locked
Cannot sign in to Communicator RRS feed

  • Question

  • First off, thank you for all of the answers on this forum.  You have collectively answered over a dozen questions during my setup of OCS 2007.

     

    I have OCS setup on a Windows 2003 R2 server. 

    When I run the validation wizard it fails on Kerberos with the following

    Maximum hops: 2
    Failed to establish security association with the server: User first.last Domain mydomain.local Protocol Kerberos Server sip/myserver.mydomain.local Target Invalidated
    Suggested Resolution: Check whether the typed password and sign-in name are correct. Check whether the user is present in the AD and enabled for SIP. Check whether the target server is part of the Windows AD domain in which this user account is present. If this is a Kerberos failure check whether the client machine has access to the KDC. In some cases, Kerberos SA negotiation failures may be expected and hence can this error can be ignored.
    Failed to register user: User sip:first.last@mydomain.local @ Server CommPool01.mydomain.local
    Failed to send SIP request: NegotiateSecurityAssociation failed, error: -2146893053
    Suggested Resolution: Make sure that the server is listening on the specified IP address/Port/Transport. If you have a firewall make sure that this port is open. Make sure that the server is running. If this is an Edge Server, ensure that remote user access has been enabled. This can be ignored if you have not enabled the transport on the target server.

     

    When I try to login through the client I get the following message:

    Cannot sign in to Communicator.  You may have entered your sign-in address, user name, or password incorrectly, or the authentication service may be incompatible with the version of the program.  If your sign-in information is correct and the problem persists, please contact your system administrator.


    The Event Log has the following:

    Event Type: Information
    Event Source: Communicator
    Event Category: None
    Event ID: 8
    Date:  8/16/2007
    Time:  5:59:05 PM
    User:  N/A
    Computer: mycomputer

    Description:
    Communicator was unable to authenticate to the server sip/myserver.mydomain.local due to following error: 0x8009030c.
     
     Resolution:
     Please check that the password is correct and that the user name and SIP URI are specified correctly.  If the login continues to fail, the network administrator should verify that the user account is not disabled, that it is enabled for login to the service and that the password for the account hasn't expired or been reset.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

     

    I have tried the client on multiple PCs with multiple logins.  I have checked and rechecked my DNS entries.  Any ideas about what I am missing?

    Thursday, August 16, 2007 10:19 PM

Answers

  • Hi,

    it looks like are you using your smtp address (first.last@mydomain.local) to log in. That's fine as long as you are sure that the sip URI (user properties in AD) matches that smtp address. IF they don't match, change the SIP URI for the user to make sure it matches.

     

    Regards,

    Matt

     

     

    Thursday, August 30, 2007 6:44 PM

All replies

  • Hi,

    it looks like are you using your smtp address (first.last@mydomain.local) to log in. That's fine as long as you are sure that the sip URI (user properties in AD) matches that smtp address. IF they don't match, change the SIP URI for the user to make sure it matches.

     

    Regards,

    Matt

     

     

    Thursday, August 30, 2007 6:44 PM
  • I didn't realize the forums were back up and running or I would have updated this issue. 

     

    I wasn't using my smtp address, I got a different error when I tried that. 

     

    I double checked and rechecked that the sip URI's matched. 

     

    I was able to successfully log in by changing the Authentication method to NTLM only.  Once I got logged in I could not get the address book to download.  Also while other users could log in none could send messages to each other.

     

    The forums were down and I could not find answers to either question.  I uninstalled the whole thing out of frustration.  It was not the straight forward solution that I was hoping for.  I may try it again this weekend but I may wait for another release or the final release.

     

    Thanks for your help

    Thursday, August 30, 2007 7:13 PM
  • Did you change to NTLM only on the server?

    I have the same issue om my clients randomly. One day it works, the next not, unless you reboot your client.

    Regards

    Peter
    Wednesday, September 2, 2009 7:25 AM