Skype for Business Server 2015, File Transfer Agent cannot send replication data to Replica Replicator on Edge
Skype for Business Server 2015, File Transfer Agent cannot get replication status from Replica Replicator Agent on Edge
Edge machine: EDGENAME
Exception: System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme ‘Anonymous’. —> System.Net.WebException: The remote server returned an error: (403) Forbidden.
— End of inner exception stack trace —
Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory1 factory)
Cause: Service may be unavailable or Network connectivity may have been compromised.
Verify that Replica Replicator Agent service is running on the Edge machine, network connectivity is available and TLS is configured correctly. For details, see http://support.microsoft.com/kb/2464556
On the Edge Server you may see Event ID 3045 and message:
The Replication synthetic transaction has not been updated in a significant time period.
- Ensure that all needed certificates are in place on Edge Server in the same way as described here
- Check that service is running and listening on port:
3. Ensure that Intermediate Certificates are not present in Trusted Root. If they are – remove them and execute:
4. if all above did not help change Authentication Trusted Mode of Schannel:
- Open Regedit as Administrator
- Go to HKLM\SYSTEM\CurrentControlSet\Control\Security\Providers\SCHANNEL
- Right click and add the DWORD key. Name it ClientAuthTrustMode
- Set the value of the DWORD to 2
- Restart the server
Run the following command line to invoke the replication between the servers
Wait a couple of minutes and check the status of the replication again using the PowerShell command line