Hello World. I'm an HTTP Proxy vendor. A customer using our HTTP Proxy is having problem signing in to Microsoft Lync. I am not familiar with the inner workings of Lync, and already did some web search.
Problem : Users from 2 Active Directory Groups are not able to login to Lync.
Group 1 users get Error: "There was a problem acquiring a personal certificate"
Group 2 users get Error: "The server is temporarily unavailable"
Users from other groups are able to login without any problem.
Question : Could these problems be caused by some AD Group configuration for Lync?
Based on the data that I have :
1. For AD Group 1 "There was a problem acquiring a personal certificate" :
- SSL handshake was successful and there were some Application Layer traffic before the client sends a TCP Reset.
2. For AD Group 2 "The server is temporarily unavailable" :
- a Wireshark packet capture shows that the client goes to https://sipdir.online.lync.com and terminates with a TCP FIN.
- It then goes to https://webpoolhkn0f06.infra.lync.com with a successful SSL handshake, some Application Layer traffic, before the client sends an immediate TCP Reset.
3. For other AD Groups, login to Lync was successful.
- a Wireshark packet capture shows that the client goes to https://sipdir.online.lync.com and terminates with a TCP FIN.
Question
beLIEve
Hello World. I'm an HTTP Proxy vendor. A customer using our HTTP Proxy is having problem signing in to Microsoft Lync. I am not familiar with the inner workings of Lync, and already did some web search.
Problem : Users from 2 Active Directory Groups are not able to login to Lync.
Group 1 users get Error: "There was a problem acquiring a personal certificate"
Group 2 users get Error: "The server is temporarily unavailable"
Users from other groups are able to login without any problem.
Question : Could these problems be caused by some AD Group configuration for Lync?
Based on the data that I have :
1. For AD Group 1 "There was a problem acquiring a personal certificate" :
- a Wireshark packet capture shows that the client goes to https://sipdir.online.lync.com.
- SSL handshake was successful and there were some Application Layer traffic before the client sends a TCP Reset.
2. For AD Group 2 "The server is temporarily unavailable" :
- a Wireshark packet capture shows that the client goes to https://sipdir.online.lync.com and terminates with a TCP FIN.
- It then goes to https://webpoolhkn0f06.infra.lync.com with a successful SSL handshake, some Application Layer traffic, before the client sends an immediate TCP Reset.
3. For other AD Groups, login to Lync was successful.
- a Wireshark packet capture shows that the client goes to https://sipdir.online.lync.com and terminates with a TCP FIN.
- It then goes to https://webpoolhkn0f06.infra.lync.com with a successful SSL handshake, some Application Layer traffic.
- The client sends a TCP Reset after 20 seconds of inactivity.
- The client subsequently goes to https://login.microsoftonline.com and https://webpoolhkn0f06.infra.lync.com and so on.
Thank you all in advance.
Link to comment
Share on other sites
0 answers to this question
Recommended Posts