Lync 2013 SCOM Watcher node requirements

Similar Messages

• Lync 2013 Watcher Node Synthetic Transactions

  I've set up SCOM monitoring for our Lync 2013 deployment.
  Everything is looks like perfect, in the SCOM console I can see the watcher node and it looks like the monitoring is functional (marked with green as "monitored"), but in the Event Viewer of the Watcher Node server I cannot find the events 334
  or 335, but as far as I know, there should be notofications in every 15 minutes, that the tests was runing and was succesfull or not.
  I've tried to remove and create the watcher node configuration again, restrated the health service etc. but nothing was helpful. What is the problem? :/

  Verify that enable proxy agent on lync watcher node to can monitor it.
  For configure watcher node, you can refer below link
  http://lyncdup.com/2013/01/how-to-setup-lync-2010-scom-management-pack-and-synthetic-transactions/
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
  Mai Ali | My blog: Technical | Twitter:
  Mai Ali

• Lync 2013 watcher node and DiscoverMachine.ps1

  Hello !
  I have a strange issue with lync 2013 watcher node. 
  I completed the installation according to the instructions on the teсhnet (http://technet.microsoft.com/en-us/library/jj205152.aspx). SСOM 2012, sees Lync watcher node components and monitor node correctly. But only one script DiscoverMachine.ps1 has
  an error.
  Description: 
  DiscoverMachine.ps1 :
  -Script Name: Lync Server MP Machine Topology Discovery -Run as account: nt authority\network service -Execution Policy: Bypass
  Value of Source Id is {2469342F-3092-2CD4-2CE3-D45CA920984C}. Value of ManagedEntity Id is {094D7357-71C5-3848-0E33-4B8E5E23B9F3}. Value of Target Computer is LYNCWATCHER.domain.lan. Lync Server Module is added Successfully initialize discovery data. Successfully
  found current machine in topology. Machine Fqdn is LYNCWATCHER.domain.lan Successfully discover deployment LS Site discovery completed for Test Site. Can not classify cluster [lyncwatcher.domain.lan]. LS Pool discovery completed for lyncwatcher.domain.lan.
  Can not classify cluster [lyncwatcher.domain.lan]. LS Machine discovery completed for LYNCWATCHER.domain.lan. Found an unsupported Role 'ExternalServer'. An exception occurred during discovery script, Exception : System.Management.Automation.RuntimeException:
  Cluster of current machine LYNCWATCHER.domain.lan does not have any role supported 
  Colleague, someone have records similar error? 
  Konstantin
   

  I opened a support case last week on this, once I have resolution, I'll post it here and on my own thread of the same issue.
  http://social.technet.microsoft.com/Forums/lync/en-US/92b8b0d0-c333-4b15-ab8a-6da6b4120432/lync-2013-synthetic-transaction-watcher-node-discovery-failure

• Lync Synthetic Transaction from Watcher Node

  Hello All,
               I have a Lync 2013 Environment using Orchestrator I'm performing some activity on Lync servers and folowed by I will be executing the Synthetic transactions from Orchestrator.
               I have created a watcher Node(Just Installed the Lync Core Files and Admin tools), not using SCOM here. I just use to execute the Test-cspresence, Test-CSIM, etc.. from the watcherNode and use targetFQDN as
  Front end servers. But it's not working now with an below Error, rest of the commands like get-user and all working fine.
               Can someone help me to fix this issue?
  Error: “Exception has been thrown by the target of an invocation”

  Please check you have enabled Windows Powershell for remoting.
  For details, you can check
  http://technet.microsoft.com/en-us/magazine/ff700227.aspx
  Lisa Zheng
  TechNet Community Support

• Lync 2013 certificate requirements for multiple SIP domains

  Hi All,
  I am engaged with a client in respect of a Lync 2013 implementation initially as a conferencing platform with a view to enabling EV functions (inc. PSTN conferencing) in the future. They initially need to support 30 SIP domains and eventually
  around 100 SIP domains which is proving to be either not possible or severely cost prohibitive. Their current certificate provider, Thawte, can only support up to 25 SANs and have quoted them 5 figures. We tend to use GeoTrust as they are cheaper but they
  appear to have a limit of 25 SANs. GoDaddy appear to support up to 100 SANs for a pretty reasonable cost. My questions are as follows:
  Is there a way that I’m missing of reducing the number of SANs required on the Edge server?
  Use aliases for access edge FQDNs - Supported by desktop client but not by other devices so not really workable
  Don’t support XMPP federation therefore removing the need for domain name FQDNs for each SIP domain
  Is there a way that I’m missing of reducing the number of SANs required on the Reverse Proxy server?
  Friendly URL option 3 from this page:
  http://technet.microsoft.com/en-us/library/gg398287.aspx
  Client auto-configuration:
  i.     
  Don’t support mobile client auto-configuration in which case no lyncdiscover.sipdomain1.com DNS records or SANs would be required.
  ii.     
  Support mobile client auto-configuration over HTTP only in which case CNAME records are required for each SIP domain (lyncdiscover.sipdomain1.com, etc. pointing to lyncdiscover.designateddomain.com) but no SANs are required.
  iii.     
  Support mobile client auto-configuration over HTTPS in which case DNS records are required for each SIP domain and a SAN entry for each SIP domains is also required. This is because a DNS CNAME to another domain is not supported over
  HTTPS.
  If the answer to 1 and/or 2 is no, are there certificate providers that support over 100 SANs?
  How do certificate requirements differ when using the Lync 2013 hosting pack? I would think that this issue is something that a hosting provider would need to overcome.
  Would the Lync 2013 Hosting Pack work for this customer? The customer uses SPLA licensing so I think is eligible to use the hosting pack but not 100% sure it will work in their environment given that client connections are supposed
  to all come through the Edge where their tenants will be internal and also given the requirement for an ACP for PSTN conferencing.
  Many thanks,

  Many thanks for the response.
  I was already planning to use option 3 from the below page for simple URLs to cut down on SAN requirement.
  http://technet.microsoft.com/en-us/library/gg398287.aspx
  What are the security concerns for publishing autodiscover over port 80? I.e. Is this only used for the initial download of the discovery record and then HTTPS is used for authentication? This seems to be the case from the following note on the below page:
  http://technet.microsoft.com/en-gb/library/hh690030.aspx
  Mobile device clients do not support multiple Secure Sockets Layer (SSL) certificates from different domains. Therefore, CNAME redirection to different domains is not supported over HTTPS. For example, a DNS CNAME record for lyncdiscover.contoso.com that redirects
  to an address of director.contoso.net is not supported over HTTPS.
  In such a topology, a mobile device client needs to use HTTP for the first request, so that the CNAME redirection is resolved over HTTP. Subsequent requests then use HTTPS. To support this scenario, you need to configure your reverse proxy with a web publishing
  rule for port 80 (HTTP).
  For details, see "To create a web publishing rule for port 80" in Configuring the Reverse Proxy for Mobility. CNAME redirection to the same domain is supported over HTTPS. In this case, the destination domain's certificate covers the originating
  domain.”
  I don’t think SRV records for additional SIP domain access edge is a workable solution as this is not supported by some devices.
  As per the below article:
  http://blog.schertz.name/2012/07/lync-edge-server-best-practices/
  “The recommended approach for external client Automatic Sign-In when supporting multiple SIP domains is to include a unique Access Edge FQDN for each domain name in the SAN field.  This is no longer a requirement (it was in OCS) as it is possible to
  create a DNS Service Locator Record (SRV) for each additional SIP domain yet have them all point back to the same original FQDN for the Access Edge service (e.g. sip.mslync.net). 
  This approach will trigger a security alert in Windows Lync clients which can be accepted by the user, but some other clients and devices are unable to connect when the Automatic Sign-In process returns a pair of SRV and Host (A) records which do not share
  the same domain namespace.  Thus it is still best practice to define a unique FQDN for each additional SIP domain and include that hostname in the external Edge certificate’s SAN field”.
  ===================
  1. Basically the requirement is to initially provide Lync conferencing services (minus PSTN conferencing) to internal, external, federated and anonymous participants with a view to providing PSTN conferencing and therefore enterprise voice services later.
  2. The customer currently supports close to 100 SMTP domains and wants to align their SIP domains with these existing domains. The structure of their business is such that “XXX IT Services” provide the IT infrastructure for a collection of companies who
  fall under the XXX umbrella but are very much run as individual entities.
  Question:
  Would you agree that I’m going to need a SAN for every SIP domain’s access edge FQDN?
  Thanks.

• What are the ports required for the Audio, Video and A/V conferencing when the following end points are enabled for QoS in Lync 2013 server?

  Hi All,
  What are the ports required for the Audio, Video and A/V conferencing when the following clients are enabled for QoS in Lync 2013 server?
  Client Type
  Port range  and Protocol required for Audio
  Port range and Protocol required for
  Video
  Port range and Protocol required for
  A/Vconferencing
  Windows Desktop   Client
  Windows mobile App
  Iphone
  Ipad
  Andriod phone
  Andriod Tablet
  MAC desktop client
  Please advise. Many Thanks.

  Out of the box, 1024-65535 for all of the client ports.  :) 
  https://technet.microsoft.com/en-us/library/gg398833.aspx
  You'll want to tune your client ports a bit
  https://technet.microsoft.com/en-us/library/jj204760.aspx as seen here, and then the client ports would use those ranges which is easier to set QoS markings.  I'm not sure the mobile clients respect that setting.
  Elan's got the best writeup for Windows clients here:
  http://www.shudnow.net/2013/02/16/enabling-qos-for-lync-server-2013-and-various-clients-part-1/
  However, the marking of the packets is the tricky part.  Windows can do it via Group Policy, but for the other clients you'll need to have the network specifically prioritize ports regardless of DSCP markings.  You have to do it based on ports
  as the traffic could be peer to peer.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• SCOM Lync 2013 monitoring

  Hi,
  Can we monitor Lync 2013 with SCOM 2007 R2 ?
  My RMS is windows 2003 R2 64 bit
  Thanks

  Try to Import Lync 2013 MP for below link
  http://www.microsoft.com/en-eg/download/details.aspx?id=35842
  This Lync 2013 MP support • Operating Systems: Windows Server® R2 (64-bit) and Windows Server 2012 (64-bit). • System Center Operations Manager: System Center Operations Manager 2007 R2 and System Center Operations Manager 2012; 64-bit agents only.
  For how to configure Lync 2013 management pack , you can refer below link
  http://technet.microsoft.com/en-us/library/jj205052.aspx
  Please remember, if you see a post that helped you please click (Vote As Helpful) and if it answered your question, please click (Mark As Answer).

• Bandwidth required for Lync 2013 audio video call

  Hi,
  what is the required bandwidth required for  lync 2013 audio video call from out side of company network. considering users will use owa integration with exchange 2013  for audio video call. 
  i tried with lync bandwidth calculator but could not figure it out. 
  actually i have some remote site where users have connectivity of 160 kbps only.

  There are a number of variables such as call type and video resolution, but I would suggest using this table as a guide:
  http://technet.microsoft.com/en-us/library/jj688118.aspx
  For example for capacity purposes with a Lync peer-to-peer call you're looking at 57Kbps (86 with FEC)
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer" | Blog
  www.lynced.com.au | Twitter
  @imlynced

• Certificate Requirement for Lync 2013 Standard Edition

  I have successfully run the setup of lync 2013 standard edition now I am stuck due to certificates required for lync 2013. when I generate a csr. it show the subjected urls for that.
  hostname.domain.com
  sip.domain.com
  diali.domain.com
  meet.domain.com
  admin.domain.com
  lyncdiscover.domain.com
  lyncdiscoverinternal.domain.com
  im.domain.com (External URL)
  so if I go for 3 party CA then I need 8 certicate only for internal lync. As I also need to connected federated partner and external user so I need Edge for again I need 3 more certificates
  web.domain.com
  a/v.domain.com
  sip.domain.com
  now when I go for these certificate it quit costly and I didn't understand why such certifcates required. can anyone help me to fix such requirement.
  Or, what are the necessary url to which I buy 3 party CA rest leave as it is.
  I also want to deploy Edge with single adopter as we have only one network so can anyone assist me to proceed it further.
  Talha Faraz Malik

  To save on the cost of your third party certificates, I would deploy an internal certificate authority to sign certificates for your internal front end.   For your third party certificate, you would only need the SANs for the edge and for your
  reverse proxy and as Edwin said, this can be a single cert with multiple SANs.
  For example, for your edge you would need:
  sip.domain.com
  web.domain.com
  You would not need A/V as this role does not require a SAN on your certificate.  On the same certificate, which you could also use on your reverse proxy, you'd likely want the following FQDNs.
  lyncdiscover.domain.com
  im.domain.com (your external web services FQDN)
  meet.domain.com
  dialin.domain.com
  You may also want to consider your internal web services FQDN and include the following so third party mobile devices can connect without needing a certificate installed:
  im_internal.domain.com (your internal web services FQDN)
  lyncdiscoverinternal.domain.com
  I'm sure that's not entirely clear yet, so feel free to ask more questions or what the purpose of each is. 
  When you say Edge with a single adapter, you mean a single adapter in a DMZ or internal?  You definably want two NICS, both in separate DMZs, but I've managed to get the edge working with a single adapter in a DMZ before.  What you don't want is
  the edge in your internal network.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Lync 2013 Deployment Requirements - One Server?

  I have an organization that has an offsite Exchange Server 2010, and Windows Server 2008 R2 Domain Controller (for the Exchange Server).
  I am trying to figure out what we need for hardware and Windows Server software to implement Lync 2013.  I understand that Lync 2013 cannot be put on the same server as the Exchange Server.  Can Lync 2013 be put on one Windows server?
  Michael

  Depends. Without knowing a lot about your environment (i.e users, HA requirements) ideally you'd have two. One as a Lync Standard Edition server (which can support up to 5000 users for Front End Services and Back-End database - but won't have HA) and one
  as an Lync Edge server (for outside connectivity - also won't have HA)
  Standard Edition will use SQL express as its database and automatically install it on the single server.
  As for operating system Windows 2008 R2 or above.
  As for hardware you can use this as a guide: http://technet.microsoft.com/en-us/library/gg398835.aspx and use the Lync Capacity planning tool http://www.microsoft.com/en-us/download/details.aspx?id=36828
  How many users do you have? (for example the first link has 32GB as recommended memory for a Front End, but if you don't have many users you can use less than that - and the Cap Planner will reflect that)
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer" | Blog
  www.lynced.com.au | Twitter
  @imlynced

• Lync 2013 DNS requirements in a multi tenant deployment

  Hi All,
  We are planning to deploy lync 2013 enterprise in a two site (pool) deployment. Both the sites are separated by a WAN link.
  Our primary SIP domain is xyz.com
  For site A, we have
  1) A pool name siteApool.xyz.com
  2) 2 FEs name siteAfe001.xyz.net and siteAfe002.xyz.net
  3) A edge for external access siteAedge
  For site B, we have
  1) A pool name siteBpool.xyz.com
  2) A FE name siteBfe001.xyz.net
  Site B users will use the edge at site A for external access.
  As per the r&d we know that following records are required for external access 
  Access/webcon/av.xyz.com
  _sip_tls.xyz.com
  Apart from that we also need following service URL records as well
  dialin.xyz.com
  meet.xyz.com
  admin.xyz.com
  sip.xyz.com
  Our problem starts here and because we only manage xyz.net dns not the xyz.com dns (its is our public dns), which rises two questions -
  1) As both the internal and external users are going to use same service url records (dailin/meet/admin/sip.xyz.com), how can we make sure that when a user uses lync on office LAN the service urls will be resolved by xyz.net dns and will not get routed to
  xyz.com (public dns) for dns resolution.
  2) As i told we have a two site deployment and we need common service url records (dailin/meet/admin/sip.xyz.com) to be used by user at both site , how can i make sure that when a user at site A ask for dailin/meet/admin/sip.xyz.com it gets routed to
  siteApool.xyz.com and when a user at site B ask for dailin/meet.xyz.com it gets routed to siteBpool.xyz.com. We need such functionality to save unnecessary WAN traffic.
  Please help me to figure out the most suitable design.
  Thanks,
  Mohit Taneja

  Hi Mohit Taneja,
  Some additional information.
  About the DNS requirements, you could refer to the following article.
  http://technet.microsoft.com/en-us/library/gg398082.aspx
  About the network traffic, it depends on where exactly the user is hosted. Central site does not decide the media traffic . If user is hosted in site-B and organize the meeting , media has
  to travel via WAN if you don’t have edge server in site-B.
  Best regards,
  Eric

• Lync 2013 standard number of Backends required and pool paring setup?

  Hi
  I am in the process of putting together a lync 2013 implementation. The plan is to use lync 2013 standard as IM and Presence are the only requirement we have approx. 3000 users
  we have two sites
  Site A (Primary)
  x 2 FE-A1 FE-A2 Lync 2013
  x1 BE-A1 Lync 2013
  Site B (D.R)
  X 2 FE-B1 FE-B2 Lync 2013
  X1 BE-B1 Lync 2013
  what I want to know is
  1. If Site A has two FE servers each will require there own pool if I pair FE-A1 with FE-A2 can I also pair FE-A1 with FE-B1 and the same for 2?
  2. Can the servers FE-A1 and FE-A2 use the same BE server or should I be using a separate server for each?
  3. In this design I was thinking of using two edge servers 1 at each site that would be published using TMG, would this be correct, this would be for IPhone mobile users to use.
  thanks in advance
  J

  1)  If site A has to FE servers, and you go with Standard edition, they would be their own pools.  If you wanted HA you could put three enterprise servers together into a single pool and load balance them.  If you pair FE-A1 with FE-A2, those
  two pools cannot be paired with any other pool.  You also can't Pair FE-A1 to FE-A2, then FE-A2 to FE-B1. 
  2) Your diagram looks like Lync 2013 for the back end, it would actually be SQL, and this would specifically apply if you're using Lync enterprise.  If the Lync front end servers are in the same pool, they can use the same backend, if they're not they
  need separate back ends.
  3) Edge servers would be published with a standard firewall, if TMG is your firewall that would work.  If TMG is only being used as a reverse proxy, you would use it to publish your web services on your front end servers.  Either way, you'll need
  to also publish the web services on your front end servers to the Internet for mobile clients to function.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• SQL Mirroring Requirement (Witness server) in LYNC 2013

  Hi Everyone,
  We are designing a Highly Available solution of for LYNC 2013 and planning to add a witness server to the backed SQL server.
  Following are my Queries.
  1)For the witness server should the SQL server be dedicated to the LYNC infrastructure or it can be used to host other databases.
  2)I am assuming the Witness Database should be in the same Domain?
  3)What is the version of the SQL server that is supported as the Witness server, can this be the Free SQL express edition ?
  Waiting for some replies :-)

  1)For the witness server should the SQL server be dedicated to the LYNC infrastructure or it can be used
  to host other databases.
  It Can be used to host other database
  2)I am assuming the Witness Database should be in the same Domain?
  Yes 
  3)What is the version of the SQL server that is supported as the Witness server, can this be the Free SQL
  express edition ?
  http://technet.microsoft.com/en-us/library/gg398990.aspx
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer" Regards Edwin Anthony Joseph

• Lync 2013 & Skype Integration 3rd Party Cert. Requirement

  hi to all
  I am a liitle bit confused about the Trusted Certificate (public certificate) need for the Lync 2013 server and Skype integration.
  Our problem is trying to Integrate Skype with our Lync 2013. We configured Lync Edge and Lync Backendserver  with internal Certification Authority Certifcates ,we finished provisioning Lync 2013 with Skype according to the  "http://www.microsoft.ctom/en-us/download/details.aspx?id=39071"
  document and we received answer from Microsoft that we ıntegration  is finished.
  But we could not make any call or add contacts either from Skype no Lync client.
  Some  forums say that we had to integrate Trusted Certificates to our Lync Edge server  (http://social.technet.microsoft.com/Forums/lync/en-US/ec3142cb-179a-427d-909c-135052621043/how-to-deploy-the-federation-with-skype?forum=ocsmobility)
  But I could not see in official documents.Can someone lead me the correct way to do this ?
  Thanks

  You will need to change the external Edge certificate to a public issued UC/SAN certificate. Without a public cert the remote party (in this case the MSN/Skype servers) won't be able to establish trust and will fail.
  You can do this by re-running the Lync Deployment Tool & Request/Assign Certificates
  Here is a walk through:
  http://www.digicert.com/csr-creation-lync-2013.htm
  http://www.digicert.com/ssl-certificate-installation-lync-2013.htm
  Because you are replacing, you will need to restart your Edge services afterwards for it to take effect  (You can use Lync Management Shell and run Stop-CsWindowsService & Start-CsWindowsService)
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer" | Blog
  www.lynced.com.au | Twitter
  @imlynced

• Lync 2013 Enterprise load balancing on the front end and edge pool

  Hi,
  I am setting up a Lync 2013 Enterprise deployment consisting of a Front End pool (x2 FE servers) and an Edge pool (x2 Edge servers).  I'm seeing some conflicting advice regarding load balancing using hardware or DNS for the front end and the edge.
  On the front end I have 2 internal DNS records 'lyncfepool1.contoso.local' each of which map to one of the IPs of the FE servers.  I've used my details to populate the Detailed Design Planner excel spreadsheet and am told that I require a HLB to load
  balance my front end pool.  I'm aware of the need to load balance HTTPS traffic internally (which will be done by TMG) however other traffic to the front end (SIP, etc) can be balanced by DNS only, and not require a HLB?
  Can someone clarify the front end requirement?
  Also - looking now at the edge pool - this site again have two edge servers in a pool.  We are using a total of six private IP addresses, two per edge service (2 x av.contoso.com, 2 x sip.contoso.com and 2 x webcon.contoso.com).  These will be
  NAT'ed by the external firewall and directed to the respective external (DMZ) IP addresses on the Edge servers on port 443.  I know this isn't true roundrobin due to the intelligence of the Lync client when connecting (in that the Lync client will connect
  to one of the public IPs and if it can't connect, it will know to connect to the other service IP), however I want to clarify this set up, particularly the need to direct the external public IP traffic at the DMZ Edge IP specified in the topology builder.
  I've attached a basic diagram of the external/DMZ/Edge side which hopefully helps with this question
  Persevere, Persevere, Per..

  That is because you will always need HLB for a front-end server since it hosts the Lync webservices which use HTTP/HTTPS traffic.
  The description on the calculation tool also describes this correctly:
  Supports Standard and Enterprise pools (up to 12 nodes), with pure device-based load balancing or a combination of DNS load balancing and device-based load balancing (for
  Lync web services)
  You can use either Hardware or DNS loadbalancing for SIP traffic only, but you will always need a HLB for the webservices.  Both are applicable for the Front-End so you have either
  full HLB for both SIP and HTTP(S) traffic
  DNS LB for SIP traffic and HLB for HTTP(S) traffic
  Hope this is more clear :-)
  Lync Server MVP | MCITP Lync Server 2010 | If you think my post is the answer to your question, please mark it as answer so future visitors can easily find it.