Move User from Online to Server Fails

Issue:

When trying to move a user from Skype for Business Online to Skype for Business Server, the following error was being output in the Skype for Business Server Control Panel – “Index was outside the bounds of the array” – not the most helpful issue to troubleshoot!

Troubleshooting:

A customer had recently requested support for the migration to SfB Online to SfB Server for a subset of users.

After initially understanding why this migration scenario was taking place, I began to look at the configuration in its entirety:

  • All Skype for Business Servers were running the latest CU
  • The SfB Server Topology was correctly and successfully published with no warnings or errors
  • All firewall ports had been opened correctly
  • Public DNS was pointing to the on-premise estate, for all required records
  • A Shared SIP Address space had been enabled
  • The Skype for Business control panel Hybrid wizard confirmed “all prerequisites had been met”

When testing a move of a user myself, I too encountered the error the customer had been reporting, which was;

“Index was outside the bounds of the array” – not the most helpful issue to troubleshoot!

The same occurred too when trying to move a user using PowerShell, with the appropriate switches.

As we had not implemented the solution, it was time to take a step back and look at all “moving components” within this scenario, including AAD Connect and ADFS.

Resolution:

When viewing the attributes that were being synchronised from the customers AD to Azure AD, I noticed that none of the MS-RTC* Attributes were included… hmmmm…..

After speaking with the customer, I then determined that Skype for Business Server had been install AFTER the installation of AAD Connect!

We decided to “Refresh the Directory Schema” using the AAD Connect Wizard, o ensure that our SfB attributes were being synced.

Following on from the refresh, we could then complete the procedure of moving a user from Online to Server, for those that needed to be migrated.

Advertisements

Cloud PBX –  Who, What, Where, When and Why?

It’s no secret that Microsoft have announced that the already feature rich service that is Office 365, will now include “Enterprise Voice” within its Skype for Business Online service.

It has been a long time coming, we dipped our toes in the water in a previous (similar)  iteration that was entitled ‘Hybrid Voice’ – well now it is back and along with additional supported topologies, they are here to stay!

This post is intended to be a ‘living post’; with constant updates as information is released and functionality is unveiled.

Quick Point:

  • Skype for Business Server = On-Premise
  • Skype for Business Online = Cloud
  • Skype for Business Hybrid = integrated On-Premise and Cloud deployment

Today, Skype for Business Server:

So as it stands, anybody wanting to leverage the enterprise grade PBX functionality offered by Skype for Business, must deploy the on premise iteration of the product, Skype for Business Server (or a hosted service via a third party). This enables customers to migrate all telephony functionality into the new on premise infrastructure in a smooth, well structured approach when planned correctly.

There is often reluctance to do this and from experience, this is due to a lack of knowledge of the platform and its eco system partners capabilities.

In a nutshell, yes we can provide support for the following AND more;

  • TDM and analog trunking
  • Multimedia Contact centres
  • Call Billing and Reporting
  • Call Recording (PCI compliance too)

This is just a shortlist of the capabilities, for an overview of all trusted partner applications and supported infrastructure components, the Skype for Business Solutions Catalog is the place to be.

So hopefully, if you did not already, you do have a better understanding of where we are today….

Cloud PBX – What is it and Where are we going?

In line with the ‘New Microsoft’, cloud first, agile software releases etc. the following offerings are being made available;

  • Cloud PBX with PSTN Calling (US only as it stands)
  • Cloud PBX with on premise PSTN connectivity
    • Via an existing Lync/Skype for Business pool
    • Via Cloud Connector Edition
  • Cloud PBX PSTN conferencing

There are also additional programs, but those are out of scope for this post;

  • Android Preview
  • Broadcast Meeting

In addition to the Skype for Business Server offering, Skype for Business Online will now start to offer ‘Enterprise Voice’ functionality in the cloud through your existing tenant service.

It is important to note that initially, the service will not provide all the functionality that on premise counter part does, the following table shows the functionality announced today:

Office 365 Express Route

In my opinion, taking into consideration the nature of real time UC traffic, versus the more static content, in say Exchanged Server, network connectivity has been one of the reasons many organizations have not yet adopted Skype for Business Online.

Microsoft have now accounted for this in the form of Office 365 Express which is now Generally Available.

This service allows organizations to leverage a managed connection, from their local on premise infrastructure into the Office 365 data centre, adhering to the Quality of Service DSCP markings recommended for Skype for Business.

Again, in my opinion, whilst not mandated, I would recommend looking at adopting Office 365 Express Route within your network to ensure end user quality can be guaranteed, as opposed to best effort traversing the internet.

Cloud PBX with PSTN calling

I strongly believe, this is where everything is going. As you will see, each of the methods to achieve voice in the cloud, ultimately leads to this topology.

  • At the moment, this is an option available to the US only with plans for expansion CY16.
  • This offering allows customers, to utilise Microsoft as their sole telephony provider.
  • As it stands, this service is currently only available to US tenants, with a further geographical reach aimed for CY16.
  • Either acquire new telephone number ranges for organisation, or port your existing telephone numbers into the service and have no dependencies for on premise server infrastructure to deliver your telephony services.
  • User accounts are homed in the cloud, telephony services are hosted in the cloud, under a financially backed SLA. A summary of the topology may look like the following:

For customers interested, it is perfectly viable to pilot the service, acquiring telephone numbers for users and allowing for evaluation of the service in line with preview program updates. This is a clean, non disruptive way of testin out the Cloud PBX with PSTN calling functionality.

Whilst there is not feature parity with th, to account for this Microsoft have presented several ways for customers to achieve the Cloud PBX functionality, each of those will be discussed now.

To enable a user, you must;

  • Own an Enterprise Office 365 tenant that contains E5 licenses
    • OR E1/E3 + Purchase of the Cloud PBX License
  • Acquire new or port existing telephone numbers
  • Assign Office 365 E5 to the users in question
  • Assign on of two calling plans (current offerings)
    • Domestic only – which includes all 50 US states
    • Domestic and International – exactly as it states on the tin
  • Assign a telephone number to the user

It is a simple as that, there are additional considerations to be taken into account, Office 365 AADSync, ADFS dependent upon your requirements, but again out of scope for this post.

Cloud PBX with on Premise PSTN

Falling in line with the hybrid topologies, that allow organizations to transition services over time, Skype for Business Online Cloud PBX now supports this platform topology.

As stated earlier, the current cloud PBX service from Microsoft does not provide all of the functionality that is available from  an on premise deployment. To account for this, Microsoft allow for the retention of existing telephony carrier relationships and  on premise deployment applications such as contact centres, through the hybrid topology.

For those users that require corporate telephony, home them in the cloud, for users requiring access to custom ISV applications, they can remain on premise, whilst the organisation continues to integrate new functionality as it arrives within the online service.

This offering breaks down into two further offerings;

  • Cloud PBX with on Premise Skype Business
  • Cloud PBX without any existing on premise Skype for business Lync

Let’s explore each of these further;

Cloud PBX with on premise Skype for Business

This option is similar to the Hybrid Voice topology that was previously released and withdrawn, to and from the market.

It allows organisations to leverage the existing investment made into building out an on premise deployment with a view to transition all services to the cloud.

In this scenario, users are homed within Skype for Business Online, but the voice services required by the user are delivered via the Skype for Business Server (on premise) infrastructure.

Important notes to consider during planning:

  • To enable an SfBOnline user for this Cloud PBX offering, you must have provisioned your company domain (e.g. uccorey.com) to your Office 365 tenant
    • .onmicrosoft.com domains are not supported
  • Lync Phone Edition must be updated to the minimum required firmware
    • Do not move users online before updating the firmware
    • If a user have been moved online, prior to firmware maintenance – DO NOT update the device firmware nor perform a hard reset
    • Move the user back on premise prior to updating or resetting the phone device
    • If a hard reset if performed, before the device is updated, it will default to PIN authentication, which isn’t supported
      • Which will answer any CX500 question…

System Requirements / Prerequisites

  • Front End Server must be running Skype for Business Server 2015 or Lynch Server 2013
  • Edge Server must be running Skype for Business Server 2015 or Lynch Server 2013
  • Mediation Server must be running Skype for Business Server 2015 or Lynch Server 2013
  • Enterprise Voice is configured and tested on premise, including all PSTN components; SBCs, IP-PBXs, PSTN Gateways…
  • Azure AD Connect 1.0.9125.0
    • Older versions of the tool must be upgraded
  • Hybrid Connectivity (Shared SIP address space) must be enabled between your on premise deployment and Office 365 tenant
  • To support Single Sign On for end users, Active Directory Federation Services must be provisioned
Cloud PBX with On premise connectivity, without Skype for Business Server:

This scenario applies to organisations that have not yet deployed any Skype for Business or Lync infrastructure, but wish to adopt the service for all Unified Communication and Telephony functionality.

In this instance, organisations must deploy a small ‘flavor’ of an SfB deployment called ‘Cloud Connector Edition’. This virtual appliance server is a virtual machine that consists of the following  server roles:

  • Central Management Store (CMS) Role
    • Configuration store for the topology components
  • Edge
    • Access Edge
      • SIP Routing between on premise and online services
    • Media Relay and Media Daly Authentication
      • Media routing and authentication token for media routing
    • Outbound Routing
      • Supports only global policies based on outbound PSTN numbers
    • CMS Replica
      • Maintains a copy of the CMS local and synchronizes data from the Global CMS
  • Mediation Server
    • SIP and Media gateway between Skype for Business and the on premise PSTN gateways
    • Includes as CMS replica
System Requirements / Prerequisites
  • .onmicrosoft.com domains are not supported
  • Cloud connector edition is currently supported on Hyper V hosts
  • Cloud connector is provisioned using PowerShell scripts that may change the configuration of your Hyper V Hosts – review them!
  • CMS and Mediation roles can be collected on a single Hyper V Host
  • Edge Server VM must be provisioned on a separate Hyper V hosts that is deployed into a DMZ
  • Administrator permissions over the Hyper V Host
  • Administrator permission to publish the topology in the on premise domain
    • AD Schema
    • Enterprise Admin
    • Domain Admin
  • External DNS Records
    • ap.<Domain Name>
    • mr.<Domain Name>
  • Your Office 365 tenant must have the required SRV records created for it
  • External Edge Certificates must be procured
  • Firewall ports 443, 5061 and 3478

This appliance, is used to create a SIP trunk connection to a supported PBX or SBC appliance, which becomes the gateway for the online homed user account voice traffic. Users are homed online and consume UC services via the online pool, whilst PSTN voice traffic is routed via the Cloud Connector VMs via the existing telephony infrastructure.

The following TechNet article details the required steps to implement Cloud Connector Edition – as this becomes available, keep an eye out for updates to this post!

Skype for Business Broadcast Meetings Part 1

Unless you have been hiding under a gigantic UC rock, you will have no doubt seen the recent announcement from Microsoft around Skype for Business Broadcast Meetings.

Further enforcing the agile software release strategy of Cloud first, On-Premise second – should you fall into the latter category, this is the first Skype for Business feature release that is explicitly going to depend on hybrid connectivity being in place.

In Lync Server 2013, Hybrid connectivity always felt like an afterthought, something to bolt on, to help you get from A to B but there was never any real feature benefit from doing so (IMO – it was purely for migration purposes).

With Skype for Business, this has now changed – there will actually be scenarios where hybrid connectivity is required to not only allow for selective user placement and migrations, but also to enable specific functionality, Meeting Broadcast being the first.

Continue reading