For some users in OWA the SFB meeting button is not working

  • Article

I recently worked on an issue that was somewhat confusing. The Skype for Business button was missing for some users. Not all users just some.

We were not able to narrow this down to just one user, one site or even one pool. It made for a fun time trying to troubleshoot where the issue was occurring. IM and presence were working just fine in OWA too!!

So what did we find? So we started troubleshooting this one as you would any other case with the OWA button. We verified OAuth (even though it worked for some users). We ran and verified the Test-Csexchangeconnectivity this all came back clean for the user. We ruled out the machine by logging in elsewhere, inside and outside the org. We collected Fiddler traces. This opened up a jumping point for us to troubleshoot.

The working user we could see the line "IsUcwaSupported":true as seen below. In a non-working user replace true with false.

Searching on Lyncdiscover also showed us the following:

{"SipUri":"sip:user@uk2us88.com.com","IsUcwaSupported":false,"DiagnosticInfo":"AnonymousAutodiscover_Exception_NoInnerException_Both http and https anonymous autodiscover requests failed with errors ('https://lyncdiscover.uk2us88.com.com/?sipuri=sip:user@uk2us88.com.com', 'https://lyncdiscover.uk2us88.com/?sipuri=sip:user@uk2us88.com.com')"}
","IsUcwaSupported":false,"

Finally something to use in logging. I then setup CLSlogging and captured on UCWA and WebInfra. Searching on my user(s)  I was surprised to learn that in a non-working scenario there were no hits for the user. However, for the working user we were able to find the following when I put the output into snooper:

As you can see after searching on the AutoD from the CLS logs from a working user  I can see the flow of the request. What we are looking for here is the response back from Autod (Exchange)  "Authorization: Bearer XXXX." Then we see the various 200's and we are authenticated. IF you do not see this more than likely you are also getting the above error about AnonymousAutodiscover.

In a non working this would not show as we are not able to capture logging from a Skype perspective.

At this point we need OWA logs from Exchange:

After working with the OWA team more so just to see if we could resolve https://lyncdiscover.uk2us88.com we found that for the same user was only able to resolve the url on a few servers. We found that the servers that we could not resolve were on different subnets versus the ones we could resolve. As we dug further into this we discovered that this appeared to be an Express Route/Firewall issue.

While we were using Express Route to cover all the Subnets for 0365 this appeared to affect the way the Oauth path/token worked. For the subnets that we had added outside the Express Route this worked perfectly. So we reached out to the Firewall team. After some discussions we pulled out the way the subnets were setup and entered them in outside the Express Route. After we did this we were able to create Skype For Business Meetings inside OWA.