#Skype Question 45: How to do use DSCP tag on Linux and Mac based VDI endpoints

I am working with a customer who have a very large VDI estate with both Windows and Linux based VDI endpoints.
As part of network planning and optimisation my customer are strategically looking to move to a trusted tag based or Differentiated Services Code Point (DSCP).
Of course on Windows this pretty easy via Group Policy using policy based QoS and on Windows Embedded (WES) based VDI endpoints this is no different.
The question has come up on how to QoS on Linux (TinyOS) and Mac based VDI endpoints.
As you might or might not be adware as part of the Citrix HDX RealTime Optimization Pack there is a MediaEngine which runs on the local VDI to offload the audio/video processing from the server to the endpoint in order to optimise the media quality.  Do note that the application sharing workload/traffic does remain in the virtual windows session on the Citrix server.
There are essentially some registry settings that must be applied in the user’s windows profile on the Citrix server which specific which DSCP values to use for audio and video at the endpoint:
  • On the VDA, locate or create a registry key HKEY_CURRENT_USER\Software\Citrix\HDXRTConnector\MediaEngine\Networking
                  
  • Under this key, create three DWORD values: AudioTOS, VideoTOS, RtcpTOS. Set them to the desired value of the IP TOS byte. Restart Skype For Business.
     
  • Note that registry settings control the full TOS byte, so if you want to use a particular DSCP value, multiply it by 4.
     
  • RtcpTOS is applied to RTCP packets for both audio and video, the other values are applied to RTP packets for audio and video, respectively.
What about QoS on Mac OS in generally I hear??? I have a fair idea how to get this to work too however it is not easy!

REFERENCE
HDX RTOP Realtime Media Engine DSCP QoS Configuration
https://support.citrix.com/article/CTX215691 
Advertisements

#Lync Question 44: What SQL collation should I use

I have been asked this question quite a few time now.

As much as I believe (according to a few SQL administrations) it is best practice to match the server collation with the database collation for performance reasons for Lync you really don’t want to this.

The server collation should be Latin1_General_CI_AS

If you interested all the Lync Server 2013 databases use Latin1_General_BIN collation, this is a case sensitivity collation and if you happen to match the collation then you will probably run into issues with mirroring the archiving and monitoring databases as they their database naming is mixed case.

#Lync Question 43: Can I protect federated users from taking screenshot of desktop share session content

Another common question in relation to federation, governance and control.

But yes you can protect federated users from taking screenshot of desktop share session content, however this area/capability is more Information Rights Management (IRM) in Office rather than Lync.

With IRM in Office 2013 you can authenication and authorise access to sensitive documents. For example a word document could be protected so it can only be opened by specific users. Also it can be protect from being printed, or shared, also the content can be protected from copy and paste and screenshots.

If a protected document is opened and then the screen or program is shared via Lync then it is just shown as blacked out at the other end.  This is due to Lync 2013 honouring the IRM protection.

However this behavior is only support on Windows 8 or later and not Windows 7 nor does it work with Lync 2010 and of course will need to deploy Information Rights Management (IRM).

REFERENCE:

Presenting your Screen with Lync 2013
http://blogs.technet.com/b/lync/archive/2012/11/02/presenting-your-screen-in-lync-2013.aspx

Plan Information Rights Management in Office 2013
https://technet.microsoft.com/en-us/library/cc179103.aspx

#Lync Question 42: How do I run the SkypeUI when my administrator want me to run the LyncUI

I am sure this is going to annoy some Lync administrators, however I came into work this morning after running the Skype for Business client for the last few months to the following message

SkypeUIRestart

Thus following the restart, I was back the the Lync UI.  “How retro”

Disclaimer: Playing with the registry may result is serious injury or death for your PC so everything be careful out there!

First you will need local administrator rights to do this and also have a read of my previous post #Lync Question 38: How do I control the Lync and Skype UI with the Skype for Business client regarding the registry keys.

Here is the registry with the Skype UI disabled (you might see some other keys in here too)

SkypeUIRegKey

 

Lets delete it, or via command line it would be:

reg delete HKCU\Software\Microsoft\Office\Lync /v EnableSkypeUI /f

Next we add back the registry key with the Skype UI enable

reg add HKCU\Software\Microsoft\Office\Lync /v EnableSkypeUI /t REG_BINARY /d 00000001 /f

Next lets change the permissions, select the EnableSkypeUI key and on the Edit menu select Permissions

SkypeUIRegPermissions

In here we click on Advanced and then Disable Inheritance and then select Remove all inherited permissions from this object

And then OK, Yes (we are going to denied all users permissions) and finally OK

Then we can launch the client with the SkypeUI

How do I revert?

If you want to revert in the registry edit, select HKCU\Software\Microsoft\Office\Lync in the left pane and then in the Edit menu, Permissions and we will see there is no permissions

LyncRegNoPermissions

 

 

Next click on Advanced

LyncRegAdvancedPermissions

And then Enable inheritance followed by OK and OK

There we go…..enjoy the Skype UI again

#Lync Question 41: How I do configure a Polycom SIP Phone (VVX / SoundStructure) as a Lync Common Area Phone

There are already a number of good blog articles on how to get Polycom provision server up and running to provision lots Polycom SIP phones. I would recommend Jeff Schertz blog article [1].

However as I found, most focus on setting up a Polycom SIP phone using a standard Lync user (with a full AD account and password) and not a common area phone, which has just a AD contact object.   Although you could just use an AD user account instead in some environment it is just easier just not have to justify why these accounts have non-expiring passwords.

With the UCS 5.0.2 software it added support Lync PIN authentication and although with a Polycom VVX phone it is easy enough to manually logon the phone using the screen and keypad. As I found with a Polycom SoundStructure this isn’t so easy since there is no screen or keypad and especially since UCS 5.2.0 and later the phone’s (or VoIP Ccrd) web interface is disabled by default.

Although it  is easy enough to re-enable the web interface via some additional lines in the shared.cfg XML file on the provisioning server at which point you can log to VoIP card into Lync as a Common Area Phone (below).

PolycomVoipCard-LyncSignIn

However when you have a large number of Polycom SoundStructure devices to configured or support then this quickly becomes impractical.

After a bit reading and trial and error, here is the syntax for the [MACADDRESS]–Lync.CFG file to

<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<!--UCS Device Configuration file for Lync-->
<LYNC reg.1.auth.useLoginCredentials="1" reg.1.auth.loginCredentialType="extensionAndPIN" reg.1.address="room101@uctestlab.com" device.logincred.extension="1234" device.logincred.extension.set="1" device.logincred.pin="5551234" device.logincred.pin.set="1" />

Then you just need to reset the VVX/VoIP card for it just automatically logon.

References

[1] Provisioning Polycom SIP Phones
http://blog.schertz.name/2013/05/provisioning-polycom-sip-phones/

 

#Lync Question 40: What sounds have changed with the Skype for Business client

Disclaimer: The following blog post is subject to change as it is based on the pre-released version of the Skype for Business client.

A number of the sounds that us and our users have become accustom to over the last few years have changed with the Skype for Business client.

Under the either of the following folders you will find a bunch of .WAV files

  • C:\Program Files (x86)\Microsoft Office\Office15\Media (64-bit Windows)
  • C:\Program Files\Microsoft Office\Office15\Media (32-bit Windows)
  • C:\Program Files\Microsoft Office 15\root\Office15\Media (Click-to-Run)

Most of the major sounds have changed. Such as the ringer, alert and invite sounds.

Here is a list of which files have changed:

LYNC_abbrdialtone.wav
LYNC_ActivePresenterChange.wav

CHANGED

LYNC_appinvite.wav

CHANGED

LYNC_busy.wav
LYNC_callended.wav

CHANGED

LYNC_ChangeModality.wav

CHANGED

LYNC_connecting.wav

CHANGED

LYNC_dialtone.wav
LYNC_dtmf0.wav
LYNC_dtmf1.wav
LYNC_dtmf2.wav
LYNC_dtmf3.wav
LYNC_dtmf4.wav
LYNC_dtmf5.wav
LYNC_dtmf6.wav
LYNC_dtmf7.wav
LYNC_dtmf8.wav
LYNC_dtmf9.wav
LYNC_dtmfpound.wav
LYNC_dtmfstar.wav
LYNC_fastbusy.wav
LYNC_fsringing.wav

CHANGED

LYNC_howler.wav
LYNC_iminvite.wav

CHANGED

LYNC_joinedconference.wav

CHANGED

LYNC_muting.wav

CHANGED

LYNC_newim.wav CHANGED
LYNC_onhold.wav

CHANGED

LYNC_presence.wav

CHANGED

LYNC_redirect.wav

CHANGED

LYNC_ringback.wav

CHANGED

LYNC_ringing.wav

CHANGED

LYNC_ringtone2.wav
LYNC_ringtone3.wav
LYNC_ringtone4.wav
LYNC_ringtone5.wav
LYNC_ringtone6.wav
LYNC_ringtone7.wav
LYNC_secondcall.wav

CHANGED

LYNC_untag.wav

CHANGED

LYNC_videoadded.wav

CHANGED

LYNC_videocall.wav

CHANGED

NOTE: LYNC_connecting.wav currently doesn’t have any sound in the Skype for Business client

In case you need to sound file again here they are (rename them to .zip)

LYNC2013-SOUNDS

SfB-PREVIEW-SOUNDS

I guess I could try and write a script/procedure to restore the old sounds.

#Lync Question 39: Creating a Remote PowerShell session to Lync On-Premise

This is a something that comes from customer on most deployments now as the helpdesk, ,voice and network engineers cannot sadly do everything from the control panel. It is usually due to the need to create Common Area Phones or add Location Information Services Subnets or more increasingly the need to enable users for Hosted Voicemail due to using Exchange Online Unified Messaging.

There are two ways I usually recommended to create a remote PowerShell session to Lync Server On-Premise

1. Manually (via specifying the credential manually)
2. Automatically (via reading the secure password from a file)

Manual

Below is the PowerShell to create a Remote PowerShell against a production Lync environment which can be done from any workstation

$credential = Get-Credential "DomainID\AdminID"
$session = New-PSSession -ConnectionUri "https://admin.uctestlab.com/OcsPowershell" -Credential $credential
Import-PSSession $session

When manually create a Remote PowerShell session Lync, the credentials are required to be enter via the following dialogue box. This is following line #1

PSLogon

This might not be ideal in term of automation.

Automatic

If you need automatically create a Remote PowerShell session within a script then first you need to store the password in a secure string in a file via the following:

Read-host -AsSecureString | ConvertFrom-SecureString | Out-File C:\cred.txt

This is entered straight into the PowerShell window as shown below

PSSecurePassword

In case you wondered the file looks like this:

SecurePassword

Now we have this we can create the Remote Powershell session to Lync using the password in the file via the following:

$password = Get-Content C:\cred.txt | ConvertTo-SecureString
$credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "DomainID\AdminID",$password
$session = New-PSSession -ConnectionUri "https://admin.uctestlab.com/OcsPowershell" -Credential $credential
Import-PSSession $session

I’m sure there are other ways too, but these two methods meet the majority of requirements with customers.