Update to Create-LabUsers - Enable for SfB

-
This is a further update to my previous postings ()on changes I've made to Aarons script for creating lab users.

One of my requirement was enable users for Skype for Business. This is reasonably straightforward.
In order to connect remotely to the SfB powershell, we need credentials.
Once connected, we can enable the users with a default sip address of their email account (so some checks need to be in place)

Eagled eye readers will notice i've also included a stopwatch to monitor the execution times. Very useful when tweaking the scripts to streamline the proces.
Top to bottom, the switches required are:
#Skype4Business parameters
[switch]$Skypeenable,
[string]$SfBFEServer,
[string]$SfBPool,

  • SfBFEServer is the remote machine we will connect to to execute the commands.
  • SfBPool is the pool where the users will be homed on. If not specified, the script will try to be smart and do a DNS lookup for the _sipinternaltls._tcp record

The functions required are:
Function EnableUsersForSkype
{
 param (
  [string]$UserOUPath = $OUPath,
  [string]$Pool=$SfBPool,
  [string]$SipDomain=$UPNSuffix
 )
 

 ConnectToSfB
 if ($SipDomain -like '')
 {
  $SipDomain=(Get-CSSipDomain | where-object {$_.IsDefault -eq $true}).name
 }
    #Get users on OUPath with email accounts, and not enabled for S4B 
    $User=$null
 $UserList=Get-ADUser -Server $DomainController -Filter * -SearchBase $UserOUPath -properties mail, msRTCSIP-DeploymentLocator,msRTCSIP-UserEnabled | where {$_.'msRTCSIP-UserEnabled' -eq $null}
    $UserCount=$UserList.count
    $i=1
 foreach ($User in $userlist)
 {
  $userEmail=$User.mail
        if ($userEmail -like "*")
        {
   if ($User.'msRTCSIP-DeploymentLocator' -eq "SRV:")
   {
   #User is already enabled for S4B
   }
   elseif ($User.'msRTCSIP-UserEnabled' -eq $null)
   {
    #Enable user for S4B
    try
    {
                    Write-Log -ConsoleOutput -Message "Enabling user [$($i)/$($UserCount)], $($user.mail) for SfB" -LogFile $Logfile -LogLevel INFO
     Enable-CsUser -identity $user.userprincipalname -RegistrarPool $Pool -SipAddressType EmailAddress -SipDomain $SIPDomain -confirm:$false -DomainController $DomainController -ErrorAction Stop
     $user.'msRTCSIP-UserEnabled'=$true
     $User.'msRTCSIP-DeploymentLocator'="SRV:"
    }
    catch
                {
                    $ExceptionMessage = "Cannot enable user [$($i)/$($UserCount)], $($user.mail) for SfB, error $($_.Exception.Message)"
                    Write-Log -ConsoleOutput -Message $($ExceptionMessage) -LogFile $Logfile -LogLevel ERROR

                }
   }
  else
  {
            #User has no email account, so dont enable  
  }
        }
        $i++
 }

}

function ConnectToSfB
{
 # Connect to Skype4Business server
 try
 {
  $SessionInfo = Get-PSSession
  if ($SessionInfo.ConfigurationName -match "Microsoft.Powershell" -and $SessionInfo.ComputerName -match $SfBFEServer)
  {
   Write-Log -ConsoleOutput -Message "You are already connected to a SfB Powershell instance." -LogLevel INFO -LogFile $Logfile
  }
  else
  {
   Write-Log -ConsoleOutput -Message "Connecting to $($SfBFEServer)..." -LogFile $Logfile -LogLevel INFO
   $SkypeSession = New-PSSession -ConnectionURI "https://${SfBFEServer}/OcsPowershell" -credential $SkypeCredentials
   Import-PsSession $SkypeSession -CommandName Enable-CsUser, Get-CsUser, get-cssipdomain -AllowClobber -verbose:$false | Out-Null
  }
 }
 catch { Write-Log -Message "Cannot connect to Powershell Server $($SfBFEServer)." -LogFile $Logfile -LogLevel ERROR -ConsoleOutput; Break }
} # End Function ConnectToSfB

The checking and function calls are (just after the automatic domain controller detection around line 1840):
#If skype actions to be performed, get skype admin credentials
if ($SkypeEnable){
    $SkypeCredentials=$Host.ui.PromptForCredential("Skype Credentials","Please enter credentials to enable Skype users",$env:USERDOMAIN + "\" + $env:USERNAME,"SkypeForBusiness")
    if (!($SfBFEServer.contains(".")))
    {
        # requires FQDN so append DNS domain
        $SfBFEServer = $SfBFEServer,$Domain -join "."
    }
    Write-Log -ConsoleOutput -Message "Skype for Business: Using Front end server $($SfBFEServer)" -LogFile $Logfile -LogLevel INFO

    if (!($SfBPool))
    {
    # No Pool passed. lookup from dns (lyncdiscover record)
        $DNSRecord= "_sipinternaltls._tcp."+$Domain
        $SfBPool=(Resolve-DNSName $DNSRecord -type SRV).nametarget
        Write-Log -ConsoleOutput -Message "Skype for Business: No pool specified, resolving through DNS" -LogFile $Logfile -LogLevel INFO
    }
    if (!($SfBPool.contains(".")))
    {
        # requires FQDN so append DNS domain
        $SfBPool = $SfBPool,$Domain -join "."
    } 
    Write-Log -ConsoleOutput -Message "Skype for Business: Using Pool $($SfBPool)" -LogFile $Logfile -LogLevel INFO


}
$stopwatch=[system.diagnostics.stopwatch]::startNew()
$SectionSW=[system.diagnostics.stopwatch]::startNew()
Around line 1815 after the groups are created and mail enabled 
If ($SkypeEnable -and $SfBFEServer)
{
    $SectionSW.Restart()
    EnableUsersForSkype -UserOUPath $OUPath -Pool $SfBPool -SipDomain $UPNSuffix
    $SectionSW.Stop()
    Write-Log -LogFile $Logfile -Message "Lab checkpoint:`tSkype enabled`t$($SectionSW.elapsed.minutes)m:$($SectionSW.elapsed.seconds)s:$($SectionSW.elapsed.Milliseconds)ms" -LogLevel SUCCESS -ConsoleOutput
}
And finally at the end, close the stopwatch and display the time it took: 
$stopwatch.stop()
Write-Log -LogFile $Logfile -Message "Lab took $($stopwatch.elapsed.minutes)m:$($stopwatch.elapsed.seconds)s:$($stopwatch.elapsed.Milliseconds)ms to build" -LogLevel SUCCESS -ConsoleOutput

And finally an example of the command line:
.EXAMPLE
.\Create-LabUsers.ps1 -Count 100 -Company "PGR2, Inc." -OUPath "OU=PGR2 Users,DC=homelab,DC=domain,DC=com" -CreateGroups -InflateMailboxes -CreateMailboxes -ExchangeServer exch16-01 -SkypeFEServer sfb15-fe01

Create 100 users, create groups, enable all users in OU for email, add content to mailboxes and enable for Skype for Business


Comments

Post a Comment

Popular posts from this blog

Skype Online and MCOValidationError

-
These user counts are incorporated into the Lync ReportHTML  from the previous post: https://jc-nts.blogspot.com/2019/05/powershell-module-reporthtml.html While doing some housekeeping for a client, I noticed that the Interpreted User Type attribute in SfBO threw up some HybridOnpremSfBUserWithMCOValidationError accounts. The full list included: DirSyncSfBUser: On-premises users which have been assigned a SfB online licence DirSyncTeamsUser: On-premises users which have been assigned a Teams licence HybridOnlineSfBUser: A user created on-premises and migrated to SfBO HybridOnpremSfBUser: A user created on-premises and enabled on-premises for Lync/Skype HybridOnpremSfBUserWithDeletedLicenses: An on-premises user has a deleted office 365 SfB licence HybridOnpremSfBUserWithMCOValidationError: An on-premises user with a domain that is not valid in your synchronised tenant PureOnlineSfBUser: Online users which have been assigned a SfB licence PureOnlineTeamsUser: Online users
Read more

SCCM 2012 R2 - Offline servicing error

-
While updating images in SCCM 2012R2 to apply recent updates to a windows 8 image, I hit the following errors: Failed to install update with error code -2146498513 InstallUpdate returned code 0x800f082f Failed to install update with ID 17242935 on the image. ErrorCode = 2095 To fix: Mount the image (.wim) file using dism: dism /mount-wim /wimfile:d:\sources\os\captures\w8x86.wim /index:2 /mountdir:c:\mount Load the registry SOFTWARE key reg load HKLM\MyKey c:\mount\windows\system32\config\software Find the registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Compnent Based Servicing\SessionsPending Edit the DWORD Exclusives to value 0 (in my case it was 3) unload the registry reg unload HKLM\MyKey commit the changes to the wim dism /unmount-wim /mountdir:c:\mount /commit In SCCM, schedule the updates. Key an eye on the OfflineServicingMgr log file - you might need to do the same again. Links DISM mounting http://msdn.microsoft.com/en-us/library/ff79481
Read more

Polycom provisioning - and Zoom!

-
Updated June 2019 So I have a little downtime which means I need a little project. On my 'havent setup in the test lab yet' is a polycom provisioning service. So, off to eBay i head for some devices (naturaly) and i'm pleasantly surprised to find some VVX handsets at a very reasonable £30. On a roll, i head off to find some Trio conference devices. A step up from the CX3000 they replaced, these are nice pieces of kit. I just missed out on a trio 8800 and visual+ bundle, so with VVX501 in hand i setup a provisioning service. FTP server - filezilla - check exceptions in the firewall - allow the filezilla app through - check DHCP options (160 AND 161 for newer firmware) - check Create a config file for the MAC address (i only have a single device, after all) Remembering to disable updates from the Lync/Skype/Office365 service - I dont want a reboot loop as it updated and downgrades repeatedly. <?xml version="1.0" standalone="yes"?> <
Read more