Microsoft Lync Server 2010 Management Pack Guide

Microsoft Corporation Published: November, 8th 2010 Send suggestions and comments about this document to mpgfeed@microsoft.com. Please include the management pack guide name with your feedback.

Copyright
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted in examples herein are fictitious. No association with any real company, organization, product, domain name, email address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2010 Microsoft Corporation. All rights reserved. Microsoft, and MS-DOS, Windows, Windows PowerShell, Windows Server, Active Directory, and Lync are trademarks of the Microsoft group of companies. All other trademarks are property of their respective owners.

Contents
Contents
Microsoft Lync Server 2010 Management Pack Guide......................................1 Copyright.......................................................................................................... 2 Contents........................................................................................................... 3 Contents........................................................................................................... 3 Microsoft Lync Server 2010 Management Pack Guide...................................5 Microsoft Lync Server 2010 Management Pack Guide......................................5 Document Version......................................................................................... 5 Introduction to the Microsoft Lync Server 2010 Management Pack...............5 Getting the Latest Management Pack and Documentation.........................5 What's New................................................................................................. 5 Central discovery........................................................................................ 6 Reduced Alert Noise: ................................................................................. 6 Prioritized alerts: ........................................................................................ 6 Stateful alerting: ........................................................................................ 7 Transient handling: ...................................................................................7 Synthetic transactions................................................................................7 Call reliability monitoring............................................................................8 Media Quality monitoring............................................................................8 Port monitoring........................................................................................... 8 Simple URL monitoring...............................................................................9 Supported Configurations.........................................................................10 Getting Started............................................................................................ 11 Before You Import the Management Pack.................................................11 Deploying Microsoft Lync Server 2010 Management Pack........................11 Pre-Requisites........................................................................................... 11 Enable Agent Proxy settings in Operations Manager Console...................12 How to Import the Lync Server 2010 Management Pack..........................13 Import Management Pack.........................................................................13 How Central Discovery works....................................................................13 Verify Component monitoring works.........................................................14 Troubleshooting Central Discovery failures..............................................15

Deploying Call Reliability & Media Quality Monitoring.................................16 Prerequisite .............................................................................................. 16 Deployment steps for QoE Monitoring......................................................16 Verify Media Quality monitoring works.....................................................18 Verify Call Reliability monitoring works.....................................................19 Configure alerting thresholds for Media Quality monitoring.....................19 Deploying Synthetic transactions (STs)..........................................................23 Setting up Synthetic transaction watcher node........................................23 Capacity and OS Requirements:...............................................................23 Deploying synthetic transactions watcher node.......................................24 Verify that Synthetic Transactions are working........................................28 Troubleshooting ST Watcher issues..........................................................28 Configure Port monitoring for your deployment........................................29 Configure URL monitoring for your deployment........................................30 How Health Rolls Up.................................................................................... 31 Health Rollup Diagram.............................................................................. 33 Maintenance................................................................................................ 35 Pool Maintenance ..................................................................................... 35 Server maintenance..................................................................................38 Configuring Notifications................................................................................ 39 Create a New Management Pack for Customizations................................41 Optional Configuration................................................................................. 42 Enabling Performance Threshold and Collection Rules.............................42 Slow WAN Links or Large Branch Office Deployments..............................42 Security Considerations...............................................................................43 Low-Privilege Environments......................................................................43 Run As Profiles.......................................................................................... 43 Management Pack problems and resolutions..............................................43

Microsoft Lync Server 2010 Management Pack Guide

Document Version
This guide was written based on the 4.0.7577.0 version of the Microsoft Lync Server 2010 communications software Management Pack. Revision History
Release Date Changes

November, 8th 2010

Original release of this guide

Introduction to the Microsoft Lync Server 2010 Management Pack

The Lync Server 2010 Management Pack (MP) is your monitoring solution of choice for monitoring any Lync Server 2010 deployment. The management pack implements traditional Event Log and Performance counter based instrumentation is utilized, as well as enabling newly available instrumentation in Lync Server 2010, such as pair events (failure/success) for several Key Health Indicators, as well as fully utilizing the new Synthetic Transactions (Test-Cs* Windows PowerShell command-line interface cmdlets).

Getting the Latest Management Pack and Documentation

You can find the Lync Server 2010 Management Pack in the System Center Operations Manager 2007 Catalog (http://go.microsoft.com/fwlink/?LinkId=82105).

What's New
The following features are new in this release of the Lync Server 2010 Management Pack, compared to previous iterations (Microsoft Office Communications Server 2007 and 2007 R2 Management Packs). 5

Central discovery
Discovery of roles and components that need to be monitored is automatically completed based on a central discovery script that reads the topology document published in Central Management Database.

Reduced Alert Noise:

This management pack features significantly improved alert to noise ratio compared to previous versions of Lync Server 2010 management packs. This investment is based on applying health models for each component in the product and driving alerting based on the health model.

Prioritized alerts:
Alerts have been classified out-of-the-box into:
High Priority alerts:

These are indicative of service unavailability for multiple users. For example, a Component failure on a single machine is NOT a high priority alert. This is because Lync Server 2010 product has built-in high availability features (for example, multiple Frontend servers behind load balancers). A high-priority alert indicates an outage as observed from a synthetic transaction. Alerts with this priority are serious enough to wake up administrators at night.
Medium Priority alerts:

These are indicative of component failures. For example, Conferencing service not operational on a particular server. Alerts in this category are stateful and indicate the current status of the issue. In this example, if conferencing service has recovered, the alert would be auto-resolved in Microsoft System Center Operations Manager. The expectation for these alerts is that an administrator will look at them on the same business day.
Other Alerts:

These are alerts from components that might affect a specific user/ subset of users. For example, the Address Book service could not parse the Active Directory Domain Services (AD DS) entry for user: testuser@contoso.com. The expectation for these 6

alerts is that administrators will get to them when they have time available.

Stateful alerting:
Alerts are auto-resolved when a failure condition is no longer applicable. Component alerts (Medium priority only) are driven by Operations Manager monitors that automatically turn back to healthy state when the problem is no longer observed. (These alerts are still available in Closed Alerts view for administrators to look at). The benefit for administrators is to know the current status of a problem/alert by looking at monitor state. Note: Other Alerts category of component alerts (see above) and Call failure alerts are NOT stateful.

Transient handling:
This management pack defines monitors that turn to unhealthy state only when there are consecutive failures. For example, a High Priority alert is generated only when a synthetic transaction fails twice consecutively. (The first failure is treated as a warning state for the monitor).

Synthetic transactions
This new feature in Microsoft Lync Server 2010 management pack provides alerting based on end-to-end monitoring scenarios. Synthetic transactions are Windows PowerShell cmdlets that are integrated into Operations Manager management pack and test end-to-end user scenarios. Once an administrator has designated a server to execute synthetic transactions, these cmdlets are triggered periodically by the management pack. Failures from a synthetic transaction generate a stateful alert. Here are supported synthetic transactions for Microsoft Lync Server 2010:

No 1 2 3 4 5

Scenario Name Peer to Peer Instant Messaging Peer to Peer audio call Group Instant Messaging Audio/Video Conference Rich Presence 7

6 7 8 9 10

Registration (User Login) Dial in conferencing Address book service (file download) Address book web query Peer to Peer PSTN Call

Call reliability monitoring

This new feature in Lync Server 2010 management pack provides administrators with real-time alerting based on call reliability metrics. Every call failure is reported to the Lync Server 2010 call detail recording (CDR) database. Lync Server 2010 management pack integration queries this database (CDR) periodically to look at call failures. When call failures are detected, they are aggregated on Diagnostic Codes. Alerts are generated when a Diagnostic Code exceeds a specified threshold for call failures.

Media Quality monitoring

This feature in Microsoft Lync Server 2010 management pack provides realtime alerting based on network conditions. After every session is completed, all Lync Server 2010 endpoints generate a Quality report that is delivered to the Quality of Experience (QoE) database (Monitoring Server). The System Center Operations Manager integration for Media quality alerts is driven out of this data. Administrators receive alerts based on three different categories. The first category is network locations such as calls between regions, Sites, or subnets. The second category is servers such as A/V Conferencing Server. The last category is call legs such as Gateway (Mediation Server Bypass), Gateway and Mediation Server Leg, or Mediation Server and Client Endpoint Leg. This integration features dynamic discovery of faulty instances and generating alerts for them. Alerts are stateful and get auto-resolved when a problem no longer occurs.

Port monitoring
This new feature in Microsoft Lync Server 2010 management pack provides automatic monitoring for ports that are used by Microsoft Lync Server 2010 product inside the corporate firewall. Any port that cannot be pinged results in an alert that is auto-resolved when the port is working again.

Simple URL monitoring

This new feature in Microsoft Lync Server 2010 management pack provides automatic monitoring for URLs that are used by Microsoft Lync Server 2010 for conference join scenarios. Any URL that cannot be pinged results in an alert that is auto-resolved when that URL is working again.

Supported Configurations
System Center Operations Manager 2007 server support
System Center Operations Manager 2007 R2 (32-bit and 64-bit) Not supported: System Center Operations Manager 2007 RTM, or 2007 SP1*

* Lync Server 2010 Management Pack requires the Windows PowerShell provider support which had been added with Operations Manager 2007 R2, and cannot be deployed on Operations Manager 2007 RTM.

System Center Operations Manager 2007 agent server support

System Center Operations Manager 2007 R2 Agent, 64-bit only Not supported: System Center Operations Manager 2007 Agent RTM, or 2007 SP1 Not supported: System Center Operations Manager 2007 Agent R2 32-bit running in WoW64

Lync Server 2010 supported configurations

Configuration Support

Windows Server operating system 2008 R2 Windows Server operating system 2008 SP1 Clustered servers Agentless monitoring

Yes, all editions. Yes, all editions, 64-bit only, SP1 and higher. Not supported. Not supported. Yes, see Lync Server 2010 virtualization documentation for details. 10

Virtual environment

Configuration

Support

Domain Joined Server Roles

All internal Lync Server 2010 server roles have to be domain joined. Lync Server 2010 Edge is not required to be domain joined. All server roles in a deployment must be monitored from the same Operations Manager 2007 R2 Management Group. SBA monitoring is supported (additional configuration required). ST Watcher Node monitoring is supported (additional configuration required).

Standalone Server Roles

Topology Limitations

Survivable Branch Office Appliance (SBA) support Synthetic Transactions (ST) Watcher Node

Getting Started
Before You Import the Management Pack
Note: Read this section carefully, as additional steps are required to enable full monitoring of your Lync Server 2010 deployment.

Deploying Microsoft Lync Server 2010 Management Pack

Pre-Requisites Operations Manager 2007 R2 installation is already completed. Agent proxy enabled for all Front-end servers in Front-end pool where Central Management Server is deployed. This is usually the first pool in your deployment. Agent Proxy also needs to be enabled for the Synthetic transaction watcher node machine (see details below). 11

Lync Server 2010 is already installed. Operations Manager Agent has been deployed on all servers that are part of the Lync Server 2010 deployment (including Edge Servers, if Edge monitoring is desired).

Enable Agent Proxy settings in Operations Manager Console

Make sure Agent Proxy setting is enabled for all Front End Servers in the Pool that contains Central Management Server and also for the server that will be used as synthetic transaction watcher node where synthetic transactions will run from.

To enable agent proxy, follow these steps: 1. Go to the server that is running System Center Operations Manager. Open Operations Manager Console. 2. Navigate to Administration tab. 3. Select Agent Managed. 4. From the detail view on the right side, right-click the watcher node agent, Click Properties and from the Properties dialog click the Security tab. 5. Check Allow this agent to act as proxy and discover managed objects on other computers check box. See Fig. 1

12

Fig. 1 Agent properties window

How to Import the Lync Server 2010 Management Pack

For instructions about importing a management pack, see How to Import a Management Pack in Operations Manager 2007 (http://go.microsoft.com/fwlink/? LinkId=142351). After the Lync Server 2010 Management Pack is imported, it is recommended to create a new management pack in which you store overrides and other customizations.

Import Management Pack

On the server that is running System Center Operations Manager 2007 R2. Install the MSI Lync Server 2010 Management Pack.msi. The file Microsoft.LS.2010.Monitoring.mp is installed to %Program Files%\System Center Management Packs\Lync Server 2010 Management Pack , or %Program Files%\System Center Management Packs\Lync Server 2010 Management Pack. Use the Operations Manager Import Management Packs to import the MP. Or from command line run MPimport.exe <path to Management Pack>.

How Central Discovery works

The first step after administrator imports the Lync Server 2010 management pack is for Central Discovery to execute automatically and discover the entire Lync Server deployment. This effectively jump starts all component monitoring. Central discovery script is a Windows PowerShell script that discovers all Microsoft Lync Server 2010 Roles/Components/Services to be monitored. This 13

script runs on the Operations Manager agent that is discovered as the Central Discovery Watcher Node. The default algorithm to automatically pick a machine as central discovery watcher node is as follows: 1. Find the Microsoft Lync Server 2010 Front End pool where Central Management Store is installed (usually the Front End Pool which has been installed first). 2. Select all the member machines in the Front End Server role (this could be an Enterprise Edition Consolidated pool with multiple Front End Servers using a HLB or DNS load balancing). 3. Identify the computer which is currently the active master. 4. This machine will be used to discover all roles and components in the topology. For more details, see Fig. 2. The entire topology information is available in Central Management Database and a single script in the management pack retrieves the topology data and populates Operations Manager 2007 classes and relationships for all server roles & components. (This is different from the Office Communications Server 2007 R2 management pack behavior where each server role was individually discovered using registry keys on the local machine).

Important Note: Edge pool discovery is turned off by default. To turn it on override value of DiscoverEdgeServerRole property of LS Central Topology Discovery object to True.

Verify Component monitoring works

Verify whether component monitoring is working by looking at the built-in views in the management pack. Look at state view 5.Pools (under Lync Server 2010 folder). Please see Fig 2. If this view shows one or more instances, then central discovery/component monitoring has started working. Note: It may take several minutes for this view to refresh depending on the size of the topology. 14

Fig. 2 Discovered pools State view

Troubleshooting Central Discovery failures

Here are common steps to troubleshoot central discovery failures: Problem: No instances seen in state view 5.Pools.

Steps: 1. Open view in folder Topology Discovery\Discovery State view. See Figure #3 for details. 2. Ensure that all Front End Servers in the Front End pool that contains Central Management Server are listed in this view. a. If a Front End Server is missing from this view, then please check: i. Did the Operations Manager agent get pushed to that server? ii. Is this front-end server heart-beating in Operations Manager correctly? Is this server down for maintenance or otherwise unavailable? 3. Ensure that the server (FQDN) that will be picked by algorithm in section How central discovery works shows Lync Server Discovery Script column as Healthy see Figure #3: 15

Fig. 3 Topology Discovery State View If Lync Server Discovery Script column does not show Healthy, then ensure that this machine is heart-beating without errors in System Center Operations Manager and is not down for maintenance. 4. Central Discovery script (in the Lync Server 2010 management pack) supports an override to the FQDN that will be used for central discovery. Administrators can override this setting (we recommend that this setting be used ONLY if the previous troubleshooting steps do not work as expected). Please note this FQDN specified must be a valid FQDN of a Microsoft Lync Server 2010 system (which is a server, where product is installed).

Deploying Call Reliability & Media Quality Monitoring

Prerequisite

Monitoring Server role in Lync Server 2010 must be deployed for this feature to work. For detail please refer to the Microsoft Lync Server 2010 Deployment guides.

Deployment steps for QoE Monitoring

Call reliability and media quality monitoring use the monitoring server machine as their watcher node to monitor call reliability and media quality of 16

Microsoft Lync Server. Both of these features query the monitoring server databases to do analysis. The queries that are executed as Network Service account (as their Run As account). For these queries to run successfully, administrator should add the monitoring server machine to RtcUniversalReadonlyAdmins group.

Important Note: The default Discovery frequency of the discovery rule Microsoft Lync Server 2010 QoE discovery is set to 15min (900sec). This setting is by design since this rule performs discovery as well as threshold checks. Validation in large production environments has been performed to ensure a good compromise between delays in alerting (max 15min), and performance consideration around frequent discoveries. If you are experiencing a performance impact (increased or excessive Operations Manager 2007 Agent load) on your Lync Server 2010 Monitoring server system, increase the frequency of this check by overriding the Frequency setting of this discovery rule.

How to change the Frequency of the QoE Discovery:

As an Operation Manager Administrator: 1. Select Authoring tab. 2. Management Pack Objects -> Object Discoveries 3. Look For: LS QoE Discovery a. Multiple results are returned, you can select any of the Object Discoveries as they refer to the same Object Discovery 4. Select any Object Discovery LS QoE Discovery 5. Right-Click -> Overrides -> Override the Object Discovery -> For all objects of a class: LS QoE Monitoring 6. Scroll down to Frequency (Default) and mark the Check Box to override 7. Change the Override Value to the desired value (unit is seconds) 17

8. Ensure that the Override is stored in the desired Override MP 9. Select OK to close

Verify Media Quality monitoring works

Verify whether media quality monitoring is working by validation alerts and state views under Media quality monitoring folder from Microsoft Lync Server views folder see Fig. 4.

Fig. 4 Media quality monitoring alert and state views

18

Verify Call Reliability monitoring works

Verify whether call reliability monitoring is working or not by looking call reliability and call reliability internal alerts view from Lync Server views folder see Fig. 5.

Fig. 5 Call reliability alerts view

Configure alerting thresholds for Media Quality monitoring

Media Quality alerting configuration is done through configuration of the Discovery on Microsoft Lync Server 2010 QoE discovery. Note: Due to implementation specifics the configuration including setting of thresholds must be done in the Discovery module. Default settings are Warning alert threshold % (Default) : 14 Critical alert threshold % (Default): 20

You can override these settings to customize to your deployment. Advanced customization is possible using a number of scenarios (see details list in Fig. 6 Available override in discovery Microsoft Lync Server 2010 QoE discovery).

19

For example you can overwrite the Critical alert threshold % (A/V Conferencing Server) by setting this to a custom percentage. The default setting is -1 which means no override is set, and the default threshold applies. Another advanced customization is to exclude a specific QoE instance from being monitored. You can specify multiple instance names to the Excluded Instances separated by comma. The instance name is the name shown in the Instance Name column in Detailed QoE Monitoring States view. For example, for A/V Conferencing Server, the FQDN of the server is the instance name. In case you dont want to get any alert for two A/V Conferencing Servers avconf1.contoso.com and avconf2.contoso.com, you can override Excluded Instances ( A/V Conferencing Server) to avconf1.contoso.com, avconf2.contoso.com.

Other customizable settings include:

Parameter Name Include external calls
Include VPN calls

Default False
True

Comment Include external calls in QoE alerting

Include calls performed over a VPN connection

Include Wi-Fi calls

True

Include calls performed over a Wi-Fi connection Minimum number of affected calls per interval before an alert is generated Minimum number of users affected per interval before an alert is generated Sliding time window in min in which QoE problems are retrieved and alerted on

Minimum affected calls

50

Minimum affect users

Minutes to query

120

Following steps show how to open Override Properties dialog to override properties of the Media Quality monitoring discovery. 1. Launch the operation Console, and go to the authoring tab. 20

2. Expand Management Pack Objects. 3. Click Object Discoveries. 4. Click Change Scope on top of Object Discoveries panel. 5. Click View all targets radio box. 6. Click the check box of LS Audio Quality for A/V Conferencing Server and click the OK button. You can select any target that starts with LS Audio Quality for, because the discovery is shared by all Media Quality monitoring categories. 7. Right-click Microsoft Lync Server 2010 QoE discovery in Discovered Type: LS Audio Quality for A/V Conferencing Server. 8. Click in following sequence, Overrides -> Override the Object Discovery -> For all objects of class: LS QoE Monitoring. 9. Fill in with the new settings in Override Properties dialog, click apply to make it take effect.

21

Fig. 6 Available override in discovery Microsoft Lync Server 2010 QoE discovery

22

Deploying Synthetic transactions (STs)

Setting up Synthetic transaction watcher node
Synthetic transactions are Lync Server 2010 cmdlets that are automatically triggered by the management pack on a preset interval. These are executed on a synthetic transaction watcher node which is an administrator designated server responsible for discovery and execution of STs for each pool. It is not recommended to use an existing Lync Server 2010 server as a synthetic transaction watcher node. This is due to the high CPU/memory utilization requirements for running STs. Use a new server machine (or a virtual machine) for the synthetic transaction watcher node. Synthetic transaction watcher node should have the Lync Server Core MSI installed on it. To manual test if ST Watcher node is configured correctly, please open a Lync Server Management Shell window and execute a Microsoft Lync Server 2010 cmdlet (example: Get-CSTopology). If this succeeds, then the watcher node has required bits installed. You will also need to create a registry key to indicate to Operations Manager 2007 that this server is the designated ST Watcher node.

Capacity and OS Requirements:

Hardware component Minimum requirement

CPU

One of the following: 64-bit processor, quad-core, 2.0 GHz or higher 64-bit 2-way processor, dual-core, 2.0 GHz or higher 4 GB Local storage with at least 10 GB free disk space on a 7,200 RPM disk drive (or equivalent) 1 network adapter 1 Gbps Windows Server 2008 SP2 or Windows Server 2008 R2

Memory Disk Network Operating System

23

Deploying synthetic transactions watcher node

The deployment of the synthetic transaction watcher node involves topology, Active Directory Domain Services and server and Operations Manager 2007 related installation tasks. A step-by-step instruction for each task category is listed below. Note: For details about each of the Lync Server 2010 cmdlets that will be used in next sections, see the cmdlet help.

Add ST Watcher Node as a trusted Microsoft Lync Server 2010 Application pool
1. Create external application pool with synthetic transaction watcher node machine as a member. While creating use machine FQDN as pool FQDN. To create the pool you can run the following cmdlet from the Lync Server Management Shell: New-CsTrustedApplicationPool -Identity <PoolFQDN> -Site <SiteID> -Registrar <RegistrarPoolFQDN> -Verbose Where <PoolFQDN>: Is the FQDN of the external application pool to be created. Use watcher node machine FQDN as Pool FQDN <SiteID>: The ID of the site where the application pool belongs to <RegistrarPoolFQDN>: The FQDN of the registrar pool that the external application pool depends on Example: New-CsTrustedApplicationPool -Identity da12lct.csmonitoring.contoso.com -Site 1 -Registrar DA13LCT.csmonitoring.contoso.com -Verbose 2. Verify that external application pool has been added by running Get-CsPool 3. Create an external application service entry in topology by using following cmdlet from the Lync Server Management Shell: New-CsTrustedApplication -ApplicationId <AppID> -TrustedApplicationPoolFqdn <externalAppPoolFQDN> -Port <PortNumber> -Verbose Where <AppID>: Is an ID for the application. For example, you can use STWatcherNode <externalAppPoolFQDN>: Is the FQDN of the external application pool that you created in step 1 24

<PortNumber>: Any unused port number. Example: New-CsTrustedApplication -ApplicationId "StWatcherNode" -TrustedApplicationPoolFqdn da12-lct.csmonitoring.contoso.com -Port 5587 -Verbose

Configure ST Watcher Node machine

1. Install Lync Server 2010 core and Lync Server Replica MSIs. For instructions, see the Microsoft Lync Server 2010 deployment guide. While executing the deployment, request and assign the default certificate. 2. From the Lync Server Management Shell, run Enable-CsComputer verbose. This will assign group memberships and resource permissions to support Lync Server services running on the host computer. 3. Assign Test Users to registrar and user service clusters by using Health Monitoring Configuration cmdlet New-CsHealthMonitoringConfiguration -TargetFQDN <PoolFQDN> -FirstTestUserSipUri <FirstUserSipUri> -SecondTestUserSipUri <SecondUserSipUri> -Verbose Where <PoolFQDN>: Is the Pool FQDN you wish to run STs against (where users are hosted). <FirstUserSipUri>: Sip Uri of first test user to be used for synthetic transaction. <SecondUserSipUri>: Sip Uri of second test user to be used for synthetic transaction. Example: New-CsHealthMonitoringConfiguration Pool1.contoso.com -FirstTestUserSipUri "sip:MyTestUser0@csmonitoring.contoso.com" -SecondTestUserSipUri "sip:MyTestUser1@csmonitoring.contoso.com" Verbose 4. Make sure synthetic transactions are working by running the following cmdlet from in the Lync Server Management Shell. Test-CsRegistration <RegistrarPoolFQDN> -verbose 5. Set registry key for watcher node discovery and optionally for enabling logging by executing the following cmdlets from Lync Server Management Shell: New-Item -Path "HKLM:\Software\Microsoft\Real-Time Communications\Health" 25

New-ItemProperty -Path "HKLM:\Software\Microsoft\Real-Time Communications\Health" -Name "IsSTWatcherNode" -Value true | Out-Null New-ItemProperty -Path "HKLM:\Software\Microsoft\Real-Time Communications\Health" -Name "LogOpsMgr" -PropertyType DWord -value 2

Configuring Active directory

1. Add the synthetic transaction watcher node machine as a member of RTCUniversalReadOnlyAdmins group. 2. From Lync Server Management Shell on watcher node run EnableCsComputer Verbose 3. Restart Machine (this is required after machine is added to RtcUniversalReadOnlyAdmins)

Configure Operations Manager Agent settings on ST Watcher Node

1. Increase the thread pool count for synthetic transaction watcher node by modifying the value for the below registry key. HKLM:\System\CurrentControlSet\Services\HealthService\Parame ters [DWORD] Thread Pool CLR Max Thread Count Min decimal 200

Note: Spaces between the words should be reserved as shown above.

If the registry key does not exist you can create it by running the following PS cmdlet New-ItemProperty -Path "HKLM:\System\CurrentControlSet\Services\HealthService\P arameters" -Name "Thread Pool CLR Max Thread Count Min" -propertytype DWord -value 200 2. Restart health service: Net stop healthservice & Net start healthservice 26

Configure Synthetic Transactions Test Users

A script to provision and configure test users is available at the Script Center
http://blogs.technet.com/b/csps/archive/2010/09/22/scriptcreateandconfigures tusers.aspx

Other Settings for Synthetic Transactions

Web (HTTP) Synthetic Transactions required the folder %SystemRoot %\temp to have write access by the Network Service identity. Please make sure that the ACL on %SystemRoot%\temp include write access for Network Service.

Access to SQL Central Management Database from Watcher node

The scripts invoking Synthetic Transactions run in the NT Authority\Network Service identity and require read access to the backend Microsoft SQL Server database software hosting the Central Management Database (typically hosted on the first Pool backend deployed). If you are running SQL Server processes with the Local System identity or Network Service, no additional configuration is required. If you are running SQL Server services using a domain account, you may get a failure Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON' . In this case the recommend solution is to configure a SPN (Service Principal Name) for SQL Instance hosting the database. For example: setspn.exe a MSSQLSvc/sqlserver1.contoso.com:1433 sqlserver1 where sqlserver1.contoso.com is the FQDN of the SQL Server, and 1433 is the port, and sqlserver is the hostname/accountname for the SPN, or setspn.exe a MSSQLSvc/sqlserver1.contoso.com:RTCINST sqlserver1

where sqlserver1.contoso.com is the FQDN of the SQL Server, and RTCINST is the instance name, and sqlserver is the hostname/account name of the SPN. Please refer to the SQL and setspn.exe documentation for detail on setting up an SPN.

27

Verify that Synthetic Transactions are working

Verify whether synthetic transaction monitoring is working or not by looking ST state view from Microsoft Lync Server views folder see Fig. 7.

Fig. 7 Synthetic Transaction state view

Troubleshooting ST Watcher issues

On synthetic transaction watcher node look for Event ID 230, 231 for pools discovery and Synthetic Transactions run respectively or go to synthetic transaction state view and look ST states for the different registrar and user services pools (see Fig 8).

Fig. 8 Synthetic Transaction state view

28

Look at ST Internal Alerts folder in Lync Server 2010management pack on the server that is running Operations Manager. If there is any internal alert on discovery or ST Execution an internal alert will be created.

Configure Port monitoring for your deployment

This new feature in Microsoft Lync Server 2010 management pack provides automatic monitoring for ports that are used by Microsoft Lync Server 2010 product inside the corporate firewall. Any port that cannot be pinged results in an alert that is auto-resolved when the port is working again. Lync Server 2010 port monitoring feature automatically fetches the list of available ports in your deployment based on the Central Topology discovery and starts monitoring them from the Synthetic Transaction Watcher node. To verify that Port monitoring is working as expected, look at the Alert and State views under the \Ports folder. The port monitoring solution runs on Synthetic Transaction Watcher Node and will not work until the Watcher is configured correctly. The State view shows the health state of each port that is automatically discovered using the Lync Server 2010 topology information and monitored by this Management Pack. (See Fig. 9 for an example Port State View.)

Fig. 9 Port Monitoring State View 29

Note: Depending on your environment (HLB or DNS load balancing) and the Pools deployed (Standard Edition or Enterprise Edition) some alerts from Port monitoring may not be relevant to your deployment. When you deploy this management pack for the first time and enable Port monitoring, it is recommended to go through all alerts raised by port monitoring and disable the alerts/monitors that are not relevant to your deployment. This will create a base-line for ports that are expected to work. After this base-line, any new alerts should be indicative of real failures in the deployment. Because port monitoring requires configuration specific to your environment, the alerts from this feature are not automatically included in the High/Medium/Other Priority Alerts views. They are only available in the Alerts view in the \Ports folder.

Configure URL monitoring for your deployment

This new feature in Lync Server 2010 management pack provides automatic monitoring for URLs that are used by Lync Server 2010 for conference join scenarios. Any URL that cannot be pinged results in an alert that is autoresolved when that URL is working again. Lync Server 2010 URL monitoring feature automatically fetches the list of available meeting URLs defined in your deployment based on the Central Topology discovery and starts monitoring them from the Synthetic Transaction Watcher node. To verify that URL monitoring is working as expected, look at the Alert and State views under the \Simple URL folder. These alerts (like Port monitoring alerts) only appear in the views in the Simple URL folder. They do not appear in the High/Medium/Other Priority Alerts views.

30

How Health Rolls Up

Management Pack Object LS Deployment LS Site LS Pool Description Represents the deployment of Microsoft Lync Server 2010 in the organization Lync Server 2010 Site represents different geographical locations where services are deployed Microsoft Lync Server 2010 Pool (within a Site) that provides communications services such as Instant Messaging, Conferencing to users. Applicable to Frontend Pools, Edge Pools, Director Pools, even if there is only a single machine in a given pool Microsoft Lync Server 2010 Server Role hosting LS Service Microsoft Lync Server 2010 Service represents a functionality deployed on a specific machine (such as User Service on fp01.contoso.com) Microsoft Lync Server 2010 Component is a part of the "Service" (such as: Address Book Download component is a part of the Web Service) Microsoft Lync Server 2010 Pool Watcher is an instance of Synthetic Transactions that are running against one Pool Microsoft Lync Server 2010 Registrar Pool Watcher is an instance of Synthetic Transactions that are running against one Registrar Pool Microsoft Lync Server 2010 User Services Pool Watcher is an instance of Synthetic Transactions that are running against one User Services Pool Microsoft Lync Server 2010 Voice Pool Watcher is an instance of Synthetic Transactions that are running against one Voice Pool Microsoft Lync Server 2010 Port Watcher is an instance of Port Checks running against one Pool. Simple URL Watcher node - performs HTTPS probing of the configured Simple URLs in a deployment

LS Server Role LS Service

LS Component

LS Pool Watcher LS Registrar Watcher LS User Services Watcher LS Voice Watcher

LS Port Watcher Simple URL Watcher

31

32

Health Rollup Diagram

Since an LS Pool can contain multiple individual LS Server systems (with one more LS server roles, LS services, and LS components), a failure of an individual server or component is less critical to the overall health of the LS Pool, as other servers in the same pool can provide the application service to the client. The health will roll up on a percentage level to the LS pool. (Health Rollup: More than 50% of LS server roles in an LS pool are affected).

33

The LS Pool Watcher performs synthetic transactions and probing and against an LS pool. Consecutive failure of one or more synthetic transactions (consecutive polling interval) will rollup critical health state to the pool level (Worst of any Synthetic Transaction). Note: LS Port Watcher, and global Simple URL Watcher do not roll up health state.

34

Maintenance
Pool Maintenance
When performing maintenance on a Pool (including the Standard Edition server), please use the Tasks provided in this management pack (Action Pane) to put the entire pool in maintenance mode. This ensures that the Pool and all its associated dependencies are put into maintenance mode. To do this: go to the 5. Pools view in Operations Manager 2007 Console, then select the Pool in the main window, and choose Put a LS Pool in maintenance mode from the Actions pane on the right.(see Fig 10)

Fig. 10 Pool Maintenance Task Action

35

Now, specify the duration of your maintenance window by overriding the MaintenanceWindowInMinutes Task Parameter and click Run to execute the Task. (see Fig 11)

Fig. 11 Pool Maintenance Task

Running this Task will put the following objects in maintenance mode in SCOM: a) The Lync Server pool that this Task was invoked for. b) All Lync Server roles on Servers that are part of that pool. (Example: Front End Servers that are part of an Enterprise Edition pool) c) Synthetic Transaction Watchers that are monitoring that Pool. This includes: User Services Watcher, Registrar Watcher and Voice Watcher 36

d) All Ports that are being monitored for that pool Heres sample output from running this Task (see Fig 12)

Fig. 12 Pool Maintenance Task sample output Similarly, to bring a Pool out of maintenace window, use the Bring a LS pool out-of-maintenance mode Task. 37

To reduce alert noise, please ensure that any pools or servers that are present in your Lync Server topology, but have not been installed/activated are put into maintenance mode as well.

Server maintenance
This applies to any server role that is deployed in a Highly Available configuration (example: a Front-end server in a Pool). To perform maintenance on a specific server where Lync Server components are installed, use the normal Operations Manager 2007 procedure to put that Server in maintenance mode. Navigate to 6.Servers view, choose the Server from the main window and click on Start Maintenance Mode in the Actions pane on the right. (See Fig. 13)

Fig. 13

Server Maintenance

To reduce alert noise, please ensure that any pools or servers that are present in your Lync Server topology, but have not been installed/activated are put into maintenance mode as well.

38

Configuring Notifications
Notifications are messages that are automatically sent when an alert occurs on a monitored system. To configure a notification, you must first choose the format of the notification, and then define what information the notification should contain, and finally define who should get the notifications. Each of these definitions must be completed in the following order. 1. Enabling a notification channel. The available notifications channels are e-mail, instant messaging, Short Message Service, and command. 2. Create a notification recipient. A notification recipient defines when and from what device notifications can be sent. 3. Create a notification subscription that defines who receives notifications. You can limit who receives notifications by user role, group membership, object types, alert criteria such as severity, priority, resolution state, and even category of alert, as well as configure alert aging. For more details on how to configure notifications please refer system center operations manager documentation. Microsoft Lync Server 2010 classifies alerts in three categories

1. High priority alerts from synthetic transactions and call failure alerts 2. Medium priority alerts from the different Lync Server components 3. Other Alerts - non-service impacting from different Lync Server components
Hence you can create different subscription rules for the above classifications. a. To get notifications from High Priority Alerts add the following criteria in the subscription Raised by any instance of LS Registrar Watcher LS User Services Watcher LS Voice Watcher High New, Closed (This will enable notification both when issue happens and issue resolved)

Priority Resolution State

b. To get notifications about service impacting failures from Lync Server components add the following criteria in the subscription Raised by any instance of LS LS LS LS LS LS LS LS LS Call Reliability Watcher Access Edge Component Address Book File Handler Component Address Book Query Component Application Sharing Component Archiving Component Audio Conferencing Provider Component Audio Video Authentication Edge Component Audio Video Conferencing Component

39

Priority Resolution State

LS Audio Video Edge Component LS Call Announcement Service Component LS Call Detail Reporting Component LS Call Park Service Component LS Central Management File Transfer Agent Component LS Central Management Master Agent Component LS Certificate Provisioning Component LS Communicator Web App Component LS Conferencing Auto Attendant Component LS Data Conferencing Component LS Device Update Server Component LS Expand Distribution List Component LS Instant Message Conferencing Component LS Location Information Component LS MCU Factory Component LS Mediation Server Component LS Policy Decision Point Component LS PowerShell Server Component LS Presence Focus Component LS QOE Component LS Registrar Component LS Replication Agent Component LS Response Group Component LS Web Conferencing Edge Component LS Audio Quality for A/V Conferencing Server LS Audio Quality for Mediation Server and Client Endpoint Leg LS Audio Quality for Gateway and Mediation Server Leg LS Audio Quality for Gateway (Mediation Server Bypass) LS Audio Quality for Calls from or to a Subnet LS Audio Quality for Calls within a Site LS Audio Quality for Calls between Sites LS Audio Quality for Calls between Regions Medium New, Closed (This will enable notification both when issue happens and issue resolved)

a. To get notifications about non service impacting failures from Lync Server components use the criteria in b) above by replacing priority with Low.

40

Files in This Management Pack

The Lync Server 2010 Management Pack includes the following files: Microsoft.LS.2010.Monitoring.mp EULA.RTF

Create a New Management Pack for Customizations

Most vendor management packs are sealed so that you cannot change any of the original settings in the management pack file. However, you can create customizations, such as overrides or new monitoring objects, and save them to a different management pack. By default, Operations Manager 2007 saves all customizations to the Default Management Pack. As a best practice, you should instead create a separate management pack for each sealed management pack you want to customize. Creating a new management pack for storing overrides has the following advantages: It simplifies the process of exporting customizations that were created in your test and pre-production environments to your production environment. For example, instead of exporting the Default Management Pack that contains customizations from multiple management packs, you can export just the management pack that contains customizations of a single management pack. You can delete the original management pack without first needing to delete the Default Management Pack. A management pack that contains customizations is dependent on the original management pack. This dependency requires you to delete the management pack with customizations before you can delete the original management pack. If all of your customizations are saved to the Default Management Pack, you must delete the Default Management Pack before you can delete an original management pack. It is easier to track and update customizations to individual management packs.

For more information about sealed and unsealed management packs, see Management Pack Formats (http://go.microsoft.com/fwlink/?LinkId=108355). For more information about management pack customizations and the Default Management Pack, see About Management Packs in Operations Manager 2007 (http://go.microsoft.com/fwlink/?LinkId=108356). 41

Optional Configuration
Enabling Performance Threshold and Collection Rules
The following performance collection rule and matching threshold monitor are disabled by default in the Management Pack. Collection and threshold on this metric is typically not required
Rule Name Reporting and Troubleshooting

Performance collection for : PERF_DP_NET_SERVER_CON NECTIONS_CURRENT (Current number of active connections to Web Conferencing Server)

This rule collects this performance counter for reporting/troubleshooting purposes for the counter: PERF_DP_NET_SERVER_CONNECTIONS_CURREN T The total number of server connections that are currently active.

Monitor: Current number of active connections to Web Conferencing Server

Monitor: The total number of server connections that are currently active. Expected number of connections to each Web Conferencing Server is 4. If there are no connections currently active to Web Conferencing Server, the reason could be an incorrect configuration where the Web Conferencing Servers are not able to connect to the Web Conferencing Edge Server. It is also possible that the Web Conferencing Server has malfunctioned and is not running in a healthy state

Slow WAN Links or Large Branch Office Deployments

Lync Server 2010 survivable branch office appliances and branch office servers are supported. No specific (additional) bandwidth requirements are applicable for monitoring these appliances or servers.

42

Security Considerations
Lync Server 2010 supports Operations Manager Agent running as Local System. Discoveries other workflows have to be run as Network Service (Run As account) which is configured by default. Modification of the Run As profile to a different account is not supported.

Low-Privilege Environments
Lync Server 2010 Management Pack does not support Low-Privileged Operations Manager Agent Deployments.

Run As Profiles
The profile Microsoft Lync Server 2010 Profile is defined as Network Service, and cannot be changed to a different account. Only Network Service as sufficient access to the Lync Server 2010 Central Management Database.

Management Pack problems and resolutions

Problem: Management Pack is deployed, but nothing is discovered. Resolution: Ensure that Agent Proxy is enabled for all Lync Server 2010 managed nodes.

Problem: Edge servers are not discovered. Resolution: By default, the discovery of edge servers is disabled. Override value of DiscoverEdgeServerRole property of LS Central Topology Discovery object to True.

Problem: Synthetic Transactions fail with the error Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. Resolution: See Access to SQL Central Management Database from Watcher node

43

Problem: HTTP (Address Book) Synthetic Transactions are failing. Resolution: See configuration for Other Settings for Synthetic Transactions.

Problem: No test users are configured for Synthetic Transactions. Resolution: See Configure Synthetic Transactions Test Users.

Problem: QoE monitoring is failing. Resolution: Ensure that the Monitoring Server has access to the QoE database. See Deployment steps for QoE Monitoring.

Problem: URL monitoring is not working. Resolution: Ensure that the configured Simple URLs are accessible from the watcher node (DNS resolution, and possibly HTTP web proxy access).

Problem: Port monitoring reports errors. Resolution: See note about Port Monitoring.

44