Tuesday, August 12, 2014

Lync Error: Cannot locate configuration store location container in the Active Directory global settings container.

I was helping out our new hires today on deploying a Lync environment and they were having some difficulty publishing the topology. Every time they would try and publish it, Topology Builder would return:

Error: Cannot locate configuration store location container in the Active Directory global settings container. 

After popping open ADSIEdit I wasn't able to locate the configuration store entry, however I did notice that all the objects had duplicate entries with a funny random string. (I had to mock this one up because I fixed the other and hadn't had a chance to screen shot it, but you get the idea)


To fix this,

  • Open up ADSIEdit
  • Right-click ADSI Edit in the tree
  • Under Select a well known naming context, select Configuration from the drop down
  • Expand Configuration, CN=Configuration, CN=Services, CN=RTC Service 
  • In there remove the entries that have the random string beneath them by right-clicking and selecting Delete.
  • Republish your Topology

Wednesday, August 6, 2014

Microsoft Lync on Top for Gartner Magic Quadrant UC 2014

Gartner have just published their Magic Quadrant for UC for 2014 and Microsoft is on top!

That's right, Microsoft has overtaken Cisco! With all the deployments that I've been doing over the last few months I am hardly surprised. Although there is still a large amount of deployments that are purely IM/Presence and Web Conferencing, I certainly am starting to see a lot more traction in the voice space, which is echoed in the Gartner report. Lync 2013 also so a big push in the video space.

See the 2014 Gartner Magic Quadrant for UC below (versus the 2013 report beneath it)




Friday, August 1, 2014

A unique use for Lync

As a UC Architect (and Lync MVP) I use Lync every day, whether I am just joining conferences or making calls, to designing and deploying it.

But here's a story that's well a little unique (as far as Lync anyway) and being Friday, I thought I'd share

We recently got a dog. A little rescue Dachshund we called Franky von Weinerschnitzel. (see below)


It was only a short amount of time (about a week or so) before he learned when and where to go (i.e. outside and three times a day), however one issue remained. Separation Anxiety. Now I am no dog expert, but we tried everything that they websites and experts tell you to (try leaving for short intervals and extending, making sure you come back when he's quiet, ignoring him and crating him in another room, leaving the TV on, etc), to try and curb his doggy anxiety, to no avail. 

Franky really just wants company, or at least thinks there's company there while we are out. Mind you, this is usually only a couple hours at a time as my wife is in and out of the house (which probably doesn't help, but that's the nature of her hours)

Bring in Lync... we use Lync in the office for Enterprise Voice and separately I have an Office 365 subscription. 

The plan: 
  • Create a Lync Conference Bridge and dial-in to it from home.
  • Go to the office and connect to the same bridge from the office.
  • Listen to dog.
  • When the dog starts, ask him to be quiet.
The result...IT WORKS! Now the neighbors can have some peace and quiet (and my wife and I can go out every now and then, without worrying about the dog - just dial into the bridge and see if he's making noise, and quiet him down if necessary).

For the record I have the Plantronics Calisto 620 attached at the "home" end. And I use the Plantronics Voyager Pro UC at the other end. Clearly this is all realistic enough that Franky thinks he has company when we're not there.

I know you can of course buy these 2 way doggy monitors and stuff, but I have Lync, so why not save myself the money and just use that. :)



Wednesday, July 30, 2014

Lync 2013 Meeting - Set All Conference Participants to Wait in Lobby

I've  answered a couple questions on this recently in the Technet forums, so I thought it would be worth writing a post on how to achieve it.

Firstly, by default PSTN callers bypass the lobby. You can change this using Set-CsMeetingConfiguration and the -PSTNCallersBypassLobby switch and setting it to $False. See here: http://technet.microsoft.com/en-us/library/gg398648.aspx

However if you want all users to be Admitted to the meeting by the organizer, there doesn't appear to be a policy for that.

Setting Manually (per user)

You can set it manually when you create a Lync Meeting in Outlook (and save the subsequent setting) See below:


Create a new Lync Meeting and select Meeting Options


Under Where do you want to meet online? select A new meeting space (I control permissions) and then under These people don't have to wait in the lobby: select Only me, the meeting organizer.

You can then do this one off, by clicking OK and sending your invite, or click Remember Settings to remember this for future meetings. This saves to the registry, so it may not be available on a different machine you use (if you don't have some sort of roaming profile) just be aware of that.

Setting Globally

I bet you're wondering how you can push this out globally? Well you can use Group Policy or script to make the registry change.

The location of the setting is here:

HCKU\Software\Microsoft\Office\15.0\Lync\ConfAddin\user@sipdomain
Key: UserSettings
There is a bunch of XML in there, and within that XML you will see a section for <AccessLevel>value</AccessLevel>

Setting it to the following:
<AccessLevel>ucLocked</AccessLevel>
Will default it to Only me, the meeting organizer as mentioned above.

Monday, July 21, 2014

Lync 2013 Client Options Table

A while ago (about 12 months probably) I put together this spreadsheet to show the Lync 2013 client options and how they correspond to the various options for controlling them (such as Client Policy, GPO or whether they're user controlled)

I saw someone on the Technet forums ask for this, so I am throwing up what effectively is Version 1 :) If there's anything missing, let me know and I will amend.

It's broken down into tabs as they appear in the Lync 2013 client options.

Download from here

Setting Can Be Specified
General
Show Emoticons in Messages In-Band
Font User Specified
Enable Tabbed Conversations In-Band
Make Tabs One Line Only Registry
Reopen my Conversations when I sign in to Lync Registry
Sign-up for Customer Experience Program Registry
Automatically Send Lync Error to Microsoft Registry
Logging in Lync In-Band
Also Turn On Windows Event Log Logging In-Band
Minimize to Notification Area instead of Taskbar Registry
Personal
Sign-in Address Autodetect or specify
Advanced Server Settings (Autodetect or specify server) GPO
Automatically Start Lync when I log into Windows Registry
Show Lync in foreground when it starts Registry
Personal Information Manager Autodetect
Update Presence based on Calendar Information In-Band
Show meeting subject and location in my Workgroup privacy relationship In-Band
Show my Out of Office  info to contacts in my Friends and Family, Workgroup, and Colleage privacy relationships In-Band
Save IM conversations in my email Conversation History Folder In-Band
Save call logs in my email Conversation History folder In-Band
Share my location with other programs I use Registry
Show pictures of contacts Registry
Contact List
Display my contacts with: Contact Name and picture/Contact Name Only User Specified
Order my list: By Name/By Availability User Specified
Show this information: Contact Name/Contact Status/Favorites Group User Specified
Status
Show me as inactive when my computer has been idle for this many minutes Registry
Change my status from Inactive to Away after this many minutes Registry
I want everyone to be able to see my presence regardless of system settings (override default settings) Registry
I want the system administrator to decide Powershell Get-CsPresencePolicy
Show me as Do Not Disturb when I present my desktop Registry
Show me as Do Not Disturb when my monitor is duplicated Registry
My Picture
Show My Picture In-Band
Hide My Picture In-Band
Phones
My Phone Numbers Autodetect AD and EV settings/User Specified
Phone Accessibility - Enable TTY Registry
Join Conference Calls from: Lync/Do Not Join Audio/Other Number Registry
Before Joining Meeting ask me which audio device I want to use. Registry
Alerts
Tell Me When Someone adds me to his or her contact list In-Band
When my status is Do Not Disturb: Don't show alerts/Show only conversation alerts from people in my Workgroup privacy relationship/Show all alerts, but only conversation alerts from people in Workgroup privacy relationship Registry
Contacts Not Using Lync: Block all invites and communications/Allow invites but block all other communications/Allow anyone to contact me. Registry
Persistent Chat
When a new message arrives: Show the message in a new window/show an alert/play this sound Registry
When a message marked as high priority arrives: Show the message in a new window/show an alert/play this sound Registry
Ringtones and Sounds
Calls to/Ringtone Registry
Play Sounds in Lync Registry
Mute incoming IM alert sounds when viewing an IM conversation Registry
Keep sounds to a minimum when my status is Busy Registry
Keep sounds to a minimum when my status is Do Not Disturb Registry
Play Music on Hold In-Band
Music on Hold File In-Band
Audio Device User Specified
Video Device User Specified
Call Forwarding
Turn off Call Forwarding User Specified
Forward my Calls to User Specified
Simultaneous Ringing User Specified
Team Call Members User Specified
Delegate Members User Specified
File Saving
File Transfer Save To Registry
Lync Recordings Save To Registry

Wednesday, July 2, 2014

Lync 2013 Issues on Windows 2012 R2 - Lync Management Shell, Blank Screen, Topology Won't Download, Lync Phones get "Cannot assign a certificate to this account. Please contact your support team"

I recently upgraded our Lync pool from Windows 2012 servers to Windows 2012 R2 servers. Shortly after doing this, we started to encounter some strange issues. They were mainly:

- Lync Management Shell stuck on a blank screen / hung.

- Topology wouldn't download.
- Lync Phone Edition phones were receiving "Cannot assign a certificate to this account. Please contact your support team"

Running Test-CsPhoneBootstrap threw the following error:

PS C:\Windows\system32> Test-CsPhoneBootstrap -PhoneOrExt 5687 -Pin 327512 -Verbose
VERBOSE: Workflow Instance Id 'ae0152d4-94e2-4dc4-81f2-d025f93016af', started.
VERBOSE: Command line executed is 'Test-CsPhoneBootstrap -PhoneOrExt 5687 -Pin 327512 -Verbose'.


Target Fqdn   : lync.contoso.com
Target Uri    : https://lync.contoso.com:443/CertProv/CertProvisioningService.svc
Result        : Failure
Latency       : 00:00:01.3446158
Error Message : Getting web ticket for the given user is failed. Error Code: 28037 , Error Reason: The AppliesTo
                element of web ticket request points to a different web server or site.

Anyway to cut a long story short, I applied the following registry edit to disable Session Ticket TLS Optimization in the system (something new in Windows 2012 R2):

WARNING: Serious problems might occur if you modify the registry incorrectly.

Open the Registry Editor (regedit.exe)
HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel
New DWORD (32-bit) - EnableSessionTicket
Value: 2

Run Stop-CsWindowsService, Start-CsWindowsService (to stop and restart the Lync services) and voila! Everything started to behave.

This registry key is documented here: http://support.microsoft.com/kb/2901554/en-us and is intended to fix these Event IDs appearing in your Event Viewer: 32402 & 61045 (none of which I actually received) but appears to have resolved a bunch of other issues that I had.

Tuesday, June 3, 2014

Install Root Certificate on Mac OSX for Lync for Mac 2011

Background

Because Mac OSX machines on an internal network aren't added to an Active Directory domain, they won't receive the root CA certificate from an Enterprise Certificate Authority. As a result the Lync client will not be able to sign-in as it won't trust the certificate being presented by the Lync front end.

An error such as the following may be displayed Sign in to Microsoft Lync failed because the service is not available or you may not be connected to the Internet:


Prerequisites

  • For this walkthrough I am using Mac OSX Mavericks 10.9.3 and running Lync for Mac 2011 with the 14.0.8 update.
  • Export a copy of your root certificate in .cer format from another machine and copy it to the OSX computer.

Installing the Root Certificate

First, launch Keychain Access, you can find it under Utilities in Finder


This will open up Keychain Access as shown below.


Select File, Add Keychain


Browse to HDD/System/Library/Keychains/X509Anchors and click Add


You should now see X509Anchors in the left pane.


Right-Click on X509Anchors and select Unlock Keychain "X509Anchors" (If you don't you may encounter an Error 100013, which will prevent you from installing the certificate)


The password is X509Anchors, click OK


Double click on the root certificate file (in my case root.cer) file on your desktop.


You will be prompted to Add Certificates. Ensure that the keychain X509Anchors is selected and click Add

You will now see the certificate that is about to be added. Click Always Trust


Enter your Admin username/password for the computer and click Modify Keychain


You should now see the certificate in the list of X509Anchors with a blue plus on the icon.


Try and sign-in to Lync again.