Tuesday, March 15, 2016

Why Did My Home Page Change? ( Hint: It's Not What You Think)

One of the reasons I do enjoy my job is the ability to discover and learn new things. I don’t think a day goes by that most of us in the technology space don’t learn at least one *tidbit* of new information. Things have gotten far more complicated that they ever were ,its impossible to know everything , thankfully the collective hive mind of the intertubes are a never ending connect-the-dots search for technology ( among other things!) enlightenment.

My situation began when I noticed that in the last few days , when I rebooted my PC, my default browser would open to the MSN homepage. Now I know what you are thinking ( as was I ) “Oh crap , I have some malware”. The strange thing was that once I clicked my homepage button , it would go back to my configured page. This would only happen on booting up , which is why I hadn’t paid a lot of attention to it,  really. Strange behavior for malware , NO?
Today however , I was battling a rather nasty Excel/VBA issue (a story for another time) that was crashing Office regularly.I attempted a few reboots to fix that problem  and finally realized my browser’s  issue. As I mentioned above , my first thought was malware so this problem took center stage.

At first I was curious as to how such strange behavior was taking over my daily driver, and how did it get past my defenses?

First I have my PFSense Open Source Firewall with Antivirus. Then my local machine is running Malware bytes premium ( with auto updates). Plus, of course I also have windows defender. Surely, these great tools coupled with my *safe surfing habits* would keep me protected, right ? Was it a Drown Attack vector? Was it something new that no one knew about ? Doubtful, to say the least, but only time would tell.

Lets look thru the usual startup locations.  The great and knowledgeable Mark Russinovich  has built the sweetest set of sysinternals tools. One of my favorites is Autoruns. This tool will show you every possible  place that some evil (or even pseudo-evil) software will attempt to hide itself for startup. Just Like with  his alter ego , Jeff Aiken , malware has no chance to hide from sysinternals!

Lets take a tally here …

Autoruns?  – Nada!  Malwarebytes – Zilch! Windows Defender? Zero!  HAVP? no hits!

Taking a step back ,  I found a hint in the URL  that my default browser was opening up to , which was  http://www.msn.com/?ocid=wispr. A search for “WISPR” yielded the clue as to why this *just started* happening to me.

As it turns out there is a feature in windows at least as far back at least  7  ( that I guess I never thought about)  , called Microsoft NCSI (No,  its not the latest techno investigative team from Redmond, although it sure sounds like one!) It stands for Network Connectivity Status Indicator.. II vaguely knew that this existed when troubleshooting strange NIC behavior (Example, when a NIC gets flagged in the wrong zone so windows firewall rules get applied incorrectly)  , but had no idea that it would affect the browser and bypass all browser configuration!

Basically, the feature works like this.When your Windows computer comes on line, with network connectivity, it will try to hit the  text file , located on the web at www.msftncsi.com/ncsi.txt.  If windows  cant hit it , it assumes you are at a public hotspot and will need a browser to sign in to the access point,  so your default browser is launched. Since I really do have internet access ( no captive portal needed here in the Northern woods!) the page then redirected me to the MSN homepage.

As it turns out this problem was (like many) self inflicted.

You see , recently, I began tinkering with Raspberry Pi machines. First I built an Airsonos box that made streaming that much easier and friendly at home. Then I found out about a cool network wide ad blocker called Pi-hole (don’t you love open source project names?) Pi-hole is simply linux box running dnsmasq   that maintains its own blacklists for ad servers.  When a device pointed to pihole for DNS requests a blocked site , Pi-hole simply serves up a tiny txt or jpg instead that bandwidth hogging sidebar!

Can you guess what happened when I added  www.msftncsi.com to my whitelist ? HINT: No more *hijack*

If this behavior annoys you you can disable it in the registry as well. Siimply change the value named EnableActiveProbing located at the key named: 


 to a “0” from the default , “1” if you look thru this key you can see other parameters such as the host and path of the target file, so I guess you can customize this for a your own tastes. 

Also , Pi-hole has a script that be used to add domains to the whitelist. It seems that wildcards are not supported yet so no *.domain.com.

Phew, glad that one was solved!

Till next time, folks. Keep on learnin’ !!

Friday, May 1, 2015

TPID Blog’s 10 Tips for Working Smarter not Harder (Part 1)

One of the Challenges we face on a daily basis is optimizing our performance, and getting tasks done quicker and easier. Most of the time , we are performing the same tasks over and over, and as we all know that’s what computers do best , and humans do worst.  None of these tips will solve that killer issue you have been tracking for weeks , but they might help you spend less time on the mundane parts of a troubleshooting session.

Therefore in the spirit of my TOP 10 community tools , I would like to share 10 tips and shortcuts  that I have accumulated over time, some I learned from others, some I discovered on my own.   Some of these might be “DUH!” tips to some folks, but I’m betting not everyone knows all of  these. I think anyone who has to administer or support Skype for Business and/or  Windows  server on a daily basis can shave a few minutes from their days with these “little gems”

10. CSCP move multi-select- For this first tip ,  let me set the scene for you. You are working in Skype for Business (S4B) control panel silverlight application, you have to add a new rule to a dialplan that has 40-50 or rules in it. You need this rule to be the 4th rule in the list. When you use the CSCP to add the rule , it goes to the bottom of the list. Until my colleague Jonmck (@ucomsgeek) showed me this tip, I had 2 choices. #1 click the up arrow 46 times , or use Powershell (POSH). While I would probably prefer to use POSH ( the –priority switch will accomplish this ) , there are times when this is simply not a viable  option ( ex. training a new customer, no easy server access  etc) . To move the bottom rule UP 46 places , all you have to do it move the 45 rules above it DOWN! (DOH!). Because of Silverlight not all standard windows commands are supported , luckily Ctrl-a ( all) and ctrl-click( select-unselect) are. As shown below , by selecting rule2 and rule3 and clicking down , Rule1 goes up! (DOH!) A few clicks versus MANY clicks!

9. ExcludeActivityLevel switch- The next tip is a powershell one. Frequently when standing up a new Lync server  you need to quickly find out the status of Lync services You also know that the POSH command  “Get-CsWindowService”  command will do this. You have probably already seen that sometimes this command can take a few seconds to run, partially because by default the command is also getting the current activity level of all services. That is  where the  “-excludeactivitylevel” switch comes in very handy. Couple this command with the POSH auto complete feature and you can get service status by typing “get-cswi<tab><space><dash>e<tab><enter>” (Time saver!)

8. “Lync” management Shell- Speaking of PowerShell, we have all seen the “Lync Server Managment shell” shortcut added when we install admin tools on a server. Have you ever wondered what the difference is between that and “regular” PowerShell is? Well here’s a little secret gang… when using PowerShell 3.0 and higher NOTHING IS DIFFERENT. This is because while that command loads the Lync module, PowerShell will always find all installed modules and auto loads them when needed, as illustrated below. Note below that when I opened the standard windows PowerShell and ran “get-module” , I only had the basic commands , but when I typed a Lync command ( look familiar?) and then ran “get-module” again,  Lync was loaded. Personally,  I prefer the default properties of the  Powershell shortcut and do not think I have ever used “Lync Shell”. I don’t know this for certain, but I wonder if this shell remains for those Exchange Admins who are used to a “real” admin shell ( that does much more than a standard shell). So don’t exit out of a regular PowerShell  because you think you need to for Lync access) (Time saver!!) 


7.  Always build Edge server as a pool – The next tip wont save time when you do it , it might save you time in the future. As you are aware , S4b/Lync treats EVERYTHING as a Pool ( FE , mediation etc).When you walk the new edge pool wizard, you are asked to choose between a single server  and a multi server pool. if you only have a single edge , you might be tempted to select single, but DON’T! If you select multi server pool you can still add only a single server to the pool. Later , if you decide to add a second server to that edge , it will be a simple chore, however if you selected “single” initially,  you are unable to convert it,  and have much more work on your hands! PS, if you use @rbrynteson and @realtimeuc 's LyncValidator ( and you should!) this will be done for you automatically. ( Future Time saver!)

6. Edge server static routes – The next  time saver is also related to the edge server , and also is something that will save time in the future, but should be done when deploying edge servers. As everyone knows,  a multi homed windows server has very specific network interface requirements, including static routes with no gateway on the internal side. Since I learned about this tip in around 2010 , I have been using just 3 netsh commands to point all RFC1918 (private) addresses to the internal interface. As long as your network only uses legal private addresses internally you don’t need to ask the networking group to “provide a list of all internal subnets” for you configure the edge interfaces. Of course if you use @patrichard  set-cs2013featrues script as recommended in my Top 10 tools post, it will do this for you, however I usually have this done when building the server prior to  installing prereqs,  so I have the person building the server run the following 3 commands for me. As a rule I try to call the internal interface “internal” but you could call it “TPID”  if you like just ( be sure to let me know if you do!) and  use whatever name you choose in the following commands, this way if any new subnet are added after the edge deployment, you wont have to revisit every edge’s host’s file.
  • Netsh interface ipv4 add route "<interface name>" <INTERNALGWIP>
  • netsh interface ipv4 add route "<interface name>" <INTERNALGWIP>
  • netsh interface ipv4 add route "<interface name>" <INTERNALGWIP>

Well that about concludes PART 1 of my working smarter tips – look for PART 2 as I count down my top 5 best tips for working smarter not harder!

PS If you will be at MS Ignite 2015 find me and say hello! – also look for my upcoming review right here at TPID Blog!

Tuesday, March 10, 2015

TPID Blog’s Top 10 Community tools for Lync and S4B

One of the great benefits to administrators, and users alike,  of the platform that is Lync Server (now known as Skype for Business) is the ability to "extend" said management and user experiences in ways that the original developers could probably only imagine.

A smart, dedicated, and tireless community has risen up around the Lync/S4B  ecosystem and has "delivered the goods" in many many ways. From user experience , to server maintenance and deployment, these tools help everyone of us get the most out of our  Lync Deployments.

So, with apologies to David Letterman , I would like to present my personal "TOP 10" list of 100% free , community  built extensions , scripts  and resources. I use most of these tools on a regular basis ( some I use every day) , and couldn't  imagine doing my job without them.

10) Number ten on my list is New-LyncMeetingWarmup – by Greig Sheridan  over at greiginsydney.com Greig promises “low-fat  and no genetically modified ingredients” in his ‘recipes” and he delivers!. This must have script automates a process outlined by Drago Totev in his LyncLog Blog that deals with slow meeting joins. While this might not be as pressing an issue as it once was, Greig and Drago have combined to provide a simple way of automating , understanding and dealing with this behavior that affects both users and guests joining Lync meetings.

9) Deploying and maintaining PSTN gateways is a necessary  and  sometimes time consuming process. Vic Jaswal's   Powershell Module for Sonus SBC1k/2k combines Powershell with Sonus’ REST api to provide near CLI access to my favorite SIP gateway. There are CMDLETS to create query and manage and provision transformations tables and entries , or even query any aspect of your SBC 1K/2K. While this is not a Manufacturer’s  “official” PoSH module, it works as expected, and is awesome if you have to manage 1 or 100 Sonus SBC1k2K

8) As we all know,  there are other manufacturers of SIP/PSTN gateways and they need support as well. My colleague Jonathan Mckinney, is up next with his script to backup Audiocodes Mediant and Mediapacks. His PowerShell script is now “JonMck approved” to work with gateways up to version 6.6 6.8 . If you have to manage an Audiocodes centric deployment, this script is a lifesaver.

7) Shifting gears from Powershell, my colleague Richard Brynteson teamed up  Michael LeMontage to created the Lync Validator website. These guys were unhappy with the  Microsoft Lync Planning tool,   so they built their own and shared it with the world! Simply sign in with your Microsoft account , and you can upload an existing TBXML file or create a new one. Once your topology is completed, it is validated ( get it?) against best practices. You can then generate reports for firewall rules , certificates or even generate DNS config scripts. As if that wasn’t enough you can then generate a word doc to output and document your design. Awesome tool,   Thanks guys! 

6) Creating complex dialing rules can be nirvana to some and hell on earth to others. If find yourself in the latter category, check out the Lync optimizer website  , provided as a free service by Ken Lasko , aka “the hoff” .Simply Input your NPA and NXX ( or country code and  region code  for non NANP users) and the optimizer will generate a complete dialplan as .ps1 that you can deploy or simply the raw Regex. I generally tend to opt for the raw regex rules and paste those in my rulesets, but if you have complex needs , or simply want to learn how put together a concise  dialplan, or configure extension dialing , premium number blocking or Location based routing, you simply cannot go wrong with this tool. Ken has  done an amazing job of collating freely available  information and turning it into a free consumable service for everyone. Just like lyncvalidator , you will need a Microsoft ID to use his site.

5) Shifting gears to client side enhancements , the next tool I use almost everyday is called Lync Select dial by Matt Landis, another UC Rockstar. It’s not very fancy , but this tool accurately illustrates the “art of the possible” with Lync/S4b.  Lync Select dial is so ubiquitous , it’s a wonder why its not embedded in the client. Simply highlight a phone number ANYWHERE in ANY app or web page and press a hotkey to have that number automatically dialed by  your client.  Simplicity at its finest!

4)  Matt gets his second listing in the top 10 with the next application. The who can federate tool. It  has been said that a computer network is only as good as the number of connected nodes it has , and your personal Lync “social” network is no exception. Use this application to scan your contacts to find out who has Lync federation enabled. There is also the ability to submit found domains to the Lync Federation Directory project  which should also get an honorable mention in my list as it clearly shows the power and reach of Lync/Sfb.  It is important to note that you do not need Lync/S4b to use this tool. It simply queries DNS using the domains listed in your Outlook contacts. This can be a great sales tool to show potential customers who they could communicate with if they had Lync.

3) Anyone who knows me , knows that automation , especially documentation automation is a top concern of mine.  Chris Cook over at EmptyMessage.com,  obviously feels the same way. but unlike me , he has done something about it.  Chris has combined these two passions ( it could also be a hatred for documentation as well, I guess!)  to  create the  Lync Environment Report Builder. This tool consists of multiple scripts. The first queries your deployment to collect information about the servers ( edge included!)  and resources in your topology and creates a ZIP file. This ZIP file is then used as an input file to other scripts to  generate Word , Excel or Visio files that  document your environment. Awesome! A recent update now allows for customized word templates. As an aside, by observing how this script does its job, it helped me solve a world automation issue I was having. Thanks Chris!

2) Speaking of UC Rockstars, I have tweeted this in past and its still true. I don’t know where I would be without Ehloworld’s  amazing Set-Cs2013Features script.  I have watched this script “grow up” before my eyes over the past two years .  Pat’s script downloads , prepares,  and  tweaks your Lync servers and deployment (OWAS Servers included!)  using a simple menu system. An amazing and concise piece of code, this script can reboot and resume itself as needed, reuse downloads from a previous run , and even tweak your taskbar or Lync Server control panel font. Pat’s prolific contribution to the UC Community is well known and appreciated. Pat also co-hosts the UC Architect’s  podcast , another great resource!

1) Whether you deploy Lync , like  I do, or  simply support your company’s Lync deployment, you find yourself logging into and out of many different accounts while testing and troubleshooting.  The #1 community tool for me makes this almost daily task that much easier, thanks to Greig Sheridan.  His  Profiles for Lync client side application allows you sign in and out of as many as 40 different sites!. Administrators can use this  great tool to easily to sign in to test accounts , for example , that are assigned different dial plans or registrars for easy testing. (It sure beats the bank of IP sets I used to have back in the day , but that’s a story for another time!)  Consultants love this tool because we are constantly moving from one autonomous system to another. This tool has been around since Lync 2010 and now supports the latest client , and includes the ability to launch any site from the command line as well. This tool has been a mainstay on my taskbar for many years now , and is one of the first things I install on a new machine. Simply import my settings from Onedrive ( including encrypted passwords!)  and I am good to go. Talk about a lifesaver! 

Well there you have it. My personal TOP 10 FREE tools.

Reminder. Please be a good netizen and contribute to those projects that offer it, and if you see any of these top contributors at the ignite conference or your local  users group meeting , drop them a note , buy them a beverage of their choice, or just say a big THANKS! ( Better yet , do all three!) These folks help make Microsoft UC the industry Leader that it is.

Also , this is list is far from complete, as I could easily come up with a top 100 list of great free resources. Look for a 2nd installment ( at least)  of “TPID’s top 10” in the near future, and remember , if you use these tools in your projects, or day to day tasks,  be sure to  acknowledge the original author(s).

Lastly,  if you have an idea that you think will make life easier for everyone , try your hand at building it and giving back to the community. Personally, I have few projects that are nearing that point, so I will share and post about them soon, right here at TPID blog!

Friday, February 27, 2015

Jabra Evolve 80 UC – A Hands On Review

One of the great advantages of using a softphone based communications system like Skype for Business (S4B), is the sheer variety of compatible audio and video endpoints to choose from.  Simply browse on over to the Lync catalog and check out the qualified device page to see the ever growing ecosystem of certified devices available.  

Home based users certainly have different needs and requirements than a cubicle based, or nomadic user may have. Luckily the Lync (S4B) ecosystem continues to expand with new, and some might say exciting, developments.

Today, I will provide my thoughts and observations of the new Jabra Evolve 80 UC Lync headset
The Jabra Evolve 80 is the latest Microsoft UC offering from the folks at Jabra, one of the leading headset manufacturers.

I have had this headset for over a month now, so this is no “just-out-of-the-box” review. This headset has become my daily driver. I use it all day long. 

As a mostly home based worker, thanks to my job and S4B/Lync  , I spend a great deal of time at my computer,  in my home office, alone( at least in terms of people in the same room).Because of this fact , I don’t mind wearing a binaural headset, in fact I personally enjoy it. However, if you work in a noisy office you will more than appreciate the “comfort zone” that this headset provides, thanks the noise canceling feature.

If you like to stream your favorite music or podcast while you work on that latest masterpiece, spreadsheet, or quarterly report, you will love the Jabra evolve series.



Right out of the box, it is easy to see that the Jabra Evolve 80 UC is a high quality device.  The package consists of the headset, which has leather ear cushions and a standard 3.5mm phono plug, as well as the UC USB Adapter, which provides you with the requisite Lync call control functions, such as answer, mute and volume control. The adapter also has a “busy” light that controls the matching indicator on the headset. The Jabra Evolve also has a fold up boom mic (which mutes the mic) and folds flat for storage (more on both these items in a moment). A soft carrying case is also included for travel.
The Evolve Headset , UC Adapter and soft case



Active Noise Cancellation
In my mind, there is no doubt that after the quality stereo response from this device, the best feature is the active noise cancelling (ANC) option. A switch, located under the right ear cup, lets you enable or disable this feature. Turn ANC on, and even the most annoying sounds (or coworkers) will fade away. I used these on a commuter train ride and even without any music, I was transported to a silent oasis, smack in the midst of typical rush hour chaos. The ANC circuitry is powered by an internal battery. This battery is charged via the phono plug when the device is used with the UC adapter while using it, and has a micro USB port to charge as well. I have had ANC on all day and not had any issues with battery life. If the ANC does run out of juice, simply turn it off and you still have a fully functional headset.
The evolve 80 folded flat - the right side LED is the ANC switch

Dual Use
As mentioned, the actual headset has a 3.5mm phono plug and the mic folds away. These two features allow you plug the headset into your phone or tablet and use it like any other headset. Only you know its “true” dual role as a quality UC audio device!  

Listen In
Located on the outside of the right ear cushion, is a “tap to mute all” button.  This allows you to have a conversation with a colleague, for example, as this button mutes BOTH ANC and Music/Audio.

Mic Mute
By folding the mic boom to the up position you turn off just the MIC. This is especially useful if you are using the headset as a listening device only,

Sidetone Adjustment
As mentioned by JonMck over at ucomsgeek, the driver for this device allows the adjustment of the “sidetone” of the headset. This is amount of audio picked up by the microphone that is “echoed’ back to you, while you talk. Most mobile phones do a poor job of this , which at least partly to blame for people talking so annoyingly loud on mobile devices, as they have no “feedback “  as   how loud they are talking (at least I’d like to believe that is the reason!) Head over to there to learn how to adjust this to suit your personal taste.
Note: this is more of a generic audio tip than something specific to this headset, as most newer UC certified “headset” devices will have this adjustment. I call it out here because it’s not well known or easily exposed in windows. 

 Jabra Control Center Software

Like almost everything else these days, this headset is firmware controlled and updated. The Jabra PC suite is available to flash the device. I am pleased to note that a few updates have come out since I first got this device about 2 months ago. There is nothing  more frustrating than a firmware based device that never gets updates( I’m looking at you , cardosystems) At least the good folks at Jabra are working to better  their products.
It should go without saying, but I’ll say it here anyway, that the first time you use any device you should install the latest available. When I first plugged in the UC link adapter, I did not get my phone controls, a simple update solved that!  
The Jabra Control center allows you to manage muliple Jabra  devices, check for   firmware updates and provides several “tweeks” such as pausing windows media player when on a call,  and enabling or disabling tones when buttons are used.

My Wish List

While devices are getting better every day, personally I have yet to find one that is “perfect”. Based upon the myriad of devices I have used in the past, here is my personal wish list for ads or changes to the way the Evolve 80 UC works. If the folks at Jabra care to read this, I would love to hear their take on some of these items.
  • As mentioned above, the UC adapter has a manual “busy” light. Pressing the Jabra Logo on the adapter will turn both it and the corresponding light on the headset red. Presumably to let your colleagues know you are busy. In the world of S4b, we love automation, especially in terms of presence. I would love the headset to light up automatically when I am in a call.
  • Related to  above, why not dual color (RED/GREEN) led announcing my presence like my client or the busylight does?  
  • Other headsets allow you to Bluetooth pair your headset so that you can take calls on your mobile and still wear the headset. I miss that feature with the Evolve series.  
  • Another feature I love about some other devices is that they are “aware” if you are wearing them or they are on the table. I would love to see the Jabra 80 “know”  that I am not wearing it if it is folded flat, then if a call is coming in,  and I open the headset to put it on my head, it answers the incoming call. (It’s these seemingly little things like that which make you appreciate modern communications systems! – especially Lync!)
  • Reversible – As mentioned above, the boom MIC folds up to mute, but it only goes 180 degrees. If the mic went 270 degrees, I could swing it over and swap left and right. , for times that my adapter NEEDS to be on the right side, as the wire comes from the left ear cup, you need to readjust your layout if you prefer the USB puck on the right. Since more people are right handed I would think this would be most common. This means the “default” setup is likely a wire from your left side connecting to the adapter on the right. Note: I understand that left and right are being “enforced” here due to this being a stereo device, but why not allow me to swap left and right in software?
  • Tap to mute – I like this feature, and want to see more of it. Specifically if I do enable this mode, I would like an indicator on the puck. A few times I have engaged the feature by accident, and spent a minute or two troubleshooting why I had no audio. There is NO indication anywhere when this feature is engaged
  • The  levels tab in audio device is where sidetone is adjusted , as it is such an important aspect of the user experience , this setting should be exposed  in the Jabra control center

Final Thoughts

None of my “wishes” are deal breakers in any way, as this device is ready for prime time in the right situation. If you are looking for a  top quality , multi-function , Lync certified,  Binaural headset,  for  Executive , home , office , or nomadic,  users, the Jabra Evolve UC 80 is a fine choice. This is the headset I want to travel with!