Cool tool – MAdCaP manager for analog and common area phones

Let’s face it, creating Common Area Phones (CAPs) and Analog Phones in Lync is annoying. Managing them is even more annoying. Greig Sheridan has the answer with MAdCaP (“Manage Analog Devices & Common Area Phones”).

MAdCaP allows you to create and edit Common Area Phones and Analog Devices as the name implies. This includes the little details like setting the correct dial plan, voice policy, client policy, and PINs.

This is a great tool for an Admin who’s in charge of phones, but has zero idea what PowerShell is. I’ve also found it handy at the end of a very long day when my brain simply won’t do PowerShell commands.

Cool tool – IIS Crypto

Every once in a while, a Lync admin gets to experience the true horror of changing crypto settings. More often than not, this is through following a series of registry edits found online, either on TechNet or a helpful looking blog.

IIS Crypto is a tool that allows you to fiddle with the protocols, cyphers, hashes, key exchanges and cypher suite order, all in a nicely put together GUI. Better yet, there are templates that’ll set your server to Best Practices, PCI, FIPS140-2, and Windows Defaults. That last one comes in really handy when that helpful looking blog turns out to be not so helpful, and your notes on what keys you changed in RegEdit aren’t so clear.

Cool tool – Mirror Manager

Most Lync admins aren’t closet SQL admins, and things like “mirror” and “witness” sound more like “dragon” and “bear” than “puppies” and “beer”. When you throw in other mirroring language that’s eerily similar – principal, primary, secondary and mirror I’m look at you – it can be too much. Thankfully, James Cussen has whipped up an excellent tool that will display which database is being used, and with a few clicks, it whips up the PowerShell for you to move things around. This is a great tool to have handy for a Disaster Recovery scenario, in case the person executing the DR plan isn’t a PowerShell, Lync, and Mirror guru.

Cool tool – check the difference between two files

Comparing two files to try and find differences is something I consider to be an occupational hazard. You can dive into the weeds and run some command line tools, you can pop the files into Word, if you’re doing the comparison on a PC. If you’re trying to do a comparison on a server, you probably don’t have Word.

Diff Checker is an online diff tool that allows you to compare two text files. Any differences in the file are colour-coded so that you can easily spot them.


Cool tool – check certificates already installed on a server

Working with Lync everyday for a number of different organizations, I often need to gather information about the certificates that they’re using, or perhaps that a federated organization is using. This can be on a Lync Edge server, reverse proxy, web server, Exchange server, load balancer, or any number of other devices. The easiest way for me to get an overview of the certificates in use is with DigiCert’s SSL Certificate Checker.

When you enter an FQDN into the checker, you’re provided with a page of information including the Common Name/Subject Name, any Subject Alternate Names, and a variety of cryptography and administrative items.  A couple of certificate vulnerabilities are checked, as is the expiry date, revocation lists, and the certificate chain through any intermediates to the Root CA is validated.

I really appreciate how the checker displays some items with comments like “Signature algorithm = SHA1 + RSA (good)”, giving you a quick indication if things are in order.

If you’re not sure of an FQDN, you can use an IP address. I’ll do this sometimes when I don’t know the hostname for a server, but I know the IP address or the address of another server at the organization (changes are the one I’m after is plus or minus a few IP addresses). When you run the checker by IP address, you’ll receive a warning that the Certificate name doesn’t match what you entered. That’s fine, you can have a look at the Common Name and Subject Alternate Names and re-run the checker with one of those if you’d like.



Cool tool – Decode a CSR

Have you ever found yourself with a CSR file (a Certificate Signing Request), wondering what’s in it? The good news is that you can decode a CSR so that it’s human readable. There are a number of ways to do this, however the one I find easiest is this website

I use this whenever I’ve generated a CSR from a command line where there are a gazillion parameters and maybe and ini file involved, just to make sure that everything came through correct. This is especially useful if you’re the one generating the CSR, and you hand the CSR off to someone in another department to submit it to the certificate authority.



Cool tool – DigiCert Certificate Utility

The DigiCert Certificate Utility is one of the best certificate tools out there. You can use it to generate requests and process new certificates or renewals, fix missing private keys, fix certificate chains that are missing certificates – from any vendor, not just DigiCert. If you’re a programmer, you can use this to sign files and batches of code.

You can find this little bit of magic, along with the rest of what it can do, right here

The utility doesn’t install, it’s just an exe that you run. Best of all, it’s totally free!