Office Communicator 2005 Problems

Okay, I have Office Communicator 2005 installed on my computer, and I recently installed Office Live Communications Server 2005 on the server.

I created a new certificate with the FQDN of pool01.headquarters.elwoh.com, which is the fqdn of the pool, as you see.

I then set the TLS protocol to use that certificate, and communicate on port 5061.  When I try to connect to the server (via TLS) from office communicator I get an error:

Error Message:
---------------------------
Microsoft Office Communicator
---------------------------
There was a problem verifying the certificate from the server. Please contact your system administrator.
---------------------------
OK  
---------------------------


I've also got the server set to use TCP, on port 5060.  If I try to connect to the server using TCP I get an error message as well:

Error Message:
---------------------------
Microsoft Office Communicator
---------------------------
Cannot sign in, possibly because the authentication server is unavailable to verify your sign-in information. Please sign in again. If the problem persists, contact your system administrator.
---------------------------
Retry   Cancel  
---------------------------


I've tried to sign-in using the FQDN, IP Address; Username types of user@elwoh.com, user@headquarters.elwoh.com, elwoh\user, user and it doesn't work.

I have ports 5060, and port 5061 open on the server.

Do I need to install the Live Communications Server Proxy?

Is it because I'm not assigning the certificate right or what?  Someone has to know.

when I run the diag tools for the client, and I use TCP it says kerbros failed.  Because the SPN was registered incorrectly...



Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

ERRROR: The SPN for pool01.headquarters.elwoh.comis registered incorrectly

still nothing

What are you using for DNS?

MSDNS.  Set to pool01.headquarters.elwoh.com

If I use TCP connection it connects but cant authenticate because of kerbros failure like I said above.  Not sure how to fix that.

I ran the LCS diag tool in the resource kit, and tried to connect via TCP.

It establishes the connections, but cannot authenticate with kerbros because the SPN is registered incorrectly.

How do I fix that?


Also, if I try to connect via TLS, it won't verify the certificate.  More than likely because I made it wrong.  I just entered the pool DNS (pool01.headquarters.elwoh.com) for the subject so it's issued to that address.

Help is appreciated.

Anyone have an idea of what the (I need to watch my language) is going on?

I am having a similar issue. 

NOTE: PC is not apart of the AD.  Signon locally and use AD syntax to connect to AD resources.  "DirectoryName\Username"

- When connected on the lan at the office I can connect and access everything normally.

- When I am remote via VPN (Aventail) I can't connect to Office Communicator.

Any ideas?

ok, it's almost 2 years after this last post, I think, but I'm having the same problem, almost.

Setup LCS 2005 SP1

Setup Access Proxy

trying to use LCS across Internet to get to Access Proxy

I have an external address on the firewall NAT'ed to my internal address, with ports 5061, 5060, and 443 open.

Communicator is setup on a test client machine back at my house

I can connect with TCP to the LCS server (10.10.1.8) but I can't use TLS to connect to the Access Proxy (10.10.1.6) as of now.

"There was a problem verifying the certificate from the server. Please contact your System Administrator."

I exported a public key off the Access Proxy, I purchased a SSL cert from entrust.com.  I exported from Access Proxy server / imported a .pfx key w/out the private key to the client user machine (my XP machine at home) and exported/imported a key WITH the Private

I am having the same problem with a smaller company we purchase that is not part of my domain.  All the Domain computers have no problem.  Even my home computer does not have a problem.  We use entrust.com for our certificates too.

I experienced this same problem.  When locally connected to the corporate network, Communicator worked fine.  When remote and connected via the VPN, I wasn unable to get to the LCS.

Through experimentation I tracked down my problem to a DNS problem on the client.  It appears that Communicator only uses the first DNS server in the list of DNS servers available  via the systems network configuration.

On my system this meant  that the DNS server on the local connection (the hotel, or my home DNS server) was the one used (the VPNs DNS server ended up being second). 

So communicator either got the public information for the LCS server, which our company blocks, or it had a DNS lookup failure.

I fixed this by going into the TCP/IP settings on the local network connection and manually adding the IP address of our internal DNS server (which may cause problems when I don't have the VPN running, but that's very rare for me).

With this change, Communicator started and connected without a problem.

Note that I also tried manuallly setting the sip configuration, but was unable to connect with a manual install.   I don't know why that didn't work since I used the data registered in the internal DNS server so it should have worked.  Oh well.

Conor