Log on to the Lync Server
Topic Last Modified: 2011-04-04
The device connects to the Registrar provided by DHCP, Domain Name System (DNS) or in-band provisioning. If this is the first time the device is connecting, the device uses the Registrar provided in DHCP or DNS.
After the device has successfully registered, the local cache is flushed so that no outdated records are used. From this point, the device uses the Registrar address provided to it by using in-band provisioning. The device keeps a record of the Registrar it has contacted successfully. If the device attempts a connection in this list again and it fails, the device stops that cycle and begins from scratch building a list of Registrars from DNS and DHCP.The device connects to the Registrar or Web Services in the following ordering:
- Internal DNS SRV (TLS) 
- DHCP address (TLS) 
- Internal DNS SRV (TCP) 
- DHCP address (TCP) 
- External DNS (TLS) 
- External DNS (TCP) 
If this is the first time the device is trying to connect (for example, during bootstrapping), no DNS values are available yet. After the device has successfully connected, the SRV record is cached by DNS for future use.
In order to provide resiliency in case of DHCP or DNS outages, the device does the following:
- Caches the last registered Registrar and Media Relay fully qualified domain names (FQDNs) for which registration has been successful. For internal devices this is the primary or backup Registrar cluster FQDN. For remote devices, this is the FQDN of the access proxy. 
- Caches the IP address(es) that the FQDN resolves to as DNS A records. In the case where a hardware load balancer sits between the device and the Registrar, this will be a single IP address. If you are using DNS load balancing, this means multiple IP addresses are used.. 
- Initiates discovery of Lync by using DNS SRV query and DHCP options. 
- If the DNS SRV query and the DHCP options for the Registrar fail, or the subsequent DNS resolution of the returned FQDN(s) fail, the device will use the last registered Registrar and A/V Edge Server FQDNs and cached IP addresses to connect to Lync Server. 
- Alternatively, if these are successful, the usual SIP registration process continues. 
- After successful registration, the device updates its cache to save the just-registered Registrar in the cache, and also caches the MediaRelay FQDNs and IP addresses. 
Unable to Log On to Lync Server
Issue: The user or device is unable to log on to Lync Server. This may indicate a sporadic network error, or an incorrect Registrar FQDN. The device displays a message similar to the following: "Unable to contact Registrar for authentication. Please sign in again."
Resolution: Run the following synthetic transaction at a Lync Server Management Shell command prompt:
test-CsClientAuth -UserSipAddress <SIP address> -UserCredential <user cred> -TargetFQDN
Note
If you want to use DHCP discovery, do not specify TargetFQDN. If you do not want to use DHCP, provide the destination FQDN into the synthetic transaction and DHCP discovery will be bypassed. The output shows you at what point authentication failed (for example, the DHCP discovery message might not receive a response). Follow the directions in the transaction output to resolve the problem.
If the destination Registrar FQDN cannot be discovered, this indicates a problem with DNS or DHCP configuration and the preceding transaction will fail. After these issues have been resolved, logon should succeed.If the transaction succeeds, have the user log on again. This time the user should be able to log on to Lync and see his presence status update and the Contacts list downloaded to the device.