Microsoft Teams: connect to meeting services from Zoom and Webex natively

Tags

Yes its true, coming early 2020 Teams will support the “direct guest join” capability. Essentially this simply means that you can join Zoom and Webex meetings from your Teams Room System. Basically clicking the meeting join button joins the participant from the browser based client.

Currently launching the browser to join is suppressed, but as Microsoft have worked closely with both Cisco and Zoom they are now close to releasing this for all to enjoy.

Looking at the details you will see an icon on the meeting entry on your Teams Meeting Room display indicating the meeting type (Teams\Webex\Zoom). If you ever had a play with “QuickLaunch” you may be familiar with this approach.

large

The announcement stated that the capability was to be available to a new generation of meeting room devices with embedded web technology. I am rather confidant that it will be available on all the official Teams Meeting Room devices. You can bet that there will be other vendors added to the initial list of supported web based meetings.

This is huge!

Skype for Business Trusted Root Certificate Authorities strike again

Tags

, , , ,

Issue

This issue was flagged as a Contact Center that’s unable to receive calls. Shortly after it was noted that users we where unable to join or create meetings using the “Meet Now” option within the SFB client and that the RGS service was failing to start.

Environment is Skype for Business 2015, Standard Edition.

Troubleshooting

All services were running with the exception of the Response group service. A quick dive into the event logs on the Front End Pool showed a number of errors as follows:-

Event ID 31147

Event ID 31147 LS Response Group Service – Cannot update active Match Making Server because SQL Server does not respond. Standard error for issues with connectivity to SQL.

That explains why the Response Group Service wont start. What else we got here?

Event ID 32178

Event ID 32178 LS User Service – Failed to Sync Data for Routing Group from backup store.

Cause indicates an issue with connectivity to the back-end database. Another SQL connectivity issue by the looks of it. Digging further, I also found a few other MCU errors like:

Event ID 61037

Event ID 61037 LS MCU Infrastructure – The Audio-Video Conferencing Server failed to send health notifications to the MCU factory.

And also:Event ID 61043

Event ID 61043 LS MCU Infrastructure – The IM Conferencing Server failed to send health notifications to the MCU factory.

Almost missed this sneaky Information message (should be Error right..?).

Event ID 61029

Event ID 61029 LS MCU Infrastructure – stating that the certificate applied to the front end pool was somehow invalid.

OK so here is what I have learnt so far:

  • Response Group Service has an issue connecting the SQL back-end (even though the back-end is local in Standard Edition)
  • MCU cant connect to the back-end either and its complaining about an invalid certificate

Resolution

My money is on certificates even though technically speaking the event log entry referring to this was informational. A quick look at the certificates proves that they all look fine and no expiring certs hanging around.

Double checked the trusted root CA and that too looks fine.

However..

When checking the Trusted Root Certificates Authorities store I spotted something that wasn’t right. Usually the certificates in this store have identical Issued To and Issued By entries.

Anything that deviates from that, as far as I have experienced, generally prevented the RTCSRV service from starting. Not the case this time around.

Could this be the reason why I saw the Invalid Certificate warning before? Asked the on-site engineer what the deal was with these certs. Turns out they had been added by an engineer for some firewall trusts he was mucking around with.

Removed these dodgy certs, gave the RGS Service another start and boom, running! A round of tests to confirm and we are cooking with gas.

Folks! Seriously, there is no need to drop certs from the SAME CA as your server on the local store. They are from the same CA..

Lesson for today, if you don’t know what you are doing with certificates be warned. You could accidentally take out a Contact Center.

 

 

Guide to Vendor Classes and DHCP Policies

Tags

, , ,

I often need to add a Vendor Class (Option 066) to define vendor specific settings to be sent to the endpoints in question. Typically this used to be rather a pain and often a little confusing, especially since you don’t set this up every day.

Finally with the release of Windows 2016, DHCP has matured to the extent that you are able to define policies dependent on other criteria. In this case I will explain how you can send specific option settings based on a vendor class.

My scenario includes two IP Phone variants, Yealink and V-Tech.

First I will define the Vendor Classes. The I will create a policy. The policy will look for Vendor Class matches, if a match is found then specific options will be sent to the IP phone.

From the DHCP Server, right click IP-V4 (of course you can do IP-V6 if that’s what you are running). Select Define Vendor ClassesVendor Classes

Click Add

02 Define Vendor Classes

Give your new Vendor Class a Display Name. In this example I am adding Yealink IP Phones. It is important to note that the ASCII value needs to be the Vendor Class as specified by the device vendor, in the case on Yealink IP Phones its simply yealink (lower case)

03 Yealink Vendor Class

You will now see Yealink appear as a new vendor class (I have also added V-Tech which is another IP Phone brand I will be using, vendor class for the V-Tech phones)

04 Yealink Vendor Class

Next, we will define a Policy that simply matches the vendor classes we want as a condition, then applying specific class options to the matched vendor classes.

05 DHCP Policies

For the Scope in question, right click on Policies and select New Policy

06 DHCP Policies

Give your Policy a Name and Description if needed, Click Next

07 Policy Based Options

Since I plan to have 2 vendor classes as conditions, I will set this as an OR condition (so it matched Yealink OR V-Tech) by selecting the OR Radio button, then click Add

08 Policy Based Options

Select the criteria as Vendor Class, Operator as Equals and choose the required vendor class. Click Add and Ok

09 Policy Based Options

You should now see the selected Vendor class as in the image below

10 Policy Based Options

We now add the second vendor class to our criteria, same as we just did before. This time I am selecting V-Tech (my other IP Phone variant)

11 Policy Based Options

We should now see both selected Vendor classes as per the screenshot. Click Next to proceed.

12 Policy Based Options

I won’t be handing out any specific IP addressing for my IP Phones recognized by the vendor classes, so I select the No radio button followed by Next

13 Policy Based Options

The DHCP Scope option I’d like to associate with my Vendor Classes is Option 066 – Boot Server Host Name, this is a Standard Option. Specify the String Value and Click Next.

14 DHCP Option 066

NOTE: The String Value is the TFTP Boot Server and will depend on the location and platform you are working with.

Complete the Policy by clicking Finish

15 Policy Based Options

If you now navigate to the DHCP Options for Scope you have just created the Policy for, you should see the Option with associated policy Name like the screen shot.

17 DHCP Options

You should now be good to go.