locked
Communicator 2007 Web Access error -- (Error code: 0-0-18102-0-0) RRS feed

  • Question

  • Howdy guys

     

    Have deployed OCS 2007 in our small domain (less than 150 users).

     

    Using the Communicator 2007 client internally it works perfectly, voip functionality is excellent, managers very happy.

     

    I then decided to deploy web access for the sales guys who work remotely -- this is where I have encountered problems.

     

    OCS 2007 Std Edition is installed on a single server (we don't have the money to buy another server for OCS purposes) so web access is also on the same server. The install of web access went ok, we purchased a cert from a public CA, and published CWA through ISA 2000, all appeared to go ok.

     

    However, I have the following issues.

     

    1) If anyone uses CWA internally, it works perfectly

     

    2) If anyone uses CWA remotely, there are a variety of issues. 

     

    If I enter https://cwa.domain.co.uk into a browser I am presented with a standard windows logon box. I must enter my domain credentials in the domain\username format in order to continue. I am then presented with the CWA logon page. This is where it goes a bit awry. If I enter my credentials, the web access client will attempt to load but fails repeatedly with the following error:

     

    A problem occurred and the session was ended. Please sign in again. If the problem persists, contact your system administrator.(Error code: 0-0-18102-0-0)

     

    However, if I leave it, after a minute or two it appears to successfully log me in, and I see the presence status of other users. Again however, if I send an IM to someone who's presence appears as 'Available' I frequently get an error saying the person is either offline or away, even when I can see that their presence is set to 'Available'.

     

    The most success I have had is sending a few words to an office based user user and receiving a single reply, then being unable to send or receive any more messages because the web client reports the office based user is offline or away when I can clearly see they are not.

     

    Having gone through the deployments and admin guides, it seems that in order for external communication to occur via the web client an Access Edge server must be deployed. But if that is the case how am I able to briefly exchange messages when working remotely using the web client?

     

    Is it simply the case that web access will not work correctly externally until I deploy an Access Edge server (we don't have the cash for another server) or have I misconfigured either OCS or ISA 2000?

     

    If anyone else has encountered this I'd love to know if you managed to resolve it. Will keep bashing away at it anyway and report if I find a solution.

     

    Cheers

     

    Adooron

    Friday, May 9, 2008 9:38 AM

Answers

  • OK, working perfectly now.

     

    Deployment guide instructs that in ISA a server publishing rule should be created using the SIP protocol - changed this to HTTPS, all works perfectly now.

    Wednesday, May 14, 2008 9:14 AM

All replies

  • I'd be curious how you managed to install the Front-End services and CWA on the same box actually. I was under the impression that scenario wasn't supported or possible.

    To answer one of your questions - no, you don't need an Access Edge server in place to use CWA externally.

    It sounds like you have some sort of authentication mismatch between the ISA and CWA services though. Have you followed the CWA lab deployment guide?

    Usually you would actually create 2 virtual servers for CWA (they can be on the same box using different ports). The internal clients will authenticate to one of the virtual servers and the ISA box will communicate with the other virtual server.

    I would hunt down a copy of the CWA documentation and follow along. It's pretty straightforward.
    Saturday, May 10, 2008 12:24 AM
  • I installed Standard Edition exactly as per the instructions in the deployment guide.

     

    I then installed the Communicator client on a number of client machines and it works beautifully.

     

    I then installed Web Access, again following the install instructions exactly.

     

    The computer certificate is from a CA in our domain, the web certificate is from Go-Daddy.

     

    I followed the ISA 2000 instructions on how to publish the web site.

     

    I have now spent a great deal of time on this and it is becoming quite frustrating.

     

    I am unclear on something: when I set up the virtual directory, I chose it to be External (internal users can use the Communicator client) however I am able to load CWA internally without any issues at all.

     

    But when I try to access it from an external pc the following happens:

     

    1) A standard Windows authentication box appears, and I must enter my domain credentials before it will load the web page.

    2) I then enter my credentials in the Communicator logon page, and the following message appears above the Security section: "Cannot sign in due to a problem with the network or server. Please try signing in later. If this problem persists, contact your system administrator."

    3) I click on Sign-on once again, and then the CWA client starts to load

    4) It fails to log me in however, with this error message: "A problem occurred and the session was ended. Please sign in again. If the problem persists, contact your system administrator. (Error Code: 0-0-18102-0-0)"

     

    I am running out of ideas to be honest.

     

    Is it an ISA 2000 mis-configuration?

     

    Is it an authentication issue?

     

    Do I need to install and edge server on another server (can't see how this would be the case, as once or twice I have been able to logon to CWA from an external location and briefly exchange messages with an internal user, then it stops working)?

     

    Thanks for responding.

     

     

     

     

     

     

     

     

     

     

     

     

     

    Monday, May 12, 2008 9:17 AM
  • Update:

     

    Looked into ISA configurations and noticed the CWA entry in the Incoming Web Requests tab was configured as follows:

     

    1) Enable SSL Listeners (switched on)

    2) Use a server certificate to authenticate to web clients (switched on, public cert configured)

    3) Integrated (switched on)

     

    Wondered about why Integrated was switched on, I hadn't manually done this so I'm assuming it's the default setting.

    '

    Changed 'Integrated' to Basic with this domain' and tested from remote computer.

     

    I am still presented with a standard Windows authentication box when I try to load the CWA page, however once the credentials are entered, then entered again in the actual page, CWA works successfully with no errors.

     

    The 'Integrated' setting seems to have caused the problems, as CWA is configured for external users who will not necessarily be authenticated to the domain.

     

    What I'm concerned about now is whether or not I should still be getting the standard Windows authentication dialog at all as opposed to the CWA page loading directly.

     

     

    Monday, May 12, 2008 12:55 PM
  • OK, working perfectly now.

     

    Deployment guide instructs that in ISA a server publishing rule should be created using the SIP protocol - changed this to HTTPS, all works perfectly now.

    Wednesday, May 14, 2008 9:14 AM