Lync 2013 / SfB 2015 Client Update – April 2017

Our April update to the Office 2013-based Lync/SfB client (Kb 3178731) follows last month’s Security Update and takes us from 15.0.4911.1000 to 15.0.4919.1000.

What’s Fixed

This update fixes the following issues:

  • Kb 4016107 Supports to join a meeting in Lync Web App when you don’t sign in to Skype for Business 2015 (Lync 2013)
  • Kb 4015934 Can’t sign in to Skype for Business 2015 (Lync 2013) when you resume laptop to a different network
  • Kb 4015933 Skype for Business 2015 (Lync 2013) that is running on an AOAC device does not sign-out
  • Kb 4015932 Rich Text Format isn’t fully preserved in the exported archiving data in Skype for Business 2015 (Lync 2013)
  • Kb 4015931 Instant messages may stop displaying, or out of order in conversation history in Skype for Business 2015 (Lync 2013)
  • Kb 4015930 The IM button isn’t enabled for all users in the contact card in Skype for Business 2015 (Lync 2013)
  • Kb 4015928 You may not see a shared video in a conference that has many participants in Skype for Business 2015 (Lync 2013)
  • Kb 4015927 Can’t see Skype for Business 2015 (Lync 2013) conversation history, calendar data, and presence data in Outlook
  • Kb 4015925 Cannot sign in to Skype for Business 2015 (Lync 2013) when you register the domain as a vanity domaintitle
  • Kb 4015924 Meet Now user can’t see video from other users in Skype for Business 2015 (Lync 2013)
  • Kb 4015923 Installation state is changed to “Run from My Computer” after you apply an update for Lync 2013 (Skype for Business)
  • Kb 4015922 Removes the “ is not active on an IM device” alert in Skype for Business 2015 (Lync 2013)
  • Kb 4015921 Update to show list of opened rooms in Skype for Business 2015 (Lync 2013)
  • Kb 4015920 Adds support to resize the width of the tab list of conversations in Skype for Business 2015 (Lync 2013)
  • Kb 4015919 Adds an Insert Link button in the action bar of the chat input area of IM window in Skype for Business 2015 (Lync 2013)
  • Kb 4015918 Skype for Business 2015 (Lync 2013) crashes in the lync.exe process on startup

Continue reading ‘Lync 2013 / SfB 2015 Client Update – April 2017’ »

Convert-SonusSbcConfigToWord.ps1 – Revision History

I’ve been bashing at this script for almost 4 years now and the main post’s getting a bit long with the revision history. I’ve taken a leaf from a peer’s book and decided to spin the entire history out into its own post. Whether the ancient history is of use to anyone remains to be seen, but here it is regardless.

Here’s the main post for this script.

Continue reading ‘Convert-SonusSbcConfigToWord.ps1 – Revision History’ »

Sonus 1-way voice ISDN-SIP

Sonus introduced “Fax Tone Detection” in the SBC 1k/2k v6.1.1 b459, but it has a glitch in it: turn it off and you’ll get 1-way voice.

From their online documentation: Fax Tone Detection

Specifies whether or not the Sonus SBC 1000/2000 system will detect Fax tones produced by the terminating side fax machine. Fax tone detection(V.21 flags) is used when Fax calls are received from TDM to a Fax server and the voice call needs to be switched to a Fax call using T.38. If Fax tone detection is enabled, the  SBC Edge detects the Fax tone from TDM and switches to Fax mode (it will initiate a re-INVITE with T.38 support to the Fax Server). If Fax tone detection is disabled, the  SBC Edge will pass-through the Fax tones to the Fax server and the Fax server will have to detect them and initiate a re-INVITE to switch to Fax mode with T.38.

I’ve encountered this with ISDN to the carrier feeding SIP to SfB, and from a SIP carriage service to an ISDN PABX. The fix is to ensure Fax Tone Detection is set to Enabled on the Media List. The issue doesn’t manifest itself for SIP-SIP calls.


The issue has been documented as SYM-23041 and is due to be fixed in a future release.


– G.

Monitoring Sonus SBC peak SIP calls

Determining the number of SIP channels to licence in your new SBC is often based on an educated guess. Many customers migrating to SIP from ISDN have been historically over-resourced for ISDN channels as their carrier (at least here in Oz) typically forces multiples of 10 channels so as to sell a 2MB PRI ISDN as a 10, 20 or 30 channel service. With luck your carrier can provide traffic figures, or a “busy hour” high water mark to note the highest number you’re expected to reach.

Having made that leap of faith you might be a little uneasy when it goes into production, but if you’re using a Sonus SBC 1k/2k/SWe you’ll be comforted to know it keeps a 25-hour rolling window so you can keep an eye on the call breakdown.

From the System / Licensing / Current Licenses page, click “Historical Usage” in the menu bar at the top:


Continue reading ‘Monitoring Sonus SBC peak SIP calls’ »

Complex Passwords OK in Cloud Connector Edition 1.4.2

Fixed in this week’s release of Cloud Connector Edition 1.4.2 is an issue where complex characters in your O365 password will prevent CCE from operating (or upgrading) successfully.

You’re prompted to provide O365 Admin credentials with the “Register-CcAppliance” step of the CCE installation process. This commandlet *will* accept a complex password without error, however if you look in “C:\Program Files\Skype for Business Cloud Connector Edition\ManagementService\CceManagementService.log” you might see things aren’t going so well:

CceService Error: 0 : Unexpected exception when reporting status to online: System.Management.Automation.CmdletInvocationException:
Logon failed for the user Please create a new credential object, making sure that you have used the correct user name and password. 
---> Microsoft.Rtc.Admin.Authentication.CommonAuthException: Logon failed for the user'. Please create a new credential object, making sure that you have used the correct user name and password. ---> 
Microsoft.Rtc.Admin.Authentication.CommonAuthException: Failed to logon with given credentials. Make sure correct user name and password provided. ---> Microsoft.Rtc.Admin.Authentication.IdcrlExtendedException:

Continue reading ‘Complex Passwords OK in Cloud Connector Edition 1.4.2’ »

Lync 2013 Server Update – March 2017

This March update takes the server to 5.0.8308.987 from January’s 5.0.8308.984. Only two components need updating this time ’round.

What’s Fixed?

  • Kb 4016533 OAuth authentication fails in Lync Server 2013 that has the January 2017 cumulative update installed

What’s New?

Nothing apparently. I can confirm no new PowerShell Commandlets materialised following its installation.
Continue reading ‘Lync 2013 Server Update – March 2017’ »

Lync 2013 / SfB 2015 Client Security Update – March 2017

By my reading it’s been 5 months since our last security update to the Office 2013-based Lync/SfB client, and this one takes us from 15.0.4903.1001 to 15.0.4911.1000. It’s listed as Critical as there’s the risk of remote code execution.

Kb 4013075 “This security update resolves vulnerabilities in the Microsoft Graphics Component on Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync. These vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document.

To learn more about the vulnerability, see Microsoft Security Bulletin MS17-013.

What’s Fixed

This security update also contains fixes for the following nonsecurity issues:

  • Kb 4013150 EWS connection issue after migrating mailbox to Exchange Online Dedicated vNext in Skype for Business 2015 (Lync 2013)
  • Kb 4013149 Update to support dedicated URLs of Black Forest and ITAR in Skype for Business 2015 (Lync 2013)

Continue reading ‘Lync 2013 / SfB 2015 Client Security Update – March 2017’ »

Installing the Sonus "SWe Lite"

Sonus announced the SWe Lite at Ignite in the US late last year and we’ve been anxiously awaiting its arrival. Well, IT’S HERE!

The SWe Lite is the “Software Edition” of Sonus’ well-established Enterprise-grade Session Border Controllers, the SBC 1000 and SBC 2000.

I’m particularly impressed with the look and feel. At a quick glance it’s indistinguishable from a 1k or 2k:

SWeLite-ChannelMonitor Calls

The GA build supports up to 100 SIP calls, 25 transcoded or encrypted sessions and a call setup rate of 10 calls per second. It’s a faithful port of the SBC we’re familiar with, so includes the bulk of the features we’ve come to rely on for years including the powerful AD integration & the invaluable real-time channel monitor (shown above).

Notably absent is inbuilt Music On Hold, although we’re assured that’s coming soon. Check out the datasheet or the page “Functional Differences Between SBC Edge and SBC SWe Lite” for more of the engineering and feature specifics.

Sonus is letting an “unlicenced” SWe Lite carry up to 5 ordinary SIP calls or 3 encrypted/transcoded calls – more on that below. In the screen-grab above I’ve established 3 calls successfully over TLS to Skype for Business and a failed fourth call attempt is what generated the “Failed to acquire licence” you can see in the Alarm View.

Continue reading ‘Installing the Sonus "SWe Lite"’ »

SfB "Cannot park call right now"

I’m on record saying Call Park is my favourite PABX feature, and its great that we have it available to us in Skype for Business.

“Parking” a call transfers it off to a “holding bay” where the caller hears MOH until such time as someone retrieves the call. If they’re left waiting too long a timeout returns it to the party who parked it.

In SfB you initiate the process by clicking Transfer, then selecting “Park the call”. All going well the call vanishes to places unknown and is replaced with a message to say “the call is parked”, and a special “Orbit” number you – or anyone – can dial to retrieve it.

Its utility eclipses that of a simple call transfer when you don’t actually know where you need to transfer the call to, or if you want to securely (or secretly) manage the process. It’s the perfect answer for a range of scenarios:

  • The attendant can park a call for someone and then over the Public Address system announce who the call’s for and at what call park “Orbit” number they’ll find it.
  • In the absence of a PA system anyone can park a call for someone, jot the Orbit number on a post-it note and personally seek out the recipient, thrusting the retrieval code into their hand.
  • It’s a more relaxed approach to an “announced (supervised) transfer”: park the call, IM the recipient and type the park location into the IM. When they’re composed and ready to take the call they retrieve it from where it’s parked.
  • Staff in open-office environments can use it to easily move a sensitive call from their shared workspace to the privacy of a meeting room. The advantage of Call Park over Transfer in this scenario is that they need not know the name of a nearby room or even if it’s occupied: just park the call and wander around until you find a safe space.

Continue reading ‘SfB "Cannot park call right now"’ »

Installing SEFAUtil Server

Tips, tricks and traps

There’s an old joke that goes “Q: Why do people take an instant dislike to <InsertNameOfUnpopularPolitician>?” “A: It saves time”. And so it is with SEFAUtil.

Without doubt SEFAUtil is an indispensable utility. “Secondary Extension Feature Activation Utility” – to give it its full name – ships in the Lync and Skype for Business “Resource Kit” (“ResKit”) download pack. When correctly integrated into the topology it gives support staff the ability to query, set and cancel all manner of call-forwarding and team/delegation settings from the comfort of their cube, without needing to visit the user or reset their AD password in order to do it remotely (after signing in as that user). It’s a godsend when someone goes on leave unexpectedly or has a catastrophic PC failure with an urgent incoming call pending, and as equally helpful when configuring the settings for executives and other ‘sensitive’ users.

Continue reading ‘Installing SEFAUtil Server’ »