Frequently Asked Questions

If you are a first time user, please make sure to also read the How to setup an account page.



How to report SIPE problems

Where do I report bugs?

Link to the Bug Tracker

What information do I need to include?

You MUST provide a debug log from Pidgin/Adium. Without the debug log nobody will be able to help you and the developers will most likely ignore your post on the Help forum.

You need to provide an extended debug log, not the default output or the contents of the debug window.

Client
Pidgin You MUST start Pidgin with the --debug option from the command line
Please make sure that you have disabled all other accounts in Pidgin when taking the log file
Adium Enable Adium Debug Logging
Miranda ???

Please do not cut anything from the start or end of the log. You may replace your name, addresses and domain names in the log. Please make sure that you don't reveal any of your passwords in the log. Please make sure to replace the Base64 string in "Authentication: Basic <base64 string>" lines, as those contain the user name and password in obfuscated form.

Please attach the log to the bug report. If you are posting to the help form then please don't include the log in your posting, but instead put it up on a pastebin-like page and provide an URL to that page. If you don't feel comfortable to post the log in public, then email it to the developers directly.

SIPE crashes. What information do I need to include?

Please make sure that the debug information for pidgin, pidgin-sipe (if you didn't compile it yourself) and glib2 are installed on your system.

You'll need the debug log (see above) and the backtrace from a debugger. F.ex. run Pidgin under gdb control, reproduce the crash and then enter bt at the gdb prompt. The backtrace information will be more usable if you can recompile SIPE without optimization, i.e. with -g -O0


After upgrading to SIPE X.Y.Z ...

After upgrading to SIPE 1.17.1
Most of my IM message cause an "Undelivered message" error

Please update to SIPE 1.17.2 or newer.

After upgrading to SIPE 1.15.1 (or newer)
Pidgin fails with "The specified member name is either invalid or empty"

Your BPOS account was updated to an Office 365 account and the value you have entered into the Login field in the Basic tab of the account setting is no longer valid. Please clear the Login field.

After upgrading to SIPE 1.15.0 (or newer)
Pidgin fails with "Failed to authenticate to server"

Please make sure to check the setting of the Single Sign-On flag in the Advanced tab of the account settings. If your environment does not support SSO then you must disable SSO, otherwise SIPE will the ignore Login and Password settings. Older versions of SIPE enabled this flag by default for new accounts.

After upgrading to SIPE 1.14.1 (or newer)
Empathy can no longer connect, although the same account still works fine with Pidgin

telepathy-haze can no longer or does not provide the password for accounts without Single Sign-On selected. As SIPE requires a password the connection setup gets "stuck" until it times out. See also freedesktop.org bug #63326.

A possible work-around might be to manually add a password entry for the sipe account in the GNOME password manager (seahorse).

After upgrading to SIPE 1.14.0
Pidgin no longer asks for a password
Pidgin fails to connect with "Password required" error

Please update to SIPE 1.14.1 or newer.


Connection problems

SIPE can't find any server to connect to
SIPE connects to the wrong server

This should only happen if the OCS installation you are trying to connect to is really non-standard, as SIPE tries the same order as the Microsoft Client.

One common problem is that there is a clash between the auto-discovery for OCS and VoIP servers and VoIP has the higher priority.

If you run Pidgin with the --debug option then you'll be able to see which names & ports SIPE tries to look up. On a Linux/UNIX machine you can manually check using the following commands (replace .company.com with your domain):

$ host -tSRV _sipinternaltls._tcp.company.com
$ host -tSRV _sipinternal._tcp.company.com
$ host -tSRV _sip._tls.company.com
$ host -tSRV _sip._tcp.company.com
$ host -tA sipinternal.company.com
$ host -tA sipexternal.company.com
$ host -tA sip.company.com
$ host -tA company.com

If none of those return the correct server, then you need to enter the correct one into the Server[:Port] field on the Advanced tab of the account configuration.

That means your server is configured to accept only particular types of clients. Copy one of the following lines to the User Agent field in the Advanced tab of the account configuration and save. Then try to connect to the server again.

Version / Product User Agent values (as seen in the wild)
Lync 2013 and Office 365 UCCAPI/15.0.4481.1000 OC/15.0.4481.1000 (Microsoft Lync)
UCCAPI/15.0.4420.1017 OC/15.0.4420.1017 (Microsoft Lync)
Lync 2010 and Office 365 UCCAPI/4.0.7577.314 OC/4.0.7577.314 (Microsoft Lync 2010)
UCCAPI/4.0.7577.256 OC/4.0.7577.280 (Microsoft Lync 2010)
Office Communicator 2007 R2 UCCAPI/3.5.6907.206 OC/3.5.6907.206 (Microsoft Office Communicator 2007 R2)
UCCAPI/3.5.6907.0 OC/3.5.6907.0 (Microsoft Office Communicator 2007 R2)
Office Communicator 2007 UCCP/2.0.6362.111 OC/2.0.6362.111 (Microsoft Office Communicator)
UCCP/2.0.6362.97 OC/2.0.6362.97 (Microsoft Office Communicator)
Office Communicator 2005 LCC/1.3.5371 (Microsoft Office Communicator 2005 1.0.559.0)
LCC/1.3.5371 (Microsoft Office Communicator 2005 1.0.559.232)

I'm unable to connect to my Microsoft Office 365 account

You need to update to SIPE 1.13.0 (or newer), because Office 365 requires support for the TLS-DSK authentication scheme.

Login to my Microsoft Office365 account is rejected with "Direct login to WLID is not allowed for this federated namespace"

Your installation uses ADFS to authenticate internal users for Office 365 accounts. You need to update to SIPE 1.14.0 (or newer).

You can verify if your installation uses ADFS by entering the following URL into your browser (replace <USERNAME> with your SIP username):

https://login.microsoftonline.com/getuserrealm.srf?login=<USERNAME>&xml=1

If the returned XML text contains a non-empty node STSAuthURL then your installation uses ADFS.

Login to my Microsoft Office 365 account is rejected with "The SIP URI in the claim type requirements of the web ticket request does not match the SIP URI associated with the presented credentials"

Your Lync user name and Office365 account name are different. You'll need to update to SIPE 1.15.1 (or newer), then you can enter the Office 365 account name into the Login field.

After upgrading to NSS 3.13.1 (or newer)...
<insert your favorite Linux distribution here> XXX...
Windows Pidgin 2.10.7...
Mac OS X 10.8.5 / 10.9...
... login fails with "Read Error"

This problem is caused by the NSS security fix for CVE-2011-3389. There is an ongoing discussion how this fix affects SSL connections to various SSL servers. Setting the environment variable NSS_SSL_CBC_RANDOM_IV=0 when running Pidgin fixes the problem:

$ export NSS_SSL_CBC_RANDOM_IV=0
$ pidgin

$ NSS_SSL_CBC_RANDOM_IV=0 pidgin

UPDATE Nov-2012: it seems that Microsoft has finally fixed their SSL code. Connection to an Office 365 account now works also with this variable set to 1, i.e. enabling the NSS security fix by hand.

UPDATE Feb-2013: Pidgin project has updated their NSS package for the Windows Pidgin build to 3.13.6. Thus Windows users are now also experiencing this problem. You will have to use the environment variable. Please consult the Windows help how to set environment variables for your system or user account.

UPDATE Oct-2013: Fedora 20 (and newer) will no longer disable the NSS BEAST security fix by default as they did in earlier releases. You will have to use the environment variable.

UPDATE Nov-2013: Apple has enabled the SSL BEAST mitigations by default in Mac OS X 10.9. Thus Adium users are now also experiencing this problem. As a workaround you can update to Adium 1.5.10 und SIPE 1.18.0 and disable SSL BEAST mitigations in the account options (at the time of this writing you'll need to compile Adium yourself from the latest source code).

UPDATE Mar-2014: Apple has back-ported the SSL BEAST mitigations to Mac OS X 10.8.5 in the Security Update 2014-001. Unfortunately the workaround in Adium 1.5.10 currently does not work on Mac OS X 10.8.5, but a patch has been provided to the developers to fix this.


Setup problems

Where do I get the login credentials for my Microsoft Online (BPOS) account?

On a Windows machine, where you have used the official Office Communicator client, go to

Control Panel
-> User Accounts
-> Credentials Manager

and expand the arrow for *.ocslabs.microsoft.com. The User Name from the certificate will be your Login Name in the Basic tab of the account settings. For User Name use your company email address and for Password your company Windows password.

It has been reported that the Server[:Port] setting in the Advanced tab of the account settings has to be pool1.oconline.microsoftonline.com:443 for BPOS accounts.


Operating Systems

Windows

Why is there no Windows MSI installer package?

None of the developers has a Windows development system at his disposal. The only way to create Windows release packages at the moment is by cross-compiling the code on a Linux system. That approach only supports the creation of NSIS installer packages.

Official Windows release package maintainer missing, please consider to volunteer

The plugin crashes when used with Windows Pidgin Portable

The reason for that is still unknown, but the best guess is that Pidgin Portable is not binary compatible with the official Pidgin Windows release. It would help if someone familiar with Windows Pidgin Portable could explain the differences.

How do I get logs from the official Microsoft client?

The official client stores its log files under C:\Documents and Settings\<WIN_LOGIN>\Tracing.

Version
Lync there is a configuration option to turn on logging.
OCS 2007 there is a configuration option to turn on logging. (BROKEN LINK)
OCS 2005 follow these instructions to turn on logging

After upgrading to Windows Pidgin 2.10.7 login fails with "Read Error"

See Connection Problems

Mac

How do I get Office Communicator support working on a Mac?

There are two options

Adium 1.5.6 (or older): connection fails with "Read error"

This is caused by Adium #16356. Please update to Adium 1.5.7 or newer.

After upgrading to Mac OS X 10.8.5 or 10.9 login fails with "Read Error"

See Connection Problems

Linux/*BSD/UNIX/...

Although I have configured my machine to use pam_winbind, SIPE continue to ask for my NTLM password

While the NTLM Single Sign-On support offered by Samba works fine for Firefox, Evolution, libsoup, ..., it doesn't support Message Integrity Code generation & verification, which is required by [MS-SIP].

UPDATE version 1.18.0: SIPE has been updated to support GSS-NTLMSSP which enables Single Sign-On for NTLM.

After upgrading to <insert your favorite distribution here> XXX login fails with "Read Error"

See Connection Problems


Other

All my buddies are shown as offline from one day to the next
Changes to my buddy list aren't saved

Your account or installation has been upgraded to Lync 2013. It has a new feature called Unified Contact Store (UCS) and your contact list has been migrated to it.

Please update to SIPE 1.17.0 or newer.

NOTE: if your email address is different from your SIP user name then you must set the Email Address text field in the account settings.

UPDATE version 1.18.0: if EWS is correctly configured, then SIPE is able to automatically detect your email address.

I get the error message "488 Encryption Levels not compatible" when trying to set up an audio/video call

Farstream (formerly known as Farsight) doesn't support SRTP and therefore SIPE is unable to create encrypted calls. The encryption must be disabled in the client you are trying to call. Please check the file contrib/media-patches/README.txt in the source code release for the details.

By default the information from my calendar is published. How do I disable this feature?

Go to the account settings and switch to the Advanced tab. Then enter a non-existing URL into the Email services URL field, e.g. https://does.not.exist/. The connection to this URL will fail and SIPE then disables the calendar integration feature.

UPDATE version 1.15.0: Go to the account settings, switch to the Advanced tab and then tick the Don't publish my calendar information box.

Why do I have to use Pidgin and not Empathy/KDE Telepathy/... to use SIPE?
Why does Empathy/KDE Telepathy/... not show Office Communcator in the account setup?
Can I use SIPE with Empathy/KDE Telepathy/...?

Empathy is based on the Telepathy framework. SIPE is a Pidgin protocol plugin, i.e. it is based on the libpurple API. Code for one framework is incompatible with the other. But there is a telepathy communication manager, called telepathy-haze that implements an adaptor to the libpurple API. If you install the telepathy-haze package then you'll see (most of) the Pidgin protocol plugins also in Empathy.

Please be sure to read up on the issue of certificate handling for telepathy-haze, because that will require manual intervention by the user if you want to connect to your Office Communication account from Empathy.

NOTE: a native telepathy backend for SIPE is under development. But at the time of this writing it is too incomplete to be usable by end users.


Related

Wiki: Home
Wiki: How to setup an account