncdiscover.

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Friday, January 19, 2018 3:45 PM