The OCS Guy's Blog

Event ID 87 in Exchange 2010 with OCS Integration

February 8, 2010

Recently while installing Exchange 2010 in a customer environment I ran into an error related to certificates when I tried to enable the OCS integration in OWA. The client had chosen Godaddy as their public CA of choice and as it turns out this played a role in causing the issue. Godaddy used a ” symbol in the issuer field of the certificate. Although it wouldn’t normally matter, it does when you are using that field in an XML config file, like the one used for IM integration with OWA/Exchange 2010.

I’ll assume you’ve read and followed the technet article on configuring Exchange 2010 to work with your OCS environmnet here, and now you’re seeing an Error in your application log on your Exchange 2010 CAS server like the one below:

The cause of the error in this case was the Issuer string found in the Godaddy certificate contained ” symbols:

A number of people have detailed (thanks to Chris and Robin’s Technology Blog) that the ” character wasn’t allowed in an XML file. So knowing its not allowed is a wonderful thing, but replacing it wasn’t exactly clear to me. I don’t do much programming in XML (or none at all) so I wasn’t sure what the appropriate replacement was. Luckily I have access to a crack team of programmers at PCMS (thanks Mike B!) who were able to verify I needed to replace both ” symbols from the Issuer string with:

It ends up looking like this:

Wonderful, now I save my config file, restart IIS and all should be happy right? Well not quite yet…

Although the error was gone from the application log, the Contact List in OWA was showing “Instant Messaging isn’t available right now”

Now a little more reading and I see that people are having issues with using certificates provided by a different CA than the OCS certificates. Now I know OCS is picky sometimes, but I couldn’t believe it wouldn’t work because of that, and I had already added the public FQDN of the CAS server to my Host Authorization tab in OCS and it was working with the self signed certificate I used. Then it hit me-the public cert had a different subject name than the self signed certificate because the company had planned to update the web address in the coming months and we used SAN fields for the old address that was to be retired. I updated the Host Authorization tab with the subject name of the certificate (even though DNS didn’t point to it yet), iisreset on the Exchange 2010 CAS server and, voila, its working. Just like Outlook Anywhere, the principal name from the certificate must be used in the Host Authorization tab.

Now even when I’m in OWA, I have access to all of my OCS contacts and lists.

Leave a Comment » | Uncategorized | Tagged: Communicator, Error 87, Exchange 2010 CAS, Exchange 2010 OWA IM, Godaddy, Godaddy certificates, Instant Messaging isn't available right now, OCS, OCS 2007 R2, The local certificate specified was not found in the store for the local computer | Permalink
Posted by Kevin Peters

One way messages with federated partner and ID 504 in Communicator

January 22, 2010

Since the blog I did on Live Meeting troubleshooting I have seen a lot of queries leading people to the site for troubleshooting OCS. I’ve also seen a ton of questions on the subject on the MS forums. All this has lead me to the conclusion that OCS troubleshooting isn’t that easy to get a handle on. With that in mind I’m writing this post on troubleshooting federation. First and foremost, this article is about troubleshooting a mistake I made during a deployment recently, and if you ask any PSS engineer they will tell you 80% of the problems they face with OCS are based on the same thing: human error/configuration error. As I said in my last troubleshooting post, I’m no expert on troubleshooting OCS, but hopefully this post will help someone out there. As always I encourage you to share your stories and methods if you think they may help someone else.

So recently while working on an enterprise edition install of 2007 R2 I ran into an issue with federation. The issue was I could send an IM from the client, but an attempt to reply from our OCS environment ended with an ID 504 error in MOC. I just so happened to be federating the client with my own company, so I was able to trace from both sides and find the resolution.

Since 504 errors are typically routing, firewall or DNS related (boy that really limits it doesn’t it!) I started out with the standard DNS and telnet test. I could resolve the access edge server appropriately and could also telnet to it from my edge server on 5061. Since the firewalls on both sides looked good and DNS was doing its job, I started a SIP Stack trace. I started with the Edge server at my company, as we were the ones who couldn’t communicate, and most likely we would see the errors on our side.

On our edge server I started my SIP Stack trace and attempted to send an IM to my test account in the clients environment. Keep in mind there is a lot of information in a SIP trace, so you want to be quick about this so you don’t overwhelm yourself with logs.

Here’s how I configured logging:

After the test message was sent and the error was received in MOC I stopped logging and clicked the “Analyze Log Files” button.

I made sure only my SIP Stack was selected and clicked “Analyze”

I followed the path listed in the ”Output File” field and grabbed the text file that was created. Once the log file was on my machine I opened Snooper and examined the log. Here’s what I saw:

I selected the first red line that was relevant to my conversation with the test contact; a “Server Time-Out” error. From here I moved one line up so I would get the request right before the error and looked at the information in the right hand column. Under the “Route” section I see not only the pool name of the customers EE pool, but I aslo see the FQDN of the server. At this point I realized where my error was.

Since the edge server was behind a NAT it had to be able to resolve the public IPs for the public facing edge services (Sip., AV., and Meeting.). Also to protect the network we had not allowed the server to even resolve internal names. To enable the edge server to talk to the pool I had created entries in the host file. However, I only created an entry for the FQDN of the pool and not of the individual servers in the pool by mistake. I added an entry into my host file for the FQDN of the front end server and that corrected my issue.

Although this won’t cure every 504, hopefully the methods used help shed some light on troubleshooting.

Keep in mind 504’s are usually routing, firewall, or DNS related and its best to troubleshoot them from the end receiving the error. If anyone is interested I can provide a copy of the log file (names and IPs changed of course).

2 Comments | Uncategorized | Tagged: 1 way IM, 504, 504 Communicator, Communicator, federation, ID 504, MOC, OCS, OCS 2007 R2, One Way IM, One Way IM Federation | Permalink
Posted by Kevin Peters

A certificate gotcha that got me, again…

January 13, 2010

As everyone who’s ever looked at OCS knows, you need certificates to make it work. Although certificates aren’t really too difficult once you have the hang of it, they seem to be a tough hurdle for a lot of IT folks to get over. I’m not going to attempt to explain PKI today, but I thought I might share a story about a gotcha that got me, twice. Hopefully my pain (although it was only a few minutes of troubleshooting this time) will help someone else.

So today, on a brand new install of OCS 2007 R2 with a consolidated EE pool and a consolidated edge I was unable to get into Live Meeting externally. I was being prompted for credentials when I clicked on the join meeting link. I also noticed an error and a warning in the OCS Log (in eventviewer). The warning was:

Log Name:      Office Communications Server
Source:        OCS User Services
Date:          1/13/2010 3:36:50 PM
Event ID:      32052
Task Category: (1006)
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:  pool1.us.domain.net

Description:
An HTTP application request sent to an Mcu or Service timed-out. Requests will be retried but if this error continues to occur functionality will be affected.

Url: https://ocsfe.us.domain.net:444/LiveServer/MCUFactory/
Cause: Network issues, non-provisioned MCU or non-functional MCU.
Resolution:
Ensure that the Service is provisioned and functioning correctly. If any network related errors are reported by the Service ensure that they are resolved.
Event Xml:
xmlns=”http://schemas.microsoft.com/win/2004/08/events/event“>
<System>
    <Provider Name=”OCS User Services” />
    <EventID Qualifiers=”33774″>32052
    <Level>3</Level>
    <Task>1006</Task>
    <Keywords>0×80000000000000</Keywords>
    <TimeCreated SystemTime=”2010-01-13T20:36:50.000Z” />
    <EventRecordID>2414</EventRecordID>
    <Channel>Office Communications Server</Channel>
    <Computer>pool1.us.domain.net</Computer>
    <Security />
</System>
<EventData>
    https://ocsfe.us.domain.net:444/LiveServer/MCUFactory/
</EventData>
</Event>

the error was:

Log Name:      Office Communications Server
Source:        OCS MCU Infrastructure
Date:          1/13/2010 3:35:29 PM
Event ID:      61013
Task Category: (1022)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      pool1.us.domain.net
Description:
The process ASMCUSvc(7596) failed to send health notifications to the MCU factory at https://ocsfe.us.domain.net:444/LiveServer/MCUFactory/.
Failure occurrences: 1021, since 1/13/2010 11:20:11 AM.
Event Xml:
xmlns=”http://schemas.microsoft.com/win/2004/08/events/event“>
<System>
    <Provider Name=”OCS MCU Infrastructure” />
    <EventID Qualifiers=”50174″>61013</EventID>
    <Level>2</Level>
    <Task>1022</Task>
    <Keywords>0×80000000000000</Keywords>
    <TimeCreated SystemTime=”2010-01-13T20:35:29.000Z” />
    <EventRecordID>2413</EventRecordID>
    <Channel>Office Communications Server</Channel>
    <Computer>pool1.us.domain.net</Computer>
    <Security />
</System>
<EventData>
    ASMCUSvc(7596)
    https://ocsfe.us.domain.net:444/LiveServer/MCUFactory/
    <Data>1021</Data>
    <Data>1/13/2010 11:20:11 AM</Data>
</EventData>
</Event>

Important to mention at this point is the certificate I was using for my pool was provided by a third party (Godaddy in this case).

At this point I opened up MMC and added the certificates snap-in for the computer account. I checked my certificate and it looked just fine, as did the intermediate certificate. However the trusted root cert for “Valicert” only had 2 purposes enabled (right click the certificate and choose “Properties” to see this).

At this point I selected “Enable All Purposes for this Certificate” and clicked “OK”

After clicking “OK” the issue was magically resolved. I saw some information related to this error on the MS forums here:

http://social.microsoft.com/Forums/en-US/commmunicatorim/thread/512bccc3-d624-4b11-91c1-5d52aca3c195

But it wasn’t very obvious to find so I figured I’d post here just in case someone else runs into the same issue. Hope this helps someone out there!

-kp

Leave a Comment » | Uncategorized | Tagged: 32052, 32052 warning, 61013, 61013 warning, A/V Authentication, Live Meeting, Live Meeting Prompts for authentication, OCS, OCS 2007 R2, OCS 32052 warning, OCS 61013 warning | Permalink
Posted by Kevin Peters

I’m no scripting guy….but

January 8, 2010

While working with Kevin Re, one of my clients at an OCS shop, he shared a very cool script with me and has agreed to allow me to post it online. Kevin’s script queried for the next 5 available phone numbers in an OCS environment and output them on screen; this helped him streamline new user creation. It also dumped all of the OCS users and their extensions into a TXT/CSV that can be used for other company phone number lists. After seeing this script in action I thought it would be great to take this script and expanded on it just a bit.

With Kevin’s permission I’m sharing his script with a few minor modifications we worked together on. So let’s dive in:

Pre-Req’s

* Powershell is required (servermanagercmd -i powershell – if you are running server 2008)

* Powershell must be modified to allow saved scripts to run (set-executionpolicy RemoteSigned)

* Run from your FE server

* Save the following code (between “Begin Code” and “End Code”) as a .ps1 file on your front end server (you can create a directory like C:\FindFreePhoneNumbers)

Begin Code:

# Set up the vars
# Set up starting extension
[void] [System.Reflection.Assembly]::LoadWithPartialName(“System.Drawing”)
[void] [System.Reflection.Assembly]::LoadWithPartialName(“System.Windows.Forms”)
$count
$find
$objForm = New-Object System.Windows.Forms.Form
$objForm.Text = “Starting Extension”
$objForm.Size = New-Object System.Drawing.Size(300,200)
$objForm.StartPosition = “CenterScreen”

$objForm.KeyPreview = $True
$objForm.Add_KeyDown({if ($_.KeyCode -eq “Enter”)
{$count=$objTextBox.Text;$objForm.Close()}})
$objForm.Add_KeyDown({if ($_.KeyCode -eq “Escape”)
{$objForm.Close()}})

$OKButton = New-Object System.Windows.Forms.Button
$OKButton.Location = New-Object System.Drawing.Size(75,120)
$OKButton.Size = New-Object System.Drawing.Size(75,23)
$OKButton.Text = “OK”
$OKButton.Add_Click({$count=$objTextBox.Text;$objForm.Close()})
$objForm.Controls.Add($OKButton)

$CancelButton = New-Object System.Windows.Forms.Button
$CancelButton.Location = New-Object System.Drawing.Size(150,120)
$CancelButton.Size = New-Object System.Drawing.Size(75,23)
$CancelButton.Text = “Cancel”
$CancelButton.Add_Click({$objForm.Close()})
$objForm.Controls.Add($CancelButton)

$objLabel = New-Object System.Windows.Forms.Label
$objLabel.Location = New-Object System.Drawing.Size(10,20)
$objLabel.Size = New-Object System.Drawing.Size(280,20)
$objLabel.Text = “Please enter the starting extension:”
$objForm.Controls.Add($objLabel)

$objTextBox = New-Object System.Windows.Forms.TextBox
$objTextBox.Location = New-Object System.Drawing.Size(10,40)
$objTextBox.Size = New-Object System.Drawing.Size(260,20)
$objForm.Controls.Add($objTextBox)

$objForm.Topmost = $True

$objForm.Add_Shown({$objForm.Activate()})
[void] $objForm.ShowDialog()

# Enter number of free extensions to find
[void] [System.Reflection.Assembly]::LoadWithPartialName(“System.Drawing”)
[void] [System.Reflection.Assembly]::LoadWithPartialName(“System.Windows.Forms”)

$objForm = New-Object System.Windows.Forms.Form
$objForm.Text = “Number of free extensions”
$objForm.Size = New-Object System.Drawing.Size(300,200)
$objForm.StartPosition = “CenterScreen”

$objForm.KeyPreview = $True
$objForm.Add_KeyDown({if ($_.KeyCode -eq “Enter”)
{$find=$objTextBox.Text;$objForm.Close()}})
$objForm.Add_KeyDown({if ($_.KeyCode -eq “Escape”)
{$objForm.Close()}})

$OKButton = New-Object System.Windows.Forms.Button
$OKButton.Location = New-Object System.Drawing.Size(75,120)
$OKButton.Size = New-Object System.Drawing.Size(75,23)
$OKButton.Text = “OK”
$OKButton.Add_Click({$find=$objTextBox.Text;$objForm.Close()})
$objForm.Controls.Add($OKButton)

$objLabel = New-Object System.Windows.Forms.Label
$objLabel.Location = New-Object System.Drawing.Size(10,20)
$objLabel.Size = New-Object System.Drawing.Size(280,20)
$objLabel.Text = “Please enter the number of free extensions to find:”
$objForm.Controls.Add($objLabel)

$objForm.Topmost = $True

$objForm.Add_Shown({$objForm.Activate()})
[void] $objForm.ShowDialog()

$find = [int]$find
$count = [int]$count
# Set up the vars
# Get the users and sort the info

   $a = get-wmiobject -class msft_sipesusersetting
   $a += get-wmiobject -class MSFT_SIPApplicationContactSetting
   $a = $a | Select-Object DisplayName, @{Name=”URI”; Expression = {if($_.LineURI -ne $null){[int]$_.LineURI.TrimStart(“tel:+”)}else{[int]0}}}
   $a = $a | Sort-Object -property URI

   $a | Export-Csv -path tel_list.txt

    $nomatch = 0
    ForEach ($user in $a)
    {

if ($user.URI -ge 1)
{

  if ($user.URI -ne $count)
  {
   While ($count -lt $user.URI)
   {
    $nomatch++
    $count
    $count++
    if ($nomatch -ge $find){break}
   }
   $count++
   if ($nomatch -ge $find){break}
  }
  else
  {
   $count++
  }

}
}

End Code

Now open power shell and execute your script, you will be prompted to enter your starting extension number and the number of free numbers you would like to find. Once you enter the information and click “OK” you will see a list of free extensions and a txt file will be created in the directory you ran the script from containing all users and extensions.

Kevin and I plan on doing some more tweaking of the script and will likely add more functionality to it shortly. Stay tuned, and if you have suggestions on functionality or changes feel free to post.

Credit where credit is due:

More than 90% of the work involved in this script was performed by Kevin Re (not me, another Kevin) and he was nice enough to share.

The input boxes were based on code from this link with a few minor modifications.

http://www.microsoft.com/technet/scriptcenter/resources/pstips/feb08/pstip0208.mspx

*Updated 1/8/2010 2:10 PM to include response group objects in the output file

Leave a Comment » | Uncategorized | Tagged: extensions OCS, find free extensions OCS, find free phone numbers OCS, OCS, OCS 2007 R2, OCS as a PBX, Phone Numbers OCS | Permalink
Posted by Kevin Peters

What to do when your customer’s WAN is actually firewall to firewall VPN’s

December 17, 2009

Recently I began planning for a centralized deployment of OCS that would sit in one of 6 offices for a client we’ll call Acme Accounts. Acme will start out using OCS for IM, P2P audio/video and Live Meeting; eventually OCS will grow into a full blown enterprise voice solution. The first big hurdle for us when designing Acme’s OCS implementation was their “WAN”, instead of typical MPLS or point to point connections, Acme uses its internet connections and ASA firewalls in each location to create VPNs that allow traffic to route between sites. The latency created by this solution has never been an issue, but voice and video were never running over this connection either. Here’s a look at a diagram of the environment:

To make things a little more complicated, the internal domain name (acmeaccounts.com) matched the external name and all DNS in each site is active directory integrated (ADI) as it should be. With ADI zones, all DNS servers share the same zones, so we can’t have different records in each site to use public IP’s for OCS instead of private IPs to bypass the VPN.

Since the VPN between sites introduces extra latency we wanted to route the traffic for OCS straight through the internet and not through the site to site tunnels. This would mean users in each office would have the same experience as users on the internet. Not a perfect scenario, but with 10 to 20 mb connections in each location and not a ton of use, this is the best solution until the WAN is put in place.

On to the details… Since the edge server sits out in a DMZ that has a 100 MB connection to the HQ ASA (but isn’t behind it) I felt comfortable that letting the HQ users connect through the firewall to the edge, instead of straight to the front end was an acceptable solution. The big benefit here is that all 5 other sites (most with as many or more users than HQ) can now use the public IP to connect and not have their traffic enter the VPN.

Here’s a look at the original DNS records:

Pool FQDD = Pool.acmeaccounts.com > 192.168.1.100
Autoconfig-SRV = _sipinternaltls._tcp.acmeaccounts.com > Pool.acmeaccounts.com

Here’s a look at how I configured the DNS records to send all the traffic to public IPs instead of private:

Audio/Video = av.acmeaccounts.com > 1.2.3.136

Access Edge = sip. acmeaccounts.com > 1.2.3.137

Meeting = meet. acmeaccounts.com > 1.2.3.138

Public Farm FQDN = abs. acmeaccounts.com > 1.2.3.139

Autoconfig-SRV = _sip._tls. acmeaccounts.com > sip.acmeaccounts.com

Here’s a diagram of what the environment looks like with OCS, now the clients in HQ actually go out the main firewall and over to the edge to get to the Front End server (follow the arrows from the MOC symbol to the OCSEdge):

Although it’s not a perfect solution it allows the client to have better performance for site to site P2P audio/video calls via MOC and Live Meeting. Once the WAN is in place and we’re ready to start rolling out voice, we’ll shift the records back to going straight to the front end server.

Leave a Comment » | Uncategorized | Tagged: Communicator, Live Meeting, MOC, MRAS; Edge Server, OCS, OCS 2007 R2 | Permalink
Posted by Kevin Peters

OCS Patches Released

October 30, 2009

Today a number of new patches were released including updates for OCSPE (Phone Edition), OCS and Communicator. Included in the Communicator update is a fix for the audio quality issue I wrote about here. As always please test all patches in a non-production environment.

Communicator:

http://support.microsoft.com/kb/972884/

OCSPE:

http://www.microsoft.com/downloads/details.aspx?displaylang=en&familyid=565595be-6cf3-4a61-a1e4-12555749ca64

OCS Server Roles:

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b3b02475-150c-41fa-844a-c10a517040f4

Leave a Comment » | Uncategorized | Tagged: 8540, catalina, Communicator, CX700, Hotfix, MOC, MOC Phone, OCS, OCS 2007 R2, OCS Patches, static, static on phone, Tanjay, USB | Permalink
Posted by Kevin Peters

PCMS Best Practices Seminar – shameless self promotion

October 21, 2009

For those of you in the southern Ohio area this seminar may be of interest. My company (PCMS) will be holding our annual best practices seminar October 29th, 2009 at the Cintas Center. This years seminar features presentations from a number of our partners (Microsoft, Symantec, VM Ware) and yours truly will be co-presenting on UC with Travis Swank from Microsoft.

Aside from the presentations we will also have a demo room where you can get a hands on look at OCS 2007 R2, SharePoint, Windows 7 and other technologies. The demo room will include hands on utilization of OCS devices such as round tables, tanjays, catalinas and a number of other devices. If you’re interested in attending please hit this link or email marketing@itadvisorgroup.com with your details. You can also download the invitation from here for more detail.

3 Comments | Uncategorized | Tagged: Best Practices Seminar, OC 2007 R2, PCMS, Unfied Communications | Permalink
Posted by Kevin Peters

MS09-056 (KB 974571) may break OCS 2007 R2

October 14, 2009

*UPDATE: Microsft has added more information to the original KB here, including a fix. Thanks to Tom L (LCSKid) for the update on twitter.*

This morning I had a customer call that had applied patches and OCS wasn’t working. A quick google lead me to :

http://projectdream.org/wordpress/2009/10/13/kb974571-crypto-api-update-may-break-office-communications-server-2007-r2-installations/

I uninstalled 974571 for the customer and rebooted and they were back online.

I haven’t done any further testing as of yet, but as this is a big deal I wanted to get the word out quickly to those of you who read the ocsguy blog, please hold on applying this patch to your OCS environment for now. I’ll update once I have more information.

Leave a Comment » | Uncategorized | Tagged: 974571, 974571 breaks OCS, OCS 2007 R2, OCS as a PBX, OCS Patches | Permalink
Posted by Kevin Peters

Troubleshooting Live Meeting

October 8, 2009

During the past few months I’ve had a number of calls to troubleshoot Live Meeting connectivity issues, then earlier this week I worked with someone on the MSDN forums on the same topic. In most cases lately the issues have actually been DNS related, but I’ve also seen firewall and configuration issues cause this. The one common thing I see is most folks don’t know where to begin in troubleshooting their issues. Since this is a common issue, and something I’ve seen a number of search queries lead people to my site on, I thought it would be appropriate to share a few things I do when troubleshooting Live Meeting. Please keep in mind, the things I’m sharing are things that have helped me correct issues, there may be better ways to troubleshoot out there, if you know of one I’d encourage you to share.

Now on to the fun, to troubleshoot Live Meeting, I typically start out by turning on logging in the registry on my machine, you can do that here:

HKEY_Current_User\Software\Microsoft\Tracing\uccp\LiveMeeting

You’ll want to change the Reg_Dword to 1 as below

Now you attempt to join the meeting, after it fails you’ll go to %userprofile%\tracing on your local machine. There will be a file named “LiveMeeting-uccp-0.uccplog”, you can open this file with notepad, or snooper. I prefer to read these with notepad, but to each his own J.

There will be a lot of information in the log, so typically I start by searching for the word “fail”. That typically gets me to a good starting point, here’s what I saw in my most recent case:

10/05/2009|12:55:07.435 66C:E30 ERROR :: QueryDNSSrv GetDnsResults query: _sipinternaltls._tcp.ocsguy.com failed 0

10/05/2009|12:55:07.435 66C:E30 ERROR :: DNS_RESOLUTION_WORKITEM::ProcessWorkItem ResolveHostName failed 8007232b

10/05/2009|12:55:07.435 66C:E30 INFO :: QueryDNSSrv – DNS Name[_sip._tls.ocsguy.com]

10/05/2009|12:55:07.435 66C:1240 INFO :: CUccDnsQuery::UpdateLookup – error code=80ee0066, index=0

10/05/2009|12:55:07.435 66C:1240 INFO :: CUccDnsQuery::CompleteLookup – index=0

10/05/2009|12:55:07.515 66C:E30 ERROR :: QueryDNSSrv GetDnsResults query: _sip._tls.ocsguy.com failed 0

10/05/2009|12:55:07.515 66C:E30 ERROR :: DNS_RESOLUTION_WORKITEM::ProcessWorkItem ResolveHostName failed 8007232b

10/05/2009|12:55:07.515 66C:E30 INFO :: QueryDNSSrv – DNS Name[_sipinternal._tcp.ocsguy.com]

10/05/2009|12:55:07.515 66C:1240 INFO :: CUccDnsQuery::UpdateLookup – error code=80ee0066, index=1

10/05/2009|12:55:07.515 66C:1240 INFO :: CUccDnsQuery::CompleteLookup – index=1

10/05/2009|12:55:07.595 66C:E30 ERROR :: QueryDNSSrv GetDnsResults query: _sipinternal._tcp.ocsguy.com failed 0

10/05/2009|12:55:07.595 66C:E30 ERROR :: DNS_RESOLUTION_WORKITEM::ProcessWorkItem ResolveHostName failed 8007232b

10/05/2009|12:55:07.595 66C:E30 INFO :: QueryDNSSrv – DNS Name[_sip._tcp.ocsguy.com]

10/05/2009|12:55:07.595 66C:1240 INFO :: CUccDnsQuery::UpdateLookup – error code=80ee0066, index=2

10/05/2009|12:55:07.595 66C:1240 INFO :: CUccDnsQuery::CompleteLookup – index=2

10/05/2009|12:55:07.665 66C:E30 ERROR :: QueryDNSSrv GetDnsResults query: _sip._tcp.ocsguy.com failed 0

10/05/2009|12:55:07.665 66C:E30 ERROR :: DNS_RESOLUTION_WORKITEM::ProcessWorkItem ResolveHostName failed 8007232b

10/05/2009|12:55:07.675 66C:1240 INFO :: CUccDnsQuery::UpdateLookup – error code=80ee0066, index=3

10/05/2009|12:55:07.675 66C:1240 INFO :: CUccDnsQuery::CompleteLookup – index=3

10/05/2009|12:55:07.675 66C:1240 INFO :: Function: CUccServerEndpoint::OnDnsQueryCompleted

10/05/2009|12:55:07.675 66C:1240 ERROR :: HRESULT API failed: 80ee0066 = hrStatus. CUccDnsQuery::GetResults

10/05/2009|12:55:07.675 66C:1240 INFO :: CUccServerEndpoint::GetSipProviderProfile – Found no http proxy creds

10/05/2009|12:55:07.675 66C:1240 TRACE :: CUccServerEndpoint::UpdateEndpointState – Update state from 1 to 2. Status 0. Status text (null).

10/05/2009|12:55:07.675 66C:1240 TRACE :: New mpss created: 00266848, stack=002C77F8, 0

10/05/2009|12:55:07.675 66C:1240 INFO :: MSP.SetMultipartySsnRole[00266848] 0->0

10/05/2009|12:55:07.675 66C:1240 TRACE :: MULTIPARTY_SESSION::SetConnectParams[00266848] n=Kevin P – OCSGuy, uri=sip:FA09EF31-17B1-4BBD-9106-E58DB95ECD9E@anonymous.invalid

10/05/2009|12:55:07.685 66C:1240 TRACE :: MULTIPARTY_SESSION::AddParty – Enter participant: sip:richl@ocsguy.com;gruu;opaque=app:conf:focus:id:81338d3f5f1447aca1082e4cb5347678, this=sip:FA09EF31-17B1-4BBD-9106-E58DB95ECD9E@anonymous.invalid, RM=(null)

Although it looks like a lot of information (and it is), the important thing we see in this case is:

ResolveHostName failed

Keep in mind it is ok to see a few of these, the live meeting client is looking up a number of different SRV records at once to see what is out there, and if it finds one it will use it. It’s when all of them fail that there is a problem.

Now that we see a DNS problem I want to share a common saying around our office (and maybe elsewhere) is: “If your car won’t start its DNS”. It’s a funny saying, but it’s something that has stuck with me since I first heard it around 4 years ago. Troubleshooting anything really just needs to begin with the question of can I connect to it, and can I resolve its name. As I know I can’t resolve it from my DNS servers, I’ll start by checking the authoritative servers for that domain.

Here are the commands I used to do this starting from a command prompt:

NSLookup

Server 4.2.2.1

Set Type=NS

Ocsguy.com

This brings back a list of authoritative name servers for the domain, should look like this:

Now we can set our name servers as one of the authoritative servers for the domain, that way we know we’re getting the correct answer when we query:

After querying I found that none of the expected SRV records actually existed for the domain, once the records were created everything worked like a charm.

They certainly aren’t all that easy, but I think this is a good starting point.

Now for some useful links:

http://support.microsoft.com/kb/200525 – article on how to use NSLookup

http://www.microsoft.com/downloads/details.aspx?FamilyID=149e5dd5-eaae-46b6-afba-01c31e88a275 – Edge Server Planning Tool

http://www.microsoft.com/downloads/details.aspx?FamilyID=06793661-CD69-4490-BB4B-E97DD271209D&displaylang=en – OCS Planning Tool

Hope this helps, feel free to comment back with links to other blogs you find useful or tips on how you do it.

1 Comment | Uncategorized | Tagged: kitchen sink solution, Live Meeting, OCS, OCS 2007 R2, troubleshoot live meeting, troubleshooting live meeting | Permalink
Posted by Kevin Peters

Some OCS stats from a live environment

September 23, 2009

Although most of the blogs I write lean towards the technical side of things, today I was working through some cost savings estimates associated with implementing OCS in our environment at PCMS and I wanted to share. If you following any of the many OCS folks on twitter, I’m sure you’ve seen some other folks post stats like these, so I thought I’d share as well. I’ll start with a little background on our company:

PCMS is a company based out of the UK, but for the purpose of this article I’m only going to speak about our American offices primarily. We have around 100 people in the U.S., around half of those people come into the office on a regular basis, the rest are hardly ever here.

We utilize OCS for our main PBX, with around 25% of our staff still on a legacy system; we plan to move the rest to OCS within the next year.

Now on to the stats:

17394 IM Sessions totaling 171,354 IM Messages

10620 Communicator to Communicator calls totaling 85793 minutes of audio without a PSTN charge (a large number of these cross the pond to folks in our UK office using Communicator)

392 Conferences with 1822 guests, totaling 27732 minutes of conferencing

10692 PSTN calls

What that has meant to us so far, other than the cool factor of having single number reach and IM that works with the big 3 public providers is a good amount of cost savings. We have eliminated a large amount of travel costs by using Live Meeting, and we’ve cut out $4,000 in audio conferencing expenses in the past 3 months alone.

I’m sure many of you have similar stories, not quite as impressive as what Microsoft saved this year, but still a good thing to see.

6 Comments | Uncategorized | Tagged: Audio Bridge, kitchen sink solution, Live Meeting, OCS, OCS 2007 R2, OCS 2007 R2 ROI, OCS as a PBX, OCS Cost savings, OCS ROI, Shiny new OCS, Shiny new PBX | Permalink
Posted by Kevin Peters