July 8, 2014

Lync 2013 clients and ADFS 3.0 logon issue

Mobile clients are not able to log on to the Lync Online. This example represents simple configuration with two NLB clusters. First one for Web Application Proxy (new feature in Windows Server 2012R2 which works as service of Remote Access Role) and second NLB for ADFS. 

If we run Microsoft Remote Connectivity Analyzer we get following error:

Couldn't sign in. Error: Error Message: No common authentication method detected..
Error Type: AuthenticationException.
Error Code: 0.
Realm: SIP Communications Service.
Response Code: 401.
Response Text: Unauthorized.

To fix this issue we have to add certificate on both NLB clusters:
1. Get "Certificate Hash" and "Application ID" using "netsh http show sslcert" command.
2. Add Certificate:
netsh http
add sslcert ipport= certhash="Certificate Hash" appid="Application ID"
The output should be: SSL Certificate successfully added.

PS. Mobile clients started working successfully without issues but Remote Connectivity Analyzer still shows errors.

No comments:

Post a Comment