In a past blog post, I talked about how our Polycom phones wouldn't sign in a new or difference user. After A LOT of troubleshooting, I found out tls 1.0 is getting blocked somewhere in our network, which is not allowing the phones to reach the ports they need.
Recently, I have been working on Direct Routing in Teams. I wanted to move myself to TeamsOnly (bye bye Skype) but received an error:
User is homed on-premises in a Skype for Business or Lync deployment. On-premises users can be upgraded to Teams using Move-CsUser in the on-premises tools. For details, see http://aka.ms/UpgradeToTeams
I thought, okay, no problem, I'll do what they say and use PowerShell. BUT low and behold, I received the same error message. This told me a lot and helped me figure out, fairly quickly, what the command was looking for on the backend and helped me down my path of yet, another, tls 1.0 issue.
Rather than spending the next, however long, to continue my search of finding where it is getting blocked. I thought, why do I have to use tls 1.0? So I found a command to force PowerShell to use tls 1.2, so I can move my account to TeamsOnly and move on with my life!
Open PowerShell on your Skype server or install the modules (search for past blog post). And run these:
[Net.ServicePointManager]::SecurityProtocol =
[Net.SecurityProtocolType]::Tls12
move-csuser -identity username@domain.com -target sipfed.online.lync.com -useoauth
You are now on TeamsOnly!
So, you might ask, but....what now?
Well, It's simple, I added the commands to my script for when I move more users to TeamsOnly for the pilot. But yes, yes...I will still work on where tls 1.0 is getting blocked, in my spare time ;)
Comments