The Remote UC Troubleshooting Tool (RUCT) V3

Download

Description

RUCT is a free Windows utility for remotely diagnosing Skype for Business (SfB) and Lync Server connectivity and sign-in issues. Specifically, it helps to diagnose DNS configuration issues, certificate issues, and other SfB or Lync client problems. It is not an official Microsoft tool – it is my own tool that I developed to help people diagnose and resolve issues.

New Feature Summary (March 2017)

·         The ability to specify the DNS Server used to use to resolve the DNS records

·         The RUCT.exe is now signed (with my personal certificate).  This will save having to unblock the file and help with security and virus detection software

·         Support for Skype for Business 2016 Client and x64 Build Version Detection

·         Updated Skype and Lync Client Version Event Log and Logging Tracing Folder Launcher

·         Better support for new Windows clients such as Windows 10

·         Support for .NET Framework 4.5 or above

·         Added DNS records:

o   SfB online clients connecting to Office 365

o   More Edge server DNS records (i.e. webcon and av)

o   Autodiscovery records for newer SfB and Lync clients

o   XMPP records

Full Feature Summary

 

The tool offers 4 primary features:

 

1.      Easily Query Important DNS Records used by Microsoft Skype for Business (SfB) &Lync Server.   DNS queries for the following DNS records are issued:

·         All SfB & Lync internal and external records used for automatic sign-in.

·         SfB sign-in records used for SfB Online (in Office 365).

·         SfB & Lync Server Simple URL records used for Dial-In, Meetings, and Administration.

·         Home registrar location records used by SfB & Lync devices.

·         The automatic partner discovery record used in an Open Federation configuration.

2.       Test Network Availability.

·        The hostname and port belonging to any matching DNS SRV record, or IP address belonging to an A record, can easily be tested for network connectivity.

·         A TCP connection is attempted for hostname’s and ports, and a ping is attempted for IP addresses.

3.       Certificate Retrieval, Installation, and Export.

·        The tool can remotely retrieve X.509 Certificate information on any SfB or Lync Server port that is secured using TLS (or SSL).  Certificate information returned includes the Common Name (CN), Subject Name, Issuer, Certificate Authority, Expiry Date, Creation Date, and Subject Alternative Names (SANs), and the complete certificate chain.

·        The remote certificate can also be installed locally or exported to a file.

4.       Easily Retrieve Important SfB or Lync Client-Side Troubleshooting Information.

·        Important client-side environment settings such as O/S version, 32-bit or 64-bit, current domain credentials, and SfB/Lync sign-on settings are automatically retrieved and consolidated in one place.

·        Recent SfB & Lync specific event log errors and warnings can be retrieved with one-click.

 ·       Retrieve client settings stored in the registry such as SIP user and server addresses, and the client product name.

 

Detailed Feature Descriptions

 

1] Easily Query for Important DNS Records used in Skype for Business & Lync Server.

 

The tool queries for different types of DNS Service Records (SRV), Address (A), and Canonical Name (CNAME) records used in SfB & Lync.  It queries the DNS server configured on the client machine and displays the results for the following DNS records:

 

a) Automatic Sign-in Records (used by the SfB or Lync clients to locate a SfB or Lync server to sign-in)

·         _sipinternaltls._tcp.<domain.com>

·         _sipinternal._tcp.<domain.com>

·         _sip._tls.<domain.com>

·         _sip._tcp.<domain.com>

·         sipinternal.<domain.com>

·         sip.<domain.com>

·         sipexternal.<domain.com>

 

The preferred DNS match (that the client will first attempt to use) is then highlighted in the results.

 

b) Office 365 Sign-In Records (used by the SfB or Lync clients to locate the SfB Online server in Office 365 to sign-in)

·         sip.<domain.com>

·         _sip._tls.<domain.com>

 

c) SfB or Lync Devices Records (used by Lync devices to locate a home registrar)

·         sipinternaltls._tcp.<domain.com>

·         _sipexternal._tls.<domain.com>

·         _sipexternaltls.<domain.com>

·         ucupdates-r2.<domain.com>

·         _ntp._udp.<domain.com>

 

d) SfB/Lync Simple URL Records (used by Lync if DNS is the chosen simple URL configuration)

·         meet.example.com

·         dialin.example.com

·         admin.example.com

 

e) Federation (used by partners to automatically discover your Edge)

·         _sipfederationtls._tcp.<domain.com>

 

 f) SfB & Lync Mobility Auto-discovery Records (used by Lync mobile clients to auto-discover the Lync mobility service)

·         Lyncdiscover.<domain.com>

·         Lyncdiscoverinternal.<domain.com>

 

2] Test Network Availability.  

 

A user can click on any of the DNS sign-in records that returned a match (resolved on the client) and then test the associated network connectivity in one of two ways:

1.       For a hostname and port, a TCP connection is attempted to the hostname and port.

2.       For an IP address (associated with the matching DNS record), a ping is attempted.

 

 

3] Certificate Troubleshooting.  

 

The tool offers several actions to troubleshoot certificate issues.

 

a)      Remotely Retrieve Certificate Information.  

Any SfB or Lync Server or certificate can easily be retrieved remotely from the tool.  All the certificate information such as the Subject, SANs, Expiry Date, and Chain information can be retrieved and viewed.  This information can then be used to debug certificate issues.  To make it easier to identify the Lync Server network endpoint where the certificate is used, a user can click on any of the DNS matching records (from the DNS Information tab) and remotely retrieve the X509 Certificate with the associated hostname and port.

b)      Install the Certificate (including the certificate chain).

Once the remote certificate has been retrieved, a user can choose to install this certificate into the local trusted store.  This is very useful in lab environments with self-signed certificates, or in situations where the certificate authority is not trusted locally, but is a trustworthy certificate authority.

c)       Export the Certificate.

Once the remote certificate has been retrieved, a user can export it to a *.pfx file.

 

 

4] Client Troubleshooting Information

 

The tool offers easy access to important client side troubleshooting information.

 

a)      Automatically Displays Important Environment Information.

·         Sip Address                     

·         Sign-In Method (Configuration Mode)

·         Internal and External Server Addresses

·         Client Version and Install Path            

·         Machine Name, O/S, and O/S Version      

·         System type (32 or 64 bit)

·         User Name and Domain         

a)      Launch Windows Explorer to the SfB or Lync Client Tracing Directory. This is the directory where the SfB/Lync client log files are stored.

b)      Get SfB & Lync specific Event Log Errors and Warnings.

With one-click the most recent 20 application event log entries where the source is “Lync” (used by the SfB client as well) and type is Warning or Error are returned. A maximum of 1000 of the most recent entries will be searched to limit performance problems.

 

Screen Shots

 

Query Important SfB and Lync DNS Records

 

 

Set the DNS server to issue the Query Against

 

 image

 

Certificate Functionality

 

 

 

Client Troubleshooting

 

 

 

To Use

1.      Click on the download link and save the file on the client computer where the Skype for Business or Lync client is running.

2.       Extract the RUCT.exe file.  Right-click | Properties.  You might have to “Unblock” it.  Double-click it to run the tool

3.       Enter a SIP address or SIP domain name, and press Go.

4.       Optionally select a matching DNS record result and test the port connectivity or retrieve the certificate information from the Certificate Information tab.

 

Support

This tool is offered on a best effort basis by Curtis Johnstone. No formal support or warranty is offered, implied or intended.

 

Tested On

·        The tool was tested on Microsoft Windows 10, Windows 8.1, Windows 7.

·        The only language it was tested with is English.

 

Copyright

·         This tool is Copyright © 2017 Curtis Johnstone and cannot be distributed without explicit permission.

 

Known Issues

March, 2017 (Version 3)

1.       No Support for Multiple IP Addresses. The tool currently does not support DNS lookups for A records with multiple IP addresses.  The tool will return <null> for the IP address.

2.       Invalid DNS Sub-domains Might Resolve.  Some DNS servers will return A records for FQDN records such as sip.<garabage>.domain.com and “meet.<garbage>.scriptlogic.com and the tool will display those results even though they are not valid Lync and SfB records.

3.       No IP Address for a SRV Record.  If a DNS SRV record match does not contain an associated IP address for the hostname that is returned, no IP address will be shown in the tool for that SRV record.  That does not mean that a separate A record with an IP address does not exist.  When an action is carried out on the SRV record (i.e. test port or get certificate information), the tool will do an implicit A record lookup and attempt connecting the associated IP address.