locked
Communicator was unable to locate the login server RRS feed

  • Question

  •  

    ·         Normal OCS 2007 R2 implementation , Internal domain is hqlab.local and the public name is taqalab.ae

    ·         created Internal DNS zones for both domains and the SRV records matching those domains

    ·         Created SAN certificate on the OCS to support all domains 

    Created a trusted SIP domain inside the OCS server  including the Internal domain is hqlab.local and the public name is taqalab.ae

     

    I try to login to the communicator and I failed , even log shows the below

    Communicator was unable to locate the login server.  The DNS SRV record that exist for domain taqalab.ae point to an invalid server taqalab-ocsfe.taqalab.ae which is not trusted to provide support for the domain because the server's domain is not an exact match.

     

     

    I thought it was something with the certificate but when I manually specified the FQDN of the OCS into the communicator it works fine , so it is not certificate.

    i have deployed OCS Zillion times :D but I never saw this error before however even the domain name and the FQDN are matching then why not trusted

    Thursday, February 19, 2009 11:06 PM

All replies

  • You will have to look into this setting in Group Policy "EnableStrictDNSNaming". Below is the info from the docs for it. 


    Allows Communicator to automatically detect and securely communicate with SIP servers that have non-standard fully qualified domain names (FQDNs).

    NOTE   This policy setting only takes effect if  Communicator uses Domain Name Server (DNS) lookup to query a list of SIP servers, and only if Communicator communicates with the SIP server using the Transport Layer Security (TLS) protocol. In this case, the set of supported server FQDNs depends on the SIP Uniform Resource Identifier (URI) of the user who starts Communicator.

    You can configure this policy under both HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER, but the policy setting under HKEY_LOCAL_MACHINE takes precedence.

    0 = Communicator can communicate using TLS transport with any SIP server that has an FQDN that ends with the domain portion of the user’s SIP URI (default).
    1 = Communicator can communicate with a SIP server using TLS transport only if the server’s FQDN is an exact match with the domain in the domain portion of the user’s SIP URI, or the FQDN is sip. followed by the domain portion of the user’s SIP URI, for example, sip.contoso.com.


    Mark

    • Proposed as answer by Mark Hanczaruk Friday, February 20, 2009 12:47 AM
    Friday, February 20, 2009 12:46 AM