What certificate do I need to install to get OCS to work on non-domain joined computer?

Posted on 2014-08-25
Medium Priority
Last Modified: 2014-08-26
I've got a non-domain joined laptop that I need to get Office Communicator 2007 R2 working on.  The server is OCS 2007 R2 and the Laptop is Windows 8.1.  When I try to sign in to communicator I get the following error.

There was a problem verifying the certificate from the server. Please contact your administrator.

I am sure this is because there is a cert that I need to install that would normally be in place if the computer was on the domain.  

My questions is what certificate do I need to install on the laptop?  And will it be on the OCS server or on a domain controller?

Question by:Randy Knight, MCM
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 40284570
how many front end servers do you have?

    FQDN OCS pool = ocspool.company.local
    FQDN OCS Front End Servers
To correctly request certificates for both front servers enter the following -
    Certificate name = ocspool.company.local
    Certificate subject alternative names include -
        DNS Name=sip.company.local
        DNS Name=sip.company.com
        DNS Name=ocspool.company.com
        DNS Name=ocssrv01.company.local or ocssrv02.company.local
LVL 22

Accepted Solution

Jakob Digranes earned 1500 total points
ID: 40285011
Guessing that the certificate on OCS is enrolled from an internal PKI - you need to install the internal PKIs trusted root certificate on all non-domain PCs connecting to OCS (from LAN).

Log on to OCS server - go to certificates snap-in - computer certs. Find the OCS cert in use - go to certification path - select root certificate and click open/view - and then COPY TO FILE to export this certificate. Then import to COMPUTER STORE (important!) in Trusted Root Certification Authorities, on the non-domain PCS.

This makes your non-domain PC trust the certificate for the OCS server

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question