Lync 2013 with Polycom RMX1500 Integration

August 31, 2014 4 comments

The following post shows how to configure and deploy Polycom RMX 1500 in Microsoft  Lync 2013 Environments.

Task 1 : Configure the RMX IP Network Service :

Using the Web browser, connect to the RMX.
In the RMX Management pane, expand the Rarely Used list and click IP Network Services.
In the IP Network Services pane, double-click the IP entry.
Make sure the IP Network Type is set to H.323 & SIP
Set the  Signaling Host IP Address and sub net mask.

2

Click DNS.

Enter the following related information :
MCU Host Name : rmx1500.seneej.com (enter here the hostname of the RMX)
DNS: Specify (enter here “Specify”)
Local Domain Name: seneej.com (enter here the domain name where Lync is hosted )
Primary DNS Server: 192.168.1.10 (enter here the IP address of the DNS server )

4A

After its prompt for reboot, then reboot RMX system.

Login  back o RMX web interface .In the IP Network Services pane, Click SIP Servers.
In the SIP Server field, select Specify.
In the SIP Server Type field, select Microsoft.
Enter the IP address of the Lync frond end  Server 2013 and the Server Domain Name.
If not selected by default, change the Transport Type to TLS

3

Task 2 : Add the Polycom RMX FQDN (SIP signaling IP address) in DNS as Static entry

Define the new A record under DNS server. The following example defines a record using rmx1500.seneej.com for the FQDN for the RMX SIP signaling domain and 192.168.1.100 as the IP address of the RMX signaling host.

1

Task 3 : Create trusted application Polycom RMX pools in lync

Login to lync frond end servers and open the Lync Server Topology Builder.
When prompted, save a copy of the topology.
Expand the appropriate site container, right-click the Trusted Application Servers folder, and select New Trusted Application Pool.
In the Define the Trusted Application Pool FQDN, enter the name of the FQDN of the application pool you want to create,

5

5 Click Next to add computers to this pool.
6 In the Define the computers in this pool step, enter the FQDN for the RMX SIP signaling domain and click Add.

6
When finished adding computers, click Next.
Select the appropriate Next hop pool and click Finish.
Select Action > Topology > Publish to verify and publish your topology changes.

Click Yes on the Missing Machine warning message.
When it publishes the topology, the Lync Server attempts to match the FQDN of the Trusted Application Computer to an existing Computer object in Active Directory and typically displays a Machine Missing warning, as shown next.

7

Click Yes to accept the warning and complete the topology publishing wizard. Because the RMX system is not a Windows domain-joined host, it does not need to exist in Active Directory. There is no need to either domain-join the host or re-run this step as described in the warning message.

Go in the “Lync Control Panel”, in “Topology” menu, in the “Status” section and verify that the RMX FQDN entry “rmx1500.seneej.com” is there in the list.

Task 4 : Use Lync PowerShell to Create the Trusted Application

Open the Lync Powershell terminal from any of frond end servers

Use the New-CsTrustedApplication command to set up a trusted application for the RMX system.

New-CsTrustedApplication -applicationId VideoProxy -TrustedApplicationPoolFqdn rmxvideo.seneej.com -port 5061

The parameters are defined as follows:
-Applicationld A descriptive name for the application. Must be unique within your Lync deployment.
-trustedApplicationPoolFQDN The FQDN of the application pool the entry defined previously.. In our example,rmxvideo.seneej.com

-port The SIP port. The default port number for SIP is 5061.

Task 5 :Set the Routing for the Polycom RMX System

open the Lync Power shell terminal.from any of frond end servers

Use the New-CsStaticRoute command to set up a static route for the RMX system.

$route=New-CsStaticRoute -TLSRoute -Destination “rmx1500.seneej.com” -port 5061 -matchuri “rmxvideo.seneej.com” -UseDefaultCertificate $true

In this example “rmx1500.seneej.com” is the RMX FQDN and “rmxvideo.seneej.com” is the trusted entry defined previously.

Set the routing configuration. By configuring the static route, matched URI dialing is enabled.

The following example sets the route to be global and publish the topology:

Set-CsStaticRoutingConfiguration -identity global -route @{Add=$route}

Then Publish Lync topology

Enable-CsTopology

The Polycom RMX system is now set as a trusted host, and calls from an Lync client to a SIP address in the Polycom RMX system’s domain will be routed through that system.

Task 6 :  Creating a Security Certificate for the Polycom RMX System

Its must install a internal/ external security certificate on the RMX system so that Lync Server trusts it.

Please follow below if have internal enterprise CA.

Login the Lync server and create a new certificate for RMX using the IIS Manager from the lync server

In the Features View, double-click Server Certificates under IIS, shown next.

8.

In the Actions pane (far right), select the Create Domain Certificate, shown next.

The Create Certificate wizard displays.

In the Distinguished Name Properties panel, shown next, complete all fields. Do not leave any fields blank. Do not leave any fields blank.

9

In the Common Name field, enter the FQDN of RMX FQDN. This name must match what is in the DNS.

Click Next.
In the Online Certification Authority panel, select a Certificate Authority from the list and enter a name that you can easily identify,

10
Click Finish.
You have created the certificate.

To use the Microsoft Management Console to export the created certificate:
1 Open Microsoft Management Console and add the Certificates snap-in, if it has not been added already.
a Choose File > Add/Remove Snap-in.
b Select Certificates from the Available Snap-ins area and click Add.
c On the Certificates snap-in dialog, select Computer Account and click Next.

d On the Select Computer dialog, select Local Computer.
e Click Finish.

2 Click OK.
3 Browse to Certificates (Local Computer) > Personal > Certificates.
4 Right-click the created certificate and select All Tasks > Export… to view the Certificate Export wizard.
5 In the Certificate Export wizard, do the following:
a In the Export Private Key panel, select Yes, export the private key.
b Click Next.
c In the Export File Format panel, shown next, select the option Include all certificates in the certification path if possible.

d Click Next.
e In the Password panel, enter a simple password.
f Click Next.

6 In the File to Export panel, enter a path where you want to save the new file, for example, c:\temp\cert.pfx.
7 Once the *.pfx file is on your PC, you can upload it to the Polycom  RMX system and install it, using below procedure

Importing Certificates in to the RMX Manager ( 8.1 firmware release and higher )

1 Open RMX Manager

2 Go to Setup -RMX secured Communication –Certification Repository

11

3 Highlight Personal Certificates and Click the Add button to open the Create Personal Certificate window and change the Certificate Method to PEM/PFX. Enter the Password which was used to protect the PFX package and then click Send Certificate

12

4 In the Install File window browse to the previously exported PFX certificate package and click Yes to upload the certificate, private key, and CA chain into the RMX.

5 If successful the response should be “Message file transferred successfully” and RMX Manager will request to reboot the RMX to apply the new certificate to the SIP services

Testing

Then check in the Signaling Monitor, in SIP Server and you should see the IP address of Lync server with status as “OK”.

Then go on a PC client and open Lync and enter for example the following SIP URI to call Meeting Room 1001 in RMX from Lync client: 1001@rmx1500.seneej.com

Categories: Lync

How to move hyper-V VM from windows 2008/R2 host to another host if its contain multiple AVHD files ?

August 24, 2014 Leave a comment

Scenarios

How to move hyper-v VM to another host if its contain multiple AVHD files. Read more…

Categories: HYPER V Tags:

Auto-mounting failed on Linux filesystem with emcpower devices in bootup

August 12, 2014 Leave a comment

Scenarios

EMC LUN auto mount is failed on red hat Linux and getting error “fsck.ext3: No such file or directory while trying to open /dev/emcpowera”

Error

Linux host reboot it prompt to maintenance mode after provision new EMC LUN.

Resolution

Add all mounts that uses emcpower device have _netdev option in /etc/fstab and then reboot the host
Example

/dev/emcpowera                /XXXX               ext3             _netdev         1 2

Step by Step FRS to DFSR Migration guide in three steps

August 5, 2014 2 comments

Overview

The File Replication Service (FRS) is used for replicating the contents of the SYSVOL share between Windows domain controllers.. Windows 2000 Server and Windows Server 2003 use File Replication Service (FRS) to replicate SYSVOL, whereas Windows Server 2008 uses the newer DFS Replication service when in domains that use the Windows Server 2008 domain functional level or higher, and FRS for domains that run older domain functional levels.

Let’s quickly review the perquisites and step by step migration in three steps

Prerequisites

  • Healthy Active directory services.
  • Active directory replication between domain controller must be operational.
  • The functional level of the domain to Windows Server 2008 or higher.
  •  It is preferred to do the migration on PDC Emulator as it is the authority on SYSVOL

Mainly , there are 4 Stable States of SYSVOL migration to DFSR

sTATES

let’s start the migration of SYSVOL replication from FRS to DFRS in three steps

Step I ( Migrating to the ‘PREPARED’ state )

Note:

The start state is already applied while applying the prepared state. .

Running the dfsrmig /SetGlobalState 1 command on the PDC emulator to start the migration to the Prepared state.

1

Waiting for all domain controllers to reach the Prepared state, which you can verify by running the dfsrmig /GetMigrationState command

2

Verifying that migration to the Prepared state succeeded.

3

Step II  (Migrating to the ‘REDIRECTED’ state )

 

Verifying that migration has reached the Prepared state on all domain controllers and that the domain is prepared to migrate to the Redirected state.

Running the dfsrmig /SetGlobalState 2 command on the PDC emulator to start the migration to the Redirected state.

4A
Waiting for all domain controllers to reach the Redirected state, which you can verify by running the dfsrmig /GetMigrationState command.

4

Verifying that migration to the Redirected state succeeded.

 

Step III (Migrating to the ‘‘ELIMINATED’ state ).

Verifying that migration has consistently reached the Redirected state on all domain controllers and that the domain is prepared to migrate to the Eliminated state.
You cannot reverse migration after migration reaches the Eliminated state. Therefore, you should make sure that all domain controllers have migrated to the Redirected state and that the DFS replication service can handle SYSVOL replication correctly before you begin the migration to the Eliminated state.

Running the dfsrmig /SetGlobalState 3 command on the PDC emulator to start the migration to the Eliminated state.

Elimated
Waiting for all domain controllers to reach the Eliminated state, which you can verify by running the dfsrmig /GetMigrationState command.

final 2
Verifying that migration to the Eliminated state succeeded.

Please make sure that FRS service in the domain controllers are stopped and startup is disabled

Done, migration has been completed successfully.

Additional references

Migration Guide : http://www.microsoft.com/en-us/download/details.aspx?id=4843

 

Bypassing Lync Client for online meeting

July 22, 2014 Leave a comment

Normally automatically login with Lync clients when join to onlline meeting with Lync meeting URL.
How to force login to Lync Web Apps from the lync client installed pc’s

Just add the string ?sl=1 to the end of the Meeting URL.Here is an example

https://meet.seneej.com/seneej/8KFWBWF8?sl=1

Categories: Lync Tags:

Network requirements for Microsoft Hyper-V Cluster

June 26, 2014 Leave a comment

Network requirements for Microsoft Hyper-V Cluster

In this post describe physical networks configuration for hyper-v cluster. The below table shows minimum requirements for network in a Hyper-V cluster. Generally, two NIC with eight ports is require to configure hyper-v cluster networks with Teaming ( Network high availability )

Hyper-V Networks Description Type
Management Used for the Remote desktop, monitoring, backup, and Hyper-V management traffic all pass through this network by default. Public
VM Network Used to provide network access for VM’s .All VM’s network traffic will pass through this network Public
Cluster Heartbeat Private network to check the status of the cluster hosts Private
Live Migration Used to transfer the running VM’s from one cluster node to another Private

Other Recommendations

Dedicate VLAN for each networks

Network teaming is recommended for all networks . So two NIC with eight ports is required. In addition more VM’s network can be added based on the through-put and networks requirements such as DMZ,..Etc

Management networks should be first i in the Adapter and Bindings connection order. Then heartbeat and failover network .

Do not configure a Gateway and DNS for Heartbeat and failover networks.

Disable file and print sharing for VM networks and not require to set IP’s

Note : The storage networks will be cover in another post.
More info
http://technet.microsoft.com/en-us/library/dn550728.aspx

Categories: Private Cloud

Internet explorer maintenance gpo missing in windows 2008 r2 Domain controllers

June 22, 2014 1 comment

Issue

“Internet Explorer Maintenance” container is missing in the Domain controller GPO. By default its exist in GPO > User Configuration > Policies > Windows Settings.

Scenario

“Internet Explorer Maintenance” will be removed from GPMC when IE upgraded to 10 or higher versions

Resolution

Log in to any member of windows 2008 r2 server where IE version should be lower than 10. Then install GPMC by adding Group policy managment features.Now Internet Explorer Maintenance will be restored and can edit settings

Categories: Active Directory
%d bloggers like this: