Mobility for Lync

Native Microsoft Mobility for Lync 2010 Is Here!

The mobility features of Lync have been sorely missed since Lync 2010 was release last November but Microsoft has made HUGE strides in their recent release. There are a few pre-requisites which we will cover as well as some gotchas to look out for. As of today the Windows Phone client (Mango required) is available in the Marketplace but the Apple iOS and Android clients have yet to appear. There should also be a Nokia client but I do not have a method to test so unfortunately I have nothing to report there.

Server Requirements

Before mobility can be configured the current Lync environment requires CU4 to already be installed. If this has not been done, first things first. There are also a few configuration requirements that must be met which while it didn't matter without mobility, now it does. Those include:

  • The Front-end pool internal web FQDN must be different from the external (even if you are using split-DNS)
  • HLBs may need to be updated changing their persistence to cookie-based and certificates installed to support SNAT
  • IIS Dynamic Content Compression is needed on the Directors and Front-End servers in order to install the mobility BITS

Once that is complete there is a mobility download that must be grabbed and server-based PowerShell commands that are run on a Front-End Server in the environment. The configuration includes updating DNS, requesting and installing new certificates, configuring ports etc. so let's begin.

Mobility Configuration

CONFIGURING MOBILITY PORTS

The first task completed when configuring mobility is running two PowerShell commands to configure the ports mobility will use inside and outside. Setting the ports will also 'inform; the bootstrapper process that mobility should be installed and configured. To set your ports simply launch Lync Server Management Shell (LSMS) and type:

Set-CsWebServer –Identity lspoolname.domain.com –McxSipPrimaryListeningPort 5086
Set-CsWebServer –Identity lspoolname.domain.com –McxSipExternalListeningPort 5087
Enable-CsTopology

You can see the internal listening port has been set at 5086 with the external ports set to 5087. The enable command sets the changes into the topology and the Lync environment is now aware that mobility should be there. The above two Set-CsWebServer commands with the MCX values will only work if CU4 is installed.

IIS CONFIGURATION

If the IID Dynamic Content Compression was not already added (listed as a pre-requisite above) now is the time to complete the process as without it setup will fail. If your base operating system for your Lync Front-End/Director server is Windows Server 2008, use the following command:

[from a command prompt] ServerManagerCMD.exe –Install Web-Dyn-Compression

If the base operating system for your Lync Front-End/Director server is Windows Server 2008 R2, use the following command:

[from PowerShell] Import-Module ServerManager; Add-WindowsFeature Web-Server, Web-Dyn-Compression

DNS CONFIGURATION

New DNS names have been established for the AutoDiscover process (think Exchange AutoDiscover). The new feature removes the need for you to configure the explicit server settings on the mobile clients (very nice). There are up to three different records that must be created, two of which are on the inside DNS. Two of the three records are CNAME DNS records while the third (required if split-DNS) is an 'A" record.

Internal DNS create CNAME record lyncdiscoverinternal and point it to the internal web services 'A' record
External DNS create CNSME record lyncdiscover and point it to the external web services 'A' record
Internal DNS (if using split-DNS) create 'A' record for your external web services name and configure it to the external IP

INSTALLATION OF THE MOBILITY BITS

The installation of the BITS is completed by downloading the new MSI, placing it in the expected folders, and running bootstrapper.

To begin, download the MSI at Microsoft's download center here. Save the MSI locally to each Front-End and Director server in the path C:\ProgramData\Microsoft\Lync Server\Deployment\cache\4.0.7577.0\setup. This is the location of the cached Lync 2010 installers. Once the MSI is in the correct path, launch LSMS and run C:\Program Files\Microsoft Lync Server 2010\Deployment\Bootstrapper.exe (NOTE: the path C:\Program Files\Microsoft Lync Server 2010\ may be different in your deployment based off of where Lync was installed)

Bootstrapper will detect the configuration/setting of the mobility ports and install the mobility BITS on the required servers.

Assuming push notifications are desired on the iOS and Windows Phone platforms, enter the following after the installation is complete (from LSMS):

Set-CsPushNotificationConfiguration -EnableApplePushNotificationService $true -EnableMicrosoftPushNotificationService $true
New-CsHostingProvider –Identity "LyncOnline" –Enabled $True –ProxyFqdn "sipfed.online.lync.com" –VerificationLevel UseSourceVerification
New-CsAllowedDomain –Identity "push.lync.com"

CERTIFICATES

Because there are new names internally and externally new SANs are required on both the internal and external certificates. The simplest way to request a new certificate is using the Lync Deployment application on a Front-End server (one per pool). The server has the ability to create both the internal and external certificates using the GUI. If you are in a multi-server pool I recommend having three separate certificates on the pool - one unique to each Front-End and the other two used on each Front-End (same certificate).

If you already have the Server Default certificate unique to the Front-End server (it will have the pool name, server name, and most likely 'sip'), then the next step is running the wizard again and ONLY selecting Web Services Internal. Running the wizard will include all known names for all supported SIP domains - this includes the internal web services FQDN as the CN and meet, dialin, lyncdiscoverinternal, and your lyncadmin name as SANs. If you use an external certificate provider, that certificate request can be sent off for processing.

Next launch the certificate wizard again this time making sure only Web Services External is selected, offline certificate is selected, and mark as exportable is checked. The results for the external certificate request will be a certificate with the external web services FQDN as the CN and meet, dialin, and lyncdiscover as SANs. Once the certificate has been processed externally you have two options. If you are using a Reverse Proxy where the certificate is required or a HLB, export the certificate from the server and import into the appropriate location. Assuming you are using an internal CA, you would then have the option to re-request an internal certificate for the external web services role. If you are NAT'ing directly to a single server (no HLB but a single point of failure) then you may leave the certificate as is.

RESTART POOL/DIRECTOR SERVERS AND TEST

Once the configuration is complete, reboot the various servers and validate that there are no unexpected errors in the Lync logs in the Event Viewer. Once the servers are back online, assuming all is well launch LSMS and run the following command (replacing your two test users with appropriate names and accounts):

Test-CsMcxP2PIM -TargetFqdn lspoolname.domain.com -SenderSipAddress sip:user1@domain.com -SenderCredential "domain\user1" -ReceiverSipAddress sip:user2@domain.com -ReceiverCredential "domain\user2"

The result of the test should look like:

TargetUri  : https://internalwebservicesname.domain.com:443/mcx
TargetFqdn : lspoolname.domain.com
Result     : Success
Latency    : 00:00:00
Error      :
Diagnosis  :

FURTHER READINGS

Lync Mobility Installation Guide from Microsoft
Lync Server 2010 Mobility Service MSI Download
Dave Howe's HLB Config Guide for Lync 2010

Mobile Outlook Update for Windows Mobile 6.1

With the recent release of Windows Mobile 6.5 and the newly improved Mobile Outlook most of us WM6.1 users are saying - what about us? Well the story is not as bleak as many might imagine. While the OS in the Windows Mobile devices is carrier 'owned' the applications are not. Luckily, Microsoft has decided to release the Outlook portion of WM6.5 as free upgrade for WM6.1 users. This is great news for me - I don't know about everyone else, but I am not interested in most of the WM6.5 features I simply want the new Outlook.

My current back-end environment is Microsoft Exchange 2010, Outlook 2010 and using the latest Mobile Outlook enhances my experience keeping the look and feel similar across clients. The upgrade was easy although it did force a re-sync of my Exchange data to my phone which took a bit of time even over the EvDO Rev A network.

More information about the upgrade and the features can be found here and it is a CAB file so you can use your WM device to navigate directly to it (my preference).


New Inbox View in Outlook Mobile


Single conversation thread Previous OCS RFC. There are four emails that make up the thread and all can be seen in a single view (reducing clutter and speeding up your day)!


The folders you select to sync are shown in your folder list. You can still expand your entire folder list by selecting All Folders.


New Single-click Voice Mail Integration or Exchange 2010 UM users. The play button eliminates the need to launch Windows Mobile player leaving you in your Inbox where you should be. The green phone button allows a single-click call back to the sender.


With Exchange 2010 and Mobile Outlook 6.5 text messages to your phone have the option of being integrated. This mean a text message received to your phone is synced with Outlook where you have the option of replying to the text directly (assuming you have the optional TXT provider in Outlook 2007 or you are using Outlook 2010 / Outlook Web Access 2010).