Migrated to Lync 2013 now need federation assistance

Similar Messages

• Error during the migration of Lync 2013 onpremise user to Office 365 Lync

  Hi,
  I am trying to migrate a Lync 2013 onpremise user to Office 365 Lync in a Hybrid environment.
  I am connecting to the Lync server from my machine with the following commands
  $lyncOptions = New-PSSessionOption -SkipRevocationCheck -SkipCACheck -SkipCNCheck
  $lync = New-PSSession -ConnectionUri https://lyncserver/ocspowershell -SessionOption $lyncOptions -Authentication NegotiateWithImplicitCredential
  Import-PSSession $lync
  In the next step I am trying to migrate the user to the Office 365 Lync:
  Move-CsUser -Identity "username" -Target 'sipfed.online.lync.com' -HostedMigrationOverrideUrl 'https://admin1e.online.lync.com/HostedMigration/hostedmigrationservice.svc'
  After that I get a warning message due to to migration to a previous version which I accept.
  WARNING: Moving a user from the current version to an earlier version (or to a service version) can cause data loss.
  Confirm
  Move-CsUser
  [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): y
  Then I am getting the following error message:
  Can not load Live Id module. Make sure correct version of Live Id Sign-in assistant is installed.
      + CategoryInfo          : NotSpecified: (:) [Move-CsUser], CommonAuthException
      + FullyQualifiedErrorId : Microsoft.Rtc.Admin.Authentication.CommonAuthException,Microsoft.Rtc.Management.AD.Cmdle
     ts.MoveOcsUserCmdlet
      + PSComputerName        : lyncserver
  Tried to Google it but found nothing.
  As far as I can see it is complaining about the Live ID Sign-in assistant, which is installed (the 64bit version) on my computer but not on the remote server. Does it need to be installed on the server as well?
  Thanks for the answers in advance.
  Regards,
  Akos
  Akos_DB

  This error related to reporting services, you need to verify that reporting services is installed on these instances.
  Secondly, you didn't need to create this instance manually then setup monitoring role. delete this instance from shared storage and try again to setup rule using different instance name and it will create automatic on shared storage.
  You can also refer below link
  http://windowspbx.blogspot.com/2012/07/aaa-donotpost-install-lync-standard.html
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"

• I have installed 2010 microsoft office 2010 home and business version for my laptop,and i have installed lync 2013.Now i want create online lync meeting from outlook,but i am unable view that lync icon in outlook.Please give me the solution for this que

  I have installed 2010 Microsoft office 2010 home and business version for my laptop,and I have installed lync 2013.Now i want create online lync meeting from outlook,but i am unable view that lync icon in outlook.Please give me the solution for this issue.
  Regards
  Raghavendar

  Hi Raghavendar,
  Generally, when you install Lync 2013 in the computer with Office 2010, a Lync Meeting Add-in will be installed and enabled in Outlook 2010. Please follow these steps to check it:
  1. In Outlook, click the File tab, click Options, and then click
  Add-Ins.
  2. Please take one of the following actions:
  If the add-in is in the Inactive Application Add-ins list, follow these steps:
  a. In the Manage drop-down list at the bottom of the dialog box, click
  COM Add-ins, and then click Go.
  b. Click to select the check box next to the add-in, and then click OK.
  The New Online Meeting button should now be available in
  Calendar View, and the Online Meeting button should be available when you create a new calendar item.
  If the add-in is in the Disabled Application add-ins list, follow these steps:
  a. In the Manage drop-down list at the bottom of the dialog box, click
  Disabled Items, and then click Go.
  b. Select the add-in, and then click Enable.
  c. Restart Outlook, and then verify that the add-in is displayed in the
  Add-ins dialog box.
  The New Online Meeting button should now be available in
  Calendar View, and the Online Meeting button should now be available when you create a new calendar item.
  3. In Event Viewer, view the Application log to see whether an error was logged for Outlook, for Lync 2013, the Lync Meeting Add-in for Microsoft Office 2013.
  Thanks,
  Winnie Liang
  TechNet Community Support

• Unable to connect as a formal agent to a Response Group after Migration to Lync 2013

  We are in the process of migrating our Lync 2010 servers to Lync 2013. Everything seems to go well, but problems started to appear after we migrated the Lync 2010 response groups to Lync 2013. Now only those groups with informal agents work. All the groups
  with formal agent, when they try select their group through the web page, they all get the error:
  You are not a member of any group. For assistance, contact your support team"
  Did anyone experience such an issue ?
  Thanks,
  Antonio

  We had this problem with our recent migration of c. 350 response groups, many of which had formal agent groups. The cause appears to be that after the migration, the formal agent registration screen sees both the 'old' and the 'new' formal agent groups of
  which the current user is a member and resolves these to only one entry on the registration screen (which is understandable). But the entry seems to be connected to the 'old' and not the 'new' agent group. We were able to verify this by checking in the old
  and new pool database (rgsdyn) and seeing that even after the migration the formal agents were signing in to the old pool and not the new one. One solution is to delete the members from the old formal agent groups so that future registrations are forced to
  take place  in the new pool database. However, if you do this, bear in mind that if you have to back out the migration, you have to restore these.
  We were also had to abandon one migration attempt because of another problem where the migration tool does not support the migration of agents who are defined indirectly in the agent group through a mail distribution group.
  tags: Move-CsRgsConfiguration ; formal agent groups ; lync2013 ;

• Migration to Lync 2013 from OCS 2007 R2 - queries

  We are currently running OCS 2007 R2 across Citrix Presentation server 4.5 and Desktops using just IM functionality.  We are looking to upgrade to LYNC 2013 for IM and to start using Group Chat.  We currently have a Physical OCS front end server,
  a physical server running SQL for the DB's and then a physical server running the Archive OCS component.
  How easy is this to do?  Would we keep the same Pool name?
  Can the OCS client be used to connect to Lync 2013?
  Can we move the physical servers into VM's?  Do we need 3 or can we have all on one VM now?
  The SQL DB part can this now be hosted on a stand alone SQL cluster in its own instance if required?
  LYNC IM and Group Chat client - is it supported to run on Citrix Presentation server 6.5?
  Is a Schema Update required?
  Are there any good walk throughs on the internet just covering IM and Group chat migrations etc as from what I have been seeing there are some out there but have voice in them as well.
  Thanks.

  In addition, the presence and IM features in Office Communicator 2007 R2 are compatible with Lync Server 2013, but conferencing features are not. During migration from Office Communications Server 2007 R2, Office
  Communicator 2007 R2 is suitable for presence and IM interoperability, but users should use Lync Web App 2013 to join Lync Server 2013 meetings.
  Q: Is it supported to run on Citrix Presentation server 6.5?
  A: check the official document at http://support.citrix.com/article/CTX138408
  Is a Schema Update required?
  Yes, schema update is required. See
  http://technet.microsoft.com/en-us/library/jj205265.aspx
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations
  regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Lisa Zheng
  TechNet Community Support

• Migration to Lync 2013 - Unable to remove 2010 Edge Server

  Hi
  We did a migration from Lync 2010 to Lync 2013. Everything worked without any problems. But now we are unable to remove the Lync 2010 Edge Pool. Everything has been done according to
  https://technet.microsoft.com/en-us/library/jj205369.aspx “Migration from Lync Server 2010 to Lync Server 2013”.
  I am able to remove the 2010 Edge pool, but by trying to publish the topology, I receive the following error: “Error: An error occurred: "System.InvalidOperationException" "Cannot publish topology changes. Call orbit still
  exists on one or more deleted application servers."
  How can I resolve this error?
  Regards
  Peter

  Hi Peter,
  You have to change the Call Park Destination FQDN to the Lync 2013 Pool.
  Please check out the following article.
  Migrate Call Park application settings
  Best regards,
  Eric
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Migrating to Lync 2013 from OCS 2007 R2 ... to unprep or not to unprep

  I've been reading on TechNet that I should unprep the domain and forest after decommissioning / uninstalling all OCS 2007 R2 server roles:
  http://technet.microsoft.com/en-us/library/dd572243(v=office.13).aspx
  ...but then, in other places (such as blogs and TechNet forums), I've read not to unprep the domain and forest if Lync 2013 is already deployed:
  http://social.technet.microsoft.com/Forums/lync/en-US/6b8cd7ca-fe67-418b-ae66-5be682d8d2d6/unprep-ocs-2007-r2-domain-and-forest-with-existing-lync-installation?forum=ocsplanningdeployment
  http://www.ucprofessional.com/2011/04/decommisioning-ocs-2007-r2-after.html
  Would someone please clarify what to do here and why?

  While I haven't personally done a deep dive on everything it does, my understanding is that's it's more than just a simple mod to the system container.  For example, from the OCS decommission article you referenced: "Running
  Unprep for a domain removes the access control entries (ACEs) granted to Active Directory universal groups".   Lync still uses the same RTCUniversal groups, so touching it at all with Lync in production as well could be bad. 
  Forest prep actually creates these groups: 
  http://technet.microsoft.com/en-us/library/dd441353(v=office.13).aspx  That said, I haven't seen an unprep referenced in the migration from OCS to Lync docs, and the doc you referenced is specifically for completely removing OCS from your environment
  where these groups wouldn't be needed.  So, while I can't tell you exactly what all it does, I really wouldn't mess with it unless you have a strong reason to or are willing to rebuild Lync to get a few old objects out of the system container.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• OCS Migration to Lync 2013 Delegate which Director that authenticates

  Hello - I am in the middle of a migration from OCS 07 to Lync 2013. Everything is working pretty well. I have a new Lync Server with some users migrated over to it already and communication is fine between the Lync Desktop Clients and the OCS Desktop Clients. 
  We now want to use the Mobile Lync Client so I have installed Lync 2013 Client on my iPhone 5S. I was able to install the root cert on the phone however, when I try to sign in, I am getting the following error:
  "We can't sign you in because your organization doesn't support this version of Lync. Please install Lync 2010 from your mobile store."
  I am running Lync 2013 Standard Edition and I am running Lync 2013 Client for iOS. I can only assume that because the OCS director is still running it is handling authentication and its not compatible with Lync 2013. Is this a correct assumption?
  That being said, and if that's indeed the issue, is there a way to delegate the Lync 2013 Director to take over authentication? 
  Thank you!
  Russ, MCSE

  Hi there, 
  Lync 2013 Mobile clients relies on UCWA services to connect to  Lync server 2013 services, also Lync mobile autodiscovery depends on Lync web services publishing. Therefore you should make sure that lyncdiscover.sipdomain and lyncdiscoverinternal.sipdomain
  points to Lync server 2013 web services and not OCS 2007.
  specifically Lyncdiscover.sipdomain should point to the public IP address on which the Lync External WebServices are published.
  so it is quite sure that if the above requirements are not met and especially the DNS configuration for Lyncdiscover and lyncdiscoverinternal mobile clients will not be able to connect.
  Regards,
  Charbel Hanna 
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread

• Migration to lync 2013 select central management store - what name should be there?

  hello
  trying to migration from lync 2010 to lync 2013. populated the topogoly builder and was going to publish.
  the name in  select central management store has the name of the lync 2010 environment, but if I hit next it has my new sql server.
  should the new lync 2013 CMS be listed there?

  Did you move the Central Management Store via the Powershell yet?  If not, check this article: 
  http://technet.microsoft.com/en-us/library/jj688013.aspx
  If you have moved it, you're most likely seeing an old topology, download it again before making changes and publishing.   If you download again and still see the old server even though it's moved, I'd re-run through the steps in the article again.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• OCS 2007 R2 migration to Lync 2013

  Anyone has a good migration guide for this project?
  Thank you. Eric.

  There's the TechNet guide:
  http://technet.microsoft.com/en-us/library/jj205375.aspx :)
  Oğuzhan ilkan Boran has a YouTube video as well, he often walks through the TechNet articles with a  bit of a value-add which can be helpful. 
  https://www.youtube.com/watch?v=QoxZ-MDoZaA
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• Moving the CMS from Lync 2010 to Lync 2013

  Now that all our users have been migrated to Lync 2013, I need to move the CMS from 2010 to 2013. Using the following MS article:
  http://technet.microsoft.com/en-us/library/jj688013.aspx
  Nothing is mentioned about the mirrored database. What about that? I found the article below on creating a mirrored database
  http://technet.microsoft.com/en-us/library/jj204986.aspx
  But at what point do you do this? Should this be done at the same time you run the install-csdatabase to move the CMS or do you wait until everything is complete including the removal of the old 2010 database and then create the mirrored database?

  Hi,
  Agree with Georg, you can even add a SQL mirror to an existing Lync server 2013 Back End.
  You can refer to the link below:
  http://howdouc.blogspot.in/2012/08/adding-sql-mirror-to-existing-lync.html
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
  sure that you completely understand the risk before retrieving any suggestions from the above link.
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Lync 2013 skype federation approved

  Hi
  I have got skype and lync 2013 IM federation approved on
  https://pic.lync.com. My sip domain shows activated on its page. Now what next shall I do ? As I am still using self issued certificate on external lync edge interface, do I need to apply a public certificate so that I can add skype to my local network
  lync client? I could not send IM to my skype account otherwise. It is coming with an error id 504 source 239. As I have sip.xxx.com.au, webconf.xxx.com.au, av.xxx.com.au which point to lync edge and meet.xxx.com.au, dialin.xxx.com.au, owa.xxx.com.au, lyncdiscover.xxx.com.au
  which point to iis arr reverse proxy. Also have lynvweb.xxx.com.au as external web service. In my case, if I would need to apply public SSL to make my lync work with skype, do I have to apply a multi domain public certificate which up to 10 domain ?Would go
  daddy certificate be used ?
  Also, if lync edge external interface certificate get replaced, it needs to replace certificate on iis arr reverse proxy server of its default web site binding with public certificate too?
  WenFei Cao

  Correct, you need public CA issued certificates for your edge external interface in order for federation to work.
  Best practice would be to  have a public cert loaded on both your Edge and Reverse proxy servers, however in regards to Federation, it's your Edge that will be in use. So you don't need to load a public cert on your Reverse proxy (I assume you've loaded
  your root cert on to any mobile devices or devices that connect in) but I personally would for the sake of completeness and to prevent any possible certificate trust issues in the future. (it will save you loads of headaches) I would typically only use an
  internal cert for external facing when I am testing/labbing and then replace them with public certs before going into production.
  Also if you haven't already, follow these steps to configure the provider in Lync: http://blogs.4ward.it/lync-2013-and-skype-federation-how-to/
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer" | Blog
  www.lynced.com.au | Twitter
  @imlynced

• Lync 2013 client is deployed but user accounts are not migrated from OCS to Lync 2013 Server - how to open Lync meetings automatically in the Lync Web Plug-in

  We have in our enterprise the following scenario:
  1 - Lync 2013 client is installed
  2 - User accounts are not migrated to Lync 2013 Server, users are using Office Communicator as their main tool
  3 - Users receive Lync 2013 meeting requests but when try to access them, Lync 2013 client launches and shows error. Users will need to open the browser and paste the URL to the address bar but this still open
  4 - We cannot use the workaround of adding "?SL=1" to the Lync 2013 meeting URL as the user base is large and manual workaround is not accepted
  5 - Question: is there any automated way, via egistry key or GPO setting, so that users temporarily (until their accounts are migrated to Lync 2013 server) can bypass Lync 2013 client completely and automatically open all Lync 2013 meetings
  on the browser, using Lync Web Plug-in?

  Thanks for the response,
  First, I should have mentioned clearly that users have Office Communicator 2007 client and Lync 2013 client installed in their machines. Their accounts are not migrated yet to Lync 2013 server.
  Second, we are using IE9 and IE10. The issue is that users CAN join Lync 2013 meetings with their browsers but have to paste the URL manually to browser and add "?SL=1" otherwise, if they just click at the "Join Online Meeting" or "Join
  Lync Meeting" URL it launches Lync 2013 client which shows error because is not configured yet, as they are using OCS client and migrating slowly to Lync 2013 server.
  Is there a Group Policy setting or a registry key from Microsoft that can be turned on to these users machines and make will all Lync meeting requests to be opened in IE browser instead of Lync 2013 client. We need a way to ignore
  Lync 2013 client until user accounts are migrated to Lync 2013 Server. Manually typing URLs is not an option in a big organization, can't explain thousands of users of different levels what to do.
  We are regretting the decision not to separate Lync 2013 from Office 2013 package we deployed recently. If Lync 2013 is uninstalled then all Lync meeting requests are opened in browser without an issue.

• Lync 2010 to Lync 2013 Trusted application Migration

  We have Mitel Live Business Gateway as trusted application server on the Lync 2010 server for Remote call control. I am in the process of migrating to Lync 2013 and can't find
  a way to migrate the Trusted Application. This is how we setup the Trusted application on Lync 2010.
  http://www.justin-morris.net/configuring-lync-server-2010-for-remote-call-control-with-mitel-3300/
  Malli Boppe MCITP Enterprise Messaging Exchange 2010

  Hi,
  You cannot move it to Lync Server 2013. You need to create new trusted application server and select Lync Server 2013 front end pool as the next hop.
  Configure Trusted Application Servers
  http://technet.microsoft.com/en-us/library/jj204735.aspx
  Kent Huang
  TechNet Community Support

• Lync 2013 federation failing for a specific domain

  Hello,
  We have recently migrated to Lync 2013 and noticed that one of the domains we federate with is unable to federate with us.
  we are getting the following error:
  Log Name:      Lync Server Source:        LS Protocol Stack  Event ID:      14428 Task Category: (1001)
  Level:         Error Keywords:      Classic User:          N/A Computer:      server.fqdn.com Description: TLS outgoing connection
  failures.
  Over the past 28 minutes, Lync Server has experienced TLS outgoing connection failures 4 time(s). The error code of the last failure is 0x80090325(SEC_E_UNTRUSTED_ROOT) while trying
  to connect to the server "sip.example.com" at address [10.10.10.10:5061], and the display name in the peer certificate is "Unavailable". Cause: Most often a problem with the peer certificate or perhaps the host name (DNS) record used to
  reach the peer server. Target principal name is incorrect means that the peer certificate does not contain the name that the local server used to connect. Certificate root not trusted error means that the peer certificate was issued by a remote CA that is
  not trusted by the local machine. Resolution: Check that the address and port matches the FQDN used to connect, and that the peer certificate contains this FQDN somewhere in its subject or SAN fields. If the FQDN refers to a DNS load balanced pool then check
  that all addresses returned by DNS refer to a server in the same pool. For untrusted root errors, ensure that the remote CA certificate chain is installed locally. If you have already installed the remote CA certificate chain, then try rebooting the local
  machine.
  Thanks

  Thanks Michael.
  That worked for one of two issues I'm seeing, I did use the same steps for the second issue but it didn't seem to work, I have imported the CA of the domain we would like to federate with to the trusted root certification authorities and the intermediate
  certification authorities per the certificate issuer's website guidelines. I did learn that the federated partner is also using OCS 2007 R2, not sure if this may have to do with this.
  Over the past 30 minutes, Lync Server has experienced TLS outgoing connection failures 1 time(s). The error code of the last failure is 0x80072746 while trying to connect to
  the server "ocs.example.com" at address [10.10.10.10:5061], and the display name in the peer certificate is "ocs.example.com". Cause: Most often a problem with the peer certificate or perhaps the host name (DNS) record used to reach the peer server. Target
  principal name is incorrect means that the peer certificate does not contain the name that the local server used to connect. Certificate root not trusted error means that the peer certificate was issued by a remote CA that is not trusted by the local machine.
  Resolution: Check that the address and port matches the FQDN used to connect, and that the peer certificate contains this FQDN somewhere in its subject or SAN fields. If the FQDN refers to a DNS load balanced pool then check that all addresses returned by
  DNS refer to a server in the same pool. For untrusted root errors, ensure that the remote CA certificate chain is installed locally. If you have already installed the remote CA certificate chain, then try rebooting the local machine.