none
SfB client on android not working but ios devices are (mobile offsite) RRS feed

  • Question

  • Hi,

    we have a situation where we have a lync 2013 backend, and users with the SfB client on their mobile devices connecting to the onprem servers when offsite. for a while it was working without issue, recently i noticed that android devices now do not connect they just time out at sign on with an error " cant sign in. please verify your sign-in address and any updates you made in advanced options"

    however, ios devices (even with credentials same as on android) do connect without issue and work as expected.i am not sure where i should start investigating this one, and any suggestions or help will be greatly appreciated.

    thankyou

    Wednesday, June 7, 2017 2:09 AM

All replies

  • Hi cs_280zx,

    Did this issue occur all users or specific user?
    Did this issue occur to all Android devices? Or specific Android device?

    To this issue, we suggest you do the following steps to narrow down this issue:

    1. Configure the working account which you have configured it in IOS on the Android device
    2. Create a new account and test it using Android device
    3. Update Android device to the latest

    Best Regards,
    Jim Xu
    TechNet Community Support


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, June 9, 2017 7:43 AM
    Moderator
  • Hi and thanks for your reply.

    answers below:

    its occurring for all users who happen to use an android device.

    its for all android devices.

    1. yes tried this on a number of different devices with the same failure

    2. we tried this and unfortunately same results

    3. same results again

    Monday, June 12, 2017 11:44 PM
  • Hi cs_280zx,

    Are there any changes before it didn’t work?

    To this issue, please run the following command on FE and make sure authentication is Negotiate:
    Get-CsWebServiceConfiguration

    If not, check if there are any errors in application log and post them for our troubleshooting.


    Best Regards,
    Jim Xu
    TechNet Community Support


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, June 19, 2017 10:05 AM
    Moderator
  • thanks for your reply Jim,

    here is the output from the command above:

    PS C:\Installs\scripts> Get-CsWebServiceConfiguration


    Identity                             : Global
    TrustedCACerts                       : {}
    CrossDomainAuthorizationList         : {}
    MaxGroupSizeToExpand                 : 100
    EnableGroupExpansion                 : True
    UseWindowsAuth                       : Negotiate
    UseCertificateAuth                   : True
    UsePinAuth                           : True
    UseDomainAuthInLWA                   : True
    AllowAnonymousAccessToLWAConference  : True
    EnableCertChainDownload              : True
    InferCertChainFromSSL                : True
    CASigningKeyLength                   : 2048
    MaxCSRKeySize                        : 16384
    MinCSRKeySize                        : 1024
    MaxValidityPeriodHours               : 8760
    MinValidityPeriodHours               : 8
    DefaultValidityPeriodHours           : 4320
    MACResolverUrl                       :
    SecondaryLocationSourceUrl           :
    ShowJoinUsingLegacyClientLink        : True
    ShowDownloadCommunicatorAttendeeLink : False
    AutoLaunchLyncWebAccess              : True
    ShowAlternateJoinOptionsExpanded     : False
    UseWsFedPassiveAuth                  : False
    WsFedPassiveMetadataUri              :
    AllowExternalAuthentication          : True
    MobilePreferredAuthType              : None

    from application log: none that i can see except:

    Log Name:      Application
    Source:        Microsoft-Windows-CertificateServicesClient-CertEnroll
    Date:          17/06/2017 11:50:06 PM
    Event ID:      70
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          SYSTEM
    Computer:      lyncfe01.nch.kids
    Description:
    Certificate enrollment for Local system failed because no valid policy can be obtained from policy servers with ID {40F15045-4ED5-46F0-BB94-7B6523CE4033}
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-CertificateServicesClient-CertEnroll" Guid="{54164045-7C50-4905-963F-E5BC1EEF0CCA}" EventSourceName="CertEnroll" />
        <EventID Qualifiers="33370">70</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2017-06-17T13:50:06.000000000Z" />
        <EventRecordID>2658811</EventRecordID>
        <Correlation />
        <Execution ProcessID="0" ThreadID="0" />
        <Channel>Application</Channel>
        <Computer>lyncfe01.nch.kids</Computer>
        <Security UserID="S-1-5-18" />
      </System>
      <EventData>
        <Data Name="Context">Local system</Data>
        <Data Name="ServerURL">{40F15045-4ED5-46F0-BB94-7B6523CE4033}</Data>
      </EventData>
    </Event>

    == = =  = = = =  = = = =  = = =

    Log Name:      Application
    Source:        Microsoft-Windows-IIS-W3SVC-WP
    Date:          18/06/2017 12:26:34 AM
    Event ID:      2302
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      lyncfe01.nch.kids
    Description:
    There was an error during processing of the managed application service auto-start for configuration path: 'MACHINE/WEBROOT/APPHOST/Lync Server Internal Web Site/Ucwa'. The error message returned is: 'An initialization error occurred while trying to preload an application.

    Exception: System.InvalidOperationException

    Message: Well known object of type 'System.Web.Hosting.PreloadHost' already exists in this App Domain.

    StackTrace:    at System.Web.Hosting.HostingEnvironment.CreateWellKnownObjectInstance(String assemblyQualifiedName, Boolean failIfExists)
       at System.Web.Hosting.HostingEnvironment.CreateWellKnownObjectInstance(String assemblyQualifiedName, Boolean failIfExists)
       at System.Web.Hosting.ApplicationManager.CreateObjectInternal(String appId, Type type, IApplicationHost appHost, Boolean failIfExists, HostingEnvironmentParameters hostingParameters)
       at System.Web.Hosting.ProcessHost.PreloadApplicationIfRequired(String appId, IApplicationHost appHostParameter, HostingEnvironmentParameters hostingParameters, LockableAppDomainContext ac)
       at System.Web.Hosting.ProcessHost.<>c__DisplayClass11.<PreloadApplicationIfNotShuttingdown>b__f(Object o)'.  The worker process will be marked unhealthy and be shutdown.  The data field contains the error code.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-IIS-W3SVC-WP" Guid="{670080D9-742A-4187-8D16-41143D1290BD}" EventSourceName="W3SVC-WP" />
        <EventID Qualifiers="49152">2302</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2017-06-17T14:26:34.000000000Z" />
        <EventRecordID>2658677</EventRecordID>
        <Correlation />
        <Execution ProcessID="0" ThreadID="0" />
        <Channel>Application</Channel>
        <Computer>lyncfe01.nch.kids</Computer>
        <Security />
      </System>
      <EventData>
        <Data Name="ConfigPath">MACHINE/WEBROOT/APPHOST/Lync Server Internal Web Site/Ucwa</Data>
        <Data Name="ErrorInfo">An initialization error occurred while trying to preload an application.

    Exception: System.InvalidOperationException

    Message: Well known object of type 'System.Web.Hosting.PreloadHost' already exists in this App Domain.

    StackTrace:    at System.Web.Hosting.HostingEnvironment.CreateWellKnownObjectInstance(String assemblyQualifiedName, Boolean failIfExists)
       at System.Web.Hosting.HostingEnvironment.CreateWellKnownObjectInstance(String assemblyQualifiedName, Boolean failIfExists)
       at System.Web.Hosting.ApplicationManager.CreateObjectInternal(String appId, Type type, IApplicationHost appHost, Boolean failIfExists, HostingEnvironmentParameters hostingParameters)
       at System.Web.Hosting.ProcessHost.PreloadApplicationIfRequired(String appId, IApplicationHost appHostParameter, HostingEnvironmentParameters hostingParameters, LockableAppDomainContext ac)
       at System.Web.Hosting.ProcessHost.&lt;&gt;c__DisplayClass11.&lt;PreloadApplicationIfNotShuttingdown&gt;b__f(Object o)</Data>
        <Binary>05400080</Binary>
      </EventData>
    </Event>

    these were what i saw that may be related.

    thanks
    Carl

    Tuesday, June 20, 2017 12:30 AM
  • i also saw this under System:

    Log Name:      System
    Source:        Schannel
    Date:          20/06/2017 10:20:38 AM
    Event ID:      36888
    Task Category: None
    Level:         Error
    Keywords:      
    User:          SYSTEM
    Computer:      lyncfe01.nch.kids
    Description:
    A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
        <EventID>36888</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8000000000000000</Keywords>
        <TimeCreated SystemTime="2017-06-20T00:20:38.107492500Z" />
        <EventRecordID>1289444</EventRecordID>
        <Correlation />
        <Execution ProcessID="596" ThreadID="8048" />
        <Channel>System</Channel>
        <Computer>lyncfe01.nch.kids</Computer>
        <Security UserID="S-1-5-18" />
      </System>
      <EventData>
        <Data Name="AlertDesc">10</Data>
        <Data Name="ErrorState">1203</Data>
      </EventData>
    </Event>

    Tuesday, June 20, 2017 12:31 AM
  • Hi.

    Before start troubleshooting, please update client for android. 

    Next step enable log on Android.

    Skype for Business Troubleshooting Self-Help

    How to enable logging on Skype for Business (Lync) clients?


    MCITP, MCSE. Regards, Oleg

    Wednesday, June 21, 2017 7:54 PM
  • they were always updated to latest, i actually tried downgrading thinking it was too new lol

    logging was enabled on ios and android devices also.

    Thursday, June 22, 2017 1:32 AM
  • Hi cs_280zx,

    Please check if the android device was blocked by your firewall, if you use third party firewall, you could contact firewall vendor to get check it.


    Best Regards,
    Jim Xu
    TechNet Community Support


    Please remember to mark the replies as answers if they helped.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, June 28, 2017 9:55 AM
    Moderator
  • Hi cs_280zx,

    Did you try the method provided by Jim Xu?

    If any question, please post in our forum, we are looking forward for your response.


    Regards,

    Alice Wang


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, July 13, 2017 7:58 AM
    Moderator