SOLVED

Lost OWA integration after renewing OAuth certificate

%3CLINGO-SUB%20id%3D%22lingo-sub-1435578%22%20slang%3D%22de-DE%22%3ELost%20OWA%20integration%20after%20renewing%20OAuth%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1435578%22%20slang%3D%22de-DE%22%3E%3CP%3EHello%3C%2FP%3E%3CP%3EI%20have%20lost%20my%20SfB%20OWA%20integration%20(%22online%20meeting%22%20-%20Icon%20and%20presence%20status)%20in%20the%20on%20prem%20environment%20(SfB%202015%2C%20Exchange%202013)%20after%20the%20OAuth%20Cert%20on%20Exchange%20side%20was%20expired.%3C%2FP%3E%3CP%3EI%20instantly%20renewed%20it%20via%20ECP%20but%20still%20no%20OWA%20integration.%3C%2FP%3E%3CP%3EEven%20creating%20a%20new%20one%20via%20powershell%20and%20authorizing%20it%20did%20not%20the%20trick.%3C%2FP%3E%3CP%3EChecked%20OAuth%20on%20Skype%20side%3A%3C%2FP%3E%3CP%3Eget-CsOAuthConfiguration%20%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20Identity%20%3A%20Global%20%3CBR%20%2F%3E%20PartnerApplications%20%3A%20.name%3Dexchange%3B%20ApplicationIdentifier%3D0%20%3CBR%20%2F%3E%200000002-0000-0ff1-ce00-00000000000%3B%20Re%20%3CBR%20%2F%3E%20alm%3Dcontoso.com%3B%20ApplicationTrustLevel%20%3CBR%20%2F%3E%20%3DFull%3B%20AcceptSecurityIdentifierInformat%20%3CBR%20%2F%3E%20ion%3DFalse%3B%20Enabled%3DTrue'%20%3CBR%20%2F%3E%20OAuthServers%20%3A%20%3CBR%20%2F%3E%20Realm%20%3A%20%3CBR%20%2F%3E%20ServiceName%20%3A%2000000004-0000-0ff1-ce00-0000000000ClientAuthorizationOAuthServerIdentity%20%3CBR%20%2F%3E%20%3A%20%3CBR%20%2F%3E%20ExchangeAutodiscoverUrl%20%3A%20%3CA%20href%3D%22https%3A%2F%2Fautodiscover.contoso.com%2FAuto%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fautodiscover.contoso.com%2FAuto%3C%2FA%3E%20%3CBR%20%2F%3E%20discover%2FAutodiscover.svc%20%3CBR%20%2F%3E%20ExchangeAutodiscoverAllowedDomains%20%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EChecked%20connectivity%20on%20Exchange%20side%3A%3C%2FP%3E%3CP%3E%3CSPAN%3ETest-CsExStorageConnectivity%20-SipUri%20%22sip%3Ajeff%40contoso.com%22%20-Verbose%3C%2FSPAN%3E%3C%2FP%3E%3CP%3Eand%20it%20passes%20that%20test.%20I%20am%20wondering%20that%20SfB%20integration%20in%20Outlook%202016%20on%20MAC%20(!)%20is%20not%20broken%20although%20this%20is%20doing%20only%20https%20as%20well.%20(On%20PC%20everything%20is%20fine%2C%20too).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20ideas%20on%20this%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1435578%22%20slang%3D%22de-DE%22%3E%3CLINGO-LABEL%3EInstant%20Messaging%20%26amp%3B%20Presence%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1435714%22%20slang%3D%22de-DE%22%3ESubject%3A%20Lost%20OWA%20integration%20after%20renewing%20OAuth%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1435714%22%20slang%3D%22de-DE%22%3E%3CP%3EFixed%20by%20myself.%3C%2FP%3E%3CP%3EOn%20Skype%20Server%3A%3C%2FP%3E%3CP%3EGet-CsCertificate%20-Type%20OAuthTokenIssuer%3C%2FP%3E%3CP%3Eexported%20this%20cert%20via%20MMC%20and%20imported%20it%20into%20all%20Exchange%20servers%20in%20the%20DAG.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
New Contributor

Hello,

I have lost my SfB OWA integration ("online meeting" - Icon and presence status) in the on prem environment (SfB 2015, Exchange 2013) after the OAuth Cert on Exchange side was expired.

I instantly renewed it via ECP but still no OWA integration.

Even creating a new one via powershell and authorizing it did not the trick.

Checked OAuth on Skype side:

get-CsOAuthConfiguration

Identity                               : Global
PartnerApplications                    : {Name=Exchange;ApplicationIdentifier=0
                                         0000002-0000-0ff1-ce00-000000000000;Re
                                         alm=contoso.com;ApplicationTrustLevel
                                         =Full;AcceptSecurityIdentifierInformat
                                         ion=False;Enabled=True}
OAuthServers                           : {}
Realm                                  :
ServiceName                            : 00000004-0000-0ff1-ce00-000000000000
ClientAuthorizationOAuthServerIdentity :
ExchangeAutodiscoverUrl                : https://autodiscover.contoso.com/Auto
                                         discover/Autodiscover.svc
ExchangeAutodiscoverAllowedDomains     :

 

Checked connectivity on Exchange side:

Test-CsExStorageConnectivity -SipUri "sip:jeff@contoso.com" -Verbose

and it passes that test. I am wondering that SfB integration in Outlook 2016 on MAC (!) is not broken although this is doing only https as well. (On PC everything is fine, too).

 

Any ideas on this?

 

 

1 Reply
Highlighted
Solution

Fixed by myself.

On Skype-Server:

Get-CsCertificate -Type OAuthTokenIssuer

exported this cert via MMC and imported it into all Exchange servers in the DAG.