Critical Update Confusion

Happy Wednesday, (Well as happy as an Wednesday can be I guess…) I was prompted by a user that their machine was behind on updates as were many others as they tried updating from the web and got lots of updates.  I did some checking and all the updates looked to be fairly recent within the last month but were listed as Critical level updates.  This confused me as I have critical level updates deploying more often than once a month to not get behind on security vulnerabilities as Microsoft patches them.  After some research I realized there is a difference between Critical level severity and Critical level update classifications.  Microsoft defines Critical Updates as “A widely released fix for a specific problem that addresses a critical, non-security-related bug.”  So just because it’s in the critical update classification it may not have an severity level of critical.  In fact critical level updates have a severity of none as they are not related to security.  So critical severity updates are security only.  Critical update classification is non security updates.  The critical severity level updates fall into the security update classification.  So if your like me and push out critical severity security updates more often than your other updates don’t start thinking SCCM isn’t working since you got confused between Update classifications and Severity levels.  Found my answer on the technet forums as someone else was confused like I was.  Happy Updating.

Technet Forum post referenced


Number of active active sync devices connected to Exchange

Happy Monday everyone,  I haven’t posted anything in a while so I thought I would do a quick post of a short script I wrote the other day.  I was curious how many ActiveSync devices connected that were actively being used in our Exchange.  So after scouring around and discovering the get-mobiledevicestatistics cmdlet for Exchange I came up with the below.

get-mailbox -resultsize unlimited | foreach {Get-MobileDeviceStatistics -mailbox $_.Identity  | Where-Object {$_.LastSuccessSync -gt "06/01/2017"} | select-object identity, LastSuccessSync }

This will give you the identity of the device and the last successful sync time.  You could then pipe this into a export-csv to get a copy of the report or measure-object  to get a count of the objects.   Make sure to change the LastSuccessSync date.

Have a great week everyone.

Dial in Conferencing with ShoreTel and Skype for Business 2015/Lync

Hi everyone I haven’t posted anything in a couple of months and have been very busy on a project which I thought I would go over.  Recently the company I work for has been interested in adding dial-in conferencing to our Skype for Business 2015 environment to alleviate some of the costs associated with paying for a web conference service especially since we already were using Skype4B for IM and ShoreTel for our phones.  I already had an Edge server in place for external participants so all I really needed to do was add the dial-in conferencing functionality so that PSTN callers could get in.   Before I get started I’m not attending to give a full tutorial here as many others on the Skype for Business side have written articles but the information is kind of lacking on how to make all these systems talk together and I thought I would provide my notes on what I learned in this experience.  My article is going to be geared at someone using ShoreTel but a lot of this could be applied to anyone with an IP-PBX phone system (Cisco, ShoreTel etc) that wants to hook it to Skype for Business.

This system takes three main parts.  Skype for Business, A VoIP gateway such as the Audiocodes Mediant SBC, and a ShoreTel switch (or whatever has SIP trunks taking PSTN calls back to Skype).


The whole system goes like this,  Skype for Business hosts the calls and conference numbers and the auto attendant for entering your conference ID.  Audiocodes is the interface between the two as they can’t talk to each other directly as Skype uses TLS SIP and ShoreTel uses UDP SIP .  It also does transcoding if needed between different audio codecs (Skype speaks G.711 whereas your phone system may or may not).  Your ShoreTel switch hosts the SIP trunks and takes the PSTN calls from the outside and sends them to Audio codes.

Now I am not going to do a full tutorial from here on out but instead notes of issues I ran into and documentation I have found useful.


  • ShoreTel has provided documentation on how to set this and the AudioCodes box up so that they can talk to each other and talk to Skype for Business. AudioCodes provides similar documentation once you are a registered user on their site after you have purchased support.
  • A note to anyone on ShoreTel Connect this document could become irrelevant as I have been told by ShoreTel that Skype can hook to ShoreTel directly without the need for AudioCodes via a plugin for Skype for Business.  I ‘m not exactly sure how it works but I am looking to find out more info from ShoreTel if their engineer ever gets back to me.  If you are on ShoreTel version 14.2 or older or you have a different phone system without Skype for Business support a VOIP gateway from AudioCodes may be your only option.
  • You can install the ShoreTel virtual appliance hosted on VMware instead physical switch.  VMware even has a free bare metal version for free! My finding is this will save you money on SIP trunks as the ShoreTel hardware is kind of expensive just to run SIP trunks and you can add SIP trunks simply by buying licenses from ShoreTel instead of having to purchase more dedicated physical hardware and licenses.  (Hint make sure you buy virtual trunk licenses as there are like three different kinds of ShoreTel SIP trunk licenses).
  •  I have encountered ShoreTel virtual switch issues with using G.729 with a virtual switch instead of G.711.  I am not sure if it is some kind of bug in the ShoreTel software but I found some others talking about it in the link below so I simply changed AudioCodes to use G.711 which is probably better as that avoids transcoding.  G.711 does use more bandwidth than G.729 so that is another consideration.
  • Don’t forget to turn on caller id on the ShoreTel side for your sip trunk group unless you like all your callers coming in as anonymous.  Also, Skype4B is supposed to use information in AD to figure out who is who in combination with caller ID also but I haven’t quite figured out how that all works and the documentation is lacking.


  • Avoid transcoding if possible as for example with my 800b ESBC it is limited to 100 sessions with transcoding and 250 without.
  • Make sure you buy the right AudioCodes hardware and licenses as my vendor sold me the wrong one and although I could have added the SBC application license it was cheaper to buy the proper box with the SBC application already installed so be sure it comes with the SBC application license.
  • When Audiocodes needs the ShoreTel IP to send traffic to it is looking for your ShoreTel SIP trunk switch IP not the headquarters server.

Skype for Business


Ok, for now, that is all I can think of and I hope some of this might be useful for someone struggling to figure this out on their own. I will add additional links and content if I find any more.  If anyone has additional questions please post them in the comments and I will try and answer them.



Reimaging with OEM licenses

I came across a TechNet blog post on Microsofts site the other day that taught me something new I thought I would pass along in case it would help someone out.  If you don’t have software assurance with Microsoft but are a volume license customer you can deploy volume license media providing you have keys and the edition of the OEM OS and the Volume License match.  This means you don’t have to be purchasing volume licenses to reimage provided you do have at least a few volume licenses of the software you are trying to deploy.  The below blog posts provide more info.  Guess you learn something new every day.


SCCM OSD error 0x80091007 hash mismatch with WIM

I had a Lenovo x240 laptop that wouldn’t image.  Other machines would image just fine so I did what any decent SCCM admin would do I looked at the smsts.log and found an error something like 0x80091007 indicating a hash mismatch between the DP and the WIM on the machine.  Normally when this occurs the normal recommendation is to refresh the DP with a new copy of the WIM to make sure the DP doesn’t have a bad copy from the main SCCM server but as other pc’s were imaging fine off the same DP it had to be either with that specific machine or something with that model of PC’s.  After digging and getting nowhere I stumbled on this article from  detailing all the way back in 2010 how a bad ram stick could cause the hash mismatch.  So I replaced the RAM and sure enough, it was fixed and I was on its way.  Goes to show sometimes the simple things can be the fix.  I was looking for something a little more elaborate.

TCP/IP stack reset to default value Windows 10

I encountered a strange issue with windows 10 not connecting to wired or wireless networks and based on the description from the user had them send their laptop in for further review.  Each adapter was in an identifying state and I later learned at a 169.245.x.x IP address.  At first, I assumed hardware issues as both the wireless and wired adapter weren’t working (although I guess they would be on separate chips?).  I suppose if I had given it more thought I might have thought what do both share…the TCP/IP stack.  And that was exactly what I needed to do to fix it.  So just in case someone is struggling with this issue follow the below.  I can’t take credit for this fix though as I found the answer at

  1. Run command prompt as administrator.
  2. netsh winsock reset catalog
    netsh int ipv4 reset reset.log
  3. Restart PC

Finding messages sent to a distribution group in Exchange message tracking.

It’s pretty easy to use the get-messagetrackinglog cmdlet to find what mail was sent to a particular mailbox and by whom but what if you wanted to search for emails sent to a distribution list to make sure they were indeed being sent there.  I had a distribution list today that someone said they weren’t receiving any emails sent to it.  It was caused by another issue but the message tracking log allowed me to get a better idea of what was actually being sent to the distribution group.


So if for some reason you want to find out what is being sent to a distribution group
see the PowerShell below.

Get-MessageTrackingLog -resultsize unlimited -EventID Expand | ? {$_.RelatedRecipientAddress -like ""} | ft Timestamp,Sender,MessageSubject -Autosize