Lync 2013 Mobile with Lync on Premises
This should be a good one. No mobile phone can sign into Lync 2013. No Android, iPhone or iOS. There is no error code they just stay stuck at the signing in screen. Here is where it gets fun. Everything else works. Mac's, PC's, Tablets, iPads and everything in between, only mobile phones do not work now. I re-keyed wildcard cert and installed on the correct servers. Everything works including AD searches in Skype for Business Clients and Power Point presentations during a meeting.
I have an onsight premises Lync 2013 server setup. Lync 2013 Front End Server, and Edge server, a Web Apps Server, a ADFS server and a Office Web Apps server. All servers are on 2012 R2 I was on the phone with Microsoft (ugh) and they still can't figure it out. Do I have anyone out there that had this same issue?
I have an onsight premises Lync 2013 server setup. Lync 2013 Front End Server, and Edge server, a Web Apps Server, a ADFS server and a Office Web Apps server. All servers are on 2012 R2 I was on the phone with Microsoft (ugh) and they still can't figure it out. Do I have anyone out there that had this same issue?
ASKER
Well crap, I did have all this working last week before the re-key. I will continue to look to see what happened. Maybe your link will help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have a Web Application Proxy Server (WAPX) as the Reverse Proxy. It uses the Remote Access Management Console to publish URL's
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It helps to see others point of view.
First and foremost, wildcard certs are usually not a good idea in Lync. While they can be supported in some limited instances, there are many restrictions:
https://technet.microsoft.com/en-us/library/hh202161(v=ocs.15).aspx:
Note that the mobility service is *not* listed as a supported service with a wildcard cert.
You can (sometimes) get this to work with a properly configured reverse proxy, but the reverse proxy has to support this and you need to ensure your traffic destined for the mobility service is not being redirected to another service that is also behind the reverse proxy. That means properly configuring the URL lookup, having DNS all squared away, and that the various roles that cannot be collocated are distinct (such as the OWAS role.) It is extremely difficult to get right, and in many cases cannot be done at all because of infrastructure constraints. YMMV.