Solved: Sign into Office365 hybrid with SIP address

By | July 24, 2017

So I recently ran into a situation with a deployment where I needed to use my admin accounts UPN to sign into office365 instead of the tenant account,

This works fine for hybrid up, until the point you cutover internal DNS to point to the internal infrastructure instead of Office365

Then, whenever you attempt to use the Skype for Business Control panel or even PowerShell to connect to SkypeOnline your presented with this lovely chestnut

Unable to discover PowerShell endpoint URI

Now, when your using PowerShell the solution is easy, Specify “-OverrideDiscoveryUrl <admin url> ” on whatever cmdlet you are running.

But what about a whole bunch of commands that don’t allow you to parse this option, or even the Skype Control Panel?

 

Simple. add a hosts file entry on the frontends pointing Lyncdiscover to the to office365.

This also works on any other machine with the Skype management tools, but obviously cant be done on a machine with the Skype4B client installed.

The reason is that Get-CsPowerhsellEndpoint cmdlet used by most of these tools looks for and connects to the LyncDiscover record.

 

To get the correct IP address for your Lyncdiscover record, Login to your Office365 tennant admin panel and head to Setup > Domains > (Domain Name) and note the LyncDiscover CName record.

 

Once you have done that, you can ping or NSLookup the CNAME record to find its IP address.

Then open your hosts file at c:\windows\system32\drivers\etc\hosts with your favourite editor and add the following lines (subsituting your IP and domainname of course)

 

#office365 hybrid workaround for SSO
52.113.66.147          lyncdiscover.skype4badmin.com

 

Thats it! you can now connect to Office365 from your internal infrastructure with your UPN instead of needing the “onmicrosoft” account.

 

Hope this helps.

One thought on “Solved: Sign into Office365 hybrid with SIP address

Leave a Reply