Tuesday, June 7, 2011

Lync Server 2010 & Avaya RCC Integration? Not yet as of June 7, 2011

I’ve been extremely excited lately as I got to work at a client who currently has OCS 2007 R1 integrated with their Avaya S8730, SES and AES servers.  RCC’s working in that environment and since there wasn’t any documentation on what RCC looks like (there’s a direct SIP integration document though), the client agreed to start with a small pilot to test.  Long story short, after a few days of getting Lync Server 2010 up and merged with the legacy topology, I began mirroring the static routes, application pool and host authorization setup I found configured in OCS 2007 R1 into the new Lync Server 2010 pool.

After struggling to get things going and finally getting the configuration as far as I thought I could, I took the error message I found through SIP traces and did a search on Google which finally led me to this post:

http://social.technet.microsoft.com/Forums/hi-IN/ocsinterop/thread/1501d941-bdb8-4959-ae3c-959f4e1ed67a

--------------------------------------------------------------------------------------------------------------------------------------------------------------------

Just so you don’t have to scroll past all the error message and screenshots below, here’s the resolution was:

Through this post: http://www.avayausers.com/showthread.php?p=115225 I went ahead and emailed Paul Leatherman and he told me that a patch for AES version 5 and 6 to fix something along the lines of the initial invite.  I get the sense that he may not be in the position to disclose more so the best I can write is what was found in the threads I listed and that’s that a patch is supposedly scheduled for the first week of June.  It’s June 7th, 2011 right now and I have yet to see one.

--------------------------------------------------------------------------------------------------------------------------------------------------------------------

The error message that Richard Pasztor encountered was exactly the same and just so other people can search this post, I’m going to post the messages so they can easily find this post and quickly find the information I found:

TL_ERROR(TF_DIAG) [0]0B8C.0310::06/07/2011-16:34:23.648.00058baf (SIPStack,SIPAdminLog::TraceDiagRecord:SIPAdminLog.cpp(143))$$begin_record
LogType: diagnostic
Severity: error
Text: Message expired in the outbound queue before it could be sent
SIP-Start-Line: INVITE sip:aes@aes.domain.internal SIP/2.0
SIP-Call-ID: befd0878215c46f8af2cc9a755e00afa
SIP-CSeq: 1 INVITE
Peer: aes.domain.internal:4723
$$end_record

image

TL_WARN(TF_DIAG) [0]0B8C.0310::06/07/2011-16:34:23.648.00058bbb (SIPStack,SIPAdminLog::TraceDiagRecord:SIPAdminLog.cpp(145))$$begin_record
LogType: diagnostic
Severity: warning
Text: Routing error occurred; check Result-Code field for more information
Result-Code: 0xc3e93c7e SIPPROXY_E_ROUTING_MSG_SEND_EXPIRED
SIP-Start-Line: INVITE sip:aes@aes.domain.internal SIP/2.0
SIP-Call-ID: befd0878215c46f8af2cc9a755e00afa
SIP-CSeq: 1 INVITE
Peer: aes.domain.internal:4723
$$end_record

image

TL_INFO(TF_PROTOCOL) [0]0B8C.0310::06/07/2011-16:34:23.849.00058f8b (SIPStack,SIPAdminLog::TraceProtocolRecord:SIPAdminLog.cpp(125))$$begin_record
Trace-Correlation-Id: 3505783577
Instance-Id: 00001603
Direction: incoming
Peer: 10.40.1.55:6171
Message-Type: request
Start-Line: INVITE sip:aes@aes.domain.internal SIP/2.0
From: <sip:ocstest1@domainre.com>;tag=16a936d1f5;epid=56a6fbba0b
To: <sip:aes@aes.domain.internal>
CSeq: 1 INVITE
Call-ID: 900f1db34da04ea191c52e57ef7461fe
Via: SIP/2.0/TLS 10.40.1.55:6171
Max-Forwards: 70
Contact: <sip:ocstest1@domainre.com;opaque=user:epid:XJi1sMXzUFGEdKjpydtDBwAA;gruu>
User-Agent: UCCAPI/4.0.7577.0 OC/4.0.7577.0 (Microsoft Lync 2010)
Supported: ms-dialog-route-set-update
Content-Disposition: signal;handling=required
Supported: timer
Supported: histinfo
Supported: ms-safe-transfer
Supported: ms-sender
Supported: ms-early-media
ms-keep-alive: UAC;hop-hop=yes
Allow: INVITE, BYE, ACK, CANCEL, INFO, UPDATE, REFER, NOTIFY, BENOTIFY, OPTIONS
ms-subnet: 10.40.1.0
Proxy-Authorization: TLS-DSK qop="auth", realm="SIP Communications Service", opaque="2FFA8B8A", targetname="svrlyncstd01.domain.internal", crand="e98835ce", cnum="11", response="f0c0c14405a4108490a4501f60fd245b74676f8a"
Content-Type: application/csta+xml
Content-Length: 312
Message-Body: <?xml version="1.0"?>
<RequestSystemStatus xmlns="
http://www.ecma-international.org/standards/ecma-323/csta/ed3"><extensions><privateData><private><lcs:line xmlns:lcs="http://schemas.microsoft.com/Lcs/2005/04/RCCExtension">tel:+14412780765</lcs:line></private></privateData></extensions></RequestSystemStatus>
$$end_record

image

TL_INFO(TF_PROTOCOL) [0]0B8C.0310::06/07/2011-16:34:36.268.00064cbe (SIPStack,SIPAdminLog::TraceProtocolRecord:SIPAdminLog.cpp(125))$$begin_record
Trace-Correlation-Id: 2728840864
Instance-Id: 0000161F
Direction: incoming
Peer: 10.40.1.55:6171
Message-Type: request
Start-Line: INVITE sip:289;phone-context=defaultprofile@domainre.com;user=phone SIP/2.0
From: <sip:ocstest1@domainre.com>;tag=63b4657c98;epid=56a6fbba0b
To: <sip:289;phone-context=defaultprofile@domainre.com;user=phone>
CSeq: 1 INVITE
Call-ID: 230051b50495430caa5e544a835f817c
Via: SIP/2.0/TLS 10.40.1.55:6171
Max-Forwards: 70
Contact: <sip:ocstest1@domainre.com;opaque=user:epid:XJi1sMXzUFGEdKjpydtDBwAA;gruu>
User-Agent: UCCAPI/4.0.7577.0 OC/4.0.7577.0 (Microsoft Lync 2010)
Supported: ms-dialog-route-set-update
Ms-Conversation-ID: AcwlMMnfK7JOoK9ZSEiQ0D1Wp1D4Yg==
Supported: timer
Supported: histinfo
Supported: ms-safe-transfer
Supported: ms-sender
Supported: ms-early-media
Supported: 100rel
ms-keep-alive: UAC;hop-hop=yes
Allow: INVITE, BYE, ACK, CANCEL, INFO, UPDATE, REFER, NOTIFY, BENOTIFY, OPTIONS
ms-subnet: 10.40.1.0
Accept-Language: en-US
ms-endpoint-location-data: NetworkScope;ms-media-location-type=Intranet
P-Preferred-Identity: <sip:ocstest1@domainre.com>
Supported: replaces
Supported: ms-conf-invite
Proxy-Authorization: TLS-DSK qop="auth", realm="SIP Communications Service", opaque="2FFA8B8A", targetname="svrlyncstd01.domain.internal", crand="3c8c072a", cnum="23", response="7e06d9759a8790cd769131cec474ccdfbb7ee877"
Content-Type: multipart/alternative;boundary="----=_NextPart_000_0058_01CC2517.A49C1630"
Content-Length: 3645
Message-Body: ------=_NextPart_000_0058_01CC2517.A49C1630
Content-Type: application/sdp
Content-Transfer-Encoding: 7bit
Content-ID: <7728ae5607d14f129ff8172c8b0f39d2@domainre.com>
Content-Disposition: session; handling=optional; ms-proxy-2007fallback
v=0
o=- 0 0 IN IP4 10.40.1.55
s=session
c=IN IP4 10.40.1.55
b=CT:99980
t=0 0
m=audio 20368 RTP/SAVP 114 9 112 111 0 8 116 115 4 97 13 118 101
a=candidate:LB99NYXLJYgIg7N3It5mjOFIA+zAn/PUvIdY5NkuSgw 1 Q448oDdmna1gVSs/Ta4kJA UDP 0.830 10.40.1.55 20368
a=candidate:LB99NYXLJYgIg7N3It5mjOFIA+zAn/PUvIdY5NkuSgw 2 Q448oDdmna1gVSs/Ta4kJA UDP 0.830 10.40.1.55 20369
a=candidate:xnMyRG0oCLZcKk3UgZciioTzekgbTnHbs+q67fmLGmI 1 PHlCHgOcmKFnk+3n4Ptf4g UDP 0.840 192.168.38.1 25480
a=candidate:xnMyRG0oCLZcKk3UgZciioTzekgbTnHbs+q67fmLGmI 2 PHlCHgOcmKFnk+3n4Ptf4g UDP 0.840 192.168.38.1 25481
a=candidate:PKdgjrsjTC2w7bWEgQ5NvbI4fr9sasB6IjhyShrtCFM 1 yTdaCKmo57tPZbcbapNQwQ UDP 0.850 192.168.253.1 15792
a=candidate:PKdgjrsjTC2w7bWEgQ5NvbI4fr9sasB6IjhyShrtCFM 2 yTdaCKmo57tPZbcbapNQwQ UDP 0.850 192.168.253.1 15793
a=cryptoscale:1 client AES_CM_128_HMAC_SHA1_80 inline:PZuuhzoeocOmjTyAoAKLw+MppzgQKXXChAWioJmo|2^31|1:1
a=crypto:2 AES_CM_128_HMAC_SHA1_80 inline:NdHgeNKtheY6/yVWVPQSGRZAnseXFwAPHynpXSor|2^31|1:1
a=crypto:3 AES_CM_128_HMAC_SHA1_80 inline:y0OPKsJYyGd4Q2LIPvui8Ei5R4YHsKXT9XJw8jr4|2^31
a=maxptime:200
a=rtpmap:114 x-msrta/16000
a=fmtp:114 bitrate=29000
a=rtpmap:9 G722/8000
a=rtpmap:112 G7221/16000
a=fmtp:112 bitrate=24000
a=rtpmap:111 SIREN/16000
a=fmtp:111 bitrate=16000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:116 AAL2-G726-32/8000
a=rtpmap:115 x-msrta/8000
a=fmtp:115 bitrate=11800
a=rtpmap:4 G723/8000
a=rtpmap:97 RED/8000
a=rtpmap:13 CN/8000
a=rtpmap:118 CN/16000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=encryption:required
------=_NextPart_000_0058_01CC2517.A49C1630
Content-Type: application/sdp
Content-Transfer-Encoding: 7bit
Content-ID: <a2613f23a0c1487e901a918f06431a6d@domainre.com>
Content-Disposition: session; handling=optional
v=0
o=- 0 0 IN IP4 10.40.1.55
s=session
c=IN IP4 10.40.1.55
b=CT:99980
t=0 0
m=audio 6778 RTP/SAVP 114 9 112 111 0 8 116 115 4 97 13 118 101
a=ice-ufrag:H8qE
a=ice-pwd:3IgqeL3WAR0BAVeQyNBPxX6c
a=candidate:1 1 UDP 2130706431 192.168.253.1 30826 typ host
a=candidate:1 2 UDP 2130705918 192.168.253.1 30827 typ host
a=candidate:2 1 UDP 2130705919 192.168.38.1 20538 typ host
a=candidate:2 2 UDP 2130705406 192.168.38.1 20539 typ host
a=candidate:3 1 UDP 2130705407 10.40.1.55 6778 typ host
a=candidate:3 2 UDP 2130704894 10.40.1.55 6779 typ host
a=candidate:4 1 TCP-ACT 1684797951 192.168.253.1 30826 typ srflx raddr 192.168.253.1 rport 30826
a=candidate:4 2 TCP-ACT 1684797438 192.168.253.1 30826 typ srflx raddr 192.168.253.1 rport 30826
a=cryptoscale:1 client AES_CM_128_HMAC_SHA1_80 inline:PZuuhzoeocOmjTyAoAKLw+MppzgQKXXChAWioJmo|2^31|1:1
a=crypto:2 AES_CM_128_HMAC_SHA1_80 inline:NdHgeNKtheY6/yVWVPQSGRZAnseXFwAPHynpXSor|2^31|1:1
a=crypto:3 AES_CM_128_HMAC_SHA1_80 inline:y0OPKsJYyGd4Q2LIPvui8Ei5R4YHsKXT9XJw8jr4|2^31
a=maxptime:200
a=rtpmap:114 x-msrta/16000
a=fmtp:114 bitrate=29000
a=rtpmap:9 G722/8000
a=rtpmap:112 G7221/16000
a=fmtp:112 bitrate=24000
a=rtpmap:111 SIREN/16000
a=fmtp:111 bitrate=16000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:116 AAL2-G726-32/8000
a=rtpmap:115 x-msrta/8000
a=fmtp:115 bitrate=11800
a=rtpmap:4 G723/8000
a=rtpmap:97 RED/8000
a=rtpmap:13 CN/8000
a=rtpmap:118 CN/16000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=encryption:required
------=_NextPart_000_0058_01CC2517.A49C1630--
$$end_record

image

TL_WARN(TF_DIAG) [0]0B8C.0310::06/07/2011-16:34:58.003.0006d594 (SIPStack,SIPAdminLog::TraceDiagRecord:SIPAdminLog.cpp(145))$$begin_record
LogType: diagnostic
Severity: warning
Text: Message or one of its headers caused SIP transaction processing error
Result-Code: 0xc3e93f5b SIPPROXY_E_TRANSACTION_TIMEOUT
Data: Transaction Time-out: Type [0] Method [0x8] Call-Id [f92094b3931348c5b555b54118075192\n] RUri[sip:aes@aes.domain.internal] From[ocstest1@domainre.com;tag=904cfb2010] To[aes@aes.domain.internal;tag=]
$$end_record

image

Hope this helps anyone that may venture down this path like I did.

OCS 2007 MOC shows the error: “Cannot Synchronize Address Book”

Problem

You notice a notification at the top right hand corner of your MOC client and when you click on it, you see the error: Cannot Synchronize Address Book

image

You proceed to click on it and you get the following detailed message:

Cannot synchronize with the corporate address book. This may be because the proxy server setting in your web browser does not allow access to the address book. If the problem persists, contact your system administrator.

image

You make an attempt to browse to the IIS directory where you the address (https://yourOCSpool.domain.com/abs) is downloaded and you get an Internet Explorer cannot display the webpage or an error that suggests the website not being up::

image

You then try navigating to the regular http (no SSL) root page and you see that the page is working fine:

image

Solution

Keep in mind that this error can be caused by many reasons and the following is just one of them.

Although the regular http page served by IIS is accessible, it’s still a good idea to check the World Wide Web Publishing service to be sure that it’s up:

image

Once you’ve verified that the service is up, open up Internet Information Services (IIS) Manager to verify that the site is up:

image

If everything looks fine, what’s most likely the cause is the certificate that is assigned to the default web site so open up the properties of it, navigate to Directory Security and then try clicking on the View Certificate button:

image

If continuous clicks on it doesn’t give you a response, it may be because the certificate has been deleted from the computer store.  Something like this can happen if you’ve recently renewed your certificate and after assigning it from within the OCS administrative console, you removed the old certificate.  In such a situation, the majority of your OCS services will continue to work but your address book download which relies on your IIS will cease to operate.

What you want to do at this point is to continue by clicking on the Server Certificate button to assign the new certificate to the default web site:

image

image

image

image

Once you’ve reassigned the certificate, the View Certificate button should now response when you click on it:

image

image

Now when you browse to the root of the https directory on the server, you should see this default page:

image

Sign out of your MOC client then back in and you should see the error message go away.