OCS/LCS suddenly appears unlicensed when KB974571 is applied

14 October 2009 Brian-Ricks

A current issue with a Microsoft patch has been discovered (and currently blogged about in numerous locations). In short, if security update KB974571 is installed on your OCS/LCS servers to believe they are expired evals. Removing the hotfix resolves the problem but then, of course, leaves the security vulnerability open. As can be expected, Microsoft is working to correct the issue ASAP.

Issue

OCS/LCS reports it is running as an evaluation and has expired when in fact it has not (volume or retail media was used).

Cause

Installation of Security Hotfix KB974571 released 10/13/2009.

Resolution

Uninstall Security Hotfix KB974571 from the OCS/LCS servers.

Additional References

http://communicationsserverteam.com/archive/2009/10/14/632.aspx
http://blogs.technet.com/dodeitte/archive/2009/10/13/do-not-apply-kb974571-to-lcs-ocs-servers.aspx
http://jasonshave.blogspot.com/2009/10/warning-about-kb974571-and-event-id.html
http://projectdream.org/wordpress/2009/10/13/kb974571-crypto-api-update-may-break-office-communications-server-2007-r2-installations/

AOL PIC Users Fail / Presence Unknown

06 April 2009 Brian-Ricks

As all are aware Office Communication Server 2007 R2 was recently released and with it the ability to run the various code on Windows Server 2008 64bit. Everything appears to run/work correctly with the exception of AOL users via the PIC.

Symptoms:

  • AOL Users' Presence is Inaccurate; it may show on-line, unavailable, or presence unknown
  • A message invite may be received from an AOL user but no information is ever received
  • Attempting to respond to an AOL user or start a conversation with an AOL user will fail

The fix was discovered by Microsoft Senior Escalation Engineer Scott Oseychik among others and is documented at:

http://blogs.msdn.com/scottos/archive/2009/04/03/resolved-ocs-2007-r2-pic-fails-against-aol.aspx

The fix: in short you must modify the local security policy on the 2008 Edge server rearranging the TLS authentication methods. It is important to note that this fix and the issue do not apply if you have the OCS 2007 R2 bits installed on a Windows Server 2003 64-bit.