Question : CWA Desktop Sharing Issue in OCS

I am experiencing problems when trying to get desktop sharing via CWA working. The problem being it just doesn't appear to work, and instead throws out the message "Cannot start desktop sharing session curently". Desktop sharing via the Communicator thic client works just fine, no issues seen there at all. Also, standard IM between CWA users or CWA/Communicator users is also fine.

My setup is as follows:

- ISA 2006 SP1 server advertising the CWA service
- Edge Server running 2007 R2. Single external NIC with 3 IPs (one for IM, Web and AV)
- Front End Enterprise Pool server running 2007 R2
- 1 x CWA servers running 2007 R2

In my dev environment, all of the above are running under Hyper-V.

Now what has slightly confused me is the cert requirements. My company likes to terminate SSL at the ISAs, so ISA to backend is HTTP only. With this in mind the CWA has been using an internal cert with the FQDN in the subject name and as the only entry in the SAN field. The internal domain name is different to the extenal one. Lets use the development AD because the it doesn't matter what I publish about that, and the problem is consistent across the environments (which is contradictory to what my first post said, but I have since discovered CWA desktop sharing doesn't work in dev either).

I have a server whose FQDN is cwa2.resource.root.local. The 'external' namespace of the CWA service is external.local. Everything is using internal certs, with the cert chain distributed to the test clients where required (test clients are largely non-domain joined). I've made some changes to the cert on at box, so todaythe certs are as follows:

MTLS Cert: subject name cwa2.resource.root.local, SAN name cwa2.resource.root.local (only one SAN name on the cert)
SSL cert: subject nam cwa.external.local, SAN names cwa.external.local, as.cwa.external.local, download.cwa.external.local, and wa2.resource.root.local (in that order)

Prior to my change today, both MTLS and SSL were using the same cert, which was the first of the two above.

In terms of teh changes I have made, forget that I have ISA in the way for now, because to take it out of the equation, I have added a 2nd NIC to the CWA server, and given it an IP address on 'public' network (where the clients are, so they can go direct to it rather than go via ISA), then created a new virtual server that uses HTTPS. I then assigned the new SSL cert, details of which are above. I did this to try and remove a layer of complexity. There are no firewall between the clients and the 'public' CWA interface, not even the Windows firewall.

I've tried turning on logging of S4 and CWAServer on the CWA server itself, while at the same time turnig on SIPStack and S$ on the Front End server. Both throw up two lines, both of which say "SIP/2.0 481 Call Lg/Transaction Does Not Exist".

Given that Communicator desktop sharing works, I can't imagine this being rocket science...but it appears to be to me at the moment, because I think I've checked and double checked just about everything I know, so any help you guys can offer would be greatly appreciated. I'm happy to provide any logs etc that may be required.

Answer : CWA Desktop Sharing Issue in OCS

It is not your problem, CWA's desktop sharing currently does not work, fix may be appear in CU5~~

Random Solutions

Help with Web Service configuration please

Outlook Data File says "Not Available"

VBA macro - conditional column fill

How to find and remove a virus

CRM Quick Campaign

NT Resource kit rcmd.exe

Update query syntax

Secure Channels not working between DCs

write a IF_And_Then, OR statement correctly