Category Archives: OAuth

Skype for Business and High Definition Photos

In Skype for Business Server 2015 photos can be stored in a user’s Microsoft Exchange Server 2013 mailbox; that allows for photo sizes up to 648 pixels by 648 pixels. In addition to that, Exchange 2013 can automatically resize these photos for use in different products as needed. That means three different photo sizes and resolutions:

  • 48 pixels by 48 pixels, the size used for the Active Directory thumbnailPhoto attribute. If you upload a photo to Exchange 2013 Exchange will automatically create a 48 pixel by 48 pixel version of that photo and update the user’s thumbnailPhoto attribute. Note, however, that the reverse is not true: if you manually update the thumbnailPhoto attribute in Active Directory the photo in the user’s Exchange 2013 mailbox will not automatically be updated.
  • 96 pixels by 96 pixels, for use in Microsoft Outlook 2013 Web App, Microsoft Outlook 2013, Skype for Business Web App, and Skype for Business.
  • 648 pixels by 648 pixels, for use in Skype for Business and Skype for Business Web App Skype for Business Web App.


Note: If you have the resources, it is recommended that you upload 648×648 photos; that provides the maximum Continue reading

Leave a comment

Filed under Exchange 2013, HD Photo, OAuth, Skype for Business Server 2015

Step by Step Enabling Instant Messaging on Outlook Web App (OWA) with Skype for Business Server 2015

Integrating Skype for Business Server and Outlook Web App adds instant messaging and presence to Outlook Web App and enables your unified contact list to be shared between Outlook Web App and Skype for Business.

After server-to-server authentication is in place (check another post of mine here) we then can enable Instant Messaging from OWA

Here are a couple of things to know before starting:

You must verify that the Unified Communications Managed API 4.0 Runtime has been installed in your Microsoft Exchange Server 2013 backend server. You can do this by looking for the existence of the following registry value:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchange OWA\InstantMessaging\ImplementationDLLPath

If you have installed the Microsoft Exchange Unified Messaging Call Router service and the Microsoft Exchange Unified Messaging service on the same computer then there is no need to create a trusted application pool for Outlook Web App. (This assumes that the server in question is hosting a SipName UM dial plan.) Skype for Business Server 2015 can autodiscover any Exchange servers that host a SipName UM dial plan and create a Known Server List. I must create a Skype Continue reading


Filed under Exchange 2013, Instant Messaging, OAuth, Outlook Web App, Skype for Business Server 2015, Step by Step

Skype for Business Server 2015 Archiving with Exchange 2013 Step by Step

Exchange 2013 can provide archiving storage of Skype for Business Server 2015 instant messages between contacts and web conferencing transcripts. These are stored in the user’s Exchange mailbox removing the requirement of a SQL Server database. There is an area within the user’s mailbox that is hidden from the end user, but indexed by Exchange which allows integrated discovery. Information is stored in the same folder used by the Exchange In-Place Hold feature. The folder is the Purges folder which is hidden and found in the Recoverable Items folder. Using the eDiscovery Center in SharePoint 2013 or In-Place eDiscovery in Exchange 2013 allows searching any archived content.

The following types of content can be archived:

  • Peer-to-peer instant messages
  • Conferences (meetings), which are multiparty instant messages
  • Conference content, including uploaded content (for example, handouts) and event-related content (for example, joining, leaving, uploading sharing, and changes in visibility)
  • Whiteboards and polls shared during a conference

The following types of content are not archived: Continue reading

Leave a comment

Filed under Archiving, Exchange 2013, OAuth, Skype for Business Server 2015, Step by Step

Skype for Business and the Unified Contact Store (UCS) Step by Step

Step by Step Guide on how to Configure UCS with Skype for Business Server 2015

When Skype for Business Server 2015 and Exchange 2013 are deployed together, user contact lists can be stored on Exchange 2013 and called using EWS instead of SIP requests to the Skype for Business Server. By default, contact lists are stored in Skype for Business’s SQL database.

Enabling the UCS allows users to work with a single contact list across all the Microsoft Office applications.

The pre-requisites to enable the Unified Contact Store (UCS) are:

Exchange 2013 CU1 installed and configured 

Skype for Business Server 2015 or Lync Server 2013 configured

Ensure server-to-server authentication is in place using the OAuthTokenIssuer Certificate
(check another post of mine here)

By default, there is only one CsUserServicesPolicy; the Global policy. This controls whether UCS is enabled or not


Get-CsUserServicesPolicy shows information about the User Services policies

If you want granular control of this setting to users, you will need to create other policies using the New-CsUserServicesPolicy cmdlet and set the UcsAllowed parameter to $True. This level of control allows application at the global, site, or the per-user scope allowing administrators to configure users to store contacts in either SQL or Exchange 2013. This command will disable the CsUserServicesPolicy Global UcsAllowed parameter, perhaps something that should be done before even contemplating this feature:

Set-CsUserServicesPolicy –Identity Global –UcsAllowed $False


Set-CsUserServicesPolicy used to disable UCS in the Global Policy

Continue reading

Leave a comment

Filed under OAuth, Skype for Business Server 2015, Step by Step, UCS, Unified Contact Store

Server-to-Server Authentication OAuth for On Premises Skype for Business Server 2015 and Exchange 2013

Skype for Business Server 2015 utilises other applications and server products and must be able to communicate securely and seamlessly with them.

Take for example the Unified Contact Store and Exchange 2013. If you want to configure Skype for Business Server to use Exchange 2013 to store contact data, you will need to have the Exchange Server and Skype for Business Server talking to each other securely.

A secure standardised method for this communication with Exchange and also with SharePoint, can be utilised. Skype for Business Server 2015, Exchange 2013 and SharePoint Server all support the OAuth (Open Authorization) protocol for server-to-server authentication and authorization. With OAuth, a standard authorization protocol used by a number of major websites, user credentials and passwords are not passed from one computer to another. Instead, authentication and authorization is based on the exchange of security tokens; these tokens grant access to a specific set of resources for a specific amount of time.

There are three server-to-server authentication scenarios that are supported by Skype for Business Server 2015:

  • An on-premises installation of Skype for Business Server 2015 and an on-premises installation of Exchange 2013 and/or SharePoint Server
  • A pair of Office 365 components (for example, between Microsoft Exchange Server and Skype for Business Server 2015, or between Skype for Business Server 2015 and SharePoint).
  • A cross-premises environment (that is, server-to-server authentication between an on-premises server and an Office 365 component).

If you do not need to communicate between any of these servers, you do not need to configure this. Also, if you already have configured server-to-server authentication for Lync Server 2013 and other applications, there’s no need to re-do it for Skype for Business Server 2015.

Continue reading

Leave a comment

Filed under OAuth, Skype for Business Server 2015, SQL, Step by Step