Description

Installing Skype for Business and Lync servers is usually boring if you’re a consultant who does it often. Making sure the server specs are right, installing OS features, configuring NICs, etc. It’s even more boring if you’re building a bunch of servers at one time. There’s always a chance for human error, too. So why not automate as much as possible? That’s what I was after when I built the Lync Server 2010 prereq script, then the Lync Server 2013 prereq script. And it’s certainly what I’m after for Skype for Business Server 2015 and 2019. This time, however, I opted to not have a separate script for Skype for Business. Many of the requirements are the same, or just slightly different, than Lync Server 2013. So I just added the Skype for Business functionality to the 2013 script, and updated everything as a whole.

When calling the script, one only needs to specify the –Skype4b switch to put the script into “Skype for Business 2015 mode” or -Skype4b2019 for “Skype for Business 2019 mode”. Not specifying that switch cause a pop-up to appear, asking what mode you’d like. The menus don’t change based on what mode the script is in. Options for only one platform are clearly noted. Otherwise, the options automatically adjust for the platform you’ve chosen. The menu starts out with core prerequisite options for common Lync/SfB roles, followed by Microsoft tools and resources, some third-party tools and options, and then some sub-menus. Sub-menus are broken down by Misc server config, Desktop shortcuts, Taskbar shortcuts, Downloads, Security options, and Misc reports. As you can see, there are TONS of options. I’m not going to list every menu and option here, as the nature of the script means I’ll be adding/updating things as people request them, or as vendors update/alter their offerings. Just note that the options from the 2013 script have been moved around a little bit as I try to keep things organized.

This version also uses my new method of checking for updates, as mentioned in Function: Get-UpdateInfo – Making It Easy for Your Users to Get the Latest Version of Your Scripts. When a new version is available, you’ll get a pop-up notifying you.

If you’re aware of a third-party product, or even Microsoft product, that is a good match for Skype for Business servers, let me know. I’m happy to take a look and see if it would make a good addition to the script. This script has more than 100 options for prereqs, post install config, third party tools, and reports.

Super big thanks to my beta testers for supplying bug reports, suggestions, and comments.

Syntax

C:\Set-CsFeatures.ps1 [-TargetFolder <String>] [-WindowsSource <String>] [-SQLPath <String>] [-InitialMenuOption <Int32>] [-IncludeSSMS ] [-IncludeTelnet ] [-IncludeFW ] [-IncludeHighPower ] [-IncludeStandard ] [-GetInfoFromRegistry ] [-OWASOveride ] [-DownloadOnly ] [-SkipCoreCheck ] [-Tail ] [-Skype4b ] [-Skype4b2019 ] [-SkipUpdateCheck ] [-DisableAutoUpdates ] [-IncludeLanguagePack ] [-SkipEdgeNicConfig ] [-DisableWac] [-WhatIf ] [-Confirm ] [-IncludeTotalCount ] [-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]

C:\Set-CsFeatures.ps1 [-TargetFolder <String>] [-GetInfoFromRegistry ] [-DownloadAll ] [-SkipCoreCheck ] [-Tail ] [-Skype4b ] [-Skype4b2019 ] [-WhatIf ] [-Confirm ] [-IncludeTotalCount ] [-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]

C:\Set-CsFeatures.ps1 [-GetInfoFromRegistry ] [-ClearRunningStatus ] [-WhatIf ] [-Confirm ] [-IncludeTotalCount ] [-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]

C:\Set-CsFeatures.ps1 [-GetInfoFromRegistry ] [-Skype4b ] [-Skype4b2019 ] [-WhatIf ] [-Confirm ] [-IncludeTotalCount ] [-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]

Examples

.\Set-CsFeatures.ps1 -Skype4b2019

Runs script in Skype for Business Server 2019 mode. Options chosen while running in this mode are tailored to Skype for Business Server 2019. Not specifying this option will cause a pop-up prompt when the script starts, allowing a user to choose the desired mode.

.\Set-CsFeatures.ps1 -Skype4b

Runs script in Skype for Business Server 2015 mode. Options chosen while running in this mode are tailored to Skype for Business Server 2015. Not specifying this option will cause a pop-up prompt when the script starts, allowing a user to choose the desired mode.

.\Set-CsFeatures.ps1

Runs script with default values. The script will prompt for which platform (Lync Server 2013/Skype for Business Server 2015/Skype for Business Server 2019) is being installed.

.\Set-CsFeatures.ps1 -WindowsSource "d:"

Runs script with the location defined for the Windows Server installation files.

.\Set-CsFeatures.ps1 -SQLPath "d:\sqlexpress"

Runs the script and installs any required SQL Express instances in the specified location.

.\Set-CsFeatures.ps1 -TargetFolder "d:\installbits"

Runs the script, and saves any downloaded files and written logs in the specified location instead of the default “c:\_install”.

.\Set-CsFeatures.ps1 -InitialMenuOption 3

Runs the script, and automatically starts option 3 (Front End server). Once it’s finished with that option, the script functions as normal, and displays the menu. NOTE: only options from the main menu can be specified. Options in sub-menus are not available with -InitialMenuOption.

.\Set-CsFeatures.ps1 -tail

Runs script with default values, but also shows an additional PowerShell window showing a live running log file, similar to a Unix tail function. Please note that running this option may result in some popup alerts or prompts being behind the log (tail) window.

Parameters

-TargetFolder

Defines the location for any downloaded files. Defaults to “c:\_install”. Additionally, log files generated by this script are located in a sub-folder of TargetFolder called “logs”. TargetFolder does not support paths with spaces, but does support non-hidden UNC paths.

-WindowsSource

Defines the location of the Windows Server installation files. This is needed to install .Net 3.5 since those files are not installed on the server by default. Defaults to first detected CD-ROM/DVD drive. This can be a local file path, path to an .ISO file, or a non-hidden UNC path.

-SQLPath

Defines the desired installation path for SQL Express. Defaults to “c:\Program Files\Microsoft SQL Server”.

-InitialMenuOption

Allows you to start the script with the option you want, without first displaying the menu.

-IncludeSSMS

If specified, will include SQL Server Management Studio automatically when prerequisites are installed for any server that has SQL Express instances. If not specified, a prompt will appear.

-IncludeTelnet

If specified, will include Telnet automatically when prerequisites for Front End servers, Director servers, Mediation servers, Edge servers, and/or Persistent Chat servers are installed. If not specified, a prompt will appear.

-IncludeFW

If specified, will include the firewall rules for Get-CsConnections automatically when prerequisites for Front End servers are installed. If not specified, a prompt will appear.

-IncludeHighPower

If specified, tells the script to automatically set the Power Config on the server to High Power. This is instead of the script prompting. This option is available for all server roles.

-IncludeOnlineAdminTools

If specified, tells the script to automatically include the Skype for Business Online admin tools when installing prerequisites for front-end servers.

-IncludeStandard

If specified, tells the script to include the extra SQL Express instance required for Standard Edition front end servers. This is instead of the script prompting.

-GetInfoFromRegistry

This value is only used during mid-prereq reboots. It is automatically set and read by the script, and should never be manually specified.

-DownloadOnly

Tells this script to not install or configure anything – just download the files. This is useful if you’re going to be building servers that do not have Internet access and want to fetch the files beforehand. The big difference between this option and -DownloadAll, is that this option presents the normal menus, and allows you to download files for the options you pick. The -DownloadAll option downloads ALL files needed for ALL options.

-DownloadAll

Tells this script to not install or configure anything – just download ALL of the files. This is useful if you’re going to be building servers that do not have Internet access and want to fetch the files beforehand from a desktop computer. The big difference between this option and -DownloadOnly, is that this option downloads ALL files needed for ALL options, whereas -DownloadOnly allows a user to download files for specific options they choose.

-ClearRunningStatus

This switch forces the running status to be reset. This option should ONLY be used if the script exits/aborts dirty, and attempts to run the script again yield a “Script is already running” message.

-SkipCoreCheck

When specified, skips the check for Server Core. It is not meant to be called manually, as it’s used when the script needs to restart after a server reboot.

-Tail

When specified, opens another PowerShell session and tails the log file, similar to *nix. This is really only beneficial during troubleshooting.

-Skype4b

When specified, uses values specific to Skype For Business Server 2015 for prerequisites. If this option or -Skype4b2019 is NOT specified, a pop-up will appear, asking which mode the script should operate in: Lync Server 2013 or Skype for Business Server 2015, or Skype for Business Server 2019.

-Skype4b2019

When specified, uses values specific to Skype For Business Server 2019 for prerequisites. If this option of -Skype4b is NOT specified, a pop-up will appear, asking which mode the script should operate in: Lync Server 2013, Skype for Business Server 2015, or Skype for Business Server 2019.

-SkipUpdateCheck

When specified, skips the check for a newer version of the script. This option is included mainly for when the script reboots the server.

-DisableAutoUpdates

When specified, skips the prompt and automatically disables auto updates for Windows Server. If not specified, a prompt is displayed.

-IncludeLanguagePack

When specified, skips the prompt for the installation of the Office Online Server English language pack. If not specified, a prompt is displayed.

-SkipEdgeNicConfig

When specified, skips the configuration of the NICs on edge servers. This requires that you manually complete those steps.

-SkipAutoStart

When specified, will not automatically restart the script after a required reboot. The ONLY time this should be used is if you need to do something before the script starts again, like manually mounting an ISO file that the script needs.

-DisableWac

When specified, will automatically disable the Windows Action Center prompt when Server Manager is launched on Windows Server 2019. This can be crucial, as installing Windows Admin Center can cause some conflicts with some of the IIS settings for Skype for Business Server 2019. If this is not specified, and the script is running on Windows Server 2019, a prompt will appear.

-DomainSuffix

When specified, is used for the domain suffix configured on edge servers. If not specified, a prompt will appear to enter a domain suffix.

-DisableFPSharing

When specified, will disable Microsoft File and Printer Sharing. This is useful when building edge servers. If not specified, a prompt will appear at the appropriate time in the build process.

-DisableLmHosts

When specified, will disable LMHosts file lookup. This is useful when building edge servers. If not specified, a prompt will appear at the appropriate time in the build process.

-DisableNetBios

When specified, will disable NetBIOS. This is useful when building edge servers. If not specified, a prompt will appear at the appropriate time in the build process.

-IncludeTrustedCerts

Automatically adds trusted certificates to edge servers. This includes comodo, digicert, entrust, geotrust, globalsign, godaddy, letsencrypt, networksolutions, ssl, swisssign, symantec, thawte, and wisekey.

Installation

No installation is necessary.

Execution Policy: Third-party PowerShell scripts may require that the PowerShell Execution Policy be set to either AllSigned, RemoteSigned, or Unrestricted. The default is Restricted, which prevents scripts – even code signed scripts – from running. For more information about setting your Execution Policy, see Using the Set-ExecutionPolicy Cmdlet.

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

Known Issues

The only issue I’m aware of at the release of the latest version is that pinning shortcuts to the taskbar in Windows Server 2016 doesn’t seem to be working, and doesn’t work at all in Windows Server 2019. If you come across something, please let me know. Contact info is in the header of the script, and the script also has option 96, ‘how to report a bug’ that will tell you what information is critical when reporting a problem (including where the log file is).

Frequently Asked Questions

Question: Does the script support Windows Server 2019?

Answer: Yes – starting with version 5.0, prerequisites for Windows Server 2019 are included for Skype for Business Server 2019.

---

Question: Does this script support Windows Server 2016?

Answer: Yes – starting with version 4.20, prerequisites for Windows Server 2016 are included.

---

Question: Why doesn’t this script support Windows Server 2008 R2 and earlier?

Answer: I used to get asked this all the time. There are several reasons. The first is that out of the box, Server 2008 R2 has PowerShell 2.0 installed, and this script is written in PowerShell 3.0. Requiring you to upgrade to PowerShell 3.0 first, before running a script that installs prerequisites, seems counter-intuitive. And converting the script to just use PowerShell 2.0 is taking a step backwards, especially considering that the current version of PowerShell is 5.x.

Next is sheer time. I test changes I make. And then I test them again. And then I choose different options and combinations and test them. Testing on just Server 2012, Server 2012 R2, Server 2016, and Server 2019 is exhausting. Adding Server 2008 R2 would mean even more testing, plus I’d have to add those resources in my already overtaxed test labs. That would slow down my ability to add new features and test fixes.

Third is that Server 2008 R2 is four versions back. Get with the times already!

---

Question: Can you add feature x?

Answer: I LOVE getting feature requests. Seriously! Best method to suggest features is to send me an email. My email address is in the comment section at the top of every script I publish. Please be detailed in what you’d like to see, as well as any scenarios you’d use the option (so I can try to duplicate testing). This also goes for additional tools, whether Microsoft or third-party.

---

Question: How do I submit bug reports?

Answer: Email is best. Grab my email address from the comment section at the top of the script. Please be VERY detailed. Please include screen shots if possible, and ALWAYS include the log file. If the script will start, select option 96, “Report a bug/problem with this script”. If you’re not using the latest version of the script, please download it from the Downloads section below and see if you can duplicate the problem before reporting it.

---

Question: What if my server doesn’t have Internet access?

Answer: Fear not. Download the required files using either the -DownloadOnly or -DownloadAll options from another machine and place them in the TargetFolder, which is c:\_install by default. The script looks to see if the file is available locally before attempting to download. An exception to this is the latest cumulative update, which is always downloaded, since the URL and file name don’t change, even when the version does.

---

Question: When I run the script again, I get “Script already running”

Answer: This is because the script didn’t exit gracefully previously. Many reasons this can happen, such as rebooting the server while it’s still running. If you’re positive it’s not running anywhere else (including by other users logged into the same server), run the script with the -ClearRunningStatus switch to clear that flag. Then run it as normal.

---

Question: Is there an option to specify where (i.e. path) all of the various tools are installed?

Answer: No. And not for a lack of trying. Some tools don’t support automated installs with a specified path. And some of those that DO, actually still dump some core files in a “default” location. The more I tried to come up with the solution, the more I realized that it would entail a substantial amount of overhead in the script.

---

Question: Why does the script report an unsupported version of .NET Framework?

Answer: Because Lync Server 2013 and Skype for Business Server 2015 don’t support the version detected. Once they do, I’ll adjust the script accordingly.

---

Question: Can I run the script more than once?

Answer: Absolutely. The script was designed to not only support running more than once, but also to be safe if run on a working Lync/Skype for Business server. HOWEVER, I wouldn’t recommend running the script in a different mode (Lync/SfB 2015/Sfb 2019) than what was run previously. That could be problematic.

---

Question: Why do I get prompted for some things? Can’t I run the script without all of those prompts?

Answer: The prompts are for things that are not explicitly required for the installation of the role you’ve chosen (according to official Microsoft documentation), but are recommended. The telnet client is a perfect example. It’s not required for any role, but I’ve found a lot of people install it to help with functionality testing and troubleshooting. So, optional items involve a prompt. Can you run without the prompts? Yep. Plenty of options when calling the script to accept some optional features. In the example of telnet, -IncludeTelnet will install the telnet client without prompting. For a complete list of command line options, see the parameter section above, or run ‘Get-Help Set-CsFeatures.ps1’

---

Download

v5.5 – 08-12-2019 – Set-CsFeatures.v5.5.zip

v5.4 – 12-26-2018 – Set-CsFeatures.v5.4.zip

v5.3 – 11-21-2018 – Set-CsFeatures.v5.3.zip

v5.2 – 11-11-2018 – Set-CsFeatures.v5.2.zip 

v5.1 – 10-05-2018 – Set-CsFeatures.v5.1.zip

v5.0 – 09-17-2018 – Set-CsFeatures.v5.0.zip

v4.9 – 08-31-2018 – Set-CsFeatures.v4.9.zip

v4.8 – 03-10-2018 – Set-CsFeatures.v4.8.zip

v4.7 – 02-23-2018 – Set-CsFeatures.v4.7.zip

v4.6 – 01-19-2018 – Set-CsFeatures.v4.6.zip

v4.5 – 12-21-2017 – Set-CsFeatures.v4.5.zip

v4.4 – 11-12-2017 – Set-CsFeatures.v4.40.zip

v4.30 – 10-11-2017 – Set-CsFeatures.v4.30.zip

v4.20 – 09-04-2017 – Set-CsFeatures.v4.20.zip

v4.10 – 05-15-2017 – Set-CsFeatures.v4.10.zip

v4.09 – 05-13-2017 – Set-CsFeatures.v4.09.zip

v4.08 – 04-19-2017 – Set-CsFeatures.v4.08.zip

v4.07 – 04-14-2017 – Set-CsFeatures.v4.07.zip

v4.06 – 02-05-2017 – Set-CsFeatures.v4.06.zip

v4.05 – 11-04-2016 – Set-CsFeatures.v4.05.zip

v4.04 – 11-02-2016 – Set-CsFeatures.v4.04.zip

v4.03 – 11-01-2016 – Set-CsFeatures.v4.03.zip

v4.02 – 10-28-2016 – Set-CsFeatures.v4.02.zip

v4.01 – 10-25-2016 – Set-CsFeatures.v4.01.zip

v4.0 – 10-24-2016 – Set-CsFeatures.v4.0.zip

Changelog

See the changelog for information on what’s changed/included in each version.

This is the changelog page for Script: Set-CsFeatures.ps1 – Easily Install Prerequisites and Tools for Lync Server 2013 and Skype for Business Server 2015/2019. You will find a complete list of released versions, their dates, and the features and issues addressed in each. Please refer to the script’s main page for more information including download links, installation details, and more.

v5.5 – 08-12-2019

1. Fixed a sporadic WMI query issue that would occur when checking to see if the server was virtualized. Thanks to James (@UCMadScientist) for the info.
2. Added the Windows Features required for the new Modern Administration Control Panel (MACP) preview in SfB 2019 CU1 – Thanks to @TheRealKorbyn for some advanced notice.
3. Tweaked the Windows Server 2019 detection for better success on non-English machines based on some feedback.

v5.4 – 12-26-2018

1. Added -DisableFPSharing (Disable File and Printer Sharing), -DisableLmHosts, -DisableNetBios, and -IncludeTrustedCerts options when calling the script to help streamline some of the optional features when building edge servers. If these are not specified, the script runs as usual and will prompt for them at the appropriate time.
2. Updated Get-UpdateInfo to v1.7 to include some additional error trapping.
3. Added ‘Show Admin Group Membership’ (option 40-5). This option shows membership in all groups with ‘admin’ in the name.
4. Updated OOS to the November 2018 build, including language pack – See https://techcommunity.microsoft.com/t5/Office-365-Blog/Office-Online-Server-November-2018-Update/ba-p/292500
5. When a new FE file share is created, whether when building the FE (Option 3) or as an option afterwards (option 90-6), there is now a prompt to disable SMBv1 on the server. This is a security measure. It’s not required, but is recommended.
6. Reverted SQL Express 2014 from SP3 to RTM version for Skype for Business 2015 builds. This is to avoid a SQL component version mismatch when the Skype for Business 2015 installer installs the RTM SQL client tools. Once Microsoft releases the SP3 Feature Set, I’ll revisit. Thanks to Mike S. for pointing out the issue.

v5.3 – 11-21-2018

1. Updated SQL Server Management Studio to v17.9 (from v17.8.1).
2. Added Call Quality Dashboard (CQD) 2046.19 for Skype for Business Server 2019.
3. Added SCOM Management Pack 2046.19 for Skype for Business Server 2019.
4. Added SCOM Watcher Node 2046.19 for Skype for Business Server 2019.
5. Updated StatsMan to 2046.22.
6. Updated Key Health Indicators (KHI) to 2046.22.
7. When building a standard edition front-end, the process of creating the SMB share now includes a prompt for the share name instead of using one I had hard-coded. If you don’t supply a value, the original hard-coded value (‘skypeshare’ or ‘lyncshare’) is used. Thanks to @bricomp for the suggestion.
8. When building edge servers, there is now a prompt that will disable ‘Microsoft File and Printer Sharing’ binding on the external interface. Thanks to @bricomp for the suggestion.
9. Added Skype for Business Server 2015 – 180 day evaluation .iso image download [option 80-20].
10. When building edge servers, setting the primary DNS suffix no longer forces an immediate reboot. A reboot is still required, but can take place later, such as when exiting the script. This mimics other sections of the script.
11. Added -DomainSuffix option when calling the script to supply the domain suffix to configure on edge servers. If it’s not supplied when calling the script, a prompt will appear as it has previously.

v5.2 – 11-11-2018

1. More logging around the edge NIC config. That section of code is always a bunch of black magic.
2. Tweaked OS detection to properly discover Windows Server 2019 Core.
3. Consolidated some code in places where I was doing the same thing, but using two different methods of doing it (think: ‘old method’ and ‘new method’). I’m usually pretty good about keeping things consistent, but this one got overlooked.
4. Fixed an issue where -DisableWac wasn’t maintained through a restart of the server.
5. Updated Add-TrustedRootCertsToEdge to v1.2. to support pipeline input.
6. Reworked more of the Install-CsOnlineTools function to take advantage of the Install-Module method. Thanks to @jdschertz for the examples. Also flattened out some of the nested loops. Also added a prompt to install the Teams module. I suppose I could add one for the Exchange Online module, but that might be taking things too far. Also verified that the new Microsoft Teams module 0.95 installs without a problem.
7. Added ability for -IncludeLanguagePack to survive a restart. This option is used when building OOS servers (option 5).
8. Added Skype for Business Server 2019 Debugging Tools.
9. Upgraded to SP2 for SQL Express 2016 (when building SfB 2019 servers).
10. Upgraded to SP3 for SQL Express 2014 (when building SfB 2015 servers).

v5.1 – 10-05-2018

1. Added more bugs to fix later. 🙂
2. Added detection around Visual C++ 2017 – mostly for logging as the version in the Skype for Business Server 2017 Preview bits is newer than what’s publicly available.
3. Added option 90-14 – Remove Windows Defender Antivirus – works on Windows Server 2016 and 2019, which has Windows Defender installed by default.
4. Updated Test-IsServerCore to check the registry instead of using Get-WindowsFeature. Much faster. Thanks to @mderooij for the example. (Yes, I do look at other people’s scripts for ideas and inspiration!)
5. Fixed an issue where attempting to do things for Skype for Business Server 2019 on Windows Server 2016 would throw the .NET error. .NET 4.7.2 is supported on both.
6. Cleaned up the code that creates the file share (option 50-25). Mainly some more error catching for fringe scenarios.
7. When building a standard edition front end (option 3), you’ll now be asked if you want to create the file store share.
8. Cleaned up the code that calls for the installation of the online admin tools. It’s all in the Install-CsOnlineAdminTools function, and called from various places.
9. Fixed a typo for option 6 (Persistent Chat server) that would throw an error when attempting to install the telnet client.
10. Fixed a typo for option 1 (Director) that would throw an error when installing a SfB 2019 Director on Windows Server 2019.
11. Tweaked the function that detects if a restart is needed. It now checks more flags, although the additional ones aren’t triggered by the script.
12. Noticed that the installer of the Skype Online PowerShell module running during option 7 (SCOM Watcher Node) would sometimes reboot the server. That wasn’t expected (although it was a clean restart). Tweaked the code to help avoid the reboot until it’s done with all of the prereqs, and then to do it with a prompt. I tweaked the Install-CsOnlineAdminTools function accordingly, even though I don’t recall it ever restarting unexpectedly when Skype Online PowerShell module is installed via that function.

v5.0 – 09-17-2018

1. Added more bugs to fix later. 🙂
2. Code around handling of Windows Server 2019. This is for support for Skype for Business 2019 on Windows Server 2019 (which currently isn’t supported, but will be). If you’re in the TAP or Elite100, this script works for your testing. As far as testing goes, all known issues have been resolved as of this publication date. There is a known issue where rebooting a Windows Server 2019 server sometimes results in the network card showing as ‘no Internet access’. That’s a Windows issue, not a script issue. I’m tracking that, and the script does check for Internet access before trying to perform tasks that require it to connect to something on the Internet (such as file downloads).
3. Looks like the old Skype for Business Server 2015 hotfix for Windows Server 2012 R2 was replaced by a server update, 3013769. I updated the code to install that file instead. It should be noted that this update is generally already installed on a currently patched Windows Server 2012 R2 server, but I haven’t found a valid way to test if it’s installed yet (my normal method didn’t work). So we try to install it again, and let it gracefully stop if it’s already installed. No harm, really. If I find a better way, I’ll update things.
4. New-ProgramInstallation function updated to v1.5 – tweaks mainly around logging more info.
5. New-FileDownload function updated to v1.6 – tweaks mainly around efficiency if a file doesn’t need to be downloaded (because it already exists locally).
6. Code cleanup: Reduced the number of nested loops to make code easier to follow and more efficient.
7. Lots more validation for some options to ensure that Lync options aren’t installed on Skype for Business servers, Skype for Business Server 2015 options aren’t installed on Skype for Business Server 2019 servers, etc.
8. Fixed the Disable RC4 Cipher option for Windows Server 2012.
9. If the Windows source path is not valid, the script will now pop up a browse box to allow you to navigate to the proper location instead of just stopping with an error. Thanks to Brian (@bricomp) for the suggestion.
10. Script now bypasses more system checks for -DownloadOnly. The true purpose of -DownloadOnly and -DownloadAll are so that you can download the necessary files on an Internet connected machine, regardless of OS, and transfer them to non-Internet connected servers for installation.
11. Some cleanup of the code for Office Online Server (option 5).
12. Added May 2018 CU for Office Online Server.
13. Added the same OWAS CU to be included when using -DownloadOnly. Not sure why I hadn’t done that previously.
14. A TON of tweaks to the logging, mainly to make it easier to find things quickly.
15. Added -DisableWac option to disable the Windows Admin Center prompt seen when Server Manager is launched in Windows Server 2019. It’s also added as option 50-26. as well as visually prompted when installing prereqs for any Skype for Business Server 2019 role on Windows Server 2019.

v4.9 – 08-31-2018

1. Added more bugs to fix later. 🙂
2. Additional code around Skype for Business Server 2019 was added
3. Cleanup of some old, unused stuff that was commented out
4. Optimization of the Stop-Script function for better error handling
5. Current power plan now logged per request
6. Fixed a couple of typos in the help documentation – Thanks to Greig
7. Updated Get-UpdateInfo to v1.6. Some streamlined code since the security protocol automatically resets upon closing the session, I removed the code that reset it within the function. Thanks to @realtimeuc for pointing it out.
8. Some code around installing the latest supported version of .NET (currently 4.7.1). This also allowed for another menu item, 20-10, to install/update .NET to the latest supported version.
9. Tweaked Write-Log to v3.3 per Greig’s OCD as well as some minor tweaks. This function will probably be posted to github soon.
10. updated 50-19, option to block .NET, to v4.7.2
11. Upgraded SQL Server Management Studio to 17.8.1 (14.0.17277.0)
12. Fixed Mediation Server (option 4) to properly check for, and use, the Windows source files. Thanks to Seth and Linus for reporting the issue.

Known issues

1. There is currently no support for Windows Server 2019. I’ll begin working on that soon.

v4.8 – 03-10-2018

1. Added more bugs to fix later. 🙂
2. Some code around vNext was added
3. Network Assessment Tool updated to v1.1.0.0

v4.7 – 02-23-2018

1. Added more bugs to fix later. 🙂
2. Added January update for Office Online Server (option 5)
3. Fixed a minor logging issue around the Office Online Server cumulative update.
4. Updated SQL Server Management Studio to 17.5 (14.0.17224.0)
5. Minor logging tweaks
6. Minor error trapping when the OS is 2008 R2 and before the script exits with the invalid OS message.

Known Issues

1. When using the -Tail option, I’ve noticed that every once in a while, the tail window will throw a quick error when starting, and close. I haven’t been able to capture the error, or the cause. The script itself seems to run fine, and all logging activity continues. The tail window just closes.

v4.6 – 01-19-2018

1. Added more bugs to fix later. 🙂
2. Updated Get-VersionInfo to 1.5, which includes some work around dealing with TLS 1.2 (only) sites for downloading the update XML file. I suspect that this, or something similar, will get worked into the New-FileDownload code that downloads files for the rest of the script as well. Thanks to @GreigInSydney (of course).
3. Updated Office Online Server to use the November 2017 ISO, which also negates the need for the July 2017 update and its related code.
4. .NET framework build number that is logged now also includes the version number. Format is ‘build (version)’. i.e. ‘394802 (4.6.2)’. Thanks to @GreigInSydney
5. Added NET-Framework-45-Features, NET-Framework-45-Core to the installed Windows features for installing Office Online Server on Windows Server 2016 as per the updated guidelines on
   https://docs.microsoft.com/en-us/officeonlineserver/deploy-office-online-server
6. Added Microsoft Identity Model Extensions to the installed features installing for Office Online Server as per the updated guidelines on
   https://docs.microsoft.com/en-us/officeonlineserver/deploy-office-online-server
7. Updated English Language Pack for Office Online Server (option 5) to November 2017 version – v16.0.8431.1018
8. WireShark updated to v2.2.12

Known Issues

1. When using the -Tail option, I’ve noticed that every once in a while, the tail window will throw a quick error when starting, and close. I haven’t been able to capture the error, or the cause. The script itself seems to run fine, and all logging activity continues. The tail window just closes.

v4.5 – 12-21-2017

1. Added more bugs to fix later. 🙂
2. Updated Debugging Tools to v6.0.
3. Option 50-14 tweaked. Now the script checks to see if a component is installed before trying to install it. (I know, what a concept, right?)
4. Reworked the Get-UpdateInfo function so that it properly shows the changelog info in the popup box. Also increased performance, as well as downloading the update file directly when available, and showing the article when the update file isn’t available. Thanks to Greig (@GreigInSydney) for the bug submission and code sample.
5. Moved option 9 (Create SMB share) to the Misc Server Config menu (option 50).
6. Moved options 10 through 17 (resource kits, SQL Mgmt Studio, etc.) to a new Microsoft Tools and Apps menu (option 20).
7. A little bit of code optimization.
8. Option 3 (Front End) updated to prompt for installation of online (Office 365) admin components.
9. Added -IncludeOnlineAdminTools switch. If specified when calling the script, tells the script to automatically include the Skype for Business Online admin tools when installing prerequisites for front-end servers.
10. Tweaks to some of the Visual C++ detection code and error messages. Thanks to James (@atreidae) for the bug submission.
11. Network Assessment Tool download (option 80-8) updated to 2017.1.0.51.
12. Lifted the blocker for .NET 4.7, since it’s now supported. See https://technet.microsoft.com/en-us/library/dn951388.aspx. Updated related menus and logging appropriately. Blocker for 4.7.1 and later are still in place. Note that this applies to the Skype for Business related roles only. No change has been made for the OOS role, since that’s technically a SharePoint role. I’ve yet to find any new info for that.
13. Added option 20-9 (Network Assessment Tool)
14. Fixed a rare issue where if a server had to reboot a second time while prereqs were being installed for a specific role, the script would work the first reboot, but on the second reboot, it would stop at the menu instead of picking up where it should.
15. MS Teams module (50-24) now gracefully exits if the script is running on an unsupported version of PowerShell. The cmdlets required to install it require PowerShell v5.1 or later.
16. Added the -SkipAutoStart option. This is really a fringe case option that was requested. It’s designed to keep the script from restarting after a required reboot (in cases where it normally would). The use is really in cases where you have to do something before the script starts again, like mounting an ISO that the script is going to need. When used, you’ll need to manually start the script again once you’re ready.
17. Resolved a minor issue where the script will ask if a Front End is a standard edition server, and then, following the reboot, will ask again.

Known Issues

1. When using the -Tail option, I’ve noticed that every once in a while, the tail window will throw a quick error when starting, and close. I haven’t been able to capture the error, or the cause. The script itself seems to run fine, and all logging activity continues. The tail window just closes.

v4.40 – 11-12-2017

1. Added more bugs to fix later. 🙂
2. Bypass of the 32/64 bit PowerShell process check when using -DownloadOnly or -DownloadAll
3. Updated Silverlight to v5.1.50907.0
4. Updated WireShark to v2.2.10
5. Added 80-17 – Skype for Business Basic Client (32 and 64 bit) v16.0.4417.1000 and Lync Basic Client (32 and 64 bit) v15.0.4420.1017 [DOWNLOAD ONLY]
6. Added 80-18 – Skype Room System Administrative Web Portal v1525.1 [DOWNLOAD ONLY]
7. Added 80-19 – Key Health Indicators for Lync Server 2013 and Skype for Business Server 2015 v2.0 [DOWNLOAD ONLY]
8. Fixed an issue with option 9 (Create a file share) to deal with the user selecting a root drive instead of an existing or new subfolder. If a root drive is selected, a folder called SkypeShare (or LyncShare if running in Lync mode) is created and it is shared. Thanks to @JDubyaeber for reporting the issue.
9. Option 50-19 updated to also block .NET v4.7.1 (in addition to v4.7). MS hasn’t released guidance into how to block v4.7.1 yet, but this apparently works to block this version for Windows Updates. I can verify this method does NOT block manual installation. Both versions are still unsupported for Skype for Business Server 2015.
10. Option 50-5 (Set recovery of SfB/Lync/OOS services to restart) updated to also include the SfB Statistics Manager (“statsman”) agent service.
11. Added warning to 50-23 (Enable Enhanced Experience for Meetings Hosted on Skype for Business On-premises) to rerun option if more front end servers are deployed in the environment.
12. Added option 50-24 – MS Teams PowerShell module.

v4.30 – 10-11-2017

1. Added a prompt if more than 1 NIC is detected in servers other than Edge.
2. Fixed check for edge domain name before forcing it to be changed (like when script is run a second time after the domain name is set).
3. Changed from using netdom.exe for some of the edge config changes to directly making the changes in the registry.
4. Set ‘Set recovery of SfB/Lync/OOS services to restart’ (Option 50/5) to only set the first two failures to restart, and leave the subsequent failures to ‘take no action’. This should prevent issues where problematic services get stuck in a perpetual restarting loop.
5. Added some code to detect if FIPS is enabled. This is based on some feedback around issues that arise when FIPS is enabled and you try to install some of the prereqs. More will be added later. Thanks to Sean for bringing it up.
6. Added option 80-14 – Call Quality Dashboard [DOWNLOAD ONLY].
7. Added option 80-15 – Real-Time Statistics Manager (StatsMan) [DOWNLOAD ONLY].
8. Added option 90-10 – Configure longer Diffie-Hellman ephemeral (DHE) key shares for TLS servers. This option sets it to 2048 (from the default 1024). See https://technet.microsoft.com/en-us/library/security/3174644.aspx for more info. This should help get higher scores at sites such as https://www.ssllabs.com/ssltest. Thanks to @greiginsydney & Mike S. for the info.
9. Added option 90-11 – Disable PCT 1.0.
10. Added option 90-12 – Disable other weak ciphers – includes NULL, DES 56/56 and RC2. Tons more security options coming soon.
11. Updated option 50-11 – Edit hosts file – to ensure it opens notepad elevated.
12. Fixed option 15 – Lync Connectivity Analyzer – MS has killed the download page for it. I fixed it so it grabs from an alternate source, and removed the restriction that the option only work when the script is in ‘Lync’ mode.
13. Added option 80-16 – IIS Crypto [DOWNLOAD ONLY].
14. Bypass the virtualization function code when the script is called with either the -downloadall or -downloadonly options. This is because that code can cause exception errors when run on a Win 10 machine. I’ll make this a little more graceful in the future. Thanks to @JDubyaeber for the heads up.
15. Re-added the admin/elevated check when -downloadall or -downloadonly options are used. This is because some of the logging code needs elevated access to right to the registry, such as when the script starts/finishes.

v4.20 – 09-04-2017

1. Minor corrections to the edge NIC configuration code. Thanks to @JapNolt for pointing it out and supplying a solution for one of the issues.
2. Now log the number of NICs that are enabled. This will be used in the future to throw some alerts, if needed.
3. Added NET-WCF-HTTP-Activation45 to the list of Windows Features installed for OOS (option 5).
4. Added detection for Visual C++ 2013 when using OOS (option 5). If it’s not detected, it will install it. This resolves an issue where OOS servers could show ‘unhealthy’.
5. Updated WireShark to 2.2.9.
6. Added ‘Enable Enhanced Experience for Meetings Hosted on Skype for Business On-premises‘ (50-23).
7. Fixed some minor error message text that mentioned ‘Lync Server’ instead of ‘Skype for Business Server’.
8. Tweaked the code for ‘Add Trusted Root Certification Authorities to Edge Servers’ (50-22) to deal with that option being selected before the initial IE configuration prompts are dealt with. Also added some more certification authorities.
9. Added detection code and related error to determine if the script is running in an x86 PowerShell session – Thanks to Brennan.
10. Fixed a minor logging issue when using options in the ‘Third Party’ menu.
11. Fixed an issue where the WireShark installer macro would try to run even if the WireShark exe file failed to download.
12. Fixed an issue where the script would exit to allow downloading a new version, but wouldn’t clear the ‘running’ flag. Thanks to @greiginsydney for noticing.
13. Fixed an issue where the script would throw an unintended error if the rtclocal SQL instance failed, and the script tried to apply the firewall exceptions for the Get-CsConnections script. Thanks to @greiginsydney for the heads up.
14. Fixed an issue where the pick list for internal edge NICs was sometimes blank. Thanks to Korbyn for pointing it out.
15. Fixed a minor logging issue when removing the Windows Store App from the taskbar (50-12).
16. Updated option to temporarily block the installation of .NET (option 50-19) to block version 4.7 (from 4.62) as 4.7 is not supported for Skype for Business Server (yet). Script will also stop if 4.7 is installed.
17. Added -DisableAutoUpdates switch to bypass the prompt about disabling auto windows updates when installing roles. When specified for any role (1-6), automatic updates are disabled, and not prompt is displayed. When not specified, a prompt will be displayed.
18. Added -IncludeLanguagePack switch to bypass the prompt about installing the english language pack when building OOS servers (option 5).
19. Included the June, 2017 security update for OOS servers (option 5).
20. Added -SkipEdgeNicConfig option to skip the NIC config when building edge servers (option 2). If you use this option, understand that you must manually configure those components on the server. Thanks to @greiginsydney for the suggestion.
21. Disabling SSL3 (option 90-2) now disables both the server and client components.
22. Disabling SSL2 (option 90-1) now disables both the server and client components.
23. Added security option 90-7 – Set LmCompatibilityLevel to 5 (NTLMv2 only). See https://technet.microsoft.com/en-us/library/cc960646.aspx for more info. Also, the LmCompatibilityLevel when the script is started is also logged.
24. Added security option 90-8 – Disable Link-Local Multicast Name Resolution (LLMNR).
25. Re-engineered some of the code around how the script reboots and restarts. This was due to some limitations in the RunOnce registry key in Windows.
26. Fixed the problem with the latest Skype for Business Debugging Tools (option 12). It now requires Visual C++ 2015, whereas the previous builds required Visual C++ 2013, so the script was updated to install that if needed.
27. Some minor updates to what gets logged at the beginning of the log file.
28. Added support for Windows Server 2016.
29. Fixed an issue where the script would throw an error when restarting after a reboot if a menu option hadn’t been selected initially.
30. Fixed URL for Skype Adoption Portal.

Known issues

1. Looks like pinning of shortcuts to the taskbar & desktop are not working in Windows Server 2016.

v4.10 – 05-15-2017

1. Write-Log function upgraded to v3.1
2. fixed logic in 90-6 (disable SMBv1)

v4.09 – 05-13-2017

1. Minor menu cleanup
2. Added a reboot check after Wireshark is installed, and before the config macro runs. Two people have reported spontaneous server reboots at that point. It’s not the script – it’s WireShark.
3. Upgraded SQL Server Management Studio to v17.
4. fixed a couple of typos – thanks to @greiginsydney for pointing them out.
5. fixed an issue with disabling NetBIOS over TCP/IP
6. option 50-22 (Add Trusted Root Certification Authorities to Edge Servers) added. See https://www.ucunleashed.com/3029 for more info.
7. Minor adjustments to basic function code

v4.08 – 04-19-2017

1. Added Lync Edge Server Replication failed FALSE with red cross (option 90-5)
2. added Disable SMBv1 (option 90-6). See https://technet.microsoft.com/en-us/library/security/ms17-010.aspx for more info.
3. Fixed issue with Windows Source files when installing prereqs for Persistent Chat servers. Thanks to Steve for sending me the bug report.

v4.07 – 04-14-2017

1. added Meeting Migration Tool (option 80-11) to the download menu. This option downloads both the 32 and 64 bit versions. Because both versions have the same file name, they are downloaded to individual sub folders.
2. added Cloud Center Edition v1.4.2 (option 80-12) to the download menu
3. Substantial code optimization utilizing PsScriptAnalyzer and PsSharper (literally like 2000 lines of code tweaked)
4. removed Test-ScriptUpdate function since it was replaced with the newer update method
5. updated Test-InvalidCert function to v1.3 (adds checking of Intermediate Store & moves certs in the incorrect store to the correct store). Note that this function runs automatically when the script is started. Results are written to the log file.
6. updated Write-Log function to v3.0 (adds a verbose level)
7. fixed a typo in the virtualization detection code (how did I miss THAT?)
8. Updated download URL for network assessment download
9. removed download URL for RASK Resources file, as it seems to no longer be available for download
10. updated .NET check to only throw an error if the detected version is > v4.6.2, since v4.6.2 is now supported (assuming CU 4)
11. Updated Wireshark (option 30-1) to v2.2.6
12. Updated Windows Features required for Director role. Thanks to @greiginsydney for pointing it out.
13. added Windows Features for Skype for Business 2015 stand-alone Mediation server. Thanks to @greiginsydney for the info.

v4.06 – 02-05-2017

1. Added some additional code for OOS (option 5) to deal with (& log) potential issue where OOS ISO image isn’t mounted, or takes a while to mount.
2. Added option 80-10: Skype for Business Adoption Portal [DOWNLOAD ONLY]
3. Re-enabled the static route section of the edge server config (option 2). I forgot this was disabled. This has always been a real pain to deal with. This is because sometimes, when you programmatically remove the gateway on the internal NIC and reboot the machine, Windows will clear ALL of the config for that NIC. This usually means that when the machine is back up and running, you can’t connect to it. I have yet to find a rhyme or reason as to what causes this. If you can’t RDP to the edge server once it reboots, check the internal NIC config.
4. Added option 90-4 to disable the RC4 Ciper. See https://support.microsoft.com/en-us/kb/2868725 and https://support.microsoft.com/en-us/kb/245030 for more info.
5. Updated option 5 (OOS) to November 2016 build
6. Added option 70-13 – WireShark taskbar shortcut
7. Fixed an issue with 50-19 (Block install of .NET 4.6.1) that would thow an error when checking for specific registry values
8. Updated option 6 (Persistent Chat) for Skype for Business Server 2015
9. Fixed an issue in option 6 (Persistent Chat) where if a reboot was required, and the user chose to reboot, the server wouldn’t reboot automatically.
10. Updated option 30-1 (WireShark) to prompt if you want a taskbar shortcut created for WireShark.
11. Updated option 50-18 (Skype federation) to ensure that the provider config is enabled if it already exists.
12. Minor tweaking to Write-Log (logging function)
13. Minor tweak to detection of last boot time
14. Updated option 30-1 (WireShark) to v2.2.4
15. Updated Get-UpdateInfo function to v1.2
16. Updated 50-14 (Install Skype for Business Online Admin components) to include all requirements for management of Skype for Business in O365, including “Microsoft Online Services Sign-in Assistant”, “Windows Azure Active Directory Module for Windows PowerShell”, and “Skype for Business Online, Windows PowerShell Module”
17. Updated 80-6 (Download Skype for Business Online Admin components) to include all requirements for management of Skype for Business in O365, including “Microsoft Online Services Sign-in Assistant”, “Windows Azure Active Directory Module for Windows PowerShell”, and “Skype for Business Online, Windows PowerShell Module”

v4.05 – 11-04-2016

1. Updated GUID for Message Analyzer as MS rolled out a new version (4.0.8112.0), and the script was hanging looking for the old GUID.
2. Fixed an issue where the SMB file share would get the wrong share name when not specifying -skype4b option, and choosing “yes” on the prompt.

v4.04 – 11-02-2016

1. Fixed some URL references that still pointed to the old version of the script & its related downloads. No functionality changes as a result of this. More of just a housekeeping issue. Added a variable that will eliminate this issue going forward.
2. Fixed an issue where a file download fails (for any reason), and the retry fails because the filename has a space in it. Stupid missing quotes….
3. Fixed an issue where the SQL Express code wouldn’t run when using -skype4b and selecting options 1, 2, 4, or 6.
4. Updated .NET warning to include a link to Jeff Guillet’s article on removing .NET framework 4.6.1
5. Updated SQL Express 2014 and SQL Server Management Studio to SP2 (from RTM). Dunno why I didn’t see that earlier. – Thanks to @pilzi for pointing it out to me.
6. The usual code optimization as I find better, faster, more efficient/consistent ways of doing things.
7. Preliminary work around supporting Windows Server 2016 – NOTE: Lync Server 2013 and Skype for Business Server 2015 are NOT supported on Windows Server 2016. Yet.

v4.03 – 11-01-2016

1. Fixed issue with option 60-6 in Skype4b mode not recognizing resource kit installed (it was looking for the old executable name)
2. Changed -Win2012Source parameter to -WindowsSource (in anticipation of Windows 2016 support for Skype for Business Server 2015)
3. Created option 30 – Third Party Tools menu, and moved WireShark and Customized PortQryUI to it
4. Code optimization
5. Moved option 24 (UCMA) to the Misc Server Config menu (50)
6. Moved option 16 (Windows Update) to the Misc Server Config menu (50)
7. fixed URLs in comment help for the script (they were still pointing at the old version)
8. added the SQL Express and SQL Server Management Studio (SSMS) code for -Skype4B. Selecting appropriate options will now install the SQL Express 2014 instances and/or SSMS. -SQLPath works as intended, as well.
9. Updated the function that checks for an update. It should now properly show the changelog info in the popup message.
10. minor changes to some test functions

v4.02 – 10-28-2016

1. Added option: 40-4 – Show Response Groups with no agents
2. Added option: 50-19 – Temporarily block the installation of .NET Framework 4.6.1 – this does not remove any existing installation of .Net 4.6.1. See https://support.microsoft.com/en-us/kb/3133990 for more info on the method used, and http://www.expta.com/2016/02/how-to-uninstall-net-framework-461.html for info on how to remove .NET Framework 4.6.1.
3. Fixed main menu not displaying option 40 (reports)
4. Fixed issue with some downloads not working – Thanks to Martijn for pointing it out

v4.01 – 10-25-2016

1. Fixed a minor display issue when submitting bug reports.
2. Fixed a minor issue when the script can’t connect to the web site to retrieve update info.
3. Fixed an issue where errors would occur if the person running the script isn’t a Domain Admin.
4. Added option 40 to main menu for reports, and added:
   1. 40-1) Show AD disabled accounts that are still enabled in Lync/SfB
   2. 40-2) Show elevated accounts that are enabled in Lync/SfB
   3. 40-3) Show users whose SMTP address doesn’t match their SIP address

v4.0 – 10-24-2016

1. Initial version

When I first started this blog, I was an Exchange consultant and MVP. I spent my work days working with clients and deploying Exchange, or migrating from one version to another, or migrating from a different solution, such as Notes or GroupWise, to Exchange. Times were fun and challenging. I picked the name Ehlo World for two reasons. First, “ehlo” is a command that two mail servers send to each other at the beginning of a conversation negotiation. The “world” part came as an homage to “Hello World”. If you’ve written scripts or code, you know that one of the first exercises in learning how to code was to issue a command that would output “Hello world” to the console screen. Since I was noodling with PowerShell, which got its first big push with Exchange server, the “ehlo world” kinda made sense to me.

Flash forward years later, and my coworker, Mark Smith, came to me and said “We’re going to start also doing OCS and Lync consulting. We need a Lync guy. Tag – you’re it.”. I could barely spell OCS or Lync at the time. I had never seen the admin console, let alone deployed it. But I dove in, and it’s been a fabulous ride. As I’ve gone along, I’ve also further honed my PowerShell skills. I’ve written some whopper sized scripts, including several that were more than 6000 lines a piece. When you tie (now) Skype for Business and Exchange and PowerShell and Office 365 together, you get a great Unified Communications platform. UC. While I don’t spend much time dealing with Exchange these days, I still noodle with scripts for it. Mostly those requested by coworkers, clients, and peers. But I’m primarily focused on the Skype for Business side, and the Ehlo World name was a little stale given my focus. So, I’m rebranding to UC Unleashed. UC for the previously mentioned reasons, and the Unleashed for several others. First being that I’ve written scripts, functions, and one liners that (at least try to) think outside of the box. Second, I was honored to be involved in the writing of the Skype for Business Unleashed book.

So there you have it. A new name, but with the existing content. Linked URLs should automatically redirect to the post on the new ucunleashed.com domain soon. A new logo and a new blog theme are in the works. I’m working on some cool stuff (well, *I* think it’s cool), and you’ll see that soon. Until then, feel free to comment on my posts, suggest new scripts and ideas, and more.

Until then…

Description

As a PowerShell developer, you always want your users to have the latest version of a script. It makes support a lot easier, while also making sure that users have the latest features and bug fixes. But how to encourage that? Well, for me, users of my scripts are typically not within the same environment as me. So Group Policy Objects, logon scripts, etc, aren’t a solution. Having the script automatically check for an update is much easier, and doesn’t require anything from the user¹. So let’s take a look at a quick and easy method.

First, we need a repository where the update information will be held. XML is perfect for this. In this example, I created the following file, and saved it as version.xml:

<?xml version="1.0"?>
<catalog>
<article id="1697">
<title>Set-CsFeatures.ps1</title>
<author>Pat Richard</author>
<version>3.9.57</version>
<publish_date>2016-10-08</publish_date>
<description>Installs all required Windows 2012/Windows 2012 R2 components & optional tools.</description>
</article>
</catalog>

This file can reside anywhere. A file path, a web site, wherever. I chose a website for the reasons I mentioned above. You can see the above file in action at https://www.ucunleashed.com/downloads/version.xml. Some key points to the file. Each article I publish going forward will have it’s own “article” node. The ID I chose to tie to it is also the ID of the article’s URL, for consistency sake. In this example, 1697 is the prereq script seen at https://www.ucunleashed.com/1697. The version value is the version of the latest general availability (“GA”) build. We’ll query that value, compare it against the version of the script running the query, and see if it’s newer. Note that there is some other info in the XML file, and that’s irrelevant to what we’re discussing here.

[xml] $xml = (New-Object System.Net.WebClient).DownloadString("https://www.ucunleashed.com/downloads/version.xml")
$Ga = ($xml.catalog.article | Where-Object {$_.id -eq $article}).version

We supply the $article value when making the call. After that, it’s a simple comparison. In the prereq script, near the beginning, I assign a variable, $version, with a value. Let’s say it’s “3.9.55”. We compare $Ga against $Version

$Ga -gt $Version

If it’s true, we know a newer version exists. If it’s false, we know the currently running script is the latest version. In theory, we could also use this to alert of a regression in case we needed to downgrade (gasp!). So let’s put this together. We assign a variable, $xml, to the results of downloading an xml file. Then, we assign $ga to the value of “version” for the specific node within the xml file that contains the info for the article. Lastly, we do our comparison and give some output if there is an update.

[xml] $xml = (New-Object System.Net.WebClient).DownloadString("https://www.ucunleashed.com/downloads/version.xml")
$Ga = ($xml.catalog.article | Where-Object {$_.id -eq $article}).version
if ($Ga -gt $Version){Write-Output "A new version is available!"}

Now, obviously, we can pretty this up a bit. But before we do that, let’s think of issues we could run into. The big one is making sure we have an Internet connection to use to check the XML file. As much as we can often assume there will be one, a LOT of organizations block Internet access to servers as part of their security posture. So we shouldn’t assume. We can check using the following:

[bool] $HasInternetAccess = ([Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]'{DCB00C01-570F-4A9B-8D69-199FDBA5723B}')).IsConnectedToInternet)

And then using an IF loop against $HasInternetAccess. So let’s throw this all into a function we can incorporate into our scripts and modules:

function Get-UpdateInfo {
  [CmdletBinding(SupportsShouldProcess, SupportsPaging)]
  param (
    # Article/script to check for updates
    [parameter(ValueFromPipeline, ValueFromPipelineByPropertyName)]
    [string] $article
  )
  [bool] $HasInternetAccess = ([Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]'{DCB00C01-570F-4A9B-8D69-199FDBA5723B}')).IsConnectedToInternet)
  if ($HasInternetAccess){
    [xml] $xml = (New-Object System.Net.WebClient).DownloadString("https://www.ucunleashed.com/downloads/version.xml")
    $Ga = ($xml.catalog.article | Where-Object {$_.id -eq $article}).Version    
    if ($Ga -gt $version){
      Write-Log -Level Warn -Message "Outdated version. Version $Ga is latest version. Prompting user" -NoConsole
      $wshell = New-Object -ComObject Wscript.Shell -ErrorAction Stop
      $updatePrompt = $wshell.Popup("A new version ($ga) of the script is available. Would you like to download it?",0,"A new version is available",68)
      if ($updatePrompt -eq 6){
        Start-Process "https://www.ucunleashed.com/$article"
      }
    }
  }else{
    Write-Output "No Internet connectivity. Unable to check online for update info."
  }
} # end function function Get-UpdateInfo

Here we incorporate a simple ComObject popup message to ask if the user wants to download the new version. Since we have assigned the GA number to $ga, we can use that in the popup text, as well, as shown in the image at the beginning of this article. If $updatePrompt is “6”, then the user clicked “Yes” on the popup, and we can take action such as opening a browser window and navigating to the articles page. Or we could download a file, or any of a number of actions. If $updatePrompt is “7”, then the user clicked “No”.

So, as you can see, it’s really not that hard to add an update checker to your scripts. When you release a new version, simply update the XML file to reflect accordingly.

Note: Take care in what kind of characters are in the XML file. Some special characters, such an ampersand (“&”), aren’t handled very well. When in doubt, open a browser window and navigate to the file.

¹ – Depending on the action you require once it’s known an update is available.

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

Description

I mention in the blog article Script: Set-Cs2013Features.ps1 – Easily Install Prerequisites and Tools for Microsoft Lync Server 2013 that one of the options in the menu, #30, is download, install, and configure WireShark on Windows Server. The configuration settings are based on those mentioned by Jeff Schertz (Wireshark Capture Tips) and Matt Landis (Getting Started With Lync and Wireshark: Tips & Quirks) , as well as those I’ve found useful. Most of these settings REALLY help when you’re looking at traces (and who doesn’t love an afternoon of doing that?). Among some of the configuration settings are:

1. adds Source Port (resolved) column
2. adds Destination Port (resolved) column
3. adds DSCP column
4. Configures RTP protocol “Try to decode RTP outside of conversations”
5. Configures SIP protocol for ports 5060-5068 (instead of WireShark’s default of 5060)
6. Sets the time format to human readable format

Why manually configure these on your server (or worse, many servers), if we can automate it? Let’s make our deployment life easier. Getting WireShark installed programmatically isn’t like other programs. There is no .msi file, or silent install switches. Methods I’ve used in other scripts just didn’t work. And believe me, I tried. And tried. And tried. So, I went medieval on it, and used AutoIt to create a macro that steps through the installer, clicking the right buttons. This works exceptionally well, and is fairly fast. But I wanted to also include the configuration steps mentioned above. And this is where it got interesting. WireShark’s config file seems to change formats and details often. So writing something that would change the config file directly seemed like it would be a losing battle. So, back to AutoIt. For 95% of the config, it worked great. But there seemed to be a need to click on the custom columns in order to set their name. AutoIt allows for moving the mouse to a certain vector, then clicking. But even with maximizing everything, the coordinates were never the same on different servers with different resolutions or RDP sessions. So that part of it would often not work. You’d get the columns, but they’d be named “New Column”. Not ideal. Finally, after taking a break from trying to figure that out, I rethought about it, and was able to figure out the right keyboard combination to accomplish the same thing. Success! There is one section right after that where the mouse is required to move the new columns into the desired order, but that seems to always work, and there’s no keyboard control for that. A remaining issue has been there since I first started this task. And that is the fact that AutoIt is written to take action based on app windows with certain titles. Usually not an issue at all, except that WireShark has always included the version number in the title bar. So every time there is a new version released, I’d have to open the source file, change the version number, re-compile to an .exe file, test, upload to my server, and update the prereq script. All in all, it is like 10 minutes of work, but I’ll need to continue to do that. As a result, I’m releasing the macros bundled the appropriate version of WireShark. Not sure if that violates some license with WireShark, but since they seem uninterested in making a silent installer method… Download the file from the link below. Unzip anywhere, as long all of the files are in the same folder. You’ll see there are three files:

1. The WireShark bits, which are named with the version number, such as Wireshark-win64-2.2.1.exe for version 2.2.1. This is the file as it comes from WireShark.
2. The installer macro, which is also named according to the WireShark version it applies to, such as WireShark_2.2.1-install.exe
3. The config macro, which is also named according to the WireShark version it applies to, such as WireShark_2.2.1-config.exe

Run the installer macro first by double clicking on it. You’ll see it zip through the WireShark install routine. Once that closes, you can run the config macro. You’ll see it walk though the config. I do NOT recommend running the config macro more than once – lest you end up with a completely mangled config. It takes a minute or so to run. Once it’s done, you can open WireShark Legacy and use it. Once you start a trace, you should immediately be able to see the added columns:

If you wander through the config menus, you’ll see the other settings as well. The v2.x WireShark application that is also installed when you install WireShark is configured somewhat differently, and I’ll address that in the future. Right now, I’m not aware that it provides any added benefit for Skype for Business/Lync admins anyways. But really, WireShark, would it kill you to use an XML file for your config?! Or registry values? If you have some specific config settings you use for WireShark, pass them along!

Note that this installation has only been tested on Windows Server 2012R2 and later. I haven’t tested this on desktop OSes.

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

Downloads

WireShark v2.2.12 – 01-19-2018 – WireShark_2.2.12-install.zip

WireShark v2.2.10 – 10-22-2017 – WireShark_2.2.10-install.zip

WireShark v2.2.9 – 09-04-2017 – WireShark_2.2.9-install.zip

WireShark v2.2.7 – 06-01-2017 – Wireshark_2.2.7-install.zip

WireShark v2.2.6 – 04-12-2017 – Wireshark_2.2.6-install.zip

WireShark v2.2.5 – 03-06-2017 – Wireshark_2.2.5-install.zip

WireShark v2.2.4 – 01-31-2017 – Wireshark_2.2.4-install.zip

WireShark v2.2.3 – 12-23-2016 – Wireshark_2.2.3-install.zip

WireShark v2.2.2. – 11-24-2016 – WireShark_2.2.2-install.zip

WireShark v2.2.1 – 10-07-2016 – WireShark_2.2.1-install.zip

Changelog

See the changelog for information on what’s changed/included in each version.

This is the changelog page for Automatically Installing and Configuring WireShark for Skype for Business. You will find a complete list of released versions, their dates, and the features and issues addressed in each. Please refer to the script’s main page for more information including download links, installation details, and more.

v2.2.12 – 01-19-2018

1. Support for latest version

v2.2.10 – 10-22-2017

1. Support for latest version

v2.2.9 – 09-04-2017

1. Support for latest version

v2.2.7 – 06-01-2017

1. Support for latest version

v2.2.6 – 04-12-2017

1. Support for latest version

v2.2.5 – 03-06-2017

1. Support for latest version

v2.2.4 – 01-31-2017

1. Support for latest version

v2.2.3 – 12-23-2016

1. Support for latest version

v2.2.2. – 11-24-2016

1. Support for latest version

v2.2.1 – 10-07-2016

1. Initial version

Any tech types who’ve written tech books can attest to the fact that it’s a LOT of work. And this one was no different. Skype for Business is a very dynamic product, with features being added and updated on a continuing basis. Fortunately, I had the chance to work with some great tech luminaries – people far smarter than me, for Skype for Business Unleashed. That includes Phil Sharp, Rui Maximo, and Alex Lewis. But don’t let the fact that there are four names on the cover fool you. Plenty of others work behind the scenes, including contributing authors, editors, and publisher staff. I can’t possibly name them all, but I would like to point out a few. Stale Hansen stepped up and wrote a killer chapter on the VDI components of Skype for Business, while John Cook handled, what else, the Mac client chapter. Tom Morgan, one of Modality Systems’ ace developers, wrote on Developing Skype for Business Solutions. Former colleagues Tom Arbuthnot and Iain Smith also contributed. Even ‘The Hoff’ himself, Ken Lasko, added some great info. And to keep us all true to the product, Tim Harrington served as the tech editor. Jamie Stark, a beloved Program Manager in the Skype product group at Microsoft, wrote a killer forward.

During the project, several events occurred that seemed to derail the project. The publisher, Pearson, eliminated 4000 staff in a corporate downsizing. This was also around the time that Microsoft Press also underwent a significant restructuring. The project was in doubt for a while, but Pearson came back, committed to getting the book on to the shelves. Our normal full time gigs, family lives, and other interests also came into play. And unfortunately, someone involved in the book suffered a tragic loss. All of these caused the project timeline to slip. And during this time, the product group kept working on the product. Each time a Cumulative Update was released, we would have to review what had already been written to verify it still was valid, including details, screen shots, PowerShell commands, and more.

So why write this book? We certainly aren’t getting rich doing it. In fact, we’d all likely agree that you can’t survive on writing books at this pace. And time spent away from family and friends, and other interests can be tough. But seeing it on the shelf is rewarding on so many levels. It’s great to add the publication to your resume, LinkedIn profile, and more. Name recognition is always nice. But more importantly, getting the knowledge and experience into a format that can be beneficial to others is extremely personally rewarding to me. Is every little tidbit in there? Of course not. The book is 1100 pages. Decisions were made on how much space we could to allocate to each topic. Some chapters could be exponentially larger. But we tried to touch on the important stuff. Enough to get an environment properly designed, build, configured, and administered. And I think we did pretty well in that regard. And of course, as soon as we turned in the final edits, new features were released by the product group.

Books don’t sell unless people know about them. So we don our marketing hats and get on LinkedIn, Twitter, Facebook, blogs, and other online resources and let the world know it’s out there. Modality Systems was generous enough to put together a book signing event at Microsoft Ignite, and gave away some signed copies, as well. Twitter followers even started sending in pictures of where the book had been sighted, including the Microsoft Conference Store, MIT, and more. A signed copy even made its way to Gurdeep Pall‘s desk. Gurdeep is the Corporate Vice President of the Skype business unit at Microsoft, and he tweeted a selfie of himself holding the book. As I write this article, the book is the highest ranked Skype for Business book on Amazon. And that’s no easy task, as the other books were also written by some other top notch nerds like us.

I again want to thank everyone involved. It would not have been possible without them. I’d also like to thank the entire Product Group, as well as the Skype for Business MVPs. Both of these groups were instrumental in answering questions that popped up throughout this process.

I hope you enjoy the book, and welcome any comments or concerns.