Lync 2013 Admin Guide-En-4all
Transcript of Lync 2013 Admin Guide-En-4all
-
7/28/2019 Lync 2013 Admin Guide-En-4all
1/59
1
Pleasant work
Hareli Dudaei
Microsoft Architect
-
7/28/2019 Lync 2013 Admin Guide-En-4all
2/59
2
Table of Contents
Preliminary knowledge: ........................................................................................................................ 3
Connection ........................................................................................................................................... 3
Lync topology Builder ........................................................................................................................... 4
The control panel ................................................................................................................................. 7
users .................................................................................................................................................... 8
Enable or Disable Users for Lync Server 2013 ..................................................................................... 12
Managing Computers in Your Topology............................................................................................... 13
Federation and External Access .......................................................................................................... 17
Enable or Disable External User Access for Your Organization ............................................................. 17
Enable or Disable Federation for Your Organization ............................................................................ 19
CALL ADMISSION CONTROL ............................................................................................................... 22
Enabling Media Bypass ....................................................................................................................... 23
Configuring Location Policy ................................................................................................................. 24
Configuring Bandwidth Policy Profile ................................................................................................... 28
Get-CsMediaConfiguration .................................................................................................................. 29
New-CsMediaConfiguration ................................................................................................................. 32
Set-CsMediaConfiguration ................................................................................................................... 37
Remove-CsMediaConfiguration ........................................................................................................... 41
Register RMX to Lync 2013 ................................................................................................................. 44
Configure RMX FQDN in the DNS: ....................................................................................................... 44
Configure RMX static route and trusted application - Power Shell: ...................................................... 46
Create RMX Certificate: ...................................................................................................................... 47
Setting the RMX for the Lync 2013: .................................................................................................... 50
Import RMX Certificate to the RMX ..................................................................................................... 54
Using Centralized Logging Service in Lync Server 2013 ....................................................................... 58
-
7/28/2019 Lync 2013 Admin Guide-En-4all
3/59
3
PRELIMINARY KNOWLEDGE:
Active directory
CONNECTION
We run mstsc (open the RDP)and remote the server.
Enter the IP address and after first connection enter user and password under the right Domain.
Welcome to Lync server (Front End)
As you can see we run the application server on Windows 2008R2 sp1.
Get to start->programs-> Microsoft Lync server 2013
What we have:
Control panel (run under https,https://admin.(domain.com)/cscp) must install silver light.
https://admin.%28domain.com%29/cscp)https://admin.%28domain.com%29/cscp)https://admin.%28domain.com%29/cscp)https://admin.%28domain.com%29/cscp) -
7/28/2019 Lync 2013 Admin Guide-En-4all
4/59
4
The Control panel is a GUI interface that gives you almost everything that you need for Dailey
maintenance.
Lync server management shell - is Lync power shell.
Lync server Topology Builder is Lync topology manager.
LYNC TOPOLOGY BUILDER
We will start with the topology Builder
The Topology Builder ->allocation servers to resources and publish to Lync DB.
When we open the TB he will ask us to download the topology from the DB
After downloading, we will need to save the topology.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
5/59
5
-
7/28/2019 Lync 2013 Admin Guide-En-4all
6/59
6
What we see:
Enterprise Pool, the Servers under the Pool.
Mediation pool / servers.
Edge pool / servers.
Trusted application, (RMX etc')
SQL servers, File store, and the Office web application servers (WAC).
To understand the topology builder please see:
http://technet.microsoft.com/en-us/lync/gg430649
http://technet.microsoft.com/en-us/lync/gg430649http://technet.microsoft.com/en-us/lync/gg430649http://technet.microsoft.com/en-us/lync/gg430649 -
7/28/2019 Lync 2013 Admin Guide-En-4all
7/59
7
THE CONTROL PANEL
Open the control panel,
Enter user and password, (if you get error please contact the system admin)
-
7/28/2019 Lync 2013 Admin Guide-En-4all
8/59
8
USERS
Find users,
-
7/28/2019 Lync 2013 Admin Guide-En-4all
9/59
9
Enable users
Click on enable users
You will get the "new Lync server user"
Click on add
-
7/28/2019 Lync 2013 Admin Guide-En-4all
10/59
10
Find user or users
-
7/28/2019 Lync 2013 Admin Guide-En-4all
11/59
11
Assign users to a pool,
Use UPN for the sip address.
Telephone, is we want to give the user enterprise voice (Line)
And click enable
-
7/28/2019 Lync 2013 Admin Guide-En-4all
12/59
12
ENABLE OR DISABLE USERS FOR LYNC SERVER 20 13
After enabling a user account in Active Directory Users and Computers, you can use the following
procedures to enable a new user for Microsoft Lync Server 2013 or disable a previously enabled user
account in Lync Server 2013 without losing the Lync Server 2013 settings that you configured for the
user account. Because you do not lose the Lync Server 2013 user account settings, you can re-enable apreviously enabled user account again without having to reconfigure the user account.
To enable a user account for Lync Server
1. From a user account that is assigned to the CsUserAdministrator role or the CsAdministrator
role, log on to any computer in your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
For details about the different methods you can use to start Lync Server Control Panel.
3. In the left navigation bar, click Users.
4. In the Search users box, type all or the first portion of the display name, first name, last name,
Security Accounts Manager (SAM) account name, SIP address, or line Uniform Resource
Identifier (URI) of the user account that you want to enable, and then click Find.
5. In the table, click the user account that you want to enable.
6. On the Edit menu, click Modify.
7. In Edit Lync Server User, select the Enabled for Lync Servercheck box, and then click
Commit.
To disable or re-enable a previously enabled user account for Lync Server
1. From a user account that is assigned to the CsUserAdministrator role or the CsAdministrator
role, log on to any computer in your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
For details about the different methods you can use to start Lync Server Control Panel.
3. In the left navigation bar, click Users.
4. In the Search users box, type all or the first portion of the display name, first name, last name,
Security Accounts Manager (SAM) account name, SIP address, or line Uniform Resource
Identifier (URI) of the user account that you want to disable or re-enable, and then click Find.
5. In the table, click the user account that you want to disable or re-enable.
6. On the Action menu, do one of the following:
To temporarily disable the user account for Lync Server 2013, click Temporarily disable
for Lync Server. To enable the user account for Lync Server 2013, click Re-enable for Lync Server.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
13/59
13
MANAGING COMPUTERS IN YOUR TOPOLOGY
Topics in this section provide step-by-step procedures for tasks you can perform using the Topology
page in Lync Server Control Panel.
View a List of Computers Running Lync Server 2013
You can use Lync Server 2013 Control Panel to view a list of all the computers that are running Lync
Server 2013 in your topology and see the service status of each. You can sort the list by computer, pool,
or site.
To view a list of computers running Lync Server
1. From a user account that is assigned to any of the predefined administrative roles for Lync
Server 2013, log on to any computer in your internal deployment. For details about the
predefined administrative roles available in Lync Server 2013, see Role-Based Access Control.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
For details about the different methods you can use to start Lync Server Control Panel.
3. In the left navigation bar, click Topology and then click Status.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
14/59
14
4. On the Status page, do any of the following as needed:
Sort the list by clicking the Computer, Pool, orSite column heading, and then clicking the
up arrow or the down arrow.
Click Refresh to view the most up-to-date list.
Search for a specific computer by typing the computer name in the search field.
View the Status of Services Running on a Computer
You can use Lync Server Control Panel to view all the services that are running on a specific computer in
your Lync Server 2013 topology and see the status of each service.
To view the status of services running on a computer
1. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
For details about the different methods you can use to start Lync Server Control Panel.2. In the left navigation bar, click Topology.
3. On the Status page, sort or search the list as needed to find the computer you are interested in
and then click the computer name.
4. Do any of the following:
To see the latest status of services running on the computer, click Get service status.
To see a list of specific services running on the computer and the status of each service,
click Properties and then click Close to return to the list.
View Details About a Service
You can use Lync Server Control Panel to view details about each service that is running on a specific
computer in your topology. You can view the status of each service and details such as the associated
databases, ports, and dependent services.
To view details for a service
1. From a user account that is assigned to any of the predefined administrative roles for Lync
Server 2013, log on to any computer in your internal deployment. For details about the
predefined administrative roles available in Lync Server 2013, see Role-Based Access Control.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
For details about the different methods you can use to start Lync Server Control Panel.
3. In the left navigation bar, click Topology and then click Status.
4. In the Status page, sort or search through the list and then click the computer that you want to
view.
5. Click Properties.
6. In the View Computer Detail window, sort the list of services, if necessary, and click the
-
7/28/2019 Lync 2013 Admin Guide-En-4all
15/59
15
service you want to view.
7. Do any of the following as needed:
To see the latest status of that specific service, click Get service status.
To see the details for that specific service, click Properties and then click Close.
To return to the list of all computers in your topology, click Close.
Start or Stop Lync Server 2013 Services
You can use Lync Server Control Panel to start or stop all the Lync Server 2013 services running on a
specific computer or to start or stop a specific Lync Server 2013 service.
To start or stop all Lync Server services on a computer
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or assigned to the CsServerAdministrator or CsAdministrator role, log onto any computer that is in the network in which you deployed Lync Server 2013.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
For details about the different methods you can use to start Lync Server Control Panel.
3. In the left navigation bar, click Topology and then click Status.
4. On the Status page, sort or search through the list as needed to find the computer that is
running the services you want to start or stop, and then click it.
5. Click Action.
6. Click Start All services orStop All services.
To start or stop a specific service
1. From a user account that is assigned to the CsUserAdministrator role or the CsAdministrator
role, log on to any computer in your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
For details about the different methods you can use to start Lync Server Control Panel.
3. In the left navigation bar, click Topology and then click Status.
4. On the Status page, sort or search through the list as needed to find the computer that is
running the service you want to start or stop, and then click it.
5. Click Properties.
6. Sort the list of services, if necessary, and click the service you want to start or stop.
7. Click Action.
8. Click Start service orStop service.
9. Click Close.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
16/59
16
Prevent Sessions for Services
You can use Microsoft Lync Server 2013 Control Panel to prevent new sessions for all the Lync Server
2013 services running on a specific computer or to prevent new sessions for a specific Lync Server 2013
service.
To prevent new sessions for all Lync Server services on a computer
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or assigned to the CsServerAdministrator or CsAdministrator role, log on
to any computer that is in the network in which you deployed Lync Server 2013.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
For details about the different methods you can use to start Lync Server Control Panel.
3. In the left navigation bar, click Topology and then click Status.
4. On the Status page, sort or search through the list as needed to find the computer that is
running the services for which you want to prevent new sessions, and then click it.
5. Click Action.6. Click Prevent new sessions for all services.
To prevent new sessions for a specific service
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or assigned to the CsServerAdministrator or CsAdministrator role, log on
to any computer that is in the network in which you deployed Lync Server 2013.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
For details about the different methods you can use to start Lync Server Control Panel.
3. In the left navigation bar, click Topology and then click Status.
4. On the Status page, sort or search through the list as needed to find the computer that is
running the service you want to start or stop, and then click it.
5. Click Properties.
6. Sort the list of services, if necessary, and click the service for which you want to prevent new
sessions.
7. Click Action.
8. Click Prevent new sessions for service.
9. Click Close.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
17/59
17
FEDERATION AND EXTERNAL ACCESS
ENABLE OR DISABLE EXTERNAL USER ACCESS FOR YOUR ORGANIZATION
After deploying one or more Edge Servers, you must enable the specific types of external user access to
be supported for your organization. This includes the following types of external user access:
Remote user access Enable this if you want users in your organization who are outside your
firewall, such as telecommuters and users who are traveling, to be able to connect to Lync Server
2013.
Federation Enable this if you want to support access by users of federated partner domains, users
of public IM service providers, or both.
Anonymous user access Enable this if you want internal users to be able to invite anonymous
users to their conferences.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
18/59
18
Note:
In addition to enabling external user access support, you must also configure policies to control
the use of external user access in your organization before any type of external user access is
available to users.
Enable or Disable Remote User Access for Your Organization
Remote users are users in your organization who have a persistent Active Directory identity within the
organization. Remote users often sign in to Lync Server your network from outside the firewall by using a
virtual private network (VPN) when they are not connected internally to your organizations network.
Remote users include employees working at home or on the road and other remote workers, such as
trusted vendors, who have been granted enterprise credentials. If you enable remote user access for
remote users, supported remote users do not have to connect using a VPN in order to collaborate with
internal users using Lync Server 2013.
To support remote user access, you must enable it. When you enable it, you enable it for your entire
organization. If you later want to temporarily or permanently prevent remote user access, you can
disable it for your organization. Use the procedure in this section to enable or disable remote user accessfor your organization.
Note:
Enabling remote user access only specifies that your servers running the Access Edge service
support communications with remote users, but remote users cannot participate in instant
messaging (IM) or conferences in your organization until you also configure at least one policy to
manage the use of remote user access
To enable or disable remote user access for your organization
1. From a user account that is a member of the RTCUniversalServerAdmins group (or hasequivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
For details about the different methods you can use to start Lync Server Control Panel, see
Open Lync Server Administrative Tools.
3. In the left navigation bar, click External User Access, and then click Access Edge
Configuration.
4. On the Access Edge Configuration page, click Global, click Edit, and then click Show
details.
5. In Edit Access Edge Configuration, do one of the following: To enable remote user access for your organization, select the Enable remote user
access check box.
To disable remote user access for your organization, clear the Enable remote user access
check box.
6. Click Commit.
To enable remote users to sign in to your servers running Lync Server 2013, you must also
-
7/28/2019 Lync 2013 Admin Guide-En-4all
19/59
19
configure at least one external access policy to support remote user access.
ENABLE OR DISABLE FE DERATION FOR YOUR ORGANIZATION
Support for federation is required to enable users who have an account with a trusted customer or
partner organization, including partner domains and users of public instant messaging (IM) provider users
that you support, to collaborate with users in your organization. Federation is also required to use a
hosted Exchange service provider to provide voice mail to Enterprise Voice users whose mailboxes are
located on a hosted Exchange service such as Microsoft Exchange Online. When you have established a
trust relationship with such external domains, you can authorize users in those domains to access your
deployment and participate in Lync Server communications. This trust relationship is called federation and
it is not related to or dependent upon an Active Directory trust relationship.
To support access by users of federated domains, you must enable federation. If you enable federation
for your organization, you must also specify whether to implement the following options:
Enable partner domain discovery. If you enable this option, Lync Server 2013 uses Domain Name
System (DNS) records to try to discover domains not listed in the allowed domains list, automatically
evaluating incoming traffic from discovered federated partners and limiting or blocking that traffic
based on trust level, amount of traffic, and administrator settings. If you do not select this option,
federated user access is enabled only for users in the domains that you include on the allowed
domains list. Whether or not you select this option, you can specify that individual domains to be
blocked or allowed, including restricting access to specific servers running the Access Edge service in
the federated domain.
Send an archiving disclaimer to federated partners to advise them that communications are recorded.
If you support archiving of external communications with federated partner domains, you shouldenable the archiving disclaimer notification to warn partners that their messages are being archived.
If you later want to temporarily or permanently prevent access by users of federated domains, you can
disable federation for your organization. Use the procedure in this section to enable or disable federated
user access for your organization, including specifying the appropriate federation options to be supported
for your organization.
Note:
Enabling federation for your organization only specifies that your servers running the Access
Edge service support routing to federated domains. Users in federated domains cannot
participate in IM or conferences in your organization until you also configure at least one policy tosupport federated user access. Users of public IM service providers cannot participate in IM or
conferences in your organization until you also configure at least one policy to support public IM
connectivity. Lync Server cannot use a hosted Exchange service to provide call answering,
Outlook Voice Access (including voice mail), or auto-attendant services for users whose
mailboxes are located on a hosted Exchange service until you configure a hosted voice mail
policy that provides routing information. For details about configuring policies for communication
with users of federated domains in other organizations, see Manage Federated Partner User
Access in the Deployment documentation or the Operations documentation. Additionally, if you
-
7/28/2019 Lync 2013 Admin Guide-En-4all
20/59
20
want to support communication with users of IM service providers, you must configure policies to
support it and also configure support for the individual service providers that you want to support.
To enable or disable federated user access for your organization
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
3. In the left navigation bar, click External User Access, and then click Access Edge
Configuration.
4. On the Access Edge Configuration page, click Global, click Edit, and then click Show
details.
5. In Edit Access Edge Configuration, do one of the following:
To enable federated user access for your organization, select the Enable communications
with federated users check box.
To disable federated user access for your organization, clear the Enable communications
with federated users check box.
6. If you selected the Enable communications with federated users check box, do the following:
a. If you want to support automatic discovery of partner domains, select the Enable partner
domain discovery check box.
b. If your organization supports archiving of external communications, select the Send
archiving disclaimer to federated partners check box.
7. Click Commit.
To enable federated users to collaborate with users in your Lync Server 2013 deployment, you must
also configure at least one external access policy to support federated user access. For details, seeManage Federated Partner User Access in the Deployment documentation or the Operations
documentation.
Enable or Disable Anonymous User Access for Your Organization
Anonymous users are users who do not have a user account in your organization's Active Directory
Domain Services (AD DS) or in a supported federated domain, can be invited to participate remotely in an
on-premises conference. By allowing anonymous participation in meetings you enable anonymous users
(that is, users whose identity is verified through the meeting or conference key only) to join meetings.Allowing anonymous participation requires enabling it for your organization.
If you later want to temporarily or permanently prevent access by anonymous users, you can disable it
for your organization. Use the procedure in this section to enable or disable anonymous user access for
your organization.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
21/59
21
Note:
Enabling anonymous user access for your organization only specifies that your servers running
the Access Edge service support access by anonymous users. Anonymous users cannot
participate in any meetings in your organization until you also configure at least one conferencing
policy and apply it to one or more users or user groups. The only users that can invite anonymous
users to meetings are those users that are assigned a conferencing policy that is configured tosupport anonymous users.
To enable or disable anonymous user access for your organization
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
3. In the left navigation bar, click External User Access, and then click Access Edge
Configuration.
4. On the Access Edge Configuration page, click Global, click Edit, and then click Show
details.
5. In Edit Access Edge Configuration, do one of the following:
To enable anonymous user access for your organization, select the Enable
communications with anonymous users check box.
To disable anonymous user access for your organization, clear the Enable
communications with anonymous users check box.
6. Click Commit.
To enable anonymous users to participate in conferences hosted by users in your Lync Server 2013
deployment, you must also configure and assign at least one conferencing policy to supportanonymous users.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
22/59
22
CALL ADMISSION CONTROL
Enabling Call Admission Control
Call admission control (CAC) is a network of regions, sites, and subnets that enable you to place
restrictions on audio and video transmissions based on available bandwidth. After you configure the CAC
network, you must enable CAC to enforce the bandwidth limitations. You can use Lync Server Control
Panel to do this.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
23/59
23
To enable CAC from Lync Server Control Panel
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
3. In the left navigation bar, click Network Configuration and then click Global.
4. On the Global page, click the Global configuration.
Note:
Only one network can be configured for any Microsoft Lync Server 2013 deployment, so
there will never be more than one network configuration in the list. You cannot rename
the Global configuration.
5. On the Edit menu, click Show details.
6. On the Edit Global Setting page, select the Enable call admission control check box, and
then click Commit.
When you clickCommit, you run a test of the configuration. The Edit Global Settings dialog box
closes, returning you to the Global page. You will receive a warning if any errors or inconsistencies
are discovered in your network configuration that will prevent it from working correctly (for
example, if every region is not connected to every other region through an interregion route).
If you make changes to your network configuration, you can run the validation check again by
opening the Global configuration and clicking Commit. You do not need to disable CAC first: leave
the check box checked and clickCommit. You can do this at any time without making any
configuration changes.
See Also
Call Admission Control
Overview of Call Admission Control
Configure Call Admission Control
Get-CsNetworkConfiguration
Set-CsNetworkConfiguration
Remove-CsNetworkConfiguration
ENABLING MEDIA BYPASS
Media bypass settings apply globally across a Microsoft Lync Server 2013 deployment. Media bypass
allows calls to bypass the Mediation Server. For details about when to use Media bypass, see Media
Bypass in the Planning section.
You can enable and configure media bypass from the Lync Server Control Panel.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
24/59
24
To enable and configure media bypass
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
3. In the left navigation bar, click Network Configuration and then click Global.
4. On the Global page, click the Global configuration. There is always only one configuration, and
it is always named Global.
5. On the Edit menu, click View details.
6. On the Edit Global Setting page, click the Enable media bypass check box.
7. Select one of the following options:
Always bypass Select this option to attempt media bypass on all calls. This option will be
unavailable if call admission control (CAC) is enabled. If CAC is not enabled, select this
option in the following situations:
There is no need for bandwidth control.
There is no need for fine-grained configuration to determine when bypass should happen.
There is full connectivity between gateways and clients.
Use sites and region configuration If CAC is enabled, this option is selected by default
and cannot be changed. When this option is selected, network configuration sites and
regions will be used to determine when media bypass is possible. If you select this option,
you can choose to enable bypass for sites that are not mapped. Click the Enable bypass
for non-mapped sites check box only if you have one or more large sites associated with
the same region that do not have bandwidth constraints (for example, a large central site)
and you also have some branch sites associated with the same region that do have
bandwidth constraints. When you enable bypass for non-mapped sites, configuration isstreamlined because you specify only the subnets associated with the branch sites rather
than needing to specify all subnets associated with all sites. We recommend that you do not
select the Enable bypass for non-mapped sites check box if CAC is enabled.
8. Click Commit to save your changes.
See Also
Global Media Bypass Options
Media Bypass
CONFIGURING LOCATION POLICY
The location policy is used to apply settings that relate to Enhanced 9-1-1 (E9-1-1) functionality and to
location settings for users or contacts. The location policy determines whether a user is enabled for E9-1-
1, and if so what the behavior is of an emergency call. For example, you can use the location policy to
define what number constitutes an emergency call (911 in the United States), whether corporate security
should be automatically notified, and how the call should be routed.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
25/59
25
You can configure location policies from the Network Configuration group in Lync Server Control
Panel. From the Lync Server Control Panel you can view, create, modify, or delete location policies.
To view location policies
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
3. In the left navigation bar, click Network Configuration and then click Location Policy.
A single policy, called Global, exists by default and cannot be deleted or renamed. However, you
can modify the Global policy. This policy will apply to all users and contacts, unless you create site
policies or per-user policies. Per-user policies must be applied to specific users.
To create a new location policy
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
3. In the left navigation bar, click Network Configuration and then click Location Policy.
4. On the Location Policy page, click New and then select the type of policy you want to create:
To create a site policy, click Site policy. In Select a Site, choose the site to which you want
the policy applied and click OK. On the New Location Policy page, the Scope field
contains the value Site, and the Name field contains the name of the site you chose. You
cannot modify either of these fields. A site policy is automatically applied to all users on the
specified site and overrides the global policy for those users.
To create a User policy, click User policy. In the New Location Policy, the Scope field
contains the value User. You cannot modify this value. In the Name field, type the name
you want to give this policy. A user policy does not automatically apply to any users. After
creating the user policy, you must manually grant the policy to the users or network sites to
which you want to policy to apply.
5. Fill in the remaining fields as follows:
Enable enhanced emergency services Select this check box to enable the users
associated with this policy for E9-1-1. When emergency services are enabled, Microsoft
Lync Server 2013 clients will retrieve location information on registration and include that
information when an emergency call is made.
Location Specify one of the following values:
Required The user will be prompted to input location information when the client registers
at a new location. The user can dismiss the prompt without entering any information. If
information is entered, an emergency call will first be answered by the emergency services
provider to verify the location before being routed to the Public Safety Answering Point
(PSAP) operator (that is, the 911 operator).
Not Required The user will not be prompted for a location. When a call is made with no
-
7/28/2019 Lync 2013 Admin Guide-En-4all
26/59
26
location information, the emergency services provider will answer the call and ask for a
location.
Disclaimer This option is the same as Required except that the user cannot dismiss the
prompt without entering location information. The user can still complete an emergency call,
but no other calls can be completed without entering the information. In addition, disclaimer
text will be displayed to the user that can alert them to the consequences of declining toenter location information. To set the disclaimer text, you must run the Set-
CsEnhancedEmergencyServiceDisclaimercmdlet at command line by using the Lync
Server Management Shell. For details, see Set-CsEnhancedEmergencyServiceDisclaimer
in the Lync Server Management Shell documentation.
Use location for emergency services only Location information can be used by the
Microsoft Lync 2013 client for various reasons (for example, to notify teammates of your
current location). Select this check box to ensure location information is available only for
use with an emergency call.
PSTN usage The public switched telephone network (PSTN) usage that will be used to
determine which voice route will be used to route emergency calls from clients using this
profile. The route associated with this usage should point to a SIP trunk dedicated to
emergency calls.
Emergency dial number The number that is dialed to reach emergency services. In the
United States this value is 911. The string must be made of the digits 0 through 9 and can
be from 1 to 10 digits in length.
Emergency dial mask A number that you want to translate into the value of the
emergency dial number value when it is dialed. For example, if you enter a value of 212 in
this field and the emergency dial number field has a value of 911, if a user dials 212 the call
will be made to 911. This allows for alternate emergency numbers to be dialed and still
have the call reach emergency services (for example, if someone from a country or region
with a different emergency number attempts to dial that country or regions number ratherthan the number for the country or region they are currently in). You can define multiple
emergency dial masks by separating the values with semicolons. For example, 212;414.
Maximum length of the string is 100 characters. Each character must be a digit 0 through 9.
Important:
Ensure that the specified dial mask value is not the same as a number in a call park
orbit range. Call park routing will take precedence over emergency dial string
conversion. To see the existing call park orbit ranges, click Voice Features in the
left navigation bar and then click Call Park. For details, see Configure Phone
Number Extensions for Parking Calls.
Notification URI One or more SIP Uniform Resource Identifiers (URIs) to be notified whenan emergency call is made. For example, the company security office could be notified
through an instant message whenever an emergency call is made. If the callers location is
available that location will be included in the notification. Multiple SIP URIs can be included
as a comma-separated list. For example,
"sip:[email protected]","sip:[email protected]". Keep in mind that distribution
lists and group URIs are not supported. The string must be from 1 to 256 characters in
length and must begin with the prefix "sip:". Before you click in the Notification URI field an
-
7/28/2019 Lync 2013 Admin Guide-En-4all
27/59
27
example is displayed.
Conference URI The SIP URI, in this case the telephone number, of a third party that will
be conferenced in to any emergency calls that are made. For example, the company
security office could receive a call when an emergency call is made and listen in or
participate in that call (depending on the value supplied in the Conference mode field). The
string must be from 1 to 256 characters in length and must begin with the prefix sip:. Anexample is displayed until you click inside this field.
Conference mode If you specify a value in the Conference URI field, the Conference
mode determines whether a third party can participate in the call or can only listen in.
Specify one of the following options:
One-way A third party can only listen to the conversation between the caller and the
PSAP operator.
Two-way A third party can listen in and participate in the call between the caller and the
PSAP operator.
6. Click Commit.
Important
When you create a user policy, initially that policy does not apply to any users or network sites. To
apply the policy to a user, clickUsers in the left navigation bar. Find the user to which you want to
apply the policy. On the Edit menu, clickShow details. On the Edit Lync Server User page,
select the new location policy from the Location policy drop-down list and then clickCommit.
To apply the policy to a network site, clickNetwork Configuration in the left navigation bar and
then clickSite. Find the network site to which you want to apply the policy. On the Edit menu,
clickShow details. In Edit Site, select the new location policy from the Location policy drop-
down list and then clickCommit.
To modify a location policy
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
3. In the left navigation bar, click Network Configuration and then click Location Policy.
4. On the Location Policy page, select the location policy that you want to modify.
5. On the Edit menu, click Show details.
6. On the Edit Location Policy page, modify the fields as necessary (for details, see Step 5 in the
"To create a new location policy" procedures earlier in this topic).
7. Click Commit.
To delete a location policy
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
-
7/28/2019 Lync 2013 Admin Guide-En-4all
28/59
28
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
3. In the left navigation bar, click Network Configuration and then click Location Policy.
4. On the Location Policy page, select the location policy that you want to delete.
Note:
You can delete more than one location policy at a time. To do this, press CTRL and
select multiple policies while holding down the CTRL key. Or, to select all policies, click
Select all on the Edit menu.
5. On the Edit menu, click Delete.
6. Click OK.
Important:
You cannot delete the Global location policy. If you attempt to delete the Global policy
you will receive a warning message and that policy will be reset to its default values.
See Also
Create Location Policies
Create or Modify a Network Site
New-CsLocationPolicy
Set-CsLocationPolicy
Remove-CsLocationPolicy
Get-CsLocationPolicy
CONFIGURING BANDWIDTH POLICY PROFILE
As part of call admission control (CAC), a bandwidth policy is used to define bandwidth limitations for
certain modalities. In Microsoft Lync Server 2013, only audio and video modalities can be assigned
bandwidth limitations. You can set overall bandwidth limitations and session limitations. You can use the
Lync Server Control Panel to create or modify a container profile for these policies. Each bandwidth policy
profile can be associated with one or more network sites.
To create a new bandwidth policy profile
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
3. In the left navigation bar, click Network Configuration and then click Policy Profile.
4. On the Policy Profile page, click New.
5. In New Bandwidth Policy Profile, type a name in the Name field. This name must be unique
among all bandwidth policy profiles.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
29/59
29
6. In the Audio limit field, type a numeric value. This value is the maximum amount of bandwidth
to allocate for all audio connections, expressed in kbps.
7. Enter a numeric value in the Audio session limit field. This value is the maximum amount of
bandwidth to allocate for an individual audio connection, expressed in kbps. This value must be
40 or higher.
8. Enter a numeric value in the Video limit field. This value is the maximum amount of bandwidth
to allocate for all video connections, expressed in kbps.
9. Enter a numeric value in the Video session limit field. This value is the maximum amount of
bandwidth to allocate for an individual video connection, expressed in kbps. This value must be
100 or higher.
10. (Optional) Type a value in the Description field to provide more information about this
bandwidth policy profile that cannot be expressed by the name alone.
11. Click Commit.
Note:
Creating a new bandwidth policy profile does not automatically enforce bandwidthrestrictions. You must first associate the policy profile with a site.
To modify a bandwidth policy profile
1. From a user account that is a member of the RTCUniversalServerAdmins group (or has
equivalent user rights), or is assigned to the CsAdministrator role, log on to any computer in
your internal deployment.
2. Open a browser window, and then enter the Admin URL to open the Lync Server Control Panel.
3. In the left navigation bar, click Network Configuration and then click Policy Profile.
4. On the Policy Profile page, click the bandwidth policy profile that you want to modify.
5. On the Edit menu, click Show details.
6. On the Edit Bandwidth Policy Profile page, modify the fields as necessary (for details, see the
"To create a bandwidth policy profile" section earlier in this topic).
7. Click Commit.
Note:
When you modify the bandwidth policy profile, it will immediately update the bandwidth
limitations of all network sites associated with this bandwidth policy profile.
GET-CSMEDIACONFIGURATIONReturns information regarding media settings, including the supported level of encryption, whether Siren
can be used as a voice codec by the Mediation Server in its interactions with Microsoft Lync 2013 clients,
and the maximum allowed video resolution.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
30/59
30
Syntax
Get-CsMediaConfiguration [-Identity ] [-LocalStore ]
Get-CsMediaConfiguration [-Filter ] [-LocalStore ]
Detailed Description
This cmdlet retrieves one or more collections of settings that define media interactions.
Who can run this cmdlet: By default, members of the following groups are authorized to run the Get-
CsMediaConfiguration cmdlet locally: RTCUniversalUserAdmins, RTCUniversalServerAdmins. To return a
list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any
custom RBAC roles you have created yourself), run the following command from the Windows PowerShell
prompt:
Get-CsAdminRole | Where-Object {$_.Cmdletsmatch "Get-CsMediaConfiguration"}
Parameters
Parameter Required Type Description
Identity Optional XdsIdentity The unique identifier of the media configuration
you want to retrieve. This identifier specifies thescope at which this configuration is applied(global, site, or service).
Filter Optional String This parameter filters the results of the Get
operation based on the wildcard value passed to
http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/ -
7/28/2019 Lync 2013 Admin Guide-En-4all
31/59
31
this parameter.
LocalStore Optional SwitchParameter Retrieves the media configuration informationfrom the local replica of the Central Managementstore, rather than from the Central Management
store itself.
Input Types
None.
Return Types
Get-CsMediaConfiguration returns instances of the
Microsoft.Rtc.Management.WritableConfig.Settings.Media.MediaSettings object.
Example
-------------------------- Example 1 --------------------------
Get-CsMediaConfiguration
Example 1 returns all the media configurations in use in your organization; this is done simply by invoking
the cmdlet Get-CsMediaConfiguration without any additional parameters.
-------------------------- Example 2 --------------------------
Get-CsMediaConfiguration -Identity site:Redmond1
The preceding example returns only the media configuration that has the Identity site:Redmond1. Because
identities must be unique, specifying an Identity ensures that you will never retrieve more than one item.
-------------------------- Example 3 --------------------------
Get-CsMediaConfiguration -Filter site:*
In Example 3, the Filter parameter is used to return all the media configurations at the site scope. The
wildcard string site:* ensures that Windows PowerShell will return only those media configurations that
have identities beginning with the string value site:.
-------------------------- Example 4 --------------------------
http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/ -
7/28/2019 Lync 2013 Admin Guide-En-4all
32/59
32
Get-CsMediaConfiguration | Where-Object {$_.EncryptionLevel -eq "SupportEncryption"}
In this example, Get-CsMediaConfiguration and Where-Object are used to return all the media
configurations that support (but do not require) encryption. To do this, the command first uses Get-
CsMediaConfiguration to retrieve all the media configurations in use in your organization. This
information is then piped to the Where-Object cmdlet, which applies a filter that restricts the returned
data to those configurations where the EncryptionLevel property is equal to (-eq) SupportEncryption.
-------------------------- Example 5 --------------------------
Get-CsMediaConfiguration -Filter *:*med*
This example retrieves all media configurations defined for sites and services with names that contain the
string "med". For example, this command will retrieve media configuration settings defined for the site
medford1, the site TwoMedfordPlace, and the service MediationServer:redmond.litwareinc.com.
NEW-CSMEDIACONFIGURATION
Creates a new collection of media settings. These settings can be used to specify such things as
the supported level of encryption and the maximum allowed video resolution.
Syntax
New-CsMediaConfiguration -Identity [-Confirm []] [-EnableQoS ] [-EnableSiren ] [-EncryptionLevel ] [-Force ] [-InMemory ] [-MaxVideoRateAllowed ] [-WhatIf []]
Detailed Description
This cmdlet creates a new collection of settings that define behaviors for specific media actions.
Who can run this cmdlet: By default, members of the following groups are authorized to run
the New-CsMediaConfiguration cmdlet locally: RTCUniversalServerAdmins. To return a list
of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any
custom RBAC roles you have created yourself), run the following command from the Windows
PowerShell prompt:
http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/ -
7/28/2019 Lync 2013 Admin Guide-En-4all
33/59
33
Get-CsAdminRole | Where-Object {$_.Cmdletsmatch "New-CsMediaConfiguration"}
Parameters
Parameter Required Type Description
Identity Required XdsIdentity A unique identifier specifying the
scope at which this configuration isapplied (site or service). Aconfiguration at the site scope would
be entered as site:, such assite:Redmond. A service would beentered as :, such
asMediationServer:pool0.litwareinc.com.A media configuration at the global
scope will always exist and cannot beremoved, so a new globalconfiguration cannot be created.
Media configurations created at theservice scope can be created only for
the A/V Conferencing service,Mediation Server, and ApplicationServer.
EnableQoS Optional Boolean QoS monitors the quality of voicesignals over a network.
Default: False
EnableSiren Optional Boolean By default, the Mediation Server doesnot negotiate Siren as a possible codec
for calls between itself and otherMicrosoft Lync 2013 clients. If thissetting is True, Siren will be includedas a possible codec for use between the
Mediation Server and other Lync 2013clients.
Default: False
http://void%280%29/http://void%280%29/http://void%280%29/ -
7/28/2019 Lync 2013 Admin Guide-En-4all
34/59
34
EncryptionLevel Optional EncryptionLevel The level of encryption betweenUnified Communications entities.
Valid values:
SupportEncryption - secure real-timetransport protocol (SRTP) will be used
if it can be negotiated.
RequireEncryption - SRTP must benegotiated.
DoNotSupportEncryption - SRTPmust not be used.
Default: RequireEncryption
MaxVideoRateAllowed Optional MaxVideoRateAllowed The maximum rate at which videosignals will be transferred at the clientendpoints.
Valid values: Hd720p15M,
VGA600K, CIF250K
Hd720p15M - High definition, with a
resolution of 1280 x 720 and aspectratio 16:9.
VGA600K - VGA, with a resolution of
640 x 480, 25 fps with the aspect ratio4:3.
CIF250K - Common Intermediate
Format (CIF) video format, 15 fpswith a resolution of 352 x 288.
Note that these values are not case
sensitive; values will be converted toappropriate casing when theconfiguration is created.
Default: VGA600K
Force Optional SwitchParameter Suppresses any confirmation promptsthat would otherwise be displayed
before making changes.
InMemory Optional SwitchParameter Creates an object reference without
actually committing the object as a
-
7/28/2019 Lync 2013 Admin Guide-En-4all
35/59
35
permanent change. If you assign theoutput of this cmdlet called with this
parameter to a variable, you can make
changes to the properties of the objectreference and then commit those
changes by calling this cmdletsmatching Set- cmdlet.
WhatIf Optional SwitchParameter Describes what would happen if youexecuted the command withoutactually executing the command.
Confirm Optional SwitchParameter Prompts you for confirmation before
executing the command.
Input Types
None.
Return Types
Creates an object of type
Microsoft.Rtc.Management.WritableConfig.Settings.Media.MediaSettings.
Example
-------------------------- Example 1 --------------------------
New-CsMediaConfiguration -Identity site:Redmond1 -EncryptionLevel RequireEncryption
Example 1 uses New-CsMediaConfiguration to create a new media configuration with the
Identity site:Redmond1. This new configuration requires both parties involved in a multimedia
conversation to use encryption. That requirement is put in place by adding the EncryptionLevel
parameter and setting the parameter value to RequireEncryption.
-------------------------- Example 2 --------------------------
New-CsMediaConfiguration -Identity MediationServer:pool0.litwareinc.com -EnableSiren$True
http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/ -
7/28/2019 Lync 2013 Admin Guide-En-4all
36/59
36
This example uses New-CsMediaConfiguration to create a new media configuration with the
Identity MediationServer:pool0.litwareinc.com. This new configuration will have an EnableSiren
value of True, which means that Siren is enabled for calls involving this Mediation Server.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
37/59
37
SET-CSMEDIACONFIGURATION
Modifies an existing collection of media settings.
Syntax
Set-CsMediaConfiguration [-Identity ] [-Confirm []] [-EnableQoS ] [-EnableSiren ] [-EncryptionLevel ] [-Force ] [-MaxVideoRateAllowed ] [-WhatIf []]
Set-CsMediaConfiguration [-Confirm []] [-EnableQoS ] [-EnableSiren ] [-EncryptionLevel ] [-Force ] [-Instance ] [-MaxVideoRateAllowed ] [-WhatIf []]
Detailed Description
This cmdlet modifies a collection of settings that define media configuration. These actions relate to audio
and video calls between client endpoints.
Who can run this cmdlet: By default, members of the following groups are authorized to run the Set-
CsMediaConfiguration cmdlet locally: RTCUniversalServerAdmins. To return a list of all the role-based
access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have
created yourself), run the following command from the Windows PowerShell prompt:
Get-CsAdminRole | Where-Object {$_.Cmdlets match "Set-CsMediaConfiguration"}
Parameters
http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/ -
7/28/2019 Lync 2013 Admin Guide-En-4all
38/59
38
Parameter Required Type Description
Identity Optional XdsIdentity The unique identifier of the
media configuration settingsyou want to change. Thisidentifier specifies the scope at
which this configuration isapplied (global, site, or service).
Instance Optional MediaSettings An instance of theMicrosoft.Rtc.Management.Wri
tableConfig.Settings.Media.MediaSettings object. You canretrieve this object by
calling Get-CsMediaConfiguration with aspecific Identity. You can then
assign new values to theproperties of that object, andthen save those changes by
passing the object to Set-CsMediaConfiguration.
EnableQoS Optional Boolean QoS monitors the quality ofvoice signals over a network.
EnableSiren Optional Boolean By default, the MediationServer does not negotiate Siren
as a possible codec for callsbetween itself and otherMicrosoft Lync 2013 clients. If
this setting is True, Siren will beincluded as a possible codec foruse between the Mediation
Server and other Lync 2013clients.
EncryptionLevel Optional EncryptionLevel The level of encryption betweenUnified Communications
entities.
Valid values:
SupportEncryption - secure
real-time transport protocol
-
7/28/2019 Lync 2013 Admin Guide-En-4all
39/59
39
(SRTP) will be used if it can benegotiated.
RequireEncryption - SRTP must
be negotiated.
DoNotSupportEncryption -
SRTP must not be used.
This value is not case sensitive.(For details, see the Examples
in this topic.)
Default: RequireEncryption
MaxVideoRateAllowed Optional MaxVideoRateAllowed The maximum rate at whichvideo signals will be transferred
at the client endpoints.
Valid values: Hd720p15M,VGA600K, CIF250K
Hd720p15M - High definition,with a resolution of 1280 x 720
and aspect ratio 16:9.
VGA600K - VGA, with aresolution of 640 x 480, 25 fps
with the aspect ratio 4:3.
CIF250K - CommonIntermediate Format (CIF)
video format, 15 fps with aresolution of 352 x 288.
Note that these values are not
case sensitive; values will beconverted to appropriate casingwhen the configuration is
created. (For details, see theExamples in this topic.)
Default: VGA600K
Force Optional SwitchParameter Suppresses any confirmation
prompts that would otherwisebe displayed before makingchanges.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
40/59
40
WhatIf Optional SwitchParameter Describes what would happen ifyou executed the commandwithout actually executing the
command.
Confirm Optional SwitchParameter Prompts you for confirmationbefore executing the command.
Input Types
Microsoft.Rtc.Management.WritableConfig.Settings.Media.MediaSettings object. Accepts pipelined input
of media configuration objects.
Return Types
Set-CsMediaConfiguration does not return a value or object. Instead, the cmdlet configures instances of
the Microsoft.Rtc.Management.WritableConfig.Settings.Media.MediaSettings object.
Example
-------------------------- Example 1 --------------------------
Set-CsMediaConfiguration -Identity site:Redmond1 -MaxVideoRateAllowed hd720p15m
The example shown above modifies the media configuration collection with the Identity site:Redmond1; in
particular, the command sets the value of the MaxVideoRateAllowed property to Hd720p15M. Note that
the value passed to the MaxVideoRateAllowed parameter must be one of the values specified in the
parameter description. Also note that the values are not case sensitive; the value entered here as
hd720p15m will be automatically converted to the appropriate casing (in this instance, to Hd720p15M).
-------------------------- Example 2 --------------------------
Set-CsMediaConfiguration site:Redmond1 -EncryptionLevel donotsupportencryption
This example modifies the media configuration collection with the Identity site:Redmond1 to have an
EncryptionLevel value of DoNotSupportEncryption. Note that this value is not case sensitive; the value was
entered as donotsupportencryption, but that value will be accepted as a valid value and will be
automatically changed to mixed case (DoNotSupportEncryption).
http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/ -
7/28/2019 Lync 2013 Admin Guide-En-4all
41/59
41
REMOVE-CSMEDIACONFIGURATION
Removes the specified collection of media configuration settings
Syntax
Remove-CsMediaConfiguration -Identity [-Confirm []] [-Force ] [-WhatIf []]
Detailed Description
This cmdlet removes a collection of media settings. These settings relate to audio and video calls between
client endpoints.
This cmdlet can also be used to remove the global media settings. In that case, however, the settings will
not actually be removed; instead, they will simply be reset to their default values.
Who can run this cmdlet: By default, members of the following groups are authorized to run the Remove-
CsMediaConfiguration cmdlet locally: RTCUniversalServerAdmins. To return a list of all the role-based
access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have
created yourself), run the following command from the Windows PowerShell prompt:
Get-CsAdminRole | Where-Object {$_.Cmdlets match "Remove-CsMediaConfiguration"}
Parameters
Parameter Required Type Description
Identity Required XdsIdentity The unique identifier of the media configurationsettings you want to remove. This identifierspecifies the scope at which this configuration is
applied (global, site, or service).
http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/ -
7/28/2019 Lync 2013 Admin Guide-En-4all
42/59
42
Force Optional SwitchParameter Suppresses any confirmation prompts that wouldotherwise be displayed before making changes.
WhatIf Optional SwitchParameter Describes what would happen if you executed thecommand without actually executing the
command.
Confirm Optional SwitchParameter Prompts you for confirmation before executing thecommand.
Input Types
Microsoft.Rtc.Management.WritableConfig.Settings.Media.MediaSettings object. Accepts pipelined input
of media configuration objects.
Return Types
Removes an object of type Microsoft.Rtc.Management.WritableConfig.Settings.Media.MediaSettings.
Example
-------------------------- Example 1 --------------------------
Remove-CsMediaConfiguration -Identity site:Redmond1
In Example 1, Remove-CsMediaConfiguration is used to delete the media configuration collection with
the Identity site:Redmond1. When media settings are removed from the site scope, that site will
automatically begin to use the global media settings.
-------------------------- Example 2 --------------------------
Get-CsMediaConfiguration | Where-Object {$_.EncryptionLevel -eq "RequireEncryption"}
| Remove-CsMediaConfiguration
In the preceding example, three cmdlets--Get-CsMediaConfiguration , Where-Object, and Remove-
CsMediaConfiguration --are used to remove all the media configuration collections where encryption is
required of all parties involved in the conversation. To do this,Get-CsMediaConfiguration is first used to
return all the media configuration collections in the organization. That information is then piped
to Where-Object, which applies a filter that restricts the pipeline data to those collections where the
http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/http://void%280%29/ -
7/28/2019 Lync 2013 Admin Guide-En-4all
43/59
43
EncryptionLevel property is equal to (-eq) RequireEncryption. Finally, that filtered set of data is passed
to Remove-CsMediaConfiguration , which deletes each item in the set.
-------------------------- Example 3 --------------------------
Get-CsMediaConfiguration -Filter service:* | Remove-CsMediaConfiguration
In this example all media configurations defined at the service scope (meaning the configuration applies
to a specific service) are removed. This is accomplished by first calling Get-CsMediaConfiguration using
the Filter service:*. This filter retrieves all media configuration collections with an Identity starting with
service, which means all collections at the service scope. That set of collections is then piped the Remove-
CsMediaConfiguration , which removes them all.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
44/59
44
REGISTER RMX TO LYNC 2013
The domain name / Servers Name and the rmx name is Example DO NOT USE IT!
Step by Step
CONFIGURE RMX FQDN IN THE DNS:
1. Connect to DNS server, Open DNS console, and expand forward lookup zones, right click on
Zone: "your domain" and select New Host (A or AAAA).
-
7/28/2019 Lync 2013 Admin Guide-En-4all
45/59
45
2. Create new host (A or AAAA). Add RMX name and Signaling IP address. And click on Add Host
when finished.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
46/59
46
CONFIGURE RMX STATIC ROUTE AND TRUSTED APPLICATION - POWER SHELL:
1. Connect to Lync FrontEnd server, Go to Start->All programs->Microsoft Lync Server 2013 and
open Lync server management Shell.
First command:
$route = New-CsStaticRoute -TLSRoute -destination " RMX FQDN " -port 5061 -
matchuri " RMX FQDN " -usedefaultcert $true
*Where RMX FQDN is your RMX name.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
47/59
47
Second command:
Set-CsStaticRoutingConfiguration -identity global -route @{Add=$route}
To check your static route configuration write in shell the following command:
Get-CsStaticRoutingConfiguration
2. Then you need to create trusted application pool and trusted application use the following
command:
New-CsTrustedApplicationPool -Identity RMX FQDN-Registrar
Registrar:lync2013.ilw14.polycom.eng -site 1 -ComputerFqdn RMX FQDN-
ThrottleAsServer $true -TreatAsAuthenticated $true
EnterYES.
To add trusted application, add the following command:
New-CsTrustedApplication -ApplicationIdVideoProxy4 -TrustedApplicationPoolFqdn
RMX FQDN-Port 5061ApplicationId is the name of the application. This must be a string that is unique within the pool
that is specified in the "TrustedApplicationPoolFqdn" parameter.
"TrustedApplicationPoolFqdn" the FQDN of the trusted application pool on which the application
will reside.
To enable your changes, write the following command:
Enable-CsTopology
CREATE RMX CERTIFICATE:
1. To create certificate for RMX do the following steps.
1.1.Write in shell command:
Request-CsCertificate -New -Type Default -KeyAlg RSA -CAYour CA server -City
City -State State -ComputerFqdn RMX FQDN -Country IL -DomainNameyour
domain -FriendlyName RMX FQDN -Organization 'Polycom ' -
PrivateKeyExportable $true
1.2.To export certificate, click on start-> Administrative Tools-> Internet Information Services
(IIS) Manager.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
48/59
48
Click on Server Certificates
You will get list of certificates, right click and Export.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
49/59
49
Chose file location, set password, and click OK.
Enter password:
Create file by name certPassword.txt that contain only the password.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
50/59
50
SETTING THE RMX FOR THE LYNC 2013:
Open browser and enter the RMX IP
User name and the password
Enter the RMX
-
7/28/2019 Lync 2013 Admin Guide-En-4all
51/59
51
On the left panel expand with by clicking the arrow,
-
7/28/2019 Lync 2013 Admin Guide-En-4all
52/59
52
Click on IP Network Services
-
7/28/2019 Lync 2013 Admin Guide-En-4all
53/59
53
Click on Management Network
Click on DNS
Enter the values:
Name (as in the DNS)
Local Domain Name:
DNS Servers:
Primary
Secondary
and click OK
-
7/28/2019 Lync 2013 Admin Guide-En-4all
54/59
54
IMPORT RMX CERTIFICATE TO THE RMX
Click on IP Network Service
Go to SIP Servers, and enter the values
Certificate:
Change to TLS
Change the Certificate Method to PEM/PFX and load the "rmxXXX.pfx, certPassword.txt" file, by click
on "Send Certificate"
certPassword.txt
-
7/28/2019 Lync 2013 Admin Guide-En-4all
55/59
55
-
7/28/2019 Lync 2013 Admin Guide-En-4all
56/59
56
Change "Server IP Address Name"& "Server IP Address or Name" to the real one
Change "Port" to 5061
Change "Server Domain Name" to the domain
Restart the RMX
-
7/28/2019 Lync 2013 Admin Guide-En-4all
57/59
57
After the rmx is up, check the connection by entering the rmx and go to:
Signalling Monitor->IP Network Service-> SIP Servers:
You need to get Status OK.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
58/59
58
USING CENTRALIZED LOGGING SERVICE IN LYNC SERVER 2013
Centralized Logging Service (CLS) is a new feature in Lync Server 2013 Preview. It provides a mechanism toenable/disable logging across all Lync servers in a deployment from a single interface and to search the resultinglogs from the same interface.
You specify what should be logged based on the scenario you want to investigate. The scenarios supported areAlwaysOn, MediaConnectivity, ApplicationSharing, AudioVideoConferencingIssue, HybridVoice,IncomingAndOutgoingCall, VoiceMail, IMAndPresence, AddressBook, DeviceUpdate, LYSSAndUCS, CLS, SP,WAC, UserReplicator, HostedMigration, MonitoringAndArchiving, LILRLegacy, LILRLYSS, MeetingJoin, RGS,CPS, XMPP and CAA.
The AlwaysOn scenario is special. CLS is designed to have that scenario running by default. This way, when youhave an issue you do not have to turn on logging, repro the issues and then get your logs. The hope is that there isenough logging occurring with AlwaysOn that when you have an issue you will already have the logs available. IfAlwaysOn does not provide you with enough logs, then you can turn on a particular scenario to get a more verbose
set of logs.
CLS is implemented by agents and a controller used by the Lync administrator to interact with CLS.
The Lync Server Centralized Logging Service Agent service (also known as ClsAgent) is running on all Lync 2013Preview servers in the deployment. The purpose of the agent is to respond to requests to enable/disable logging andto respond to search requests.
The Lync administrator controls the agents via the ClsController interface. ClsController is a program defaultinstalled into C:\Program Files\Common Files\Microsoft Lync Server 2013\ClsAgent. You can specify different
parameters to ClsController. You can see detailed usage information about parameters and their values by justrunning ClsController without parameters.
The typical sequence of commands you want to run are:
ClsController.exe -start scenario pools Repro issue ClsController.exe -stop scenario pools ClsController.exe -flush pools ClsController.exe -search pools components
loglevel
For example to investigate an issue with UCS for a user on the lync.contoso.com pool:
ClsController.exe -start scenario lyssanducs pools lync.contoso.com Repro issue
ClsController.exe -stopscenario lyssanducs
pools lync.contoso.com
ClsController.exe -flush pools lync.contoso.com ClsController.exe -search pools lync.contoso.com components lyss
loglevel verbose
The last invocation of ClsController will write the resulting log entries to standard output, so you might want to re-direct it to a file by using >.
-
7/28/2019 Lync 2013 Admin Guide-En-4all
59/59
You can get an understanding of which components are included in which CLS scenarios by the Lync ManagementShell command Get-CsClsScenario. Below Im showing how to find the components or providers in the CPSscenario:
PS C:\> $scenario=Get-CsClsScenario global/cps PS C:\> foreach ($sc in $scenario.provider) { $sc.name }
CpsDiagnosticsCpsHostingFramework
CpsOrbit
Collaboration
S4
Sipstack
Please visit my Blog :http://blogs.microsoft.co.il/blogs/unified/
TechNet Forum:http://social.technet.microsoft.com/Forums/he-IL/lyncil/threads
http://blogs.microsoft.co.il/blogs/unified/http://blogs.microsoft.co.il/blogs/unified/http://blogs.microsoft.co.il/blogs/unified/http://social.technet.microsoft.com/Forums/he-IL/lyncil/threadshttp://social.technet.microsoft.com/Forums/he-IL/lyncil/threadshttp://social.technet.microsoft.com/Forums/he-IL/lyncil/threadshttp://social.technet.microsoft.com/Forums/he-IL/lyncil/threadshttp://blogs.microsoft.co.il/blogs/unified/