About Me

My photo
TsooRad is a blog for John Weber. John is a Skype for Business MVP (2015-2018) - before that, a Lync Server MVP (2010-2014). My day job is titled "Technical Lead, MS UC" - I work with an awesome group of people at CDW, LLC. I’ve been at this gig in one fashion or another since 1988 - starting with desktops (remember Z-248’s?) and now I am in Portland, Oregon. I focus on collaboration and infrastructure. This means Exchange of all flavors, Skype, LCS/OCS/Lync, Windows, business process, and learning new stuff. I have a variety of interests - some of which may rear their ugly head in this forum. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. One of these days, I intend to start teaching. The opinions expressed on this blog are mine and mine alone.

2014/06/26

Lync 2013 Server 2012 replication issues

A slightly different twist on an old issue

Situation

I had a client using Windows Server 2012 as the OS for a Lync 2013 deployment.  Replication between the Edge and the Front End Enterprise Pool was not working. Everything appeared to be set correctly, you can browse to the replication location for the Edge (https://serverfqdn.domain.com:4443/ReplicationWebService), you can telnet to the Edge server on 4443.

 

The Fix

We are using all public certificates from a well-known CA (GoDaddy), so the certificates not being trusted from domain member to non-domain member was clearly not the issue.

After a bit of searching you find that adding some registry changes to the SCHANNEL on the edge servers and the Front End Pool members will resolve the issue. 

Like so:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL]
"EventLogging"=dword:00000001
"ClientAuthTrustMode"=dword:00000002
"SendTrustedIssuerList"=dword:00000000

Or, for you PowerShell freaks out there: (lines wrapped)

New-ItemProperty -Path HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\ -Name ClientAuthTrustMode -Value 2 -propertytype "DWord"
New-ItemProperty -Path HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\ -Name SendTrustedIssuerList -Value 0 -propertytype "DWord"

If you want to get real fancy, you can affect multiple domain servers using remote PS.  For my current project I did this for 20 servers, 12 domain members and 8 out in the DMZ.

$credential = Get-Credential -Credential domain\user
Enter-PSSession -ComputerName FQDN -Credential $credential
New-ItemProperty blah blah blah
New-ItemProperty blah blah blah
Exit

For you reg /s fans, copy the following to a handy file of your own with a .reg extension and click away.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL]
"EventLogging"=dword:00000001
"ClientAuthTrustMode"=dword:00000002
"SendTrustedIssuerList"=dword:00000000

As always, YMMV

2014/06/16

Logitech ConferenceCam CC3000e review

I have been living the good life.  As proof, look what showed up at my door!

image

Seeing as how I am feeling a tad lazy, here are the official specifications.

What comes in the box

image

Looking at the contents of the box, we can see that this will not be the simple task I first thought.  Taking a quick inventory shows that there will be a least one session of “build this thing” and another of “how does this work” followed by “where to put this thing.”  Luckily, I had my handy-dandy Setup Guide that also came in the box.  But first, I will of course, attempt to assemble it without reading the Setup Guide; after all, what fun in life if you can’t ignore the instructions just once in a while?  And who knows, I might get it first try.  Hey even *I* can follow these instructions!

image

OK, I am back.  Not reading the instructions appears to somewhat successful.  I got the electrical part figured out quick enough (go me!) but the bracket thingy with Velcro pads and other mediaeval accoutrements got me puzzled.  It turns out the bracket thingy is wall mount; nice bit of thinking ahead, Logitech.  Having already cheated once, it became much easier.  So I gave in and read the instructions.  There, I said it.

Cables for the system are quite long – allowing me to place the various components where it made sense to my office feng shui.  Using the cubit and hand method, the camera and control unit cables are a good 18 feet long (the “official specifications” say 16 feet – OK, I believe them.  But my method is more fun). The power cable is a good 10 feet also (appreciate the included cable-ties.  A nice little touch). Clearly, the target implementation of the CC3000e is not your office cubicle.  This thing is meant for a medium sized conference room.

It Slices, It Dices…

Initial setup into my laptop did not go well.  When I plugged the unit together, the camera did the R2D2 thing, when I plugged in the USB, the camera did its thing again, but then I got this:

image

Uhm….I checked the box again.  Yes this is a Logitech.  And Logitech not working with USB is sort of unheard of.  Sure enough, from the Logitech support site comes this nugget.

image

Looks like I will be rebooting.  After a reboot, all seems well. I have to say, that is the first time I have seen that little routine from a Logitech USB device ever – so I will chalk this one up to my laptop being sideways (and it has been since the last round of Windows and Office updates).

A few more run-through gyrations with disconnecting USB and getting Skype out of the way and things were looking pretty good. I now have the following in my Lync client.

imageimage

Now let’s do a little test video call just to see what is what.  Audio quality is the expected excellent.  Good tone, good volume.  I can see this unit filling a medium conference room.  I bet most folks would miss the the satellite microphones you find on most conference room units.  But in my test, the volume and pickup even from across the room (10-12 feet) was very acceptable if not excellent.

I could play with the R2D2 camera head for a long time.  The remote has full control, and according to the setup guide, you can do “far end control” also but that requires a small download.  I did not do this, but I expect that the ability to control the camera from something other than the remote or the base unit might be warranted in a situation or three.

Field of view at about 10 feet is pretty nice, great resolution on the camera, and did I mention you can play with the zoom, pan, and tilt via remote?  Fun!  At any rate, with me (the dork in the red hat) in the frame for sizing, you can see where this unit will cover the FRONTAGE of a conference room let alone the long axis.  Pretty nice, IMHO.

clip_image002

At this point, the zoom can also be demonstrated…

clip_image002[4]

I had it pointed at my whiteboard across the room, but I did not want to erase the board, and it was FULL of secret squirrel data, so you will have to take my word for it that from across the room, the CC3000e will easily resolve a whiteboard.

Bottom Line

Lync integration, once I got past my laptop’s USB psychosis, was seamless.  Lync simply views this device in a native state and uses it for a speaker phone and a video source.  With a remote.  All with that wonderful Logitech build quality.  For my tired eyeballs, the video quality was also excellent, good field of view, detail resolution is wonderful; but there could be some time spent with contrast controls – as you can tell from the pictures, the overhead lighting coupled with outdoor daylight played hob with the contrast (see the pictures above).  As far as I can tell, Lync and the CC3000e pair up very well.  Skype also seemed to think that the CC3000e was pretty slick.  Even with my lack of reading skills, the total time from ‘open box’ to doing a full Lync conference call with the CC3000e was about than 30 minutes. 

If you are wanting a low cost solution for those mid-size conference rooms and don’t want to spend a small fortune, the Logitech CC3000e should be on your short list.

You can get one right here.

YMMV

2014/06/03

Unable to launch device manager

ASA ADSM won’t launch.

image

and then this:

image

 

I read numerous articles.  I went through the upgrades and downgrades of Java.  I did the various CLI on the console to enable the http, make sure the subnet I was on was authorized connection per the interface I was on.

Then I read some little blurb about Firefox.  D’oh!  Immediately worked.

Chalk up another one against using IE v anything.

Sad smile

YMMV

What Vacation Taught me

I took vacation this year; a formal thing with travel, schedule coordination, planned activities, and days full of interacting with others. ...