OCS multi-party video conferencing not working (peer to peer is fine)…

Posted by in OCS

I was recently asked to help out with an OCS video conferencing issue whereby peer-to-peer video was working fine but as soon as a third person was added to the session making it a conference the following error occurred:

Cannot perform the selected action. This action may not be permitted by the conferencing service. Please try again. If the problem persists, please contact your system administrator.

Not the greatest error I’ve ever seen. Multi party video conferencing should work out of the box with OCS so I suspected firewall policy as the main culprit seeing as traffic converges at the OCS server (standard edition in this case) or pool once more than two people are in the conference.

As usual the real detail can be found in the Communicator client tracing logs. I managed to track the problem to this error in the logs:

ms-diagnostics: 7014;source=”domain.com”;reason=”Error parsing SDP: Invalid ICE transport candidates”;component=”AvMcu”

After a bit of investigation I managed to track down an entry in the OCS group policy called Disable Interactive Connectivity Establishment (ICE) which was Enabled.

The description of the policy states the following: Disables Interactive Connectivity Establishment (ICE). When enabled the ICE protocol provides a way to establish voice or audio/video calls between clients separated by a Network Address Translation (NAT) layer or firewall.

After setting this back to Not Configured, refreshing policy and restarting Communicator, multi-party video began to work perfectly. So it seems OCS needs ICE to work correctly, even when there is no NAT in place on an internal network? In this case it seems as if some over zealous policy settings upon design/install caused this to stop working.