05/04/2011, 10:44
Script to enable routes from Lync to VCS Control:
######################################################################################################################################################################################
# New-CiscoTelepresenceIntegration.ps1
#
# Adds config in Lync 2010 for integration with Cisco Telepresence (Tandberg)
#
# Can optionally write logs to file or screen using -verbose and/or -logFile inputs
#
# eg.
# Clean Lync installation
# .\New-CiscoTelepresenceIntegration.ps1 -vcscfqdn vcsc011.contoso.com -lsfepool lspool01.contoso.com -CTPSipDomain video.contoso.com -logFile "c:\logfile.txt"
#
# Coexisting with OCS 2007 R2
# .\New-CiscoTelepresenceIntegration.ps1 -coexistence $true -r2pool r2pool01.contoso.com -lsfepool lspool01.contoso.com -CTPSipDomain video.contoso.com -logFile "c:\logfile.txt"
#
# Migration from OCS 2007 R2 to Lync
# .\New-CiscoTelepresenceIntegration.ps1 -hascoexisted $true -vcscfqdn vcsc011.contoso.com -lsfepool lspool01.contoso.com -CTPSipDomain video.contoso.com -logFile "c:\logfile.txt"
#
# Important:
# This will delete any existing static routes created ! Do not run the script with hascoexisted = $true if you have added manual routes other than OCS/Lync/CTP integration
#
# Written by Tom-Inge Larsen (<a href="http://www.codesalot.com">www.codesalot.com</a>), Peder Saether and Trond Egil Gjelsvik-Bakke
# Based on config made by Marjus Sirvinsks (marjuss.wordpress.cm)
#
#######################################################################################################################################################################################
param($logFile,$coexistence=$false,$hascoexisted,$CTPSipDomain,$lsfepool,$r2pool,$vcscfqdn)
if ($logFile -ne $null) {
$a = "Steps made to enable integration with Cisco Telepresence: `n"
Out-File -FilePath $logfile -InputObject $a
}
if ($lsfepool -eq $null) {
$lsfepool = Read-Host "Please enter Lync Front End pool FQDN."
}
if ($CTPSipDomain -eq $null) {
$CTPSipDomain = Read-Host "Please enter the SIP domain in the Cisco Telepresence environment."
}
if ($coexistence -eq $false) {
#Change encryption level if SRTP option is not available for VCS
$mediaconfiguration = get-csmediaconfiguration
$requireencryption = ($mediaconfiguration.EncryptionLevel -eq "RequireEncryption")
if ($requireencryption) {
write-warning "This will set the media encryption level to Support Encryption. Are you sure you want to do this? (y/n)"
$confirmation = Read-Host
} else {
$confirmation = 'y'
}
switch ($confirmation) {
'y' {
set-CsMediaConfiguration -EncryptionLevel supportencryption
$registrarid = "service:registrar:"+$lsfepool
$trustedappregistrar = "Registrar:"+$lsfepool
if ($hascoexisted -eq $true) {
Remove-CsStaticRoutingConfiguration -Identity $registrarid
}
if ($vcscfqdn -eq $null) {
$vcscfqdn = Read-Host "Please enter the FQDN for the VCS Control"
}
#Establish trust
$applicationpooladded = $true
New-CsTrustedApplicationPool -Identity $vcscfqdn -Registrar $trustedappregistrar -site 1 -RequiresReplication $false -ThrottleAsServer $true -TreatAsAuthenticated $true -force
New-CsTrustedApplication -ApplicationID "CiscoTelepresenceDirectSIP" -TrustedApplicationPoolFqdn $vcscfqdn -Port 5061
#Create static routes if needed
if ($hascoexisted -eq $true) {
New-CsRegistrarConfiguration -Identity $registrarid
}
New-CsStaticRoutingConfiguration -identity $registrarid
$route = New-CsStaticRoute -TLSRoute -destination $vcscfqdn -port 5061 -matchuri $CTPSipDomain -usedefaultcertificate $true
Set-CsStaticRoutingConfiguration -identity $registrarid -route @{Add=$route}
Enable-CsTopology
}
'n' {
Write-Warning "No change was made to the topology. Media Encryption Level must be set to Support Encryption"
if ($logFile -ne $null) {
$a = "No change has been made. `n"
Out-File -FilePath $logfile -InputObject $a -Append
}
}
}
}
else {
# If we coexist with R2, we might want to route all traffic via R2 FE, to possibly avoid
# compromising security with deployments using TCP or if Lync is only intended as a
# pilot.
if ($r2pool -eq $null) {
$r2pool = Read-Host "Please enter OCS 2007 R2 Front End pool FQDN."
}
$registrarid = "service:registrar:"+$lsfepool
New-CsRegistrarConfiguration -Identity $registrarid
New-CsStaticRoutingConfiguration -identity $registrarid
$route = New-CsStaticRoute -TLSRoute -destination $r2pool -port 5061 -matchuri $CTPSipDomain -usedefaultcertificate $true
Set-CsStaticRoutingConfiguration -identity $registrarid -route @{Add=$route}
Enable-CsTopology
}
if ($logFile -ne $null) {
$a = "Route added: `n"
Out-File -FilePath $logfile -InputObject $a -Append
Get-CsStaticRoutingConfiguration $registrarid | Select-Object -ExpandProperty Route | Where-Object {$_.MatchUri -eq $CTPSipDomain} | Out-File -FilePath $logfile -Append
if ($applicationpooladded -eq $true){
$a = "`nTrusted Application Pool added:`n"
Out-File -FilePath $logfile -InputObject $a -Append
Get-CsTrustedApplicationPool $vcscfqdn | Out-File $logfile -append
}
$a = "`nRegistrar added:`n"
Out-File -FilePath $logfile -InputObject $a -Append
Get-CsStaticRoutingConfiguration $registrarid | Out-File $logFile -append
if ($confirmation -eq 'y') {
$a = "`nMedia encryption level was already set to or was set to Support Encryption.`n"
Out-File -FilePath $logfile -InputObject $a -Append
}
Write-Host "Logfile: " $logFile "is written."
}
[...] routing config 26/05/2011, 09:51 After adding a static route to Lync (for example when adding a CTP integration) you can use the following command to show the [...]
I’m working in a OCS/Lync coexistance environment. Is this script intended for use after a merge topology has taken place?
Hi
Doesn’t really matter, because it only affects static routes in Lync and not really the migration and coexistence with OCS.
Though normally I don’t touch the Cisco part until I’ve got full functionality between OCS and Lync, so I run it after the topologies have been merged under normal circumstances.
Tom