Asked by:
Please help! Problems configuring OCS server 2007 (Front-end server Standard Ed)Cannot sign in because the server is unavailable

Question
-
Hi everyone! This is my first attempt to install and configure OCS 2007 and I'm having all sorts of problems. I used to use LCS 2005 on a completely different network and had no problems setting it up initially. I'm installing Standard Edition Front-end server. My intention is to use it for internal networks only with no phone, or video conferencing for now.
I ran the same steps here: http://www.ocspedia.com/FE/OCS_Install.htm
> Run AD prep
> Run Deploy OCS Server (no error)
Internal Web farm FQDN: server.imsecure.com
External FQDN: blank
> Run Configure Server (no error)
Pool name: server.imsecure.com
Global SIP domains: imsecure.com
Clients manually configured for log on
No external users access
> Configured certificate using Internal Cert Authority on IIS (no error)
> Started the OCS server
Other details:
Using MTLS protocol
Configured users on Active Directory for OCS communications
Office Communicator configuration:
* manual configuration: Internal Server: Tried IP address and server.imsecure.com:5061 (port used by MTLS)
* Connect using:TLS
Everything seems to be okay but when I tried validating the Front-End server, it gave me errors that I didn't think have anything to do with me not connecting to the OCS server, or I may be wrong. The errors I got when validating Local Server Configuration:
Federation: disabled
One or more phone usages are not assigned to any route or VoIP policy
Error when connecting using Communicator: Cannot sign in because the server is temporarily unavailable.
Please help. Thanks everyone!
Friday, August 29, 2008 2:08 AM
All replies
-
I think this is the problem. When I tried running Validation SIP Logon (1 Party) and IM (2-Party), I got:
Maximum hops: 2
Received a failure SIP response: User sip:iamuser1@iamsecure.com @ Server imuser.iamsecure.com
Received a failure SIP response: [
SIP/2.0 500 Internal Server Error
FROM: "iamuser1"<sip:iamuser1@iamsecure.com>;tag=4f76d86acf20273e70e0;epid=epid01
TO: <sip:iamuser1@iamsecure.com>;epid=epid01
CSEQ: 15 INVITE
CALL-ID: da059b445121415d8393cdf4fb2ace2e
VIA: SIP/2.0/TLS 10.10.1.84:2674;branch=z9hG4bK7aa0f679;ms-received-port=2674;ms-received-cid=100
CONTENT-LENGTH: 0
AUTHENTICATION-INFO: NTLM rspauth="0100000000000000468930F212099188", srand="AE28D8DB", snum="13", opaque="238440CD", qop="auth", targetname="imuser.iamsecure.com", realm="SIP Communications Service"
ms-diagnostics: 1011;reason="Ms-Diagnostics header not provided by previous hop";source="imuser.iamsecure.comPeerServer=""
]
Suggested Resolution: Use the maximum hop count to determine the server that generated this error. For example, if the maximum hop value is 2, then it is likely that this error was generated by a server that is 1 (immediate target) or 2 hops away. Check whether the target user is a valid user and that the target user domain is trusted by the source user's pool. Check the connectivity between the source and target pools.
What does this mean??
Friday, August 29, 2008 2:39 AM -
Outside of the Validation Checks, what issues are you experiencing? Client Connection Issues? If so, how are they configured "manually" with the IP or FQDN of the FE If you are using TLS you will not be able to use the IP. How is your Certification configured on the FE? (SubjectName, Subject Alternative Name)?
Rick Skalitzky
Friday, August 29, 2008 5:53 AM -
Hi Rick, thanks for replying.
My main problem was none of my user accounts were able to login to Office Communicator. It said something like the server was temporarily unavailable. Now after I reinstalled the whole setup, I got one of the users authenticated to NTLM and Kerberos (based from the validation error when I run Validation for SIP logon (1-party) and IM (2-party)) and I'm now able to log in to the Communicator. The only new thing I did was I created a DNS SRV record. I did not think of doing this because I was choosing to configure the users manually. My bad.
Thanks very much!!
Friday, August 29, 2008 6:52 AM -
You should be able to connect Communicator to the server manually just as you tried. Do you get any error messages in the event logs that would provide more insight into this?Friday, August 29, 2008 2:52 PM