Author: Adam Fowler

Forwarding a Response Group Externally in Lync 2010

Posted on December 12, 2013June 27, 2014 by Adam Fowler

In Lync 2010, there are Response Groups. Read about them on Technet here http://technet.microsoft.com/en-us/library/gg398513.aspx – in summary they are a way of getting a call to a group of users, with the option of an nteractive voice response (IVR). There’s a whole lot of options around it, but sometimes a scenario comes up where you want to force all the Response Group calls to another number that’s not a part of your Lync system (such as a mobile phone).

Assuming you have a working Response Group already (if not, here’s a guide http://blogs.technet.com/b/ilvancri/archive/2010/11/23/creating-a-response-group-in-lync.aspx), you’ll need to go into the Queue tab for Response Groups, choose your Queue and tick the box for ‘Enable queue overflow’.

Next, change the ‘Maximum number of calls’ to 0 which means every call is an overflow call, and set the ‘Call action’ to ‘Forward to telephone number’. In the SIP address field, you can now enter the external phone number to transfer calls to.

This external number should be in the format ‘sip:[email protected]’ so for an Australian mobile it’s +61 for Australia, then 4xx xxx xxx.

This seems simple so far, but when you test it you may find a problem where your call doesn’t get diverted. If you’re using a Lync phone, you may see a message around not having permission to make the call, or you may just get disconnected.

This is because by default, a Response Group doesn’t make calls so there’s no Voice Policy assigned to it. Voice Policies allow different features such as call forwarding and call transfers – all your normal Lync users will have one. Read more about it here http://technet.microsoft.com/en-us/library/gg412891.aspx

So, you’ll need to set a Voice Policy to your Response Group. If you’re not sure what Voice Policies you have, run the PowerShell command Get-CsVoicePolicy to list all of them, or Get-CsVoicePolicy username to see a particular user’s Voice Policy.

Once you’ve worked out the policy, Grant-csVoicepolicy -identity ResponseGroupName -PolicyName VoicePolicyName will apply the Voice Policy and will let the Response Group transfer calls out.

Xbox One First Experience

Posted on November 25, 2013November 25, 2013 by Adam Fowler

On Friday, I happily collected my Xbox One and a few extra games and accessories:

Xbox One pre-order with Fifa 14 digital download
2nd Controller/Forza 5/Xbox Live 12 months pack
Xbox One Play and Charge Kit
Game – Ryse: Son of Rome
Game – Call of Duty: Ghosts

Lots of cool stuff to play with. By the way, this is all rather heavy. The Xbox One box could probably be used to stop a car rolling down a hill, and embarrasingly I somehow strained a leg muscle carrying it across town. My leg is still sore, and this goes to show how dangerous it is going outside. Some quick googling revealed that it’s 11.38 pounds shipping weight = 5.1kg!

In my eagerness waiting for launch day, I had pre-emptively downloaded the day one firmware update for the Xbox One from http://support.xbox.com/en-US/xbox-one/system/emergency-offline-update due to it weighing in a 1.2gb, and wondering how bad the giant Microsoft Azure farms would handle this. That plan failed as the link was then taken down, and it apparently didn’t work anyway. The patch ended up being 500mb.

Anyway, unboxing and setting up was quite easy. Power and power pack, HDMI cable, Kinect 2.0 cable and Network cable all went into the back, and I went to turn it on. I instinctively pressed the Xbox One logo on the front of the console, which lit up for a second and then faded. 30 seconds later I was checking the manual to see if I’d missed something in the first power on – which I hadn’t, which led me to discover that the power cable had fallen out of the power pack. Plugging that back in made the touch sensitive logo work by some sort of mystical ability.

The console then asked for several bits of information, and then updated itself. At this stage I decided to go to bed and come back in the morning to start playing games. How wrong I was.

The next morning, I started queueing up all the free stuff like most people do. Xbox Video, Xbox Fitness, Recorder, Kinect Sports, Killer Instinct. Then I thought it’d be a good time to play Ryse, but after putting the disk in and seeing it had a required update, I decided to just load up all the games I had and leave the thing going for a few hours. That few hours turned into about 12 hours.

In my desperation, I even tried plugging in a 4G Telstra dongle into my ADSL router in the hopes of some better speeds. It was actually worse, and speedtest.net revealed about a 2mbit connection, while my ADSL syncs at 2.5mbit. It was at this stage yet again I cursed the new government for crushing any hopes I had of NBN, and the previous government for taking too long.

The setup journey was finally completed, and I had a quick 2 player game of COD: Ghosts. Seemed fun enough, graphics weren’t overly exciting. The next morning I tried Ryse, and that was a lot more impressive. A quite fun game where you’re chopping people up, verbally telling armies to open fire and so on.

Coming back to what the Xbox One can actually do, there were several nifty things I noticed. Being able to snap an application like a game recorder, and switch between the snapped on app back to the game was a nice touch. Also just recording a game native to the console, then being able to share with friends or upload to Skydrive was stupidly easy. Here’s a clip I uploaded:

The Kinect itself I haven’t really used yet, apart from it auto identifying me and logging into my Live account instantly which is pretty cool. Voice commands seem to work quite well too – shutting off the Xbox just by saying “Xbox turn off” is nice. A full list of the voice commands is available here: http://support.xbox.com/en-US/xbox-one/kinect/voice-commands

The updated controllers aren’t too different to the old ones, and they’re fairly comfy to use.

I managed to bring up this error just by trying to play with my avatar. Not just wrong, but terribly wrong.

I could go on and on about it, but overall it seems like a decent machine. It seems like they’ve set a lot up to be future proof and a lot more functionality will come which is good.

If you’ve come here to find out if this is better or worse than a Playstation 4 – well I haven’t used one yet, and previously liked my PS3 better than the Xbox 360. I went Xbox One because PS4s are sold out, and I didn’t plan that far ahead :) I think both consoles will be good so you shouldn’t be disappointed whichever way you go – but do you want a sole gaming machine which will do that role a bit better (PS4) or something that does a lot of things like Kinect, TV passthrough etc (Xbox One)?

Full Mailbox Access to All Mailboxes in Exchange 2010

Posted on November 15, 2013September 14, 2016 by Adam Fowler

I’ll start this out by saying ‘Full Mailbox Access to All Mailboxes’ is generally a bad idea. It should be done on demand with the appropriate approvals and paper trails, but there are times when this may be needed – for example a service account for 3rd party software that has to read or add things to everyone’s mailbox in the company.

In my last post “End User Management of Distribution Groups in Exchange 2010” I explained how the new Role Based Access Control (RBAC) worked. Although this can be used to configure many things, it won’t give you full access to a mailbox as it’s an Active Directory based permission.

You can manually do this on a per mailbox level by either using the Exchange Management Console, or the Exchange Management Shell by following the Microsoft Technet documentation here and it’s fairly easy to convert this to all mailboxes in powershell, but that won’t help you with newly created mailboxes after running the command.

Yes you could run a daily task to get around that, but an alternative is giving AD access at the database level. Any existing or newly created mailbox will get permissions this way.

So, with that all in mind, the Exchange Powershell command to run on a particular database is:

Get-MailboxDatabase -identity “[mailbox database name]” | Add-ADPermission -user [username] -AccessRights GenericAll

If you don’t know what your databases are, just run ‘Get-MailboxDatabase’ or if you want to just apply the permissions to all databases:

Get-MailboxDatabase | Add-ADPermission -user [username] -AccessRights GenericAll

You can apply this to a AD group rather than a user which I’d suggest (no changes to the command required apart from typing the group name rather than user name), because it’s then easier to manage the members of the AD group than re-run this command. Also if you apply the settings to a particular user, and that user launches Outlook, all mailboxes they have full access to will auto-load into their Outlook session. Not ideal if you’ve got hundreds!

If you’d like to know more about the Add-AdPermission command, and the possible AccessRights settings check out this Technet article.

End User Management of Distribution Groups in Exchange 2010

Posted on November 14, 2013 by Adam Fowler

After migrating from Exchange 2007 to 2010 and addressing all immediate issues, we eventually hit a new issue. Managers of Distribution lists who previously could add and remove members, now couldn’t do it!

Changes to the public group membership cannot be saved. You do not have sufficient permission to perform this operation on this object.

So, why would this break going from Exchange 2007 to 2010, and why would there be a delay?

Role Based Access Control (RBAC) was a new feature introduced in Exchange 2010 which changed the way a lot of security worked. There’s a greatly detailed 4 part article from msExchange.org here http://www.msexchange.org/articles-tutorials/exchange-server-2010/management-administration/exchange-2010-role-based-access-control-part1.html which explains this in detail.

As far as the groups are concerned, they stay in a 2007 mode until they get updated. When updated (by something like adding/removing a member) you’ll get prompted about changing the object:

To save changes on object “Silly name”, the object must be upgraded to the current Exchange version. After the upgrade, this object cannot be managed by an earlier version of hte Exchange Management Tools. Do you want to continue to upgrade and save the object?

Once you do this, that particular object (distribution group) now runs under the new RBAC security settings.

By default, the RBAC security settings out of the box don’t allow anyone to be able to add or remove members to distribution groups. The Exchange Team Blog explains this perfectly here: http://blogs.technet.com/b/exchange/archive/2009/11/18/3408844.aspx and also leads onto a script which will probably set things up how you want. If you don’t read this carefully, you may end up applying the built in ‘MyDistributionGroups’ role to the ‘Default Role Assignment Policy’ which means everyone can create distribution groups – definitely not ideal in most environments. I started reading another blog post which said to do exactly that, but didn’t explain why or how it worked. Sure it fixes your immediate issue, but you’re opening up a lot more than what you should.

So it’s a fairly easy fix once you now how, but if you haven’t had to worry about RBAC before there’s a little bit to get your head around first before ticking boxes and hoping for the best.

A big thanks to @ExchangeGoddess and @24x7ITConnect for their assistance and guidance on this information.

SCCM 2012 R2 Slow Imaging Fix

Posted on November 11, 2013November 12, 2013 by Adam Fowler

Microsoft have released on 8th November 2013 a hotfix for SCCM 2012 R2, KB2905002. Unless you’re not using SCCM for imaging, this hotfix is a must. This fix fixes two seperate issues. The first which I’ll copy verbatim from Microsoft’s site is:

After you enable the PXE Service Point role on an instance of a specific distribution point, or you select the Deploy this boot image from the PXE-enabled distribution point property of a boot image, the Windows Deployment Service (WDS) stops running.

Pretty major bug. The second fix everyone would have noticed is around the slowless of deploying an image (a.k.a. OSD) from R2. It’s rather slow! Again, verbatim:

When operating system image files are downloaded to Configuration Manager 2012 R2 clients, you may find that the download takes longer than it did in previous versions of Configuration Manager 2012 clients. You may see this behavior when the target client is running Windows PE or a full Windows operating system.

You can download the fix from http://support.microsoft.com/kb/2905002 and the fix needs to be installed on pretty much any SCCM server you have. It will nicely create packages if you have lots of servers to push it out to, or you can just do it manually per server. It will stop and start services, and ask you to restart after installing in most scenarios so keep this in mind.

Distribution Points don’t need the update, even if they’re running as a PXE Service Point. You can’t run it on one (I tried!).

You’ll also need to run the hotfix against any PC running the console as there’s an update for that too.

Thanks yet again to @nickstugr for alerting me to the update.

Update 12/11/2013 – Confirmed that the patch has put deployment speeds back to how they once were.

Share this:

Share this:

Share this:

Share this:

Share this: