Lync 2010 and EWS followup

This is a followup to this post.

Turns out that Outlook doesn’t really like autodiscover through SRV records and proceeds to ask the user for authentication when this happens. This is often not a desireable situation.

The other option seemed to be to add names for autodiscover.domain.com for each of the SMTP domains to the certificate on the CAS. We tried this as well, but in this configuration the Lync client started asking about trust of the server. A bit of searching led me to this post by Jens Trier Rasmussen that explains why.

I was not able to find any place to add trusted servers to Lyncs trusted server list, but for Outlook i could, so the solution was to revert to SRV records, and add this regkey to the machines:


Office 2007:
HKCUSoftwareMicrosoftOffice12.0OutlookAutoDiscoverRedirectServers

Office 2010:
HKCUSoftwareMicrosoftOffice14.0OutlookAutoDiscoverRedirectServers

add the CAS server FQDN as the value name of a key with value type REG_SZ and empty value data.

This tells Outlook to always trust this server.

2 thoughts on “Lync 2010 and EWS followup

  1. I may be wrong, but I think the registry key to make a certain server always trusted in Lync 2010 is as follows;

    HKEY_CURRENT_USERSoftwareMicrosoftCommunicator

    value name = TrustModelData
    value type = REG_SZ (String)
    value data = FQDN septrated by commans (eg “online.lync.com, outlook.com, lync.glbdns.microsoft.com” without the quotes)

  2. Hi

    I may also be wrong, but I think I read somewhere that this regkey isn’t possible to prepopulate. (I’ll try to find the source) Haven’t tested it though, so it might be something I’ll lab.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s