“Customizing security roles” for SfB reports is not supported

Posted by Greig Sheridan on 22 May 2016, 10:59 am

My commiserations to you. If Google has brought you here because you’re not able to deploy Skype for Business monitoring reports, I have some bad news for you.

You’ve just tried to deploy reports to SQL 2014 Web Edition – and that’s not a supported version.

The linked article above is quite definite: “If you don’t see the SQL Server edition you want to use listed here, you can’t use it.”

Microsoft.ReportingServices.Diagnostics.Utilities.OperationNotSupportedException: The feature: “Customizing security roles” is not supported in this edition of Reporting Services. An error occurred when deploying Monitoring Reports. For details, see the log.

(I have no idea where it hides the log).

Lync 2013 Server Update – May 2016

Posted by Greig Sheridan on 22 May 2016, 10:09 am

Curiously designated as an April update on the “Updates for Lync Server 2013” webpage, we now have a late-May 2016 update for the Lync 2013 server. This takes the five components that were patched last month to a “release 2.0” (or later) refresh and bumps them up from 5.0.8308.949 to 5.0.8308.956.

What’s Fixed?

There appears to be nothing fixed in this re-release. The posted “fixed in this release” details are unchanged from the April update.

What’s New?

Nothing apparent just yet.

Continue reading ‘Lync 2013 Server Update – May 2016’ »

One user’s calls won’t sim-ring

Posted by Greig Sheridan on 13 May 2016, 8:22 am

I encountered an interesting situation this week where a user’s calls wouldn’t sim-ring. All of the evidence said it was active, but it just wouldn’t happen; there was no attempt to initiate the sim-ring leg when an incoming call arrived.

Sim-ring remained visible to the client, was captured in the XML in his client’s Lync-UccApi-0.UccApilog, and all looked good via the dreaded SEFAUtil. We could remove and reinstate it repeatedly to no avail.

I should mention that it’s working OK for others in the office, so it’s not going to be some system-wide issue like bad gateway config.

I’ve seen strangeness like this before that turned out to be related to the mobile client, so I ran the indispensable Get-CsConnections.ps1 to see how many client devices he was using. This gave me my most interesting clue so far: everyone else in the office is on the Office 2013 client – this dude? 2016!

Continue reading ‘One user’s calls won’t sim-ring’ »

Yealink Licence file for Lync & SfB

Posted by Greig Sheridan on 1 May 2016, 1:03 pm

Should you happen to stumble across a Yealink phone on eBay and decide to rebirth it as a new Skype for Business device you’re likely to receive an unexpected surprise after you load the Lync/SfB firmware – it needs a licence:

Contact your local Yealink distributor (that’s Alloy Computer Products here in Australia) and try your hand at getting a licence file. It’s coded to the phone’s MAC address – so obviously that makes it single-use. It also means you’ll want the MAC address handy when you’re asking.
Continue reading ‘Yealink Licence file for Lync & SfB’ »

Yealink phone immediately reverts after firmware upgrade

Posted by Greig Sheridan on 30 April 2016, 10:50 am

This is one for those of you like me who get a little forgetful, or maybe belong to a larger team and sometimes trip each other up.

If you upgrade a Yealink phone’s firmware using its WebUI and it immediately downgrades itself again, just check someone’s not previously loaded and Approved a firmware version in Lync/SfB.

Get-CsDeviceUpdateRule | ? {$_.Brand -match "Yealink"}

In my Lab I had (some time back) approved the .cab version of 35.7.0.50 & after I manually upgraded it to 35.8.0.20 it IMMEDIATELY downgraded itself back to 35.7.0.50. Removing the device update rule stopped this happening and let me get the later version installed.

If you’ve not seen it yet, check out Randy’s comprehensive review of the T48G running v35.8.0.5 firmware.

– G.

Is my Yealink SIP or Skype?

Posted by Greig Sheridan on 30 April 2016, 10:29 am

Out of the box it can be a bit confusing to tell if your Yealink phone is running the generic SIP firmware or the special Lync/SfB build – and yes, unlike the competitor, they’re different. It can be a little harder if you’re trying to do this remotely and can’t see the phone’s screen. Here are a few clues.

You’re running SIP if…

The firmware version is anything like “35.73.0.28″ or “35.80.0.95″ (where the leading “35” in this case indicates it’s for a T48G)
The idle screen looks like this:
The Account/Register tab looks like this (very busy with a pulldown to setup multiple accounts):

Continue reading ‘Is my Yealink SIP or Skype?’ »

Update-SfbCertificate.ps1

Posted by Greig Sheridan on 28 April 2016, 7:56 am

Skype for Business – like so much else these days – relies on PKI certificates, and the community has risen to the opportunity with some great tools to help us manage them.

Here are two in my “essentials” kit:

Check out the “Lync Certificates Report“: If you’ve not found it already, Guy Bachar & Yoav Barzilay (with some input from Anthony Caragol) – and now Amanda Debler – have crafted a fantastic script that will read your Lync/SfB topology and query all the servers (using WinRM) and gateways then prepare a report showing how long each of the cert’s still has to live.
If your new OAuth cert isn’t replicating or your Front-End service won’t start, it might be due to bad cert placement. David Paulino’s “Test-CertificateStore.ps1” to the rescue!

I recently found myself needing to update ALL of the internal certs for a couple of deployments – one of them quite large – and I spent many hours checking and re-checking to make sure I’d not misspelt or overlooked a SAN in all of the requests.

Yes, the Deployment Wizard and PowerShell are meant to include all of the expected SANs in the automated request, but your existing certificate might contain others that aren’t added automatically:

a site-specific simple URL (thank you Justin for the walk-through)
the scheduler (nod to Chad)
ucupdates-r2
or all of the Front-End FQDNs so the one cert can be deployed across the entire EE pool.

PowerShell to the rescue! Continue reading ‘Update-SfbCertificate.ps1’ »

SfB 2016 Client Security Update – April 2016

Posted by Greig Sheridan on 16 April 2016, 1:10 pm

This week’s security update also affects the Office 2016-based Lync/SfB client:

Kb3114960 “MS16-039: Description of the security update for Skype for Business 2016: April 12, 2016

This security update resolves vulnerabilities in Skype for Business 2016 that could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS16-039.

For a complete list of affected software, see Microsoft Knowledge Base article 3148522“.

Continue reading ‘SfB 2016 Client Security Update – April 2016’ »

Lync 2013 / SfB 2015 Client Security Update – April 2016

Posted by Greig Sheridan on 16 April 2016, 12:25 pm

This week’s security update takes the Office 2013-based Lync/SfB client from 15.0.4805.1000 to 15.0.4809.1000.

Kb3114944 “MS16-039: Description of the security update for Lync 2013 (Skype for Business): April 12, 2016.

This security update resolves vulnerabilities in Microsoft Lync 2013 and Skype for Business. The vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts.To learn more about the vulnerabilities, see Microsoft Security Bulletin MS16-039.

For a complete list of affected software, see Microsoft Knowledge Base article 3148522“.
Continue reading ‘Lync 2013 / SfB 2015 Client Security Update – April 2016’ »

Lync 2013 Server Update – April 2016

Posted by Greig Sheridan on 16 April 2016, 9:29 am

An April update to the Lync 2013 server has landed, taking the server from 5.0.8308.945 to 5.0.8308.949. Five components are patched, however as at this date (April 16th) the Kb article – or at least the version dished by Microsoft’s CDN to me in Sydney – hasn’t been updated with the content, and one of the Kb articles referenced in the installer (Kb3140584) is giving “This page does not exist”.

What’s Fixed?

This cumulative update fixes the following issues:

Kb3148961 Event ID 56417 when the window title of combined programs exceeds 128 characters in Lync Server 2013
Kb3148960 “New sharer joined the conference” message when you try to share your desktop in an online meeting in Lync Server 2013
Kb3148959 Bootstrapper.exe doesn’t start on a non-English version of Lync Server 2013 RTM
Kb3148950 Contacts and meeting dates are lost on Lync Server 2013 Front End server
Kb3141122 Debug-CsInterPoolReplication returns “BATCHES OUT OF SYNC” error in Skype for Business Server 2015 or Lync Server 2013
Kb3148965 You hear noise or nothing at all when a call is forked to a PSTN number in Lync Server 2013
Kb3148962 Stop error D1 when you try to stop Lync Edge services gracefully in Lync Server 2013
Kb3148950 Contacts and Meetings dates may be lost on Lync Server 2013 Front End server
Kb3148956 Lync Server 2013 announcement service can’t transfer an incoming call from iOS device
Kb3148256 Event ID 31128 occurs when RGS can’t synchronize an Agent Group member’s SIP address

Continue reading ‘Lync 2013 Server Update – April 2016’ »

greiginsydney.com

… and I thought I saw a 2

“Customizing security roles” for SfB reports is not supported

Lync 2013 Server Update – May 2016

What’s Fixed?

What’s New?

One user’s calls won’t sim-ring

Yealink Licence file for Lync & SfB

Yealink phone immediately reverts after firmware upgrade

Is my Yealink SIP or Skype?

You’re running SIP if…

Update-SfbCertificate.ps1

SfB 2016 Client Security Update – April 2016

Lync 2013 / SfB 2015 Client Security Update – April 2016

Lync 2013 Server Update – April 2016

What’s Fixed?