04 Juni 2008 16:41
I’ve an OCS 2007 Enterprise Pool with 2 front ends both running the web components for ABS, the FQDN for the pool points to a hardware load balancer and on to both FE servers. All works fine with IM but no address book download.
After many tests I found that on my workstation, if I set a local host file for the pool FQDN and point that direct to either FE server the address book downloads fine. Removing the host file so the client looks at the hardware load balancer it fails.
I get the same response using IE and browsing to the root of the servers web site (https://ocs-pool-domain.local), the certificate shows good in IE. When I browse to the hardware load balancer I get “The website you want to view requests identification. Please choose a certificate” message.
It looks like a hardware load balancer issue but all other OCS services are OK via the HLB, any ideas?
04 Juni 2008 17:59ModeratorRun the web components validation from the OCS admin console and look at that Internal URL in the WMI Class MSFT_SIPAddressBookSetting section. Based on what you described about your environment it should be https://PoolFQDN/abs/int/handler. Next check IIS on both OCS servers and ensure that you have a trusted cert that contains that FQDN in either the subject or subject alternative name assigned to your web site. Lastly, ensure that your load balancer is not attempting to present it's own certificate. Many load balancers will perform SSL offloading and this is probably not what you want in your particular configuration.
17 Juni 2008 4:04