Overview


I have a structure three virtual servers, all running Windows Server 2008 R2 Service Pack 1. The HM01 machine is domain controller and Enterpeise CA, the server HM02 in installed  Lync Server Standard with Cumulative Update 4 and Hm03.home.intranet is an Exchange Server 2010 Service Pack 2.




In preparing the environment used to update the guides 

The integration between Exchange and Lync was used Article

Symptom


When users logam in Outlook Web Access user status remains Offline, and the error message on the site of contact Lync.
 

 Instant Messaging is not avaible right now. The Contact List Will Appear When the service Becomes avaible.

This error can have several causes. Below I list the main mis-configurations and scenarios reported in the forum Lync Server


Cause

To check the error using the tool Logging Tool Lync Server. 
 


Select the component SIPStack and capture all events from this component click Start Logging.
 

Log on to Exchange OWA, stop capturing and press Analyze Log Files . This screen was taken from a successful connection, the user's contacts were listed and their status updated.
 


Check the Settings


During configuration is created in a Lync Server TrustedApplicationPool and a TrustedApplication. 
 The figure below shows the configuration on the left Lync Server, and right print a digital certificate installed on the Exchange and configured for communication with Lync Server.
In TrustedApplication the field TrustedApplicationPoolFQDN must be configured with the same name that the Subject Name of the certificate of the Exchange Server. During the connection the server Front End  verifies the certificate name and the name used in connection configured in the Application Pool. If the names are different fqdn's the connection is denied.
 

Cause 

The Logging Tool capture the following error when logging a user in Outlook Web Access
 

The field Date: *. home.com.br   shows that a wildcard certificate is installed on Exchange Server. This type of certificate is not supported for this scenario.
Another scenario is the use of a digital certificate on the Exchange and Lync, I found nothing in the official literature of the solutions on this scenario but in my test environment the connection failed with the same above error . Here the proposed solution for the two configurations

Solution 

Access the console of the Exchange Server tab Server Configuration select the server and install a new digital certificate, use the same certificate used for the certificates installed on Lync Server.
 

In this case I have a wildcard certificate installed and configured to respond in the services IIS and SMTP. The new certificate need not be configured in any Exchange service. 
Open the Exchange Management Shell and run the cmdlet:

Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InstantMessagingServerName <Lync Server Front End> -InstantMessagingCertificateThumbprint <Certificate Thumbprint used in Client Access>  -InstantMessagingEnabled $true -InstantMessagingType 1 

   
For the settings to take effect you must restart IIS. Run the command IISReset to restart the service.

This article was originally written by:
Fernando Lugão Veltem
blog:  http://flugaoveltem.blogspot.com
twitter:  @ flugaoveltem