If you are a first time user, please make sure to also read the How to setup an account page.
Link to the Bug Tracker
You MUST provide a debug log from Pidgin/Adium. Without the debug log nobody will be able to help you and the developers will most likely ignore your post on the Help forum.
You need to provide an extended debug log, not the default output or the contents of the debug window.
|Pidgin||Copy & paste from Pidgin "Help -> Debug Window" is not enough!
You MUST start Pidgin with the
Please make sure that you have disabled all other accounts in Pidgin when taking the log file
|Adium||Enable Adium Debug Logging|
WARNING: the log may reveal your password!
For certain setups the log may contain your password in cleartext or obfuscated as Base64 string. Please make sure to overwrite those places with dummy text before uploading the log. Examples:
Authorization: Basic amR1c2VyQGRvZXMubm90LmV4aXN0LmNvbTpNeVN1cGVyU2VjcmV0UGFzc3dvcmQK
Please attach the log to the bug report. If you are posting to the help forum then please do not copy & paste the log into the text, but instead attach the file to the post or put it up on a pastebin-like page and provide an URL to that page. If you don't feel comfortable to post the log in public, then email it to the developers directly.
Please make sure that the debug information for pidgin, pidgin-sipe (if you didn't compile it yourself) and glib2 are installed on your system.
You'll need the debug log (see above) and the backtrace from a debugger. F.ex. run Pidgin under gdb control, reproduce the crash and then enter
bt at the gdb prompt. The backtrace information will be more usable if you can recompile SIPE without optimization, i.e. with
Undelivered message" error
Please update to SIPE 1.17.2 or newer.
The specified member name is either invalid or empty"
Failed to authenticate to server"
Please make sure to check the setting of the Single Sign-On flag in the
Advanced tab of the account settings. If your environment does not support SSO then you must disable SSO, otherwise SIPE will the ignore
Password settings. Older versions of SIPE enabled this flag by default for new accounts.
telepathy-haze can no longer or does not provide the password for accounts without Single Sign-On selected. As SIPE requires a password the connection setup gets "stuck" until it times out. See also freedesktop.org bug #63326.
A possible work-around might be to manually add a password entry for the
sipe account in the GNOME password manager (seahorse).
Password required" error
Please update to SIPE 1.14.1 or newer.
This should only happen if the OCS installation you are trying to connect to is really non-standard, as SIPE tries the same order as the Microsoft Client.
One common problem is that there is a clash between the auto-discovery for OCS and VoIP servers and VoIP has the higher priority.
If you run Pidgin with the
--debug option then you'll be able to see which names & ports SIPE tries to look up. On a Linux/UNIX machine you can manually check using the following commands (replace
.company.com with your domain):
$ host -tSRV _sipinternaltls._tcp.company.com $ host -tSRV _sipinternal._tcp.company.com $ host -tSRV _sip._tls.company.com $ host -tSRV _sip._tcp.company.com $ host -tA sipinternal.company.com $ host -tA sipexternal.company.com $ host -tA sip.company.com $ host -tA company.com
If none of those return the correct server, then you need to enter the correct one into the
Server[:Port] field on the
Advanced tab of the account configuration.
You are currently not using the recommended version of the client"
You have been rejected by the server: https://portal.microsoftonline.com/download/lync.aspx"
That means your server is configured to accept only particular types of clients. Copy one of the following lines to the
User Agent field in the
Advanced tab of the account configuration and save. Then try to connect to the server again.
|Version / Product||User Agent values (as seen in the wild)|
|Lync 2013, Office 365 and
Skype for Business
|Lync 2010 and Office 365||
|Office Communicator 2007 R2||
|Office Communicator 2007||
|Office Communicator 2005||
You need to update to SIPE 1.13.0 (or newer), because Office 365 requires support for the TLS-DSK authentication scheme.
Direct login to WLID is not allowed for this federated namespace"
You can verify if your installation uses ADFS by entering the following URL into your browser (replace
<USERNAME> with your SIP username):
If the returned XML text contains a non-empty node
STSAuthURL then your installation uses ADFS.
The SIP URI in the claim type requirements of the web ticket request does not match the SIP URI associated with the presented credentials"
Your Lync user name and Office365 account name are different. You'll need to update to SIPE 1.15.1 (or newer), then you can enter the Office 365 account name into the
Require strong authentication"
Your account has Multi-Factor Authentication (MFA) enabled. You need to update to SIPE 1.19.0 (or newer).
For details see SIPE feature request #76
Failed to authenticate to server" or "
Incompatible authentication scheme chosen"
For details see SIPE bug report #285
This problem is caused by the NSS security fix for CVE-2011-3389. There is an ongoing discussion how this fix affects SSL connections to various SSL servers. Setting the environment variable
NSS_SSL_CBC_RANDOM_IV=0 when running Pidgin fixes the problem:
$ export NSS_SSL_CBC_RANDOM_IV=0 $ pidgin $ NSS_SSL_CBC_RANDOM_IV=0 pidgin
UPDATE Nov-2012: it seems that Microsoft has finally fixed their SSL code. Connection to an Office 365 account now works also with this variable set to 1, i.e. enabling the NSS security fix by hand.
UPDATE Feb-2013: Pidgin project has updated their NSS package for the Windows Pidgin build to 3.13.6. Thus Windows users are now also experiencing this problem. You will have to use the environment variable. Please consult the Windows help how to set environment variables for your system or user account.
UPDATE Oct-2013: Fedora 20 (and newer) will no longer disable the NSS BEAST security fix by default as they did in earlier releases. You will have to use the environment variable.
UPDATE Nov-2013: Apple has enabled the SSL BEAST mitigations by default in Mac OS X 10.9. Thus Adium users are now also experiencing this problem. Please update to Adium 1.5.10 und SIPE 1.18.0 and disable SSL BEAST mitigations in the account options.
UPDATE Mar-2014: Apple has back-ported the SSL BEAST mitigations to Mac OS X 10.8.5 in the Security Update 2014-001. Unfortunately the workaround in Adium 1.5.10 currently does not work on Mac OS X 10.8.5! You'll need to compile Adium 1.5.10 yourself with this patch applied before you can disable the SSL BEAST mitigations in the account options.
On a Windows machine, where you have used the official Office Communicator client, go to
-> User Accounts
-> Credentials Manager
and expand the arrow for
User Name from the certificate will be your
Login Name in the
Basic tab of the account settings. For
User Name use your company email address and for
Password your company Windows password.
It has been reported that the
Server[:Port] setting in the
Advanced tab of the account settings has to be
pool1.oconline.microsoftonline.com:443 for BPOS accounts.
None of the developers has a Windows development system at his disposal. The only way to create Windows release packages at the moment is by cross-compiling the code on a Linux system. That approach only supports the creation of NSIS installer packages.
Official Windows release package maintainer missing, please consider to volunteer
The reason for that is still unknown, but the best guess is that Pidgin Portable is not binary compatible with the official Pidgin Windows release. It would help if someone familiar with Windows Pidgin Portable could explain the differences.
The official client stores its log files under C:\Documents and Settings\<WIN_LOGIN>\Tracing.
|Lync||there is a configuration option to turn on logging.|
|OCS 2007||there is a configuration option to turn on logging. (BROKEN LINK)|
|OCS 2005||follow these instructions to turn on logging|
There are two options
This is caused by Adium #16356. Please update to Adium 1.5.7 or newer.
The original fix for Adium #16356 was reverted for Adium 1.5.10. Please update to Adium 1.5.11 or newer (at the time of this writing you'll need to compile 1.5.11 yourself)
The auto-connect feature in Adium requires a valid server host name. When you use server auto-discovery, i.e. the server field in the account settings is empty, then SIPE can't determine the server host name without a network connection. SIPE therefore provides a fixed dummy host name to Adium.
||Auto-connect works for all cases, but the account can go online when there is no network|
|local machine name||This is not always a valid DNS name, i.e. auto-connect does not work for many users|
|1.18.4 or newer||
||Auto-connect does not work when you are in an intranet-only environment|
For details see SIPE bug #262
While the NTLM Single Sign-On support offered by Samba works fine for Firefox, Evolution, libsoup, ..., it doesn't support Message Integrity Code generation & verification, which is required by [MS-SIP].
UPDATE version 1.18.0: SIPE has been updated to support GSS-NTLMSSP which enables Single Sign-On for NTLM.
Your account or installation has been upgraded to Lync 2013. It has a new feature called Unified Contact Store (UCS) and your contact list has been migrated to it.
Please update to SIPE 1.17.0 or newer.
NOTE: if your email address is different from your SIP user name then you must set the
Email Address text field in the account settings.
UPDATE version 1.18.0: if EWS is correctly configured, then SIPE is able to automatically detect your email address.
488 Encryption Levels not compatible" when trying to set up an audio/video call
Farstream (formerly known as Farsight) doesn't support SRTP and therefore SIPE is unable to create encrypted calls. The encryption must be disabled in the client you are trying to call. Please check the file
contrib/media-patches/README.txt in the source code release for the details.
Unable to resolve DNS SRV record" when joining a conference using a
Your setup uses a non-standard URL template for meeting invitations from which SIPE can't extract the correct information to join the conference. Please use your web browser to open the URL and use the
sip:... URI from that page to join the conference.
For details see SIPE bug #273
UPDATE "Skype for Business": The URL points to a web page that does not include any URI in the HTML text. It is only revealed when the user presses a button on the web page. You will have to manually copy this URI.
For details see this Help forum entry
Go to the account settings and switch to the
Advanced tab. Then enter a non-existing URL into the
Email services URL field, e.g.
https://does.not.exist/. The connection to this URL will fail and SIPE then disables the calendar integration feature.
UPDATE version 1.15.0: Go to the account settings, switch to the
Advanced tab and then tick the
Don't publish my calendar information box.
Office Communcatorin the account setup?
Empathy is based on the Telepathy framework. SIPE is a Pidgin protocol plugin, i.e. it is based on the libpurple API. Code for one framework is incompatible with the other. But there is a telepathy communication manager, called telepathy-haze that implements an adaptor to the libpurple API. If you install the telepathy-haze package then you'll see (most of) the Pidgin protocol plugins also in Empathy.
Please be sure to read up on the issue of certificate handling for telepathy-haze, because that will require manual intervention by the user if you want to connect to your Office Communication account from Empathy.
NOTE: a native telepathy backend for SIPE is under development. But at the time of this writing it is too incomplete to be usable by end users.