Adaxes

Lync Scripting Help

0 votes

I'm working on setting up business rule provisioning for Lync and UM. I've cobbled together a couple of scripts which should work by looking at them, but do not always work when initiated through the after user creation business rule. However, the same scripts work when executing manually through admin interface or website.

The first try/catch block will usually enable the user for Lync. However, the second block with Set-CsUser fails when business rule initiated with the outpur error referencing not being able to find the user. Using UPN or sip address.

Any help will be greatly appreciated.

$lyncServer = "LYNCSERVER.com"
$sessionOptions = New-PSSessionOption -SkipRevocationCheck -SkipCACheck -SkipCNCheck
$session = New-PSSession -ConnectionUri https://$lyncServer/ocspowershell -SessionOption $sessionOptions -Authentication NegotiateWithImplicitCredential

Import-PSSession -session $session -AllowClobber

$registrarPool = "POOL.LYNCSERVER.com"

$officeNumber = "%telephoneNumber%" -ireplace '.*([2-9]\d{2})(\D*)([2-9]\d{2})(\D*)(\d{4}).*', '+1$1$3$5'
$ext = $officeNumber.substring($officeNumber.length - 5, 5)

$StopLoop = $False
do{
    try{
        Enable-CsUser -Identity "%userPrincipalName%" -RegistrarPool $registrarPool -SipAddressType SamAccountName -SipDomain SIPDOMAIN.com
        $StopLoop = $True
    }
    catch{
        Write-Host "Wait for user sync"
        Start-Sleep -s 60
    }

}
While ($StopLoop -eq $False)
#wait a second
Start-Sleep -s 4
$StopLoop = $False
do{
    try{
        Set-CsUser -Identity "%userPrincipalName%" -EnterpriseVoiceEnabled $True -LineUri "tel:$officeNumber;ext=$ext" -PassThru | Set-CsClientPin -Pin #######
        $StopLoop = $True
    }
    catch{
        Write-Host "Wait for user sync"
        Start-Sleep -s 60
    }

}
While ($StopLoop -eq $False)

Remove-PSSession -Session $session
by (1.2k points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

As far as we can see from the steps you tried to rectify the issue, you are experiencing a replication issue. Most probably, the root cause for it is that Adaxes creates a new user on one of your domain controllers, while Lync uses another DC to enable a Lync account for the user and set the properties. The best strategy for mitigating the issue would be to make Adaxes and Lync use the same DC instead of adding wait loops. Almost all Lync Management cmdlets support the -DomainController parameter that allows specifying the DC that will be used by Lync to perform the operation. Thus, you need to pass the DC where Adaxes creates the user as a paramter to the cmdlets. We've modified your code to pass the DC to the cmdlets as follows:

$lyncServer = "LYNCSERVER.com"
$registrarPool = "POOL.LYNCSERVER.com"

# Get telephone number and extension
$officeNumber = "%telephoneNumber%" -ireplace '.*([2-9]\d{2})(\D*)([2-9]\d{2})(\D*)(\d{4}).*', '+1$1$3$5'
$ext = $officeNumber.substring($officeNumber.length - 5, 5)

# Get domain controller FQDN
$domainName = $Context.GetObjectDomain("%distinguishedName%")
$rootDSE = $Context.BindToObject("Adaxes://$domainName/rootDSE")
$domainControllerFQDN = $rootDSE.Get("dnsHostName")

$sessionOptions = New-PSSessionOption -SkipRevocationCheck -SkipCACheck -SkipCNCheck
$session = New-PSSession -ConnectionUri https://$lyncServer/ocspowershell -SessionOption $sessionOptions -Authentication NegotiateWithImplicitCredential

Import-PSSession -session $session -AllowClobber

Enable-CsUser -Identity "%userPrincipalName%" -RegistrarPool $registrarPool -SipAddressType SamAccountName -SipDomain SIPDOMAIN.com -DomainController $domainControllerFQDN
Set-CsUser -Identity "%userPrincipalName%" -EnterpriseVoiceEnabled $True -LineUri "tel:$officeNumber;ext=$ext" -PassThru  -DomainController $domainControllerFQDN | Set-CsClientPin -Pin #######

Remove-PSSession -Session $session

Related questions

0 votes
1 answer
When scripting creating a user, Why is the employeeType field not recognized by Adaxes.

Hello, I am scripting user creation. I have created a custom command where an end user will submit info for the user to be created from: Here is the scirpt: # Import the ... Schema. I have tried using "Employee Type" as in the screen shot above but same error.

asked Apr 6, 2023 by mightycabal (1.0k points)
0 votes
1 answer
Does Adaxes scripting recognize Powershell comments and does it allow for the use of custom modules?

I'm seeing this error when I run a user deprovision. It still executes the script but nobody likes errors! Run PowerShell Script 'DuoDeprovisionExport' For the user. The term ' ... running an export script in the first place for my Duo user info. ) Thanks.

asked Feb 19, 2020 by rainamaina (60 points)
0 votes
1 answer
Scripting for new account creation on AS400

We were wondering if Adaxes has a script available to create AS400 accounts during the AD creation. This will allow us to totally automate the new hire process going forward.

asked Jan 26, 2017 by willy-wally (3.2k points)
0 votes
1 answer
Scripting: Security Role - Enumerate and change assignments

I need to replace one Active Directory security group that has been given rights over many OUs within several Security Roles. There are likely ~300 entries that need ... in the SDK documentation appears to be broken - http://adaxes.com/scriptrepository

asked May 1, 2013 by SomeUser (90 points)
0 votes
1 answer
WINRM Error when enabling user for Lync

Hi all, I get the error below when enabling a user for Lync. I have opened port 5986 for winrm over https and have verified the correct certificates ... winrm quickconfig -transport:https". For more information, see the about_Remote_Troubleshooting Help topic.

asked May 8, 2017 by joshua.amune (50 points)
3,346 questions
3,047 answers
7,779 comments
544,979 users