Windows Vista/XP clients will be unable to join online meetings
http://go.microsoft.com/fwlink/?LinkId=275856
| Target | Microsoft.KnowledgeServices.Lync.2010.CsServer | ||
| Parent Monitor | System.Health.ConfigurationState | ||
| Category | Alert | ||
| Enabled | True | ||
| Alert Generate | True | ||
| Alert Severity | Warning | ||
| Alert Priority | High | ||
| Alert Auto Resolve | True | ||
| Monitor Type | Microsoft.KnowledgeServices.Library.PowerShellMonitorEx | ||
| Remotable | True | ||
| Accessibility | Public | ||
| Alert Message |
| ||
| RunAs | Microsoft.KnowledgeServices.ElevatedAccount | ||
| Comment | SupportTopic=TBD;VersionNumber=1.0.0.0; |
Home<UnitMonitor ID="Monitor_AKN421370" Comment="SupportTopic=TBD;VersionNumber=1.0.0.0;" Accessibility="Public" Enabled="true" Target="MicrosoftKnowledgeServicesLyncLibrary!Microsoft.KnowledgeServices.Lync.2010.CsServer" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="High" RunAs="KnowledgeServicesLibrary!Microsoft.KnowledgeServices.ElevatedAccount" TypeID="KnowledgeServicesLibrary!Microsoft.KnowledgeServices.Library.PowerShellMonitorEx" ConfirmDelivery="true">
<Category>Alert</Category>
<AlertSettings AlertMessage="MonitorMessage468f76ea1473424b96d1abe003ff57c2">
<AlertOnState>Error</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>High</AlertPriority>
<AlertSeverity>Warning</AlertSeverity>
<AlertParameters>
<AlertParameter1>$Target/Property[Type="MicrosoftKnowledgeServicesLyncLibrary!Microsoft.KnowledgeServices.Lync.2010.CsServer"]/ReplicaFqdn$</AlertParameter1>
<AlertParameter2>$Data/Context/Property[@Name='NtlmMinClientSec']$</AlertParameter2>
<AlertParameter3>$Data/Context/Property[@Name='NtlmMinServerSec']$</AlertParameter3>
</AlertParameters>
</AlertSettings>
<OperationalStates>
<OperationalState ID="Success" MonitorTypeStateID="Success" HealthState="Success"/>
<OperationalState ID="Error" MonitorTypeStateID="Error" HealthState="Error"/>
</OperationalStates>
<Configuration>
<ScriptName>AKN421370.ps1</ScriptName>
<Parameters/>
<ScriptBody>
$ErrorActionPreference = "Stop"
# Set up the arguments
$scriptargs = new-object psobject
# Set up the output
$global:scriptoutput = new-object psobject
$scriptoutput | add-member NoteProperty "HasIssue" $false
$scriptoutput | add-member NoteProperty "NtlmMinClientSec" ""
$scriptoutput | add-member NoteProperty "NtlmMinServerSec" ""
#-----------------------------------------------------
# MAIN CODE SECTION
#-----------------------------------------------------
# Environment
$scriptenv = New-Object psobject
$scriptenv | Add-Member NoteProperty "RuntimeError" $false
$scriptenv | Add-Member NoteProperty "NtlmMinClientSec" ""
$scriptenv | Add-Member NoteProperty "NtlmMinServerSec" ""
$scriptenv | Add-Member NoteProperty "HasIssue" $false
function DetectSecurityOption()
{
# Only applicable to Windows Server 2008 R2
if (([System.Environment]::OSVersion.Version.Major -eq 6) -and ([System.Environment]::OSVersion.Version.Minor -eq 1))
{
$edgeServices = @(Get-Service | Where-Object { $_.DisplayName -like "*edge*" })
$feServices = @(Get-Service | Where-Object { $_.DisplayName -like "*Lync Server Front-End*" })
if(($edgeServices.Count -gt 0) -or ($feServices.Count -gt 0))
{
if(Test-Path Registry::HKLM\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0)
{
$RegLsa = Get-ItemProperty -Path Registry::HKLM\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
if(($RegLsa.NtlmMinClientSec -ne $null) -or ($RegLsa.NtlmMinServerSec -ne $null))
{
# 0x20000000 means 128-bit encryption. If the value of either this entry or the NtlmMinServerSec entry is 0x20000000, then the connection will fail unless 128-bit encryption is negotiated.
if((($RegLsa.NtlmMinClientSec -band 0x20000000) -gt 0) -or (($RegLsa.NtlmMinServerSec -band 0x20000000) -gt 0))
{
$scriptenv.HasIssue = $true
$scriptenv.NtlmMinClientSec = $RegLsa.NtlmMinClientSec.ToString()
$scriptenv.NtlmMinServerSec = $RegLsa.NtlmMinServerSec.ToString()
}
}
}
}
}
}
# Main Function
function AdvisorRule($scriptargs, $scriptoutput)
{
trap [Exception]
{
$scriptenv.RuntimeError = $true
continue
}
$scriptoutput.HasIssue = $false
DetectSecurityOption
if($scriptenv.HasIssue -eq $true -and $scriptenv.RuntimeError -eq $false)
{
$scriptoutput.HasIssue = $true
$scriptoutput.NtlmMinClientSec = $scriptenv.NtlmMinClientSec
$scriptoutput.NtlmMinServerSec = $scriptenv.NtlmMinServerSec
}
}
AdvisorRule $scriptargs $scriptoutput
# set the output
$mom = new-object -comobject "MOM.ScriptAPI"
$bag = $mom.CreatePropertyBag()
if ($scriptoutput.HasIssue -ne $null)
{
$bag.AddValue("HasIssue", $scriptoutput.HasIssue)
}
if ($scriptoutput.NtlmMinClientSec -ne $null)
{
$bag.AddValue("NtlmMinClientSec", $scriptoutput.NtlmMinClientSec)
}
if ($scriptoutput.NtlmMinServerSec -ne $null)
{
$bag.AddValue("NtlmMinServerSec", $scriptoutput.NtlmMinServerSec)
}
$bag
</ScriptBody>
<SnapIns/>
<TimeoutSeconds>300</TimeoutSeconds>
<Schedule>14400</Schedule>
<ErrorExpression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name='HasIssue']</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">true</Value>
</ValueExpression>
</SimpleExpression>
</ErrorExpression>
<SuccessExpression>
<Not>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name='HasIssue']</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">true</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</Not>
</SuccessExpression>
</Configuration>
</UnitMonitor>