locked
O365 and Skype hybrid, unable to sign-in with O365 account on Control Panel RRS feed

  • Question

  • Hi there,

    I tried to play a bit with hybrid switch and end up to the issue like:

    When I'm starting the PowerShell with my regular user account (on my own workstation) and open the connection to O365 as described in here: Connecting to Skype for Business Online by using Windows PowerShell. All Online CMDLets are working fine.

    When I'm opening the Control Panel on our own Skype and go to Hybrid switch it goes smoothly until it is asking to Sign-in to O365.

    We couldn't log in to your Office 365 account. Please check the erros and then select OK to try again:
    Get-CsPowerShellEndPoint : Unable to connect to the remote server
    Note: If your organization is using manual proxy settings, please see the Help for more information.

    To be clarified: I used the same account which work earlier on the PowerShell to sign-in into O365. We are using proxies and the Front End servers have no access to the proxy/internet. I read from some topics, that this could be a proxy issues, but I could not found any clarification what connectivity's should be in place? How the connection is expected to be happening? On the Front End servers? And from there directly to O365?

    I should say, that I doubt a bit the error message. as such a CMDLet : "Get-csPowerShellEndPoint" does not exist anymore... :-o

    And the help do document. was a pretty sad.... Hybrid wizard: Sign in to Office 365 If you try to open the last link, you end up to page: "This topic is no longer available" page.

    Anybody else has faced the same issue?


    Petri

    Tuesday, January 16, 2018 5:14 PM

All replies

  • Hi Petri,

    Based on your error message, please confirm the follow things.

    • Confirm that the lyncdiscover.domain.com can be resolved on the Front End Server.
    • If DNS resolution for lyncdiscover works and resolves to the correct on premise reverse proxy, then investigate https connectivity using Fiddler. Also, check IE manual proxy settings configurations


    Regards,

    Leon Lu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Wednesday, January 17, 2018 9:01 AM
  • Hi Leon-Lu,

    I made a Network trace on the Front End server (I forced the Control Panel connection to one Front End only) from where I used the Control Panel. Then I run "ipconfig /flushdns" before I tried to sign-in. And yes, Front Ends are not able to resolve the names for O365:

    DNS:QueryId = 0xA82, QUERY (Standard query), Query  for lyncdiscover.company.onmicrosoft.com of type Host Addr on class Internet
    DNS:QueryId = 0xA82, QUERY (Standard query), Response - Name Error

    Unfortunately I'm a bit confused, as if you look the following picture:

    Taken from: Skype for Business hybrid solutions

    Where do you see the connection line from Front Ends to O365? Have I jump over some description?

     


    Petri

    Wednesday, January 17, 2018 10:38 AM
  • Hi Petri,

    Essentially, this is the front-end server interacts with SFB online in Skype for business hybird environment.if SFB online connect to edge server ,it will connect the Frond end pool in the end.

    You Front Ends are not able to resolve the names for O365,you could test the Edge server could resolve the names for O365,if the Edge server could resolve the names for O365,the problem was caused by the proxy ;I notice” the Front End servers have no access to the proxy/internet.”,if FE donnot have access to the internet(via edge server or proxy) ,you cannot sign in Office 365


    Regards,

    Leon Lu


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Thursday, January 18, 2018 11:33 AM
  • Of course our Edge servers are able solve public names. But I'm a bit sceptic that FEs are able to use the Edge for O365 sign-in purposes. For me it looks it is trying to open remote PowerShell session to the O365 from the Front Ends. But that is the information which seems to be missing on the official documentations.

    Petri

    Thursday, January 18, 2018 1:22 PM
  • Deleted
    Friday, January 19, 2018 2:06 AM
  • Are there any update for this issue, if the reply is helpful to you, please try to mark it as an answer, it will help others who has similar issue.


    Regards,

    Leon Lu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Monday, January 22, 2018 7:16 AM