October 29 2010

Explanation of OCS and Lync terms

I use a maximum of one Google Ad per post to help offset some of my blog hosting costs.


There are some obscure and misleading terms used when describing an OCS or Lync environment. For those new to OCS or Lync, some of the more common terms are explained below:

IM Conferencing

Lync supports text-based instant messaging conferencing (also known as “Multi-party IM conferencing”) which allows users to initiate text messaging with more than one peer.

Audio / Video Calls

One core feature of Lync is to provider peer-to-peer (P2P) Audio and Video Calls. In this mode, session is established through the SIP protocol and Media Path negotiated between clients and does not route through any Lync server.

Audio / Video Conferencing

Audio / Video Conferencing differs from Audio / Video calls since the Media Path is established between clients and the Audio/Video MCU (Multi-Conferencing Unit) located the Lync front-end server. In A/V Conferencing mode, there is one active speaker (upstream) and at least two listeners (downstream).

Web Conferencing

An often misleading term, Web Conferencing does not provide conferencing features through a Web browser. Web Conferencing extends previous conferencing modalities and adds additional features such as Audio/Video/IM Conferencing, Collaboration tools (Poll page, Whiteboard, Q&A, Text, Web pages), Application and Desktop Sharing, Conversion of PowerPoint presentations to streamed content, Meeting Control, Scheduling, Recording and Playback.

The Web Conferencing feature can integrate with Outlook through a specific add-in to allow scheduled meetings to be held online.


Federation allows a company to communicate with another through various gateways and for designated services.

Desktop Sharing

Desktop Sharing allows users to share their desktop (and optionally share control) with the RDP protocol embedded in the Media Stream, with one or multiple peers.

Group Chat

Group Chat enables users to engage in persistent, ongoing IM conversations. Group Chat differs from group IM in that the latter is not persistent. After a group IM session has ended, its state is lost. With Group Chat, the conversation persists, along with all files, Web links, and other associated data. This persistence makes it possible to maintain complete records of each session. It enables the instant exchange of information across an organization and with external partners in a way that makes it possible to maintain a continuing flow of information among project members.

Edge Servers

Edge Servers allow connection of internal Lync infrastructure to the external world.

Communicator Web Access (CWA)

Communicator Web Access Servers provide Web Sites to allow users to logon to Lync services from a Web browser, which may be extended to support connecting from any endpoint on the Internet.

SIP Address

A SIP (Session Initiation Protocol) address consists of a user name and a domain name, similar to an email address. This is completely separate to an email address, but many organisations opt to keep the format of the SIP addresses in the same format as user’s primary email address in an attempt to keep the user logon process as simple as possible.

Public Instant Messaging Connectivity (PIC)

Enables organizations to interoperate with four proprietary instant messagne services – AOL Instant Messenger, .NET Messenger Service (Windows Live Messenger), Yahoo! Messenger, and Google Talk.

Lync Server 2010

Refers to the server component of Lync.

Lync 2010

Refers to the client (workstation) component of Lync.


I use a maximum of one Google Ad per post to help offset some of my blog hosting costs.


September 21 2010

Virtualization support for Microsoft products including SCCM, OCS, Exchange, ISA

For many years I’ve had to scour the interwebs to find out if hardware virtualization is supported by Mircosoft for a particular product.

I’m not sure how long it has been around but I’ve finally found the Windows Server Catalog site which will simply tell you if it is supported or not:


For example I can easily see that SCCM 2007 SP2 on VMWare ESX 3.5 Update 5 with Windows Server 2008 R2 x64 as the guest OS is SUPPORTED!

So simple and so overdue!

August 5 2010

New Microsoft TS certifications

I’ve spent some time over the last few weeks catching on my Microsoft certifications for some of the areas I focus on and passed the following exams:

70-401: TS: Microsoft System Center Configuration Manager 2007, Configuring
70-400: TS: Microsoft System Center Operations Manager 2007, Configuring
70-638: TS: Microsoft Office Communications Server 2007, Configuring

This has given me the following certifications:
Microsoft Certified Technology Specialist – System Center Configuration Manager (SCCM) 2007: Configuration
Microsoft Certified Technology Specialist – System Center Operations Manager (SCOM) 2007: Configuration
Microsoft Certified Technology Specialist – Office Communications Server 2007: Configuration

I found the 70-400 & 70-401 (SCOM & SCCM) exams cover a lot of material and knowledge that you would use in your day-to-day design and administration of these products. I would say that with a few years experience using these products frequently you should be ok to get a passing score. 70-638 (OCS) exam material really went into a lot of depth around design concepts a lot more than day-to-day administration – even if you have used OCS for years I would suggest that you study hard for this one!


January 25 2010

Unable to manage Office Communicator Group Policy settings – Extra Registry Settings

I recently had a situation where I was unable to manage Office Communicator Group Policy settings – some of the settings now appeared as Extra Registry Settings in the Group Policy Management console.  This seemed to happen around the time that I had upgraded the ADM template to the Office Communicator 2007 R2 ADM template released in January 2010, so I can only assume that some of these settings have been depreciated or superseded.

Unmanagable settings
Unmanagable settings

I was particularly concerned about one setting – softwarepoliciesmicrosoftcommunicatorServerAddress – even though I could no longer manage this settings, the Office Communicator client still used the value in the setting for its configuration! I wanted to manage this setting, so I created a ADM template to manage a few of the unmanageable settings – here it is for your reference:


CATEGORY "Shared UC Settings"
KEYNAME SoftwareMicrosoftSharedUcClient
POLICY ServerAddressInternal
EXPLAIN "Controls the SoftwareMicrosoftSharedUcClientServerAddressInternal registry value"
PART ServerAddressInternal EDITTEXT
VALUENAME "ServerAddressInternal"

CATEGORY "Communicator Settings"
KEYNAME SoftwarePoliciesMicrosoftCommunicator
POLICY ServerAddress
EXPLAIN "Controls the HKCUSoftwarePoliciesMicrosoftCommunicatorServerAddress registry value"
VALUENAME "ServerAddress"


CATEGORY "Communicator Settings"
KEYNAME SoftwarePoliciesMicrosoftCommunicator
POLICY ServerAddress
EXPLAIN "Controls the HKLMSoftwarePoliciesMicrosoftCommunicatorServerAddress registry value"
VALUENAME "ServerAddress"

January 5 2010

OCS Remote Connectivity Testing Tool

Microsoft have updated their OCS connectivity tool which allows you to test the connectivity to your internet facing OCS systems. The tool provides a good level of detail for troubleshooting issues and is extremely easy to use. The URL is https://www.testocsconnectivity.com/.

The official line from Microsoft is:

The Office Communications Server Remote Connectivity Analyzer is a web site for IT Administrators to validate and diagnose end-to-end Office Communications Server scenarios. The site simulates multiple Office Communications Server client access scenarios from outside the customer’s infrastructure and reports whether the test was successful. If the test fails, we inform the IT Admin exactly where in the process it failed as well as provide troubleshooting tips on resolving the issue.

November 5 2009

Improving the SIDMap.wsf script for OCS attribute synchronization

Microsoft’s definition of SIDMap.wsf is : It uses the same disabled user account in the resource forest to enable users for Office Communications Server. To provide single sign-in, the primary user account must also be mapped to the disabled user account in the resource forest for Office Communications Server. This tool performs the mapping.

This script is part of the Office Communications Server 2007 Resource Kit and basically will syncronize the msExchMasterAccountSid attibute to the msRTCSIP-OriginatorSid attribute on the  SIP-enabled disabled user account.

I’ve made some improvements to the script to add a log file and also provide some feedback to the user so they know it has worked. I’ve create a batch file that can be put on a server and run by the support team. This is outlined in attribute_sync.bat below and then the modified SIDMap.wsf is included too.


REM **   This script copies the value in the msExchMasterAccountSid attibute to the msRTCSIP-OriginatorSid attribute
REM **   for every disabled user that is SIP enabled in the 'Testing' OU
REM **   www.danovich.com.au
for /f "tokens=1* delims= " %%a in ('date/t') do set dayname=%%a
for /f "tokens=1* delims= " %%a in ('date/t') do set mmddyyyy=%%a
for /f "tokens=1* delims=/" %%a in ('echo %mmddyyyy%') do set day=%%a
for /f "tokens=2* delims=/" %%a in ('echo %mmddyyyy%') do set month=%%a
for /f "tokens=3* delims=/" %%a in ('echo %mmddyyyy%') do set year=%%a
for /f "tokens=1* delims=:" %%a in ('echo %time%') do set hour=%%a
for /f "tokens=2* delims=:" %%a in ('echo %time%') do set mins=%%a
for /f "tokens=3* delims=:" %%a in ('echo %time%') do set sec=%%a
for /f "tokens=1* delims=." %%a in ('echo %sec%') do set secs=%%a
for /f "tokens=2* delims=." %%a in ('echo %sec%') do set mili=%%a
wscript //h:cscript //B
cd "C:Program FilesMicrosoft Office Communications Server 2007 R2ResKitLcsSync"
SIDMap.wsf /OU:OU=OU=Testing,DC=danovich,DC=com /logfile:C:LogsOCS-%username%-%day%-%month%-%year%-%hour%.%mins%.%secs%.log


<?xml version="1.0" ?>
<job id="Main" prompt="no">
<?job debug="true" error="true" ?>
helpstring="The Active Directory DN of the organizational unit to search under"
helpstring="Generates a list of disabled users that are mailbox and SIP enabled and associated with an external account"
helpstring="Text file used to log the output."
<script id="VBScript_Block" language="VBScript">
' Initialize variables
Set WshShell = CreateObject("WScript.Shell")
const ForWriting = 2
intCount = 0
bQuery = False
On Error Resume Next 'Force continuation on errors when initializing globals
' Retrieve command-line arguments
' Check whether an OU is provided.
if WScript.Arguments.Named.Exists("OU") then
strNamingContext = "LDAP://" & WScript.Arguments.Named("OU")
Set objRootDSE = GetObject("LDAP://rootDSE")
strNamingContext = "LDAP://" & objRootDSE.Get("defaultNamingContext")
end if
' Check whether the user only wants to query the AD.
if WScript.Arguments.Named.Exists("query") then
' Query only all disabled users that are mailbox and SIP enabled.
' set.
bQuery = True
end if
' Check whether logging to a file is required.
if WScript.Arguments.Named.Exists("logfile") then
strLogFile = WScript.Arguments.Named("logfile")
Set fso = CreateObject("Scripting.FileSystemObject")
Set objLogFile = fso.OpenTextFile(strLogFile, ForWriting, True)
objLogFile.WriteLine("List of disabled users associated with an external account and SIP enabled:")
end if
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
' Create connection to AD.
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
' Define AD query.
' Search for disabled user accounts that are SIP enabled and mailbox enabled.
objCommand.CommandText = _
"<" & strNamingContext & ">;" & _
"(&(objectCategory=person)(objectClass=user)(msRTCSIP-UserEnabled=TRUE)(msExchMasterAccountSid=*)(userAccountControl:1.2.840.113556.1.4.803:=2));" & _
' Disable caching to reduce memory consumption for very large result sets.
objCommand.Properties("Cache Results") = FALSE
' Define the maximum page size.
objCommand.Properties("Page Size") = 1000
' Execute query.
Set objRecordSet = objCommand.Execute
If Err.Number <> 0 Then
WScript.Echo("Failed to query Active Directory " & strNamingContext)
WshShell.Popup "Failed to query Active Directory", ," Attribute sync failed ",  16
end if
While Not objRecordset.EOF
intCount = intCount + 1
if IsObject(objLogFile) then
end if
if bQuery = False then
' Set the msRTCSIP-OriginatorSid attribute.
Set objContact = GetObject(objRecordset.Fields("ADsPath"))
strExchSid = objRecordset.Fields("msExchMasterAccountSid").Value
objContact.Put "msRTCSIP-OriginatorSid", strExchSid
If Err.Number <> 0 Then
if IsObject(objLogFile) then
objLogFile.WriteLine("Failed to set msRTCSIP-OriginatorSid attribute " & _
WScript.Echo("Failed to set msRTCSIP-OriginatorSid attribute " & _
WshShell.Popup "Failed to set msRTCSIP-OriginatorSid attribute", ," Attribute sync failed ",  16
end if
end if
end if
WshShell.Popup "Attribute sync has been successful for " & intCount & " users in the following OU:" & vbCrLf & vbCrLf & strNamingContext & vbCrLf & vbCrLf & "Log file is located at " & strLogFile, ," Attribute sync successful ", 64
WScript.Echo "Attribute sync has been successful for " & intCount & " users in the " & strNamingContext & " OU "
if IsObject(objLogFile) then
objLogFile.WriteLine(vbNewLine & intCount & " disabled users.")
end if