Skype for Business and Lync Servers certificate report

[http://0.gravatar.com/blavatar/84ad864408086e60f2e94bc6a080a492?s=200&ts=1432739523]
Skype for Business and Lync Servers certificate report
This is a cross-post with Guy Bachar’s blog, of a script we wrote back in August 2014 and that went through some technical (mostly Guy) and cosmetic (mostly yours truly) updates. This script…

http://y0av.me/2015/05/27/skype-for-business-and-lync-servers-certificate-report/

Invoke-CsPoolFailover Fails With a Distributed Component Object Model (DCOM) error: Or, WCF/TCP Port 9001 and you.

Greetings.

Came across an issue the other day that I thought I would share. When testing some Lync 2013 Enterprise Edition Pool fail-overs, an error such as this when running Invoke-CsPooolFailover:

Invoke-CsPoolFailOver : Could not find a compatible interface with the server.
At line:1 char:1
+ Invoke-CsPoolFailOver -PoolFqdn pool1.contoso.com 
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidResult: (:) [Invoke-CsPoolFailOver], Mana
   gementCOMException
    + FullyQualifiedErrorId : ProcessRecord,Microsoft.Rtc.Management.Hadr.Invo
   kePoolFailOverCmdlet

Invoke-CsPoolFailOver : Unable to connect to the servers in pool
“pool1.contoso.com” due to a Distributed Component Object Model (DCOM) error.
 Verify that Front End service is running on servers in this pool. If the pool
is set up for load balancing, verify that load balancer is configured…

If “doing the needful” by checking the Front End services and if applicable, the Hardware Load balancer comes back clean, where do you go with this one?

Some mentions of this error or something similar are, here and here but nothing really matched 100% or none of the solutions seemed applicable. This error did not show itself immediately after starting the failover, and several of the spawned steps of Invoke-CsPoolFailover such as hydration seemed be going through fine. Once the error hits the failover stops and the pool will remain in a failed state until you bring it back with a:

Set-CsRegistrarConfiguration -Identity “Service:Registrar:Pool1.contoso.com” -PoolState Active

 

But why? 

 

Did you know you can use the Lync\SfB Logging tool to log Powershell? Lets take a look there.

 

NewImage

While logging with the logging tool while a cmdlet is running, additional info may be logged into the Logging Tool that may not be shown in the shell window or the extended logging even with the -verbose switch. This is especially useful when running something like Invoke-CsPoolFailover which is one of those cmdlets that spawns many others as part of its run time.

Looking at the log of the pool failover while logging with the Logging Tool did show an error like this:

15225 TL_INFO(TF_COMPONENT) [5]21530.211A8::05/21/2015-21:07:46.988.00003bc3 (PowerShell,ConfDirManagementClientFactory.Create:confdirmanagementclientfactory.cs(112))(0000000002026B62)Creating ConfDirManagement client for address [net.tcp://pool1eefe01.contoso.com:9001].

Whats this? TCP Port 9001? What the @#$@#$ is that used for? More on that in a minute.

A simple telnet or test-netconnection showed that this port was, in fact, blocked. Once opened up between the data-centers that homed the paired pools in question, the Invoke-CsPoolFailover process worked correctly. 

So what is this port for? I looks around quite a bit and turned up zip, so a shout out to Twitter and the most awesome SfB MCM\MVP Jonathan McKinney @ucomsgeek helped me by pointing out the Set-CsUserServer cmdlet. One of the switches to Set-CSUserServer is -ConfDirManagementWcfTcpPort who default value is 9001. So it appears that a modification to the conference directories is done at pool failover, and if this port is blocked between the pools, the failover will, er, fail. 

This can be verified while Invoke-CsPoolFailover is running by looking at the connections on the front end running the cmdlet with a netstat -ano:

 

NewImage

 

You will see connections from the “Source” FE to each “Target” FE in the corresponding pool on TCP Port 9001 as the steps are run.

Hope this helps and please let me know if you have any questions or comments.

Additional thanks to Jeremy Willey for tracking this down.

 

Thanks!

 

 

Chris and Robin’s Technology blog: S4B Lesson Learned – ensure you have ample time between FE update and Edge update on any certificates!

[X]
Chris and Robin’s Technology blog: S4B Lesson Learned – ensure you have ample time between FE update and Edge update on any certificates!

http://blog.chrislehr.com/2015/05/s4b-lesson-learned-ensure-you-have.html

Fixing “Cannot find registrar pool” error for sipfed.online.lync.com | Paul’s Down-Home Page

https://paulrobichaux.wordpress.com/2015/05/21/fixing-cannot-find-registrar-pool-error-for-sipfed-online-lync-com/

Fixing “Cannot find registrar pool” error for sipfed.online.lync.com

Originally posted on Paul's Down-Home Page:

I was recently setting up hybrid Lync Skype for Business for a customer. This is more properly known as “split-domain” configuration because you share a single SIP namespace across both the on-premises and cloud portions of the infrastructure.

If you’re not familiar with the process, it goes like this (although I think Set up AD FS or whatever other identity federation solution you like.

  1. Configure the service to allow federation.
  2. Configure the on-premises Lync/SfB servers to allow federation.
  3. Turn on federation.
  4. Enable your tenant for split-domain operations with Set-CsTenantFederationConfiguration.
  5. Start moving users.

Adam Jacobs’ summary is worth reading if you haven’t seen this before, but even without reading it, it seems straightforward enough, right? I found that when I got to step 6 I got a vexing error: “Cannot find Registrar pool. Verify that ‘sipfed.online.lync.com’ is a valid registrar pool.”
sipfederr

I was 100% sure that the registrar pool name…

View original 178 more words

Windows Fabric + Skype for Business 2015 | Mastering Lync

http://masteringlync.com/2015/05/19/windows-fabric-skype-for-business-2015/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+LyncNewsFeed+%28Lync+News%29

Rate My Call in Skype for Business 2015 – Jens Trier Rasmussen – Site Home – TechNet Blogs

http://blogs.technet.com/b/jenstr/archive/2015/05/05/rate-my-call-in-skype-for-business-2015.aspx

Mandie's Memos

Learning about Lync and other technologies the hard way... so you don't have to.

The Networking Nerd

Networking With A Side of Snark

Norwegian Lync Day

For de som vil mer med Lync

Exchange Goddess

I'm here for the refreshments. About cows, goats, and surviving in IT as a woman

A bit of Exchange & Office 365

Blog of an Exchange Microsoft Certified Master & MVP

NorthernUC

The World of Lync 2010 & Lync 2013

The Lync

Tom Kisner's Microsoft Unified Communications Blog

msunified.net

Technical blog about Exchange, OCS and Lync by Ståle Hansen

MyExchangeLync

An another Exchange fellow !!!

ODDYTEE

All about messaging (and maybe some other stuff too).

www.WeakestLync.com (Lync and Skype for Business)

Follow on Twitter @WeakestLync #Lync #Skype4B

Unified Blog

Focused on Unified Communications & Collaboration

UC Skype for Business?

Sunny skies with a chance of Clouds.

Chad McGreanor's Blog

Engineers Notebook

Thoughtsofanidlemind's Blog

Exchange, Office 365, technology, and anything else really...

Working Hard In IT

My view on IT from the trenches

Steve Goodman's Exchange & Office 365 Blog

The weblog of an Microsoft MVP and IT Pro specialising in Exchange, Lync, Office 365. Guides, Tutorials, How-Tos and commentary.

Ehlo World!

All about Microsoft Unified Communications

Michael 'Van Hybrid' / Van Horenbeeck

My personal trash of thoughts about Unified Communications and stuff

Cloudy Migration Life

Blog for Active Directory and Exchange migration projects. Insights into Active Directory Federation Services and Web Application Server.

Follow

Get every new post delivered to your Inbox.

Join 1,492 other followers