About Me

My photo
TsooRad is a blog for John Weber. John is a Skype for Business MVP (2015-2018) - before that, a Lync Server MVP (2010-2014). My day job is titled "Technical Lead, MS UC" - I work with an awesome group of people at CDW, LLC. I’ve been at this gig in one fashion or another since 1988 - starting with desktops (remember Z-248’s?) and now I am in Portland, Oregon. I focus on collaboration and infrastructure. This means Exchange of all flavors, Skype, LCS/OCS/Lync, Windows, business process, and learning new stuff. I have a variety of interests - some of which may rear their ugly head in this forum. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. One of these days, I intend to start teaching. The opinions expressed on this blog are mine and mine alone.

2017/12/04

O365 Exchange Voice Mail–Oracle

I have been informed, by a source that I deem to be about 75-80% reliable, that Oracle will not be participating in gymkhana that is the 3rd party PBX using Exchange O365 as a voice-mail target.

A while back, Microsoft announced that Office 365 as a valid voice mail target for 3rd party PBX systems would no longer be an option.  In fact, at the designated date, it’s not like the solution set becomes “non-supported” it will simply not be possible.  These solutions had an SBC (session border controller) sitting between the PBX and O365.   But no longer.

AudioCodes has a solution setanyNode has a solution set with which  one of my co-workers has worked.  Actual words will not be published in respect to my gentle readers.

So here is the announcement, and if you use Acme Packet SBC to connect your PBX to EOL Voice mail, then this might impact you.

“Oracle is not pursuing a product for this, mostly due to the proprietary nature of the implementation.  The interface into Exchange uses the Microsoft UCMA API/protocol which isn’t something we support.”

YMMV

2017/11/01

AudioCodes 400HD firmware v3.04

Those fine folks (and apparently busy beavers) at AudioCodes have popped a new IP Phone firmware release out into the wild. Brings a nice new set of features/abilities to the 450HD in particular.

Please note that the official GA is still 3.0.1. Version 3.0.4 will be used as a candidate GA in the next several weeks. Admin and User’s manual will be ready in several weeks. Version 3.0.4 for all other 400HD models will be available within several weeks.

Here is a partial list of version 3.0 new features. For the full list of features, please refer to the Release Notes document:

· Boss-Admin (Delegated Line).

o Allows a relationship to be established between a boss' phone and an administrative secretary's phone, to streamline office workflow and enhance efficiency.

o Each phone can support up to five Bosses or Admins. One Boss can have up to five Admins. One Admin can have up to five Bosses. A many-to-many configuration is also supported.

clip_image001

o Call Pick-up

o Admin can forward to Boss' voicemail without picking up Boss' line

· HotDesk feature for enterprises that operate according to the 'touch-down desk' concept. Employees in these enterprises typically travel frequently to remote branches, or work in shifts. They can now sign in to a phone that is already signed in by another (CAP or regular) user without signing out the original user to whom the phone was assigned for primary use.

clip_image002

· AudioCodes' IP phones support Lync AutoDiscover Web Service Protocol [MS-OCDISCWS]. This feature improves discovery of the phone's SIP home server after signing in. Using the AutoDiscover procedure the phone is capable of finding its home server URL for a specific Skype for Business account, based on user credentials. It is specially efficient for Skype for Business online and hybrid environments, when phones must sign in to a different Skype for Business server according to the user’s account. Previously, the home server was found using DNS SRV records based only on a SIP account domain [MS-CONMGMT]. If AutoDiscover is unsuccessful, the phone falls back to SRV DNS.

· The phone's Call Log is synchronized with Microsoft's Exchange server. All devices that a user signs into are fully synchronized with the server. Each device reports every call from | to that user to the server. Each device then pulls the last 20 reported calls and performs synchronization. All lists in each device's Call Log except the Missed Calls list are synchronized.

· New screen theme reflects Skype for Business 2016 client look & feel | New softkeys match the de facto Skype for Business standard. This new feature ensures uniformity across all devices used by the same user, for Unified Communications. The following figure shows the new-theme idle screen:

clip_image003

· Dial Plan Normalization. Network administrators can enable and configure dial plans on the Microsoft Skype for Business server. Normalization rules can be downloaded from the server via in-band provisioning. The feature was fully certified and tested with Microsoft in this version. It was supported in previous versions, but without Microsoft certification.

· Multiple Emergency Numbers. A caller can select an emergency number from a list of emergency destinations. A dedicated number for the police, ambulance service, fire fighting service, etc., can be selected from a list of options. If the phone locks, emergency numbers will still be available and dialable via a new Emergency softkey that is displayed after the lock takes effect.

· Power Saving mode. When a phone enters Power Saving mode, the screen's brightness is reduced, lowering power consumption. The phone enters the mode after being inactive for a configured period (timeout). Any user activity returns the phone to regular Active mode.

clip_image004

clip_image005

· Malicious call tracing. Users can report a malicious call. If a user gets a call and wants to report it as malicious, the phone allows them to send a report to the Skype for Business server. To allow malicious call reporting by the phone, the feature must be enabled by the network administrator on the Skype for Business server (the option 'Enable malicious call tracing' must be selected).

· Sign-in can be cancelled during the signing in procedure. Users can cancel signing in after starting the sign-in process.

· Voice Quality Check. A new option to check IP phone voice quality has been added to the phone's Device Status menu.

clip_image006

clip_image007

Things seem to be moving forward very nicely at AudioCodes.

YMMV

2017/10/31

Force Multiplication

Our little vignette opens in July 1976, segues neatly to November 1977, and fades to black at the bottom of this article.  I had just been assigned to be the fourth person in a team, and I was junior by a long shot.  My job was to do whatever I was told.  Literally.  It was about a 1/2 mile to the flight line, and generally us maintenance types tried to lump many trouble tickets into one trip.  But that still meant a bunch of running back and forth.  You can imagine who does the running.

Team members came and went, but apparently my willingness to do whatever lead to Tom Larson (the big bad sergeant) teaching me way more than I ever realized.  In some cases, it would be years – and in this case decades – before the lesson jumped up and smote me about the brain housing group.  There are time I can be incredibly dense.  And further analysis would indicate that the denseness is… well… dense.

Today’s BFO:  people are tools.  Wow.  Really? But not in the negative semantic sense.  More in that they are an asset that needs nurturing and developing.  But what am I tool of?  Whose tool am I?  I submit that those questions are self-defeating.

Instead, make your question be about “Force Multipliers” – I was a force multiplier to Sergeant Larson.  And in time, others were to me also. 

Let’s define a few terms before we go too much further:  Here is a nice business-related definition.  This example here is a purer definition.  For those who really want to know where the terminology as used today comes from, you can read up on this here.   Forbes.com has a nice little outline complete with examples.  If you find yourself seriously interested, take a look here.

But those are the bright folks talking – full of big words, university and big business language, esoteric theory, and sometimes a more than pedantic viewpoint.  What is some proletariat type such as myself to do with this definition?  And, pray tell, how can this possibly affect me on a day to day basis?  Clearly we are not electricity, the steam engine, artillery or some other military “force multiplier.”

Let’s see if I can successfully tie both sides into one pretty bow.  Unless you have been living in the same cave as me, you should be somewhat familiar with the message found here.

Teams Work

We work as part of a team.  Not one of us is standalone.  You might think that your manager is on his/her own.  But that is not the case.  The newest engineer on my team might see me as being a standalone resource; but that would be mostly wrong as well.  We all have a place in the larger team.  We all need support at some point about something:  admin, technical, sales, PTO, whatever.  Notice that the technical part is only ONE piece.  For someone else on the team, maybe the admin is more important, and the technical gets sent to the background.  What I do know is that I don’t know everything.

About 5-7 times a week, it is impressed on me that the junior engineers on my team know more than I do about something.  And I hope that never quits.  It drives me a little further down the road, and hopefully I am pushing them ahead of me.  I need my manager, my PM’s, the sales dude/dudette, and all the myriad supporting cast members to accomplish my job.  They are the human tools that delivery uses.  They are my force multipliers.  Think about that.  I think you will agree that without them, delivery is sunk to doing one thing at a time instead of being able to keep (at last count) 6 projects going at once.

So here is the introspection question:  Am I doing everything possible to assist all those other team members?  Am I a force multiplier for them?  What can I be doing to make their job, and mine, easier or more effective.  Are there actions I can take that will positively affect my immediate team members? 

whaaaaaat?!

OK, so we all work in a team of some sort, and I assert that we are all co-dependent and that furthermore, a high-performance team will exhibit diversity in all aspects.  Each team member is not only dependent, but also creates dependencies and support trees that enable a synergistic environment that outperforms traditional solo-efforts.

But you have to want it and work for it.

How does November 1977 work into this?  November 9th, 1977 is the day I was given my first team, and I remember all the angst that went with that team.  However, enter Sergeant Tom Larson – he taught me that (a) you are only as good as your team, that (b) the two person team can accomplish much more than an individual, that (c) the four person team can do more than the two person team but it needs coordination, and (d) that the leader teaches, supports, drags members along if need be, carries you if that is what is needed , and that the follower learns and supports and does all things pertaining to being a leader in training. Jobs and tasks all are taught one layer above and one layer below – more if there is time. And finally, together the team succeeds, but apart they fail.

Are you in this with your team?  Really supporting or leading?  Are you a tool for others to use?  Are they a tool for you?  No other way works.

YMMV

2017/10/12

Coaching


Have you ever considered getting some help with professional development? Have you ever had someone, a co-worker perhaps, or a friend or family member ask for help with life? You got kids?

Each of these is a coaching relationship. I gave this subject some thought over the last few weeks. Both of my brain cells hurt. My spare brain cell was in sympathy pain. But in the end, I managed to separate mentor from coach.

A mentor gives general advice/guidance; a coach is focused on one or two specific items that need a change/improvement. For a more concise explanation, see this and this; followed by this and this.

If you walk away from that light reading with a puzzled look on your face, join the crowd. When I started down this path, I thought I had a good handle on the difference, the similarity, and the relative importance of each.

Now I see the need for constant re-construction of my viewpoints on each, and how mentoring is sort of the roof over many different coaching points. One of the critical pieces I consumed was a little video by Robert S. Kaplan. 

Robert S. Kaplan is somewhat successful, and even if you don’t agree with his success, his words about coaching really hit home for me. Specifically, he states that that it is 100% the responsibility of the junior to get coaching. He then follows that up with the statement that it is 100% the responsibility of the senior to provide or perform the coaching that the juniors need. The individual is completely accountable for knowing their own strengths and weaknesses, and then to go get the coaching needed. The senior person is 100% accountable for knowing the juniors’ strengths and weaknesses and providing the coaching.

This 100% thing creates a coaching environment. Your job is not to sit and wait for it, it is your job to go out and get it.

I see how that applies from the Cxx level down to the ACE level. And when you look at it from that perspective, it makes the entire process very palatable. I know that I can surely use some coaching in an area or two. I try to help my team as I note issues. I sure hope they look to me or someone else for coaching.

Kaplan continues on by saying that coaching should be focused on one or two things the coachee can improve on over a set period of time. Coaching requires the coach to KNOW the coachee, or go discover the coachee by interviewing all the other co-workers. But either way, the coaching needs to be about specific skills or attributes that can be improved or accomplished over a set amount of time. Sounds just like a S.M.A.R.T goal, yes?

So, to sum this all up… Are you getting the coaching you deserve? Are you providing the coaching others deserve? Do you ask for help? Do others ask you to help? We are all in this together, and we can either fail together, or we can succeed together. I like the succeed option.

2017/10/06

15 Questions for Leaders to Ask


I got this from here:

https://www.forbes.com/sites/forbescoachescouncil/2017/10/03/15-questions-to-ask-as-part-of-your-own-leadership-audit/#4903bbdc6255

I think this is some good stuff.

1. When Did I Last Look In The Mirror?

As leaders, let's encourage a culture of accountability, creativity and innovation by continually looking in the mirror to develop solutions for moving forward, particularly if something didn't go as planned. Rather than blaming or pointing fingers, we should reflect on how we'd like to be treated, roll up our sleeves, anticipate risks and leap forward to help. - Joanne Markow, GreenMason

2. Where Are My Blind Spots?

It's no surprise that leaders are extraordinarily talented and experienced professionals in their respective fields. Even still, no leader can attest to knowing everything. Everyone has blind spots and knowledge gaps, and when discovered, they must be addressed. No matter their achievements or the laundry list of recent wins, leaders should be eager to uncover their weak areas and improve them. - Karima Mariama-Arthur, Esq., WordSmithRapport

3. Am I Being The Change I Want To See?

The famous quote by Gandhi, "Be the change that you wish to see in the world," is very applicable for leaders. This first requires clarity on the impact you want to have as a leader, then ensures your actions and words role model that impact. If you are not successfully doing what you ask of others, you can't expect them to follow with enthusiasm. - Bonnie Davis, Destination Up

4. What Are My Reactive Triggers?

We all have reactive triggers. Knowing your reactive tendencies will allow you to shift to using these strengths in a creative and strategic way. Not asking this question keeps you reacting to day-to-day fires and situations and will dig a bigger and bigger hole. To step into strategic leadership, you must continually raise your personal awareness of how you react. Do you protect, comply or control? - Jenn Lofgren, Incito Executive & Leadership Development

5. Who Do I Need To Get Feedback From?

The question leaders need to ask is not to themselves, but to every single person who works for them. The best leaders are those who have developed relationships where the answers they get are genuine and honest. "What am I doing well, and what's in the way of my being the best possible leader I can be?" Getting feedback from others is far more important than any question you ask yourself. - David Butlein, Ph.D., BLUECASE Strategic Partners

6. What Don't I Know That I Need To Know?

And who from my team can fill in the gap? This is a great way to grow people around you, as you're paying attention to the fact that everyone knows something you don't. It shows respect for their knowledge, gives you a sense of how they think and can support you, and how you can help them grow, as well. - Donna Karlin, No Ceiling, Just Sky™ Institute

7. How Well Do I Listen And Connect With Others?

As a leader, do you really listen to others? How do you know and how do you demonstrate that you really heard the other person? When we actively listen to another person, trust develops, the other person feels valued and important, and miscommunication, misunderstandings, and misinterpretations decrease. Listening slows down the conversation where each individual feels more connected. - Melinda Fouts, Ph.D., Success Starts With You

8. Have I Made An Impact?

As part of a leadership audit, one must ask oneself if they are making an impact in the people they are leading. Yes, you may start out with a goal or mission, but ultimately a check-in is required to see if your approach needs to be adjusted based on your impact, to support your initiatives or lack thereof. - Niya Allen-Vatel, Resume Newbie

9. Am I Focused On My No. 1 Goal?

The key to leadership is to motivate others and oneself to doggedly pursue a specific goal. Often, in the heat of putting out fires and working on the business, instead of in the business, the pursuit of the primary goal (whether revenue, getting top talent, building a great product, etc.) gets pushed to the side. A "leadership audit" should recalibrate whether the pursuit is on track. - Yuri Kruman, Master The Talk Consulting

10. Am I Growing As A Leader?

We often reach a point in our leadership journey where we feel that we have found a groove and don't step outside our comfort zone. Instead, audit your leadership knowledge, management skills, strategy and innovation. Ask for on-the-spot feedback and conduct a 360-degree assessment with your team. By continuously expanding, you drive your own performance and engagement, and that of your team's. - Loren Margolis, Training & Leadership Success LLC

11. Is My Ax Sharpened?

The saying "sharpen your ax" comes from the parable of a woodcutter who chopped less wood because his ax was dull. Leaders get dull too. Without continuous learning and professional development, leaders can become less effective. So, while cultivating others, don't forget to sharpen your own ax. You'll then work smarter and not harder. Great leaders take the time to invest in themselves. - Tamiko Cuellar, Pursue Your Purpose LLC

12. How Do Unconscious Biases Impact My Decisions?

Unconscious bias affects decisions. We’ve developed many kinds of biases to help us navigate the world with a minimum effort, but they can also hinder someone from considering different options when making decisions. Leaders should learn to accept that we are all biased before we can begin to take positive action to identify them and to mitigate bias with specific strategies. - Maria Pastore, Maria Pastore Coaching

13. What Do I Get Paid To Do?

That's the question I find many leaders are stumped by, or the answer they provide is a template response. What are you paid to do? Generate revenue, build products, engineer solutions? Nope. You get paid to be a leader. What that genuinely means varies notably based on the leader and organization. True clarity on what being a leader is remains one puzzle piece I find many people struggle to find. - Leila Bulling Towne, The Bulling Towne Group, LLC

14. What Fears Am I Not Facing?

Each leader has their own set of fears. Each context brings new permutations for activating those fears. Seasoning can often mean developing skills to work around fears rather than facing them directly. A leadership audit that includes surfacing fears, along with how and when they manifest, is the first step to diminishing their hold. The second is holding yourself accountable to new behaviors. - Maureen Cunningham, Up Until Now Inc.

15. Am I Pushing Or Pulling?

Leaders often share their vision and then tell their reports how to execute. These leaders are "pushing information" out and expecting folks to "snap to it." Evolved leaders work to pull information from their teams. When individuals are asked what their greatest aspirations are, not only does the goal become more compelling, but the team is all in, as they helped to create the vision. - Deborah Goldstein, DRIVEN Professionals


YMMV

AC firmware v3.0.1.x BToE button greyed out

Scenario

BToE is pretty nice.  But let’s face it.  Not always easy to work with.  Especially when a service provider insists that a buried setting be configured so as to disable the manual concepts and default to automatic.

So, let’s figure out how to get an AudioCodes 450HD with the latest firmware (3.0.1.9.367) to play BToE with us like WE want, not how somebody else wants. 

OOBE for a phone that is going to be qualified for SfBO is with the BToE pairing forced to “automatic.”  This results in the button being greyed out when you go to MENU on the phone.  In this mode, BToE pass-though mode works just fine.  Web login to SfBO works as expected.

But what if you want to do something like, pair a wireless laptop with the handset device always CAT5 so you can just grab the laptop and go?  Like a laptop is designed to work? 

The Fix

What we need to do is light up the BToE button so we can get a pairing code (essentially a representation of the device IP).  Not exactly easy to find for those who don’t typically read 200+ pages of setup. Like me.

Hmmm… (page 113 of LTRT-14820 450HD IP Phone for Microsoft Skype for Business User’s manual ver.3.0.1.pdf) says

clip_image002

Going to the admin manual…. ( page 157 of LTRT-09943 400HD Series IP Phone for Microsoft Skype for Business Administrator's Manual Ver. 3.0.1)

clip_image004

And that does work to enable the BToE button.

The cfg file is available here – there is the semi-standard “download the file, modify the file with text editor, upload the file to phone routine.”

image

Here is how the phone cfg file looks by default…

image

And here is how it needs to look.  After uploading the cfg file, the phone will restart and you can then manually pair.  Remember that the manual pair code is case sensitive.

image

SfBO policy

Make sure that your Office 365 admins, if that role is not you, changes your online policy for ip phones to enable BToE, and further more to not change the pairing setting.  For more information see this.

https://webcache.googleusercontent.com/search?q=cache:hYptjYU9T9AJ:https://technet.microsoft.com/en-us/library/mt629497.aspx+&cd=1&hl=en&ct=clnk&gl=us

clip_image002[7]

Summary

BToE button greyed out, but automatic pass-through BToE works.  You want control of that button so manual pairing is possible for wireless connections.  Modification of the cfg file is required.

As always,


YMMV

2017/10/05

Restricted Office 365 OWA–Skype on-premises Integration

Scenario

Office 365 tenant established.  Exchange Online (EOL) for the user mailbox.  Skype for Business on-premises for IM/P.  Users are mixed – some have full Office suite, others are just a browser.  Security is tight.  No federation is desired or allowed with partners, vendors, spammers, or public (consumer) Skype. In addition, the requirement also stipulates that no authorized user can use the system remotely without going through a VPN. 

This last requirement means that remote users via the Edge server must be disallowed – but….won’t the Office 365 users be remote?  Great question.  We will cover that down below.

Because of the user software mix, we need the pure browser user to have OWA (EOL) integrate with the SfB on-premises.  Not the most attractive (visually and functionally) solution from the user perspective, but it does work.  Specifically, the function requirement was for OWA users to have presence information and be able to IM.

This article will not attempt to show the end user how to muddle through using SfB with EOL OWA.  The focus is just providing the service.

So, here is a visual of what we want… presence going both directions between the on-premises SfB users, and at least one of the users is using EOL OWA.

OWA User

clip_image002

On-premises user

image

How to

Obviously, we need an on-premise pool of some sort, and an edge server.  And then get your hybrid working.  In this case, the tenant (and the EOL work) was up and running before the SfB project started, so all we had to do was make sure that the Azure AD Connect was done right. 

  Danger Will Robinson!  

Because the AAD Connect was done prior to to SfB schema extension, the AAD connect will need to be FORCED to reread schema and synchronize.  You can read about this in a somewhat related post here. 

Moving on…

Having taken care of the obvious install and configuration items, the next thing is to establish hybrid posture.  If you have not already done so, you can read up on it here, here, and here.  Pay particular attention to this last reference.  Failure to do this will result in a no-go..  If you want all the fancy-schmancy integration, then you will need to do this here also. 

Now that you have all that done, we are done.  Right?

Well, no.  Remember that we needed to have no federation with anyone other than an Office 365 user, and no remote user access?  That seems to be a bit conflicting, yes?  But no.  A remote user is someone using a full client.  A bit of testing showed that Office 365 connecting to the on-premises SfB was a federation user not a remote user.

As a final bit of constraint, we did not want to be changing the external firewall.  So what to do?  Maybe we need to do a little something with Edge configuration and policy, eh?

Here is our Access Edge Configuration:

image

From the top down, we need to federate – Office 365 is a federation.  Per security requirement, no partner domain discovery, which closes out contacting anyone other than our own domain.  No need to send an archiving disclaimer to people we cannot talk to.  Per security, no remote user access.  Lastly, no outside access to web conferencing, so no need for those pesky anonymous attendees.  Just to confirm your deepest doubts, here is the SIP Federated Domains list:

image

Here is the External Access Policy:

image

Again, from the top, and note that we only have one thing checked…federated users is the requirement.  Nothing else needed… XMPP is pretty much dead nowadays anyhow; no remote users, ergo, no need for that, and without public user federation, no need for that either.

Conclusion

We had a set of requirements:  OWA integration between EOL and on-premises SfB.  Security concerns were that no other domains be contacted, and none of our domain users can be remote.  EOL users were not using Outlook, just OWA and we needed presence and IM.  We did not do the full OAuth as those features were not part of the specification.

YMMV

2017/10/04

AudioCodes Updated 4xx firmware

Audiocodes has released an updated 3.0.1 version for all 400HD models. Comparing to the 3.0.1 GA, this version includes mainly bug fixes. Please refer to the new release notes document to see the list of fixes. For customers that still did not move to 3.0.1 GA and plan to move to 3.0.1, it is recommended to use this version (instead the 3.0.1 GA).

Version name:

  • UC405HD_3.0.1.276.img
  • UC420HD_3.0.1.276.img
  • UC430HD_3.0.1.276.img
  • UC440HD_3.0.1.276.img
  • UC450HD_3.0.1.89.367.img

According to my source, these new firmwares are anticipated to be posted to the AudioCodes website (www.audiocodes.com) sometime early next week.  In the meantime, my phones (420, 440, 450) seem to get along right well with the new code.

As an interesting side note…my web login/BToE combination now works as expected.  Previously this was not working, and I know our corporate IT recently changed the Office 365 BToE status, and it could have been the firmware.  If you are having issues, maybe this firmware will help you.

I have a zip file with updated documentation and firmware files here.

YMMV

2017/09/12

What Vacation Taught me


I took vacation this year; a formal thing with travel, schedule coordination, planned activities, and days full of interacting with others. Sounds pretty much like work, with the minor exception that this was all family-focused, with my SO being the only arbiter of success. The other differences were the realization that HughesNet has some serious speed constraints, and that I had to stand in just the right spot in the driveway or there was no cell service.

I thought that Virginia on the main corridor between the state capital and the population center on the coast would have had at least nominal cell coverage. But no. Minimal access to internet and cell service. Both restrictions were perfect for me as the whole point to a vacation is to change pace, viewpoint, and take the load off, right?

Too bad for me that my ki does not work that way.

What happened is that my spare brain cell kicked in and started doing the random thought comparison thing. If this has not happened to you before, it is very annoying. In this case, I was watching some sci-fi show about time and travel, another show about fighting the bad guys before they got bad and not getting the task done as promised (hence the protagonist being railed on by his boss). Yes, I was flipping channels.

The random thought comparison thing comes in when all that gets contrasted with my real life. Note that I did not ask for this to occur, it just does. My SO is used to me going blank and starting to drool; coworkers know to stay away. My children just run.

So here are the world-shaking insights that banged into me in those exacerbating moments. Time, fight the fight that needs fighting, under promise and over deliver, “what is the other guys’ perspective”, and my personal need to re-focus.

Time: it is the one thing the we all possess, and once spent, we cannot get back. How are you spending your allotment?

Not every fight needs fighting. Determine which is which. Live with one, pursue the other. I will let you decide which path to take with which fight. Picking which fight to fight is sometimes more about which weapon to choose.

I find an approach to the recalcitrant project counterpart is to leverage some of my limited consulting skills and make my counterpart think that all of what I want is because he/she thought of it. Mostly you can do that with the “help me understand…” sentence preface where you get them talking. A few suggestions along the way and their explanation of their perspective will start aligning with the answer you need them to give. It works, it really does.

How many times have you had someone say “just a sec”? That is an extreme case of over promising, because we all know that waiter is not getting back to our table in “just a sec.” Expectation setting is crucial to positive outcomes. If you layout what you will be able to do, and then exceed that, everyone is happy. If you do the layout and cannot deliver the minimums, everyone is not happy. Very simple. So simple it appears to be in the same vein as “common sense.”

Finally, the re-focus thing cropped up again. How I spend my time, what goals are important enough to survive the latest round of life objective updates, and what am I doing about those goals and objectives needed some introspection.

Goals and objectives simply need to be refreshed on a regular basis. We have our personal goals, our professional goals, and the goals our manager says we have. Review, re-prioritize, shuffle, juggle, change, delete, and add objectives to achieve your goal. If you don’t pay attention to this process, the process will do it for you, and probably not in the way you want. You must do it. Or it will do you.

Just so you know, Stargate (the movie) is a lot deeper than the genre might suggest, and NCIS: Los Angeles has a few spare angles as well.

2017/09/06

AudioCodes X-UM

By now, I hope you already know that as of July 2018, Office 365 will no longer work with SBC connections linking your off-brand PBX to Exchange Online UM services (read voice mail).  For an actual read of the announcement, see this.

Here are the solutions offered by Microsoft:

  • Option 1: Complete migration from 3rd party on-premises PBX to Office 365 Cloud PBX.
  • Option 2: Complete migration from 3rd party on-premises PBX to Skype for Business Server Enterprise Voice on-premises.
  • Option 3: For customers with a mixed deployment of 3rd party PBX and Skype for Business, connect the PBX to Skype for Business Server using a connector from a Microsoft partner, and continue using Exchange Online UM through that connector. For example, TE-SYSTEMS’ anynode UM connector can be used for that purpose. (sic)
  • Option 4: For customers with no Skype for Business Server deployment or for whom the solutions above are not appropriate, implement a 3rd party voicemail system.

Personally, I would change Option 1 and Option 2.  Especially if you have any combination of complexity, multiple locations, and user count.  Couple that risk scale item with sheer lack of calendar, and I think it would be easier to get on-premises fired up and connected.  And, IMHO, doing 2 would make getting to 1 easier with a better user experience.

Option 4 is not really an option is it?  Everyone should want, need, and implement SfB.  Life is better with SfB.  Trust me.

About this time, the alert reader will notice that I skipped Option 3.  That’s because those nice folks at AudioCodes have somewhat solidified their plans for stepping into the breach.  How nice of them! 

AudioCodes has put together a very nice, comprehensive, suite of solutions based on their outstanding hardware and CCE experience. 

image

As the X-UM solution set, there are three of them:

image

Here is a bit different look at it…being a visual kinda guy, this is the view that helped me the most:

image

And then we have these further details for each scenario:

image

image

Microsoft licensing for the X-UM solution you choose is not covered, which makes sense, there are too many variations.  Here is the official blurb:

 image

How about some architecture oulines?  I like pictures that show me things.  Here is the X-UM Standard and Lite.  Note that the “Lite” version relies on existing on-premises SfB resources.

image

image

Now, based on my current project, I know that there is going to be someone out there in reader-land who needs a visual of the call flows.  I know I do.

image

image

Summary

About now you are most likely wondering which of these will work for you. AudioCodes X-UM is based on proven hardware and proven solution approaches (CloudBond, CCE). If your environment is more complex, needs that existing PBX to coexist with Office 365 for your VoiceMail needs, then choose the flavor that answers your needs.  AudioCodes has you covered for any of the option 3 scenarios and could possibly help you (in the Lite version) with Option 1 and 2 also.

I know that somewhere above 75% of my customers all have some sort of “mixed deployment” usually due to call centers, business process, and culture.  Notice that none of those are easily changed before July 2018.  Ergo, we need to do something else in the short time we have available.  I submit that AudioCodes X-UM might well be that something.


As always, YMMV


2017/07/28

SfB Default AD Containers

Scenario

You know how those tin-foil-hat types are…

image

If it can be changed to “enhance” security, then by golly!  Let’s do it!  The problem, of course, is the rule of unintended consequences.  You know, what happens to something else because of action A, that is totally unplanned, and no one knows about it.

And, while I am mentioning it… have you ever noticed that the same team YOU have to run everything through for approval never asks your team if it is OK if they make a change?  They just do it?  Odd how that works out, eh?

Adelante.

The Oops!

It turns out that about 6 weeks ago, the aforementioned team instituted a change to the default AD containers.  To whit, they changed the default computer container to be something other than the OOBE.

Turns out that breaks SfB big time.  As in no more publishing the topology.  A Get-CsAdDomain fails.  But that is the clue to the fix.

The Fix

Simply run the SfB Domain prep again.


YMMV

2017/07/19

Technical Consulting

Something went through both of my brain cells today. And to keep a long story short, it centers on your approach to the question – whatever the question might be at the moment. But, let’s confine the definition to work, where we spend a goodly portion of our life, and how we would like that portion of life to be as good as possible.

I was listening to a hotshot answer what I narcissistically thought was a great question when the light bulb lit. His answer was not only covering the technical aspects that I needed to hear that he knew, but he was (quite cleverly) also feeding in the business angle aspects to the answer formula. In essence, he was answering my follow-on questions of “what is the business reason for taking this action and does this action resolve the situation with the minimum staff adjustments in terms of time and skill set and did you cover the hidden costs as well as storage, cpu, ram, racks, et cetera.”

In short, he was doing really well answering my question. And I know he was the same in front of the customer. Everyone needs to have this guy on the team.

At any rate, the light bulb lit up on the concept of technical v consulting answers. Mr. Hotshot could have stuck with the pure techno-babble, with lots of numbers, specifications, descriptions of how to do it, and all of that fun stuff. Surely, there is great value in having someone know exactly how to do whatever it might be right off the top of his or her head. I wish I could do that sometimes. I usually revert to being able to point them right at some reference work. Works for me. And reserves my spare brain cell for other things.

Details are critical to our success. Mr. Hotshot was clearly in the right spot – he can bang out the details like no-one’s business. And he knows what he does not know. And he knows how to defer the question to an issue parking lot for follow-up. Perfect.

Mr. Hotshot could also have just gone the technical route and ignored the consulting aspects until asked. All the logistics questions and staff and culture type stuff could have waited. There is some tremendous value in knowing all of that stuff even if at first glance it does appear to out of scope for our project. After all, “how is lunch served around here?” is an important project scheduling point.

But more to the point, what about using those consulting skills to identify architectural detail about the environment, impact to the project (and affecting the defining business goals/requirements) and perhaps dredge up more business? Gees. That sounds awful salesy huh? How about the idea that the design might need to change in mid-project? There is a benefit to having your very own in-house consultant, eh?

We have two approaches to doing what we do. You can be deep technical. You can dive in deep. I know a guy that you can call at almost any hour and pose some bizarre Active Directory or Registry question. Just be prepared to scribble fast because there is no way you will remember the details the forthcoming answer will encompass – but it is going to answer your issue. He knows some serious technical depth stuff.

But you can go too deep and lose your audience. What we do must be tailored to the audience. If a business decision maker is in the room, then you better be including that person in your audience profile. The technical team can wait a bit while you fill in their boss with the business details stuff and make his staff look like they were all over it from the beginning.

In our work, I see a real-life need for a consultant who can get into the technical errata, be able to walk and talk at the same time, and discuss business to the extent of your understanding; all of that without getting into even minor prevarication or truth stretching.

And here is our intrepid Mr. Hotshot fieldling my question tree with answers that meld the technical with the consulting. “Choices made for these reasons which tie to this technical answer and so on to this business requirement.” Or “we discussed the need for expanded storage” and “I expressed my concern that the network might not support the technical solution.” I know he gave those same answers to the customer and guess who was in the room? The customer’s CIO. And Mr. Hotshot is giving me answers like that. The conclusion should be obvious.

We have more work coming from that customer. That makes your work life better.

YMMV

2017/07/06

Elevator Pitches


There I was eating dinner. A popular activity in my house. This evening was more involved as my wife had a friend in from out of town; this results in the whole event being more structured than the normal goat rope that passes for a meal. Ribs. Check. Mac n Cheese (homemade you clowns, not that box stuff). Check. Corn on the cob. Check.

Sit down, make some small talk while dishing stuff up. Our guest had a strap-hanger so I am trying to be nice (Yes, me, being nice. And no Matilda, hell did not freeze over). Eventually you get past weather, drive times, fashion, weather (again), and food; the conversation needs to address larger items in life like “…and what do you do?”

When that question comes up, and it ALWAYS does, are you prepared? Actually, there are several levels to this question. The first is the concept of “initial impressions” which unfortunately for some of us makes and breaks things. Sometimes there is simply no getting over that first impression. My econ prof used to say “corporate America does not hire Beavis and Butthead” – and while I think that needs to be modified for portions of the west coast, that statement is mostly true. I encourage reflection on how you present yourself and how that presentation might be affecting your life. OK, back to dinner.

Remember that we are chowing down on some good eats, generally having a great time. Do you really know who is who in your initial circle, and possibly the next few layers out? Do you understand the concept of six degrees of separation (and here also)? I will wait right here for you to read up on that.

We are at the moment of truth; out comes The Question. Communications Engineer says I. I get the expected response which is “what is that” and I get to give my little spiel about helping companies envision, design, architect, and implement collaboration solutions [Note: not a word about Microsoft or Cisco, or whoever at this point]. This gets me several questions about the difference between design and architecture; how long have you been doing this, et cetera. Around this point in time I start wondering whether or not this person is simply bright, engaging, and well-rounded, or is simply great at small talk.

Or it could be the OTHER ANSWER. In MY house and at MY dinner table. I will wait while you go back and re-read the six degrees thing up there.

Now it is MY turn to ask The Question. Oh my. It was the OTHER ANSWER. Sitting at my table was the executive admin to a notable international private investment firm. Oh man. I sure hope I did not do anything. This person has the private ear of the entire executive staff – you know, those folks who make business decisions. For like 16 years. Clearly this person swings a big bat. What I did and said might well result in either a welcome reception or locked doors for our sales team.

Let’s review the bidding. Initial impressions count more than you think. Maybe not fair, but it is what it is. You need to have an “elevator pitch” prepared (and practiced!). You need to be thinking through follow-on questions. You may need several versions to cover various life situations. I have the social version and the 9-5 version. You can guess as to which one I used at dinner.

Everything we do counts. We are all in sales at one point in time or another. Everyone we meet and communicate with (any medium) forms an opinion about you, your work, family, and overall value. Bottom line? Be prepared. I learned long ago (1975) that you are always on, and that you can never tell when you might need to turn it up a notch.

YMMV

2017/06/28

Vision and Happiness


There I was, having a nice talk with my previous manager about life in general.  At one point the conversation hit on back when the branch first opened and our culture and how happy I was when I moved into the branch.  I cannot remember why the next comment came out, but here it is: “I already knew your vision.”

What is that?  And why is that tied to Happiness?


Uhm… Vision, as in Mission & Vision Statement 101?  Yes, that’s the one.  As in “describe your future state in five years.  Where will you be doing what you do?” That sort of vision.  You have some personal version of that, everyone does; or at least I hope they do.  How close you come to that vision is pretty much how happy you are.

On top of that, there is also a persona that is presented in your workplace.  In fact, I am pretty sure that there are some people with personas that are tailored to the social or work occasion.  Woot!  Not me, thanks, I am trying to have only one vision.

Moving forward, I think I see where having personal and professional visions that match pretty closely could be an important factor in “how happy am I?” answers. Don’t you like it better when things line up neatly? On a business angle, your general happiness in terms of workplace/profession satisfaction will therefore occur when the company vision and execution of that vision come closest to your personal vision.

How well does your personal vision line up with your work?  How does that equate to happy for you?  It might be that your vision and your execution of that vision serve as a change agent for the good in your culture.   Is your vision causing parts of your life to be unhappy?  Could it be that the mismatch between personal and work is too large?

There is a solid connection between employee satisfaction/happiness and ability to deliver to their customer.  And create happy customers.  Which comment to other people they know.  Which generates the highest ROI of any sales/marketing plan ever.  I will wait right here for you to finish reading.

  

Well, that’s nice, but what about your vision?


So, great question – and here it is – both personal and professional.  I think the professional vision is an outshoot of the personal.

“I want my customer so happy they talk about us on the golf course”

And I will close with this L.P. Jacks quotation that I like:

“A master in the art of living draws no sharp distinction between his work and his play; his labor and his leisure; his mind and his body; his education and his recreation. He hardly knows which is which. He simply pursues his vision of excellence through whatever he is doing, and leaves others to determine whether he is working or playing. To himself, he always appears to be doing both.”

2017/05/31

SQL Change Ports

The Port Change Issue

On a project where the SQL team has a policy of changing the SQL port away from the default of 1433? 

This does not pose a huge problem for your intrepid Skype (or Lync) deployment engineer.  If you are needing to know what to do, and maybe you have, oh, 30 or so front ends to modify, then maybe I can help you out a tad.

The issue is modifying the registry to tell your host server where to go to access the requisite port on the target SQL server.  As it turns out, I had to remember this, as it has been a bit since I had to last do this task. 

The Simple Fix to the Simple Issue

Luckily for you and me, it seems that every copy of a Windows operating system I looked at for this post (Win7, Win8, Win10, Server 2008+) have a utility in \windows\system32 called cliconfg.exe.  You can read up on that utility here.

A wonderful tool.  Here is it in Windows 10 form.  Which looks the same as Win7, so I think they will all pretty much appear to be the same. Actually, the Win7 version has a different set of window frames, so the appearance is more rounded instead of the ugly-ass Win10 metro crap.  But I digress.

image

What we need to do is select the Alias tab…the select Add.

image

For the purposes of this exercise, I need my system to talk to my SQL server (FQDN = sqlalwayson-a.tsoorad.net) on port 49001.  So, you set it up like this and then say OK.

image

image

Follow up that OK with an APPLY and your newly modified operating system will for thereafter talk to SQL server sqlalwayson-A.tsoorad.net on port 49001 vice 1433.  Simple.  Easy.  Works well.  Less filling.  Man, I am thirsty!

But Wait!  What if…

…you have like four user pools, and they all need to talk to the same monitoring server, but different archive targets per pool?  And what if there are like 30 front ends that need this modification, and every time you type this stuff in there is the possibility of spelling errors that mean system failure.  Now, I am sure there is some folks out there in techie land that are starting to chant “PowerShell!  PowerShell” -  but in this case, I am going to ignore them, and simply export a registry key, and then incorporate that into my server build process – which can be PowerShell-ized if you wish.

Here is the registry key to export.  HKLM\software\microsoft\mssqlserver\client\connectto

In my project, we had four SQL AG clusters, each with two nodes, a cluster name, and the AG name; all that needed to resolve by DNS.  So, our registry key looked somewhat like this: 16 entries with AG, cluster, node1, and node2 per supporting SQL cluster.  We then simply imported that into each server at build time.

image


Summary

The SQL mavens might well change ports on you.  If they do, there is an answer in form of cliconfg.exe.  If the scale is a tad larger than manual typing will cover, you can regedit your way to success.

YMMV








Pressure

I originally posted this to a different type of forum; but it got some unexpected responses.  Posting here by request.

I am mindlessly watching ESPN. Some sports center-ish athlete interview with what I thought was a worthless jock. And then, in the middle of talking about stress, Julie Foudy (the supposed worthless jock) comes out with the following:

“Pressure is a privilege”

Wow. That is a deep one. Like, it may not have a bottom. And certainly, no top.

Think it through just a bit in relation to your life. I know that when I look at my life, pressure has been a part of it. In reviewing the pivotal points in my career, I had choices to make that the majority of people in this country don’t get to make. I was in a position to make those choices because of what and where I was. I never thought that was a disadvantage. And then Foudy utters the words that make it all ring true. I had the privilege of pressure.

How many of us can claim something similar in our everyday work? We don’t punch a clock. Other than the processes and procedures we develop for our customers – no real set routine. We pressure ourselves to exceed expectations. We are not flipping burgers, pushing an idiot stick, or grinding through a personal episode of “Dirty Jobs.”

Don’t get me wrong. All those jobs need doing. Somebody does them and I am glad it is not me. But there are whole rafts of job categories that the doer just drones through – the same thing every day, every week, every month, year after year.

And then you and I get to make our own schedule, find and create lasting customer and professional relationships, and have an upside only limited by our own ambition, drive, and motivation. Not everyone can claim even part of that.

Give me the pressure to succeed. We have serious mental exercise. We must be agile, think on our feet, and sometimes work odd hours. 40-hour week? Rarely. But, flip all that around, It’s a privilege.

 

 

YMMV

2017/05/20

Windows 10 Battery Life

The Issue

I use a Lenovo Yoga 14 for my personal stuff.  A few weeks ago I ran updates.  I noticed that battery life dropped from nearly 10 hours to less than 3.  Closing the lid puts the Yoga to sleep, so opening it is a breeze and I have a working desktop in about 20 seconds or less.  After the updates, closing the lid still did the sleep thing, but on opening the lid the Yoga was dead.

The Problem

So, I started poking.  I discovered the latest rounds of updates had installed a Lenovo Screen Updater.  Holy Battery Drain.  The CPU was grinding away at 50%+ constantly.

The Fix

Remove it.  Now I get this here:

image

Seeing as how this was associated with the touch screen concepts, I imagine that this might help Win7, Win8, Win 8.1, et cetera – anything else that runs a touch screen with Lenovo and Windows.

YMMV

2017/05/18

Stupid SfB Tricks

In a fit of angst, today I recreated the infinity mirror exercise from several years ago.

Yes, I was testing with a customer and not just bored.

image

YMMV

2017/04/19

New SfB SE won’t start

Usually I see this problem with EE pools, but in this case I have now seen it with two different SE installs.

The Problem

RTCSRV won’t start.  It just sits there for a bit, like 10 minutes and claims it is “Starting”.  Then the service status goes to “Stopped”.

Nothing in the event log, nothing shows in Powershell.  If you try to start from services.msc, it just sits there.  Nothing.

How did we get here?

A fairly locked down environment.  OK.  A severely locked down environment.  The tin-foil hat types have found a home in this place.  New install – new as in greenfield deployment.  Standard Edition installs, and before starting services for the first time, we ran the February 2017 CU into place.  All of that seemed fairly normal.

But the service wont’ start.

The Fix

Again, I usually see this with EE pools, but here is what fixed it:

Reset-CsPoolRegistrarState –PoolFqdn poolfqdn.domain.com -ResetType FullReset

YMMV

2017/03/16

Skype Test Matrix

As part of a project, Thaddeus Kurowski (CDW) and I put together a Skype test matrix to ensure that the implementation worked as designed/expected.

You may find it useful as well.

https://gallery.technet.microsoft.com/Skype-Implementation-Test-e11edf07

YMMV.

Skype Edge Server and 2:1 NAT

This morning, we resolved an issue that I have never seen before, and hope that I never do.

The Background

I tell customers during design sessions that if there are existing network issues, Skype (or Lync) is going to find them.  If there is something a bit wonky, we are going to discover the wonkiness.  And here we go.

Skype edge with 1:1 Nat.  Public IP is 71.16.x.x.  Edge server is doing the classic 3 IP thing.  Remote logins are fine.  Everything seems to be ducky.  Except we cannot talk outbound. 

Go check all the network again.  Looks good. Check the topology, servers, IP assignments, paths.  All good.  Certificates, the common culprit behind one-way federation and presence look good.  We are now scratching our heads.  We know now we are looking at something wonky, but what?

The Fix

I was under the impression that 1:1 NAT is 1:1.  But it turns out that a Watchguard Firebox is capable to doing 2:1 NAT.  Inbound to the Edge server worked because the firewall had 1:1 NAT from public to DMZ VLAN.  Edge trace logs showed subscriptions and connections timing out on the far side.  The connections were being made, just no return traffic.  No SYN.  Telnet client testing outbound from the edge server on 5061 ad 443 worked.  Clearly inbound connections were working or there would be no remote logins.

As long as the traffic originated from outside the organization, things worked fine and the Edge server, via the 1:1 NAT was responding as expected to the source IP.  But traffic originating from INSIDE the organization was failing.  One way presence, presence unknown, cannot send to user, etc.  Apparently…

…according to www.ipchicken, the Watchguard was sending all traffic from the DMZ external VLAN out via a completely separate set of addresses!  HUH?  Whaaaaat?  So inbound would work, but outbound went out on a separate address?

So their firewall guy fixed that, we are back to 1:1 NAT and all is good. Something to be aware of, eh? Go figure.

YMMV

2017/03/15

Inbound Call Failures due to TCP configuration

I will not attempt to embellish this content past commenting that this call failure is not common.  I have rarely seen it, most likely because my implementation practice for upgrades is to match system settings before testing.

Having said that, I think I would have thought the initial setup described here would have worked.  But apparently not.  Inbound calls follow the original port.  Something to be aware of.

Thanks to Josh Walters, CDW Senior Consulting Engineer for writing this up for us.

YMMV

Scenario: 

Customer is deploying a new 3-node Skype for Business Enterprise Pool to replace their existing 2-node Lync 2010 Enterprise pool.  Enterprise voice is enabled in Lync 2010 and Lync call traffic is directed inbound from their PRI and delivered to an Avaya Session Manager appliance, then it is delivered to Lync.  Internal call flow functions as below:

PRI --> Avaya Aura System Manager --> Lync 2010 Enterprise Pool

After deploying the new Skype for Business FE Enterprise Pool, Edge Pool, and Back-End we decided to migrate a test user who was enabled for Enterprise Voice to the new Skype for Business Pool and test call flow with the new infrastructure.  The new expected call flow should function as below:

PRI --> Avaya Aura System Manager --> Lync 2010 Enterprise Pool --> Skype for Business Enterprise Pool

After moving the user, the user was able to successfully place an outbound call to both internal and external recipients but was unable to receive an inbound call.  When attempting to dial the Line# for the migrated user we were being routed directly to Voicemail (Exchange 2010 Unified Messaging).  What gives? 

Inbound Traffic

Avaya Aura System Manager --TCP 5060--> Lync 2010 Enterprise --TCP 5060--> Skype for Business Enterprise

Outbound Traffic

Skype for Business --TCP 5060 or TLS 5067--> Lync 2010 Enterprise --TCP 5060 or TLS 5067--> Avaya Aura System Manager

Well, what we found was that Avaya was routing SIP traffic to Lync 2010 using TCP port 5060 only (as seen above).  When Lync 2010 received the SIP request it attempted to route the traffic to the Skype for Business pool where the user is homed and it tried to use the same port it received the traffic on, but we had not yet activated TCP on the Skype for Business pool for Mediation.  The Skype for Business pool was therefore rejecting the traffic and then sending the call to Voicemail. 

The fix:  Enable TCP (and make sure to use the correct port for YOUR environment) so that the Skype for Business pool is listening for traffic on said port.   After enabling TCP 5060 on the Mediation Server (Collocated) all inbound call routing for the user started working. 

clip_image002

clip_image004

2017/03/12

Reverse O365 SfBO Migration Failure

The Scenario

Existing Office 365 tenant successfully using SfBO. Exchange on-premises.  Azure AD Connect version unknown, but up and functional  PBX with voice mail on-premises. We extended schema and installed SfB on-premises with Edge.  Modified the firewall to specification and attempted to get into hybrid. 

DNS mods we easy. Creating a test user and synching up to O365 went fine.  Enabling the test user for SfB went fine.  Another AAD sync and we were in business.  Moving the test user to O365 (so we could test moving back to on-premises) went just fine. And there the problems began.  Attempts to move the user back to on-premises failed with the following non-help message:

PS C:\Source\scripts> move-csuser -Identity sfb.test3@domain.com -Target domain-sfbfe01.domain.com -Credential $cred –HostedMigrationOverrideUrl https://admin0a.online.lync.com/HostedMigration/hostedmigrationservice.svc -Verbose
VERBOSE: CN=sfb test3,OU=hometown_Users,OU=domain_Users,DC=domain,DC=com

Confirm
Move-CsUser
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): Y
VERBOSE: Validating parameters for move operation.
VERBOSE: Calculating new server information for user [domain-sfbfe01.domain.com].
VERBOSE: Moving user [sip:sfbtest3@domain.com] across deployments.
VERBOSE: Creating source external move endpoint.
VERBOSE: Validating the hosted migration override URL provided:
[https://admin0a.online.lync.com/HostedMigration/hostedmigrationservice.svc].
VERBOSE: Retrieving web ticket URL.
VERBOSE: Retrieving live id token.
VERBOSE: Initializing source external move endpoint.
VERBOSE: Creating target external move endpoint.
VERBOSE: Initializing source external move endpoint.
VERBOSE: Validating user [sip:sfbtest3@domain.com] online, for on premises to online move.
move-csuser : I
ndex was outside the bounds of the array.
At line:1 char:1
+ move-csuser -Identity sfb.test3@domain.com -Target domain-sfbfe01.domain.com -Credenti ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (CN=sfb test3,OU...,DC=domain,DC=com:OCSADUser) [Move-CsUser], IndexOutO
   fRangeException
    + FullyQualifiedErrorId : MoveError,Microsoft.Rtc.Management.AD.Cmdlets.MoveOcsUserCmdlet

"Index was outside the bounds of the array."

You know how many hits googlepedia produces for that?  None of them helpful.  So we triple-checked our work.  Reviewing the overall picture, it was apparent that there was some issue with the on-premises environment, but everything we looked at came up good.

The Root Cause

The root cause was that Azure AD Connect was installed and configured BEFORE the extending schema for SfB.  As it turns out in the end, Azure AD Connect does not refresh schema very well, if at all, unless you tell it to. 

And even then, maybe not. There is a button inside the missclient (Synchronization Service Manager) that SAYS it will do it.  I mean, it clearly says “refresh schema”

image

…and the following message sure says it will…

image

But, guess what, that is not the case.

As you can probably guess, the root issue causing our migration failure was that the AAD Connect had no knowledge of the SfB attributes coming in with the online user.  Now, I would have thought they would have seeing as how we were successful in installing SfB, creating a good on-premises user, and moving that user up into the tenant.  But no.

Interesting side note is that once we twigged onto the schema concept, using the button on AAD connector populated SOME valiues – we could see them.  But still moving back to on-premises failed.

The Fix

It seems that if you run "C:\Program Files\Microsoft Azure Active Directory Connect\AzureADConnect.exe", you get a few options. Specifically, take a look at the third option from the top.

image

I do not pretend to know the difference between “refresh schema” in one location as opposed to the other, but I do know that running the “refresh directory schema” from this location, followed by a full synch on both connectors resolved our failed user moves.

Keeping your Azure AD Connect up to date might be helpful also and in theory the reinstallation process will trigger a schema refresh.  You can get a clean copy of that installer right here.

Of course, once you know what to look for, there is this also.

YMMV

O365 Exchange Voice Mail–Oracle

I have been informed, by a source that I deem to be about 75-80% reliable, that Oracle will not be participating in gymkhana that is the 3rd...