Posted at 10:04h
in
Skype for Business
Symptom: The Front End service would not start due to incorrectly placed certificates in the Trusted Root container. This script https://gallery.technet.microsoft.com/LyncSkype4B-Certificate-81944851 was used to check the certificate containers and two root certificates were found incorrectly placed in the Trusted Root container.
Example output:-
Resolution: The below registry...
Posted at 23:31h
in
Skype for Business
To resolve the Poodle vulnerability and harden the Edge Server download and install the following tool from Nartac Software
https://www.nartac.com/Products/IISCrypto/Download
After installing select ‘best practices’ and apply the suggested fixes. The keys will be written to the following path:
“HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control
\SecurityProviders\SCHANNEL\Protocols”
Browse to Qualys SSLs checker and scan the Edge...
Posted at 21:22h
in
Skype for Business
Summary: After initiating a successful failover of the Central Management Store and Pool failback of the CMS failed. The topology reported the CMS as being homed on the primary pool, but the Get-CsManagementStoreReplicationStatus –CentralManagementStoreStatus cmdlet reported the CMS as still being on the backup pool....
Posted at 20:20h
in
Skype for Business
Summary: The topology consisted of Skype for Business Server deployed alongside Direct Access. To preserve call quality ALL SfB traffic was not be tunnelled by DA or any other solution that deployed a VPN secure tunnel as did the Blue Coat Unified Agent.
The following article...
Posted at 21:20h
in
Skype for Business
SfB OpenOTP MFA integration using Passive Authentication
The following is supplemental to the WebADM Install Guide only.
Server specification
Ubuntu 12.04 was used for the integration using a Basic_A1 (1 core, 1.75 GB memory) VM. The server was installed manually to support installation of OpenOTP in Azure. Otherwise...
Posted at 21:17h
in
Skype for Business
Skype for Business Online Intune Conditional Access Integration
Intune provides the following integration for SfB Online (O365):-
• MDM
• MAM using app policies and conditional access
• ADAL authentication
Enable CA in SfB Online Policy in Intune. CA is not supported for Windows Phone. App policy support is only...
Posted at 20:44h
in
Skype for Business
Skype for Business Unleashed
I had the pleasure of being a contributing writer along with the other writers below for the newly released publication Skype for Business Unleashed (12/8/2016).
I’m quite familiar with the unleased series of books having used Exchange 2007, 2010 and Lync 2010, 2013...