Lync 2013 Working but Not Working

ZeroDogg
ZeroDogg used Ask the Experts™
on
I have a situation Im sure someone can help with. My Lync clients work outside the network now but AD does not seem to be syncing up and its been days. Everything works if they have already put the contacts in at the main office. So video, audio and chatting all works outside but cant find anyone unless they are inside the network.

I dont know if this issue runs along side from above but when I so a Microsoft Connectivity Analyzer and run the Lync Auto Discover Web service it comes back as failed (stops at "validating cert). But when I run the Lync Server Remote Connectivity Test everything checks out fine. Any thoughts?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
just to clarify:
- when users are inside the office, they can add new contacts
- but when they're outside, they cannot add new contacts?
Mohammed HamadaSenior IT Consultant

Commented:
I had this problem before once with a deployment! in your case I think it's not related to LYnc server since your internal lync users can see the updated contacts.

I'm sure it's related to lync client not downloading the galcontacts db file due to a conflict with an existing one.

You can force those clients to download latest update by using the following registry and if you have many you can deploy a GPO to those clients.

http://lyncdup.com/2012/11/lync-2013-client-force-instant-address-book-galcontacts-db-download-address-book-synchronizing-results-may-not-be-current/


Also make sure your users have the latest Lync client updates.

BTW, on Lync server try openning eventviewer and go to the left pane where it says "Lync Server" and see if there's any errors related to address book?

Author

Commented:
Jakob - that is correct. Outside it still says its syncing but inside runs like a charm. I even tested it last night where I remoted into my computer and added our HQ Staff and it added fine then popped up on my Lync at home to my personal computer that is not on a domain.

Moh10ly - I will check into all of that and keep everyone posted

Thanks guys and hopefully I can get back here soon.
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

Author

Commented:
It's still not working properly (outside) for groups and contacts. I have updated the server and the clients. I did the registry thing and nothing. I must be missing a setting, port, DNS entry or all. So inside as I said everything works great. I can add groups or people. If they are added individually the contacts cross over to the outside but once outside I get "no matches" or "address book synchronizing. results may not be current"

Maybe this will help. I can add a group inside (STAFF) but once any device is outside of the building the same STAFF group comes up with this error:
Cannot use the distribution group service because the service address is incorrect, although the service is available. Contact your support team with this information

I ran the Get-CsWebServiceConfiguration and checked the EnableGroupExpansion and its set to True. Does this help any?
Mohammed HamadaSenior IT Consultant

Commented:
When you press Ctrl + right click Lync client's tray icon and click configuration there is "ABS server internal URL and External URL" in your case can you see them both when you connect externally?

The problem might be related to your reverse proxy not configured properly for the webservices.

here's a screenshot of mine.
lyncabs.png

Author

Commented:
Hmm. Both the DG and ABS externals point to my inside server. What now?
Senior IT Consultant
Commented:
That's a wrong external webservice URL configuration on your Lync Topology . open the topology and expand the tree and right click on your standard/enterprise pool and click edit properties then goto web services and check what's the FQDN written there?

The webservices fqdn will probably be your internal fqdn, you will need to change that to your External web services FQDN e.g. (Extweb or external or webservices.domain.com) and create a public DNS record that points to your Reverse proxy (TMG/ARR)'s Public IP.

I'm attaching a picture of my topology. btw I have TMG but since Microsoft don't provide licenses for it now you can go on with ARR! It's pretty easy to configure but you will have some issues with Mobility connectivity in internal WIFI unless you configure the firewall properly for hair-pin scenario.
webservices.jpg

Author

Commented:
It's looking like I have to have a reverse proxy in place along with the Edge and FE?
Mohammed HamadaSenior IT Consultant

Commented:
Of course, it's necessary for the web services to be published and work otherwise you won't be able to access meet, dialin, web scheduler, address book services externally.

Author

Commented:
Also a physical machine would work instead of a VM for a reverse proxy?
Mohammed HamadaSenior IT Consultant
Commented:
Yes sure, but you will need two NICs for the Reverse proxy. one should be either external or DMZ facing your firewall and the other NIC should be Internal in order to talk to your Lync front end server.

Here's a good article for setting up reverse proxy using IIS ARR for Lync
http://y0av.me/2013/07/22/lync2013_iisarr/

Author

Commented:
After all this I finally understand the difference between the Edge Role and the reverse proxy. I will have to wait to get another machine for the reverse proxy but I have enough now to build a solid Lync foundation inside and out. Thanks!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial