ccolonbackslash

Just another WordPress.com site

Monthly Archives: December 2011

Credentials are required, calendar password prompt – Lync/Communicator

If you find users are unable to dismiss credential prompts from communicator or Lync that reference calendar access, even if entering correct password and you are running Checkpoint IPS, it’s likely that the non-compliant http protection is blocking its calendar access through your companies autodiscover.domain.com address. To stop this behaviour, enable an exception for the non-compliant http IPS protection between your reverse proxy’s internal nic and your CAS and your firewall and the published proxy nic/ip.

Should you find you are continued to be prompted for credentials (which are dismissed after you enter them) when connecting from outside the LAN after this change or DO NOT use checkpoint’s IPS, please look at this post – it fixed things for me: http://msexchangeanywhere.wordpress.com/2011/12/29/how-to-fix-lync-services-signin-type-your-user-name-and-password-to-connect-for-retrieving-calendar-data-from-outlook/. Many thanks for this!

vi primer/introduction/basics – handy for checkpoint or any linux appliance management

If you do anything with linux, even at the simplest level, you have to get to grips with vi for config changes, the most accessible and useful resource i found on it to get started was here:  http://acms.ucsd.edu/info/vi_tutorial.shtml . Well worth a look if your administering SPLAT’s but are otherwise a Windows shop and have no previous linux experience.

Self Signed Certificates Issued to Polycom Lync Phone Devices – causes additional certificate authentication pop-ups for other certificate dependent services

Woohoo – this is fixed, go here for the hotfix: http://support.microsoft.com/kb/2710995 

_____________________

Posted this, here: http://social.technet.microsoft.com/Forums/en-US/ocsclients/thread/340c2fe9-a9bb-449b-8498-0f9c5699d566 a while back, anyone else having same problem? Off the back of another support call I spoke with an escalation engineer and he agreed that it was a significant issue, but couldnt confirm when it would be resolved. Do let me know if you’ve found a way for these polycom devices and 802.1x eap authentication to work without irritating popups.

________

Hi there,

I’ve just configured a pilot Lync2010 pool with the eventual intention of deploying lync handsets across the organisation.

Everything seems to work great, delighted with the polycom hardware (cx600).

However, when i sign into Lync, and my device retrieves a certificate (that seems to be deposited in my personal cert store as well), this certificate causes problems with:

-EAP wireless

-EAP authentication to the vpn

What happens is when i connect to wireless i now have to choose between my lync cert and the company cert, the lync cert is not trusted as is not issued by a trusted authority (clearly). This isnt a big deal to me but extra prompts are a major deployment blocker for my users!

Is there no way to get Lync to use certificates issued from our enterprise CA as opposed to it’s own, then we’d have a single personal certificate for all these services?

Using DHCPUtil.exe i have pointed my device at my ent CA, but it still gathers a self-signed cert from the lync server.

I dont believe i’m the only person to run into this issue: http://social.technet.microsoft.com/Forums/en-US/ocscertificates/thread/8358d4b1-9d55-40bf-bb7e-c09e0cb90327/.

Thanks,
Jim.

Save yourself 15 minutes installing pre-req’s on an Exchange 2010 install on Server 2008 R2

Copy and paste the script on the page linked here to a notepad file, save as a .ps1 and run before installing exchange.

Even downloads the filter pack for you http://www.bhargavs.com/index.php/2009/11/18/script-to-install-exchange-2010-pre-requisites-for-windows-server-2008-r2/

Many thanks to the author of the linked page Bhargav Shukla, the original author of the script Anderson Patricio and Pat Richard. With lab installs i think this has given me around 2 hours of my life back all told.

TrueSec / Deployment CD – Awesomeness for free.

TruSec have offered a free copy of their deployment CD (2) for some time now, it contains a huge amount of information and guidance on deploying windows 7 both using freely available tools and sccm 2007. One excellent aspect of the 180mb iso is the 100% walk-throughs they do both on paper and through screencasts through zero and lite touch deployments.

I am currently trialling SCCM 2012 and the MDT 2012 beta, so this has been a hugely useful refresher.

Can’t recommend it enough. Go here and ask them for a copy: http://www.truesec.com/deploymentcd .

Awesomeness

Awesomeness