White board error when sharing session in live meeting: "Content failed to download due to a problem with the conference center

All replies

• 

  

  0

  Sign in to vote

  You need to make sure that your IIS is configured to use HTTPS that is not configured by default

  So you must tell IIS to use the same certificate as the OCS server

   

  Deli

   

  Friday, November 9, 2007 12:09 AM
• 

  

  0

  Sign in to vote

  Deli Pro-Exchange wrote:

  You need to make sure that your IIS is configured to use HTTPS that is not configured by default So you must tell IIS to use the same certificate as the OCS server   Deli

   

   

  I've configured our OCS server via the snapin.. under the server name properties.. in this case.. ServerA.domain.local.. certifcate shown says "ServerDC".. I've even re-ran the certificate importer and chose the ServerA.domain.local certificate (issued by ServerDC).. it then appears as "name:  ServerDC".. is this normal or should it really say ServerA.domain.local...

   

  I went into IIS, default web site and verified the certificate was the same one.. and it is...

   

  Does this configuration sound amiss?:  would this be why the white board feature doesnt work (everything else does)?

   

  I should add that ServerDC is the DC (not an enterprise CA) that authorized the ssl certificate.. i do have an Enterprise CA.. i also tried using the ssl cert authorized by that one.. on both the OCS console and default web site.. with the same white board error..  (for the name.. in the OCS info.. the cert has.. name:  Backup01 (the name of the ENT CA) when i try this certificate).

   

  I also dont think i configured the cert properly the first time.. for the second time around, going through the ENT CA.. i chose "ServerA" for the friendly name.. then for the subject name put ServerA.domain.local.. i didnt put anything for SAN.. should this entry be sip.domain.local?

  *As of yet we dont have an edge server.. its just one internal OCS server behind a firewall..

   

  I also should mention that all our clients, behind the firewall are configured to use TCP for the protocol, not TLS..

   

  I dont know if this matters as well.. but our sign in address is user@domain.com , while our actual domain is .. domain.local

   

  Thanks

  Friday, November 9, 2007 2:40 AM
• 

  

  0

  Sign in to vote

  If you check the certificate it needs to be serverA.domain.local and it needs to be the FQDN

  Issued by should be your internal CA

  Issued to must be the servers FQDN

   

  You can have SANs like sip.domain.local but not required

   

  You should verify that clients can use TLS otherwise you work arround certificate problems

   

  Deli

  Friday, November 9, 2007 4:07 PM
• 

  

  0

  Sign in to vote

  Deli Pro-Exchange wrote:

  If you check the certificate it needs to be serverA.domain.local and it needs to be the FQDN Issued by should be your internal CA Issued to must be the servers FQDN   You can have SANs like sip.domain.local but not required   You should verify that clients can use TLS otherwise you work arround certificate problems   Deli

   

  What should i be putting for the SAN name if i dont use sip.domain.local (we dont have this one as a dns entry)?

   

  Would this be the external name wan1.domain.com?

   

  I tried using TLS internally.. this works fine.. tried two machines with TLS .. white board still gave the error..

   

   

  Friday, November 9, 2007 4:28 PM
• 

  

  0

  Sign in to vote

  You don't really need a SAN

  Just take sip.domain.local or just leave it blank

  don't use an external name

   

  You should verify the URL for web conferencing content and try to load it in Internet Explorer

   

  Deli

   

  Friday, November 9, 2007 4:56 PM
• 

  

  0

  Sign in to vote

   

  I redid things.. just using server.domain.local for the SAN this time.. same thing, even with TLS..

   

  What url would i use as a test?  I do know that all other features of live meeting work fine..

   

   

  Friday, November 9, 2007 5:03 PM
• 

  

  0

  Sign in to vote

  Check the settings on your pool : Meeting settings

  should be something similar to : https://server.domain.com/etc/place/null

   

  Copy and past into IE and verify if the certificate comes back fine

  Maybe authentication settings on the website are not correct

   

  Deli

   

  Friday, November 9, 2007 5:13 PM
• 

  

  0

  Sign in to vote

  Deli Pro-Exchange wrote:

  Check the settings on your pool : Meeting settings should be something similar to : https://server.domain.com/etc/place/null   Copy and past into IE and verify if the certificate comes back fine Maybe authentication settings on the website are not correct   Deli

   

  I'm not sure where you meant to check for settings on the pool? Or which settings to check.. under server global props.. i do have meetings set to allow users to invite anonymous and default policy is set and enabled.

   

  I tried https://serverA.domain.local/etc/place/null

   

  It gave me HTTP Error 403.2 - Forbidden: Read access is denied.    on the page cannot be displayed page.. I looked in IIS, i see this folder

   

  It appears to have "read" access in IIS anyway...

   

  Friday, November 9, 2007 5:37 PM
• 

  

  0

  Sign in to vote

  Go to your pool and view the status on the right and then  Meeting Settings should give your the url

   

  Anonymous meetings does not have anything to do with this problem

   

  Did you receive a certificate warning?

  Check if URL is correct => Meeting settings

   

  Deli

   

  Friday, November 9, 2007 5:42 PM
• 

  

  0

  Sign in to vote

  Deli Pro-Exchange wrote:

  Go to your pool and view the status on the right and then  Meeting Settings should give your the url   Anonymous meetings does not have anything to do with this problem   Did you receive a certificate warning? Check if URL is correct => Meeting settings   Deli

   

   

  I found the settings area.. thanks.. I tried the url..  again.. this time i get http 403 forbidden..

   

  I checked, the directory is set to integrated and anonymous for security in IIS..

   

  Its referencing this location as well:

  C:\Program Files (x86)\Microsoft Office Communications Server 2007\Web Components\Data MCU Web\Web

   

  I'm wondering if maybe a security setting is amiss in there?

   

  (This is being run on x64 2003)..

   

  Btw.. this page does come up just fine:  https://serverA.domain.local/Etc/Place/Null/SlideFiles/Blank.png

  Friday, November 9, 2007 6:39 PM
• 

  

  0

  Sign in to vote

  It is normal that you receive the 403 error because there is nothing there

   

  The check was to see if you receive a certificate warning

  So I guess you had no certificate issues?

   

  Can you now try the conferencing again?

   

  Deli

   

  Friday, November 9, 2007 7:14 PM
• 

  

  0

  Sign in to vote

  Deli Pro-Exchange wrote:

  It is normal that you receive the 403 error because there is nothing there   The check was to see if you receive a certificate warning So I guess you had no certificate issues?   Can you now try the conferencing again?   Deli

   

  Nope.. no certificate issues..

   

  I retried again.. same error.. I also get this same error when doing screen shot sharing and upload file sharing.

   

  **I should mention, probably not related, but on bootup.. the Web conferencing service gives me an error in the eventviewer related to it "hanging".. though it does eventually kick in, but takes about 12 minutes on a reboot.

   

   

  Friday, November 9, 2007 7:25 PM
• 

  

  0

  Sign in to vote

  This must be related to the : Internal URL for meeting content download

  Because all the things that you mention need the download URL

   

  Deli

   

  Friday, November 9, 2007 7:41 PM
• 

  

  0

  Sign in to vote

  Deli Pro-Exchange wrote:

  This must be related to the : Internal URL for meeting content download Because all the things that you mention need the download URL   Deli

   

  You mean this one:  https://serverA.domain.local/etc/place/null  ?

   

  The page doesnt give a certificate error though..

   

  What else should i be looking for..

   

   

  Cheers

  Friday, November 9, 2007 7:45 PM
• 

  

  0

  Sign in to vote

  Deli Pro-Exchange wrote:

  This must be related to the : Internal URL for meeting content download Because all the things that you mention need the download URL   Deli

   

  Any ideas on what else to try to check for to get this working?

   

  Cheers

  Monday, November 12, 2007 4:56 PM
• 

  

  0

  Sign in to vote

  Not sure if you figured this out.  I had the same problem with whiteboarding and trying to view a presentation after upload as a remote user only.  This problem for me was using a company provided laptop which has proxy server settings.  When the client was redirected to download the addess book, expand DL's use whiteboard, and view presentations.  I setup the machine to bypass the proxy for my known addresses that when through ISA.

   

  Monday, December 17, 2007 4:47 PM
• 

  

  0

  Sign in to vote

  In Internet Explorer, go to Tools, Internet Options, Advanced, Use TLS 1.0

   

  Make sure that puppy is checked!!!!

  • Proposed as answer by Miatke Tuesday, March 31, 2009 1:36 AM

  Wednesday, December 19, 2007 10:23 PM
• 

  

  0

  Sign in to vote

  I had the same issue, except only when trying to share a "ScreenShot".
  
  I checked all the obvious things:
  
  - Proxy server exception
  - IIS logs (I got 403 errors when trying to go to the site directly...)
  - Traces - I saw traffice going to and from the server just fine.
  
  What was interesting was that the RTCGuestAccessUser was the account being used for anonymous access to the Etc/Place/Null/FILETREE access.
  
  Reset the password, and the problem went away. 
  
  Hope this helps someone.
  
  Cheers.
  
  - Steve

  Tuesday, December 16, 2008 7:20 PM