Lync Server 2013 August 2014 Cumulative Update Released

Microsoft has released a new Cumulative Update for Lync Server 2013. Below is a consolidated list of the fixes that are included.

Download link here:

List of fixes included:

Update for Standard or Enterprise Edition server (Front End Servers and Edge Servers):

2976568( ) Address book delta files are not generated in a Lync Server 2013 Enterprise Edition environment

2967626( ) Error “creating procedure RtcResetAbAttributes” when you run “Install-CsDatabase” for rtcab database in Lync Server 2013

2967629( ) Significant bandwidth usage increase by SIP traffic in a Lync Server 2013 environment

2967630( ) Callee receives a missed call notification after answering a call on an IP telephone in a Lync Server 2013 environment

2979931( ) Error “I can’t find the meeting with that number” when PSTN user dials in to conference in Lync Server 2013 environment


Update for Web Components server

2978444( ) Update for Lync Server 2013 to disable Lync Web App users’ ability to upload and show PPT in online meetings

2976906( ) Incorrect time zone is displayed when you create a meeting by using Web Scheduler in a Lync Server 2013 environment

2967623( ) Error “This content cannot be displayed” or blank webpage when you click a dial-in URL in a Lync Server 2013 environment

2967624( ) HD video stutters in a Lync Server 2013 based video conference in Lync 2013

2967628( ) Telephone numbers are missing in a contact card in a Lync Server 2013-based Lync mobile client


Update for Core Components

2967621( ) Error 404 when Lync phones sign in to Lync Server 2013 front-end servers during SBS failure recovery

2967631( ) Error “”DistributionGroupAddress” and “AgentsByUri” must be set.” when you migrate the RG service to Lync Server 2013


Update for Administrative Tools

2983199( ) “Limited functionality is available due to outage” in Lync client when Lync Server 2013 replication queue is full


Update for Web Conferencing server

No Specific fixes listed


Update for Windows Fabric

2983199( ) “Limited functionality is available due to outage” in Lync client when Lync Server 2013 replication queue is full

#Lync 2013 marks gateway as down – when it is not???

I was recently working on an issue where Lync was marking a single gateway of 3 in a voice policy route as down. This customer is using 3 gateways and outbound calls are using all 3 together via round-robin routing. The only item that was unique about this particular gateway was that there is a FXS paging trunk connected to it. Our support team restarted the mediation service and saw all the necessary event log entries indicating that the gateway was back online only to see it be marked as unreachable after a period of time. The issue was escalated to me since I did the original implementation and suggested that we try testing a few things:


  • Make a call to the paging trunk, while there is a call established make another call.
    • This resulted in an event log entry stating that there was a failed attempt on outbound routing.
    • We did this 4 more times (the magic number here is 5 failures)
    • After 4 more failures we saw Lync mark the gateway as unavailable


  • The reason this is a problem is that the gateway was responding to Lync when the FXS port was in use with a 503 Service Unavailable (Remember Good SIP Messages 1xx, 2xx, and 3xx) (bad SIP messages 4xx, 5xx, 6xx) If Lync receives 5 permanent failures Lync will mark the gateway as down. That is OK when there are other gateways that provide the same outbound routing, but now paging will not work. Remember it is connected to the gateway that is marked offline


In order to solve this issue I suggested that we utilize the New-CsSipResponseCodeTranslationRule Lync PowerShell command to take a 503 message and translate it to a 483 (Busy Here). By doing this we take a permanent failure like 5xx and translate that to a temporary failure that Lync does not count towards the 5 failures before a gateway is marked down.

Here is the command that was run:

New-CsSipResponseCodeTranslationRule -Identity “PstnGateway:xx-xxx-gateway1.contoso.corp/Rule503_Paging” -ReceivedResponseCode 503 -TranslatedResponseCode 483

After we implemented the command we ran several tests. We had a user connect to paging and then another user call the same trunk over and over. Lync never marked the gateway as down. We validated this by reviewing the Lync logs and seeing that we were in fact getting a 483 message back now.

Hope this helps someone!

San Francisco Lync User Group – Wednesday April 23rd, 2014 #Lync #LyncUG

The San Francisco Lync User Group will be having our next meeting Wednesday April 23rd, 2014 from 3:00PM-6:00PM. This meeting will include two sessions, the first session will cover the Top Ten Takeaways from Lync Conference 2014.  The second session will dive into Advanced Troubleshooting Tools for Lync.

Location Details:
835 Market Street
Suite 700
Golden Gate North Room
San Francisco, CA 94103

There is a parking garage right behind Market Street on 5th and Mission.  BART station at Powell street and is a 2 minute walk to the Microsoft offices.

Please register on our webpage at

San Francisco #Lync User Group January 23rd, 2014 3PM-6PM #UCOMS

*Win a trip to Lync Conference!

About Us

The San Francisco UC Users Group is targeted at IT Pros and Developers interested in Microsoft Unified Communications. Our goal is to provide the San Francisco area with valuable information as it relates to Microsoft Unified Communications. Our meetings will include both technical and business information relating to Lync Server, Exchange Unified Messaging and other components of the Microsoft UC product suite.

Please register on our webpage at

Meeting Details

January 23rd 2014 3PM-6PM Pacific

The San Francisco UC Users Group will be conducting their next meeting Thursday January 23rd, 2014. This meeting will include two sessions, the first – a session covering the ins and outs of Centralized Logging in Lync 2013. The second session will take a dive into Lync Room Systems presented by Smart Technologies.

Industry Experts will be on site to deliver these presentations and help answer any questions related to Lync Server.

Food, beverages and additional door prizes courtesy of the Lync Users Group

*Lync Conference trip entry requires attending an in person event on or prior to January 31st, 2014 and completing a survey. Drawing will be conducted February 1st, 2014 and winner will be contacted immediately. Lync user’s group volunteers, sponsors, employees of sponsors and their immediate families are not eligible to win.

Location Details:
835 Market Street
Suite 700
Golden Gate North Room
San Francisco, CA 94103 

2013 in review

The stats helper monkeys prepared a 2013 annual report for this blog.

Here’s an excerpt:

The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 49,000 times in 2013. If it were a concert at Sydney Opera House, it would take about 18 sold-out performances for that many people to see it.

Click here to see the complete report.

Publish #Lync 2013 Web Services with Windows Server 2012 R2 Web Application Proxy

Deploying WAP for Lync Server 2013


2 Servers 1 Web Application Proxy (WAP), and 1 ADFS.  Both Windows Server 2012 R2

The ADFS server is an internal server joined to the corporate domain on the internal LAN

The WAP server is a perimeter server in the DMZ in a workgroup (think TMG here), 2 interfaces 1 Internal, 1 External.

  • Install ADFS, Open PowerShell and run the following command:

    Install-WindowsFeature ADFS-Federation

  • Open Server Manager and select the status icon shown below and click Configure the federation service on this server

  • The Active Directory Federation Services Configuration Wizard screen will open. Select Create the first federation server in a federation server farm

  • Click Next
  • As long as you are logged in as a Domain Administrator you can just select Next.

  • On the next screen you will need to select a certificate that matches the FQDN of the ADFS server or servers if you are deploying more than one ADFS server for high availability (If you are deploying multiple ADFS server ensure that the SAN field contains the name of the servers)

    Note: You can use my post here in order to create certificates.

  • You can select a Group Managed Service Account or a Managed Service Account that already exists in Active Directory.
    • In order to use the Group Managed Service Account you must run the command below

      Add-KdsRootKey -EffectiveTime (Get-Date).AddHours(-10)
      You will need to wait for AD replication in order for the option to become active

  • Select next on the Specify Configuration Database

  • At the review options screen select Next.

  • After the Pre-Requisite check finishes select configure:

  • You should see this final screen when finished.

As far as ADFS is concerned for Lync we are finished. There is no other ADFS configuration required.

Web Application Proxy Configuration

  • First thing we need to do on the WAP server is either set internal DNS on the internal facing NIC for internal host name resolution or modify the hosts file and add the ADFS server FQDN and Lync Web Services FQDN’s. In my case that is:

  • Ensure you add the primary DNS suffix in the Computer Name options area to match the internal domain name. In my case that is
  • Import the domain Enterprise Root Certificate to the Trusted Root Certification Authority snap-in since this server will be establishing secure SSL sessions to the ADFS server the only way to do that is by importing the root ca just as you would have on a TMG or Edge Server.
  • Import your Public Certificate that contains the web services names on it to the Personal Store on the WAP Server
  • Run the following command via PowerShell:

    Install-WindowsFeature Web-Application-Proxy,RSAT-RemoteAccess-Mgmt, RSAT-RemoteAccess-PowerShell, GPMC, CMAK

After the command has completed open the Web Application Proxy Wizard via the Server Manager Console

  • At the Welcome screen select Next

  • Enter the federation service name that you specified in the ADFS configuration as well as credentials for accessing ADFS.
  • Export the certificate you created for your ADFS service from the ADFS server and import it with private key to the WAP Personal Certificate Store.
  • You will see the following as an option

  • Click Next

  • After this has completed you can configure your publishing rules.
  • Now open the Remote Access Management Console and select Publish
  • At the welcome screen select Next

  • Select Pass-Through

  • For your Lync External Web Services use the following as an example

  • Select the certificate that contains the public names of your Lync Web Services
    • Note that the Backend server URL has the :4443 added to the end since Lync is listening on this port for external web traffic
  • Click Next and you will get to this screen

  • Click Publish
    • At this point you are going to want to ensure that you have TCP Port 443 open between the WAP Server and the ADFS server. If you do not this step will fail.
  • Complete steps 17-28 for the remaining web services you wish to publish
    • Note: You can use the following PowerShell command to create multiple entries
    • Add-WebApplicationProxyApplication -BackendServerUrl ‘‘ -ExternalCertificateThumbprint ‘insert Certificate thumbprint here’ -ExternalUrl ‘‘ -Name ‘Lync Web Services’ -ExternalPreAuthentication PassThrough
  • My final configuration looks like this:
  • Since some of the Lync 2013 mobile clients do not support Server Name Indication (SNI) you will need to apply a default SSL certificate for the Web Application Proxy to use.
  • Run this command from PowerShell:
    • netsh http show sslcert

    • You will get a screen that contains the following copy the Certificate Hash
    • Run the following command:

      netsh http add sslcert ipport= certhash=b58f8eda33987269a286f72af7766687743b87ec appid={f955c070-e044-456c-ac00-e9e4275b3f04}

    • If the full command doesn’t work run netsh first like below
  • And finally the last command to run is the following:

    Get-WebApplicationProxyApplication | Set-WebApplicationProxyApplication -DisableTranslateUrlInRequestHeaders:$false

#Lync 2013 November Update Released 15.0.4551.1005

Microsoft released the November 2013 client update recently. Below are the fixes with major fixes highlighted.

In addition the following features have been added.

Client feature enhancements include Photos of Sender/Receiver, URL Photo Experience, pChat Escalation, Login Trace Files and New Recording Options

For more details you can go here to read the NextHop blog on the article here:

The update is available here: