• Blog Post: Updated: Creating a Certificate Revocation List Distribution Point for Your Internal Certification Authority

    Certificates rely on certification authorities to maintain an updated list of revoked certificates issued by the public key infrastructure. Certificates are revoked for a number of reasons—not all revocations are for compromised certificates or nefarious reasons. It is essential that when a computer...
  • Blog Post: Protecting the Edge Server Against DoS and Password Brute-Force Attacks in Lync Server 2010

    Companies that allow employees to remotely sign in to Microsoft Lync Server 2010 communications software from the Internet can be susceptible to denial-of-service (DoS) and brute-force attacks. Both types of attacks involve guessing users' passwords or locking out user accounts when too many incorrect...
  • Blog Post: Lync Server Admin Guide: Configuring Security

    This article is part of the Microsoft Lync Server 2010 Administration Guide: PowerShell Supplement . Create a New Registrar To create a Registrar To create a new collection of proxy configuration settings, use the New-CsProxyConfiguration cmdlet: New-CsProxyConfiguration...
  • Blog Post: Haiku #194

    Turn out the lights, the Party's over: today's our Last haiku (for now). Today is a very auspicious, and somewhat sad, occasion: it marks, for the moment anyway, the end of the Lync Server PowerShell Haiku of the Day. (Trust us, we thought this day would never come, either.) Believe it or...
  • Blog Post: Troubleshooting Windows Firewall with Advanced Security and Office Communications Server

    When Windows Server 2008 was introduced, it brought with it a number of really great features. One feature that has the potential to increase the security profile of the server is Windows Firewall with Advanced Security (referred to as the Advanced Firewall). Because the Advanced Firewall provides rules...
  • Blog Post: Certificate Authentication in Lync Server 2010 and Enterprise PKI

    NTLM, Kerberos, and TLS-DSK are the three available authentication packages for registered Lync endpoints. By default, all Lync clients and Lync telephony devices authenticate against Lync servers using the new authentication package, TLS-DSK. This article explains which features in a Lync Server deployment...
  • Blog Post: Cumulative Update for Lync 2013: July 2013

    Microsoft Support has released a cumulative update for Lync 2013, which includes the Two-factor Authentication feature, as well as new functionality for the Lync 2013 Desktop Client. Author : Tim Rich, Microsoft Technical Writer Publication date : July 29, 2013 Product version : Lync 2013 ...
  • Blog Post: Deploying Lync – Jump Start Series

    Check out this three-day course on Lync Server 2010 Configuration and Administration, which Brian R. Ricks and Aaron Steele presented to a worldwide audience of over 500 participants. This 18-part series covers all major Lync Server features and configurations, which will help students prepare for the...
  • Blog Post: Split-Brain Domain Name Services for Communications Server

    There is much to think about in the design of your network perimeter for Office Communications Server-several services are offered in the perimeter network through the Edge Servers. The primary goal when implementing a split-brain DNS solution is to provide a near total disassociation of the internal...
  • Blog Post: DirectAccess and Communications Server 2007 R2

    The direct scoop about DirectAccess and Office Communications Server 2007 R2-read on to find out. Author: Rob Pittfield Publication date: March 2010 Product version: Office Communications Server 2007 R2 We’ve recently seen some questions on Twitter and a few other sources regarding...
  • Blog Post: Cumulative Server Update Installer Available on Microsoft Download Center

    The Cumulative Server Update Installer is now available on the Microsoft Download Center. The installer contains all the currently available Microsoft Office Communications Server 2007 R2 updates bundled together in a single package. Author: Seth Paul Publication date: May 2010 Product version...
  • Blog Post: Haiku #153

    We're gonna party Like it's 1582. Setup permissions. Last week the author of today's haiku got an interesting email from one of the internal departments here at Microsoft, a message that said, in part, "You are receiving this message because you have been identified as a(n) requester/approver...
  • Blog Post: Haiku #178

    Kerberos? OK, Then you can come in. Proxy Configuration. TGIF: Thank God it's Friday! Needless to say, after a difficult week in which he had to work two days in a row , the author of today's haiku is excited to see the weekend coming. And not a moment too soon. You know, we wondered...
  • Blog Post: Lync Server 2010 Security Documentation

    The Lync Server 2010 Technical Library is your one-stop-shop for the official product documentation. This documentation, managed by the Lync Server documentation team, is updated frequently. Be sure to bookmark this important resource and come back often to get the latest information on Lync Server....
  • Blog Post: Haiku #148

    It's a dirty job, And we don't have to do it. Kerberos passwords. Today is going to be a great day. How do we know that? Well, for one thing, it's currently 55 degrees and drizzling here in Redmond; how could you not have a great day after you get off to a start like that? On top of that...
  • Blog Post: Haiku #119

    Don't get scrammed and don't Worry about your passwords. Kerberos accounts. This morning the author of today's haiku noticed an email in his Junk Mail folder that had the following subject line: DON'T GET SCRAMMED!!! Definitely not wanting to get scrammed, the author of today...
  • Blog Post: Lync Server 2010 External User Access Security Overview

    After a security audit for a new or existing Lync Server 2010 deployment, questions often arise regarding potential security risks created by giving external user access to Lync Server 2010. This article provides a high level overview and answers to the most commonly asked questions pertaining to external...
  • Blog Post: Haiku #188

    Test certificate: Do not try this at home. Try Something else instead. The author of today's haiku has always had an affinity for product disclaimers, those little warning labels that tell you why you should never, ever use whatever it is you just bought. Car makers – and car company...
  • Blog Post: TechEd North America 2012: Lync Sessions

    TechEd is Microsoft's premier technology conference for IT professionals and developers, offering the most comprehensive technical education across Microsoft's current and soon-to-be-released suite of products, solutions, tools, and services. TechEd offers hands-on learning, deep product exploration...
  • Blog Post: Security Bulletin: Vulnerabilities in Lync Could Allow Remote Code Execution

    Security update Microsoft Security Bulletin MS12-039 resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft Lync. The most severe vulnerabilities could allow remote code execution if a user views shared content that contains specially crafted TrueType...
  • Blog Post: Cumulative Updates for Lync Server 2010: June 2012

    Microsoft Support has released the June 2012 Cumulative Updates for the following Lync products: Lync Server 2010 Cumulative Updates for Lync Server 2010 - June 2012 Lync Server 2010, Group Chat Cumulative Updates for Lync Server 2010, Group Chat Administration Tool - June 2012 ...
  • Blog Post: Hotfix Rollup 4 for Forefront Security for Office Communications Server

    Microsoft has released Hotfix Rollup 4 for Forefront Security for Office Communications Server. Date : April 2, 2012 Products : Lync Server 2010, Office Communications Server 2007 R2, Office Communications Server 2007 Hotfix Rollup 4 allows FSOCS to be installed on Lync 2010 (running on Windows...
  • Blog Post: Protecting the Edge Server Against DoS and Password Brute Force Attacks in Office Communications Server

    Companies that allow employees to sign in to Office Communications Server remotely from the Internet can be susceptible to denial-of-service (DoS) and brute-force attacks. These kinds of attacks involve guessing users' passwords or locking users out of their accounts when too many incorrect password...
  • Blog Post: TechEd Europe 2012: Lync Sessions

    TechEd is Microsoft's premier technology conference for IT professionals and developers, offering the most comprehensive technical education across Microsoft's current and soon-to-be-released suite of products, solutions, tools, and services. TechEd offers hands-on learning, deep product exploration...
  • Blog Post: How Changes to Public Certification Authority Standards Will Affect You

    Certificates and the public key infrastructure are complex topics, even without having to understand impending change. Changes in the request criteria and format of certificates—subject name, common name, subject alternative name—are coming in November 2015. Although this may sound like the...