Federated user is unable to join an IM conference RRS feed

  • Question

  • My configuration is very simple:

    FrontEnd Server <-- (Internal network) --> Edge Server <-- (Internet) --> Federated UAC

    When i'm trying to invite a federated user to an IM conference, I see these snippets in Front-End Server logs:

    Text: Message was discarded by the application


    Start-Line: SIP/2.0 500 The server encountered an unexpected internal error
    ms-diagnostics: 3080;reason="Internal Error: AddUser failed";source="pool1.local.domain"

    It seems like these symptoms are described in http://support.microsoft.com/kb/946091, but I don't NAT my internal network and I don't have any hw load balancers. I modified hosts files on both FrontEnd and Edge servers but with no success.
    Monday, November 3, 2008 9:44 AM

All replies

  • Thanks for the fast responses Smile

    Ok, the easy question: does IM conference support federated users in general? Smile
    Monday, November 10, 2008 4:53 PM
  • Is this your only federated partner? Or do you have multiple federations and only one is not working?  Either way proper firewall configuration is the cause for the large majority of federation communication issues.  Try searching the forums for "504".


    And yes, assuming you have the Edge Web Conferencing and Edge A/V components installed and working, then federated clients can participate in IM/audio/video conferencing.

    Monday, November 10, 2008 8:40 PM
  • Are you sure I need Edge Web Conferencing and Edge A/V components installed to have IM conference working? I'm not using any Web or A/V features at all.
    Tuesday, November 11, 2008 4:01 AM
  • Sorry, I misread that.  When I see 'conferencing' I think of Audio/Video.  For simple IM conversations without any audio/video content you only need the Access Edge role deployed with a third-party public certificate (for Federation and PIC support).


    Tuesday, November 11, 2008 12:34 PM
  • BTW, I see strange things in log files. For example, I've noted that OCS puts internal address in Contact header field in SIP responses.
    This is an example of a response to SUBSCRIBE request:

    Code Snippet

    Start-Line: SIP/2.0 200 OK

    From: <sip:xxx@federated.domain>;tag=yxa-7dllo22dj
    To: <sip:yyy@my.domain>;tag=2649E247
    Call-ID: yxa-323706755@federated.domain
    ms-asserted-verification-level: ms-source-verified-user=verified
    Contact: <sip:pool1.local.domain:5061;transport=tls>

    But pool1.local.domain is not visible from external network (e.g. Internet) - this is an internal address of the Front End server. This means any mid-dialog requests will fail due to target inaccessibility (according to RFC3261). Is it a normal situation for MS OCS or, if not, where I can look to fix the configuration?
    Wednesday, November 12, 2008 6:03 AM
  • You are seeying the presence of your federated contacts?

    And you are able to do peer to peer IM?


    Wednesday, November 12, 2008 10:30 PM
  •  Deli Pro-Exchange wrote:

    You are seeying the presence of your federated contacts?

    And you are able to do peer to peer IM?


    Yes. There is only a bug with reSUBSCRIBE requests due to Contact's address inaccessibility.
    Do you know OCS internals? Do you know why Front End server places a local address into the Contact? From what configuration value does it take this address? Also it seems like Edge server doesn't replace the Contact header with a correct external address.

    By the way, in a p2p IM the Contact address is ok (e.g. there is AOR of the user such as "user@my.domain;gruu;epid=blah").
    Thursday, November 13, 2008 6:16 AM