Lync 2010 mobile client sign-in fails

January 23, 2016 Leave a comment

This is a very common issue and comes with a multiple errors, I spoke in my previous article  about one of this errors. Today we have the same error but with a little different symptom.

Symptom:

Lync Mobile users get the following Error message “can’t connect to the server. It may be busy or temporarily unavailable” while trying to connect, in addition the S4B mobile clients have the same symptom as we have a hybrid deployment with Skype for Business Online,and the new in this issue is that this problem occurs at irregular intervals  

img_1628Screenshot_2016-01-23-11-55-25

 

Solution:

Quite simply the first thing we should think about it when we find that this problem is repeated irregularly, is to review the (Autodiscover and MCX) directories settings over IIS web component on the Frontend servers in case you have a multiple frontend servers.

In my case I have two frontend servers one of them has lost the autodiscover and MCX directories.

you need to rebuild the autodiscover and MCX directories on defected server by the following steps;

  1. Log on to the computer as a user who is a member of the CsAdministrator group.

  2. Download the latest installation package from the Microsoft Download Center and extract it to the hard disk.

  3. Copy McxStandalone.msi to C:\ProgramData\Microsoft\Lync Server\Deployment\cache\4.0.7577.0\setup.

  4. Open the command prompt: Click Start, click in the search box, type cmd, and then press ENTER.

  5. At the command prompt, run C:\Program Files\Microsoft Lync Server 2010\Deployment\Bootstrapper.exe.

tipTip:

If you run Bootstrapper.exe from Lync Server Management Shell, you must prepend the path with a period (.) and enclose the path in quotation marks ("). For example: ."C:\Program Files\Microsoft Lync Server 2010\Deployment\Bootstrapper.exe".

 

 

Categories: Lync 2010

ADDING ADDITIONAL SIP DOMAINS TO ALREADY DEPLOYED LYNC ENVIRONMENT

July 29, 2015 Leave a comment

 

In this article we will demonstrate in steps how to add additional SIP domain in the already existing Lync deployment.

 

The steps in brief

1. Add the new SIP domain(s) to the Topology.

2. Create DNS records for the new simple URLs, both internal and external.

3. Request new certificates with adding the new domain(s) name(s).

 

Steps to add the new SIP domain(s) to the Topology

Open the Lync Server Topology Builder. 

Select download the topology from the existing deployment. 

image

After the topology builder has opened, Right click on the topology and click edit properties.

image

Click on add new domain to add the new sip domain.

image

Then click on publish topology.

image

 

Create DNS records for the new simple URLs, both internal and external

Port

Service Protocol

Type

Entry

Server

 

CNAME

lyncdiscover.Test.com

Add it to your public DNS entry

 

A

sip.Test.com

Point it to your FE server pool-(Internal+External) DNS

 

A

meet.Test.com

Point it to your FE server pool-(Internal+External) DNS

5061

_sipfederationtls

SRV

sip.Test.com

Should be created on your public DNS

443

_sip

 

sip.Test.com

Should be created on your public DNS

5061

_sipinternaltls

SRV

sipinternaltls._tcp.Test.com

Should be created on your internal DNS

 

Request new certificates with adding the new domain(s) name(s).

· Open Lync server deployment wizard.

· Select Install or Update Lync Server System.

image

· Select Step 3 Request, Install or assign Certificates.

image

For internal certificate keep select the following option.

image

Then press Request and Next.

image

If you don’t have the option to connect directly to your internal CA, you should choose the second option as the below.

image

Choose the path you will save the certificate request in and the CSR name.

image

Choose the following option if you have a certificate template, in our scenario bypass this option.

image

Type the same friendly name as the below.

image

At the end of this wizard you will need to select the new sip domain in my example it was Test.com and your old domains to the SIP domain setting on subject Alternative Names (SANs) section, then adding all your additional subject alternative names.

image

PS. “after upgraded the certificate you need to run the following command { Stop-CsWindowsService} on your Lync server management shell”

image

Now after you generated the new certificate request through your internal CA, you just need to install it on your FE servers, to do that you have two options here.

Option #1

image

Option #2

From start menu type mmc, file, Add/Remove Snap in, certificate, computer account and finish.

And import the new certificate to personal as the below.

image

The final step in this wizard is to assign the new certificate to Lync services as the below screen.

image

Don’t forget to start Lync service by the following command

{ Start-CsWindowsService}.

 

Important P.S. “you need to export the same certificate with private key if you have more than FE servers in order to add it to all your FE servers and this done by the following steps.”

image

image

image

Till now you can

enable new sip domain users and access Lync with the new sip domain from you internal network.

To access from External you just need to update your public certificate with your new SIP domain and it’s (SANs).

Read more…

Lync 2010 mobile can’t connect to the server. it may be busy or temporarily unavailable

December 30, 2014 1 comment

Dears, I would like to share the following article with you,

In the last week we have renewed the Lync 2010 internal and external certificates, internal and external desktop client working normally without any issue, but the mobile client can’t connect.

General Info.

Mobile application requests for Mobility Service.

mobile application requests for Mobility Service

PS Both the internal Mobility Service URL and the external Mobility Service URL are associated with the external Web Services FQDN. Therefore, regardless of whether a mobile device is internal or external to the network, the device always connects to the Microsoft Lync Server 2010 Mobility Service externally through the reverse proxy.

Issue symptoms

Lync Mobile users get the following Error message “can’t connect to the server. It may be busy or temporarily unavailable” while trying to connect.

IMG_1628

Investigation result

· After reviewed the mobile client logs and simulate the test by the test Lync connectivity analyzer, I have found that An error occurred while mobile client sending the request to the Lync proxy server even through port 443 or 80.

. In my scenario we don’t have a reverse proxy, instead of that we using the Lync Frontend servers as a proxy server at the same time, it has a two IPS on the same NIC 10.10.10.21,22 for internal services and 10.10.10.50,51 for the proxy server.

PS. This is not supported scenario, you must use a separate server for the Revproxy if you are going to use software like TMG or any other else, and that if you don’t have a reverse proxy device.

. We use the HW load balance for High availability for the internal and proxy services.

Solution

In my case the IIS web service component of the internal and external sites was missing the binding configuration, so that if you have the same case with the same scenario all you want to do is assign the proxy IP to the external site with port 443 and public cert, and assign the internal server IP to the internal site with port 443 and internal cert.

Categories: Lync 2010

Your Account has been disabled after reconnect a Disconnected Mailbox in Exchange Server 2010

December 6, 2014 2 comments

Dears when an Exchange 2010 mailbox has been disabled it becomes a disconnected mailbox, may be you need to restore this mailbox and suddenly after restored you get the above message when you try to login through OWA “your account has been disabled”  but the mailbox already enable and to be sure you can list the disconnected mailboxes run the following PowerShell command

Get-MailboxStatistics -Database DBName | Where { $_.DisconnectReason -eq “Disabled” } | Format-List LegacyDN, DisplayName, MailboxGUID, DisconnectReason

Surprise!! Now the mailbox is simply disabledSad smile You have been guided to enable this mailbox by the following PowerShell command,

Enable-Mailbox -Identity UserName

Another Surprise !! you got the following Error message “This task does not support recipients of this type.” Sad smile And after Check the user type by the following PowerShell command

Get-mailbox UserName|Fl Recipient* you got the following results that mean no problem with the user type.

RecipientLimits            : unlimited
RecipientType              : UserMailbox
RecipientTypeDetails : UserMailbox

In this case if you try to export the user mailbox you will get the following error message: “Couldn’t connect to the source mailbox”

5-6-2014 9-53-48 AM

And this message let you make check on the MAPI if enable or not for this user by the following PowerShell command:

Get-CASMailbox -Identity UserName

5-6-2014 9-51-22 AM

 

 

And you found the MAPI enabled True that mean no problem by MAPI as the above figure.

 

At the End you need to say Haaaaaaa7Smile And solution is the following PowerShell Command after run it everything will be working normally SmileSmileSmile

Get-mailboxdatabase | Clean-mailboxdatabase

 

 

Categories: Exchange 2010

Upgrade Cisco Iron-Port C360.

July 13, 2014 Leave a comment

Today I will explain how to upgrade your Cisco IronPort appliance to the latest OS version without any interruption in your mail flow.

P.S our license model her is Active/Active nodes as we have two appliances working in the cluster, the same steps also work with Active/Passive model.

1. login to your appliance GUI interface or CLI interface to review the current OS version and what available version for your appliance,  you will need the following URL to review the available version for your appliance.

7-5-2014 8-54-09 AM

2.Backup the configuration.

7-13-2014 1-52-37 PM

3. disconnect the node that  you will going to upgrade it from the cluster, you need to proceed that through CLI commands as the following after login into the appliance through Putty or CMD.

7-13-2014 1-59-08 PM

7-13-2014 2-02-51 PM

4. suspend your listener to avoid any new connection through this node.

7-13-2014 2-11-33 PM

5. return back to GUI to start the upgrade process.

7-5-2014 8-54-43 AM

 7-5-2014 8-55-15 AM   

7-5-2014 8-57-52 AM

Finally after the process finished and get the last OS version resume the listeners by the following command.

7-13-2014 2-12-51 PM

And then go to upgrade the second node by the same sequence…. after finished reconnect the nodes to the cluster.

 

Categories: Cisco Iron-Port

Lync 2010- Transfer to self failed

April 22, 2014 Leave a comment

     Dears,

        Anyone has been got the following diagnostic ID: “29113” with diagnostic header reason: “Transfer to self failed” as the information below shots while trying to make a Lync call from mobile device.

Lync 

 

Lync2

 

you just need to uncheck “Enable refer support” in Trunk Configuration section.

Voice Routing

Trunk Configuration

 

Categories: Lync 2010

Removing specific messages from your Exchange Server 2010

November 25, 2013 1 comment

In this article we will go through simple ways and steps for how to removing specific messages from your Exchange Server 2010.

In the business need you may face this case “someone have a permission to send message to all the organization, sent message by mistake to all and we need to know whom received this message and completely remove it from their mailboxes”

In fact we can perform this request by different ways:

  1. You can create transport rule to delete this message in Exchange 2010.
  2. Assigns the Full Access mailbox permission to the MyAdmin account and remove this message manually.
  3. Using EMS “Exchange Management Shell” to know who received this message and remove it from their mailboxes.

First and second ways not recommended for many reasons in addition to the need to know whom received this message as you can not get this info by this ways.

So we will talk about third one.

Prerequisites:

Make sure the account running the PS command has the appropriate permissions; you need to specifically have access to the New-MailboxImportRequest cmdlet. If you don’t have the correct permissions you will get an error “The term ‘New-MailboxImportRequest’ is not recognized as the name of a cmdlet”.

To add the permission run the following command:

New-ManagementRoleAssignment -Name “Import Export Mailbox Admins” -user “User Account” -Role “Mailbox Import Export”

Change User Account in the above cmdlet to the actual username

Using EMS “Exchange Management Shell” to know who received this message and remove it from their mailboxes.

{First}  If you just need to know who is received the message you can use the following command:

Get-Mailbox -Server ServerName -ResultSize unlimited | Search-Mailbox -Targetfolder “deleted items” -Targetmailbox “Mybackupmailbox” -SearchQuery ‘Received:11/24/2013 AND Subject:”Type Subject Here”‘ -loglevel full

Note: the result of this search will be send to the target mailboxMybackupmailbox” and you can determine mailbox for this reason or you can use your mailbox if you is the administrator and you will get a copy of this message under the target folderdeleted items” and also you can change it to be Inbox for example, also preferred to determine the date of this message that you look-up for, using the subject to determine the message subject and using Loglevel full to get attachment with the result details.

Capture

In the previous screen the ResultItemsCount refer to the number of the message founded in this user mailbox and the ResultItemsSize refer to the message size.

 {Second} To remove the message from mailbox server level use the following command:

Get-Mailbox -Server ServerName -ResultSize unlimited | Search-Mailbox -targetfolder “deleted items” -targetmailbox “Mybackupmailbox” -SearchQuery ‘Received:11/24/2013 AND Subject:”Type Subject Here”‘ -loglevel full -DeleteContent -force

Note: Also you can run this command on the Database mailbox level and user level.

 

Capture2

In the previous screen you can find the search result with the attached result, the message size and items number that refer to my search matched with three mailboxes only or repeated on the same mailbox.

Capture3

In the previous screen you can find the copy of message under the deleted items.

😀

Follow

Get every new post delivered to your Inbox.

Join 582 other followers