Lync Online certificate issue

Hi

I have a scenario where AD users syncs to the cloud. Ive enabled my users with a license giving them among other services, lync.

I can connect to the lync client but cant see or talk to external users. When doing the Microsoft Remote Connect test i get the following

Testar anslutningen till Lyncs webbtjnstserver fr automatisk upptckt, fr att se om det finns en sker anslutning till port 443 och hmta rottoken.
  Testet av anslutningen till Lyncs webbtjnst fr automatisk upptckt misslyckades.
 
Ytterligare information
  Frfluten tid: 685 ms.
 
Teststeg
 

Frsker testa webbtjnstens URL fr automatisk upptckt https://lyncdiscover.domain.se/Autodiscover/AutodiscoverService.svc/root.
  Webbtjnstens URL fr automatisk upptckt gr inte att kontakta eftersom fljande tester misslyckades:
 
Ytterligare information
  Frfluten tid: 685 ms.
 
Teststeg
 
Frsker omvandla vrdnamnet lyncdiscover.domain.se i DNS.
  Vrdnamnet har omvandlats.
 
Ytterligare information
  Returnerade IP-adresser: 132.245.113.24, 2a01:111:f404:3401::38 Frfluten tid: 425 ms.
Testar TCP-porten 443 p vrden lyncdiscover.domain.se fr att kontrollera att den lyssnar och r ppen.
  Porten har ppnats.
 
Ytterligare information
  Frfluten tid: 184 ms.
Testar att SSL-certifikatet r giltigt.
  SSL-certifikatet misslyckades med en eller flera verifieringskontroller av certifikatet.
 
Ytterligare information
  Frfluten tid: 76 ms.
 
Teststeg
 
Microsoft Connectivity Analyzer frsker erhlla SSL-certifikatet frn fjrrservern lyncdiscover.domain.se p port 443.
  Microsoft Connectivity Analyzer har erhllit fjrr-SSL-certifikatet.
 
Ytterligare information
  Fjrrcertifikatsmne: CN=*.online.lync.com, OU=UCG, O=Microsoft, L=Redmond, S=Washington, C=US, Utfrdare: CN=MSIT Machine Auth CA 2, DC=redmond, DC=corp, DC=microsoft, DC=com. Frfluten tid: 36 ms.
Verifierar certifikatnamnet.
  Verifieringen av certifikatnamnet misslyckades.
   <label for="testSelectWizard_ctl12_ctl06_ctl00_ctl02_ctl01_tmmArrow">Bertta mer om problemet och hur jag ska lsa det</label>
 
Ytterligare information
  Vrdnamnet lyncdiscover.domain.se matchar inte ngot namn i servercertifikatet CN=*.online.lync.com, OU=UCG, O=Microsoft, L=Redmond, S=Washington, C=US. Frfluten tid: 1 ms.

The output is in swedish put the problem is related to that the domain lyncdiscover.domain.se is not in the certificate. 

Is it necessary to have a certificate for lync online?

Regards

Carlos

May 7th, 2015 5:37am

Looks like there is somtehing wrong with the DNS-configuration.

Please verify via this link:

https://technet.microsoft.com/en-us/library/hh852557.aspx?f=255&MSPPError=-2147217396

https://support.microsoft.com/en-us/kb/2566790

https://www.martinhatch.com/2012/02/dns-records-required-to-use-lync-online.html

You need a CNAME and for you to be able to contact other you need a federationrecord. And maybe enable federation on your 365-account.

https://support.office.com/en-au/article/Let-Skype-for-Business-Online-users-communicate-with-external-Skype-for-Business-or-Skype-contacts-b414873a-0059-4cd5-aea1-e5d0857dbc94?ui=en-US&rs=en-AU&ad=AU

Free Windows Admin Tool Kit Click here and download it now
May 7th, 2015 7:49am

Hi

When running the test i get the following error

Testar instllningarna fr externt domnnamn till din egna domnanvndare faveotest@domain.se i Office 365.
  Det gick inte att verifiera namninstllningarna i Office 365 fr den egna domnen. Se informationen nedan fr specifika felorsaker.
 
Ytterligare information
  Frfluten tid: 611 ms.
 
Teststeg
 
Frsker omvandla och verifiera SRV-posten _sip._tls.domain.se i DNS.
  Det gick inte att verifiera SRV-posten.
   <label for="testSelectWizard_ctl12_ctl06_ctl00_tmmArrow">Bertta mer om problemet och hur jag ska lsa det</label>
 
Ytterligare information
  Flera lsningar fr SRV-posten: _sip._tls.domain.se. Exempel lifesizecloud.com, sipdir.online.lync.com. Frfluten tid: 175 ms.
Frsker omvandla och verifiera SRV-posten _sipfederationtls._tcp.domain.se i DNS.
  SRV-posten har verifierats.
 
Ytterligare information
  SRV-posten _sipfederationtls._tcp.domain.se omvandlas till: sipfed.online.lync.com:5061. Frfluten tid: 138 ms.
Frsker omvandla och verifiera CNAME-posten sip.domain.se i DNS.
  CNAME-posten har verifierats.
 
Ytterligare information
  Vrdpost(er) som returnerades: sipdir.online.lync.com. Frfluten tid: 157 ms.
Frsker omvandla och verifiera CNAME-posten lyncdiscover.domain.se i DNS.
  CNAME-posten har verifierats.
 
Ytterligare information
  Vrdpost(er) som returnerades: webdir.online.lync.com. Frfluten tid: 140 ms

We have another record with the for the same srv record, _sip._tls.domain.se. But on a different port and lower priority

Is it connected to the problems with ssl certificate?

https://support.office.com/en-au/article/Let-Skype-for-Business-Online-users-communicate-with-external-Skype-for-Business-or-Skype-contacts-b414873a-0059-4cd5-aea1-e5d0857dbc94?ui=en-US&rs=en-AU&ad=AU

Ive already done this

Regards

Carlos


  • Edited by csoto24 11 hours 54 minutes ago sensible information
May 7th, 2015 11:25am

Hi,

The forum you posted is for Lync Server On Premise only. The issue is more related to Lync online, you can also post a question on Office365 forum for assistance. Thank you for your understanding.

http://community.office365.com/en-us/f/166.aspx

Best Regards,
Eason Huang

Free Windows Admin Tool Kit Click here and download it now
May 8th, 2015 3:33am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics