About Me

My photo
TsooRad is a blog for John Weber. John is a Skype for Business MVP (2015-2018) - before that, a Lync Server MVP (2010-2014). My day job is titled "Technical Lead, MS UC" - I work with an awesome group of people at CDW, LLC. I’ve been at this gig in one fashion or another since 1988 - starting with desktops (remember Z-248’s?) and now I am in Portland, Oregon. I focus on collaboration and infrastructure. This means Exchange of all flavors, Skype, LCS/OCS/Lync, Windows, business process, and learning new stuff. I have a variety of interests - some of which may rear their ugly head in this forum. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. One of these days, I intend to start teaching. The opinions expressed on this blog are mine and mine alone.


audiocodes IPP firmware 3.1

A bit ago, I was the recipient of some new Audiocodes firmware for the 405, 440, 445, and 450.  There is an HRS version as well. 420 is not in this cycle.

Happy to report that based on rigorous Tsoorad Lab testing, all seems to be pretty good with this update.  Numerous new features (especially on the 445)  that bear looking at.  In my testing, I did not discover anything wrong – no devices bricked, they all came back working as expected, new features were there, everything worked as before (always a plus).

You can get yours right here. After 3.1 reaches GA, AC will  (I am somewhat convinced as they have in the past)  create and publish the necessary CAB files to enable pushing this update via SfB/Lync webserver methodology.  If you use the IPP Manager (either express or full) the IMG files work for updating – in my environment, it just works.

IPP Manager view of the new goodness:


SfB CSCP view of the old goodness – but you get the idea, right?  Just noticed that the HRS image cab is not showing.  I have asked my AC contacts about that.  Time will tell.


Either way, YMMV


Official SfB 2015 Server Disable TLS 1.0 and 1.1 part 3 guidance

As you may be aware, we have covered the upcoming 31 October 2018 TLS 1.0/1.1 support being removed from O365.  You can find that guidance here.  As promised, Microsoft has finally published the last pieces of the series.

You can find part 3 here.

As usual, I strongly recommend that you start looking at this now – some of this might take a bit of planning and coordination on your part to accomplish in a clean fashion.

Now is the time to get your sales types contacting existing customers and offering to help.  This will not be a clean thing; rest assured that there will be “issues” and IMHO there is significant potential for unintended consequences.



Personal Development Plan Redux

I harp on goals and plans with my team. Without them, on a project basis, we are toast. Without them, on a personal basis, we might be okay, but perhaps coasting along without an objective. With them, we can suddenly frame success, determine present and desired states, and develop action plans for achieving the stated success criteria.

As a recap of previous rants on this subject, I recommend planning your future, obtaining coaching where needed, and getting a mentor (or three). As a follow-up comment to the mentoring, you don’t have to have a formal mentor relationship. Someone might be successful in what you want to be doing, and just listening to them or perhaps emulating them (no blatant weirdness please) is the mentoring you needed.

Sometimes a mentor can be a formal top-down thing; but in general, a somewhat less rigid arrangement works better. For the last six months or so, I have had a very-less-formal mentor. There has never been anything in writing or verbal that would have established a mentor relationship. But she is. She has the unique ability to synthesize information into a coherent conclusion and then present verbally off the top of her head. Or so it seems. Maybe she is practicing late at night for those random occasions.

At any rate, just getting to listen to her is a learning experience. She demonstrates skills that I have never mastered. Maybe one day. But there’s more! Sort of like the infomercial – BUT WAIT!

For my edification, for the same price of admission as before, we also get other pearls of wisdom that make you sit back and think. Sometimes that is good, sometimes it is a catalyst that you have been searching for and never realized it. Other times it points out something that maybe you should consider revisiting. The other day, here came this one.

Mindtools dot com. An interesting site to say the least. The specific item that brought me here was informative, instructive, and timely. But in poking around this resource, I found this little slice of goodness that ties in nicely to your needs to plan your future: https://www.mindtools.com/courses/lnV924x0/PersonalDevelopmentPlanning.pdf

While I am waiting for you to breeze through 27 pages that can predict your future, allow me to observe that we are getting close to the midpoint of year – a perfect time to be looking at a goals and objectives review; work and personal must be in balance and if you follow my mantra, people should have to really know you to tell the difference.

OK, hopefully you have taken a few moments to peruse that planning guide. Furthermore, I hope that you realize that you can use the same techniques with your customer’s projects. Benjamin Franklin, is credited with: “Failing to plan is planning to fail” and that is certainly true in my experience. This tool could be the one thing that creates a tipping point and helps you achieve your goals.



IPP Manager Express Redux

A while back, I did a little write-up of Audiocodes IP Phone Manager Express.  You can read that right here.  A few days ago I installed a newer version and there is enough difference to warrant a redux.  Specifically, I would like to record for my own purposes a configuration that works (so I don’t forget) and maybe you can use it also.

Pre-Conclusion Statement

If you read no further, know this, I like the IPP Manager, I really do.

What are we doing here?

What we need to do is support a number of Audiocodes IP phones – a bunch of 405HD and 450HD models. We want some very basic changes made to the default OOBE configuration, nothing major, but we do want to be able to hand the phone to the user and have it just work.  Audiocodes calls this “Zero Touch” – which was enough of an attraction to get me to try it.  But, I ran into some “difficulties” when I attempted to interpret what somebody thinks is really outstanding documentation into a workable configuration.  After several emails, and several configuration sessions, I managed to achieve parity with the configuration genie. 

Diving In

Installation went as easily as before.  I did not understand the need for a clean server before and I don’t now.  Fuzzy logic on that one.  But, OK, I am in a freebie lab situation.  While the install is happening, let’s verify DHCP Option 160.  And right there we started having issues.  Which option to choose seems to be an ambiguous question as both seem to to work equally well, with ONE of them being preferred, but not required, and no clear (to me) guidance of which is which for my needs.  What I thought would work did not.  I had to use plan B.

Plan A:;ipp/dhcpoption160.cfg

Plan B:;ipp/tenant/Default

This did not jive with MY reading of the docs.  However, I am sure that I was doing something wrong, so I tried plan B.  At that point I was in Tshooting mode, and I don’t really know if the DHCP Option 160 choice fixed it or if it was the other part I did.  Either way, I found the documentation a smidge confusing.

At any rate

The install churns along, and before too long, we have this lovely “modern” “more visually attractive” “metro” site open on our local machine. You will note the devices already registered – so nice.


One of the things I neglected on my first pass through on the config of the tool, was the tenant.  Because the documentation said there was already one there… and so there was!  But it needed a touch of configuring itself, and that was a bit fuzzy as well. This version of the IPP Manager Express requires a “tenant” which is loosely equated to subnets, but could be a separate fiscal entity.  Clearly this line of management tool is meant for something much larger than my little slice of life.  OK, I can work with that.  A few more emails and a few guesses worked out the kinks in that one.


If you are doing the “see if the picture matches” thing, here is where you will find the mismatch.  My default tenant picture there is of my lab, where only have one subnet in my lab.  It is just me and my 8 favorite cartoon characters.  254 addresses is more than enough.  But, I have this customer.  You know those pesky customers.  They always seem to expect some sort of defined success.  And don’t you know these folks expected this tool to provision their phones when they have at least 12-15 subnets in the 172.xx.xx.xx/16 range, and the potential for having  SfB clients or a SfB-hosted phone on any of those segments to include the VPN segment.  Yes, Jimmy, I told them not to run the audio/video across the VPN.  You may sit now.

Defining the “tenant” with the proper subnet mask is REQUIRED.  Now, I suppose you could do something dogmatic and create a tenant for each subnet.  You could.  But I did not have a business requirement (see above) for that.  And notice that the subnet in the pic is a MASK not an actual IPv4 address.  We will wait while that runs through a digest cycle.

What we did was define the client subnet as or, /8 which is actually a huge supernet.  But works for the simplicity angle we were also looking for.  We know it is not technically correct to address it that way; but what it did was allow the one IPP Manager to handle ANY address needed.  According to the default tenant in this configuration of  IPP Phone Manager Express, any address that can talk to the server is on a valid subnet.

Moving On

The next thing was the need for a blank template per IPP model (the 405HD and 450HD) and then each needed a customization file.  Included in the install distribution is firmware from about April 2018, and the phones will make use of those firmware files that are newer than the phone. The point here is that I needed to create my own templates before things worked.  I may have (almost certainly) done something wrong in my initial setup.  I know I expected it to be more like my old version – so there is no telling what I did wrong.  I just know that what I have now works. 



I am not going to go through the tenant template file – yours won’t be like mine, but you can clearly see where I have a default tenant configuration template for each phone type and they are tagged (the green/white check mark) as the default.

Once you get this far, you still have a dead stock phone.  Let’s take a look at the edit from here out.  Navigate through the various options and see what is what.   Then click on the button indicated.

That gets you to this:  Fill things out to suit your needs:


Make sure that you select the “default” button or not depending on your needs.  You can always go back and make a new one if needed. I know that was needed in my case. Now, you would think that would do it, right?  Well, unless I was making a lot of bad choices, no, now you need to EDIT the entire thing. 

“Ah saved it.”  Huh?  Did I not already do that?  I guess not.

Let’s select “Edit” on our new template.


And you get this:


Scroll your badself down to the bottom – and there are multiple panes here – confusing as all get out when you work remote…. get to here:


Generate your Global Configuration Template for this ONE PHONE MODEL.



Now, not done yet, we want to edit the template:

Select this “Features” button:


In my case I needed the Daylight Savings Time and the Pin Lock.

Here is one, you can figure out the other I think.  But know that when you “SAVE” at the bottom, it will write a secondary config file that the global template will read and enforce.  And that file IS created when you click save.  Don’t ask me, the inconsistency killed me too.


Save it…this file is actually located on the ACPhoneMgr drive.


Why the different file saving scheme I have no idea.  But you need both for this to work.  At this point, power cycling a phone does the trick. Phone installs new firmware; reboots, then changes configuration as we want.  So nice.


There is some disconnect between the versions, perhaps due to my lack of mental agility.  This version seems to have some fuzzy documentation – again it could be me.  This is nice piece of kit once you get it cranked. 


I bricked a 450HD while testing this. Phone recovery did not go so well.  Have you ever wondered why a phone with a USB port doesn’t read that port for firmware and as part of the phone bootstrap routine install whatever it finds there?

As always, YMMV


SfB Disabling TLS 1.0/1.1 Guidance

On October 31, 2018, Microsoft Office 365 will be disabling support for TLS 1.0 and 1.1. This means that, starting on October 31, 2018, all client-server and browser-server combinations must use TLS 1.2 or later protocol versions to be able to connect without issues to Office 365 services. This may require certain client-server and browser-server combinations to be updated.


SfB impact?

At a high level, this requires installing Skype for Business Server 2015 CU6 HF2, applying pre-requisite updates to .Net and SQL, and finally another, separate round of OS configuration updates, i.e. disabling TLS 1.0 and 1.1 via registry file import. It is critically important that you complete installation of all prerequisites, including Skype for Business Server 2015 CU6 HF2, prior to disabling TLS 1.0 and 1.1 on any server in your environment. Every Skype for Business Server, including Edge role and SQL Backends, require the updates. Also ensure that all supported (in-scope) clients have been updated to the required minimum versions. Don’t forget to update management workstations as well.

Background reading:


And then read part 1 here for more background specific to SfB/Lync and the supportability statements


Part 2 here gets into the weeds a bit on “How To Achieve”.


Part 3 will be published at a later date. 


Here is guidance for Lync Phone Edition (LPE):


General TLS1.2 whitepaper:


Here is the Microsoft Exchange equivalent:

Part 1


Part 2


And big surprise, part 3 to be published later.


If you or your customer is doing anything with Office 365 hybrid, then you need to be reading all of this and figuring out your next steps.


Consultant Marketing Plan

My team gets tired, I am sure, of hearing me urge them to get out in front of Sales. Sales needs to have something to sell; engineers need sales to sell them. But, there is no process to follow to tell the local sales types what is available. After all, my skill set does not map directly to some nifty SKU in a catalog.

I am reasonably certain that is true for almost all humans. If that is true, and there is no process or guidebook on how to “get in front of sales”, how can you expect the sales team to sell something they don’t know about?

The answer, of course, is found in your personal marketing plan. Let’s pause here while you do some light reading here, here, and here. What do I get out of that reading? That the definition is going to change from group to group. So, here is my take on this. Marketing is educating the consumer about why they need/want you or what you offer. In this case the consumer is the sales team. The sales team needs to know why their customer needs/wants you.

How do I do that?

Here is the rub: The answer to that question is going to change for each person. I can give you general guidance, but my personality (or lack thereof according to the SO) will make what I do work for me, but not necessarily for you. But, let’s give this a swing anyway, ok?


Another thing my team is tired of hearing is goals, objectives, planning, focus, and accomplishing those goals and objectives. So, start there. Make yourself a backwards planning shell and pick a date in the future and set a goal of being able to approach the FSM in your market with the offer of at least one presentation to the local weekly sales huddle. You might need to make sure that this presentation also appears in PPT format so that you can contact your neighboring branch FSM’s also.

What is the content of this presentation?

A better question is: what is the delivery? The content of the presentation is your willingness to help with pre-sales. Delivery of the message/presentation will take many forms and need constant reinforcement. One FSM might not want to have a “presentation” but is totally willing to do email and other options. Your delivery in that case is more electronic and you’ll have to make a point to get face time with the branch staff. And a solid point here is: nothing replaces face time. I don’t care how good your video conference solution is, it is not face time.

You need to have an elevator pitch tailored to the sales team. Delivery of that pitch does require face time. But you need to be doing that anyway. Sales won’t sell what they don’t know. They need to know you.

Your resume needs attention at least once a quarter. Maybe all you do is read it aloud and decide it is still valid. But maybe you might want to update a significant achievement. Maybe you achieved another goal and passed a test or two. Added some more Mic, Key to your signature block. But, at least it is up to date. And have it in PDF format so that you can drop it into email on demand. Perhaps, if you are ultra-inventive, you will create a one-page marketing slick.

Send the resume and/or slick to the FSM, CEM, CSM, et cetera. Make sure the RC gets a copy also.

You will also want to get together with your SDM, CSM, CEM, FSM, and AE types and flat out ask them what they need/want. Make an appointment with the SDM, FSM, CEM, CSM, and be prepared to discuss the following question:

“What can I be doing to help sales be successful?”

Notice that I approached this not as “what do *I* get” but rather what does the sales person get. Appeal to their personal interests and structure. I market myself to the sales teams. I educate them on what I offer to their success.

Remember that you have a story to tell; but you need to keep it out of the techie weeds and relate your skills and accomplishments in business terms. Technical details should stay in the 150-175 level.

On actual pre-sales calls you may need to drive past the 300 stuff, but for this purpose, something less detailed is much better. Your friendly sales executive needs to be able to spin the story to their customers. You need to give the sales team the data needed to create the story, but the data needs to be in an understandable form for the receiver, not the sender.

Time Time Time

But all this takes time. Building a reputation and instilling confidence in both your abilities and the idea of approaching the sales team is not going to happen overnight. It will take a bit. Take the time to create the goal and then figure out how to achieve that goal within the next quarter. Be prepared to adjust your plan based on input from the previously noted acronyms. Then take that plan to your SDM. You need an IDP outline anyway, right? It might as well be something useful!

In the end…

Being a consultant is much more than successful project delivery. A consultant should be helping with the entire sales process. A consultant recognizes the need to market themselves to the sales team and takes appropriate actions to achieve that goal.

Do you want to expand your career but are struggling with getting started? I am here to help.



FastTrack Network Checking

You may not know but Microsoft is providing a fairly nice tool to check your network for SfB performance.  Free.  Free is a very good price, eh?

I am not going to extol the virtues and services offered by fastrack.microsoft.com, I just want to delve a little into the network checking tool.  And, this tool has been around for a bit.  So, I wanted to get a little updated review.

First off, I cannot even find this thing anywhere on the https://fasttrack.microsoft.com site.  Sorry.  Maybe I am blind,  but I am not seeing it anywhere.  There is probably some zippy button marked “tools” but I am just not groking.  Having said that, I know of




Here I am checking my lab tenant against the ap1 site.


Note the two addresses given by the tool…


The 76 address is my laptop, currently operating from a hotel out in the middle of the Oregon Cascade mountain range.  So, this connection is going to be testing from my laptop to the AP1 site to see how things stack up. 

With a little imagination, you could bury a workstation in some remote spot on your network, and pretty much map out the entire path to the world – giving a glimpse into how things line up.  This could be useful, yes?

You can see that the lag from here to there is running about 170 ms, which might be so great in some circumstances. 


Overall, the tool produces a raft of great info… here is the summary tab.  Note that something is not quite right as the tool cannot simulate VOIP traffic.  Could be something you need to look into here?

Here is the same test run against the NA1 site.  Note the differences.  We also now have a MOS score.  3.2 is not as good as we want, but doable.  Not too bad for out of a hotel where I am sharing bandwidth with 200 other rooms.



We also got some nice jitter measurements on this run…


And finally, if you drive into the route tab, you will get more data points.


What do you think you could do with information such as this?


If you have questions about any attribute/factor measured in these tests, there is also a handy glossary. 

If you or your organization is considering moving to Office 365 in any capacity, this is one of the first tools you should be working. I have been telling customers for a long time that if we do our job right, then any problems will be network, firewall, or load balancers.  This tool can help you prove that.  In a more complex internal net, you might even be able to tell the network team right where to look!


audiocodes IPP firmware 3.1

A bit ago, I was the recipient of some new Audiocodes firmware for the 405, 440, 445, and 450.  There is an HRS version as well. 420 is not ...