none
Issues with federation RRS feed

  • Question

  • Hi,

    We have Lync 2013 On-Premise at work. One frontend server and one Edge Server.


    We were having some certificate issues, but that's been sorted.

    We have one user (my colleague) who can add a contact and see their presence and IM with them.

    No one else is able to do this.

    My colleague has signed onto my Lync (just lync, I was still logged onto Windows) and it worked fine. So no PC issue.

    We have the exact same profile/policy etc on the Lync Control Panel.

    We have all the same attributes and groups in AD/Exchange etc. We're in the same OU. (Although I doubt this will be a factor given she can signon on my machine with me logged on).

    I have never messaged this external person before and they've probably not added me as a contact.

    Ran the connectivity tester and all is ok.

    Followed https://technet.microsoft.com/nl-nl/library/gg398680(v=ocs.15).aspx and it seems fine.

    The external party is using O365 SFB.

    I'm stuck, any ideas


    Thursday, November 2, 2017 10:40 AM

All replies

  • So you issue is that only one user in the entire company can communicate with External Skype users?

    Please check first if you have open federation or not. What error message do you get if you are logged in with your Lync account and try to add same external contact?


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Thursday, November 2, 2017 11:34 AM
  • Agree Off2work. Please verify the policy enabled for the particular user for whom it is failing?Check the Client logs using snooper and check what is the error it is generating.ALso you may check the edge server event viewer for the issue,

    Jayakumar K

    Thursday, November 2, 2017 12:16 PM
  • Thanks for the reply Off2work

    Haven't checked every user, but we have only found one so far it works with.

    I don't believe we have open federation. 

    When I add the contact it says Presence unknown and when trying to send a message it says "This message wasn't sent to <recipient> due to company policy.

    Thursday, November 2, 2017 12:44 PM
  • Policy is the same for all users Jayakumar. We only have one global policy in the CP.

    I haven't tried client logs. I'll try that tomorrow. I'll also check event viewer, I thought I did but I'll double check to be sure.

    Thursday, November 2, 2017 12:46 PM
  • Also, just to confirm, I read that a srv record under the zone _sipfederationtls._tcp.domain.com is only required for full open federation. Is that true?

    Regardless, if it works fine for someone else, would it make a difference?

    Thursday, November 2, 2017 12:55 PM
  • sipfederationtls record is required for federation. With your error, it look more like policy setting. Why it works for one specific user is a bit strange. You both share same sip domain?

    https://technet.microsoft.com/en-us/library/jj618369(v=ocs.15).aspx


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Thursday, November 2, 2017 1:06 PM
  • Hi Richard,

    Yes ,you need _sipfederationtls._tcp.domain.com record,

    Could Skype users add you SFB account and send IM to you?

    1.Verify that the Skype user is signed in with a Microsoft account (formerly Windows Live ID).

    If the Skype user has a custom Microsoft account (one that does not end in outlook.com, live.com, hotmail.com, or msn.com) you must format their IM address like this:

    name(example.com )@msn.com

    For example, if your Skype contact’s Microsoft account is bob@contoso.com, enter it as

    bob(contoso.com)@msn.com.

    2.You could try to disable and re-enable your account on the Lync control pannel and make a test.


    Best Regards,

    Leon-Lu
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com


    Friday, November 3, 2017 5:54 AM
    Moderator
  • Thanks all for your feedback.

    I did have issues getting the snooping working on my PC.

    The party we were testing with were using O365/SFB so we used <user>@<domain>.onmicrosoft.com and a few of us could add them. They could add everyone except two people.

    One of those people, I logged off of Lync and signed in (only lync, they remained signed into Windows) and it worked fine. As far as I can tell the user has all the same settings.

    We only have one policy and all the user settings in Lync CP is the same as mine.

    I had also disbabled/reenabled Federation and made no difference.

    No obvious errors in event viewer except two. One is about  other parties trying to send us sip requests (different domains) and one about web conferencing (which we don't use).

    Checked the topology manager and everything looked normal.

    I can telnet to the  port 5061 on the edge server too. Besides this'd make no difference because we've established it works.

    Anything else I can do, or should I re-create their Lync accounts?


    Saturday, November 4, 2017 7:34 AM
  • Hi Richard,

    please try to disabled their lync accounts and enabled these accounts,if it is not worked,please re-create their accounts


    Best Regards,

    Leon-Lu
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Tuesday, November 7, 2017 9:56 AM
    Moderator
  • Hi Richard,

    You should analyze the log of the user with snooper and also activate logging on the edge.

    http://lyncdude.com/2014/10/29/learn-how-to-troubleshoot-lync/index.html


    regards Holger Technical Specialist UC

    Thursday, November 9, 2017 1:07 PM
  • Are there any update for this issue, if the reply is helpful to you, please try to mark it as an answer, it will help others who has similar issue.

    Regards,

    Leon Lu


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Tuesday, November 14, 2017 9:32 AM
    Moderator