Thursday, July 24, 2014

Type your user name and password to connect for retrieving response groups.

Issue: Lync login credential pop-up.
Error message: Type your user name and password to connect for retrieving response groups.
Problem statement:
When user login on Lync using their login credential they get login credential prompt with above error however valid credential will accepting. Same credential prompt will back again.
If we cancel credential prompt then credential pop-up will went away and Lync client will work as expected.
Specific to Lync 2010 client.
There are many reason behind it.
1.     Certificate:
Verify the certificate you must have public certificate assign to web services on Revers proxy and VIP if available.

2.     TMG / Reverse Proxy Authentication:
In my case - Credential pop-up issue is occurring due to authentication. We have TMG (Threat Management Gateway) where we published URLs.

a.     Logged on TMG server.

b.     On Lync Front End rule, right click and select properties.

Click on ‘Authentication delegation’. It was set “No delegation. And client cannot authenticate directly”. Which means authentication will happen on TMG level however authentication must happen on Lync server.  That was the actual reason to get credential pop-ups, earlier TMG was checking credential  

c.      Have changed authentication to “No Authentication. But client may authenticate directly”. 

After authentication changes users credential prompt for response group has stopped.

Thank you.

Thursday, July 17, 2014

Apply Lync External access policy to everyone on Lync 2010/2013

Apply Lync External access policy to everyone on Lync 2010/2013.

Recently I have federated our Lync organization with partner Lync on-pre.
Later management want to apply External access policy to everyone to get Lync federation access.
There are couple of available out of box.
NOTE: By default Global policy get applied to everyone.
1.     Using ‘Microsoft Lync Server 2013 Control Panel’ you can easily modify the access policy.
2.     Either you can modify ‘Global’ policy and enable ‘Federated user Access’ or modify any other policy and apply the policy to user or group of user.

3.     You will see eight by default policy under External Access policy.
Best way to apply external access policy to everyone is Lync management shell.
User following command and change policy name per requirement.
Get-CsUser | Grant-CsExternalAccessPolicy -PolicyName "Allow Federation+ Public+Outside access" 

If you want to apply different policy then just replace the policy name.

Thank you.

Tuesday, July 15, 2014

How to admit all participant automatically in Lync 2010?

How to admit all participant automatically in Lync 2010?
Recently one of our client requested to allow all conference participant admit automatically. Currently he has to manually admit allow each participant to meeting.
What I found while troubleshooting is if you allow user to admit automatically then internal user (part of organization) gets automatically admit however external user has to allow manually.
Here are many option available to do the same.
Manual Admit or denial user:
a.     You can click on Admit All or Deny All.
b.     You can Admit or deny one by one user. 
Automatically Admit users:
1.     Create an online meeting request in Microsoft Outlook.
2.     In the meeting request, in the Online Meeting group, click Meeting Options. 

3.     On Meeting Option page-
4.     Under ‘Permission’ tab you can option to check “A New Meeting space (I control permission)”.
5.     Below ‘These people don’t have to wait in the lobby:
You can select any option per requirement.

Below explanation for each option.

If you don’t want admit manually the select option ‘Anyone (no restriction’). 

Who’s a presenter?
If you want to control the presenter settings then do below: Presenter options control which participants are automatically given presenter privileges.

Click on the drop down button or choose presenters then you will see list of option.

Below explanation for each option.

How to change Meeting Conferencing settings?

By default these many settings available. 

If you want to change above settings then use Lync Server Management Shell:

Set-CsMeetingConfiguration - PstnCallersBypassLobby $false

Set-CsMeetingConfiguration - EnableAssignedConferenceType $false

Set-CsMeetingConfiguration - AdmitAnonymousUsersByDefault $false

Set-CsMeetingConfiguration -AssignedConferenceTypeByDefault $false

Thank you.

Monday, July 14, 2014

April 2014 Cumulative updates for Lync server 2010.

April 2014 Cumulative updates for Lync server 2010.

Recently I have installed April 2014 CU on my Lync server 2010 environment.

After updating Lync server patches Lync server 2010 version got changed to Lync server core component, Lync Server and web component version: 4.0.7577.230.
You can download the MS CU from below URL:

Note: Make sure to update Lync Backend server after updating Lync Server Front End server.
Always stop Lync services on all Front End server before updating SQL DB.
After updating Lync patches it will look like below:

Thank you.

Friday, July 11, 2014

We can’t sign you in because your organization doesn’t support this version of Lync. Please install Lync 2010 from your mobile store.

Issue: Unable to login on Lync 2013 Mobile client.
1.     We can’t sign you in because your organization doesn’t support this version of Lync. Please install Lync 2010 from your mobile store.

2.     You can't sign in with this version of Lync. Please install Lync 2010.
Problem Statement:
When users trying to log on Lync 2013 Mobile client they received above error cum notification that your organization doesn’t support this version.
Our user gets confused asking for allow to Lync 2013 mobile client in our organization to use. However my environment using Lync Server 2010 on premises.
Error messaging stating that your Lync organization doesn’t support Lync 2013 Mobile client. In my case I have Lync Server 2010 and affected users are using Lync 2013 Mobile client on their mobile.
Lync server 2010 won’t support Lync 2013 Mobile client.
Because of that it shows above error shows, ‘can’t sign-in because your organization doesn’t support’.
Lync 2013 Mobile relies on Unified Communication Web API (UCWA) that comes with February 2013 Cumulative Update for Lync Server 2013 or later, which Lync Server 2010 does not provide.Lync Server 2013: If the users are signing in to an on-premises Lync Server 2013 deployment, you must apply Cumulative Update 1 for Lync Server 2013, and mobility must be enabled. For more information, go to the following Microsoft Knowledge Base article:
2809243 Updates for Lync Server 2013. 

The Lync 2013 Windows Phone mobile client can only be installed on Windows Phone 8 and can only connect if the user is homed on a Lync Server 2013 pool that has the cumulative update installed.  If you try to sign in to a Lync Server 2010 Front End Server or a Lync Server 2013 Front End Server without the cumulative update using the Lync 2013 mobile client you will see "You can't sign in with this version of Lync. Please install Lync 2010." error message.

Thank you.

Thursday, July 10, 2014

Lync 2010 mobility client gets disconnect frequently.

Issue: Lync 2010 mobility client gets disconnect frequently.
Error: There is no specific error.
Problem Statement:
Recently I have deployed mobility on Lync server 2010 and everything is fine. Deployment is successful, ports are open on firewall, DNS records available, certificate placed on HLB and revers proxy however once user logged on Lync 2010 mobile client, its gets disconnect frequently.
In my environment using Big IP (F5) for reverse proxy.
Initially I feel issue with deployment however all test shows proper result even DNS, certificate, F5 forwarding etc.
When I look on deployment guide then I got to know the issue and fix.
Resolution is nothing to do with Lync server or DNS etc. it’s related to load balancer.
When request come to HLB it was forwarding those request however there were no reference get saved or stored. Microsoft clearly mentioned on document that,  If your environment includes a Front End pool, the external Web Services virtual IPs (VIPs) on the hardware load balancer used for Web Services traffic must be configured for cookie-based persistence. Cookie-based persistence ensures that multiple connections from a single client are sent to one server to maintain session state. The cookies must meet specific requirements. This cookie requirements, mentioned under deployment guide under load Balancing Requirements.
If you plan to support Lync mobile clients only over your internal Wi-Fi network, you should configure the internal Web Services VIPS for cookie-based persistence as described for external Web Services VIPs. In this situation, you should not use source_addr persistence for the internal Web Services VIPs on the hardware load balancer.
In my environment has both internal and external web services so used cookie-based persistence for VIPs and issue got resolved.

Thank you.

Tuesday, July 1, 2014

Increase number of contacts in Lync 2010 and Lync 2013?

Increase number of contacts in Lync 2010 and Lync 2013?

Recently users where complaining to helpdesk about unable to add contact on Lync client. This is common scenarios where user unable to add contact and then Administrator will check client and later Lync server setting.

After looking on server found that Maximum contact limit is 250 setup globally in our organization. Affected user added multiple nested Distribution list on their Lync client.
You can use below command let to get the contact limit.

If you want to increase or decrease number of contact to all user or group of user you can using different command let?
In my case I need to increase Lync number contact size to 500 contact for all user who has Lync access.
Set-CsUserServicesConfiguration -Identity "global" -MaxContacts 500

Above command will set server configuration too globally to contact size 500.   
If you want decrease contact size then go to Lync Power shell and run below command.
Set-CsUserServicesConfiguration -Identity "Global" -MaxContacts "250"

Now you can see Get-CsUserServicesConfiguration to see the current contact limit.

Thank you.