Forum Widgets
Latest Discussions
Unable to download 7.0.2046.524 Core Components update?
I am met with a 403 forbidden when I try to download the 5029968Cumulative Updatejuly 2023 7.0.2046.524 for Skype for Business Server 2019, Core Components fromOpdateringer for Skype for Business Server 2019 (KB4470124) - Microsoft Support I have downloaded all other7.0.2046.524 updates without problems. Does anyone know what is going on here?
Skype Meeting App issue
Having an issue with invitees joining Skype For Business 2019 meetings hosted on on-premises. Using the join meeting URL externally brings up a blank screen with the thinking wheel of dots. Using the same URL on the same browser with ?SL= appended to it brings up the Guest sign in screen.
Skype for Business Server 2019 IM Integration with Exchange Server 2019
I am having difficulty getting the IM/Presence integration to work between my on-prem Skype for Business 2019 Server and my Exchange 2019 Server. I believe I am having a certificate trust issue. On important note is that my internal domain is domain.local and the external is domain.com. So, my public wildcard certificate is for *.domain.com. When I look at the certificates on the exchange server, there is another certificate that is assigned to IIS issued by the local certificate authority which protects domain.local. I have tried a variety of combinations using either the local certificate with the domain.local name of the servers as well as the public wildcard certificate thumbprint and the dns a record with domain.com that points to each server. None of these combinations seem to work for me. I have run these commands on the SfB Server: New-CsTrustedApplicationPool -Identity exchangeserver.domain.local-Registrar sfbserver.domainlocal-Site "My Site" -RequiresReplication $False New-CsTrustedApplication -ApplicationId OutlookWebApp -TrustedApplicationPoolFqdn exchangeserver.domain.local-Port 5199 I have run these commands on the Exchange Server: New-SettingOverride -Name "IM Override" -Component OwaServer -Section IMSettings -Parameters @("IMServerName=sfbserver.domain.local","IMCertificateThumbprint=mycertificatethumbprint") -Reason "Configure IM" Get-ExchangeDiagnosticInfo -Server EXCHANGESERVER -Process Microsoft.Exchange.Directory.TopologyService -Component VariantConfiguration -Argument Refresh Restart-WebAppPool MSExchangeOWAAppPool Get-OwaMailboxPolicy | Set-OwaMailboxPolicy -InstantMessagingEnabled $True -InstantMessagingType OCS When I check the instant messaging logs on the Exchange Server I see the following: If I try to use the domain.com name and the wildcard certificate I get this error: ERROR:InstantMessageOCSProvider.GenerateInstantMessageUnavailablePayload. Context: User=email address removed for privacy reasons, Sip address=sip:email address removed for privacy reasons, Lyncserver=sfbserver.domain.local. endPoint: Microsoft.Rtc.Internal.UCWeb.UCWAuthenticatedEndpoint, MethodName: InstantMessageOCSProvider.SignInCallback, InstantMessageServiceError: SipEndpointConnectionFailure, Exception: UCWEB Failure: Code=TlsFailure, SubCode=TlsIncorrectNameInRemoteCertificate, Reason=\r\nMicrosoft.Rtc.Internal.UCWeb.Utilities.UCWException: The target principal name is incorrect ---> Microsoft.Rtc.Signaling.TlsFailureException: The target principal name is incorrect ---> Microsoft.Rtc.Internal.Sip.TLSException: outgoing TLS negotiation failed; HRESULT=-2146893022\r\n at Microsoft.Rtc.Internal.Sip.TlsTransportHelper.HandleNegotiationFailure(Int32 status, Boolean incoming)\r\n at Microsoft.Rtc.Internal.Sip.TlsTransportHelper.OutgoingTlsNegotiation(TransportsDataBuffer receivedData, TransportsDataBuffer& pDataToSend)\r\n at Microsoft.Rtc.Internal.Sip.TlsTransportHelper.NegotiateConnection(TransportsDataBuffer receivedData, TransportsDataBuffer& pDataToSend)\r\n at Microsoft.Rtc.Internal.Sip.TlsTransport.DelegateNegotiation(TransportsDataBuffer receivedData)\r\n at Microsoft.Rtc.Internal.Sip.TlsTransport.OnReceived(Object data)\r\n --- End of inner exception stack trace ---\r\n at Microsoft.Rtc.Signaling.SipAsyncResult`1.ThrowIfFailed()\r\n at Microsoft.Rtc.Signaling.Helper.EndAsyncOperation[T](Object owner, IAsyncResult result)\r\n at Microsoft.Rtc.Internal.UCWeb.UCWAuthenticatedEndpoint.OotyUserEndpointEstablish_callback(IAsyncResult asyncResult)\r\n --- End of inner exception stack trace ---\r\n at Microsoft.Rtc.Internal.UCWeb.Utilities.AsyncHelper.EndAsyncCall[T](IAsyncResult asyncResult, String methodName, T ucwScopeInstance)\r\n at Microsoft.Rtc.Internal.UCWeb.UCWAuthenticatedEndpoint.EndSignIn(IAsyncResult asyncResult)\r\n at Microsoft.Exchange.Clients.Owa2.Server.Core.InstantMessageOCSProvider.<>c__DisplayClass89_0.<SignInCallback>b__0(RequestDetailsLogger logger)", When I use the internal domain.local server name and the certificate issued by the local certificate authority, I see: 2024-02-25T14:36:21.783Z,19,5,,,,0,"DEBUG:InstantMessageOCSProvider.SignInCallback. Ignoring exception after the connection is closed: Context User=email address removed for privacy reasons, Sip address=sip:email address removed for privacy reasons, Lyncserver=sfbserver.domain.local, Exception: UCWEB Failure: Code=TlsFailure, SubCode=TlsRemoteDisconnected, Reason=\r\nMicrosoft.Rtc.Internal.UCWeb.Utilities.UCWException: Unknown error (0x80131500) ---> Microsoft.Rtc.Signaling.TlsFailureException: Unknown error (0x80131500) ---> Microsoft.Rtc.Internal.Sip.RemoteDisconnectedException: Peer disconnected while outbound capabilities negotiation was in progress ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host\r\n at System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult)\r\n at Microsoft.Rtc.Internal.Sip.TcpTransport.OnReceived(Object arg)\r\n --- End of inner exception stack trace ---\r\n --- End of inner exception stack trace ---\r\n at Microsoft.Rtc.Signaling.SipAsyncResult`1.ThrowIfFailed()\r\n at Microsoft.Rtc.Signaling.Helper.EndAsyncOperation[T](Object owner, IAsyncResult result)\r\n at Microsoft.Rtc.Internal.UCWeb.UCWAuthenticatedEndpoint.OotyUserEndpointEstablish_callback(IAsyncResult asyncResult)\r\n --- End of inner exception stack trace ---\r\n at Microsoft.Rtc.Internal.UCWeb.Utilities.AsyncHelper.EndAsyncCall[T](IAsyncResult asyncResult, String methodName, T ucwScopeInstance)\r\n at Microsoft.Rtc.Internal.UCWeb.UCWAuthenticatedEndpoint.EndSignIn(IAsyncResult asyncResult)\r\n at Microsoft.Exchange.Clients.Owa2.Server.Core.InstantMessageOCSProvider.<>c__DisplayClass89_0.<SignInCallback>b__0(RequestDetailsLogger logger)",On MACP, (400 : HTTP/1.1 400 Bad Request) when enabling a user.
Hello everyone! My problem is: When enabling a user on the new MACP, IF the user has configured an email address gives the subjet error. If the user doesn't have configured email address, user is enabled but not without a problem. Viewing trough developer mode on the browser, the error lies in: https://<sfbs-fe-pool-fqdn>/OcsPsws/Service.svc//$batch The payload of the $batch: --batch_1706182664593 Content-Type: multipart/mixed; boundary=changeset_21.25566040805762 --batch_1706182664593 Content-Type: multipart/mixed; boundary=changeset_21.25566040805762 --changeset_21.25566040805762 Content-Type: application/http Content-Transfer-Encoding: binary PATCH /OcsPsws/Service.svc/CsAdUser/fragments/2/<BLABLABLA> HTTP/1.1 Content-Type: application/json {"SipAddressType":"EmailAddress","SipDomain":"<domain.tld>","RegistrarPool":"<sfbs-fe-pool-fqdn>"} --changeset_21.25566040805762-- --batch_1706182664593 Content-Type: multipart/mixed; boundary=changeset_21.25566040805762 --changeset_21.25566040805762 Content-Type: application/http Content-Transfer-Encoding: binary PATCH /OcsPsws/Service.svc/CsUser/fragments/2/<BLABLABLA> HTTP/1.1 Content-Type: application/json {"AudioVideoDisabled":false,"EnterpriseVoiceEnabled":false,"RemoteCallControlTelephonyEnabled":false} --changeset_21.25566040805762-- --batch_1706182664593-- Gives this error without regards of wich option i choose about the format of the sip address (email, UPN, etc.): HTTP/1.1 400 Bad Request X-Content-Type-Options: nosniff DataServiceVersion: 1.0; Content-Type: application/xml;charset=utf-8 <?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code /><m:message xml:lang="es-ES">The request URI is not valid. Since the segment 'CsAdUser' refers to a collection, this must be the last segment in the request URI. All intermediate segments must refer to a single resource.</m:message></m:error>--changesetresponse_a677ace1-29ed-4549-b606-2b90d0a4d6d8-- --batchresponse_681cb375-bac7-4afe-a2fa-9ceb5f199d4aContent-Type: multipart/mixed; boundary=changesetresponse_608de08e-6dbe-4000-aab4-95c97c576d09 --changesetresponse_608de08e-6dbe-4000-aab4-95c97c576d09 Content-Type: application/http Content-Transfer-Encoding: binary HTTP/1.1 400 Bad Request X-Content-Type-Options: nosniff DataServiceVersion: 1.0; Content-Type: application/xml;charset=utf-8 <?xml version="1.0" encoding="utf-8"?> <m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code /><m:message xml:lang="es-ES">The request URI is not valid. Since the segment 'CsUser' refers to a collection, this must be the last segment in the request URI. All intermediate segments must refer to a single resource.</m:message></m:error> --changesetresponse_608de08e-6dbe-4000-aab4-95c97c576d09-- --batchresponse_681cb375-bac7-4afe-a2fa-9ceb5f199d4a-- And, when enabling a user without a configured email address, the payload of $batch looks like this: --batch_1706183087284 Content-Type: multipart/mixed; boundary=changeset_3.9714624502973583 --batch_1706183087284 Content-Type: multipart/mixed; boundary=changeset_3.9714624502973583 --changeset_3.9714624502973583 Content-Type: application/http Content-Transfer-Encoding: binary PATCH /OcsPsws/Service.svc/CsAdUser('BLABLABLA') HTTP/1.1 Content-Type: application/json {"SipAddressType":"UserPrincipalName","SipDomain":"<domain.tld>","RegistrarPool":"<sfbs-fe-pool-fqdn>"} --changeset_3.9714624502973583-- --batch_1706183087284 Content-Type: multipart/mixed; boundary=changeset_3.9714624502973583 --changeset_3.9714624502973583 Content-Type: application/http Content-Transfer-Encoding: binary PATCH /OcsPsws/Service.svc/CsUser('<BLABLABLA>') HTTP/1.1 Content-Type: application/json {"AudioVideoDisabled":false,"EnterpriseVoiceEnabled":false,"RemoteCallControlTelephonyEnabled":false} --changeset_3.9714624502973583-- On the MACP i get a spinning wheel, but if i go to users, it appears as enabled. On the browser's developer tools the server gives this answer: HTTP/1.1 500 Internal Server Error X-Content-Type-Options: nosniff Cache-Control: no-cache DataServiceVersion: 1.0; Content-Type: application/xml;charset=utf-8 <?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code /><m:message xml:lang="es-ES">An error occurred while processing this request.</m:message><m:innererror><m:message>No se pudo ejecutar el comando Set-CsUserDetails. Causa del problema: No se encontró ningún objeto de administración para la identidad "<ad user distinguished name>".</m:message><m:type>Microsoft.Management.Odata.CommandInvocationFailedException</m:type><m:stacktrace> en Microsoft.Management.Odata.PS.PSCommand.ExecutionCompletionHandler()
 en Microsoft.Management.Odata.PS.PSCommand.Invoke(Expression expression, Boolean noStreamingResponse)
 en Microsoft.Management.Odata.Core.PSOperationManager.InvokeCRUDCommand(CommandType commandType, String resourceTypeName, IEnumerable`1 properties)
 en Microsoft.Management.Odata.Core.PSOperationManager.Update(SenderInfo senderInfo, String resourceTypeName, IEnumerable`1 properties)
 en Microsoft.Management.Odata.Core.OperationManagerAdapter.FunctionInvoker`1.Invoke()
 en Microsoft.Management.Odata.Core.OperationManagerAdapter.InvokeMethod(IInvoker invoker, String functionName, String resourceTypeName, Boolean ignoreNotImplementedException)
 en Microsoft.Management.Odata.Core.OperationManagerAdapter.InvokeOperationManagerFunction[T](Func`1 func, String functionName, String resourceTypeName, Boolean ignoreNotImplementedException, T defaultResultForNotImplementedException)
 en Microsoft.Management.Odata.Core.OperationManagerAdapter.CUDRequest(CommandType commandType, ResourceType resourceType, Dictionary`2 properties, Dictionary`2 urlParams)
 en Microsoft.Management.Odata.Core.EntityUpdate.InvokeCommand()
 en System.Data.Services.DataService`1.BatchDataService.HandleBatchContent(Stream responseStream)</m:stacktrace><m:internalexception><m:message>No se encontró ningún objeto de administración para la identidad "CN=Carmen Morillo Rodriguez,OU=USUARIOS,OU=CUENTAS DESHABILITADAS,OU=OU _01_VARIOS,DC=depo,DC=es".</m:message><m:type>Microsoft.Rtc.Management.AD.ManagementException</m:type><m:stacktrace> en Microsoft.Rtc.Management.AD.ADTask`1.GetDataObject[TDataObject](IIdentity id, IDirectorySession session, ObjectId rootID)
 en Microsoft.Rtc.Management.AD.ADTask`1.GetDataObject(IIdentity id)
 en Microsoft.Rtc.Management.AD.SetPersonBase`2.ResolveDataObject()
 en Microsoft.Rtc.Management.AD.GenericSetADObjectIdentityTask`3.PrepareDataObject()
 en Microsoft.Rtc.Management.AD.GenericSetADTask`1.InternalValidate()
 en Microsoft.Rtc.Management.AD.ADTask`1.PrepareForScopeCheck()
 en Microsoft.Rtc.Management.OcsCmdlet.IsUserInScope()
 en Microsoft.Rtc.Management.OcsCmdlet.ProcessRecord()
 en System.Management.Automation.CommandProcessor.ProcessRecord()</m:stacktrace></m:internalexception></m:innererror></m:error> --changesetresponse_42f57019-b938-47b1-a3f6-aaf2a7bb23c8-- --batchresponse_c7d33751-d003-448c-89db-4ebcda4bc6ae-- The only difference is that on the failing payload i see: PATCH /OcsPsws/Service.svc/CsAdUser/fragments/2/<BLABLABLA> And on the working payload: PATCH /OcsPsws/Service.svc/CsAdUser('<BLABLABLA>') Sounds like a bug? Configuration problem?? Edit: I forgot to mention the environment - SfBS 2019, patched to October 2023 level. Three Win servers 2019 as front-ends, two win server 2019 as Edges. Applied, as patch requested, the prerequisites without errors. bootstrapper executed without errors. 🤷:male_sign:Skype for Business 2019 Edge Server with other RD Gateway
I have a Skype for Business 2019 Standard Edition Server currently running without the Edge Transport server. I'd like to add remote access but would prefer not to have to deploy another server specifically dedicated to this. Does anyone know (or has anyone tried) installing Skype for Business 2019 Edge Server on the same machine as a terminal server running RD Gateway and RD Web Apps? Or, is there any other server this could run on without interfering? I have a server running Office Online Server (OOS) and I have another running Sharepoint, one running Exchange 2019, one running Skype for Business 2019 frontend and then the one running RD Gateway and RD Web Apps as a terminal server. Thanks!Decommission Skype 2015 On-Prem servers
I want to decommission our Skype On-Prem (2015) servers and cleanup AD from the RTC delegations and groups (RTC* and CS*). I've been following the guide:https://learn.microsoft.com/en-us/skypeforbusiness/hybrid/decommission-remove-on-prem However, when doing step 1 of "Prepare to remove the Skype for Business deployment" and run the commands, the commandGet-CsAudioTestServiceApplication returns an object. In step 2 there is no corresponding Remove-cmdlet, so we tried disabling it with the Set-cmdlet. Moving on to "Remove your on-premises Skype for Business deployment", when getting to step 3 I run "Publish-CsTopology -FinalizeUninstall" but gets the following error. Publish-CsTopology : Command execution failed: Cannot publish topology changes. Users or contacts are still homed on a pool that would be deleted. Move or remove the users or contacts before continuing. At line:1 char:1 + Publish-CsTopology -FinalizeUninstall + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (:) [Publish-CsTopology], Inva lidOperationException + FullyQualifiedErrorId : ProcessingFailed,Microsoft.Rtc.Management.Deploy ment.PublishTopologyCmdlet Running the command generates a html file with the result, where the same error can be found and the following suggestion: "UserPoolInUseResolution: Consult your Skype for Business Server documentation to learn how to move or disable objects still homed on the pool. To find those objects, execute the following cmdLets: Get-CsUser, Get-CsExUmContact, Get-CsCommonAreaPhone, Get-CsAnalogDevice, Get-CsRgsWorkflow, Get-CsDialInConferencingAccessNumber, Get-CsAudioTestServiceApplication, Get-CsTrustedApplicationEndpoint, Get-CsPersistentChatEndpoint." So I'm guessing we need to get rid of that Audio Test Service Application, anyone got any ideas how to do that? I can't find anything for it in the GUI either. The main objective is to clean up any remnents in AD, the entire Skype environment will be removed and all servers decommissioned. I'm guessing that theDisable-CsAdDomain andDisable-CsAdForest cmdlets does this somewhat. Is the above steps a requirement to be able to run these cmdlets, or would this be a viable option?
Skype to Teams Migration Issues (Skype Server Standard 2019 - On Prem 7.0.2046.244)
Hi all, Just looking for some advice here for a Skype on-prem to Teams migration. I'll try keep this as short as possible but please find some info below: Background Customer A is moving from using Skype 2019 on prem with Anywhere365 core (also on-prem) over to Teams only with Anywhere365 dialogue cloud. We are at the stage where we are almost ready to switch over, however have uncovered some issues with the migration process to rehome the users. From reading it looks like Microsoft now require you to be on a minimum version of 2019 on-prem to be able to migrate the users over to Teams: As of July 31, 2022, to move users between an on-premises deployment and the cloud, you must be using the following minimum versions of either Skype for Business Server or Lync Server: On-premises product Required minimum version Required minimum build Skype for Business Server 2019 CU6 7.0.2046.385 Skype for Business Server 2015 CU12 6.0.9319.619 Lync Server 2013 CU10 with Hotfix 7 5.0.8308.1182 The problem we have, I believe is basically down to the fact we have inheritied a Anywere365 and Skype installation which has not been kept up to date and is stopping us from progressing any further. Customer A is 24/7 so we are trying to find the best way around this without having to upgrade the Skype environment, Anywhere365 core (this is needed to work with newer versions of Skype) to then just bin these servers off after the migration. Its going to cause unecessary disruption and potential wasted engineer time. Question My question is, has anyone been in the same position with migrating skype for business 2019 on prem over to Teams and is there any workaround without upgrading the kit and successfully using hybrid connectivity with the migration commands? Further Information I have done some testing with the current kit, all hybrid connectivity is configured I believe the migration failure is now just down to the skype version. I have tested a potential workaround, which involves deleting a user from on prem Skype (not removing their AD user) so that the majority of the skype flags against a user get cleared, line uri, enterprise voice config etc.. and allowed this to sync back to 365. I tried then applying the direct routing configuration on Teams only to still get an error that the user is using Skype on prem and to migrate them. I then went into on-prem AD and cleared the remaining msRTCSIP attribute which was the PrimaryHomeServer from SRV: to <not set>. When I have checked this morning, after the sync overnight to 365, the user is now showing with the correct attributes such as: HostingProvider : sipfed.online.lync.com AccountType : User TeamsUpgradeEffectiveMode : TeamsOnly TeamsUpgradeNotificationsEnabled : False TeamsUpgradeOverridePolicy : TeamsUpgradePolicy : UpgradeToTeamsThis would suggest to me that I can now correctly configure this user for direct routing which I am going to test this morning. Its a bit of a dirty workaround however, it could be the preferred option depending on the upgrade possibilities and downtime. Has anyone done this before and would this cause issues in the future if the microsoft 'official' process isnt followed? Any help or advice is appriciated! ThanksPublishing new topology for additional SIP trunk.... Downtime?
Hi Just looking for a quick bit of advice here please. We have the urgent need for a new SIP trunk on an existing (working) S4B 2019 Standard deployment. From editing the topology to publishing this, will this cause any downtime to the existing Skype deployment due to just adding an additional medial gateway and SIP trunk? The rest of the configuration is staying the same. Also are there any other gotchas to be aware of? Thanks
