Messaging with Communications

Options
Search Blogs
Tags
Archive
Archives

Lync and Intermittent AOL PIC Issues

TechNet Blogs » Messaging with Communications » Lync and Intermittent AOL PIC Issues

Lync and Intermittent AOL PIC Issues

Joe Schaeffer MSFT Joe Schaeffer MSFT
27 Sep 2011 11:07 AM
  • Comments 3
  • Likes

Background

On of the features of the Communications Server product going all the way back to Live Communications Server 2005, is Public IM Connectivity (PIC).  This feature allows you to setup connectivity between Communication Server and three of the largest public IM providers (Windows Live/MSN, AOL, and Yahoo).

The Issue

You implement Lync, including the Access Edge server, and setup PIC to AOL, Windows Live and/or Yahoo.  PIC is working fine with Windows Live and/or Yahoo, but you're seeing intermittent issues with AOL.   Sometimes the IMs go through to the AOL users but seem to take a long time to actually go.  IMs from AOL users to your Lync users seem to go through faster than from Lync to AOL, but sometimes they don't get through at all (the AOL user may get an "Unable to send IM (error 408)" on their clients..

This may be caused due to the Cipher Suite order used by the Windows OS on your Access Edge server when communicating with AOL's servers.  Scott Oseychik posted a blog entry a couple years ago about this effecting OCS 2007 R2 on Windows 2008.  This same issue also effects Lync 2010 whether its on Windows 2008 or Windows 2008 R2.

The Solution

In order to resolve this, you need to change the Cipher Suite order used by Windows such that TLS RSA with RC4 128 MD5 is tried first.

In order to change the Cipher Suite order, do the following on your Access Edge server:

  1. Launch the Group Policy Object Editor using: Start --> Run -> gpedit.msc
  2. Within the Group Policy Object Editor, traverse down to; Computer Configuration --> Administrative Templates --> Network --> SSL Configuration
  3. Click on SSL Configuration, and then double-click on SSL Cipher Suite Order (by default, the SSL Cipher Suite Order is set to "Not Configured")
  4. Select the “Enabled” radio button, and in the in the SSL Cipher Suites text box, copy the entire string into Notepad.
  5. Find  TLS_RSA_WITH_RC4_128_MD5, in the list and cut and paste it to the first item in the list.  (Be sure to take the trailing comma with it so you don't end up with a ",," in the list)
  6. Paste the newly-formatted string back into the text field in the GPO Editor, click OK
  7. Restart (reboot) the Lync Access Edge server for these changes to take effect.

Please note, there are other possible things that may cause PIC issues between Lync and AOL (as well as Windows Live and/or Yahoo). 

Comments
Comments
  • Anonymous Sandeep
    30 Sep 2011 6:22 PM

    Just wanted to let everybody know that we need to follow the following article

    blogs.technet.com/.../ocs-2007-r2-pic-with-aol-on-windows-2008-r2.aspx

    in case you are using Windows 2008 R2 witt/without sp1. Since GP editor is not allowing more than 1023 characters. Wanted to save everybody's time  :)

  • Anonymous PWILEY
    4 Nov 2011 4:09 PM

    Awesome link.  This was my problem and you nailed it!

  • Anonymous cihlamar
    21 Feb 2014 5:59 PM

    Nice article, this helped us to resolve long term issue with federation between Lync and AOL.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment