locked
Address Book and Non Domain computers

    Question

  • Standard Edition OCS R2 with Standard Edition OCS R2 Edge Server
    ISA Server 2006 SP1 Reverse Proxy
    Communicator 2007 R2

    I have a few computers that are not on our domain home users. These laptops keep getting the "Cannot synchronize with the corporate address book. Check your Proxy Server Settings...."  There is also an issue with the "Exchange Connection error" a few minutes after they type in the correct password.

    External Address book works fine no certificate problems, get prompted for my credentials but i didn't think that was a bad thing. Just for testing purposes i exposed the external abs to anonymous and got no prompt but i still could not download the address book.

    I then tested to see if a domain joined computer (laptop) will get prompted for the address book if he is remote. The laptop does not get the above errors.

    So my question is there a way to get these home users communicator client to think it is on the same domain? Reg hack maybe or is it hard coded in the client.
    Jay
    Thursday, May 07, 2009 9:59 PM

Answers

  • Not sure why i was thinking that the Workgroup name needed to be the same but you definitely need the same username and password. This problem has been plagueing me for months.

    So for anybody getting this problem make sure that the username and password is the same on home computers as it is for domain computers.

    Jay
    • Marked as answer by Jay Burkey Thursday, May 07, 2009 10:47 PM
    Thursday, May 07, 2009 10:47 PM

All replies

  • Are you using a public or private ceritifcate on the Address Book Reverse Proxy?  If you don't have a public third-party cert on it then that would explain non-domain computers being unable to download the files.


    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Thursday, May 07, 2009 10:04 PM
    Moderator
  • Thanks Jeff
    Its private but even if the home users have installed the root certificate?
    Jay
    • Edited by Jay Burkey Thursday, May 07, 2009 10:06 PM added the question
    Thursday, May 07, 2009 10:05 PM
  • That's were I was heading.  If you've already installed the certifciate chain and validated it then you probably have a different issue.
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Thursday, May 07, 2009 10:15 PM
    Moderator
  • It just doesn't make sense to me. like i said as long as the computers are joined to the domain even if they are external then they will be 100% fine. I wonder if it will work if the workgroup is the same as the domain name and the username and passwords are the same, it can't be looking at sid's can it?
    Jay
    Thursday, May 07, 2009 10:20 PM
  • Not sure why i was thinking that the Workgroup name needed to be the same but you definitely need the same username and password. This problem has been plagueing me for months.

    So for anybody getting this problem make sure that the username and password is the same on home computers as it is for domain computers.

    Jay
    • Marked as answer by Jay Burkey Thursday, May 07, 2009 10:47 PM
    Thursday, May 07, 2009 10:47 PM
  • Jay,

    I'm not sure I understand your resolution.  I can login remotely to my corporate OCS deployment from a client installed on my personal home computer, which has a completely different unsername and password for the logged-on user.  When connecting with Communicator, once the SIP sign-in name is entered the client will prompt for credentials if the logged-on user's cached credentials don't match the OCS-enabled domain accounts.

    If you aren't getting prompted for crednetials by Communicator then something is wrong.  If you are getting prompted, make sure you include the DOMAIN\Username format for the user account.
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Friday, May 08, 2009 12:39 PM
    Moderator