Set Custom Policies in Skype for Business Online

For those who have worked with Skype for Business Online (SfBO) policies, you know that the policies which govern user behavior and features are pre-configured with a set of default policies for the Office 365 SfBO tenant.

This was somewhat painful for a couple of reasons:

  • Policies which had a large number of settings (e.g. Conferencing), had to have a huge number of default policies to cover all the combination of features enabled/disabled
  • Organizations could not set a custom specific set of features to create policies which matched their business needs.

Skype for Business Server 2015 On-premises of course allows the creation of custom policies. Recently Microsoft brought this custom policy capability to Skype for Business Online!

Recently the ability to create custom policies for these 4 policy types was added to Skype for Business Online:

  1. Conferencing
  2. Client
  3. Mobility
  4. Caller-ID (** not sure if this policy is used yet in SfBO, but the cmdlet’s exist to Set and Get policies of this type)

This introduces new cmdlet’s to create, grant, remove custom policies, and change settings on existing policies of these types. These are reflected in the traditional associated New & Set cmdlets (see below).

Tip – you cannot use the corresponding Set cmdlet’s to change the existing default policies of these types – i.e. that policies that come default with your Office 365 tenant.

The rest of this article details the default policy for each policy type, and the PowerShell cmdlets to create and configure them. Recently a Microsoft Tech Community article was written which also explains the new custom policies: Custom Policies for Skype for Business Online.

Note: the cmdlet name is a hyperlink to the TechNet documentation.

Conferencing

Default Policy Given to a new user: BposSAllModality

Get-CsConferencingPolicy

Returns information about the conferencing policies that have been configured for use in your organization. Conferencing policies determine the features and capabilities that can be used in a conference; this includes everything from whether or not the conference can include IP audio and video to the maximum number of people who can attend a meeting.

Set-CsConferencingPolicy

Modifies an existing conferencing policy. Conferencing policies determine the features and capabilities that can be used in a conference; this includes everything from whether or not the conference can include IP audio and video to the maximum number of people who can attend a meeting.

Cmdlet to assign to a user : Grant-CsConferencingPolicy (link to on-premises documentation)

Client

Default Policy Given to a new user: ClientPolicyDefault

Get-CsClientPolicy
Returns information about the client policies configured for use in your organization. Among other things, client policies help determine the features of Skype for Business Server 2015 that are available to users; for example, you might give some users the right to transfer files while denying this right to other users.

Set-CsClientPolicy
Modifies the property values of an existing client policy. Client policies govern certain user features such as the right to transfer files while denying this right to other users.

Cmdlet to assign to a user : Grant-CsClientPolicy

Mobility

Default Policy Given to a new user: MobilityEnableOutsideVoiced

Get-CsMobilityPolicy

Retrieves information about the mobility policies currently in use in an organization. Mobility policies determine whether or not a user can use Skype for Business Mobile. These policies also manage a user’s ability to employ Call via Work, a feature that enables users to make and receive phone calls on their mobile phone by using their work phone number instead of their mobile phone number. Mobility policies can also be used to require Wi-Fi connections when making or receiving calls

Set-CsMobilityPolicy

Modifies an existing mobility policy. Mobility policies determine whether or not a user can use Skype for Business Mobile. These policies also manage a user’s ability to employ Call via Work, a feature that enables users to make and receive phone calls on their mobile phone by using their work phone number instead of their mobile phone number. Mobility policies can also be used to require Wi-Fi connections when making or receiving calls

Cmdlet to assign to a user: Grant-CsMobilityPolicy

Caller-ID

The caller-id policies are very new and govern the caller-id feature for users such as whether another another number can be shown as the outbound caller-id. There is no help available (for either the on-premises or online versions), so the command line syntax is shown for each cmdlet.

Default Policy Given to a new user: <None>

Get-CsCallerIdPolicy

SYNTAX
Get-CsCallerIdPolicy [-Identity <XdsIdentity>] [-BypassDualWrite <$true | $false>] [-LocalStore <SwitchParameter>] [-Tenant <Guid>] [<CommonParameters>]

Get-CsCallerIdPolicy [-Filter <String>] [-BypassDualWrite <$true | $false>] [-LocalStore <SwitchParameter>] [-Tenant <Guid>] [<CommonParameters>]

Set-CsCallerIdPolicy

SYNTAX
Set-CsCallerIdPolicy [-Identity <XdsIdentity>] [-BypassDualWrite <$true | $false>] [-CallerIDSubstitute <Anonymous | Service | LineUri>] [-Confirm <SwitchParameter>]
[-Description <String>] [-EnableUserOverride <$true | $false>] [-Force <SwitchParameter>] [-Name <String>] [-ServiceNumber <String>] [-Tenant <Guid>] [-WhatIf
<SwitchParameter>] [<CommonParameters>]

Set-CsCallerIdPolicy [-Instance <PSObject>] [-BypassDualWrite <$true | $false>] [-CallerIDSubstitute <Anonymous | Service | LineUri>] [-Confirm <SwitchParameter>]
[-Description <String>] [-EnableUserOverride <$true | $false>] [-Force <SwitchParameter>] [-Name <String>] [-ServiceNumber <String>] [-Tenant <Guid>] [-WhatIf
<SwitchParameter>] [<CommonParameters>]

Cmdlet to assign to a user: Grant-CsClientPolicy

Generating a List of Available Skype for Business Online PowerShell Cmdlets with Documentation

The Skype for Business Online (SfBO) PowerShell Module is the primary command line management tool for Administrators.

New users of this module are often surprised to learn that the cmdlets exposed by this module are not defined in the Skype for Business Online PowerShell module itself. Instead, the SfBO PowerShell Module creates an implicit remote PowerShell session and imports the cmdlet definitions from the Online SfBO tenant. The cmdlet’s made available in this module therefore could vary by tenant (i.e. based on the type of licensed Office 365 tenant), and be changed online in the tenant (i.e. by Microsoft) without releasing a new PowerShell module (which is installed locally).

Significant changes to the online cmdlet’s are usually well communicated, but as the SfB online service quickly evolves, changes can happen before they are well communicated. For this reason, and to learn what cmdlet’s are available for SfBO administration, I often enumerate the available cmdlet’s in several of my tenants.

The available cmdlet’s in any SfBO tenant can be easily retrieved using PowerShell by finding the associated local temporary PowerShell module associated with any current SfBO PowerShell session and enumerating the cmdlet’s available in that module.  Displaying a list of cmdlet’s to the PowerShell console is not much use however – it is hard to get a handle on what cmdlet’s are available, what they do, and what differences might exist between tenants (since the last time the cmdlet’s were enumerated).

Inspired by fellow MVP Pat Richard’s script for retrieving a convenient list of Skype for Business on-premises PowerShell cmdlet (see “All Skype for Business 2015 Cmdlets and the Default RBAC Roles That Can Use Them”) which includes help information such as the Synopsis and a link the online TechNet help for that cmdlet, I wrote a script which does the following:

  1. Retrieves all of the SfB online cmdlets available in the tenant – including the help descriptions and links to the online help for that cmdlet (if it exists).
  2. Optionally produces a nice HTML report of all the available SfBO cmdlet’s using a really useful PowerShell module named “ReportHTML” by Matthew Quickenden (See PowerShell module called Generate HTML Reports by Matthew Quickenden to get this module).
  3. Optionally saves it to a CSV file

The script is below. By default both the HTML and CSV reports are produced but this can be easily changed with two boolean input parameters to the script representing each type of report.

Some notes on using this script:

  1. It can take a long time (~10 minutes) to finish – why?  The script is calling Get-Help on every cmdlet it finds to get the description and links to online help. This can take awhile.
  2. Make sure the ReportHTML module installed to make the HTML reporting work.
  3. If you are in a SfB hybrid configuration, the OverrideAdminDomain parameter in the New-CSOnlineSession call will likely be required for the remote SfBO session to be established.  See the nodes in the script.
  4. Some cmdlet’s do not have TechNet documentation. Other cmdlet’s have a TechNet link but it is broken – nothing is posted at that link. Most do have links and they open a separate window with the help.

An recent example of the HTML report – which represents all of the SfBO cmdlet’s available on an E3 tenant as of March 2017 - is here:

> http://insidelync.com/Tools/SfBO_Cmdlets.html.

image

 

The Script

The script is published on the TechNet script gallery here: https://gallery.technet.microsoft.com/Get-a-List-of-Available-6de74e51. This is where I will keep it up-to-date.

<#
.SYNOPSIS
    Get-SfBOCmdlets.ps1 – Get’s all the cmdlet’s availalble and their help informaiton for an Online Tenant.

.DESCRIPTION
    This powershell script retrieves all the cmdlet’s available in an SfBO tenants,
    including the help description, and link to online cmdlet help, and optionally
    produces a nicely formatted HTML report and CSV file with all the cmdlet information.

    See http://blog.insidelync.com/2017/03/generating-a-list-of-available-skype-for-business-online-powershell-cmdlets-help-information/

.INPUT
    Skype for Business Online Administrative Username/Password for the tenant (manual prompt), and
    optional parameters for the type of output reports desired.

.PARAMS
    ProduceHTMLReport – Boolean to produce an HTML report (default = true)
    ProduceHTMLReport – Boolean to produce an HTML report (default = true)

.OUTPUTS
    All the cmdlet’s and information about each one.

.NOTES
    ** Need to modify the New-CSOnlineSession session (see below) for a hybrid SfB domain

.EXAMPLE
   .\Get-SfBOCmdlets.ps1 -ProduceHTMLReport $true -ProduceCSVReport $false

Written by: Curtis Johnstone
    www.InsideSkype.com
    www.InsideMicrosoft.com

Special Thanks to Pat Richards for this script: https://www.ucunleashed.com/3691.
   
#>

param (
    [bool] $ProduceHTMLReport = $true,
    [bool] $ProduceCSVReport = $true
    )

Function GetSfBOCmdlets
{
    Write-Output "About to retrieve available online cmdlets and associated help information"

    Import-Module -Name SkypeOnlineConnector

    $Credential = Get-Credential

    # use the -OverrideAdminDomain parameter for a hybrid SfB domain; see http://www.ucblog.co.uk/?p=25
    $sfBOSession = New-CSOnlineSession -credential $Credential # -OverrideAdminDomain
   
    $implicit_PS = Import-PSSession $SFBOSession -AllowClobber

    if ($SFBOSession -eq $null)
    {
        Write-Error "There was a problem establishing the remote session to the SfBO tenant. Aborting"
        exit
    }

    $global:objectCollection = @()

    $all_cmdlets = Get-Command -Module $implicit_PS.Name | Sort-Object Name

    foreach ($cmdlet in $all_cmdlets)
    {

        $cmdletHelp = $(Get-Help $cmdlet)
  
        [string] $synopsis = $cmdletHelp.Synopsis
        if ($synopsis -eq $null) { $synopsis = "" }
        if ($synopsis -eq "Provide the topic introduction here.")
            { $synopsis = "" }
   
        [string] $description = $cmdletHelp.Description
        if ($description -eq $null)
            { $description = "<blank>" }      

        [string] $onlineHelpURI = (($cmdletHelp.relatedLinks.navigationLink | Where-Object {$_.linkText -match "Online Version"}).uri) `
            -replace "EN-US/",""

        $onlineHelpURI = $onlineHelpURI.Trim();

        if ($onlineHelpURI -eq "")
        {
            $hyperLink = "Not available";
        }
        else
        {
            $hyperLinkName = $cmdlet.Name

            # these are magic keywords that the ReportHTML module uses to create hyuperlinks – use the Get-HTMLReportHelp cmdlet for more info
            [string] $hyperLink = "URL01NEW{0}URL02{1}URL03" -f $onlineHelpURI, $hyperLinkName
        }

        $object = New-Object –Type PSObject
        $object | Add-Member –Type NoteProperty –Name CmdletName -Value $cmdlet.Name
        $object | Add-Member –Type NoteProperty –Name Synopsis -Value $synopsis
        $object | Add-Member –Type NoteProperty –Name "TechNet Documentation Link" -Value $hyperLink

        $global:objectCollection += $object
    }

    # clean up remote powershell sessions and resources

    if ($implicit_PS -ne $null)
        { $implicit_PS = $null }

    if ($sfBOSession -ne $null)
        { Remove-PSSession $SFBOSession }
   
    Write-Output "Finished retrieving online cmdlets"

}

Function ProduceHTMLReport
{
    # requires the ReportHTML module (https://www.powershellgallery.com/packages/ReportHTML)
    Import-Module ReportHTML

    $htmlReportPath = $env:UserProfile + "\Documents"
    $htmlReportFile = $htmlReportPath + "\SfBO_Cmdlets.html"

    # $nc = $global:objectCollection | select CmdletName, Synopsis, "TechNet Documentation Link"

    $nc = $global:objectCollection

    $rpt = @()
    $rpt += Get-HtmlOpenPage -TitleText  ("Skype for Business Online Cmdlets") -LeftLogoName Blank -RightLogoName Blank

    $rpt += Get-HtmlContentOpen -HeaderText "Cmdlets"
    $rpt += Get-HtmlContentTable $nc
    $rpt += Get-HtmlContentClose
    $rpt += Get-HtmlClosePage

    Write-Output "Producing HTML report here: $htmlReportFile"

    $rpt > $htmlReportFile

    # display html report
    Invoke-Item $htmlReportFile
    Sleep 1
}

Function ProduceCSVReport
{
    $csvReportPath = $env:UserProfile + "\Documents"
    $csvReportFile = $csvReportPath + "\SfBO_Cmdlets.csv"

    Write-Output "Producing csv report here: $csvReportFile"

    $global:objectCollection | Export-Csv -Path $csvReportFile -NoTypeInformation -Encoding UTF8
}

Write-Output "Script is Starting"
Write-Output "Produce HTML Report? $produceHTMLReport"
Write-Output "Produce CSV Report? $produceCSVReport"

# retrieve the cmdlet listing
GetSfBOCmdlets

if ($produceHTMLReport)
    { ProduceHTMLReport }

if ($produceCSVReport)
    { ProduceCSVReport }

Write-Output "Script complete"

 

References and More Information

The Microsoft Skype for Business Online (SfBO) PowerShell Module

The ReportHTML PowerShell Module in the PowerShell Gallery – by Matthew Quickenden

Pat Richards All Skype for Business 2015 Cmdlets and the Default RBAC Roles That Can Use Them

Getting the Distribution of Skype for Business Online Registrar Pools used in an Office 365 Tenant

Much like Skype for Business on-premises users, each Skype for Business Online (SfBO) user has a home pool. This home pool consists of multiple SfB servers running in Office 365 data centers. On sign-in, the each SfBO user establishes a Skype for Business session with one of the SfB servers in that home pool.  It is also the users’ home pool for any conferences they host (organize), which determines where the media (audio, video, screen sharing) is broadcast from. These servers reside in different Office 365 data centers, and knowing which online SfB registrar pools are being used, and by which users, can help troubleshoot sign-in issues, configure firewalls, and understand underlying conferencing performance.

Below is the PowerShell to get a distribution of which online SfBO registrar’s pools are in use for your tenant, and which are used by specific users.

The PowerShell leverages the Skype for Business Online PowerShell module.  It uses the Get-CsOnlineUser cmdlet to retrieve the home registrar pool for each user, and does a simple grouping to figure out how many users are hosted on that online registrar.

#  Retrieves the Skype for Business Online Registrar Pool Distribution

Import-Module -Name SkypeOnlineConnector
$Credential = Get-Credential
$SFBOSession = New-CSOnlineSession -credential $Credential # -OverrideAdminDomain
# http://www.ucblog.co.uk/?p=25

# supress the output of importing the PS Session (not needed; save in case we do need it)
$output = Import-PSSession $SFBOSession -AllowClobber

$fullUserListing = Get-CsOnlineUser

$registrarPoolDist = @($fullUserListing | Where-Object {$_.RegistrarPool -ne $null} `
    | select RegistrarPool, SipAddress | Group-Object RegistrarPool)

foreach ($regPool in $registrarPoolDist)
{
    Write-Output ($regPool.Name + " is hosting " + $regPool.Count + " Skype for Business Online Users.")
   
    foreach ($user in @($regPool.Group))
    {
        Write-Output ("`t`t User: " + $user.SipAddress)

    }
    Write-Output "`n"
        
}

# clean up
if ($SFBOSession -ne $null)
{
    Remove-PSSession $SFBOSession
}

Here is the sample output from a small North American E3 tenant with 8 SfBO users:

image

We can see the distribution of the number of users hosted in each online registrar pool, and which users are hosted on them.

The script is published and updated on the TechNet Gallery here: https://gallery.technet.microsoft.com/Getting-the-Distribution-a951d362.

Behind the Scenes look at the Skype for Business Online PowerShell Module

As Skype for Business Online (SfBO) adoption on Office 365 continues to grow, more organizations are turning to PowerShell to manage the SfBO tenant and users.

The Skype for Business PowerShell Module used to the connect to the tenant is interesting.  Knowing a little but about how this module works behind the scene’s can go a long way to understanding any issues that come up.

There are 3 things you need to do to connect to your Skype for Business Online tenant with PowerShell using the SfBO PowerShell Module:

Action PowerShell to Accomplish It Notes
Import the SkypeOnlineConnector Import-Module -Name SkypeOnlineConnector  
Establish a New Remote SfBO PowerShell Session $SFBOSession = New-CSOnlineSession -credential $Credential  $Credential holds the SfBO admin credentials to the tenant
Import the remote session into your local PowerShell session Import-PSSession $SFBOSession –AllowClobber The –AllowClobber parameter will allow us to redefine any existing cmdlet’s with the same name in our local PowerShell session.

This blog entry details what each of these 3 steps are doing behind the scene’s.

 

Import the SkypeOnlineConnector

This Import-Module cmdlet makes the SkypeOnlineConnector module available in the local PowerShell session (e.g. in the console or ISE).

The module is usually installed locally here:

C:\Program Files\Common Files\Skype for Business Online\Modules\SkypeOnlineConnector

The interesting thing is this, unlike many other Microsoft modules, it is script module – meaning the whole module is defined in a PowerShell script that you can read for yourself.  It is located in this PowerShell file:

SkypeOnlineConnectorStartup.psm1

When we open this script, we see the following 2 PowerShell function definitions which define the cmdlet’s which allow us to establish the remote PowerShell session, and import the cmdlet’s:

  1. New-CsOnlineSession
  2. Set-WinRMNetworkDelayMS

 

Establish a New Remote SfBO PowerShell Session

Next, let’s look at what these two cmdlet’s do exactly:

$Credential = Get-Credential

$SFBOSession = New-CSOnlineSession -credential $Credential

As we noted above, the New-CsOnlineSession is a function defined in the PowerShell module. The function description inside the script describes perfectly what it does:

Creates a remote session to Microsoft Lync Online DataCenter. In this session, tenant administrator can run Lync cmdlets to manage users, policies and configurations.

 

If this completes successfully, the variable $SFBOSession now holds a remote Powershell session to the SfBO tenant. Looking at the properties of this online session reveals the online server the remote session is established with:

$SFBOSession | select *

.

.

ComputerName           : admin0b.online.lync.com

 

NOTE: for SfB Hybrid Deployments

In SfB deployments that are hybrid, the DNS records used by remote PowerShell generally point on-premises, so you need to specify an –Override parameter to override the DNS name with the intial domain name of the Office 365 tenant (e.g. <domain>.onmicrosoft.com).

This issue is documented well here:  http://www.ucblog.co.uk/?p=25

 

Import the Remote Session into your Local PowerShell Session

Finally the Import-PSSession cmdlet will import the cmdlets, functions, aliases in the remote PowerShell session into the current local sessions so that we can work use them.

image

You’ll notice that this Import-PSSession cmdlet returns a temporary PowerShell module. This module holds the cmdlet’s that were imported from the remote session (it actually does not hold the cmdlet’s themselves but rather proxy definitions).

There are 2 important things to realize here:

1. The Skype for Business Online cmdlet’s are not defined in the Skype for Business Online PowerShell module. This means that the cmdlet’s made available could vary by tenant, and be changed by Microsoft without releasing a new PowerShell module (to install locally). The takeaway for IT organizations is that changes can (and do happen). It doesn’t happen often, and changes are usually well advertised in advance and are usually cmdlet additions; but there have been (and will be) changes to the online cmdlet’s. 

This temporary PowerShell module get be seen with the Get-Module cmdlet, and like the SfBO PowerShell Module itself is a script module, so we can see all the definitions of the cmdlets it makes available.  It is available in the C:\Users\<user>\AppData\Local\Temp\ directory.

2. All the online cmdlet definitions reside in this module.  You can see them by using the Get-Command cmdlet as follows:

Get-Command –Module “tmp_chdu42yi.nev”| Sort-Object Name

As of March 2017, there are about 178 cmdlet’s in an Office 365 E3 SfBO tenant with no Add-On plans.

 

More Information

Skype for Business Online, Windows PowerShell Module

Using Windows PowerShell to manage Skype for Business Online

UNABLE TO CONNECT TO SKYPE FOR BUSINESS ONLINE REMOTE POWERSHELL IN A HYBRID ENVIRONMENT

Diagnosing and resolving connection problems with Skype for Business Online

5 Tips to Improve Skype for Business Wi-Fi Performance

This article offers 5 tips to increase overall performance for Skype for Business (Sfb) over Wi-Fi at home or a Public Hotspot. These tips were created from my own experiences at home and using Wi-Fi in different circumstances. 

Delivering a good SfB Wi-Fi experience in the enterprise is a much larger topic with more infrastructure and configuration options and recommendations. A good start here is Microsoft’s Guide “Ensuring an Enterprise Class Wireless Skype for Business Experience” which provides end to end planning, best practices, and proactive maintenance and operations to deliver enterprise grade Wireless Skype for Business service.

Here are the 5 tips I will discuss:

  1. Make Sure the Gas Tank Isn’t Empty
  2. Use a Dedicated 5 GHz Wireless Band if Possible
  3. Try a Different Wi-Fi Channel
  4. Consider Implementing Quality of Service (QoS)
  5. Still Having Issues … Ditch the Wi-Fi

 

Tip 1 – Make Sure the Gas Tank Isn’t Empty

Diagnosing and resolving Wi-Fi issues can be really challenging.  Ensuring these basic pre-requisites are met will greatly increase the chances of success:

  1. Keep Skype for Business Clients Up To Date.  This sounds like advice your mother would give you, but it really can help – especially with the SfB mobile clients. Update an Windows desktop clients in use to the latest-and-greatest via Windows Update.
  2. Ensure there is Adequate Network Connectivity from the Wireless Access Point (WAP) / Router to the Internet!  I’ve lost track on the number of times I was trying to diagnose a Wi-Fi issue, and it the real problem was a temporarily internet outage on the Internet Service Provider (ISP). The Windows Network Troubleshooting tool will usually identity whether it is a problem with the Internet connection, or to be sure, test connectivity from a wired device (pointing your browser to http://fast.com is an easy and convenient method to test the connectivity and download speed).
  3. Ensure you have Adequate Bandwidth. Support for real-time communications that use real-time media such as audio, video, conferencing require, above all, a consistent and reliable network stream to work well. Bandwidth is not the same as ‘stability’ (i.e. low latency and jitter), but when bandwidth is congested, network reliability will suffer.  The more bandwidth, the better. One often overlooked bandwidth requirement is upload (or uplink) bandwidth. It is often overlooked because many ISP’s offer a fraction of upload speed compared to download speed. Microsoft’s recommends a consistent 1.5 Mbps of consistent uplink bandwidth to support real time communications. In my experience, I can have good quality audio, video, & conferencing Skype sessions with as little as 800 Kbps but your mileage may vary.
  4. Use a Good Quality Network Interface Card (NIC) and Wi-Fi Router.
    • Most Wireless NIC’s shipped with desktops and laptops in the last 3-4 years have an adequate NIC. However performance and stability differ between.
      • If Wi-Fi issues occur on multiple Wi-Fi networks (e.g. your neighbourhood coffee shop, work, and your friends Wi-Fi network), take a look at your NIC, and make sure it has the latest drivers installed.
      • Performance – newer cards supporting the 802.11n with multiple antenna support typically offer the best performance (Intel has a good article here explaining this Multiple-Input Multiple-Output technology).
    • For your Wireless Access Point (WAP) / Router, I highly recommend newer models that support dual-band (2.4 GHz and 5 GHz).  They are engineered to support many devices connected at once.  If you add up all the Wi-Fi enabled devices in your home, you will likely be very surprised at just home many there are.  Using a router which supports the new 802.11n and 802.11ac standards will generally give much more network throughput than the older 802.11a and 802.11g.
  5. Consider Bluetooth Device Interference.  In theory Bluetooth devices can interfere with Wi-Fi communications. I have a wireless mouse and keyboard and have not really noticed a difference, but this is something to consider if you have many Bluetooth devices.

 

Tip 2 – Use a Dedicated 5 GHz Wireless Band if Possible

Many routers are multi-purpose devices (acting as wireless access points (WAP) for a variety of devices, DHCP servers, and firewalls).  Worse, as a WAP, most run with one ‘network’ (SSID) that all devices (smart phones, tablets, TV’s, etc..) connect to. In this scenario, the real-time voice and video traffic Skype for Business uses is competing with, and prioritized the same as, the Netflix cartoon your children are watching and the firmware your Smart TV is doing … among other things.

If the router supports ‘dual band’, that means it can support essentially two separate wireless networks simultaneously on different Radio Frequency (RF) bands.  The two bands are 2.4 GHz and 5 GHz.

To help real-time applications perform well, it can make a big difference to dedicate one wireless network (SSID) to devices running real-time applications and move all the other devices to the other 2.4 GHz wireless band.

The 5 GHz band is preferred because it offers less interference with other consumer products such as cordless phones. The trade-off is the 5 GHz band usually has less range than the 2.4 GHz range. Your range however will depend greatly on the location of the router and the device connecting to it. Having a clear-line-of-site from the client to the WAP will increase the range.

What about wireless range extenders?

Many people consider adding a wireless range extender – especially if their work area typically does not have clear-line-of-sight to the WAP. Generally this will not help for real-time media because these extenders increase network latency and jitter. I have had good results with an extender that plug’s into a power wall socket and uses Ethernet over Power to get to the WAP / Router. Bottom line though, you are probably relocating your router, or investing in a better one with better antenna range.

What about adding a second dedicate router?

This might seem like overkill, but it seemed like a good idea to me!  With a growing number of Wi-Fi enabled devices in my house, I added a newer second Wi-Fi router capable of better handling simultaneous connections and the latest 802.11 standards to combat my intermittent poor voice performance and dropped connections – mostly on my laptop running Windows 10 and the Windows version of Skype for Business.  The result?  It did not help, and the performance actually got worse!

This is when I started to learn about 802.11 channel congestion… which is the perfect segue into the next Tip.

 

Tip 3 – Try a Different Wi-Fi Channel

After my unexpected two router results, I had learned about the “802.11 Channel 6 Congestion” issue, and made some simple changes that helped my Wi-Fi experience.

802.11 Router Basics

As perviously discussed many home routers operate on one or two bands or frequencies – 2.4 GHz and 5 GHz. Each band is further segmented into channels – 11 narrow radio frequency channels.  When devices communicate with the router, they use whatever channel is set on the router.  If many devices (a close neighbours WiFI devices, cordless phones, etc…) use the same channel, this will likely result in congestion in that frequency – and that means trouble for your WiFi.

Wi-Fi devices bought in North America ship with a default of Channel 6 – increasing the likelihood of congestion unless you change it.

802.11 signals are designed to partially overlap – the spectrum of one channel will overlap a bit with another channel, but the further away your channel is from what is being used around you, the better throughput and performance you will have.

If you are on channel 6, one simple change is to try channel 1 or 11 – these are far away from the de-facto channel 6 specturm. However many people have started to use 1 and 11, and some devices by default use this, so you should try a couple of different ones. The change is easy to make on your router (consult your router documentation).

Another approach which is more involved is to scan the wireless environment around you using a third-party or open source application. This will show you exactly how congested each of the channels are.

I settled on using channel 8 on a dedicated 5 GHz band and had much improved performance.

Some WAPs / routers support automatic channel selection (ACS) which will in-theory auto-select a new channel when it detects RF interference. In my experience, enabling ACS has not made a difference, and I question the impact on real-time media sessions while my router attempts to switch channels.  I prefer a dedicated static channel.

There are many third party Wi-Fi application (for Windows clients) which scan and analyze your Wi-Fi networks to show which channels are in use, and the interference levels. I’ll be updating this blog entry with some of them shortly.

 

Tip 4 – Consider Implementing Custom QoS

In a nutshell, Quality of Service (QoS), is a network tagging methods which allows certain types of traffic to me tagged and treated as priority on the network. In practice, real-time media requirements for more important applications (such as voice and video application like SfB) can be tagged a higher priority over entertainment applications such as NetFlix.

Implementing QoS on a home router is likely beyond the expertise of many users, but highly recommended for those who use Skype for Business a lot from home (e.g. home workers).  It will make your life better!  Watch for a future blog article on how to do this.

 

Tip 5 – Still Having Issues … Ditch the Wi-Fi

Getting to the root cause of Wi-Fi issues can be frustrating and time-consuming. If you are still experiencing issues, and rely on good consistent networking for your daily activities, another option is to ditch the Wi-Fi at home all-together!  This might seem inconvenient and sliding down the evolutionary technology chain, but new wired options such as Ethernet over Power adapters make it very easy to add wired capabilities to almost anywhere in your home. I’ve had very good experiences with NETGEAR Powerline products.

 

Got a Wi-Fi tip for Skype (or any voice and video application) you want to share?  Please do!

 

Resources & More Information

Easily check your Download Speed in any Browser with Fast.com (Powered By NetFlix)

Microsoft TechNet – Ensuring an Enterprise Class Wireless Skype for Business Experience

Microsoft TechNet – Planning for Optimal Skype for Business Experience over Wi-Fi

Microsoft Download – Delivering Lync 2013 Real-Time Communications over Wi-Fi

Microsoft TechNet – Plan network requirements for Skype for Business 2015

5 Tips & Reminders for End Users During a SIP Address Change

SIP address changes inside organizations are usually challenging – for the IT team making the change and the end users experiencing the change. For those unfamiliar with the SIP address change, it involves a change to either:

  1. The format of the left-hand side (e.g. user-id@domain.com changing to firstname.lastname@domain.com)
  2. The domain name on the right-hand side of the @ sign (e.g. user@domain.com changes to user@new_domain.com)

This blog entry contains key reminders to end users going through the SIP address change process.

The impact to end users will depend somewhat on the Lync or Skype for Business (SfB) deployment and the clients used.

In most environments however, end users need to take the following 5 actions to re-establish their Lync and SfB services:

  1. Change the sign-in address on all SfB clients; don’t forget any clients running on mobile and tablets. Sign-out, change the SIP address, and sign-in again. Older Lync clients will sign the user out after their SIP address is changed on the backend.
  2. Any scheduled Skype for Business meetings (e.g. scheduled through the Outlook “Skype for Business Online Meeting” option) need to be canceled and recreated.
  3. When searching the address book for the first 24 hours post SIP change, enter the contacts full new SIP address.
  4. Change the SIP sign-in address at the same time as the email address (if it’s changing at the same time). This will minimize problems with the SfB feature integration with Exchange such as free/busy integration.
  5. Notify external contacts of the new SIP address.  An external contact is any contact that either federated (in another Lync/SfB organization) or a Public IM contact (e.g. user@outlook.com).  This is by far one of the highest impact items for the end users since it can render communication with external contacts. Basically the user has two options in my experience:
    • Notify external contacts that their SIP address has changed, and that they need to add it as a new contact in their address books.
    • Re-add the external contacts after the SIP change. Re-adding the external contact generates a request to the external contact to have them add the user (and the new SIP address) to their contact list. If there are a lot of external contacts, fellow Office Servers and Services MVP Michael LaMontagne has developed a nifty PowerShell script that uses the Lync SDK to run on the Lync or SfB client that can export and import contacts. An advanced user, or IT administrator, can use this script to export the contacts, delete the external contacts in the client, and then re-import them after the SIP change.

Lastly, if weird issues arise on older Lync clients (e.g. Lync 2010/2013) and/or older client operating systems such as Windows 7, try rebooting the computer is a good first step.

More Information

Anatomy of a SIP Domain Change

Anatomy of a SIP Address Change – Part #2

Effects of Changing a User’s SIP Address in Lync Server 2013

Modify the SIP Address of an Enabled Lync Server User

Invoke-SFBContacts on the TechNet Gallery

Introducing Microsoft Teams

This blog post isn’t specifically about Skype for Business but rather a newly released Microsoft Office 365 Team Collaboration application that has many similar Skype for Business collaboration features, and integrates with Skype for Business Online.

What is Microsoft Teams?

A new Office 365 Team Collaboration Experience (e.g. new Office 365 application) based on chat-based workspaces that brings together people, conversations, content, and tools that teams commonly use to get their work done.

It is built on-top of Office 365 (O365 groups are the pillar) and has built-in integration with:

  • The Microsoft Office Suite (i.e. Word, Excel, etc..) for content creation/sharing/viewing/editing
  • OneNote for content collaboration and storing content
  • Skype/Skype for Business Online integration for instant messaging
  • PowerBI for data visualizations / dashboards
  • SharePoint Online for file-based collaboration
  • Yammer for activity
  • 3rd party collaboration systems including Twitter, GitHub, and popular internet intelligence BOTS 
    • 85 BOTS
    • 70 different connectors to other systems (seamless integration with Zendesk was demo’ed)
  • Delve and the Office 365 Graph for contextual and data relevancy & Intelligence
  • Microsoft Planner for task management

Microsoft Teams is integrated and powered with Azure AD identities which is great from a security and single-sign-on perspective.

It will be available in all O365 Business and Enterprise subscriptions (likely an add-on I assume).  Currently it is free with an Office 365 Business or Enterprise subscription (not Family or Consumer).


If you want to try it for yourself, it is available in as Preview in most existing Office 365 tenants. Sign into your Office 365 Administrator portal and navigate to Settings | Services & add-ins as shown here:



Tenant administrators can control what types of collaboration Microsoft Teams leverage in their tenant as shown here:

 

Once it is enabled, you can use it by either going to http://teams.microsoft.com, or by downloading the Team’s Desktop App (available at that URL).

Chat at the Core

Many successful collaboration tools such as Slack, have group chat at their core. Microsoft Teams are no different. It leverages chat capabilities to provide threaded, persistent, and private 1-on-1 chat capabilities.


A Team Hub which Brings Together Many Office 365 Services

As mentioned above, Microsoft Teams brings together several Office 365 collaboration services to provide teams with a customizable hub to collaborate.



You can see how easily Microsoft Teams brings together Conversations, Files, Notes, Task & Project Management and 3rd party integration (here Zendesk is being shown) in an easily accessible toolbar across the top.


The integration with OneNote should be a really powerful feature. It was demo’ed in the release webcast:


Here is what the new Conversations view looks like. Question – what other popular collaboration software uses the "channel" concept? :-)


When will it be Released?

It is available today as customer preview in 181 countries and 18 languages. GA will be in Q1 of 2017.

 

What is the Integration Story with Skype for Business?

When Microsoft Teams was first announced, I assumed all of the chat features was leveraging SfB Online under the covers. This appears to not be the case and it is using a different technology stack for both the chat and real-time communication features.  More on this later.

Currently a Microsoft Teams user can instant message a SfB Online user and see their Presence (although this currently seems unstable).

References

Introducing Microsoft Teams—the chat-based workspace in Office 365

Microsoft Office Dev Center – Developer Preview for Microsoft Team

TEAMS + SKYPE FOR BUSINESS – Excellent write-up on the SfB integration by Richard Brynteson

Microsoft just brought back the Bill Gates era with its new plan to take down Slack – great article on Gates involvement in Microsoft Teams

DNS Records in a Skype for Business Hybrid Deployment

The DNS records for a Skype for Business (SfB) on-premises deployment can be somewhat complex, but are well documented (see Microsoft TechNet – DNS requirements for Skype for Business).  While working on a recent hybrid Skype for Business (SfB) deployment, I realized there is a lot of confusion. This was a classic hybrid deployment – some SfB servers and users on-premises, and some in SfB Online sharing one DNS namespace. This article aims to clear up some of this confusion.

The unique question that comes up in hybrid is where should I point my DNS records for clients to logon?  On-premises or online?

The general golden rule in a SfB hybrid environment is:

All Skype for Business external DNS records should point to the on-premises infrastructure.

This is a bit hidden but documented here in this TechNet article Plan hybrid connectivity between Skype for Business Server and Skype for Business Online.

A source of this confusion usually happens when client logins do not work for Skype for Business Online (SfBO) users in a hybrid deployment. Several Microsoft sources citing SfB Online client login issues and that DNS records should point to Office 365:

NOTE – both of these resources are meant for pure Skype for Business Online deployments in Office 365, NOT for hybrid.

For hybrid deployment the client autodiscover login DNS records should point to the on-premises deployment.  The TechNet documentation is quite clear on this requirement “In a hybrid deployment that has an on-premises Lync Server deployment and Skype for Business Online, the DNS records for Lync Autodiscover must be pointed to the on-premises Lync server”.

When a Skype for Business Online user attempts to sign-in, the on-premises SfB server will go through a process of being redirected multiple times until they reach their final home server in the Skype for Business Online topology. This process is well documented in the bottom half of this Microsoft Support article: Users can’t sign in to Skype for Business Online in a hybrid deployment of Lync Server 2013.

For hybrid deployment, here is a convenient summary of the external DNS records and where they should point to on-premises:

(Note: this example uses the domain contoso.com)

DNS RECORD RECORD TYPE WHERE IT SHOULD RESOLVE TO PORT
sip.contoso.com A Public IP of Access Edge n/a
_sip._tls.contoso.com SRV External on-premises Access Edge Interface (sip.contoso.com) 443
_sipfederationtls._tcp.contoso.com SRV External on-premises Access Edge Interface (sip.contoso.com) 5061
webcon.contoso.com A Public IP of Access Edge n/a
av.contoso.com A Public IP of Access Edge n/a

But What about the CNAME records I read about Required for Office 365 Users?

Again, this is part of the confusion as this only applies to pure SfB online deployments.  In this case, you will want the following two DNS records, but NOT FOR HYBRID:

> A DNS CNAME record for sip.contoso.com which points to sipdir.online.lync.com

> A DNS CNAME record for lyncdiscover.contoso.com which points to webdir.online.lync.com

If you add these external DNS records, external client login will break for the SfB on-premises users.  They will receive this error:

      image

For the internal DNS records, these are the same as the internal DNS records for a non-hybrid on-premises Skype for Business Deployment (which you can find here) so I won’t repeat them, but I will point out one exception:

> An DNS A record for sfedge.contoso.com which resolves to the IP address of the internal interface of Edge server

DNS and Using PowerShell with the Skype for Business Module in a Hybrid Environment

Now, to further confuse things, the Skype for Business Online PowerShell module relies on the DNS CNAME record for pure online deployments to connect with PowerShell. This record:

A DNS CNAME record for lyncdiscover.contoso.com which points to webdir.online.lync.com

Because this record is not used in a SfB / Lync hybrid deployment, the Remote PowerShell connection will fail.

This is well documented with the work around, here:

Lync administrators can’t connect to Skype for Business Online Remote PowerShell in a Lync hybrid environment

The work around is to use an OverrideDomain property on with the default domain for your Office 365 tenant (i.e. the *.onmicrosoft.com domain that was included with the tenant subscription).

This is also documented here: http://www.ucblog.co.uk/?p=25

Five Productivity Tips to get the most from Skype for Business

As a daily user of Skype for Business and someone who specializes in it, I often see other users struggle with some relatively common usage scenario’s in the client. This blog entry describes 5 productivity tips that will increase the productivity of Skype for Business users in specific situations.

1) Easily Start a Group Conversation from an Outlook Meeting

I frequently see the need for this and it is a real productivity booster. Many times users are participating in a meeting from their Outlook calendar which does not have a corresponding Skype for Business (SfB) meeting or conference.  Typically these meetings have a mix of internal and external participants with an external audio bridge, or other non-SfB conferencing solution.

Inevitably the needs arises during the meeting to collaborate – a group IM chat, a desktop share, or sharing a PowerPoint presentation.

A very effective way to instantly start collaborating with all meeting participants in Skype for Business is to:

  1. Open the Outlook Meeting
  2. Go to the Meeting tab
  3. If you are the meeting Organizer –select the Contact Attendees option (click on the icon), and select Reply All with an IM
  4. If you are a meeting Participant – select the Respond option (click on the icon), and select Reply All with an IM

This seldom used option instantly starts a Skype for Business group conversation with all Outlook meeting participants. All the people on the call can now chat, add audio, share their Desktop, or share a PowerPoint presentation. If an external participant (outside of the company hosting the SfB conference) does not have Skype for Business, you might have to send them the URL for the meeting and they can join via a web browser.

The screen shots which illustrate this capability are here:

If you are a Meeting Organizer

image

If you are a Meeting Participant

image 

2) Transfer a Call from a Mobile Client to your Desktop

Many times users want to know how to keep a call going when they are participating in a Skype for Business session on their mobile client (i.e. using the SfB client on an Windows Mobile / iPhone / Android device) after they have reached their desk.

In these scenarios the call can be transferred from the SfB Mobile client to the SfB Desktop client by doing the following:

  • While in a call on the SfB mobile client, select the “…” circle icon to bring up additional options
  • Select yourself in the SfB client mobile address book
  • Select “Transfer Call” and then “Skype for Business call
  • The call should now ring the SfB Desktop client where it can be answered and the mobile session can be disconnected

An example of the call transfer process is shown here:

Blog Entry Call Transfer

3) Change Devices During a Call

Having multiple audio and video devices is becoming the norm for most users.  Many times users will join into a SfB web conference with audio and video, and the client is using an different audio device then the one they want (e.g. a speakerphone instead of a USB headset).

Most users know of the “Select your Primary Device” shortcut setting in the bottom left-hand corner of the SfB client, but users often forget that this device selection feature can be used mid-call. So if you join a SfB session with a device you do not want to use, it can be changed on the fly. The client device shortcut is shown here:

image 

Note: when an incoming call is ringing the SfB client, the device cannot be changed; it must first be answered.

During a SfB voice call, the dial-pad contains an obvious Devices icon which allows users to easily switch devices as shown here:

image

4) Use Shortcut Keys for Common Tasks

Like most Microsoft client software solutions, the Skype for Business (SfB) client has several well document keyboard shortcuts. One of the best references is available here:

Keyboard shortcuts for Skype for Business
https://support.office.com/en-us/article/Keyboard-shortcuts-for-Skype-for-Business-74eda765-5631-4fc1-8aad-cc870115347a#__toc327975864

Keyboard shortcuts are most useful for frequently used actions, or features that require multiple clicks. Here is a list of my useful favourites that not many users know of:

Windows logo key+F4

Mute Yourself (On/Off).  Useful for quickly toggling your mute setting during a call.

Alt+Enter

With a Contact selected, use Alt+Enter to open the contact card.

Alt+M

Quickly start a new ad-hoc Meeting (i.e. “Meet Now”)

Ctrl+Shift+O

Pop-out the Gallery / Pop-in the Gallery during a web conference.

 

5) Use the Address Book instead of the Contact List

This is possibly the simplest tip, but one that alludes even experienced users of the Lync & SfB clients.

Users, including myself, get into a habit of adding people that you communicate with even when these are contacts not commonly used.

Few users are disciplined enough to categorize their contacts into Skype for Business Groups that meet their work habits, so the contact list ends up diluted with a lot of contacts – many of which are rarely used.  This is a typically a productivity drain because whether users realize it or not, they spend extra time sifting through their huge contact list trying to locate the people they communicate with most frequently.

A simple way to solve this is to make ample use of the built-in SfB Address Book, and save the Contact List only for contacts that you frequently communicate with (or need to know the Presence Status of).

This takes some getting used to – but after doing it for awhile the benefits of simply typing a name into the Address Book search bar will make you more productive.