Lync January 2012 Client Updates Released

Just released, a minor update to the Lync client

Clients (7577.4061)

· Lync 2010 (32-bit) – DownloadKB 2670498

· Lync 2010 (64-bit) – DownloadKB 2670498

From the KB, looks like it only addresses one issue:

2670467 Large increases in load on the OrgID service because of recurring authentication requests from Lync 2010


Lync Mobility Calculator

One of the cool Lync Mobility Calculator created by UCMADEEASY guys, which makes the work easy.

Lync Mobility Calculator

How to Enable Push Notifications for Lync Mobile – (iPhone & Windows Phone 7)

Push notifications, in the form of badges, icons, or alerts, can be sent to a mobile device even when the mobile application is inactive. Push notifications notify a user of events such as a new or missed IM invitation, missed calls, and voice mail. The Microsoft Lync Server 2010 Mobility Service sends the notifications to the cloud-based Microsoft Lync Server 2010 Push Notification Service, which then sends the notifications to the Apple Push Notification Service (APNS) or the Microsoft Push Notification Service (MPNS).

Push Notification requires a Lync or OCS EDGE Server and Federation with Lync Online because Push Notification works via Lync Online Federation.

1. First step is to create new hosting provider federation with Lync Online.

New-CsHostingProvider –Identity “LyncOnline” –Enabled $True –ProxyFqdn “” –VerificationLevel UseSourceVerification

2. Add to the allowed domains list

New-CsAllowedDomain –Identity “”

3. Enable Push Notifications (iPhone & WP7)

Set-CsPushNotificationConfiguration –EnableApplePushNotificationService $True –EnableMicrosoftPushNotificationService $True

4. Enable Federation if you haven’t already done that in your environment

Set-CsAccessEdgeConfiguration -AllowFederatedUsers $True

5. Test Lync Online Federation

Test-CsFederatedPartner –TargetFqdn –Domain –ProxyFqdn

6. Test Push Notifications

Test-CsMcxPushNotification –AccessEdgeFqdn

How to Publish Reverse Proxy URLs for Lync Mobility Discover Service with TMG

Create a new rule for the Lync auto discover service. The full functionality uses just the regular External Webservices URLs.

For more info on the previous steps go to this article:

Create a new Web Publishing Rule

This is obviously an allow rule

Depending how you load balance or whether you have standard/enterprise edition this might be different on your end.
ISA/TMG supports cookie based load balancing (requirement for external web services URLs) if required in your deployment

You have to select SSL to the server/loadbalancer

Enter the name of the webservices loadbalancer or pool

You have to select to forward the original host header

The public name is lyncdiscover.<>

Select the correct listener (preferably both port 80 & 443)

Select authentication settings

Remove All Authenticated Users and replace this with All Users (No Authentication)


Now you have to change the following tab on the rule

You have to include both HTTP and HTTPS and forward to the correct ports

HTTP => 8080

HTTPS => 4443

Change the authentication option for HTTP on the Listener.
(you might need a new listener for security reasons so that the listener never sends authentication)

Publish your rules

How to install Lync 2010 Mobility – Installation overview

1. Important CU4!
Update your Lync Server to Cumulative Update 4 First (Prerequisite)

2. Update DNS Entries

  • / per domain (external DNS pointing to Reverse Proxy)
  • / per domain (internal DNS)

3. Update Certificate SANs required for Reverse Proxy

Automatic Configuration without HTTPS

  • No certificate change required (only use if you cannot update your certificates on the reverse proxy)

Automatic Configuration with HTTPS (Preferred)

  • / per domain

4. Update Certificate SANs required on Directors & Front-Ends

  • / per domain
  • / per domain

5. Enable Mobility Ports on Pool

You first have to enable the Mobility Ports on your pool in order to get the Mobility bits deployed.

Set-CsWebServer -Identity “” -McxSipPrimaryListeningPort 5086 -McxSipExternalListeningPort 5087

6. Preparation for Installing Mobility Service
First you need to Install Dynamic IIS Content Compression before updating your Lync Deployment

For Windows Server 2008 R2, at the command line, type:

Import-Module ServerManager
Add-WindowsFeature Web-Server, Web-Dyn-Compression

Download the Mobility Bits:

DO NOT RUN the McxStandalone.msi FILE

Instead you have to copy McxStandalone.msi to the Deployment Cache for Lync:
C:ProgramDataMicrosoftLync ServerDeploymentcache4.0.7577.0setup

7. Installing the Lync Mobility Bits

Rerun Lync Deployment Wizard
Start -> Microsoft Lync Server 2010 -> Lync Server Deployment Wizard

Then Click “Install or Update Lync Server System”

Then Rerun Step 2 : “Setup or Remove Lync Server Components”

8. Publish Lync Mobility via Reverse Proxy

Then Publish the on your Reverse Proxy server in order for your client to get the XML file with the Web Services URLs and then the Lync Mobile Client will use the Lync External Web Services URL to connect to the Lync Mobility Service.
More info on publishing via Microsoft TMG in this post:

9. Enable Lync Mobility Push Notifications

For Lync Mobile on Windows Phone 7 and iPhone push notifications are required when the Lync Mobile application is in the background in order to have full functionality.
How to Enable Lync Mobile Push Notifications:

Enhance Lync 2010 with new Mobility Services and Autodiscover Service

When you deploy the Microsoft Lync Server 2010 Mobility Service, users can use supported iPhone, iPad, Android, Windows Phone, or Nokia mobile devices to perform such activities as sending and receiving instant messages, viewing contacts, and viewing presence. In addition, mobile devices support some Enterprise Voice features, such as click to join a conference, Call via Work, single number reach, voice mail, and missed calls. By using Call via Work, users can maintain their work identity during a call, which means that the call recipient does not see the caller’s mobile number, and the caller avoids incurring outbound calling charges. With single number reach, a user receives calls on a mobile phone that were dialed to their work number.

When you use the Microsoft Lync Server 2010 Autodiscover Service along with the Mobility Service, mobile devices can automatically locate the URLs for Lync Server Web Services and the new Mobility Service regardless of network location. It supports client connections using either HTTP or HTTPS.

The Mobility Service Bits are available for download here

Lync server 2010 Cumulative updates 4 November 2011 CU4 is a requirement prior deploying the Mobility Service.

Lync 2010 Mobile Client are available Click here.

Microsoft Lync 2010 – Mobility Guide

This document guides you through the process of deploying the Microsoft Lync Server 2010 Mobility Service and the Microsoft Lync Server 2010 Autodiscover Service. When you deploy the Mobility Service, users can use supported iOS, Android, Windows Phone, or Nokia mobile devices to perform such activities as sending and receiving instant messages, viewing contacts, viewing presence. The Mobility Service also enables mobile devices to use some Enterprise Voice features, such as click to join a conference, Call via Work, single number reach, voice mail, and missed calls.

When you use the Microsoft Lync Server 2010 Autodiscover Service along with the Mobility Service, mobile devices can automatically locate the URLs for Lync Server Web Services and the new Mobility Service regardless of network location.

The Mobility Guide is available for download here

How to integrate OCS 2007 R2 CWA with Lync Server 2010 without Merging Lync Topology

I would like to share a few scenarios where you may need to deploy the R2 version of Communicator Web Access with Lync Server 2010. The core reason here is that the Lync Server 2010 contains a feature on the front end called Lync Web App. Eventually, Lync Web App will become a full featured web client, and however, today it is only used for users to join online meetings from the web. There is no ability to access Lync Web App from a URL and sign-in, or use it as an instant messaging too. This is planned to be released SP1 of the product, that timeframe is unknown right now.

To fill this gap, customers will have to deploy the OCS 2007 R2 CWA role, which can register against a Lync Server 2010 Pool. This post will show you how to configure OCS 2007 R2 CWA to work in your Lync Server 2010 environment without backardcompatiblesite (that is without merging 2007 with Lync topology).

Preparing the Environment

The most important thing of information in this blog, is that the Schema Prep for OCS 2007 R2 must be run in the environment before the Lync Server 2010 Schema Prep, or you will not be able to install the R2 version of CWA. If this is a deployment where there have not been prior installs of OCS 2007 R2, you will need to obtain this media, and run that Schema Prep before your Lync deployment starts, so it is very important to plan for this in your design/planning phase of your project.

Also, to get straight to the point for this blog, I assume you have prepared the schema in the correct order, have your Lync Server 2010 environment online, and have already installed the CWA Role on a server. I will walk through creating the virtual directory, as well as integrating it with your Lync environment.

Use this Deployment Guide to install and configure the CWA role

Creating the OCS 2007 R2 Virtual Web Server

One you have the CWA role installed, and a valid certificate installed on the server, you must configure the virtual web server that clients will access.

I will walk you through the process for creating an Internal web server, however the same process applies for the External web server. The difference being the types of authentication allowed, external allows forms, whereas internal also allows NTLM authentication.

Login to your R2 CWA server, and open the Communicator Web Access Admin Console

Once in the admin console, right click on your server and choose Create Virtual Web Server

Navigate through the setup wizard; choose only your Web Server Type, in my case I am choosing Internal. Make sure to select a valid HTTPS certificate when prompted. You must install the Certificate based on your server name (CWA Server name) and have the SAN created (, and update it on the Communicator Web Application Server

When you get to this section, Specify IP Address and Port it is important to note that this is the IP and listening port for your web server, not the communication between Lync and your CWA server, we will get to that next.

After entering a description for your virtual web server, the most important part of this wizard is the Specify a Listening Port section. This port defines what this application will listen on, and communicate with your Lync front end on. Because of the change in ports between OCS R2 and Lync, previously used values like 5070, or 5071 as you will see in older blog posts of mine do not work. You must pick a port that is not being used by an application currently. For my example I am using 4790.This can be any port, as long as your Lync front end and this server can communicate on that port.

Next, define your next hop pool, choose the appropriate Lync pool as your next hop and leave the port to default 5061.

Complete the wizard and start the virtual server.

Your settings should look similar to this

Now that you have completed this, you will need to make Lync aware of this server.

As you will find in the OCS 2007 R2 to Lync Server 2010 Migration Guide, you must merge your Legacy (OCS 2007 R2 components in to your Lync Topology). Our Main agenda is not to merge the OCS 2007 R2 component in to Lync Topology

Configuring Lync Server 2010

Now that we have our CWA server configured, we must make the Lync topology aware of this server. To do so, we will create a Trusted Application Server in our Lync Topology. This is possible through PowerShell using the New-CSTrustedApplicationComputer cmdlet, however I will be using the GUI.

First, navigate to your Lync front end and open the Topology Builder.

In this case we have retired the OCS 2007 R2 environment (Redeploying Communicator Web Access). Topology looks like below.

Right click on the Trusted Application server and choose New Trusted application pool

Select Single Computer pool on the Wizard

Select the next hop pool on the Wizard, click Finish

On the Topology builder you will see the Trusted Application Pool which has been Created

Right click where it says Lync Server 2010 and choose Publish Topology

Once you have published your topology, Open the Lync Server Management Shell and run the following command: New-CSTrustedApplication –ApplicationID –Port 4790 –TrustedApplicationPoolFqdn

This will create a trusted application to communicate with the trusted Application pool

To check execute: Get-CSTrustedApplication

You should now be able to login to CWA as a Lync Server 2010 user

What Exchange Delegation and Lync do?

This was something that I have wanted to share with you all. There were more queries from Service desk and desktop team about what “people I manage call for” do and how to remove/manage them from the Lync client.

The “People I manage calls for” is part of the delegation model. If the user in question is responsible for scheduling Lync/OCS meetings for the person in their “People I manage calls for” group, no you cannot remove them because removing them will remove their ability to schedule meetings as well. If that’s not the intention, and they ended up being a delegate by accident of exchange permissions then yes they can be safely removed.

There is a resource kit utility called SEFAUtil.exe that has the ability to add/remove delegations from Lync server manually.

Normally, Lync gets its delegate information from permissions settings in exchange. For the example, I’m going to use Boss and Admin instead of delegator and delegate because I find the latter confusing

For the admin to be able to schedule Lync meetings for the boss, the boss sets either “Editor” or “Author” rights on his calendar to his admin

Both the boss and the admin have the csclientpolicy –EnableExchangeDelegateSync set to $true

When the boss’s Lync client boots up it checks with exchange to see what permissions the boss has granted other people. It will find he’s granted his admin “Editor” or “Author” rights to his calendar and the Lync client will send a message to the Lync server to grant delegation permission to the admin.

When the Admin restarts their client, it will contact the Lync server and pull down the users that the admin has been granted permission for. The admin will then be able to schedule Lync meetings inside the boss’s calendar.

This is the normal process.

Lync 2010 Webcast

Here is a listing of the Lync 2010 webcast:

Microsoft Lync 2010 Voice Deployment

Deep Dive: Lync Server 2010 Conferencing

Microsoft Lync 2010 High Availability and Resiliency

Deep Dive: Lync Server 2010 Edge Servers

Lync Server 2010 Migration and Coexistence

Lync Server 2010 Architecture Topologies

Lync Server 2010 Role Based Access Control

Lync Server 2010 Implementing Call Admission Control