Tuesday, June 21, 2016

Activate Office 365 for Internal User Rights (IUR)

Microsoft Partners are entitled for Office 365 E3 internal use:

If you wish activating your license, please follow the short introduction below and click the respective links:

How to earn Office 365 (E3) internal-use rights benefits through Microsoft Partner Network programs

How to activate and assign Office 365 (E3) internal-use rights licenses

New partners:
Please begin by signing up for a Microsoft Action Pack subscription or earning either a silver or gold competency. (You may also learn how to earn Office 365 (E3) internal-use rights benefits from the Microsoft Partner Network programs here.)Existing partners:
Use the following directions to help you get started:A. Activate Office 365 (E3) IUR on an online tenant:
  1. Go to the Microsoft Partner Digital Download Portal (http://aka.ms/ActivateIUR).
  2. Sign in with the Microsoft Account (formerly Windows Live account) currently assigned administrator rights.
  3. Select the Microsoft Online Services section.


Sunday, June 19, 2016

OneDrive Bulk Data Upload

Hi all,

just a side Skype for Business.
I upgrade my Office 365 Home account getting the 1TB HDD Storage.
Wow, what a nice opportunity have a valued backup in the Cloud.

Now I had the question in mind:
Damn, how should I get approx. 400GB into the cloud?

Microsoft tells you two option if you run Windows 10, assuming we all do so.
1a. Open EDGE Browser, navigate to OneDrive and drag&drop files and folder.
1b. Chose the upload feature in EDGE once you open OneDrive and choose the folder you like to sync
2.  Copy all your data on you local hard drive and let it sync

Super idea, 400GB didn't fit on any of my laptops anymore. So bad and stupid option
Second I tried use drap&drop. Perfect it failed, simply not working.
Ok, than lets chose the Folder Upload option.
And see here it goes, it took 1hr screen the files on my external disk. Than the upload started with approx. 35.000 files.

After two days, how wonders, it failed.

No intelligent option in the EDGE Browser giving me a way restarting the upload. -> Result totally useless

Even breaking it into smaller pieces resulted in a failure.

A side I don't know why there is no proper tool for upload, why IE is not working and why the Win8.1 option for online folder was removed. Also if you use EDGE, your RAM is utilized by 100% making this Laptop unusable for multiple days.
Yes, I'm totally frustrated with Microsoft here.


Thanks to some intelligent ideas, I decided splitting the folders in to smaller pieces and copy them into OneDrive.
What a hassle but using BITS is the best idea for syncing.

Once finished, I'm using OneDrive online and move the folder to its dedicated Backup Location.

This deletes the local HDD copy on my Laptop and I can proceed further.

I know this is not a very user friendly solution and I really hope Microsoft is developing some better tools and solutions.


Tuesday, June 14, 2016

Skype for Business Topology Support with Office 365, Cloud Connector Edition, Cloud PBX and PSTN Calling

Topology support in Office 365 with Skype for Business

A frequently asked question is the support for the different topologies. Later in this document I also provide a generic overview about a possible migration path towards one or the other topology.

The rudimentary described supported topologies are the ONLY possible setups.

There is not possible and supported way in combining any of those topologies!

On-Premise without any Office 365 connectivity

This is typically a solution, where you don’t own an Office 365 “E” Plan. Therefore, you are not entitled using any of the Office 365 features. Same is valid, if you own only an Exchange Online Plan, whereby none of the Skype for Business Online Services are subject to be used.

On-Premise with Office 365 connectivity (Federation to Office 365 and Cloud PBX and PSTN CALLING SERVICE)

This is the only scenario, where users are hosted either in Office 365 and some users stay SfB enabled On-Premise. Meaning you have a mixed environment.
This is the only mixed scenario, where local PSTN breakouts with your On-Premise Skype for Business enabled users and the other users enabled on Office 365 (which MUST use PSTN Calling Service or the local PSTN breakouts) are combined. It is not possible for Online user to be mixed for PSTN Calling Service and PSTN local breakout on-premise. This is technical limitation due to Voice Routes in the Office 365 environment.
A PSTN Calling Service is subject to the regional availability in the country where you required PSTN Calling.
PSTN breakout
Users enabled with SfB On-Premise
MUST be On-Premise with local PSTN Gateway
Users enabled with SfB Online in Office 365 (either or option)

PSTN Calling Service in Office 365 -> Calling Plan
On-Premise PSTN breakout with local Gateway -> CloudPBX

Advanced Voice Features (e.g. Response Group or Group Call Pickup)

In case any user requires Advanced Calling Feature, this user must be enabled for On-Premise Skype for Business.

In later updates, Microsoft will successively add more features to the Office 365 environment, making is obsolete running On-Premise installations.

Office 365 with CCE (Cloud PBX)

If e.g. the PSTN Calling Service isn’t available, or you required On-Premise PSTN connectivity (e.g. for Contact Centers) you can move all users into Office 365 and utilize the Cloud PBX feature in combination with Cloud Connector Edition.

With CCE you can mix online users with CCE On-Premise Voice PSTN breakout and Microsoft Calling Service.

Explicitly, CCE CANNOT be used with Skype for Business On-Premise Topology!

Office 365 with PSTN Calling Service (native Calling Plan)

If you don’t need either advanced calling features or any PSTN On-Premise connectivity, you can move all users into Office 365.


Saturday, April 2, 2016

Cumulative Update List (Skype for Business Server 2015)

Version Number, Release Date, Download Link

6.0.9319.235 (CU2) March 2016 http://support.microsoft.com/kb/3134260
6.0.9319.102 November 2015 http://support.microsoft.com/kb/3097645
6.0.9319.88  September 2015 http://support.microsoft.com/kb/3098601
6.0.9319.55  June 2015 http://support.microsoft.com/kb/3061059
6.0.9319.0   RTM NA

You can verify the installed component version:



Cumulative Update (Lync 2013)

Version Number, Release Date, Download Link

5.0.8308.945 January 2016 http://support.microsoft.com/kb/3126637
5.0.8308.941 December 2015 http://support.microsoft.com/kb/3120728
5.0.8308.933 September 2015 http://support.microsoft.com/kb/3081740
5.0.8308.920 July 2015 http://support.microsoft.com/kb/3066655
5.0.8308.887 May 2015 http://support.microsoft.com/kb/3051949
5.0.8308.872 February 2015 http://support.microsoft.com/kb/3031061
5.0.8308.857 December 2014 http://support.microsoft.com/kb/3018158
5.0.8308.834 November 2014 http://support.microsoft.com/kb/3010032
5.0.8308.831 October 2014 http://support.microsoft.com/kb/3001616
5.0.8308.815 September 2014 http://support.microsoft.com/kb/2987510
5.0.8308.738 August 2014 http://support.microsoft.com/kb/2937310
5.0.8308.577 January 2014 http://support.microsoft.com/kb/2905048
5.0.8308.556 October 2013 http://support.microsoft.com/kb/2881684
5.0.8308.420 July 2013 http://support.microsoft.com/kb/2819565
5.0.8308.291 February 2013 http://support.microsoft.com/kb/2781547
5.0.8308.0   RTM NA


Skype for Business Command Output shown as cropped List : Get-CsSimpleURLConfiguration

If a Skype for Business Get-Cs command provides an output as list, which is longer, it will provide a cropped output only.

The solution towards is, you need writing the output into a variable and screen print it into the command shell.


Identity  : Global
SimpleUrl : {Component=Dialin;Domain=*;ActiveUrl=https://lync.one.sipdom.com/
            dialin, Component=Meet;Domain=nocl.sipdom.com;ActiveUrl=https://l
            ync.one.sipdom.com/nocl.sipdom.com/meet, Component=Meet;Domain=
            .com/meet, Component=Meet;Domain=ntd.sipdom.com;ActiveUrl=https

Getting the entire output you need the shell providing the output in a variable


This should output something like this:
PS > $A=Get-CsSimpleUrlConfiguration
PS > $a.SimpleUrl

SimpleUrlEntry : {Url=https://lync.one.sipdom.com/dialin}
Component : Dialin
Domain : *
ActiveUrl : https://lync.one.sipdom.com/dialin

SimpleUrlEntry : {Url=
Component : Meet
Domain : *
ActiveUrl : https://lync.one.sipdom.com/nocl.sipdom.com/meet

If you wish writing the output into a txt file, simple use:
PS > $a.SimpleUrl > C:\output.txt

Just making the article complete, a new Simple URL will be added in a similar way:

$urlEntry = New-CsSimpleUrlEntry -Url “https://scheduler.sipdom.com”

$simpleUrl = New-CsSimpleUrl -Component “WebScheduler” -Domain “*” -SimpleUrlEntry $urlEntry -ActiveUrl “https://scheduler.sipdom.com”

Set-CsSimpleUrlConfiguration -SimpleUrl @{Add=$simpleUrl} -Verbose

Added Note:
Thanks to my MVP mate Greig Sheridan, he figured out a more simple way of showing an entire list element.


This enables PowerShell showing unlimited elements in a list. as per default this variable is set to 3. Changing it too -1 removes the limitation and provides a full inside view of the list element.

Tuesday, March 22, 2016

Event 1034, LS File Transfer Agent Service fail after server removal

After a pool and his associated Edge server were decommissioned, I consistently receiving this error:


Skype for Business Server 2015, File Transfer Agent service encountered an error while accessing a file share and will continuously attempt to access this file share until this issue is resolved. While this condition persists, replication to replica machines might not occur.

Access denied. (\\RemovedServer.ad.local\xds-replica\from-master\data.zip)

Cause: Possible issues with file share permissions. This can occur if the computer hosting the file share has outdated cached credentials for the computer that is trying to access the file share.


For details about how to resolve file share permission issues, see the product documentation.

Event ID: 1034
Task Category: 1121

Next I need to check some leftovers from the decommissioning.
Checking the Central Management Store Status gave me a hint:

PS C:\Windows\system32> Get-CsManagementStoreReplicationStatus -CentralManagementStoreStatus

LastUpdatedOn                        : 22/03/2016 6:48:58 PM
ActiveMasterFqdn                     : ActiveServer.ad.local
ActiveMasterLastHeartBeat            : 22/03/2016 6:52:18 PM
ActiveFileTransferAgentFqdn          : ActiveServer.ad.local
ActiveFileTransferAgentLastHeartBeat : 22/03/2016 6:52:17 PM
ActiveReplicas                       : {ActiveServer.ad.local, EdgeServer.ad.local}
DeletedReplicas                      : {RemovedServer.ad.local, RemovedEdgeServer.ad.local}

PS C:\Windows\system32>

I was able and saw the DeletedReplicas.

Normal the Invoke-CsManagementStoreReplication should solve the problem, but simply it didn't work out.

Even if you had decommission a server proper, which is:
1. remove from Topology
2. must Disable-CsComputer

If you run Bootstrapper, the Disable/ Uninstallation is not working.

They stuck still in the DeletedReplicas.

The only solution,(but not support if you can run Disable-CsComputer any longer) is, you have to remove them manually from the XDS database.

Go the SQL CMS Server and execute the script finding the left over servers:

USE xds
GOSELECT [ReplicaId]
FROM [dbo].[Replica]

Than identify the DeletedReplica Server and delete them with:

delete [dbo].[Replica] where [ReplicaId] in (1,4)
where (1,4) are the column identified with the DeletedReplicas server.

This should support this issue.

Friday, March 18, 2016

Move User from a dedicated Pool via Powershell

How to move users to different pool or how to migrate user to another pool.

Simple and often forgotten:

The Get-CsUser command do not offer a -Pool or -SourceFQDN parameter!

Therefor you need to use pipelining and filtering.

Get-CsUser -Filter {RegistrarPool -eq "CurrentPoolFqdn"} | Move-CsUser -Target "TargetPoolFQDN" -MoveConferenceData

The Option CurrentPoolFqdn and TargetPoolFqdn must be specified in the form of: server.domain.local
MoveConferenceData : Please don't forget moving the users conferencing data stored in the File Share.
Note that you should not use the MoveConferenceData parameter if you are moving users as part of a disaster recovery procedure. Instead, you should rely on the backup service for moving conference data as part of a disaster recovery procedure

Care about users conferencing ID is not necessary while moving a user to new pool:

When you move a user to an Skype for Business or Lync Server 2013 pool, the data for the user is moved to the back-end database that is associated with the new pool.

This includes the active meetings created by the user. For example, if a user has configured a my meeting conference, that conference will still be available in the new Skype for Business/ Lync Server 2013 pool after the user has been moved.
The details to access that meeting will still be the same conference URL and conference ID.
The only difference is that the conference is now hosted in the new pool, and not in the source pool.

The Get-CsUser command has the following Properties which can be used for filtering:

Identity                    : CN=USER,CN=Users,DC=ADdom,DC=local
VoicePolicy                 :
VoiceRoutingPolicy          :
ConferencingPolicy          :
PresencePolicy              :
DialPlan                    :
LocationPolicy              :
ClientPolicy                :
ClientVersionPolicy         :
ArchivingPolicy             :
ExchangeArchivingPolicy     : Uninitialized
PinPolicy                   :
ExternalAccessPolicy        :
MobilityPolicy              :
PersistentChatPolicy        :
UserServicesPolicy          :
CallViaWorkPolicy           :
ThirdPartyVideoSystemPolicy :
HostedVoiceMail             :
HostedVoicemailPolicy       :
HostingProvider             : SRV:
RegistrarPool               : Pool or StdServer.ADDomain.local
Enabled                     : True
SipAddress                  : sip:USER@SIPDOM.COM
LineURI                     :
EnterpriseVoiceEnabled      : False
ExUmEnabled                 : False
HomeServer                  : CN=Lc Services,CN=Microsoft,CN=1:1,CN=Pools,CN=RTC
DisplayName                 : USER for TEST
SamAccountName              : USER

I always let the entire process being documented to >C:\User-Move.txt this is for later validation and error correction.

Get-CsUser -Filter {RegistrarPool -eq "lync2013pool.dom.ad"} | Move-CsUser -Target "SfBPool.dom.ad" -MoveConferenceData > C:\move-user.txt 

Move user in event of a Data Center failure:

Well if a DC is in failover mode, there are two things happen.
  • If the resiliency mode is active, the conferencing focus is still hold on the other side and therefor the conferencing ID stuck there and it will fail!
  • If the DC fail with a proper failover incl. the SQL copy and you have activated the failover manually! Everything is working fine.
If you google about Conferencing Focus Lync you find a lot for my fellow MVP mate writing about this.
Assuming, you move the user to new pool permanently, this conferencing focus will be copied as part of the user setting. So the same ID is valid.
Just last weekend I was migrating an entire pool to new pool and everything got moved and all conferences stood as expected.
and if everything failed:
This is from MVP mate Richard Brynteson, Lync MVP, Microsoft Certified Solutions Master, he work it out very proper, if you like to understand conferencing.

Btw you can also download my Skype for Business and Lync Troubleshooting Guide: https://gallery.technet.microsoft.com/lync/Skype-for-Business-and-7857597d

Sunday, March 13, 2016

Skype for Business Client Update Februar + March 2016

Let me give you an overview about the changes applied with the SfB Client Update from February and planned for CU for March:

  • Auto-accept presented content
  • Single click Desktop Sharing (single Monitor)
  • Meeting join with / without mic or speaker
  • better sharing real estate
  • Notify other when everyone can see presented content
  • fast switching to newly connected devices without call on hold
  • additional connected monitor: prompt fir sharing
  • auto hide sharing tool bar
  • smart Team Contacts
  • Meeting Reminder

A new video technology/ codec for P2P screen sharing is implemented:
The P2P sharing is changed from RDP to High Fidelity Video-Based Screen Sharing (VBSS)
With the targeted update for March, it should be implemented for Meeting too.
Requirement ist the Office 2016 client. NOT the Office 2013 updated client Version (15).

Fast and more efficient:
15 FPS with VBSS instead of 8 FPS with RDP



Therefor it becomes als more reliable


More news are:
Co-Author OneDrive Office Document.
You can now collaborate on Office document with OneDrive in a meeting. The Access is granted automatically to the office document (OD4B). you will see the editor who wrote to the document. It is a concurrent editing possible.

Most important request are implemented:
Offline Messaging
  • Send messages to contact even if they are not signed-in
  • Read missed messages in email of in Skype for Business
  • Use unread count badges to navigate through missed messages
  • Read on any device with SfB/Lync that supports missed messages

Some more info's were:
The SfB Client for MAC is coming soon to a preview.
And yes, it is true, try to discover how you can utilize Office 2016 Click2Run in your enterprise.
Several new feature are only available with the C2R version and will not be implemented in the MSI package.

Sunday, February 21, 2016

Skype for Business Cloud, Hybrid or OnPremise decision maker

Thanks Jamie Stark (Microsoft)
we have finally a slide were we can easily make the right decision for the right approach.

Just consider, if you deiced for On-Premise deployment. If you have the Office 365, please always consider the hybrid approach. This let you utilize the Skype for Business Broadcast Meeting feature as well. It is not available, if you didn't set up the hybrid configurations.

You can download the PDF from my slideshare: DOWNLOAD

Tuesday, January 26, 2016

Skype for Business Meeting Failed: Content was blocked because it was not signed by a valid security certificate

In either Internet Explorer or other browsers you might see this issue finally popping when you try joining a Skype for Business Server Meeting if the Meeting is hosted on Premise,

This issue also pop's up with Lync Meeting, not only with Skype for Business Meetings.

Content was blocked because it was not signed by a valid security certificate

After investigation, I saw this was most likely related to changes in Skype for Business Client Update from Januar 2016: https://support.microsoft.com/en-us/kb/3114502

It implements a new and proper described certificate validation procedure for all SIMPLE URL's.
(Note: This issue can't be replicated each time, therefore you have to consider this as "possible issue")

As I described earlier in my blog: http://lyncuc.blogspot.de/2015/10/wildcard-certificate-support-in-skype.html
It is absolute curial following the infrastructure recommendations from Microsoft, regardless if it might work or not. Once there will be an update released, the not recommended setup will have issues or will fail!

A valid SAN Wildcard certificate could look like this:

CN   = fqdn.DOMAIN.COM


I took a deeper look into the assigned certificate.
Btw, it is also in hybrid Skype for Business setup required to be assigned to a local point of access for simple URL's.

We see the CN (or SN) has FQDN as *.domain.com
next screenshot show's it in detail again.
While the last screenshot show's the wildcard name repeated in the SAN (Subject Alternative Name).

I have seen several environment running this configuration without issues as they told me.
But, how they can trace the join users experience?
True, they can't and here I give the example of a situation,where it ended up in mess.

Please define your Reverse Proxy and your Edge Server certificates in the supported and best practice setup.



Saturday, January 9, 2016

Call Monitor Skype for Business Client

With the last client update from January 2016, Microsoft introduced a new feature call Call Monitor.

(first it is still a little buggy and it is also not really suitable. more annoying)

The impacted client version is:
Skype for Business 2016 MSO (16.0.6326.101)

The change introduced the Call Monitor, where the view totally changed and consumes now a huge space on your desktop.

If you switch during a call to another application and Skype is not on front any longer you will see a the two following possibilities:

simple audio call:

conference call with audio/ video:

You can, if you click the icon, still hide the huge screen part.
now you will see this little icon: