How to set custom presence states in Skype for Business on your Windows machine

This works on Windows 10, Windows 8, Windows 7, Lync and Skype for Business desktop clients. Requires administrative rights to your computer

Wouldn’t it be cool if you could change your presence state in Skype for Business to match you current task such as busy in a Workshop, Do Not Disturb in a Pomodoro Sprint or Away Getting Coffee?

Turns out, you can by creating an XML file and adding a setting in your local registry. How? The easy way is to download my script, change the custom presences that is predefined in the script and run it.

  1. Download the script from TechNet Gallery
  2. The default custom presence states which are shown below
  3. To change the names you need to open the script and write your own presence states
    • Away does not work as a custom presence state, if you put that in no custom states will show up in the client
    • The presence states that works are: Online, Busy, and Do-Not-Disturb
  4. to run the script, just type the following in PowerShell in elevated mode from the location you saved it
    • .\Set-CsCustomPresence.ps1
    • It works for Lync and Skype for Business
    • It works for 64-bit and 32-bit office
    • It works for MSI installed Office and Click-to-Run Office
    • The xml file will get stored under c:\_CustomPresence\CustomPresence.xml if that is your systemdrive
  5. You need to sign out of the client and back in for the changes to take effect
  6. The presence states works in the following scenarios
    • On English Skype for Business clients for you and your colleagues
    • On Skype for Business clients in your local location retrieved using (Get-Culture).LCID
    • For everyone in your Colleagues relationship level as long as they are running a client language version specified above
    • If you want external contacts to see your custom presence state you need to elevate them as colleagues in the relationship pane
      • Understand that they will also see you as in a meeting, in a call, your note and your location as well
    • If you are in an environment with more than two languages for you Office deployment, make sure you add an LCID per language in the script

Download the script here and use PowerShell to control your presence using the Lync 2013 Client SDK described here

You can now control you custom presence states using PowerShell, if you have installed the SDK, using the Publish-SfBContactInformation.ps1 found on GitHub here with this syntax

Publish-SfBContactInformation -CustomActivityId 1 -PersonalNote "Getting Stuff Done" -Location "@HomeOffice"

How to install the Lync 2013 Client SDK

To install the Lync 2013 Client SDK you need to have administrator rights to your computer. This works on Windows 10, Windows 8, Windows 7, Lync and Skype for Business desktop clients.

Why would you install the SDK? Because you can then play with some of the client settings such as presence states using PowerShell. How can  you do that? Download and use this script 

How to installing the SDK without having to install Visual Studio

  1. Download the Lync SDK from this link, do not run the exe file
  2. To avoid the requirement to have Lync 2013 installed and the need to install Visual Studio, you need to extract the files using winrar
    • You will then get two msi files
    • Run the one that matches the bitness of your Office installation
      • To find out if you have a 64-bit Office or a 32-bit Office
        • Open Word, go to file->Account->About Word and see you version as in the picture
      • Install lyncsdk86.msi if you have a 32-bit Office
      • install lyncsdk64.msi if you have a 64-bit Office
  3. You have now successfully installed the Lync 2013 SDK
    • Microsoft has not released a SDK for Skype for Business, but the Lync 2013 Client SDK works great

To get the most out of the use of the SDK, read my blog post on creating custom presence states that you can control using the PowerShell script mentioned above with the example below

Publish-SfBContactInformation -Availability "Available" -ActivityId available -PersonalNote "Getting Stuff Done" -Location "@HomeOffice"

Launching OneNote LifeHacks YouTube series

I am starting a YouTube series called OneNote LifeHacks. I will share detailed tips on how to set up OneNote to work for you. My system has 5 steps

  1. You wanting to change your habits
  2. Capture to OneNote collection section from all platform
  3. Processing and organizing information
  4. Prioritize using custom tags and find tags to create todo lists
  5. Executing on the lists and induce flow using the Pomodoro Technique

The system is heavily inspired of Getting Things Done, Inbox Zero and the Pomodoro Technique, and you can incorporate good habits that resonates with well with you. It is a robust system and all you have to do is to get started with the capture process and the rest you can do as a bonus

Check out my OneNote LifeHacks explained video

The YouTube series is based on my popular OneNote talk from MVP Community Connect in Madrid 2017 and my article on getting started with OneNote in structured way that I wrote in august 2016. The article has more than 6000 views and are still very popular. The video has over 11500 views and over 130 likes with good feedback. This is very motivational and makes me want to share more of my tips and tricks to succeed with OneNote and get stuff done using some productivity methodologies like GTD and the Pomodoro Technique

Catch me at Microsoft Ignite 2017 where I am talking about OneNote LifeHacks in a 20 minute theater talk. Will be happy to share tips and tricks in OneNote productivity

My thoughts on Pexip getting certified for Skype for Business

This is good news! The certification process validates the seamless way Pexip Infinity Fusion integrates with Skype for Business Server 2015 meetings. Pexip has the ability to integrate video endpoints seamless in to Skype for Business meetings so that anyone from any device can call in to a the meeting and join with audio, video and screen sharing both ways.

The Pexip and Skype for Business integration explained in one picture

Why the certification at this point?

Personally I see a lot of enterprise customers moving to Skype for Business Server for VoIP and meetings including moving their telephone conferencing solution. If the enterprise has video endpoints from other vendors the end-user story becomes complex. The goal is always to have as few options as possible when it comes to how to do meetings to ensure widespread adoption. Pexip helps with this story and they can even register endpoints directly which helps the enterprise decommission older outdated and complex video servers and still keep the meeting room investments. Another reason for this move by Microsoft is probably that Cisco has a good video interoperability story with their acquisition of Acano that happened in 2016. Also their own offering, the Video Interoperability Server (VIS) that was introduced with Lync Server 2013, has not seen much development since it’s release. The VIS role has the limitation that it only works with certain Cisco endpoints and only with internal endpoints without any firewall between the endpoints and Skype for Business Servers.

What does the integration look like?

From a video endpoint that is internally registered on separate video servers or directly to Pexip, all they have to do to join the Skype for Business meeting is dial the Skype for Business meeting conferencing ID and join directly in to the meeting. For external endpoints that is not registered to any local video servers, they need to dial skype@domain.com and type the conference ID when prompted to join the meeting. To learn more about the capabilities and setup process read my blog post on the subject

How it looks like when a Pexip registered endpoint joines a Skype for Business meeting, from my blogpost on how to set it up

Why this has a big impact for customers

A lot of enterprises moving to Skype for Business has an existing investment in video based meeting rooms. In my design process I always ask what their meeting rooms look like and what kind of equipment are being used. Many larger organization has many vendors for video and audio in their meeting rooms and are not ready to replace all that technology with Skype for Business based equipment. The Pexip integration helps them capitalize on the investment already made and still succeed with Skype for Business. This helps with flexibility when designing future meeting rooms and ends the technology debate regarding what vendor is best. You can have the best of both worlds and remove the technology barrier for meetings.

What does the certification entail?

Here is what Microsoft writes about the certification process “The Skype for Business Certification Program is designed to offer Microsoft customers badges or designations as indicators of third party solutions that demonstrate a high quality experience and compatibility when used with Skype for Business. Only products that pass the specifications outlined in the Skype for Business Certification Program can be associated with each designation. Specifications are designed specific to each category based on, but not exclusive to, industry standards, enterprise class solutions, functional interop or audio/video quality. All vendors participating in Skype for Business Certification Program participate in common support infrastructure (TSANet) for rapid resolution of support tickets.”  Read more here

In short, it means both Microsoft and Pexip has tested, adjusted and validated the integration and that both parties support the solution and will work together to resolve any unforseen issues. This is good news for customers and partners that use and work with both Microsoft and Pexip.

To sum it up

Pexip is now supported by Microsoft when integrating with Skype for Business meetings. This is good news for customers because they can now easier choose best of both worlds when designing meeting room experience. Removing the meeting technology barrier results in widespread adoption in the enterprise. The focus of this certification is clearly Skype for Business Server meeting integration for enterprises. Pexip has other capabilities such as support for hybrid topology, distributed meeting across servers in a global environment and scale-out capacity using Azure. I am looking forward to see how this relationship develops and working with helping enterprises succeed with Skype for Business user adoption in all scenarios.

References

How to Integrate Pexip with Skype for Business meetings

Skype for Business video interoperability is one of two technology barriers we need to tear down to make sure users succeed with Skype in all scenarios. Being able to invite anyone to a Skype for Business conference regardless of vendor is the key to large-scale user adoption. Pexip is one of few vendors that are able to integrate seamlessly with Skype for Business Server meetings so that anyone can call in to a Skype meeting and join with audio, video and screen sharing both ways.

In this post I will show you how to configure Pexip to integrate with Skype for Business meetings and how to test using the Pexip Infinity Connect soft-client. The goal is to have the ability to join a Skype for Business meeting with any VC Endpoint by using the Skype for Business dial-in conference ID. Read more about what features you can expect from Pexip. Here is how you do it

At the end of this post you will be able to join a Skype for Business meeting from any endpoint

You are about to learn how to do the following

  • Make sure you read my previous blog post on What you need to know to get started with a Skype for Business and Pexip PoC where I explain how to set up the Pexip servers and enable a simple test call between Pexip and Skype for Business
  • Configure direct registration of a VC Endpoint to Pexip
  • Create a new Call Routing rule for the ability to dial the Skype Conference ID directly
  • Create a Virtual Receptionist for the ability use a fixed alias to join meetings
  • Create a dial-in conferencing number and adjust the Skype meeting invitation
  • Validate the configuration by dialing in to a meeting from the Pexip Infinity Connect client
  • Next Steps

Configure direct registration of a VC Endpoint to Pexip

  • Log on to the management node web admin site
  • Navigate to Service Configuration -> Device Aliases
      • Device alias could be PexipUser@vc.contoso.com
        • vc.contoso.com is my video conferencing domain
        • My Skype for Business SIP domain is contoso.com
      • Leave the rest blank and delete the password, in that way you will not get challenged with a username and password when registering
      • Click Add Device alias
  • Click Save
  • Now we have created a user for our test client
  • next we will need to create a new call route

Create a new Call Routing rule for the ability to dial the Skype Conference ID directly

  • Navigate to Service Configuration -> Call Routing rule
  • Click Add Call Routing Rule
    • Name is Dial directly in to a Skype Meeting using conference ID
    • Priority needs to be unique and set it to 70
    • Set When Matching incoming Gateway calls to all except Lync / Skype for Business
    • Set Destination alias regex match to: (\d{5,7})(@(vc\.)?contoso\.com)?
      • This assumes your SfB Conference ID is between 5 and 7 digits, modify 5,7 to fit the lengths of your Conference IDs.
    • Set Destination alias regex replace string to: \1
    • Set Call target to Lync / Skype for Business Meeting direct (not via Virtual Reception)
      • This allows the routing rule to resolve the Conference ID to a meeting URI and connect to it directly
    • I set the Outgoing location to my primary site, MainDC
    • Make sure the correct Lync / Skype for Business server is chosen
      • in my case it is my Standard Edition server called SfB1.contoso.com
    • Click Save
    • The result of the Call Routing configuration should look like this

Create a Virtual Receptionist for the ability use a fixed alias to join meetings

  • Navigate to Service Configuration -> Virtual Reception
  • Click Add Virtual Reception
    • Name: Contoso Skype Meeting Reception
    • Show Advanced options
      • Lync/Skype for Business server: SfB1.contoso.com
        • your Skype for Business server, in my case it is the SfB1.contoso.com standard edition server
      • Lync / Skype for Business meeting lookup location: MainDC
        • The Pexip location where your Skype integrated conferencing node resides, in my case it is MainDC
    • Aliases (Typically add a few options for aliases as VC endpoints might be able to dial different things)
      • Alias1: skype@vc.contoso.com
      • Alias2: skype@contoso.com
        • in case someone types just contoso.com from a VC Endpoint
      • Alias3: skype
        • In case someone wants to just type Skype from a VC Endpoint
  • Click Save
  • Now, let’s validate the Skype for Business requirements for this to work

Create a dial-in conferencing number and adjust the Skype meeting invitation

  • On the Skype for Business Server, open Skype for Business Control Panel
  • Navigate to Conferencing -> Dial-In Access Number
    • If you have a dial-in access number already you are all set
    • If you do not have a dial-in access number and you do not have a SIP trunk integration, you can use a dummy number
      • The reason for needing the dial-in access numbers is that it will generate a conference ID with each meeting invite, this is the ID that Pexip will use to join the conference
      • Click New
        • In Display Number, type the phone number as you want it to be displayed in the meeting invitation
          • in my case it is +4721402075
        • Display name, is typically the location or country where this number is homed
          • In my case it is Norway
        • Line URI, is the actual number formatted as a line uri
          • in my case it is tel:+4721402075
        • SIP Uri should be a name and domain for the dial-in access number
          • in my case it is sip:Norway@contoso.com
        • Pool is where the number is homed, this applies if you have multiple pools
        • Choose Primary language and secondary language
        • Choose the region the number is the primary number for, in my case it is Norway
          • If you cannot find a region here, you need to add one before you can create a dial-in access number
          • You can add one by going to Voice Routing -> Dial Plan, click on Global and write a name for your region in the region field
            • If you do not want to modify Global you can either create a Site, Pool or User dialpan.
            • User dialplan needs be added manually to users.
        • Now you are ready to create and save the dial-in access number
      • Click Commit
  • Now, let’s add some text to the meeting invite to reflect the ability to join from a VC Endpoint
  • Navigate to Conferencing -> Meeting Configuration
    • Edit Global or create a new Site or Pool configuration
      • A meeting configuration will apply to all users within pool, site or global
      • In the Custom footer text type an appropriate text to reflect the Pexip integration
        • Example: To join the meeting from a Contoso video endpoint, just dial the Conference ID. To join the meeting as an external video endpoint participant use skype@vc.contoso.com and enter the Conference ID when prompted
      • If you want to change the logo url, the link needs to hosted on a public site and the size should be a gif or jpg and the maximum size of the image should be 30 pixels high by 188 pixels wide for best result
    • Click Commit
  • Now you are ready to validate the meeting join experience

Validate the configuration by dialing in to a meeting from the Pexip Infinity Connect client

  • Download the Pexip Infinity Connect client and install it
  • Click the cogwheel and type your name and scroll down to registration
    • Sign in using pexipuser@vc.contoso.com or the Device User you created
    • Server address is the IP address or FQDN to your Pexip Conferencing node
      • In my case it is pexip2.contoso.com
    • leave username and password blank as we did not specify that when creating the Device alias
    • Click Register and ok to exit the setup
  • We are going to do three tests
    1. Type testcallservice@vc.contoso.com and call the Pexip Test Call Service
      • This is a service I created in my initial setup blog post found here
      • Verify that you are able to resolve it, call it and have it play back your sound with a two second delay
    2. Call in to a Skype meeting using the Virtual Reception user we created
      • First, log on using Skype for Business and create a ad-hoc meeting
        • You can do that by clicking the cogwheel drop down in the client
        • Click Meet Now
        • When joining the meeting with your Skype for Business client, click the three dotted button and click Meeting Entry Info
        • There you will see the Conference ID for that call
      • Go back to the Pexip Infinity Client
        • Type skype@vc.contoso.com, see that it resolves presence and dial it
        • When prompted for the Lync Conference ID, type the one from the Skype meeting
          • in my case it is 11127
        • Click connect and see that you are joining the Skype for Business meeting and notice that you are joining as Pexip User and not as a Pexip conference
      • This is great stuff and it means that the Virtual Reception user we created works and that the Call Routing rule with the .+@contoso.com.* regex rule is working.
      • But there is one more thing we can test
    3. Call in to a Skype meeting by dialing directly using the Conference ID
      • This is possible for internal VC Endpoints
      • Close down any existing calls on the Pexip Infinity Client
      • In the Pexip client type the conference ID
        • In my case it is 11127
      • Call using video and verify that you are able to join the meeting directly as Pexip User
      • When this scenario succeeds it means that the Call Routing rule with (\d{5,7})(@(vc\.)?contoso\.com)? regex rule worked
    4. Celebrate that your Skype for Business meeting integration with Pexip works
      • As a bonus, you should of course be able to dial the Skype user directly from the Pexip User by using the Skype sip address and the other way around

It is always #GoodTimes when you are able to validate a new deployment

Congratulations! You have now set up a fully integrated Skype for Business and Pexip deployment. This is all there is to it and a basic video interoperability service is now in place. Your Skype for Business adoption is a key ingredient for success and there is one less blocker for widespread use of Skype in your organization. Check out the next steps below for configuring Pexip to work with external and federated traffic and how to integrate Pexip with other video systems

Next Steps

What you need to know to get started with a Skype for Business and Pexip PoC

Skype for Business video interoperability is one of two technology barriers we need to tear down to make sure users succeed with Skype in all scenarios. Being able to invite anyone to a Skype for Business conference regardless of vendor is the key to large-scale user adoption. Pexip is one of few vendors that are able to integrate seamless with Skype for Business Server meetings so that anyone can call in to a Skype meeting and join with audio, video and screen sharing both ways.

The other technology barrier is audio interoperability that we can tear down by enabling users for Enterprise Voice, but that is another story. This post is about setting up that first Proof of Concept solution on Hyper-V and be able to make a test call between the systems. The focus is internal setup. How to integrate with a Skype for Business meeting invitations is a separate blog post. Personally, I wanted to learn how to set up Pexip for Skype for Business integration. My experience with Pexip so far is that it is easy to get started with and my goal for this post is to demystify the initial setup experience.

At the end of this post you will be able to validate the setup with the Pexip Test Call Service

I will walk you through the following topics

  • What you need to know before you start
  • Setting up the management node
  • Requesting the certificate
  • Setting up the conference node
  • Configuring the integration on the Pexip side
  • Configuring the integration on the Skye for Business side
  • Validate the setup using the Pexip Test Call Service
  • Next step actions

What you need to know before you start

  • Hyper-V on Windows Server 2012 or later
    • VMware, Xen 4,2 and KVM are also supported
  • Plan for two internal nodes
    • Management node with 2 CPU cores, 100 GB of disk and 4 GB memory
    • Conferencing node with 10-12 CPU cores per socket, 1 GB of ram per core and 50 GB disk, it is recommended to have a bit of available capacity (200 GB ++) to do snapshots prior to upgrades etc
    • Read more here
  • Make sure you have an available NTP server, default suggestion is a public server
    • If your Pexip server does not have access to internet, point it to your DC, make sure UDP port 123 is accessible from non-domain joined devices
  • Plan DNS names and certificates since it is going to talk to Skype for Business, the Pexip servers need to have certificates from a trusted PKI
    • There are web-based tools available on the management node to make the request and import the pem certificates
    • you can use the same certificate on the management node and conference node as long as it contains all FQDNs
      • The integration requires that the trusted application pool name is the subject name of the certificate, in my setup the following names were used
      • pexip.contoso.com, Pexip1.contoso.com, Pexip2.contoso.com, Pexip3.contoso.com, Pexip4.contoso.com
      • the Pexip is the poolname, Pexip1 is the management node and Pexip2 is the first conferencing conferencing node
        • Pexip3 and Pexip4 is there for future conferencing nodes for high availability
    • Make sure you update internal DNS with pexip server names, pool name does not need to be in DNS, but if you want to add it, point it to your conferencing nodes
  • You also need a trial license to be able to make and receive calls through the Pexip Conferencing node, you can get a trial license through your Pexip contact

Setting up the management node

  • Head over to the Pexip Download page and download the Pexip Infinity Management Node for Microsoft Hyper-V virtual machine
  • Before you import the virtual machine, make sure you have a virtual switch you can connect it to that is in the same network as your NTP server or has internet access
  • In Hyper-V manager choose import virtual machine and navigate to the location where you extracted the Pexip Management virtual machine, click next and choose all the standard configurations.
    • When asked for a virtual switch, choose the one that has access to your NTP server or internet
  • After you have successfully imported the machine you are ready to boot it and start configuring it
  • Booting the VM you will be asked to log in as admin and change the password
    • Make sure you take note of the password you specify
  • The installation wizard will start and you will be asked to specify IP address and details for your Pexip Management node, I used the following values
    • IP Address – 192.168.10.174
    • Subnet Mask – 255.255.255.0
    • Default Gateway – 192.168.10.1
    • Hostname – Pexip1
    • Domain – contoso.com
    • DNS Servers – 192.168.10.172
      • in most cases this will be your internal DNS servers
    • NTP Servers – ntp.contoso.com
      • This is contoso.com internal ntp server residing on the domain controller
    • Web User – username for Web Administrator: web admin
    • Web Password – password for the web administrator:
      • You will use the web user and password to log in to the management webpage
    • When all values are set correctly and the Pexip server can reach the ntp server the installation wizard will finish the setup using the values specified above
      • In order to change web user password or name of the management node you will need to rerun the installation wizard and reconfigure the management node from scratch
      • The installation will look like this
  • When the wizard is finished and the Management Node has rebooted you will be able to log in to the administration website by navigating to https://pexip1.contoso.com or the IP address from a web browser
    • Now you are ready to configure the Skype for Business integration, but before that you need to assign a trusted certificate and configure a conferencing node

Requesting the certificate

  • The certificate assigned to the internal Pexip servers needs to be trusted by a local or public certificate authority
  • In this example I will generate the certificate request from the management node and use the internal PKI solution to generate the certificate
  • By importing it back in the Pexip certificate utility you will get the correctly formatted pem certificate with corresponding key
    • I am impressed by the simplicity of this tool and it is a great tool to use
    • The usual process for creating pem certificates is a mess and this is an easy and straight forward approach
  • To request and assign the certificate, the following needs to be done
    • Log in to the Pexip web admin
      • notice you will get a certificate trust issue the first time you log in
      • we will use the certificate we now request to assign to the management node as well and the certificate trust message will go away
    • Navigate to Utilities -> Certificate Signing Request and click Add Certificate signing request
        • use pexip.contoso.com as subject name, this is the Skype for Business Trusted Application Pool Name
        • Add pexip1.contoso.com, this is our management node
        • Specify custom subject alternate name as pexip2.contoso.com, this is the conferencing node we are configuring after we have imported the certificate
        • We are also adding pexip3.contoso.com and pexip4.contoso.com so that we can use the same certificate for future conferencing nodes.
    • Click Save
    • Click the newly created request and view the request details
    • At the bottom of the page you will see a download button where you can get the request file
    • Open it in notepad and copy all the text
    • Navigate to your certificate server request website
    • Click request certificate -> submit and advanced certificate request -> Submit a certificate request by using….
    • Paste your request and choose the appropriate template, typically Web Server
    • Download the Base 64 encoded certificate without chain and save your certnew.cer file
    • Navigate back to the Pexip certificate signing request
    • Import the file at the bottom of the page and confirm that the certificate text is shown in the window as shown below
    • Click Complete to finish the certificate request
    • Now you have successfully imported the request
      • verify that the status is green OK and that Found 2048 bit RSA key is present and in green
    • On this page you can assign the certificate to pexip1.contoso.com and we will use the same certificate and assign it to the conference node we will create in the next section
    • Hit Save at the bottom of the page and you have successfully imported and assigned the certificate, no reboot is required
    • You also need to make sure the Pexip servers trust the Root CA chain
      • To check if it is automatically imported, navigate to Platform Configuration -> Trusted CA certificate and see if the Root CA is assigned
      • If it is not you need to navigate to your certificate server request website again
      • This time click Download a CA certificate, certificate chain, or CRL
      • Select Base 64 and click Download CA certificate
      • Import the certificate by navigating to Platform Configuration -> Trusted CA certificate in the Pexip web admin

Setting up the conference node

  • Now you are ready to set up the Pexip Conferencing Node
  • This is surprisingly easy, just follow these steps
    • Log in to the Pexip Management Node web admin
    • Navigate to Platform Configuration -> Conferencing Nodes
    • Click Add Conferencing Node
    • Select Manual (Hyper-V)
    • Use default number of virtual cores and memory
      • If you add more cores, make sure you add 1 GB memory per core
    • Fill out as shown below, use the certificate we requested earlier containing the pool name which in my case is pexip.contoso.com
      • If the pool name is not the subject name of the certificate you will get TLS error when Skype for Business wants to set up a TLS connection to the conferencing node
      • You need to specify a system location which is basically what DNS servers to use, I called it MainDC
      • Remember to set SIP TLS FQDN. It must be set to the full hostname of this specific conference node, in my case it is pexip2.contoso.com. Make sure you are not inserting the poolname here, as it will cause failure scenarios when adding more conference nodes and a difficult troubleshooting scenario.
    • Remember to specify SSH password at the bottom of the page
    • Click Finish
    • Now you will be able to create the Hyper-V VM with the correct settings, it will get generated on the management node and then you can download it and copy it over to your Hyper-V host and import it
    • In order to correctly import the VM you can follow Pexip Director Solutions Architecture, Graham Walsh’s, post on Setting up Pexip Infinity with Microsoft Hyper-V Server 2012
    • You can start at Step Nine
    • After successfully booting the conferencing node you will see that it connected ok under Status -> Conferencing Nodes

Configuring the integration on the Pexip side

  • The Pexip side of the configuration
    • Log in to the Pexip Management Node web admin
    • Navigate to Platform Configuration -> Global Settings
      • Under Connectivity and Pexip Infinity Domain (for Lync / Skype for Business integration) set vc.contoso.com
        • which is the domain you are routing from Skype for Business to Pexip and needs to be something different from the SIP domains you have added to your Skype for Business deployment
      • Optionally you can check Enable Lync / Skype for Business auto-escalation
        • This will answer all calls with video, even though you have called with only voice from the Skype for Business client
        • Personally I think it may be confusing for VC Endpoint users to not answer with video, but that is just my thought on the subject
      • You should however check Enable Lync / Skype for Business Video-based Screen Sharing (VbSS)
        • This enables the ability to do VbSS in calls where Skype for Business is using this, it is always preferred to use VbSS whenever possible, that is why you should alway prioritize screen sharing over application sharing in Skype for Business.
        • Read about the advantages with VbSS
    • Navigate to Call Control -> Lync / Skype for Business Servers
      • Click Add Lync / Skype for Business server
      • Specify the name, Standard Edition Server name or Enterprise Edition Pool name, choose port 5061 and make sure transport is TLS
      • Click Save
    • Prepare a Pexip Test Call Service for testing purposes
      • Navigate to Service Configuration -> Test Call Service
      • Click Add Test Call Service
      • For basic test purposes you need only define the name and alias
        • The alias needs to be a domain other than Skype for Business SIP domains
        • A typical example is vc.contoso.com, we will create a static route for this domain in the Skype for Business environment
        • In my case the Name is TestCallService and alias is testcallservice@vc.contoso.com
          • I also added a second alias just called testcallservice so that VC endpoints can dial that without adding the domain
      • Click Save
    • Create Call Routing rules
      • You need to call routing rules, one for contoso.com being outgoing and one for vc.contoso.com being incoming
      • Navigate to Service Configuration -> Call Routing
      • Click Add Call Routing Rule
        • Name it Route calls from Skype for Business
        • Priority 40, this value needs to be unique
        • Check incoming gateway calls
        • Check Match Lync /Skype for Business (MS-SIP)
        • Set Destination alias regex match .+@vc.contoso.com
        • Protocol on outgoing call placement should be SIP
        • Click Save
      • Add another Call Routing rule by clicking Add Call Routing Rule
        • Name it Route calls to Skype for Business
        • Priority 60, this value needs to be unique
        • Check incoming gateway calls
        • Check Match all other than Lync / Skype for Business
        • Check Match against full alias URI
          • This is important for the Pexip Virtual Reception to resolve Conferencing ID’s on the Skype for Business server
        • Set Destination alias regex match .+@contoso.com.*
          • The .* at the end is there for match against aliases that contain parameters after the domain portion and enables the Virtual Receptionist to discover the Conference ID on the Skype for Business server
          • Read my post on how to set up Conference ID integration here
        • Set Call target to Lync / Skype for Business clients, or meetings via a Virtual Reception
        • Set Lync / Skype for Business Server to SfB1.contoso.comClick Save and add another
    • The result of the Call Routing configuration should look like this
    • Add conferencing licenses
      • Obtain a license from your Pexip contact
      • Navigate to Platform Configuration -> Licensing
      • activate the license(es) you have received

Configuring the integration on the Skype for Business side

  • The Skype for Business part of the configuration can all be done through PowerShell
    • I have created a simple script you can run line by line in order to make sure the configuration is done correct
    • To run the configuration, log on to your Skype for Business server where Skype for Business management tools are installed, with a user that is CSsAdministrator
    • Run PowerShell ISE as administrator and paste the text below in to the text editor
      • in order to copy the text, double-click in the window, select all and copy the plain text
      • Make sure you edit the variables with the values that apply to your environment
    • Run the lines one by one in your environment
    • To get a more detailed explanation, check out the Pexip documentation
break #Just in case you accidentally run the entire script in PowerShell ISE
#Specify the trustedapplication poolname
$TrustedApplicationPoolName = "pexip.contoso.com"
#Specify the Trusted Application name
$TrustedApplicationName = "pexip"
#Specify the conferencing node fqdn
$ConferencingNodeFQDN = "pexip2.contoso.com"
#Specify the static route sip domain, typically vc.domain.com
$StaticRouteSIPDomain = "vc.contoso.com"
#Find and create a variable for the registrar you want to add the pexip integration for
Get-CsService -Registrar | ft identity
#create the variable
$RegistrarFQDN = "SfB1.contoso.com"

#Create the trusted applicationpool where you can add multiple conferencing nodes
New-CsTrustedApplicationPool -Identity $TrustedApplicationPoolName -ComputerFqdn $ConferencingNodeFQDN -Registrar $RegistrarFQDN -Site 1 -RequiresReplication $false -ThrottleAsServer $true -TreatAsAuthenticated $true
#To add more nodes, use the below syntax
New-CsTrustedApplicationComputer -Identity pexip3.contoso.com -Pool pexip.contoso.com
#Add the trusted application to the trustedapplication pool
New-CsTrustedApplication -Applicationid $TrustedApplicationName -TrustedApplicationPoolFqdn $TrustedApplicationPoolName -Port 5061
#In order to tell Skype for Business where to route SIP traffic for Pexip conference calls, you need to create a static route for our vc domain
#use Get-CsStaticRoutingConfiguration to check if there are existing static routes added, 
Get-CsStaticRoutingConfiguration
#if no existing routes are found use the New-CsStaticRoutingConfiguration to create static route, if it does exist, skip thenNew-CsStaticRoutingConfiguration cmdlet
New-CsStaticRoutingConfiguration -Identity "Service:Registrar:$RegistrarFQDN"
$route = New-CsStaticRoute -TLSRoute -Destination $TrustedApplicationPoolName -Port 5061 -MatchUri "$StaticRouteSIPDomain" -UseDefaultCertificate $true
Set-CsStaticRoutingConfiguration -Identity "Service:Registrar:$RegistrarFQDN" -Route @{Add=$route}
#Enable the new configuration
Enable-CsTopology
#Check the Trusted Application Pool configuration
Get-CsTrustedApplicationPool
#Check the Trusted Application Computer
Get-CsTrustedApplicationComputer
  • Now you are ready to make test calls

Validate the setup using the Pexip Test Call Service

  • The goal of this blog post is to help you get the basic Skype for Business and Pexip integration set up correct
  • We will validate the configuration by making a test call from the Test Call Service testcallservice@vc.contoso.com to a Skype for Business user and we will make sure we can add the meeting room to a Skype for Business contact list and see that it resolves presence and are able to call the meeting room
  • To make a call from the Pexip Test Call Service
    • Log in to the Pexip Management Node web admin
    • Navigate to Service Configuration -> Test Call Service
    • Click the VMR we created earlier called TestCallService
    • At the bottom of the page you click Dial out to participant
      • Specify Participant alias to be the sip address you are logged in with using your Skype for Business client.
        • I am logged in with adrianl@contoso.com
      • On Protocol, specify Lync / Skype for Business (MS-SIP)
      • Since we have only set up and internal solution, no firewalls should block the path between the client and the Pexip Conferencing node
      • Click Dial out to participant and you should receive the call from Pexip on your Skype for Business client, answer using video and verify that you are able to connect and can hear and see yourself with a 2 second delay
      • You will get an incoming call from TestCallService
    • Answer it and make sure you can hear the service asking you to count to three and that you can hear yourself with a two second delay
  • To make a call from a Skype for Business client
    • Search for and add testcallservice@vc.contoso.com to your contact list
    • Verify that it resolves the name of the room and presence
    • Make a video call and verify that you connect ok to the Pexip Test Call Service and that you can hear yourself with a two second delay

Congratulations! You have now set up a basic Pexip setup with your Skype for Business deployment. This is all there is to it, but of course there is more that needs to be done in order to have a fully integrated video interoperability service. Check out my post on how to integrate Pexip with Skype for Business meetings. There you will learn how to complete Skype for Business and Pexip integration with the ability to join Skype for Business meeting from any video system either directly or via a Pexip Virtual Receptionist.

Next Steps

The Fourth Edition of Office 365 for IT Pros is now available

I am proud to be part of the team that now have produced and released the The Fourth Edition of Office 365 for IT Pros. The book is regularly updated and adjusted to the ever-changing Office 365 Services. This is why there is no printed version of the book. It is available as eBook (PDF + EPUB) and is available in Amazon Kindle Store. Read more and get it here

My contribution is around the Skype for Business chapter and I explain the service from the basics, how to succeed with adoption and usage and dive in to understanding the core technology and optimizing for media quality. This is an evolving book and I will add content to the chapter as new features gets released and as more E5 features becomes mainstream.

The authors, proud to be part of the team

Personally I like the format of the book because it is written by MVP’s that works with the technology every day and have a deep understanding of the underlying technology. I was first introduced to the book when trying to understand how Office 365 Groups works and had difficulty finding relevant and updated documentation on the internet. Reading the chapter on Office 365 Groups in the book helped me get an updated and correct understanding of the service and put it in context of other services in Office 365. This is why I recommend this book to all IT Pros working with Office 365 and needs a general understanding of the entire service.

The Essential Guide to Office 365 for IT Pros

Teaching productivity soft skills at MVP Connection in Madrid June 1st

MVPCommunityConnectionI am super excited to be picked out to teach productivity soft skills to the MVP’s and Regional Directors attending MVP Community Connection in Madrid June 1st. For the past year I have developed my OneNote productivity framework that I still use and succeed with. By borrowing and combining known productivity methodology such as take back your life, Getting Things Done and the Pomodoro Technique, I will talk about stuff you already know, but still need to be reminded of.

Why OneNote? There are three factors that works well for me with OneNote

  1. Flexible notetaking tool, you can paste anything anywhere and it works great with touch and pen.
  2. Syncs across devices through OneDrive with great apps for all operating systems including mobile.
  3. OneNote tasks are key and works the same on all devices so I easily can complete a task on my mobile.

It is all about getting a finite list of all your activities and thoughts so that you can prioritize and execute on the most important task at any given time. And the result? A happy life, and a productive life :) People who have tested the framework report back that a burden has been taken off their shoulders. Turns out that your mind is for having ideas, not holding them as David Allen says. By dumping everything in your head, you free up space to relax, enjoy the moment and focus on your current task at hand.

Learn how in my LifeHack OneNote session at MVP Community Connection

LifeHackOneNote2

 

Proud to be contributing on the Fourth Edition of Office 365 for IT Pros book

I think that search engines are loosing their powers in an evergreen and ever changing Cloud World. When searching failed me for learning what I needed about Office 365 Groups I found that the Office 365 for IT Pros book had the angle and up to date answers I needed. It is kept up to date by MVPs who work with and understand the technology for what it is and what it’s not, so you know you get an up to date and thoughtful answer. It covers all of Office 365 with practical examples to get you started. I strongly believe in this format moving forward since it is difficult to search for Groups or Teams online, and when you find articles they are half a year old and may or may not be outdated. To make sure I stay up to date on my core knowledge, I offered my services to write about Skype for Business Online and hybrid. I am happy to be accepted in to the team with Tony Redmond, Michael Van Horenbeeck and Paul Cunningham. I look forward to contribute to a great collection of knowledge. The fourth edition is planned for a June 1st release, read more about it here

Totally recommend Office 365 for IT Pros if you are an Office 365 admin or consultant. Get it here

 

Microsoft Teams Preview and Office 365 Groups member mismatch and how to fix it

Office 365 Groups are at the core for next generation Office 365 services such as Planner, Microsoft Teams and Modern SharePoint Teamsites. At the time of writing (Teams preview before March 2017) I have discovered the following regarding Office 365 Groups and membership especially in an active Microsoft Teams environment, where you are adding new members directly in the Teams client.

The Short story

Microsoft Teams in preview (before march 2017) did not add new members to the Office 365 Groups in Exchange, only to the corresponding  Azure AD Group. The Azure AD Group is used to give access to SharePoint documents and adding a new Teams member gives access to the SharePoint Site. This would result in mismatch in member-count in these two groups that can be confusing for users when navigating around the different Office 365 Groups interfaces

The Long story, understanding the different groups

Creating Office 365 Groups

  • When creating an Office 365 Group a corresponding Azure AD Group also gets created
    • The Azure AD Group is used for Group write back with Azure AD Connect and permissions in SharePoint Teamsites
      • The Group write back option is only necessary if you have a hybrid Exchange environment and users hosted on-premises that needs to be able to resolve the distribution email address and its members
      • It may also be necessary for Skype for Business hybrid environments in order to be able to add the Office 365 Groups as group in the Skype contactlist
    • If you crate the Office 365 Group in GUI from Outlook, members gets added to that Azure AD Group
    • If you create the Office 365 Group using PowerShell with New-UnifiedGroup (this still applies post March 2017) and and use the -members option, members will not get added to the Azure AD Group and you get a mismatch in member count
      • New-UnifiedGroup -Members
      • Only the Office 365 Group Owner will get added to the Azure AD Group as member and this is an issue for the Group Write Back with AADC
      • A corresponding SharePoint TeamSite gets created with a member of the group with a SharePoint license logs on to either Office 365 Groups or creates a Microsoft Teams team
    • If you create the group in PowerShell and with New-UnifiedGroup without adding members and add the members using Add-UnifiedGroupLinks, then members will get added to the corresponding Azure AD Group
Recommended method to create Office 365 Groups via PowerShell

Make sure you are logged in to Exchange Online PowerShell before you start creating the group

$Owner = "stale@msunified.net"
$Users = "julia@msunified.net","Skype.buddy@msunified.net"
$alias = "MyNewOffice365Group"
New-UnifiedGroup –DisplayName $alias –Alias $alias –EmailAddresses "$alias@msunified.net" -owner $Owner -Verbose
#This is optional, but may be a good practice initally since Office 365 Groups may clutter your Global Addressbook
Set-UnifiedGroup –Identity $alias –HiddenFromAddressListsEnabled $true
#Add the member to the group
Add-UnifiedGroupLinks $alias -LinkType member -Links $users
#Validate that the members where added ok
Get-UnifiedGroupLinks $alias -LinkType member
#If you want to validate that the AD group is updated ok, run the script below without $alias=$null

Adding members to existing Office 365 Groups

  • Adding members using the Exchange Online cmdlet Add-UnifiedGroupLinks results in users getting added to both the Office 365 Group and Azure AD Group, all is good
    • If this is also a Microsoft Teams enabled group then the members will get added to the team as well within 24 hours (or so)
  • Adding members using the web UI as a user results in users getting added to both the Office 365 Group and Azure AD Group, all is good
  • Adding members from the SharePoint Teamsite UI resulted (before March 2017) in users only getting added to the Azure AD Group and you have a mismatch of user count between Azure AD and Office 365
  • Adding users from the Microsoft Teams client (before March 2017) would result in users only getting added to the Azure AD Group that gives full write access to all the corresponding SharePont Teamsite documents
    • This resulted in a mismatch between Azure AD Group and Office 365 Group and if users are expect to see the group under Groups in Outlook they will not
    • You would also get a mismatch in the memberlist in Microsoft Teams and Office 365 Groups on the web
      • if the user tried to access the Exchange components of the group they will get added to the memberlist, but not until they actively add the group or go via SharePoint Teamsite to the groupconversation button on the top right corner

Consequences

  • If you are not a member of the Office 365 Group, you are not a part of the distribution group and you will not get see the Group in either Outlook or Outlook Web App
  • If you are not added to the Azure AD Group you will not be part of the group that gets synced back to Active Directory and part of the on-premises distribution group for users hosted on Exchange Server
  • If you are not part of the Azure AD Group you will not be visible in the Graph API as there is not way to resolve member from an Office 365 Group via the API, only members from the corresponding Azure AD Group (at the time of writing, may change in the future)

Workarounds

  • Add the member in the web UI for Groups then it will get added to the Exchange part and Azure AD part of the Office 365 Group
  • Detect and remedy the different user memberships using PowerShell by detecting and adding the missing users to either Office 365 Groups or Azure AD Group

How to detect mismatch in member-count in Office 365 Groups and Azure AD Group

Below is a simple example on how to list all the groups that have a member-count mismatch between Office 365 Groups and Azure AD Groups. It is always the Azure AD group that has the most and correct set of members so that is why we add those members to the Exchange part of the Office 365 Group.

Before you run the example you need to install the latest MSOnline PowerShell V1 module and be logged in to Exchange Online PowerShell module

Find all groups with mismatch in member-count
$alias=$null
#find groups that have mismatching member-count in Office 365 groups and Azure AD groups
$Groups = @()
#Get all Office 365 Groups
$UnifiedGroup = get-unifiedgroup $alias
    ForEach ($Group in $UnifiedGroup){
        #Get the members of the group
        $UnifiedGroupLink=Get-UnifiedGroupLinks -Identity $Group.name -LinkType member | Select-Object -ExpandProperty PrimarySmtpAddress
        #If there are members in the group, check the corresponding Azure AD Group and find the members. Add the result in custom Powershell object
        if (($UnifiedGroupLink).count -ne 0){
            $AADGroup= Get-MsolGroup -GroupType DistributionList -All | Where-Object {$_.Emailaddress -eq $Group.PrimarySmtpAddress}
            $TempGroups = @()
            $TempGroups = New-Object PSObject -Property @{
                Emailaddress=$Group.PrimarySmtpAddress
                O365Members= $UnifiedGroupLink
                O365membercount= ($UnifiedGroupLink).count
                AADGUID=($AADGroup).ObjectId
                AADmembers=Get-MsolGroupMember -GroupObjectId ($AADGroup).ObjectId | Select-Object -ExpandProperty EmailAddress
                AADmembercount=(Get-MsolGroupMember -GroupObjectId ($AADGroup).ObjectId | Select-Object -ExpandProperty EmailAddress).count
            }
            #If there is a mismatch in the membercount, add the group to the final output variable and write the group to the console
            if($TempGroups.O365membercount -ne $TempGroups.AADmembercount){$Groups += $TempGroups; $TempGroups}
            $TempGroups
        }
}
#list all groups with mismatch
$Groups
#count the number of groups with a mismatch
Write-Host "Number of groups mismatching groups"($Groups).count
List all the members not present in the Office 365 Group
#Find all members that are present i the Azure AD group and needs to be added to the Office 365 Group
foreach ($CurrentGroup in $Groups){
    write-host
    write-host "Checking Group"$CurrentGroup.Emailaddress
    $NewMembers = $CurrentGroup.AADmembers | Where {$CurrentGroup.O365Members -NotContains $_} # Shows what items in $CurrentGroup.O365Members are missing in $CurrentGroup.AADmembers
    $NewMembers

}
Add the missing members to the Office 365 Group
#Add the users from the Azure AD group to the Office 365 group, the users added will not get a welcome mail.
foreach ($CurrentGroup in $Groups){
    write-host
    write-host "Checking Group"$CurrentGroup.Emailaddress
    $NewMembers = $CurrentGroup.AADmembers | Where {$CurrentGroup.O365Members -NotContains $_} # Shows what items in $CurrentGroup.O365Members are missing in $CurrentGroup.AADmembers
    Add-UnifiedGroupLinks $CurrentGroup.emailaddress -LinkType member -Links $NewMembers -Verbose
    Get-UnifiedGroupLinks $CurrentGroup.emailaddress -LinkType member

}