Professional Documents
Culture Documents
Lync 2013 Admin Guide-En-4all
Lync 2013 Admin Guide-En-4all
Table of Contents
Preliminary knowledge: ........................................................................................................................ 3 Connection ........................................................................................................................................... 3 Lync topology Builder ........................................................................................................................... 4 The control panel ................................................................................................................................. 7 users .................................................................................................................................................... 8 Enable or Disable Users for Lync Server 2013 ..................................................................................... 12 Managing Computers in Your Topology............................................................................................... 13 Federation and External Access .......................................................................................................... 17 Enable or Disable External User Access for Your Organization ............................................................. 17 Enable or Disable Federation for Your Organization ............................................................................ 19 CALL ADMISSION CONTROL............................................................................................................... 22 Enabling Media Bypass ....................................................................................................................... 23 Configuring Location Policy ................................................................................................................. 24 Configuring Bandwidth Policy Profile ................................................................................................... 28 Get-CsMediaConfiguration .................................................................................................................. 29 New-CsMediaConfiguration ................................................................................................................. 32 Set-CsMediaConfiguration................................................................................................................... 37 Remove-CsMediaConfiguration ........................................................................................................... 41 Register RMX to Lync 2013 ................................................................................................................. 44 Configure RMX FQDN in the DNS:....................................................................................................... 44 Configure RMX static route and trusted application - Power Shell: ...................................................... 46 Create RMX Certificate: ...................................................................................................................... 47 Setting the RMX for the Lync 2013: .................................................................................................... 50 Import RMX Certificate to the RMX ..................................................................................................... 54 Using Centralized Logging Service in Lync Server 2013 ....................................................................... 58
CONNECTION We run mstsc (open the RDP)and remote the server. Enter the IP address and after first connection enter user and password under the right Domain. Welcome to Lync server (Front End) As you can see we run the application server on Windows 2008R2 sp1. Get to start->programs-> Microsoft Lync server 2013
What we have: Control panel (run under https, https://admin.(domain.com)/cscp) must install silver light.
3
The Control panel is a GUI interface that gives you almost everything that you need for Dailey maintenance. Lync server management shell - is Lync power shell. Lync server Topology Builder is Lync topology manager. LYNC TOPOLOGY BUILDER We will start with the topology Builder The Topology Builder -> allocation servers to resources and publish to Lync DB. When we open the TB he will ask us to download the topology from the DB
What we see:
Enterprise Pool, the Servers under the Pool. Mediation pool / servers. Edge pool / servers. Trusted application, (RMX etc') SQL servers, File store, and the Office web application servers (WAC). To understand the topology builder please see: http://technet.microsoft.com/en-us/lync/gg430649
THE CONTROL PANEL Open the control panel, Enter user and password, (if you get error please contact the system admin)
You will get the "new Lync server user" Click on add
10
Assign users to a pool, Use UPN for the sip address. Telephone, is we want to give the user enterprise voice (Line)
11
12
13
4. On the Status page, do any of the following as needed: Sort the list by clicking the Computer, Pool, or Site column heading, and then clicking the up arrow or the down arrow. Click Refresh to view the most up-to-date list. Search for a specific computer by typing the computer name in the search field.
service you want to view. 7. Do any of the following as needed: To see the latest status of that specific service, click Get service status. To see the details for that specific service, click Properties and then click Close. To return to the list of all computers in your topology, click Close.
15
16
17
Note: In addition to enabling external user access support, you must also configure policies to control the use of external user access in your organization before any type of external user access is available to users. Enable or Disable Remote User Access for Your Organization Remote users are users in your organization who have a persistent Active Directory identity within the organization. Remote users often sign in to Lync Server your network from outside the firewall by using a virtual private network (VPN) when they are not connected internally to your organizations network. Remote users include employees working at home or on the road and other remote workers, such as trusted vendors, who have been granted enterprise credentials. If you enable remote user access for remote users, supported remote users do not have to connect using a VPN in order to collaborate with internal users using Lync Server 2013. To support remote user access, you must enable it. When you enable it, you enable it for your entire organization. If you later want to temporarily or permanently prevent remote user access, you can disable it for your organization. Use the procedure in this section to enable or disable remote user access for your organization. Note: Enabling remote user access only specifies that your servers running the Access Edge service support communications with remote users, but remote users cannot participate in instant messaging (IM) or conferences in your organization until you also configure at least one policy to manage the use of remote user access To enable or disable remote user access for your organization 1. From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in your internal deployment. 2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. For details about the different methods you can use to start Lync Server Control Panel, see Open Lync Server Administrative Tools. 3. In the left navigation bar, click External User Access, and then click Access Edge Configuration. 4. On the Access Edge Configuration page, click Global, click Edit, and then click Show details. 5. In Edit Access Edge Configuration, do one of the following: To enable remote user access for your organization, select the Enable remote user access check box. To disable remote user access for your organization, clear the Enable remote user access check box.
6. Click Commit. To enable remote users to sign in to your servers running Lync Server 2013, you must also
18
configure at least one external access policy to support remote user access.
If you later want to temporarily or permanently prevent access by users of federated domains, you can disable federation for your organization. Use the procedure in this section to enable or disable federated user access for your organization, including specifying the appropriate federation options to be supported for your organization. Note: Enabling federation for your organization only specifies that your servers running the Access Edge service support routing to federated domains. Users in federated domains cannot participate in IM or conferences in your organization until you also configure at least one policy to support federated user access. Users of public IM service providers cannot participate in IM or conferences in your organization until you also configure at least one policy to support public IM connectivity. Lync Server cannot use a hosted Exchange service to provide call answering, Outlook Voice Access (including voice mail), or auto-attendant services for users whose mailboxes are located on a hosted Exchange service until you configure a hosted voice mail policy that provides routing information. For details about configuring policies for communication with users of federated domains in other organizations, see Manage Federated Partner User Access in the Deployment documentation or the Operations documentation. Additionally, if you 19
want to support communication with users of IM service providers, you must configure policies to support it and also configure support for the individual service providers that you want to support. To enable or disable federated user access for your organization 1. From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in your internal deployment. 2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. 3. In the left navigation bar, click External User Access, and then click Access Edge Configuration. 4. On the Access Edge Configuration page, click Global, click Edit, and then click Show details. 5. In Edit Access Edge Configuration, do one of the following: To enable federated user access for your organization, select the Enable communications with federated users check box. To disable federated user access for your organization, clear the Enable communications with federated users check box.
6. If you selected the Enable communications with federated users check box, do the following: a. If you want to support automatic discovery of partner domains, select the Enable partner domain discovery check box. b. If your organization supports archiving of external communications, select the Send archiving disclaimer to federated partners check box. 7. Click Commit. To enable federated users to collaborate with users in your Lync Server 2013 deployment, you must also configure at least one external access policy to support federated user access. For details, see Manage Federated Partner User Access in the Deployment documentation or the Operations documentation.
Enable or Disable Anonymous User Access for Your Organization Anonymous users are users who do not have a user account in your organization's Active Directory Domain Services (AD DS) or in a supported federated domain, can be invited to participate remotely in an on-premises conference. By allowing anonymous participation in meetings you enable anonymous users (that is, users whose identity is verified through the meeting or conference key only) to join meetings. Allowing anonymous participation requires enabling it for your organization. If you later want to temporarily or permanently prevent access by anonymous users, you can disable it for your organization. Use the procedure in this section to enable or disable anonymous user access for your organization.
20
Note: Enabling anonymous user access for your organization only specifies that your servers running the Access Edge service support access by anonymous users. Anonymous users cannot participate in any meetings in your organization until you also configure at least one conferencing policy and apply it to one or more users or user groups. The only users that can invite anonymous users to meetings are those users that are assigned a conferencing policy that is configured to support anonymous users. To enable or disable anonymous user access for your organization 1. From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in your internal deployment. 2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. 3. In the left navigation bar, click External User Access, and then click Access Edge Configuration. 4. On the Access Edge Configuration page, click Global, click Edit, and then click Show details. 5. In Edit Access Edge Configuration, do one of the following: To enable anonymous user access for your organization, select the Enable communications with anonymous users check box. To disable anonymous user access for your organization, clear the Enable communications with anonymous users check box.
6. Click Commit. To enable anonymous users to participate in conferences hosted by users in your Lync Server 2013 deployment, you must also configure and assign at least one conferencing policy to support anonymous users.
21
22
To enable CAC from Lync Server Control Panel 1. From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in your internal deployment. 2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. 3. In the left navigation bar, click Network Configuration and then click Global. 4. On the Global page, click the Global configuration. Note: Only one network can be configured for any Microsoft Lync Server 2013 deployment, so there will never be more than one network configuration in the list. You cannot rename the Global configuration. 5. On the Edit menu, click Show details. 6. On the Edit Global Setting page, select the Enable call admission control check box, and then click Commit. When you click Commit, you run a test of the configuration. The Edit Global Settings dialog box closes, returning you to the Global page. You will receive a warning if any errors or inconsistencies are discovered in your network configuration that will prevent it from working correctly (for example, if every region is not connected to every other region through an interregion route). If you make changes to your network configuration, you can run the validation check again by opening the Global configuration and clicking Commit. You do not need to disable CAC first: leave the check box checked and click Commit. You can do this at any time without making any configuration changes. See Also Call Admission Control Overview of Call Admission Control Configure Call Admission Control Get-CsNetworkConfiguration Set-CsNetworkConfiguration Remove-CsNetworkConfiguration
23
To enable and configure media bypass 1. From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in your internal deployment. 2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. 3. In the left navigation bar, click Network Configuration and then click Global. 4. On the Global page, click the Global configuration. There is always only one configuration, and it is always named Global. 5. On the Edit menu, click View details. 6. On the Edit Global Setting page, click the Enable media bypass check box. 7. Select one of the following options: Always bypass Select this option to attempt media bypass on all calls. This option will be unavailable if call admission control (CAC) is enabled. If CAC is not enabled, select this option in the following situations: There is no need for bandwidth control. There is no need for fine-grained configuration to determine when bypass should happen. There is full connectivity between gateways and clients. Use sites and region configuration If CAC is enabled, this option is selected by default and cannot be changed. When this option is selected, network configuration sites and regions will be used to determine when media bypass is possible. If you select this option, you can choose to enable bypass for sites that are not mapped. Click the Enable bypass for non-mapped sites check box only if you have one or more large sites associated with the same region that do not have bandwidth constraints (for example, a large central site) and you also have some branch sites associated with the same region that do have bandwidth constraints. When you enable bypass for non-mapped sites, configuration is streamlined because you specify only the subnets associated with the branch sites rather than needing to specify all subnets associated with all sites. We recommend that you do not select the Enable bypass for non-mapped sites check box if CAC is enabled.
8. Click Commit to save your changes. See Also Global Media Bypass Options Media Bypass
24
You can configure location policies from the Network Configuration group in Lync Server Control Panel. From the Lync Server Control Panel you can view, create, modify, or delete location policies. To view location policies 1. From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in your internal deployment. 2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. 3. In the left navigation bar, click Network Configuration and then click Location Policy. A single policy, called Global, exists by default and cannot be deleted or renamed. However, you can modify the Global policy. This policy will apply to all users and contacts, unless you create site policies or per-user policies. Per-user policies must be applied to specific users.
To create a new location policy 1. From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in your internal deployment. 2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. 3. In the left navigation bar, click Network Configuration and then click Location Policy. 4. On the Location Policy page, click New and then select the type of policy you want to create: To create a site policy, click Site policy. In Select a Site, choose the site to which you want the policy applied and click OK. On the New Location Policy page, the Scope field contains the value Site, and the Name field contains the name of the site you chose. You cannot modify either of these fields. A site policy is automatically applied to all users on the specified site and overrides the global policy for those users. To create a User policy, click User policy. In the New Location Policy, the Scope field contains the value User. You cannot modify this value. In the Name field, type the name you want to give this policy. A user policy does not automatically apply to any users. After creating the user policy, you must manually grant the policy to the users or network sites to which you want to policy to apply. Enable enhanced emergency services Select this check box to enable the users associated with this policy for E9-1-1. When emergency services are enabled, Microsoft Lync Server 2013 clients will retrieve location information on registration and include that information when an emergency call is made. Location Specify one of the following values: Required The user will be prompted to input location information when the client registers at a new location. The user can dismiss the prompt without entering any information. If information is entered, an emergency call will first be answered by the emergency services provider to verify the location before being routed to the Public Safety Answering Point (PSAP) operator (that is, the 911 operator). Not Required The user will not be prompted for a location. When a call is made with no 25
location information, the emergency services provider will answer the call and ask for a location. Disclaimer This option is the same as Required except that the user cannot dismiss the prompt without entering location information. The user can still complete an emergency call, but no other calls can be completed without entering the information. In addition, disclaimer text will be displayed to the user that can alert them to the consequences of declining to enter location information. To set the disclaimer text, you must run the SetCsEnhancedEmergencyServiceDisclaimer cmdlet at command line by using the Lync Server Management Shell. For details, see Set-CsEnhancedEmergencyServiceDisclaimer in the Lync Server Management Shell documentation. Use location for emergency services only Location information can be used by the Microsoft Lync 2013 client for various reasons (for example, to notify teammates of your current location). Select this check box to ensure location information is available only for use with an emergency call. PSTN usage The public switched telephone network (PSTN) usage that will be used to determine which voice route will be used to route emergency calls from clients using this profile. The route associated with this usage should point to a SIP trunk dedicated to emergency calls. Emergency dial number The number that is dialed to reach emergency services. In the United States this value is 911. The string must be made of the digits 0 through 9 and can be from 1 to 10 digits in length. Emergency dial mask A number that you want to translate into the value of the emergency dial number value when it is dialed. For example, if you enter a value of 212 in this field and the emergency dial number field has a value of 911, if a user dials 212 the call will be made to 911. This allows for alternate emergency numbers to be dialed and still have the call reach emergency services (for example, if someone from a country or region with a different emergency number attempts to dial that country or regions number rather than the number for the country or region they are currently in). You can define multiple emergency dial masks by separating the values with semicolons. For example, 212;414. Maximum length of the string is 100 characters. Each character must be a digit 0 through 9. Important: Ensure that the specified dial mask value is not the same as a number in a call park orbit range. Call park routing will take precedence over emergency dial string conversion. To see the existing call park orbit ranges, click Voice Features in the left navigation bar and then click Call Park. For details, see Configure Phone Number Extensions for Parking Calls. Notification URI One or more SIP Uniform Resource Identifiers (URIs) to be notified when an emergency call is made. For example, the company security office could be notified through an instant message whenever an emergency call is made. If the callers location is available that location will be included in the notification. Multiple SIP URIs can be included as a comma-separated list. For example, "sip:security@litwareinc.com","sip:kmyer@litwareinc.com". Keep in mind that distribution lists and group URIs are not supported. The string must be from 1 to 256 characters in length and must begin with the prefix "sip:". Before you click in the Notification URI field an
26
example is displayed. Conference URI The SIP URI, in this case the telephone number, of a third party that will be conferenced in to any emergency calls that are made. For example, the company security office could receive a call when an emergency call is made and listen in or participate in that call (depending on the value supplied in the Conference mode field). The string must be from 1 to 256 characters in length and must begin with the prefix sip:. An example is displayed until you click inside this field. Conference mode If you specify a value in the Conference URI field, the Conference mode determines whether a third party can participate in the call or can only listen in. Specify one of the following options: One-way A third party can only listen to the conversation between the caller and the PSAP operator. Two-way A third party can listen in and participate in the call between the caller and the PSAP operator.
6. Click Commit. Important When you create a user policy, initially that policy does not apply to any users or network sites. To apply the policy to a user, click Users in the left navigation bar. Find the user to which you want to apply the policy. On the Edit menu, click Show details. On the Edit Lync Server User page, select the new location policy from the Location policy drop-down list and then click Commit. To apply the policy to a network site, click Network Configuration in the left navigation bar and then click Site. Find the network site to which you want to apply the policy. On the Edit menu, click Show details. In Edit Site, select the new location policy from the Location policy dropdown list and then click Commit. To modify a location policy 1. From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in your internal deployment. 2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. 3. In the left navigation bar, click Network Configuration and then click Location Policy. 4. On the Location Policy page, select the location policy that you want to modify. 5. On the Edit menu, click Show details. 6. On the Edit Location Policy page, modify the fields as necessary (for details, see Step 5 in the "To create a new location policy" procedures earlier in this topic). 7. Click Commit. To delete a location policy 1. From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in 27
your internal deployment. 2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. 3. In the left navigation bar, click Network Configuration and then click Location Policy. 4. On the Location Policy page, select the location policy that you want to delete. Note: You can delete more than one location policy at a time. To do this, press CTRL and select multiple policies while holding down the CTRL key. Or, to select all policies, click Select all on the Edit menu. 5. On the Edit menu, click Delete. 6. Click OK. Important: You cannot delete the Global location policy. If you attempt to delete the Global policy you will receive a warning message and that policy will be reset to its default values. See Also Create Location Policies Create or Modify a Network Site New-CsLocationPolicy Set-CsLocationPolicy Remove-CsLocationPolicy Get-CsLocationPolicy
6. In the Audio limit field, type a numeric value. This value is the maximum amount of bandwidth to allocate for all audio connections, expressed in kbps. 7. Enter a numeric value in the Audio session limit field. This value is the maximum amount of bandwidth to allocate for an individual audio connection, expressed in kbps. This value must be 40 or higher. 8. Enter a numeric value in the Video limit field. This value is the maximum amount of bandwidth to allocate for all video connections, expressed in kbps. 9. Enter a numeric value in the Video session limit field. This value is the maximum amount of bandwidth to allocate for an individual video connection, expressed in kbps. This value must be 100 or higher. 10. (Optional) Type a value in the Description field to provide more information about this bandwidth policy profile that cannot be expressed by the name alone. 11. Click Commit. Note: Creating a new bandwidth policy profile does not automatically enforce bandwidth restrictions. You must first associate the policy profile with a site. To modify a bandwidth policy profile 1. From a user account that is a member of the RTCUniversalServerAdmins group (or has equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in your internal deployment. 2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel. 3. In the left navigation bar, click Network Configuration and then click Policy Profile. 4. On the Policy Profile page, click the bandwidth policy profile that you want to modify. 5. On the Edit menu, click Show details. 6. On the Edit Bandwidth Policy Profile page, modify the fields as necessary (for details, see the "To create a bandwidth policy profile" section earlier in this topic). 7. Click Commit. Note: When you modify the bandwidth policy profile, it will immediately update the bandwidth limitations of all network sites associated with this bandwidth policy profile.
GET-CSMEDIACONFIGURATION
Returns information regarding media settings, including the supported level of encryption, whether Siren can be used as a voice codec by the Mediation Server in its interactions with Microsoft Lync 2013 clients, and the maximum allowed video resolution.
29
Syntax
Detailed Description
This cmdlet retrieves one or more collections of settings that define media interactions. Who can run this cmdlet: By default, members of the following groups are authorized to run the GetCsMediaConfiguration cmdlet locally: RTCUniversalUserAdmins, RTCUniversalServerAdmins. To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt: Get-CsAdminRole | Where-Object {$_.Cmdlets match "Get-CsMediaConfiguration"}
Parameters
Description
The unique identifier of the media configuration you want to retrieve. This identifier specifies the scope at which this configuration is applied (global, site, or service). This parameter filters the results of the Get operation based on the wildcard value passed to
Filter
Optional
String
30
this parameter. LocalStore Optional SwitchParameter Retrieves the media configuration information from the local replica of the Central Management store, rather than from the Central Management store itself.
Input Types
None.
Return Types
Example
-------------------------- Example 1 -------------------------Get-CsMediaConfiguration Example 1 returns all the media configurations in use in your organization; this is done simply by invoking the cmdlet Get-CsMediaConfiguration without any additional parameters. -------------------------- Example 2 -------------------------Get-CsMediaConfiguration -Identity site:Redmond1 The preceding example returns only the media configuration that has the Identity site:Redmond1. Because identities must be unique, specifying an Identity ensures that you will never retrieve more than one item. -------------------------- Example 3 -------------------------Get-CsMediaConfiguration -Filter site:* In Example 3, the Filter parameter is used to return all the media configurations at the site scope. The wildcard string site:* ensures that Windows PowerShell will return only those media configurations that have identities beginning with the string value site:. -------------------------- Example 4 --------------------------
31
Get-CsMediaConfiguration | Where-Object {$_.EncryptionLevel -eq "SupportEncryption"} In this example, Get-CsMediaConfiguration and Where-Object are used to return all the media configurations that support (but do not require) encryption. To do this, the command first uses GetCsMediaConfiguration to retrieve all the media configurations in use in your organization. This information is then piped to the Where-Object cmdlet, which applies a filter that restricts the returned data to those configurations where the EncryptionLevel property is equal to (-eq) SupportEncryption. -------------------------- Example 5 -------------------------Get-CsMediaConfiguration -Filter *:*med* This example retrieves all media configurations defined for sites and services with names that contain the string "med". For example, this command will retrieve media configuration settings defined for the site medford1, the site TwoMedfordPlace, and the service MediationServer:redmond.litwareinc.com.
NEW-CSMEDIACONFIGURATION
Creates a new collection of media settings. These settings can be used to specify such things as the supported level of encryption and the maximum allowed video resolution.
Syntax
New-CsMediaConfiguration -Identity <XdsIdentity> [-Confirm [<SwitchParame ter>]] [-EnableQoS <$true | $false>] [-EnableSiren <$true | $false>] [-EncryptionLeve l <SupportEncryption | RequireEncryption | DoNotSupportEncryption>] [-Force <SwitchPa rameter>] [-InMemory <SwitchParameter>] [-MaxVideoRateAllowed <CIF250K | VGA600K | Hd 720p15M>] [-WhatIf [<SwitchParameter>]]
Detailed Description
This cmdlet creates a new collection of settings that define behaviors for specific media actions. Who can run this cmdlet: By default, members of the following groups are authorized to run the New-CsMediaConfiguration cmdlet locally: RTCUniversalServerAdmins. To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt:
32
Parameters
Parameter
Identity
Required Type
Required XdsIdentity
Description
A unique identifier specifying the scope at which this configuration is applied (site or service). A configuration at the site scope would be entered as site:<site name>, such as site:Redmond. A service would be entered as <server role>:<fqdn>, such as MediationServer:pool0.litwareinc.com. A media configuration at the global scope will always exist and cannot be removed, so a new global configuration cannot be created. Media configurations created at the service scope can be created only for the A/V Conferencing service, Mediation Server, and Application Server.
EnableQoS
Optional
Boolean
QoS monitors the quality of voice signals over a network. Default: False
EnableSiren
Optional
Boolean
By default, the Mediation Server does not negotiate Siren as a possible codec for calls between itself and other Microsoft Lync 2013 clients. If this setting is True, Siren will be included as a possible codec for use between the Mediation Server and other Lync 2013 clients. Default: False
33
EncryptionLevel
Optional
EncryptionLevel
The level of encryption between Unified Communications entities. Valid values: SupportEncryption - secure real-time transport protocol (SRTP) will be used if it can be negotiated. RequireEncryption - SRTP must be negotiated. DoNotSupportEncryption - SRTP must not be used. Default: RequireEncryption
MaxVideoRateAllowed Optional
MaxVideoRateAllowed The maximum rate at which video signals will be transferred at the client endpoints. Valid values: Hd720p15M, VGA600K, CIF250K Hd720p15M - High definition, with a resolution of 1280 x 720 and aspect ratio 16:9. VGA600K - VGA, with a resolution of 640 x 480, 25 fps with the aspect ratio 4:3. CIF250K - Common Intermediate Format (CIF) video format, 15 fps with a resolution of 352 x 288. Note that these values are not case sensitive; values will be converted to appropriate casing when the configuration is created. Default: VGA600K
Force
Optional
SwitchParameter
Suppresses any confirmation prompts that would otherwise be displayed before making changes. Creates an object reference without actually committing the object as a
InMemory
Optional
SwitchParameter
34
permanent change. If you assign the output of this cmdlet called with this parameter to a variable, you can make changes to the properties of the object reference and then commit those changes by calling this cmdlets matching Set- cmdlet. WhatIf Optional SwitchParameter Describes what would happen if you executed the command without actually executing the command. Prompts you for confirmation before executing the command.
Confirm
Optional
SwitchParameter
Input Types
None.
Return Types
Creates an object of type Microsoft.Rtc.Management.WritableConfig.Settings.Media.MediaSettings.
Example
-------------------------- Example 1 -------------------------New-CsMediaConfiguration -Identity site:Redmond1 -EncryptionLevel RequireEncryption
Example 1 uses New-CsMediaConfiguration to create a new media configuration with the Identity site:Redmond1. This new configuration requires both parties involved in a multimedia conversation to use encryption. That requirement is put in place by adding the EncryptionLevel parameter and setting the parameter value to RequireEncryption. -------------------------- Example 2 -------------------------New-CsMediaConfiguration -Identity MediationServer:pool0.litwareinc.com -EnableSiren $True
35
This example uses New-CsMediaConfiguration to create a new media configuration with the Identity MediationServer:pool0.litwareinc.com. This new configuration will have an EnableSiren value of True, which means that Siren is enabled for calls involving this Mediation Server.
36
SET-CSMEDIACONFIGURATION
Syntax
Set-CsMediaConfiguration [-Identity <XdsIdentity>] [-Confirm [<SwitchPara meter>]] [-EnableQoS <$true | $false>] [-EnableSiren <$true | $false>] [-EncryptionLe vel <SupportEncryption | RequireEncryption | DoNotSupportEncryption>] [-Force <Switch Parameter>] [-MaxVideoRateAllowed <CIF250K | VGA600K | Hd720p15M>] [-WhatIf [<SwitchP arameter>]]
Set-CsMediaConfiguration [-Confirm [<SwitchParameter>]] [-EnableQoS <$tru e | $false>] [-EnableSiren <$true | $false>] [-EncryptionLevel <SupportEncryption | R equireEncryption | DoNotSupportEncryption>] [-Force <SwitchParameter>] [-Instance <PS Object>] [-MaxVideoRateAllowed <CIF250K | VGA600K | Hd720p15M>] [-WhatIf [<SwitchPara meter>]]
Detailed Description
This cmdlet modifies a collection of settings that define media configuration. These actions relate to audio and video calls between client endpoints. Who can run this cmdlet: By default, members of the following groups are authorized to run the SetCsMediaConfiguration cmdlet locally: RTCUniversalServerAdmins. To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt: Get-CsAdminRole | Where-Object {$_.Cmdlets match "Set-CsMediaConfiguration"}
Parameters
37
Parameter
Identity
Required Type
Optional XdsIdentity
Description
The unique identifier of the media configuration settings you want to change. This identifier specifies the scope at which this configuration is applied (global, site, or service). An instance of the Microsoft.Rtc.Management.Wri tableConfig.Settings.Media.Me diaSettings object. You can retrieve this object by calling GetCsMediaConfiguration with a specific Identity. You can then assign new values to the properties of that object, and then save those changes by passing the object to SetCsMediaConfiguration. QoS monitors the quality of voice signals over a network. By default, the Mediation Server does not negotiate Siren as a possible codec for calls between itself and other Microsoft Lync 2013 clients. If this setting is True, Siren will be included as a possible codec for use between the Mediation Server and other Lync 2013 clients. The level of encryption between Unified Communications entities. Valid values: SupportEncryption - secure real-time transport protocol
Instance
Optional
MediaSettings
EnableQoS
Optional
Boolean
EnableSiren
Optional
Boolean
EncryptionLevel
Optional
EncryptionLevel
38
(SRTP) will be used if it can be negotiated. RequireEncryption - SRTP must be negotiated. DoNotSupportEncryption SRTP must not be used. This value is not case sensitive. (For details, see the Examples in this topic.) Default: RequireEncryption MaxVideoRateAllowed Optional MaxVideoRateAllowed The maximum rate at which video signals will be transferred at the client endpoints. Valid values: Hd720p15M, VGA600K, CIF250K Hd720p15M - High definition, with a resolution of 1280 x 720 and aspect ratio 16:9. VGA600K - VGA, with a resolution of 640 x 480, 25 fps with the aspect ratio 4:3. CIF250K - Common Intermediate Format (CIF) video format, 15 fps with a resolution of 352 x 288. Note that these values are not case sensitive; values will be converted to appropriate casing when the configuration is created. (For details, see the Examples in this topic.) Default: VGA600K Force Optional SwitchParameter Suppresses any confirmation prompts that would otherwise be displayed before making changes.
39
WhatIf
Optional
SwitchParameter
Describes what would happen if you executed the command without actually executing the command. Prompts you for confirmation before executing the command.
Confirm
Optional
SwitchParameter
Input Types
Return Types
Set-CsMediaConfiguration does not return a value or object. Instead, the cmdlet configures instances of the Microsoft.Rtc.Management.WritableConfig.Settings.Media.MediaSettings object.
Example
-------------------------- Example 1 -------------------------Set-CsMediaConfiguration -Identity site:Redmond1 -MaxVideoRateAllowed hd720p15m The example shown above modifies the media configuration collection with the Identity site:Redmond1; in particular, the command sets the value of the MaxVideoRateAllowed property to Hd720p15M. Note that the value passed to the MaxVideoRateAllowed parameter must be one of the values specified in the parameter description. Also note that the values are not case sensitive; the value entered here as hd720p15m will be automatically converted to the appropriate casing (in this instance, to Hd720p15M). -------------------------- Example 2 -------------------------Set-CsMediaConfiguration site:Redmond1 -EncryptionLevel donotsupportencryption This example modifies the media configuration collection with the Identity site:Redmond1 to have an EncryptionLevel value of DoNotSupportEncryption. Note that this value is not case sensitive; the value was entered as donotsupportencryption, but that value will be accepted as a valid value and will be automatically changed to mixed case (DoNotSupportEncryption).
40
REMOVE-CSMEDIACONFIGURATION
Removes the specified collection of media configuration settings
Syntax
Remove-CsMediaConfiguration -Identity <XdsIdentity> [-Confirm [<SwitchPar ameter>]] [-Force <SwitchParameter>] [-WhatIf [<SwitchParameter>]]
Detailed Description
This cmdlet removes a collection of media settings. These settings relate to audio and video calls between client endpoints. This cmdlet can also be used to remove the global media settings. In that case, however, the settings will not actually be removed; instead, they will simply be reset to their default values. Who can run this cmdlet: By default, members of the following groups are authorized to run the RemoveCsMediaConfiguration cmdlet locally: RTCUniversalServerAdmins. To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell prompt: Get-CsAdminRole | Where-Object {$_.Cmdlets match "Remove-CsMediaConfiguration"}
Parameters
Description
The unique identifier of the media configuration settings you want to remove. This identifier specifies the scope at which this configuration is applied (global, site, or service).
41
Force
Optional
SwitchParameter Suppresses any confirmation prompts that would otherwise be displayed before making changes. SwitchParameter Describes what would happen if you executed the command without actually executing the command. SwitchParameter Prompts you for confirmation before executing the command.
WhatIf
Optional
Confirm
Optional
Input Types
Return Types
Example
-------------------------- Example 1 -------------------------Remove-CsMediaConfiguration -Identity site:Redmond1 In Example 1, Remove-CsMediaConfiguration is used to delete the media configuration collection with the Identity site:Redmond1. When media settings are removed from the site scope, that site will automatically begin to use the global media settings. -------------------------- Example 2 -------------------------Get-CsMediaConfiguration | Where-Object {$_.EncryptionLevel -eq "RequireEncryption"} | Remove-CsMediaConfiguration In the preceding example, three cmdlets--Get-CsMediaConfiguration, Where-Object, and RemoveCsMediaConfiguration--are used to remove all the media configuration collections where encryption is required of all parties involved in the conversation. To do this, Get-CsMediaConfiguration is first used to return all the media configuration collections in the organization. That information is then piped to Where-Object, which applies a filter that restricts the pipeline data to those collections where the
42
EncryptionLevel property is equal to (-eq) RequireEncryption. Finally, that filtered set of data is passed to Remove-CsMediaConfiguration, which deletes each item in the set. -------------------------- Example 3 -------------------------Get-CsMediaConfiguration -Filter service:* | Remove-CsMediaConfiguration In this example all media configurations defined at the service scope (meaning the configuration applies to a specific service) are removed. This is accomplished by first calling Get-CsMediaConfiguration using the Filter service:*. This filter retrieves all media configuration collections with an Identity starting with service, which means all collections at the service scope. That set of collections is then piped the RemoveCsMediaConfiguration, which removes them all.
43
44
2. Create new host (A or AAAA). Add RMX name and Signaling IP address. And click on Add Host when finished.
45
1. Connect to Lync FrontEnd server, Go to Start->All programs->Microsoft Lync Server 2013 and open Lync server management Shell.
First command: $route = New-CsStaticRoute -TLSRoute -destination " RMX FQDN " -port 5061 matchuri " RMX FQDN " -usedefaultcert $true *Where RMX FQDN is your RMX name.
46
Second command: Set-CsStaticRoutingConfiguration -identity global -route @{Add=$route} To check your static route configuration write in shell the following command: Get-CsStaticRoutingConfiguration 2. Then you need to create trusted application pool and trusted application use the following command: New-CsTrustedApplicationPool -Identity RMX FQDN -Registrar Registrar:lync2013.ilw14.polycom.eng -site 1 -ComputerFqdn RMX FQDN ThrottleAsServer $true -TreatAsAuthenticated $true Enter YES. To add trusted application, add the following command: New-CsTrustedApplication -ApplicationId VideoProxy4 -TrustedApplicationPoolFqdn RMX FQDN -Port 5061 ApplicationId is the name of the application. This must be a string that is unique within the pool that is specified in the "TrustedApplicationPoolFqdn" parameter. "TrustedApplicationPoolFqdn" the FQDN of the trusted application pool on which the application will reside.
1. To create certificate for RMX do the following steps. 1.1. Write in shell command: Request-CsCertificate -New -Type Default -KeyAlg RSA -CA Your CA server -City City -State State -ComputerFqdn RMX FQDN -Country IL -DomainName your domain -FriendlyName RMX FQDN -Organization 'Polycom ' PrivateKeyExportable $true 1.2. To export certificate, click on start-> Administrative Tools-> Internet Information Services (IIS) Manager.
47
Click on Server Certificates You will get list of certificates, right click and Export.
48
Enter password: <your password> Create file by name certPassword.txt that contain only the password.
49
50
51
52
Name (as in the DNS) Local Domain Name: <your.domain> DNS Servers: Primary <ip> Secondary <ip> and click OK
53
Certificate: Change to TLS Change the Certificate Method to PEM/PFX and load the "rmxXXX.pfx, certPassword.txt" file, by click on "Send Certificate"
certPassword.txt
54
55
Change "Server IP Address Name"& "Server IP Address or Name" to the real one <XXX.XXX.XXX.XXX> Change "Port" to 5061 Change "Server Domain Name" to the domain <Domain.com>
56
After the rmx is up, check the connection by entering the rmx and go to: Signalling Monitor->IP Network Service-> SIP Servers:
57
For example to investigate an issue with UCS for a user on the lync.contoso.com pool: ClsController.exe Repro issue ClsController.exe ClsController.exe ClsController.exe loglevel verbose -start scenario lyssanducs pools lync.contoso.com -stop scenario lyssanducs pools lync.contoso.com -flush pools lync.contoso.com -search pools lync.contoso.com components lyss
The last invocation of ClsController will write the resulting log entries to standard output, so you might want to redirect it to a file by using >.
58
You can get an understanding of which components are included in which CLS scenarios by the Lync Management Shell command Get-CsClsScenario. Below Im showing how to find the components or providers i n the CPS scenario: PS C:\> $scenario=Get-CsClsScenario global/cps PS C:\> foreach ($sc in $scenario.provider) { $sc.name } CpsDiagnostics CpsHostingFramework CpsOrbit Collaboration S4 Sipstack
59