After you install Communicator Web Access (CWA) on the Office Communications Server (OCS) front end server, Office Communicator is unable to synchronize address book.
Users are prompted to enter username and password to access the address book web service, but none are accepted.
Message that users receive:
“Type your credentials to access the corporate address book”
After clicking cancel you then see in Office Communicator that the address book failed to download.
Message in Communicator:
“Cannot synchronize address book”
This error is caused by a wrong or missing SPN registration. For some reason the CWA installation removes a SPN registration from the RTCComponentService account during the setup process, resulting in users are unable to login to the Address Book web service with Kerberos
To solve this issue, you need to recreate the SPN records for the RTCComponentService account. There are several ways to do this, but I always use the GUI.
On a Domain Controller, Open “ADSI Edit” MMC console. From here locate the RTCComponentService users object (default in the “Users” container). Right click to access Properties. In the object properties page, locate the ServicePrincipalName attribute.
For OCS Standard Edition:
Enter these 2 records:
http/HOSTNAME (where hostname is the short name of the OCS front end server)
http/FQDN (where fqdn is the full DNS name of the front end server)
For OCS Enterprise Edition:Enter these 4+ records:http/HOSTNAME (where hostname is the short name of the all the OCS front end servers)http/FQDN (where fqdn is the full DNS name of all the front end servers)
http/HOSTNAME (where hostname is the short name of the OCS pool)
http/FQDN (where fqdn is the full DNS name of the pool)
Restart the front end server(s)
After the server boots, address book synchronization should work again.
Please note that it is no longer supported to have CWA on the Front End server. In fact CWA must always be on its own server.
OCS Server Role Collocation:
However in the OCS Beta it was allowed: