Wednesday, May 27, 2009

How to add a MSN contact to your communicator contactlist

If your company had an OCS edge server deployed, one of the possible options is use Public Instant Messaging Connectivity (PIC).

PIC enables your company to chat with MSN, Yahoo & AOL users. I don't have contacts using Yahoo or AOL, but I do have msn-contacts.

When you add a contact outside your domain (MSN or federated) OCS will see this address as a federated contact and start a search for the according domain. This works fine if the contact uses federation or when you MSN-contact is registered with a hotmail.com, Live.com or MSN.com domain. But it will fail if the contact is registered with another (mail)address.

In order to fix this, you need to change the address, i.e.:
Pietje.puk@thenetherlands.com has to be changed into Pietje.puk(thenetherlands.com)@msn.com

The domain MSN.COM will translate this back into the original address and warns the msn-contact that somebody wants to chat.

By default, the contact you add will get Access Level 'Public'.

Completing the list:
Pietje.puk@thenetherlands.com --->> Pietje.puk(thenetherlands.com)@msn.com
Pietje.puk@hotmail.com --->> Pietje.puk@hotmail.com
Pietje.puk@live.com --->> Pietje.puk@live.com
Pietje.puk@msn.com --->> Pietje.puk@msn.com

Suc6
Posted by at 8 comments:
Labels: , , , , ,

Friday, April 24, 2009

Access Edge service terminated with service-specific error 3286842466 (0xC3E93C62)

This morning, a friend of me and former colleague deployed an OCS 2007 R2 environment with an OCS Edge.

The customer should take care of the according firewall rules.

After completing the deployment, he was unable to start up all the OCS Edge services. He got the following error:
  • Failed starting the protocol stack. The service has to stop
    Error code is:0xC3E93C62 (SIPPROXY_E_NO_DEFAULT_OUTGOING_CERT).Cause: Check the previous entries in the event log for the failure.
In the Event log he found the corresponding error:
  • The Office Communications Server Access Edge service terminated with service-specific error 3286842466 (0xC3E93C62).
When he studied the corresponding certificate, he found the path to the Certificate Revocation Lists Url: http://crl.geotrust.com/crls/secureca.crl

He tried to open the page from the Edge as well from the ISA firewall, but failed.

After re examin the firewall rules he learned that the customer did not set the outbound firewall rule to download certificate revocation lists.
The rule has the be configured as:
  • External
  • Local Port: 80 HTTP.
  • Direction: Outbound (to download certificate revocation lists).
  • Remote Port: Any.
  • Local IP: The external IP address of the Access Edge service.
  • Remote IP: Any IP address.
When he applied the rule, he was able to start the Access Edge service and tested with success Open Federation.
Posted by at 2 comments:
Labels: , , ,
Subscribe to: Posts (Atom)