So, this week see’s the release of the Lync mobile client for a number of different phone OS’ kicking off with the client for Windows Mobile 7.
We were keen to get going with this and as such had prepared our Lync environment on Friday so we could get the clients installed and working first thing this morning – and good news, it all works like a charm.
I have been through MS’ mobility document and this blog aims to give you the information you need to get this working, it doesn’t however, detail any of the sizing calculations you will need to think about when enabling Lync mobility services.
To facilitate the Lync 2010 mobility client both internal and external DNS records are required.
The following table details the records required:
Table 1 – Lync A record DNS requirements – Internal
Lync Mobility A record DNS requirements – Internal
IP Address/ Details
FE Server/ FE Pool/ Director Pool (VIP of HLB if used)
Table 2 – Lync A record DNS requirements – External
Lync Mobility A record DNS requirements – External
IP Address/ Details
external IP of Reverse Proxy
Note: These records are required for each SIP domain you use.
The certificates bound to the internal Lync Server as well as the Reverse Proxy will need amending to accept connections on the names listed above. The following names need adding to the SAN field of the internal and external certificates.
Internal – Lyncdiscoverinternal.internaldomain.com
External – Lyncdiscover.externaldomain.com
Note: A wildcard certificate can be used on TMG (Reverse Proxy) in place of a SAN certificate
A pre-requisite to the installation of the Lync2010 Mobility pack is the installation of the Cumulative Update 4 (CU4) released in November 2011 which can be found here:
1.3.1 Set Mobility Service ports
Once the above update has been installed we need to set the firewall ports used by the mobility service for both the internal and external web services. The following commands detail how to complete this exercise.
Internal Web Services:
Set-CsWebServer –Identity “FESERVER01.internaldoamin.com” –McxSipPrimaryListeningPort 5086
External Web Services:
Set-CsWebServer –Identity “FESERVER01.internaldomain.com –McxSipExternalListeningPort 5087
To publish the changes:
Once the ports have been set and CU4 has been installed you can install the Lync Mobility pack, found here: http://www.microsoft.com/download/en/details.aspx?id=28356
To create a web publishing rule for the external Autodiscover URL on MS TMG use the following (taken directly from the MS guide)
1. Click Start, point to Programs, point to Microsoft Forefront TMG, and then click Forefront TMG Management.
2. In the left pane, expand ServerName, right-click Firewall Policy, point to New, and then click Web Site Publishing Rule.
3. On the Welcome to the New Web Publishing Rule page, type a display name for the new publishing rule (for example, LyncDiscoveryURL).
4. On the Select Rule Action page, select Allow.
5. On the Publishing Type page, select Publish a single Web site or load balancer.
6. On the Server Connection Security page, select Use SSL to connect to the published Web server or server farm.
7. On the Internal Publishing Details page, in Internal Site name, type the fully qualified domain name (FQDN) of your Director pool (for example, lyncdir01.contoso.local). If you are creating a rule for the external Web Services URL on the Front End pool, type the FQDN of the Front End pool (for example, lyncpool01.contoso.local).
8. On the Internal Publishing Details page, in Path (optional), type /* as the path of the folder to be published, and then select Forward the original host header.
9. On the Public Name Details page, do the following:
· Under Accept Requests for, select This domain name.
· In Public Name, type lyncdiscover.<sipdomain> (the external Autodiscover Service URL. If you are creating a rule for the external Web Services URL on the Front End pool, type the FQDN for the external Web Services on your Front End pool (for example, lyncwebextpool01.contoso.com).
· In Path, type /*.
10. On Select Web Listener page, in Web Listener, select your existing SSL Listener with the updated public certificate.
11. On the Authentication Delegation page, select No delegation, but client may authenticate directly.
12. On the User Set page, select All Users.
13. On the Completing the New Web Publishing Rule Wizard page, verify that the web publishing rule settings are correct, and then click Finish.
14. In the Forefront TMG list of web publishing rules, double-click the new rule you just added to open Properties.
15. On the To tab, do the following:
· Select Forward the original host header instead of the actual one.
· If your deployment has a Front End pool, select Requests appear to come from the original client. If your deployment has a single Front End Server or Standard Edition server, select Requests appear to come from the Forefront TMG computer.
16. On the Bridging tab, configure the following:
· Select Web server.
· Select Redirect requests to HTTP port, and type 8080 for the port number.
· Select Redirect requests to SSL port, and type 4443 for the port number.
17. Click OK.
18. Click Apply in the details pane to save the changes and update the configuration.
19. Click Test Rule to verify that your new rule is set up correctly.
Microsoft phones and iPhones can make use of Push rather than Pull notification; push notifications enable events and messages to be delivered even when the device is inactive. Push notifications works via a cloud-based Lync Server and as such you need to create a federation relationship to facilitate the delivery of notifications etc.
To configure Push, run the following from the Lync Management Shell:
New-CsHostingProvider –Identity “LyncOnlineFederation” –Enabled $True –ProxyFqdn “sipfed.online.lync.com” –VerificationLevel UseSourceVerification
New-CsAllowedDomain –Identity “push.lync.com”
To enable Push, run the following from the Lync Management Shell:
Set-CsPushNotificationConfiguration –EnableApplePushNotificationService $True –EnableMicrosoftPushNotificationService $True
Set-CSAccessEdgeConfiguration -AllowFederatedUsers $True
Good luck and Merry Xmas