Lync Server 2010 & Mitel Direct SIP Connectivity
I recently performed a direct SIP trunk integration between a Mitel SX3300 PBX and Microsoft Lync Server 2010. Mitel have published a technical reference for direct SIP connectivity with Lync Server 2010, however this predominantly focuses on the configuration of the SIP trunk from the Mitel side as you would probably expect and the technical reference does not go into detail about what configuration is required in Lync Server 2010 in order to establish connectivity. The following information focuses on the Lync Server 2010 configuration for direct SIP connectivity and does not discuss the Mitel SIP or ASR rules required when placing calls through the 3300 gateways, this information focuses obtain the configuration of PSTN gateways in Lync Server 2010 for Mitel integration only.
1. Obtain Mitel technical reference SIPCoE 11-4940-00161 from the Mitel portal if you have an authorised account or from your PBX vendor. Alternatively you can view the configuration PDF file from here. Although this information is written specifically for MCD 4.2, the SIP trunk integration will work with lower software revisions, you will however notice some of the SIP configuration options detailed in the PDF will not be available in lower revisions.
2. Once the Mitel side of the SIP trunk has bee configured, connect to your Lync Server 2010 front end and open the topology builder. Once the topology builder has opened ensure that you have the mediation server role installed within your topology as this will be required when configuring Lync users for enterprise voice. If this feature is not installed, proceed and install the mediation server role before continuing onto step two.
3. Once the mediation server role is installed, navigate back to the topology builder and expand the "Mediation Pools" container. You should now see the FQDN of the server that holds the mediation role. Right click this object and select "Edit Properties" to invoke the properties window. Within the properties window check the "Enable TCP port" option and then continue to set the TCP listening port to 5060 as for the Mitel SIP trunk side the target TCP port for connectivity is 5060, so we need to ensure our mediation server is listening for requests on this port. An import thing to note here is that if you have any trusted applications, such as RCC integration or Cisco CUPS that already utilise port 5060 you will need to change the mediation server listening port and the destination TCP port of the Mitel SIP trunk to ensure the integration works correctly. If you are in this scenario I recommend setting the mediation server listening port to 5068 and also setting the target TCP port on the Mitel SIP trunk to 5068. The following screenshot illustrates the mediation server role configuration that is required.
Once the port has been set, continue and publish the topology to the CMS. Once the publishing has completed, either restart your front end server or restart the mediation server service. This is required so that the new mediation server port is enabled and listening for connections on the front end server. To confirm this, open a new command prompt window and type "netstat /an" and press return and you should now see the server listening for connections on port 5060 or port 5068 depending on your scenario.
4. Once the mediation server is now listening on the correct port, the required PSTN gateway can be added to the topology. In the topology builder right click the "PSTN Gateways" container and select "New IP/PSTN Gateway". In the gateway dialog box enter the IP address or FQDN of the Mitel PBX you are establishing the SIP trunk to and then proceed to set the listening port to 5060 and the transport protocol to TCP. For reference the Mitel side of the SIP trunk will only accept inbound connections on TCP port 5060. Once this has been completed, click OK and return to the topology builder and then publish the topology. The following screenshot details the PSTN gateway configuration.
5. In the topology builder window expand the "Mediation Pools" container, right click the FQDN of your mediation server and select "Edit Properties" to invoke the properties window. You should now see the IP address or FQDN of your Mitel PBX as a PSTN gateway that can be associated with the mediation server. Highlight the created PSTN gateway in the unassociated gateways field and then click "Add" and click OK. Following this, continue and publish the topology before continuing to the next step.
6. Open the Lync Control Panel and navigate to Voice Routing -> Trunk Configuration and then click New -> Pool Trunk, when prompted select the PSTN gateway you have just created. For the direct SIP connectivity to work with Mitel systems we need to disable RCTP and refer support as Mitel does not support this functionality, you will note this is detailed in the Mitel technical reference on the final page of the document. Mitel do recommend enabling media bypass, however in Lync Server 2010 to achieve media bypass enablement with refer support and RCTP functionality disabled we need to perform some specific steps. Proceed and uncheck the "Enable refer support" and "Enable Media Bypass" boxes in the pool trunk window and then click OK. When back in the main trunk configuration window click "Commit" and then select to commit all changes. The following screenshot illustrates the aforementioned configuration.
7. Once the gateway has been added in the trunk configuration open the Lync Server Management Shell and run the following PowerShell commands to disable RCTP functionality. In the below example my PSTN gateway is called mitel.domain.local, please replace this FQDN with your own Mitel system when running the following commands.
Set-CsTrunkConfiguration -Identity PstnGateway:mitel.domain.local -RCTPActiveCalls $false -RTCPCallsonHold $false
Set-CsTrunkConfiguration -Identity PstnGateway:mitel.domain.local -EnableSessionTimer $true
8. Once the PowerShell commands have been executed return to the Lync Control Panel and navigate to Voice Routing -> Trunk Configuration. Select to edit your pool trunk PSTN gateway and in the configuration window check "Enable Media Bypass" and then click OK. When back in the main trunk configuration window click "Commit" and then select to commit all changes.
The configuration of the SIP trunk is now complete, once a dial plan, voice policy, PSTN usage and route have been configured you should now be able to call between Mitel and Lync users and also pass calls to the PSTN once the Mitel ASR rules have been configured.
Lync Server 2010 – Client Recording Location
I recently had a requirement to store Lync 2010 recordings on a UNC path for a customer. Natively in Lync 2010, setting the recording location directly through the client to either a UNC path or a mapped drive is not supported, and there is a good reason as to why this is the case. When a Lync 2010 recording is invoked the data is streamed to the recording location and when the recording is stopped it is then processed and viewable in both the the Lync Recording Manager and as a WMV file if selected. If for example there was an interuption to network connectivity on the local client, this would impact the recording itself. If you do try and select a mapped drive as a recording location in the Lync 2010 client, the following error will be displayed.
If you have a particular requirement to place Lync recordings onto a mapped drive, the following work around can be performed. This work around utilises a HKEY_CURRENT_USER registry modification that is executed every time a user logs onto a workstation, the registry key itself sets the "RecordingRootDirectory1" value to be the mapped drive or UNC path that you require. In order achieve this, the following actions need to be performed.
1. Download the LyncRecordingLocation registry file from here.
2. Open the registry file in notepad and amend the "RecordingRootDirectory1"="S:\\LyncRecordings\\" entry to read a mapped drive or UNC location of your choice and then save the file.
3. Connect to a domain controller in your infrastructure and then open the Group Policy Management Console. From here, create a new GPO named "Lync Recording Location" for example, and then right click the newly created object and select edit.
4. When the GPO Editor opens navigate to the following location, User Configuration -> Policies -> Windows Settings ->Scripts, as illustrated below.
5. In the Scripts action pane, double click Logon to configure the script. When the Logon dialog box opens click Add which will invoke the "Add a script" dialog box. In the "Script Name" field type the following without quotes, "Regedit.exe". In the parameters field enter the following without quotes "/s LyncRecordingLocation.reg". See below for an illustration of this and once both of these fields have been populated click OK.
6. To complete the creation of the script, click the "Show Files" button and in the policies folder that then displays copy and then paste the LyncRecordingLocation.reg file into this area and close the window. Click Apply and the OK on the Logon Properties dialog box and then exit the Group Policy Management Editor.
7. Back in the Group Policy Management Console, locate an Organisational Unit (OU) where your Lync 2010 users reside, right click the OU and then select "Link an existing GPO" and then select the Lync Recording Location GPO that you have created. This could also be filtered to a specific Active Directory group that requires recordings to be stored centrally, choose which ever option is suitable for your environment.
8. Have your Lync 2010 users log off their workstations and back on again. Open the Lync 2010 client, select Options -> File Saving, and ensure that the Lync Recordings Save To dialog box is now showing the mapped drive or UNC path you set in the registry file, as illustrated below.
That's it, the process is now complete.
Lync Server 2010 – Deleting User Contacts Via SQL
I recently experienced an issue at a customer whereby they had used the very helpful LyncAddContacts VBS script from the EXPTA blog, however this process had gone slightly wrong for the customer and they wanted to delete all contacts that had been pushed out to users and start again. Unfortunately the handy dbimpexp.exe tool does not allow you to explicitly delete contacts from users in bulk or individually. To get around this issue I utilised the following Microsoft SQL query against the Lync RTC database in order to delete a users contacts in their entirety. Please use the following information with caution, the query listed below modifies tables in the RTC database and should be used at your own discretion.
1. Using the Microsoft SQL Management Studio tools connect LyncServerName\RTC using an account that has full CSAdministrator rights.
2. When connected, under databases right click "RTC" and select "New Query".
3. In the new query entry fieldtype the following:
DECLARE @RC int
DECLARE @_Owner nvarchar(4000)
EXECUTE @RC = [rtc].[dbo].[ImpDeleteContactGroups2] "user@sipdomain.co.uk"
GO
4. Under the Execute command detailed above change the users SIP address to be the desired one. To run this for multiple people at once, add more Execute lines for each person and then click Execute in the tool bar to run the script
5. Once the query has run, log into the Lync 2010 client as the user(s) and ensure their contacts list is now blank.
That's it, the process is complete.
Veeam Backup & Replication – Exchange 2010 DAG Issue
I recently experienced an issue with a Microsoft Exchange 2010 Database Availability Group (DAG) failing over during a Veeam Backup & Replication job. The issue was occurring due to the snapshot committal process in VMware, which causes a brief pause in virtual machine I/O. This pause was causing the DAG member to lose sight of the file share witness, which in this case was housed on the customer CAS server, and subsequently fail over.
The resolution to this issue was to increase the CrossSubnetThreshold and CrossSubnetDelay of the cluster. The CrossSubnetThreshold specifies how many heartbeats can be skipped before the cluster fails over and the CrossSubnetDelay specifies the heartbeat interval. The threshold you set for both of these properties can depend on many factors, for example the speed of your underlying storage array or the size of the virtual machine that be being snapshot. In my case I needed to set both values to their maximum. This can be performed by carrying out the following:
1. Navigate to Start -> Administrative Tools and launch Windows PowerShell Modules
2. When the Powershell Window opens please enter the following command:
$cluster = Get-Cluster; $cluster.CrossSubnetThreshold = 10; $cluster.CrossSubnetDelay = 4000
3. Once the command has completed please run the following and ensure that the CrossSubnetDelay and CrossSubnetThreshold are set to 4000 and 10.
Get-Cluster | fl *
4. Re-run your Veeam backup job and see if the cluster fails over. If the backup completes correctly you can they reduce the CrossSubnetDelay and CrossSubnetThreshold to find the optimum values.
That's it, your done.
AudioCodes Mediant 1000 MSBG – Audio Quality Issue
So it's been a long time since I last posted an article on the site, Microsoft Lync Server 2010 has been keeping me busy to say the least. During a recent deployment I experienced an issue with audio quality for both inbound and outbound calls when utilising an AudioCodes Mediant 1000 MSBG gateway running firmware version 6.2. The best way I can describe the problem was that when the call was answered it sounded like the person on the other end was stood next to a jet engine, there was a lost of noise and loss on the connection. When running a syslog on the mediant, in debug level five, and reproducing the issue I could see the following events:
SRTP Error - failed decrypting RTCP packet: authentication failure (2) [Code:3700e] [CID:30]
SRTP Error - failed decrypting RTCP packet: wrong SSRC (11)
SRTP_PCK_DROP_AUTH:1 [Code:5004] [CID:30]
ErrMgs=9 Invalid RTP version (= 0)
When initially looking at these errors I was thinking either a coders or certificate issue could be causing the problem. This was actually incorrect, after some investigation it turned out that my TDM Bus Settings were not configured with the correct LAW attributes. To resolve the issue I performed the following:
1. Log in to the AudioCodes Mediant 1000 MSBG device.
2. On the left hand side of the screen select the "Full" radio button.
3. Ensure you have select the configuration tab and expand the "VoIP" container.
4. Expand the "TDM" container and then select "TDM Bus Settings".
5. In the TDM Bus Settings page, if you are located in Europe set the "PCM LAW Select" value to "ALaw". If you are based in the United States this should be set to "ULaw".
6. Set the TDM Bus Clock Source value to "Network" and click submit in the bottom right hand corner of the screen.
7. At the top of the screen click the "Burn" button to save the configuration to flash and then reset the gateway.
That's it, your poor quality audio issue should now be resolved.
AudioCodes SBA – Lync CMS Replica Issue
I recently experienced an issue when configuring an AudioCodes Mediant 1000 MSBG Survivable Branch Appliance for Lync Server 2010. When working through the SBA configuration wizard and getting to the "Backup Replica" stage, this would consistently fail with the following error:
cannot open database xds requested by the login. The login failed. Login failed for user 'Domain\SBACOMPUTERNAME’
After performing some research on this issue and attempting fixes detailed in other blogs in regards to ensuring the RTCUniversalSBATechnicians Active Directory group was added to the local administrators group on the SBA, I was not having much joy. To work around the problem and get a replica of the CMS database onto the SBA, in order to proceed with the installation, the following was performed.
1. Connect to the server that hold the front end role in your Lync Server 2010 environment.
2. Open the Lync Management Shell and type the following command: Export-CsConfiguration -FileName "C:\Config.zip"
3. Once the command has completed, navigate to the C:\ of the front end server and then copy the generated "Config.zip" file to the root of the SBA's C:\ drive. This can be acheieved by browsing to the C$ share of the SBA.
4. Once the Config.zip file has been copied to the SBA, make and RDP connection to the appliance and open the Lync Management Shell.
5. Once the Lync Management Shell has loaded, enter the following command: Import-CSConfiguration -Verbose -LocalStore -FileName 'C:\config.zip"
6. Once the command has completed, a replica of the CMS will have been imported into the SBA. You can confirm if this was successful by opening the Lync Control Panel on your front end server, selecting the topology tab and confirming the SBA object has a green check next to replication. You can now complete the remainder of the SBA setup.
That's it, the SBA should now work as intended and replicate correctly with the CMS.
Windows Server 2008 R2 – RRAS Duplicate DNS Entries
I recently installed the Routing & Remote Access service on a Windows Server 2008 R2 domain controller. While this is not a recommended approach, it was unfortunately the only server available to host the role. Shortly after installing the role and binding it to the DHCP service, I noticed that when pinging the domain controller it was returning an IP address in the DHCP range. On further inspection it appeared the IP address assigned to the virtual RRAS adapter was registering against DNS and therefore creating two entries for the domain controller. To resolve this issue, the following steps were performed.
1. Navigate to Start -> Administrative Tools and click the DNS option.
2. When the DNS console opens, expand the "Forward Lookup Zones" container and then expand your local domain name.
3. Locate the incorrect host A record for your domain controller and delete it by right clicking the record and selecting delete.
4. In the DNS console, right click the servers name and select properties.
5. In the properties window click the listeners tab and select the "Only the following IP addresses" radio button.
6. In IP addresses list remove the incorrect IP address and then click ok and exit the DNS console.
That's it, you should no longer experience duplicate DNS entries for your domain controller.
D-Link ShareCenter Pulse – Review
I recently picked up D-Link DNS-320 ShareCenter Pulse 2-Bay NAS for some home storage. I have been quite impressed by the device, particularly due to the price, and have written a short review of the ShareCenter below.
1. Price & Quality
The DNS-320, which is the two hard drive bay version of the ShareCenter, cost me £63.99 from a large online retailer. Compared to other small home NAS devices on the market this is very cheap, especially when compared to rival NetGear products. The device itself is very compact and comprised of black ABS plastic with a gloss finish, adding to the light feeling of the product. It feels sturdy enough to survive a drop, but it isn't as good a build quality as a NetGear ReadyNAS Duo, however the quality of both products are certainly reflected in their respective prices. The ShareCenter also contains a standard eluminted power light and LED indicators for both drive bays.
2. Technical Specification & Setup
The ShareCenter carries a decent amount of features, again when looking at what price range it sits in. Some of the key features that impressed me with the device are the following:
Support for upto 4 Terrabytes - 2 x 2 TB hard disk drives
RAID 0, RAID 1 & JBOD Support
Gigabit Ethernet Connectivity
HTTPS Web Management
Email/SMS Notifications
Group Based File & Share Permissions
DLNA Certified
D-Link Green Power Efficiency
The setup of the device was extremely easy, after unboxing the product adding the hard disks drives took seconds. The top of the ShareCenter slides off exposing the two SATA data and power connectors for the hard disk drives. To install the disks, it was a simple case of plugging them directly into the SATA connectors and sliding the lid of the ShareCenter back in place. The only remaining parts of the setup after this was to connect both power and Ethernet, and then turn the device on. Once the device was powered on, D-Link provide an easy setup wizard on an bundled CD-ROM that discovers the NAS on your network and guides you through processes such as IP addressing, RAID setup and domain membership, if required.
3. Device Management & Performance
Out of the box my ShareCenter was running the base firmware version of 1.00. The web interface for this version of firmware is admittedly very basic and not aesthetically pleasing. The first thing I did was to download the latest version of firmware (Version 2.00) from the D-Link website and apply it to the device. Firmwaring the device was very simple, just downloading the firmware file and selecting it through the web management interface was all that we needed. After applying the firmware update a major GUI change is applied, amongst many bug fixes and new features. A screenshot of the new management GUI is featured below.
Performance of the NAS, contrary to other reviews for the DNS-320 on the internet, was actually quite good. I have populated my ShareCenter with two Samsung HD204UI Spinpoint F4 2TB Hard Drives which is connected over a 100 megabit network. When transferring a single 40 gigabyte file to the NAS I was getting a solid 10.2 megabytes a second. When transferring 1.8 gigabytes of data to the NAS, which was made up of around six hundred individual files, I received 9.25 megabytes per second.
4. Overall
Overall the D-Link ShareCenter Pulse is a great device for a small amount of money when compared to other 2 bay NAS solutions on the market. It's high storage capacity, management, power efficiency and DNLA compliance make for a great device if your looking for some cheap networked storage.
For more information on the D-Link ShareCenter, click here.
VMware ThinApp – Microsoft Office 2010 Setup Guide
After successfully being able to create a full Microsoft Office 2010 suite ThinApp, I have written a setup guide to detail the steps that had to be taken in order to get all Office applications working and to allow standard windows users (non local administrators) to activate office when launching the ThinApp for the first time. This article has been written using information for VMware sources and my own experience. The following ThinApp capture has been performed on a fresh installation of Windows XP SP3 with VMware ThinApp 4.6.1.
1. Download and copy the Microsoft .NET Framework 3.5 and Microsoft Office 2010 installation files to the ThinApp capture machine.
2. Ensure you have internet access on the ThinApp capture machine.
3. Install VMware ThinApp on capture machine.
4. Run the Setup Capture wizard, start and complete the pre-scan process.
5. When the pre-scan is complete, on the Install Application page of the Setup Capture wizard, minimize the wizard and install Microsoft .NET Framework 3.5.
6. The Microsoft .NET installation generates the mscorsvw.exe process that continues for an extended period, we need to stop the process with the ngen.exe tool. Open a new command prompt window and type the following command and press return:
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe executequeueditems
7. In order for Office 2010 to activate correctly we need to edit the Config.xml file and specify your Multiple Activation Key (MAK). By default, the Microsoft Office 2010 Config.xml file is stored in the core product folder in the Microsoft Office 2010 installation media. Explore the Office 2010 installation media on the capture machine and you should see a folder named similar to "core_product_folder_name.WW folder". For example, if my Microsoft Office 2010 media was Professional Plus, the folder name would be "ProPlus.WW".
8. Open the core product folder and locate the Config.xml file. Open the Config.xml with Notepad and add the following lines to the to the file file and save it to your local C:\ drive:
<PIDKEY Value="Enter 25 Character MAK Here" />
<Setting Id="USEROPERATIONS" Value="1" />
Note: Do not enter any spaces or hyphens when entering the license key in the PIDKEY value, this must be all one string such as ABCDEFGHIJK.
9. To start the Microsoft Office 2010 setup wizard and apply the settings in Config.xml, open a new command prompt window and type navigate to your Office 2010installation media by using for example "cd d:\". When in the installation media directory enter the following command and press return.
Setup.exe /config c:\config.xml
10. When the installation starts click to accept the terms of the agreement and click next.
11. On the Choose the installation dialog box, click the Customise button.
12. Select Microsoft Office and then select "Run all from My Computer" as the installation option.
13. Click "Install Now" to install Microsoft Office 2010, this will likely take some time.
14. When the installation is complete click "Finish". Proceed and click the Start menu, select the Run option, and then type services.msc and click ok. When the services snap-in opens scroll down the list of services and locate the "Office Software Protection Platform" service, right click this service and select stop.
15. Maximise the ThinApp Capture wizard that we minimised in step 5 and then click to start the post scan process.
16. Once the post scan process has completed, change the Inventory name to something appropriate for your use, for example Microsoft Office 2010.
17. Before building the ThinApp project , copy the OfficeSoftwareProtectionPlatform folder from C:\Documents and Settings\All Users\Microsoft to the folder %Common AppData%\Microsoft. To get to the" %Common AppData%\Microsoft folder" open the ThinApp Setup Wizard and click the "Open Project Folder" button, in the resulting window you should then see a folder named "%Common AppData%" double click this folder then double click the "Microsoft" folder inside. Simply copy and paste the "OfficeSoftwareProtectionPlatform" folder into this location.
18. On the capture machine open the registry editor and navigate to the following key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Search\Preferences
In this location, right click in a white space area an create a new Multi-String Value with the name of, without quotes, "isolation_writecopy". Right click the created "isolation_writecopy" key and select "Modify". When the modify window opens, in the value area, enter the following information and click ok:
Value=PreventIndexingOutlook
REG_DWORD=#01#00#00#00
19. In the same registry editor window navigate to the following key:
HKEY_LOCAL_MACHINE\Software\Microsoft\OfficeSoftwareProtectionPlatform
In this location, right click in a white space area an create a new Multi-String Value with the name of, without quotes, "isolation_full". Right click the created "isolation_full" key and select "Modify". When the modify window opens, in the value area, enter the following information and click ok:
Value=UserOperations
REG_DWORD=#01#00#00#00
20. In the same registry editor window navigate to the following key:
HKEY_CURRENT_USER\Environment
In this location, right click in a white space area an create a new Multi-String Value with the name of, without quotes, "isolation_writecopy". Right click the created "isolation_writecopy" key and select "Modify". When the modify window opens, in the value area, enter the following information and click ok and then close the registry editor:
Value=ALLUSERSPROFILE
REG_SZ~%Common AppData%
21. Maximise the ThinApp Setup Wizard and click on the "Edit package.ini" button before starting the build process. In the ini file change the "MSIStreaming" value to 1 if you want this to be streamed ThinApp otherwise this will be a local ThinApp.
22. Click the "Build" button in ThinApp and wait for the build process to complete.
23. The ThinApp creation process is now complete and the applications should work and activate correctly on Windows XP systems. If you intend to use the Office 2010 ThinApp on Windows 7 operating systems, some additional changes need to be made to ensure that the product activation works correctly.
24. For Windows 7 machines only, in order for the ThinApps to launch and activate Office 2010 correctly you will need to disable the "Windows Search Service" and completely disable User Account Control (UAC). Disabling these two properties can be achieved by using Group Policy Objects as detailed here and here.
That's it, you should now have a fully functionaly Microsoft Office 2010 VMware ThinApp that works on both Windows XP and Windows 7 operating systems.
VMware P2V – Linux Conversion Issue
I recently had to P2V a physical CentOS 5.3 server into a VMware vSphere 4.1 virtual environment. On completing the P2V, which took over four hours, I was presented with an "Error loading operating system" message when powering on the virtual machine. I had initially assumed this was an issue that had occurred during the conversion, however some further investigated revealed this was not that case. When converting the machine from a physical to virtual platform the boot partition location in the GRUB loader was no longer valid, as of course all hardware properties had now changed. To resolve the "Error loading operating system" message the following steps were performed:
1. Download the latest version of CentOS, in my case this was CentOS 5.6 CD 1.
2. Upload the CentOS ISO to a datastore in your virtual environment and attached it to the converted virtual machines CD/DVD drive.
3. Power on the converted virtual machine and press ESC to show the VMware boot device selector. Select and press return on CD/DVD-ROM drive, this will now load the attached CentOS ISO.
4. When CentOS loads, at the boot prompt type without quotations "linux rescue", and press return.
5. Select to mount all file systems in read-write mode and press return.
6. To re-install GRUB type the following without quotes and press return, "grub-install /dev/sda".
7. Once the installation has finished type "reboot" and press enter to restart the virtual machine.
That's it, the GRUB loader should not be repaired and your virtual machine should successfully boot.