Inside Lync

Recent Lync Control Panel Issue (AdminUIHost AppCrash)

I have experienced an issue recently with the Lync Control Panel crashing on several Lync servers. It appears the problem is caused by a recent Silverlight 5 update, but may or may not surface on all Lync servers. The issue is being investigated, but in the meantime, if you are experiencing this issue there are two easy workarounds:

Launch the Lync Control Panel from a web browser using the pool FQDN. This will take the form: https://<pool_FQDN>/CSCP. Don’t forget the “s” or a HTTP 403 forbidden will be returned.
Uninstall Silverlight 5 and re-install Silverlight 4. You can download Version 4 of Silverlight here: http://go.microsoft.com/fwlink/?LinkID=149156&v=4.0.50826.0.

The issue manifests itself if you launch the Lync Control Panel from the Windows Programs menu which uses an IIS component called AdminUIHost.exe. After a period of between 0 and 5 minutes, you will get the following error:

The culprit appears to be a recent Silverlight 5.1.10411.0 update (combined with using the AdminUIHost.exe component):

Thanks to Thomas Wismer for first noticing this.

Recently Released Lync Updates

A quick post in case you missed it, here is a a recap of a couple recent noteworthy Lync updates:

Microsoft Lync for Mac 2011 Update

Microsoft released an update for the MAC client which addresses the following issues:

Several issues with Cisco and Juniper VPN clients
An issue that causes an Active Directory lockout when the Kerberos protocol is used
Several issues that cause Lync for Mac 2011 to sign out unexpectedly or to crash

You can read about this update and download it here: http://support.microsoft.com/kb/2690036.

A Lync Server Update to Remove the “Last Active” Attribute

Microsoft released an update on Friday that allows a company to remove the “Last Active” attribute from Presence. This is the attribute that tells you a user has “been inactive for X minutes” (or away, etc…). See http://support.microsoft.com/kb/2684128/en-us?sd=rss&spid=924 for more information.

Fellow Lync MVP Justin Morris has a good write-up on the broader perspective for this update: Improving Presence Privacy in Lync 2010.

The Contact Importer Tool

Microsoft released a tool for OCS 2007 R2 and Lync Server 2010 that enables administrators to import contacts (including AIM, Yahoo Messenger, Windows Live Messenger, and for generic text based lists) for OCS and Lync users. The tool imports them directly into the Lync/OCS backend pool database.

You can find out more about the tool and download it here: http://www.microsoft.com/download/en/details.aspx?id=29558.

Saving OCS User Settings Before a Lync Migration

Recently posted InsideOCS.com

Saving OCS User Settings Before a Lync Migration

> http://blog.insideocs.com/2012/04/19/saving-ocs-user-settings-before-a-lync-migration/

Tips for Managing Lync User Policies

On-going user management in Lync typically involves changing, deleting, and reassigning existing Lync user policies to specific groups of users to expose or limit features for such things as Conferencing, External Access, and Client capabilities.

When reassigning Lync user policies, you will likely need to select a subset of Lync users based on their current policy and then make follow-on modifications to those Lync user objects. This blog post contains tips on do this and how to properly delete existing user policies.

Finding and Managing Lync Users with an Existing Policy

Doing user policy management in the Lync Server Management Shell will likely utilize the Get-CsUser cmdlet. This cmdlet, combined with the power of the PowerShell pipeline can be used to find Lync users with a specific criteria and take action on them.

The challenge of using the Get-CsUser cmdlet to return a set of Lync users that have been assigned a specific policy is that the logical and comparison operators (e.g. “-eq”) do not work with an existing policy names like they do on other Lync user properties.

For example, assume you need to find all Lync users that have the Lync Conferencing Policy set to “Allow Video”.

Based on all the Lync PowerShell examples in the documentation, you could be forgiven if you thought either of these cmdlet’s would work (they do not):

Get-CsUser -Filter {ConferencingPolicy –eq “Allow Video”}

Get-CsUser -Filter {ConferencingPolicy -match “Allow Video”}

Get-CsUser | Where-Object {$_.ConferencingPolicy -eq “Allow Video”}

The three commands are similar but behavior is slightly different and none of them will give you the correct results.

Using the Get-CsUser cmdlet with the Where-Object cmdlet will return nothing – even if there are users with the “Allow Video” conferencing policy, and using either of the Get-CsUser cmdlet’s with the –Filter parameter will produce this error:

Get-CsUser : Cannot bind parameter ‘Filter’ to the target. Exception setting “Filter”: “Query not supported for operator: “”
query: “ConferencingPolicy -match “Allow Video”" position: “20″”
At line:1 char:19
+ Get-CsUser -Filter <<<< {ConferencingPolicy -match “Allow Video”}
+ CategoryInfo : WriteError: (:) [Get-CsUser], ParameterBindingException
+ FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.Rtc.Management.AD.Cmdlets.GetOcsUserCmdlet

Note: you can successfully use the –eq operator to test for a $Null policy such as “Get-CsUser -Filter {ExternalAccessPolicy -eq $Null}”.

The Solution

The problem stems from the fact that the policy property values returned by Get-CsUser are of type “Microsoft.Rtc.Management.ADConnect.Schema.OCSADUser”, and we are trying to match the value against a ‘String’.

One solution therefore is to type cast the value of the existing policy name to a string so that we can compare apples-to-apples.

For example, this will work:

Get-CsUser | Where-Object {[String] $_.ConferencingPolicy -eq “Allow Video”}

(To appease the PowerShell purists, I should note it is always better (safer) to fully qualify the String type, so it is better to use “[System.String]” instead of just “[String]”).

Another solution is to use the “-match” operator to match a string using a regular expression.

Get-CsUser | Where-Object {$_.ConferencingPolicy -match “Allow Video”}

I am not sure exactly what happens under the PowerShell convers, but this does work and I believe the “-match” operator is forcing (casting) the existing policy value into a string type.

You can also use the comparison operators –notmatch and –like (with wildcards) for different types of searches. This Microsoft TechNet reference page lists all of the comparison operators that can be used.

Deleting Existing User Policies

If a subset of Lync users are changing from a specific user-level policy to the Global default policy, you might be inclined to just delete the existing policy. For example, if you want 20 users with the Lync Conferencing Policy named “Allow Video” to now use the Global default conferencing policy, you might consider just deleting the “Allow Video” policy rather than setting the conferencing policy for these 20 users to $null.

Although the Lync Control Panel will give you a warning when attempting to delete a policy that is assigned to one or more users, it will let you. And in this example, the desired end-goal will be achieved – the users will be now use the Lync default Global policy – however this is not the correct way to do this.

Behind the scenes Lync will replace the previously assigned policy name with a numerical reference, and whenever a user management action is done in the Lync Control Panel or Management Shell, a warning will be produced for all users affected.

This is an example of the warnings produced for 6 users who had their existing conferencing policy deleted:

The Solution

A better way to completely remove an existing policy is to make sure no Lync users are assigned to it, and then delete the policy.

To remove a user policy in the Lync Management Shell for a specific group of users, you can just set the policy to $null using the appropriate Grant-Cs cmdlet. For example, to remove the conferencing for all Lync users who currently have the “Allow Video” conferencing policy, we could use the Grant-CsConferencingPolicy cmdlet as follows:

Get-CsUser | Where-Object {$_.ConferencingPolicy -match “Allow Video”} | Grant-CsConferencingPolicy –PolicyName $Null

Or, for example, to remove any existing conferencing policy on all users in the AD City of Boston, you could use:

Get-CsUser -LdapFilter l=Boston | Grant-CsConferencingPolicy –PolicyName $Null

(Note: the lowercase L represents the AD attribute “locale” which represents the AD field “City”)

Once the policy assignment has been removed from all users who were assigned to it, the policy can safely be deleted to avoid the above warnings.

Tip – if you have the warnings described above, or other warnings that you already know about and can safely ignore, you can use the –”WarningAction:SilentlyContinue” parameter on any of the cmdlet’s to ignore the warnings until you correct the underlying issue.

What has been talked about in this blog post applies to all the per-user Lync policies, namely:

ExternalAccess
VoicePolicy
ConferencingPolicy
ClientPolicy
PresencePolicy
ArchivingPolicy
LocationPolicy
PinPolicy
MobilityPolicy
HostedVoiceMailPolicy

In all cases the cmdlet used to assign a per-user policy is “Grant-Cs{PolicyType}”.

References

Microsoft TechNet: PowerShell Comparison Operators (e.g. –match, –contains)
Microsoft TechNet: PowerShell Logical Operators (e.g. –eq, –ne)
Microsoft TechNet: PowerShell Common Parameters (e.g. -WarningAction, –ErrorAction)
Microsoft TechNet: Get-CsAdUser cmdlet
Microsoft TechNet: Get-CsUser cmdlet
PowerGUI – Lync PowerShell Cheat Sheat

Lync Client-Side Meeting Readiness Tip

On some Lync conferences, especially large ones, inevitably there are one or two participants who are having difficult joining the meeting.

In my experience, the issue is almost always client-side – either the pre-requisite software components are not installed, or there is a configuration issue with Lync client or the client machine. As a remote participant, it is difficult to offer troubleshooting advice from afar.

I discovered a small web-based script from Microsoft that easily checks that the right web browser components are installed and configured to launch and join Lync On-Line meeting and gives a simple “yes” or “no” result (and follow-on description of the issue). If the end-user is attempting to join via the Lync Web App for example, it will check that Silverlight is installed.

This link is available from this web site: Microsoft Office – First Online Meeting?

Click the Meeting Readiness link.

If this script is successful, but the participant still cannot join and I suspect client-side DNS problems or network issues, I will send the end user a link to my Remote UC Troubleshooting Tool (RUCT) and have them enter their SIP address and test the network availability of where the SRV records are pointing to.

Microsoft has also recently published a nice best practices document called ‘Successful Meetings with Lync Get Started’ to help end-users create and manage a successful meeting.

The Microsoft Readiness link however is a great easy first step for end-users to take if there are having troubles joining a meeting.

Lync Server 2010 Updates for March 2012

In case you missed it, new updates were recently released for the Lync 2010 client and server.

Lync 2010 Client

Knowledge base article and download links: Description of the update for Lync 2010: March 2012.

One significant fix was for a situation where instant messaging history was not being stored in the default Exchange mailbox.

This update represents represents version 4.0.7577.4087. The last update (Feb 2012) was .4072.

Lync 2010 Server

Knowledge base article and download links: Updates for Lync Server 2010.

Two noteworthy issues that are addressed:

An update to the mobility service that “improves the reliability, stability and performance of Lync Server 2010, Mobility Service” (http://support.microsoft.com/kb/2689850).
A fix for an issue introduced in the February 2012 updates when a user cannot join a Lync Online meeting by clicking a "Join online meeting" link.

Access to the Lync Server Address Book Databases

I encountered an issue today with access to the two databases (rtcab and rtcab1) which the Lync server uses to hold the Active Directory user information that eventually makes it’s way into the Lync Address Book files. I wanted to do a quick blog post in-case other people have the same issue.

By default all Lync databases grant members of the domain\RTCUniversalReadOnlyAdmins and domain\RTCUniversalServerAdmins groups access. You can see this in the Security settings in SQL Management Studio for the Lync ‘rtc’ database:

The two databases used by the Lync Address Book server are special in this regard. Both the RTCAb and RTC\Ab1 databases only grant members of the domain\RTCComponentUniversalServices security group access by default:

The grant access a user (e.g. another Lync administrator) access to these two databases, either add the user account to the domain security group RTCComponentUniversalServices or explicitly add their domain account to the database Users (in Security).

You might need to do this if the administrator is doing custom scripting or reporting that uses the user information in these Lync databases.

Note: you do NOT need to do this for a regular Lync users (clients) that use the Address Book. They will have access through the Lync Address Book service.

Note: the Lync Address Book Server alternates use of these databases: one of them is used for address book queries while the other is being updated. Once the updates are complete, they switch roles.

More information about the Microsoft Lync databases can be found here: The Lync Server Databases.

Lync Server CU5 (February 2012) Released

A quick post in case you missed it, the Lync 2010 server Cumulative Update 5 (CU5) has been released. This update includes client (include mobile) updates as well as server updates.

Mobile

March 19, 2012 Update: The CU5 update for the Lync for iPhone and Lync for iPad apps have been released on the Apple Store.

This iOS update enables the Lync clients to sign-in using Forefront UAG 2010 SP1 as a Reverse Proxy.

Server

This includes fixes for most major Lync server 2010 roles including the administrative tools, the core components, and the mobility service.

Download: http://www.microsoft.com/download/en/details.aspx?id=11551
Knowledge Base Article KB 2493736: http://support.microsoft.com/kb/2493736

As usual the cumulative installer is available in the LyncServerUpdateInstaller.exe download.

Clients

The associated CU5 Lync Client updates are also available:

A Good Overview of all the CU5 Updates

A list of all the server role and client updates for Lync CU5 is listed here: Cumulative update for Lync 2010: February 2012.

Client Notes

One the several Lync client CU5 updates fixes is the F1 help issue (introduced in the CU4 update).
This update brings the client version up to 4.0.7577.4072.

The update will need to close Outlook and it will prompt to do so:

Top 10 Facts when Planning a Lync 2010 Client Deployment

If you are in the early stages of planning the deployment of the Lync 2010 client in your organization the following top 10 points provide key basic starting points and references to get you going.

The Lync 2010 Installation is an Executable, not an MSI.
- Previous versions of the UC client (aka Communicator) were *.msi files. The Lync 2010 client is shipped as an executable.
- There were some advantages to going the executable route including the ability to better handle the removal of any previous client (e.g. Communicator), better handling or pre-requisites, and the ability to repair the client at a later date if it needs to.
- There is an MSI installation available but it can only be used if the target PC is completely prepared to install the Lync client (i.e. any previous clients have been uninstalled and the pre-requisites have been installed), and a required registry modification has been made. See http://support.microsoft.com/kb/2477965 for more information.
There are Two Lync 2010 Clients Available for Download: 32-bit and 64-bit
- The Lync client itself is actually only 32-bit – the 64-bit download is a 64-bit installer wrapping the 32-bit client.
- The 32-bit installer will not allow installation on 64-bit Windows and vice-versa.
- The 64-bit installer installs the Lync client in the “Program Files\x86” directory.
The Lync Client Download Includes the Outlook Add-In (now called the “Online Meeting Add-In for Lync 2010”)
- The Lync client .exe installs the Outlook Add-In which allows you to schedule Lync meetings.
- The 64-bit download of the Lync 2010 client installs the 64-bit version of the add-in so that it is compatible with the 64-bit version of Office and Outlook.
The 64-bit Lync 2010 Installation Works with the 32-bit Version of Microsoft Office.
- If you have a 64-bit machine with a 32-bit Office 2010, you can use the 64-bit Lync Installer.
- The 64-bit Lync client installation will install the 32-bit version of the Online Meeting Add-In for Lync 2010 for Outlook.
Lync 2010 Client Integration is Supported with Office 2007 and Office 2003.
- http://office.microsoft.com/en-us/communicator-help/work-smart-using-lync-2010-with-office-2003-and-office-2007-HA101856401.aspx
- For the presence indicator and contact menu to appear in Word or Excel, smart tags must be enabled. For instructions about how to enable smart tags, see the Microsoft Knowledge Base article 300950, “How to troubleshoot custom Smart Tags in Office,” at http://go.microsoft.com/fwlink/?LinkId=147183.
- See the Office and Lync 2010 section of the Lync 2010 Compatibility document on Microsoft TechNet.
The Lync 2010 Client Does Integrate with Exchange 2003 and Exchange 2007
- See the Exchange Server and Lync 2010 section of the Lync 2010 Compatibility guide in TechNet for more information on feature support. The Lync integration features made possible with Exchange Web Services (EWS) is not available if Exchange 2003 is being used.
The Lync Client Install Removes any Previous version of Communicator and Installs the new Online Meeting Add-In for Lync 2010.
- Previous clients are silently uninstalled before the Lync 2010 client is installed.
- User Contact Lists are preserved because they are stored on the Lync server.
- Most registry customizations from Communicator 2007 R2 carry-over.
The Lync Client can be Installed Silently (** but be aware any open Outlook sessions will be forced closed and restarted **)
- To install the client with no user interaction, you can use the /Silent and /Install parameters to the Lync installation executable.
- All of the Lync 2010 Setup Command-Line Arguments can be found here: http://technet.microsoft.com/en-us/library/gg425733.aspx
- You can deploy the Lync client along with the latest Lync client Windows Installer patch (.msp file) and using the following command:
  - “msieexec.exe /patch lync.msp /quiet” <assuming the Lync.msp contains the patches install of the Lync client>
- The Lync client will run immediately after it is installed.
- Outlook Note: most of the time the Outlook client will have be closed to do the Lync install. I have seen two different scenarios for silent installs depending on what was client was previous installed on the machine and the O/S version:
  1. The Lync client successfully installs without closing Outlook but the Lync Online Meeting Add-In is not installed.
  2. The Lync client forces a shutdown of Outlook and restarts it after Lync is installed.
The Lync Client Can be Configured with Lync Client Policies, the Lync Client GPO, or a Customer GPO
- Many former Communicator settings can now be set in Lync Client Policies. See Key Client Policies and Settings for more information.
- See Configuring Client Bootstrapping Policies for Lync 2010 for which customization method takes precedence.
- There is still a client-side GPO. See the Microsoft Lync 2010 Client Group Policy Documentation for more information.
- A good overview of the Lync client registry settings can be found here: Working with Microsoft Lync Registry Settings.
Supported MAC Client Versions
- Both the Microsoft Lync for Mac 2011 and the Microsoft Communicator for Mac 2011 are supported.
- See the ‘Macintosh and Lync 2010’ section in the Lync 2010 Compatibility guide for more information.
Be Aware of the Client Address Book Download Time Lag (bonus tip ).
- After the Lync client is installed, the client will need to download the address book. The client is hardcoded to wait anywhere between 1 – 60 minutes to do the download to avoid a download storm (i.e. if many clients were installed at the same time).
- This often leads to the user not having address book functionality. Users will see the message “The address book is preparing the synchronize” in the address search field until the address book is downloaded.

Deploying via SCCM and GPO

Several people have experienced an issue deploying the Lync client via SCCM whereby the Lync client is started in the SYSTEM context after installation; instead of the USER context, which does not allow the user to run Lync (e.g. http://social.technet.microsoft.com/Forums/en-US/ocsinterop/thread/6b638a43-e3a5-4e08-bdfd-16f84b51e2b1/).

The Lync client can be deployed via Group Policy Object (GPO). There are two important requirements:

You must extract the Windows Installer (.msi) file from the Lync installation executable, and,
You must use the Group Policy setting UseMSIForLyncInstallation to allow the .msi to run on client computers

This is detailed more here: IT-Managed Installation of Lync 2010 and in this good Lync server forum posting.

Other good deployment references:

- Microsoft KB 2477965: The installation of Lync 2010 by using Windows Installer (MSI) fails
- Microsoft TecNet - What’s New in Client Deployment

If you are deploying Office 2010 at the same time, you should read this TechNet Article on the Who, What, Where, Why, and When for 64-bit Office 2010 Applications:

> 64-bit editions of Office 2010 (http://technet.microsoft.com/en-us/library/ee681792.aspx)

In a nutshell, Microsoft generally recommends the 32-bit version of Office 2010 (even on 64-bit machines), largely because of the backward compatibility of any 3rd-party 32-bit Office add-in’s you might currently be running. The above article contains good information about the specific scenarios where you should install the 32-bit version of Office instead of the 64-bit. Many Lync 2010 deployments have been running fine with the 64-bit version of Office 2010 for some time now.

Lync 2010 Setup Command-Line Arguments

Lync Address Book – Client Synchronization Errors and Common Problems

Address Book synchronization issues are common with new Lync deployments. Issues usually surface as errors in the Lync client shortly after sign-in (when the address book synchronization is first attempted) and manifest as one of these two errors:

Or, shortly after upgrading from the Communicator client, users will see the following error beneath the contact search text box:

Some address book issues are caused by a problem with the local address book files on the client machine, and other synchronization issues are caused by lack of access to the address book folder (e.g. network access), permissions, or address book configuration on the Lync server.

This post provides solutions to 4 common issues, and some basics on the Lync address book implementation to further your understanding.

Common Problems & Solutions

Four common problems and their solutions are listed below.

1] The Persistent Message “The address book is preparing to synchronize” in the Lync Client

When the Lync client is run for the first time it chooses a random time between 1 – 59 min to download the Lync address book (from the FE server). The random time is to prevent network storms if a lot of Lync clients are being deployed at the same time.

If you have had the Lync client running continuously at any time for more than 2 hours and this synchronization message is still displayed, there is likely an issue.

The solution here is to delete your existing local Lync address book files and force the download of new ones from the server:

Shutdown the Lync client
Force the Lync client to download the address book immediately the next time it starts:
- Open the registry to HKLM\Software\Policies\Microsoft\Communicator
- Modify (or Create) the DWORD the registry key “GalDownloadInitialDelay” and set it to 0 (that is a zero)
- This can also be done from the command line:
  - reg add HKLM\Software\Policies\Microsoft\Communicator /v GalDownloadInitialDelay /t REG_DWORD /d 0 /f
Delete the Existing Local Address Book Files:
- On Windows 7 or Vista machines, open Windows Explorer to the directory:
  - %userprofile%\AppData\Local\Microsoft\Communicator\sip_user@example_domain
- Delete the files GalContacts.db and GalContacts.db.idx
Restart the Lync client.
• The address book should be available in less than an hour.

I have seen this work many times in production deployments.

Jeff Schertz has an excellent blog entry on the process that is used to update the Lync address book and how to force the Lync clients to update – see Updating the Lync 2010 Address Book.

2] The Lync Address Book Website does not have a Valid SSL Certificate Installed

Microsoft knowledge base article 939530 describes this problem well:

The Lync 2010 client or the Office Communicator client does not download the corporate address book and displays a notification: “Cannot Synchronize Address Book”

The resolution section of the KB article details how to verify that the existing certificate is valid, and how to assign another certificate if need be.

3] Symantec Antivirus Running on the Lync Server is Restricting Access to the Address Book File Share

Some versions of Symantec Antivirus running on Windows 2008 server, can cause access issues to network shares.

If you cannot map the Lync address book network share from more than one client and are running Symantec Antivirus, this is a possible cause.

This Microsoft KB article provides the details and the solution: Unable to access Shares “The specified network name is no longer available” when Symantec Endpoint Protection prior to 11.0.4202 (MR4-MP2) or Symantec Antivirus 10.2 are installed on a Windows 2003, 2008 or 2008 R2 Server.

4] VMWare Network Adapter Preventing Access or Causing Sluggish Performance to the Address Book File Share

If you are using VMWare images for either the Lync Front-End or where you are Lync address book file share resides, and are having address book synchronization issues, you should check that your virtual NIC emulator type is set to VXNET3. Problems have been seen when this is set to other emulator types such as E1000.

You can read more about the available VMWare network adapter types here: Choosing a network adapter for your virtual machine.

Address Book Basics

At a high level the server-side Lync address book consists of a Lync address book files and a web service. The majority of Lync clients download and use local copies of the address book files, but the default client policy is to also use the web service if the local address book files are not available. Administrators can control how Lync clients use the Address Book with a Lync client policy setting (see http://technet.microsoft.com/en-us/library/gg412966.aspx for more details).

The Address Book Files

Lync clients pull down the address book files from the file store configured on their home registrar pool. You can find the address book file store path by looking at the ‘File store’ property of the Lync pool in the Topology Builder (just right-click on the pool name and it is in the left-hand pane). This is the same file store that also contains the:

The File Store for other Lync Web Services (ABFiles, CollabContent, CollabMetadata, DeviceUpdateLogs, DeviceUpdateStore, LMStaticData, MeetingComplianceData, MeetingContent, MeetingFiles, MeetingMetaData and WebAuthStore).
CMS File Store.
Application File Store.

A good first troubleshooting step is to see if the machine where the Lync client is running can access the Lync address book file share.

The Address Book Web Service

The Lync address book also contains a web service, and some clients (such as Lync devices) can use it instead of downloading the address book files.

The URL associated with the address book web query service can easily be found by viewing the configuration information of a signed-in Lync client. Right-click on the Lync client icon in Windows taskbar (or notification tray) and select ‘Configuration Information’. The ‘URL from Server’ gives the internal and external URLs of the address book service.

URL Internal From Server;https://<Lync Pool FQDN>:443/abs/handler
URL External From Server;https://<Lync External Web Service FQDN>:443/abs/handler

You can test the address book via the web service using the Test-CsAddressBookService and Test-CsAddressBookWebQuery cmdlet’s. The Test-CsAddressBookWebQuery cmdlet is more in-depth and tests searching and returning information. The Test-CsAddressBookService cmdlet tests the ability of a specific user to access the address book server, and can be used as follows:

Test-CsAddressBookService –TargetFqdn <pool fqdn> -UserCredential $myCred -UserSipAddress “sip:example_user@example.com”

You will need to assign the credentials for example_user to the PowerShell variable $myCred by first doing: $myCred = Get-Credential.

References

Special thanks to Steve Gover for uncovering the solutions to issues #3 and #4.

Microsoft TechNet - Lync Address Book Capacity Planning: http://technet.microsoft.com/en-us/library/gg398771.aspx

Error message when you log on to Microsoft Office Communicator: “Cannot Synchronize Address Book”

The Lync 2010 client or the Office Communicator client does not download the corporate address book and displays a notification: “Cannot Synchronize Address Book”

Inside Lync

Recent Lync Control Panel Issue (AdminUIHost AppCrash)