14 May 2012
One of our clients was having serious problems with installing and getting Microsoft Lync to work. The previous Support organisation spent a couple of months on the problem and gave up, but the user never gave up.
When we took on the contract to provide support, our support technicians could get the accounts to work outside the customers environment, and intermittently at the customers site.
- Web Proxying
After working with every possible iteration of installing, uninstalling, configuring the software, using separate desktops, different versions of Windows.
Suggestions were made that the problem was with the web proxy deployed at the customer site, but we had success at other sites with proxies, and the software was failing login even when bypassing the proxy.
Again, the problem only occured at the client site.
Suggestions abound in a corporate environment, that whenever an Internet service fails it's something to do with the Firewalls.
To validate the user assumptions, special rules were inserted to allow the clients full, unfettered access to the Internet.
Still no success. Again, other sides have both proxies and firewalls restricting Internet access (except via the proxies) and they work fine.
Where to go after the basics clearly show something is broken, but not what?
A packet trace shows the connection query from the client going out and then no further connection attempts?
Turns out the DNS A record for the service hosting for Microsoft Lync (a Hosted Service for the client) didn't exist, so the client stopped processing at some point because it couldn't find a place to connect to (our guesstimate at this time.)
Manually insert a DNS record for the external site, on our DNS server, and magically the Lync client connects.
Wow, amazing how many things depend on DNS, and how even large companies with large budgets can screw it up. The sad irony is that the client is a reseller for the big ISP that hosts Microsoft Lync services, and it was that ISPs DNS server that was screwed. The ISPs DNS records for their resellers are apparently not responding with the same records as for external users.
Remember your network kung-fu.