Category Archives: Skype for Business

Error 1603 when Installing Skype for Business Server 2015

[Updated 3/25/2017]

During the installation of Skype for Business 2017 you may run into errors if you select ‘Connect to the internet to check for updates’ and you also change the default installation location to something other than the C:\ drive. There is a potential third variable that might be required to run into problems as well: If you do not initially deploy conferencing during the front end pool wizard in topology builder. (Additional testing would need to be done to further isolate it from here).

The error that you may run into actually happens later, during the server component installation, and it is:

failure code 1603
Error returned while installing OcsMcu.msi, code 1603. Error Message: A fatal error occurred during installation”

The solution was to uninstall just the Skype components from control panel and then re-run setup. Only took 10 minutes so wasn’t too big of a deal. But now we must remember to manually apply the latest cumulative updates after the installation completes =)

The Uninstall order (for what it is worth) is the following:

(First uninstall XMPP then proceed with uninstalling the core components last). It is not necessary to remove all the language packs and local SQL instances (at least in my case it wasn’t).

At this point you will be able to successfully complete the full installation of Skype for Business. But you are not out of the woods yet! Because when you attempt to apply the latest cumulative update (in my case it was February 2017) then you will have that same Error 1603 on the Conferencing Service (OCSMCU.msi). When digging into the log files it appears that it is trying to find some files on the C:\ drive despite that during the installation, we selected a custom install path to the E:\ drive. 

The solution for me was to uninstall again a 2nd time, and this time I updated the Topology builder to include all of the AV Conferencing Options.

So my recommendation is to deploy to the C:\ Drive (just make it a large drive like 250GB) and to initially deploy all of the conferencing features to avoid these issues.

Reference: https://social.technet.microsoft.com/Forums/ie/en-US/42e284fb-ae07-424c-9ed3-07b6a85748da/skype-for-business-server-components-install-fails-when-patching-ocsmcumsi?forum=sfbfr

Extension Dialing (aka) Tenant Dial Plans in Skype for Business Online

Microsoft has announced that “Tenant Dial plans” are now in Public Preview in Office 365 Cloud PBX. This is relevant for companies that migrate to Office 365 Cloud PBX (Skype for Business Online) and come from legacy PBX environments that include dial plans, such as a “4-digit” or “5-digit” dial-plan. For example, dial 1234 for Jim in California, or 51234 for Juan in Mexico.

Another scenario where this is useful is when users want to dial a shorter number for outside calls. For example, in the United States, you may want to dial a 7 digit number instead of the full 10 digits including your area code. Tenant Dial Plans allow you to do this.

For example, you can create a rule that looks for 7 digits ‘^(\d{7})$’ and prepends the E.164 prefix, along with the country code and area code: ‘+1425$1’

So that if 5551234 is dialed by the end-user, the actual number sent out would be +14255551234.

TIP: A normalization rule like this would be considered a ‘tenant-user’ plan because it would need to be applied on a per-user basis, since you can’t assume that all users in that country dialing 7 digits will always want a Seattle area code.

Sign-up for Tenant Dial Plans at Skype Preview  http://skypepreview.com

To learn more, watch the Skype Academy training video (26 minutes) here:

https://www.youtube.com/watch?v=sA4p77Shmns&index=1&list=PLH5ElbTc1hWTsunfXvNVnDFCJCCzrL3R9

Lessons Learned from watching the video above:

  • Only supported for Soft clients because the firmware running on existing handsets were designed when this feature was not supported
  • Administrative interface is powershell, but a GUI was promised “in a few months” according to the Skype Academy training
  • The application of Tenant Dial plans are different than how they are deployed in an on-premises Skype deployment. For example, in the on-premises deployment, dial plans are applied based on the most specific one first, ex: User, then Pool, then Site, then Global. If a user dial plan is assigned, then all other dial plans are ignored. In the case of these new Cloud PBX Tenant dial plans, the “Service Country” dial plan is always applied, and it is merged together with one of two options: a tenant-user dial plan OR a tenant-global dial plan.
  • Before you can use tenant dial plans in your Cloud PBX tenant, you must first configure hybrid users to consume the tenant dial plan, for example:
    set-cstenanthybridconfiguration -useonpremdialplan $false

SIP 500 internal server error “from or target user pool or deployment assignment is incompatible with split-domain traffic type”

Problem: User could not transfer a phone call.

Symptom: Bogus error message about split-domain traffic, with almost no articles on the internet or forums to help. Equally bogus error message was “request target is not assigned to a pool or deployment and is not a server GRUU”

Solution: Disable SIP Refer on the SFB Trunk

Explanation: Not all SBC gateways support SIP Refer, but this is the default option when creating a trunk in Skype for Business.

Outlook gets “Play” Button for Microsoft Cloud PBX VoiceMail

Recently, while checking my voicemail in Cloud PBX, I noticed that I now have the Play button in Outlook

Now instead of opening up the .MP3 attachment to listen to voicemails, I can simply click the play button.

image

The ‘play on phone’ button errors out, but the Edit Notes button works.

This feature became enabled when the “Microsoft Exchange Add-in” was added as a COM Add-in inside Outlook

SNAGHTML1017d3c

The timestamp on UmOutlookAddin.dll is July 31, 2016

image

I have not been able to find any announcement about this new capability.

Why PSTN Conferencing Dynamic Conference IDs are so important

Microsoft announced on Friday, August 12th that Dynamic Conference IDs are coming September 1st to Office 365 E5 PSTN Conferencing.

This is an important because it solves a privacy limitation with the current static conference ID’s in service today.

Without dynamic conference IDs, there are no great options to prevent new external callers from interrupting an in-progress meeting (that may be running long). The default ‘out of box’ configuration allows unauthenticated external callers to be admitted into the conference. The option to override this behavior is to change the policy ‘these people don’t have to wait in the lobby’ to “Only me, the meeting organizer.”

However, when that option is selected, the meeting organizer does not receive any pop-up notification to admit PSTN callers who are waiting in the lobby (they just sit there forever). This particular scenario is not directly mentioned in the “Dial-in conferencing known issues” support article. And that is why Dynamic conference IDs will be such a great thing starting September 1st! Note: Any previously scheduled meeting will not automatically have this option, only new scheduled meetings going forward after 9/1 will have this option. Also, any recurring meetings will need to be rescheduled with a new dynamic conference ID to benefit from this privacy feature.

Skype for business Event ID 1047 LS File Transfer Agent

During a deployment at a customer site I ran into a problem with SkypeFB Edge replication.

After adding the Edge to the topology, installing the role on the server and proper certificates, replication was failing with Event ID 1046 and Event ID 1047.

The solution was to add the following registry key:

  1. Open Regedit on the Edge server
  2. Go to HKLMSYSTEMCurrentControlSetControlSecurityProvidersSCHANNEL
  3. Right click and add the DWORD (ClientAuthTrustMode)
  4. Set the value of the DWORD to 2
  5. Restart the server
  6. On the front-end run this command and then wait 2 minutes
    invoke-CSManagementStoreReplication

Additionally, when working with Microsoft support they also recommended creating these two additional keys:

SendTrustedIssuerList (Value 0) and EnableSessionTicket (Value 2).

References:

https://lyncdude.com/2015/09/23/skype-for-business-event-id-1047-ls-file-transfer-agent/

and

https://social.technet.microsoft.com/Forums/lync/en-US/19e2d5f0-5d3f-4c2f-a8ea-b0a851bb30ac/file-transfer-agent-cannot-get-replication-status-from-replica-replicator-agent-on-edge-eventid-1047?forum=sfbfr

There is an interesting troubleshooting article with tracing presented here that could also solve the problem if it was caused by a missing intermediate authority.

https://ocsguy.com/2011/09/07/troubleshooting-cms-replication/

And while researching this problem, I came across a very thorough article on this topic that is worth translating into English: http://www.msxfaq.de/signcrypt/win2012tls.htm

Skype for Business Services won’t start

Immediately after installing Skype for Business Server 2015 (Standard Edition) the front-end services would not start.

Tom Rimala’s blog article that suggested there is a problem when the internal Certificate Authority uses MD5 as the signature signing method.

Also, the Microsoft Certificate Requirements says “The default digest, or hash signing, algorithm is RSA.” (no mention of MD5).

I changed the CA Authority’s certificate from MD5 to SHA1. Here is the registry key to change on the Root CA signing information (we changed these three values). Note: the guidance was to change this on the Root and Subordinate but in our case the Root was also the issuing CA, so there was no subordinate to change in our case.

image

The next step is to restart the Root CA services. Then issue a new Root Certificate. Then copy the new root CA cert to the Skype for Business front-end, and finally re-issued the Front End Cert and OATH cert. Then the services should start up.

There was a false negative warning about Event ID 32174 “Server startup is being delayed because fabric pool manager has not finished initial placement of users.” This is clearly a bogus error because a Front-End server doesn’t have additional servers to place users into.

SNAGHTML253351b

There was a clue about the Certificate problem because the System Event log contained a ton of Schannel events such as 36888, “A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 1205.” And Event ID 36874 “An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.” I am adding these details in the event that a search engine might index these errors to point people to this fix.

Skype for Business Online Delegate Calendar Scheduling

Imagine a scenario where an executive assistant needs to schedule Office 365 Skype for Business Online meetings on behalf of at least two or more executives during the same timeframe.

Without proper training, the assistant may schedule meetings in their own calendar rather than in the calendar of the executives. This can be a major problem if those two meetings need to occur at the same time, because SFB Online does not yet support dynamic meeting ID’s, so you can’t have two meetings scheduled at the same time by the same meeting organizer.

The solution is to schedule the meeting on behalf of the executive, so that they appear as the meeting organizer, and the meeting will use their meeting ID rather than the assistant.

To accomplish this, the executive needs to perform delegation to the assistant in two separate products (Outlook and Skype for Business):

1. Outlook Delegation

SNAGHTML84b89

2. SFB Delegation

SNAGHTML625da

SNAGHTML90b8d
*If you don’t see the Call Forwarding Settings then you don’t have the required license assigned (see license requirements below).

 

License Requirements (for SFB Online)

The second can be tricky if the minimum required licenses are not assigned. The Executive/Manager needs one of these three license combinations for delegated meetings to work correctly:

1. SFB Online Plan 3

2. SFB Online Plan 3 + Cloud PBX

3. SFB Online Plan 2 + Cloud PBX + PSTN Calling

Then the delegate simply needs to double-click on the boss’s calendar inside outlook to create a new Skype Meeting.

SNAGHTML34c3687

image

Music on Hold now available for Office 365 Cloud PBX

As of January 16th, 2016, Music on hold is now available in Office 365 Cloud PBX.

This is deployed via a client policy, using a remote PowerShell session. For instructions on how to connect to Skype for Business Online using PowerShell, click (here).

Once you are connected to the remote PowerShell session, you just have to run a single command Set-CsClientPolicy –EnableClientMusicOnHold $true

image

Before and After screen shots of where this shows up for the client:

Before:

image

After:

image

By clicking Browse we can see that the end-user can select their own music on hold file:

image

By default we can only upload .WMA files. There is a free MP3 to WMA online converter that I used to upload some classical music.

http://audio.online-convert.com/convert-to-wma