LCS to OCS migration - Each Pool Doesn't See The Other? RRS feed

  • Question

  • My team and I have set up a test lab for an LCS to OCS migration.

    LCS is a Std Svr 2005 deployment (lcs1.test.local - and 87).  OCS is in an Enterprise cfg, with a Front End/Web Components/Web Conferencing server (ocs1.test.local -, 97, 98), and an Archiving server (ocs2.test.local -   There is NO Hardware Load Balancer (HLB) on the OCS pool.  We have a second IP assigned to the OCS server that DNS knows as ocspool01.test.local (

    OCS1 has certificates for both the pool and the server itself.  It's listening on the following ports:

    SIP IP address:         Port:     Transport:         5061     TLS         5061     MTLS
        All             5060     TCP         5061     TLS
    IM Conferencing IP address:     Port:
        All             5063
    Telephony Conferencing IP address:     SIP Port:
        All             5064

    We also have the OCS server cfg'd to authorize the LCS server with MTLS, and vice versa.  The LCS server has certificates for itself configured.

    Users migrate between the two pools fine, and we've fussed with Enhanced Presence (EP) and Non EP users.  We've made sure that a set of users who get migrated from LCS to OCS maintain NO EP by only using Office Communicator (OC) 2005, so EP never gets activated.

    The Problem:
    We've tried various configs, but can not get LCS users to chat/video/VoIP successfully with OCS users.  In some configs, the messages appear to send but are never received with no errors reported, and in other configs, the messages send and the IM client immediately responds by saying the other party is offline.  Under no configs have we managed to get presence working.  OSC users see other OCS users, but not LCS users, and vice versa.

    I've tried various cert configs as well, such as using certs for the OCS pool name, the local server name, etc, on the OCS box, to no avail, except breaking client connectivity.  The event logs also show that each server is trusting the other server as an authorized server when we restart the services.

    What are we not doing?  Why can our users not see each other or communicate across the pools?  It would be very beneficial to make sure that every user can communicate with every other user during the migration as we're doing a staged migration, rather than everyone at once, and other posts I've read demonstrate that it is possible (i can send links if desired), I just can't figure out what's missing.

    Any thoughts are greatly appreciated.  Thanks in advance.

    Thursday, April 3, 2008 8:27 PM

All replies