About Me

My photo
This is a blog for John Weber. One of my joys in life is helping others get ahead in life. Content here will be focused on that from this date forward. John was a Skype for Business MVP (2015-2018) - before that, a Lync Server MVP (2010-2014). I used to write a variety of articles (https://tsoorad.blogspot.com) on technical issues with a smattering of other interests. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. The opinions expressed on this blog are mine and mine alone.

2016/06/30

YADR–Logitech H820e (dual)

OMG.

I had forgotten.  Back a few years ago, May of 2013 to be exact, I reviewed this headset.  I used it for a few months, and then other headsets came and went, and I kept going back to it.  About a year ago, it broke.  Not the headset’s fault, but a *&^%$# cat incident.  So I used other solutions.

The other day a box showed up with some new toys from Logitech, and one of them was a squeaky new Logitech Wireless Headset Dual H820.  DECT.  No software needed.  Plug n Play.  And no, not Plug n Pray, it really just jacks in and works.

image

Here is the official Logitech market-speak

SfB Connection

I have to say something.  uhm… it works perfectly.  Optimized for SfB/Lync, certified on the OIP.  What else can you say about a product that plugs in and your application goes “blink bonk” and starts to use it?

 

image

Comfort

Much as I remembered, oh so nice.  No wires tethering my skull to the laptop. I consider this to be a HUGE plus.

Audio Quality

Dang but this is a nice piece of gear for voice. And with the slider in the WB (as opposed to NB) wowzer!  For the unwashed, WB and NB is Wide Band and Narrow Band.  In the DECT world, this somewhat equates to signal quality and range.  And maybe battery life.  Music is pretty excellent also. 

Back to SfB Connections

SfB client will do stereo to this headset.  Oh yes.  For those of us who suffer from a previous lifetime that caused hearing loss, having an over-the-ear, or on-the-ear solution with actual speakers in cups rather than some microdot in a ear canal thing is a real bonus.  ooh ooh ooh.

Noise cancelling mic standard.  One of the problems I see with SfB/Lync is that the devices pick up every last little noise.  And when the audio stream is literally silent if no one is talking, then the ambient noise on either end can be a real distraction.  Logitech wizardry to the rescue.  This headset ignores just about everything except what is right in front of the mic boom.  Really well done.

Build quality is right up there in the excellent to superior bracket – as you would expect from Logitech.  Comfort – yep.  Range?  Dang, I can wander all over and not lose signal.  Another HUGE plus.  That makes two of them.

Summary

Build quality, SfB/Lync certified, comfort, features, functionality. After having used at least six different headsets over the last 18 months, I hereby declare the H820e as my favorite.  There are others that offer more widgets, more wires, more software, or are customizable to the nth degree, but none of them perform the core task of being a VOIP headset and delivering audio to your gourd nearly as well the H820e.  

And, you can still get your very own H820e right here.

YMMV

And in the darkness bind them – O365 PowerShell

A nifty quote, and only partially applicable here, but I have wanted to use that phrase for a long time, so this seemed like a good time.

Office 365, with Azure, MSOnline, Sharepoint, Skype Online, Exchange Online, all of that good stuff.  But managing the various interfaces can be a bit of a challenge. The web interfaces work OK, but for any serious, scaled out work, you will want to leverage PowerShell.  Now, we can do this via individual windows, but they all get jumbled up, and what is what?  And you need how many?  Just ONE won’t do?

Microsoft themselves offers up a TechNet article on how to get all the Office 365 services in a single window…. good luck keeping track of that.  Part of that article also shows the various single window methods.  Even I can figure out that part.  But there must be a better way.  Or perhaps a solution that better matches how I want to work.  As slick as the TechNet guidance is, that just don’t work for me.

Enter Brad Stevens, the Resident Bright Boy (RBB) on my team.  In conversation with him, the idea surfaced of creating a script that would open all the PowerShell requirements at once, label the windows, and possibly even give you the options of opening just what you wanted, yet remain ready to connect to the others.  Keep in mind that this script is his work, not mine.  I can write psuedo-code and create the concept all day long; actually coding the idea into reality is way past my skill set.  But, not his apparently!

A walkthrough

First off, I always run PowerShell as “administrator”  - it just solves so many problems!

image

Set your execution policy.  I always run my laptop in “unrestricted” – which is not the best choice for the uninitiated.  For this RBB script, you will want unrestricted.

image

Then, simply navigate to your script location and call it.  You will want to do [R] Run Once…

image

You will get this handy-dandy pick box to choose your level of functionality, and for entering those all-important credentials.

image

For the purposes of this article, I am going to hit them all, but the SPS window is going to have some red in it as I don’t have SharePoint setup in my tenant…

image

Selecting the “connect” button results in this:

image

You can close the windows individually, work in them all at the same time, etc.  Way better, IMHO, than having only ONE window and I am always having to open another while doing something else.  Why not have them all at once?  And they are cleverly labeled so you can look at the title bar and figure out what you are doing.

Remember that you can select one, like Skype, and then go back an redo things and select Exchange… the interface will stay open for you…

You can get it for yourself

The RBB has now posted the script on his blog so you can enjoy the goodness for yourself.

YMMV

2016/06/17

Array Networks vAPV Review

Have you looked at the Lync Server/Skype for Business Server Open Interoperability Program (OIP)  and wondered who some of the qualified providers are?  I know I have.  And then with the advent of virtualization a few years back, I started to ponder whether or not a vendor who is qualified on the hardware list but not on the VM list would function the same.

For the last two months I have been putting the Array Networks vAPV through it’s paces.  For the above reason, I have the virtual edition rather than the physical appliance.  Just so we are on a level playing field, I have been working with this right here. Array has been on the OIP since the Lync 2010 days, and the qualified firmware version for the appliance is 8.x.  The vAPV with which I have been working is 8.5.1.6. I also have a running version of APV.8.6.0.14.  Gee, lots of periods there!

image

One of the things I have discovered is that Array is aimed a tad higher up the food chain than the SMB market.  This is not a bad thing, it just is.  In fact, I can easily make a case for this being a great thing. Price-wise, I would say that they are very competitive even for the SMB customer. Picture a company that is a bit above the SMB space, but below the “enterprise” space.  The needs are the same -  in fact even an SMB can have enterprise needs.  Array Networks has feature set in spades.  Very comprehensive – including some I had not thought were useful until I played with them.

Feature Set

Market-speak

:

The vAPV runs as an entry, small, medium or large virtual application delivery controller on Array’s AVX virtualized appliance to flexibly enable on-demand, full-featured load balancing and application delivery with guaranteed performance.

More Array Networks market speak: 

Local server load balancing, as well as both global server load balancing (GSLB)and link load balancing (LLB) ensure application uptime in the event that servers, ISP links, network segments or data centers become overburdened or unresponsive.

Upfront, this is the list of features that are available:

image

Specifications may be important to you also.  The capacity ramps up quickly – and you can see where I say that the APV is aimed at a higher market segment than the SMB (however, my previous comments still hold).

image

If you don’t like virtual load balancers, then guess what?  There is a range of physicals as indicated.  Bon appetit!  Bottom line, you need to read through this Array Networks information to get the full list of things the vAPV (or APV) can do for you.

What about me?

Well, what about me?  You’ve read the marketing material, I have presented some opinions, but what did I experience during the install and configuration and operation of the vAPV?

Installation

Because I am using VMWare workstation for my lab, I had to convert the OVA download into vmdx format.  No biggie once you have done it.  Here is the list of supported hypervisors.

image

Once that was done, there is a defined install guide that walks through the initial base configuration and then it is on to the good stuff.  Simple.  Worked first time through. What could be better?

In my time with this exercise I screwed up the entire mess.  So the support engineer had me check a box and restart.  The end result is that the box recovered with the previous known good.  So nice.

image

Speed

Speed is not an issue here.  The web UI is very snappy. Content delivery was noticeably faster than competing products.  I like that – I have zero patience for slow stuff when the resources are not being overtaxed and something is slow just because.  Array does not seem to have that problem.  Fast fast fast.  Did I mention content delivery was zippy?  And it got better with compression enabled.  I like it.  “nuff said.

Configuration

One of the issues administrators run into is configuration.  Sometimes just reading the documentation is enough, sometimes formal classroom training is almost a prerequisite to success.  The vAPV fits somewhere in between the two extremes.  Getting into the GUI and poking around was easy enough, and seeing the basic administrative function was clear also.  At that point, neither of my brain cells could figure out what was needed.  Maybe I am just a bit dense.

Luckily, there is this built-in “quick start” feature where there is an outline of the steps needed to do tasks.

image

But still, Array has so much to offer that the granularity gets in the way of the KISS method I like.  Even when using the list shown above, I was at a loss to divine the steps to get things working.  See below for “SUPPORT.”  Configuration will be much like using an AlphabetNumber product.

For you CLI types, Array also supports a full CLI that will allow you to script your configuration and work that way.

VS and Reals and Groups

Here is what we need Mr. vAPV to do for us:

image

Granular is the word of the day here.  Think of each service you need for your system.  You will need by IP by port.  So, 1.1.1.71:443 is NOT the same as 1.1.1.71:8080 – each of those needs to be separate.  And the common name is going to need to be unique also.  <sigh>  Each of these services, just for a DNSLB setup in SfB required the following.  Yes, I have my SE web services going through here also as I wanted to play with the content redirects.  Figure out your naming convention per layer before you start.

image

After you make the real servers up, you then need to lump them into groups.  Reals into groups; groups into virtual services.  Think ahead.  Maybe some UML work might be in order before you start?  Oh yes, you cannot put TCP reals into an HTTP group and hence an HTTP service.  Or, at least I could not figure out a way to do so.

image

Once you get past the real server and group setup, then you need to worry about the virtual services.  For my environment, here is what I came up with.

image

Logs

The APV has logs everywhere.  Which is right handy at times. For instance, you can drill into a group, and down at the bottom there are some basic stats listed for that group.

image

Included in the unusual plethora of admin tools is a copy of the running configuration for you CLI afficianados. And to get you really into it, the display is separated into startup config and running config.  So nice.

Monitoring of the entire mess gets granular as well.  Statistics exist for every layer of the construction.

image

Graphs?

Are you visually oriented?  You want pretty pictures to show that your virtually shiny appliance is in fact doing something?  Well, APV has you covered.

imageimage

And you can choose from the following pre-defined graphs…notice how the pre-defined collection has our configured real, virtual, and policy connections listed.  *I* did not do that – the system saved me my lunch break.

imageimage

You can also make your own definitions.  I put this beauty together in about 30 seconds. Such an artist am I.

image

Content Redirects

Near and dear to my heart is content redirects.  Not every customer of mine has entire class B subnets to work with in their public space – so we try to conserve IPV4 space as much as possible. If you read the link there, you will note that there was syntax involved, and you had to know what you wanted before you started.  Not a problem for ME…might be for an un-initiated hard-charging techie.  APV has you covered here also.  The content re-direct policy stuff in the vAPV was done on the fly, with no syntax needed other than knowing the called URL from the client perspective.  Sa-WEEET!  What you see here took about 10 minutes from start to finish.

image

Routing

Would you like to route stuff around your network?  Would you like some content to go via certain routes?  APV has you covered

(I just realized I have been using that phrase a lot.  But, in truth, APV does have all the bases covered, and then some.  Every time I look at it, there is more to appreciate.  Simply a very well done product that is continuing to evolve and get better.)

Adelante!

There is more in that networking section (basic and advanced) than my little pea-brain comprehends, but I showed this to a few networky-techy-nerd buddies, and then had to clean up drool from the monitor.  Their excitement over the possibilities was palpable.

image

Compression

Would you like some of your content delivery to get compressed and some not?  FWIW, this makes OWA 2016 pop on screen rather than ooze up there. As in a LOT faster.  I did not measure as I have no facility to do accurate measurements – Array claims 500% improvement over non-compressed.  I don’t know about that, but I know OWA flies up on screen.  OOS and OWAS scream into being rather than just oozing.  According to my setup, there has been an “87% compression ratio of compressible data” – whatever that works out into improvement percentage I do not know.  But seat-of-the-pants – mucho mejor.

IPv6 support – NAT64

When enabled, the APV can translate ipv6 to ipv4.  Or ipv4 to ipv6. You can’t mix the two in a group, but you can have both inside and both outside – you just can’t mix the group. I can think where this will come in handy down the road just a bit as (supposedly) the IPV4 pool is now exhausted.

SSL

Yes Matilda, the vAPV does SSL.  My configuration is decrypting and inspecting, then re-encrypting and sending to the real servers.  All faster than you can type about it.  The certificate import process was easy as it took .cer format directly.  I had some moments with the configuration, but read below in “support”  - we got through it.  After having it explained to me in kindergarten terms, even I grasped the simplicity (when you think about it) of how the SSL is handled.

image

image

image

 

Support

Take a look at the wealth of deployment guides here.  The only problem I see on the deployment guide page is that the Lync 2013 guide is for the full load balance solution, whereas I only deploy in that fashion when I am pushed into a corner for some business or technical reason – otherwise I am going to advocate and deploy DNSLB.  In working with Array support engineers, I am told that the SfB documentation will include both methods.

I had some difficulties due to the extreme levels of granularity of the APV. My friendly (he never cursed at me – not even once!)(and I gave him plenty of reasons – there are times I am just stupid beyond belief…) support engineer showed me how to get multiple ports into the virtual service so that you could theoretically define a real service with port 0 and then create virtual services with any ports you want.  so if you had some generic needs, like RPC Endpoint mapper and port 80, you could handle that with one assembly.  Not the most obvious solution set, but when you look at the granularity model, it makes sense.

So they get a frowny, a smiley, AND a straighty.

Sad smileSmileDisappointed smile

I will reiterate, even in the midst of my personal issues, my assigned Array Networks support engineer was extremely helpful and patient. I am not the easiest person to coexist with; whoever that guy is deserves a medal.  If the rest of the folks at Array are anywhere close to this guy, it speaks well for them as a company/staff.

The SfB / Lync Connection

I would not be doing this homework if it was not for wanting to make my customer’s Skype deployments better.  That’s the bottom line.  After configuring the APV as shown above to match the environment shown below, SfB was happy as can be.  Internal and external web services were flawless. No issues.  OWAS as mentioned popped up on screen.  LWA worked perfectly.  Mobile clients went tearing through. I saw no issues whatsoever – let alone anything that could be attributed to the compression.  Web services with the compression were “seat of the pants” faster.

lab

The Array Networks installation/deployment guide does a fine job of laying out the requirements and the “how to” part of the vAPV deployment to support Lync/SfB.  I have not yet had the chance to convert to a full load balance solution (nor do I really want to), but I would imagine that the results would be the same.

Conclusion

Let’s face it.  If you have an organization that is big enough, or perhaps small but needing the services of a load balancer – be it application delivery or just simple reverse proxy, then almost anything will work.  However; should you want to control the beast, and use your deployment for something other than just a one off, you need something more sophisticated.  As your traffic load grows and expands to cover more than just one workload, the underlying network devices become more and more important.  Enter Array Networks. The Array vAPV (and the physical APV for that matter) presents some very interesting feature sets for discussion.  Do you want simple or do you want granular control?  Are you willing to accept some sluggish performance or do you want screen-popping speed? Local load balancing is needed and you want global load balancing options for the future? If you went the caviar route on those questions, then Array Networks needs examination.

For a load balancer/application controller that offers a great feature set, is granular (seriously granular!), along with being wicked fast, then Array networks vAPV should be on your short list. 

You can get your very own vAPV here.

YMMV

2016/06/06

WebConf modalities not working for internal users after server patching

This falls into the “oh wonderful” category…

https://technet.microsoft.com/en-us/library/security/ms16-065.aspx breaks Office Web Apps for internal users.  External users seem to be unaffected.

Conferencing modalities no longer function in Lync Server 2010, Lync Server 2013, or Skype for Business Server 2015 after you install Security Bulletin MS16-065Here is a fix workaround:

https://support.microsoft.com/en-us/kb/3165438

And people wonder why I always advise waiting 90 days or so before patching Lync and SfB host servers.

The documented update in the article is KB3156757, but the actual KB installed was KB3156756.  Which also is associated with MS16-065.

YMMV

test 02 Feb

this is a test it’s only a test this should be a picture