XMPP to Gmail: Unable to Use Presence and IM—the Problem Might Be Google Apps

Microsoft Office Communications Server 2007 and Microsoft Office Communications Server 2007 R2 will reach end of support on January 9, 2018. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

If Office Communications Server users add Gmail.com federated users as contacts and are unable to exchange presence updates and instant message (IM) information, there’s a chance your domain is enabled for Google Talk. This can happen if users sign up for Google Apps. When a user signs up for Google Apps, it is automatically assumed that your domain will be used by Google Talk service and that requests for federation via XMPP will be denied. This article gives you the quick fix for this issue.

Author: Rob Pittfield

Publication date: December 2009

Product version: Office Communications Server 2007 R2 XMPP Gateway

If your users try to add Gmail.com federated users as contacts and are unable to exchange presence updates and instant message (IM) information, there’s a chance your domain could be enabled for Google Talk. This can happen if any of your users sign up for Google Apps. Whenever a user signs up for Google Apps, it is automatically assumed that your domain will be used by Google Talk service and that requests for federation via XMPP will be denied.

This issue can occur even if the validation to Gmail.com in the XMPP management console is successful. To find out if this is the problem, capture a network trace by using Network Monitor or Wireshark while you are reproducing the issue. When you open the network trace, filter it for TCP port 5269. In Wireshark, you would filter by typing tcp.port==5269 in the Filter field as shown in Figure 1.

Figure 1. Filter field in Wireshark

Filter Field

When this field turns green, you know it’s typed correctly. Press Enter. The trace should then be filtered for XMPP related traffic. Because XMPP traffic is unencrypted, the traffic data can be examined. This enables you to look at the XMPP negotiation.

Here’s what happens in this scenario:

  1. In the network trace, you’ll first see the standard TCP 3-way handshake as shown in Figure 2.

    Figure 2. TCP 3-way handshake

    TCP 3-way handshake

    These three frames establish a TCP session with Gmail.com on TCP port 5269.

  2. The Office Communications Server XMPP Gateway sends the following information to the Gmail.com XMPP server:

    <stream:stream xmlns:stream="http://etherx.jabber.org/streams"

    xmlns="jabber:server" xmlns:db="jabber:server:dialback" from="<your domain>"

    to="gmail.com" id="123123123(this value varies)" version="1.0" xml:lang="en-US">

  3. There will be a few other messages sent back and forth between the XMPP Gateway and the Gmail.com XMPP server, but those messages aren’t relevant to this issue.

  4. Finally, the Gmail.com XMPP server returns a message stating that your domain is enabled for Google Apps with Google Talk service enabled. If you look at the last few packets that Gmail.com sends to your XMPP Gateway, you may notice the following error message:

    <stream:error><undefined-condition xmlns="urn:ietf:params:xml:ns:xmpp-

    streams"/><str:text xmlns:str="urn:ietf:params:xml:ns:xmpp-streams"><your domain>

    is a Google Apps Domain with Talk service enabled.</str:text></stream:error>

    If you do notice this message, it’s important to know if anyone in your organization happens to be using Google Apps, as that would block any type of federated communication with the Gmail.com XMPP servers. This is because they automatically enable Google Talk service for the addresses that sign up for it. You can find out by going to https://www.google.com/a/cpanel/domain/new and following the steps for administrators of your domain to disable Google Talk service if necessary.

If you’ve confirmed that your company is not using Google Apps or advertising itself as using Google Talk service and you’re still having trouble, please contact Microsoft Support Services for further assistance in troubleshooting your issue.

Office Communications Server Resources