Script: Lync Certificates Report gets an updated with SfB & EDGE servers support

Back in August 2014 I’ve published a script that y0avb and I wrote for retrieving Lync Servers Certificate information and creating HTML based report that can be sent via email.

Report

One of the main feedback we got is to add the EDGE Servers information to the script as well so users can get a full picture of the assigned certificates in their environment.

We’ve did some research and tests a couple of alternatives and we finally were able to pull the EDGE certificates information using PSRemoting.

Prerequisites:

In order to retrieve the Certificates information from the EDGE servers we need to use PSRemoting and Windows Remote Management for access.

This requires two major modifications:

1) On the Front End servers – Enabling TrustedHosts configurations:

Set-Item WSMan:\localhost\Client\TrustedHosts -Value “*” -Force

2) On the EDGE servers – Enabling HTTP Compatibility Listener for Remote access:

Set-Item WSMan:\localhost\Service\EnableCompatibilityHttpListener -Value True

Once enabled, you need to make sure port 80 is enabled from the computer where the script run to the EDGE internal IP.

Another options is to open the default PSRemoting Port as well (5895) and make sure to change the Parameter in the script ($PSRemoteConnectionPort).

To view existing listeners, you can use the following command:

winrm enumerate winrm/config/listener

Download:

Script Usage:

1) Retrieving all Lync Front End Pools Certificates information

.\LyncCertReport-v0.46.ps1

2) Retrieving all Lync Front End Pool Certificates information in addition to the EDGE Servers and OWAS Servers

.\LyncCertReport-v0.46.ps1 -EdgeCertificates -OWASCertificates

3) Retrieving all Lync Front End Pool Certificates information in addition to the EDGE Servers

.\LyncCertReport-v0.46.ps1 -EdgeCertificates

4) Retrieving all Lync Front End Pool Certificates information in addition to the OWAS Servers

.\LyncCertReport-v0.46.ps1 -OWASCertificates

5) Retrieving a spesific Front End Pool Certificates information

.\LyncCertReport-v0.46.ps1 -FEPool

Please provide any feedback if you have any (@GuyBachar & @y0avb)

Exchange Online Auto Attendant does not transfer calls to extensions in Skype for Business Server 2015

I’ve recently encountered a problem after upgrading my production environment Skype for Business Server 2015 with normalizing extension numbers coming from the Exchange Online Auto Attendant.

In my company we have integration between Exchange Online and Skype for Business Server 2015 On-Premises and one of the management requirements is to have granular Auto Attendant features with Menu navigation.

In order to achieve this, we are using the Exchange Online Auto Attendant features which allow you to transfer calls to Lync Users based on the user UM extension and the matching SIP address.

The Problem:

On Lync 2013 everything worked as expected and all calls were transferred to the right extension once the business hours menu navigation was on.

After upgrading to Skype for Business Server 2015, it turned out that during business hours when the Menu navigation was played, calls were not being transferred to Lync users, but just looping the Exchange auto attendant play message instead.

What was even weirder was the fact the if we switched the Auto Attendant to Off Business Hours when there is no menu navigation but just an option to enter a user extension, it did worked and the call was successfully transferred to the Lync user.

To make a long story short:

  • Setting Enabling Business hours menu navigation with different prompt options which result in Extension transfer stopped working.
  • Calling to the Auto Attendant on Non-Business hours where Menu Navigation is disabled result in a Voice command instructing you to type the actual extension of the user, once the extension was entered the call was transferred successfully.

image

Troubleshooting

Once we were able to reproduce the problem, we decided to take some logging on the Front-End’s to determine why there is a different behavior between typing an extension manually and choosing a menu selection for transfer a call to the exact same extension.

Scenario #1: Menu Navigation Enabled During Business Hours

In this scenario, I dialed to the Auto Attendant during Business Hours and selected option #4 in the menu navigation which supposed to transfer to me to extension 7089 which is my UM extension.

What you can see in the logs is that instead of translating my extension to my SIP address, the SfB server is trying to ring at 7089 number which does not resolve at a user and eventually a BYE is being sent back. You can also see it in the REFER messages that the REFER to is resolved to a number instead of SIP URI of my user.

image

Scenario #2: Menu Navigation Disabled During Non Business Hours

During Off Business Hours, the Auto Attendant does not play menu options, but just a general voice prompt saying: “Enter the extension of the person you calling”, once I hit the exact same extension number 7089, you can see it resulted in REFER TO that translated to the proper SIP Address of my user account and there the call is being transferred.

image

Workarounds:

I’ve been told by a Microsoft engineer that it is seems to be a BUG within Skype for Business Server and the way it normalized those UM Extensions, and that they got a few calls already describing similar problem.

As of now, it seems the workarounds are either one of the following options until Microsoft will be able to fix it:

  1. Move the CsEXUmContact object back to a Lync 2010 / 2013 server if you have any server within the topology.
  2. Disable the Menu navigation option on the Exchange Auto Attendant side and allow to dialing direct extension with no key-mapping.

Update: Microsoft confirmed this behavior will be fixed in CU1 for Skype for Business Server.

Script: Exchange Online Audit Log Reports (HTML Format)

One of my favorite scripts is Mike Pfeiffer Administrator Audit Log Reports in HTML Format script which allows you go get a daily HTML report via email of all the changes that we made on your on-premises environment.

This is actually a great way to monitor you environment, not specifically to blame someone if he something went wrong, but in case there are issues or human error, it allow you to look back in the history and see what changes were made any by who.

Office 365 Challenge

I was wondering to myself, how complicated would it be to use the same script , but make it work on Office 365 Exchange Online environment so we can get the same level of reporting and auditing changes, but on Exchange Online.

I’ve asked Mike for permission to take his script and together with Yoav Barzilay we modified it a bit, and we proudly presenting you with Get-ExchangeOnlineAuditReport, the same functionally but for Office 365 Environment Smile

Untitled

We’ve included the Exchange Online connectivity in the tool and also had some additional options such as including Proxy if you have any and also be able to load credentials directly from the credential manager instead of putting it hardcoded in the script exposes to all.

Download:

TechNet Gallery | OneDrive

Prerequisites:

1. Creating a Generic Credential under the Credential Manager > Windows Credentials. The name appears in the “Internet or network address” is the name of the parameter of $TenantCredentialKey

image

image

2. Having an internal/external SMTP server that can relay your email messages, in case you don’t provide email parameters there will be a daily HTML file being put under the %TEMP% folder so you can access it manually.

Usage:

1. Creating an HTML file with the report under the %temp% folder

 .\Get-ExchangeOnlineAuditReport.ps1 –TenantCredentialKey

2. Sending the Report VIA email (can be used in a scheduled task as well):

 .\Get-ExchangeOnlineAuditReport.ps1 –TenantCredentialKey -to
to@smtp.domain -from from@smtpd.domain –smtpserver

3. Sending the Report VIA email (can be used in a scheduled task as well) while having Proxy enabled on the server:

 .\Get-ExchangeOnlineAuditReport.ps1 –TenantCredentialKey -to
to@smtp.domain -from from@smtpd.domain –smtpserver  –ExchangeOnlineWithProxy

Task Scheduler:

Just create a simple task with the following lines as the commands and make sure you run it with highest privileges:

image

1. Creating a daily HTML report in the %TEMP% Folder:

Powershell.exe -command “& ‘C:\Scripts\Get-ExchangeOnlineAuditReport.ps1′ -TenantCredentialKey ””

2. Creating a daily HTML report being sent via email:

Powershell.exe -command “& ‘C:\Scripts\Get-ExchangeOnlineAuditReport.ps1′ -TenantCredentialKey ” -To <to@smtp.domain> -From <from@smtp.domain> -SmtpServer “

3. Creating a daily HTML report being sent via email when Proxy is configured:

Powershell.exe -command “& ‘C:\Scripts\Get-ExchangeOnlineAuditReport.ps1′ -TenantCredentialKey ” -To <to@smtp.domain> -From <from@smtp.domain> -SmtpServer -ExchangeOnlineWithProxy”

Script: Connect to Office 365 PowerShell modalities at once by using Credential Manager for authentication

Recently I’ve found myself connecting to a lot of my customers online environments and even mine by using PowerShell with the annoying habit of searching Google/Bing for the following phrases:

  • Connect to Exchange online using PowerShell
  • Connect to Lync online using PowerShell
  • Connect to Office 365 using PowerShell

Though it’s relatively not a complicated task to do or remember, it’s still a 3-steps process that also includes providing credentials every time for every modality.

In order to solve this extremely awful situation Smile, I’ve decided to write a script which allows the following major options:

  • Being able to use an existing credential out of the credential manager instead of typing the credential every time.
  • Being able to connect to all modalities at once instead of doing it one at a time by just specifying the required parameters.
  • Being able to connect to Exchange online by using IE Proxy settings for companies who uses proxy servers to connect

Usage:

Connect to Office 365 Only:

  • .\Get-MeOnline.ps1 -TenantCredentialKey -Office365Online

Connect to all modalities at once:

  • \Get-MeOnline.ps1 -TenantCredentialKey -Office365Online -ExchangeOnline -LyneOnline

Connect to Exchange Online:

  • .\Get-MeOnline.ps1 -TenantCredentialKey -ExchangeOnline

Connect to Exchange online while you have Proxy setting configured in your IE:

  • .\Get-MeOnline.ps1 -TenantCredentialKey -ExchangeOnlineWithProxy

Connect to Lync / Skype for Business Online:

  • .\Get-MeOnline.ps1 -TenantCredentialKey -LyneOnline

Prerequisites:

There are few prerequisites in order for the script to work:

  1. Creating a Generic Credential under the Credential Manager > Windows Credentials. The name appears in the “Internet or network address” is the name of the parameter.
  2. Making sure all Online modules are installed (Azure Module, Skype for Business Online connector)

Download:

The script can be download from: TechNet Gallery | OneDrive

Please provide any feedback or suggestions if you have any.

Skype for Business Server 2015 Call Quality Dashboard (CQD) Does not display data after initial deployment

Problem:

After deploying the Call Quality Dashboard (CQD) from Microsoft on a new server, I ran into a problem where the CQD portal was not showing any data and returned a problem saying:

We couldn’t perform the query while running it on the Cube. Use the Query Editor to modify the query and fix any issues. Also make sure that the Cube is accessible.

Resolution

In order to solve it, I had to process the CUBE object and make sure it’s accessible.

How to

1. Open SQL Management Studio and select Analysis Services:

image

2. Expand the QoECube object and choose the Cube of QoE Metric.
Right click and click Browse. if that returned empty browser on the right side, it means the cube hasn’t been proceed yet and we need to process it.

image

3. Right click the QoE Metric cube object and Select Process.

image

4. After the processing has done, right click on the object again and select Browse to see if the browser page show relative data:

image

5. Once you successfully able to browse, you should be able to access the CQD dashboard and see content:

image

Deploying Call Quality Dashboard (CQD) for Skype for Business Server 2015

One of the new features introduce for Skype for Business Server 2015 is the Call Quality Dashboard (CQD):

The Skype for Business Server 2015 Call Quality Dashboard (CQD) is a reporting layer on top of the Quality of Experience Database in the Monitoring Server in Skype for Business Server 2015 and Lync Server 2013. CQD uses Microsoft SQL Server Analysis Services to provide aggregate usage and call quality information as well as filtering and pivoting on the data set.

Components:

The Call Quality Dashboard consists of several databases, Microsoft SQL Agent jobs, processes, and web applications. The Microsoft SQL Agent jobs periodically copy data from the QoE Metrics database into the QoE Archive database and processes the Cube with the data in the QoE Archive database. The Repository database stores the report definitions that power the Portal. The Portal provides browser access to the Cube data.

The CQD components, including the QoE Archive, Cube, and Repository databases, can be installed on the Monitoring Server, installed on its own server, or installed across multiple servers. The particular installation method depends on the performance demands of CQD as well as impact to other processes on the same servers.

CQD Components

Prerequisites:

Call Quality Dashboard (QCD) consists of three major components:

  • Archive Database, where the Quality of Experience (QoE) data is replicated and stored.
  • Cube, where data from QoE Archive database is aggregated for optimized and fast access.
  • Portal, where users can easily query and visualize QoE data.

CQD utilizes Microsoft SQL Server, Microsoft SQL Analysis Server, and Microsoft Internet Information Server so CQD’s minimum hardware and software requirements are basically the same as those dependent components. However, based on the organization’s requirements around data freshness (which will depend in part on the volume of QoE data the organization generates) and deployment cost, additional deployment considerations should be made.

The following versions of SQL Server are supported:

  • SQL Server 2008 R2
  • SQL Server 2012
  • SQL Server 2014

Please note that both for the Cube and analysis services required SQL Enterprise Edition is recommended but not requited.

Business Intelligence or Enterprise edition is recommended for performance reasons. These editions allow use of multiple partition files that can be processed in parallel, which is beneficial for processing data spanning multiple months or longer.

While not recommended, Standard edition is supported as well. Processing will be constrained to a single partition (which needs to be configured during setup).

You can follow those guidelines in order to upgrade SQL STD to SQL ENT.

Deployment Steps:

the following steps are taken from the Microsoft TechNet: Deploy Call Quality Dashboard for Skype for Business Server 2015

1. Download and copy the CallQualityDashboard.msi to the machine where the archive database component of CQD is to be installed (this is the machine that has SQL Server installed).

image

2. Execute the MSI (Windows will prompt to run with administrator privilege, do so).

imageimage

3. Accept the EULA.

image

4. Select the destination folder where files related to Call Quality Dashboard components will be located or accept the default location.

image

5. Select all features.

image

6. At the QoE Archive Configuration page, provide the following information:

  • QoE Metrics SQL Server: SQL Server instance name for where the QoE Metrics DB is located (this will be the data source).
  • QoE Archive SQL Server Name: This is read-only field and fixed to the fully qualified domain name of the local machine. Archive DB can be installed only on the local machine.
  • QoE Archive SQL Server Instance: A local SQL Server instance name for where the Archive DB is to be created. To use a default SQL Server instance, leave this field blank. To use a named SQL Server instance, specify the instance name (e.g. the name after the “\”).
  • QoE Archive Database: By default, this option is set to “Create new database”. Since Archive DB upgrade is not supported, the only circumstance under which the “Use existing database” option can be used is if the existing Archive database has the same schema as the build to be installed.
  • Database File Directory: Path to where the database files (.mdf and .ldf) for the Archive DB should be placed. This should be on a drive (HDD2 in the recommended hardware configuration) separate from the OS. Note that since the file names are fixed in the install, to avoid any potential conflict, it is recommended that a blank directory with no files be used.
  • Use Multiple Partitions: The default is set to “Multiple partition”, which requires Business Intelligence edition or Enterprise edition of SQL Server. For Standard edition, select “Single Partition” option. Note that cube processing performance may be impacted if Single Partition is used.
  • Partition File Directory: Path to where the partitions for the QoE Archive database should be placed. This should be on a drive (HDD3 in the recommended hardware configuration) separate from the OS drive and SQL database log files drive. Note that since the file names are fixed in the install, to avoid any potential conflict, it is recommended that a blank directory with no files be used.
  • SQL Agent Job User – User Name & Password: Domain service account name and password (masked) that will be used to run the “QoE Archive Data” step of the SQL Server Agent job (which will run the stored procedure to fetch data from QoE Metrics DB into Archive DB, so this account must have read access to QoE Metrics DB, as indicated under Accounts section. This account also needs to have a login in the QoE Archive SQL Server Instance).
    Please use DOMAIN\USERNAME convention as UPN is not supported.

imageimage

If you don’t have SQL Enterprise edition and you choose Multiple Partition, the following error message will appear:

image

You can choose Single Partition to install it on STD edition:

image

7. Upon clicking next, the installer will perform pre-requisite checks and report if any issues are encountered. When all pre-requisite checks pass, the installer will go to the Cube Configuration page.

8. At Cube Configuration page, provide the following information:

  • QoE Archive SQL Server Name: This is read-only field and fixed to the fully qualified domain name of the local machine. Cube can be installed only from the machine that has QoE Archive database (Note. Cube itself may be installed on a remote machine. See below)
  • QoE Archive SQL Server Instance: SQL Server instance name for where the QoE Archive DB is located. To specify a default SQL Server instance, leave this field blank. To specify a named SQL Server instance, enter the instance name (e.g. the name after the “\”). If QoE Archive component was selected for the install, this field will be pre-populated with the value provided on the QoE Archive Configuration page.
  • Cube Analysis Server: SQL Server Analysis Service instance name for where the cube is to be created. This can be a different machine but the installing user has to be a member of Server administrators of the target SQL Server Analysis Service instance.
  • Use Multiple Partitions: The default is set to “Multiple partition”, which requires Business Intelligence edition or Enterprise edition of SQL Server. For Standard edition, select “Single Partition” option. Note that cube processing performance may be impacted if Single Partition is used.
  • Cube User – User Name & Password: Domain service account name and password (masked) that will trigger the cube processing. If QoE Archive component was selected for the install, this field will be pre-populated with the value provided on the Archive Configuration page for the SQL Agent Job User, but we recommend specifying a different domain service account so that Setup can grant the least required privilege to it.

image

9. When clicking next, another round of validation will be performed and any issue will be reported. Upon successful completion of the validation, the installer will go to the Portal Configuration page.

10. At Portal Configuration page, provide the following information:

  • QoE Archive SQL Server: SQL Server instance name for where the QoE Archive database is located. Note that unlike the QoE Archive Configuration page and the Cube Configuration page, the machine name is not fixed and must be provided. If QoE Archive component was selected for the install, this field will be pre-populated with the value provided on the QoE Archive Configuration page.
  • Cube Analysis Server: SQL Server Analysis Service instance name for where the cube is located. If Cube component was selected for the install, this field will be pre-populated with the value provided on the Cube Configuration page.
  • Repository SQL Server: SQL Server instance name where the Repository database is to be created. If the SQL Server instance name for where the QoE Archive database is located has been provided earlier in the setup (in other components), this field will be pre-populated with the QoE Archive DB SQL Server instance name. This can be any SQL Server instance.
  • Repository Database: By default the option is set to “Create new database”. Since Repository DB upgrade is not supported, the only circumstance under which the “Use existing database” option can be used is if the existing Repository DB has the same schema as the build to be installed.
  • IIS App Pool User – User Name & Password: The account that the IIS application pool should execute under. The User Name and Password fields will be grayed out if built-in system accounts are selected. These fields will only be enabled if “Other” is selected from the drop down box so the user can enter the domain service account information.

imageimage

11. When clicking next, the final round of validation will be done to ensure that the SQL Server instances are accessible using the credentials provided and that IIS is available on the machine. Upon successful completion of the validation, the installer will proceed with the setup.

image

12. When the installer is done, most likely the SQL Server Agent job will be in progress, doing the initial load of the QoE data and the cube processing. Depending on the amount of data in QoE, the portal will not have data available for viewing yet.

13. The main portal page is accessible via http://<machinename>/CQD

image

image

image

Known Issues and notes from the deployment in my Lab environment:

  • If you decided to install the CQD on the same server that host the existing Skype for Business SQL Reporting service, be aware the the Default Web Site is already reserved for the reporting service and therefore you’ll need to change default Web site binding port.
  • If you decide to go forward with Multiple partition, make sure the SQL instance is configured as ENTERPRISE edition and has the Analysis service running
  • If you have SQL Server 2008 R2 STD, make sure you upgrade it to SP2
  • Make sure the SQL Agent Service for the instance is running
  • Restart the SQL services / server before installing the CQD or after upgrading to ENT, otherwise the CUBE won’t allowed to continue in setup
  • QoE data and the cube processing may take some time for initially load the data using the existing stored procedure.
  • Some advanced configuration are required for setting authorization and access rules, those are detailed explained in the following URL: https://technet.microsoft.com/en-us/library/mt126252.aspx
  • After users are authenticated by IIS, they will have to have file permissions on the CQD directory in order to access the web portal content. It is possible to change the ACLs through the security tab of the CQD directory properties to add individual users or groups; however the recommended approach is to leave the file permissions untouched. Instead, change the IIS setting to use the IIS worker process to access the CQD directory no matter which user is authenticated.

image

image

  • In rare cases, the installer fails to create the correct settings in IIS. Manual change is required to allow users to log into the CQD and change the default authentication configurations and enable Extended Protection on the Windows Authentication Advanced tab:

Deploy Call Quality Dashboard

image

those steps needs to be repeated for each of the “CQD”, “QoEDataService”, and “QoERepositoryService” entries below “Default Web Site”.

Additional Sources:

  • Download: Skype for Business Server 2015, Call Quality Dashboard
  • Call Quality Dashboard for Skype for Business Server 2015
  • Deploy Call Quality Dashboard for Skype for Business Server 2015
  • Plan for Call Quality Dashboard for Skype for Business Server 2015
  • Microsoft releases MS15-044: Description of the security update for Lync 2013 (Skype for Business): May 12, 2015

    This security update resolves a vulnerability in Microsoft Lync that could allow information disclosure if a user opens a specially crafted Lync meeting request.
    This security update for Microsoft Lync 2013 includes the new Skype for Business client.

    Source:

    Download information

    Known issues

    Improvements and fixes

    Q&A From Microsoft:

    Q1. Is the Lync UI identical to the Lync 2013 UI? Are there changes or artifacts that administrators must be aware of?

    A1. People who use the Lync UI in the new client will have an experience which is very close, but not identical to the old experience. Specifically, while the traditional Lync windows and controls are unchanged, the task tray icon, the menu item in Windows, and several buttons in Outlook reflect the new Skype brand. We unfortunately do not have the ability to change the behavior of these artifacts in Windows and Outlook. There is one additional artifact which is under administrator control, which is whether the Skype for Business first run experience is displayed. This may be suppressed as described below.

    Q2. Is it possible to apply the May update and suppress all Skype for Business artifacts?

    A2. No. The task try icon, the menu item in Windows, and several buttons in Outlook will reflect the new Skype brand even if the Lync UI is selected. We do not have the ability to change the behavior of these artifacts in Windows and Outlook. This is because, as with any other Microsoft or 3rd party program that integrates with Windows or Office, we must conform to published standards and interfaces covering application interaction. These standards and interfaces do not provide the ability to switch behavior of the noted artifacts.

    Q3. Are there any other issues to keep in mind?

    A3. Yes. It is important to keep in mind the user>site>global precedence of policy settings when designing and implementing readiness steps. In some cases, setting only a “global” policy will not be sufficient. In addition, if users in an organization use Lync Basic on their personal, unmanaged computers at home, it may be necessary to communicate the changes to those users since policy settings may not apply to those personal, unmanaged computers.

    Q4. Why did we add the new UI to the existing Lync 2013 client rather than waiting for the next version of Office?

    A4. We added the new UI to the existing Lync 2013 client in order to make it available to customers sooner, and to ensure that current Lync 2013 customers would have the option to use the new UI now rather than later. This allows them to take advantage of the familiar UI to accelerate adoption within their organizations. As noted above, the new Skype for Business client includes both the new UI and the existing UI – this gives customers the choice of delaying adoption if better for their users and processes.

    Microsoft releases May 2015 Cumulative Update for Lync Phone Edition

    Source:

    Issues Fixed:

    Download:

    How to use the new Key Health Indicators for Skype for Business Server and Lync Server 2013

    Microsoft released a new version of the KHI tools on 28-April-2015. this version of the KHI Tools is an update to an earlier version that was introduces as part of the Lync Networking Guide.

    Download: Key Health Indicators for Lync Server 2013 and Skype for Business Server 2015

    In this post I’ll go through the process of configuring the KHI by using the script and how to analyze the results.

    Steps Required to use the KHI:

    1. Download the new Key Health Indicators for Lync Server 2013 and Skype for Business Server 2015 and extract it content to a separate folder.

    2. Copy the Create_KHI_Data_Collector.ps1 file to every Lync Server you would like to monitor and analyze the data for.

    It is recommended to run it on the following servers:

    • Lync Front End Server
    • Lync Backend Servers (SQL)
    • Mediation Servers (If are not collocated)
    • EDGE Server

      Please note that if you already used the script from the previous Lync Networking guide, there is no need to run this script again.

    3. The script itself contains a list of all Lync related counters and once we run it on the server it created a data collector set in which we need to configure in order to capture the raw data based on those counters and export it to a CSV file which later on can be analyzed by the Excel file Microsoft provided.

    image

    4. In order to run the script, we need to open any PowerShell windows with Admin rights and run it based on the server we have.

    • Create_KHI_Data_Collector.ps1 –version Skype4B
    • Create_KHI_Data_Collector.ps1 –version LyncServer2013

    Another nice option Microsoft added to the script is the ability to run it against remote computer as well:

    • Create_KHI_Data_Collector.ps1 –version Skype4B –computer fe1pool1.contoso.com
    • Create_KHI_Data_Collector.ps1 –version LyncServe2013 –computer fe1pool1.contoso.com

    Untitled

    5. Once the script is completed, in the Performance Monitor (perfmon.msc) we can see the new Data collector that was created under User Defined container named KHI:

    image

    6. Now that we have the data collector set with all the right counters created, we need to set an automatic schedule for it in order to have a daily log file of all the counter.
    In order to set the setting, right-click on the KHI on left side pane and choose properties:

    image

    7. On the properties window, we have 5 different tabs we can configure:

    image

    • General – General Information on the data collector such as Keywords, Description and the user it runs with
    • Directory – Here we need to set the directory where we want to keep all the daily log files. if this is a small environment you can keep the files on a local folder (C:\KHI) or you can choose write it to a Shared folder where all the servers will report to.
    • Security – The user and groups and the permissions assigned for the specific Data Collector set
    • ScheduleHere we can create one or multiple schedules to set when we want the Data Collector set to start collecting the counters data.
      What I typically configure is a work-day set in order to have relevant data when the system is loaded with users and operations.
    • Stop ConditionThis is important as we don’t have another option on the Schedule tab to actually stop the scheduler if we want co collect data only during working hours. Here you can set the amount of hours you want to collect the logs for.
    • Task – Here we can set additional parameters or arguments we want to add to the data collector.

    imageimage

    8. Once the schedule is configured, you’ll notice that the Data Collector set will start generating a daily logs files based on the schedule we’ve set.
    Please note that for the analyzing part, we need to have all logs from all the different servers within the same working folder, therefore it’s recommended to copy all relevant KHI files to a single folder.

    image

    9. Once we have the logs collected, we are ready to analyze them with the Key_Health_Indicators_-_Analysis_and_Definitions_Workbook.xlsm file.
    Once opened, make sure you’ve eanbled both Editing and Content otherwise you won’t be able to analyze the logs.

    image

    10. Click on the Start button, and select the folder where you have the CSV file gathered and choose select.
    If all files are set correctly the tool will notify us on the amount of files found in the folder and their total size.
    In order to start with analyzing the files, choose OK

    image

    12. Once you clicked on the OK button, you’ll notice in the bottom bar of the Excel file that it notifying upon its progress:

    Untitled

    13. Once completed, a few additional tabs will appear in the Excel file:

    image

    • Charts – Two charts are generated and should be your analysis starting point. The first chart (left-side) is a summary count of how many servers have KHIs beyond threshold per Ring.
      The second chart (right-side) is a view of all the KHIs for each ring across all servers.
    • Timeline – A new metric called “Burst Count” which analyzing the maximum values of the counters to decide if that happened only on a single instance or there were a number of instance causing the maximum burst.
    • Pivots – The provided pivot table can pivot off Rings, Health, Server Role and Server Names. This is a very similar table to what was used in the previous version, with a better view and a few filters which helps determine the key areas which need further troubleshooting.
    • Tables – The actual raw data that was analyzed for manual changes or for further troubleshooting or creation of additional pivots.

    An Example of the Counters Pivot Table:

    image

    That’s it, I highly recommend to read the KHI_Guide.docx document which is provided as part of the KHI download, it contains a great list of explanations and definitions per each counter which helps determine what the counters are used for and what a bad sub-optimal value actually means.

    Skype for Business Server 2015 new cmdlets

    I’ve decided to go ahead and compare between the existing PowerShell cmdlets index exist for Lync Server 2013 and the new index published for Skype for Business Server 2015.

    This revealed a few new cmdlets which are pretty cool, especially around the AddressBookNormalization, Call-Via-Work, VIS and Failover/Failback scenarios as you can see below.

    Source:

    Cmdlets:

    • Debug-CsDataConference – Returns diagnostic information for the data conferencing capabilities included in Skype for Business Server 2015
    • Debug-CsUnifiedContactStore – Verifies whether the contacts for a user (or group of users) are stored in the unified contacts store.
    • Get-CsAddressBookNormalizationConfiguration – Returns the Address Book normalization configuration settings currently in use in the organization.
    • Get-CsAddressBookNormalizationRule – Returns information about the Address Book normalization rules in use in the organization
    • Get-CsCallViaWorkPolicythis cmdlet to return call via work policies. Call via work policies enable and manage the characteristics of outbound calls placed through the Skype for Business client.
    • Get-CsClsAgentStatus – return information about the ClsAgent service on the local machine
    • Get-CsConversationHistoryConfiguration – Returns the conversation history configuration settings for the organization. These settings manage conversation histories for mobile device users.
    • Get-CsPresenceManagementState – return the notification settings of a computer or pool. The management state settings determine the batching and timing of Skype for Business Server 2015 notifications.
    • Get-CsThirdPartyVideoSystem – Returns information about Directory contact objects that represent a third-party video system. A third-party video system is a video teleconferencing (VTC) device that provides users with telepresence: the ability to participate in online meetings and conferences with full audio and video capabilities.
    • Get-CsThirdPartyVideoSystemPolicy – Returns information about the third-party video system policies configured for use in the organization. These policies determine whether or not a VTC (video teleconferencing) device is allowed to send low-resolution video.
    • Get-CsVideoInteropServerConfiguration – return information about Video Interop Server (VIS) configuration settings. VIS configuration settings are scoped to appropriate VIS instances, and will govern the behavior of those instance
    • Get-CsVideoInteropServerSyntheticTransactionConfigurationretrieve Video Interop Server (VIS) synthetic transaction configurations
    • Get-CsVideoTrunklist properties about the video trunks in your organization. Video trunks are Session Initiation Protocol (SIP) trunks between the Video Interop Server and a Video Gateway that are used to setup video calls between 3rd party video teleconferencing systems (VTCs) connected to the Video Gateway and Skype conferences or Skype endpoints.

    • Get-CsVideoTrunkConfiguration – retrieve Video Trunk configuration settings. Video trunk settings define the Session Initiation Protocol (SIP) trunk between the Video Interoperability Server (VIS) and a Video Gateway.
    • Import-CsCompanyPhoneNormalizationRules – import custom phone normalization rules defined in Company_Phone_Number_Normalization_Rules.txt used in previous server versions into Skype for Business Server 2015 environments.
    • Invoke-CsComputerFailBack – flag a server as available for load balancing in a Skype for Business Server 2015 pool. To successfully run this cmdlet you need to run it using an account that has administrator privileges on each server in the source and target pools.
    • Invoke-CsComputerFailOver – force a computer in a Skype for Business Server 2015 pool to failover to other servers within the pool. To successfully run this cmdlet you need to run it using an account that has administrator privileges on each server in the source and target pools.
    • New-CsStorageServiceConfiguration – Creates new instances of the Skype for Business Server 2015 Storage Service. The storage service provides a common infrastructure that enables Skype for Business Server 2015 components to use Exchange as a backend data store.
    • Reset-CsRoutingGroup – Enables administrators to reset a Windows fabric routing group that is not working correctly
    • Set-CsVideoGateway – modify the property values of one or more Video Gateways. Video Gateways route traffic between internal and 3rd party video devices such as an internal Skype endpoint exchanging video with a 3rd party PBX supporting 3rd party video teleconferencing systems (VTCs).
    • Set-CsVideoInteropServer – modify the property values of one or more Video Interop Servers (VIS). The Video Interop Server is a Skype service that is used to communicate with a Video Gateway via a Session Initiation Protocol (SIP) trunk.
    • Start-CsPool – start a Skype for Business Server pool. A pool is a set of servers, configured identically, that work together to provide services for a common group of users.
    • Test-CsManagementServer – Verifies that the Central Management service is working correctly. The Central Management service is responsible for replicating data between the Central Management store and computers running Skype for Business Server.
    • Test-CsP2PVideoInteropServerSipTrunkAV – test the ability of a video gateway to conduct a peer-to-peer audio/video (A/V) call to a Skype for Business user via a Video Interop Server (VIS) pool.

    Lync Server 2013 Standard to Skype for Business Server 2015 Standard In-place upgrade (Offline Method)

    Microsoft released today the new version of Skype for Business Server 2015 to MSDN and I’ve decided to use my Azure Virtual lab to upgrade my STD server.

    There are two methods for upgrade Lync Server 2013 to Skype for Business Server 2015:

    1. The Move User method, which requires no downtime for users (Swing upgrade)
    2. The Offline method, which requires downtime

    In this post I’ll cover the Offline method.

    General Upgrader Order:

    More information can be found here: Plan to upgrade to Skype for Business Server 2015

    1. Upgrade the topology from the inside to the outside.
    2. Upgrade all your pools first
    3. Upgrade the edge servers
    4. Upgrade the Central Management Store (CMS) pool.
    5. If you use Kerberos authentication for Web Services, you must reassign Kerberos accounts and reset the password after the In-Place Upgrade is complete

    Upgrade Steps – High Level:

    The detailed steps can be found here: Upgrade to Skype for Business Server 2015

    1. Step 1: Install Administrator tools and download topology
    2. Step 2: Upgrade and publish topology using Topology Builder
    3. Step 3: Wait for replication
    4. Step 4: Stop all services in pool to be upgraded
    5. Step 5: Upgrade Front End pools and non-Front End pool servers
    6. Step 6: Restart services on all upgraded servers
    7. Step 7: Verify Skype for Business functionality works

    In-Place Upgrade Prerequisites:

    The list of all prerequisites is mentioned here: Install prerequisites

    1. Make sure the entire Lync environment is installed with CU5
    2. The local SQL Express on the Front-End must have at least SP1 installed (can be upgrades by using Windows Updates as well)
    3. KB2982006 for IIS Crash Issues is required for Server 2012 R2
    4. Be sure to uninstall LRS Admin tool for Lync Server 2013 before running In-Place Upgrade.
      The LRS Admin Tool for Lync Server 2013 cannot coexist with Skype for Business Server 2015
    5. If you have paired pools, do not unpair them before the upgrade.

    Step by step Upgrade:

    1. Connect to a computer which is part of the domain but does not have any Lync core components or admin tools installed on it.

    2. Download the Skype for Business ISO file from the MSDN: en_skype_for_business_server_2015_x64_dvd_6622058.iso

    3. Mount the ISO file and launch the setup.exe from: Setup\amd64 folder:

    image

    4. On the Setup screen, choose “Connect to the internet to check for updates” in order to install the latest cumulative updates of SfB Server 2015.
    this is a useful changes for future deployment which can save a lot of time installing the CU updates.

    image

    5. On the End User License Agreement screen, select the “I accept the terms in the license agreement” and choose OK.

    image

    6. Now SfB setup will connect to the internet and download the latest updates

    image

    7. Once the updates is done, a notification will appear on Screen, choose Next

    image

    8. On the Deployment Wizard, click Install Administrator tools, and follow the steps to install

    image

    9. From the Windows Start screen, open Skype for Business Server  Topology Builder, Click Download topology from existing deployment, and click Next.

    10. Right click on your STD pool and choose Upgrade to Skype for Business Server 2015:

    image

    11. On the Upgrade to Skype for Business Server 2015 Choose YES, the outcome should be that the server has been moved to the Skype for Business Server Container

    image

    image

    12. Publish the topology and wait for replication to end.

    image

    13. Now we need to stop all services on the actual Lync server we are going to upgrade. in order to so we need to run the following command:

    Disable-CsComputer -Scorch

    image

    14. After disabling the services, we need to run the Skype for Business server setup from the ISO file we’ve downloaded.

    image

    15. Once initiated, A prerequisites setup will launch and will determine if the current environment is ready for SfB upgrade or not.
    Please remember that if you performing that on Enterprise pool, you have to go through each of the server before starting the services again.

    imageimageimageimage

    16. Once setup is complete, we’ve left with starting Services on the server by running the following command:

    Start-CsPool

    17. Once the services are up and running, we need to make sure the upgrade was successful, for the pool that was upgraded.  Run some tests to make sure the functionality is working as expected.

    18. Congrats, you’ve now successfully upgrade your Lync Server 2013 to Skype for Business Server 2015 Smile

    Microsoft releases Lync Server 2013 May 2015 cumulative update (5.0.8308.887)

    Updates:

    Download:

    Fixes:

    Microsoft release a new version of Key Health Indicators for Lync Server 2013 and Skype for Business Server 2015

    Microsoft releases today an updated version of the Key Health Indicators for Lync Server 2013 and Skype for Business Server 2015.

    Key Health Indicators (KHI) are Performance Counters with recommended thresholds aimed at revealing problems that can impact the user experience.
    The resources in this download contain the KHI Guide, which outlines the operational process and remediation steps. A sample PowerShell script used to configure KHI Data Collectors. Lastly, the Analysis and Definitions Workbook which can analyze KHI performance data.

    Download: Key Health Indicators for Lync Server 2013 and Skype for Business Server 2015

    This new version, contains a long waited list of new features, especially around analyzing the gathered data at once and be able to produce a valuable report with indicate on potential problems, so instead of analyzing a file at a time, or using 3rd party script, now a folder with all the CSV file can be analyzed at once:

    image

    Another major change in the new version of the KHI is regarding how the KHI is being analyzed reported:

    A ring structure outlining the priority of the KHIs. While all the KHIs are important, we’ve grouped them into logical groupings of which ones stand to have the biggest impact.

    • Ring 0 is comprised of all System KHIs (e.g. CPU, Disk, Memory and Network). When KHIs in this ring are beyond threshold, there is high likelihood that KHIs in Ring 1 and Ring 2 are beyond threshold. Therefore, when developing a remediation plan, focus on Ring 0 before taking other actions to resolve KHIs in other rings.
    • Ring 1 mostly contains request queue latencies, SIP problem indicators and network response queues. There are typically other KHIs in Ring 0 contributing to these issues.
    • Ring 2 is all remaining KHIs.

    The results can be viewed on different level, and also allow you to filter through the counters which are below optimal range or at optimal range:

    Charts:

    image

    TimeLine:

    image

    Pivots:

    image

    And the most important part, is the troubleshooting part in which Microsoft provide a great amount of details on every counter being gathered with detailed explanations on how to troubleshooting and recommendations, as well as the impact of that counters and its result on the environment:

    image

    Mastering Lync

    Yet another Lync blog but this one by Masters & MVP's

    Jeff Schertz's Blog

    Guy Bachar's IT blog

    UC Sorted

    Skype for Business Blog

    Mark Vale's Blog

    My Experiences with Lync 2013, Skype for Business and more

    ODDYTEE

    All about messaging (and maybe some other stuff too).

    Rune's blog about things I see and UC

    Mainly technical stuff from my job as a UC consultant

    Jaap Wesselius

    Microsoft UC Specialist

    Skype Blogs

    Product News, Customer Stories and updates from Skype

    Thoughts From a Bot Named Flinch

    ..state of the art destructive technology as applied to myself..

    UC Lobby

    Unified Communications for all

    Operating-Quadrant

    System Center and IT Operations

    Things about System Center and Cloud...

    Michael S. Collier's Blog

    Microsoft development, Azure and more fun stuff!

    IT based Communications

    a different Unified Communications site

    Universal Communications, My experiences.

    Skype4B, Lync & Exchange Technical

    LyncNumbers.net

    Enterprse Voice tips and scrips

    Steve Goodman's Exchange & Office 365 Blog

    The weblog of an Microsoft MVP and IT Pro specialising in Exchange, Lync, Office 365. Guides, Tutorials, How-Tos and commentary.

    The Little Things

    It's always the little things that get you in IT

    System Center Solutions

    A blog with notes from the field.

    Follow

    Get every new post delivered to your Inbox.

    Join 243 other followers