I'm having a hard time getting the address book service to work. When logging into the client I see:
- DG URL External: https://web.domain.com:443/groupexpansion/service.svc. I can browse to this on a browser and get to the service when I login with my credentials
- ABS Server External URL looks right https://web.domain.com:443/abs/handler but when I try to browse to it I get 403 Forbidden
- GAL Status shows the internal fqdn of the pool (should this be external?)
- Server Address Internal & External are blank
- EWS Internal URL and External are blank
- MAPI Status OK
- EWS Status OK
- I have a SAN certificate for all the right names
I'm using Citrix Netscaler to do the port 80 -> 8080 and 443 -> 4443 proxy. This seems to be working fine.
As far as I can tell everything else works fine (VOIP, Video, Audio, Instant Messaging, etc)
I am using LHPv2 so maybe there is something I missed? I did configure it for WebSearchOnly like it said in the documentation.
When I run Test-CsAddressBookService from the server I get:
- Result: Failure
- Error Message: No response received for Web-Ticket service. Inner Exception:The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'Negotiate,NTLM'. Inner Exception:The remote server returned an error: (401) Unauthorized