Lync 2013 - Generate CSR with EKU and additional SANs?

Similar Messages

• CUCM 8.6.2 Generating CSRs With Incorrect Country Code

  Hi folks, I'm running CUCM 8.6.2.25900-8 on a single cluster (1x pub, 4x sub). My CA certs for the tomcat service are due to expire shortly so I've generated CSRs for all the servers and submitted them to our provider. All but one of the requests went through with no issues but one failed because the CSR specified a country code of 'US'. We are in the UK and the four other servers all generated CSRs specifying C=GB.
  Examining the current tomcat cert or issuing "show web-security" on the command-line of the server who's CSR failed also show 'C=GB'
  Looking at the 'set web-security' command it appears that I cannot change the country code.
  Why is the server generating CSRs with 'C=US'?
  How do I change this behaviour such that they are generated with 'C=GB' instead?

  Surprisingly, it has made it all the way to 10.5(x) with the same info and the same error...
  I did found a method to change it via root access, and you might not require root access, but I can't tell for sure as I would need to look at exactly what the contents of the file that TAC changes, but apparently it's just the platformConfig.xml that they need to change and reboot.
  If that's the case, using the utils import config using pretty much all the same info, except the country, would end up with the same outcome.
  Again, not 100% sure but theory says that should do the trick, you can run that thru TAC if you open the case and see what they think about it.

• Lync 2013 FE pool with two server limitions

  Hi,
  I have some query about Lync 2013 FE pool with two FE servers.
  1. if I deploy two servers in the one FE pool so what happen if one fe server down ?
  2. will windows fabric work?
  Thanks.

  I don't completely agree with this. I have built a few environments with only 2 servers in the Front End pool (despite recommending that three be deployed) 
  1. Anyway in the event that one FE fails, users are temporarily disconnected and then the client will re-sign them in to the second server.
  2. Two servers is supported, but not recommended. See this link (it also contains how to handle two servers - scroll to bottom) http://technet.microsoft.com/en-ca/library/gg412996.aspx.
  The biggest issue with only having two servers is losing quorum. If both servers are shutdown at the same time, you can run into issues starting them back up. (it is recoverable by resetting the fabric/quorum, but it's a pain)
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer" | Blog
  www.lynced.com.au | Twitter
  @imlynced

• Error? on Example 16-7 XMLFOREST: Generating Elements with Attribute and Ch

  Error in example on page http://download-east.oracle.com/docs/cd/B19306_01/appdev.102/b14259/xdb13gen.htm#i1028612
  Example 16-7 XMLFOREST: Generating Elements with Attribute and Child Elements
  Example appears as
  SELECT XMLElement("Emp",
                    XMLAttributes(e.first_name ||' '|| e.last_name AS "name"),
                    XMLForest(e.hire_date, e.department AS "department"))
  AS "RESULT"
  FROM employees e WHERE e.department_id = 20;
  1. employees table not qualified as hr.employees
  2. e.department as "department" should be e.department_id as "department"
  corrected would be
  SELECT XMLElement("Emp",
                    XMLAttributes(e.first_name ||' '|| e.last_name AS "name"),
                    XMLForest(e.hire_date, e.department_id AS "department"))
  AS "RESULT"
  FROM hr.employees e WHERE e.department_id = 20;albert

  It was subreport-related, though I still do not know the exact root cause.
  I was having trouble with both the built-in export as well as a custom process.
  Removing the subreports as suggested, I isolated the failure to one of the three subs and rebuilt this subreport from scratch (it was only three fields) and now the report has no trouble with the pdf export. I am not sure if it had a resolvable technical issue or if it was just corrupted, as it is now working, I am not going to expend much energy on finding out.
  Thanks for the suggestion.

• How to remove OCS and install lync 2013 on MS Office 2007 and 2010

  Hi,
  We need to install lync 2013 on our systems having office 2007 and 2010 via SCCM 2012.
  Please suggest.
  Regards, Syed Fahad Ali

  Lync 2013 no longer has its own installer, but instead uses the Office installer.  You can create a customized installation and deploy it just like you do with Office:
  http://technet.microsoft.com/en-us/library/jj204827.aspx
  I hope that helps,
  Nash
  Nash Pherson, Senior Systems Consultant
  Now Micro -
  My Blog Posts
  If you've found a bug or want the product worked differently,
  share your feedback.
  <-- If this post was helpful, please click "Vote as Helpful".

• Is Lync 2013 perfectly compatible with Office 2010?

  Microsoft Office 2010 and Lync 2013 are two diferrent instances, but they use some common elements.
  In our company we have over a hundred MS Office 2010 licences and we dont need/afford to change them all to 2013. Now we want to install Lync 2013 and I wonder if there could be compatibility issues or, if Lync 2013 can modifiy the common files they use,
  so that certain functions in Office 2010 will not be available or not work properly.
  Is there a risk of this happening or they can work together "in complete harmony"? This is very important to me and I cannot afford to make a mistake. I would appreciate any help. Thank you.

  Hi Cristi,
  Checkout these Lyncs on compatibility and interoperability:
  Lync 2013 Compatibility http://technet.microsoft.com/en-us/library/gg412817.aspx
  Client Interoperability http://technet.microsoft.com/en-us/library/jj204672.aspx
  As far as having Lync 2013 & Office 2010 on the same PC, largely it SHOULD be ok and I've not had many issues. The exception to this was on a recent Citrix deployment, where for some reason running Lync 2013 was causing the Office 2010 instance to rerun
  everytime it was started. All desktops were ok though.
  My suggestion is to make sure you thoroughly test with every scenario that you can think of before rolling out to the masses.
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer" | Blog
  www.lynced.com.au | Twitter
  @imlynced

• Lync 2013 Cumulative updates with coexistence 2010

  Hello 
  I am pretty new lync admin, i have successfully done a coexistence with 2010 and 2013
  I just need clarification on the steps for a 2013 standard edition cu updates. 
  From the site http://support.microsoft.com/kb/2809243  I am seeing that I need to 
  1) run LyncServerUpdateInstaller.exe
  2)run Install-CsDatabase -ConfiguredDatabases -SqlServerFqdn SE.FQDN -Verbose
  3) Do not run Install-CsDatabase -CentralManagementDatabase until after full 2013 migration 
  4) Enable the Mobility service, run the following cmdlet:
  Enable-CsTopology
  5) Run %ProgramFiles%\Microsoft Lync Server 2013\Deployment\Bootstrapper.exe
  Just need those steps confirmed and..
  1) Just to confirm that I dont need to worry about output of Get-CsPoolUpgradeReadinessState command
  2) We dont have Mobility service, do I still need to run Enable-CsTopolgy for Standard edition?
  Thanks !

  Thank Iain 
  Just to confirm it is lync 2013 CU updates I am trying to perform on standard pool 
  When i run the CsPoolUpgradeReadinessState 
  I get State:insufficientActiveFrontEnds and IsReadForUpgrade True
  According to the update notes, they only speak of running cspoolupgradereadiness on Enterprise edition pool. 
  So i just wanted to know if the output of cspoolupgradereadinessState can be ignored or concerned about for the updates. 

• Exchange 2013 owa integration with ADFS and cooexistance with exchange 2007

  Team,
  I have successfully integrated adfs 3.0 and Exchange 2013 owa and ecp.  However, we have a coexistence environment with exchange 2007.  When you access owa, which then redirects you to adfs, sign-in, and then get redirected back to owa. If your
  mailbox is still within exchange 2007, you get a blank login page.  If you mailbox is in exchange 2013 then you successfully get the owa page for 2013.  The problem is that all exchange 2007 mailbox users get blank pages at login. So I have determined
  that exchange 2013 cas is not doing the service location lookup on the mailbox to determine if a redirect to the legacy owa address is needed.  Is there a configuration setting that I might be missing? Or does the integration with adfs and owa not support
  the much needed mailbox lookup for a coexistance environment?  A side note: if we enable FBA with owa, both login scenarios work just fine (legacy and new 2013). The legacy namespace has been created, and applied to the exchange 2007 urls.  

  Hi,
  Try using AD FS claims-based authentication with Outlook Web App and EAC
  http://technet.microsoft.com/en-us/library/dn635116(v=exchg.150).aspx
  Thanks,
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Simon Wu
  TechNet Community Support

• Lync 2013 sql mirroring with different doamin sql server.

  Hi,
  can I create lync BE sql mirroring with different domain sql server with one AD forest?
  Thanks.

  Hi,
  You can note the sentence “Using Topology Builder or cmdlets to set up and remove SQL mirroring is supported only when the primary, mirror, and witness (if desired) servers all belong to the same domain. If you want to set up SQL mirroring among servers
  in different domains, see your SQL Server documentation.” In the link below:
  http://technet.microsoft.com/en-us/library/jj204992.aspx
  So I think in Lync server if you use Topology Builder or cmdlets to set up and remove SQL mirroring only if when the primary, mirror, and witness (if desired) servers all belong to the same domain. If you want to set up SQL mirroring among servers in different
  domains you may do some steps on SQL server and you can also post a case on SQL forum, thank you for your understanding.
  http://social.technet.microsoft.com/Forums/sqlserver/en-US/home?category=sqlserver
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• LYNC 2013 generating Full Address book files but not the delta ones

  Dear Experts,
  I have noticed after I installed a new LYNC 2013 pool that the SQL share for address book is only showing F-xxxx for full downloads of address book but I am not seeing the D-xxx delta files which is causing my client not to receive the GALContactDelta file.
  This new pool is an enterprise LYNC 2013 and I am currently testing to move from LYNC 2010. I have only one Address Book configuration policy and I did not create any new policy for the new pool/site. Any suggestions where to check the cause is appreciated.
  Regards,
  A. Zaher
  A. Zaher

  Hi,
  If the address book contains over 50K entries, the client maintains a separate delta database GalContactsDelta.db and index GalContactsDelta.db.idx for GAL contacts, and periodically merges
  updates into its main database GalContacts.db.
  http://technet.microsoft.com/en-us/library/ee323492(v=office.13).aspx
  Thanks,
  Simon Wu
  TechNet Community Support

• Issue in generating Invoice with standard and service material

  There is one scenario where along with standard material (i.e Tube bending machine) they charge the customer for the Design and Development of a machine (which is a service). Is it possible to make a standard order with the standard material(with excise and cst/vat) and service material (with service tax only) in one single order?
  I have tried with both the material in a single order but while making invoice system is taking only the standard material as in  item category we have mentioned Billing relevance from delivery document. And service material will not have the delivery.
  I would be thankful if you could spare some time and check the exact problem.

  Hello,
  Yes.. this is a common problem when you use Delivery relevent material and service material in the same order. Why don't you use the service material in differnt order and invoice it? or do you have any restriction like the delivery relevent material and the service material should be billed in one invoice?
  Prase

• SAP NW7.1 with 10g and Netapp SAN on VM-Ware

  Hello together,
  I want to install several NW CE 7.1 Installations with an 10g Oracle DB on Windows Server 2003.
  Now, our admins talk about the Windows Hard Disk Drives like C: or D:
  Some admins want to implement different hard disk drives (like c: and d: etc.)  to the windows server 2003 to optimize the disk access, even if the server is connected to a netapp NAS. They say the the Windows 2003 server optimizes the disk access if more then one disk drive is configured.
  Some other solution architects says, that this is not necessary, because the C: partition an D: partition and e:partition is not on  a real hard disk, but on a SAN connection. It will be ok, if you define a c:partition with windows and a d:partition with oracle and sap on it, because the SAN is so fast that you must not seperate the disk load.
  How do you configure your Systems with oracle ?
  best rgards,
  Carsten Schulz

  Hi,
  I would do the mixing of Local Storage + SAN Storage for the same to have optimal file distributions.
  Along with the suggested partition layout by Eric (as well as by SAP and Oracle) , I would add the additional stripped partition on the local Hard-disk of the Box, which will be specially used for Paging activity (Virtual Memory).
  It is good to distribute all the suggested files (of different purpose) on different disks using RAID levels to deal with Data loss situation as well as to achieve higher I/O performance.
  Also the RAID levels play an important role here. Storage Partition with RAID-5 level is recommended for Storing the SAP Data files (Oracle Database files).  I am preferring RAID-0 level for OS executable and for SAP Executable (sapmnt) on local Hard-disks (or on SAN storage LUNs).
  *Origlogs and Mirrlogs files * are very sensitive & important files (online redo log files) which contains all committed+non-committed transaction entries and which are required to deal with Instance Recovery. So they are required to store at different locations to deal with any unexpected File loss/corruption situation whenever demanded in future.
  Along with the other files, the mirroring of Control files are also recommended on separate Disks location. A control file is very necessary file for the database to start and operate successfully.
  Separate location for storing Offline redo-log files (ORAARCH) is recommended to deal with Media recovery which is required in performing Complete/Point-in-time Database recovery.
  Regards,
  Bhavik G. Shroff

• Exchange 2013 issues along with toolbox and exchange powershell

  I have a server 2012 with exchange 2013, no errors on install, we have about 50 user mailboxes setup. about 3-5 times a day sending and receiving will stop working, we have to reboot about 3 or 4 times then it starts working again. 
  Also the Exchange power shell doesnt work, we get :
  VERBOSE: Connecting to NVSVMSX.KATV.local.
  New-PSSession : [nvsvmsx.katv.local] Processing data from remote server nvsvmsx.katv.local failed with the following
  error message: [ClientAccessServer=NVSVMSX,BackEndServer=nvsvmsx.katv.local,RequestId=3c4178cd-3e21-4ebf-9c65-23e5855cf
  17f,TimeStamp=11/11/2014 6:53:03 PM]
  [AuthZRequestId=b12c2ecf-ff1f-42df-b0f8-441878180bfa][FailureCategory=AuthZ-CmdletAccessDeniedException] The user
  "KATV.local/Computers/NVSVMSX" isn't assigned to any management roles. For more information, see the
  about_Remote_Troubleshooting Help topic.
  At line:1 char:1
  + New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
  + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
     gTransportException
      + FullyQualifiedErrorId : IncorrectProtocolVersion,PSSessionOpenFailed
  we get that 3 times then nothing.
  Also on the Toolbox we get MMC error
  "Type is not resolved for member "Microsoft.Exchange.Configuration...."
  Please help, we are at a loss and not sure what to do at this point, we have looked every where for a permissions issue and have found nothing so far.
  thank you
  BD

  Hi,
  Please check if this user was in Organization Management Group. If not, please use the following cmdlet to add this user to this group.
  Add-RoleGroupMember “OrganizationManagement” -Member <member>
  If this issue still exists, Run Setup /PrepareSchema and Setup /PrepareAD again.
  In addition, please refer to this similar thread
  https://social.technet.microsoft.com/Forums/sharepoint/en-US/33038c63-a993-4032-9355-023ae91a1c6a/cant-access-ecp-after-install?forum=exchangesvrdeploy
  And hope KB 2898571 will be helpful for you.
  To solve ToolBox issue, please try to install or uninstall ASP.NET 4.5 on Windows 8 or Windows Server 2012, use one of the following options:
  Run the following command from an administrative command prompt: dism /online /enable-feature /featurename:IIS-ASPNET45
  For Windows 8 client computers, turn on "IIS-ASPNET45" in "Turn Windows Features On/Off" under "Internet Information Services-> World Wide Web Services -> Application Development Features -> ASP.NET 4.5".
  For Windows Server 2012 computers, enable "IIS-ASPNET45" using Server Manager, under "Web Server (IIS) -> Web Server ->Application Development -> ASP.NET 4.5".
  Refer from
  http://support.microsoft.com/kb/2736284
  Best Regards.

• Integration Lync 2013 Online (Cloud) with Cisco CUCM 9.1

  HI
  First i Don't have a physical or virtual Lync server in my network,
  Do i have any chance to migrate with my Cisco CUCM 9.1
  Thanks.
  Ahmed Elshalh

  Lync online won't support back-end integration with CUCM on prem. But if looking to try client side integration, Cisco's CUCI supports Lync online.
  CUCI: http://www.cisco.com/c/en/us/products/unified-communications/uc-integration-tm-microsoft-lync/index.html
  O365 support: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucimoc/8_6/cucimocReleaseNote8_6.html#wp363808
  Keep in mind CUCI is a Cisco supported solution and not a Microsoft one, also CUCI disables most of the Lync client functionality.
  Please mark posts as answers/helpful if it answers your question.
  Blog
  Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.

• Lync 2013 Hybrid deployment with resource forest scenario on-premise

  Hi there,
  Im starting to deploy this scenario of Lync on-premise in resource forest with Lync Online:
  I´am not finding any documentation about this specific scenario. I wish to know how the flow between forests will be to have users in lync online and users on premise.
  Thank you very much in advance for your help.
  Joaquin Gonzalez

  Hi Joaquin,
  You need to deploy Microsoft Forefront Identity Manager (FIM) 2010 to manage the life cycle of user accounts.
  In a resource forest topology, one forest is dedicated to running server applications, such as Microsoft Exchange Server and Lync Server. The resource forest hosts the server applications and a synchronized representation of the active user object, but it
  does not contain logon-enabled user accounts. The resource forest acts as a shared services environment for the other forests where user objects reside. The user forests have a forest-level trust relationship with the resource forest. When you deploy Lync
  Server in this type of topology, you create one disabled user object in the resource forest for every user account in the user forests. If Microsoft Exchange is already deployed in the resource forest, the disabled user accounts might already exist. A directory
  synchronization product, such as MIIS, Microsoft Forefront Identity Manager (FIM) 2010, or Microsoft Identity Lifecycle Manager (ILM) 2007 Feature Pack 1 (FP1), manages the life cycle of user accounts. When a new user account is created in one of the user
  forests or a user account is deleted from a forest, the directory synchronization product synchronizes the corresponding user representation in the resource forest.
  Click the links below for more information.
  Supported Active Directory topologies in Lync Server 2013
  http://technet.microsoft.com/en-us/library/gg398173.aspx
  Windows Azure Active Directory Connector for FIM 2010 R2 Quick Start Guide
  http://technet.microsoft.com/en-us/library/dn511002(v=ws.10).aspx
  Hope it can be helpful.
  Best regards,
  Eric