Friday, February 22, 2013

Location of the “TrustModelData: registry key for the Lync 2013 Client

Those who are familiar with the certificate warning message:

Lync cannot verify that the server is trusted for your sign-in address. Connect anyway?

… that is presented by the Lync 2010 client when signing into a domain that is different than your sign in address:

Sign-in address: tluk@terence.com
Lync Server FQDN: lync2010.terence.local

… may have come across the following Microsoft KB that demonstrates a way to add trusted sign-in addresses via the registry to prevent this prompt:

http://support.microsoft.com/kb/2531068?wa=wsignin1.0

The KB article states that the following registry locations is where the TrustModelData REG_SZ is supposed to be created:

  • HKEY_CURRENT_USER\Policies\Microsoft\Communicator
  • HKEY_LOCAL_MACHINE\Policies\Microsoft\Communicator

This works great in the Lync 2010 Client but while tackling an issue I had with the new Lync 2013 Client this week (I will write a separate post about it), I noticed that the location has changed for the new client and the new location is the following:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Office\15.0\Lync

Name: TrustModelData
Type: REG_SZ

image 

If more than one domain is required for the trusted sign-in address then it can be entered in the following format:

domain.local, domain.com

… where the domains are separated by a comma and a space.

2 comments:

Anonymous said...

Thx

Jonatan said...

Good post!
On a sidenote, that feature has also been added to the lync 2013 group policy. Look for Trusted domains list