One user’s calls won’t sim-ring

Posted by Greig Sheridan on 13 May 2016, 8:22 am

I encountered an interesting situation this week where a user’s calls wouldn’t sim-ring. All of the evidence said it was active, but it just wouldn’t happen; there was no attempt to initiate the sim-ring leg when an incoming call arrived.

Sim-ring remained visible to the client, was captured in the XML in his client’s Lync-UccApi-0.UccApilog, and all looked good via the dreaded SEFAUtil. We could remove and reinstate it repeatedly to no avail.

I should mention that it’s working OK for others in the office, so it’s not going to be some system-wide issue like bad gateway config.

I’ve seen strangeness like this before that turned out to be related to the mobile client, so I ran the indispensable Get-CsConnections.ps1 to see how many client devices he was using. This gave me my most interesting clue so far: everyone else in the office is on the Office 2013 client – this dude? 2016!

Continue reading ‘One user’s calls won’t sim-ring’ »

Yealink Licence file for Lync & SfB

Posted by Greig Sheridan on 1 May 2016, 1:03 pm

Should you happen to stumble across a Yealink phone on eBay and decide to rebirth it as a new Skype for Business device you’re likely to receive an unexpected surprise after you load the Lync/SfB firmware – it needs a licence:

Contact your local Yealink distributor (that’s Alloy Computer Products here in Australia) and try your hand at getting a licence file. It’s coded to the phone’s MAC address – so obviously that makes it single-use. It also means you’ll want the MAC address handy when you’re asking.
Continue reading ‘Yealink Licence file for Lync & SfB’ »

Yealink phone immediately reverts after firmware upgrade

Posted by Greig Sheridan on 30 April 2016, 10:50 am

This is one for those of you like me who get a little forgetful, or maybe belong to a larger team and sometimes trip each other up.

If you upgrade a Yealink phone’s firmware using its WebUI and it immediately downgrades itself again, just check someone’s not previously loaded and Approved a firmware version in Lync/SfB.

Get-CsDeviceUpdateRule | ? {$_.Brand -match "Yealink"}

In my Lab I had (some time back) approved the .cab version of 35.7.0.50 & after I manually upgraded it to 35.8.0.20 it IMMEDIATELY downgraded itself back to 35.7.0.50. Removing the device update rule stopped this happening and let me get the later version installed.

If you’ve not seen it yet, check out Randy’s comprehensive review of the T48G running v35.8.0.5 firmware.

– G.

Is my Yealink SIP or Skype?

Posted by Greig Sheridan on 30 April 2016, 10:29 am

Out of the box it can be a bit confusing to tell if your Yealink phone is running the generic SIP firmware or the special Lync/SfB build – and yes, unlike the competitor, they’re different. It can be a little harder if you’re trying to do this remotely and can’t see the phone’s screen. Here are a few clues.

You’re running SIP if…

The firmware version is anything like “35.73.0.28″ or “35.80.0.95″ (where the leading “35” in this case indicates it’s for a T48G)
The idle screen looks like this:
The Account/Register tab looks like this (very busy with a pulldown to setup multiple accounts):

Continue reading ‘Is my Yealink SIP or Skype?’ »

Update-SfbCertificate.ps1

Posted by Greig Sheridan on 28 April 2016, 7:56 am

Skype for Business – like so much else these days – relies on PKI certificates, and the community has risen to the opportunity with some great tools to help us manage them.

Here are two in my “essentials” kit:

Check out the “Lync Certificates Report“: If you’ve not found it already, Guy Bachar & Yoav Barzilay (with some input from Anthony Caragol) – and now Amanda Debler – have crafted a fantastic script that will read your Lync/SfB topology and query all the servers (using WinRM) and gateways then prepare a report showing how long each of the cert’s still has to live.
If your new OAuth cert isn’t replicating or your Front-End service won’t start, it might be due to bad cert placement. David Paulino’s “Test-CertificateStore.ps1” to the rescue!

I recently found myself needing to update ALL of the internal certs for a couple of deployments – one of them quite large – and I spent many hours checking and re-checking to make sure I’d not misspelt or overlooked a SAN in all of the requests.

Yes, the Deployment Wizard and PowerShell are meant to include all of the expected SANs in the automated request, but your existing certificate might contain others that aren’t added automatically:

a site-specific simple URL (thank you Justin for the walk-through)
the scheduler (nod to Chad)
ucupdates-r2
or all of the Front-End FQDNs so the one cert can be deployed across the entire EE pool.

PowerShell to the rescue! Continue reading ‘Update-SfbCertificate.ps1’ »

SfB 2016 Client Security Update – April 2016

Posted by Greig Sheridan on 16 April 2016, 1:10 pm

This week’s security update also affects the Office 2016-based Lync/SfB client:

Kb3114960 “MS16-039: Description of the security update for Skype for Business 2016: April 12, 2016

This security update resolves vulnerabilities in Skype for Business 2016 that could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS16-039.

For a complete list of affected software, see Microsoft Knowledge Base article 3148522“.

Continue reading ‘SfB 2016 Client Security Update – April 2016’ »

Lync 2013 / SfB 2015 Client Security Update – April 2016

Posted by Greig Sheridan on 16 April 2016, 12:25 pm

This week’s security update takes the Office 2013-based Lync/SfB client from 15.0.4805.1000 to 15.0.4809.1000.

Kb3114944 “MS16-039: Description of the security update for Lync 2013 (Skype for Business): April 12, 2016.

This security update resolves vulnerabilities in Microsoft Lync 2013 and Skype for Business. The vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts.To learn more about the vulnerabilities, see Microsoft Security Bulletin MS16-039.

For a complete list of affected software, see Microsoft Knowledge Base article 3148522“.
Continue reading ‘Lync 2013 / SfB 2015 Client Security Update – April 2016’ »

Lync 2013 Server Update – April 2016

Posted by Greig Sheridan on 16 April 2016, 9:29 am

An April update to the Lync 2013 server has landed, taking the server from 5.0.8308.945 to 5.0.8308.949. Five components are patched, however as at this date (April 16th) the Kb article – or at least the version dished by Microsoft’s CDN to me in Sydney – hasn’t been updated with the content, and one of the Kb articles referenced in the installer (Kb3140584) is giving “This page does not exist”.

What’s Fixed?

This cumulative update fixes the following issues:

Kb3148961 Event ID 56417 when the window title of combined programs exceeds 128 characters in Lync Server 2013
Kb3148960 “New sharer joined the conference” message when you try to share your desktop in an online meeting in Lync Server 2013
Kb3148959 Bootstrapper.exe doesn’t start on a non-English version of Lync Server 2013 RTM
Kb3148950 Contacts and meeting dates are lost on Lync Server 2013 Front End server
Kb3141122 Debug-CsInterPoolReplication returns “BATCHES OUT OF SYNC” error in Skype for Business Server 2015 or Lync Server 2013
Kb3148965 You hear noise or nothing at all when a call is forked to a PSTN number in Lync Server 2013
Kb3148962 Stop error D1 when you try to stop Lync Edge services gracefully in Lync Server 2013
Kb3148950 Contacts and Meetings dates may be lost on Lync Server 2013 Front End server
Kb3148956 Lync Server 2013 announcement service can’t transfer an incoming call from iOS device
Kb3148256 Event ID 31128 occurs when RGS can’t synchronize an Agent Group member’s SIP address

Continue reading ‘Lync 2013 Server Update – April 2016’ »

Review: Busylight Omega

Posted by Greig Sheridan on 2 April 2016, 9:56 am

It turns out that my last review of external presence indicators (generically “Busylights”) was over three years ago, so with the arrival of the Kuando Busylight “Omega” recently I thought I should see what’s changed in both camps.

Bart’s here for scale modelling the Kuando models, with the Omega on the left sitting next to the original “Alpha” model:

(I should point out that the Alpha’s had a few upgrades since the original model above. It’s now in a more sleek black, and arrives with magnets integrated into the base for a quick ‘stick’ to your metal monitor stand, etc – and even ships with a matching little metal plate you can attach if your surrounds are non-ferrous. Or just use the provided double-sided tape to make it ‘permanent’).
Continue reading ‘Review: Busylight Omega’ »

Compare-PkiCertificates.ps1

Posted by Greig Sheridan on 27 March 2016, 11:44 am

I recently went looking for a script that would compare two “identical” certificates for me and highlight the differences between them. I drew a blank. It might be out there, but I missed it – so I wrote my own.

“Compare-PkiCertificates.ps1” takes the thumbprints of two certificates you expect to be similar or identical, and uses your existing PowerShell colour scheme to show you where they differ. Your environment’s Warning colour (yellow in my screen-grab below) shows the bits we expect to be different (the “not before”, “not after”, “serial number” and “thumbprint” values) whilst your Error colour (red below) shows the “unexpected differences” like extra or missing SANs, changes to the key size, etc.

Continue reading ‘Compare-PkiCertificates.ps1’ »

greiginsydney.com

… and I thought I saw a 2