Lync Server 2010 Service Mobility is the new service for Lync Server. This service must be installed to support mobile clients:

  • Apple iOS
  • Android
  • Windows Phone
  • Nokia Symbian

With this service customers will be able to send and receive IM, see the contact list and presence. Follow the link to Comparison Table Customer Service Mobility.

For configuration of the service have a machine called Hm01.home.intranet as a Domain Controller and Certificate, called a virtual machine that is Hm02.home.intranet the Front End, I have only one SIP domain home.com.br. All servers are running Windows Server 2008 R2 Service Pack 1

The connection structure of customers mobiles and the ports used for communication with the service is installed at the front end is as follows

Components of Mobility Services

  • Mobility Service: supports client connections, this service must be installed on all Front Ends. 
  • Autodiscover Service: Service that allows customers to identify the location and address Mobility service. This service supports connections using HTTP or HTTPS, this environment set up the connection using this HHTPS and Reverse Proxy in the certificate should be amended and new rules published in the firewall should be created. This service must be installed on all Front Ends and directors of the pool
  • Push Notification Service: this service is based on the cloud and uses the services of Office 365. When Lync Client Apple iOS or Windows Phone is dead they do not respond to new events and new IM or missed calls. In such cases a notification called Push Notification is sent to the customer by the service Lync Online.


Cumulative Update 4

All Front End pool servers must be upgraded to the Cumulative Update November Lync Server. 

The update can be downloaded from the Microsoft website http://www.microsoft.com/download/en/details.aspx?id=11551

In this article demostro steps to upgrade the server pool Pool Update Lync Server with Cumulative Update 4. There is no need to upgrade customers to activate this service but is recommended to keep the structure updated.


To support customers in Autodiscovery is necessary to create a record in DNS. The record can be of type Address (A) or Alias ​​(CNAME), and should be created for each SIP domain supported by both the pool and in the Internet DNS Internal DNS

For this article I will create the CNAME record in DNS in the inner and external DNS.

For the configuration of the internal DNS, I created a CNAME record LyncDiscoverInternal. <domain SIP> pointing to the internal FQDN of the Front End


Alias ​​Name:  LyncDiscoverInternal

The FQDN for Target Host:  Hm02.home.intranet


For the configuration of external DNS, I created a CNAME record LyncDiscover. <domain SIP> pointing to external URL configured in the Front End

Alias ​​Name: LyncDiscover

The FQDN for Target Host: LyncPortal.home.com.br

To check which URL set to External Site start the Topology Builder and access the properties of the Front End Pool , and check the configuration of External Web Service.

Configuring Ports for Mobility Service

The Mobility Service requires the creation of two additional ports on the Front End Web Service For the configuration of the doors start Lync Server Management Shell.

Creation of the door to the Internal Web Site

Set-Identity-CsWebServer Name> Pool> McxSipPrimaryListeningPort-5086

Creation of the door to the external Web Site

Set-Identity-CsWebServer Name> Pool> McxSipExternalListeningPort-5087


To publish your changes of topology use the cmdlet: Enable-CsTopology-verbose


The Mobility Service component uses Dynamic Content Compression IIS is not a prerequisite for the installation of the Front End 

Logue in Front End server and add the IIS component


Installing the Mobility Service

Download the Mobility Service 

McxStandalone.msi Copy the file to the Front End in the folder C: \ ProgramData \ Microsoft \ Lync Server \ Deployment \ cache \ 4.0.7577.0 \ setup 


Start Lync Server Management Shell and go to the folder C: \ Program Files \ Microsoft Lync Server 2010 \ and run the Deployment bootstrapper.exe


Check the end of the wizard and make sure the Autodiscover and Web Component have been successfully installed.


The log file shows all the features were installed.

Two virtual folders were created in IIS



To support the connection of devices is necessary to change the digital certificate installed and add the new names FQDN's created for the Mobility of the Autodiscover Service. Run the installation wizard Lync Server and replace the certificate used by a new certificate that contains the FQDN of Discover's Service. Run the installation wizard and run the Lync Server Request Step 3, Install or Assign Certificates


Select the installed certificate and click Request


Go to start requesting the new certificate and select the option to  Send Request Immediately to an certification authority



Select the certification of the network and go in this case use an enterprise certificate installed on a network server


You do not need any account if you are running the wizard with an account that has permission to issue certificates


Do not change the template of the certificate


Set Friendly Name of the certificate and check the Mark the certificate's private key exportable


Fill in the geographic information of the certificate 



In the Subject Name of the FQDN's Discover are automatically included


Select the SIP domain that will be supported by the certificate


If you support multiple SIP domains add the FQDN's in ccertificado


Verify the certificate information and advance


Check that the certificate was issued successfully


Select  Assign this certificate to Lync Server certificate usages


Proceed to begin installation of the certificate


Check the FQDN's set and go 


Finish the wizard 


Open the properties of the certificate and make sure that all names are correct;


Published in Reverse Proxy

The publication process of the Mobility Service is similar to the publication of the Front End services with Reverse Proxy. To provide the service to external customers need to create a new digital certificate with the FQDN of the Discover Service, LyncDiscover.home.com.br and change the publishing rule Reverse Proxy. 

Setting the Reverse Proxy is the rule in Article Published Lync Reverse Proxy Server Forefront TMG in 2010. Make the following changes in the publishing rule and the digital certificate.


Send and install a new digital certificate with SAN configured with the FQDN LyncDiscover.home.com.br. The certificate must be installed in the container from the local computer. 


Altering of Published Rule

Open the console TMG 2010 and access the properties of the publishing rule web site of the Front End


In the properties tab of the rule go to the Listener and click Properties


In the properties of the Listener tab to access the Certificates , and then click Select Certificate


Select the new certificate with the FQDN's updated


With the new certificate installed finalize the assistant


Back in the publishing rule to access the tab Public Name and click Add


Add the FQDN of the Discovery Service in this case is LyncDiscover.home.com.br


Finish the wizard and apply changes to console GMT


Configuring Push Notifications

Push Notifications are alerts sent by the Edge Server Online routed by Lync Lync to the client installed on the iPhone and Windows Phone users to notify events for new IM, missed calls and voice mails.  Push To configure, start Lync Management Shell and run the cmdlet:

New-CsHostingProvider -Identity "LyncOnline" -Enabled $True -ProxyFqdn "sipfed.online.lync.com" -VerificationLevel UseSourceVerification


To create the federation of the domain push.lync.com run

New-CsAllowedDomain -Identity "push.lync.com"


To enable notificação

Set-CsPushNotificationConfiguration -EnableApplePushNotificationService $True -EnableMicrosoftPushNotificationService $True


Enable the domain field

Set-CsAccessEdgeConfiguration -AllowFederatedUsers $True


Connection Test 

To verify that the services of the Mobility Services were published successfully run the browser on a machine on the Internet and access the URL LyncDiscover.home.com.br. The browser should show a file download



Open the file in Notepad. It should contain the URLs and addresses posted external access to the pool 


Clients Configuration

Installing Root Certificate

Before you start setting up the customer on the phone you need to import the root certificate on mobile. Start the browser


Visit the Web Enrolement address this infrastructure https://hm01.home.intranet/certsrv


The certificate warning should be issued, click Continue


No. authentic portal 


Click Download a CA certificate, certificate chain or CRI


Then click Install CA certificate


Set a name for the certificate and click OK


The message that the certificate is installed should be displayed


To verify that the certificate was properly installed to access any URL Lync Pool,  used in this example the URL of dialin. Click on the image of Lync with cadiado.



Click the View certificate


It must be shown that the certificate is valid


Logon Lync Client

Execute Lync Client 2010


Enter the SIP address and password, if your SIP domain is equal to the internal FQDN of the domain you can click Sing-but in this case my FQDN of the domain is home.intranet and my SIP domain home.com.br this case click Options.



Select the User Name


Configure the user Netbios \ UserName 


Configured with the user click Sign In


After the initial configuration and status messages can be configured