No federation with specific domains

A customer of mine had this strange problem; they could not federate with two of their partners. All others were working just fine, whereas these two only gave the infamous “presence unknown” status. They even got confirmed that others could federate with these domains too, just not them.

I remembered from a previous event that Windows Server 2008 R2 root certs in some cases may be corrupted, so this was my primary suspect.

Looking into the matter I utilised one of my favorite tools troubleshooting such issues, the Remote UC Troubleshooter​ (RUCT). Using it I downloaded the remote end (Edge) certificate, installed it on my customer’s Edge server and verified the certificate chain, i.e.: That the Edge of my customer trusted the remote Edge.

RUCTThe RUCT is quite geniuos for these matters, making it really simple to verify certificate issues as well as DNS info – the most common error sources.

After verifiying that cert seemed ok at my customer’s side, I asked them to tell their federation partner to do the same, even attaching the cert from my customer’s Edge in an email.

Strangely, after they had checked their end “it just started to work”…I have my thoughts on the matter, but most important here is how to check these matters in an easy way.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s