3 Replies Latest reply: Dec 18, 2012 8:57 AM by user243865 RSS

    Lync provisioning

    970536
      Hello,

      Need help on understanding the issue.

      I am trying to provision the Lync account through the Powershell Script. I have the script added to the IDM build and am calling the script from the java stub.
      The script actually connects to the remote machine(https://) (From with in the IDM application) to create a new session and download lync commandlets to do its processing.

      New-PSSession -ConnectionUri https://machinename/context -Credential $username
      $username has access to the Lync user admin roles.

      The script works fine when ran from the command prompt from IDM machine and even through the java stub when ran manually using $username. But I get the remote connection failed.Access denied error when i run the script throug the workflow. But I could connect to the http:// link and download the 2010 exchange mailbox cmdlets through a similar PS script with the same service account. Our IDM is hosted on http protocol

      Techinally since i am using the $username to connect to remote machine, if it works in command prompt, I would expect it would also work through the workflow..But I am stumbled. Only reason I could think of is that the lync machine is the https:// site and needs SSL verified and our IDM is not.

      I am guessing , the issue is more of unsecured site connecting to secured site .Any thoughts and pointers would be really appreciated.

      Thanks.
        • 1. Re: Lync provisioning
          user243865
          I assume you are doing this through a connector?
          I have hacked some lync and exchange stuff on the side for the adapter to call
          if the cert's are making problems for you you could possibly try adding some session options
          specifically -SkipCACheck -SkipCNCheck and -SkipRevocationCheck

          also, you might need to fix the right to run a script for the "local" run
          when I was working with it, it worked fine from prompt, but when activated by IdM it needed the
          command

          Set-ExecutionPolicy unrestricted

          to be able to start the powershellscript from IdM in the actual script that kicked off the script.
          Don't know how it works when you can use the powershell.dll provided with the IdM

          The adaptor only allows bat scipts it seems...

          Not sure this help you in any way :P
          • 2. Re: Lync provisioning
            824732
            Hi,

            I have a same requirement in my client. provisioning the users from IDM to Lync 2k10. I have no idea where to start on this.

            could please provide the some steps on this.

            you mentioned you are able to create through command prompt. can you please provide those steps.

            and also you mentioned some through you are able to success. if it is possible can you please provide the code snippet.

            do we have any documents for this.

            Thanks in advance........
            • 3. Re: Lync provisioning
              user243865
              Sorry, I have actually missed that this question seemed directed at me :P

              I dont use the AD connector, we use the old AD Adapter since we could not get a conversion to work properly for the time available.
              So we ended up with me writing a powershell script that runs on the gateway nodes (always running).

              The IdM then uses the usual after action script to write a small file with the nessesary info in ( a jobfile )

              the PowerShell scripts sees this file and runs a series of tests and commands to the exchange and lync servers to fulfill whatever commands were given in the jobfile.

              It's been doing it for two weeks now with no real troubles.

              for lync it basically does three things...

              it enables a lync sipaddress when the primary smtp address has been created through exchange
              it disables a lync sipaddress
              it reenables a lync sipaddress when the primary smtp address changes

              this was my first real powershell script, so I am sure its not well written, but it does work.
              powershell is quite powerful at some stuff and really backwards in other areas...