powered by Jive Software

XMPP Server DialBack failure not logged in the Debug Log File

I have configured OpenFire within federation with Lync Proxy XMPP.

Unfourtunaly, it was not easy but now, is working

After some issues, the main issue was that the communication only works from OpenFire -> Lync. The reverse (Lync -> Openfire) doesn’t worked…

After more than a week of debug, analyzing all the trafic between the servers, we find that the TCP dialback was invalid. It was not shown in the Logs, it was detected only using wireshark.

So, after expering this, looking to help the Troubleshooting for the future users, I would like to suggest to include more debug messages.

The debug messages presented are:


2013.07.18 11:49:38 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: RS - Connection to AS: *****.pt successful

2013.07.18 11:49:38 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: RS - Asking AS to verify dialback key for id50e6e171

2013.07.18 11:49:38 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: db:verify answer was: <stream:features xmlns:stream=“http://etherx.jabber.org/streams”></stream:features>

2013.07.18 11:49:38 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: RS - Closing connection to Authoritative Server: *****.pt

However, the follow XMPP message was sent to the remote server:

<db:result from=“xxxxxxx.pt” to="*****.pt" type=“invalid”/>

I would like to suggest to include the following line to help the Troubleshooting:

Class: ServerDialback.java

https://geni-imf.renci.org/trac/browser/openfire/openfire/src/java/org/jivesoftw are/openfire/server/ServerDialback.java

563 boolean valid = verifyKey(key, streamID.toString(), recipient, hostname, socket);


565 Log.debug("ServerDialback: RS - Sending key verification result to OS: " + hostname);

566 sb = new StringBuilder();

567 sb.append("<db:result");

568 sb.append(" from="").append(recipient).append(""");

569 sb.append(" to="").append(hostname).append(""");

570 sb.append(" type="");

571 sb.append(valid ? “valid” : “invalid”);

572 sb.append(""/>");

573 connection.deliverRawText(sb.toString());

Log.debug( valid ? “ServerDialback: RS - Verification result is Valid” : “ServerDialback: RS - Verification result is invalid - Check Dialback Verification!”);

Thank you,

Vasco Silva

1 Like

Hi Vasco,

I’ve been trying to set this up as well and hit a slight snag with the DialBack when I try to add a Lync contact from my Openfire server.

Seeing the following in debug.log:

==> warn.log <==

2013.08.02 09:51:54 org.jivesoftware.openfire.server.ServerDialback - ServerDialback: OS - Ignoring unexpected answer in validation from: mslync2013edge.lab.local id: A08FDEF9D6C54EB605000080 for domain: openfire.domain.net answer:<stream:error xmlns:stream=“urn:ietf:params:xml:ns:xmpp-streams”>stream:host-unknown/</stre am:error>

Any chance you’d be able to give some advice on this please? Haven’t really a clue what it means… Running Openfire 3.8.2.

Thank you.

Kind Regards,

Gary Shergill

Hello Gary,

The problem is because the Lync send an xmpp packet that OpenFire is not expecting. I don’t know if the problem is caused by Lync (sendind a packet out of order), or caused by Openfire (not ready to receive a valid XMPP packet).

You have all the problem explained here:

If you are interested, I can post here the modification needed in source code, to permit TCP_Dialback negotiation.


Vasco Silva

We are having the same issue, I would like to see the code modification required to permit TCP_Dialback negotiation.

Hi Vasco,

That would be brilliant if you could send the source code changes! =)

Thank you.

Kind Regards,

Gary Shergill


Here is the ServerDialback.java with the Fix that Vasco Silva was talking about: http://pastebin.com/PwTTMYM1

The difference from the original is that this one has one if in verifyKey method:

The if is in line 674 in pastebin.

if(!“db”.equals(doc.getNamespacePrefix()) && !“verify”.equals(doc.getName()))


 doc = reader.parseDocument().getRootElement();

 Log.debug("ServerDialback: RS - (verifyKey) doc: " + doc.asXML());


The thing is that Openfire is expecting a <db:verify… /> from AS and it receives a … instead, which makes the Openfire return a <db:verify type=invalid />. With this extra if I force it to read again and the next message is the <db:verify… /> (as Openfire is expecting). As I read it twice the … is discarded.

Nelson Almendra

1 Like

In case it helps anyone, the changes above have been rolled into an Openfire 3.8.2 lib here:

Just as a heads up we’ve posted two articles about setting up Openfire with Lync:

Lync Openfire XMPP Federation:


Lync CSTA Integration with Openfire: