Non-domain? inside or outside internal network? If inside, you can simple enable OCS FE server to listen TCP 5060 port. It will not require certificate. NOTE: Communicator itself wasn't required using in domain machine.
That's not really a recommended, nor secure approach. If the computer used is not a domain-member but will be used by a valid employee with AD credentials then depending on where the computer will be connecting from you have a couple options.
If it's external (e.g. an emplotee's home personal computer) then you should have a public certificate on the Edge server meaning that the employee on needs to install the OC client on their computer and sign-in with their SIP address (Assuming you have correct SRV/A DNS records published externally).
If this is a computer on the internal network that is simply not a member of the domain then the internal CA's root certificate (if not also using third-party certs on the internal Front-End server/pool) but be installed into the local computer's certificate store, and then just install the OC client and login the same as above.Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
Agreed, but without knowing more details (is he simply testing or trying to get production users to connect?) I wouldn't want to suggest that approach without explaining in more depth.Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS