Solved

OCS2007 clients recieve Cannot Synchronize Address Book

Posted on 2008-10-12
3
749 Views
Last Modified: 2013-12-08
As with most of Microsofts new products they are an absolute disaster! If anyone over there could write some code that would work!!
 Rather than rant here is the issue with OCS 2007, I have a random set of clients that continuously get prompted to authenticate to download the address book.  If you ignore the error you get Cannot Synchronize Address Book.  I have followed all the Articles on resetting passwords and verify directory security, https, certificates and the list goes on and on(http://communicationsserverteam.com/archive/2007/12/17/52.aspx ) yes been here done that!
What I have found is certain machines when I type https://servername.domain.lcl  get prompted to authenticate, as if Integrated Windows Authentication is not working. Ironically other machines have no issue with IIS configured to use Integrated Windows Authentication.  It is appearing to be a machine issue and not a server issue, go to the server console, no issue.  Go to some client machines, again no issue while others can't authenticate to the site at all (type any user you want in the prompted authentication including domain admins denied access). No matter what user you use at some of the client machines you end up with HTTP Error 401.2 - unauthorized access.
I am at a complete loss, turn off Integrated Windows Authentication and working clients stop working and the failing clients start working, turn it on and the other half work. I unfortunately inherited this server and its configuration and feel like I am chasing my tail at this point.  Any ideas?

Side note - on a hunch I did check, the machines that have no issues are IE6 machines.  It appears all clients with issues are IE7.  What a shock another microsoft product that doesn't work with itself.  Am I missing something on the security side of IE 7?   Additional notes in research - it appears that the IE 7 clients are not passing the user name and password for automatic logon to trusted or local intranet sites.  This might be the issue if anyone can help!!
0
Comment
Question by:acasgar
  • 2
3 Comments
 
LVL 12

Expert Comment

by:gaanthony
ID: 22699765
Rather than try to explain the 13 or more things to check/correct the fix I prefer is
Deactivate Web Components Server role in the MMC
Remove OCS 2007 Web Components piece from Add/Remove programs
Uninstall IIS
delete c:\inetpub
Reinstall IIS
Steps following are for Standard Edition since you didn't specify which edition is installed.
Run OCS 2007 Setup wizard.  Choose Deploy Standard Edition Server.  Next page Step 2 Deploy Server should show as partial.  Click Run to let the setup reinstalled Web Components.
Reassign Web Components Server Certificate in IIS
Start services
0
 
LVL 2

Author Comment

by:acasgar
ID: 22699800
LMAO....sorry its sad but you might be right...I was hoping not to be so drastic with the server.  I only laugh because I just deployed a Windows 2008 Server and Exchange 2007 server for our company...you know Linux is looking better by the hour!  Man if they could have broken all the things that work the would have...oh they did....anyhow...is it remotely possible that it has something to do with the client and not IIS.  The only things that have changed on that server that could have broken it is it was patched, it hadn't been patched since May....we brought it up to date...you know plugged the security holes and oh yeah broke about 10 other things....like Communicator single sign in.

Let me know if you think there is anything on the client side I can check.
0
 
LVL 2

Accepted Solution

by:
acasgar earned 0 total points
ID: 22699882
Just read and interesting post, it worked!!  I enabled anonymous access to the ABS directory in IIS....bingo no more prompts.  So now how do I fix it the right way not the "work around"
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Know what services you can and cannot, should and should not combine on your server.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now