Lync Client: Certificate Authentication Problem
Lync cannot verify that the server is trusted for your sign-in address. Connect anyway?
Lync kann nicht überprüfen, ob der Server für Ihre Anmeldeadresse vertrauenswürdich ist. Trotzdem verbinden?
Lync Client 2013 has an additional safety check implemented.
This verify the users SIP Domain with the FQDN of Lync server where the user tries to connect with.
In the most customer environments, the SIP domain is different from the Active Directory domain. It usual and normal. Possible the SIP domain will match the SMTP domain, so user can easily experience Unified Communication, and the communication addresses are the identically.
If you are in an lager enterprise, it's quiet a hassle if all users would have to click the acknowledgement. We need a solution!
How to solve this problem, there are two methods
A manual way and a GPO based solution.
If you are adjusting the Lync Client manually, you have to navigate to:
here you need to modify or add the "new String Value" TrustModelData
in this key, you need to add the server listed in the warning.
the second method by using the group policy:
add the registry settings in, e.g. the default domain policy or a dedicated client policy.
(possible: you implement the Office 2013 Administrative Template)
TechNet German: http://support.microsoft.com/kb/2833618/de
TechNet English: http://support.microsoft.com/kb/2833618/en-us
Office 2013 ADMX: http://www.microsoft.com/en-us/download/details.aspx?id=35554
Author: Thomas Pött Managing Consultant Microsoft UC