Lately, I have found myself in situations where I don’t have full domain admin rights while working on Lync. This isn’t a bad thing but one area that I consistently run into issues with is the Lync Management Shell. If you are on a Lync Front-end and you don’t have Administrator rights, the local Lync Management Shell doesn’t actually do Role Based Access Control (RBAC). Therefore, I’ll try to execute a command (say, set-csuser, grant-csdialplan, etc) and get a permission denied. Yet, I can go into the Lync Control Panel and change a setting on the user just fine.
The way around this is remote PowerShell. Since I work on many different clients, I wrote a nice little script that will prompt me for my credentials and the remote server or pool.
############################################
# Connect-LyncRemotePoSH.ps1
# Written By: Adam Ball
# Version History:
# 1.0 - 12/12/2013 - Initial Script
#
############################################
#You can pass a server or pool name with the script (i.e. .\Connect-LyncRemotePoSH.ps1 myserver.mydomain.com )
param ($poolname)
#If no server or pool was passed when the script executed, pop up a box and ask for it.
if ($poolname -eq $null){
[System.Reflection.Assembly]::LoadWithPartialName('Microsoft.VisualBasic') | Out-Null
$poolname = [Microsoft.VisualBasic.Interaction]::InputBox("Enter a Pool or Server to connect to", "Remote Lync Pool or Server", "")
}
#Change the server or pool name in to a properly constructed URL
$poolname = "https://" + $poolname + "/OcsPowershell"
$cred = Get-Credential
$session = New-PSSession -ConnectionURI $poolname -Credential $cred
Import-PsSession $session
To execute, simply run the script (assuming proper execution policy is set). It will pop-up a box and ask you for the remote server or pool then pop up another box and ask for your credentials. You can also pass the server or pool name to it as part of the script execution (i.e. “.\Connect-LyncRemotePoSH.ps1 mypool.mydomain.com”).
This is also a nice way for being able to do Lync Management from your desktop without having the Lync tools installed.
Just remember, when you are done, remove the session by running “Remove-PsSession $session”.
FYI
https://phyler.wordpress.com/2013/12/12/lync-and-remote-powershell/
http://blog.insidelync.com/2011/08/remote-lync-powershell-administration/
Since you're using a third party firewall im assuming the native firewall is disabled? In any case double check your firewall rules to ensure 5895 and 5986 (if using ssl) inbound are allowed from your ip, on any port.
1. 방화벽 상태 확
opened ports 80, 135, 443, 445, 5985, and 5986, but I am still unable to connect to the remote machine with the firewall enabled.
2. FE 서버와 파워셀을 날릴 서버에서 파워쉘 Policy "RemoteSigned" 설정
get-ExecutionPolicy RemoteSigned
$credential = get-credential
$sessionoption = new-pssessionoption -SkipRevocationCheck -SkipCAcheck -skipCNcheck
$session = New-PSSession -ConnectionUri https://pool01.mani4u.com/ocspowershell -credential $credential -SessionOption $sessionoption
IMport-Pssession $session
'IT이야기 > S4B&Lync' 카테고리의 다른 글
| Deep Dive into the Microsoft Lync 2013 Client Sign-in Process (0) | 2019.07.01 |
|---|---|
| Skype for Business SIP, Media and various Call Flow scenarios (0) | 2019.03.18 |
| Exploring Default Installation and SQL Paths in Lync Server 2013 (0) | 2019.01.21 |
| SqlInstanceRtcLocal with a failure code of -2067922934. (0) | 2018.12.13 |
| Skype for Business Server 2015, Debugging Tools (0) | 2018.12.04 |