locked
Lync Server 2010 Pin Authentication Fails - Polycom CX600 Phones RRS feed

  • Question

  • I can definitely use some help here. Pin Authentication was functional on CX600 Phones up until last week. Cant really pinpoint what caused the issue. Currently I'm setup this way:

    I have DHCP Option 43 and 120 being handled by the built in DHCP on the Lync Server. When I test pin authentication on the phone I receive the error  "an account could not be found"

    When testing from the lync server powershell using Test-CsPhoneBootstrap I receive this:

    couldTargetUri  : https://lyncfepool.charlottelaw.org:443/CertProv/CertProvisioningService.svc
    TargetFqdn : lyncfepool.charlottelaw.org
    Result     : Failure
    Latency    : 00:00:01.4935068
    Error      : Could not load file or assembly 'Interop.CertEnroll, Version=4.0.7
                 577.199, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one
                 of its dependencies. The system cannot find the file specified.

    ------------------------------------------

     The Verbose Shows this:

    VERBOSE: Target server fqdn or web service url not provided. Will have to do
    DHCP Registrar Discovery.
    'DHCPDiscovery' activity started.
    Starting DHCP registrar discovery...
    DHCP discovery message send. Waiting for dhcp servers to respond.
    Response received for the DHCP Discovery message.
    Found registrar fqdn : lyncfepool.charlottelaw.org.
    Found web service url :
    https://lyncfepool.charlottelaw.org:443/CertProv/CertProvisioningService.svc.
    DHCP registrar discovery activity completed successfully.
    'DHCPDiscovery' activity completed in '1.045544' secs.
    'STActivity' activity started.
    Trying to download a certificate chain from web service.
    Web Service url :
    http://lyncfepool.charlottelaw.org/CertProv/CertProvisioningService.svc
    Certificate chain downloaded successfully.
    'STActivity' activity completed in '0.0253308' secs.
    'STActivity' activity started.
    Trying to get web ticket.
    Web Service url :
    https://lyncfepool.charlottelaw.org:443/WebTicket/WebTicketService.svc
    Using PIN auth with Phone\Ext : 4953 Pin : 02145
    GetWebTicketActivity completed.
    'STActivity' activity completed in '0.1409014' secs.
    'STActivity' activity started.
    Starting ResolveUser activity using Web Ticket.
    Web Service url :
    https://lyncfepool.charlottelaw.org:443/CertProv/CertProvisioningService.svc
    Found user : sip:clinicinterviewroom2@charlottelaw.edu
    Setting sip uri 'sip:clinicinterviewroom2@charlottelaw.edu' back to parent
    workflow.
    ResolveUser activity completed.
    'STActivity' activity completed in '0.1415055' secs.
    'STActivity' activity started.
    Trying to get web ticket.
    Web Service url :
    https://lyncfepool.charlottelaw.org:443/WebTicket/WebTicketService.svc
    Using PIN auth with Phone\Ext : 4953 Pin : 02145
    GetWebTicketActivity completed.
    'STActivity' activity completed in '0.1285404' secs.
    'STActivity' activity started.
    Trying to download a CS certificate for User :
    clinicinterviewroom2@charlottelaw.edu endpoint : STEpid
    Web Service url :
    https://lyncfepool.charlottelaw.org:443/CertProv/CertProvisioningService.svc
    Could not download CS certificate from web service.
    CHECK:
     - Web service url is valid and the web services are functional
     - If using PhoneNo\\PIN to authenticate, make sure they match the user uri
     - If using NTLM\\Kerberos auth, make sure you provided valid credentials.
    Starting cleanup...
    An exception 'Could not load file or assembly 'Interop.CertEnroll,
    Version=4.0.7577.199, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one
    of its dependencies. The system cannot find the file specified.' occurred
    during Workflow
    Microsoft.Rtc.SyntheticTransactions.Workflows.STPhoneBootstrapWorkflow
    execution.
    Exception Call Stack:    at
    Microsoft.Rtc.SyntheticTransactions.CertRequestGenerator.GetRequest(String
    subject)
       at
    Microsoft.Rtc.SyntheticTransactions.Activities.GetCSCertificateActivity.Interna
    lExecute(ActivityExecutionContext executionContext)
       at
    Microsoft.Rtc.SyntheticTransactions.Activities.STActivity.Execute(ActivityExecu
    tionContext executionContext)
       at System.Workflow.ComponentModel.ActivityExecutor`1.Execute(T activity,
    ActivityExecutionContext executionContext)
       at System.Workflow.ComponentModel.CompositeActivityExecutor`1.Execute(T
    activity, ActivityExecutionContext executionContext)
       at System.Workflow.ComponentModel.ActivityExecutor`1.Execute(Activity
    activity, ActivityExecutionContext executionContext)
       at
    System.Workflow.ComponentModel.ActivityExecutorOperation.Run(IWorkflowCoreRunti
    me workflowCoreRuntime)
       at System.Workflow.Runtime.Scheduler.Run()

    'UnRegisterActivity' activity started.
    'UnRegisterActivity' activity completed in '0.0002608' secs.
    VERBOSE: Workflow Instance Id 1c36c285-9789-4c2c-a0f8-fc41be2d4897, completed.
    VERBOSE: Workflow Execution Time (sec): 1.5562236

    ---------------------------------

    If I allow my DHCP Server to handle all the options (43 and 120) it still fails on me. Any guidance here will be appreciated a lot.

    Thanks!


    • Edited by JerseyCatt Thursday, June 13, 2013 2:58 AM
    Thursday, June 13, 2013 2:57 AM

Answers

  • Disregard,

    I got this straightened out by re-applying the DHCP Configuration Script for options 43 and 120. Started working instantly.

    Command line should look like:

    DHCPUtil.exe -SipServer lyncfepool.yourdomain.com -WebServer lyncfepool.yourdomain.com -RunConfigScript

    -------------------

    Make sure the DHCPConfigScript.bat file is in the same directory with DHCPUtil.exe The script will also clean up any previous options before it re-applies the new ones.

    Thanks.



    • Proposed as answer by Kent-Huang Friday, June 14, 2013 1:26 AM
    • Edited by JerseyCatt Friday, June 14, 2013 3:03 AM
    • Marked as answer by JerseyCatt Friday, June 14, 2013 3:03 AM
    Thursday, June 13, 2013 3:42 PM

All replies

  • Disregard,

    I got this straightened out by re-applying the DHCP Configuration Script for options 43 and 120. Started working instantly.

    Command line should look like:

    DHCPUtil.exe -SipServer lyncfepool.yourdomain.com -WebServer lyncfepool.yourdomain.com -RunConfigScript

    -------------------

    Make sure the DHCPConfigScript.bat file is in the same directory with DHCPUtil.exe The script will also clean up any previous options before it re-applies the new ones.

    Thanks.



    • Proposed as answer by Kent-Huang Friday, June 14, 2013 1:26 AM
    • Edited by JerseyCatt Friday, June 14, 2013 3:03 AM
    • Marked as answer by JerseyCatt Friday, June 14, 2013 3:03 AM
    Thursday, June 13, 2013 3:42 PM
  • Hi

    Glad to hear the issue has been resolved. Here are great blogs for your future reference:

    http://blog.schertz.name/2010/12/configuring-lync-server-for-phone-edition-devices/

    http://blog.schertz.name/2012/03/troubleshooting-lync-phone-edition-issues/

    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.


    Kent Huang
    TechNet Community Support

    Friday, June 14, 2013 1:28 AM