Check out the most comprehensive, actively managed Lync blog roll in the known universe, your one-stop source for links to over 100 of the very best Lync blogs. Here you will also find weekly blog highlights and a feed for a dozen of the top blogs.
Lync Server Support Home
Top Lync Solutions RSS Feed
Microsoft Senior Support engineers walk you through real-life support cases, giving you an insider’s view into the systematic approach they use to troubleshoot Lync Server issues.
These short videos focus on specific tasks and show you how to accomplish them for Microsoft Lync Server 2010.
The Microsoft Support Team works around the clock to assist customers in troubleshooting issues with Lync Server. In each article in this new NextHop series, senior Microsoft Support engineers walk you through a real-life support case, giving an insider’s view into the systematic approach they use to troubleshoot the issue. These incidents are picked based on areas seeing top support volume.
You know the saying: “Give a man a fish and you feed him for today. Teach a man to fish and you feed him for a lifetime.” Well, that is our intention with this series: To help you solve your own issues within specific areas with the same prescriptive steps that Microsoft Support engineers used to troubleshoot the issue.
Today’s article, the third in the series, comes from our esteemed colleague, Premal Gandhi, who initiated and leads this NextHop series. As a Microsoft Senior Support Program Manager, currently Premal engages with several teams within Microsoft on a biweekly basis and presents cumulative feedback to the Product Team through Lync Red Zone. You will find him interacting with Lync MVPs on monthly MVP calls too. He drives addressing Top Support Issues, which also feeds the Lync Top Solutions site.
Prior to this, Premal was Senior Escalation Engineer for Lync Product, working with customers and product team on critical issues, including but not limited to identifying product improvements through deep code debugging and analysis. He also authored the Lync Diagnostics Packages for Client and Server, available through the Microsoft Fix It Center.
Author: Premal Gandhi, Microsoft Senior Supportability Program Manager
Publication date: August 21, 2012
Product version: Lync Server 2010, Lync 2010, Exchange Server 2010
Keywords: delegate access, conferencing
The Microsoft Lync Conferencing workload allows a delegate to schedule a meeting on behalf of a manager. In this article, we explore an inconsistency between Exchange and Lync permissions, which resulted in a support incident in which the delegate was unable to complete this task.
This article addresses a specific problem scenario in detail, but the intention is to provide a general thought process to follow when encountering this and other similar issues.
For this scenario, we provide a case study of a Microsoft Support incident in which a manager’s admin was unable to successfully schedule a meeting for the manager.
The admin is designated to schedule Lync meetings on behalf of the manager. But he encounters a permissions issue with setting up a meeting and doesn’t know why.
This article introduces the reader to different tools and options to detect the permissions issue and then correct it. The solution is aimed at detecting the issue at the admin level, without disturbing the manager.
To begin this scenario, the manager allows a delegate (in this case, the admin) to manage her Outlook mail and calendar. Here’s the procedure she follows:
To allow a delegate to manage your mail and calendar within Outlook
1. From Outlook, click the File tab.
2. Click the Account Settings drop-down arrow, and then click Delegate Access.
Figure 1. Shows the Delegate Access option available in Outlook 2010.
Figure 2. Shows the Default Permissions available for a delegate.
Because her Lync account is Enterprise Voice enabled, the manager also wants to allow her admin to manage her Lync calls. Here’s the procedure she follows:
To allow a delegate to manage your Lync calls
1. In Lync, click Tools, click Options, and then click Call Forwarding.
2. Click Edit My Delegate Members, click Add, and then from the Add Contacts drop-down, scroll to and double-click the name of your delegate. The delegate’s name will then appear in the Call Forwarding – Delegates box.
3. Click OK.
Figure 3. Shows how to access the Call Forwarding settings within Lync 2010.
Now that everything is set up, it’s time for the admin to schedule an online meeting on behalf of the manager. Here’s the procedure he follows:
To schedule an online meeting on behalf of your manager
1. Open Outlook, and from the Calendar tab, select your manager’s Calendar.
2. Select a time, and on the Outlook ribbon, click New Online Meeting.
3. Create a test meeting, and send the invite.
Hopefully, this process goes smoothly and the meeting invite launches as expected. The remainder of this article addresses what to do if the meeting does not launch as expected.
Now the trouble begins. When trying to set up the meeting, the admin receives an unexpected Outlook message, as shown in Figure 4 below. How can this occur? The admin is baffled.
Figure 4. Shows a prompt for permissions, as seen by the delegate when scheduling a meeting for the manager.
As it turns out, the issue is caused by a permissions inconsistency between Exchange and Lync, which in this case was caused by an accidental modification of the delegate’s permissions by the manager. Figure1 and Figure 2 above show the permissions that need to be consistent.
To resolve this issue, the delegate must make sure that the permissions in Exchange and Lync are synchronized, as shown in Figure 1 and Figure 2 above.
To begin with, the delegate checks the UI for both the manager and the delegate, as shown in Figure 5 and Figure 6 below. Does the manager’s UI show the correct delegate (in this case, Delegate01)? Does the delegate’s UI show the correct manager (in this case, Boss01)? Okay then, so far, so good.
Figure 5. Manager’s UI, under Delegates: Shows the manager’s delegates.
Figure 6. Delegates UI, under People I Manage Calls For: Shows the delegate’s manager.
Next, the delegate checks the UCCP logs. This is where things get considerably more interesting.
Locate the 200 OK response to the IP SUBSCRIBE
request for Event: vnd-microsoft-roaming-self.
03/11/2012|16:19:25.980 90C:4D0 INFO ::
DataReceived - 192.168.100.148:5061 (To Local Address: 192.168.100.21:64196)
22574 bytes:03/11/2012|16:19:25.980 90C:
4D0 INFO :: SIP/2.0 200 OK
Locate the 200 OK response to SUBSCRIBE message for
03/11/2012|16:46:06.362 AF4:CA8 INFO :: Data Received - 192.168.100.148:5061 (To Local Address: 192.168.100.137:55826) 4914 bytes:
03/11/2012|16:46:06.362 AF4:CA8 INFO :: SIP/2.0 200 OK
TLS-DSK qop="auth", opaque="EF866A37", srand="AF28F922", snum="5", rspauth=
0c67437e62d77f19830", targetname="CS-FE01.contoso.com", realm=
"SIP Communications Service", version=4
Kerberos qop="auth", opaque="F44B44FC", srand=
d782af55bb0668c160db4233", targetname="sip/CS-FE01.contoso.com", realm="SIP Communications Service", version=4
CSeq: 1 SUBSCRIBE
Now the delegate needs to verify the following for the manager only:
No verification required.
<delegate uri="Delegate01@contoso.com" publish="false" redelegate="false"/>
NOTE: If the delegate setup is modified after the
manager signs in, the above changes are reported
to the client via BENOTIFY message, for Event:
<subscriber user="Boss01@contoso.com" displayName="Boss01" acknowledged="false" type="sameEnterprise">
Shows the delegates Access Control List (ACL)
in the manager’s calendar in MFCMapi.
See Figure 7 below.
Cannot detect on the Delegate.
Figure 7. Shows the delegates ACL in the manager’s calendar in MFCMapi.
However, sometimes things just aren’t this easy. So if the above investigation does not resolve your issue, complete the following steps and then enlist assistance from Microsoft Support:
1. From the server, collect dbAnalyze information for the manager and delegate, and upload to Support. Here’s how:
a. From Microsoft Lync Server 2010 Resource Kit Tools, download OCSReskit.msi. The .msi installs all the tools in \Program Files\ Microsoft Lync Server 2010\ResKit. (Tools that are self-contained executables are in this folder. Tools that also have files are in their own sub folders.)
b. Locate, install, and run the DBAnalyse tool. To install Dbanalyze.exe, copy it to a local folder and then run the tool. To use the tool, run the following command from the command line.
dbanalyze.exe [/v] [/report:value] [/sqlserver:value] [/user:firstname.lastname@example.org] [/conf:value][/pstnid:Value] [/maxcontacts:value]
NOTE: DBAnalyze can be run only from a domain-joined computer that has Lync Server 2010 installed.
Standard Edition: C:\Program Files\Microsoft Lync Server 2010\Reskit>DBAnalyze.exe /report:user /user:<email@example.com>
Enterprise Edition: C:\Program Files\Microsoft Lync Server 2010\Reskit>DBAnalyze.exe /report:user /user:<firstname.lastname@example.org> /sqlserver:<FQDN of the SQL Server>\rtc
2. Upload the output of the above as BossDbAnalyze-<Date-time>.zip and DelegateDbAnalyze<Date-Time>.zip.
3. Collect logs for the Microsoft Lync Support Team to analyze, as follows.
Verify Tracing is enabled.
See Figure 8 below.
No action here.
Start Outlook and Log in.
Verify Delegate Access, as described above in these procedures:
● To allow a delegate to manage your mail and calendar within Outlook
● To allow a delegate to manage your Lync calls
Start OCS Logger on the Front End Server, where manager and delegate are homed and Log for SipStack, UserServices components (Level -> All, Flags -> All Flags).
See Figure 9 below.
Start Lync and Log in.
Set up a test meeting as described above in this procedure:
● To schedule an online meeting on behalf of your manager
4. Now verify that the issue reproduces, as shown in figure 4.
Verify that logging is turned on.
See Figure 10 below.
Exit out of Lync
Exit Out of Lync
Collect all logs under %userprofile%\tracing and upload to support.
Click View Logs, click Package for PSS or just Click View, and then collect the converted text file.
Upload these logs as Boss-<Date-time>.zip.
Upload these logs as Delegate-<Date-time>.zip.
Upload these logs as Server-SipStack-UserServices-<Date-time>.zip.
Figure 8. Shows how to verify that logging is turned on.
Figure 9. Shows the OCSLogger options to enable and collect logging.
Figure 10. Shows the prompt for permissions seen by the admin when scheduling a meeting for the manager.
5. Collect the output of MrMapi from the manager, as follows:
a. Download MrMapi from http://mfcmapi.codeplex.com/releases/view/73290#DownloadId=280885.
b. From the Start menu, click Run. In the Open text box, type Cmd, and then click OK.
c. In the command prompt, type whoami, and then press enter to make sure you have the desired user.
d. In the command prompt, type MrMapi.exe -Acl -Folder "@PR_IPM_SUBTREE_ENTRYID\Calendar" > BossCalendarACLs.txt.
6. Upload these logs as BossCalendarACLs.txt.
You are now prepared to enlist Microsoft Support in troubleshooting your issue.
In this article, you got a glimpse of how Microsoft Support engineers systematically troubleshoot real-life support cases. It is our hope that following these same processes yourself will assist you in troubleshooting this and other similar issues. If you do get stuck, however, the information you gathered in completing the above process will help Microsoft Support efficiently resolve your issue.
To learn more, check out the following articles: