Exchange 2016 Migration planning on phases

Exchange 2016 March 23, 2016 Leave a comment

When it comes to migration we always need to plan properly before we start the actual project.Study on the the existing messaging environment as a whole and deriving  a detailed analysis is much required.
Study in terms of existing storage, current number of active users,mailbox traffic utilization , load on the exchange servers, email relay on the servers ,email security setup and messaging related components.

This will really help in understanding the current requirement for email platform and therefore we can scale-up the new environment in a healthy way.
Also by doing this study and implementing the new setup can run for another 5 years without any hassles.

In this article we will have a look at some steps which will help in doing an exchange migration in phases for a smooth and successful migration.

Phase 1: Analyzing existing environment :

I have segregated few core components in this phase that can help for better migration.

a) Email Traffic

Analyze the current email traffic flow of the whole environment in terms of monthly, weekly and daily email traffic.
Better to collect 3 sets of data on the above and get the average value on them.
By doing this we can actually plan very well for the new migration in terms of storage and network bandwidth.

b) Active Users

Determine the current number of active users in the environment . If there are mailbox statistics which have been collected on monthly basis in exchange reports it will be better.

By seeing this we can actually analyse the mailbox growth on a monthly basis. This will help us to calculate to some better value in terms of mailbox growth for the organization in the future.

c) Mailbox Growth & Quota

Again analyzing the Mailbox statistics report will give a better result to calculate the mailbox growth of individual users for the next 3 years. We need to calculate them based on the current growth from the time current exchange version is running and depending upon the nature of email traffic. Better to have an overhead value of 50 percent more which will run for a long time without any bottleneck.

Phase 2: Preferred Architecture

Physical:(Recommended)

Microsoft recommends to have the Exchange servers to be running on physical VM. Since their new architecture is a very good approach which does not require a  very high configuration server ,because they say for future requirement perform a scale out and not scale up( which means bring up an additional mailbox server in future when required and do not scale up the hardware in the initial configuration) which perfectly makes sense.

In any case the Exchange 2016 Calculator needs to be used first to derive the values of your requirement.

Exchange 2016 Calculator

So if you are planning for a physical servers all we need is  a decent server with below configurations minimum.

You can use Commodity server platforms as the PA with the below minimum configuration.

1) 2U, dual socket servers (20-24 cores) according to your requirement choose the cores.
2) Maximum 96GB of memory according to your requirement choose the memory.
3) battery-backed write cache controller
4) 12 or more large form factor drive bays within the server chassis
5) Probably the server with DAS storage.

Virtual (Vmware or Hyper-V):

Though Microsoft recommends the PA to be on the physical server but still the environments running on VMware , Hyper-V have no options if they continue the new provisioning on the VM.

But still if VM is the plan below are the recommendations for  VMWARE:

1) Each new provisioned Mailbox/Edge Server  should have a reserved memory.Exchange Server 2016 calculator results are driven by the expected amount of loads that will be generated based on the actual inputs.

2) Microsoft supports up to 2:1 virtual-to-physical CPU allocation for Exchange Server 2016 in a virtual environment. VMware recommends to leave the cores per socket count at one at all times

3) Storage can be Fiber Channel, iSCSI, and network-attached storage (NAS) shared-storage protocols.

An Example below of how storage can be provisioned for Exchange 2016 VM.

We can use any one of the option Data Stores virtual disks  or RDM Raw Device mappings.

 

Storage
VMware recommends that you set up a minimum of four paths from an ESXi host to a storage array. To accomplish this, the host requires at least two host bus adapter (HBA) ports.

VMFS supports RDM . This  allows a virtual machine to directly access a volume on the physical storage subsystem through Fiber Channel or iSCSI.

The decision to use VMFS or RDM is not dependent on Exchange .So its better to check the backup to ensure it supports the above configuration.

New Improvements in Exchange 2016 have made Exchange 2016 Lower Storage I/O than earlier versions.
But still with a careless planning on storage especially for Exchange will result in a Poor Exchange infrastructure. Concentration on this part is very much required and we need to spend more time on this before building the setup.

4) Network Considerations

Vmware Recommends to use the VMXNET3 network adapter – This  provides better data transmission  with reduced CPU utilization. Better to have single network per site.

From Exchange 2016 since the data is replicated on one network all we need is one NIC card with the above configuration.

Also have Layer 7 load balancing with no session affinity. Also decide your network link and network link latency based on your previous calculated value from the phase 1.

Phase 3: Verify the Exchange Dependent Components Compatibility

After completing the two phases now we need to check the support compatibility of Exchange dependent components.

Below are most of the dependent components

1)   Check your current backup with Exchange and see if it supports Exchange 2016.

2) Check for any Transport categorizer  level Third party software’s compatibility. It can be any Antispam , Antivirus , Signature solutions etc …,

3) Check with existing journaling solution and its compatibility.

4) Check with  existing Archive solution if there is any and see their compatibility.

5) Check with MDM solutions  and its compatibility. There is no more MAPI/CDO support from Exchange 2016 . So you need to make sure that all MAPI/CDO components are retired.

6) Check the current Monitoring solution for Exchange and see if it supports Monitoring Exchange 2016 integration.

Phase 4: Data Center Design 

a) Active Active site : We can go with this option if we have a well connected round trip network latency. By using this option we are utilizing both the sites efficiently. If the data-centers are connected and having a good redundant paths we can choose this option.

b) Active Passive site : Active Passive option is also good but the only part is the DR resources will not be utilized most of the time unless and until there is some issues with the main site unavailability.

For any of the above configuration the preferred architecture is each of the data center should have its own Active Directory Sites.

This is because Safety Net and Shadow Redundancy will work  only when the DAG members are spanned across more than one Active Directory sites.

Phase 5: Deploy & Test the performance

Once above all factors are considered we can go ahead and deploy the Exchange 2016 as per the plan .

In this phase better not to join the servers to the existing infrastructure. We actually need to see if the provisioned servers, storage , networks are strong enough to handle the real load on them.

For that its better to create a dummy domain , not join them on existing domain and test the performance of the provisioned servers by using Exchange Load Generator and Exchange Jet Stress Analyzer.

 

To check the performance of the disk we can use JetStress Analyzer

Exchange Jet Stress Analyzer

To simulate the end users load we can use Exchange Load Gen Analyzer

Exchange Load Gen Analyzer

Once the loads and performance are tested on the newly provisioned servers we can go ahead and start the coexistence migration.

In the next blog we will discuss on coexistence migration phase.

Hope this helps

Thanks & Regards

Sathish Veerapandian

MVP – Office Servers & Services

Mailbox move from Exchange 2010 to 2016 might stall with the message move status RelinquishedWlmStall

Exchange 2016 March 17, 2016 Leave a comment

Recently on one of our migration from Exchange 2010 to 2016 we were unable to move the mailboxes from Exchange 2010 and 2016.

It was giving us the below error and the move request was not progressing

P12

Not sure what was the reason behind this but Below are the possible work around :

 
1) First preferred option is we can submit the new move requests by modifying the Priority to emergency or highest by running the below command.
New-MoveRequest -Identity Mailbox -TargetDatabase “DB Name” -BatchName Test -Priority Highest

There is an option of modifying the workload type of MRS as a whole from Exchange 2016.
But this parameter is reserved only for Microsoft at the moment.
This is because not to change the workload parameter for the move requests since the other operations might be affected and might run out of resources.
Its better to use the above command only which will bypass the WLM throttling and will not disturb the other system operations.
Anyways we do not have an to option to specify this parameter at this moment and as per my view this is good based on the previous line.

2) As a workaround for the ReLinguishedWlmStall Status we can also temporarily change the following registry key:

Change “MRS” value in the Exchange 2016 server

Navigate to  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSExchange ResourceHealth] and set the value to 0 on the 2016 server.
Then restart the Mailbox Replication service.
Now try the move requests

 
3) Also you can create a new management override temporarily until the migration completes by running the below command. But keep this as a last option.

Get-ExchangeServer | ?{$_.AdminDisplayVersion -like “*15*”} | ForEach {New-SettingOverride -Component “WorkloadManagement” -Name “$_ MRS Override” -Server $_.Name -Section MailboxReplicationService -Reason “move request temp” –
Parameters Classification=Urgent -MinVersion 15.0}

Usually they say that this issue might occur if there are any performance issues experienced on the server.
But in my case there was no performance issue experienced by exchange 2016 server.
IMP Note:

These all changes must be done carefully on production environment after careful analysis and investigation.
There are few chances that the other operations might be affected on changing the Work Load Management option.
Keep an eye of the system resources during this process and Make sure that you revert back all the settings once the migration is completed.

If you want to know more on Work load Management there is an excellent write up by MVP Ratish – http://msexchangeguru.com/2015/02/23/exchange-workload-management/

Thanks & Regards

Sathish Veerapandian 

MVP – Office Servers & Services

CodeTwo Exchange Cross Forest Migration

Code Two, Cross Forest March 10, 2016 Comments: 6

Mailbox Migration in cross forest scenarios is always been a difficult , challenging and will  definitely vary according to the environment, scenario and requirement basis.

In this article i would like to explain the cross forest migration scenarios using the code two exchange migration tool.

In this example we are trying to migrate the mailbox from source different forest to target different forest using the CodeTwo migration tool.

The source will be Exchange 2010 SP3 and the Target will be Exchange 2013 CU10

Lets see the prerequisites before we start this migration job:

Code two says only network and EWS connectivity is enough. But its better to have all these below things in place before starting the migration so that migration can be completed in the provided timeline.

1.Prepare a healthy network link speed for this migration from source to target.

2.Make sure All the required ports/connectivity are open between source Exchange   server\DCs to Target Exchange 2013/and DCs
3.Create a DNS name resolution in source as well as target using conditional forwarders        or by using dummy zones

4.Create AD trust between domains Source and target (Not Mandatory required only if you need to migrate Group)
5. Add the Target domain admin in the built in admin group of source domain.

6. Make sure the MRS proxy is enabled for cross forest move in the target or source domain according to your requirement pull or push
Set-WebServicesVirtualDirectory -Identity “Exch1.fabrikam.com\ews (default web site)” -MRSProxyEnabled $true

Perform the above action depending on the mailbox move you are going to Trigger.

7.Change the autodiscover SRV DNS record to point to Target domain

Once the above prerequisites are set in-place we have to download the software and install them

The setup is normal just need to install with the default settings. You need to install the software where the connectivity is reachable for the EWS .

Note:

a) You can install the CodeTwo setup either on the source forest or on the target based on your requirement.( Push migration or Pull Migration)

b) You should to be able to reach the EWS url of the target domain from the server where you are installing them.

Better to install them on the CAS server where you can reach the EWS of the other domain if  all the prerequisites are set in place.

You will get the welcome screen as below

c1.png

You will run through a normal installation as below

C2.png

On a successful completion of the installation you will get a below GUI

 

Code3

Now we need to configure the source and the Target domains in the setup

Inorder to perform that do the following steps

Configure the below settings as source where you have installed this application

Go to server connections and select source server

Here we have 2 options to establish a connection

First one will discover the source ews url automatically if its resolvable from the server where this software is installewd.

Second option where we need to manually enter the CAS server FQDN and EWS URL .

Code4

post which we will get the below screen

Code5

After successful configuration you will get a green signal as below.

Code6

The same procedure needs to be followed in the target domain as well .

Need to install the Target server as well

CD9

Once after the source and target domains are defined and successful you can create a new Migration Batch.

Good Features which have identified in this application are below

We have an option to choose the migration batch per OU , Users , Group etc..,

33

 

You have an option to auto-match the MEU as well

Note: You have to choose the option Auto-match selected mailboxes  only  if similar already existing users are present in the target domain on a different OU.

CD16

We have an option to schedule the migration as well  which is really good.

CD17

The amazing option which is found really beneficiary is below

This is something great option which will help in planning for a migration where we have a weak n/w bandwidth between the source and the forest. By having this we can very well plan a smooth migration without choking the network bandwidth in these kind of scenarios.

CD18

 

Finally we have an option to choose only the required items to migrate

CD19

This option is very amazing for scenarios where a company is merging or during acquisition.

CD20

Finally we can view the migration job status in the console as below

We have an option to manually choose the target mailbox as well.

Test333

 

CM3

 

It keeps us posted about the good status and bad status about the migration as well which is very good.

We also have an option to send notifications to admin mailbox about the migration status as well.

CM6

We have an option to set the maximum number of concurrent moves as well

Cm

Conclusion:

As per my understanding this CodeTwo software uses an excellent coded API .When configured all the prerequisite for the cross forest migration this works in the background with the EWS and gives us these many options features during the migration.

This makes the migration job very smooth and keeps the admin informed about the migration status.We can customize the cross forest migration based on our requirement by using this tool.Once the migration is done you need to perform the normal procedure of shifting the MX records and you are done.

To get Started with them you can refer more on this  CodeTwo Migration

Thanks & Regards

Sathish Veerapandian

MVP – Office Services & Servers

Extending Persistent Chat on Mobile Devices

Lync, Persistent Chat, Skype for Business February 23, 2016 Leave a comment

Currently Skype for business persistent Chat is not supported on mobile devices by default. Only the Lync and Skype for Business  desktop client supports Persistent Chat.

To extend this feature on mobile devices we need to bring an additional component software from MindLink. Mind Link Software is a Microsoft Gold Partner who is offering support for Persistent Group Chat on mobile devices (iOS, Android and BlackBerry). Mind-link are the only developer available at the moment who would be able to fill the gap and extending this functionality to the mobile devices.

In this article we will have a look at configuring MindLink software for Persistent chat feature on mobile

You can download the evaluation version from the below Link

http://www.mindlinksoft.com/products

Basically  they have 3 servers in their architecture which are having different roles if we consider as a whole package.

1) Mind Link Anywhere server – Can be used for Having corporate Persistent chat feature on the Web(like Whats-app web) and integrating SharePoint sites with the chat services.

E.g. below for Mind Link Anywhere :

Having persistent chat on the web

Test.png

 

Having this chat feature enabled on the SharePoint sites

3.png

2) MindLink Integration server – Used for integrating social  News Feed and  social twitter feed.

3) MindLink Mobile Server – Used for integrating with our persistent chat pool.

So we require only one server at this point to extend persistent chat functionality to the mobile devices.So now lets look into the steps to extend the persistent chat functionality alone  on the mobile devices since we are focusing only on them in this blog.

Hardware Requirements:

Each host machine should meet the following minimum requirements:

  • Dual or Quad core, 64-bit CPU (Minimum 2.4GHz)
  • 4GB RAM
  • Gigabit Ethernet connection
  • 1Gb disk space (80Mb for installation of binaries and up to 1Gb for Preferences to support over 1000 users)
  • Additional Disk Space may be required for storing log files, minimum of 100MB
  • Windows Server 2008 R2, 2012, or 2012 R2

Readiness for the persistent chat integration:

  • A trusted application pool needs to be created between your Lync/SFB server and the MindLink server FQDN or pool FQDN if its multiple servers based on the environment.
  • An URL must be decided for the MindLink server to publish them externally so that users can access them from mobile devices for persistent chat.
  • An SSL certificate must be purchased for the external URL for secure communication.
  • An internal certificate from Trusted CA must be placed in the MindLink server to trust this application pool.
  • Apple device APN’s certificate must be placed on the MindLink server for Apple devices push notifications and revocation check.

Ports and protocol requirements :

  • Port 7072 for socket server needs to be opened
  • Port 7074 for web service needs to be opened
  • Port 7073 for file service needs to be opened
  • APN port 2195 for gateway.push.apple.com needs to be opened

 

Overall the Architecture of the MindLink provision should look like below

 

MindLink

Installation :

The installation of the software is very simple. All you need to do is download and install the Mindlink mobile on the new server . MindLink uses REST API. It integrates data from existing Lync servers and persistent chat groups through the trusted application pool.
This allows users to access and discuss information within the right context.
MindLink API provides a straight forward web services layer that simplifies the publishing and dependency on .net platform.

Make sure that you have the local trusted CA, Public SSL for the url published and the apple device APN’s placed on that server in the local computer account.

After this is done we just need to enter the url in the location , import the license file from Mind Link support and start the Mind Link service.

After this what happens is that when a user logs in from the mobile client it reaches the MindLink server. It identifies a trusted application created between the MLM and Lync. Post verification of the user account it provides successful authentication.

You might face some challenges in these customized non standard ports on the firewall to the internet and to the server apart from that rest all would be smooth.

An example below of entering the external host name

Note: Only the first hostname URL is mandatory and rest all are optional. Enter the URL name here that will be publishing outside.

image015.png

 

This is an example for apple device connection settings

image017

MindLink Mobile App Experience

After successful configuration we just need to enter the URL that has been published externally for this service

image062

After successful login users will have the below option

They can see live streaming of the persistent chat groups where they are member of

They can send and receive  messages in the persistent chat

They can search for persistent chat groups

They can search and IM individuals

Users can receive IM notifications even if they are not logged in to their Lync/SFB mobile client

Users can search for persistent chat messages, hashtag and mention option is also there.

Visible Persistent Chat Groups

image4.3a.jpg

Able to change the IM and Presence

P1

Live streaming of the persistent chat can be seen

P2.png

Overall Features & Limitations:

  • Its a secure Enterprise Group Chat compatible with Microsoft Lync & Skype for Business.
  • IM Presence can be updated.
  • They cannot participate in audio and video calls from this application.
  • Currently users have the ability to open files which are sent from Lync desktop.
  • File Transfer and sharing from the application is not available at the moment.However an option to insert a weblink option in the chat is available.
  • Custom Ports for the application to be accessed from externally is little bit difficult. Its not possible to change them to the default ports since the application API is configured to bind and listen on these ports 7072,7073 & 7074 only.

Thanks 

Sathish Veerapandian

MVP – Office Server & Services

 

Exclaimer signature manager for on-premise

Connectors, Exclaimer February 16, 2016 Leave a comment

Maintaining the signature format uniformly for all the users is really a difficult task.Also the signature format will be changing on department, user and job role basis.

At times there might be a requirement to modify the signatures for departments based on events as well.

As an admin it  will be very difficult if you are not having any centralized signature system for the messaging systems.

Out of the available signature applications in the market i always prefer Exclaimer based on their support and options available in their product. In this article we will have a look at configuring the Exclaimer Signature and run through some of the options available in their product.

The installation and configurations are very simple since it is just a transport agent which will be triggered in the categorizer  part and signature will be applied. So this application has to be installed on a server where the transport categorization takes place.

In Exchange 2010 this application needs to be installed on the Hub Transport server

In exchange 2013 & 2016 it has to be installed on Mailbox servers.

One thing we need to make sure is that it has to be installed on all the HUB servers if its exchange 2010 and all the mailbox servers if its exchange 2013 & 2016. This is because the Mail-routing can happen in any of the available transport services and this application needs to be there to trigger in the categorization part.

The installation is pretty simple and straight forward which is very easy .Just need to download the application and install them.

The application can be downloaded from below url

https://www.exclaimer.ae/signature-manager-exchange-edition/download

Ex1

We have the option to keep a backup of the previous configurations which will be easier to revert.

There is option called remote deployment where we need to configure a shared folder for the exclaimer images, configuration files to be stored in a common location so that all the transport servers can be updated without any delay.

EX01.png

Below are the options available for the sent items configuration which are pretty much easier to understand.

It has a temporary file folder where it processes all the signature as a cache before applying them. You can specify a drive on your own.

Ex03

After a successful installation we  will get a screen as below

We can have multiple signature policies based on department, Organizational Unit and apply to respective ones.

Ex09

So this signature pulls all the information like Name, Company, Phone Number ..etc from the information present in the mailbox.

So all we need to do is to create a new policy choose and apply the desired values as below from the new created template

Ex04

We have an option to change the element behavior , layouts as well.

ex05

Note: We need to make sure that all the user information like Name, Phone Number, Company are updated. Only then it will update the information from the User object and reflecting in the signature. If the field is not updated then the information will show empty.

The signature can be customized further as well by adding an image, hyperlink to the attached image to them. All kinds of alignments, layouts can be done for the same.

Ex11

Moreover we have an option to edit the source code of the HTML which is a great amazing feature. By having this option we can customize the signature templates of our own according to the requirement.

Ex12.png

There are multiple options available to apply signature based on the requirement.

An example below.

EX8

Also we can set exceptions for few users who does not like to have this automated signature policy.We have an option to apply the signature only on a specific date and after that it will be disabled automatically.

There are more features and options available to explore on this product.

Overall we will get a very good support, latest updates, very simple installation configuration  and more features available to customize with this  exclaimer application. And so far with all versions of exchange this product has been always a bread and butter and haven’t caused any issues in terms of considering them as a third party Transport Agent.

Thanks & Regards
Sathish Veerapandian

MVP – Office Servers & Services

Connect Bridge – Synchronize the Exchange Mailboxes

Connect Bridge February 8, 2016 Leave a comment

If  you have more Exchange mailboxes  with Multiple servers in different sites , or  you have a hybrid setup in your organization we would always like to keep these mailboxes synchronized without any delay.

This article will describe one solution that brings synchronization of mailboxes to reality with a product named  CB Exchange Server Sync.

The CB Exchange Server Sync Tool is an application dedicated to synchronize Microsoft Exchange user folders. Users and folders can be located either on the same version and instance of Exchange Server or they can be located on multiple instances and different versions.

The tool is a Windows service that performs synchronization of selected mailbox folders pairs based on periodical run. You can specify the synchronization pairs via Manager Tool (UI for configuration of CB Exchange Server Sync), which is distributed within the installation package.

Supported Exchange versions:

  • Microsoft Exchange Server 2010
  • Microsoft Exchange Server 2013
  • Office 365

Below are the key features identified in the product:

  • Synchronize email folders
  • Synchronize contacts
  • Synchronize tasks
  • Synchronize calendar
  • Synchronization between different Exchange versions
  • Easy to install and to maintain
  • Separate Custom configuration for each synchronized user
  • Provides run-time information about the executed sync operations
  • Multiple tenants
  • One-way and two-way synchronization

Components involved in the Functionalities:

The synchronization tool consists of:

The synchronization service looks for the changes in the synchronization pairs and process the synchronization with help of Connect Bridge. The synchronization pair is the ‘structure’ of the two users and folders which will be synchronized (e.g.: user1@a.com user2@b.com Inbox folder).

 

1. Connect Bridge

Connect Bridge is used for internal communication with Microsoft Exchange. Connect Bridge is a powerful integration platform that allows you to connect to the target system through ODBC, JDBC driver and Web Service with 31 connectors. So basically, you can connect at least 31 target systems such as Exchange, Google, Microsoft CRM, SharePoint and many other LOB’s simultaneously in different environment (on prem., cloud, hybrid) and with a bidirectional communication. There is no need for you, as a developer, to study documentation and know the language of the target system. You can simply use SQL statements to communicate with the target system. To get a general overview about the architecture of the tool there is a bunch of useful videos and online documentation.

2. Sync Process Description

Most profound explanation is through a short showcase description. Let’s talk about synchronization of two Exchange accounts one on premise (2010) while the second is hosted on cloud (2013). Setting a connection strings as “Master” and as a “Slave” are just for an easy recognition, Connect Bridge handles both systems equally.

Below string example for MASTER & SLAVE connection

6666

The process is quite simple and straight forward. The application seeks for inserted, updated and deleted items within both synchronized mailboxes. This is done within Exchange quite simply. The Exchange provides possibility to obtain changes since some ‘time stamp’.

Below is the example of how the sync works without any delay

6667.jpg

After the application obtains information what was inserted, deleted or updated, the logic of the CB Sync has to decide which action needs to be done to perform corresponding operations correctly.

In case items are inserted on the “Slave side” the logic needs to import those inserted items to the “Master side” of synchronization and remember the item pairs internally because it is needed for next possible operations (update, delete). In other cases if update or delete occurs the logic needs to find internally the pair of the item and make corresponding operation.

Below video is a real time example of how the synchronization works

 

Final Conclusion:

CB Exchange Server Sync brings benefits to  example lawyers , Auditors who work for different companies, university teachers who teach on more universities, chairman of the board and basically to all people who need to arrange all their tasks, meetings and duties ordered perfectly in one Exchange app instead of logging on and off in multiple accounts which can lead to duplicate meetings, bad user experience, unnecessary business mistakes etc.

Worth mentioning is a feature which can cover privacy of Exchange users. Let’s say you have a department in your company with high security clearance using their own Exchange server and other departments which don’t have security clearance have their own Exchange server.

Problem arises when employee of Marketing Department needs to schedule a meeting for employees with high security clearance. They need to know exactly when is their schedule free without breaching security model of the company (access details of already set appointments).

CB Exchange Server Sync can reveal needed information to set up a meeting while still be able to protect security model of the company. This is one of the many scenarios you can cover with CB Exchange Server Sync.

In the near feature they are about to create the Software as a Service (SaaS) product out of it so it  could come closer to customers and simplify the whole process to “ready to use in one-click”.

Thanks 

Sathish Veerapandian

MVP – Office Servers and Services

Inplace upgrade from Lync 2013 to Skype for Business

Lync, Skype for Business February 6, 2016 Leave a comment

For the first time in the enterprise platform Microsoft has given the option of an in-place Upgrade for its universal platform .

Since Skype for Business hasn’t changed much with Lync 2013 server architecture,and the hardware prerequisites remains the same. If we have a good hardware configuration or if you have recently migrated to Lync 2013 in your infrastructure this option completely makes sense to perform and inplace upgrade .
This will obviously help in reducing the IT cost for this new deployment and reducing the time required for this new deployment.

Recently our team had an experience in upgrading from Lync 2013 to Skype for business and i this article we will have a look at the best practices and the prerequisites that needs to be followed in the upgrade procedure.

Supported coexistence scenarios for the SFB in-place upgrade:

  1. Lync 2013 Standard standalone .
  2. Lync 2013 Enterprise Pool.
  3. Lync 2013 Multiple pools
  4. No upgrade path available from Lync 2010 to SFB.
  5. No upgrade from Lync 2010\2013 coexistence scenarios

Readiness for the upgrade:

  1. Take a snapshot backup all your servers, This will help you  to revert the changes on each server just in case if the upgrade wasn’t smooth with the downtime provided.
  2. Save the previous Topology and take a backup of them.
  3. Take a backup of file server.
  4. If the Lync 2013 is running on Windows Server 2008 R2 then its not recommended to perform an in-place upgrade.
    Never upgrade the OS of a Lync server. Install a new pool on a fresh OS and move all accounts and objects over . In-place upgrade will not help in this scenario.

 

Prerequisites for the upgrade:

1. net 3.5 on FE, Edge and mediation  servers.

2. Below hotfixes needs to be installed in following order.

https://www.microsoft.com/en-us/download/details.aspx?id=42162

https://support.microsoft.com/en-us/kb/2919355

https://support.microsoft.com/en-us/kb/2982006

3. RTC local instance should be Microsoft SQL server 2012 SP1 or later.

So make sure on the Lync 2013 FE’s and servers that we are going to upgrade should have a local instance of 2012 SP1 or later.

4.  One member server in the same domain where the lync pool resides.

On this we will be installing the SFB administrative tools , upgrade the existing topology and then publishing them.  It should be a non-lync server.

5.  All the lync servers needs to be updated to minimum  8308.815. Better to have the          latest version.

Upgrade can be done in the following order:

1.  Install the SFB Administrative tools on the newly introduced member server.

Upgrade the topology in the below order.

a) First upgrade the Front end pool.

b) Upgrade the persistent chat pool.

c) Upgrade the edge server pool.

d)  Upgrade the Trusted Application pool.

In-order to upgrade the topology perform the below :

Open SFB topology builder from the newly installed admin server – Right click on the front end pool – Select the option Upgrade to Skype for business server 2015 as below

 

01

This process will take few minutes and after it gets completed we need to publish the newly updated topology first.

Failing to do this and proceeding with other pools (persistent, edge, Trusted) will result in the  below error.

02

Once the topology is updated and published now we need to upgrade all of the existing lync 2013 servers to Skype for Business.

In-Order to perform that action  we just need to run the setup from each servers.

Note: If there is only one front end pool in the deployment (this should be the setup in most of the environments) the servers then there will be user interruption till the pools are upgraded. So it requires a downtime when performing this upgrade.

We need to run the below command to make sure that the replicas are up to date

Get-CsManagementStoreReplicationStatus

imp

Before running the setup we need to disable all the services on the existing front end services. Run the below command in the Lync management shell to perform the action

Disable-CsComputer -Scorch 

After running the above command make sure that you close topology builder, Lync Management shell , Deployment wizard . Make sure all consoles are closed for the upgrade to complete smoothly.

Once performing the above action just run the setup from each existing lync 2013 servers.Better to start with FE’s , Mediation , Director , Persistent and then Edge.

You will be prompted with the below screen.

RE.png

upgrade will go through the process as below

33

We will get a screen like below on a successful upgrade

3366556.png

We can continue to point all URLs to the existing pool since its an in-place upgrade and this make this task very easier.

Thanks & Regards

Sathish Veerapandian

Foreign Connectors VS Delivery Agent connectors

Connectors, Uncategorized January 30, 2016 Leave a comment

Over the period of time these foreign connectors have been playing a major role in handling the non SMTP messages from the applications and FAX machines.

These foreign connectors manage a file transfer system process to route inbound/outbound messages from a NON-SMTP systems.

For outbound systems it uses the drop directory where applications must create and submit their own messages to this drop directory .
These foreign connectors checks if the messages are properly formatted (MIME)
and then move them to the drop directory. From here Exchange has done its job and its the responsibility of the NON-SMTP system to pick these messages and deliver them.

For the inbound flow the message should be submitted to to the replay directory from the non-smtp system. We need to make sure that the submitted messages are properly formatted in MIME or TIFF(Usually used format) so that  exchange picks them up, processes these messages and delivers them to the directory.

Usually these directories are not scoped to these connectors and we need to run the below command  an example below

Set-ForeignConnector -identity Test -DropDirectory \\exchange2010\share

Running the above command will create a shared directory for the outbound so that after exchange drops the email the non-smtp system will pick these messages for delivery.

From Exchange 2013 these foreign connectors have been depreciated.Since it uses  file transfer systems to route the messages through drop(outbound) and replay (inbound) the sender will not be aware if the message has been delivered to the recipients.

But still this foreign connectors can be configured in Exchange 2013

From Exchange 2013 Microsoft recommends to have the delivery agent connectors which is having a simpler configuration compared to the foreign connectors.

Below are the advantages of having the delivery agent connectors:

  1. There is no need to manage file transfer to a Drop directory and check the drop directory quota, permissions etc.
  2. We can use the queue management for messages that are routed to non-smtp systems through this method.
  3. We can verify and acknowledge the message delivery to which is a major benefit when compared to foreign connectors.

 

Each delivery agent is associated with a Delivery Agent connector, which queues messages routed to the delivery agent for processing and delivery to the non-SMTP device or system

A delivery agent is a component installed in the Transport service of a Mailbox server.
Example there is a Citrix Virtual Delivery Agent which is used for one of the citrix application to route the non smtp messages.
If there is a agent required for your non-smtp system then we need to install that agent on Mailbox servers of exchange 2013 & 2016

By Default there is a text messaging Delivery Agent connector.
This is an agent which is installed by default in the Mailbox Servers of Exchange 2013 & 2016.
This delivery agent connectors are available from exchange 2010 where they are present in hub roles.

By default it will have only the default mobile delivery agent connector. You can see the delivery protocol is mentioned as MOBILE.

So for other delivery agent connectors we need to specify the protocol types.

D1.png

Example if we need a delivery protocol as x400 which most of the fax applications and non-smtp application uses we need to run the below command.
New-DeliveryAgentConnector -Name “Contoso X.400 Connector” -AddressSpaces “X400:c=US;a=Fabrikam;p=Contoso;1” -DeliveryP
rotocol “X.400” -SourceTransportServers Mailboxserver

D2.png

After performing the above the  message is routed to a Delivery Agent connector, the associated delivery agent performs the content conversion and message delivery.

Thanks

Sathish Veerapandian

Troubleshooting addressbook issues in Lync 2013/Skype For Business

Lync, Skype for Business January 15, 2016 Leave a comment

 

You might come across a scenario where end users might report that they are not able to search for contacts  through Lync/Skype for Business client.

In this article i have collected few troubleshooting steps based on my experience which might help in addressing these kind of issues

Before looking into troubleshooting lets have a small idea on the address book synchronization :

The address book creation in Lync client happens separately and it never talks to Exchange.

The core component user replicator which was introduced from Lync 2010 contacts Active Directory very frequently once in every 60 seconds and updates the information of the users present in the Lync server. This interval is set by default and can be altered.

These updated information is stored in the backend SQL database named RTCab.

After the above job is completed it doesn’t mean that the address book is updated.After this the responsible server for  update process of  address book will start a synchronization pass once in every 24 hours usually 1:30 AM local server time.

This information will be updated in the address book files in the shared folder in the type dabs file.

So by looking into the above process there can be so many factors which might block searching the address book from client perspective.

Below  troubleshooting steps which might help in fixing these issues.

1)  First identify how many users are affected. Check the version of the client Lync 2013, Skype for business 2015 or Skype for Business 2016 client.

Pick any one of the affected user and perform the below tests.

From the affected PC try to access the URL you have published for lync  https://webs.contoso.com/abs and see if you get the authentication prompt.

If you are not getting the authentication prompt then there is some serious issue with the connectivity from your end reaching the server. You have to fix this issue.

2)  Run the command Get-CsUserReplicatorConfiguration and see the replication cycle interval.

Lync2

The replication cycle interval by default is 60 seconds. If this value has been modified then we need to wait till the replication interval period gets completed.

3)  Its better to check the Synchronizepolling interval .This is the value which the addressbook server looks for any pending synchronization events for the lync users.Because there are more chances this value might be altered if you don’t want to happen this for every 5 minutes. In that case we need to wait till the interval period completes or run the Update-CsAddressBookConfiguration.

This value can be altered from 5 minutes to 3 hours.

Lync3

4) Check the Csclientpolicy

Run the command Get-CSClientPolicy and see the AddressBookAvailabilty configuration.

Lync1

Basically there are 3 options which we can set based on our requirement for this Lync/Skype for business address book availability.

a) Websearchandfiledownload.

b) Websearchonly.

c) FileDownloadOnly.

Its very self explanatory based on the names that we have for the addressbook.

By default this value is set to Websearchandfiledownload only. By having this option what it does is a local address book cache file from each client will be downloaded from the server. After that the Lync client will use the local cache. In-turn it will use the websearch functionality to download the user photos only.

So basically it takes 24 hours of time to have a fully updated local cache files.

When we have a web search only option  it does a direct lookup to the RTCAB database which will give the fully updated information for the lync/SFB clients. This is more or less similar like difference between having users in Outlook Cache Mode and in online Mode.

It would be better if we have a separate client policy only for the top VIP users. This will help them to see all the updated information from the Active Directory.

Inorder to create the client policy you can run the below command

New-CsClientPolicy -Identity VIP -AddressBookAvailability WebSearchOnly.

You can use this option for all users as well if we have less number of users where the user attribute changes happens very often and provided your network bandwidth is strong.

5) One last step that we can try is to run the below command.

The output of the command result should say there are no unindexed or abandoned objects.

Lync4

If you see any errors on them then you can try running Update-CSAddressBookConfiguration and see if it helps.

Hope this helps

Thanks

Sathish Veerapandian

MVP – Exchange Server 

Quick Tip – legacy log off mode for Exchange 2016 OWA logoff request

Exchange 2016 January 12, 2016 Comments: 2

As we know the importance of securing the web applications which are published on the internet have been increased.
So usually these external url’s are published in a secure way via reverse proxy which will handle this job.

When a end user logs into the OWA URL the session proxies via the published reverse proxy.
From Exchange 2013 we can notice that clicking on logoff will not trigger GET/OWA/Logff.owa like it was till Exchange 2010 where it generates a logoff page owa/auth/logoff.aspx?Cmd=logoff&src=exch
This log off page in 2010 was used by few Reverse Proxy to terminate the connection. This value can be modified in Exchange 2013 web.config file to bring this same page like 2010.

On Exchange 2016 we need to perform the below operation :

Navigate only to the below location

%ExchangeInstallPath%\ClientAccess\OWA\web.config

Remove the following line and do iisreset(make sure you make a backup of web.config before you do this):
<!– Disable logout page temporarily until UX is updated –>
<add key=”LogonSettings.SignOutKind” value=”LegacyLogOff” />

 

After performing this action the cookie session can be terminated.

 

Thanks 
Sathish Veerapandian

MVP – Exchange Server