locked
OCS 2007 Validation/Login error RRS feed

  • Question

  • I have just installed a OCS 2007 standard server and all seemed to go well. However when running the Validate Front End Server Configuration I get the following error.

     

    Failure
    [0xC3FC200D] One or more errors were detected

     

    Attempting to login user using NTLM

     

    Maximum hops: 2
    Successfully established security association with the server: User username Domain domainname Protocol NTLM Target FQDN of OCS server
    Failed to register user: User sip:username@sipdomain @ Server sip.sipdomain
    Failed registration response: [
    SIP/2.0 504 Server time-out
    FROM: <sip:username@sipdomain>;epid=epid01;tag=2881db5085
    TO: <sip:username@sipdomain>;tag=E1DA87E686F7962AF3652EE531F27958
    CSEQ: 5 REGISTER
    CALL-ID: a67bc447d1d742e58984f2a548028602
    VIA: SIP/2.0/TLS 10.10.1.19:2276;branch=z9hG4bK5d55e16;ms-received-port=2276;ms-received-cid=300
    CONTENT-LENGTH: 0
    AUTHENTICATION-INFO: NTLM rspauth="01000000000000004886DFA5236AAFA8", srand="C2A54A3C", snum="1", opaque="0E64D988", qop="auth", targetname="FQDNl", realm="SIP Communications Service"
    ms-diagnostics: 1022;reason="Cannot process routing destination";source="FQDN";Destination="sip:sipdomain:5061;maddr=sipdomain;transport=Tls"

     

     

    Also when trying to signin using the Office Communicator it comes up with the error

     

    "Cannot sign in because the server is temporarily unavailable. If the problem persists, contact your system administrator"

     

    When checking the error logs the are no errors.

     

    Please can you help.

     

    Thanks

    Monday, April 28, 2008 2:56 PM

All replies

  •  

    Have you validated that you have the access edge associated with the OCS pool for next hop in both directions. And how are the certificates configured. Have you done a sip stack trace from the ocs server and the access edge. If so can you provide those.
    Monday, April 28, 2008 3:58 PM
  • Thanks for your response Mitch.

     

    I haven't got a Edge server setup. At present this is for internal use only.

     

    The Certificate is setup with

    Subject - FQDN of the OCS server

    SAN - FQDN of the OCS server, SIP domain name.

    This was setup through the OCS deployment wizard, assigned to the server and then added within IIS to the default web site properties.

     

    Thanks

    Monday, April 28, 2008 4:20 PM
  • As a reference for anyone with the same problem I think that I have found the problem.

     

    Using wireshark I found that when trying to login with communicator there was no network traffic generated so then started to look at the client as suppose to the server.


    Previously we had LCS 2005 installed. I have found that a group policy with OCS settings set, was applied to the domain. Although I have changed this so that the address pointe dto the new server, it still didn't work. Since I hva disabled it an di have successfully managed to login.  I'm going to try and find out what setting was causing this and I will then update.

     

    One thing that I have noticed is that I am still getting the error when running the validation wizard. This still fails when attempting to login user using NTLM.

     

    Tuesday, April 29, 2008 1:56 PM