Jude's Blog

Posts Tagged ‘microsoft

Ignite 2016 Session Viewer for O365/Exchange – Technet Gallery

leave a comment »

43

This is a small macro sheet I made to be used as a one-stop real time viewer for Office 365 and Exchange Server related sessions from the Microsoft Ignite 2016. Currently there are more than 170 Office 365 and 50 Exchange related sessions listed on the Microsoft Ignite site. This viewer is not fully updated, however the session list is getting updated and will post changelogs in whats news.

Download

Following sessions are available for viewing;

  • BRK1001 : Maximize your Office 365 administration: tips and tricks
  • BRK1003 : Explore accessibility in Office 365: plans and progress
  • BRK1016 : Address your CXO’s top five cloud security concerns
  • BRK1021 : Unplug with the Microsoft Outlook experts
  • BRK1033 : Build your intranet with Microsoft Office 365
  • BRK1044 : Dive deeper into what’s new and what’s coming in Outlook on the web
  • BRK2008 : Understand your users: what’s new in Office 365 Usage Reporting
  • BRK2009 : Manage Office 365 more effectively: what’s new in Office 365 administration
  • BRK2010 : Implement ExpressRoute for Microsoft Office 365 (step by step)
  • BRK2013 : Keep calm and automate: How we secure the Office 365 service
  • BRK2032 : Identify and illustrate insights with new Microsoft Excel Charts
  • BRK2033 : Discover Office 365 Groups – overview, what’s new and roadmap
  • BRK2035 : Learn about advancements in Office 365 Advanced Threat Protection
  • BRK2035 : Learn about advancements in Office 365 Advanced Threat Protection
  • BRK2044 : Discover what’s new and what’s coming for Office Delve
  • BRK2046 : Learn what to use when: Office 365 Groups, SharePoint Team Sites, Yammer, and OneDrive for Business
  • BRK2050 : Dive into Microsoft Office 365 and SharePoint Hybrid Scenarios
  • BRK2053 : Connect your business critical applications to Outlook and Groups
  • BRK2093 : Design your Exchange infrastructure right (or consider moving to Office 365)
  • BRK2097 : Drive Office 365 adoption: methodology, best practices, and resources from Microsoft
  • BRK2100 : Move to Office 365 and drive adoption – lessons learned from the Carlsberg Group
  • BRK2139 : Protect your business and empower your users with cloud Identity and Access Management
  • BRK2160 : Build business applications with Power Apps, Microsoft Flow, and Office 365
  • BRK2166 : Learn about Office 365 Secure Score: actionable security analytics
  • BRK2170 : Discover what’s new with Microsoft Exchange Public Folders
  • BRK2215 : Debate the top 10 reasons not to move your Exchange on-premises mailboxes to Exchange Online
  • BRK2216 : Unplug with the experts on Exchange Server and Exchange Online
  • BRK2216 : Unplug with the experts on Exchange Server and Exchange Online
  • BRK2217 : Discover modern support in Outlook for Exchange Online
  • BRK2218 : Move from Exchange 2007 to Modern Exchange
  • BRK2219 : Meet twin sons of different mothers – Exchange Engineers and Exchange MVPs
  • BRK2220 : Peer behind the curtain – how Microsoft runs Exchange Online
  • BRK2245 : Transform the way you manage Skype for Business
  • BRK2252 : Understand Microsoft’s Office 365 datacenter strategy and approach
  • BRK2275 : Improve Office 365 adoption: top 10 ways
  • BRK2298 : Plan to drive value and user adoption in Microsoft Office 365
  • BRK3000 : Unplug with the experts on Microsoft Exchange Top Issues
  • BRK3001 : Explore the ultimate field guide to Microsoft Office 365 Groups
  • BRK3003 : Collaborate outside the firewall with Microsoft Office 365
  • BRK3007 : Investigate tools and techniques for Exchange Performance Troubleshooting
  • BRK3015 : Reduce costs and challenges with Office 365 eDiscovery and Analytics
  • BRK3016 : Take control of your data with intelligent data governance in Office 365
  • BRK3017 : Own your data and service – monitor and investigate with Office 365 Auditing, Insights and alerts
  • BRK3018 : Take control of your security and compliance with Office 365
  • BRK3019 : Manage Microsoft Office 365 Groups
  • BRK3022 : Challenge cloud encryption myths and learn about Office 365 BYOK plans
  • BRK3023 : Understand how Microsoft protects you against Spoof, Phish, Malware, and Spam emails
  • BRK3024 : Building security and compliance solutions with the O365 Activity API – a Microsoft IT case study
  • BRK3040 : Own your data with next generation access control technology in Office 365
  • BRK3045 : Use Microsoft Graph to reach users on hybrid Exchange 2016
  • BRK3046 : Build intelligent line-of-business applications leveraging the Outlook REST APIs
  • BRK3074 : Discover what’s new in Active Directory Federation and domain services in Windows Server 2016
  • BRK3083 : Secure Office 365 like a cybersecurity pro—assessing risk and implementing controls
  • BRK3102 : Conduct a successful pilot deployment of Microsoft Intune
  • BRK3109 : Deliver management and security at scale to Office 365 with Azure Active Directory
  • BRK3215 : Dive into Modern Authentication – how it works and what to do when it doesn’t
  • BRK3216 : Plan performance and bandwidth for Microsoft Office 365
  • BRK3217 : Run Microsoft Exchange Hybrid for the long haul
  • BRK3219 : Migrate to Exchange Online via Exchange Hybrid
  • BRK3220 : Deploy Microsoft Exchange Server 2016
  • BRK3221 : Understand the Microsoft Exchange Server 2016 Architecture
  • BRK3222 : Implement Microsoft Exchange Online Protection
  • BRK3227 : Ask us anything about Microsoft Office 365 Groups
  • BRK3242 : Discover a new level of Service Health insights for Office 365
  • BRK3253 : Experience Scott Schnoll’s Exchange tips and tricks
  • BRK3254 : Cert Exam Prep: Exam 70-345: Designing and Deploying Microsoft Exchange Server 2016
  • BRK3281 : Deliver a BYOD program that employees and security teams will love with Microsoft Intune
  • BRK3298 : Secure your Active Directory to mitigate risk in the cloud
  • BRK4000 : Review ExpressRoute for Office 365 configuration (routing, proxy and network security)
  • BRK4015 : Build client-side web parts for Microsoft SharePoint
  • BRK4031 : Overcome network performance blockers for Office 365 Deployments
  • BRK4032 : Dive deep into Microsoft Exchange Server High Availability
  • THR1003R : Take control of your security and compliance with Office 365
  • THR1004R : Empower employees with Microsoft Delve Analytics
  • THR1005R : Dive deeper into what’s new and what’s coming in Microsoft Outlook 2016 for Windows
  • THR1011R : Dive deeper into what’s new and what’s coming in Outlook mobile
  • THR2004R : Manage Microsoft Office 365 from anywhere
  • THR2006R : Get an edge over attackers – what you need to know about email threats
  • THR2007R : Fight back with advancements in Office 365 Advanced Threat Protection
  • THR2009R2 : Roll out Microsoft Office in one of the most demanding environments
  • THR2020R : Deploy successfully : top 10 Office 365 ProPlus installation/activation tips
  • THR2022 : Migrate your data to Microsoft Office 365 – why?
  • THR2190R : Secure your sensitive email with Office 365 message encryption
  • THR2207 : Modernize your clients with Office 365, Windows 10 and Enterprise mobility – the admin experience
  • THR3001R : Migrate DL to Microsoft Office 365 Groups
  • THR3007 : Protect your sensitive information with Office 365 Data Loss Prevention
  • THR3008R : Gain visibility and control with Office 365 Advanced Security Management
  • THR3010 : Help your users collaborate better with Office 365 Groups
Advertisements

Written by judeperera

October 5, 2016 at 9:59 am

PowerShell: Manage your O365 – Step by Step

leave a comment »

In this article, let’s see how we can use PowerShell and start with the scratch in getting into O365.

The scenario that we are talking about assumes that the user has created a tenant in the office 365 environment. No further changes in terms of domain/users etc. has not been performed.


Import PS Module

Import PowerShell Online Module: Before doing any of the below tasks, we need to download the commands and functions. By default, PowerShell doesn’t include the commands. So run the below command which will load the Online command modules;

Import-Module MSOnline

Login

Login to Office 365 tenant: Now after loading the module, we need to connect to the Office 365. The Connect-MsolService cmdlet will initiate a connection with Microsoft Azure Active Directory.

This first command will prompt for the credentials and pass it on in the second command that will authenticate with your tenant.

$msolCredentials = Get-Credential

Connect-MsolService -Credential $msolCredentials

List down authorized Domains:

The below cmdlet is used to retrieve the associated domains under the given tenant. Here we check the existing domains.

Get-msoldomain | fl

Add Domain:

The cmdlet is used to create a new domain object in the given Office 365 tenant environment. Once completed a domain entry will be displayed under the domain list. However, the verification is still under pending.

New-MsolDomain –Authentication Managed –Name scko.info

Domain Verification

Domain Verification Part 1:

Is used to return the details of the DNS records that need to be set to verify a domain. Values for Mode are DnsMXRecord and DnsTxtRecord where you will use the values in your DNS Registrar.

Get-MsolDomainVerificationDns -DomainName scko.info -Mode DnsTxtRecord

Domain Verification Part 2:

Used to confirm ownership of a domain. Once you have added the above TXT or MX records to your DNS list, you run the below command which will run the verification from Office 365 end to verify and confirm the domain ownership.

Confirm-MsolDomain –DomainName scko.info

List down authorized Domains:

Now we will use the cmdlet again to retrieve the associated domains.

Get-msoldomain | fl

Note: Please note that after this step, the retrieval of the DNS records associated with Office 365 services (Exchange/SharePoint/S4B etc) needs to be done using the web based Office 365 Admin page. You cannot retrieve the related DNS records through PowerShell.

Note: Adding Licenses needs to be done from the web portal.

Check Office 365 License:

The below cmdlet will list all the SKUs that the tenant owns.

Get-MsolAccountSku

At this point we have finished the following;

  • Tenant Creation
  • Domain adding and verification

User creation

In the next step we will look at user creation.

Create Single User:

The cmdlet will create an individual account.

New-MsolUser -UserPrincipalName jude@scko.info -City Colombo -State Western -Country “Sri Lanka” -DisplayName”Jude Perera” -FirstName Jude -LastName Perera -Password admin@123 -UsageLocation LK -LicenseAssignmentjcpciex:ENTERPRISEPACK

Note: If the license assignment is done at this point the USAGELOCATION and LICENSEASSIGNMENT parameters are required. The value for the LicenseAssignment can be obtained through the Get-MsolAccountSku cmdlet

Office 365 User Attributes

New-MsolUser -UserPrincipalName -City -Country -Department -DisplayName -FirstName -LastName -MobilePhone -PasswordNeverExpires -State -StreetAddress -Title -UsageLocation -LicenseAssignment

Attribute Description
UserPrincipalName This is the account name that’s used to sign in to Office 365 services.
City This will include the city
Country The country of the user
Department The department
DisplayName This is the display name that’s used in Office 365 services.
FirstName First Name
LastName Last Name
MobilePhone Mobile phone number
PasswordNeverExpires This specifies if the user password is set to expire(false) or not(true)
Password If you don’t specify a password, a random password is assigned to the user account, and the password is visible in the results of the command. If you specify a password, it needs to meet the following complexity requirements:

·         8 to 16 ASCII text characters.

·         Characters from any three of the following types: lowercase letters, uppercase letters, numbers, and symbols.

UsageLocation This is a valid ISO 3166-1 alpha-2 country code. For example, US for the United States, and FR for France. It’s important to provide this value, because some Office 365 services aren’t available in certain countries, so you can’t assign a license to a user account unless the account has this value configured.
LicenseAssignment This is the licensing plan (also known as the license plan, Office 365 plan, or SKU) from which an available license is assigned to the user account. The license defines the Office 365 services that are available to account. You don’t have to assign a license to a user when you create the account, but the account requires a license to access Office 365 services.

 

Get User Details:

The command will retrieve the user information for the given users UPN

Get-MsolUser -UserPrincipalName jude@scko.info |fl

Now that we have learnt how to add a single user and what attributes we can associate it with, lets see how we can do a bulk import. This is especially useful when you are creating the users at first or having to add multiple users at a single time.

In preparation for this task we need create the users and attributes in CSV format. The below table lists sample data and the attributes that will be imported to Office 365.

Sample CSV file can be downloaded from here.

Bulk Import:

The below cmdlet will import the users and attributes from the given CSV file

Command 01:

$users = Import-Csv “D:\Demo ITPro\Office365Users.CSV”

Command 02:

$users | ForEach-Object{
New-MsolUser -UserPrincipalName $_. UserPrincipalName -City $_.City -Country $_.Country -Department$_.Department -DisplayName $_.DisplayName -FirstName $_.FirstName -LastName $_.LastName -MobilePhone$_.MobilePhone  -State $_.State -StreetAddress $_.StreetAddress -Title $_.Title -UsageLocation $_.UsageLocation -LicenseAssignment $_.LicenseAssignment
}

Password Configuration:

The below command can be used to enable(true) or disable(false) the requirement of Strong Passwords for users

Get-MsolUser | Set-MsolUser -StrongPasswordRequired $false

Password Change:

If you wish to change the passwords of your users in bulk mode, the below import method can be used.

The import method will import a list of users, their UserPrincipleName and the new Password along with the Set-MsolUserPassword cmdlet. You can use a CSV file with below format.

UserPrincipalName Password
User One pass@word1
User Two pass@word2
User Three pass@word3

 

Import-Csv “D:\Demo ITPro\Office365Users.csv” | % {
Set-MsolUserPassword -UserPrincipalName $_.UPN -NewPassword $_.password -ForceChangePassword $false
}

Create Office 365 User Groups:

The New-MsolGroup cmdlet is used to add a new security group to the tenant. Note that creating groups does not mail enable them. Mail enabling a group needs to done with the help of the Microsoft Exchange Online PowerShell module which we will look in a later stage.

New-MsolGroup -DisplayName “Security Group” -Description “Security Group”

View Office 365 Groups:

The below cmdlet will list down with the Groups and all related attributes.

Get-MsolGroup | fl

Adding users to Group: Adding users or members to a group is not simple as the browser based controls. The Add-MsolGroupMember cmdlet is used to add members to a security group. The new members can be either users or other security groups. The group memberships totally depends on Group and User ID’s under the user/group properties.

Add-MsolGroupMember -GroupMemberObjectId <Guid> -GroupObjectId <Guid> [-GroupMemberType <string>] [-TenantId <Guid>] [<CommonParameters>]


-GroupMemberObjectId <Guid>:
The object ID of the member (User or Group) to add to the group. The ID of the group to add members to. To get the value, run the Get-MsolUser -UserPrincipalName singleadd@scko.info | fl command. The Users ObjectID is shown in the below screenshot.

 

-GroupObjectId <Guid>: The ID of the group to add members to. To get the value, run the Get-MsolGroup | flcommand. The Groups ObjectID is shown in the below screenshot.

Now we will combine the above values to add the User “Single Add” to the new group we created earlier.

Add-MsolGroupMember -GroupObjectId 1a3edbb9-ec64-4184-bd22-5df4ae830158 -GroupMemberObjectId 52db4e40-bd95-426b-9c5a-bc752ceb044e

Once the member is added, now we run the below command to check the member adding

Get-MsolGroupMember -GroupObjectId a0b12555-e840-4f53-a857-91e41b69dbf0

Part 1 is done. In the coming days let’s see how we can use PowerShell to connect to Exchange Online services and manage things.

Until then, happy (power)shell’ing 🙂

Written by judeperera

August 15, 2016 at 9:29 am

Step by Step Guide for Installing Exchange Server 2016

with 22 comments

Download Exchange Server 2016

The following section describes a step-by-step guide for the installation of Microsoft® Exchange Server 2016. The installation considers a single server deployment of Exchange Server 2016 with the Mailbox role. Additional details of the topology and architecture of the lab environment which was used in the installation is described here;

Domain Controller
Operating System Windows Server 2012 R2
Forest Functional Level Windows Server 2012 R2
Domain Functional Level Windows Server 2012 R2
Exchange Server 2016
Operating System Windows Server 2012 R2
Installed Role Mailbox Role

1. Operating System Support for Exchange Server 2016

The following operating systems are supported;

Component Operating System
Mailbox and Edge Server Role Windows Server 2012 R2 Standard or Datacenter
Windows Server 2012 Standard or Datacenter
Windows Server vNext
Management Tools Windows Server 2012 R2 Standard or Datacenter
Windows Server 2012 Standard or Datacenter
64-bit edition of Windows 8.1

2. Active Directory Preparation

The first task in the installation of any version of Exchange is to prepare the Active Directory environment where the Exchange Server will be placed.

However, prior to the preparation, it should be checked against the following Network and Directory Server requirements;

Component Operating System
Domain controllers Windows Server 2012 R2 Standard or Datacenter
Windows Server 2012 R2 Standard or Datacenter
Windows Server 2008 R2 Standard/Enterprise/Datacenter
Windows Server 2008 Standard/Enterprise/Datacenter
Active Directory forest Windows Server 2008 or higher

Once the above requirements are verified for consistency, proceed with the following preparation tasks on the server/computer which will be used to prepare the Active Directory using the Exchange Server 2016 Active Directory Prepare module.

  1. Open Windows PowerShell and run the following command to install the Remote Tools Administration Pack.

Install-WindowsFeature RSAT-ADDS

3 Server role prerequisite installation

The prerequisites for Exchange 2016 varies on the server role which will be associated with it. The section describes the installation of Exchange 2016 on a server containing Windows Server 2012 R2 Operating System.

3.1 Prerequisites for Mailbox Server Role

The following section instructs the prerequisite installation that should be performed in a server running a standalone Exchange 2016 server with the Mailbox Server Role.

  1. Open a Windows PowerShell session by navigating to Start > All Programs > Accessories > Windows
    PowerShell.
  2. Run the following command to install the required Windows components.

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

  1. After installing the features, Download and Install;
    1. Microsoft .Net Framework 4.5
    2. Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit

3.2 Prerequisites for Edge Server Role

The following section instructs the prerequisite installation that should be performed in a server running a standalone Exchange 2016 server with the Mailbox Server Role.

  1. Open a Windows PowerShell session by navigating to Start > All Programs > Accessories > Windows
    PowerShell.
  2. Run the following command to install the required Windows components.

Install-WindowsFeature ADLDS

3. After installing the features, Download and Install Microsoft .Net Framework 4.5

4 Prepare Active Directory and domains

To prepare the active Directory and the Domains for Exchange 2016, follow the following steps. To execute the commands, the commands should be run using the Schema Admins group and the Enterprise Admins group membership.

4.1 Extend Active Directory Schema

  1. Mount the Exchange Server 2016 installation Media
  2. Open up a Command Prompt session and navigate to the setup files from the command prompt
  3. Type the following command followed by an Enter

Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms

4.2 Prepare Active Directory

  1. On the command prompt, run the following;

Setup.exe /PrepareAD /OrganizationName:”<organization name>” /IAcceptExchangeServerLicenseTerms

4.3 Prepare Domains

  1. On the command prompt, run the following;

Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms

5 Installing Exchange Server 2016

The below section describes the installation of the Mailbox Server role for Exchange Server 2016.

If you’re installing the first Exchange 2016 server in the organization, and the Active Directory preparation steps have not been performed, the account you use must have membership in the Enterprise Administrators group. If you haven’t previously prepared the Active Directory Schema, the account must also be a member of the Schema Admins group.

  1. Log on to the server that will be used as the Mailbox server.
  2. Ensure that the above prerequisites are completed.
  3. Mount and navigate to the Exchange Server 2016 installation Media.
  4. Start Exchange 2016 Setup by double-clicking Setup.exe.
  5. On the Check for Updates page, select whether you want Setup to connect to the Internet and download product and security updates for Exchange 2016 and click Next.

  1. Once the setup is finished copying files on the Copying Files page, click Next.

  1. The Introduction page gives additional guidance for the installation procedure. Review the content and Click next to continue.

  1. On the License Agreement page, review the terms. If you agree to the terms, select I accept the terms in the license agreement, and then click next.

  1. On the Recommended Settings page, select whether you want to enable or disable the Exchange Error resolution and feedback feature. The option will either enable or disable automatically check for resolutions for any errors that occurs while the setup is running and sends Microsoft feedback. Click Next to proceed.

  1. On the Server Role Selection page, choose what server role you want to install. Whether to install the Mailbox role, Management Tools or Edge Server role on the server. For this lab Mailbox server role will be selected. Note that Edge and Mailbox cannot collocate on the same server and Management Tools will be installed by default when you chose the Mailbox role. If any Windows prerequisites are needed for the setup, select the Automatically install Windows Server roles and features that are required to install Exchange Server. Click Next to proceed.

  1. On the Installation Space and Location page, either accept the default installation location or click Browse to choose a new location with adequate storage space.

  1. If installing the Mailbox role, a Malware Protection Settings page will appear. Choose whether to enable or disable malware scanning and click Next.

  1. On the Readiness Checks page, view the status to determine if the organization and server role prerequisite checks completed successfully. If unsuccessful, perform the required tasks and click Back, and Next to run the Readiness check again. If successful, click Install to proceed.

  1. The installation will be performed.

  1. Once the setup completes installing all the components, the Setup Completed page will be displayed. Select Finish.

  1. As a best practice, restart the server which you performed the installation.

5 Review Exchange Installation

Once all the above tasks are performed, proceed with the below steps to verify the installation using the Exchange 2016 Administrative Center and PowerShell. Like its predecessor, Exchange Server 2016 management is handled by the Exchange Admin Center. The browser based management console, EAC can be used to manage your organizations on-premises as well as Office 365 and hybrid deployment scenarios.

To Navigate to the Exchange Admin Center;

  1. Open the web browser.
  2. On the URL section, type the below

    https://<FQDN_of_the_Exchange_Server>/ECP

  1. Enter your username and password in Domain\user name and Password and then click sign in.
  2. Review the tabs and sections the new Admin Center.

Step by Step Guide for Installing Skype for Business Server 2015

with 4 comments

Microsoft is now all set to roll out of Skype for Business Server 2015. The client is officially out and the Public Release for the Skype for Business Server 2015 is set for 1st May 2015. If you are an Office 365 user, not to worry, Skype for Business is being rolled out as we speak. So let’s go ahead and check how the installation is performed. Note that this post focuses on a fresh deployment of S4B Server 2015. If you are looking at an Upgrade, please see my How to Upgrade post here. Before starting, ensure that you have your hardware all ready. To see the hardware requirements, visit here. For this guide, we will be using Windows Server 2012 R2 server.

Prerequisite Installation

  1. Open Windows PowerShell.
  2. Ensure you have Windows Server 2012 R2 Installation Media is inserted.
  3. Run the following command

    Add-WindowsFeature NET-Framework-Core, RSAT-ADDS, Windows-Identity-Foundation, Web-Server, Web-Static-Content, Web-Default-Doc, Web-Http-Errors, Web-Dir-Browsing, Web-Asp-Net, Web-Net-Ext, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Http-Logging, Web-Log-Libraries, Web-Request-Monitor, Web-Http-Tracing, Web-Basic-Auth, Web-Windows-Auth, Web-Client-Auth, Web-Filtering, Web-Stat-Compression, Web-Dyn-Compression, NET-WCF-HTTP-Activation45, Web-Asp-Net45, Web-Mgmt-Tools, Web-Scripting-Tools, Web-Mgmt-Compat, Server-Media-Foundation, BITS -Source D:\sources\sxs

  4. Restart server if prompted.

 Note: Ensure that the below Operating System Hot fixes are installed.

Install Skype for Business Server Admin Tools

  1. Insert the Skype for Business Server 2015 installation media.
  2. Navigate and run Setup.exe
  3. On the prompt that asks you to install Visual C++, click Yes.
  4. On the next window, if you want the setup to download and install the latest updates for Skype for Business, click Update. If you do not want to install updates and want to continue with the installation, click on Install.

  1. On the License Agreement page, select I accept the terms in the license agreement and click OK.

  2. Wait till the installation is completed. If you opted to download for Windows Update, the setup will display the below window.

  3. Go to Start Menu
  4. Run ‘Skype for Business Server Deployment Wizard’
  5. On the ‘Deployment Wizard’, click on ‘Install Administrative Tools’.

  1. On the Installation window, click Next to begin installation of the Topology Builder and Control Panel.

  1. On the Completion page, click Finish.

Active Directory Preparation

The concept of the Active Directory preparation is pretty much the same as it was in Lync Server deployments.

  1. Go to Start Menu
  2. Run ‘Skype for Business Server Deployment Wizard’

Prepare AD

  1. Click on ‘Prepare Active Directory’

  1. On the ‘Active Directory Preparation’ page, click Run on the ‘Step 1: Prepare schema’ section

  1. On the ‘Prepare Schema’ wizard, proceed with the setup by clicking Next.

  1. Once the schema preparation is completed, review the log and click Finish to close.

Prepare Forest

  1. On the ‘Active Directory Preparation’ page, click Run on the ‘Step 3: Prepare Current Forest’ section.

  1. On the ‘Prepare Forest’ wizard, select Local domain and enter the local domain of your environment and click Next.

  1. Once the setup is completed review the log and click Finish to close.

Prepare Domain

  1. On the ‘Active Directory Preparation’ page, click Run on the ‘Step 5: Prepare Current Domain’ section.

  1. On the Prepare Domain wizard, click Next.

  1. Once the setup is completed review the log and click Finish to close.

Configure Service Accounts

  1. Log on to the Domain Controller as a member of the Domain Admins group.
  2. Open the Active Directory Users and Computers.
  3. Navigate to Users container and right click on the CSAdministration, select Properties.
  4. On the CSAdministrator Properties window, click the Members tab.
  5. Click Add, On the ‘Enter the object names to select’, Type the user name add to the group CSAdministrators.

  1. Click OK.
  2. Verify and that the Members section includes the added user names and click OK.
  3. Go to the Server that will be used for the Front-End.
  4. Log off and login from the account that was used earlier.
  5. Go to Start Menu and open Skype for Business Server Deployment Wizard.
  6. On the Deployment Wizard, verify that Prepare Active Directory section is marked as Complete.

Configure DNS

  1. Log on to the Domain Controller as a member of the Domain Admins group.
  2. Go to Start and open DNS
  3. On the DNS Manager window, navigate to your domain container under the Forward Lookup Zones.
  4. Right click the domain, select New Host (A or AAAA).

  1. On the New Host window, enter the appropriate FQDN’s and associated IP addresses.
    1. Skype for Business Auto Discover
    2. Internal Web Services FQDN
    3. Pool FQDN
    4. Meeting Simple URL
    5. Dial-in Simple URL
    6. Admin Simple URL
    7. Mobility FQDN

  1. Once completed, click Done to exit.
  2. On the Domain container, right click and select Other New Records

  1. In ‘Select a resource record type’, click ‘Service Location (SRV)’, and click ‘Create Record’
  2. Enter the below values
    1. Service: _sipinternaltls
    2. Protocol: _tcp
    3. Priority: 0
    4. Weight: 0
    5. Port Number: 5061
    6. Host offering this service:

  1. Click OK and click Done to close the window.
  2. Verify DNS entries by using nslookup.

Define Topology

  1. Go to Start Menu
  2. Run Skype for Business Server Topology Builder
  3. In the Topology Builder window, select New Topology and click OK

  1. Provide a name and path to the new Topology
  2. Create New Topology Wizard will open.
  3. On the Define the primary domain page, enter your organizations Primary SIP Domain and click Next.

  1. On the Specify additional supported domains page, enter any other SIP domains that you would like to enable with Skype for Business and click Next.

  1. On the Define the first site page, enter a Name and Description for your deployment and click Next.

  1. On the next page, enter the Site details.

  1. On the New topology was successfully defined page, select the ‘Open the New Front End Wizard when this wizard closes’ option and click Finish.
  2. On the new window, Define the New Front End pool click Next.
  3. Enter the FQDN that will be used to address the Front End pool. Note: If Enterprise Edition is selected the FQDN should be the pool name (ex: pool.domain.name) and if Standard Edition is selected, the FQDN should be the FQDN of the Front End server.

  1. Click Next to proceed.
  2. Enter the FQDN’s of the servers that will be used as Front-End Servers and click Next.

  1. On the Select features page, select the services that you want to associate with the Front End servers. (For this lab, we will only select Conferencing)

  1. Skip the Select collocated server role by clicking Next.

  1. On the Define the SQL server store page click New, you need to provide the information of your SQL server.

  1. On the Define New SQL Store, enter the SQL Server FQDN
  2. Select Default instance. (This will use existing instance from your SQL)
  3. Click OK to close the window.

  1. On the Define the SQL server store page, click Next to proceed.
  2. On the Define the file store page, select Define a new file store.
  3. Enter the FQDN of the computer that will be used as the File Store on the File server FQDN text box.
  4. Enter the Folder Name that is created under the File Share text box and click Next.

  1. On the Specify the Web Services URL page,
    1. select the Override Internal Web Services pool FQDN and enter the Internal URL that will be used to access your Skype for Business Web Services.
    2. Under the External Base URL, enter the public URL that will be used to access Skype for Business web services from internet.

  1. Click Next.
  2. On the Select an Office Web Apps Server page,
    1. Click New to associate a new OWA server.

  1. Enter the FQDN of the Office Web Apps Server and the URL and click OK.

  1. Select Finish to complete the Front End Pool provisioning.

  1. On the Topology Builder, right click the Skype for Business Server on the top left corner, click Edit Properties from the menu.

  1. On the Edit Properties window, navigate to Simple URLs section and enter the Administrative Access URL and click OK.

Publish Topology

  1. On the Skype for Business Server Topology Builder, right click on Skype for Business Server and click on Publish Topology from the menu.

  1. On the Publish the topology page, click Next

  1. On the Select Central Management Server page, select the Front End pool from the drop down list and click Next.

  1. On the Select databases page, select the database you have assigned, click Next.

  1. On the Publishing wizard completion page, review and click Finish to exit.

Deploy Front End

  1. Go to Start and run Skype for Business Server Deployment Wizard
  2. On Deployment Wizard page, click Install or Update Skype for Business Server System.

Install Local Configuration Store

  1. In order to Install the local configuration store for the front end server, Click Run on Step 1: Install Local Configuration Store

  1. On the Configure Local replica of Central Management Store page, select Retrieve directly from the CMS and click Next.

  1. Once the installation is completed, review and click Finish to exit.

Install Front-End services

  1. Back on the Deployment Wizard, Click Run on Step 2: Setup or Remove Skype for Business Server Components. This will install the services that are assigned to the Front End server from the Topology.

  1. On the Set Up Skype for Business Server Components page, proceed with the installation.

  1. Once the setup is completed, review the log for additional information and click Finish to exit.

Assign Certificates

  1. On the Deployment Wizard window, click run under ‘Step 3: Request, Install or Assign Certificates’

  1. This will open the Certificate Wizard, select all the three ticks under Default Certificate section and click Request.

  1. On the Certificate Request window,
    1. Select the CA from the drop down list.
    2. Enter a friendly name
    3. Enter the Organization name and unit
    4. Select the Country and provide other geographical information required
    5. Under the SIP domain list, select the domains that will be used under the certificate.

  1. Click Advanced.
  2. A Certificate Request window will open.
  3. On the Delayed or Immediate Requests page, select ‘Send the request immediately to an online certification authority’ and click Next.

  1. Check the ‘Select a CA in your environment’ option and from the drop down list, select the Certificate Authority in your Active Directory Environment, click Next.

  1. If the Certificate Authority requires alternate credential, select the checkbox and enter the details.

  1. On the Name and Security Settings page, review if the Friendly Name given earlier is present for the certificate. Make sure to select 2048 as the Bit length and to tick the ‘Mark the certificate’s private key as exportable’. Click Next.

  1. On the Configure Additional Subject Alternative Names page, enter new and review the FQDNs listed and click Next. For this lab I will use the Web Services URLs inside the Primary Certificate.

  1. On the Certificate Request Summary page, review all the information and click Next to start the certificate request process.

  1. Select ‘Assign this certificate to Skype for Business Server certificate usages’ from the Online Certificate Request Status page and click Finish.

  1. A new window will open. Click Next.

  1. On the Certificate Assignment Summary page, review the certificate information and click Next.

  1. Once the execution is completed, review the status using view log and clock Finish to exit.

  1. To request and assign a certificate for the OAuthTokenIssuer repeat the process under the Certificate Wizard.
  2. Once completed your Certificate Wizard should be completed.

Start Services

Now we have completed the installation and assigned certificates and has come to the point of starting up Lync services for this server. You can do a server restart where at this point which will make all the services run Automatically. But if you want to start the services manually follow the below steps.

  1. Go to Start.
  2. Open Skype for Business Server Management Shell

  1. Type the below command and press enter

    To start the entire Front End Pool     – Start-CsPool

    To start only a single Front End Server     – Start-CsWindowsService

  2. Once the startup is completed navigate to Windows Services MMC and verify that all Skype for Business Server Services are in a Running Status.

  1. Now go to Start, open Skype for Business Server 2015 Control Panel. (Ensure Silverlight is installed)

Now you can perform enabling users and perform other configuration tasks.

    Please note that the above information is provided “AS IS” with no warranties, and confers no rights. The content may be changed as and when the finalized information is been publicly announced by Microsoft.

In Place Upgrade Skype for Business Server 2015 Step by Step

with 15 comments


Introduction

The below section describes a step-by-step guide for upgrading a Microsoft Lync Server 2013 to Microsoft® Skype for Business Server 2015. Unlike previous versions of Lync, Skype for Business now supports in-place upgrading. Meaning that you can use your existing Lync Server 2013 hardware to be used for Skype for Business. Read more here.

The installation considers a single server environment with a Lync Server 2013 with the basic roles collocated. Additional details of the topology and architecture of the lab environment which was used in the installation is described here;

Domain Controller
Operating System Windows Server 2012 R2
Forest func Level Windows Server 2012 R2
Domain func Level Windows Server 2012 R2
Lync Server 2013
Operating System Windows Server 2012 R2
Server Edition Lync 2013 Standard Edition

Note: The in-place upgrade requires all Lync Server 2013 services to be stopped. Therefore a mandatory user downtime will be required for an approx. of 60-90 minutes (may vary). So as a best practice;

  1. Choose a weekend for your upgrade.
  2. Notify all users of the downtime.
  3. Take backups.
  4. Get some pop-corn, a movie and a Red Bull.

The upgrade process for S4B is quite easy and features 5 steps;

  1. Prepare Environment and Install prerequisites
  2. Upgrade, Publish Topology and upgrade databases using Topology Builder.
  3. Stop all Lync Server 2013 services.
  4. Perform in-place upgrade.
  5. Start Services, verify and Go home!

Prepare Environment and Install prerequisites

Ensure that your Lync Server 2013 server has the latest patches. Download and install following hotfixes, patches;

  • Install CU5+ latest hotfix to Lync 2013 topology
  • PowerShell RTM version (6.2.9200.0) or later
  • Have at least SQL server 2012 SP1 installed*
  • Operating System Hotfixes:

*Lync Server 2013 comes with and installs SQL server 2012 express natively. However you may need to update your SQL express with the SP1 or later.

Note: In case you missed any S4B prerequisites, fear not. The Upgrade wizard will check and ask you do get the requirements installed and you can resume the setup.

Upgrade, Publish Topology and upgrade databases using Topology Builder

Note: It is required that the Skype for Business Topology Builder installation should be performed on a server or a workstation that has not been configured with any Lync Server 2013 components. For the demonstration of the lab, a Windows 8.1 workstation will be used.

  1. On a Server/Computer that has no Lync Server roles deployed, insert the Skype for Business installation media.
  2. Navigate to X:\Setup\amd64\ and run Setup.exe
  3. On the installation page, select the Update option and click Install.


  1. On the End User License Agreement page, select the I accept term and click OK.


  1. The Setup will install the core components.



  1. Once the installation is completed, click Finish to exit the wizard.


  1. Click Start, search and run Skype for Business Server 2015 Topology Builder.


  1. On the Topology Builder window, select Download Topology from existing deployment and click OK. This will download the existing Lync 2013 topology.


  1. Save the topology to a preferred location.
  2. On the Topology Builder, expand and navigate to Skype for Business Server > Lync Server 2013 > Standard Edition Front End Servers. (This is your existing front end pool)


  1. Right click on the FQDN of the Lync 2013 under the Standard Edition Front End Servers section and click on Upgrade to Skype for Business Server 2015.


  1. On the confirmation window, click Yes. (Please note that this step is not reversible)


  1. Once completed, note that your existing Lync 2013 Front End server(s) will be moved and listed under the Topology Builders’ Skype for Business Server 2015 section.


  1. On the topology builder, right click on the Skype for Business Server and select Publish Topology.


  1. On the Publish Topology window, click on Next.


  1. On the Select databases page, select the database that will be used to publish the topology and click Next.


  1. Now the new topology will be published.


  1. Once the wizard is completed, verify that the status of all steps are Successful. Click next to exit.


Stop Lync Server 2013 services

Now that the Lync topology is marked as ‘To be upgraded’, we will be shutting down all Lync services running on all Front End servers within the pool. Note that during this time users will be affected with a downtime. If you do not wish to have a downtime, you can move the users to a different pool as a temporary measure.

  1. Navigate to a Lync Server 2013 server.
  2. Open the Lync Server Management Shell.
  3. Type the below command and press enter. This will stop all Lync 2013 services on the server.

    Disable-CsComputer -Scorch


Perform In-place Upgrade

Now that we have stopped all Lync 2013 pool services in all the front end servers, we will move with the in-place upgrade of Skype for Business Server 2015.

  1. Navigate to the Lync 2013 Front End server.
  2. Locate the installation media on your computer, and then double-click \Setup\amd64\Setup.exe
  3. Microsoft Visual C++ setup will be installed.


  1. Once completed, the Skype for Business Upgrade Setup wizard will be loaded.
  2. You can choose an option to whether to install any updates at this stage or install them later. Click Next to proceed.


  1. On the License Agreement page, accept and click OK.
  2. Now a new window will be loaded that will give a real time status of your in-place upgrade.


  1. Each performed task and relevant information will be displayed on the lower part of the window.


  1. Skype for Business will now perform the upgrade process as shown in the upgrade window.


  1. If any prerequisites is missing, the installation will prompt for the missing bits. Install the missing bits and you can continue from Step 2 where the setup will resume from where it left off.
  2. Once the upgrade process is completed, ensure all tasks have been executed successfully and click on OK.


  1. On the Next Steps page, review and click OK.


Start Services

Prior to starting the services of your Front End Servers/Pool ensure that all servers within the selected pool is successful with the In-Place upgrade setup. Once this term is ensured, the following command will be run on a single Front End server that will start Skype for Business services on all the services within the pool

  1. Navigate to Skype for Business PowerShell console.
  2. Start all Skype for Business services on the server by running the following command.

    Start-CsPool

Now it’s time to test and verify that all services are up and running. You can use the Event viewer and Logs to collect information for any warnings and errors.

Keep calm and Skype on!!!

Note:Please note that the above information is pre-release content, therefore provided “AS IS” with no warranties, and confers no rights. The content may be changed as and when the finalized information is been publicly announced by Microsoft.

From Lync to Skype for Business, Upgrade or Migrate.

with one comment

[Update] – Upgrade to Skype for Business 2015 Step by Step Guide.

If you are on Lync 2013, Kudos! Microsoft’s V.Next UC line up, already named as ‘Skype for Business’ deployment now features an In-place upgrade path!

Lync Server 2013, compared to Lync Server 2010 had many architectural and backend differences. This led all Lync 2010 admins with only one option, go for a Migration; provision brand new servers, deploy Lync 2013 servers side by side, enable interoperability between the new Lync 2013 and Lync 2010 in a coexisting environment.

Untitled

The major downside here was the fact that you need to have new hardware provisioned, and that came with a cost! Larger your environment, less likely your budget will get approved. Worst case, you are going to end up with lot of un-used hardware as well after decommissioning the 2010 environment. However, the features and benefits of Lync 2013 always went way higher comparing the cost.

Lync vNext, Skype for Business now supports In-Place Upgrade. Meaning, if you have a Lync Server 2013 environment, you can use the existing hardware to upgrade into Skype for Business 2015. The in-place upgrade also ensures that your environment goes through a smoother upgrade process with minimum effort.

Ok so life’s good for everyone with Lync 2013, but what about Lync 2010? Let’s see what options you have in terms of moving from Lync to S4B.

Existing Environment In place upgrade supported? Migration supported? Service/User downtime required?
Lync 2010 No Yes No
Lync 2013 Yes Yes Required for in-place upgrade scenario
Lync 2013 + 2010 coexisting Yes, Lync 2013 to S4B upgrade (Step 02) Yes, Lync 2010 > 2013 migration (Step 01) Required for in-place upgrade scenario

Lync to S4B transition can be performed in two ways;

  • Migrate users mode (no downtime for users) – Users will be moved across pools or 2010/2013 to S4B pool while keeping all services running and therefore no downtime or impact for users.
  • Offline mode (downtime required for users) – In scenarios where am in-place upgrade is to be performed, the services on the server that will be upgraded needs to be stopped and therefore user downtime will be required until upgrade is completed.

 

 

 

Please note that the above information is provided “AS IS” with no warranties, and confers no rights. The content may be changed as and when the finalized information is been publically announced by Microsoft.

Written by judeperera

March 11, 2015 at 3:50 am

How to switch between Skype for Business and Lync Client UI

with 8 comments

We are all going to get a new client for Lync and it is going to look a lot more like Skype. But here’s an interesting thing. With this new client, named “Skype for Business Client” now you or in many instances the administrator of your organization has the ability to change the UI of the client, either to;

  • Skype for Business Client
  • Lync 2013 Client

This new Dual User Experience mode that controls the Lync/Skype UI is managed via in-band settings. The client is by default configured to check for the Server Version of the environment and set up the looks. The below table lists what you may see by default.

Server Version Default Client UI
Skype for Business on-prem Skype for Business
Skype for Business Online Skype for Business
Lync Server 2013 Lync 2013
Lync Server 2010 Lync 2013

 

Although this is the case, the Lync/S4B administrator always have the option to change the UI via changing in-band policy settings that will manually override the default UI. There will be a Client Policy parameter that will determine the default UI for users within the organization. To enable the Skype UI and Lync 2013 UI the following commands can be run from the server end respectively.

Set-CSClientPolicy -EnableSkypeUI: true

Or

Set-CSClientPolicy -EnableSkypeUI: false

So what happens from the users end? Head over to REGEDIT, Navigate to

HKEY_CURRENT_USER\Software\Microsoft\Office\Lync

and notice the value for EnableSkypeUI;

  • 00 00 00 01 – Skype for Business UI
  • 00 00 00 00 – Lync 2013 UI

 

However, there’s a catch. Based on the UI that you choose to have, the features may vary as show below.

Feature Skype UI Lync UI
First Run Experience Yes No
New Emoticons Yes Yes
Call and Video Monitor Yes No
Call via Work Yes No
RCC No Yes
Rate my call Yes Yes
Server side conversation history Yes Yes
Skype-Lync Video Interop Yes Yes

 

d

 

 

Update: Amanda Debler has written a nice piece of code that will help you to get the UI switched in seconds, you can grab the powershell script here.

Please note that the above information is provided “AS IS” with no warranties, and confers no rights. The content may be changed as and when the finalized information is been publically announced by Microsoft.

Written by judeperera

March 10, 2015 at 9:25 am