How to Integrate Lync 2010 with Blackberry 5.0 SP3

Lync 2010 BES 5.0 SP3 Integration Guide

Now that RIM has released Service Pack 3 for the Blackberry Enterprise Server (BES) 5 we can now have Lync connectivity on our Blackberries. Let me tell you it works well. It took awhile to get it functioning properly but it was worth it. So if you don’t already have the Service Pack, go hereand get it.Lync integration with the BES requires the the UCAPI 2.0 (package 1, package 2) SQL Native Client, and OCS Core components (Available in OCS 2007 R2 Setup package in i386, do not install Lync 2010 core component which will not work) to be installed. That’s right RIM uses the OCS 2007 R2 components to accomplish the connectivity. If you ask me, this is very smart since the Lync has backward compatibility for OCS 2007 R2 components. This is a two for one deal for RIM. They can support OCS 2007 R2 and Lync using same interfaces.

Once you have the prerequisite packages installed (the installer will tell you it needs them) you can then make a decision on which provisioning method you wish to use. There are two methods and they are described in detail here. I choose to use the automatic method which worked perfectly.

Now go ahead and install the BES or upgrade it. This is out of the scope of this blog; follow the RIM documentation on how to do this.

Next, you’ll have to generate a certificate for the BES. More information can be found in RIM’s knowledge base. Here is the article you’ll want to review. Now you’re probably thinking great. I know what I need in the certificate but how do I create the request? I have a standalone CA in my environment it was quite simple once you know the syntax to use in the certificate request inf file. Here is a sample certificate request inf file for the BES.

Signature=”$Windows NT$”

Subject = “” 
Exportable = TRUE
KeyLength = 1024  
KeySpec = 1
KeyUsage = 0xA0
MachineKeySet = True
ProviderName = “Microsoft RSA SChannel Cryptographic Provider”
ProviderType = 12
RequestType = CMC



A few notes on the above inf file:

  1. Subject must be set to the FQDN of the Lync pool that you will be connecting to in the same format as above.
  2. Setting Exportable to TRUE allows you to export and transport the certificate with the private key to another server later if required or to export it and back it up. Set it to FALSE to disallow this.
  3. SAN must contain the FQDNs of the servers hosting the Lync pool and of the BES server that is providing the Collaboration service. The format must be the same as above.
  4. The sample file is for a standalone or external Certificate Authority. If you are using an Enterprise CA or need more information in general, take a look at this Microsoft knowledge base article. 
Once you have your inf file ready and are ready to submit the request to your CA run the following command the server hosting your BES:
certreq -new “path to your inf file” “path to the request file to generate” If you are running this on a 2008 or 2008 R2 server you will need to run this as an administrator. This should now generate the request file. You can then send that to your CA to have a certificate issued. 
Once you get the certificate back from your CA. You can install it. The easiest way to do this is to open up the MMC and add in the Certificates snap-in, select “Computer account”  and point it the “Local Computer” or another computer so long as it is the server hosting the BES. Now, open Personal, right click and select “All Tasks” and then “Import…” and follow the wizard through and be sure to select the file your CA gave you when prompted. Once the certificate has been imported, click on Certificates under Personal and then right click on the certificate you just imported and hit properties. Now, enter in OCSConnector as the “Friendly Name”. Click OK and you’re done with the certificate set up. The friendly name is essential, the BES seems to look for this so it knows which certificate to use.

Now here is where things went awry for me. I could log into Lync with the Enterprise IM client on my Blackberry and I could send messages but could I receive them or updated presence information? The answer was a resounding no. People that tried to send me messages got a 504 error reported to them in their Lync clients. To begin troubleshooting this, after covering all the basics, I fired up the Lync Logger and logged everything for SIP Stack. The SIP Stack log quickly showed there was a problem communicating with the BES Collaboration Service. The error I was seeing in the Log Analyzer was SIPPROXY_E_CONNECTION_FAILED.

Then I remembered, OCS 2007 R2 has problems running on Server 2008 R2! Our brand new BES was running on Server 2008 R2 no less. I quickly searched my bookmarks for all those KB articles I had saved knowing I would need them again one day. The first one that everyone should review is the OCS 2007 R2 on Server 2008 R2 Supportability document. In there it makes reference to requiring a hot fix for Windows. This is not required if you’re running Server 2008 R2 with Service Pack 1 on your BES server. Next, you need to update the OCS 2007 R2 components on the server. I suggest using the ServerUpdateInstaller package which can be found here. It will automatically detect which updates you need, download them and install them.

After all this, Lync/Enterprise IM on the Blackberry connectivity worked flawlessly. One last thing, if you need the Enterprise IM client for your Blackberry, grab it from RIM here. Enjoy your brand new Lync connectivity!


Exchange 2010 SP1 Update Rollup 5

exchange-2010-logo-7333411.png?w=150&h=71#038;h=71Today the Exchange Team released Rollup 5 for Exchange Server 2010 Service Pack 1 (KB2582113). This update raises Exchange 2010 version number to 14.1.339.1.

I’d recommend to thoroughly test rollup 4 in a test and acceptance environment prior to implementing it in production. After the Rollup 3 and Rollup 4 debacles, I can’t emphasize this enough: test, test. test.

Here’s the list of changes included in this rollup:

· 2275156 The inline contents disposition is removed when you send a “Content-Disposition: inline” email message by using EWS in an Exchange Server 2010 environment

· 2499044 You cannot save attachments in an email message by using OWA if the subject line contains special characters in an Exchange Server 2010 environment

· 2509306 Journal reports are expired or lost when the Microsoft Exchange Transport service is restarted in an Exchange Server 2010 environment

· 2514766 A RBAC role assignee can unexpectedly run the Add-ADPermission command on an Exchange Server 2010 server that is outside the role assignment scope

· 2529715 Slow network or replication issues after you change the number of virus scanning API threads in Microsoft Exchange Server 2010

· 2536704 Mailbox users who are migrated by using ILM 2007 cannot use the Options menu in OWA in an Exchange Server 2010 environment

· 2537094 French translation errors occur when you edit a response to a meeting request by using OWA in an Exchange Server 2010 SP1 environment

· 2554604 A RBAC role assignee can unexpectedly manage certificates that are outside the role assignment scope in an Exchange Server 2010 environment

· 2555800 You cannot use the GetItem operation in EWS to retrieve properties of an email message in an Exchange Server 2010 environment

· 2555850 You cannot delete a mailbox folder that starts with a special character in its name by using Outlook in an Exchange Server 2010 environment

· 2556096 The columns in the .csv logging file are not lined up correctly when you perform a discovery search on a mailbox in an Exchange Server 2010 environment

· 2556107 The columns in the .csv logging file are not lined up correctly when you perform a discovery search on a mailbox in an Exchange Server 2010 environment

· 2556133 A device that uses Exchange ActiveSync cannot access mailboxes in an Exchange Server 2010 environment

· 2556156 Extra.exe crashes when it performs RPC activity checks against an Exchange Server 2010 server

· 2556352 “ChangeKey is required for this operation” error message in Outlook for Mac 2011 in an Exchange Server 2010 environment

· 2556407 Certain client-only message rules do not take effect on email messages that are saved as drafts in an Exchange Server 2010 environment

· 2559926 “There are no items to show in this view.” error message when you try to view a folder by using Outlook in an Exchange Server 2010 environment

· 2572958 The “Test-OutlookConnectivity -Protocol HTTP” command fails with an HTTP 401 error in an Exchange Server 2010 environment

When running ForeFront Protection for Exchange, make sure you disable ForeFront before installing the rollup and re-enable it afterwards, otherwise the Information Store and Transport services may not start. You can disable ForeFront using fscutility /disable and enable it using the fscutility /enable command.

For the correct procedure on how to update a DAG and its members, check here.

Note that update rollups are cumulative, i.e. they contain fixes released in earlier update rollups for the same product level (RTM, SPx). This means you don’t need to install previous update rollups during a fresh installation but can start with the latest rollup available right away.

You can download Exchange 2010 SP1 Rollup 5 here.