Table of Contents

 

Overview

Lync Server 2010 Service Mobility is the new service for Lync Server. This service must be installed to support mobile clients:

  • Apple iOS
  • Android
  • Windows Phone
  • Nokia Symbian

With this service customers will be able to send and receive IM, see the contact list and presence. Follow the link to Comparison Table Customer Service Mobility.

For configuration of the service have a machine called Hm01.home.intranet as a Domain Controller and Certificate, called a virtual machine that is Hm02.home.intranet the Front End, I have only one SIP domain home.com.br. All servers are running Windows Server 2008 R2 Service Pack 1

The connection structure of customers mobiles and the ports used for communication with the service is installed at the front end is as follows

Components of Mobility Services

  • Mobility Service: supports client connections, this service must be installed on all Front Ends. 
  • Autodiscover Service: Service that allows customers to identify the location and address Mobility service. This service supports connections using HTTP or HTTPS, this environment set up the connection using this HHTPS and Reverse Proxy in the certificate should be amended and new rules published in the firewall should be created. This service must be installed on all Front Ends and directors of the pool
  • Push Notification Service: this service is based on the cloud and uses the services of Office 365. When Lync Client Apple iOS or Windows Phone is dead they do not respond to new events and new IM or missed calls. In such cases a notification called Push Notification is sent to the customer by the service Lync Online.

Prerequisites 

Cumulative Update 4

All Front End pool servers must be upgraded to the Cumulative Update November Lync Server. 

The update can be downloaded from the Microsoft website http://www.microsoft.com/download/en/details.aspx?id=11551

In this article demostro steps to upgrade the server pool Pool Update Lync Server with Cumulative Update 4. There is no need to upgrade customers to activate this service but is recommended to keep the structure updated.

DNS

To support customers in Autodiscovery is necessary to create a record in DNS. The record can be of type Address (A) or Alias ​​(CNAME), and should be created for each SIP domain supported by both the pool and in the Internet DNS Internal DNS

For this article I will create the CNAME record in DNS in the inner and external DNS.

For the configuration of the internal DNS, I created a CNAME record LyncDiscoverInternal. <domain SIP> pointing to the internal FQDN of the Front End

 

Alias ​​Name:  LyncDiscoverInternal

The FQDN for Target Host:  Hm02.home.intranet

 

For the configuration of external DNS, I created a CNAME record LyncDiscover. <domain SIP> pointing to external URL configured in the Front End

Alias ​​Name: LyncDiscover

The FQDN for Target Host: LyncPortal.home.com.br

To check which URL set to External Site start the Topology Builder and access the properties of the Front End Pool , and check the configuration of External Web Service.

Configuring Ports for Mobility Service

The Mobility Service requires the creation of two additional ports on the Front End Web Service For the configuration of the doors start Lync Server Management Shell.

Creation of the door to the Internal Web Site

Set-Identity-CsWebServer Name> Pool> McxSipPrimaryListeningPort-5086

Creation of the door to the external Web Site

Set-Identity-CsWebServer Name> Pool> McxSipExternalListeningPort-5087

 

To publish your changes of topology use the cmdlet: Enable-CsTopology-verbose

IIS

The Mobility Service component uses Dynamic Content Compression IIS is not a prerequisite for the installation of the Front End 

Logue in Front End server and add the IIS component

 

Installing the Mobility Service

Download the Mobility Service 

McxStandalone.msi Copy the file to the Front End in the folder C: \ ProgramData \ Microsoft \ Lync Server \ Deployment \ cache \ 4.0.7577.0 \ setup 

 

Start Lync Server Management Shell and go to the folder C: \ Program Files \ Microsoft Lync Server 2010 \ and run the Deployment bootstrapper.exe

 

Check the end of the wizard and make sure the Autodiscover and Web Component have been successfully installed.

 

The log file shows all the features were installed.

Two virtual folders were created in IIS

 

Certificates

To support the connection of devices is necessary to change the digital certificate installed and add the new names FQDN's created for the Mobility of the Autodiscover Service. Run the installation wizard Lync Server and replace the certificate used by a new certificate that contains the FQDN of Discover's Service. Run the installation wizard and run the Lync Server Request Step 3, Install or Assign Certificates

 

Select the installed certificate and click Request

 

Go to start requesting the new certificate and select the option to  Send Request Immediately to an certification authority

 

 

Select the certification of the network and go in this case use an enterprise certificate installed on a network server

 

You do not need any account if you are running the wizard with an account that has permission to issue certificates

 

Do not change the template of the certificate

 

Set Friendly Name of the certificate and check the Mark the certificate's private key exportable

 

Fill in the geographic information of the certificate 

 

 

In the Subject Name of the FQDN's Discover are automatically included

 

Select the SIP domain that will be supported by the certificate

 

If you support multiple SIP domains add the FQDN's in ccertificado

 

Verify the certificate information and advance

 

Check that the certificate was issued successfully

 

Select  Assign this certificate to Lync Server certificate usages

 

Proceed to begin installation of the certificate

 

Check the FQDN's set and go 

 

Finish the wizard 

 

Open the properties of the certificate and make sure that all names are correct;

 

Published in Reverse Proxy

The publication process of the Mobility Service is similar to the publication of the Front End services with Reverse Proxy. To provide the service to external customers need to create a new digital certificate with the FQDN of the Discover Service, LyncDiscover.home.com.br and change the publishing rule Reverse Proxy. 

Setting the Reverse Proxy is the rule in Article Published Lync Reverse Proxy Server Forefront TMG in 2010. Make the following changes in the publishing rule and the digital certificate.

Certified

Send and install a new digital certificate with SAN configured with the FQDN LyncDiscover.home.com.br. The certificate must be installed in the container from the local computer. 

 

Altering of Published Rule

Open the console TMG 2010 and access the properties of the publishing rule web site of the Front End

 

In the properties tab of the rule go to the Listener and click Properties

 

In the properties of the Listener tab to access the Certificates , and then click Select Certificate

 

Select the new certificate with the FQDN's updated

 

With the new certificate installed finalize the assistant

 

Back in the publishing rule to access the tab Public Name and click Add

 

Add the FQDN of the Discovery Service in this case is LyncDiscover.home.com.br

 

Finish the wizard and apply changes to console GMT

 

Configuring Push Notifications

Push Notifications are alerts sent by the Edge Server Online routed by Lync Lync to the client installed on the iPhone and Windows Phone users to notify events for new IM, missed calls and voice mails.  Push To configure, start Lync Management Shell and run the cmdlet:

New-CsHostingProvider -Identity "LyncOnline" -Enabled $True -ProxyFqdn "sipfed.online.lync.com" -VerificationLevel UseSourceVerification

 

To create the federation of the domain push.lync.com run

New-CsAllowedDomain -Identity "push.lync.com"

 

To enable notificação

Set-CsPushNotificationConfiguration -EnableApplePushNotificationService $True -EnableMicrosoftPushNotificationService $True

 

Enable the domain field

Set-CsAccessEdgeConfiguration -AllowFederatedUsers $True

 

Connection Test 

To verify that the services of the Mobility Services were published successfully run the browser on a machine on the Internet and access the URL LyncDiscover.home.com.br. The browser should show a file download

 

 

Open the file in Notepad. It should contain the URLs and addresses posted external access to the pool 

 

Clients Configuration

Installing Root Certificate

Before you start setting up the customer on the phone you need to import the root certificate on mobile. Start the browser

 

Visit the Web Enrolement address this infrastructure https://hm01.home.intranet/certsrv

 

The certificate warning should be issued, click Continue

 

No. authentic portal 

 

Click Download a CA certificate, certificate chain or CRI

 

Then click Install CA certificate

 

Set a name for the certificate and click OK

 

The message that the certificate is installed should be displayed

 

To verify that the certificate was properly installed to access any URL Lync Pool,  used in this example the URL of dialin. Click on the image of Lync with cadiado.

https://hm02.home.intranet/dialin

 

Click the View certificate

 

It must be shown that the certificate is valid

 

Logon Lync Client

Execute Lync Client 2010

 

Enter the SIP address and password, if your SIP domain is equal to the internal FQDN of the domain you can click Sing-but in this case my FQDN of the domain is home.intranet and my SIP domain home.com.br this case click Options.

 

 

Select the User Name

 

Configure the user Netbios \ UserName 

 

Configured with the user click Sign In

 

After the initial configuration and status messages can be configured