Forum Discussion
Skype for Business messaging skype user due to 'company policy'
We had the same error after we have enabled external users in Skype for Business. One has to setup proper DNS settings on a domain for this to work. DNS records needed (for this and other stuff like email (MX, spf), MDM, etc.) can be found in Admin Center > Setup > Domains > click on your default domain > Export into CSV or zone file. I can't say which record exactly was responsible for this, but you will need all of them eventually.
wroot The trick to resolving this issue is making sure your own edge server(s) can resolve your own _sipfederationtls._tcp.domain.com SRV record, which is necessary for your Edge to Federate with another edge for MTLS.
In other words, your Edge server must be able to correctly resolved its own SRV record, plus the SRV record of the other sip domain you wish to federate with. Nslookup is your friend. People do funny things with DNS settings on Edge servers, sometimes pointing to internal for resolution, which means you need to add the Federation SRV to your internal DNS.
You might also be finding in your Skype4b Monitoring Reports Diagnostic ID warnings for 1008, and in the report Detail find the following:
1008; reason="Unable to resolve DNS SRV record"; domain="yourdomain.com"; dns-srv-result="NegativeResult"; dns-source="InternalCache"; source="sip.yourdomain.com"