Lync 2013 Windows Phone client - Unable to sign-in. Request failed with the WININET errorCode (UcwaAutoDiscoveryRequest)

Question

Summary:

Windows Phone Lync 2013 client unable to login to Lync Server 2013. But other device iOS, Android, Windows desktop client all fine.

In detail:

• We have a client with Lync Server 2013 deployed.
• We are using the full Enterprise Voice functionality with mobility.
• We have a Server 2012 R2 ARR IIS Reverse Proxy in place.
• We have Lync Servr 2013 deployed on Windows Server 2012 R2 instances.
• External SSL's purchased from GeoTrust.

There is a mobility issue affecting Windows Phone Lync 2013 client users. WP users of the Lync 2013 client app 4.X and greater are unable to sign in with error:

ERROR UTILITIES CHttpConnection.cpp/1117:Request failed with the WININET errorCode (UcwaAutoDiscoveryRequest): -2146697211

When we complete the Lync Connectivity Analyser via https://testconnectivity.microsoft.com/, we get all green and all is working.

Any help in the right direction would be appreciated.

The only thing I'm yet to try is export the SSL from the FE pool and manually install on the WP client.

Answer 1

(sorry for the late reply)

The after troubleshooting the issue we found that the following two items contributed to the problem. When both of these two items were resolved, Windows Phone and Android Phone Lync 2013 client were able to login.

Resolved problem 1: SSL certificate
The SSL certificate that was used on the Reverse Proxy was a wildcard certificate with SHA1 encryption. Recently another memory of the clients IT team had changed the SSL to a newer certificate with SHA256 encryption. As the SSL was used for web services, in addition to Lync, it was not made known to me about the change. The SSL itself was revoked and thus was not allowing authentication. Updating the SSL with the correct and valid new wildcard partially resolved the issue.

Resolved problem 2: Port config error
While this doesnt affect remote connectivity directly, as users authenticate over HTTPS/443, port HTTP/80 was redirected off the Reverse Proxy. We found this had also been done without proper change management/control via simple user error.


The SSL was the main culprit, so always ensure that SSL certificates are correct and valid!