Search This Blog

Friday, December 27, 2013

Get synopsis of all Lync powershell cmdlets in text file

oneliner to dump all synopsis of Lynv cmdlets to text file

gcm -mo *Lync* | % {get-help $}| fl Name, Synopsis >c:\source\lync.txt

Thursday, December 19, 2013

Interop SIP UDP with Lync

Lync does not support SIP on UDP (port 5060), it only supports TCP or TLS (again TLS over TCP).

If you have a PBX or something that can work only on UDP, you would need a gateway like SBC or else that does support UDP.

Microsoft defend it's UDP rejection here

Monday, December 16, 2013

Force to add Lync contact in Skype

if Skype users can not find Lync used by sip, it may be that federation is not yet established or have some other issue.

To force skype client to add a lync contact even if it's is not discoverable by seach, in IE type

No connectivity with any of Web Conferencing Edge Servers. External Lync clients cannot use Web Conferencing modality.

if you see below error on Lync 2013 frontend, try to disable IP6 on the NIC interface, disable in registry refer to and reboot FE server. If not used the same procedure on Edge.

On FE you can change IIS Web sites bindings to IPv4 IP address instead of all unassigned.
Ensure that there are no deep packet application inspection or antivirus scan on the Firewall in between these servers.

Verify if you have session timeout in your firewall. In case of Palo Alto firewall you needs to set timeout to 4800 seconds, because PA will consider WebConf MTLS as ssl and due to offloading of ssl traffic only every 16th packet will be counted for session time to live. Refer to

WebConf will send keepalives every 300 seconds (5 minutes), 16x300 will be you a timeout setiing required for Palo Alto.

Log Name:      Lync Server
Source:        LS Data MCU
Date:          12/16/2013 5:20:16 PM
Event ID:      41026
Task Category: (1018)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      xxx
No connectivity with any of Web Conferencing Edge Servers. External Lync clients cannot use Web Conferencing modality.
Cause: Service may be unavailable or Network connectivity may have been compromised.
Verify all Web Conferencing Edge Services in the topology are running, and network connectivity is available.

Errors on the FrontEnd 41024 41025 41026 every 20-30 minutes


External lync user can not start audio with internal user

Recently I was troubleshooting a case where externally connected internal Lync user could not establish audio call with internal client. From client log we see

INVITE (message shows 5 candidates, we also see that hotspot firewall blocks UDP, so this client will have only limited choise of TCP to establish media flow. Number of IP4 candidates should be 6+ in ideal situation),

SIP Trying

SIP OK (we get SIP responce from another end and list of candidates from the other side), we can now exchange IM chats

SIP ACK and then suddenly SIP BYE. No audio call is esablished.

IN SIP BYE we observe an error:

ms-client-diagnostics: 23; reason="Call failed to establish due to a media connectivity failure when one endpoint is internal and the other is remote";CalleeMediaDebug="audio:ICEWarn=0x4000322,LocalSite=,LocalMR=xxx:50452,RemoteSite=,RemoteMR=yyy:50175,PortRange=49152:49191,LocalMRTCPPort=50452,RemoteMRTCPPort=50175,LocalLocation=1,RemoteLocation=2,FederationType=0,NetworkName=test,Interfaces=0x14,BaseInterface=0x4,BaseAddress="

if we lookup ICEWarn=0x4000000 in the resource kit:

we could see that problem is coming from egde firewall:

TCP-TCP connectivity checks failed over the TURN Server.
This is indicating that TURN TCP-TCP connectivity check was tried and it failed. The failure indicates that port 443 was not opened on the firewall. If one of the TURN servers was 2007 A/V Edge Server. The administrator needs to open ports from 50,000 through 59,999 TCP to all external Audio/Video Edge services in the environment. This flag isn’t expected and may result in an ICE protocol failure.

Then I have to check if 443 is open, but since I have no access to the Cisco ASA, I use telnet to test the port. The problem with windows telnet is that I can not change IP source address. On the edge if you run telnet 443 you will use address of first IP address (Access). That was ok. But to test thirst IP (AV) i had to download ncat
and then run from edge cmd  (
ncat -s IP_ADDR_AV_EDGE 443
and it was immediately rejected meaning that this direction the port is closed.

When escalated incident was solved by ASA admin, audio calls started flowing.

For more detailed information on connection scenarios refer to

UPDATE: it may happen that firewall is ok, but the VM was migrated to a ESX host that has different VLAN setup and this may prevent traffic also.

Wednesday, December 4, 2013

Bug in Microsoft Lync 2013 client?

Many users report the issue:

This is the error that appears in EventLog when using Lync 2013 mobile.

Log Name:      Lync Server

Source:        LS Storage Service

Date:          12/4/2013 10:18:02 AM

Event ID:      32054

Task Category: (4006)

Level:         Error

Keywords:      Classic

User:          N/A

Computer:      xxx


Storage Service had an EWS Autodiscovery failure.

UnsupportedStoreException: code=ErrorIncorrectExchangeServerVersion, reason=GetUserSettings failed, smtpAddress=xxx@xxxxx, Autodiscover Uri=https://autodiscover.xxxx/autodiscover/autodiscover.svc, Autodiscover WebProxy= ---> Microsoft.Exchange.WebServices.Data.ServiceRequestException: The request failed. The remote server returned an error: (401) Unauthorized. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized.

   at System.Net.HttpWebRequest.GetResponse()

   at Microsoft.Exchange.WebServices.Data.EwsHttpWebRequest.Microsoft.Exchange.WebServices.Data.IEwsHttpWebRequest.GetResponse()

   at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverRequest.InternalExecute()

   --- End of inner exception stack trace ---

   at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverRequest.InternalExecute()

   at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.InternalGetUserSettings(List`1 smtpAddresses, List`1 settings, Nullable`1 requestedVersion, Uri& autodiscoverUrl)

   at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.GetSettings[TGetSettingsResponseCollection,TSettingName](List`1 identities, List`1 settings, Nullable`1 requestedVersion, GetSettingsMethod`2 getSettingsMethod, Func`1 getDomainMethod)

   at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.GetUserSettings(List`1 smtpAddresses, List`1 settings)

   at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.InternalGetSoapUserSettings(String smtpAddress, List`1 requestedSettings)

   at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.GetUserSettings(String userSmtpAddress, UserSettingName[] userSettingNames)

   at Microsoft.Rtc.Internal.Storage.Exchange.ExchangeContext.SendGetUserSettingsRequest(StoreContext ctx, String smtpAddress)

   --- End of inner exception stack trace ---

   at Microsoft.Rtc.Internal.Storage.Exchange.ExchangeContext.SendGetUserSettingsRequest(StoreContext ctx, String smtpAddress)

   at Microsoft.Rtc.Internal.Storage.Exchange.ExchangeContext.GetUserEwsSettings(StoreContext ctx, String smtpAddress, CacheMode cacheMode)

Cause: Autodiscovery Uri was not correctly configured or unreachable, that there is a problem with the Proxy, or other errors.


Check event details.  Check autodiscovery Uri is properly configured and reachable. Check that proxy setting is properly configured and reachable.  Validate Lync to Exchange Autodiscovery configuration by following the trouble shooting guide. If problem persists, notify your organization's support team with the event details.


 UPDATE2: KB is not available from MS.

Lync edge media flow explained

Note the link to TechNet session at the end of article.