Managing Acano Server in Powershell

I love it when stuff is possible to manage through PowerShell.

I’ve been working quite a bit with Acano lately and because of that I have started looking in to the management API that they provide on their Server. This API is exposed as XML through HTTPS, so I thought that it should be quite possible to write some PowerShell functions that accessed parts of the API. These have evolved in to what I now release as version 0.1 of the PsAcano PowerShell implementation of the Acano API.

Currently only the GET commands are implemented, so it is only possible to view information at the moment – not edit or create anything. The functionality provided by the POST, PUT and DELETE commands will  be implemented in the coming days and weeks.

Last weekend Knowledge Factory had our kick off in beautiful Vaxholm outside of Stockholm. There we were treated to an extremely inspiring session by Simon Wåhlin ( about PowerShell and GIT. A big thank you to Simon for finally kicking me into doing source control on my scripts :D

I’ve set up an account on Github, and from now on my scripts will be available there, and this of course also applies to PsAcano.

If you don’t want to visit the repository page on github, you can download the module here. Installation instructions can be found in the file. Feedback is welcome as issues on github or comments on this blogpost.

Check encryption in Skype for Business on Windows Phone

Skype for Business has arrived on Windows Phone! The Lync 2013 app has recieved an update, and should already be rolled out to your phone – at least if you have automatic updates on. If not or if it hasn’t updated automatically, you can get the update here.

One of the new features included in the client is that now all data stored locally on the phone – like recent conversations, voice mails, pictures and user settings – is now encrypted.

In some cases this encryption doesn’t get enabled in the update, so be sure to check Settings -> about in your app to see if encryption is on. If it isn’t, you need to uninstall the app and reinstall it again and it should be turned on.

Store link to the app if you need to reinstall it! Read more about the update at the Office Blogs.

Error code 1603 – Skype for Business upgrade

Skype for Business server 2015 is here, and with it comes a time for “firsts”. Today, I’ve done my first In-place upgrades on servers from Lync 2013 to SfB 2015.

One thing I noted on a couple of servers was that the install failed during “Installing local management services” with this error:

Error returned while installing OcsCore.msi(Feature_LocalMgmtStore), code 1603.

I tried the “retry” option in the wizard, but it did no difference. A reboot of the server did the trick in both instances and the install continued perfectly.

I saved the logs and went through them afterwards, and found these lines

Error 0x80070430: failed to set security info for object: RTCCLSAGT error code: 1072
Error 0x80070430: failed to set security info for object: REPLICA error code: 1072

A quick google search shows that this error means “The specified service has been marked for deletion.” So for some reason the wizard hasn’t been able to completely delete the service. Seems that the easiest way to resolve this error is a quick reboot of the server, but to avoid getting it here’s a couple of checks:

  • Be sure to have closed all mmc instances on the server, including
    • Services
    • Event viewer
  • Close Task manager

I’m pretty sure there are other causes for the error as well, but again, in all cases a reboot should solve the issue.

Automating FIM Run Profiles for Lync

When deploying Lync in a Central Forest Topology it is recommended to use a directory synchronization product of some sort to synchronize user accounts from user forests to the central resource forest as contact objects. Nowadays this is normally handled by Forefront Identity Manager, and this deployment is discussed in detail in the Technet white paper.

When FIM is deployed, you have to execute Run Profiles on the management agents in the correct order, both import and metaverse synchronization needs to be done on the central forest management agent before any user forest management agents for the data to be exported correctly in the last step. This means that in general the Run Profiles needs to be run in this order: (This applies to both Full and Delta executions)

  • Import  Central Forest Management Agent
  • Import User Forest 1 Management Agent
  • Import User Forest 2 Management Agent
  • Sync Central Forest Management Agent
  • Sync User Forest 1 Management Agent
  • Sync User Forest 2 Management Agent
  • Export Central Forest Management Agent

Also it is a good idea to wait until the last operation is completed before starting the next.

This gets quite tedious rather quickly when you have to right-click the management agent -> run, select the correct profile, then click OK for every operation. In addition you will need to think about automation at some point as well.

So I’ve created this powershell function that will take a sorted array of Management Agent names and run all the Run Profiles in the correct order for you.

Simply load the functions in your current powershell session and run

CsFimMaRun -ManagementAgents @("ResourceForest","UserForest1","UserForest2") -Type Full


CsFimMaRun -ManagementAgents @("ResourceForest","UserForest1","UserForest2") -Type Delta

and the run profiles should be executed in order. For automation just add one of the above to the end of the script and run that in a windows task scheduler. One delta update a day is often enough, but if the environment is very dynamic you might want to run it more often.

If you set $debugpreference=”Continue” it’ll display the status after each operation as well.

Download here

Script: Set-CsKhiCollectorSet.ps1

Lync Key Health Indicators are an essential tool in health monitoring your Lync deployment, and is the first step in deploying the Lync Call Quality Methodology

After adding the KHI counters to applicable Lync servers, it can be quite the chore to log in to all of them to start the performance counters. It is possible to reach all computers from a Performance Monitor snapin, but with a lot of servers that too can take some time.

This script finds all servers that normally run KHI counters, and starts or stops the counters on them. It can also get the current running status of the counters. It is also possible to supply a csv with servers to run on to the script.

Download latest version here

A change of scenery

After eight years at Atea the time has come for a change of scenery. As of today me and Christian Knarvik start a new adventure at Knowledge Factory where we will bring KF to southern Norway. I am really looking forward to starting work with bringing Skype for Business to Norway together with KF.

I want to thank my colleagues in Atea for the last eight years – and to my new colleagues in KF, I can’t wait to get to know you all!