none
SFB integration With Exchange 2016, Owa Feature Problem RRS feed

  • Question

  • The problem is that when someone login to OWA and then do connect to Skype I'm 
    It's said, "There's a problem with IM. Please try again later. If the problem continues, contact your helpdesk"

    I Already tried
    these:

    1. (Linkable)
    2. (Linkable)
    3. (Linkable)
    4. (Linkable)

    What I did:
    first of all, I did the prerequisites:
    Did that Integration 

    Must to mention that
    Our Exchange it multirole (Cas, hub, Mailbox)

     And checked that worked

    it passed the test

    After that:
    First of all 
    From my SFB server, I opened Iexplore and navigate to Exchange auto discover,
    After that, I took the Cert ThumbPrint

    Now Exchange configuration:

    Run this: 

    New-SettingOverride -Name “IM Override” -Component OwaServer -Section IMSettings -Parameters @(“IMServerName=<FrontEndsPool>.<domain>.<com>”,”IMCertificateThumbprint= <Exchange Cert ThumbPrint>″) -Reason “Configure IM” 

    *Note*:
    even that I could do it for every server change the virtual directory, without Override with this command:

    Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InstantMessagingEnabled $True -InstantMessagingType OCS -InstantMessaging ServerName="<FrontEndsPool>.<domain>.<com>” -InstantMessaging CertificateThumbprint= "<Exchange Cert ThumbPrint>″



    Then did restart to OWA IIS Pool:

    Restart-WebAppPool MSExchangeOWAAppPool

    or

    C:\Windows\System32\Inetsrv\Appcmd.exe recycle apppool /apppool.name:"MSExchangeOWAAppPool"

    Then to check it:

    Get-ExchangeDiagnosticInfo  -Process Microsoft.Exchange.Directory.TopologyService -Component VariantConfiguration -Argument Refresh

    and change the OWA Policy with this:

    Get-OwaMailboxPolicy | Set-OwaMailboxPolicy -InstantMessagingEnabled $True -InstantMessagingType “OCS”

    Check that the Override worked with this:

    [xml]$diag=Get-ExchangeDiagnosticInfo -Server $env:hostname -Process Microsoft.Exchange.Directory.TopologyService -Component VariantConfiguration -Argument Config; $diag.Diagnostics.Components.VariantConfiguration.Configuration.OwaServer.IMSettings

    that for CU3-
    Have one for CU4+ that I don't find right now but I checked it and it worked, the overwrite Info there.

    Now SFB configuration

    Go to FE PowerShell:
    Run this

    Get-CsSite | Select-Object DisplayName, SiteIDtook the SiteId



    New-CsTrustedApplicationPool -Identity "ExchangeCasArray.Domain.com" -Registrar <FrontEndsPool>.<domain>.<com> -Site <SiteId or SiteName> -RequiresReplication $False


    in the normal Guild, it tell wrote there The "<own FQDN>" but we don't have OWA fqdn
    it virtual directory such as 
    ExchangeCasArray.Domain.com/Owa
    so we put <ExchangeCasArray.Domain.com>

    Then Create the Trust Application 

     New-CsTrustedApplication -ApplicationId ExchangeOwa -TrustedApplicationPoolFqdn <ExchangeCasArray.Domain.com> -Port <Random Unused Port>


    I don't know why need the port but put something like 5099, unused Port

    Then did publish with

    Enable-CsTopology

    Now I check the user I want to check it 

    1. In the pool that I connect
    2. Have sip address in the Proxy Address

    Now what I see

    When that User navigates to OWA it first of all try to connect the IM 
    It shows the Presence Icon but failed to connect
    On Wireshark I see the Exchange go to Front End
    then Exchange Response, and stopped all
    I don't see Anything
    It just failed and then try to connect to SFB online...
    And I don't know why

    I saw in Exchange event viewer that the session Establish successfully
    and in SFB I don't see anything, but see in Wireshark

    Please Help

    Already Try to troubleshooting

    And yes already tried to put in the 
    C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa\web.config

    Open the file in a text editor, locate the <appSettings> tag and add the two lines in the configuration file:

     <add key="IMCertificateThumbprint" value="Exchange Cert ThumbPrint"/>
    <add key="IMServerName" value="FQDN Pool Skype for Business" />







    • Edited by asafgb Saturday, July 15, 2017 8:01 PM
    Saturday, July 15, 2017 7:55 PM

All replies

  • Hi asafgb,

    1.From your description, we understand that you don't know the fully qualified domain name of the Outlook Web App pool, this must be the same name that appears in the Subject Name and Subject Alternative Name (SAN) fields of the certificate that provides access to Outlook Web App.

    The following document is for your reference: https://blogs.technet.microsoft.com/dodeitte/2011/12/22/what-fqdn-to-use-when-setting-up-owalync-integration/

    2. Make sure the port 5099 isn’t used for other service and use netstat -a | findstr 5099 command to verify front end servers are listening at the specified port.


    Best Regards,

    Molly Wu
    TechNet Community Support


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Monday, July 17, 2017 9:48 AM
  • Hi asafgb,

    1.From your description, we understand that you don't know the fully qualified domain name of the Outlook Web App pool, this must be the same name that appears in the Subject Name and Subject Alternative Name (SAN) fields of the certificate that provides access to Outlook Web App.

    The following document is for your reference: https://blogs.technet.microsoft.com/dodeitte/2011/12/22/what-fqdn-to-use-when-setting-up-owalync-integration/

    2. Make sure the port 5099 isn’t used for other service and use netstat -a | findstr 5099 command to verify front end servers are listening at the specified port.


    Best Regards,

    Molly Wu
    TechNet Community Support


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    We have in our company Hybrid(For the Short Time), Exchange 2010 and 2016
    the OWA.<Our-domain> is on 2010
    the Autodiscover.<Our-domain> already change to 2016
    1) I know the FQDN but we don't use the OWA fqdn,
    We use the Cas array(or the other name) like exch16.<Our-domain>/owa to Go to OWA
    2) My FrontEnds do not listen to this port, why is that?
    Tuesday, July 18, 2017 2:41 PM
  • Hi asafgb,

    Generally, we would suggest create a A record like mail.contoso.com pointed to Exchange 2016 CAS server so all users can use https:\\mail.contoso.com\owa to go to OWA. And mail.contoso.com should appear in the Subject Name and Subject Alternative Name (SAN) fields of the certificate on the Exchange 2016 CAS Server using for IIS.

    Since you are using Cas array for OWA, could you please help explain how do you configure for OWA in your coexistence environment?



    Best Regards,

    Molly Wu
    TechNet Community Support


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, July 19, 2017 9:33 AM
  • Hi,

    All those steps you have done is not necessary, at least not from my experience.

    In short you need to do the following:

    1.Install Unifed communication managed API 4.0 Runtime on Exchange server(s)

    You can confirm it but checking this reg key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchange OWA\InstantMessaging\ImplementationDLLPath

    2. Create Trusted application pool for Outlook Web app. Here you will also define a port

    3. Enable cs topology

    4. Enable instant messaging on owa virtual directory

    5. Assign one of your certificate to UM service and restart MS exchange UM call router and MS Exchange UM services

    6. Add value you mentioned to webconfig file on your exchange server and restart owa app pool.

    You can view detailed steps on my guide here : https://gallery.technet.microsoft.com/Installing-Skype-for-78703118?redir=0

    There is own section for enable IM in OWA


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    • Proposed as answer by henghenghahi Friday, July 21, 2017 12:16 PM
    Wednesday, July 19, 2017 10:34 AM
  • Hi asafgb,

    Generally, we would suggest create a A record like mail.contoso.com pointed to Exchange 2016 CAS server so all users can use https:\\mail.contoso.com\owa to go to OWA. And mail.contoso.com should appear in the Subject Name and Subject Alternative Name (SAN) fields of the certificate on the Exchange 2016 CAS Server using for IIS.

    Since you are using Cas array for OWA, could you please help explain how do you configure for OWA in your coexistence environment?



    Best Regards,

    Molly Wu
    TechNet Community Support


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    yes
    our 2010 environment:
    OWA.<OurDomain.<com>> is directory to 2010 OWA
    mail2013.
    <OurDomain.<com>> for CAS array or how to called it, it round robin to all CAS servers
    was before the 2016 an autodiscovery record but it been deleted

    2016 environment:
    mail2016.
    <OurDomain.<com>> for CAS 2016 array(I know it already deleted, so maybe it just record to load balancer, I less use exchange),
    AutoDiscover.
    <OurDomain.<com>> for the autodiscovery record

    Wednesday, July 19, 2017 11:07 AM
  • Hi,

    All those steps you have done is not necessary, at least not from my experience.

    In short you need to do the following:

    1.Install Unifed communication managed API 4.0 Runtime on Exchange server(s)

    You can confirm it but checking this reg key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchange OWA\InstantMessaging\ImplementationDLLPath

    2. Create Trusted application pool for Outlook Web app. Here you will also define a port

    3. Enable cs topology

    4. Enable instant messaging on owa virtual directory

    5. Assign one of your certificate to UM service and restart MS exchange UM call router and MS Exchange UM services

    6. Add value you mentioned to webconfig file on your exchange server and restart owa app pool.

    You can view detailed steps on my guide here : https://gallery.technet.microsoft.com/Installing-Skype-for-78703118?redir=0

    There is own section for enable IM in OWA


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    I will try to Enable Um
    btw i never understand when i confirm port
    who should listen to it, Skype?Exchange?
    and where the server should know it listen in that port?
    Wednesday, July 19, 2017 11:20 AM
  • That should be port to your frontend pool. If pool fqdn points to 2 servers, it should be open on both servers.

    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Wednesday, July 19, 2017 12:01 PM
  • That should be port to your frontend pool. If pool fqdn points to 2 servers, it should be open on both servers.

    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    but i dont see they listen to it
    Wednesday, July 19, 2017 6:09 PM
  • Hi, it wont listen or be able to telnet to port 5199. Neither on exchange or lync server. Did you use poolname in webconfig file and is your poolname resolvable?

    Just confirmed that in my environment and IM in owa is working. Did you check my guide?


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Wednesday, July 19, 2017 6:43 PM
  • Hi, it wont listen or be able to telnet to port 5199. Neither on exchange or lync server. Did you use poolname in webconfig file and is your poolname resolvable?

    Just confirmed that in my environment and IM in owa is working. Did you check my guide?


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Yes i use my Skype FE pool FQDN and yes it resolveable :)
    Yes i check it 
    i Will see at sunday when i return to work
    That guide 
    I will start from zero
    Wednesday, July 19, 2017 6:49 PM
  • Hi, it wont listen or be able to telnet to port 5199. Neither on exchange or lync server. Did you use poolname in webconfig file and is your poolname resolvable?

    Just confirmed that in my environment and IM in owa is working. Did you check my guide?


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Yes i use my Skype FE pool FQDN and yes it resolveable :)
    Yes i check it 
    i Will see at sunday when i return to work
    That guide 
    I will start from zero

    Sorry nothing work, still not working

    I even connect to the Exch owa (from the server and no client computer) so I only needed open Wireshark on 2 servers ( 1 exchange server that I log in(Owa), 1 Fe server that the user on the routing group) )

    I opened Wireshark and see the handshake that goes success, I see the application Data arrive at the client(encrypted)

    the error was on owa logs  :
    reset presence session not establish ( on Exchange OWA logs)

    or

    inactivity-presence session not establish

    The exchange show in eventvwr 112
    and skype goes smooth
    I see the Exchange server get the application data but still not working
    the certificate is good, no error on that


    • Edited by asafgb Thursday, August 10, 2017 7:08 PM
    Thursday, August 10, 2017 7:05 PM
  • Hi asafgb,

    1.Are all users experiencing this issue? You may try following scenarios:

    User in Exchange 2010 and logs in to Exchange 2010 OWA, check the IM integration.
    User in Exchange 2016 and logs in to Exchange 2016 OWA, check the IM integration.

    2.Could you please run Get-OwaVirtualDirectory command and share the screenshot?


    3.For the event ID 112, make sure the user has a proxy address with SIP type (you can set it in EMS with the cmdlet set-Mailbox <alias> -EmailAddresses @{Add="SIP:<SIP URI, i.e. u@h.com>"}).


    Best Regards,

    Molly Wu
    TechNet Community Support


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, August 15, 2017 12:52 PM