Posts

Showing posts from October, 2015

Skype for Business and SQL Server 2014 licensing

Image
With Skype for Business Server 2015, the usability for SQL Server has advanced once more. We have now a couple of possibilities. Today I'm going to discuss all of them and will advice the actual licensing strategy based on SQL Server 2104 in regards to Skype for Business Server 2015 recommendations. The general licensing guides are available here: http://www.microsoft.com/en-us/licensing/product-licensing/sql-server-2014.aspx One generic topic I have to discuss first. In many cases we are using Hyper Visor technologies, meaning the SQL servers are virtualized. Here one important consideration you should keep in mind. If the SQL Server is virtual AND you use CPU CORE licensing, you can run as many virtual SQL on a single PHYSICAL host as you want. You only need to license the physical CPU of that host. This applies to all physical hosts uses. Say you have 3 VMWare/ Hyper-V physical servers, and you run three SQL server. You will position 1 and 2 on 2 physical hosts only (n

Wildcard Certificate Support in Skype for Business

Coming back to the most common question about certificates in Skype for Business and Lync Server. Can we use Wildcard Certificates in Skype for Business or Lync Server? Simple answer is: YESNO First lets have a look into a certificate: A Certificate has a Common Name (CN) and Subject Alternative Names (SAN) A classic wildcard certificate is a certificate where the CN look like: CN=*.domain.com In Skype for Business the main reason for certificate use is TLS/MTLS data encryption and the other point it the server authentication/ validation. Skype for Business is using the Common Name CN for authentication/ validation trusts. Only if a server with in the Topology or for Federation purposes presents a valid certificate with its matching Common Name (CN) the entire traffic can be used with TLS/MTLS. Therefor we understand a CN identifier as FQDN of the Server or the Pool is RECOMMENDED! A valid SAN Wildcard certificate could look like this: CN   = POOL01.DOMAIN.COM