Showing posts with label Skype for Business Online. Show all posts
Showing posts with label Skype for Business Online. Show all posts

Tuesday, 16 April 2019

I have AADConnect Directory Synchronisation and users do not provision for Skype for Business Online


Just a quick one this morning. I recently I had an issue where a customer did not have users being provisioned for Skype for Business Online. The customer had remnants of a legacy Lync 2013 on-premises deployment and they were using AADConnect for directory synchronisation.

Digging in the tenant I could see that even with the Skype for Business Online license enabled, even after waiting several hours if I used Get-CsOnlineUser in the Skype for Business Online Management Shell, no users were there.

This led me to my good friend Jaap Wesselius Blog Post here - Aha, a possible eureka moment! This must be the issue. Unfortunately it wasn't, however it was this attribute that ultimately resolved the issue and led me to the resolution.

It appears since Jaap's post further logic and evolution has occured in the service, and these previous on-premises Lync enabled users could not be enabled for Skype for Business Online anymore using the above solution.

What I had to do was actually set the msRTCSIP-DeploymentLocator attribute to 'sipfed.online.lync.com' - once this was done the user would provision. Interesting as no previous Lync Hybrid deployment was in-place or had been attempted. It appears to be logic in the service for users that were previously enabled for Lync or Skype for Business on-premises.

Anyhow to cut a long story short, I wrote a little script to do this. I utilised a CSV file to import my users, as I didn't want to perform this operation across all user objects in the Active Directory. Similarly if you are planning to perform a cutover from on-premises Lync or Skype for Business rather than a Hybrid deployment and migration - again this will come in handy before you deprovision the users in the on-premises service. Just make sure you export the list of users via Get-CsUser first. Of course if you do plan on wanting to write across all user objects then substitute the first line "$users =" with Get-AdUser or similar rather than Import-CSV.

It's fairly self explanatory - And remember, even if you don't plan on using Skype for Business - be aware that Microsoft Teams still has some reliance on the service for services such as voice. So you will want to ensure there's no issues to provide your tenant and users a smooth Teams experience.

$users = Import-CSV -Path C:\yourfilehere.CSV
ForEach ($user in $users){
$u = $User.samaccountname -replace '"',''
Set-ADuser -Identity $u -Replace @{'msRTCSIP-DeploymentLocator' =  "sipfed.online.lync.com"}}


@OliverMoazzezi



Posted by at No comments:
Labels: , , , ,

Thursday, 2 February 2017

Skype for Business: "There was a problem acquiring a personal certificate required to sign in"


Hello all,

 Just another quick one today. I was faced with this error this morning when arriving at my desk and thought I would share the resolution.


Multiple sign in attempts failed, even after restarting the client. After coming across this kb article https://support.microsoft.com/en-us/help/2604176/you-can-t-sign-in-to-skype-for-business-online-because-the-certificate-can-t-be-acquired-or-validated I simply selected 'Delete my sign-in info'.



I was then able to sign in succesfully.


It appears there was cached user sign in credential corruption or possibly an issue or corruption with the certificate - deleting the sign in information resolved the issue.


Take care,

 Oliver Moazzezi – Office Servers and Services MVP
Twitter: @Olivermoazzezi
Posted by at No comments:
Labels: , ,

Office 365 geo phone number tenant: Your request can't be completed right now. Please try again later.


If you have an Office 365 tenant with Skype for Business with Cloud PBX and PSTN calling you may find that you will be in a scenario where a user gets the following error message:






So what could the problem be is the user is licensed correctly, there's a number to assign to the user and you have a validated emergency location for the required locale?


Well is turns out there are three pieces to this puzzle: You need a validated address for the location, a phone number to assign to the user in the location, and further, the users license location must also match.


So this means the following information must all be aligned:

 User license location/locale



Validated emergency location



- and of course a phone number in the correct location. You will find that if you have to change your users license location you may have to wait up to 24 hours before it will work and you won't get the dreaded "Your request can't be completed right now. Please try again later." message.

 I have of course asked for a better error message to be displayed, and if you are sure all three of these settings match and it is still not working - raise a case to your advisor or Microsoft support, as you may find the change has not replicated out of Azure Active Directory and into the Skype for Business Forest your Skype tenant resides in. This issue actually affected a tenant I was working with and required Microsoft interaction to resolve the replication issue.
Have a great week!

 Oliver Moazzezi – Office Servers and Services MVP
Twitter: @Olivermoazzezi






Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)