3

I am in the process of vetting Microsoft Lync Online for use within our organization. I have purchased 2 licenses for testing so far. We will only be using Lync Online Plan 2 and nothing else so we are using the Lync Basic client.

I installed, configured, and tested the 'Active Directory® synchronization' (DirSync) software and it seems to work fine. I followed this guide as a reference.

I am now able to log into (using AD credentials) the Microsoft Portal and download the Lync client for users that have a license associated with their account. I am not able to login using their AD credentials via the Lync Basic client. Any account I create in the 'cloud' and test works fine and I am able to login to the Lync Basic client.

I ran the Microsoft Remote Connectivity Analyzer for Lync and everything seems fine there. I also double checked synchronization between DirSync and Lync Online and changes are coming through.

The users I have tested do have the correct UPN (had to change from domain.local to our actual public domain domain.ca as mentioned in this guide.)

The error I am getting exactly is:

The username, password or domain appears to be incorrect. Ensure that you entered them correctly. If the problem continues, please contact your support team.

I have researched this error and found a Microsoft KB (KB2541980 - How to troubleshoot sign-in issues in Lync Online) and I am following the troubleshooting steps here and get to part 8. I do not have AD FS running on the domain so I am lost. Do I need AD FS? The guide I followed had no mention of it and I am able to login fine on the Microsoft Portal with AD credentials so why doesn't it work with the Lync Basic client?

qroberts
  • 285
  • 1
  • 4
  • 20
  • Are the cloud users that work the "onmicrosoft.com" ones or the same UPN of domain.ca? Does the lync client ask for your username on first run or simply pass the logged on credentials? I'm curious what would happen if you logged in to a machine with a local account and then launched lync, if it would prompt and allow typed credentials to work. – TheCleaner Oct 10 '13 at 13:30
  • Weirdest thing ever. I didn't change one setting other than run MOSDAL to try to do some diagnostics and the bloody thing actually lets me log in using AD credentials... To answer your question, the ones created in the cloud that work are using "mydomain.onmicrosoft.com" The client asks for credentials unless you save them. It will break down the login process into sign in address, username, password. – qroberts Oct 10 '13 at 13:40

1 Answers1

0

To answer your "Do I need AD FS" question:

In the past DirSync do not had a Password Sync option so you need AD FS for that. Since June 2013 (see announcement here) DirSync (Version 6411.0007 and higher) can synchronize passwords, so both options (DirSync and AD FS) could be used (depending on your requirements). Microsoft has a very good article here which explains the difference between DirSync and AD FS which might help you to understand, which would be the best option for your environment. But as you already have DirSync in place the best option for you might be to simply upgrade it to the latest version.

BastianW
  • 2,848
  • 4
  • 19
  • 34