Tuesday, September 30, 2014

Failed Lync Server 2013 Prerequisites on Server 2012/2012 R2

This issue has caused me grief on several servers this week and I finally figured it out... so now you benefit.

If you wait to install your Prerequisites after you run Windows Update on Server 2012/2012 R2 you will get an error


I really doesn't matter what you specify as you "Source" the Prerequisites Powershell command we all love will fail.

So if you do searches you will come across others having this issue. They solved it by running.

     dism /online /enable-feature /featurename:NetFX3 /all /Source:d:\sources\sxs /LimitAccess

Which would help... but there is one last key piece of information I'll give you... which is the point of this blog because I found the answer in a comment on an obscure blog post.

If KB2966827 or its brother KB2966828 are installed the dism command will fail to install about 67% of the way in.

Not surprisingly the work around is to uninstall either of those two KBs... or to do your Prerequisites before you run Windows Update.

There you go... my pain is your gain. Enjoy.

Thursday, August 21, 2014

So... you want to be a Lync Architect

For at least a couple years now my employer has been on a constant search for talent to deploy Microsoft Lync and the components that are part of that ecosystem. But it is getting harder to find guys that will fit in with the company culture and have a good set of fundamental skills (or phenomenal skills if we get lucky).

So I thought I'd write a post, from my perspective, about what some of the skills are that it takes to work as a consultant in this Microsoft Unified Communications world. Engineers and Architects that can do this type of work WELL are a rare find. They posses knowledge from multiple disciplines (data, voice, server apps, security etc) and combine them all to help a customer deploy a solution that fits their needs. My hope is that this will finally convince some people that are on the fence to jump in (and increase the pool of talent).

... and no you don't have to be an Architect to jump in, you can start out being an Engineer or working the support desk. You can learn as you go.


The Hard Skills

Here is the bottom line... the more of these the better.

The more of these you are excellent at... the better consultant or support engineer you'll be for your customer.

Nobody... Nobody will be an expert at all of these. But sometimes the secret is knowing others that are experts in that area... or knowing where/how to find the answers.

If you are weak in most these areas... no problem... go buy a computer, create a lab of your own and pick something and start to learn. With Microsoft based software there is usually no lack of freely available knowledge you can learn from and there are certainly plenty of books out there on all of these topics. Don't expect you will learn all of this in two weeks. I've been gathering knowledge for as far back as 20+ years and that knowledge still applies to what I do today. But everyone has to start somewhere.

Here is the list that I've come up with...
  • Active Directory
  • SQL Server
  • Windows XP/Vista/7/8/8.1 etc
  • Server 2008 R1/R2 and 2012 R1/R2
  • Office Communications Server 2007 R1/R2
  • Lync Server 2010/2013
  • Exchange 2007/2010/2013
  • System Center 2007/2012/2012 R2 via @fabriziovlp
  • Hyper Visors (Microsoft, VMWare etc) via @fabriziovlp
  • Virtual Desktop Infrastructure (Microsoft, VMWare, Citrix etc)
  • PowerShell
  • .Net Regular Expressions (RegEx)
  • Private Key Infrastructure/Certificates
  • Layer 2 Networking (Switched)
  • Layer 3 Networking (Routed)
  • IPv4
  • IPv6
  • TCP/IP
  • Quality of Service
  • Firewalls
  • Network Sniffer (Wireshark, Message Analyzer)
  • SIP
  • Audio Codecs (G.711 etc)
  • HTTP/HTTPS
  • ISDN PRI and the associated protocols/capabilities
  • T-1 (Telephony based digital circuit)
  • DS-1/DS-3 (Data based digital circuit)
  • Frame Relay
  • Avaya Blue (Nortel)
  • Avaya Red (Traditional Avaya)
  • Cisco Unified Call Manager
  • Mitel
  • Inter-tel (owned by Mitel now)
  • Shoretel
  • PBX Dial Plans
  • PBX Features
  • Analog device types
  • Fax and Fax Server
  • T.38 Codec (for Fax over IP)
  • Modem (Yes credit card and postage machines still use this)
  • Gateway/SBC (Sonus, Audiocodes, etc)


The Soft Skills
  • Good listening skills
  • Good presentation skills
  • Good communications skills (verbal and written)
  • Patience
  • Attitude toward constant learning
  • Self starter
  • Working alone
  • Working in teams
  • Working with other teams
  • Juggling lots of tasks/jobs at once
  • Prioritizing tasks
  • Bing/Google searching for information
  • Networking (the people kind)

Getting There...

This one is all on you. My unique path took me from being a network manager/admin at a University, to working 11 years for Nortel and then combining all that experience into what I do now. Some of this is hard to learn in a lab unless you are loaded with money. 

You need to surround yourself with people that know about the skills you need to work on. This is where the networking (the people kind) really comes in handy.

How do you do this?

  • Go to local users groups
  • Go to local conferences. 
  • Go to some industry conferences. 
  • Get on twitter and follow people that tweet about the things you want to learn about. 
  • Get on LinkedIn and make some connections and join some discussion groups. 
  • Read the Technet forums
  • Read some books
I'll keep updating this as I think of things... but bottom line is that this stuff isn't easy, but it is something that is able to be learned given enough time and effort.

Monday, June 9, 2014

Lync Centralized Logging Service AlwaysOn filling up hard drive

Issue

Customer was running the AlwaysOn scenario with Centralized Logging Service on Lync Server 2013. The drive was filling up with .etl files when we had set the "CacheFileLocalMaxDiskUsage".


When I observed how this was operating on a working system, I noticed as soon as the .etl file rolled over to a new one (at 20MB), it would be converted to a .cache and .hdr file and the .etl file would be deleted.

So clearly the issue was the .etl files not being converted and then deleted. This allowed a huge amount of disk space to be chewed up and for disk alerts to be sent by the customers monitoring application.

Note: if you are trying to track down where the .etl files... it does no good to type %temp%/Tracing in the run command. That will go to the currently logged in user temp directory /tracing. The Centralized Logging Service runs under "NetworkServer" and can be found:
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Tracing

Resolution

This will be an obvious one, but it still may catch people, so that is why I'm putting this blog together. The culprit was Symantec Antivirus. Once this was disabled the .etl files were converted to .cache and .hdr files as expected. The centralized logging service should have been excluded per the Technet article about excluding executables and directories for Lync Server 2013 (http://technet.microsoft.com/en-us/library/dn440138.aspx).

AT&T Hosted Firewall preventing Desktop/Application Sharing through Lync Edge

Issue

Ran into this problem a while ago and just now getting around to writing about it... but it is one of those head scratch kind of problems, until you compare a working system with the non-working system. In this case, I spotted the problem of Desktop/Application Sharing across the Lync Edge server in Wireshark when the client went to STUN the server on port 443.

I didn't realize this, but there actually is a momentary TLS negotiation on 443 STUN and the failure from the AT&T Hosted Firewall looked like this.



From the Lync Edge server perspective everything was successful. But the AT&T Hosted Firewall in the middle of the TLS negotiation was sending back this "Level: Fatal, Description: Access Denied" error instead of what the Lync Edge Server responded with. This was both an issue for Lync Server 2010 and 2013.

Resolution

The jist of the resolution was to request AT&T to do a Policy Bypass for the IP Addresses associated with the Lync Edge server. The problem was with STUN, but I would probably ask they bypass any other IPs if you have multiple IP addresses on your Lync Edge servers.

Just in case that doesn't get you far enough... I have below verbatim what was send back... so that you can coax the Level 1 support technician to find someone that really knows what they are doing (my cust went through several support people before he found someone that could fix this).
“What I did to correct the issue is to remove the Protocol Option filter from rule 4 and rule 17 in the policy that was being used for the Lync traffic.  Protocol options tell the firewall to check further into known traffic types such as http, https, smtp, ftp, etc. for expected settings.  On the HTTPS side one of those checks is ‘Allow invalid SSL certificates’ which is not enabled by default.  Since the filter is used by most of your rules in your policy I didn’t want to enable this and have all of those rules using it so instead I removed the filter from these two rules.  If you would like it re-applied but with the setting enabled a separate filter can be configured with that setting enabled and just apply that filter to the two rules.”

Wednesday, May 28, 2014

Next meeting of the Colorado Unified Communications User Group is all about bringing back some goodness from the Microsoft Exchange Conference (MEC)!

We are excited to have Jason Sherry (Exchange MVP) come talk to us about Exchange migrations!

"Exchange cross forest migrations: Free or 3rd party tools?" is the title and this session will cover the steps required to migrate from one Exchange 2000 or higher forest to Exchange 2010/2013 in another forest. A high-level outline of the steps, scripts, Microsoft tools, and notes from the fields will be discussed.  Discussion will cover the scripts included with Exchange 2010 and 2013 to migrate mailboxes across forest and how to migrate contacts, groups, policies, and many other settings that aren’t migrated by those scripts. The main focus will be the many additional steps, solutions, and scripts required to do a full fidelity migration. This session will not go into detail on Forefront Identity Manager and 3rd party solutions; however the use of them will be discussed.  This session will mainly focus on the needs of small to medium companies (< 3,000s of mailboxes). Information discussed will be helpful to any size organization that needs to do a cross forest migration.

We are also super excited to announce that ENow will be sponsoring this months meeting and we will get to hear from them about their tools inconjuction with Exchange and Hybrid solutions. If you haven't seen their products, check them out or follow them on Twitter: @ENowConsulting.

We hope that you will join us on May 29th from 4-6pm for this great session.

Also... I have another great #ucoms Update deck... you won't want to miss this one!

The meeting will be held at the Microsoft office in the Denver Tech Center.

Microsoft Offices
7595 Technology Way
Suite 400
Denver, CO 80237

Please RSVP so we can make sure there is enough food and drink

Tuesday, May 20, 2014

Chocolatey - RPM style package management for Windows

While I was researching how to deal with Forms Based Authentication from a script perspective, for my Audiocodes backup script(s), I stumbled upon Chocolatey. Chocolatey NuGet (love the name) is a Machine Package Manager similar to what RPMs are for Linux. This allows crazy simple install and uninstall of software from PowerShell... silently.

There are currently 1872 unique packages available and they install with a simple command like:

     cinst sysinternals

Simple, eh?

If you want to install Chocolatey just go to their home page and run the install command from within a cmd window. Then search for packages that are interesting to you...

Here are some that are my favorites so far:

Sysinternals
http://chocolatey.org/packages/sysinternals

PuTTY
http://chocolatey.org/packages/putty

Fiddler
http://chocolatey.org/packages/fiddler

cURL
http://chocolatey.org/packages/curl

Wireshark
http://chocolatey.org/packages/wireshark

Anyway... you get the idea... now go have some fun!

Monday, April 21, 2014

Presenting at Best of Lync Conference 2014 - Denver

Did you miss Lync Conference 2014 because it sold out? Couldn't get the boss to spring for a trip to Vegas? Well, not to worry, the Colorado Unified Communications User Group has you covered.

We are pleased to announce the Best of Lync Conference 2014 - Denver!

On April 24th, from 9am-1pm, we will be hosting sessions that are based on the content that was delivered at the Lync Conference in Vegas. I will be presenting the Technical Deep Dive for Lync-Skype Video.

Agenda:

8:15-9:00am – Welcome (food sponsored by Clarity Connect)
9:00-9:30am - Keynote
9:30-10:00am - "Our Story - New Belgium Brewing"
10:00-11:00am - Session 1 (Business and Technical)
11:00am-12:00pm - Session 2 (Business and Technical)
12:00-1:00pm - Lunch/Device Bar/Sponsors (Lunch is sponsored by AudioCodes)

Business Track Topics:
  • Enhancing your Voice Rollout to Make it a Killer Success for the Business
  • Better Meetings through Lync
Technical Track Topics:
  • Technical Deep Dive for Lync-Skype Video 
  • Video – What in the World are You Doing to My Network?
There will be three Lync MVP's speaking:
  • Jonathan McKinney
  • Mike Stacy
  • Jeff Schertz
We would like to thank our sponsors for their support. We will have food and giveaways thanks to Jabra, AudioCodes and Clarity Connect!

Hope to see you there!

The event will be held at the Microsoft office in the Denver Tech Center.

Microsoft Offices
7595 Technology Way
Suite 400
Denver, CO 80237

Please RSVP so we can make sure there is enough food and drink