As we look to move away from SHA-1 internally, there is a need to once again update our Lync Phone edition devices, this time with the December 2015 phone edition cumulative update that provides support for SHA-2 based certificates ( https://support.microsoft.com/en-us/kb/3108721 )
The process is very simple to implement, though you'll need some patience...
First of all, you'll need to bring your updates into your Lync environment. You can't do this via the GUI so you'll need to jump into the Lync Management Shell.
The cmdlet you want is Import-CsDeviceUpdate (Technet page here)
The parameters you'll want to use are -identity , used to point the cmdlet to your pool and -FileName to point to your extracted UCUpdates.cab
Something like...
Import-CsDeviceUpdate -Identity service:WebServer:lync.dshu.local -FileName C:\Updates\UCUpdates.cab
The cmdlet will take a few seconds to complete but once done, the updates should be visible within the Lync Server Control Panel > Clients > Device Update. Devices should now show a Pending VersionYou can also confirm the import was successful by accessing the Lync File Share and looking inside the Device Update Store -
\\localhost\lyncshare\1-WebServices-1\DeviceUpdateStore\UCPhone\POLYCOM\CX600\Rev-6\ENU\4.0.7577.4487\CPE
Now that your updates are imported, you can configure your test device..
- Open the Lync Server Control Panel
- Go to Clients > Test Device
- New > Global / Site Test Device
- Give the device a name that makes sense and then add the phone’s MAC address or serial number in the "Unique identifier" field
- Now wait...or...
The theory goes that the device will check to see if there are updates available within a minute of going idle. Once this timer is hit, the device will wait for a further 10minutes before beginning the installation - the idea being that the device is truly idle and can be updated without impacting upon a user. However, if you reboot the phone it will sign itself back in (assuming it was signed in), lock and immediately start your inactivity timer.
Logs can be found in C:\inetpub\logs\LogFiles\W3SVC and will give you an idea as to what is going on throughout the process.
The key to having your device update as quickly as possible is to leave it alone - resist the temptation to touch it!
Logs can be found in C:\inetpub\logs\LogFiles\W3SVC
The key to having your device update as quickly as possible is to leave it alone - resist the temptation to touch it!
FYI - Updates do not need to be approved to be installed by test devices
No comments:
Post a Comment