Lync Online Client Authentication Explained

Posted on

lync-online_h_rgb  For Lync Online Users and Administrators, you have found that your Session Initiation Protocol (SIP) sign-in address is required, such as user@contoso.com along with login information which is typically the same User Principal Name (UPN) Fully Qualified Domain Name (FQDN), such as user@contoso.com along with password.  What many users and administrators don know is that during this login process by the Lync Client, the Lync Online Service generates and gives the logged on user an online end-user personal certificate, which is used as part of the authentication and connection process.

Note – This end-user certificate can be found within IE –> Tools –> Content –> Certificates –> Personal location.  This certificate has a 180 day expiration and is required as part of the connection and authentication process.  Any Online/On-Premises administrators who run a “tight ship” in regards to whether users can be granted personal certificates, need to keep this online certificate requirement in mind and not block this process, otherwise the Lync client will not be able to login to the Lync Online Services.

Login & Connection Requirements

  1. Sip Login Name
    1. i.e. user@contoso.com
  2. Username & Password
    1. User: i.e. user@contoso.com
    2. Pass: password
  3. Ability to download and use the online user personal certificate
    1. Found in the following location, with a TTL (Time to Live) of 180 days
      1. IE –> Tools –> Content –> Certificates –> Personal

Whatcha thinkin?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s