This is a quick post notice since I’m still trying to analyse the cause, and more Engineers are reporting the same issue.
After you install the latest Windows May2017 updates, Skype for Business 2015 will start reporting the following errors:
- External Users reported that couldn’t use WhiteBoard, Polls, Q&A or present PowerPoint with the following errors messages:
We can’t connect to the server for sharing right now.
Network issues are keeping you from sharing notes and presenting whiteboards, polls and uploaded PowerPoint files.
- Front-end servers: (Event ID 41026/41025) “No connectivity with any of Web Conferencing Edge Server, External Skype for Business clients cannot use Web Conferencing modality”
- Edge servers : “Web Conferencing Server connection failed to establishOver the past 3 minutes Skype for Business Server has experienced incoming TLS connection failures 1 times(s). The error code of the last failure is 0x80072746”
or event id 41026
The issue seems to be some secure hardening on the TLS negotiation.
According to MS Support, it looks like an ‘update blooper’ on the May2017 patch:
“This update adds an additional check on Enhanced Key Usage (EKU), since all Lync/ SfB Server usually use the Web Server template they will only have the Server Authentication in the EKU.“
Impact and affected systems
Impact level: low. Web conferencing service (whiteboard, powerpoint presentations ).
According to MS: “The issue has been reproduced on Lync 2010, Lync 2013 and Skype for Business 2015 on all supported server versions (2008r2, 2012, 2012r2).”
– uninstall the May 2017 Security and Quality rollup for the .Net Framework 4.5.2
– Request new Edge Internal certificate with the Client and Server Authentication
– On the Front Ends disable the check for the Web Conferencing Service (follow this post for details on how to do it)
Update 18th May 9:30 – Update content based on this post (thank you Erdal for pointing me to that blog)
Update 24th May 6:30 – Updated with end-user error messages and picture. Microsoft published KB4023993 describing the issue and the workarounds described above