Jude's Blog

PowerShell: Manage your O365 – Step by Step

leave a comment »

In this article, let’s see how we can use PowerShell and start with the scratch in getting into O365.

The scenario that we are talking about assumes that the user has created a tenant in the office 365 environment. No further changes in terms of domain/users etc. has not been performed.

Import PS Module

Import PowerShell Online Module: Before doing any of the below tasks, we need to download the commands and functions. By default, PowerShell doesn’t include the commands. So run the below command which will load the Online command modules;

Import-Module MSOnline

Login

Login to Office 365 tenant: Now after loading the module, we need to connect to the Office 365. The Connect-MsolService cmdlet will initiate a connection with Microsoft Azure Active Directory.

This first command will prompt for the credentials and pass it on in the second command that will authenticate with your tenant.

$msolCredentials = Get-Credential

Connect-MsolService -Credential $msolCredentials

List down authorized Domains:

The below cmdlet is used to retrieve the associated domains under the given tenant. Here we check the existing domains.

Get-msoldomain | fl

Add Domain:

The cmdlet is used to create a new domain object in the given Office 365 tenant environment. Once completed a domain entry will be displayed under the domain list. However, the verification is still under pending.

New-MsolDomain –Authentication Managed –Name scko.info

Domain Verification

Domain Verification Part 1:

Is used to return the details of the DNS records that need to be set to verify a domain. Values for Mode are DnsMXRecord and DnsTxtRecord where you will use the values in your DNS Registrar.

Get-MsolDomainVerificationDns -DomainName scko.info -Mode DnsTxtRecord

Domain Verification Part 2:

Used to confirm ownership of a domain. Once you have added the above TXT or MX records to your DNS list, you run the below command which will run the verification from Office 365 end to verify and confirm the domain ownership.

Confirm-MsolDomain –DomainName scko.info

List down authorized Domains:

Now we will use the cmdlet again to retrieve the associated domains.

Get-msoldomain | fl

Note: Please note that after this step, the retrieval of the DNS records associated with Office 365 services (Exchange/SharePoint/S4B etc) needs to be done using the web based Office 365 Admin page. You cannot retrieve the related DNS records through PowerShell.

Note: Adding Licenses needs to be done from the web portal.

Check Office 365 License:

The below cmdlet will list all the SKUs that the tenant owns.

Get-MsolAccountSku

At this point we have finished the following;

  • Tenant Creation
  • Domain adding and verification

User creation

In the next step we will look at user creation.

Create Single User:

The cmdlet will create an individual account.

New-MsolUser -UserPrincipalName jude@scko.info -City Colombo -State Western -Country “Sri Lanka” -DisplayName”Jude Perera” -FirstName Jude -LastName Perera -Password admin@123 -UsageLocation LK -LicenseAssignmentjcpciex:ENTERPRISEPACK

Note: If the license assignment is done at this point the USAGELOCATION and LICENSEASSIGNMENT parameters are required. The value for the LicenseAssignment can be obtained through the Get-MsolAccountSku cmdlet

Office 365 User Attributes

New-MsolUser -UserPrincipalName -City -Country -Department -DisplayName -FirstName -LastName -MobilePhone -PasswordNeverExpires -State -StreetAddress -Title -UsageLocation -LicenseAssignment

Attribute Description
UserPrincipalName This is the account name that’s used to sign in to Office 365 services.
City This will include the city
Country The country of the user
Department The department
DisplayName This is the display name that’s used in Office 365 services.
FirstName First Name
LastName Last Name
MobilePhone Mobile phone number
PasswordNeverExpires This specifies if the user password is set to expire(false) or not(true)
Password If you don’t specify a password, a random password is assigned to the user account, and the password is visible in the results of the command. If you specify a password, it needs to meet the following complexity requirements:

·         8 to 16 ASCII text characters.

·         Characters from any three of the following types: lowercase letters, uppercase letters, numbers, and symbols.
UsageLocation This is a valid ISO 3166-1 alpha-2 country code. For example, US for the United States, and FR for France. It’s important to provide this value, because some Office 365 services aren’t available in certain countries, so you can’t assign a license to a user account unless the account has this value configured.
LicenseAssignment This is the licensing plan (also known as the license plan, Office 365 plan, or SKU) from which an available license is assigned to the user account. The license defines the Office 365 services that are available to account. You don’t have to assign a license to a user when you create the account, but the account requires a license to access Office 365 services.

 

Get User Details:

The command will retrieve the user information for the given users UPN

Get-MsolUser -UserPrincipalName jude@scko.info |fl

Now that we have learnt how to add a single user and what attributes we can associate it with, lets see how we can do a bulk import. This is especially useful when you are creating the users at first or having to add multiple users at a single time.

In preparation for this task we need create the users and attributes in CSV format. The below table lists sample data and the attributes that will be imported to Office 365.

Sample CSV file can be downloaded from here.

Bulk Import:

The below cmdlet will import the users and attributes from the given CSV file

Command 01:

$users = Import-Csv “D:\Demo ITPro\Office365Users.CSV”

Command 02:

$users | ForEach-Object{
New-MsolUser -UserPrincipalName $_. UserPrincipalName -City $_.City -Country $_.Country -Department$_.Department -DisplayName $_.DisplayName -FirstName $_.FirstName -LastName $_.LastName -MobilePhone$_.MobilePhone  -State $_.State -StreetAddress $_.StreetAddress -Title $_.Title -UsageLocation $_.UsageLocation -LicenseAssignment $_.LicenseAssignment
}

Password Configuration:

The below command can be used to enable(true) or disable(false) the requirement of Strong Passwords for users

Get-MsolUser | Set-MsolUser -StrongPasswordRequired $false

Password Change:

If you wish to change the passwords of your users in bulk mode, the below import method can be used.

The import method will import a list of users, their UserPrincipleName and the new Password along with the Set-MsolUserPassword cmdlet. You can use a CSV file with below format.

UserPrincipalName Password
User One pass@word1
User Two pass@word2
User Three pass@word3

 

Import-Csv “D:\Demo ITPro\Office365Users.csv” | % {
Set-MsolUserPassword -UserPrincipalName $_.UPN -NewPassword $_.password -ForceChangePassword $false
}

Create Office 365 User Groups:

The New-MsolGroup cmdlet is used to add a new security group to the tenant. Note that creating groups does not mail enable them. Mail enabling a group needs to done with the help of the Microsoft Exchange Online PowerShell module which we will look in a later stage.

New-MsolGroup -DisplayName “Security Group” -Description “Security Group”

View Office 365 Groups:

The below cmdlet will list down with the Groups and all related attributes.

Get-MsolGroup | fl

Adding users to Group: Adding users or members to a group is not simple as the browser based controls. The Add-MsolGroupMember cmdlet is used to add members to a security group. The new members can be either users or other security groups. The group memberships totally depends on Group and User ID’s under the user/group properties.

Add-MsolGroupMember -GroupMemberObjectId <Guid> -GroupObjectId <Guid> [-GroupMemberType <string>] [-TenantId <Guid>] [<CommonParameters>]


-GroupMemberObjectId <Guid>: The object ID of the member (User or Group) to add to the group. The ID of the group to add members to. To get the value, run the Get-MsolUser -UserPrincipalName singleadd@scko.info | fl command. The Users ObjectID is shown in the below screenshot.

 

-GroupObjectId <Guid>: The ID of the group to add members to. To get the value, run the Get-MsolGroup | flcommand. The Groups ObjectID is shown in the below screenshot.

Now we will combine the above values to add the User “Single Add” to the new group we created earlier.

Add-MsolGroupMember -GroupObjectId 1a3edbb9-ec64-4184-bd22-5df4ae830158 -GroupMemberObjectId 52db4e40-bd95-426b-9c5a-bc752ceb044e

Once the member is added, now we run the below command to check the member adding

Get-MsolGroupMember -GroupObjectId a0b12555-e840-4f53-a857-91e41b69dbf0

Part 1 is done. In the coming days let’s see how we can use PowerShell to connect to Exchange Online services and manage things.

Until then, happy (power)shell’ing 🙂

Written by judeperera

August 15, 2016 at 9:29 am

Posted in Microsoft, Office 365

Tagged with , , ,

MigrationPermanentException error while migrating from Gmail to Office 365

leave a comment »

Here’s the scenario,

There was a client with Gmail who wanted to migrate things to Office 365. So as you may already know, you have the option of IMAP Migration. However, while almost everything looked to get sync’ed from Gmail, there were a set of users who were getting failed on the mailbox syncing. Checking up on the migration batch status for the specific user, the following error was thrown;

Error: MigrationPermanentException: We had troubles signing in to this account. Please confirm that you’re using the correct user name and password.

 

1

Resolution.

Step 1:

First thing you can check is to make sure that the logon credentials are all correct. Just open up gmail on your browser and try to login to verify. If you are unable to login, means you have wrong credentials so double check on that. But if the problem still exists, proceed to Step 2.

Step 2:

In my case the issue was a security setting of gmail side that prevented Office 365 to connect, thus throwing an authentication exception error. To resolve that, go through the below steps.

  1. Login to the gmail user account who’s getting the error.
  2. Right click on the user and click My Account
    2
  3. On the My Account page, under Sign-in & security section, click on Connected apps & sites.
    3
  4. On the connected apps & site section, under Allow less secure apps, ensure that the selection is set to OFF.
    4
  5. Go back and run back the Office 365 migration task and you’ll see the user mailbox getting sync’ed!

Happy migrating. Look forward for a complete step by step guide on gmail to office 365 migration soon. Meanwhile if you encounter the above error and the resolution was something new, do share.

Written by judeperera

April 25, 2016 at 10:15 am

Posted in Office 365, Uncategorized

Tagged with , , , ,

POP Connectivity Fails for Outlook Users on Exchange Server

leave a comment »

Issue: So basically the scenario was, due to a power failure all the servers were restarted. Once they were all back, things were running smoothly until we noticed that there were connection problems with POP users.

Here are the symptoms;

  • Outlook users who are connecting through POP is able to connect, but unable to send or receive mails.
  • Microsoft Exchange POP3 Backend service is in the Running state.

 

 

 

  • On the Microsoft Connectivity Analyzer page, the POP connectivity test fails with the following error.

The POP service is being tested.
There was an error testing the POP service.
Additional Details
S:
C: CAPA
S:
Microsoft.Exchange.Tools.ExRca.Tests.ImapPop.MailProtocolException
at Microsoft.Exchange.Tools.ExRca.Tests.ImapPop.Pop3ProtocolTester.SendCommand(String command,StringlogString)
at Microsoft.Exchange.Tools.ExRca.Tests.ImapPop.MailProtocolTester.SecureConnection()
at Microsoft.Exchange.Tools.ExRca.Tests.lmappop.BaseProtocolTest.PerformTestReally()

Elapsed Time: 125 ms.

 

 

 

 

 

 

So basically, something clearly wasn’t right on the Exchange Server. If you are getting the above error here’s the fix.

  1. Log on to the Exchange Server
  2. Open Exchange PowerShell
  3. Run the following command

    Get-ServerComponentState -Identity <ServerName>

    042016_1050_POPConnecti3.png

  4. Note the PopProxy component state is “Inactive”

    2

  5. On the Exchange PowerShell module, run the following command to activate the PopProxy component.

    Set-ServerComponentState -Identity <ServerName> -Component PopProxy -State Active -Requester HealthAPI

    3

  6. Run the Get-ServerComponentState command again to verify that the service state is up.

    4

  7. To verify POP service is working for users, go to the Microsoft Connectivity Analyzer and perform a POP test. The connection should be successful.

    5

Written by judeperera

April 22, 2016 at 6:12 am

Posted in Exchange

Tagged with , , , ,

Step by Step Guide for Installing Exchange Server 2016

with 22 comments

Download Exchange Server 2016

The following section describes a step-by-step guide for the installation of Microsoft® Exchange Server 2016. The installation considers a single server deployment of Exchange Server 2016 with the Mailbox role. Additional details of the topology and architecture of the lab environment which was used in the installation is described here;

Domain Controller
Operating System Windows Server 2012 R2
Forest Functional Level Windows Server 2012 R2
Domain Functional Level Windows Server 2012 R2
Exchange Server 2016
Operating System Windows Server 2012 R2
Installed Role Mailbox Role

1. Operating System Support for Exchange Server 2016

The following operating systems are supported;

Component Operating System
Mailbox and Edge Server Role Windows Server 2012 R2 Standard or Datacenter
Windows Server 2012 Standard or Datacenter
Windows Server vNext
Management Tools Windows Server 2012 R2 Standard or Datacenter
Windows Server 2012 Standard or Datacenter
64-bit edition of Windows 8.1

2. Active Directory Preparation

The first task in the installation of any version of Exchange is to prepare the Active Directory environment where the Exchange Server will be placed.

However, prior to the preparation, it should be checked against the following Network and Directory Server requirements;

Component Operating System
Domain controllers Windows Server 2012 R2 Standard or Datacenter
Windows Server 2012 R2 Standard or Datacenter
Windows Server 2008 R2 Standard/Enterprise/Datacenter
Windows Server 2008 Standard/Enterprise/Datacenter
Active Directory forest Windows Server 2008 or higher

Once the above requirements are verified for consistency, proceed with the following preparation tasks on the server/computer which will be used to prepare the Active Directory using the Exchange Server 2016 Active Directory Prepare module.

  2. Open Windows PowerShell and run the following command to install the Remote Tools Administration Pack.

Install-WindowsFeature RSAT-ADDS

3 Server role prerequisite installation

The prerequisites for Exchange 2016 varies on the server role which will be associated with it. The section describes the installation of Exchange 2016 on a server containing Windows Server 2012 R2 Operating System.

3.1 Prerequisites for Mailbox Server Role

The following section instructs the prerequisite installation that should be performed in a server running a standalone Exchange 2016 server with the Mailbox Server Role.

  1. Open a Windows PowerShell session by navigating to Start > All Programs > Accessories > Windows
    PowerShell.
  2. Run the following command to install the required Windows components.

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

  1. After installing the features, Download and Install;
    1. Microsoft .Net Framework 4.5
    2. Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit

3.2 Prerequisites for Edge Server Role

The following section instructs the prerequisite installation that should be performed in a server running a standalone Exchange 2016 server with the Mailbox Server Role.

  1. Open a Windows PowerShell session by navigating to Start > All Programs > Accessories > Windows
    PowerShell.
  2. Run the following command to install the required Windows components.

Install-WindowsFeature ADLDS

3. After installing the features, Download and Install Microsoft .Net Framework 4.5

4 Prepare Active Directory and domains

To prepare the active Directory and the Domains for Exchange 2016, follow the following steps. To execute the commands, the commands should be run using the Schema Admins group and the Enterprise Admins group membership.

4.1 Extend Active Directory Schema

  1. Mount the Exchange Server 2016 installation Media
  2. Open up a Command Prompt session and navigate to the setup files from the command prompt
  3. Type the following command followed by an Enter

Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms

4.2 Prepare Active Directory

  1. On the command prompt, run the following;

Setup.exe /PrepareAD /OrganizationName:”<organization name>” /IAcceptExchangeServerLicenseTerms

4.3 Prepare Domains

  1. On the command prompt, run the following;

Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms

5 Installing Exchange Server 2016

The below section describes the installation of the Mailbox Server role for Exchange Server 2016.

If you’re installing the first Exchange 2016 server in the organization, and the Active Directory preparation steps have not been performed, the account you use must have membership in the Enterprise Administrators group. If you haven’t previously prepared the Active Directory Schema, the account must also be a member of the Schema Admins group.

  1. Log on to the server that will be used as the Mailbox server.
  2. Ensure that the above prerequisites are completed.
  3. Mount and navigate to the Exchange Server 2016 installation Media.
  4. Start Exchange 2016 Setup by double-clicking Setup.exe.
  5. On the Check for Updates page, select whether you want Setup to connect to the Internet and download product and security updates for Exchange 2016 and click Next.

  1. Once the setup is finished copying files on the Copying Files page, click Next.

  1. The Introduction page gives additional guidance for the installation procedure. Review the content and Click next to continue.

  1. On the License Agreement page, review the terms. If you agree to the terms, select I accept the terms in the license agreement, and then click next.

  1. On the Recommended Settings page, select whether you want to enable or disable the Exchange Error resolution and feedback feature. The option will either enable or disable automatically check for resolutions for any errors that occurs while the setup is running and sends Microsoft feedback. Click Next to proceed.

  1. On the Server Role Selection page, choose what server role you want to install. Whether to install the Mailbox role, Management Tools or Edge Server role on the server. For this lab Mailbox server role will be selected. Note that Edge and Mailbox cannot collocate on the same server and Management Tools will be installed by default when you chose the Mailbox role. If any Windows prerequisites are needed for the setup, select the Automatically install Windows Server roles and features that are required to install Exchange Server. Click Next to proceed.

  1. On the Installation Space and Location page, either accept the default installation location or click Browse to choose a new location with adequate storage space.

  1. If installing the Mailbox role, a Malware Protection Settings page will appear. Choose whether to enable or disable malware scanning and click Next.

  1. On the Readiness Checks page, view the status to determine if the organization and server role prerequisite checks completed successfully. If unsuccessful, perform the required tasks and click Back, and Next to run the Readiness check again. If successful, click Install to proceed.

  1. The installation will be performed.

  1. Once the setup completes installing all the components, the Setup Completed page will be displayed. Select Finish.

  1. As a best practice, restart the server which you performed the installation.

5 Review Exchange Installation

Once all the above tasks are performed, proceed with the below steps to verify the installation using the Exchange 2016 Administrative Center and PowerShell. Like its predecessor, Exchange Server 2016 management is handled by the Exchange Admin Center. The browser based management console, EAC can be used to manage your organizations on-premises as well as Office 365 and hybrid deployment scenarios.

To Navigate to the Exchange Admin Center;

  1. Open the web browser.
  2. On the URL section, type the below

    https://<FQDN_of_the_Exchange_Server>/ECP

  1. Enter your username and password in Domain\user name and Password and then click sign in.
  2. Review the tabs and sections the new Admin Center.

Written by judeperera

July 24, 2015 at 8:18 am

Posted in Exchange, Microsoft

Tagged with , , , , ,

Download Skype for Business Server 2015

with one comment

Finally the wait is over. Microsoft has made Skype for Business Server 2015 Generally Available. As of now, the download bits are available to MSDN Subscribers. So if you are one, you can get it now. And for the rest, the downloads will be available for evaluation soon.

Got MSDN, grab Skype for Business Server 2015 here

File Name:en_skype_for_business_server_2015_x64_dvd_6622058.iso
Languages:English
SHA1:DA7A0F6A4A34F5A6D03F6DB1084048CD1571F29D

Happy Deployment!!

Step by Step Guide for Installing Skype for Business Server 2015

Step by Step Guide for Upgrading Lync 2013 to Skype for Business 2015

Written by judeperera

May 1, 2015 at 5:47 pm

Posted in Uncategorized

Step by Step Guide for Installing Skype for Business Server 2015

with 4 comments

Microsoft is now all set to roll out of Skype for Business Server 2015. The client is officially out and the Public Release for the Skype for Business Server 2015 is set for 1st May 2015. If you are an Office 365 user, not to worry, Skype for Business is being rolled out as we speak. So let’s go ahead and check how the installation is performed. Note that this post focuses on a fresh deployment of S4B Server 2015. If you are looking at an Upgrade, please see my How to Upgrade post here. Before starting, ensure that you have your hardware all ready. To see the hardware requirements, visit here. For this guide, we will be using Windows Server 2012 R2 server.

Prerequisite Installation

  1. Open Windows PowerShell.
  2. Ensure you have Windows Server 2012 R2 Installation Media is inserted.
  3. Run the following command

    Add-WindowsFeature NET-Framework-Core, RSAT-ADDS, Windows-Identity-Foundation, Web-Server, Web-Static-Content, Web-Default-Doc, Web-Http-Errors, Web-Dir-Browsing, Web-Asp-Net, Web-Net-Ext, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Http-Logging, Web-Log-Libraries, Web-Request-Monitor, Web-Http-Tracing, Web-Basic-Auth, Web-Windows-Auth, Web-Client-Auth, Web-Filtering, Web-Stat-Compression, Web-Dyn-Compression, NET-WCF-HTTP-Activation45, Web-Asp-Net45, Web-Mgmt-Tools, Web-Scripting-Tools, Web-Mgmt-Compat, Server-Media-Foundation, BITS -Source D:\sources\sxs

  4. Restart server if prompted.

 Note: Ensure that the below Operating System Hot fixes are installed.

Install Skype for Business Server Admin Tools

  1. Insert the Skype for Business Server 2015 installation media.
  2. Navigate and run Setup.exe
  3. On the prompt that asks you to install Visual C++, click Yes.
  4. On the next window, if you want the setup to download and install the latest updates for Skype for Business, click Update. If you do not want to install updates and want to continue with the installation, click on Install.

  1. On the License Agreement page, select I accept the terms in the license agreement and click OK.

  2. Wait till the installation is completed. If you opted to download for Windows Update, the setup will display the below window.

  3. Go to Start Menu
  4. Run ‘Skype for Business Server Deployment Wizard’
  5. On the ‘Deployment Wizard’, click on ‘Install Administrative Tools’.

  1. On the Installation window, click Next to begin installation of the Topology Builder and Control Panel.

  1. On the Completion page, click Finish.

Active Directory Preparation

The concept of the Active Directory preparation is pretty much the same as it was in Lync Server deployments.

  1. Go to Start Menu
  2. Run ‘Skype for Business Server Deployment Wizard’

Prepare AD

  1. Click on ‘Prepare Active Directory’

  1. On the ‘Active Directory Preparation’ page, click Run on the ‘Step 1: Prepare schema’ section

  1. On the ‘Prepare Schema’ wizard, proceed with the setup by clicking Next.

  1. Once the schema preparation is completed, review the log and click Finish to close.

Prepare Forest

  1. On the ‘Active Directory Preparation’ page, click Run on the ‘Step 3: Prepare Current Forest’ section.

  1. On the ‘Prepare Forest’ wizard, select Local domain and enter the local domain of your environment and click Next.

  1. Once the setup is completed review the log and click Finish to close.

Prepare Domain

  1. On the ‘Active Directory Preparation’ page, click Run on the ‘Step 5: Prepare Current Domain’ section.

  1. On the Prepare Domain wizard, click Next.

  1. Once the setup is completed review the log and click Finish to close.

Configure Service Accounts

  1. Log on to the Domain Controller as a member of the Domain Admins group.
  2. Open the Active Directory Users and Computers.
  3. Navigate to Users container and right click on the CSAdministration, select Properties.
  4. On the CSAdministrator Properties window, click the Members tab.
  5. Click Add, On the ‘Enter the object names to select’, Type the user name add to the group CSAdministrators.

  1. Click OK.
  2. Verify and that the Members section includes the added user names and click OK.
  3. Go to the Server that will be used for the Front-End.
  4. Log off and login from the account that was used earlier.
  5. Go to Start Menu and open Skype for Business Server Deployment Wizard.
  6. On the Deployment Wizard, verify that Prepare Active Directory section is marked as Complete.

Configure DNS

  1. Log on to the Domain Controller as a member of the Domain Admins group.
  2. Go to Start and open DNS
  3. On the DNS Manager window, navigate to your domain container under the Forward Lookup Zones.
  4. Right click the domain, select New Host (A or AAAA).

  1. On the New Host window, enter the appropriate FQDN’s and associated IP addresses.
    1. Skype for Business Auto Discover
    2. Internal Web Services FQDN
    3. Pool FQDN
    4. Meeting Simple URL
    5. Dial-in Simple URL
    6. Admin Simple URL
    7. Mobility FQDN

  1. Once completed, click Done to exit.
  2. On the Domain container, right click and select Other New Records

  1. In ‘Select a resource record type’, click ‘Service Location (SRV)’, and click ‘Create Record’
  2. Enter the below values
    1. Service: _sipinternaltls
    2. Protocol: _tcp
    3. Priority: 0
    4. Weight: 0
    5. Port Number: 5061
    6. Host offering this service:

  1. Click OK and click Done to close the window.
  2. Verify DNS entries by using nslookup.

Define Topology

  1. Go to Start Menu
  2. Run Skype for Business Server Topology Builder
  3. In the Topology Builder window, select New Topology and click OK

  1. Provide a name and path to the new Topology
  2. Create New Topology Wizard will open.
  3. On the Define the primary domain page, enter your organizations Primary SIP Domain and click Next.

  1. On the Specify additional supported domains page, enter any other SIP domains that you would like to enable with Skype for Business and click Next.

  1. On the Define the first site page, enter a Name and Description for your deployment and click Next.

  1. On the next page, enter the Site details.

  1. On the New topology was successfully defined page, select the ‘Open the New Front End Wizard when this wizard closes’ option and click Finish.
  2. On the new window, Define the New Front End pool click Next.
  3. Enter the FQDN that will be used to address the Front End pool. Note: If Enterprise Edition is selected the FQDN should be the pool name (ex: pool.domain.name) and if Standard Edition is selected, the FQDN should be the FQDN of the Front End server.

  1. Click Next to proceed.
  2. Enter the FQDN’s of the servers that will be used as Front-End Servers and click Next.

  1. On the Select features page, select the services that you want to associate with the Front End servers. (For this lab, we will only select Conferencing)

  1. Skip the Select collocated server role by clicking Next.

  1. On the Define the SQL server store page click New, you need to provide the information of your SQL server.

  1. On the Define New SQL Store, enter the SQL Server FQDN
  2. Select Default instance. (This will use existing instance from your SQL)
  3. Click OK to close the window.

  1. On the Define the SQL server store page, click Next to proceed.
  2. On the Define the file store page, select Define a new file store.
  3. Enter the FQDN of the computer that will be used as the File Store on the File server FQDN text box.
  4. Enter the Folder Name that is created under the File Share text box and click Next.

  1. On the Specify the Web Services URL page,
    1. select the Override Internal Web Services pool FQDN and enter the Internal URL that will be used to access your Skype for Business Web Services.
    2. Under the External Base URL, enter the public URL that will be used to access Skype for Business web services from internet.

  1. Click Next.
  2. On the Select an Office Web Apps Server page,
    1. Click New to associate a new OWA server.

  1. Enter the FQDN of the Office Web Apps Server and the URL and click OK.

  1. Select Finish to complete the Front End Pool provisioning.

  1. On the Topology Builder, right click the Skype for Business Server on the top left corner, click Edit Properties from the menu.

  1. On the Edit Properties window, navigate to Simple URLs section and enter the Administrative Access URL and click OK.

Publish Topology

  1. On the Skype for Business Server Topology Builder, right click on Skype for Business Server and click on Publish Topology from the menu.

  1. On the Publish the topology page, click Next

  1. On the Select Central Management Server page, select the Front End pool from the drop down list and click Next.

  1. On the Select databases page, select the database you have assigned, click Next.

  1. On the Publishing wizard completion page, review and click Finish to exit.

Deploy Front End

  1. Go to Start and run Skype for Business Server Deployment Wizard
  2. On Deployment Wizard page, click Install or Update Skype for Business Server System.

Install Local Configuration Store

  1. In order to Install the local configuration store for the front end server, Click Run on Step 1: Install Local Configuration Store

  1. On the Configure Local replica of Central Management Store page, select Retrieve directly from the CMS and click Next.

  1. Once the installation is completed, review and click Finish to exit.

Install Front-End services

  1. Back on the Deployment Wizard, Click Run on Step 2: Setup or Remove Skype for Business Server Components. This will install the services that are assigned to the Front End server from the Topology.

  1. On the Set Up Skype for Business Server Components page, proceed with the installation.

  1. Once the setup is completed, review the log for additional information and click Finish to exit.

Assign Certificates

  1. On the Deployment Wizard window, click run under ‘Step 3: Request, Install or Assign Certificates’

  1. This will open the Certificate Wizard, select all the three ticks under Default Certificate section and click Request.

  1. On the Certificate Request window,
    1. Select the CA from the drop down list.
    2. Enter a friendly name
    3. Enter the Organization name and unit
    4. Select the Country and provide other geographical information required
    5. Under the SIP domain list, select the domains that will be used under the certificate.

  1. Click Advanced.
  2. A Certificate Request window will open.
  3. On the Delayed or Immediate Requests page, select ‘Send the request immediately to an online certification authority’ and click Next.

  1. Check the ‘Select a CA in your environment’ option and from the drop down list, select the Certificate Authority in your Active Directory Environment, click Next.

  1. If the Certificate Authority requires alternate credential, select the checkbox and enter the details.

  1. On the Name and Security Settings page, review if the Friendly Name given earlier is present for the certificate. Make sure to select 2048 as the Bit length and to tick the ‘Mark the certificate’s private key as exportable’. Click Next.

  1. On the Configure Additional Subject Alternative Names page, enter new and review the FQDNs listed and click Next. For this lab I will use the Web Services URLs inside the Primary Certificate.

  1. On the Certificate Request Summary page, review all the information and click Next to start the certificate request process.

  1. Select ‘Assign this certificate to Skype for Business Server certificate usages’ from the Online Certificate Request Status page and click Finish.

  1. A new window will open. Click Next.

  1. On the Certificate Assignment Summary page, review the certificate information and click Next.

  1. Once the execution is completed, review the status using view log and clock Finish to exit.

  1. To request and assign a certificate for the OAuthTokenIssuer repeat the process under the Certificate Wizard.
  2. Once completed your Certificate Wizard should be completed.

Start Services

Now we have completed the installation and assigned certificates and has come to the point of starting up Lync services for this server. You can do a server restart where at this point which will make all the services run Automatically. But if you want to start the services manually follow the below steps.

  1. Go to Start.
  2. Open Skype for Business Server Management Shell

  1. Type the below command and press enter

    To start the entire Front End Pool     – Start-CsPool

    To start only a single Front End Server     – Start-CsWindowsService

  2. Once the startup is completed navigate to Windows Services MMC and verify that all Skype for Business Server Services are in a Running Status.

  1. Now go to Start, open Skype for Business Server 2015 Control Panel. (Ensure Silverlight is installed)

Now you can perform enabling users and perform other configuration tasks.

    Please note that the above information is provided “AS IS” with no warranties, and confers no rights. The content may be changed as and when the finalized information is been publicly announced by Microsoft.

Written by judeperera

April 21, 2015 at 4:00 am

Posted in Skype for Business

Tagged with , , , , , , ,

Step by Step Guide for Installing Exchange Server 2013 Preview

leave a comment »

Jude's Blog

The following section describes a step-by-step guide for the installation of Microsoft® Exchange Server 2013 Preview. The installation considers a single server deployment of Exchange Server 2013 with the Mailbox and Client Access Server roles collocated. Additional details of the topology and architecture of the lab environment which was used in the installation is described here;

Active Directory Domain Controller
  Operating System Windows Server 2012
Forest Functional Level Windows Server 2012
Domain Functional Level Windows Server 2012
Exchange Server 2013
  Operating System Windows Server 2012
Associated Server Roles Mailbox Server Role
Client Access Server Role

1  Operating System Support for Exchange Server 2013 Preview

For a successful Exchange server 2013 preview installation, the following list of supported operating systems should be considered;

Component Operating System
Mailbox and/or Client Access Server Role Windows Server 2012
Windows Server 2008 R2 Standard or Enterprise with Service Pack 1
Windows Server 2008 R2…

View original post 1,729 more words

Written by judeperera

April 20, 2015 at 7:54 am

Posted in Uncategorized

« Older Entries
Newer Entries »