OCS Client Access from workstations that are in a workgroup or not part of any domains that OCS is deployed to handle RRS feed

  • Question

  • Is configuring access from client machines that are NOT joined to any domains that OCS is deployed in supported?  For example, in a hosted solution where client computers would not have access to join a domain and were in a workgroup.  Is this a supported configuration assuming that all DNS and Certificate info is correctly configured on client machines?

    Friday, January 25, 2008 3:09 AM

All replies

  • This will work, but a couple of important notes:

    • Users will be prompted for the UserId/Password when they launch Communicator.
    • All SSL certificates need to be issued by a CA that is trusted by the client machines.  This isn't a problem if you are purchasing certs from a third party, but will be a headache if you are self-issuing certs as you will need to import the CA on each machine.
    • You will need all DNS (A and SRV records) entries configured in a DNS server that the clients are pointed to.

    Hope this helps.



    Friday, January 25, 2008 5:07 AM
  • Thanks - Basic IM and Presence works fine however, voice does not.  PC to PC calls don't work and PC to PSTN calls are not working.  I can initiate a call from a machine that is part of the domain to the one that isn't but cannot answer it on the workgroup client.  Certs and DNS are fine as I can log on using Auto Configuration. 


    Any other thoughts? 


    Friday, January 25, 2008 3:47 PM
  • Hi Jon, can you explain further in details how to resolve this issue. I have the same issue but with a Vista machine that is part of a workgroup in other words not on the same domain of the OCS 2007? Also, we are NOT using third party certification service - thanks

    Wednesday, July 2, 2008 5:09 PM
  • Hello Dino,

    does point to point connection work between these two pc to pc calling clients? If there is firewall between then it might be very difficult to get working because pc to pc call is basically point to point call.

    For the pc to pstn calls, do you have QoE server installed and also resource kit snooper is good tool for trackin problems.


    Best regards,



    Wednesday, July 2, 2008 7:38 PM
  • If you are not using 3rd party certs then you must take the internal certificate chain and trust in on all client machines that will connect to this environment.  If the client doesn't trust the cert it will not log on if you enforce SSL.



    Wednesday, July 2, 2008 7:42 PM
  • HI Dino,
               I have a Single domain and Multiple wokgroups. How can i configure the OCS, with out creating workgroup Users in Domain. Can i Configure any LDAP for this. If it is possible how can i configure
    Thursday, February 26, 2009 5:36 AM