No connectivity with any of Web Conferencing Edge Servers. External Skype for Business clients cannot use Web Conferencing modality.

twitterlinkedinmail

Environment:

Skype for Business Server 2015 Enterprise Pool

Issue:

After recent patches we started seeing errors on the Front-End Servers stating:

No connectivity with any of Web Conferencing Edge Servers. External Skype for Business clients cannot use Web Conferencing modality.

Cause: Service may be unavailable or Network connectivity may have been compromised.
Resolution:
Verify all Web Conferencing Edge Services in the topology are running, and network connectivity is available.

 

Resolution:

We first found out what updates that were applied on all the servers, they were:

Caption                                                             CSName  HotFixID      InstalledOn
http://support.microsoft.com/?kbid=4014581 SERVER1 KB4014581 5/20/2017
http://support.microsoft.com/?kbid=4014595 SERVER1 KB4014595 5/20/2017
http://support.microsoft.com/?kbid=4018271 SERVER1 KB4018271 5/20/2017
http://support.microsoft.com/?kbid=4019213 SERVER1 KB4019213 5/20/2017

We found that the updates are related to .Net 4.6 when the services are utilizing certificates as authentications, there is an issue with the Web Conferencing service accessing the certificate requiring both Client and Server Authentication in the Enhanced Key Usage (EKU) extension of the certificate , so there are a couple of workarounds to bring the communication backup and running.

Option 1 :is to exclude the Web Conferencing Service from this .Net requirement, you must perform the below on all Skype for Business 2015 or Lync Server 2013 Front-end and Edge Servers.

  1. Open a command prompt as administrator
  2. Copy and paste the below registry key that applies to your server, be sure to change the path for the directory if you installed on another drive.
  3. Restart the Skype for Business Server Web Conferencing Service

Skype for Business Server 2015:

Reg ADD HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319\System.Net.ServicePointManager.RequireCertificateEKUs /v “C:\Program Files\Skype for Business Server 2015\Web Conferencing\DataMCUSvc.exe” /t REG_DWORD /d 0 /f

Lync Server 2013:

Reg ADD HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319\System.Net.ServicePointManager.RequireCertificateEKUs /v “C:\Program Files\Microsoft Lync Server 2013\Web Conferencing\DataMCUSvc.exe” /t REG_DWORD /d 0 /f

Option 2: is to exclude the entire server from this .Net requirement, you must perform the below on all Skype for Business 2015 or Lync Server 2013 Front-end and Edge Servers

  1. Open a command prompt as administrator
  2. Copy and paste the below registry key
  3. Restart the Lync Server 2013 Web Conferencing Service

Reg ADD HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\v4.0.30319 /v RequireCertificateEKUs /t REG_DWORD /d 0

Microsoft has released an office response to the issue located here:

https://support.microsoft.com/en-ph/help/4023993/ls-data-mcu-events-41025-and-41026-are-constantly-generated-after-you-

twitterlinkedinmail

Leave a Reply

Your email address will not be published. Required fields are marked *

*