R2 Client & Autodiscover RRS feed

  • Question

  • Having some AutoConfig issues.

    I have the SRV records fine, it resolves via nslookup perfectly.

    Our sipdomain is not in our internal DNS, it's external.  So we created a zone in the internal DNS "_tcp.domain.com"

    I only have _sipinternaltls SRV record in DNS.  It all resolves fine.  The client seems to ignore it though. Using manual configuration all works fine.

    Any ideas?


    03/05/2009|15:55:44.296 1358:D04 INFO  :: CUccServerEndpoint::Initialize - This endpoint is  sharing presentity data.
    03/05/2009|15:55:44.296 1358:D04 INFO  :: domainName:domain.com: serviceName:sipinternaltls: transportName:tcp:
    03/05/2009|15:55:44.296 1358:D04 INFO  :: domainName:domain.com: serviceName:sip: transportName:tls:
    03/05/2009|15:55:44.296 1358:D04 INFO  :: domainName:domain.com: serviceName:sipinternal: transportName:tcp:
    03/05/2009|15:55:44.296 1358:A60 INFO  :: QueryDNSSrv - DNS Name[_sipinternaltls._tcp.domain.com]
    03/05/2009|15:55:44.296 1358:D04 INFO  :: domainName:domain.com: serviceName:sip: transportName:tcp:
    03/05/2009|15:55:44.531 1358:A60 INFO  :: QueryDNSSrv - DNS Name[_sip._tls.domain.com]
    03/05/2009|15:55:44.531 1358:D04 INFO  :: CUccDnsQuery::UpdateLookup - error code=0, index=0
    03/05/2009|15:55:44.531 1358:D04 INFO  :: CUccDnsQuery::CompleteLookup - index=0
    03/05/2009|15:55:44.609 1358:A60 INFO  :: QueryDNSSrv - DNS Name[_sipinternal._tcp.domain.com]
    03/05/2009|15:55:44.609 1358:D04 INFO  :: CUccDnsQuery::UpdateLookup - error code=0, index=1
    03/05/2009|15:55:44.609 1358:D04 INFO  :: CUccDnsQuery::CompleteLookup - index=1
    03/05/2009|15:55:44.609 1358:D04 INFO  :: Outgoing 01A92C60-<sip:first.last@domain.com>, local=(null)
    03/05/2009|15:55:44.750 1358:A60 ERROR :: QueryDNSSrv GetDnsResults query: _sipinternal._tcp.domain.com failed a
    03/05/2009|15:55:44.750 1358:A60 ERROR :: DNS_RESOLUTION_WORKITEM::ProcessWorkItem ResolveHostName failed 8007232b
    03/05/2009|15:55:44.812 1358:D04 TRACE :: SIP_MSG_PROCESSOR::OnDnsResolutionComplete[01A92C60] Entered host sip.domain.com
    03/05/2009|15:55:44.812 1358:D04 INFO  :: CSIPCompressor::Initialize - Compression setting 2, threshold 128000, timeout 5000
    03/05/2009|15:55:44.812 1358:D04 INFO  :: ASYNC_SOCKET::SetHttpProxyAddr HttpProxyAddr []
    03/05/2009|15:55:44.812 1358:D04 INFO  :: ASYNC_SOCKET::Connect - Tunneling [no] - DestAddr [123.456.789.123:443] - Host

    [sip.domain.com:443] - RemotePrincipalName - [sip.domain.com], this 01A5FC60

    Thursday, March 5, 2009 10:26 PM

All replies

  • You will need a full split-brain DNS configuration where your domain has an internal and external version.  Assuming you are domain.com, you need an internal record for your pool such as pool.domain.com (your certificate must have this name also).  Then, in the domain.com DNS zone you will also create the _sipinternaltls._tcp record which points to pool.domain.com.

    For autodiscover to work the domain names along the way must match the SIP domain name.
    Mike Stacy | Evangelyze Communications | http://www.evangelyze.net/cs/blogs/mike
    Friday, March 6, 2009 5:06 PM
  • I have seen that before.  The AD guru's here will not put a domain.com zone in the Internal DNS structure.  They say it will create too many problems for all the existing applications.

    So, are you saying we are stuck with using the Manual Configuration because of this?

    Friday, March 6, 2009 9:05 PM
  • If you cannot deploy an internal zone for name lookup then the only other viable option outside of using Manual Configuration would be to use the external DNS zones, but this only really works if you don't have an Edge server.  IF you clients will only connect internally then yo can use the sipinternaltls SRV record to reference the internal IP address of your Front-End (or Director) server(s).  Obviously the connection would only work when clients are connected internally.  But if you use external access then this configuration would prevent external clients from connecting as even if you use multiple A records (multiple SRV records are not supported) the OC client will stop at the first resolution and attempt to connect to the server.  If the connection fails (as in resolving an internal server externally) the client login will halt, it does not go back to the next name lookup and try again.

    This is why split DNS is required for Automatic Lookup.  And I'd hesitate to reference your AD staff as "gurus" if they are apposed to setting up a correct DNS configuration.  Split-DNS works fine if it is configured and maintained correctly.
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Monday, March 9, 2009 3:35 PM