Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


OCS2007 clients recieve Cannot Synchronize Address Book

Posted on 2008-10-12
Medium Priority
Last Modified: 2013-12-08
As with most of Microsofts new products they are an absolute disaster! If anyone over there could write some code that would work!!
 Rather than rant here is the issue with OCS 2007, I have a random set of clients that continuously get prompted to authenticate to download the address book.  If you ignore the error you get Cannot Synchronize Address Book.  I have followed all the Articles on resetting passwords and verify directory security, https, certificates and the list goes on and on( ) yes been here done that!
What I have found is certain machines when I type https://servername.domain.lcl  get prompted to authenticate, as if Integrated Windows Authentication is not working. Ironically other machines have no issue with IIS configured to use Integrated Windows Authentication.  It is appearing to be a machine issue and not a server issue, go to the server console, no issue.  Go to some client machines, again no issue while others can't authenticate to the site at all (type any user you want in the prompted authentication including domain admins denied access). No matter what user you use at some of the client machines you end up with HTTP Error 401.2 - unauthorized access.
I am at a complete loss, turn off Integrated Windows Authentication and working clients stop working and the failing clients start working, turn it on and the other half work. I unfortunately inherited this server and its configuration and feel like I am chasing my tail at this point.  Any ideas?

Side note - on a hunch I did check, the machines that have no issues are IE6 machines.  It appears all clients with issues are IE7.  What a shock another microsoft product that doesn't work with itself.  Am I missing something on the security side of IE 7?   Additional notes in research - it appears that the IE 7 clients are not passing the user name and password for automatic logon to trusted or local intranet sites.  This might be the issue if anyone can help!!
Question by:acasgar
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 12

Expert Comment

ID: 22699765
Rather than try to explain the 13 or more things to check/correct the fix I prefer is
Deactivate Web Components Server role in the MMC
Remove OCS 2007 Web Components piece from Add/Remove programs
Uninstall IIS
delete c:\inetpub
Reinstall IIS
Steps following are for Standard Edition since you didn't specify which edition is installed.
Run OCS 2007 Setup wizard.  Choose Deploy Standard Edition Server.  Next page Step 2 Deploy Server should show as partial.  Click Run to let the setup reinstalled Web Components.
Reassign Web Components Server Certificate in IIS
Start services

Author Comment

ID: 22699800
LMAO....sorry its sad but you might be right...I was hoping not to be so drastic with the server.  I only laugh because I just deployed a Windows 2008 Server and Exchange 2007 server for our know Linux is looking better by the hour!  Man if they could have broken all the things that work the would have...oh they it remotely possible that it has something to do with the client and not IIS.  The only things that have changed on that server that could have broken it is it was patched, it hadn't been patched since May....we brought it up to know plugged the security holes and oh yeah broke about 10 other Communicator single sign in.

Let me know if you think there is anything on the client side I can check.

Accepted Solution

acasgar earned 0 total points
ID: 22699882
Just read and interesting post, it worked!!  I enabled anonymous access to the ABS directory in no more prompts.  So now how do I fix it the right way not the "work around"

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Several part series to implement Internet Explorer 11 Enterprise Mode
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question