We are using Lync 2010 (yea, we know) back end services with Skype for Business 2016 client (full, office 2016 is installed) on Windows 10 workstations in an VDI environment. We have 2 sites, with 1 Enterprise Edition server at each. We also have a Director and Monitoring/archiving server at the main site. Both Lync 2010 & Exchange 2016 are on-premise. All of our user's main email addresses are not the same as their SIP address. However, one of the aliased email address is the same as the SIP.
We have a single user (out of 20,000 users) who can't create a meeting. Not with the Outlook plug-in, not with "meet now". We have tried resetting his SIP profile, rebuilding his Outlook profile, rebuilding his entire user profile (short of removing him from the domain), removed his SIP and recreated it 20 hours later, even tried moving him to the 2nd site but nothing changed.
This user can logon Skype, can have 1-1 IMs and even join meetings without issue. He just can't create his own meetings at all.
In tracing, we are seeing some 409 Conflict errors on his contact card. We also see a 403 Forbidden error, referencing ms-diagnostics 4172 "no cert found for the user". However, the user has valid certs (from the domain AND the communications server) in their store. The 403 error message came from the Director server. Certificates in the domain are NOT AD integrated.
The only other error message we could find was in the user's event log:
Source: Microsoft-Windows-CertificateServiceClient-CredentialRoaming
Event ID: 1002
Description: Certificate services client: Credential Roaming failed to read from teh local store. Error code 14 (not enough storage is available to complete this operation)
Have found several articles that mention this error, or the inability to create a meeting but none of them solved our issue.
Ideas (short of upgrading to Skype, not a option right now)? I'm running out of ideas :(
Mike