Assigning numbers fails with "Sorry, but we couldn't save your changes. Please try again later."
- Correct licenses are assigned. Need "Cloud PBX" from E5 as well as a "Calling Plan" license. If the license is correct the the users should show up in the "Voice users" view.
Check the Location assigned to the user. It has to match up with the “Emergency Location” when assigning the telephone number. You can find the Location in the main Admin portal where you assign licenses to users.
|Skype for Business Admin Portal > Voice Users > Assign Number|
|In main O365 Admin portal > Users > Product Licenses|
What a mess!!!
If you use public certs from Globalsign, be aware of the issue that started yesterday with their CRLs.
We had to go in and update ALL our external-facing servers with the new Intermediate Cert they provided.
More details here - http://downloads.globalsign.com/acton/fs/blocks/showLandingPage/a/2674/p/p-008f/t/page/fm/0
We use public certs on our SfB FEs too, and the same cert is also used for OAuth. We ended up removing and reapply the cert (from the SfB Wizard) so that it replicates out to the other servers and pools.
You need to remove the old Intermediate cert from the store. Search the Computer as well as the User stores and make sure you get rid of the old Intermediate one, else it will stay latched to the chain.
Can get the Intermediate cert from here - https://support.globalsign.com/customer/portal/articles/2599710-ocsp-revocation-errors---troubleshooting-guide
The February release of the Office 365 Deferred Channel for Office 2016 is now available - Version 1609 (Build 7369.2118).
Current Release + FRDC updates have been released too. Those are @ Version 1701 (Build 7766.2060).
February 23, 2017
First Release for Deferred
February 22, 2017
February 22, 2017
I love using MwB to reduce the clutter on my desk by using just 1 keyboard and mouse to control multiple PCs.
Every so often an update comes out and it complains about the .Net version even though you are running a later version of the framework.
Googling does not provide a solution easily, but all you need to do is to run the installer using elevated privileges.
Error message : Mouse without Borders requires the .NET Framework 2.0 or 4.0
It's a Microsoft Garage work (side projects by MS employees) that solves my problem really well. Check it out...Download site - http://www.microsoft.com/en-ca/downl....aspx?id=35460Community site - https://getsatisfaction.com/mouse_without_borders
Renewed my SfB on-prem OAuth cert and started getting these errors
Source: LS Storage Service
Storage Service had an OAuth STS request failure.
Recv RST response, failed, sts=https://accounts.accesscontrol.windows.net/092a1ba4-a4fe-4172-970e-7ab3035e7c94/tokens/OAuth/2, firstname.lastname@example.org, ex=The remote server returned an error: (401) Unauthorized….
You will also notice that the Test-CsExStorageConnectivity command fails (Test-CsExStorageConnectivity -SipUri Test_User@domain.com)
Renew OAuth with new Cert
1. Export the new OAuth cert from MMC>Certificates on FE using BASE-64 without private key
2. Create a session with SfB online + MSOL
$msolcred = get-credential email@example.com
$session = New-CsOnlineSession -Credential $msolcred -OverrideAdminDomain "domain.onmicrosoft.com"
Import-PSSession $session -AllowClobber_
Connect-MsolService -credential $msolcred
3. Import and assign cert
$certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate
$binaryValue = $certificate.GetRawCertData()
$credentialsValue = [System.Convert]::ToBase64String($binaryValue)
3. Get current KeyIDs for Certs (enter 0 for ReturnKeyValues)
Get-MsolServicePrincipal -AppPrincipalID 00000004-0000-0ff1-ce00-000000000000 #Lync
Get-MsolServicePrincipal -AppPrincipalID 00000002-0000-0ff1-ce00-000000000000 #Exchange
get-MsolServicePrincipalCredential -AppPrincipalId 00000004-0000-0ff1-ce00-000000000000
get-MsolServicePrincipalCredential -AppPrincipalId 00000002-0000-0ff1-ce00-000000000000
5. Use the KeyIDs (that you got from above step) to remove current certs
Remove-MsolServicePrincipalCredential -AppPrincipalId 00000004-0000-0ff1-ce00-000000000000 -KeyIds @("00000000-0000-0000-0000-000000000000")
Remove-MsolServicePrincipalCredential -AppPrincipalId 00000002-0000-0ff1-ce00-000000000000 -KeyIds @("00000000-0000-0000-0000-000000000001")
6. Assign new cert
New-MsolServicePrincipalCredential -AppPrincipalId 00000004-0000-0ff1-ce00-000000000000 -Type Asymmetric -Usage Verify -Value $credentialsValue
New-MsolServicePrincipalCredential -AppPrincipalId 00000002-0000-0ff1-ce00-000000000000 -Type Asymmetric -Usage Verify -Value $credentialsValue
7. Make sure your edge servers are replicated (OAuth uses federation via them)
Get-CsManagementStoreReplicationStatus | ft
Get-MsolServicePrincipal -AppPrincipalID 00000004-0000-0ff1-ce00-000000000000
Get-MsolServicePrincipal -AppPrincipalID 00000002-0000-0ff1-ce00-000000000000
Get-MsolServicePrincipal -AppPrincipalID 00000004-0000-0ff1-ce00-000000000000 | select serviceprincipalnames -ExpandProperty serviceprincipalnames
Get-MsolServicePrincipal -AppPrincipalID 00000002-0000-0ff1-ce00-000000000000 | select serviceprincipalnames -ExpandProperty serviceprincipalnames
Test-CsExStorageConnectivity –SipUri firstname.lastname@example.org # SfB on-prem user
Test-CsExStorageConnectivity –SipUri email@example.com # SfB online user
Cleared Log event (OAuth successful)
Source: LS Storage Service
OAuth STS was properly configured for Storage Service.
GetAppToken succeeded for request with sts=https://accounts.accesscontrol.windows.net/092a1ba4-a4fe-4172-970e-7ab3035e7c94/tokens/OAuth/2
Additional (verbose) references: