Hello everyone,

We have 3 Skype for Business Server 2015 servers at each remote office. Users in office 2 get the error when sign-in to their Lync Mobile (happens to iPhone, Android) - "We can't connect to the server. If you're using Wi-Fi, open your browser to see if you have a connection. Otherwise, disable any hot-spot or tethering connections. If the problem persists, contact  your network provider." If I move them to another pool then the issue is gone. The Lync on desktop works fine for users in office 2. Any ideas?

Thanks,

Hi IT-newbie,

You may try the following suggestions.

1. Make sure the external web service DNS records exist. (I assume that you have multiple FE Pools)

2. Maybe the proxy is not correct configured, check the configurations on Reverse Proxy.

3. Check the network between Office 2 and Office x where the Reverse Proxy resides.

4. Please check the IIS application state on the SFB servers which in Office 2, ensure the application is running.

5. Check the event logs on the SFB servers.

Best regards,

Eric

Thank you Eric for your reply. As I am new in Lync and not the one who set up Lync, so I will have some stupid questions :). Please see my notes below:

1. Make sure the external web service DNS records exist. (I assume that you have multiple FE Pools) - as we don't have any issue with office1 and office 3 pools so the external DNS should be fine, is that correct?

2. Maybe the proxy is not correct configured, check the configurations on Reverse Proxy. Could you please give me more details? We use IIS for Reverse Proxy and all servers in Server Farm are green.

3. Check the network between Office 2 and Office x where the Reverse Proxy resides. I can ping from office2 front end server to reverse proxy in office1

4. Please check the IIS application state on the SFB servers which in Office 2, ensure the application is running. - the LyncUCWA started on the front end server in office2

 

5. Check the event logs on the SFB servers.

 

Best regards,

Eric

I've got this report from MS Lync Connectivity Analyzer tool. Only the account belongs to office2 has the problem, if I move this account to another office1's pool then it works. Any ideas?

Thanks much!

=================================================

[7/9/2015 4:33:01 PM] [DEBUG] Logging test parameters:
[7/9/2015 4:33:01 PM] [DEBUG] SIP Uri: test.lync@mydomain.com
[7/9/2015 4:33:01 PM] [DEBUG] User Name:
[7/9/2015 4:33:01 PM] [DEBUG] Discovery Type: Automatic Discovery
[7/9/2015 4:33:01 PM] [DEBUG] Network access: NetworkAccessInternal
[7/9/2015 4:33:01 PM] [DEBUG] Selected client: ApplicationLyncMobile2013
[7/9/2015 4:33:01 PM] [SUBHEADING] Starting Lync server autodiscovery
[7/9/2015 4:33:01 PM] [INFO] Please wait; this test may take several minutes to complete...
[7/9/2015 4:33:01 PM] [SUBHEADING] Starting automatic discovery for secure (HTTPS) internal channel
[7/9/2015 4:33:01 PM] [DEBUG] Sending HTTP request to https://lyncdiscoverinternal.mydomain.com/?sipuri=test.lync@mydomain.com
[7/9/2015 4:33:01 PM] [DEBUG] Cookie  found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
  Pragma: no-cache
  X-MS-Server-Fqdn: Prod-Lync-01-V.int.mydomain.com
  X-MS-Correlation-Id: 2147524916
  client-request-id: 1d2d9286-7b1b-49d5-afde-892e9cc57294
  X-Content-Type-Options: nosniff
  Cache-Control: no-cache
  Date: Thu, 09 Jul 2015 23:33:01 GMT
  Content-Length: 1060
  Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
  Expires: -1
}
[7/9/2015 4:33:01 PM] [DEBUG] Parsing the response for URL https://lyncdiscoverinternal.mydomain.com/?sipuri=test.lync@mydomain.com.  Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="Internal"><Root><Link token="Domain" href="https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/domain?originalDomain=mydomain.com" /><Link token="User" href="https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=mydomain.com" /><Link token="Self" href="https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root?originalDomain=mydomain.com" /><Link token="OAuth" href="https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/oauth/user?originalDomain=mydomain.com" /><Link token="External/XFrame" href="https://lync.mydomain.com/Autodiscover/XFrame/XFrame.html" /><Link token="Internal/XFrame" href="https://Prod-lync-01-v.int.mydomain.com/Autodiscover/XFrame/XFrame.html" /><Link token="XFrame" href="https://lync.mydomain.com/Autodiscover/XFrame/XFrame.html" /></Root></AutodiscoverResponse>
[7/9/2015 4:33:01 PM] [DEBUG] Autodiscover URL https://lyncdiscoverinternal.mydomain.com/?sipuri=test.lync@mydomain.com redirected to https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=mydomain.com
[7/9/2015 4:33:01 PM] [DEBUG] Sending HTTP request to https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=mydomain.com?sipuri=test.lync@mydomain.com
[7/9/2015 4:33:01 PM] [DEBUG] Cookie  found in autodiscover response: StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
  X-MS-WebTicketURL: https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc
  X-MS-WebTicketSupported: cwt,saml
  Cache-Control: no-cache
  WWW-Authenticate: Bearer trusted_issuers="", client_id="00000004-0000-0ff1-ce00-000000000000"
  WWW-Authenticate: MsRtcOAuth href="https://Prod-lync-01-v.int.mydomain.com/WebTicket/oauthtoken",grant_type="urn:microsoft.rtc:windows,urn:microsoft.rtc:anonmeeting,password"
  X-MS-Server-Fqdn: Prod-Lync-01-V.int.mydomain.com
  X-MS-Correlation-Id: 2147492769
  client-request-id: a2689c89-dd3b-4546-b239-f6275b06eb83
  Strict-Transport-Security: max-age=31536000; includeSubDomains
  X-Content-Type-Options: nosniff
  Date: Thu, 09 Jul 2015 23:33:01 GMT
  Content-Length: 1293
  Content-Type: text/html
}
[7/9/2015 4:33:01 PM] [DEBUG] Authorization required for https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=mydomain.com?sipuri=test.lync@mydomain.com
[7/9/2015 4:33:01 PM] [DEBUG] Obtaining WebTicket from https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc
[7/9/2015 4:33:01 PM] [DEBUG] On-premises WebTicket server: https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc/Auth
[7/9/2015 4:33:02 PM] [DEBUG] Autodiscover: SendRequest(): the URL https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc/Auth couldn't be connected.  Complete HTTP headers:\r\n X-MS-Server-Fqdn: Prod-Lync-01-V.int.mydomain.com
X-MS-Correlation-Id: 2147491510
client-request-id: a490253e-ed60-4d60-850e-5efe6143d3ee
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Cache-Control: private
Date: Thu, 09 Jul 2015 23:33:01 GMT

[7/9/2015 4:33:02 PM] [ERROR] Couldn't connect to URL https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc/Auth
[7/9/2015 4:33:02 PM] [ERROR] Reason: Internal server error (HTTP status code 500)
[7/9/2015 4:33:02 PM] [ERROR] Ms-Diagnostics-Fault ErrorId: 28020, Reason: No valid security token.
[7/9/2015 4:33:02 PM] [CRITICAL] The credentials were not authorized by the server. Please verify your login credentials and try again.
[7/9/2015 4:33:02 PM] [DEBUG] System.Exception: Exception of type 'System.Exception' was thrown.
   at Microsoft.LyncServer.WebServices.WebTicketManager.WTExceptions(String exText)
   at Microsoft.LyncServer.WebServices.WebTicketManager.<AcquireTicketAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.LyncServer.WebServices.WebTicketManager.<AcquireOpaqueTicketAsync>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<AuthenticationRequired>d__2a.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<ParseResponse>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
[7/9/2015 4:33:02 PM] [SUMMARY_ERROR] Server discovery failed for secured internal channel against https://lyncdiscoverinternal.mydomain.com/
[7/9/2015 4:33:02 PM] [SUBHEADING] Starting automatic discovery for unsecure (HTTP) internal channel
[7/9/2015 4:33:02 PM] [DEBUG] Sending HTTP request to http://lyncdiscoverinternal.mydomain.com/?sipuri=test.lync@mydomain.com
[7/9/2015 4:33:02 PM] [DEBUG] Cookie  found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
  Pragma: no-cache
  X-MS-Correlation-Id: 2147508998
  client-request-id: 9a37de39-4632-44d7-a6be-e81aa6b5f82a
  X-Content-Type-Options: nosniff
  Cache-Control: no-cache
  Date: Thu, 09 Jul 2015 23:33:01 GMT
  Content-Length: 1060
  Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
  Expires: -1
}
[7/9/2015 4:33:02 PM] [DEBUG] Parsing the response for URL http://lyncdiscoverinternal.mydomain.com/?sipuri=test.lync@mydomain.com.  Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="Internal"><Root><Link token="Domain" href="https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/domain?originalDomain=mydomain.com" /><Link token="User" href="https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=mydomain.com" /><Link token="Self" href="https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root?originalDomain=mydomain.com" /><Link token="OAuth" href="https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/oauth/user?originalDomain=mydomain.com" /><Link token="External/XFrame" href="https://lync.mydomain.com/Autodiscover/XFrame/XFrame.html" /><Link token="Internal/XFrame" href="https://Prod-lync-01-v.int.mydomain.com/Autodiscover/XFrame/XFrame.html" /><Link token="XFrame" href="https://lync.mydomain.com/Autodiscover/XFrame/XFrame.html" /></Root></AutodiscoverResponse>
[7/9/2015 4:33:02 PM] [DEBUG] Autodiscover URL http://lyncdiscoverinternal.mydomain.com/?sipuri=test.lync@mydomain.com redirected to https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=mydomain.com
[7/9/2015 4:33:02 PM] [DEBUG] Sending HTTP request to https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=mydomain.com?sipuri=test.lync@mydomain.com
[7/9/2015 4:33:02 PM] [DEBUG] Cookie  found in autodiscover response: StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
  X-MS-WebTicketURL: https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc
  X-MS-WebTicketSupported: cwt,saml
  Cache-Control: no-cache
  WWW-Authenticate: Bearer trusted_issuers="", client_id="00000004-0000-0ff1-ce00-000000000000"
  WWW-Authenticate: MsRtcOAuth href="https://Prod-lync-01-v.int.mydomain.com/WebTicket/oauthtoken",grant_type="urn:microsoft.rtc:windows,urn:microsoft.rtc:anonmeeting,password"
  X-MS-Server-Fqdn: Prod-Lync-01-V.int.mydomain.com
  X-MS-Correlation-Id: 2147499883
  client-request-id: e063f957-8ac6-48a8-8947-3dde2000d86f
  Strict-Transport-Security: max-age=31536000; includeSubDomains
  X-Content-Type-Options: nosniff
  Date: Thu, 09 Jul 2015 23:33:01 GMT
  Content-Length: 1293
  Content-Type: text/html
}
[7/9/2015 4:33:02 PM] [DEBUG] Authorization required for https://Prod-lync-01-v.int.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=mydomain.com?sipuri=test.lync@mydomain.com
[7/9/2015 4:33:02 PM] [DEBUG] Obtaining WebTicket from https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc
[7/9/2015 4:33:02 PM] [DEBUG] On-premises WebTicket server: https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc/Auth
[7/9/2015 4:33:02 PM] [DEBUG] Autodiscover: SendRequest(): the URL https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc/Auth couldn't be connected.  Complete HTTP headers:\r\n X-MS-Server-Fqdn: Prod-Lync-01-V.int.mydomain.com
X-MS-Correlation-Id: 2147538356
client-request-id: cb7786f5-cfbb-4884-81d3-f008aeed31b5
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Cache-Control: private
Date: Thu, 09 Jul 2015 23:33:01 GMT

[7/9/2015 4:33:02 PM] [ERROR] Couldn't connect to URL https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc/Auth
[7/9/2015 4:33:02 PM] [ERROR] Reason: Internal server error (HTTP status code 500)
[7/9/2015 4:33:02 PM] [ERROR] Ms-Diagnostics-Fault ErrorId: 28020, Reason: No valid security token.
[7/9/2015 4:33:02 PM] [CRITICAL] The credentials were not authorized by the server. Please verify your login credentials and try again.
[7/9/2015 4:33:02 PM] [DEBUG] System.Exception: Exception of type 'System.Exception' was thrown.
   at Microsoft.LyncServer.WebServices.WebTicketManager.WTExceptions(String exText)
   at Microsoft.LyncServer.WebServices.WebTicketManager.<AcquireTicketAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.LyncServer.WebServices.WebTicketManager.<AcquireOpaqueTicketAsync>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<AuthenticationRequired>d__2a.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<ParseResponse>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
[7/9/2015 4:33:02 PM] [SUMMARY_ERROR] Server discovery failed for unsecured internal channel against http://lyncdiscoverinternal.mydomain.com/
[7/9/2015 4:33:02 PM] [SUBHEADING] Starting automatic discovery for secure (HTTPS) external channel
[7/9/2015 4:33:02 PM] [SUMMARY] lyncdiscover.mydomain.com can't be resolved by the DNS server. Skipping external discovery.
[7/9/2015 4:33:02 PM] [DEBUG] None, AutoExternalDNSFail, AutoInternalSecureD, AutoInternalUnsecureD, AutoExternalSecureD, AutoExternalUnsecureD, ManualDNSFail, ManualSecureD, ManualUnsecureD, AuthBrokerInternalLMXCheckGET, AuthBrokerInternalLMXCheckPOST, AuthBrokerExternalLMXCheckGET, AuthBrokerExternalLMXCheckPOST, MobilityMCXInternalLMXCheckGET, MobilityMCXInternalLMXCheckPOST, MobilityMCXExternalLMXCheckGET, MobilityMCXExternalLMXCheckPOST, LMXSIPServerInternalDNS, LMXSIPServerExternalDNS, MobilityUCWAInternalCheckPOST, MobilityUCWAExternalCheckPOST
[7/9/2015 4:33:02 PM] [SUMMARY]
[7/9/2015 4:33:02 PM] [SUMMARY_ERROR] The credentials were not authorized by the server. Please verify your login credentials and try again.
[7/9/2015 4:33:02 PM] [SUMMARY_ERROR]
Microsoft Lync Connectivity Analyzer cannot analyze deployment readiness until a discovery test has completed successfully.

Hi IT-newbie,

"[7/9/2015 4:33:02 PM] [ERROR] Couldn't connect to URL https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc/Auth
[7/9/2015 4:33:02 PM] [ERROR] Reason: Internal server error (HTTP status code 500)
[7/9/2015 4:33:02 PM] [ERROR] Ms-Diagnostics-Fault ErrorId: 28020, Reason: No valid security token.
[7/9/2015 4:33:02 PM] [CRITICAL] The credentials were not authorized by the server. Please verify your login credentials and try again."

Check if the link https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc is accessible.

If it is accessible, then you'll be prompted for credentials.

Best regards,

Eric

Hello Eric,

The https:\\xxxx does not works ( The page cannot be found) but the Http:\\xxxxxx works - prompt for credentials.

What should I do next? And why users in the office1's pool and office3's pool do have any issue with Lync Mobility?

Thank you so much for your time.

Hello Eric,

https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc is accessible, I've got the prompt to enter the credentials but then I've got error 401 Access Denied

What should I do next?

Thank you so much for your time.

• Edited by IT-newbie 9 hours 8 minutes ago

Hello Eric,

https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc is accessible, I've got the prompt to enter the credentials but then I've got error 401 Access Denied

What should I do next?

Thank you so much for your time.

• Edited by IT-newbie Tuesday, July 14, 2015 10:18 PM

Hello Eric,

https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc is accessible, I've got the prompt to enter the credentials but then I've got error 401 Access Denied

What should I do next?

Thank you so much for your time.

• Edited by IT-newbie Tuesday, July 14, 2015 10:18 PM

Hello Eric,

https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc is accessible, I've got the prompt to enter the credentials but then I've got error 401 Access Denied

What should I do next?

Thank you so much for your time.

• Edited by IT-newbie Tuesday, July 14, 2015 10:18 PM

Hello Eric,

https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc is accessible, I've got the prompt to enter the credentials but then I've got error 401 Access Denied

What should I do next?

Thank you so much for your time.

• Edited by IT-newbie Tuesday, July 14, 2015 10:18 PM

Hello Eric,

https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc is accessible, I've got the prompt to enter the credentials but then I've got error 401 Access Denied

What should I do next?

Thank you so much for your time.

• Edited by IT-newbie Tuesday, July 14, 2015 10:18 PM

Hello Eric,

https://Prod-lync-01-v.int.mydomain.com/WebTicket/WebTicketService.svc is accessible, I've got the prompt to enter the credentials but then I've got error 401 Access Denied

What should I do next?

Thank you so much for your time.

• Edited by IT-newbie Tuesday, July 14, 2015 10:18 PM

Hi IT-newbie,

Do you have the second NIC on the FE server ?

I found this article

http://s4b-usergroup.com/lync-blog/lync-mobile-kan-zich-niet-aanmelden/

(The upper part is in English)

Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.

Best regards,

Eric

Hi IT-newbie,

Im writing to follow up on this thread. Do you have any updates on this issue? Please post back at your convenience.

Best regards,

Eric

Hi Eric,

Sorry for the late reply, I've been busy with another projects. No, we only have 1 NIC for FE servers and reverse proxy server as well. For now, the workaround is moving people to another pool. :( I've tried to narrow down the issue and hope you have a second eye on this:

On problematic pool, test user can sigh-in to Lync desktop but not for Lync Mobile ---> Lync/Internal DNS works fine

Move test user to another pool ----> both Lync Desktop and Lync Mobile work fine ---->Internal DNS/External DNS/AutoDiscover/Reverse Proxy work fine.

Got this error from LCA:

[ERROR] Couldn't connect to URL https://Lync-domain.local/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=domain.com?sipuri=test@domain.com
[ERROR] Reason: Internal server error (HTTP status code 500)
[ERROR] InternalServerError: Source server FQDN: Problematic-Server.domain.local\r\nReason: No valid security token
[DEBUG] System.Exception: Exception of type 'System.Exception' was thrown.

The connection between problematic office and HQ office is good. It seems the test user can't authenticate and that makes me think about certificate issue but I don't know how to test that properly.

Thanks,

Hi Eric,

Sorry for the late reply, I've been busy with another projects. No, we only have 1 NIC for FE servers and reverse proxy server as well. For now, the workaround is moving people to another pool. :( I've tried to narrow down the issue and hope you have a second eye on this:

On problematic pool, test user can sigh-in to Lync desktop but not for Lync Mobile ---> Lync/Internal DNS works fine

Move test user to another pool ----> both Lync Desktop and Lync Mobile work fine ---->Internal DNS/External DNS/AutoDiscover/Reverse Proxy work fine.

Got this error from LCA:

[ERROR] Couldn't connect to URL https://Lync-domain.local/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=domain.com?sipuri=test@domain.com
[ERROR] Reason: Internal server error (HTTP status code 500)
[ERROR] InternalServerError: Source server FQDN: Problematic-Server.domain.local\r\nReason: No valid security token
[DEBUG] System.Exception: Exception of type 'System.Exception' was thrown.

The connection between problematic office and HQ office is good. It seems the test user can't authenticate and that makes me think about certificate issue but I don't know how to test that properly.

If I want to uninstall Lync on problematic server and then reinstall, where I can find the document to do it properly?

Thanks,

• Edited by IT-newbie 10 hours 38 minutes ago

Hi Eric,

Sorry for the late reply, I've been busy with another projects. No, we only have 1 NIC for FE servers and reverse proxy server as well. For now, the workaround is moving people to another pool. :( I've tried to narrow down the issue and hope you have a second eye on this:

On problematic pool, test user can sigh-in to Lync desktop but not for Lync Mobile ---> Lync/Internal DNS works fine

Move test user to another pool ----> both Lync Desktop and Lync Mobile work fine ---->Internal DNS/External DNS/AutoDiscover/Reverse Proxy work fine.

Got this error from LCA:

[ERROR] Couldn't connect to URL https://Lync-domain.local/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=domain.com?sipuri=test@domain.com
[ERROR] Reason: Internal server error (HTTP status code 500)
[ERROR] InternalServerError: Source server FQDN: Problematic-Server.domain.local\r\nReason: No valid security token
[DEBUG] System.Exception: Exception of type 'System.Exception' was thrown.

The connection between problematic office and HQ office is good. It seems the test user can't authenticate and that makes me think about certificate issue but I don't know how to test that properly.

If I want to uninstall Lync on problematic server and then reinstall, where I can find the document to do it properly?

Thanks,

• Edited by IT-newbie Tuesday, August 18, 2015 8:51 PM

Hi Eric,

Sorry for the late reply, I've been busy with another projects. No, we only have 1 NIC for FE servers and reverse proxy server as well. For now, the workaround is moving people to another pool. :( I've tried to narrow down the issue and hope you have a second eye on this:

On problematic pool, test user can sigh-in to Lync desktop but not for Lync Mobile ---> Lync/Internal DNS works fine

Move test user to another pool ----> both Lync Desktop and Lync Mobile work fine ---->Internal DNS/External DNS/AutoDiscover/Reverse Proxy work fine.

Got this error from LCA:

[ERROR] Couldn't connect to URL https://Lync-domain.local/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=domain.com?sipuri=test@domain.com
[ERROR] Reason: Internal server error (HTTP status code 500)
[ERROR] InternalServerError: Source server FQDN: Problematic-Server.domain.local\r\nReason: No valid security token
[DEBUG] System.Exception: Exception of type 'System.Exception' was thrown.

The connection between problematic office and HQ office is good. It seems the test user can't authenticate and that makes me think about certificate issue but I don't know how to test that properly.

If I want to uninstall Lync on problematic server and then reinstall, where I can find the document to do it properly?

Thanks,

• Edited by IT-newbie Tuesday, August 18, 2015 8:51 PM

Hi Eric,

Sorry for the late reply, I've been busy with another projects. No, we only have 1 NIC for FE servers and reverse proxy server as well. For now, the workaround is moving people to another pool. :( I've tried to narrow down the issue and hope you have a second eye on this:

On problematic pool, test user can sigh-in to Lync desktop but not for Lync Mobile ---> Lync/Internal DNS works fine

Move test user to another pool ----> both Lync Desktop and Lync Mobile work fine ---->Internal DNS/External DNS/AutoDiscover/Reverse Proxy work fine.

Got this error from LCA:

[ERROR] Couldn't connect to URL https://Lync-domain.local/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=domain.com?sipuri=test@domain.com
[ERROR] Reason: Internal server error (HTTP status code 500)
[ERROR] InternalServerError: Source server FQDN: Problematic-Server.domain.local\r\nReason: No valid security token
[DEBUG] System.Exception: Exception of type 'System.Exception' was thrown.

The connection between problematic office and HQ office is good. It seems the test user can't authenticate and that makes me think about certificate issue but I don't know how to test that properly.

If I want to uninstall Lync on problematic server and then reinstall, where I can find the document to do it properly?

Thanks,

• Edited by IT-newbie Tuesday, August 18, 2015 8:51 PM

Hi Eric,

Sorry for the late reply, I've been busy with another projects. No, we only have 1 NIC for FE servers and reverse proxy server as well. For now, the workaround is moving people to another pool. :( I've tried to narrow down the issue and hope you have a second eye on this:

On problematic pool, test user can sigh-in to Lync desktop but not for Lync Mobile ---> Lync/Internal DNS works fine

Move test user to another pool ----> both Lync Desktop and Lync Mobile work fine ---->Internal DNS/External DNS/AutoDiscover/Reverse Proxy work fine.

Got this error from LCA:

[ERROR] Couldn't connect to URL https://Lync-domain.local/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=domain.com?sipuri=test@domain.com
[ERROR] Reason: Internal server error (HTTP status code 500)
[ERROR] InternalServerError: Source server FQDN: Problematic-Server.domain.local\r\nReason: No valid security token
[DEBUG] System.Exception: Exception of type 'System.Exception' was thrown.

The connection between problematic office and HQ office is good. It seems the test user can't authenticate and that makes me think about certificate issue but I don't know how to test that properly.

If I want to uninstall Lync on problematic server and then reinstall, where I can find the document to do it properly?

Thanks,

• Edited by IT-newbie Tuesday, August 18, 2015 8:51 PM

Hi IT-newbie,

You have 3 FE servers in each pool, right ?

If you need to reinstall one of the FE server in the pool, you can just reinstall it. (Reinstall the OS with the same computer name and then run Lync Deployment Wizard.)

Best regards,

Eric

Hi Eric,

I went thru the removing FE from the pool; adding it back to the pool (published topology after each step) but the problem still persists. Just let you know and I'll keep you posted.

Thanks,