Archive

Archive for the ‘Uncategorized’ Category

Microsoft Lync Server 2010 Multitenant Pack

January 9th, 2012 No comments

Microsoft has released the MS Lync Server 2010 Multitenant Pack.

Microsoft®Lync™ Server 2010 Multitenant Pack for Partner Hosting is a unified communications (UC) solution for telecom and hosting providers. Unified communications is a way for telecom and hosting providers to expand their service offering to their current customers.

The Deployment Guide can be downloaded here

Note: Please be aware that some features such as Call Park and Public IM is not supported!

Features Comparision:

 

Lync Server feature Lync Multitenant Hosting Pack Lync Online
Presence    
Contacts list Yes Yes
Address Book Service Web Query service Yes Yes
Distribution List Expansion protocol (DLX) Yes Yes
Instant Messaging (IM)    
Point-to-point IM Yes Yes
Multiparty/Group IM Yes Yes
Group Chat No No
Client Support    
Lync desktop client Yes Yes
Mac Messenger Yes Yes
Attendee (meeting only) Yes Yes
Lync Mobile on:

iPhone, iPad, Windows Phone 7, Android

Yes Yes
Conferencing and Sharing    
Point-to-point audio/video Yes Yes
Video conferencing over IP Yes Yes
Audio conferencing over IP only Yes Yes
Meeting recording Yes Yes
Ad-hoc audio dial-out conferencing Yes

via SIP Trunk

Yes

via SIP Trunk

“Meet now” audio dial-out conferencing Yes

via ACP

Yes

via ACP

Scheduled audio dial-out conferencing Yes

via ACP

Yes

via ACP

Sharing    
Point-to-point/multiparty data conference (white boarding) Yes Yes
Point-to-point/multiparty file share Yes Yes
Point-to-point/multiparty desktop and application sharing Yes Yes
Point-to-point/multiparty Microsoft PowerPoint® slide sharing Yes Yes
Polling Yes Yes
Integration    
Microsoft Outlook integration for IM, presence, calendar

(with users on the same hosting partner)

Yes Yes
Microsoft SharePoint® integration for IM, presence

(with users on the same hosting partner)

Yes Yes
PIC and Federation    
Intertenant federation Yes Yes
Federation with Extensible Messaging and Presence Protocol (XMPP) No No
Public IM connectivity and presence

Windows Live®, AOL®, Yahoo!®

No Yes
Public IM connectivity audio/video

Windows Live

No Yes
Basic calling features    
Public switched telephone network (PSTN) calling via Lync

incoming and outgoing

Yes Yes
Call controls

hold, transfer, forward, simultaneous ring

Yes Yes
Voice policies Yes Yes
Advanced calling features    
Team call No No
Response groups No No
Delegation No No
Private line (secondary Direct Inward Dialing (DID)) No No
Call park No No
Outgoing DID manipulation No No
Voice features    
Private dial plans No No
Hosted Exchange Unified Messaging (UM) for voice mail Yes Yes

/Tim

 

Categories: Uncategorized Tags:

Office 365 quick config for Lync Mobile

January 5th, 2012 No comments

If you want to have a play with the new Windows Phone client (WP7) for Lync then Microsoft haven’t quite setup the DNS records yet (or they are still propagating round the internet). Not to worry you can force it by manually specifying some URL’s…

If you’re using your own domain with Office 365 or on one of the higher plans check these guides… Set up Lync mobile devices and Set up your network for Lync Online.

Start the Lync mobile client

Enter your username as: <name>@<domain>.onmicrosoft.com

Enter your password:

Specify a username in the same format: <name>@<domain>.onmicrosoft.com

Toggle the “Auto-detect services” & enter the following as the “External Discovery URL”
https://meet.lync.com/Autodiscover/autodiscoverservice.svc/Root

Chances are you’ll never be “internal” to the Office 365 network so we can probably leave the internal one clear for now..!

It looks like some clients don’t work if you don’t give them an “internal URL” too, so just repeat the process for the Internal Discovery URL:

You should now be able to connect & enjoy having a play around.

/Tim

Categories: Uncategorized Tags:

Session speaker at MCT Summit NA 2011

August 24th, 2011 No comments

Last June, I was very happy to be a speaker at the yearly MCT Summit Europe in Stockholm Sweden (http://www.mctsummit.eu/Speakers.aspx?ID=41). As this was such a marvelous and enriching experience for me, I’m more than happy to announce I’ve been accepted as session speaker at MCT Summit USA in San Francisco – CA (http://www.mctsummit.org), taking place 18th-21st of October.

 

As the main theme is “Microsoft Cloud”, I’ll go and present a session on “Integrating your Exchange 2010 on-premise platform with Office365

As always, I’ll share my experiences of this event in a couple of daily update blog posts when I’m there.

So stay tuned for some news and the end of October.

See yah,

/Peter

Categories: Uncategorized Tags:

Exchange 2010 SP1–Rollup Update 5 released

August 24th, 2011 No comments

The Microsoft Exchange Team just announced availability of RU5 this morning.

More details can be found at their website:

http://blogs.technet.com/b/exchange/archive/2011/08/23/released-update-rollup-5-for-exchange-2010-sp1.aspx

The RU6 is also announced, being available somewhere round October.

Would this mean a monthly rollup update is coming our ways as of now?

Cheers, Peter

Categories: Uncategorized Tags:

Lync 2010 client HowTo guidelines

August 13th, 2011 No comments

For all instructions on how to use the Lync 2010 client (schedule meeting, change presence status, make a call…) take a look at the following website.

http://www.lynctip.be/

/Tim

Categories: Uncategorized Tags:

Lync 2010 NTLM Client Authentication Mismatch

August 1st, 2011 No comments

After installing Lync at one of our customers we experienced the following problem when the user was trying to log in.

When I try to make the remote sign-in with the appropriate credentials, Lync reports me “Cannot sign in to Lync. Lync was unable to sign in. Please verify your logon credentials. But it only happened on Windows XP/Windows 7 machines.

When I try to sign-in using the same credentials and Windows 2008 R2 as the client, Lync is signin in!

TheLync server was running Windows 2008 R2. With Windows 7 and Windows 2008 R2, 128-bit encryption is (by default) required for all NTLM authentication requests. After disabling the 128-bit encryption requirement using information from http://technet.microsoft.com/en-us/library/dd566199(WS.10).aspx and running a gpupdate the computer was able to authenticate successfully.

/Tim

Categories: Uncategorized Tags:

How to deploy Forefront Endpoint Protection 2012 beta on SCCM 2012 beta

July 15th, 2011 No comments

 

This blogpost is a full installation walkthrough and documentation guideline on how Forefront Endpoint Protection 2012 beta is installed (I did this today at one of our customers)

One of the main assumptions for the implementation of FEP 2012 beta, is having the availability of a fully operational System Center Configuration Manager 2012 platform, which was the case. (Thanks to my colleague Steve for this !!)

The following topics are documented:

· Installation walkthrough of the FEP 2012 beta server components

· Overview of FEP components within SCCM 2012 console

· Update OSD Task Sequence for FEP 2012 client deployment

· Walkthrough of a manual deployment of the FEP 2012 client

· Monitoring FEP 2012

Installation walkthrough of the FEP 2012 beta server components

· Start the FEPInstall from the installation medium

image

image

· If you choose here for Basic Topology, the FEP 2012 component will take all current settings from the running SCCM 2012 platform (file locations, SQL database, SQL reporting services, service account settings,…)

· Enter the Password for the SCCM 2012 service account

image

· Here we choose Use Microsoft Update…; this guarantees that the FEP 2012 client antivirus / antimalware signatures are automatically updated by using Microsoft Update. There is an automatic fallback scenario where the update engine can perform a direct update as well, if WSUS engine should be down.

image

· By selecting Basic SpyNet membership, the FEP 2012 application will send regular information to Microsoft regarding virusses and malware it detects on the network. The feature “Advanced SpyNet” has about the same functionality, but it also gives feedback to the end-users in the FEP client console, which is normally something we don’t want to bother our users with.

image

image

image

image

image

· As the installation prerequisite check is finished succesfully, we force the setup to automatically open the SCCM console

Overview of FEP components within SCCM 2012 console

After we installed the FEP 2012 server components in the previous step, this chapter gives a basic overview of the default FEP 2012 beta topics in the SCCM 2012 beta console.

The following SCCM options are available in Software Library console:

– Software Library / Overview / Application Management / Packages /

o FEP Deployment

o FEP Operations

o FEP Policies

image

The following SCCM options are available in Monitoring console:

– Monitoring / Overview / FEP Status

– Monitoring / Reportings / Reports

o FEP information for a specific computer

image

image

The following SCCM options are available in Assets & Compliance console:

– Overview / FEP Policies

o Default desktop policy

o Default server policy

– Overview / Compliance Settings / Configuration Items

o FEP … (several collections available)

– Overview / Device Collections / FEP Collections

o FEP … (several collections available)

image

image

image

Update OSD Task Sequence for FEP 2012 client deployment

As a lot of FEP specific parameters and settings have already been preconfigured within SCCM 2012 beta, we can immediately make use of those settings to start deployment of the FEP 2012 beta client to our environment.

In this first example, we update an existing OSD task sequence to install FEP 2012 beta client at the end of the OS deployment.

· Go to Software Library / Overview / Operating Systems / Task Sequence

· In our example, there was already a task sequence for deploying a Win7 client with some applications. For “safety reasons”, we first copy this task sequence to a new, which will be updated afterwards with FEP 2012 deployment.

image

· Select the new Task Sequence, right click / Edit

image

· Pick Add / General / Install Package

· Name : FEP 2012 beta client

· Description : This package installs the FEP 2012 beta client software

· Package : Click Browse / select “Microsoft Corporation FEP – Deployment 1.0” from the list off available packages

· Program: select “install” in the listbox

image

· Drag / Drop the new package at the end of the “install applications” list; this will install the package as the last component within the task sequence (just an example, not a requirement)

image

Walkthrough of a manual deployment of the FEP 2012 client

In the previous chapter, we explained how to update an OSD task sequence to install FEP 2012 beta as part of the overall OS deployment.

In this chapter, we talk about how to “manually” deploy the FEP 2012 beta client package to a set of computers.

· Go to the FEP 2012 beta deployment package (Software Library / Overview / Application Management / Packages / FEP – Deployment)

image

· Rightclick the package + choose Deploy from the context menu

image

· Software: Browse / Pick “Install”

· Collection : Browse / Any collection of machines to which you want to deploy FEP 2012; in this example, we pick the collection “ All desktop and server clients”

image

image

· Distribution Point: <your SCCM distribution point>

image

· Purpose : Required – means the package needs to be installed automatically

· Priority : Normal / High

· If your clients, network and SCCM Site settings support wake-on-lan, mark the option “send wake-up packets” to make sure all active and standby clients receive the package

image

· Define an assigment schedule when you want FEP to be deployed

image

image

· Choose “Download content…”; this will copy the installation files to the client machine first, and start deployment afterwards. This is the suggested setting for software deployment over LAN.

image

image

· Once this wizard is completed, a deployment task is scheduled for the specific collection. Once the SCCM Agent receives notification for installation, the FEP 2012 beta client will be installed on the clients.

· After a few minutes, by going to Monitoring / FEP Status, we can see 1 computer has FEP installed, and 2 other installations are pending

image

We are now at the status where FEP 2012 beta package can be deployed from within an OS Deployment task sequence, or by using a manual deployment to a specific computer collection.

Monitoring FEP 2012

On the last screen of the previous chapter, we get a graphical overview of FEP 2012 beta deployment Statistics. When clicking on the “1 computer has FEP deployed” link, it will bring you automatically to a newly created collection (automatically done by FEP) “Computers that succeeded FEP Deployment”.

This is a group of assets that have FEP client 2012 installed.

image

· Other Device viewing collections are also created automatically by FEP:

o Computers not targeted by FEP (will never get FEP client installed)

o Computers with out of date FEP Versions (have FEP installed, but is out of date)

o Computers Pending FEP Deployment (deploy is scheduled, but not started/finished yet)

image

· On any of the above mentioned FEP Device Collections, we have a new topic available “FEP OPERATIONS” (in the menu ribbon or by rightclicking on the collection / FEP Operations from the context menu)

· This has the following possibilities:

o Run Antimalware Definition updates (=update the virus engine)

o Run Quickscan

o Run Full scan

Configuring FEP Alerts

One could continuously check the different FEP monitoring components or collections within SCCM 2012 console. However, it is more efficient to configure alerts to warn the administrators / helpdesk users of any necessary information on FEP installations on our clients & servers.

· Go to Assets & Compliance

· From within the Ribbon, 2 additional FEP configurations are possible

o FEP email settings

o FEP Alerts

· FEP Email Settings:

image

ð Allow to configure SMTP server settings + notification email address

· FEP Alerts:

image

o Configure to which email addresses FEP alerts should be sent to, on specific malware detection occurance

That’s it folks !

Cheers,

/Peter

Categories: Uncategorized Tags:

ICTinus presentation at Techdays Belgium 2011

June 13th, 2011 No comments

ICTinus was sponsor of the Belgian Techdays 2011; to create enough “animo”, we worked around the “Pirates of the Carribean 4” theme, where visitors of the booth could win movie tickets or even a HP sponsored SmartTouch PC.

At the Student Day, I presented ICTinus in real Jack Sparrow style…, followed by a “company movie”, presenting some of our consultants.

Check out the introduction and full movie at the following link:

Techdays 2011 ICTinus presentation (Pirates in IT…)

 

AAAAAAAhhhrghhhhh

/Peter

Categories: Uncategorized Tags:

Private Key Missing from Exchange SSL certificate

June 13th, 2011 No comments

Although the creation/import of Exchange SSL certificates are straightforward (check out one of my other blogposts on trycatch.be/blogs/pdtit if you should need assistance on this) , you sometimes receive an error within the Exchange console or Powershell when manipulating SSL certificates:

Error: The certificate with thumbprint XXXXXXXXX was found but is not valid for use with Exchange Server (reason: PrivateKeyMissing)

Enable-ExchangeCertificate : The certificate with thumbprint “0000000000” was found but is not valid for use with Exchange Server
(reason: PrivateKeyMissing).
At line:1 char:29
Enable-ExchangeCertificate -Thumbprint 00000000000 -Services "IIS"

Cause: the real cause behind this error is not always that easy to determine; the most common reasons could be classified as “corrupt”, “initial CSR request was created on another Exchange Server” or “CSR was not created by Exchange Server at all”.

Solution:

To resolve this issue during SSL certificate installation in Exchange 2007 or 2010 server, use the following procedure:
Method 1: Repair Damaged Certificate (Windows Server 2003/2008)
1. Start / Run / MMC / add the Certificate Snap-In for the Local Computer account.
2. Double-Click on the recently imported certificate.
3. Select the Details tab.
4. Click on the Serial Number field and copy that string.
Note: You may use CTRL+C, but not right-click and copy.
5. Open up a command prompt session. (cmd.exe aka DOS Prompt).
6. Type: certutil -repairstore my "SerialNumber" (which was copied in the previous step.).
7. After running the above command, go back to the MMC and Right-Click Certificates and select Refresh (or hit F5 in the MMC).
8. Double-Click on the problem certificate. At the bottom of this window (General tab) it should state: "You have a private key that corresponds to this certificate."

It should know be possible to enable the Exchange certificate for IIS or other services (Enable-ExchangeCertificate…)

Cheers, Peter

Categories: Uncategorized Tags:

Windows Phone 7 Activesync cannot be used when AD username contains space

May 18th, 2011 No comments