Thursday, October 23, 2014

Microsoft Lync Server 2013, Topology Builder Has Stopped Working

Came across a funny issue today. For some reason when I open Topology Builder and click Download Existing Topology the Topology Builder crashes with "Microsoft Lync Server 2013, Topology Builder Has Stopped Working"

Clicking View Details, doesn't show anything useful.

Apparently nothing had changed on the environment, so it wasn't obvious what had happened. 

I thought a good place to start would be to open Lync Management Shell and upon doing so was create with this:

So it appears for some mysterious reason the Execution Policy on scripts has changed

A quick change to RemoteSigned by running Set-ExecutionPolicy RemoteSigned fixed both the crash on downloading the topology and the error in Powershell. 

Still can't explain why this happened!

Wednesday, October 1, 2014

Windows 10 Technical Preview First Thoughts...

Today the Window 10 Technical Preview became available. As you may have read, Microsoft have skipped Windows 9 and are going straight from Windows 8.1 to Windows 10 see the press release here.

The installation process seems to be pretty straight forward from both a clean install perspective or from an upgrade perspective (I used the Enterprise version, which allows an upgrade) and all in all took no longer than about 30 minutes on my X1 Carbon (8GB memory, SSD, Core i7)

Most things appear to work fine thus far, except installing my Fingerprint Reader (using the Windows 8.1 driver) crashes the login screen (where it flickers like crazy) so I am minus one fingerprint reader and had to do a System Restore.

So what are the obvious things that have changed?

The OS still looks very similar to Windows 8.1, however the Start Menu has made a return, and it's merged with the Start Screen, to put simply, you know have Live Tiles on the Start Menu (see below):

What also is new, is the ability to resize the "metro" apps and easily close them by clicking the X that we are all used to

Task View has also been added, given you a bunch of tiles with a tiny preview, allowing you to easily multitask. Personally I find this feature cool :) You can either bring it up by clicking the icon down in the task bar (pictured below) or swipe from the left.

There are a number of other features, like the ability to Add Desktops, (which you can see pictured above down the bottom). This should allow you to create additional desktops that you can switch through, but I am still trying to work out exactly how that works.

The command prompt also has some changes, it now accepts short cut keys. I was able to paste in using Ctrl+V (rather than right-clicking) and likewise I was able to highlight and Ctrl+C to copy.

There is also a new Search box, which is available, by clicking the magnifying glass on the task bar. Like the Search on the old start screen, this will search the computer, web and show trending news:

A number of security features will be added too, although I don't believe these are part of the preview.

On top of BitLocker (which has been available in the Enterprise editions and some Premium editions of Windows Vista, 7, 8 & 8.1) Microsoft are adding additional protection using containers and data separation at the application/file level.

Microsoft are also enhancing security from an identity perspective, to improve resistance to breach, theft or phishing. This is done by easily integrating 2 factor authentication (such as smart cards and tokens)

Built in MDM capabilities will also be extended in Windows 10.

So far I like it, some of the new features announced by Microsoft I can't yet see in the preview, but I assume these will become available over the next few months. It's not a huge leap in terms of User Experience from Windows 8.1 (at least on the current iteration) but it does have some really nice and useful features, that will make things a little easier and less troublesome for me. So far I've had very little compatibility issues, aside from the fingerprint reader and also my adaptive keyboard buttons. 

SCCM EndPoint Protection (as part of SCCM 2012 R2) also doesn't install, so I am relying on the built-in Windows Defender.

Other important apps I use seem to work fine, but I am sure I'll know over the next couple days whether anything else plays up.

From what I can tell, Microsoft will be releasing Windows 10 early next year. But in the mean time, have  a play with 180 days technical preview:


Tuesday, September 30, 2014

Troubleshooting Exchange 2010/2013 UM issues

Whilst migrating from Exchange 2010 to Exchange 2013 I encountered some issues with co-existence during our pilot phase. I hadn't been previously involved in the Exchange 2013 upgrade, but given that the co-existence issue was with Unified Messaging (UM) where noone homed in 2013 could use voicemail for our Lync environment, I was brought in.

Now the end of this post, really shows that this wasn't so much a co-existence issue, but a misconfiguration, but it at least walks through it, so if anyone has any of these error messages, hopefully it provides some assistance!

The symptom was basically a call drop when someone either internal or external called someone with a 2013 mailbox.

I wasn't sure exactly where it was setup to, so I did the first obvious thing, which was to switch UM Service from TCP to TLS and restart the services, but that didn't appear to do anything.

A quick snooper log however started to uncover what was going on, I was getting a ton of 403 forbidden, with details as below:

ms-diagnostics: 15505;reason="Couldn't find a valid Unified Messaging server to redirect the call.";source="NYLYNCFE03.DOMAIN.LOCAL";dialplan="Lync.DOMAIN.local";umserver="NYEXUM01.DOMAIN.local";responsecode="403";msexchsource="NYEXUM01.domain.local";appName="ExumRouting"

Interestingly this is the name of the 2010 server, this was fixed by creating the second dial plan for Exchange 2013 and running the ExchUCUtil.ps1 script and the OCSUMUtil.exe to basically point Lync to Exchange 2013.

Then I started to get these errors:

ms-diagnostics: 15030;reason="Failed to route to Exchange Server";source="NYLYNCFE03.DOMAIN.LOCAL";dialplan="Lync.DOMAIN.local";pstnreroutingenabled="false";appName="ExumRouting"

ms-diagnostics: 1010;reason="Certificate trust with another server could not be established";source="NYLYNCFE03.DOMAIN.LOCAL";dialplan="Lync.domain.local";umserver="NYMAIL01.domain.local";pstnreroutingenabled="false";responsecode="504";msexchErrorType="The peer certificate is not chained off a trusted root";msexchtls-target="NYMAIL01.domain.local";msexchHRESULT="0x80090325(SEC_E_UNTRUSTED_ROOT)";msexchsource="NYLYNCFE03.domain.local";appName="ExumRouting"

Well, this one was obvious... the self signed certificate was assigned to the UM Services, there was another cert there, so I assigned into that and ended up with this weird message:

ms-diagnostics: 15004;reason="Exchange Unified Messaging dial plan has no servers";source="NYLYNCFE03.DOMAIN.LOCAL";dialplan="Exch2013.DOMAIN.local";appName="ExumRouting"

This was weird, because I could clearly see that there were UM servers associated with the dial-in plan. After a bit more digging, this useful message appeared:

ms-diagnostics: 1010;reason="Certificate trust with another server could not be established";source="NYLYNCFE03.domain.LOCAL";dialplan="Lync.domain.local";umserver="NYUM01.domain.local";pstnreroutingenabled="false";responsecode="504";msexchErrorType="The peer certificate does not contain a matching FQDN";msexchtls-target="NYUM01.domain.local";msexchHRESULT="0x80090322(SEC_E_WRONG_PRINCIPAL)";msexchsource="NYLYNCFE03.domain.local";appName="ExumRouting"

A quick issuance of a cert with the FQDN of the Exchange server and a service restart and things all magically started working.

Tuesday, August 12, 2014

Lync Error: Cannot locate configuration store location container in the Active Directory global settings container.

I was helping out our new hires today on deploying a Lync environment and they were having some difficulty publishing the topology. Every time they would try and publish it, Topology Builder would return:

Error: Cannot locate configuration store location container in the Active Directory global settings container. 

After popping open ADSIEdit I wasn't able to locate the configuration store entry, however I did notice that all the objects had duplicate entries with a funny random string. (I had to mock this one up because I fixed the other and hadn't had a chance to screen shot it, but you get the idea)

To fix this,

  • Open up ADSIEdit
  • Right-click ADSI Edit in the tree
  • Under Select a well known naming context, select Configuration from the drop down
  • Expand Configuration, CN=Configuration, CN=Services, CN=RTC Service 
  • In there remove the entries that have the random string beneath them by right-clicking and selecting Delete.
  • Republish your Topology

Wednesday, August 6, 2014

Microsoft Lync on Top for Gartner Magic Quadrant UC 2014

Gartner have just published their Magic Quadrant for UC for 2014 and Microsoft is on top!

That's right, Microsoft has overtaken Cisco! With all the deployments that I've been doing over the last few months I am hardly surprised. Although there is still a large amount of deployments that are purely IM/Presence and Web Conferencing, I certainly am starting to see a lot more traction in the voice space, which is echoed in the Gartner report. Lync 2013 also so a big push in the video space.

See the 2014 Gartner Magic Quadrant for UC below (versus the 2013 report beneath it)

Friday, August 1, 2014

A unique use for Lync

As a UC Architect (and Lync MVP) I use Lync every day, whether I am just joining conferences or making calls, to designing and deploying it.

But here's a story that's well a little unique (as far as Lync anyway) and being Friday, I thought I'd share

We recently got a dog. A little rescue Dachshund we called Franky von Weinerschnitzel. (see below)

It was only a short amount of time (about a week or so) before he learned when and where to go (i.e. outside and three times a day), however one issue remained. Separation Anxiety. Now I am no dog expert, but we tried everything that they websites and experts tell you to (try leaving for short intervals and extending, making sure you come back when he's quiet, ignoring him and crating him in another room, leaving the TV on, etc), to try and curb his doggy anxiety, to no avail. 

Franky really just wants company, or at least thinks there's company there while we are out. Mind you, this is usually only a couple hours at a time as my wife is in and out of the house (which probably doesn't help, but that's the nature of her hours)

Bring in Lync... we use Lync in the office for Enterprise Voice and separately I have an Office 365 subscription. 

The plan: 
  • Create a Lync Conference Bridge and dial-in to it from home.
  • Go to the office and connect to the same bridge from the office.
  • Listen to dog.
  • When the dog starts, ask him to be quiet.
The result...IT WORKS! Now the neighbors can have some peace and quiet (and my wife and I can go out every now and then, without worrying about the dog - just dial into the bridge and see if he's making noise, and quiet him down if necessary).

For the record I have the Plantronics Calisto 620 attached at the "home" end. And I use the Plantronics Voyager Pro UC at the other end. Clearly this is all realistic enough that Franky thinks he has company when we're not there.

I know you can of course buy these 2 way doggy monitors and stuff, but I have Lync, so why not save myself the money and just use that. :)

Wednesday, July 30, 2014

Lync 2013 Meeting - Set All Conference Participants to Wait in Lobby

I've  answered a couple questions on this recently in the Technet forums, so I thought it would be worth writing a post on how to achieve it.

Firstly, by default PSTN callers bypass the lobby. You can change this using Set-CsMeetingConfiguration and the -PSTNCallersBypassLobby switch and setting it to $False. See here:

However if you want all users to be Admitted to the meeting by the organizer, there doesn't appear to be a policy for that.

Setting Manually (per user)

You can set it manually when you create a Lync Meeting in Outlook (and save the subsequent setting) See below:

Create a new Lync Meeting and select Meeting Options

Under Where do you want to meet online? select A new meeting space (I control permissions) and then under These people don't have to wait in the lobby: select Only me, the meeting organizer.

You can then do this one off, by clicking OK and sending your invite, or click Remember Settings to remember this for future meetings. This saves to the registry, so it may not be available on a different machine you use (if you don't have some sort of roaming profile) just be aware of that.

Setting Globally

I bet you're wondering how you can push this out globally? Well you can use Group Policy or script to make the registry change.

The location of the setting is here:

Key: UserSettings
There is a bunch of XML in there, and within that XML you will see a section for <AccessLevel>value</AccessLevel>

Setting it to the following:
Will default it to Only me, the meeting organizer as mentioned above.