Lync and Intermittent AOL PIC Issues

  • Article

Background

On of the features of the Communications Server product going all the way back to Live Communications Server 2005, is Public IM Connectivity (PIC). This feature allows you to setup connectivity between Communication Server and three of the largest public IM providers (Windows Live/MSN, AOL, and Yahoo).

The Issue

You implement Lync, including the Access Edge server, and setup PIC to AOL, Windows Live and/or Yahoo. PIC is working fine with Windows Live and/or Yahoo, but you're seeing intermittent issues with AOL. Sometimes the IMs go through to the AOL users but seem to take a long time to actually go. IMs from AOL users to your Lync users seem to go through faster than from Lync to AOL, but sometimes they don't get through at all (the AOL user may get an "Unable to send IM (error 408)" on their clients..

This may be caused due to the Cipher Suite order used by the Windows OS on your Access Edge server when communicating with AOL's servers.  Scott Oseychik posted a blog entry a couple years ago about this effecting OCS 2007 R2 on Windows 2008. This same issue also effects Lync 2010 whether its on Windows 2008 or Windows 2008 R2.

The Solution

In order to resolve this, you need to change the Cipher Suite order used by Windows such that TLS RSA with RC4 128 MD5 is tried first.

In order to change the Cipher Suite order, do the following on your Access Edge server:

  1. Launch the Group Policy Object Editor using: Start --> Run -> gpedit.msc
  2. Within the Group Policy Object Editor, traverse down to; Computer Configuration --> Administrative Templates --> Network --> SSL Configuration
  3. Click on SSL Configuration, and then double-click on SSL Cipher Suite Order (by default, the SSL Cipher Suite Order is set to "Not Configured")
  4. Select the “Enabled” radio button, and in the in the SSL Cipher Suites text box, copy the entire string into Notepad.
  5. Find TLS_RSA_WITH_RC4_128_MD5, in the list and cut and paste it to the first item in the list. (Be sure to take the trailing comma with it so you don't end up with a ",," in the list)
  6. Paste the newly-formatted string back into the text field in the GPO Editor, click OK
  7. Restart (reboot) the Lync Access Edge server for these changes to take effect.

Please note, there are other possible things that may cause PIC issues between Lync and AOL (as well as Windows Live and/or Yahoo).