Lync 2013 On-Prem with UM – migration to Office365 email, Skype and UM

This is going to be more of a stream of thought than a specific guide.  There are a lot of moving parts in this and no one seems to have the whole answer.  So, here’s what I’ve been working around so far.

Of course, you must have a tenant set up in Office365.  It must have Azure AD Connect, or whatever they’re deciding to call it these days, functioning correctly.  There’s plenty of resources for getting that far, so I won’t rehash that.

Many of the commands are run in the Lync PowerShell on the FE.

“Get-CsHostingProvider” should look like this:

Identity : LyncOnline
Name : LyncOnline
ProxyFqdn : sipfed.online.lync.com
VerificationLevel : UseSourceVerification
Enabled : True
EnabledSharedAddressSpace : True
HostsOCSUsers : True
IsLocal : False
AutodiscoverUrl : https://webdir.online.lync.com/Autodiscover/Autodis
coverService.svc/root

The syntax is:  Set-CsHostingProvider -Identity “LyncOnline” -VerificationLevel UseSourceVerification -HostsOCSUsers $True -EnabledSharedAddressSpace $True -AutodiscoverUrl https://webdir.online.lync.com/Autodiscover/AutodiscoverService.svc/root

 

Download the SkypeOnlinePowershell.exe.  I’m not going to link to it because Microsoft likes to change locations. Install that on the same Lync FE.
Then, in the Windows Powershell:

Import-Module SkypeOnlineConnector
$cred = Get-Credential
$CSSession = New-CsOnlineSession -Credential $cred -OverrideAdminDomain “yourcompany.onmicrosoft.com”
Import-PSSession $CSSession -AllowClobber
Get-Service “msoidsvc”
Set-CsTenantFederationConfiguration -SharedSipAddressSpace $true

msoidcli is another download from Microsoft.  That and the SkypeOnlinePowershell are plugins to enable functionality.  You’ll probably need them.

You then need to move a pilot user to the online system.  The command is:  Move-CsUser -Identity user@sipdomain.com -Target sipfed.online.lync.com -Credential $creds -HostedMigrationOverrideUrl https://adminXX.online.lync.com/HostedMigration/hostedmigrationservice.svc -DomainController dc-internal-name.local

The adminXX url needs to be grabbed from your S4B online admin portal.  It’s just that part of the url that you see when you’re in the S4B dashboard.  The identity is the test user you want to migrate.  I ran into a lot of trouble getting this to work.  I had to figure out the above commands and then I had to wait for the SharedSipAddressSpace to take affect.  It was not immediate.

At the moment I’m still not able to route calls properly, but the user is showing up in the online S4B admin interface as being migrated.  Lync also shows the user being in LyncOnline.  I’ll edit this post as I make progress.

Grafana, Telegraf, Smokeping, oh my…

So, I’ve been working on something.  I keep seeing all of these very nice home lab dashboards on /r/homelab and I thought it would be useful to create one for myself.  I present to you, my home dashboard, which is hanging in the kitchen on an old iPad we weren’t using:

Getting to this point was not without challenges.  In fact, it was painful at times.  I’m going to try to document my setup here.  Because of all of the twists and turns along the way, I would say this is not a complete guide.  There are parts of this that you’ll have to figure out for yourself.  It also assumes some knowledge of linux, Ubuntu in particular.  If I get comments asking about specific sections, I’ll try to update the post with current info.

So, what do we have here?  The picture you see above is made up of a number of components.  InfluxDB is a time based DB, much like RRDTool or the original MRTG.  It’s designed to take in datapoints, tag them with a timestamp, and then move on.  It might be capable of more, but we’re not using it for anything else.  Grafana is the visualization tool that creates what you see above.  Grafana is very configurable, which I’ll dive into more in a bit.  The final piece of the puzzle is data collection.  There are a number of ways to get data into InfluxDB.  I’m using Telegraf and some interesting scripting.

Let’s start by getting some links in here.  I’ll update this as I update the post.

This is where it all started for me:

https://lkhill.com/using-influxdb-grafana-to-display-network-statistics/

This was useful for the Grafana configuration:

Setup a wicked Grafana Dashboard to monitor practically anything

InfluxData, which includes InfluxDB and Telegraf

https://www.influxdata.com/

Grafana for the visualization:

http://grafana.org/

The “SmokePing” stand-in:

https://hveem.no/visualizing-latency-variance-with-grafana

The Unraid tools:

https://lime-technology.com/forum/index.php?topic=52220.msg512346#msg512346

Ok, here we go…

First, I would start with the top link to lkhill’s instructions.  Use that to get up and running with InfluxDB and Grafana installed.  DO NOT follow that guide for the InfluxSNMP install.  Telegraf takes care of SNMP now.  If I recall, InfluxData wants your…data, in order to download InfluxDB.  It’s cool though, because they’ll send you some swanky stickers.  I believe these are still valid instructions for installing Telegraf:  https://docs.influxdata.com/telegraf/v1.1/introduction/installation/

I would suggest getting to this point with InfluxDB, Grafana and Telegraf installed and not throwing errors before you proceed with any configuration.  I know I’m skipping a lot of things that might not work without some tweaking.  Like I said, I’ll update this if I get feedback that these installations need to be detailed.  Add the data source as shown in lkhill’s instructions.

At this point you should have some data being populated for the localhost and the data source should have been available.  I would suggest diverting from lkhill’s instructions at this point.  Instead of adding a graph for SNMP stats (we have none at this point), let’s set up a graph of the local CPU utilization.  Add a new dashboard and then click on the small green square in the upper left.  Click on the “A” select statement and it’ll expand to show you options for finding the data.  Clicking on each of the fields will either give you a drop down list of options, or it might give you an X above the item.  For instance, if you click on mean() you’ll get the x above that.  Click the x to delete mean().  Clicking the + at the end of each row will give you a list of options to add from.  Try to get your selection to look like this:

Click the big X out on the right of the tab bar, past Time range, to close the edit and return to the dashboard.  Congrats, you just made your first dashboard!  Let’s get some useful data in there.

First thing to take care of is to add SNMP.  Go to /etc/telegraf/ and edit telegraf.conf.  If there’s not a conf file, there might be a template called dpkg-dist in there.  If not, you can create a new template.  I found this extremely helpful for working through Telegraf issues:  https://github.com/influxdata/telegraf  You can also go right to the SNMP readme at https://github.com/influxdata/telegraf/tree/master/plugins/inputs/snmp

You can see that Telegraf has quite a few plugins for gathering data.  SNMP is only one part of it.  Some configuration is necessary to start using Telegraf.  Near the top of the file are general settings that must be configured.  Make sure in the OutputPlugins section the urls, database and username/password are uncommented and correct.  The database can be called whatever you want, and you can have multiple databases in Grafana.  Find the “inputs.snmp” section and we’ll begin editing it.  Here’s mine:

# # Retrieves SNMP values from remote agents
[[inputs.snmp]]
agents = [ “192.x.x.x:161” ]
timeout = “5s”
version = 3

max_repetitions = 50

sec_name = “SNMPv3User”
auth_protocol = “SHA” # Values: “MD5”, “SHA”, “”
auth_password = “topsecret”
sec_level = “authPriv” # Values: “noAuthNoPriv”, “authNoPriv”, “authPriv”

priv_protocol = “AES” # Values: “DES”, “AES”, “”
priv_password = “alsotopsecret”

name = “nutanix”
[[inputs.snmp.field]]
name = “host1CPU”
oid = “1.3.6.1.4.1.41263.9.1.6.1”
[[inputs.snmp.field]]
name = “host2CPU”
oid = “1.3.6.1.4.1.41263.9.1.6.2”
[[inputs.snmp.field]]
name = “host3CPU”
oid = “1.3.6.1.4.1.41263.9.1.6.3”
[[inputs.snmp.field]]
name = “ClusterIOPS”
oid = “1.3.6.1.4.1.41263.506.0”
[[inputs.snmp.field]]

name = “Host1MEM”
oid = “1.3.6.1.4.1.41263.9.1.8.1”
[[inputs.snmp.field]]
name = “Host2MEM”
oid = “1.3.6.1.4.1.41263.9.1.8.2”
[[inputs.snmp.field]]
name = “Host3MEM”
oid = “1.3.6.1.4.1.41263.9.1.8.3”

[[inputs.snmp]]
agents = [ “192.x.x.x:161” ]
timeout = “5s”
retries = 3
version = 2
community = “topsecret”
max_repetitions = 10

name = “ERX”
[[inputs.snmp.field]]

name = “Bytes.Out”
oid = “1.3.6.1.2.1.2.2.1.10.2”
[[inputs.snmp.field]]
name = “Bytes.In”
oid = “1.3.6.1.2.1.2.2.1.16.2”

I’ve edited the IP addresses and security info, so make sure that matches whatever you have set up.  Oh yeah, you have to enable SNMP on your devices!  A couple of key points for this, you can have different SNMP versions or authentication methods defined by adding a new [[inputs.snmp]] for each one.  I’m also using the full OIDs, but you can see in the template that it’s possible to reference a MIB by name as well.  Save that and exit.  You can test the file with

telegraf –config telegraf.conf -test

This will give you lines for each device you’ve configured and show you what the response is.  If you don’t see data, something’s wrong with the snmp config.

Aerohive issues

Just a quick reminder note about something I’ve run into with Aerohive a couple of times.  If you get too anxious and start changing the config and rebooting quickly, the APs will get confused and seem to go into a waiting period.  Things will behave oddly, and you’ll get error messages like “There’s an admin modifying the config”, or something to that effect.  Just be patient, and either wait for or perform a full reboot.  And then be patient.  It seems like these things just need some time to get caught up occasionally.

Also, I ran into a situation where non-Apple devices would connect fine, but all Apple devices would either say “Unable to join” or “Incorrect password”.  No rhyme or reason to it.  Eventually, after several reboots, the Apple devices magically started working.  Again, just be patient.  It’s not like applying changes to a standalone AP, or even a local controller.  There’s that Internet thing getting in the way!

Ubiquiti UAP-AC-LR in the house!

I’ve been having some trouble with my two Apple Airport Extreme’s in the house.  They are both a couple of generations old and I got them both used off of Ebay some years ago.  They’ve served me well and provided good throughput and signal coverage.  For some reason I can’t explain, in the last month they’ve become slow and buggy.  Maybe it was an update.  Regardless, I’ve had my eye on the new AC APs from Ubiquiti and this was a good excuse to pull the trigger.

So, I decided to get a couple of the LR models, partly because I want more coverage out in the yard, partly because they are less expensive and partly because they are readily available.  I set up the Unifi controller in a VM in Nutanix first, and installation could not have been easier.  So far, I’m very happy with the coverage and performance.  I’ve been getting good coverage in the house, and I’m able to still use them at almost 200′ away from the house.

 

Busy, busy, busy

I’m loaded up pretty heavily on classes this semester.  I’m trying to finish up my BS in IS Management.  The workload as I get into 400 level classes has increased significantly.  I have a number of projects that have fallen to the side including:

Learn and understand nRF24l01 radios for Arduino to RPi communication.

Cobra electrical system (This hurts the most, perhaps.  I got the dash “in” but still have some loose ends to tie up before calling the electric done)

Better understand AWS topologies. Related, set up a Puppet server in house and connect it to the XenServer I’ve stood up.  XenServer 6.2 is open source now!  I’d also like to replace VMWare with XenServer and be able to do live migrations in house.  I was having trouble with the Mythbuntu ISO booting properly but it looks like it might just be the distro.

Continue to get away from SageTV.  It still runs.  I’m waiting for the day where that’s not the case.  I think I need to go towards MythTV.  There just isn’t a good alternative.

Around December I need to make a run at the CCDP. I need to renew the CCNP and only need one test for the CCDP.  Might as well add to the acronyms.

Anyway, enough of my sob story.

Stacking a Cisco 3750x into a plain 3750 stack

I’ve had all kinds of problems with this tonight. Luckily, none have affected the operating stack which is a pair of 3750’s. Not E’s or V2’s but original 3750’s. I’m trying to add a 3750X which is supposed to work just fine. I’ve done all kinds of things including about 10 different versions of 12.2.55 to no avail. I had another problem with the 3750x being LANBASE so I got a temp license (which I’ll have to pay for) for the IPBASE image. The versions, license levels and all of that are exactly the same. Then I stumble across this post:

1
2
3
I recently stacked 3750x-48pf-s running ip base with 3750v2-24. I originally attempted to use 12.2(55) but the stack failed to initialize, almost like the stack ports on the 3750x were err-disabling.

After some hair pulling I downgraded to 12.2(53) ( lowest version supported by both) and it did a full EEPROM rewrite on the 3750x. The stacking worked properly after that.

That is exactly my problem!

I’m currently installing 12.2(53) and it’s running a lengthy microcode update. I mean lengthy. This better work!

Update: Downgrading all of the switches to 12.2(53) worked although the new 3750x decided to be master and wiped out my config. Good thing we had a backup.

More vSphere and VT-d, some success but not for long

I made another attempt at using VT-d for my cameras by going with Zoneminder under Linux. This actually worked and seemed to work ok but I really dislike Zoneminder! I tried Motion and kMotion instead and the good news is it works…for longer. I’m still having problems with kernel crashes after a day or two. It’s encouraging but I’m not sure I want to fuss with it anymore. Maybe I’ll try Zoneminder one more time just in case the kernel wants to behave.

Cisco 7945G and SIP with Asterisk

I’ve been trying to get a 7945 with SIP to work with Asterisk and it just doesn’t want to register. Turns out the SIP load of 9.2.1 is broken, at least for asterisk. I’ve reverted to 8.5.4 and it seems to be working now.

I figured this out by downloading the log from the phone, finding : Error: cc_cfg_table is null and googling for that. No one comes right out and says it’s broken but everyone having problems is running a 9.x version.

vSphere and VT-d not so rosy

Actually, it works but with limitations. No shock there. It turns out the PV-149 CCTV capture card I’m trying to pass through presents each channel as a separate Video and Audio device. What that means is I end up with 8 PCI devices that need to be extended. I’m running into a problem that might be specific to VMWare or VT-d where I can’t passthrough more than 6 PCI devices. This isn’t too big a deal as I don’t use the audio channels but I’m worried now that the missing audio is causing some BSOD’s. I’m still investigating.

Otherwise, vSphere is running pretty nice.