O365 Skype for Business – Lync cannot verify that the server is trusted for your sign-in address

During a pilot migration from Lync 2013 to Skype for Business Online (Office 365), the following warning popped up:

lync is attempting to connect

Why does Lync 2013 not trust its own company? 🙂
Appearantly we had configured a group policy a long time ago, which was set to only trust our own company name. I.e. contoso.com.
Once you Enabled this policy, all Microsoft certificates will be untrusted automatically.
So in this case I had to append all Microsoft domain names to the policy to trust them too. The policy is also referred to as  TrustModelData, and can be found in:

Path: User Configuration/Administrative Templates/Skype for Business 2016/Micrsoft Lync Feature Policies/
Policy: Trusted Domain List
Setting: Enabled
Trust Domains (comma seperated list): contoso.com

skype for business trusted domain list

Obviously you need the Skype for Business 2016 / Office 365 administrative templates to apply aboves settings. 🙂 Simular settings also exist for Lync 2010 and Lync 2013. Then the location for the policy is like this:
User Configuration/Policies/Administrative Templates/Microsoft Lync 2013/Microsoft Lync Feature/Trusted Domains List

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x