SlideShare a Scribd company logo

Lync Mobility Deployment Guide

MUCUGL
MUCUGL

Presented by Justin Morris and Tom Arbuthnot at MUCUGL January 2012

Technology
1 of 19
Download to read offline
Lync Mobility Deployment Tom Arbuthnot Justin Morris Consultant, Modality Systems and Lync MVP Consultant, Modality Systems @tomarbuthnot @jm_deluxe http://www.lyncdup.com http://www.justin-morris.net tom.arbuthnot@modalitysystems.com justin.morris@modalitysystems.com
Agenda • Step by Step Deployment Guide – Prerequisites, DNS, Certificates – Reverse Proxy, Push Notifications • The Lync Mobile Sign-In Process • Top 5 Issues • Do I need lyncdiscoverinternal? • Monitoring Performance of Mobility • Questions 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 2
Mobility Service Deployment in 7 slides • Cumulative Update 4 on all Servers • Mobility DNS Requirements • New FE listening ports and IIS changes • Install the MCX Service • Certificate Updates • Reverse Proxy Rule Update • Add Lync Online Federation for Push Notifications 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 3
Cumulative Update 4 First • CU4 on all servers • CU4 DB Update • Install-CsDatabase -Update - ConfiguredDatabases -SqlServerFqdn <EEBE.Fqdn> -UseDefaultSqlPaths 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 4
DNS Requirements • Lync Mobile uses two DNS records to discover the server to register to, lyncdiscover and lyncdiscoverinternal • CNAME and Host (A) records are supported • Internal DNS: Lyncdiscoverinteral.domain.com points to Lync pool/Director DNS record • External DNS: Lyncdisover.domain.com, external (and reachable internal), points to External Reverse Proxy • Lync discover returns proxy FQDN. This needs to be resolvable internally 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 5
New FE Listening Ports and IIS changes • Set-CsWebServer -Identity lync.domain.com - McxSipPrimaryListeningPort 5086 • Set-CsWebServer -Identity lync.domain.com - McxSipExternalListeningPort 5087 • Re enable the topology to enact these IIS changes – Enable-CsTopology • There is also an additional IIS feature Requirement – Import-Module ServerManager Add-WindowsFeature Web-Server, Web-Dyn- Compression 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 6
Install the MCX Service • Download the McxStandalone.msi installation package and save it into the following existing directory on each Lync server where it will be installed. • C:ProgramDataMicrosoftLync ServerDeploymentcache4.0.7577.0setup • C:Program FilesMicrosoft Lync Server 2010DeploymentBootstrapper.exe 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 7
Certificate Updates – Internal and External • Internal FE certs – Set-CsCertificate –Type Default,WebServicesInternal,WebServicesExternal – Thumbprint <Certificate Thumbprint> – This will add the lyncdiscover and lyncdiscoverinternal names to the FE cert • Externally, discovery can be done http(80) or https(443), if using https the external cert requires lyncdiscover.domain.com SAN name • Both required for each supported SIP domain on the system 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 8
New Reverse Proxy Rule • To allow access from the outside for the mobile clients • It can be added to your existing reverse proxy rule set for Lync • Full Reverse Proxy setup steps on Adam’s imaucblog.com • Port 80 required for http discovery 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 9
Federation to Lync Online for Push • New-CsHostingProvider –Identity "LyncOnline" –Enabled $true – ProxyFqdn "sipfed.online.lync.com" –VerificationLevel UseSourceVerification • New-CsAllowedDomain –Identity push.lync.com –Comment “Mobile Push Notifications” • Set-CsPushNotificationConfiguration –EnableApplePushNotificationService $true –EnableMicrosoftPushNotificationService $true 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 10
Summary: Mobility Service Deployment • Cumulative Update 4 on all Servers • Mobility DNS Requirements • New FE listening ports and IIS changes • Install the MCX Service • Certificate Updates • Reverse Proxy Rule Update • Add Lync Online Federation for Push Notifications 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 11
Handover to Justin 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 12
Lync Mobile Sign-In Process Internal 1. Mobile device locates lyncdiscoverinternal.<SIP FQDN> record via internal DNS 2. External MCX URL is returned 3. Lync Mobile client communicates with external web service (4443 MCX virtual directory) by hair- pinning the reverse proxy 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 13
Lync Mobile Sign-In Process External 1. Mobile device locates lyncdiscover.<SIPFQDN> record via external DNS 2. External MCX URL is returned 3. Lync Mobile client communicates with external web service (4443 MCX virtual directory) via the reverse proxy 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 14
Lync Mobile Sign-In Process Authentication and In-Band Provisioning 1. Web ticket request is made for a client certificate for authentication. 2. SIP REGISTER packet comes from the Lync Front End on the listening port e.g. 5087. 3. Do I have a mobility policy granted to me? 4. In-band provisioning occurs: – Voicemail URI, ABS URL, dial plan, voice policy. 5. Contact list and contact cards are retrieved. 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 15
Top Mobile Client Issues • Account details (domainusername) required if UPN is different to SIP URI e.g. UPN - justin.morris@contoso.int SIP URI – justin.morris@contoso.com • Check EWS connectivity – requires same as desktop client. • URL filtering in IM breaks push notifications. • McxStandalone.msi must be run using Bootstrapper. 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 16
Do I need lyncdiscoverinternal? • Mobile clients won’t trust your internal CA, who has a public certificate on their FEs? • Deploying root CA certificate to all mobile devices is unlikely to happen. • Solution: route all internal lyncdiscover.sipdomain traffic to the external interface of the Reverse Proxy. 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 17
Monitoring Performance of Mobility • Why do we do this? – Ensuring we have the capacity to support users. – Predicting when extra capacity is required. • How do we do this? – Can be monitored from within IIS -> Worker Processes. – CsIntMcxAppPool and CxExtMcxAppPool CPU% should be under 15% 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 18
Questions? Sources: Brendan Carius - http://blog.kloud.com.au/2011/12/12/lync-2010-mobility-do-i-need-lyncdiscoverinternal/ http://blog.kloud.com.au/2011/12/12/lync-2010-mobility-sign-in-internals/ 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 19

Recommended

Innovation Vidéo de Lync 2013
Innovation Vidéo de Lync 2013Innovation Vidéo de Lync 2013
Innovation Vidéo de Lync 2013Microsoft Technet France
 
Deployment Patterns in WSO2 Enterprise Integrator
Deployment Patterns in WSO2 Enterprise IntegratorDeployment Patterns in WSO2 Enterprise Integrator
Deployment Patterns in WSO2 Enterprise IntegratorWSO2
 
Effective administration of IBM Integration Bus - Sanjay Nagchowdhury
Effective administration of IBM Integration Bus - Sanjay NagchowdhuryEffective administration of IBM Integration Bus - Sanjay Nagchowdhury
Effective administration of IBM Integration Bus - Sanjay NagchowdhuryKaren Broughton-Mabbitt
 
Q1 Southern California Session Slides
Q1 Southern California Session SlidesQ1 Southern California Session Slides
Q1 Southern California Session SlidesHarold Wong
 
Troubleshooting and Best Practices with WSO2 Enterprise Integrator
Troubleshooting and Best Practices with WSO2 Enterprise IntegratorTroubleshooting and Best Practices with WSO2 Enterprise Integrator
Troubleshooting and Best Practices with WSO2 Enterprise IntegratorWSO2
 
Developing, Debugging and Administrating Your Integration Scenarios with WSO2...
Developing, Debugging and Administrating Your Integration Scenarios with WSO2...Developing, Debugging and Administrating Your Integration Scenarios with WSO2...
Developing, Debugging and Administrating Your Integration Scenarios with WSO2...WSO2
 
FoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications DocumentFoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications DocumentRyan Gallavin
 
Docker and IBM Integration Bus
Docker and IBM Integration BusDocker and IBM Integration Bus
Docker and IBM Integration BusGeza Geleji
 

More Related Content

Similar to Lync Mobility Deployment Guide

Extreme & Microsoft Lync
Extreme & Microsoft LyncExtreme & Microsoft Lync
Extreme & Microsoft LyncWESTCON EMEA
 
Deploying lync evaluating costs and complexities
Deploying lync evaluating costs and complexitiesDeploying lync evaluating costs and complexities
Deploying lync evaluating costs and complexitiesFabrizio Volpe
 
Microsoft Lync 2010 Call Flows Explained
Microsoft Lync 2010 Call Flows ExplainedMicrosoft Lync 2010 Call Flows Explained
Microsoft Lync 2010 Call Flows ExplainedMUCUGL
 
Ojoconsulting Oy Nimbus Monitoring Service description v1.2 public
Ojoconsulting Oy Nimbus Monitoring Service description v1.2 publicOjoconsulting Oy Nimbus Monitoring Service description v1.2 public
Ojoconsulting Oy Nimbus Monitoring Service description v1.2 publicOjoconsulting Oy
 
Cisco Cloupia uic product overview and demo presentation
Cisco Cloupia uic product overview and demo presentationCisco Cloupia uic product overview and demo presentation
Cisco Cloupia uic product overview and demo presentationxKinAnx
 
NELotus - OpenNTF.org & XPages Mobile Controls
NELotus - OpenNTF.org & XPages Mobile ControlsNELotus - OpenNTF.org & XPages Mobile Controls
NELotus - OpenNTF.org & XPages Mobile ControlsJohn Head
 
Justin Morris - Understanding how lync server 2013 leverages the complete mic...
Justin Morris - Understanding how lync server 2013 leverages the complete mic...Justin Morris - Understanding how lync server 2013 leverages the complete mic...
Justin Morris - Understanding how lync server 2013 leverages the complete mic...Nordic Infrastructure Conference
 
Social Connections 13 - Troubleshooting Connections Pink
Social Connections 13 - Troubleshooting Connections PinkSocial Connections 13 - Troubleshooting Connections Pink
Social Connections 13 - Troubleshooting Connections PinkNico Meisenzahl
 
Lync Updates Q1 2013
Lync Updates Q1 2013Lync Updates Q1 2013
Lync Updates Q1 2013MUCUGL
 
Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?NGINX, Inc.
 
Office 365 : un déploiement "Fast & simple"
Office 365 : un déploiement "Fast & simple"Office 365 : un déploiement "Fast & simple"
Office 365 : un déploiement "Fast & simple"Microsoft Technet France
 
Migrating a Monolithic App to Microservices on Cloud Foundry
Migrating a Monolithic App to Microservices on Cloud FoundryMigrating a Monolithic App to Microservices on Cloud Foundry
Migrating a Monolithic App to Microservices on Cloud FoundryTony Erwin
 
Lync 2013 Mobility Architecture
Lync 2013 Mobility ArchitectureLync 2013 Mobility Architecture
Lync 2013 Mobility ArchitectureMUCUGL
 
20120726 jm-mucugl-lync-server-2013-preview-architecture-and-ha
20120726 jm-mucugl-lync-server-2013-preview-architecture-and-ha20120726 jm-mucugl-lync-server-2013-preview-architecture-and-ha
20120726 jm-mucugl-lync-server-2013-preview-architecture-and-haMUCUGL
 
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...Docker, Inc.
 
Introducing Events and Stream Processing into Nationwide Building Society
Introducing Events and Stream Processing into Nationwide Building SocietyIntroducing Events and Stream Processing into Nationwide Building Society
Introducing Events and Stream Processing into Nationwide Building Societyconfluent
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021Ieva Navickaite
 

Similar to Lync Mobility Deployment Guide (20)

Extreme & Microsoft Lync
Extreme & Microsoft LyncExtreme & Microsoft Lync
Extreme & Microsoft Lync
 
Deploying lync evaluating costs and complexities
Deploying lync evaluating costs and complexitiesDeploying lync evaluating costs and complexities
Deploying lync evaluating costs and complexities
 
Microsoft Lync 2010 Call Flows Explained
Microsoft Lync 2010 Call Flows ExplainedMicrosoft Lync 2010 Call Flows Explained
Microsoft Lync 2010 Call Flows Explained
 
Manish Kumar
Manish KumarManish Kumar
Manish Kumar
 
Ojoconsulting Oy Nimbus Monitoring Service description v1.2 public
Ojoconsulting Oy Nimbus Monitoring Service description v1.2 publicOjoconsulting Oy Nimbus Monitoring Service description v1.2 public
Ojoconsulting Oy Nimbus Monitoring Service description v1.2 public
 
Cisco Cloupia uic product overview and demo presentation
Cisco Cloupia uic product overview and demo presentationCisco Cloupia uic product overview and demo presentation
Cisco Cloupia uic product overview and demo presentation
 
NELotus - OpenNTF.org & XPages Mobile Controls
NELotus - OpenNTF.org & XPages Mobile ControlsNELotus - OpenNTF.org & XPages Mobile Controls
NELotus - OpenNTF.org & XPages Mobile Controls
 
Justin Morris - Understanding how lync server 2013 leverages the complete mic...
Justin Morris - Understanding how lync server 2013 leverages the complete mic...Justin Morris - Understanding how lync server 2013 leverages the complete mic...
Justin Morris - Understanding how lync server 2013 leverages the complete mic...
 
Social Connections 13 - Troubleshooting Connections Pink
Social Connections 13 - Troubleshooting Connections PinkSocial Connections 13 - Troubleshooting Connections Pink
Social Connections 13 - Troubleshooting Connections Pink
 
Lync Updates Q1 2013
Lync Updates Q1 2013Lync Updates Q1 2013
Lync Updates Q1 2013
 
Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?
 
Office 365 : un déploiement "Fast & simple"
Office 365 : un déploiement "Fast & simple"Office 365 : un déploiement "Fast & simple"
Office 365 : un déploiement "Fast & simple"
 
Migrating a Monolithic App to Microservices on Cloud Foundry
Migrating a Monolithic App to Microservices on Cloud FoundryMigrating a Monolithic App to Microservices on Cloud Foundry
Migrating a Monolithic App to Microservices on Cloud Foundry
 
Lync 2013 Mobility Architecture
Lync 2013 Mobility ArchitectureLync 2013 Mobility Architecture
Lync 2013 Mobility Architecture
 
CV2016
CV2016CV2016
CV2016
 
20120726 jm-mucugl-lync-server-2013-preview-architecture-and-ha
20120726 jm-mucugl-lync-server-2013-preview-architecture-and-ha20120726 jm-mucugl-lync-server-2013-preview-architecture-and-ha
20120726 jm-mucugl-lync-server-2013-preview-architecture-and-ha
 
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...
 
Docker12 factor
Docker12 factorDocker12 factor
Docker12 factor
 
Introducing Events and Stream Processing into Nationwide Building Society
Introducing Events and Stream Processing into Nationwide Building SocietyIntroducing Events and Stream Processing into Nationwide Building Society
Introducing Events and Stream Processing into Nationwide Building Society
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021
 

More from MUCUGL

MUCUGL October 2013 - Lync Server Top To Bottom, Big To Small
MUCUGL October 2013 - Lync Server Top To Bottom, Big To Small MUCUGL October 2013 - Lync Server Top To Bottom, Big To Small
MUCUGL October 2013 - Lync Server Top To Bottom, Big To Small MUCUGL
 
MUCUGL October 2013 - Top 5 Things To Know When Deploying Your First Lync 20...
MUCUGL October 2013 - Top 5 Things To Know When Deploying Your First Lync 20...MUCUGL October 2013 - Top 5 Things To Know When Deploying Your First Lync 20...
MUCUGL October 2013 - Top 5 Things To Know When Deploying Your First Lync 20...MUCUGL
 
MUCUGL October 2013 - Everything About Lync Room System
MUCUGL October 2013 - Everything About Lync Room SystemMUCUGL October 2013 - Everything About Lync Room System
MUCUGL October 2013 - Everything About Lync Room SystemMUCUGL
 
Lync 2013 Centralized Logging
Lync 2013 Centralized LoggingLync 2013 Centralized Logging
Lync 2013 Centralized LoggingMUCUGL
 
20120726 aj-mucugl-video-conferencing-capabilities-within-lync-2013
20120726 aj-mucugl-video-conferencing-capabilities-within-lync-201320120726 aj-mucugl-video-conferencing-capabilities-within-lync-2013
20120726 aj-mucugl-video-conferencing-capabilities-within-lync-2013MUCUGL
 
Fixed-to-Mobile Convergence with Microsoft UC
Fixed-to-Mobile Convergence with Microsoft UCFixed-to-Mobile Convergence with Microsoft UC
Fixed-to-Mobile Convergence with Microsoft UCMUCUGL
 
Microsoft Lync & Acme Packet Session Management Solutions
Microsoft Lync & Acme Packet Session Management SolutionsMicrosoft Lync & Acme Packet Session Management Solutions
Microsoft Lync & Acme Packet Session Management SolutionsMUCUGL
 
Lync Mobility Architecture
Lync Mobility ArchitectureLync Mobility Architecture
Lync Mobility ArchitectureMUCUGL
 
Mobility and SmartTAP Recording for Lync
Mobility and SmartTAP Recording for LyncMobility and SmartTAP Recording for Lync
Mobility and SmartTAP Recording for LyncMUCUGL
 
Audio/Video Conferencing and Interop within Lync Server 2010
Audio/Video Conferencing and Interop within Lync Server 2010Audio/Video Conferencing and Interop within Lync Server 2010
Audio/Video Conferencing and Interop within Lync Server 2010MUCUGL
 
Voice Resiliency in Lync Server 2010
Voice Resiliency in Lync Server 2010Voice Resiliency in Lync Server 2010
Voice Resiliency in Lync Server 2010MUCUGL
 
Introduction to Microsoft Lync
Introduction to Microsoft LyncIntroduction to Microsoft Lync
Introduction to Microsoft LyncMUCUGL
 

More from MUCUGL (12)

MUCUGL October 2013 - Lync Server Top To Bottom, Big To Small
MUCUGL October 2013 - Lync Server Top To Bottom, Big To Small MUCUGL October 2013 - Lync Server Top To Bottom, Big To Small
MUCUGL October 2013 - Lync Server Top To Bottom, Big To Small
 
MUCUGL October 2013 - Top 5 Things To Know When Deploying Your First Lync 20...
MUCUGL October 2013 - Top 5 Things To Know When Deploying Your First Lync 20...MUCUGL October 2013 - Top 5 Things To Know When Deploying Your First Lync 20...
MUCUGL October 2013 - Top 5 Things To Know When Deploying Your First Lync 20...
 
MUCUGL October 2013 - Everything About Lync Room System
MUCUGL October 2013 - Everything About Lync Room SystemMUCUGL October 2013 - Everything About Lync Room System
MUCUGL October 2013 - Everything About Lync Room System
 
Lync 2013 Centralized Logging
Lync 2013 Centralized LoggingLync 2013 Centralized Logging
Lync 2013 Centralized Logging
 
20120726 aj-mucugl-video-conferencing-capabilities-within-lync-2013
20120726 aj-mucugl-video-conferencing-capabilities-within-lync-201320120726 aj-mucugl-video-conferencing-capabilities-within-lync-2013
20120726 aj-mucugl-video-conferencing-capabilities-within-lync-2013
 
Fixed-to-Mobile Convergence with Microsoft UC
Fixed-to-Mobile Convergence with Microsoft UCFixed-to-Mobile Convergence with Microsoft UC
Fixed-to-Mobile Convergence with Microsoft UC
 
Microsoft Lync & Acme Packet Session Management Solutions
Microsoft Lync & Acme Packet Session Management SolutionsMicrosoft Lync & Acme Packet Session Management Solutions
Microsoft Lync & Acme Packet Session Management Solutions
 
Lync Mobility Architecture
Lync Mobility ArchitectureLync Mobility Architecture
Lync Mobility Architecture
 
Mobility and SmartTAP Recording for Lync
Mobility and SmartTAP Recording for LyncMobility and SmartTAP Recording for Lync
Mobility and SmartTAP Recording for Lync
 
Audio/Video Conferencing and Interop within Lync Server 2010
Audio/Video Conferencing and Interop within Lync Server 2010Audio/Video Conferencing and Interop within Lync Server 2010
Audio/Video Conferencing and Interop within Lync Server 2010
 
Voice Resiliency in Lync Server 2010
Voice Resiliency in Lync Server 2010Voice Resiliency in Lync Server 2010
Voice Resiliency in Lync Server 2010
 
Introduction to Microsoft Lync
Introduction to Microsoft LyncIntroduction to Microsoft Lync
Introduction to Microsoft Lync
 

Recently uploaded

A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 

Recently uploaded (20)

A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 

Lync Mobility Deployment Guide

  • 1. Lync Mobility Deployment Tom Arbuthnot Justin Morris Consultant, Modality Systems and Lync MVP Consultant, Modality Systems @tomarbuthnot @jm_deluxe http://www.lyncdup.com http://www.justin-morris.net tom.arbuthnot@modalitysystems.com justin.morris@modalitysystems.com
  • 2. Agenda • Step by Step Deployment Guide – Prerequisites, DNS, Certificates – Reverse Proxy, Push Notifications • The Lync Mobile Sign-In Process • Top 5 Issues • Do I need lyncdiscoverinternal? • Monitoring Performance of Mobility • Questions 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 2
  • 3. Mobility Service Deployment in 7 slides • Cumulative Update 4 on all Servers • Mobility DNS Requirements • New FE listening ports and IIS changes • Install the MCX Service • Certificate Updates • Reverse Proxy Rule Update • Add Lync Online Federation for Push Notifications 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 3
  • 4. Cumulative Update 4 First • CU4 on all servers • CU4 DB Update • Install-CsDatabase -Update - ConfiguredDatabases -SqlServerFqdn <EEBE.Fqdn> -UseDefaultSqlPaths 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 4
  • 5. DNS Requirements • Lync Mobile uses two DNS records to discover the server to register to, lyncdiscover and lyncdiscoverinternal • CNAME and Host (A) records are supported • Internal DNS: Lyncdiscoverinteral.domain.com points to Lync pool/Director DNS record • External DNS: Lyncdisover.domain.com, external (and reachable internal), points to External Reverse Proxy • Lync discover returns proxy FQDN. This needs to be resolvable internally 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 5
  • 6. New FE Listening Ports and IIS changes • Set-CsWebServer -Identity lync.domain.com - McxSipPrimaryListeningPort 5086 • Set-CsWebServer -Identity lync.domain.com - McxSipExternalListeningPort 5087 • Re enable the topology to enact these IIS changes – Enable-CsTopology • There is also an additional IIS feature Requirement – Import-Module ServerManager Add-WindowsFeature Web-Server, Web-Dyn- Compression 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 6
  • 7. Install the MCX Service • Download the McxStandalone.msi installation package and save it into the following existing directory on each Lync server where it will be installed. • C:ProgramDataMicrosoftLync ServerDeploymentcache4.0.7577.0setup • C:Program FilesMicrosoft Lync Server 2010DeploymentBootstrapper.exe 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 7
  • 8. Certificate Updates – Internal and External • Internal FE certs – Set-CsCertificate –Type Default,WebServicesInternal,WebServicesExternal – Thumbprint <Certificate Thumbprint> – This will add the lyncdiscover and lyncdiscoverinternal names to the FE cert • Externally, discovery can be done http(80) or https(443), if using https the external cert requires lyncdiscover.domain.com SAN name • Both required for each supported SIP domain on the system 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 8
  • 9. New Reverse Proxy Rule • To allow access from the outside for the mobile clients • It can be added to your existing reverse proxy rule set for Lync • Full Reverse Proxy setup steps on Adam’s imaucblog.com • Port 80 required for http discovery 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 9
  • 10. Federation to Lync Online for Push • New-CsHostingProvider –Identity "LyncOnline" –Enabled $true – ProxyFqdn "sipfed.online.lync.com" –VerificationLevel UseSourceVerification • New-CsAllowedDomain –Identity push.lync.com –Comment “Mobile Push Notifications” • Set-CsPushNotificationConfiguration –EnableApplePushNotificationService $true –EnableMicrosoftPushNotificationService $true 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 10
  • 11. Summary: Mobility Service Deployment • Cumulative Update 4 on all Servers • Mobility DNS Requirements • New FE listening ports and IIS changes • Install the MCX Service • Certificate Updates • Reverse Proxy Rule Update • Add Lync Online Federation for Push Notifications 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 11
  • 12. Handover to Justin 20/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 12
  • 13. Lync Mobile Sign-In Process Internal 1. Mobile device locates lyncdiscoverinternal.<SIP FQDN> record via internal DNS 2. External MCX URL is returned 3. Lync Mobile client communicates with external web service (4443 MCX virtual directory) by hair- pinning the reverse proxy 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 13
  • 14. Lync Mobile Sign-In Process External 1. Mobile device locates lyncdiscover.<SIPFQDN> record via external DNS 2. External MCX URL is returned 3. Lync Mobile client communicates with external web service (4443 MCX virtual directory) via the reverse proxy 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 14
  • 15. Lync Mobile Sign-In Process Authentication and In-Band Provisioning 1. Web ticket request is made for a client certificate for authentication. 2. SIP REGISTER packet comes from the Lync Front End on the listening port e.g. 5087. 3. Do I have a mobility policy granted to me? 4. In-band provisioning occurs: – Voicemail URI, ABS URL, dial plan, voice policy. 5. Contact list and contact cards are retrieved. 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 15
  • 16. Top Mobile Client Issues • Account details (domainusername) required if UPN is different to SIP URI e.g. UPN - justin.morris@contoso.int SIP URI – justin.morris@contoso.com • Check EWS connectivity – requires same as desktop client. • URL filtering in IM breaks push notifications. • McxStandalone.msi must be run using Bootstrapper. 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 16
  • 17. Do I need lyncdiscoverinternal? • Mobile clients won’t trust your internal CA, who has a public certificate on their FEs? • Deploying root CA certificate to all mobile devices is unlikely to happen. • Solution: route all internal lyncdiscover.sipdomain traffic to the external interface of the Reverse Proxy. 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 17
  • 18. Monitoring Performance of Mobility • Why do we do this? – Ensuring we have the capacity to support users. – Predicting when extra capacity is required. • How do we do this? – Can be monitored from within IIS -> Worker Processes. – CsIntMcxAppPool and CxExtMcxAppPool CPU% should be under 15% 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 18
  • 19. Questions? Sources: Brendan Carius - http://blog.kloud.com.au/2011/12/12/lync-2010-mobility-do-i-need-lyncdiscoverinternal/ http://blog.kloud.com.au/2011/12/12/lync-2010-mobility-sign-in-internals/ 19/01/2012 Microsoft Unified Communications User Group London (MUCUGL) 19