Skype Academy presents On-premises PSTN connectivity using Cloud Connector Edition (CCE) Summary

In the series of Cloud PBX Skype academy videos this is Cloud PBX using on-premises PSTN connectivity using Cloud Connector Edition (CCE). This is where you don’t have an existing Lync or Skype for Business Server deployment so greenfield but you have the requirement to use your existing PSTN connection with Cloud PBX.

CCE is a smaller footprint on premises deployment than deployed a full server deployment. Users are all homed online and CCE is used to connect to your on premises PSTN for Cloud PBX users.


Brian nice, principal program manager in Skype product group at Microsoft.

This is based on CCE version 1.4.1 release

What is Cloud Connector and Architecture


Cloud Connector is an extension to SfB Online Service

provides PSTN interconnect for SfB Online users.

Users are homed in SfB Online but PSTN is coming via the on premises Cloud Connector. User still leaves in the cloud but interconnect for PSTN is deployed on-premises.

Cloud connector is a dedicated hypervisor running Hyper-V that has set of sealed virtual machines (4), the VMs perform discrete functions such as Edge, Mediation server, domain controller and CMS.

This is a dedicated appliance and the components work in tandem with each other. The Active Directory deployed in CCE is for the its own environment it has NO communication or integration with an existing on premises active directory. Its its own forest.

The appliance has sip trunks to PSTN Gateways, dial plans is assigned online based on where the user is located. There are options online to restrict internally dialling.

External DNS (SRV and lyncdiscover) is pointed to SfB online not on premises! (There are External DNS records required for CCE but client discovery is pointed to SfB Online)

Key to note in version 1.4.1 there is no support for co-existence with an existing on premises Lync or SfB Servers. Key to note.

There is no media bypass so media always flows via the mediation server!

Users can be created on premises or created in the Cloud. Most organisations will have AD sync via Azure AD connect so users are synced to online.

Below Johns signing in to Skype for Business Online, his SfB client talks to SfB online when John makes a PSTN call now the call signalling is routed from SfB online down to Cloud connector. The call signalling from SfB Online infrastructure to CCE edge to CCE mediation to CCE PSTN GW.


Media traffic will flow via CCE Edge as John is external and on the internet then from CCE Edge to CCE Mediation then from CCE Mediation to PSTN GW.

Media bypass cant be used as discussed earlier




Follow TechNet documentation using the link below

Also worth checking is Skype operations framework

Capacity and PSTN connectivity types are key as these can be different at each site.

Firewall – make sure all required ports are open.

Make sure you have your office 365 Administrator credentials.



Critical one to start with no existing on premises deployment of Lync or Skype for Business server deployed on premises. The current version does not support co-existence!

Qualified PBX / SIP trunk / SBC / Gateway for a full list go here

Dedicated hardware is required for hyper v. the hardware is dedicated for CCE.

Capacity is key and with two different flavours based on hardware specs.

  • Large – typically 500 calls per cloud connector
  • Small – 50 calls per cloud connector (Great for Proof of concepts or smaller call concurrency site requirements)

Hardware spec from above URL

The necessary hardware to support installation of the 4 VMs for each Cloud Connector Edition in your deployment.

  • The following configurations are recommended: (Large 500 simultaneous calls)

    • 64-bit dual processor, six core (12 real cores), 2.50 gigahertz (GHz) or higher

    • 64 gigabytes (GB) ECC RAM

    • Four 600 GB (or better) 10K RPM 128M Cache SAS 6Gbps disks, configured in a RAID 5 configuration

    • Three 1 Gbps RJ45 high throughput network adapters

  • If you choose to deploy the smaller version of Cloud Connector Edition that supports up to 50 simultaneous calls, you will need the following hardware:

    • Intel i7 4790 quad core with Intel 4600 Graphics (no high end graphics needed)

    • 32 GB DDR3-1600 non ECC

    • 2: 1TB 7200RPM SATA III (6 Gbps) in RAID 0

    • 2: 1 Gbps Ethernet (RJ45)

General guidelines, you can up to four Cloud Connecters per PSTN site.

PSTN site is defined in cloud connector when registering. If you have N+1 model with 500 per CCE and 3 active and one idle that gives 1500 simultaneous calls.

N+1 allows for one CCE to fail and still keep 1500 simultaneous call. You could go for all 4 CCEs active and have max 2000 but if one failed you will lose 500 straight away and there’s a risk.

With smaller CCE you can do the same but call capacity is lower with 50 calls per cloud connector, with N+1 again 50 * 3 = 150 simultaneous calls.

Deployment Planning


Host server runs Hyper-V and require internet access, public DNS resolutions and remote PowerShell.

GPO required to prevent forceful unload of user registry at logoff.

Base VM requires internet access and public dns resolutions

External DNS records are required for CCE Edge server and with HA if you have 3 CCEs in one site in HA then you have to have that edge name listed three times. External DNS is critical.

External certificates are required, certificate requests and have certificate available in .pfx format so it can be imported as part of the installation process of CCE. Details available here

CloudConnector.ini – CCE Configuration file


The CloudConnector.ini is critically important and controls almost everything.

IP Addresses, small or large CCE.

Don’t mess this up if there is a mistake is a start over job.

There a deployment checklist, this is printable and recommended to be printed so all details can be written and ensured.

There isn’t a CloudConnector.ini file by default but you can generate one as noted above using export-ccConfigurationsamplefile.

You have to have this file updated before you create a base VM and you need the values for the base VM and the base VM needs internet access.

There’s alot of settings in the .ini recommended to visit here

HA and Multi side Planning considerations


Really important if designing with HA and multi site in mind that you consider the information above. Some parts are the same and some are not with multisite.

Single site with HA (Multiple CCEs up to 4)

Shared folder – same shared folder on all CCEs instances

Virtual machine domain – same across instance

SIP domains – same

Site name – same as they are in the same site

External FQDN – (Access edge) same across all CCEs instance in the same site

External IP – different across instances

Hybrid tenant – peer destination is where a call exits office 365 it needs to know where to send the traffic to the edge single site. Multisite you can set failback as multiple sites.

Firewall Requirements – Internal



When deploy CCE appliance these are deployed in a DMZ as they need to allow connections from Internet and also be able to communicate with internal network.

Usually there will be an internal firewall protecting internal networks this table is for the internal firewall. so mediation server to PSTN Gateway.

Talk across internal firewall to internal network.

Default port range marked by * above this the default port range on mediation 4 ports required per call. These can be adjusted.

Gateway port is an example could be 5060 or 5061 this needs updating as required.

You can limit port ranges as well.

Firewall Requirements – External (Minimum)


There are the minimum ports required for external side of CCE this is between the internet and the external firewall. If you follow the minimum there may be some hair pinning issues.

Firewall Requirements – External (Recommended)


Here you can see the Cloud Connector Edge external interface is different, this allows for optimal media flow.


Following the planning is time to prepare the first host appliance and follow the steps above. Items in bold are required for first appliance only.

The share needs permissions for all CCEs in the same site.

Windows server 2012 iso is required to generate the base vhdx. this can be copied and pasted and used for other appliances.

Public certificate required upfront.

All appliances will be registered prior to deploying them, this registers with Office 365 so Office 365 is aware of all appliances in the site.

Last of all configure the PSTN gateways.

Deeper dive in to deployment


Who do we register ?

Management and HA.


i can view the PSTN sites and then view access edge for each site and if auto update is enabled.


All appliances need to know about each other for HA, by registering the appliance we know all the mediation servers on all appliance in a PSTN site.


Two different appliances with two different mediation server.

You can export this information as well and view


High Availability


You can have up to 4 Cloud Connector per one PSTN calling site.

Calls are distributed in random order between the cloud connectors. In the image below CC 1 and CC 2 are two different appliances.

Capacity planning is key, Large 500 per CCE 4 * 500 = 2000 with N+1 = 3 * 500 = 1500 allowing for one CCE to fail

Johns signs into Office 365, johns calls a pstn number, this call will be routed to the PSTN via CCE, johns account is assigned to a PSTN site so when call does out the online infrastructure will route out to one of the CCE edges then from edge to mediation to PSTN GW.

Media is sent edge to mediation and mediation to PSTN GW.


Second user signs into Office 365 and this time the call is routed to CCE 2 on the same site and signalling and media flow is the same.


Manage HA Mediation Pool


First you register then install and all is working, all mediation knows about each other.

But now i want to add more and add a third

so i register, the third appliance knows about all of them but the first two don’t. On the first and second appliance we need to update their configuration  by running publish-ccappliance cmdlet and this instructs existing appliances to update their topology and it will show a third was added.

What happened if i need to remove one we now unregister from Office 365 and again we need to publish and ensure the remaining appliances know one has been removed.

Media flow – outbound PSTN call from internal user


Dave is on internal network, he signs into Office 365, now he makes external pstn call, when the call reaches Office 365 first it does reverse number lookup to check if its a number for a sfb user, its not so the call is routed to Cloud Connector so its routed to Dave sites Edge, then mediation then gateway.

Media – Dave is inside the network so the media can be sent to the mediation server direct. Dave cant send his media direct to PSTN gateway as media bypass is not supported.

Media flow – Inbound PSTN call to internal user

Inbound call comes into the PSTN GW and into the mediation server then to the edge server then to SfB Online and then SfB online looksup the number and finds this is Dave and send an invite and can answer the call.

The media will go PSTN gateway to CCE Mediation then to Dave as he’s internal.


Gateway Affinity


On premises you have M:N one mediation pool can talk to multiple gateway and multiple gateways can talk to multiple mediation servers.

Same with Cloud Connector, All PSTN GWs can talk to all Mediations, PSTN GW chosen is round robin, If GW1 cant accept call it can be rerouted. With HA CC you need multiple GWs.

For planning you also need to consider PSTN GW and PSTN capacity.

Multi site scenario


Multiple Cloud Connectors with multiple sites.

Above Seattle (PSTN Site 1) within this site it has two Cloud Connector appliance deployed this provides HA

Secondary site Amsterdam (PSTN Site 2) also with multiple Cloud Connectors deployed.

Here we can assign users to specific sites. John is assigned to PSTN site 1 and Komanal is assigned to PSTN site 2.

Johns calls will go via PSTN site 1 and Kormmels via PSTN site 2

There is NO DR between sites. In the event Amsterdam (PSTN Site2) goes offline there’s no automatic failover so calls go out the US (PSTN Site1). This is manual DR but considerations for inbound calls are required.

You can change the users site associated to PSTN site 1 but this would work only for outbound as inbound relies on Sites 2 PSTN connections. Also remember calls will be routed out of another country which could have legal implications and network latency may not be optimal.

Post Deployment


Once all appliances are deployed and ready to go, you configure your tenant and enabled sharesipaddress space and set peer destionation and useonpremdialplan to false.

Best practice to assign users to PSTN sites but –peer destination is a failback.

New in 1.4.1 is auto updates, this automatically update the hosted and machines and Cloud Connector edition, auto updates takes care of this.

You need to configure a time windows for these updates to occur in. As improvements are made to the SfB Online service auto update will keep CCE inline as well.

It builds a new set of VMs in the background side by side and then drain active traffic and switch to new VMs. Existing VMs remain in place incase we need to switch back to them.

Thinks of the VMs as sealed VMs so don’t add antivirus or customise them as they will be replaced. Host can have AV but vm are sealed.

Post Deployment – Auto Update Configuration


Check its enabled and then check when its enabled for.

You can create custom autoupdate time windows and defines days and week and time.

you can have up to 20 custom time windows

You need to assign the custom update time window to the PSTN site.

Post Deployment – Configure Users


Now for user you need to assign cloud PBX licence and enable users.

Dial in conferencing is from the service you cant bring a conferencing number with Cloud Connector. It comes from PSTN Conferencing from SfB online only.

Voicemail is provided by Azure Voicemail, Exchange UM does not provided voicemail services, but the client wants part of Exchange UM enabled.

Assign user to PSTN Site (Case sensitive) this is where you associate user to cloud connector site.

You can restrict international calls as well.



Cloud Connector has a management service for auto recovery, auto update and event viewer has CceManagementService

The management service can show errors on remote PowerShell sessions


Above you can see Registration status is showing error and then an error message is displayed RTCSRV not found or not running

The management service can try and recover these and below its fixed it.

Updating to version 1.4.1


Recommended to upgrade to version 1.4.1 if your running an older version, 1.4.1 would be the last manual upgrade method.

You need to uninstall older version from host and install the new version.

You need to get new .ini file version and make sure its updated with your information on each cloud connector. The upgrade process is straight forward. start download, register and install with upgrade switch.

With existing HA do one at a time.

You can update credentials as well.


Skype Academy Presents Cloud PBX with on premises PSTN via on premises server Pool Summary

Another in the series of the Cloud PBX technical training available on Skype Academy.

This is a summary of the Cloud PBX with on premises PSTN calling session. Name a little confusing but its covering Cloud PBX with on premises PSTN via on premises server Pool

This scenarios is where you have an existing Lync Server or SfB Server deployment deployed on premises and also have requirement to use existing PSTN connection deployed on-premises. Cloud PBX users are homed on SfB Online.

Lets go!


As always the training disclaimer


Cloud Features and functionality is subject to change and new features are continually being added so important to ensure you look out for the latest training videos. This is Jan 2017 and again presented by Thomas Binder, senior Program manager in Customer experience and deployment team


Topics for this session


Key Learning’s


Use Cloud PBX with your existing infrastructure and on premises PSTN connections which may still be in contract.

Phased transition  of moving users to Cloud PBX

Important to enable users on premises first and then move to Office 365.

What’s in scope for this training?


Similar to Cloud PBX introduction here is structure of training available and this is the session for on premises PSTN connectivity. White boxes are training sessions and blue are for structuring purposes only.

Goal to understand Cloud PBX via on premises pool




Allows you to use existing Lync / SfB server on premises to connect to the PSTN and place and receive calls.

You must have hybrid with SfB Online and share the same sip domain.

This allow you to move users seamlessly between on premises and online depending on users requirements

For Cloud PBX with on premises PSTN connectivity users will be required to be move online but the online users can leverage the on premises PSTN connection.

Signalling and media, once user is homed in SfB online all signalling for user will go to SfB online however for media will go directly to SfB on premises infrastructure.



Utilise existing environment, SBCs, PSTN contracts, PBXs

Users homed in Office 365 and leverage existing investments

Cloud PBX with PSTN calling may not be available in your region

Provides a simple migration path to SfB online and you can slowly migrate users to use Cloud PBX

Smaller hardware footprint / Less load on server as workloads on premises will move to SfB online such as signalling, meetings , IM and presence.

When to use Cloud PBX with on premises PSTN connectivity?


Touched on above but you could have users in a region where Cloud PBX with PSTN calling is not available. (Currently PSTN calling is only available in US, Puerto Rico, UK, France and Spain) more regions coming soon.

requirement to keep existing carrier contracts for example you could have a 5 year PSTN contract to preserve low call rates.

Slowly move users to Office 365 this is a great way to start and validate SfB Online and you can use existing investments on premises.



You need to meet all the requirements

  • Your existing Lync / SfB server deployment must have a SfB Edge server role deployed for external connectivity and federation enabled. (Not sure on the requirement for a SfB 2015 edge as i believe 2013 edge is supported for hybrid as mentioned here)
  • Front end and mediation servers can be Lync Server 2013 or SfB Server 2015
  • Server must meet Cumulative update requirement, latest update is recommended.
  • SfB need to be configured for Hybrid, more details here.
  • Active directory synchronization
  • Correct firewall config in place
  • Enterprise Voice deployed so mediation server role is deployed with PSTN connectivity fully configured.

On premises planning considerations


Mentioned above was the potential for reducing workloads and load on existing on premises infrastructure but there also potential for increasing load as well.

Reduced load can come from offloading meetings, pstn conferencing

Media by pass is not supported for Cloud PBX with on premises PSTN connectivity

PSTN calls for all users will need transcoding on the mediation server!

If you have media bypass enabled today and users are moved then there could be extra load on the mediation servers.

Service Numbers


Required for certain cloud pbx services and offers high capacity for call queues, Auto attendant and PSTN conferencing.

You can get new or port existing numbers.

You can have toll or toll free, toll means caller pays to call the number, toll free means you will pay for the call and PSTN consumption billing is required for this.

Telephone numbers – New of bring your own


New numbers are easiest method and is available via the Office 365 admin portal, user number and service numbers are available from supported countries, regions, cities.

You can bring your own numbers as well via porting process, where users can keep their existing numbers which will be moved to SfB online so no new business cards or communication of new numbers is required. More details are found in the Cloud PBX will PSTN calling session here

Consumption based billing


Very important for use of toll free numbers and important to ensure their is funds available otherwise services will not work. Funds can be one time or auto recharge, with one time funding you need to be very careful your funds don’t run out so auto recharge is recommended for safety and not to stop services.

Use for Toll free dial in conferencing, call queues or AA (CQ and AA in preview currently)

Dial out conferencing – dialling out to a country that not included in PSTN conferencing subscription

Users with Domestic PSTN calling plan that want to call internationally.

You can see that PSTN consumption although optional is used in a number of scenarios so be careful.

Call routing and call flows



Two scenarios

  • Inbound call flow
  • Outbound call flow

Inbound call flow

  • A caller calls a users the DDI / DID of the user, this use will terminate on premises PSTN gateway.
  • Call is first route to on premises SfB to check if the user is homed on-premises or online using AD lookup
  • Request is proxies out via the edge server on premises to SfB Online (using federation route, so signalling goes to SfB online)
  • From SfB all endpoints of signed in use will now ring.
  • Is the call is accepted, media is routed locally (if user is internal to the network) or through companies edge server (if user is external to your network)
  • If call rejected media is routed to Cloud PBX Voicemail (VM provided by Azure VM in Office 365)

Outbound Call Flow

  • The SfB User initiates a PSTN call
  • SfB client normalises the number based on assigned on premises dial plan
  • Client sends invite from Office 365 to On premises front end and then call is routed to PSTN



User hosted in Office 365

First client signs in and use DNS and in hybrid this point to on premises in step 2, the user will authenticate and redirect to Skype for Business online in step 3. The user signs in against Skype for Business Online. from this point forward all signalling will go to Office 365.

Peer to Peer Call Flow (Online user to online user)


Dave calls john, both users are online users, Dave types the phone number of john in his client, SfB does a reverse number lookup and finds john which the phone number and johns on SfB so don’t call via PSTN do a direct peer to peer to call. The invite is change from phone number to sip Uri. John is informed Dave is calling. Media will flow peer to peer. There are on the same network.

Peer to Peer (On premises user to Online user)


Kathy is homed on premises, she wants to call Dave, again she dial Dave’s phone number, the invite sent to FE server and again does reverse number lookup, FE discovers user is SfB online user so FE sends to edge server to Office 365 and invite is sent to Dave. Both users are internal so media will flow point to point.

Incoming PSTN call – SfB Online user on internal network


Dave receives an incoming call from PSTN to PSTN GW to FE, the FE find Dave is in SfB Online, signalling is sent to Edge Server to Office 365 and invite is sent to all endpoints. Dave answers call and media is established, media 5a flow from Dave whos local to Front end and 5b from FE to PSTN GW. Media cant flow directly from Dave to PSTN GW as media bypass is not supported with Sfb Online.

Incoming PSTN call – SfB Online user on external network (Internet User)


John is connected on the internet and connected to Office 365, incoming call from PSTN to PSTN GW, to FE to Edge server to Office 365 and invite goes to JOhn. Same process as internal user.

John answers call, John cant talk to the front end server so must speak to Edge server , to FE server to PSTN GW. If John cant talk to Edge server on premises then John may have to send traffic to Edge server in Office 365 then to the on premises Edge Server to FE to PSTN Gateway.

Media will stay as local as possible. John is external so must connected via Edge server.

Outgoing PSTN Call – SfB Online users on internal network


Dave wants to call a PSTN number, dave homed on SfB online, and signalling goes to Office 365, Office 365 attempts to do reverse number lookup if it matches a number for a user, it doesnt so it goes to edge server, front end server, FE check if dave is allowed to call this number and to check what PSTN GW to use. Media will go as direct as possible, Call goes from dave to Mediation to PSTN GW. No media bypass so media does to Mediation server first.

Outgoing call – SfB Online user on External network (Internet)


John is outside of the internal network on the internet, john want to dial a PSTN number, step 1 signalling does to Office 365, Office 365 does reverse number lookup to check if number belong to a user, If it doesnt match from Office 365 sends to Edge server, to FE to PSTN GW. For media as john is external john cant talk direct to mediation server so must first go route via the edge server to the front end to the PSTN GW.

Outgoing Call – Multi site scenario call flow – more complex


John is external to the network on the internet but we have two sites, (Redmond and Amsterdam).

Johns a US number so calls should ideally route via the US site in Redmond


Signalling is sent to Office 365 and reverse number lookup is performed


Reverse number lookup fails so signalling sent to On premises to the federation route Edge server which is Redmond in this example


Signalling sent from Edge server to Front End server, Redmond FE checks voice policies and the PSTN GW to route to.


then from front end server to Redmond PSTN gateway


Overall signalling path


Media path for the call

Media will go to the local edge server for the mediation server that is being used which is Redmond in this example, media travels direct from John to Redmond edge, from edge to mediation to PSTN Gateway.,


John now dials a Europe number


This environment is configured for all calls in europe are through amsterdam gateway.

again signalling is sent to Office 365 infrastructure for reverse number lookup which fails so its a pstn call.


Signalling sent to federation route edge server which is Redmond (NOT Amsterdam),


Edge server sends to Redmond front end server and the Redmond front end server detects the call is supposed to be routed via Amsterdam. So the Redmond front end sends the signalling to the Amsterdam front end server which has collocated mediation server role


From here the signalling goes to the Amsterdam PSTN GW


Media flow


The media will flow to the local edge server which the mediation server role is being used which is Amsterdam.

Media will travel from John to Edge in Amsterdam, to Mediation server to PSTN GW. Media direct from user to edge server.

If this flow is not direct john will send all media to Office 365 then Office 365 to On premises edge, mediation and PSTN GW.

This routing logic is configurable in your environment, where calls can go to local breakouts for least cost routing or all calls can go via a single site for example Redmond.

User enablement


How do we enable users for Cloud PBX for on premises PSTN calling, there are a number of steps that are required to be configured on premises AND online!

Recommend Deployment Workflow


Steps shown above are the recommend way, there are other ways but are not as easy. recommended to follow this.

1. Starting with configuration with PSTN ingress point.

This could be a PBX acting as PSTN gateway or an SBC or direct sip trunk into SfB. this needs to be completed only once. New offices and new locations will need to be added as required.


2. select group of SfB online user to be enabled for Cloud PBX

Important to select the right people and select the people that will benefit most from using Cloud PBX. Start with a small group and learn and expand to more users.


3. Enable users for enterprise voice and assign a DID / DDI. Can be done later but easier to do this now.


4. Assign dial plan and voice policy


5. Ensure you have Active Directory synchronisation (AAD Connect) so it ensure all the users information is replicated to Office 365 and Office 365 will be aware of these users. This is needed for reverse number lookup and which policies are assigned.

6. Now we move to action Online and assign Cloud PBX licence to the users (E3 add on or E5)


7. Move users to SfB Online (All previous steps are to be completed whilst users is homed on premises)


8. Enable for Cloud PBX and enable voicemail



Features and Class of services


Table shows features defined, dial plan and PSTN usage records with on premises and Cloud PBX. Some settings are different.

For on premises users features are defined in on premises voice policy, for online users this is defined in Online pre defined voice polices.

Dial plans are managed differently on premises or online, online dial plans are currently pre configured only until online custom dial plans are released.

PSTN usage records use both on premises voice routing policies

Actions in the Cloud


In SfB Online you need to assign policy for hosting voicemail and enable users.

Here you can see a cloud pbx licence is assigned but enterprisevoiceenabled and hostedvoicemail are both false so these need to be enabled using set-csuser.




Now they are both true.



Now users are enabled how to manage and monitor


Configuration is complete and for user management we have on premises Control Panel and Management Shell, for cloud users we can use admin portal for remote PowerShell. Most user management can be done on premises and are synced to Office 365.

Monitoring is key to understand.

  • CDR are collected on premises so you need the monitoring role deployed
  • QoE (Quality of Experience) is reported online and available in Call Quality Dashboards



  • Cloud PSTN with on premises allow you to continue using existing investments, PBX, PSTN Gateways, PSTN carriers.
  • Allows for phased transition and migration.
  • Must enable users on premises first then move to SfB Online






Cloud Connector Edition Update 1.4.2 Key Points and useful info

Been looking around what information is available about the pending 1.4.2 update for Cloud Connector Edition (CCE).

This will be the first automatic update release so if your on version 1.4.1 or below i recommend just looking over and checking your setup. Also the update will follow the update schedule that has been defined on the Hybrid PSTN site. Its worth checking what time is set now before the update is released.

The noted expected release date is 20/3/2017 so not long to go but this date is pending final testing and confirmation it mentions.

Below are some great links from TechNet Blogs i recommend looking over before the 20/03/2017 so you can check over your existing deployment, understand the automatic update process and also automatic recovery process. Its always good to know the process just in case.

Brief Update Summary

Please prepare for the auto update and spend some time checking you have everything in place and your ready.

Auto Update will follow the update time windows that specified for the HybridPSTNsite, if an update is found at this time the update will start. The CCE Appliance will go into Maintenance mode (only one per site can enter maintenance mode at a time) the update tasks will run and following update the appliance will be taken out of maintenance mode and repeated for any other appliances in the site. You can monitor the update process.

For updates Cloud Connector version is downloaded and management service stopped, Cloud Connector updates which removes old version and install new version, new Virtual machines are built side by side from existing VHDX file but note if the VHDX is older than 90 days the intall instance script will log a warning. Once all updates are complete and services runing the switch to the new version will takes places by changing virtual network connections to new vms, shut down n-1 version and remove n-2 version and appliance is take out of maintenance mode. Windows updates is then performed. As the older version is kept you can revert back to it if required.

There are also tasks to look at following the update as well so make sure to check your update version and tasks after update.

Prepare for Cloud Connector Edition Release 1.4.2

Also some key points i found on prepare

  • Expected release date for this is 3/20/2017 pending final testing. Look for release announcement here
  • If you are running version 1.3.8, refer to the manual update instructions Upgrade a single site to a new version in the Cloud Connector Edition (CCE) configuration guide.
  • make sure to export a new sample Cloud Connector configuration file after 1.4.2 is installed for reference, and update your existing configuration file with two new parameters defined in the Common Section: HardwareType and WSUS Server.
  • This update is important, as it is the first to automatically update all existing installed Skype for Business Cloud Connector 1.4.1 appliances, based on the update schedule that administrators have configured for their Cloud Connector Hybrid PSTN Sites.
  • Confirm Group Policy is Configured
  • Use of Forward PAI has been deprecated in 1.4.2 as it’s no longer required to resolve missing caller ID for outbound calls from Skype for Business Mobile clients which has been resolved with changes in outbound routing logic for Cloud Connector.
  • A bug in prior builds caused Cloud Connector account passwords to expire. If the passwords have expired, then the update will fail
  • If your Cloud Connector Office 365 tenant administrator password has been changed, update the cached credential
  • Also, make sure to export a new sample Cloud Connector configuration file after 1.4.2 is installed for reference, and update your existing configuration file with two new parameters defined in the Common Section: HardwareType and WSUS Server.

Understanding Cloud Connector Edition Auto Update

Key Points i found on Auto Update

  • If you do not update the Cloud Connector to the latest release, you might end up in the situation when your Cloud Connector will not work properly
  • Microsoft supports only the latest version of Cloud Connector software. Also, to accommodate Update Window, we support the N-1 version for 60 days after releasing a new version.
  • Auto Update Requirements
    • Outbound internet access to install, manage, and update Cloud Connector on Host Appliance.
    • Outbound internet access on all Cloud Connector VM’s to download Windows updates, or, access to WSUS server as defined in Cloud Connector configuration file.
    • Skype for Business Online PowerShell Module installed on Host Appliance.
    • CCE Management Service is running on Host Appliance.
    • Group Policy to prevent forcefully unloading user registry at log off (required for 1.4.1).
    • Skype for Business Tenant Admin account.
  • Confirm or Modify the Update Schedule for Hybrid PSTN Site(s)
  • When auto updates are enabled, the Cloud Connector management service will check for updates during the update time window configured. If updates are found, then the update process will proceed with the update.
  • Monitor Update Process – The Cloud Connector management service will log events to the Windows Application log with a source of CCEManagementService and detailed information will be written to “C:\Program Files\Skype for Business Cloud Connector Edition\ManagementService\CceManagementService.log”. You can also see the status of the appliance by running Get-CsPSTNHybridAppliance in Remote PowerShell or by viewing in on premises PSTN tab in the Voice section of the Skype for Business Admin Center.
  • Bits Update Process – During this process, the running version remains in service, and an interim switch is used to connect to the new VM’s. Once the new version installation is complete and services are confirmed to be running, the old version is drained stopped and the network connections are switched to the new version.
  • New virtual machines are built from the existing VHDX file. If the VHDX is detected to be older than 90 days, the Install Instance script will log the following warning:
    SFBServer.vhdx was generated more than 90 days before. Use Convert-CcIsoToVhdx to generate it again and apply windows updates.

Note: It is recommended that a new VHDX be built periodically to reduce the amount of time to perform Windows updates for new and updated Cloud Connector machines. It’s not supported to update the VHDX with Windows update and re-run Sysprep as there are a limited number of times that Sysprep can run on a computer.

Understanding Cloud Connector Edition Auto Recovery

Key Points on Auto Recovery

  • Cloud Connector will try to automatically recover an appliance if the Cloud Connector management service detects a service is not running.
  • Detection: Process for detecting an appliance status runs every 60 seconds and status is updated in the online tenant and cached locally in “CCE Site Directory\Site_EdgeFQDN”.

Monitoring: The following services are actively monitored:

  • Mediation Server: RTCSRV and MEDSVC
  • Edge Server: RTCSRV

To manually recover the appliance, first review the Cloud Connector management service log for details on what prevented automatic recovery from being successful.

If the current version of the appliance cannot be recovered, run Switch-CcVersion to switch to the backup version. After the backup version is confirmed running, uninstall the non-working version with: Uninstall-CcAppliance -Version “# of non-working version”.

Note that when the backup version is running, there will be no High Availability support due to inconsistent running and Cloud Connector script versions. Update to the current version as soon as possible, either by modifying the auto update schedule, or manually. For manual update instructions see Upgrade a single site to a new version in the Cloud Connector Edition configuration guide.

Cmdlets to check versions

  • Installed Cloud Connector script version: Get-CcVersion
  • Appliance running version: Get-CcRunningVersion

Useful References

RSS Feed –

Upgrade to a new version of Cloud Connector

Modify the configuration of an existing Cloud Connector deployment

Skype Academy Cloud PBX with PSTN calling Summary

Continuing with the summaries from Skype Academy i wanted to continue with Cloud PBX videos following on from the Cloud Voice Introduction.

There’s are number of Cloud PBX videos so ill release them one by one.

Part 1 – Cloud Voice Introductions Summary here

This is part 2 – Cloud PSTN with PSTN Calling


Lets go


Usual training disclaimer


This is January 2017 recording.



Key Learning’s


  • Microsoft Service for PSTN needs
  • Microsoft is your one stop shop
  • Microsoft provides phone numbers and service
  • New Services and countries are continually being added so its key to keep update
  • Networking is SUPER important from users to Office 365, its key to ensure a good user experience. Please refer and follow SOF



Diagram shows all training available for Cloud PBX.

White boxes so training available on Skype Academy, Blue boxes provide structure.

This session is CLOUD PBX with PSTN Calling. Understand and configure Cloud PBX with PSTN Calling.

What is Cloud PBX is out of scope, covered in Cloud PBX Voice introduction here

Dedicated training is available for subject like voicemail and networking.



  • Microsoft provide the service
  • One bill for all communication
  • One portal
  • Seamless user experience
  • easiest and best way to deliver PSTN connectivity to CLOUD PBX users
  • Flexibility for phones numbers with new or existing number via porting
  • Easy to manage, all configuration in one place
  • Support from one place
  • No need for servers on premises, No pbx or gateways or SBCS
  • All provided by SfB Online

When to use CLOUD PBX with PSTN Calling


  • If its available in your region (Currently USA, Puerto Rico, UK, France and Spain Only)
  • No need to keep existing Infrastructure
  • No long term contracts PSTN or PBX
  • Ideal for new deployments or new offices or end of life PBXs

High Level Overview of Cloud PBX with PSTN Calling


Endpoints deployed on premises and connected to Office 365 and Office 365 is connected to the PSTN network

Signalling and media go from on premises to Office 365



Any jitter, packet loss or delay it will affect user experience

Network from user to Office 365 is generally three networks

  • On premises network (in office wired or wireless)
  • From company network (internconnect network to office 365) usually internet service provider
  • Then Office 365 Network

Customer responsible for on premises network and interconnect network. This mean provide good performance, SOF network readiness planning will help to plan for this and test your network.

PSTN Calling Service Availability


Spain is not listed but is not available, so shows its important to check the most up to date information. Tried the URL listed but didn’t seem to work so i found this

Its defined on the user location not tenant location

It doesn’t matter if your Tenant location is not in a country listed for PSTN Calling service, if you have users located in a supported country they can use Cloud PBX with PSTN calling service.

In the future more countries will be added in preview first.

Last Friday i noticed on Twitter Tom Arbuthnot mentioned that Ireland and the Netherlands are now available for preview so most likely will be coming next to GA soon. Toms post here and can be found on the Skype preview site here

PSTN Calling Plans


The Cloud PBX licence is included with E5 plans and is an add on for E1 and E3. Having Cloud PBX alone does not allow for PSTN calling this is additional.

Users require a PSTN calling plan and there are two available in

  • Domestic (Calls within country)
  • Domestic and International (Calls within and outside your country up to 190)

Most countries are included.

PSTN Calling Service Minutes


  • Minutes are outbound only.
  • Inbound minutes are free.
  • Number of minutes for each user per month is dependent on the location and calling plan.
  • US get 3000 domestic and 600 international calling
  • UK and France 1200 domestic and 600 international calling

Minutes are pooled for users in the same country with the same plan.

For example two users in France with domestic plans a user may have used all their minutes but another user has only used half their minutes, the first user can use the remaining minutes of the other user.

If all minutes are consumed emergency calling will still work and go through

Consumption based billing can be used if all minutes are consumed

Premium rate numbers are not part of PSTN Calling service, all calls to premium rate number are blocked.

I did find however in the UK for companies lower than 10 users its allowed. More details here in section 10.

PSTN Consumption based billing


Optionally feature

Number of scenarios where its used

  • Conferencing Dial out
  • Toll free numbers for Dial in conferencing, call queues or AA
  • Used for users who use Cloud PBX with pstn calling, if they are calling a country that is not included in their pstn calling plan, users who only have domestic plan who want to call international

funding options

  • one time funding
  • Auto recharge

Recommended auto recharge, one time funding if used up it could block functionality from working which wouldn’t be good.

Phone Numbers and Porting



Bring your own numbers or new numbers from Microsoft

If you want to have new numbers its simple process and search by country state region. You can acquire more numbers than licences and theres a formula for this below.

You can bring your own so users can keep their phone numbers, no new business cards.

If you want to keep your own phones you need to create a port request.

Service Numbers


There are different to user numbers !

They support high volume of incoming calls

Configured differently in the backend

These can be toll or toll free

toll free requires pstn consumption with credit

You can port existing service numbers

How many numbers can i have / request ?

Number of phone numbers


User numbers

There is a calculation

its the number of domestic + domestic and international voice calling plans * 1.1 +10 so 50 users =

50 *1.1 +10 = 65

Service Numbers

Its different looking at licences for Cloud PBX and PSTN Conferencing

This using the table above.

if you have 1 – 24 you can have 5 service numbers and 5 toll free

Porting existing Phone Numbers


  • Important not to disconnect service with existing carrier, they are to participate in the porting process.
  • Turn off any special carrier features if applicable
  • Create port request, all numbers need to be from single carrier
  • if multiple carriers then each carrier will need its each port request
  • Company name is important
  • Billing telephone number and account number if set up
  • LOA signed by authorised party that proves these numbers can be ported
  • You can chose full or partial port where only some numbers are ported.
  • Number porting example in Office 365 admin portal

LOA examples and downloads can be found at the bottom of the post.


This is the middle of a porting request

You can only port numbers using the portal in the US

Other countries you will need to open a support request

In the US you can enter single or number ranges

You can port maximum 999 numbers if more a service request is required.

You can transfer all or a subset.

Types or porting


  • Standard
  • Project
  • Complex

Standard porting in the US can be done via portal, complex via service request

  • Single billing telephone number, single carrier single address. usually done in 7 business days providing porting request not rejected.
  • Project based above 100 numbers with single addresses, carrier, address  3 – 4 weeks
  • Complex – more than 999 multiple address, billing telephone numbers, single carrier. manually handling usually 3 – 4 weeks assuming no rejections. Service request required. Recommended if first time, test with single numbers to learn the process before moving all of them.

Emergency Services Dialling


Location is required so numbers are routed correctly to the emergency calling centre

Required when acquired or assigned to a user

In US its required when assigning to a user

Is other counties required when acquiring phone number

Important – emergency locations should be added up front.

Also different calling behaviour for rich client (windows or mac) calls will be placed within SfB, Mobile clients will be sent via mobile carrier for better service.

Flow of Emergency Calling (US )


Diagram is US specific!

Step 1 – Administrator defines location

Step 2 – address validated against master street address guide (US Only)

(Other countries uses Bing Maps to ensure address exists)

Step 3 – users Assign phone number and location and this information is stored in Step 4. Automatic location identification used in case of emergency. Users is configured but has not placed an emergency call

Step 5 – Users dials emergency phone number and is connected to operator (Call Screener) and confirms address with caller and transfer call to PSAP public safety answering point. US Only

(Other countries calls do direct to emergency service local the address, no call screener)

Address confirmed and address is set to dispatcher and emergency service and user is connected to local emergency services.

Additional Configurations


Dial Plans are used to normalise phone numbers

Users in the US don’t want to dial the +1 and want to dial 555 123 456

SfB will use the dial plan to normalise with the +1 in front

Today Dial Plans are defined on user locations, US phones will be normalised to US.

Tenant/ Custom dial plans are in preview now so recommend signing up at  You can also use extensions

Outgoing Caller ID Manipulations


By default the outgoing caller ID will be the user telephone number.

You can change this via PowerShell

Can be changed to a different phone number or block the caller ID being sent so unknown is displayed.

You can do this for all your users, per user or service numbers

Cloud PBX with PSTN Calling In Action


Lets take a look at this in action.

New Numbers


Administrator is signed into Office 365 admin portal and is requesting new telephone numbers for a new user.

Choosing new user number for a user, next we need to select country, region and city so we can get a the correct area code.


Chose the city, above US and California is selected.

You can also see above the quantity you can acquire

You enter the number you require and you can select the telephone numbers you want.

Define Emergency Locations


In the US this is done after acquiring a phone number but in other countries this must be done before acquiring telephone numbers.

The address is required to be validated as shown above and it will prompt if not correct as shown above.


Once Emergency location is added this listed under Emergency locations

You can select the location and add floor information as highlighted in red box below.


Next we need to assign the phone number to the user.


From Voice users tab select the user and from the drop down select a number and emergency location.

Emergency Calling disclaimer – Please read


  • Please note how Emergency calling is different with Cloud PBX with PSTN Calling due to the nature of SfB and its mobile use.
  • It will tell you emergency service centre may not know the exact locations as the user may be at home, travelling or customer so will prompt for the users location
  • There is situations where operator may ask for users actual location
  • If users has no power, network or internet SfB wont be able to call emergency services
  • If travel international then emergency calls shouldn’t be used as emergency wont be routed to the in country emergency services.

Once accepted the number is assigned to the user


You can also view the Unified Messaging (Voicemail) status for the user. If the users mailbox is on Exchange Online this will automatically be setup. If users mailbox on premises this will required setting up. More info can be found here

Operational Considerations


A quick summary for more details on maintaining health for SfB there is more training on Skype academy.



Any network impact will impact SfB users and their user experience

Monitor call quality via Call Quality Dashboard (CQD) some more info here

In case of outages and issue, check service portal on Office 365, open tickets if required.

PSTN Calling Usage Reports

For the past 90 days in Office 365 admin console


Exportable to csv

Who called what/who phone number at what time and duration, call type, call or conference

Microsoft provide this information so consumption can be viewed.

Summary and Key Leanings to Recap


Cloud PBX with PSTN calling is from Microsoft, one service, one bill, one provider

Best experience for providing PSTN for Cloud PBX users.

New features and countries are coming

Networking is super important, be sure to leverage SOF network assessment.

More CLOUD PBX training


You can mix and match Cloud PBX with PSTN calling users and  users with Cloud PBX with on premises PSTN.

Also Cloud Connector Edition (CCE) a small appliance for providing on premises PSTN connectivity to users homed in Office 365 using Cloud PBX.

Additional Trainings


Community and Blog



SOF Blog


Other useful Cloud PBX with PSTN Calling Links


Countries and regions that are supported for Skype for Business Online PSTN Services

Change the toll or toll-free numbers on your dial-in conferencing bridge

Manually submit a custom service request

Download a Letter of Authorization (LOA)

LOA Download Forms

What phone service providers or carriers are supported?

Transfer phone numbers to Skype for Business Online

Set up PSTN Calling for Skype for Business

What is PSTN calling?

PSTN Calling plans for Skype for Business

Getting phones for Skype for Business Online

Emergency calling terms and conditions

Skype for Business Online: Emergency Calling (911) disclaimer

What are emergency locations, addresses and call routing?

Skype for Business Online PSTN services use terms

Skype for Business PSTN calling – code of practice for United Kingdom

Skype for Business PSTN calling – complaint handling code for United Kingdom

Skype for Business add-on licensing

What is PSTN Consumption billing?

PSTN Consumption Rate Table

Set up dial-in or PSTN conferencing for Skype for Business

Here’s what you get with Cloud PBX

Set up Cloud PBX voicemail – Admin help

Configure Skype for Business Cloud Connector Edition

Customer issues between ExUM and Azure Voicemail

Add funds and manage Skype for Business PSTN Consumption

Skype Academy Presents Cloud Voice Introduction Summary

In the series of Cloud PBX videos on Skype academy this is the first in the series and the introduction to Cloud PBX. (Cloud Voice)

Great session give an introduction and overview of Cloud PBX and PSTN connectivity options, Cloud PBX features, planning and network considerations.

Lets go!


Disclaimer to start


Office 365 and SfB Online are evolving quickly with new features and new functionality.

Make sure you check out the latest version of the training.

This is the January 2017 video.

A introduction to the speaker Thomas Binder


Thomas is Senior Program manager in customer services and deployment team at Microsoft.



Key Learning’s from the session


Cloud PBX provides telephony to users in SfB Online with rich set of features and administrators get management tools and reporting for Cloud PBX users.

Cloud PBX has multiple options PSTN Connectivity

  • Full telephony services including PSTN connectivity from Microsoft (Cloud PBX with PSTN Calling)
  • Bring and use your own PSTN on premises and allow Cloud PBX users to use with PSTN connectivity method. (Cloud PBX with on premises PSTN) Hybrid / Cloud Connector Edition.

Scope of the sessions


There’s a number of Cloud PBX related sessions on Skype Academy and this layout shows a logical view of them. This is the first in the series and its the Cloud Voice Introduction, Understanding Cloud PBX, features set of Cloud PBX and PSTN connectivity options.

Blue boxes are topic groups to structure the trainings. White boxes are training sessions.

What is Cloud Voice ?


Anatomy of a traditional PBX Deployment


  • PBX (Private Branch Exchange) provides voice features, connects and switches calls between users. PBX is the phone system within your business and is the heart of the phone system.
  • Endpoints connect to the PBX to place and receive phone calls
  • The PBX has trunks that connect to the PSTN network which allows users to place and receive calls to the PSTN network. The trunks usually are ISDN or SIP trunk based.

Taking Voice to the Cloud


So how do we take our PBX to the cloud.

End points – and client are SfB clients, windows, mac, mobile client and ip phones. Cloud PBX will be able to leverage all features IM, Presence conferencing and Cloud PBX.

PBX – provided by Skype for Business Cloud PBX providing users have the required Cloud PBX licence associated.

Trunks – Multiple options with Cloud PBX

  1. Cloud PBX with PSTN Calling (Requires PSTN Calling Plans as well Cloud PBX licence) Microsoft provides the phone numbers all services are provided by Office 365)
  2. Utilising existing PSTN connections on premises
  • Cloud PBX with on premises PSTN calling via on premises pool (Lync Server or Skype for Business Server)
  • Cloud PBX with on premises PSTN calling via Cloud Connector Edition (CCE)

Universal Communication Solution


Don’t forget as well as Cloud PBX for voice SfB also provides Instant Messaging, presence, collaboration, online meetings and dial in conferencing within and across other companies via federation.

Skype for Business Online


Integrated into Office 365 and integration with Exchange Online, SharePoint Online.

Office 365 Service Level Agreement


Microsoft provide SLAs and are accountable, SfB is covered in Office 365 SLA and service credits are used. Availability is measured for IM and Meetings and PSTN calling and PSTN conferencing.

  • Quality SLA have specific requirements so key to ensure you meet them including
  • Certified IP Phone with wired Ethernet connections. Certified IP Phone list here
  • Media issues need to due to Microsoft Networks on customer on premises networks.

Lets break down into each part of a traditional PBX deployment in more detail


Endpoints / Clients


Full rich clients on PC and MAC

Mobile clients on IOS, Andriod and windows

IP Phones – Polycom, AudioCodes and Yealink


IP Phones are tested and certified against Office 365

Phone venders build firmware and third party tests and validated.

As well are unified user experience, manageability is important and phones can leverage in band provisioning and updates. IP Phones usually have their own SfB version so be careful when purchasing.

Plug and Play and venders offer additional features and a new web sign in option is available. Allows pairing without having to enter users credentials into the device.

Compare each device and ensure they meet their requirements. Yealink are now certified as well.

Cloud PBX Features


back to the diagram of traditional PBX deployment


Now we home in on the PBX and features


Once Cloud PBX is enabled the Voice tab is displayed.


You can type the numbers including words in the US or search for users

Dial pad available as well via mouse or touch


Also you can view your own phone number as well which is handy


Play and manage voicemails as well. Very handy feature saves dialling in and listening.


Mange Call forwarding settings – Allows users to manage this themselves


Cloud PBX Basic Calling features



DID numbers hosted by Microsoft or customer, each user will have their own phone number.

Device switching, start with PC and transfer to mobile phone

Distinctive ringing based on relationship setting, you can set different ringtones for them. Not seen this before so will check it out.

Call history for users, placed and received and Call details records for administrators

Advanced call features


Teams calls can receive incoming calls but cant makes call on behalf of team members.


Emergency Calling is supported


Dependent on PSTN connectivity method

Power and internet is required for emergency calls

Based on static location information, users could travel and be something else.

Cloud PBX Voicemail


All Cloud PBX users get Voicemail which is delivered by Azure Voicemail not Exchange Unified Messaging for Cloud PBX.

Supported with Exchange Online and Exchange on premises. Exchange on-premises has specific requirements so please check this here.

Auto Attendant


Currently in Preview for more information there’s a Skype academy session or for my summary go here

AA preview features are subject to change. GA is planned for March 2017 but could change.

AA is intelligent virtual receptions you can search for users by keypad or by speech and can transfer calls.

Also operator can be added instead of virtual receptionist.

Custom speech to text and greetings or upload audio files.

Define different call flows for inside and outside business hours.

Service numbers are required either toll or toll free.

Call Queues


Currently in Preview for more information there’s a Skype academy session or for my summary go here

GA planned for March 2017 but could change.

Cloud PBX users can be agents in Call queues, calls will wait in the queue until an agent is available. Call control options available.

Service numbers are used either toll or toll free.

Service Numbers


Services numbers are required for

  • Auto Attendant
  • Call Queues
  • PSTN conferencing

Service numbers route differently to user numbers and allow for higher call capacity

Provided by Microsoft or bring your own via porting process

Service numbers can be toll or toll free

  • Toll – callers pay the regular call charges
  • Toll Free – You absorb the costs for the caller call. PSTN consumption billing is required.



Via a GUI or PowerShell

PowerShell great for provisioning in bulk and automating tasks.



Allows admin to view usage and quality.

Call Quality Dashboard and location enhanced reporting so you drill down and check quality for building and networks.

PSTN Usage Report example


Shows date, time username, call type and duration. You can download as CSV and download via PowerShell.

Call Quality Dashboard Example


Audio streams, daily, monthly trends.

Insight into users quality and experience.

Connecting to PSTN


How do we connect Cloud PBX to the PSTN ?

Back to the diagram and we are now focusing on Trunks



In general there are two options

  • PSTN Calling
  • On premise PSTN Connectivity (On premise PSTN Connectivity has two ways this can achieved)

PSTN Calling – Available in supported regions only (Currently 5 US, Puerto Rico, UK, France and Spain), solely cloud based, no on premises requirement, Microsoft provide the whole service, Microsoft are the PSTN carrier and provide new or bring your own phone numbers via porting. Mostly tightly integrated with Office 365 and Skype for Business Online.

On Premises PSTN Connectivity – Use existing Lync or SfB Server deployment that already connected to the PSTN or use Cloud Connector Editions. CCE for new deployment only and cant co exist with an existing Lync / SfB server deployment on premises. Small footprint with packaged virtual machines. Available in Sonus and AudioCodes SBCs are well now.

Leverage existing PSTN carriers and circuit

Cloud PBX with PSTN Calling


Delivered end to end by Microsoft including PSTN connectivity

Not available in all countries currently.

Administrators use a single interface to administrator users and the service.

Spain is now supported

Cloud PBX with on premises PSTN Connectivity


Delivered in two ways

  • Via existing Lync / SfB Server deployment
  • Or via Cloud Connector Edition (CCE can not exist with an existing Lync / SfB server deployment)

Allows existing PSTN carrier / PBX contracts you can keep these contracts and use this for your users homed in Office 365.

Cloud Connector has a smaller footprint

All meetings, IM , presence are all delivered by Office 365, existing Server deployment will see workloads reduce.

Cloud PBX with On premises PSTN Available worldwide !

Network Considerations – VERY IMPORTANT


Network is key, user quality is only as good as the network allows.

In general three networks are at play

On premises network

Interconnect network – ISP connecting on premises to Office 365

Office 365 network – optimised for Voice

The on-premises and interconnect need to be optimised for voice to ensure quality. There are tools and guidance for network planning and assessment.

Planning Considerations


User locations – Users can be homed on premises, online with hybrid. Only SfB online users can leverage Cloud PBX.

Coexistence – is there an existing Lync or SfB Server deployment then this must used if not CCE can be used.

Is there a requirement to use on premises PSTN connectivity ?

Mix and Match – For example US users can use Cloud PBX with PSTN Calling and users in Germany can use Cloud PBX with on premises PSTN connectivity.

Features in SfB online and on premises are NOT the same.

Skype for Business On premises has all voice functionality, when moving users to online its key to ensure the functionality they use today can be provided by Online.

SOF can be leveraged for migrations

Decisions Tree


What’s your business requirements ?

Which option meets these requirements, feature requirements, continue to leverage existing PSTN providers

Where are the supported regions, where are users locations

Start with the people that will benefit most from moving to Skype for Business Online and Cloud PBX





Further Cloud PBX trainings


Skype Operations Framework


Community and Blog



Skype Academy Presents Upgrading to Skype for Business Server 2015 Video Summary

Following on from the SfB Hybrid video summary i wanted to view the upgrading to SfB Server which may be a consideration first before moving to Hybrid or moving to SfB Online. Its old news but hopefully this may be helpful and I’ve added some more info and links in as well to help with upgrades and planning.

This video is part of the great content on the Skype Operations Framework in the Skype Academy here

Its a great video showing supported methods for upgrading to SfB Server with InPlace, side by side and details on moving from SQL Mirroring to SQL AlwaysOn Availability Groups which is useful. So lets take a look.


This is the December 2016 video and starts with a training disclaimer and content is subject to change.






SfB Server has the same hardware requirements as Lync Server 2013. Great news.

Two supported Migration methods

  • InPlace
  • Side by Side

If you have Lync Server 2013 it says its recommended to use InPlace upgrade path but it does require CU5 released in August 2014. I would recommend myself always having the latest CU in place. You can use Side by Side as well and if your using Lync Server 2013 are using Windows Server 2008 R2 i would recommend using Side by Side and moving to Windows Server 2012 R2. Do you really want to bring 2008 R2 with you ? Windows Server 2016 support for SfB Server is not here just yet but is coming soon.

Lync Server 2010 – No support for Inplace upgrade so side by side is the only method. This is the same process as it was with migrating from Lync Server 2010 to Lync Server 2013.

Side by Side is where you deployed new hardware with SfB Server 2015 installed and migrate all users and services from your old Lync Server 2013 servers to SfB servers and then decommission the old Lync Server 2013 environment.

InPlace upgrade allows you to Upgrade your servers from Lync Server 2013 to Skype for Business Server 2015 so you dont need to purchase or set up additional servers and set up all the prereqs like networking, firewall ports, dns that comes with a new deployment.

Please note there are some reasons when it may not be recommended to use InPlace upgrade with Lync Server 2013 event though you can. For example old hardware and also if your using Windows Server 2008 R2. With InPlace upgrade you have two inplace upgrade methods / modes Online and Offline. These are mentioned below in more detail.

Tri-existence – You cant have a Lync Server 2010, Lync Server 2013 and Skype for Business Server deployments in your topology at the same time and topology builder will stop you. You will need to move or consolidate to a single version. You will see an error.

Good diagram on this from TechNet here

A diagram showing coexistance support for Skype for Business Server 2015 with either Lync Server 2013 or Lync Server 2010.


Consolidation Steps if you need them


InPlace Upgrade


Touched on this earlier

Main benefits

  • Preserve hardware
  • No network changes required for new firewall ports, IPs, DNS
  • Smoother upgrade methods
  • reduced costs


  • Online -  can be used if you have two pools and you can move existing users to your second pool and then upgrade the empty one whilst your users are all working off the second pool. Ensure your second pool can handle the load of all users.
  • Offline – Do the upgrade out of hours and leave users in place.

Offline allows for more time ive found and i have had a couple of issues that needed troubleshooting with inplace upgrades (ive put links below on these) before like missing dbs which cost time. I would plan careful and dont assume just because it will upgrade for you that it will be quick and easy. Planning your InPlace upgrade is key and have an InPlace upgrade Plan first before jumping in. Planning steps are here on TechNet


Take note of the recommendations

  • Do not unpair pools if using Pool pairing
  • No pool failover
  • Upgrade from inside to outside – start with Front end pool and then edge pools.
  • If you have LRS Admin tool deployed in front end for managing Lync Room systems you must remove and replace after upgrade with SfB server version here


  • SBS’s and SBAs DO NOT support inplace upgrades ! Below is from technet here
  • Sonus SBA upgrade information here

Upgrade process with existing Survivable Branch Appliance and Server

Skype for Business Server 2015 doesn’t support an In-Place Upgrade of a Survivable Branch Appliance (SBA) or a Survivable Branch Server (SBS).

However, we do support coexistence of Skype for Business Server datacenters with Lync Server 2010 or Lync Server 2013 SBA/SBS.

When planning for an In-Place Upgrade of a Lync Server 2013 Front End (FE) pool with an associated branch, you can leave the existing users on the Lync Server 2013 SBA/SBS. During the upgrade, the SBA/SBS users will go in resiliency mode and will return to normal functionality after the upgrade has completed. For more information about the users’ experience during the resiliency mode, please see Branch-site resiliency features in Lync Server 2013.

When migrating a Lync Server 2010 topology to Skype for Business Server 2015, the SBA/SBS must re-added to the topology, similar to the migration to Lync Server 2013. For the required steps, please read Connecting Survivable Branch Appliance to Lync Server 2013 Front End pool.

For co-existence topologies of Lync Server 2010 and Lync Server 2013, align first to the recommendations made in the section ‘Support for coexistence with Lync Server 2013 and Lync Server 2010’.

Also to consider from TechNet here

Upgrade order

Upgrade the topology from the inside to the outside. Upgrade all your pools first, then the edge servers, and finally the Central Management Store (CMS) pool.

Kerberos authentication considerations

If you use Kerberos authentication for Web Services, you must reassign Kerberos accounts and reset the password after the In-Place Upgrade is complete. To learn how to do this, see Setting up Kerberos authentication.

Online mode Steps


Upgrade Steps


Great steps as well here on TechNet

Install Prerequisites is very important

Step 1 – Prerequisites Install

Get these right early as it will stop you when you get to upgrading as it runs a validation check before the upgrade.


  • Lync Server 2013 CU
  • SQL 2012 Express SP 1
  • Windows Server Hotfixes
  • Also at least 32gb of available disk space is required as well

More details from TechNet here

Before upgrading please install all new prerequisites required for Skype for Business Server 2015 which include:

  • At least 32GB of free space before attempting an upgrade. In addition, make sure that the drive is a fixed local drive, is not connected by USB or Firewire, is formatted with NTFS file system, is not compressed, and does not contain a page file.

  • PowerShell version 6.2.9200.0 or later.

  • The latest Lync Server 2013 Cumulative Update installed.

  • SQL Server 2012 SP1 installed.

  • The following KB’s installed (installed automatically if using Microsoft Update):

Also which seems to get missed from document is the new requirement for 32Gb of available disk space. This also affects CU updates as well now. So its worth checking your disk space before upgrades as well. I ran into this here

Step 2 – upgrade and publish topology using SfB topology builder


Have to use SfB Topology Builder YOU can not use Lync Server 2013 Topology builder.



Step3 – Stop services on ALL on the servers in the pool being upgraded


Step 4 – run setup.exe to upgrade server


Failure Examples


  • Updates failures
  • Services still running
  • PowerShell still running and open



Step 5 – Time to start services and you can now use the new cmdlet Start-cspool


Side by Side Migration


Build new pool, test, move users to new pool, decommission old pool.

Any old OAuth configuration needs moving to SfB Server prior to decommissioning.


SQL Server Availability Groups

As Part of the upgrade process with SfB server you may have to consider moving from SQL Mirroring if you are using it for database HA but you dont have to. SQL Mirroring is still supported with SfB Server but its common knowledge at some point SQL Mirroring will be deprecated but no one seems to now when. For the moment its all ok.

Below is useful information on moving to AlwaysOn Availability groups and always known issues which is helpful to review.

AlwaysOn Availability Groups are only supported with SfB Server NOT Lync Server and its great this is a supported HA method as it give more choices when deployed SfB Server. The biggest things i see is the requirement for SQL enterprise which is more expensive than SQL Standard which you can use with SQL mirroring but SQL mirroring is going away some time and its old HA SQL method so take all that into to consideration as well. Customers also may have AlwaysOn as their SQL HA standard so this fits in well now.



Requires SQL Server 2012 or 2014 SP1 Enterprise Edition

Only supported with Skype for Business Server Pools NOT Lync Server

Backup backup backup


Migration steps for SQL Mirroring to SQL AlwaysOn


Backups are key!

Lets look at each step

Step 1 – failover all databases to the primary SQL Server


Step 2 – Uninstall each database type and drop databases on MIRROR server


Step 3 – Disable database mirroring and publish the topology

Verify using SQL Management Server


Step 4 – Enable AlwaysOn Availability Groups



KEY points to note here!









Step 5 – Create AlwaysOn Availability Group for the existing backend databases


Step 6 – Add new SQL Store using the FQDN of the Availability Group Listener


Step 7 – Associate the pool with the new SQL store and publish the topology


SQL AA Known Issues

Better to know about them now and how to workaround them.


Issue 1 – Client goes into resiliency mode after failover


Logs missing from primary to replica

Issue 2 – CMS blocks upgrade to AlwaysOn

Key point to note here if the CMS is located on the SQL Mirror you want to move to AAAG.


Issue 3 – Cannot create listener – Connection Failure


Issue 4 – Create single replica Availability Group









Some great community blogs with InPlace info


Skype Academy presents: Hybrid and Online Migration Summary

Recently some new videos were published to the Skype Academy training and one i think a lot of people will be interested in is Skype for Business Hybrid and SfB Online Migrations. A list of the new videos available is here

This video covers all aspects of Hybrid at a high level including

  • Lync / SfB Server Topology requirements
  • Identity Requirement
  • AAD Connect ADFS
  • High Level Network and Firewall Information
  • Managing and configuring Hybrid
  • Also some troubleshooting scenarios
  • Links to Skype operations Framework as well

Definitely worth a watch

Also definitely worth a read is Josh Blalocks Hybrid Handbook download here

Below is a summary of the Skype for Business Academy video here.


This is the January 2017 version of this training.

This content is subject to change as with all Cloud technology information and training.


There’s a lot to cover and the video is around 45mins long. It great this video doesn’t just cover Lync / SfB it also talks over identity AAD Connect and ADFS


Skype Operations Framework (SOF)

With Hybrid this fits into Cloud Migration as customer may be looking to migrate from on premises to online and also customers may require to keep and have users homed on premises and online due to functionality not being available online.


For Hybrid we are looking a Cloud Migration workflow of the SOF. Recommend you take out SOF and the great download and assets that are available here. To Quickly get started use the Quick Start on the home page.

Goal of Hybrid

Is to have a shared SIP namespace  Online and On premise. Where you can have users home on premises and online using the same SIP address space. This allows customer to move users between on premises and online and back from online to on premises and also provides a migration method from on premises to online which also migrates existing contacts, then allows the on premises environment to be decommissioned once all services and users have moved.

You could look at a hard cut over if you wanted to move to Online only but you would lose existing contacts and the experience is not as seamless. I would recommend hybrid if possible.

For example is available on premise and online.


Hybrid Benefits


  • Move users from On premise to Online and also you can move from online to on premises.
  • Allows user to leverage CLOUD only features and functionality such as Skype meeting broadcasts and Cloud PBX.
  • GET the best of both worlds ! Users on premise can leverage full enterprise voice functionality.

Topology Requirements for Hybrid


Full server deployment on premises and Administrator tools of the following:

  • Skype for Business Server 2015
  • Lync Server 2013
  • Lync Server 2010

Please note the latest Cumulative updates are always recommended.

Please note for Cloud PBX with on premises PSTN connectivity you require SfB Server 2015 or Lync Server 2013. Lync Server 2010 is not supported.

Lync Server 2013 – Support Cloud PBX

Lync Server 2010 – DOES NOT support Cloud PBX

Allowing for Mixed Topologies



You can have a mix of Skype for Business Server and Lync Server but note the requirements above.

Certain roles need to be Skype for Business 2015.

For more detailed information please refer to TechNet here

CLOUD PBX with On premises PSTN connectivity Hybrid requirements

Must be SfB Server or Lync Server 2013.

Please note for Cloud PBX you need to have the following server roles with the supported versions


Office 365 and Identity Requirements

Identity is Key and in alot of cases customers already have this deployed if they have Exchange Online for example. If new to Office 365 this is a key requirement.


Also consider Interop with Exchange and Networking Requirements


Skype for Business Edge Connectivity

HA and DR is key on premises as sign in is pointed to on premises servers

If you want Outlook web access integration you must have your mailbox homed Online.

Azure voicemail can also utilise on premises exchange if required.

Networking – Need to open ports on firewall.

Please check Office 365 IP and Ports here

Please check bandwidth requirements as well as traffic will go over the internet to SfB Online. Please check out Skype for Business bandwidth calculator here

MMS Training here

HA and DR Considerations

Hybrid is very very reliant still on the on premises Lync / SfB infrastructure and dont overlook the requirement. All SfB Public DNS records point on premises and are redirect to SfB Online. If clients cant get to the on premises infrastructure then they cant get to SfB online as well.

Please see examples below

The SfB client registration process client does DNS lookup for which resolves to the on premises reverse proxy server NOT SfB Online.


This returns back the internal web services url which redirect the client to SfB Online.


Http Analyse below.

The on premise SfB external web services does a redirect to SfB Online web services



Open all ports for an On premises edge and reverse proxy server deployment and also open port requirements for SfB Online.

On premises Edge Server requirements here

Server Firewall requirements – Server to SfB Online


Always check

SfB Clients to SfB Online  Firewall



Identity Requirements

High level overview only but gives a good overview of Identity requirements for Hybrid. Don’t overlook this requirement.


Identity Management


Authentication and Authorization and definitions above.

Identity Options – Three options for identity with Office 365 only two are suitable with Hybrid.

CLOUD ONLY is NOT an identity option for Hybrid.


  1. Cloud Identity (Not available with Hybrid)
  2. Synchronized Identity (Directory and Password Sync)
  3. Federated Identity (Directory and Federation)

View the differences in Synchronised and Federation including server counts and SSO. Also consider requirements on where authentication will take place.

Password Sync (Synchronized Identity)

AAD Connect only with Password Sync.



Two User IDS but one username and Password

Authentication happens in the CLOUD

Federated Identity

AAD Connect and ADFS and ADFS Web Proxy



True SSO

Higher Server Count

Authentication happens on premises !!! Again reliance on premises infrastructure.

Note password management and resets are on premises.

ADFS 3.0 deployment Options with federation identity

Can be single server but not recommended due to NO high availability.


Recommended to have ADFS server farm deployment for HA an example below.


AAD Connect – Azure Active Directory Connect

How do we sync out user object into Office 365 AAD Connect which was DirSync.



Required for Synchronized and Federated identities.

What does AAD Connect synchronise ?


Not every sync by default. You can use filtering and additional sync features

Common AD sync questions


Licencing of users is seperate

You can still create users in Office 365 but not recommended. Crate on premise and sync up to the Cloud.

How to Deploy Skype for Business Hybrid and Steps required

So we looked at the prereqs now lets see them all. The following prereqs must be in place before you can configure SfB Hybrid.


Please note ALL of the above items must be in place.

Configure AAD Connect


Various tool consolidated into a deployment assistant

AAD Connect – Express Settings


Start with Express and add other options if required.

SfB Enable Federation and Split Domain

Federation must be configured the same on premises and online. IF you use closed federation and have added allowed domain then you these must be added online as well.

he following requirements must be met to successfully configure a hybrid deployment:

  • Domain matching must be configured the same for your on-premises deployment and your Office 365 tenant. If partner discovery is enabled on the on-premises deployment, then open federation must be configured for your online tenant. If partner discovery is not enabled, then closed federation must be configured for your online tenant.

  • The Blocked domains list in the on-premises deployment must exactly match the Blocked domains list for your online tenant.

  • The Allowed domains list in the on-premises deployment must exactly match the Allowed domains list for your online tenant.

  • Federation must be enabled for the external communications for the online tenant, which is configured by using the Skype for Business Online Control Panel.

This is from


This can be done via Management Shell on premises and online



If you have Skype for Business Server you can use the Hybrid Configuration Wizard in SfB Control Panel to configure Hybrid for you via a GUI. This will also run some configuration checks to ensure all prereqs are met for Hybrid.


Please Note the SfB  Front End server do require Internet Access

The Hybrid Control Wizard will do a number of checks to ensure everything is configured before enabling Hybrid.


If it detects an item is not configured it will flag this


After addressing any flagged items run again and


Move Users

Now that the SfB Hybrid is configured its time to move users and we can move them both ways.

BUT before we move them please note

  • User contacts   The limit for contacts for Lync Online users is 250. Any contacts beyond that number will be removed from the user’s contact list when the account is moved to Lync Online.

  • Instant Messaging and Presence   User contact lists, groups, and access control lists (ACLs) are migrated with the user account.

  • Conferencing data, meeting content, and scheduled meetings   This content is not migrated with the user account. Users must reschedule meetings after their accounts are migrated to Lync Online.

Also don’t forget about SOF people !

Remember to refer back to the Skype operations framework


Refer back to the workshop and SOF to ensure you move the correct group of users together.

ALSO KEY to remember user adoption and training, dont skip this in all the excitement.

Before we can move the users we need to determine the migration URL which is a manual process.


Once Migrated URL is determined you can move users.

REMEMBER create users on premises then move Online ! Also key to remember is licence the user in office 365 first otherwise it will error.

What information gets migrated with the users?


Contacts will get migrated but note there’s a 250 contact limit in SfB Online so you need to make sure you don’t have more than 250 contacts otherwise only the first 250 will be migrated.

For Meeting if you mailbox is in Exchange Online you can utilise the new Meeting Migration Service to update existing scheduled meeting URLs.

If your mailbox is in Exchange on premises then there is a Meeting Migration Tool that you can download and install on each users computer that will run and search the user mailbox for scheduled meetings and update the URL and send updated meeting invites to meeting attendees with the new meeting details. MMS does all this as well but its an automated service if your mailbox is online only. Sorry on prem exchange people.

Also note users will now have to use SfB Online policies to your online.

Also note client supportability and On premises SfB / Lync policies are not carried over to online.

  • Client support    Some users may require a new client version when they are moved to Skype for Business Online. For Office Communications Server 2007 R2, users must be moved to a Skype for Business Server or Lync Server 2013 pool prior to migration to Skype for Business Online.

  • On-premises policies and configuration (non-user)   Online and on-premises policies require separate configuration. You cannot set global policies that apply to both


Moving users back to On premises

Perhaps there are features that are only available on premises that are not available in online.



What happens to AD user attributes ?

When enabling for SfB online and on premises.



On premises users need to be ware of online users


SfB Online user NOT enabled for SfB. No attributes set.




Moving Online user to on premises



Attributes populated for on premises details

Manage SFB

Next we look at management of users, moving from Control Panel and searching for users online.



In control panel you can search for online users only using the filter

Also you can use PowerShell


Online users you can modify some option not all.


Here you can move the user.


Front End Server needs internet access to move users


Error Example – You must licence user online for SfB

Move to on premise example




CQD – Call Quality Dashboard

Good tool for checking call quality please note there is an on premises CQD and CQD Online. Theses are separate dashboards.


More details on CQD here

CQD training here

Troubleshooting Scenarios


Cant sign into SfB Control Panel for Hybrid Configuration Wizard

Issue above if due to Front End Server not having Internet Access










Client Support

This isn’t referenced in the video but is important to note

The following clients are supported with Skype for Business Online in a hybrid deployment:

  • Skype for Business

  • Lync 2013

  • Lync 2010

  • Lync Windows Store app

  • Lync Web App

  • Lync Mobile

  • Lync for Mac 2011

  • Lync Room System and Skype for Business Room System

  • Lync Basic 2013

  • Microsoft Surface Hub