hey, I have LCS 2005 running on one server in my local network with no issues. There is no federation involved, it is just a single server setup for internal IM.
I recently installed OCS 2007 on another local server. The installation seemed to go pretty clean. I followed the installation instructions as close as I could. I am not enabling any other services on this box besides internal IM, at this point...
When I run my validation test on Front End Server, I receive the following.
Failure
[0xC3FC200D] One or more errors were detected
Maximum hops: 2
Failed to establish security association with the server: User itsupport Domain mlsnet.com Protocol Kerberos Server sip/websrv1.techt.com Target Invalidated
Suggested Resolution: Check whether the typed password and sign-in name are correct. Check whether the user is present in the AD and enabled for SIP. Check whether the target server is part of the Windows AD domain in which this user account is present. If this is a Kerberos failure check whether the client machine has access to the KDC. In some cases, Kerberos SA negotiation failures may be expected and hence can this error can be ignored.
Failed to register user: User sip:itsupport@tech.com @ Server websrv1.mlsnet.com
Failed to send SIP request: NegotiateSecurityAssociation failed, error: -2146893044
Suggested Resolution: Make sure that the server is listening on the specified IP address/Port/Transport. If you have a firewall make sure that this port is open. Make sure that the server is running. If this is an Edge Server, ensure that remote user access has been enabled. This can be ignored if you have not enabled the transport on the target server.
Attempting to login user using NTLM Maximum hops: 2
Failed to establish security association with the server: User itsupport Domain tech.com Protocol NTLM Server wevsrv1.tech.com Target Invalidated
Authentication protocol is not enabled: Ntlm
Suggested Resolution: Check whether the typed password and sign-in name are correct. Check whether the user is present in the AD and enabled for SIP. Check whether the target server is part of the Windows AD domain in which this user account is present. If this is a Kerberos failure check whether the client machine has access to the KDC. In some cases, Kerberos SA negotiation failures may be expected and hence can this error can be ignored.
Failure
[0xC3FC200D] One or more errors were detected
Check two-party IM Check two-party IM: Skipped due to user registration failure
Failure
[0xC3FC200D] One or more errors were detected
There is really not that much being logged in the event viewer to help me further troubleshoot the issue.
Does anyone have suggestions?
Thanks,
BF
