Integrating Lync 2010 with Avaya AES Server

Dears,

I'm trying to integrate AES 5.2.3 with Super Patch 2 installed with Lync Server 2010. I installed one Lync Front-End Standard Edition and followe the instruction in the below URl:

http://support.avaya.com/css/P8/documents/100144425

Also, Customer has AD which use S-LDAP connection, so communication with AD over 389 port is not allowed, we are using 636 port.

I noticed that the CA server (Windows 2003) installed on the environment is Standalone Server, so I cannot find "Certificate Template" in the CA Console but i got it from MMC snap-in and created the required template according to the document (above URL) but and continue the steps.

when I enabled users to RCC, and login to Lync Client, i got an error "No Phone System Connection"

and from snooper, i found 

ms-diagnostics: 1038;reason="Failed to connect to a peer server";WinsockFailureCode="10061(WSAECONNREFUSED)";WinsockFailureDescription="The peer actively refused the connection attempt";Peer="aesad.domain.com";Port="4723";source="LYNCFE.domain.com"

by reviewing the certificate on FE server and AES server, i found that, Enhanced Key Usage: Server Authentication although i used a template that afford Server & Client Authentication.

 

Also, I don't have another server to create Trusted App Pool, so when I run the power shell command I got a warning advise that this machine (App Pool Name) doesn't has Computer Object in AD.

My Questions:

  1. Is the certificate issued to Lync and AES correct or it should contain both Server & Client Authentication?
  2. Can I use Standalone CA to issue this type of Certificates or I have to install Enterprise CA? 
  3. What is the cause of "No Phone System Connection" Error? 
  4. How can I check if AES accept communication with Lync on 4723? I tried to telnet with no luck.
  5. Is it supported to allow AES to communicate S-LDAP?
August 16th, 2011 6:11pm

Hi Fady,

1.You issued incorrect certificate for Lync and AES. The certificate templates from MMC snap-in is different from the templates form certification Authority. I donot know why there is no "Certificate Template" in your CA console. Do you install the CA component?

2.Maybe It can work you use standalone CA to issue certificate to Lync deployment, but it isnot recommended. You'd better add your CA server to domain and install Enterprise CA.

3.Verify you have add AES server to lync Trusted APP pool successfully. AES server has opend port 4723 port in firewall. You'd better install Enterprose CA and create templates in the CA templates, and issue the certificate for lync server.

4.Make sure AES server has opend port 4723 port in firewall.

5.I think the AES server can communicate s-ldap. you should add AES SERVER FQDN to AD and create A record for it.

 

Free Windows Admin Tool Kit Click here and download it now
August 17th, 2011 11:23am

Thanks Sean for your reply.

I followed your instructions and installed Enterprise CA and now I can see that in Lync & AES thet the certificate support Server & Client Auth.

but when I log in to Lync Client i can see the same error "No Phone System Connection"

what I have to do to know what's wrong in my configuration?

Also, I created an Application Pool with server name that not exist in the real environment this is why I get a warning message about this. Do you think this is

August 17th, 2011 12:21pm

Can you "ping " the AES server successfully?

Do you configurate AES correctly?

Free Windows Admin Tool Kit Click here and download it now
August 25th, 2011 5:09am

Hi,

we had the same problem

now we got the Information from AVAYA that the AES Server 5.x is not working with Lync 2010 (only OCS 2007R2 or less)

You need the AES 6.x version!

best regards

Mark

January 14th, 2014 5:04am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics