none
Broken federation with Office 365 - only for 1 user RRS feed

  • Question

  • I'm fighting with a strange problem with federation between my work Lync Server (on-premise) and my personal Lync Online (O365) account.

    Everything seems to work for any other account except mine.  I can connect normally between any of my Lync Online accounts and any other account on the Lync server.  So to illustrate...

    anyaccount@personal.com <--> multipletestaccounts@work.com   =  Works fine

    anyaccount@personal.com <--> mine@work.com  =  Problems

    The problems are:

    1) Presence only works one way.  I can see the personal account's presence at work, but the personal account shows my work account as "Presence unknown".

    2) I cannot initiate an IM or call from the personal account to work.  If I initiate the IM from work, it goes over just fine and return messages work, but presence still doesn't show up.

    3) I'm not getting the normal prompt when I'm added to a contact list from O365.  Other users do.

    Things I've tried so far:

    1) Removed my user account from the Lync server, and then re-added it.

    2) Checked for ExternalAccessPolicy settings, which are set the same as everyone else.  I even created a new one and granted it for everyone (including me) and it made no difference.

    3) There are no other user level access policies shown on the get-csuser output.  All are default.  There are no site level policies.  There is only one site.

    4) The contact is not set to "blocked" privacy level on either side.

    This is a Lync Standard setup, with 1 Edge and 1 TMG reverse proxy.  It was migrated from OCS 2007.

    Any ideas out there?

    Wednesday, February 8, 2012 11:03 PM

Answers

  • Hi,Sean,

    It's maybe the issue.If you enable federation with multiple domains of a Lync Online customer, the administrator of the Lync Online customer account must enable users for each domain for which federation is to be supported. Details you can check http://community.office365.com/en-us/w/lync/523.aspx.

    Regards,

    Sharon


    Sharon Shen

    TechNet Community Support

    ******************************************************************************************************************************************************* Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community memb

    Monday, February 13, 2012 2:59 AM
    Moderator

All replies

  • Hi Sean,

    I would recommend running a SIPStack trace using the lync server logging tool on the edge server and front end server (on premies) when you try and interact between your O365 and your on premies install.

    Thanks,

    James


    MCITP: Lync/Exchange 2010/Server Administrator 2008
    rogersau.blogspot.com < Unified Comms Blog
    View James Rogers's profile on LinkedIn

    Friday, February 10, 2012 1:29 AM
  • Hi,Sean,

    Have you tried to log your work account on another computer to verify that if it's PC client issue?

    Have you checked if there are any different attributes among your account and others?Such as member group,sip address format,host server,group policy or LAN etc?

    Enable Lync logging tool is a good option to troubleshoot this issue,please try as Rogersau advised.

    Regards,

    Sharon


    Sharon Shen

    TechNet Community Support

    ******************************************************************************************************************************************************* Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community memb

    Friday, February 10, 2012 10:45 AM
    Moderator
  • I may have stumbled upon the answer.  Our company started a migration to BPOS last year, but in testing we aborted because of the lack of support for Macs.  Since the account is still active (we have another domain active on it), I am still using it myself for email.  We just recently were notified that our account is being prepared for the Office 365 migration, so I'm guessing that somewhere on the Lync Online farm is an account with my SIP URI.  None of the other users here have been activated on BPOS.   Could that be what's messing me up?
    Friday, February 10, 2012 6:57 PM
  • Hi,Sean,

    It's maybe the issue.If you enable federation with multiple domains of a Lync Online customer, the administrator of the Lync Online customer account must enable users for each domain for which federation is to be supported. Details you can check http://community.office365.com/en-us/w/lync/523.aspx.

    Regards,

    Sharon


    Sharon Shen

    TechNet Community Support

    ******************************************************************************************************************************************************* Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community memb

    Monday, February 13, 2012 2:59 AM
    Moderator