Presentation is loading. Please wait.

Presentation is loading. Please wait.

Session disclaimer This is a point of time view

Published byEustacia Barton Modified over 7 years ago

Similar presentations

Presentation on theme: "Session disclaimer This is a point of time view"— Presentation transcript:

1 Session disclaimer This is a point of time view
This session was recorded in November 2016 The features and functionality describe are current as of this date O365 is ongoing innovation Depending on how long ago this was, features and functionality might have evolved in the meantime If this training says something does not work, it might work now Always refer to latest trainings This training can be found at Go to for more trainings

2 Skype Academy presents: Clients
Skype for Business 2/5/2018 2:06 AM Skype Academy presents: Clients Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Version History Date Comment Author October 2016
Skype for Business 2/5/2018 2:06 AM Version History Date Comment Author October 2016 Consolidated clients and mobility deck © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 Agenda Session Scope Sign-in process Flows Troubleshooting
Skype for Business 2/5/2018 2:06 AM Agenda Session Scope Sign-in process Discovery, Authentication, Provisioning Flows Troubleshooting Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Scope Clients Latest versions Out of scope Training from October 2016
Windows PC, Mac, iOS, Android, Windows Mobile Latest versions Time of recording: October 2016 Out of scope Media Flows Modern Authentication Mobile Device Management, Mobile Application Management Training from October 2016

6 Client Sign-In Process
Skype for Business 2/5/2018 2:06 AM Client Sign-In Process Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Discovery Training from October 2016 Skype for Business
2/5/2018 2:06 AM Discovery Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 Cached service location
Clients cache service location %localappdata%\Microsoft\Office\16.0\Lync\<sip address>\EndPointConfiguration.cache file Will try cached information before discovery Training from October 2016

9 Discovery process Lyncdiscover Cloud-based discovery
Query DNS for lyncdiscoverinternal.<sipdomain> and lyncdiscover.<sipdomain> Cloud-based discovery If DNS does not provide response, cloud-based discovery is started Determines if SIP domain is homed in O365 Currently only supported by Lync 2013, Skype for Business 2015, Skype for Business 2016 Legacy SRV records and A records If cloud-based discovery is not successful, fallback to SRV records: _sipinternaltls._tcp.<sipdomain> and _sip._tls.<sipdomain> A records: sipinternal.<sipdomain>, sip.<sipdomain>, sipexternal.<sipdomain> Training from October 2016

10 Discovery process flow
Training from October 2016

11 Identifying the Server - Skype for Business 2016
2/5/2018 2:06 AM Identifying the Server - Skype for Business 2016 Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Autodiscover process lyncdiscoverinternal.contoso.com resolves to IP address of Front End web services Client constructs URL and sends HTTP GET request - Client receives two URLs in the response. The client uses that response to make a request to the to retrieve specific user home pool information. Client receives 401 Unauthorized response with Web Ticket Service (WTS) location in the header. For cloud discover, the server name would be respectively Training from October 2016

13 Autodiscover process – cont’d
Client submits a request to the Web Ticket Service to retrieve the metadata exchange document (MEX). Client submits a Request Security Token to Web Ticket Service and supplies credentials. Web Ticket is returned to the client Client makes request again to the to retrieve specific user home pool information and provides the web ticket. Skype for Business Autodiscover service obtains user’s Uri from web ticket. Skype for Business Autodiscover retrieves user info from registrar database and retrieves the user’s home pool respectively assigned Edge Server for external users Autodiscover will return the Edge Server assigned to their home pool for external users Training from October 2016

14 Autodiscover process Training from October 2016
<?xml version="1.0" encoding="utf-8"?> <AutodiscoverResponse xmlns:xsd=" xmlns:xsi=" AccessLocation="Internal"> <User> <SipServerInternalAccess fqdn="dcpool.contoso.com" port="5061" /> <SipClientInternalAccess fqdn="dcpool.contoso.com" port="5061" /> <SipServerExternalAccess fqdn="sip.contoso.com" port="5061" /> <SipClientExternalAccess fqdn="sip.contoso.com" port="443" /> <Link token="Internal/Autodiscover" href=" /> <Link token="Internal/AuthBroker" href=" /> <Link token="Internal/WebScheduler" href=" /> <Link token="External/Autodiscover" href=" /> <Link token="External/AuthBroker" href=" /> <Link token="External/WebScheduler" href=" /> <Link token="Internal/Mcx" href=" /> <Link token="External/Mcx" href=" /> <Link token="Ucwa" href=" /> <Link token="Internal/Ucwa" href=" /> <Link token="External/Ucwa" href=" /> <Link token="External/XFrame" href=" /> <Link token="Internal/XFrame" href=" /> <Link token="XFrame" href=" /> <Link token="Self" href=" /> </User> </AutodiscoverResponse> Training from October 2016

15 Server: Disaster Recovery considerations
Skype for Business 2/5/2018 2:06 AM Server: Disaster Recovery considerations Lyncdiscover Use GeoDNS that is aware of server availability Users (with Front End Pool Online) will still sign in SRV records and multiple Edge arrays Multiple SRV records will allow users to failover to other Edge pools Note: Mobile clients and Mac client will not use legacy behavior Note: Using SRV records, all clients sign-in against the same Edge Pool Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Registration Training from October 2016 Skype for Business
2/5/2018 2:06 AM Registration Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Registration SIP Register NTLM Training from October 2016
Skype for Business 2/5/2018 2:06 AM Registration SIP Register Returns SIP 401 Unauthorized with following: WWW-Authenticate: NTLM (least preferred) WWW-Authenticate: Kerberos WWW-Authenticate: TLS-DSK (most preferred) NTLM NT LAN Manager Security Protocol Challenge/Response authentication protocol Only requires protocol layer connectivity with AD Used for Remote login with domain user/pwd Watch for NTLMv2 vs NTLMv1 and 128bit Authentication methods can be disabled on demand Works when remote Inbound with signaling Client does not need AD connection Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Registration (Continued) – Server only!
Kerberos Mutual ticket auth based on trusted 3rd party (AD) Named after three headed Cerberus creature Preferred authentication protocol for AD Enables single sign-on by passing Kerberos ticket obtained after Windows logon Requires direct connection with AD Requires loosely synced time (<5min) Requires Skype for Business specific Kerberos account being provisioned and configured by Admin Client connects to AD Directly Used Internally Training from October 2016

19 Registration (Continued)
TLS-DSK Transport Layer Security-Derived Session Key Certificate based authentication Does not require connectivity to AD Enables branch office scenario Certificate validity ranges from 8hr to 365 days (default 180) Previous certificate used to obtain a new one Skype for Business self signed certificate No need to connect to Active Directory, not internal or external Training from October 2016

20 Web-Ticket Authentication
Web-ticket authentication used for Skype for Business WS ABS, DLX, ABS-WQ, RGS, Certificate Signing Service Enables authentication with bridging web proxies Web-Ticket is sent in message body, not transport layer Consolidates web service authentication under a single standards-based framework WS-Transfer, WS-Trust, WS-Security, SAML, SOAP, WS-MetadataExchange Training from October 2016

21 Web-Ticket Authentication
Skype for Business 2/5/2018 2:06 AM Web-Ticket Authentication Web tickets issued by Skype for Business Web-Ticket WS. Service can use NTLM, Kerberos, PIN, or Skype for Business Signed Certificate to authenticate. Requested upon demand (not before). Reused across Web Services requests by client until it expires. Use WebTicket to authenticate with other Skype for Business Web Services (ABS/DLX/Etc.) Use NTLM/Kerberos/PIN/TLS-DSK to obtain WebTicket Use WebTicket to obtain Skype for Business Authentication Certificate Use Skype for Business Certificate to renew WebTicket Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 1 SIP REGISTER 401 Unauthorized Authenticate with Certificate (TLS-DSK) Skype for Business Front-End WWW-Authenticate: TLS-DSK realm="SIP Communications Service", targetname=“SkypeDIR01.contoso.com", version=4, sts-uri= Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 Skype for Business Certificate Authentication
SIP Authentication (TLS-DSK): Step 1 (Register) Training from October 2016

24 Skype for Business Certificate Authentication
SIP Authentication (TLS-DSK): Step 1 (Unauthorized) Training from October 2016

25 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 2 Skype for Business Front-End Get Certificate Service MEX Document Skype for Business Certificate Web Svc Certificate service requires an existing certificate or a web-ticket to authenticate the user. Cannot get the certificate without a web ticket Contains Web-Ticket service URL Skype for Business Web-Ticket Web Svc Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 2 - POST Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 2 - RESULT Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 3 Skype for Business Director or Front-End Skype for Business Certificate Web Svc Request Web-Ticket MEX / Security Token Web-Ticket Security Token Skype for Business Web-Ticket Web Svc Skype for Business authenticates user with NTLM, Kerberos, PIN or TLS-DSK Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 3 – Request MEX Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 3 – Security Token NTLM or Kerberos Auth Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 3 – Security Token The ticket is returned Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

32 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 4 Skype for Business Front-End Certificate Signing Request Skype for Business Certificate Web Svc Skype for Business Signed Certificate Skype for Business authenticates with Web Ticket Skype for Business provides PKI key pair for user Certificate service publishes cert to FEs, replicates to SBAs, etc Get-CsClientCertificate returns information on published certificates Revoke-CsClientCertificate revokes client certificates on the server Skype for Business Web-Ticket Web Svc Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

33 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 4 – CSR Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

34 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 4 – Cert Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

35 Skype for Business Certificate Authentication
SIP Authentication (TLS-DSK): Step 5 SIP REGISTER with Skype for Business Certificate 200 OK Skype for Business Front-End If Skype for Business has no certificate, it tries NTLM/Kerberos during first logon. Speeds up sign-in process (Web service requests could time out during outage) After sign-in completes, a certificate will be fetched for the next logon session. Training from October 2016

36 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 5 – Register Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

37 Skype for Business Certificate Authentication
2/5/2018 2:06 AM Skype for Business Certificate Authentication SIP Authentication (TLS-DSK): Step 5 – 200 OK Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

38 Skype for Business Certificate Authentication
Skype for Business Signed Certificate = User Password Note: Saving password = saving certificate too Certificates stored in Windows Certificate Store Credentials stored in Windows Credential Manager To clean up a user, delete their certificate and credentials Windows Certificate Manager Windows Credential Manager Training from October 2016

39 Skype for Business Certificate Authentication
Skype for Business Signed Certificate = User Password Saving password = saving certificate too :Beware! Skype for Business Certificates stored in Windows Certificate Store. Skype for Business Credentials stored in Windows Credential Manager To clean up a user, delete their certificate and credentials Windows Certificate Manager Windows Credential Manager Training from October 2016

40 Client Provisioning Training from October 2016

41 Provisioning Provisioning process (in order)
Use debug string in Snooper to quickly find action Service: Client driven updates Subscribe: Server driven updates Function Debug String Type Location Profile application/ms-location-profile-definition+xml Service Contact List/Groups application/vnd-microsoft-roaming-contacts+xml Subscribe Policies application/vnd-microsoft-roaming-provisioning-v2+xml Get self presence application/vnd-microsoft-roaming-self+xml Publish presence application/msrtc-category-publish+xml Conferencing policy application/cccp+xml Media relay token application/msrtc-media-relay-auth+xml Training from October 2016

42 Provisioning: Location Profile
Obtains the user’s location profile (a.k.a Skype for Business “Dial Plan”) <LocationProfileDescription> <Name>USBellevue.foo.com</Name> <Rule> <Pattern>^(\d{7})t?$</Pattern> <Translation>+1425$1</Translation> <InternalEnterpriseExtension>false</InternalEnterpriseExtension> </Rule> <Pattern>^(206\d{7})t?$</Pattern> <Translation>+1$1</Translation> </LocationProfileDescription> Training from October 2016

43 Flows Training from October 2016 Microsoft Lync 2/5/2018
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

44 UCWA based clients Unified Communications Web API (UCWA)*
2/5/2018 2:06 AM UCWA based clients Unified Communications Web API (UCWA)* Provides services for real-time communications with mobile and Mac clients Mobility Service (MCX) This service supports client functionality, such as instant messaging (IM), presence, and contacts, on mobile devices and Mac client Autodiscover Service This service identifies the location of the user and enables mobile devices and other clients to locate resources—such as the internal and external URLs for Skype for Business Server 2015 and Skype for Business Web Services, and the URL for the MCX or UCWA—regardless of network location *Introduced with CU1 updates for Lync Server 2013 – March 2013 Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

45 Autodiscover internal
External DNS DNS Records: Lyncdiscover.domain.com <ExtPoolFQDN> Internal DNS DNS Records: Lyncdiscoverinternal.<sipdomain> <IntPoolFQDN> Internal SfB Training from October 2016

46 Autodiscover internal: client differences
Lync 2013, Skype for Business 2015/2016 Client will connect via SIP to home pool Skype for Business on Mac Client will connect via sip over https to internal UCWA Skype for Business Mobile clients Client will connect via sip over https to external UCWA Requires hairpin on firewall Training from October 2016

47 Autodiscover internal: mobile client
External DNS DNS Records: Lyncdiscover.domain.com <ExtPoolFQDN> Internal DNS DNS Records: Lyncdiscoverinternal.<sipdomain> <IntPoolFQDN> Internal SfB mobile Training from October 2016

48 Autodiscover – external
External DNS DNS Records: Lyncdiscover.domain.com <ExtPoolFQDN> Internal DNS DNS Records: Lyncdiscoverinternal.<sipdomain> <IntPoolFQDN> External SfB Training from October 2016

49 Autodiscover external: client differences
Skype for Business 2015/2016 Client will connect via SIP to Edge Pool It will be the Edge Pool assigned to home pool of the user Skype for Business on Mac and Mobile Client will connect via sip over https to via Reverse Proxy to external UCWA It will be the Reverse Proxy assigned to the home pool of the user Training from October 2016

50 Media Connectivity Leverages concepts such as STUN, TURN, ICE
Microsoft Lync 2/5/2018 Media Connectivity Leverages concepts such as STUN, TURN, ICE Candidate Negotiation Determine the most optimum path for connectivity Functions the same as desktop and mobile clients Out of Scope Deep dive on STUN, TURN and ICE Training from October 2016 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

51 Troubleshooting Training from October 2016

52 Tools Training from October 2016

53 Microsoft Skype for Business
2/5/2018 SIP Traffic Debug using Snooper Tool Included in Skype for Business Debugging Tools Logging in client: set to “Full” Used to read SIP channel logs between Client and Server. Includes full client registration process and actions like calling, presence updates etc Training from October 2016 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

54 Microsoft Skype for Business
2/5/2018 SIP Traffic Training from October 2016 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

55 Microsoft Skype for Business
2/5/2018 Web Traffic Debug using Fiddler Fiddler will allow debugging HTTPS secured traffic by performing a man in the middle attack on the local machine Used for Web Service access like Exchange Web Services, Address Book, Response Groups, Group Expansion, Location Information Service, Web Ticket, Call Via Work (including call setup) … Training from October 2016 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

56 Microsoft Skype for Business
2/5/2018 Web Traffic Training from October 2016 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

57 Windows Training from October 2016

58 Windows Logs *.UccApiLog
Lync 2013/Skype for Business 2015 client %userprofile%\AppData\Local\Microsoft\Office\15.0\Lync\Tracing Skype for Business 2016 client %userprofile%\AppData\Local\Microsoft\Office\16.0\Lync\Tracing Create a clean log Get sure logging is enabled in client Quit client Delete all files from tracing folder Start client Reproduce problem Training from October 2016

59 Mac client Training from October 2016

60 Log Collection Collect logs button Training from October 2016
2/5/2018 2:06 AM Log Collection Collect logs button Skype for Business > Preferences > General The SfbMac.log contains all data from the current session. The SfbMac.old.log contains all logging from the previous session Skype For Business.blog contains media stack information that is encrypted and can only be verified by Microsoft using internal tools. System_Profile.log contains information about the system like hardware and system resources, devices, and OS version Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

61 Clearing Logs and Cache files
2/5/2018 2:06 AM Clearing Logs and Cache files rm -rf ~/Library/Containers/com.Microsoft.SkypeForBusiness/Data/Library/Application\ Support/com.microsoft.SkypeForBusiness rm –rf ~/Library/Containers/com.Microsoft.SkypeForBusiness/Data/Library/Caches/com.microsoft.SkypeForBusiness rm -rf ~/Library/Containers/com.Microsoft.SkypeForBusiness/Data/Library/Saved Application\ State/com.microsoft.SkypeForBusiness rm -rf ~/Library/Containers/com.Microsoft.SkypeForBusiness/Data/Library/Caches/com.microsoft.skypeforbusiness.shellapp rm -rf ~/Library/Logs/LwaTracing rm -rf ~/Library/Containers/com.Microsoft.SkypeForBusiness/Data/Library/Preferences/com.microsoft.SkypeForBusiness.plist defaults delete com.microsoft.SkypeForBusiness killall cfprefsd Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

62 2/5/2018 2:06 AM Doing a full capture (Logs + System + Network Capture + system_profiler) Close the client Remove the cache using previous slide Start a capture with (sudo tcpdump -w ~/Desktop/CaptureMSFT.pcap) Clear the DNS cache (sudo killall -HUP mDNSResponder Clear the CRL cache (sudo crlrefresh r f) Repro the issue Stop the capture on step 3 with Control+C Run system_profiler with (system_profiler > ~/Library/Containers/com.Microsoft.SkypeForBusiness/Data/Library/Logs/com.microsoft.SkypeForBusiness/systeminfo.txt) Collect the files ~/Desktop/CaptureMSFT.pcap ~/Library/Containers/com.Microsoft.SkypeForBusiness/Data/Library/Logs/com.microsoft.SkypeForBusiness/*.* ~/Library/Containers/com.Microsoft.SkypeForBusiness/Data/Library/Logs/LwaTracing/LccMedia/*.* /var/log/system.log Training from October 2016 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

63 Fiddler on the Mac Collect the HTTPs traffic
Microsoft Lync 2/5/2018 Fiddler on the Mac Collect the HTTPs traffic 1 – Enable Fiddler on PC and let remote users to connect 2 – Install the Fiddler Root CA cert on the Mac by accessing Fiddler Echo Service: and downloadingFiddler Root Certificate. Normally on address>:8888/ 3 – Configure your network proxy settings on Mac OS Network Advanced Settings: Training from October 2016 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

64 Summary Training from October 2016

65 Resources Trainings, trainings, trainings
Microsoft Lync Connectivity Analyzer Media flows in Skype for Business Skype for Business Server 2015, Debugging Tools Fiddler Training from October 2016

66 Community Discuss Ask Feedback https://aka.ms/sofcommunity
With people from Microsoft and your peers from other companies Ask Need some clarification? Just ask! Feedback Need additional content? Spotted an error? Let us know Training from October 2016

67 Training from October 2016

Download ppt "Session disclaimer This is a point of time view"

Similar presentations

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Understanding Active Directory

Understanding Active Directory
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Office 365 Upsell Paths.

Office 365 Upsell Paths.
Cloud Management Gateway Deep Dive

Cloud Management Gateway Deep Dive
Identity; What you need to know to be in the Microsoft Cloud

Identity; What you need to know to be in the Microsoft Cloud
Session disclaimer This is a point of time view

Session disclaimer This is a point of time view
Understanding Media Flows in Microsoft Teams and Skype for Business

Understanding Media Flows in Microsoft Teams and Skype for Business
Office 365 Migration – Understanding Migrations Part 1

Office 365 Migration – Understanding Migrations Part 1
När verkligheten hälsar på

När verkligheten hälsar på
Training disclaimer This is a point of time view

Training disclaimer This is a point of time view
O365 & AZURE ADDS Mladen Baranek, Miadria

O365 & AZURE ADDS Mladen Baranek, Miadria
Microsoft Virtual Academy

Microsoft Virtual Academy
9/11/2018 12:51 AM Cloud Roadshow © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO.

9/11/ :51 AM Cloud Roadshow © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO.
Lync 2014 6/12/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Lync /12/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
SaaS Application Deep Dive

SaaS Application Deep Dive
6/17/2018 5:54 AM OSP322 Getting the best of both worlds, making the most of SharePoint hybrid search solutions Shyam Narayan Microsoft © 2013 Microsoft.

6/17/2018 5:54 AM OSP322 Getting the best of both worlds, making the most of SharePoint hybrid search solutions Shyam Narayan Microsoft © 2013 Microsoft.

Similar presentations

Ads by Google