How to install and deploy Polycom VVX 5.6.0 firmware in to Skype for Business

Polycom has released version 5.6.0 for their range of VVX handsets, which includes the following enhancements for Skype for Business:

  • Support for Dial Plan Normalization,
  • Multiple Emergency Number Dial Plan
  • Skype for Business User interface enhancements
  • Skype for Business Conference Enhancements
  • Device Lock Enhancements
  • Profile Picture on Device Lock Screen
  • Secure Single Sign-On With Third-Party Supporting Solutions
  • Safe Transfer for Boss-Admin Enhancements
  • Busy Options for Incoming Calls.

The release applies to the following phones and accessories:

  • VVX 201
  • VVX 300/301/310/311
  • VVX 400/401/410/411
  • VVX 500/501
  • VVX 600/601

For the full list of updates, read the release notes.

How to install new firmware in Skype for Business

Continue Reading

How to enable a Domain Admin for Skype for Business

Perhaps you have seen the error message below when trying to enable a Domain Admin (not recommended) in the Skype for Business control panel.

Active Directory operation failed on “DC01.skypedev.nl”. You cannot retry this operation:
“Insufficient access rights to perform the operation
00002098: SecErr: DSID-03150F93, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
“.You do not have the appropriate permissions to perform this operation in Active Directory. One
possible cause is that the Lync Server Control Panel and Remote Windows PowerShell cannot modify
users who belong to protected scurity groups (for example, the Domain Admins group). To manage
users in the Domain Admins group, use the Lync Server Management Shell and log on using a Domain
Admins account. There are other possible causes. For details, see skype for Business Server 2015 Help.

You cannot use the Control Panel to users who belong to protected security groups. So your options are to either use Powershell as suggested in the error message or you could try this magical thing:

  1. Open active directory users and computers
  2. Enable the advanced features in the view menu
  3. Search for the account which is in a protected security group
  4. Go to Properties / Security / Advanced
  5. Check the following box: Include inheritable permissions
  6. Retry what you were doing in the Lync Control Panel
Now this might not be the best “securest” way of solving this issue, but for my lab environment I do not care too much about that, but i should think twice before doing this in a productional environment. Probably you should not Skype enable your domain admin accounts at all if you want to be and stay secure.
#EOF
Continue Reading

Microsoft Lync Connectivity Analyzer

Yesterday June 13  2017 Microsoft announced the retirement of the Lync Connectivity Analyzer, and will be no longer available for public download.
I’ve uploaded the latest version on my host. You can Download LyncConnectivityAnalyzer it right here.

What can you do with this tool?

This tool can help you to test both your internal and external network for the Lync Apps which are available via both the Windows Store and several other stores for mobile devices such as the MarketPlace.

There are a few parameters you will need to configure before you can start the test:

  • SIP URI;
  • password;
  • Username;
  • If Lync Discover will need to be used;
  • If the test is performed from internal or external;
  • For what kind of app you want to test.

Once these parameters have been specified you can push the start button.

After several seconds the result will be available and you know if your Lync infrastructure can offer service to the Apps.

Continue Reading

Security Updates Skype for Business (Lync) Client – June 2017

Patch Tuesday

During patch Tuesday Microsoft released two security patches for Skype for Business and one for Lync 2013.

Security update for Skype for Business 2016

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow
remote code execution if a user opens a specially crafted Office file.
To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-0283.

Note To apply this security update, you must have the release version of
Skype for Business 2016 installed on the computer.

(download KB3203382)

Security update for Skype for Business 2015 (Lync 2013)

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow
remote code execution if a user opens a specially crafted Office file.
To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-0283.

Note To apply this security update, you must have the release version of
Skype for Business 2015 (Lync 2013) installed on the computer.

Continue Reading

Configuring SEFAUtil – Skype for Business

What is SEFA Util

SEFAUtil (secondary extension feature activation) is a command-line tool that enables Skype for Business Server 2015 communications software administrators and helpdesk agents to configure delegate-ringing, call-forwarding, simultaneous ringing, team-call settings and group call pickup on behalf of a Skype for Business Server 2015 user. The tool also allows administrators to query the call-routing settings that are published for a particular user.The SEFAUtil tool allows the administrator to enable/disable/modify call forwarding or simultaneously ringing on behalf of the user. The administrator can specify the target (in the form of a SIP URI) or use a target that has already been published by the user. This tool also allows administrators to add or remove delegates or team-call group members on behalf of the user.This tool is built on Microsoft Unified Communications Managed API (UCMA) 3.0 and requires that administrators create a trusted application in the Central Management store for SEFAUtil.

SEFAUtil (secondary extension feature activation) enables Skype for Business Server 2015 administrators and helpdesk agents to configure delegate-ringing, call-forwarding, simultaneous ringing, team-call settings and group call pickup on behalf of a Skype for Business Server 2015 user. This tool also allows administrators to query the call-routing settings that are published for a particular user.

Configure Trusted Application Pool

Continue Reading