Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
"Lync cannot verify that the server is trusted for your sign-in address." message when you sign in to Lync 2010 by authenticating to Lync Online
Article ID: 2531068 - View products that this article applies to.
When you sign in to Microsoft Lync 2010 by authenticating to the Microsoft Lync Online service, you receive the following message in a certificate trust dialog box:
Collapse this imageExpand this image
This dialog box appears during sign-in or after you sign in.
This dialog box is a "Trust Model Dialog" box. It is displayed when you are connecting to a server that is unknown to Lync. Lync must have your permission to verify whether to trust this server. For example, in the earlier screen shot, domainName.contoso.com is the unknown server.
The dialog box may be displayed in the following scenarios:
We recommend that you verify the domain name that is displayed in the dialog box to verify that it is a trusted server that you want to connect to. After you decide to trust the server, follow these steps:
Important This section contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/322756/ )How to back up and restore the registry in Windows
To prevent the dialog box from being displayed, you can edit the following REG_SZ registry value:
HKEY_CURRENT_USER\Software\Microsoft\Communicator\TrustModelDataTo do this manually for one computer, follow these steps:
()Important The value data for the TrustModelData registry value is known as Address of Record (AOR) information. An AOR entry is in the format of a Fully Qualified Domain Name (FQDN). Separate AOR entries will be listed in a comma delimited list that makes up the value data for the TrustModelData registry value. For example: contoso.com, adatum.com, server01.fourthcoffeee.com. All additional AOR entries should be preceded with a comma before they are added to the list.
Note If the user’s Exchange mailbox domain server address differs from the Lync sign-in domain server address, the Trust Model Dialog box may appear after the user signs in. Administrators can use this procedure to append the Exchange mailbox domain server address to the value data of the TrustModelData registry value.
There are no Windows Active Direcrory Group Policies that can be used to manage the Lync 2010 TrustModelData registry value. Group Policy for the Lync 2010 TrustModelData registry value can be managed through manual registry edits on the Windows client-based computer or automated registry edits that are administered globally on the network to the Windows client-based computers. The following is an example of these registry locations to update:
Lync identifies unknown servers and domains by using the Lync Autodiscover service. For more information about the Lync Autodiscover service, visit the following Microsoft website:
Understanding the Autodiscover service
Article ID: 2531068 - Last Review: August 1, 2012 - Revision: 5.0