This brief article walks through some common steps which can be used to locate the Fully Qualified Domain Name (FQDN) of a Lync or Skype for Business registrar from either on-premises or online environments. (This content was originally to be part of another article but was split into a separate post for easier reference.)
This can be used as a reference for other articles on this site as a common step performed when troubleshooting device registrations to Skype for Business is to manually configure the endpoint. To do this one must know the proper FQDN of the desired Microsoft SIP registrar. Not all of the natively interoperable voice and video solutions supported with Lync and Skype for Business today leverage the newer Lyncdiscover web service model and may still need to automatically discover the SIP registrar directly. The configuration that supports these is still used by most clients but was the only available method supported in legacy clients like Lync 2010 and devices like Lync Phone Edition.
On-Premises and Hybrid Deployments
This section focuses on Lync Server and Skype for Business Server deployments where on-premises Front End pools and Edge Server pools are deployed. Some of these environments may also be configured in the Hybrid model with a split-domain configuration connected to an Office 365 tenant. Either way there are multiple potential registrars that client would be directed to connect to depending on the client’s network location at the time, as well as VPN connectivity is applicable.
DNS Resolution
The Lync/SfB registrar pool FQDN will be needed for the desired user account . The following steps can be used to validate if the appropriate DNS records exists for the SIP domain to support legacy discovery processes.
- From a internal workstation located inside the corporate network use the Command Prompt or PowerShell to enter the following nslookup commands to search for any Service, Host, or Alias records specifically pointing to an internal registrar (e.g. Front End Pool).
PS C:\> nslookup -q=srv _sipinternaltls._tcp.jdskype.net
Server: dc.jdskype.net
Address: 192.168.1.100Non-authoritative answer:
_sipinternaltls._tcp.jdskype.net SRV service location:
priority = 0
weight = 0
port = 5061
svr hostname = fepool.jdskype.comfepool.jdskype.com internet address = 192.168.1.102
fepool.jdskype.com internet address = 192.168.1.103
fepool.jdskype.com internet address = 192.168.1.104
PS C:\> nslookup sipinternal.jdskype.net
Server: dc.jdskype.net
Address: 192.168.1.100Non-authoritative answer:
Name: fepool.jdskype.com
Addresses: 192.168.1.102
192.168.1.103
192.168.1.104
Aliases: sipinternal.jdskype.com
PS C:\> nslookup sip.jdskype.net
Server: dc.jdskype.net
Address: 192.168.1.100Non-authoritative answer:
Name: fepool.jdskype.com
Addresses: 192.168.1.102
192.168.1.103
192.168.1.104
Aliases: sip.jdskype.com
- From an external workstation located outside the internal network use these nslookup commands to search for any Service, Host, or Alias records specifically pointing to an external registrar (e.g. Edge Pool).
PS C:\> nslookup -q=srv _sip._tls.jdskype.net
Server: google-public-dns-a.google.com
Address: 8.8.8.8Non-authoritative answer:
_sip._tls.jdskype.net SRV service location:
priority = 10
weight = 100
port = 443
svr hostname = sip.jdskype.com
PS C:\> nslookup sipexternal.jdskype.net
Server: google-public-dns-a.google.com
Address: 8.8.8.8Non-authoritative answer:
Name: sip.jdskype.net
Addresses: 140.242.5.104
140.242.5.107
PS C:\> nslookup sip.jdskype.net
Server: google-public-dns-a.google.com
Address: 8.8.8.8Non-authoritative answer:
Name: sip.jdskype.net
Addresses: 140.242.5.104
140.242.5.107
Note that not all of these records will typically return results. The sipinternal and sipexternal records are rarely used, but the basic sip record is commonly configured internally for legacy devices as is often added during the server certificate creation. It is also very commonly used as the external Edge FQDN for external clients and federation.
If none of the lookups performed above are successful then the environment being used has not been configured to support any of the legacy autodiscovery lookup records, which is not entirely uncommon these days. At this point a specific registrar name can be found using the desktop client instead.
Client Information
- Sign in to a Windows Lync or Skype for Business client. After the client has completed the sign in process hold down the the CTRL key and right-click the client icon in the System Tray.
- Select the now-visible Configuration Information menu item.
![image_thumb[1]](http://blog.schertz.name/wp-content/uploads/2017/04/image_thumb1.png "image_thumb[1]")
- Look for the Skype for Business Server entry and take note of the FQDN displayed.
The following example shows an internally connected client as denoted by an Inside User Status value of TRUE. The connected Skype for Business Server is displayed as the internal Front End pool FQDN (e.g. fepool.jdskype.net).
![image_thumb[12]](http://blog.schertz.name/wp-content/uploads/2017/04/image_thumb12.png "image_thumb[12]")
Be aware that in some instances this may instead display the user’s specific home server FQDN instead of the entire pool FQDN (which is shown in the example above) when registered to an internal Front End pool. In multiple server pools the use of an individual server FQDN to manually register a device or client would not allow for any High Availability redundancy, so make sure to keep in mind that while this approach is fine for testing it is best to retrieve the pool FQDN from the IT administrator if it cannot easily be located programmatically. (In deployments leveraging Standard Edition Front End Servers then this is moot.)
This second example is from an externally connected client as denoted by an Inside User Status value of FALSE. The connected Skype for Business Server is displayed as the external Edge pool FQDN (e.g. sip.jdskype.net).
![image_thumb[9]](http://blog.schertz.name/wp-content/uploads/2017/04/image_thumb9.png "image_thumb[9]")
When registered to an Edge pool the actual home Front End server FQDN is not shown and only the external Edge FQDN is displayed. Thus for external registration this value is perfectly fine for production use as it does not circumvent any High Availability capabilities which may be provided by the external pool.
Skype for Business Online
This section applies only to pure Skype for Business Online tenants where there are no on-premises Skype for Business servers deployed.
For all users hosted on Skype for Business Online there is a single defined FQDN
- From any workstation use these nslookup commands to search for the Service and Host/Alias records which point directly to the Skype for Business Online pools in Office 365.
PS C:\> nslookup -q=srv _sip._tls.jdskype.net
Server: google-public-dns-a.google.com
Address: 8.8.8.8Non-authoritative answer:
_sip._tls.jdskype.net SRV service location:
priority = 100
weight = 1
port = 443
svr hostname = sipdir.online.lync.com
PS C:\> nslookup sipexternal.jdskype.net
Server: google-public-dns-a.google.com
Address: 8.8.8.8Non-authoritative answer:
Name: sipdir.online.lync.com
Address: 52.112.66.148
Aliases: sip.jdskype.net
This process shows the common sipdir.online.lync.com FQDN used for all registration attempts to Skype for Business Online. This single FQDN should be used be all devices or client connecting to a Skype for Business Online account from any location. Leveraging this FQDN insures the best connectivity.
Alternatively the Skype for Business Configuration Information can be reviewed using the process shown in the previous section. Because the sipdir.online.lync.com FQDN is simply a geographically balanced DNS record the actual server name shown will be that of whichever registrar pool the user’s account is homed on.
Hey Jeff,
It was great meeting you at InfoComm this year and Thank you again for all the great information you’ve provided me. I have another question, I’m trying to create internal instructions and I was wondering how you captured the Group Series with the Skype Mode UI enabled splash screen on the touch panel?
Jarret, you can connect to the IP address of the RealPresence Touch Panel using a web browser and then access an image of the current screen on the touch panel.
Hi Jeff ,
i cannot access skype for bussiness 2019 control panel
it gives an error of Navigation the webpage was canceled
Hi Jeff
These are great tips. Thanks.
I´m trying to register a Trio unsing an user homed in SfB online in a split domain hybrid configuration.
It´s not working. I´m using sip URI and domain+user credentials.
Before I try to manually register I´d like to check one thing…
In this case, homed online but hybrid, the Trio must have the local CA installed ?
Thanks
I’m not positive as I haven’t tested that scenario lately. Would depend on when the redirection happens (pre or post TLS negotiation). I would assume it will need the certificate chain used on any internal services.
Jeff –
I’m running into a similar issue. I’ve been trying to login to a RealPresence Trio 8800 with both an ‘On Prem’ and ‘Online’ account, and have failed each time. I can however login with an account that is homed completely in the cloud user@xxx.onmicrosoft.com as well as my account that is completely in the cloud chris.krafcky@krafcky.com. I’ve ran wireshark traces for both the successful attempts and the failed attempts. I’ve even collected logs via the CLS logging service, but can’t seem to pin point exactly what I could be missing. I’ve ran through all of your tests above, and everything seems to come back as it should. Any advice would be helpful.
Chris
You may need to disable autodiscover and manually point the phone to where the desired account is homed. The phone may not yet be compatible with the specific configuration you have in your Hybrid environment.
Hi All,
I have skype for business, 2 edge server, 1 reverse proxy, 2 directors. Internally I can connect well using computers and cell phones, but from outside I can only connect using computers, cell phones do not connect, what could it be?
thank you.
That likely points to a problem with your Reverse Proxy configuration as the mobile clients can only connect using HTTPS externally (not SIP). Also it could be a certificate trust issue if the mobile devices are unmanaged.
Jeff,
thank you!
This is super useful.
Cheers
Hi Jeff,
I have a customer with Sfb On prem and exchange online. We have deployed Crestron Flex. The calendar meetings show up on the touch panel and I can join them, If I cancel the first meeting I can no longer join the second meeting or any subsequent meetings until I remove the network patch lead and plug it back in. This isn’t a problem if the Crestron Flex unit is off the network and connected to the internet via 4G modem.
Any ideas on this one? Your comments will be greatly appreciated.
Hi
I have problem with login failure for skype for business mobility users when we have active directory log on to limitation, which log on to computers needed for these users to have success login for mobility users?
thanks
We have Sfb On prem and exchange online
i have 3 issues
missed call notification in sfb2015 not showing
EWS not fully initialize
inside user status – true
Please advice troubleshooting steps to fix this issue.