Professional Documents
Culture Documents
Contents
Microsoft Lync Server 2010 Management Pack Guide..................................................1
Copyright.....................................................................................................................2
Contents......................................................................................................................3
Contents......................................................................................................................3
Microsoft Lync Server 2010 Management Pack Guide...............................................5
Configuring Notifications............................................................................................39
Create a New Management Pack for Customizations...........................................41
Optional Configuration............................................................................................42
Enabling Performance Threshold and Collection Rules.........................................42
Slow WAN Links or Large Branch Office Deployments..........................................42
Security Considerations...........................................................................................43
Low-Privilege Environments.................................................................................43
Run As Profiles.....................................................................................................43
Management Pack problems and resolutions..........................................................43
Microsoft Lync Server 2010
Management Pack Guide
Document Version
This guide was written based on the 4.0.7577.0 version of the Microsoft®
Lync™ Server 2010 communications software Management Pack.
Revision History
What's New
The following features are new in this release of the Lync Server 2010
Management Pack, compared to previous iterations (Microsoft® Office
Communications Server 2007 and 2007 R2 Management Packs).
5
Central discovery
Discovery of roles and components that need to be monitored is
automatically completed based on a central discovery script that reads the
topology document published in Central Management Database.
Prioritized alerts:
Alerts have been classified out-of-the-box into:
Other Alerts:
These are alerts from components that might affect a specific
user/ subset of users. For example, the Address Book service
could not parse the Active Directory® Domain Services (AD DS)
entry for user: testuser@contoso.com. The expectation for these
6
alerts is that administrators will get to them when they have
time available.
Stateful alerting:
Alerts are auto-resolved when a failure condition is no longer applicable.
Component alerts (Medium priority only) are driven by Operations Manager
monitors that automatically turn back to “healthy” state when the problem is
no longer observed. (These alerts are still available in “Closed Alerts” view for
administrators to look at). The benefit for administrators is to know the
current status of a problem/alert by looking at monitor state.
Note: “Other Alerts” category of component alerts (see above) and Call
failure alerts are NOT stateful.
Transient handling:
This management pack defines monitors that turn to unhealthy state only
when there are consecutive failures. For example, a “High Priority” alert is
generated only when a synthetic transaction fails twice consecutively. (The
first failure is treated as a warning state for the monitor).
Synthetic transactions
This new feature in Microsoft Lync Server 2010 management pack provides
alerting based on end-to-end monitoring scenarios.
No Scenario Name
1 Peer to Peer Instant Messaging
2 Peer to Peer audio call
3 Group Instant Messaging
4 Audio/Video Conference
5 Rich Presence
7
6 Registration (User Login)
7 Dial in conferencing
8 Address book service (file download)
9 Address book web query
10 Peer to Peer PSTN Call
Every call failure is reported to the Lync Server 2010 call detail recording
(CDR) database. Lync Server 2010 management pack integration queries this
database (CDR) periodically to look at call failures. When call failures are
detected, they are aggregated on “Diagnostic Codes.” Alerts are generated
when a “Diagnostic Code” exceeds a specified threshold for call failures.
Port monitoring
This new feature in Microsoft Lync Server 2010 management pack provides
automatic monitoring for ports that are used by Microsoft Lync Server 2010
product inside the corporate firewall. Any port that cannot be pinged results
in an alert that is auto-resolved when the port is working again.
8
Simple URL monitoring
This new feature in Microsoft Lync Server 2010 management pack provides
automatic monitoring for URLs that are used by Microsoft Lync Server 2010
for conference join scenarios. Any URL that cannot be pinged results in an
alert that is auto-resolved when that URL is working again.
9
Supported Configurations
Configuration Support
Windows Server® operating system Yes, all editions, 64-bit only, SP1 and
2008 SP1 higher.
10
Configuration Support
Getting Started
Before You Import the Management Pack
Note: Read this section carefully, as additional steps are required to
enable full monitoring of your Lync Server 2010 deployment.
Pre-Requisites
• Operations Manager 2007 R2 installation is already completed.
11
• Lync Server 2010 is already installed.
• Operations Manager Agent has been deployed on all servers that
are part of the Lync Server 2010 deployment (including Edge Servers,
if Edge monitoring is desired).
4. From the detail view on the right side, right-click the watcher node
agent, Click Properties and from the Properties dialog click the
Security tab.
12
Fig. 1 Agent properties window
13
script runs on the Operations Manager agent that is discovered as the Central
Discovery Watcher Node. The default algorithm to automatically pick a
machine as central discovery watcher node is as follows:
1. Find the Microsoft Lync Server 2010 Front End pool where Central
Management Store is installed (usually the Front End Pool which
has been installed first).
2. Select all the member machines in the Front End Server role (this
could be an Enterprise Edition Consolidated pool with multiple Front
End Servers using a HLB or DNS load balancing).
14
Fig. 2 Discovered pools State view
Steps:
2. Ensure that all Front End Servers in the Front End pool that contains
Central Management Server are listed in this view.
15
Fig. 3 Topology Discovery State View
If “Lync Server Discovery Script” column does not show “Healthy,” then
ensure that this machine is heart-beating without errors in System Center
Operations Manager and is not down for maintenance.
4. Central Discovery script (in the Lync Server 2010 management pack)
supports an override to the “FQDN” that will be used for central
discovery. Administrators can override this setting (we recommend
that this setting be used ONLY if the previous troubleshooting steps do
not work as expected). Please note this FQDN specified must be a
valid FQDN of a Microsoft Lync Server 2010 system (which is a server,
where product is installed).
16
Microsoft Lync Server. Both of these features query the monitoring server
databases to do analysis. The queries that are executed as Network Service
account (as their “Run As” account). For these queries to run successfully,
administrator should add the monitoring server machine to
RtcUniversalReadonlyAdmins group.
5. Right-Click -> Overrides -> Override the Object Discovery -> For all
objects of a class: LS QoE Monitoring
17
8. Ensure that the Override is stored in the desired Override MP
9. Select OK to close
18
Verify Call Reliability monitoring works
Verify whether call reliability monitoring is working or not by looking call
reliability and call reliability internal alerts view from Lync Server views folder
see Fig. 5.
19
For example you can overwrite the Critical alert threshold % (A/V
Conferencing Server) by setting this to a custom percentage. The default
setting is “-1” which means no override is set, and the default threshold
applies.
9. Fill in with the new settings in Override Properties dialog, click apply to
make it take effect.
21
Fig. 6 Available override in discovery “Microsoft Lync Server 2010 QoE
discovery”
22
Deploying Synthetic transactions
(STs)
Setting up Synthetic transaction watcher node
Synthetic transactions are Lync Server 2010 cmdlets that are automatically
triggered by the management pack on a preset interval. These are executed
on a synthetic transaction watcher node which is an administrator designated
server responsible for discovery and execution of STs for each pool.
It is not recommended to use an existing Lync Server 2010 server as a
synthetic transaction watcher node. This is due to the high CPU/memory
utilization requirements for running STs. Use a new server machine (or a
virtual machine) for the synthetic transaction watcher node.
Synthetic transaction watcher node should have the Lync Server Core MSI
installed on it. To manual test if ST Watcher node is configured correctly,
please open a Lync Server Management Shell window and execute a
Microsoft Lync Server 2010 cmdlet (example: Get-CSTopology). If this
succeeds, then the watcher node has required bits installed.
You will also need to create a registry key to indicate to Operations Manager
2007 that this server is the designated ST Watcher node.
Memory 4 GB
Disk Local storage with at least 10 GB free disk space on a
7,200 RPM disk drive (or equivalent)
Network 1 network adapter 1 Gbps
Operating System Windows Server 2008 SP2 or
Windows Server 2008 R2
23
Deploying synthetic transactions watcher node
The deployment of the synthetic transaction watcher node involves topology,
Active Directory Domain Services and server and Operations Manager 2007
related installation tasks. A step-by-step instruction for each task category is
listed below.
Note: For details about each of the Lync Server 2010 cmdlets that will be
used in next sections, see the cmdlet help.
Where
<PoolFQDN>: Is the FQDN of the external application pool to be
created. Use watcher node machine FQDN as Pool FQDN
<SiteID>: The ID of the site where the application pool belongs to
<RegistrarPoolFQDN>: The FQDN of the registrar pool that the
external application pool depends on
Example:
New-CsTrustedApplicationPool -Identity da12-
lct.csmonitoring.contoso.com -Site 1 -Registrar DA13-
LCT.csmonitoring.contoso.com -Verbose
2. Verify that external application pool has been added by running
Get-CsPool
3. Create an external application service entry in topology by using
following cmdlet from the Lync Server Management Shell:
New-CsTrustedApplication -ApplicationId <AppID>
-TrustedApplicationPoolFqdn <externalAppPoolFQDN> -Port
<PortNumber> -Verbose
Where
<AppID>: Is an ID for the application. For example, you can use
“STWatcherNode”
<externalAppPoolFQDN>: Is the FQDN of the external
application pool that you created in step 1
24
<PortNumber>: Any unused port number.
Example:
New-CsTrustedApplication -ApplicationId "StWatcherNode"
-TrustedApplicationPoolFqdn da12-lct.csmonitoring.contoso.com
-Port 5587 -Verbose
Where
<PoolFQDN>: Is the Pool FQDN you wish to run STs against
(where users are hosted).
<FirstUserSipUri>: Sip Uri of first test user to be used for
synthetic transaction.
<SecondUserSipUri>: Sip Uri of second test user to be used for
synthetic transaction.
Example:
New-CsHealthMonitoringConfiguration Pool1.contoso.com
-FirstTestUserSipUri "sip:MyTestUser0@csmonitoring.contoso.com"
-SecondTestUserSipUri
"sip:MyTestUser1@csmonitoring.contoso.com" –Verbose
4. Make sure synthetic transactions are working by running the
following cmdlet from in the Lync Server Management Shell.
Test-CsRegistration <RegistrarPoolFQDN> -verbose
5. Set registry key for watcher node discovery and optionally for
enabling logging by executing the following cmdlets from Lync
Server Management Shell:
New-Item -Path "HKLM:\Software\Microsoft\Real-Time
Communications\Health"
25
New-ItemProperty -Path "HKLM:\Software\Microsoft\Real-Time
Communications\Health" -Name "IsSTWatcherNode" -Value true |
Out-Null
New-ItemProperty -Path "HKLM:\Software\Microsoft\Real-Time
Communications\Health" -Name "LogOpsMgr" -PropertyType
DWord -value 2
HKLM:\System\CurrentControlSet\Services\HealthService\Parame
ters
If the registry key does not exist you can create it by running the
following PS cmdlet
New-ItemProperty -Path
"HKLM:\System\CurrentControlSet\Services\HealthService\P
arameters" -Name "Thread Pool CLR Max Thread Count Min"
-propertytype DWord -value 200
26
Configure Synthetic Transactions Test Users
A script to provision and configure test users is available at the Script
Center
http://blogs.technet.com/b/csps/archive/2010/09/22/scriptcreateandconfigures
tusers.aspx
If you are running SQL Server services using a domain account, you may get
a failure “Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON' .
In this case the recommend solution is to configure a SPN (Service Principal
Name) for SQL Instance hosting the database. For example:
where sqlserver1.contoso.com is the FQDN of the SQL Server, and 1433 is the
port, and sqlserver is the hostname/accountname for the SPN, or
Please refer to the SQL and setspn.exe documentation for detail on setting up
an SPN.
27
Verify that Synthetic Transactions are working
Verify whether synthetic transaction monitoring is working or not by looking
ST state view from Microsoft Lync Server views folder see Fig. 7.
28
Look at “ST Internal Alerts” folder in Lync Server 2010management pack on
the server that is running Operations Manager. If there is any internal alert on
discovery or ST Execution an internal alert will be created.
Lync Server 2010 port monitoring feature automatically fetches the list of
available ports in your deployment based on the Central Topology discovery
and starts monitoring them from the Synthetic Transaction Watcher node.
To verify that Port monitoring is working as expected, look at the Alert and
State views under the \Ports folder. The port monitoring solution runs on
Synthetic Transaction Watcher Node and will not work until the Watcher is
configured correctly. The State view shows the health state of each port that
is automatically discovered using the Lync Server 2010 topology information
and monitored by this Management Pack. (See Fig. 9 for an example Port
State View.)
29
Note: Depending on your environment (HLB or DNS load balancing) and the
Pools deployed (Standard Edition or Enterprise Edition) some alerts from Port
monitoring may not be relevant to your deployment.
When you deploy this management pack for the first time and enable Port
monitoring, it is recommended to go through all alerts raised by port
monitoring and disable the alerts/monitors that are not relevant to your
deployment. This will create a base-line for ports that are expected to work.
After this base-line, any new alerts should be indicative of real failures in the
deployment.
Lync Server 2010 URL monitoring feature automatically fetches the list of
available meeting URLs defined in your deployment based on the Central
Topology discovery and starts monitoring them from the Synthetic Transaction
Watcher node.
To verify that URL monitoring is working as expected, look at the Alert and
State views under the \Simple URL folder. These alerts (like Port monitoring
alerts) only appear in the views in the Simple URL folder. They do not appear
in the High/Medium/Other Priority Alerts views.
30
How Health Rolls Up
Management Pack Description
Object
LS Pool Microsoft Lync Server 2010 Pool (within a Site) that provides
communications services such as Instant Messaging,
Conferencing to users. Applicable to Frontend Pools, Edge
Pools, Director Pools, even if there is only a single machine in
a given pool
LS Server Role Microsoft Lync Server 2010 Server Role hosting LS Service
LS User Services Microsoft Lync Server 2010 User Services Pool Watcher is an
Watcher instance of Synthetic Transactions that are running against
one User Services Pool
LS Voice Watcher Microsoft Lync Server 2010 Voice Pool Watcher is an instance
of Synthetic Transactions that are running against one Voice
Pool
LS Port Watcher Microsoft Lync Server 2010 Port Watcher is an instance of Port
Checks running against one Pool.
Simple URL Simple URL Watcher node - performs HTTPS probing of the
Watcher configured Simple URLs in a deployment
31
32
Health Rollup Diagram
LS Deployment
Health Rollup: Percentage 51%
Health Rollup: Worst Of
LS Site
LS Pool
LS Server Role
LS Service
LS Component
Since an LS Pool can contain multiple individual LS Server systems (with one
more LS server roles, LS services, and LS components), a failure of an
individual server or component is less critical to the overall health of the LS
Pool, as other servers in the same pool can provide the application service to
the client. The health will roll up on a percentage level to the LS pool. (Health
Rollup: More than 50% of LS server roles in an LS pool are affected).
33
LS Deployment Health Rollup: Worst Of
LS Site
LS Pool
LS Pool Watcher
LS Registrar Watcher
The LS Pool Watcher performs synthetic transactions and probing and against
an LS pool. Consecutive failure of one or more synthetic transactions
(consecutive polling interval) will rollup critical health state to the pool level
(Worst of any Synthetic Transaction).
Note: LS Port Watcher, and global Simple URL Watcher do not roll up health
state.
34
Maintenance
Pool Maintenance
When performing maintenance on a Pool (including the Standard Edition
server), please use the Tasks provided in this management pack (Action
Pane) to put the entire pool in maintenance mode. This ensures that the Pool
and all its associated dependencies are put into maintenance mode.
35
Now, specify the duration of your maintenance window by overriding the
MaintenanceWindowInMinutes Task Parameter and click Run to execute the
Task. (see Fig 11)
Running this Task will put the following objects in maintenance mode in
SCOM:
a) The Lync Server pool that this Task was invoked for.
b) All Lync Server roles on Servers that are part of that pool. (Example:
Front End Servers that are part of an Enterprise Edition pool)
36
d) All Ports that are being monitored for that pool
Here’s sample output from running this Task (see Fig 12)
Similarly, to bring a Pool out of maintenace window, use the “Bring a LS pool
out-of-maintenance mode” Task.
37
To reduce alert noise, please ensure that any pools or servers that are
present in your Lync Server topology, but have not been installed/activated
are put into maintenance mode as well.
Server maintenance
This applies to any server role that is deployed in a “Highly Available”
configuration (example: a Front-end server in a Pool). To perform
maintenance on a specific server where Lync Server components are
installed, use the normal Operations Manager 2007 procedure to put that
Server in maintenance mode.
Navigate to 6.Servers view, choose the Server from the main window and
click on “Start Maintenance Mode” in the Actions pane on the right. (See Fig.
13)
To reduce alert noise, please ensure that any pools or servers that are
present in your Lync Server topology, but have not been installed/activated
are put into maintenance mode as well.
38
Configuring Notifications
Notifications are messages that are automatically sent when an alert occurs on a
monitored system. To configure a notification, you must first choose the format of the
notification, and then define what information the notification should contain, and
finally define who should get the notifications. Each of these definitions must be
completed in the following order.
1. Enabling a notification channel.
The available notifications channels are e-mail, instant messaging, Short
Message Service, and command.
40
Files in This Management Pack
The Lync Server 2010 Management Pack includes the following files:
• Microsoft.LS.2010.Monitoring.mp
• EULA.RTF
Creating a new management pack for storing overrides has the following
advantages:
• You can delete the original management pack without first needing
to delete the Default Management Pack. A management pack that
contains customizations is dependent on the original management
pack. This dependency requires you to delete the management
pack with customizations before you can delete the original
management pack. If all of your customizations are saved to the
Default Management Pack, you must delete the Default
Management Pack before you can delete an original management
pack.
For more information about sealed and unsealed management packs, see
Management Pack Formats (http://go.microsoft.com/fwlink/?LinkId=108355). For
more information about management pack customizations and the Default
41
Management Pack, see About Management Packs in Operations Manager 2007
(http://go.microsoft.com/fwlink/?LinkId=108356).
Optional Configuration
Enabling Performance Threshold and Collection Rules
The following performance collection rule and matching threshold monitor are
disabled by default in the Management Pack. Collection and threshold on this
metric is typically not required
Performance collection for : This rule collects this performance counter for
PERF_DP_NET_SERVER_CON reporting/troubleshooting purposes for the
NECTIONS_CURRENT counter:
PERF_DP_NET_SERVER_CONNECTIONS_CURREN
(Current number of active T
connections to Web
Conferencing Server) The total number of server connections that are
currently active.
Low-Privilege Environments
Lync Server 2010 Management Pack does not support Low-Privileged
Operations Manager Agent Deployments.
Run As Profiles
The profile “Microsoft Lync Server 2010 Profile” is defined as “Network
Service”, and cannot be changed to a different account. Only “Network
Service” as sufficient access to the Lync Server 2010 Central Management
Database.
Resolution: Ensure that “Agent Proxy” is enabled for all Lync Server 2010
managed nodes.
Problem: Synthetic Transactions fail with the error “Login failed for user 'NT
AUTHORITY\ANONYMOUS LOGON'”.
43
Problem: HTTP (Address Book) Synthetic Transactions are failing.
Resolution: Ensure that the Monitoring Server has access to the QoE
database. See Deployment steps for QoE Monitoring.
Resolution: Ensure that the configured Simple URLs are accessible from the
watcher node (DNS resolution, and possibly HTTP web proxy access).
44