18 Months at Modality Systems

Wow, time does fly when you are having fun, I’ve now been at the multi-award winning Modality Systems for 18 months after a flippant tweet:


landed me a job interview.

And that’s the thing. There is no way I would ever have applied to work here, these guys are the Lync Skype for Business rockstars!

Tom A, Ben Lee, Tom Morgan, Justin Morris, etc etc

why would little ol’ me working for a housing association with my limited experience of Gateways and Contact Centres ever get considered for a job there?

It turns out that the main reason is attitude. I fit into the organisation as someone who champions (what I think) is the second best bit of software Microsoft produce - first for me is the killer combination of Exchange and Outlook – that tool runs my life - anyway, back on topic:

I love to learn about features, bugs, and finding things out about the underlying fabric (geek joke). And as my long suffering wife will attest, I’m usually reading Twitter and catching up on blogs most evenings (“put that phone away and watch the film” – Valentines 2015).

So what am I trying to say here?

In short – we're always on the lookout for new faces and we’ve got some jobs going here right now:

https://www.modalitysystems.com/careers/categories/uk

If you have experience with voice in Lync or Skype for Business (or even if you don't!) please throw your hat into the ring. Even if you think your experience with that Sonus and a single Front End its not going to be enough. Even if you think why would we need someone who only supports 50 people but you are excited for the technology. YOU are that person we are looking for. We can teach all the other stuff, but attitude and the eagerness to learn is what we prize here.

So what does Modality Systems offer in return?

Good salary, pension, healthcare. Cracking team events. Top notch Summer and Christmas parties.

Check out Glassdoor for some reviews of us. Staff turnover is very low so we must be doing something right. :-)

You can't join a meeting from outside Lync 2013, Lync 2010, or Skype for Business on iOS

Every time Apple updates the IOS operating system it appears to break the meeting join functionality for the Lync/Skype for Business app. I'm tracking here when the Server CU comes out that fixes this, when and with what CU:

Last updated: 17th November 2016

Version KB Skype for Business 2015 Lync 2013 Lync 2010
IOS 10
3204849 - Nov 2016
6.0.9319.272
3204546 - Nov 2016
5.0.8308.974
IOS 9.2 - 9.x



IOS 9.0 - 9.1



CloudPBX Voicemail Play on Phone strangeness....

A little quirk that has been thrown up as we've been moving more of our internal staff to "THE CLOUD" is that voicemail playback seems inconsistent in its delivery.

Scenario:


Voicemail left for me. I can see it in my Outlook inbox:



And its showing up as an MP3 attachment in IOS:



I decide that I want to listen to the voicemail discreetly as it may contain sensitive content so instead of just pressing the play button so that it comes out of my speakers I press the Play on Phone in the Outlook message.....



Outlook asks where I want to play the message, I leave this as the default as I want it to ring my SfB client.....



Call connects and I get "End of message, press 1 to replay message" In an British accent. Strange I think, maybe the call didn't connect in time. So I press 1 on the keypad and the ever helpful Microsoft lady again says "End of message, press 1 to replay message" Its almost like she can't deal with the encoding of the file.

After hanging up I confirm I can listen to the message on both the play icon in Outlook and the MP3 file on the iPhone. Both succeed.

Moving over the Sfb Client (Office 2016 MSI), I can see the voicemail and pressing the play icon plays the voicemail locally via my default communication device - result, the whole office hasn't heard that message.







At this stage I think it must be a problem with Office365 not being able to deal with the message.

For fun I then try via Call Voice Mail feature in the client expecting it to not work....



But it does..... Announced by a nice American accented lady.....

ookkaaay....

I then move back to the Play on Phone and notice that all of the voice prompts are in British English. At this point I'm assuming that somehow using local Outlook I'm being forced via the old on-prem Exchange Server that can't handle the cloud mailbox (this assumption is 'cause of the British accent).

For fun I move over to Outlook on the Web for Business ( I remember the days of Outlook Web Access) and get that to call me, assuming that I'll have the American lady again and she'll be able to play me the message.






And the Brit starts speaking to me...... I navigate the voice tree and she says she'll play the message (telling me the time the VM arrives and also who it is from "Plus fourty four, seven seven seven five....." etc)......

.....and there's no content again . So at this point in time its like the American lady can understand the MP3 file but the British one can't - and that's probably as its an American invention: https://en.wikipedia.org/wiki/MP3#Development  ;-) 

I've raised a ticket with Microsoft and will update this post when I get a response.

-----------------------------------
Update: 21st November 2016

On the ongoing ticket we have confirmed that a user who is homed on-prem for SfB but on Office365 for Exchange can consistently hear the message. Still no word on why though.

Sonus SBA now with Skype for Business.

If your Sonus Survivable Branch Appliance is still sitting as a 2010 or 2013 Lync Branch Site then from today you can  grab the ASM image to move to a SFB Branch Site :-)

File is:

ASM-IMAGE-SKYPE2015SBA-WS2012R2_SBC1k2k-release5.0.4.zip

And you'll need to patch it to CU3 (June 2016 - 6.0.9319.259) straight away which is:

ASM_Skype_2015_CU-2016-Jun.pkg

For the above you'll probably need to upgrade your licensing on the gateway by getting in touch with your local re-seller and obtaining new license keys and stickers (!)



Office 365 SfB Migration - phone weirdness

Have been moving users from on-prem Skype for Business to Office 365 over the last few weeks 

The users will be homed on Office 365 with voice breakout remaining on-prem for the moment.

After moving one user saw the following strangeness:


Usually the number will normalizes nicely to E164 format but for Jo it hadn't. When drilling down into the user account had the following message:



"The country/region codes of the online dial plan and the telephone number don't match so international calling might not work as expected"

Interestingly Jo could make and receive PSTN calls with no issue (in region, didn't try international) so it just seemed cosmetic.

On looking at the account in the on-prem SfB control panel the only difference from other users who had been moved correctly was that the Tel had an upper case "T":


I changed this to a lower case "t", forced a sync to O365 and this did not solve the problem. I'm making a stab that the sync process did not see this as a change worthy of uploading.

To fix I changed the on-prem number in the SfB Control Panel to not have the ext attribute and forced a sync:

The changed back to the correct lineuri:
After one final sync all was showing up correctly:








Need to add a shed load of contacts to Skype for Business - AutoHotKey to the rescue!

A customer had the need to add approx 200 external contacts to a single Skype for Business user where there was no access to the backend database or PowerShell.

To do this I went back in the mists of time and cracked open a copy of AutoHotKey....

.....well, I did once I disabled Windows Defender:

So now I've got it downloaded and installed lets get on with the show:

We have two files:


  • Adds.txt which contains the sipuri's of all people you want to add (these can be people in your organisation and external).
  • ContactsAdd.ahk which is the actual code.

You can download these both from my DropBox (no love for OneDrive now they have curtailed the amount of free space!), but the code is here if you want to play with it by hand.

Note that this is very rough and ready code so probably could be tidied up considerably. Usual warranties apply, test in a lab, not for production use, YMMV, don't eat yellow snow. etc. etc.

#NoEnv  ; Recommended for performance and compatibility with future AutoHotkey releases.
; #Warn  ; Enable warnings to assist with detecting common errors.
SendMode Input  ; Recommended for new scripts due to its superior speed and reliability.
SetWorkingDir %A_ScriptDir%  ; Ensures a consistent starting directory.


;start SfB/Lync
run, Lync.exe

;bring SfB to the foregroud - change this if using Lync 2010 or 2013 in "classic" mode
winwaitactive, Skype for Business 

;start a loop and open adds.txt for reading
loop, read, adds.txt
{
;read the first line of the file and fill a variable called A-LoopReadLine with the file
loop, parse, A_LoopReadLine, %A_Tab%
{
;send some tabs, spaces, down keys etc to get to "add a contact not in my organisation"
send, {Tab}{Tab}{Tab}{Tab}{Tab}{Space}{Down}{Enter}{Enter}
;send the contents of the variable to SfB
Send, %A_LoopReadLine%
;Hit enter
send, {Enter}
;Move from Contacts tab to next tab....
Send, {Control Down} 2 {control Up}
;....and back again
Send, {Control Down} 1 {control Up}
}
;Loops round until the end of the file
}

Latest CU for Skype for Business out. Moves version to 6.0.9319.235

 Following components updated:

  •  Performance Counters
  •  Response Group Service
  •  Conferencing Attendant
  •  Web Components Server
  •  Front End server and Edge server
  •  Core Components


Noted Additions, Fixes and Updates:
Adds the Active Directory Authentication Library (ADAL) feature to Microsoft Skype for Business Server 2015.
https://technet.microsoft.com/en-us/library/mt710548.aspx

Windows 10 users who use Edge can't join a meeting from Skype for Business Web App
https://support.microsoft.com/en-us/kb/3095143

The Response Group service crashes when you change the value in the dbo.Agents table
https://support.microsoft.com/en-us/kb/3141112

An improvement to allow PSTN callers to join a Skype for Business meeting without a PIN.
https://support.microsoft.com/en-us/kb/3141121

You can't join a meeting from outside Lync 2013, Lync 2010, or Skype for Business on iOS 9.2 and later.
https://support.microsoft.com/en-us/kb/3126487

Server-side conversation history in branch site deployments is no longer supported in the March 2016 cumulative update.
https://technet.microsoft.com/en-us/library/gg398217(v=ocs.15).aspx (no further information at this URL)

Call transfer from a PSTN call to a federated user fails in Skype for Business Server 2015
https://support.microsoft.com/en-us/kb/3141120

Event 1000 occurs and the Rtcsrv.exe process crashes on a Skype for Business Server 2015 Front End server
https://support.microsoft.com/en-us/kb/3141114

Event ID 47067 and the HTTP stack goes into Overflow in Skype for Business Server 2015
https://support.microsoft.com/en-us/kb/3141123

Debug-CsInterPoolReplication returns "BATCHES OUT OF SYNC" error in Skype for Business Server 2015
https://support.microsoft.com/en-us/kb/3141122

Tab key expansion process returns non-relevant parameters to Shared Line Appearance cmdlets
https://support.microsoft.com/en-us/kb/3141119

"Endpoint failed to login" error when you run SLA-related cmdlets more than 20 times in Skype for Business Server 2015
https://support.microsoft.com/en-us/kb/3141118

Delegate data is not removed when you run the Remove-CsSlaDelegates cmdlet in Skype for Business Server 2015
https://support.microsoft.com/en-us/kb/3141117

ADFS 3.0 is supported for OAuth tokens in Skype for Business Server 2015
https://support.microsoft.com/en-us/kb/3141115

Can't prepare an Active Directory forest in Skype for Business Server 2015
https://support.microsoft.com/en-us/kb/3141110


Looks like the only database with an update is rtcxds:
https://blogs.technet.microsoft.com/dodeitte/2015/05/10/how-to-verify-if-skype-for-business-server-2015-database-updates-completed-successfully/


Updated 22nd March
KB3141121 goes live.

Updated 31st March
All KB's live.

Fraud against Exchange UM. Protect yourself now!

The ability to use a phone system to make low cost/free calls to numbers is known as Toll Fraud, for some of the "greatest" hackers out there it was their way into the dark arts and now we've seen how this can manifest itself on Exchange Unified Messaging.

The weak link (as is usually the case) are credentials, for Exchange UM (Outlook Voice Access) your username is you phone number and your password is a PIN that is set at account creation. If this PIN is insecure (all in company have it set the same/its the last 4 digits of your phone number/common pattern/never expires/written on a post-it) then you have a perfect attack vector.

The process that is followed is thus:

  1. Attacker calls the Victim and leaves a voicemail (in the cases we have seen this voicemail is left after working hours on a Friday indicating some pre-work has been done by the attacker)
  2. The voicemail will have been left from the presentation number (real or spoofed) that the attacker wants to force the phone system to call (premium rate/foreign mobile number/et al)
  3. Once voicemail is left the Attacker dials the user again and during the "Please leave a voicemail" message presses the * key, this tells Exchange to request the PIN for the account. As the Attacker already has this (due to one of the reasons above).
  4. The Attacker is now into the users mailbox, now it is simply a case of listening to the voicemail and selecting the "Call user back" option the system calls the number as left in step 2

So what can be done?
First - ensure that the security of your users UM PIN's are taken as seriously as their domain credentials. Look at the documentation (version specific) and set things like disabling common patterns and expiring the PIN

Second - think about your Outdialing plans - if your company is based in the UK and has no clients abroad then does your UM system need to be able to place international calls? How about premium rate (watch out for 070 numbers)?

The route that was taken for the fraud is shown here (Click for larger):