Warning :No Databases were found for mirroring or witness setup for SQL server SERVERNAME and Instance PCHAT

 

This little nugget of an error occurs when you use the Skype for Business Topology Builder to Install Persistent Chat. The scenario where this error is relevant is when you have two Lync Sites and you have setup High Availability and Disaster Recovery. It just so happens this is also a Persistent chat Stretched Pool. I have spent considerable time trying to understand the underlying behavior. I hope I have gotten enough facts to help you avoid spending a bunch of hours trying to get Microsoft Support to fix it.

Before I start, I want to say This exercise has taught me that the Always On Availability group is a much more elegant solution for High availability and helps simplify Disaster recovery too. At the time of this reading, Always On Availability was not supported for Persistent chat. But I thought I would mention, it may be best to keep Persistent chat down to its basic essence and just do good backups. I am about to share with you why Mirroring and log Shipping is not a perfect solution for SKYPE for Business Persistent chat (from the topology builder)

The primary disparity comes in looking at the TechNet design vs. the Different Setup Documents you find available online:

Persistent Chat Configuration Configuration DR

Vs . The Deep Dive example by Richard Schwendiman.

By comparing the two Graphics of the Design, you can clearly see that the HA and DR for Persistent chat, Is defined, over and over, In a fairly straight forward design, which includes only one Mirror Database in the in the primary Site. This Primary Site is laid out below:

Figure 1. HADR database SetupUntitled

In contrast, you notice both Sites show 2 SQL mirrors. The Tech-net Documentation shows only one mirror. Channel 9 videos only show one mirror. I will now Juxtapose the Tech Net Document on the Same Design for SQL mirror setup.

Notice below, the SQL backup database is the log shipping target database. This Log Shipped database, is something you define in the Topology Builder, and constitutes the Disaster recovery copy of the Persistent chat database

Figure 2. TechNet Setup for HADR or Persistent Chat1230

In these small differences, there is a bug or a limit to the software. You will be able to publish the topology Builder, with either setup. However, Since the persistent chat Principle databases is log shipping to SQL backup, the Database state of the SQL backup database with be in recovery, on a permanent basis.

Since this is always recovering, the secondary mirror and witness will not be able to handle any commands from the topology Builder. you will get a failure if you try to “Publish Database” to the Secondary Site.

One of the errors you will see is Warning :No Databases were found for mirroring or witness setup for SQL server SERVERNAME and Instance PCHAT:

image

 

This is by design! The Secondary settings are there, because they can be used when and if you actually do the fail-over process, to execute the Disaster recovery steps.

Untitled

This is the screen where you will make your setup, and because of the lack of documentation, you will not realize two of the three entries here, are not going to work as the Back Up SQL store is going to work, when you publish  the topology.

The choices In the Red square above, Are not going to be functioning, accept for the Backup SQL server Store. This is the Log shipping database, as a result of being published, the Backup database, can be the recipient of the log shipped transaction log files.

  1. Because that databases is a log shipped database, the Mirror of this and the Witness cannot be working, because the Lync Services will basically be turned off, until the Lync Services are needed. Once you fail over the Primary Database, you may then use the Mirror and the Witness defined in the Topology. Until Failover, they will lay dormant!

This is a limit to how the Lync HADR process works. The only documents I could find on this issues was the following 2 articles:

Basically what these two links show is that If you set up the HADR as the Figure 1 setup, with a SQL mirror at the secondary Site, That mirror will not work, based on the log ship copy of the Persistent chat Primary Database. The log shipped databases will be in recovery at all times, as it is always changing, based on the constant updates.

To solidify this phenomenon, here is a Link the expresses this condition hereHow to back up the secondary log shipping database. If you notice, it looks like the Always on is the solution to this problem. Hopefully this is supported for Persistent chat soon!

Otherwise, this is largely manual process, whose goal is to allow the second data center to be able to take over persistent chat, based on several manual configuration changes, laid out in these articles:

Once you have failed over the persistent chat pool to the DR site, you may then reconnect the Pchat database, Mirror and Witness on the DR server. The gotcha is you will not be able to do it before.

Automation is not built into the DR procedures.

 

To conclude, I would really recommend you stay within the supported DR guidelines for HA ad DR with the Persistent chat pool. SFB had consolidates the steps (Over Lync 2013), so use the links above and you should be able to configure Persistent chat as a best practice. Originality will not likely pay off in this endeavor.

It looks like you may be able to have two mirrors in two Data Centers. This would not be directory supported by Microsoft. However, below are some possible helping steps if you wish to try:

 

  • SQL instances should both be in the same domain, as should both Sites.
  • Configure Chat permissions – User must be a member of CsPersistentChatAdministrator. To change policy, user must be in CsUserAdministrator, at a minimum.
  • All SQL databases need to have a domain account, with Admin permissions, common to all SQL instances involved with PCHat.
  • The Sub-net should be on the same sub-net.
  • There can only be one active Persistent chat primary database, at any given time, in the forest.
  • If the SQL Server service account on your primary server runs under the local system account, you must create your backup folder on the primary server and specify a local path to that folder.
  • to change log shipping, you have to fail over the mirror in the primary Chat Database.
  • The only time the Second PChat Mirror is used is in conjunction with Disaster recovery. is “with an optional mirror to provide high availability during disaster recovery” The words indicate that second mirror is only used when the DR process is being manually carried out.
  • There was a Gotcha in how you added the Databases and mirrors in the Topology builder.Review in case it comes up in your setup
  • https://technet.microsoft.com/en-us/library/jj205211.aspx

Finally, this comes from Channel 9, which confirms the two way Mirror for Persistent chat is not showing up in design and configure documentation:

notice it does not say SQL mirror pair in both Sites.

2

I hope this is helpful in dispelling what Lync and Skype for Business will accept as far as the Supported HA and DR, when they are both set up and how they are set up.

To conclude, you may be able to manually make the log shipped Database, work with the secondary mirror and witness. This will generally require manual intervention, and may not be supported with MS and Skype foe Business. You can try to recreate the end point and manually initiate the mirror. However, you will need to break the supported configuration in able to make it work. Here are a few links to look at:

Lync, OCS, Skype for Business Persistent Chat requires port 8011. Missing from Documentation

 

Howdy Lync persons. Today I ran across an issue where Skype for Business Persistent chat errors were shutting the service off. the errors were:

Event 53517 Activating system shutdown. Active cluster { 1 } does not contain the current server <3> <net.tcp://FQDNofInternalServices:8011/MGC/PeerService>.

Event 53515 Server received error while subscribing to peer.

 

These errors show a failure on port 8011. But if you check the Lync 2010 and 2013 documentation, you will find all references of port 8011 missing. Even Skype for Business Port list does not show port 8011.

I thought I would provide the places where you can find documentation for these ports; on OCS 2007 and an article in Skype for Business 2015.

I found it in the SKYPE for business documentation below: 

https://technet.microsoft.com/en-us/library/gg398500.aspx

and for OCS;

https://technet.microsoft.com/en-us/library/gg398345(v=ocs.14).aspx

There are other places to find reference to these ports, but If you need a quick reference to show an network team that this port needs to be open, feel free to link to this article.

TO the network folks: Yes please open port 8011 as the persistent chat Administration depends upon this port.

 

Thank you

Louis

Skype for Business Does not Use Bots or BOT Framework in 2016

BOTS?

What brought my attention to this subject was an memo from a coworker. It was just a run of the mill comment, and it really was the implied meaning I took away from it. I got the impression, that some of my friends were thinking that the BOTS were going to be available to them in SKYPE for Business (SFB). Comments are generally warm, with the reception of SFB, but one persons BOT comment was left un-answered, presumably because most SFB people are not privy to any information about these BOTS.

I will tell you, I didn’t reply. But my instincts wanted to tell them BOTS are not part of SFB. Honestly, I didn’t know for sure. Really, I don’t know what a Bot is! So, if not for posterity, let it be my own curiosity which let me to find out; What are we missing in SFBLAND, that is so exciting in the rest of the industry? As is turns out, I think we should be paying attention. Its not going to be long, before we are up to our necks in BOT support!

Below I really lay out a case for the inclusion of BOTS in SFB, but I would reach out to my colleagues to ask them, is there any reason why SFB is left out at this phase? Is there a big awesome change coming? Is there a secret project a foot? Is it Top Secret? No I am not a conspiracy theorist, so let me just leave that where it lay!

BOTS ARE HAPPENING! 

For the Skype for Business Users, if you had been ignoring BOT notifications in your email, let me catch you up! so much of this is going to be directly relevant to SFB at some point!

  • “BOTS” are Artificial Intelligence In Microsoft’s usage.
  • The closest I found to a definition was “conversation agents
  • Microsoft recently released a BOT framework, for Developers and programmers.
  • This Framework, includes a BOT connector service, with a goal of enabling communication with Disparate platforms such as LinkedIn,Facebook,Skype,Slack,stack and more. You get it?
  • Wand Labs Seems to have something to do with Bots. This company should be working with SFB for some Long term guidance, I would think. Why Else is SFB is not yet involved with BOTSVILLE?  
  • Cortana is supposed to be a BOT.
  • SFB is coming out for the mac! SKYPE is too, With Group Chat!
  • The above may not seem related, but I think it is! See the Skype Release is for Android, IOS and windows platforms. No one seems to be left out.
  • To underscore the point I made about group chat, that is what enabled the First Bot to work, and it works on SKYPE and it works with the MAC!
  • More then 20,000 Developers signed up for BOT Framework, and now there are more then 30,000 Signed up. Why? I think there is a synergy building here:

Microsoft has chosen to merge the Skype Bot Platform and the Microsoft Bot Framework

I would encourage you to read the papers I am placing into the links. I had to go through a lot of articles to get this trend about BOTS. It does look like a rather huge thing, looking into the future. I encourage you to tell me your thoughts on how this may play out.

Here is what was said on the MAC preview for SKYPE:

Skype Bots, a way to bring expertise, products, services and entertainment into daily messaging on Skype, are now available in preview on two additional platforms: Mac and on the Web.

 

SKYPE FOR BUSINESS has NO BOTS

Ok so now that I have detailed the exciting part, let me shut down the idea that SKYPE for Business is involved with any of this. See below from the MS blog site, confirming:

There is currently no story yet for Skype for Business. With the Microsoft Bot Framework you can build a bot that “channels” through multiple chat application like Skype, FB Messenger, KiK, Slack, Telegram etc. Skype for Business is not yet part of the available channels and no information is available when that will be available.

Some very promising statements have been made, and it looks like there is a concerted effort, by Microsoft, to initiate this BOT to work across the entire platform and the entire Industry:

“BOTS are a new way to bring expertise, products, services and entertainment into daily messaging on Skype”

“Skype bots can introduce both audio and video experiences, the company (Microsoft) said.

In fact, there has already been requests, at the Developer level, to bring BOTS on board with SFB. Below is the question asked at the BOT NET feedback web site:

Any plans for Skype for Business?
Bots offer a great opportunity to the enterprise users. I would be interested in private internal bots with Skype for Business available as a conversation channel.

Conclusion

So at this point, the only thing I have proved, in this article, is that SFB does not work with BOTS. When A customer calls to support, we can now tell them that Microsoft Skype for Business Does not have support for BOTS. 

Ill leave the conversation up to my readers. Do you think it will be long before SFB gets into the BOT world? The more important question is what is the hold up? Is there something else coming, that is a larger piece of the puzzle?

I hope this has raised your awareness about the BOTS and let you know we are likely going to be hit with BOT questions, until SFB finally joins the FOLD.

I do think that having SIRI on my Skype for Business Client is going to be just fine with me!!

 

Louis

Hermans Mass enable AD users for Lync or Skype for Business

 

THis is a re-post of one of my friends in the business. Herman, I hope you are doing well. Please keep in touch and I recall our time at Ditch Witch in Oklahoma. You are a great Lync SFB resource and I hope all is well with you!!

His article is here. Mine is just a re-post of his hard work. I lose it from time to time, and so I decided to add it locally so I can find it when I need it. Enjoy!

http://hseminiano.blogspot.com/2013/03/lync-powershell-script-to-mass-enable.html

 

Of course there is always a need to mass enable users for Lync once you have Lync deployed in your environment. The easiest way to mass enable users for Lync is via a PowerShell script and a CSV file with the user information.

To enable PC-to-PC users only
Here is a script I created to mass enable users:


if ($args[0] -eq $null)
    {
    $userNameFile = read-host “Enter the full path of the .csv file with the user information.”
    $userNameFile  = $usernamefile -replace ‘”‘,””} 
else 
    {$usernamefile = $args[0]}
if ($userNameFile -ne “”) 
    {$csv=import-csv $userNameFile} 
else 
    {“Could not find a valid .csv with the user information.”
    exit}
foreach($c in $csv)
# enable for lync
{
“Enabling ” + $c.Identity + ” for Lync 2010″
Enable-csuser -identity $c.Identity -registrarpool $c.RegistrarPool –sipaddresstype $c.SipAddressType -sipdomain $c.SipDomain
}

This script will enable the users with basic PC-to-PC configuration. This script allows for organizations with multiple SIP domains and multiple pools with the columns in the .csv file for RegistrarPool and SipDomain. The .csv file will look like this:

 

1

To enable Enterprise Voice users
To enable the users for Enterprise Voice, we will make the following addition (highlighted in yellow and green) to the above script. The green highlighted section is optional if you have extensions set up in your LineURI’s like tel+12815551234;ext=1234. You can omit this section and remove the Extensions column from the .csv file if you are not using extensions in your LineURI’s:

if ($args[0] -eq $null)
    {
    $userNameFile = read-host “Enter the full path of the .csv file with the user information.”
    $userNameFile  = $usernamefile -replace ‘”‘,””} 
else 
    {$usernamefile = $args[0]}
if ($userNameFile -ne “”) 
    {$csv=import-csv $userNameFile} 
else 
    {“Could not find a valid .csv with the user information.”
    exit}
foreach($c in $csv)
# enable for lync
{
“Enabling ” + $c.Identity + ” for Lync”
$lineuri = “tel:+1” + $c.PhoneNumber + “;ext=” + $c.Extension
Enable-csuser -identity $c.Identity -registrarpool $c.RegistrarPool -sipaddresstype $c.SipAddressType -sipdomain $c.SipDomain

# Pause for 30 seconds for AD Replication
write-host -foregroundcolor Green “Pausing for 30 seconds for AD Replication”

Start-Sleep -s 30

Set-CsUser -Identity $c.Identity -enterprisevoiceenabled $True -lineuri $lineuri
Grant-CsDialPlan -Identity $c.Identity -PolicyName $c.DialPlan
Grant-CsVoicePolicy -Identity $c.Identity -PolicyName $c.VoicePolicy

}

As you can see, the script turns the 10 digit phone number into E.164 format and adds the extension (if needed) and then sets it as the LineURI for the user. The .csv file will have the following columns added for this script:

2

Move-CsManagementServer Fails when the 2010 Databases are irrevocably Destroyed AKA How to move CMS from 2010 to 2013 when CMS is Dead.

 

Hello and happy summer day. This article is about a subject you wont find documented around the internet much, and is not Directly Microsoft supported. With that said, I will present you with the Microsoft way and the emergency way, to save your 2013 Lync  install when the 2010 has been Broken.

First of all. Have Back Up. In this situation, the customer did not have a back up, but it certainly is a good Idea. So the first method you should use, if you loose your 2010 Back end Databases, is to recover them from back up.

Second, Recreate your SQL server.The official documentation you will find if you loose your back end for 2010, is to Recreate the SQL 2008 server, and install an instance of SQL with the same name. From there, you can use install-CsDatabase –CentralManagementStore to recreate the Back end database on the new server.

Third, Lets say you are in a situation where neither of the two above are possible? So the mantra is you are normally going to run the command:

Move-CsManagementServer to move the CMS from 2010 to 2013. This process is how you might be able to move forward, eliminating your 2010, even if they are down. There needs to be said that you can forget about saving things like contacts, response groups, etc..  this is a bare knuckle procedure to get you from 2010 CMS to 2013 CMS, without loosing both installations.

Current Situation

In this situation, you will find the 2010 and 2013 topology builder will not download the topology. You cant make any changes and the Lync control panel wont work. You are really in bad shape.

Steps to move from non existent 2010

What is going to save you here is a copy of your topology and the copy of your configuration. I don’t know that you can do this without a copy of your configuration so lets have you make a copy to back up now.

  • Export-CsConfiguration -Filename Yourconfig.zip
  • Export-CsLisConfiguration -FileName C:\LISConfig.bat

Most of you wont have the LIS configuration and that’s ok. You will see the work around here in a second.

1, Get-CsManagementStoreReplicationStatus –CentralManagementStoreStatus

This command is going to fail because your pointed to your 2010 CMS currently. So this is procedural

2. Export-CsConfiguration -Filename Yourconfig.zip –localstore

#2 is the file we are going to recover from. keep it.

If you had not run install-CsDatabase already, this is part of the migration steps, just before you move the management server

3. Install-CsDatabase -CentralManagementDatabase -SqlServerFQDN Nameofserver -SQLinstancename Name -Clean –Verbose

4. Move-CsmanagementServr -ConfigurationFilename csconfiguration.zip –force-verbose

#4 above is only partially successful, as we did not use any LIS configuration, so elements will fail. However, some will succeed.

here is where it gets creative. Create a folder called LIS.BAK.  Place an empty file inside the folder and zip it. This zip file will be required to make the next command succeed.

5. Move-CsManagementServer -ConfigurationFileName CsConfiguration.zip -LisConfigurationFilename Lis.zip -Force –Verbose

Number 5 is your magic command. this command is able to move your CMS to 2013, without the 2010 database. This was pretty amazing.

 

This is the steps as I recall, and this should get you moved over to 2013 for CMS. Now you will have to remove the 2010 objects to get topology published with only the 2013 Topology items being there.

SO below, for completeness, I have my rough notes on the last time I did a full CMS move and decommissioned the 2010 server. I have also included some Links I used to make sure I was doing the steps correctly. That is all posted below:

JUST FYI the above process only replaces step 2. So you still have work to do. However this gives you some context in to how the process fits into the whole 2010 decommission.

  • 1. # Install-CsDatabase -CentralManagementDatabase -SQLServerFQDN “BackendEnd FQDN” -SQLInstanceName RTC
  • 2. Move-csmanagememntserver
  • 3. Move-CsManagementDatabase –verbose
  • 4. Run step 2 on lync 2010 deplyoment wizard- Run Step 2 to remove Lync Server Components
  • 5. Get-CsManagementConnection
  • 6. Check new topology-builder-
  •  7. Go to 2010 LMS- Uninstall-CsDatabase -CentralManagementDatabase -SqlServerFqdn -SqlInstanceName RTC –verbose
  • 8. Remove-CsConferenceDirectory –Force
  • 9. Remove mobility from programs and features 2010
  • 10. Remove- lync 2010 from 2013 topology and publish

 

I hope this article is helpful. Please remember this is not an MS supported change. Options one or two are the main ways you would deal with this situation. Have a great weekend:

L

Sources I had used at one time for my CMS steps

Flash: The Best way to Fix your Exchange 2013/2016 Unified Messaging, UM Dial Plan, is to redeploy it. It is not as hard as it sounds.

 

Hello!!  I’m Lester Tarkenson and welcome to another installment of Fun with Dialplans. today we will be discussing how the real professionals troubleshoot their Dialplans.

The first thing a seasoned person does, when they see a dial plan, created by a customer, who has never had a dial plan working before; why of course! They chuck it! Yes, there are many reasons for this, but I can name off just a few:

  • 1. Once your gateway and hunt group are married together, changes made manually, may cause objects to be out of sync, causing failure of the Dial Plan
  • 2. Spaces are not allowed in certain circumstances
  • 3. Strange Characters and long object names are both possible reasons for failure in  the Unified Messaging setup. (now called UM heretofore)
  • You have to restart the UMSERVICE and the UMCALLROUTERSERVICE after making every change in UM. Trust me this will get you at some point.

For these reasons and more, It is best to just build from the bottom up. It is very good advice, until you begin to try to take the UM apart. It fails all over the place, yet some commands do work. It quickly becomes a struggle to just get you back to were you were, with no harm done.

Lets just take a deep breath and enjoy a quick Poem:

DIAL PLANS IN THE SKY
MY DIAL PLAN TASTSE LIKE PIE
HUNT GROUP ON MY SLEEVE

Ok. I am deeply sorry for that. Try to recover. I know it will be hard. But, you will have a ton of time to make me a nice Haiku email, because rebuilding the Dial Plan will work instantly and you can move on with your life. so lets begin.

Remove what you can in the Exchange Admin Center

Let me say, without any need to have to tell any of you: Make a copy of all your settings. use screen shot, back up, notepad, whatever it takes, but do something to make sure you have the settings to rebuild with!

The first thing you do is use the GUI to get as much deleted as you can.

Figure 1. Untitled

 

Open up the Dial plan and start with the UM Maalox Policy and the Auto Attendant. Go in and delete and remove all that you can. Whatever is left, will be for us, in the Exchange Management Shell. You can work with Maalox or the Mailbox, it is your choice!

 

Figure 22

Getting the UM dial Plan Un Nested

So now this part may require some freestyle, so I am including all UM commands in the EMS for 2016. One small chart. I like it! See below. The goal is to get the UM objects un-nested. Then you can delete them with the Shell. Use your get commands, and then use your remove and delete commands, where appropriate. I am going off memory at this point, so I will be improving steps over time. using Figure 1 and 2, go in and manually remove everything.

Figure 3.mychart

Break the nesting with Exchange Management Shell

Do not run the Exchange Script UCExchUtil.Ps1, at any point during this process. Once you have removed as much, from the Dial Plan, as you can, using the Administrative Center; You now move to the Exchange shell and run these commands:

  • Set-UMCallRouterSettingS -DialPlanS $null
  • Set-UMMailboxPolicy -UMDialPlan $null
  • Remove-ummailboxpolicy -identity policyname
  • Remove-umhuntgroup -identity gatewayID\Huntgroupname
  • Set-UMService -idenity Servername -DialPlanS $null
  • Set-UMMailbox uSername -UMMailboxPolicy $null
  • Remove-umdialplan -identity Umdialplan

This will allow you to remove the Dial Plan and the Gateway. If the gateway is not removed by now, remove it in the GUI

Now that you have the Dial Plan and gateway removed, you are Free to begin with a new Dial Plan. Make sure you follow a good document on setting the Dial Plan up.

How to Integrate the UM Dial Plan and Lync/SFB

I could not do a better job at showing you the Lync Integration then Dean Suzuki. Look at his articles here. There are steps for the whole integration here:

And this is the end. I realize the title is a lot to live up to. However, the process is not hard, it just doesn’t have a lot of documentation out there that talks about it.

I hope you will be rebuilding your Dial Plans and gateways  for fun and enjoyment. Don’t forget to run your .\ExchUcUtil.PS1 command when you are finished. This will solidify your settings and you will be taking UM calls after you restart the UMCALLROUTER service and UM service on each Exchange Server 2013/2016.

Oauth For Lync and Exchange Special Considerations

Enabling Lync and Skype for Business for Integration with Exchange 2013/2016.

I want to call your attention to an issue with Lync and Exchange Open Standards for Authentication (called oath from here forward). I have discovered a few things about Oauth, That might be a topic of confusion for many.

It will be very common for most to jump right into articles such as the following.

https://technet.microsoft.com/en-us/library/jj649094(v=exchg.150).aspx

In addition, there are several modes you can install Oauth. You can focus on Server to Server, Cross Premise, and On premise partner. This leaves open the possibility of going down all kinds of fox holes. Therefore, I am going to try to layout the simple steps you are trying to accomplish when you do a Lync to Exchange Integration.

So when it comes to Oauth and Lync with Exchange, we are basically connecting two Enterprise applications. We are not connecting Autodiscover, EWS and other virtual directories, like we are doing with an Office 365 Integration. Therefore, Test-Oauthconnectivity. Will not work the same way.

If you have a concern or do not understand this, please compare the two articles in this paragraph. Notice, The Exchange online integration makes use of the Test-OauthConnectivity article. Notice the Lync/Exchange Oauth Article does not.

The bottom line is test-OauthConnectivity is not the way to test to verify that Lync and Exchange are correctly using Oauth correctly. I present below, the basis for doing the Lync Exchange Integration.

The Lync/Exchange Integration Is a partner application authentication. What this means to me, is the two applications have objects in AD that clear the servers to be able to talk to one another. This is independent of the IIS virtual Directories. The confusion is due to the Office 365 integration or Hybridization is becoming popular. The documentation is very similar, and many documents speak of Oauth and Integration. Test-OauthConnectivity -EWS is the one of the common items you will see. However, you won’t see it in any Lync documentation where exchange is concerned.

I think Lync and Exchange communication is more simple then the Office 365 Integration.

Here is the basic documentation for performing the SFB/Exchange integration . You don’t see anything about test-OauthConfiguration. However, you will see something here:

https://technet.microsoft.com/en-us/library/jj218623(v=exchg.160).aspx

Finally some light of day. What it says is

“For the Test-OAuthConnectivity cmdlet to succeed for other partner applications, you first need to create the partner application by using the Configure-EnterpriseApplication.ps1 script.”

Basically you don’t use the command to test OAUTH if you have not generated the Partner Applications. Once you have created the partner Applications, You wont need Test-Oauth, because for OAuth to work, the Enterprise Applications will need to succeed to be created. They wont be created broken.

So… This leaves us with no way to test. Well That is not exactly true.

Pre-Integration testing of Lync and Exchange

So before you begin the Procedure for Lync and Exchange to integrate, All you need to do is set the Oauth Certificate on both EX and SFB servers. They both will have a URL that becomes active, once the Certificates have been set correctly, and the virtual directories have become operational. These Two URL’s become your evidence of configuration succeeding, going into the Oauth Integration.

They are Http://autodiscover.domain.com/autodiscover/metadata/json/1

And Https://LynFQDN.domain.com/autodiscover/metadata/json/1

These URL’s are literal substitutions for use by the opposing servers. You can see on the Lync side, the Lync application looks to the Exchange URL, as a direct value for the Json token it needs to authenticate:

1

 

Remember, the URL must work before you use it in a command. Now the second Enterprise application, From Exchange to Lync:

 

2

I have some other articles on Oauth Which you may find helpful. Pease stay awhile and look around:

The last link above really goes into elements of a Full setup. But the goal is to get to steps 13 and 14, which is to get the JSON urls working. Once those are working you can execute your enterprise application commands, like the screen shots above, or the steps I provide at the end of the article.  However, you must first verify the URL for your Oath is working. Just put it into a browser as follows:

4

Finally, Run your command on the Exchange and Lync or Skype for Business servers:

Exchange

As long as you stay with configure or remove, you wont need anything else. Back out of the configuration and start over with configure, if you made any mistake.

Skype For Business

With Skype for business, there are a few eventualities, but essentially as long as the commands succeed, you will be in business.

 

One Last Thing

One Last thing. If for some reason you find that the Exchange or Lync Oauth token does not work when you try to use the URL for the Json token, the consensus is the only thing you can really do to repair this (It should not ever be broken, perhaps you need to re cert the Oauth Cert), is to repair the virtual Directories. I have a Friend  who is an Exchange Engineer, who has a great blog where this is laid our here.  John Alec Dixon is a better Exchange Engineer then I ever was a Lync Engineer. He found the issue. The Front end Virtual Directory path. Its not something we cross check often. Yes this can be incorrect.

In addition, You should check this article out if you need to repair your virtual Directories:

https://ashdrewness.wordpress.com/2014/09/10/troubleshooting-issues-with-client-access-servers/

Finally one point which provoked this article. I had one case in my life, where the Oath URL did not work. Non of the above was applicable to fixing it. This turned out to be a simple patch mismatch. There is no warning, or event which will tell you this. You just get a 404 IE error. The fix

a. Launch IIS Manager
b. Expand Default Web Site
c. Select Autodiscover vDir
d. Click Advanced Settings under Manage Application
e. Change physical path to:

C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\Autodiscover

 

I hope this helps

 

Louis