Thursday, January 12, 2017

Skype for Business Patching Process

Patching of the Skype for business front end pool is critical as well as very risky. Certain steps needs to be followed for SFB pool patching. Below are the steps to follow during patching of SFB servers.

Verify the replica status of the pool running below

Get-CsPoolFabricState -PoolFqdn <PoolFQDN>

If the result shows any missing replicas fix/recover the same using below command

Reset-CsPoolRegistrarState -ResetType QuorumLossRecovery

If you are applying Cumulative Updates to SFB servers verify the upgrade readiness state before applying CU


If the result is not ready wait till the readiness of the upgrade domain. Apply the cumulative updates based on the Upgrade domain

Once both the commands are verified failover the computer which is going to be patched first.

Invoke-CsComputerFailOver -ComputerName <Front End Server to be patched>

Apply the patches to the server
Run the below command once the server returned back after patching.

Invoke-CsComputerFailBack -ComputerName <Front End Server patched>

Follow the above steps on each Front End servers one by one.

Tuesday, August 25, 2015

Lync 2013 Issue with EWS integration - Continuous Prompt for Credentials

Reason to write this article is recently i faced an issue for EWS integration with Skype For Business/Lync 2013.This may be helpful for you....

Most of the articles talking about adding the domain to trusted model registry,auto-discovery and EWS URLs configuration.But after doing all these my issue did not solved.

Issue: EWS Status showing EWS is not fully Initialized / EWS Not Deployed

Basic Things we need to check :-

  • DNS Entry for,Client machine should be able to resolve auto discover and EWS URLs
  • If the SIP domain and SMTP Domain is different Email address Comparisoncheckdisabled value in Client policy should be True.
  • EWS URL Should be deployed in Exchange Organisation
  • Basic Authentication should be Enabled for Auto discover and EWS Virtual directory of Exchange server(All CAS Servers).
  • Verify the Basic authentication using below command
    Get-AutodiscoverVirtualDirectory -Server <CAS01> |fl BasicAuthentication .This should return value True.
    If false set the value using 
    Set-AutodiscoverVirtualDirectory -Server <CAS01> -BasicAuthentication $true
    Get-WebServicesVirtualDirectory -Identity CAS01 |fl BasicAuthentication .This Should return value True.
    If false set the value using
    Set-WebServicesVirtualDirectory -Identity CAS01 -BasicAuthentication $true
  • System web Proxy(PAC File or Manual Proxy) should exclude auto discover and EWS URLs
Now Will come to actual issue.Even after implementing all the above Lync client was not able to authenticate with Exchange server.Authentication windows was continuously popping up/Not accepting the credentials.

Solution:-We used fiddler to check what is happening with Exchange URL connectivity from Lync and found Lync client is trying to authenticate with Exchange using Negotiate:Kerberose mode and getting 401 Unauthorized access

  • Logged on to Exchange server
  • Opened INETMGR
  • Clicked on Auto discover Virtual Directory
  • Clicked on Authentication
  • Right Click on Windows authentication and Select Providers
  • Move NTLM to Top
  • Repeated the same for EWS

But even after doing this Lync is trying to Negotiate for the challenge

  • Logged on to Exchange server
  • Opened INETMGR
  • Clicked on Auto discover Virtual Directory
  • Clicked on Authentication
  • Right Click on Windows authentication and Select Providers
  • Remove Negotiate mode
  • Repeated the same for EWS

Enjoy Reading...Any doubt please comment...

Monday, April 29, 2013

Limited Functionality Error After Cumulative update

After Installing cumulaive update on all Lync servers we need to update database.
Installation of update will be very smooth and very less issues.But when it comes to update database its very critical and your heart beat will increase!!!For me yes..i have very bad experience on update database command.Whenever i have updated my database(SQL Cluster) My lync shows limited Functionlity error.
I tried with bothe of the commands

1- Install-CsDatabase -Update -ConfiguredDatabases -SqlServerFqdn <EEBE.Fqdn> -UseDefaultSqlPaths

2- Install-CsDatabase -Update -ConfiguredDatabases -SqlServerFqdn <EEBE.Fqdn>

Initially i struggled alot and played in SQL,but no luck last i got the solution.
Whenever i am getting Limited Functionlaty error i went and checked in my SQL databases using SQL management Studio and Found my rtcdyn database changed to single user mode.If i try to alter the same to multiuser mode it will not allow.
But Dont worry rtcdyn doesn't have any critical datat and it is only a dynamic content based on users login and activities it will udate.So what i done here is

Stoped SQL services
Gone to the physical path of the rtcdyn data path and Log Path
Renamed those files to something Else
Started SQL services
Open SQL Management Studio
Now you can see empty rtcdyn Database
Just right Click and delete the same.
Now goto the Front end server and run Below command

Install-CsDatabase -Update -ConfiguredDatabases -SqlServerFqdn < EEBE.Fqdn > -DatabasePaths <RtcDyn log path>, <RtcDyn data path>

 This will recreate your rtcdyn database and if you signout your Lync and signin back you can see preence and contacts.

If you have any suggession or any other solution Feel free to write here in Comments.


Thursday, January 10, 2013

Lync 2013 Guides

Microsoft come up with new product every now and there it is very difficult to support people to upto date on their technologies.Anyway we have to be upto dated else we will be out of market.
Ignite have wonder full document to learn more about Lync 2013 and Exchange 2013 ,here it goes

Lync 2013 Guides

Exchange 2013 Guides

Thursday, December 20, 2012

Move CMS from Lync 2010 to Lync 2013

When we introduce Lync 2013 on Lync 2010 infra CMS will be on Lync 2010.So if we want to move the CMS to new 2013 pool here is the steps.
For safer part we can take config backup using export-csconfig and export-cslisconfig.
Next step is to install CMS store new Lync 2013 pool for that run the below command.

Install-Csdatabase -centralmanagementdatabase -usedefaultsqlpaths -sqlserverfqdn <backendsqlserverfqdn>

Next step is to move CMS server.


If the source cms server is offline you can use below command.

Move-CsManagementServer -ConfigurationFileName "C:\" -LisConfigurationFileName "C:\" -Force

Thursday, November 22, 2012

Lync with Cisco VCS Integration/HD Integration

Most of the organisation wil be having High defnition conference feature available.So the users who are using Lync they can utilise that feature using Lync client easily with below steps.The document is svailable on Cisco sites but still below one will be an easy refernce for you.

First you need to add VCS domain as truted application in Lync topology then only Lync will accept request from VCS.

Here is command to make VCS as trusted application:
1- Add application pool
New-CsTrustedApplicationPool -Identity <vcsdomainfqdn> -Registrar LyncFEPool -site <Sitenumber you want to integrate> -RequiresReplication $false -ThrottleAsServer $true -TreatAsAuthenticated $true

2- Add application
New-CsTrustedApplication -ApplicationID VCSApplication1 -TrustedApplicationPoolFqdn <vcsdomainfqdn> -Port 5061
3- Set The encryption Level.
set-CsMediaConfiguration -EncryptionLevel supportencryption
4- Create static route to route the request towards VCS.
$Route1=New-CsStaticRoute -TLSRoute -Destination "vcsdomainfqdn" -MatchUri "domainname" –Port 5061 -UseDefaultCertificate $true
Set-CsStaticRoutingConfiguration -Identity global -Route @{Add=$Route1}

Above part is from Lync side.Same way need to configure Cisco VCS to accept lync request.
Once both side configured you can dial conference number from Lync and enjoy the conference from your Desk.

Wednesday, November 21, 2012

Port Requirements for Lync 2010 Application sharing with external user

For Small buisness network this topic may not be that much usefull,but for a Large enterprise with restricted network setup this will be very usefull.Below requirements i captured using lot of testing and network tracing.When i recieved this requirement there was no articles clearly mentioned about how we can achieve this,all was mentioned some specific ports for application wise.

Scenario:Users are sitting in a restricted network.User only have text IM access with othere users as well as federation/external users.Requirement here is to application sharing with external/federated users.After the study i concluded with below ports for application sharing with external users.

Public to edgeserver:




TCP/50,000-59,999 (Outbound only)
From the internal Client to the internal Edge:

TCP - 443
UDP – 3478
Above ports for only to conference and Media traffic from internal user to External user.
If you wanted to have internal conference between 2 restricted netwok users below is the port requirements.
Client to Front End Pool
49152 to 57500
49152 to 65535
Client to AV Pool
49152 to 57500
57501 to 65535