Just some problems/solutions storage
I am testing migration from Lync 2010 Enterprise Edition to Lync 2013 Standard Edition. One of thing which does not work is Lync 2013 Mobile for users already migrated to the new server. Let’s put it this way – it works when a user is outside of my internal WiFI network.
When the same Client is on internal network that is what I see in the Client logs:
| </ReceivedResponse> 2013-05-07 16:51:51.796 Lync[2000:3540] INFO TRANSPORT CHttpRequestProcessor.cpp/266:Sending event to main thread for request(0x4c0cb18) 2013-05-07 16:51:51.796 Lync[2000:3540] INFO APPLICATION CUrlRedirectAndTrustResolver.cpp/605:UrlRedirectAndTrustResolver complete with url = http://lyncdiscoverinternal.mydomain.com/, Hops = 1, status = E_BadGateway (E2-3-35) 2013-05-07 16:51:51.796 Lync[2000:3540] INFO APPLICATION CTransportRequestRetrialQueue.cpp/692:Response received for req. UrlTrustResolver(04C0CB18): E_BadGateway (E2-3-35) (RemoteNetworkPermanentError); Done with req.; Stopping resend timer 2013-05-07 16:51:51.796 Lync[2000:3540] INFO APPLICATION CUcwaAutoDiscoveryGetUserUrlOperation.cpp/393:CUcwaAutoDiscoverGetUserUrlOperation::onEvent received. Status = E_BadGateway (E2-3-35), url = http://lyncdiscoverinternal.mydomain.com/ 2013-05-07 16:51:51.796 Lync[2000:3540] INFO APPLICATION CUcwaAutoDiscoveryGetUserUrlOperation.cpp/224:UcwaAutoDiscoveryGetUserUrlOperation completed with url = http://lyncdiscoverinternal.mydomain.com/?sipuri=sip:alex.ig@mydomain.com, userUrl = , status = E_BadGateway (E2-3-35) 2013-05-07 16:51:51.796 Lync[2000:3540] INFO APPLICATION CUcwaAutoDiscoveryService.cpp/1476:AutoDiscovery: Falling back to probing external urls 2013-05-07 16:51:51.797 Lync[2000:3540] INFO APPLICATION CUrlRedirectAndTrustResolver.cpp/77:Starting CUrlRedirectAndTrustResolver with url = https://lyncdiscover.mydomain.com/?sipuri=sip:alex.ig@mydomain.com, maxHops = 10 2013-05-07 16:51:51.797 Lync[2000:3540] INFO APPLICATION CUrlRedirectAndTrustResolver.cpp/201:CUrlRedirectAndTrustResolver::processUrl called with url = https://lyncdiscover.mydomain.com/, hopCount = 0, maxHops = 10 2013-05-07 16:51:51.797 Lync[2000:3540] INFO APPLICATION CUrlRedirectAndTrustResolver.cpp/605:UrlRedirectAndTrustResolver complete with url = https://lyncdiscover.mydomain.com/, Hops = 0, status = S0-0-0 2013-05-07 16:51:51.797 Lync[2000:3540] INFO TRANSPORT CCredentialManager.cpp/164:getSpecificCredential for serviceId(4) returning: credType (1) signInName (alex.ig@mydomain.com) domain () username (alex.ig@mydomain.com) password.empty() (1) compatibleServiceIds(4) 2013-05-07 16:51:51.797 Lync[2000:3540] INFO TRANSPORT TransportUtilityFunctions.cpp/638:<SentRequest> GET https://lyncdiscover.mydomain.com/?sipuri=sip:alex.ig@mydomain.com Request Id: 04C0DD08 HttpHeader:Accept application/vnd.microsoft.rtc.autodiscover+xml;v=1 |
I tried http://lyncdiscoverinternal.mydomain.com from my Browser and received the following configuration:
{"_links":{"self":{"href":"https://lync02.mydomain.com/Autodiscover/AutodiscoverService.svc/root?originalDomain=mydomain.com"},"user":{"href":"https://csweb-ext.mydomain.com/Autodiscover/AutodiscoverService.svc/root/oauth/user?originalDomain=mydomain.com"},"xframe":{"href":https://csweb-ext.mydomain.com/Autodiscover/XFrame/XFrame.html}}}
So I decided to add a record for my external web site to my internal DNS and point it to my Lync 2013 server. Same error.
Resolution: On Internal DNS I pointed csweb-ext.mydomain.com to Reverse Proxy listener, so basically I sent my internal Wifi Clients via Proxy instead of route them directly to Lync. For some reasons that resolved the issue and Lync Mobile works now for internally connected and externally connected users.
Note: my domain name in logs is changed.
Bumped into an article on Entrust site showing how to put their certificate chain correctly to a Lync Server: http://www.entrust.net/knowledge-base/technote.cfm?tn=8447
Microsoft issued updates for Lync Phone Edition (both 2010 and 2013). http://blogs.technet.com/b/nexthop/archive/2013/04/19/cumulative-updates-for-lync-phone-edition-april-2013.aspx While installing them I found a nice script wrote by Pat Richard to facilitate firmware installation for multiple device types.
I was always a bit upset because of missing SQL installation guide for System Center (and other products using SQL as a back—end). Usually a product manual says – install SQL as per SQL installation guide. I guess SQL should be install customly for a specific front-end though.
I finally found a white paper prepared by Paul Kelly from Infront describing the process in greater details: http://paulkeely.blogspot.ca/2013/02/sql-server-guide-for-system-center-2012.html
Thank you, Paul!
A note from MMS2013: When prepare an image using MDT it put unattend.xml file in c:\windows\Panther. SCVMM 2012 SP1 use a virtual floppu to inject its own unattend.xml. |Panther folder will always win!
So to get SCVMM working properly add an additional step to MDT Task Sequesnce (right after sysprep step) – Delete unattend.xml file from c:\windows\Panther
I attended a session related to Windows To Go at MMS 2013.
Important points:
1. Use either KMS or AD-based volume activation for WTG, MAK can be set, but does not have any sense since machine will be reactivated every time when a new hardware is used and it can exhaust your MAKs 
2. Add network (and if necessary USB) drivers for all models WTG will be used on to be sure WTG will be able to get network.
3. Use AD offline domain join AND ask your users to use WTG on corpnet at least once (to be sure they have cached credentials).
4. Never use roaming profiles or folder redirections (with offline folders) for users who will use WTG – that may fill your USB stick very quickly. Workaround – configure a Primary Device for user in AD (A Windows 12 schema extension is necessary) and use GPO to use Roaming profiles and folder redirection on Primary Devices only.
Nice blog explaining the process: http://www.1e.com/blogs/2010/07/17/configmgr-osd-always-including-certain-files-in-your-boot-images-think-trace32/
Microsoft Bitlocker Management and Administration server is installed in a single server configuration. Test machine is encrypted, but never reported its state back to the server.
It turned out you need to add a ‘MBAM’ registry key to MBAM server under HKEY_LOCAL_MACHINE\Software\Microsoft
as soon as the key as created, add a DWORD settings with name DisableMachineVerification and set it to 1
Restart mbamagent on a client machine and now report should pass.
Interesting enough – this ‘feature’ exists since v.1 of MBAM and is still around!
MS has a KB about that http://support.microsoft.com/kb/2612822?wa=wsignin1.0
I am installing App Controller to provide Client access to my Lab Private Cloud to students.
On “Configure the SQL Server Database” step the setup stopped for a long time and finally gave me “The specified database has insufficient disk space” message.
I double checked the space and it is ~100GB available 
I noted “Instance name” was not populated automatically, so it looked like a firewall issue for me. I checked my Windows firewall and all SQL ports are open (including SQL browser). I added File and Print Sharing and DCOM, but that did not help.
Resolution:
I created a custom firewall rule allowing all traffic from App Controller Server to SQL. The Instance Name field was populated right away and setup continued how it should be.
I did not investigate what exactly port was a root cause of the issue – just implemented a quick resolution for my Lab environment.
I am an MCT and sometimes need to prepare a class for training. Microsoft provides Hyper-V – based VMs for that and I need to use snapshots to be able safely recover VMs if a student will go too far 
Microsoft recommends to do it one by one from GUI.
I found PowerShell is much better: as soon as all VMs are ready I just run:
Get-VM | CheckPoint-VM –SnapshotName StartingImage
That makes snapshots on all VMs and names them “StartingImage” (so I do not need to rename them 
)
Looks like an easy thing, but save a lot of time.
