0 votes

Hi all,

I get the error below when enabling a user for Lync. I have opened port 5986 for winrm over https and have verified the correct certificates on the Lync servers. From my Adaxes servers, I can do a "Test-WSMan -ComputerName FQDN -UseSSL" and the test is successful.

Thanks for the help.

Connecting to remote server failed with the following error message : The SSL connection cannot be established. Verify that the service on the remote host is properly configured to listen for HTTPS requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig -transport:https". For more information, see the about_Remote_Troubleshooting Help topic.
by (280 points)
0

Hello Joshua,

To help us troubleshooting the issue, can you do the following:

  1. On the computer where Adaxes Service is installed, launch Internet Explorer.

  2. In the address bar, specify the following:
    https://**lyncserver.domain.com**/ocspowershell

    • where lyncserver.domain.com is the fully qualified domain name (FQDN) of your Lync Server.
  3. As soon as the page completes loading, you will get a blank page and a certificate icon in the address bar. Is the certificate icon green (trusted) or red (untrusted)?

0

The certificate is trusted.

I'm not sure if this makes a difference, but the certificate that is presented from https://lyncserver.domain.com/ocspowershell is different from the certificate is used on the winRM listener.

Thanks

0

Hello Joshua,

Can you do the following for further troubleshooting:

  1. Log in to your Lync Server as an administrator.
  2. Launch Internet Information Services (IIS) Manager from Control Panel \ Administrative Tools.
  3. Expand the node that represents the Lync Server.
  4. Locate the Ocspowershell web application.
  5. Select it.
  6. Double-click Authentication.
  7. Which authentication options are enabled / disabled?
  8. Can you select Windows Authentication, and then click Providers? What providers do you see and in which order?
0

The providers I have are Negotiate and NTLM.

0

Hello Joshua,

What about authentication options? Are they the same as above (Windows Authentication and Anonymous Authentication enabled, all other options disabled)?

Also, did you install Windows Management Framework 5 on your Lync Server?

0

Hi,

All of the other authentication options are how they are in your picture. I installed Framework 5 on the servers and I get the same error message.

1 Answer

0 votes
by (215k points)
selected by
Best answer

Hello,

Since the default PowerShell endpoint works, and taking into account the difference in certificates, you can try binding the certificate of the default PowerShell endpoint to the Lync endpoint. To do this, bind the certificate to port 443 (HTTPS) of the IIS web site where the Ocspowershell web application resides. For information on how to do that, see the following guide, section Bind the Certificate to a website: https://www.sslshopper.com/article-inst ... s-7.0.html.

If that doesn't resolve your issue, try tracing the SSL traffic to understand where the cause for the issue may be. For information on how to do that, see the following article by Microsoft: https://blogs.technet.microsoft.com/tsp ... -failures/. Pay attention that when connecting to a Lync Server, the Ocspowershell endpoint is used (not the default WinRM endpoint), and the communication port is 443 (HTTPS).

Related questions

0 votes
1 answer

Hi everyone, we're getting the below error when enabling a user for Lync: Connecting to remote server failed with the following error message : WinRM cannot process the request ... box' Lync enablement feature. Any ideas what might be going on? Thanks again!

asked Dec 6, 2013 by EgotisticalGiraffe (2.2k points)
0 votes
1 answer

Hi- When I attempt to set this up, in my drop box, I have "no pools found" and is unable to enter the pool. Why can't I enter the pool or what has to happen in order for Adaxes to see that we have pools available?

asked May 29, 2014 by MeliOnTheJob (10.6k points)
0 votes
1 answer

"Connecting to remote server <<FQDN Servername>> failed with the following error message : The server certificate on the destination computer (<<FQDN servername: ... ? This may help to diagnose the issue with schannel on the skype server.

asked Mar 5 by mark.it.admin (3.5k points)
0 votes
1 answer

Hi We are experiencing problems with the "Enable the user for Lync" function: Enable the user for Lync (Pool: 'lync-server.domain.local', SIP URI: 'sip:%mail%') Processing ... Help topic. This is for a managed domain, not the one Adaxes is installed in.

asked Oct 31, 2013 by kjesoo (7k points)
0 votes
1 answer

Hi all, I want to create an external Username (username-ext). Loginname is the same as the initials. Changing the intiakls -> intials-ext ... CommandPipeline.Actions.ActionBase.Execute(ICommand command) --- Ende der internen Ausnahmestapel├╝berwachung ---

asked Jun 13, 2016 by massimo.ibba (2.5k points)
2,181 questions
1,946 answers
5,391 comments
5,202 users