Rolling out certs through Group Olicy

By -
How do I roll out a certificate to every client in my organisation?

Now we have OCS installed, we need to put the internal certificate into the "Trusted Root Certificates" folder on each client. The easy way to do this is to push out the certificate through a Group Policy.

We can do this easily and quickly.

Start by making a copy of the certificate. You can do this by exporting the file from the certificate snap in in MMC on the Front End server. Export it to a location you can reach on the Domain Controller.



Now on the Domain Controller we open the Group Policy Editor.


Under Computer Configuration >> Windows Settings >> Security Settings >> Public Key Policies >> Trusted root Certification Authority -- Import and choose the location of the cert we exported earlier.




Now we can see the cert in here, we know it will be pushed to each client on next login once replication of Group Policies have been completed.

Comments

Post a Comment

Popular posts from this blog

Teams Device Health Monitoring and Reporting

By -
Image
 Microsoft have snuck in a nice new feature into the Teams Admin Center (TAC). We now see a new Notifications and Alerts  menu tree and below this Rules. When we go in here, we find only a single Default  Device State Rule with no option to create any new rules (yet at least...) When we edit this rule, we can see that we now have an option to monitor specific devices (think meeting room devices, collaboration bars etc.. here) Under Device users  we click on +ADD  then enter the name of the account, or accounts if you are monitoring multiple devices, associated with the device, such as the resource account. Then under Actions  we can choose either Channel alert  - to have a nice alert sent to our Teams Channel   OR Webhook  to use webhooks for alerting. Finally ensure to select Active  then Save. Once set up this will take maybe 15 mins to replicate and set up. Then once a device has gone offline, the alert will be sent "Immediately", how...
Read more

Unassigned Numbers in Microsoft Teams using Audiocodes SBC

By -
Image
Unlike Skype for Business, Microsoft Teams does not natively support the handling of Unassigned numbers in the system. So if someone leaves your organisation and you remove the number from them and someone tries to call it, the call will drop. Technically, Teams will return a "404 Not Found" back to the SBC and back on to the telco. What we can do here is to then assign the 404 error to a Route, change the Destination Number (to a call queue or to your main Reception number for example) and route it back to Teams. To do this there are a few simple steps: Step 1 – Create an Alternative Reasons Set Step 2 – Configure existing Teams IP Group to use the SBC Alternative Routing Reason Set Step 3 - Create new IPG Step 4 – Create a new route in IP-to-IP Routing Step 5 - Manipulate Numbers Step 6 – Test  Step 1 – Create an Alternative Reasons Set The first thing we need to do is create an " Alternative Routing Set ", we find this under Setup >> Signaling & Media ...
Read more

Skype for Business Edge Server replication troubleshooter

By -
Image
Many times in Skype for Business/Lync the main issue I come across is the deployment is that the edge server(s) fails to replicate. We see this when we run the command in Skype for Business Management Shell : Get-CsManagementStoreReplicationStatus and we see that the edge servers have False and no LastStatusReport or ProductVersion is shown as below. There are a number of things which can cause this and I am going to list them here. Try them in order here as this will contain the most common to the least common issues I found. Ø   Routing Ø   Firewall rules Ø   DNS suffix Ø   DNS (Local and LAN) Ø   Registry entries for SCHANNEL Ø   Certificates A check we can use to see if the replication is working can be done by trying to connect to the following URL from the Front End Server whish hosts the CMS: https://edgeinternalfqdn.domain.ie:4443/Replicationwebservice You should get the following screen: Without thi...
Read more