Those who are familiar with the certificate warning message:
Lync cannot verify that the server is trusted for your sign-in address. Connect anyway?
… that is presented by the Lync 2010 client when signing into a domain that is different than your sign in address:
Sign-in address: tluk@terence.com
Lync Server FQDN: lync2010.terence.local
… may have come across the following Microsoft KB that demonstrates a way to add trusted sign-in addresses via the registry to prevent this prompt:
http://support.microsoft.com/kb/2531068?wa=wsignin1.0
The KB article states that the following registry locations is where the TrustModelData REG_SZ is supposed to be created:
- HKEY_CURRENT_USERPoliciesMicrosoftCommunicator
- HKEY_LOCAL_MACHINEPoliciesMicrosoftCommunicator
This works great in the Lync 2010 Client but while tackling an issue I had with the new Lync 2013 Client this week (I will write a separate post about it), I noticed that the location has changed for the new client and the new location is the following:
HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftOffice15.0Lync
Name: TrustModelData
Type: REG_SZ
If more than one domain is required for the trusted sign-in address then it can be entered in the following format:
domain.local, domain.com
… where the domains are separated by a comma and a space.
2 Responses
Thx
Good post!
On a sidenote, that feature has also been added to the lync 2013 group policy. Look for Trusted domains list