none
Lync Phones Certificate RRS feed

Answers

All replies

  • You can use the certutil mechanism to install the Public Root CA certificate. First you download the certificate from the CA's web site. Then you use the certutil command to publish the certificate to your Active Directory. It will be added as an object under CN=Certification Authorities, CN=Public Key Services, CN=Services, CN=Configuration, DC=<domain>, DC=<tld>. You can add multiple Root CA certificates using this method. The device will download all the certificates found.

    After the public Root CA certificate is published you will have to connect the device once to the internal network to get the certificate downloaded. Before you do that you need to reset the device to clear the certificate store, since you need the device to ask for certificates (if you didn't do this the device would use the currently installed certificate when challenged by your internal OCS servers and not search for them in Active Directory). You reset the device by inserting a paper clip in the small hole on the back between the USB and headset connectors. Afterwards you can connect the device to the Internet and it will connect to the lync server.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Friday, June 10, 2011 6:14 AM
    Moderator
  • Hello,

    Thank you very much for you answer. Sadly this doesen´t answer my question.

    For me its important do unterstand how the devices, in our case Aastra 6725ip

    and Aastra 6721ip get there certificates, as we get an error message when trying

    to connect to the lync server. "Certificate or web service cannot be found". We checked

    the DCHP Options and everthing is set up correctly. I would like to understand, how the

    devices get their certificats.

    Do they download it using: CertProv/CertProvisioningService.svc service or as descripted

    in

    http://technet.microsoft.com/de-de/library/gg398270.aspx

     

    So whats the right way and where i have to look if i have a problem with certificates.

    Thank you very much

     

    HP


    Friday, June 10, 2011 6:37 AM
  • Hi,

    The following article is about Aastra 6725ip how to authenticate in Lync environment:

    http://technet.microsoft.com/en-us/library/gg413090.aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Friday, June 17, 2011 2:19 AM
    Moderator
  • Hi,

    Not sure exactly how the process works itself. However, I had similar issue with our devices. The problem was with Cert provisioning, basically device couldn’t access url.

    What DHCP are you using is it Microsoft or 3<sup>rd</sup> party ?

    Did you use DHCPUtil?

     

    Friday, June 17, 2011 10:07 AM