locked
error in Live Meeting with anonymous

    Question

  • We are trying an external Web Conferencing (Live Meeting) with anonymous, but the anonymous always receive the error message "Cannot connect to the meeting".

    The Front End is configured, in Global Properties - Meetings - Anonymous Participants, to "Allow users to invite anonymous participants".

    Also in the Edge Server, in Properties - Access Methods, the box "Allow anonymous users to join meetings" is checked.

    I added a SRV record in the external DNS (_sip._tls.myexternaldomain.com.br).

    we also install public certificates ( for Web Conferencing, Access Edge, and Web Components)

    from the client side, the Outlook 2007 is configured to allow anonymous participants.

    According to the link:
    http://social.microsoft.com/Forums/en-US/communicationsserveredgeservers/thread/602aa235-ed0f-4b3d-b9d8-d5c57f91dd7f/

    to solve this problem we must remove the sign-in name in Open User Accounts in the Live Meeting client. However, this requires a lot of user involvement since depending on what meeting they join they would have to switch between filling out the login information or not. So, this is not a proper solution.

    What should be done so that an anonymous User can join a meeting without the need to change the settings in the Live Meeting client?


    Is there something missing in my configurations, or any other kind of problem?

    Thursday, November 19, 2009 12:46 PM

Answers

  • What users are attempting to access the meeting as anonymous?  Corporate workstations with OC/LM deployed or third parties?  Technically you should remove the Sign-In Name in the LM options on profiles used by OCS-enabled corporate users as they won't be able to join as authenticated to meetings.  For example I have my Sign-In address populated but when I join meetings on third-party OCS servers I will join anonymously without problems, there is no need to clear the username.

    Take a look at this thread to verify you have all of the settings configured correctly: http://blogs.pointbridge.com/Blogs/schertz_jeff/Pages/Post.aspx?_ID=67
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Thursday, November 19, 2009 1:39 PM
    Moderator
  • Hi bmammen
    Above reply Jeff referred means you should remove the sign-in name in the lm.
    And the blog Jeff referred means that you can change some configuration to no need remove it.
    Per your scenario, if you have not changed the policy configuration, you'd better to remove it.

    Regards!
    Gavin
    Tuesday, November 24, 2009 10:27 AM
    Moderator
  • Hi
    The location should like this:
    Location:       meet:sip:username@domainname;gruu;opaque=app:conf:focus:id:6D4E7D1F8CD7A345855BBD573BE3DA95

    Regards!
    gavin
    Wednesday, December 02, 2009 1:11 AM
    Moderator

All replies

  • What users are attempting to access the meeting as anonymous?  Corporate workstations with OC/LM deployed or third parties?  Technically you should remove the Sign-In Name in the LM options on profiles used by OCS-enabled corporate users as they won't be able to join as authenticated to meetings.  For example I have my Sign-In address populated but when I join meetings on third-party OCS servers I will join anonymously without problems, there is no need to clear the username.

    Take a look at this thread to verify you have all of the settings configured correctly: http://blogs.pointbridge.com/Blogs/schertz_jeff/Pages/Post.aspx?_ID=67
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Thursday, November 19, 2009 1:39 PM
    Moderator
  • Not sure I follow and was wondering if you could be more specific?   I've looked at the link you provided on configuring LM internally and externally, which seems to be the basic installation instructions which I think I've followed pretty closely.  Everything else seems to work fine, and it's only this one situation causing a bit of complexity. 

    In my particular situation I've been contacted twice because Microsoft employees invited to LM sessions hosted by my company could not join the conference because they were being prompted for credentials (we are a publishing company and routinely work with MS for our IT publications).  The first time both parties ended up falling back to a Verizon conference bridge with WebEx, the second time I found several threads stating that clearing the sign-on ID would allow them to join and it did, but this is cumbersome to remember.

    So directly to my question...  What should I change on my side so that the MS employees connecting to my companies LM won't have to clear their sign-in ID to join anonymously?

    Thanks for all your help!
    Thursday, November 19, 2009 3:40 PM
  • Just to clarify, did you mean "should remove the Sign-In Name in the LM" or "shouldn't"? 
    Thursday, November 19, 2009 3:46 PM
  • Hi bmammen
    Above reply Jeff referred means you should remove the sign-in name in the lm.
    And the blog Jeff referred means that you can change some configuration to no need remove it.
    Per your scenario, if you have not changed the policy configuration, you'd better to remove it.

    Regards!
    Gavin
    Tuesday, November 24, 2009 10:27 AM
    Moderator
  • Gavin, what should I change the policy settings to so that we will not be required to remove the sign-in name?  Currently the policy is set to allow anonymous.
    Thanks,  Brent
    Saturday, November 28, 2009 4:32 AM
  • Hi
    Jeff has a good blog for it, you can refer to it
    http://blogs.pointbridge.com/Blogs/schertz_jeff/Pages/Post.aspx?_ID=67

    Regards!
    Gavin
    Monday, November 30, 2009 1:44 AM
    Moderator
  • As mentioned earlier I have gone through Jeff's Live Meeting Externally blog and have compared our configuration to what is listed there (I just went through it again to be sure).  Currenlty the Policy settings are: 

    Front End/Global
    >Anonymous Participants=Allow users to invite anonymous participants
    >Global policy= Policy 1 (High)
    Edge
    >Allow remote user access to your network
    >Allow anonymous users to join meetings 

    Everything I've read and one of the PS professionals I spoke with the other day said that this behavior is expected, so I was intrigued when Jeff mentioned that he was able join an OCS hosted session from an untrusted organization without clearing his login ID.

    Thx.  Brent
    Monday, November 30, 2009 8:59 PM
  • Hi bmammen,
    How do you join the meeting as a anonymous user, use the link "join the meeting" or use the location of the meeting?
    You can check both ways, it seems it is no need to remove the login ID by using the location of the meeting, you can use ie.

    Regards!
    Gavin

    Tuesday, December 01, 2009 11:01 AM
    Moderator
  • Just spoke to one of the folks at Microsoft that was trying to connect to our last LM invite and he said he clicked the "Join the meeting" link in the invitation and it launched his LM client with his Microsoft login ID pre-populated.  I've verified and the location links in the email both point to downloads for the Live Meeting client install and not to the actual meeting.  Do you see something different on your invitation links?  I.E. - "I am connecting from inside the Corporate network" (points to:  http://office.microsoft.com/en-us/help/HA101733831033.aspx)  and "I am connecting from outside the Corporate network" (points to:  http://office.microsoft.com/en-us/help/HA101733831033.aspx)

    Thanks!  Brent

    Tuesday, December 01, 2009 3:53 PM
  • Hi
    The location should like this:
    Location:       meet:sip:username@domainname;gruu;opaque=app:conf:focus:id:6D4E7D1F8CD7A345855BBD573BE3DA95

    Regards!
    gavin
    Wednesday, December 02, 2009 1:11 AM
    Moderator
  • Just spoke to an MCM about the issue and he tells me that leaving the Login ID populated will work as long as the company your are doing the LM with has an established Federation with your company.  I have not tested this but it seems to have merit as the LM meetings between our company and Microsoft is failing with the Login ID populated, and we don't have a Federation established because Microsoft doesn't automatically Federate with other domains. 

    PS - our location SIP is as it should look.
    Monday, December 14, 2009 4:06 PM