Skype for Business and Lync Servers certificate report

This is a cross-post with Guy Bachar’s blog, of a script we wrote back in August 2014 and that went through some technical (mostly Guy) and cosmetic (mostly yours truly) updates.


This script will generate an HTML report of all Skype for Business \ Lync servers’ certificates, and you can even use it to send periodical emails.

As the new script supports contacting your Edge servers, there are some prereqs involved:

1. Enable Trusted Hosts on the Front-End server you’re running the script from:

Set-Item WSMan:\localhost\Client\TrustedHosts -Value “*” -Force

2. Enable HTTP Compatibility Listener on all Edge servers:

Set-Item WSMan:\localhost\Service\EnableCompatibilityHttpListener -Value True

The script is pretty straight forward, all you have to do is run it form a local folder on your FE server with elevated permissions.
However, this will only give you the FE’s certificates.
Guy was smart enough to create the following additions:

-EdgeCertificates and -OWASCertificates

You can run either or both, and they will give you information about your Office Web Apps Servers’ certificates (-OWASCertificates) and your Edge Servers’ certificates (-EdgeCertificates).
When using the -EdgeCertificates option, you’ll be prompted to enter your Edge Server’s credentials.


Visit Guy’s post for further information.

The script can be downloaded here, and we’ll love to hear your feedback.

Skype for Business in-place upgrade and SQL Express 2012

If you’re a small business using Lync 2013 standard edition, you might want to in-place upgrade your current Lync server to the new Skype for Business Server.
If you followed the prerequisites I previously listed here, or better yet, Greig Sheridan’s comprehensive article on how to upgrade, you should have the basics ready by now.

Lync 2013 is originally installed with SQL Express 2012, However, if you’re falling behind on SQL updates, you might not be able to complete start the installation as Skype for Business Server 2015 requires at least SQL Express 2012 SP1:

SQL2012SP1 missingUpgrading SQL Express 2012 to SP1 or SP2 is an easy task, but might be a little time consuming if you do it manually: You’ll need to update each database individually, meaning running the process 3 times (for RTC, RTCLOCAL, LYNCLOCAL).

update DB1
A faster way is to run it via command prompt or PowerShell:

First, download SQL Express 2012 SP2 (I know they only ask for SP1, but walk that extra mile, will ya?).
Choose to download the SQLEXPR_x64_ENU.exe file, this is all you need.
Place the file in a local folder on the server and run the following command:

SQLEXPR_x64_ENU.exe /action=Patch /allinstances /quiet /IAcceptSQLServerLicenseTerms


The above will do the following for you:

  • Run the update process (/action=Patch)
  • Update all instances on the server (/allinstances)
  • Hide the GUI part where you need to use the mouse at least 5 times (/quiet)
  • Accept the T&Cs on your behalf (/IAcceptSQLServerLicenseTerms)

You’ll have no visibility of the update process (unless you choose to omit the /quiet switch) so go grab some coffee, this might take up to 20 minutes.
Look for event 17069 in the Application Log. you’re expecting to see “Microsoft SQL Server 2012 – 11.0.5058.0 (X64)” on the first line of the event – this means your upgrade process is complete:


There should be an event per updated database.

Once completed, a restart of the server is recommended. Additionally, you’ll have to update the Lync databases with the following command:

Install-CsDatabase -ConfiguredDatabases -SqlServerFqdn <FEServer.domain> -Verbose

This will update the databases and will show you the following output in the log:

****Creating DbSetupInstance for ‘Microsoft.Rtc.Common.Data.LisDatabase’****
Trying to connect to Sql Server FE02.y0av.local\rtc. using windows authentication…
Sql version: Major: 11, Minor: 0, Build 5058.
Sql version is acceptable.

You can now run the Skype for Business Server 2015 installation on this server.



Lync 2013 Persistent Chat Service stops after 20 minutes

Followed by Event 53503, LS Persistent Chat Server, This might happen due to an issue with the Persistent Chat DB.

The work around is to export the Persistent Chat data from the Persistent Chat database to a file, run a clean installation the Persistent Chat database and then import the Persistent Chat data from the file to the Persistent Chat database.

Use the following commands:

  1. Export-CsPersistentChatData –DbInstance <YourPCInstance> –FileName to export the data to file.
  2. Install-CsDatabase –DatabaseType PersistentChat –SqlServerFQDN <PCServer.Domain.local> –SqlInstanceName <YourPCInstance> –Clean to clean the Persistent Chat DB.
  3. Import-CsPersistentChatData –DbInstance <YourPCInstance> –FileName to import the data.

Microsoft released this KB to resolve the above issue.

Lync Web App broken on the December 2014 update for Lync Server 2013

If you installed the December 2014 update for Lync server 2013, the Web Components update just might break Lync Web App if you’re using Google Chrome as your default browser.
Chrome will display a message saying “Google Chrome no longer supports Lync Web App” and the workaround, surprisingly, would be to copy the meeting URL to a different browser.

More information about this issue can be found here.

Lync Users and Devices script – improvements


The new Lync Users and Devices script contains all the features of the old one, plus the following:

  • Added an option for non-EN users to reduce Excel errors (thanks BSterkenburg).
  • Also listing Dial-in Conferencing numbers:
Display Name Pool Line URI Primary Language
  • And Exchange UM contacts:
Display Name SIP Address Line URI Auto Attendant? Hosted Voicemail Policy

Run the script from your desktop (NOT your Lync server), where you have Excel installed. The script will ask you for Lync Admin credentials and one of your servers \ pools and will automatically connect to them.

All Tabs

Download the script here.

‘Tis the season to prepare – Add Ireland Public holidays for 2015 to Lync Server

It’s this time of the year again, and the most common question is “What do we do when we’re going on holidays?”.

The answer is here! (That is, if you live in Ireland :)) – the attached script will add all Public holidays for 2015 …And then some:

According to the Citizen Information Board, the following are Public Holidays in Ireland in 2015:

  • New Year’s Day (1 January)
  • St. Patrick’s Day (17 March)
  • Easter Monday (This year it’s 4 April)
  • First Monday in May, June, August (4 May, 1 June, 6 August)
  • Last Monday in October (26 October)
  • Christmas Day (25 December)
  • St. Stephen’s Day (26 December)
    Good Friday is not a public holiday.

The script will add all of the above and the following:

  • Christmas Day 2014 (25 December)
  • St. Stephen’s Day 2014 (26 December)
  • New Year’s Day 2016 (1 January)

You will need to check the new holiday set box for your RSG Workflows to activate your holiday configuration.

To run the script, simply run it one of your Lync servers. The script will confirm that you have local admin permissions and will prompt you for automatic elevation if necessary.

then, it will search for and display your existing application servers, please choose the one(s) running your RGS.
The new improvement to the script is that it will ask you whether you’re using a 12-hour or 24-hour configuration on your machine to determine how to run.
Once you choose 12 or 24 hour configuration, the script will run and add a holiday set called “Ireland Public Holidays 2015”.


Download the script here.

List all users and devices – Lync 2013

I recently published a post with a short script that creates an automated Excel file that lists all your Lync users. This file can be used in documentations and to find all your assigned phone numbers.

Getting some feedback from users and colleagues, I updated the script and it can now show all the users, common area phones, analog devices and Response Groups workflows in youe environment.

The Excel file is created with a separate tab for users, common are phones, analog devices and RGS workflows.

A built-in filter into every column will help you find the information you need based on registrar, analog gateway, username, etc.

Lync users

The file lists the following for each tab:

Lync users:

Display Name SIP Address Registrar Pool Enterprise Voice Line URI

Analog Devices:

Display Name SIP Address Registrar Pool Gateway Line URI

Common Are Phones:

Display Name SIP Address Registrar Pool Description Line URI

RGS Workflows:

Display Name SIP Address Line URI

Run the script from your client machine (NOT Your Lync servers), where you have Excel (At Least 2010) and PowerShell version 3.0 and above.

The script will ask you for your Lync Admin credentials and one of your Lync pools’ FQDN:

Remote PowerShell

It will then connect remotely to you server and start Excel. The script is designed to ignore certificate certificates warnings as you might be running this from a none domain-joined machine.

Download the script here.

Lync 2013 E.164 CLI and carriers (It’s that Plus sign!)

If you’re using Lync properly, you must have all your numbers in accordance with the E.164 format, as recommended by Microsoft and as often preached by Ken Lasko.

There are many benefits for using E.164, but – like any good thing – it comes with some flaws. One of these flaws when using Lync 2013 is that Lync will cease normalizing numbers that are prefixed with +.
The moment you add the ‘+’ sign to your number, Lync will consider it already normalized and will not process any more rules.

This can cause issues with some providers that require us to remove the leading ‘+’ sign from the number.
The work around for dialled numbers (Or as Lync describes it “Called Numbers”) is to use the Set-CsTrunkConfiguration command to remove ‘+’ sign at the trunk level by adding the parameter -RemovePlusFromUri $true.

This is all good for numbers Called – but what about numbers Calling? How can we manipulate the “Source” number?
If we look at a trace from Lync we can see that the destination number is stripped from it’s leading ‘+’, but the source number still has that annoying sign, although I have a rule that says it’s removing it:

With plus

The SIP invite shows the issue:
INVITE sip:3531891170170@MediaGateway.y0av.local;user=phone SIP/2.0
FROM: <sip:+35314396804;;user=phone>;epid=3DFA3756A7;tag=1e448bc93
TO: <sip:3531891170170@MediaGateway.y0av.local;user=phone>

As you can see in the image above, the ‘+’ sign is removed from the destination number, but it’s still there on my source number.
This might result on certain carriers dropping the call since they’re expecting the CLI with no ‘+’.

The workaround:

If you’re working with a gateway or a SBC, you’ll usually be able to work around this issue by stripping the ‘+’ there, simple as this.

If you’re working with Lync only and using a direct SIP trunk to your provider – it’s easy too!
The numbers are not normalized due to Lync’s lack of ability to ignore the rest of the data in the FROM line; when we’re creating normalization rules within Lync, we will usually be looking at numbers and specific characters, not the entire weird string.
The workaround then, is to treat the entire string as… a string.
I add the following rule for my “Calling Numbers” manipulation in the trunk:


This rule says that whenever a number starts with a plus and has at least 8 characters (ANY character) following it, we should ignore the ‘+’ and send only the characters:
Pattern to match: ^\+(.{8,})
Translation rule: $1
Of course, you can change that to look for more numbers if you have other rules there.

Once the rule has been placed and committed, traces look like this now:

Without Plus

The SIP Invite shows the difference:
INVITE sip:3531891170170@MediaGateway.y0av.local;user=phone SIP/2.0
FROM: “Yoav Barzilay”<sip:35315267877;;user=phone>;epid=3DFA3756A7;tag=c9b24cf3b
TO: <sip:3531891170170@MediaGateway.y0av.local;user=phone>


List Lync Users – automated Excel file

(Have a look at the newer, smarter, prettier, fancier version of this script here.)

This script isn’t big news, but it’s very handy and easy to use.
It allows you to remotely connect to one of your pools and create an Excel sheet, populated with the following:

Display Name SIP Address Registrar Pool Enterprise Voice Line URI

It’s basically a list you can hand to your customers and colleagues so they can keep track of changes.
Additionally, it helps spot Enterprise Voice enabled users that don’t have a Line URI or it’s misconfigured.

When you run the script it’ll ask your for your Credentials – You must Have appropriate Lync permissions:


It will then ask you for the FQDN of your Lync server or pool and will attempt to connect:

Lync Server

When connected, the script will immediately start creating the Excel file:

Creating Excel2

You can scroll up and down the Excel file but do not click anywhere on the spreadsheet. This causes the automated build to crash, and you’ll have to restart the script.

When completed, the script will notify you and close the remote PowerShell session it initiated.

Script Done

The pace is approx. a second per line, so if you have 5000 users this is the time to go and grab a cup of coffee.

The script can be downloaded here.

Updated October 7, 2014: Version 2.0 checks for your PS version. This script will only run on PS 3.0 or higher.