Solved

Lync 2013 Office 365

Posted on 2013-10-25
10
1,547 Views
Last Modified: 2013-11-10
We have an Office 365 setup with Lync.  I am able to sign in to Lync on PCs not on the Domain, but on my Laptop at home or on the office guest connection.  When attempting on a Domain connected PC we get the error

"The Server is temporarily unavailable, if the problem continues please contact your support team."

Microsoft support have confirmed that all out DNS settings are correct and since it works from an other machine they must be, they have had the logs but can't see what is wrong, I've been in contact with them for about 10 days and most days they don't make sense, they certainly haven't progressed the incident at all.

I wondered if anyone else had any ideas.   The Firewall I'm sure will allow any traffic over any port out so I don't think that is it.
0
Comment
Question by:edwalters
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 3

Expert Comment

by:Peter Haussl
ID: 39600011
Can you send mentioned logfiles in order to be able to have a closer look? Maybe the LYNC at that point is requiring incoming traffic allowed as well.
0
 
LVL 3

Expert Comment

by:Peter Haussl
ID: 39600034
Additionally ...

can you crosscheck against  following table in order to check external FW rules

Anschluss      Protokoll      Richtung      Verwendung
443              STUN/TCP      Ausgehende      Audio, video, Anwendungsfreigabesitzungen
443          PSOM/TLS      Ausgehende      Datenfreigabesitzungen
3478      STUN/UDP      Ausgehende      Audio / video-Sitzungen
5223      TCP                      Ausgehende      Lync Mobile Push-Benachrichtigungen
50000 – 50039      UDP/TCP      Ausgehende      Medien
50000 – 50019      UDP/TCP      Ausgehende      Audio
50020 – 50039      UDP/TCP      Ausgehende      Video
50040 – 50059      TCP      Ausgehende      Gemeinsame Nutzung von Anwendungen
50040 – 50059      TCP      Ausgehende      Dateiübertragung

based on article
http://support.microsoft.com/kb/2409256/en
0
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 39600774
Does this happen for your account only or others as well? Do you have issues accessing any other Office 365 related resources on a domain joined machine? Do you have SSO configured (AD FS server)? In addition to the Lync logs, collect the ones from the Sign In Assistant:

http://social.technet.microsoft.com/wiki/contents/articles/18103.microsoft-online-services-sign-in-assistant-how-to-enable-debug-tracing.aspx
0
Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

 
LVL 8

Assisted Solution

by:epohl
epohl earned 334 total points
ID: 39600783
Sounds like it might be a DNS issue. Can you try hard coding the server settings into a domain joined machine LYNC client and see if it will connect. If it does connect with the settings manually you will need to check internal dns and verify you have all the correct lync records.

¿Internal server name or IP address: sipdir.online.lync.com:443
¿External server name or IP address: sipdir.online.lync.com:443
0
 
LVL 1

Author Comment

by:edwalters
ID: 39605583
We have tried using the manual settings for the Lync servers and that makes no difference.  I'm confident that the required Ports are open for Lync as detailed above.

I'm uneasy about posting the logs since I don't know what information is contained within them and obviously I have to consider security.
0
 
LVL 3

Assisted Solution

by:Peter Haussl
Peter Haussl earned 166 total points
ID: 39605624
Hi,

I see. One more try you can give the client also, which i had lately myself. If credentials are stored on the client disconnect completely and follow the link in order to forget the credentials (i remember you told that you already got a connect from home network).

After start connection from the scratch and have a look if it is connecting.

One more thing ...

If you enable Lync within Office 365 setup is asking to configure proper DNS settings and is testing them also.

You should beside your normal ones also some SRV or TXT entiries specific to your subscription. In examples i'm posting you will find output from nslookup tool related to my domain. Surely yours should have yours included

C:\Users\Peter>nslookup
Standardserver:  viedns09.chello.at
Address:  195.34.133.21

> set query=all
> _sip._tls.haussl.at
Server:  viedns09.chello.at
Address:  195.34.133.21

Nicht autorisierende Antwort:
_sip._tls.haussl.at     SRV service location:
          priority       = 50
          weight         = 5
          port           = 443
          svr hostname   = sipdir.online.lync.com
> _sipfederationtls._tcp.haussl.at
Server:  viedns09.chello.at
Address:  195.34.133.21

Nicht autorisierende Antwort:
_sipfederationtls._tcp.haussl.at        SRV service location:
          priority       = 5
          weight         = 25
          port           = 5061
          svr hostname   = sipfed.online.lync.com
> autodiscover.haussl.at
Server:  viedns09.chello.at
Address:  195.34.133.21

Nicht autorisierende Antwort:
autodiscover.haussl.at  canonical name = autodiscover.outlook.com
autodiscover.outlook.com        canonical name = autodiscover.outlook.com.glbdns
.microsoft.com
autodiscover.outlook.com.glbdns.microsoft.com   canonical name = autodiscover-em
eacenter.outlook.com
autodiscover-emeacenter.outlook.com     internet address = 157.56.252.41
autodiscover-emeacenter.outlook.com     internet address = 157.56.248.169
autodiscover-emeacenter.outlook.com     internet address = 157.56.252.185
autodiscover-emeacenter.outlook.com     internet address = 157.56.248.9
> lyncdiscover.haussl.at
Server:  viedns09.chello.at
Address:  195.34.133.21

Nicht autorisierende Antwort:
lyncdiscover.haussl.at  canonical name = webdir.online.lync.com
webdir.online.lync.com  AAAA IPv6 address = 2a01:111:f404:8003::38
webdir.online.lync.com  internet address = 132.245.193.24
>

If you (as you told) have already talken to MS support i doubt that they are not existing but worth to check anyway. Maybe you can also compare outputs from working client and those none working behind your firewall.

By using

br
Peter
0
 
LVL 8

Accepted Solution

by:
epohl earned 334 total points
ID: 39606339
Here is an article that covers lync connectivity through the firewall. Run the connectivity test under "More Information" "How to verify that all network requirements for Lync Online are met" and see if anything fails.


http://support.microsoft.com/kb/2409256
0
 
LVL 1

Assisted Solution

by:edwalters
edwalters earned 0 total points
ID: 39609446
I've found the error, if I run it as a local admin it runs fine, if I run it as a Domain User (even if it's part of the local admin group) it doesn't.

So I know it's not the Firewall, the DNS, all the connectivity checks passed ages ago, it's the local security of the Domain PCs.
0
 
LVL 3

Expert Comment

by:Peter Haussl
ID: 39610005
Thanks for letting us know the solution....
0
 
LVL 1

Author Closing Comment

by:edwalters
ID: 39636705
I've ticked the solutions that Microsoft had me try as well, as they could also be the reasons.  They weren't in my case.  Up to yet I've only managed to work around the issue but I'm hoping to sort it out properly.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Find out what the Office 365 disclaimer function is, why you would use it and its limited ability to create Office 365 signatures.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question