When debugging your logging in OCS you see that everything is logged about how the client (in this case Microsoft Office Communicator 2007) is handshaking with the OCS server.
When the client is authenticating itself it can be by Kerberos (preferred) of NTLM authentication.
Maybe it's good to know before debugging your log files how these steps technically working.
Method 1. (Authenticating by Kerberos)
- 1. Client: REGISTER (unauthenticated) to OCS
- 2. 401 Unauthorized > response with NTLM/Kerberos (pingback from OCS server)
- 3. Client: REGISTER - kerberos response
- 4. Server: 200 OK - kerberos signature
Method 2. (Authenticating by NTLM)
- 1. Client: REGISTER (unauthenticated) to OCS
- 2. 401 Unauthorized > response with NTLM/Kerberos (pingback from OCS server)
- 3. Client: REGISTER - ask for NTLM challenge response
- 4. Server: 401 Unauthorized - challenge with NTLM
- 5. Client: REGISTER - NTLM response
- 6. Server: 200 OK - NTLM signature
Make sure that when the server has a REGISTER it can respond with different respond codes (categories).
Short summary:
301 Redirect - the server is telling the user which server is the home server (very efficient logon)
200 OK - the server is directly accepting the registration
403 Forbidden - in this case the SIP URI is already used in the organization and related to another user
404 Not Found - the client is not allowed log in because user URI does not exist
504 Server Timed-Out - indicates a network rounting problem of outage
Source: Microsoft Office Communications Server 2007 Resource Kit
No comments:
Post a Comment