Wednesday, April 27, 2011

XMPP gateway with Lync 2010

I decided to install XMPP gateway in my lab for IM connectivity between Lync 2010 and Google’s Gmail messenger.

My OS of choice is again Windows 2008 R2 SP1. The internal FQDN is xmppint.lynclog.com. In my external DNS, however, I will use xmpp.lynclog.com for A record. Also, I will attempt to configure it with single NATed IP address in the DMZ subset. The server is not a member of lynclog.com domain.

There are few steps to complete before the gateway installation and configuration.

1. Append the domain suffix. The point here is – our lync server must establish MTLS with the xmpp gateway and the certificate must match gateway’s FQDN. Of course, I will issue this cert from my Domain CA.



Installed .NET feature.


I need to request and install certificate for my server, but how to do that? Well, first I imported the CA certificate via MMC.

Then installed IIS Management Console and used it to create offline certificate request.






…and used the request to receive certificate from my Domain CA and then "Completed the Certificate request" to import in the computer store.


 My gateway server cannot resolve sip.lynclog.com, because it is present in my public DNS only, hosted somewhere else. I need to create an entry in the HOSTS file, pointing to the DMZ’s LAN address of the edge server.


...and created A record for xmppint.lynclog.com in the internal DNS, so my Lync server can resolve the gateway's IP address.



After running the installer, the bits were placed in “C:\Program Files\Microsoft Office Communications Server 2007 R2\XMPP Gateway Installer”. Run setup.exe located in this folder.







Next – the XMPP gateway configuration.


…select certificate.


...and Validate the Connection.


Now, the XMPP configuration.




No certificate is necessary for gmail. I "tested the connection" and although connection to google’s xmpp servers was successful but gmail.com failed?!?

Doh, I have not yet configured my SRV record in the public DNS.About this record you can read in the XMPP installation manual. The goal is external DNS query for _xmpp-server._tcp.domain.tld to return proper values as shown:

Locate the file "TGWConsoleGUI.dll.config" in C:\Program Files\Microsoft Office Communications Server 2007 R2\XMPP Gateway, open it with Notepad and enter the IP address of your XMPP server on both lines.

...and start the service:

One last thing I must do now is to add the gateway in the allowed domain in Lync CP.





At this point, since I just created the public SRV record, I left the final test for tomorrow morning, since had to wait for DNS replication any way…

Don't you love when your day starts like that?



May 16th, 2010: I just re-visited one of my favorite UC blogs and noted this post: http://blogs.technet.com/b/ucedsg/archive/2011/04/11/can-lync-im-federate-with-google-talk-or-jabber-instant-messaging.aspx
Note the section Mark talks about "tweaks", which apparently fixes the problem with broken presence presentation.

Saturday, April 23, 2011

MP-124 pre-configured BOARD.INI for Lync 2010


Here is a pre-configured BOARD.INI for Audiocodes MP-124. This one is way more tricky… It is from working device already integrated with Lync 2010. Unfortunately, I do not have a device in hand right now and so, no screenshots this time.

Software Version: 5.80A.023.006. Because version 6.x introduced a lot of changes, I would advise to downgrade the device to 5.8, import the configuration file, complete the configuration to where it works with Lync and then upgrade to 6.x to get some more features and new web interface. However, importing this file on 6.x could work just fine. I just cannot promise anything… I would, if I was running for a president…

The changes you need to make are same as in the previous post about MP-114.

Enjoy

MP-114 pre-configured BOARD.INI for Lync 2010

Looks like a small device like Audiocodes MP-114 is a hot topic here on lynclog.com. The number is visits of the post about it prompts me to extend the subject and offer a pre-configured “BOARD.INI” file, which with small changes should be easy to deploy and save you time while building your lab.

There are few things to consider:

Just because it works in my lab, does not mean it will necessarily works out of the box in yours. I will explain later.

Pre-configured only means - “shortcut” for deployment. Reading and understanding Audiocodes terminology and concept is still necessary to complete the setup successfully.

Having said that, let’s start with the preconditions:
  1. This is configuration file for Audiocodes MP-114 with 2 FXS and 2 FXO ports. This means, ports 1 and 2 (FXS as marked on the back of the device) are to be connected to an analog phone, and ports 3 and 4 (FXO) to an analog telephone line.
  2. I have configured already two “Analog Phone Device” in my Lync server with phone numbers +14785551010 and +14785551020.
  3. The co-located Mediation server is configured to the defaults – port 5068 for TCP and 5067 for TLS.
  4. While adding the gateway in the Topology, the default gateway port for TCP – 5066 was used.
  5. Lastly, read carefully the rest before uploading the file to your MP-114. While it will not “break” it, making changes with understanding why doing so will make your experience less frustrating (else you will not be reading this to begin with).
Download and save the file form this location:


On your MP-114, go to Management -> Software Updates -> Configuration File; browse for the file you just downloaded and upload (Send INI File) it to the device.




 
Wait for the device to restart and prompt for login.

There are several changes you need to make now in order to use it in your environment.


Go to Configuration -> Protocol Configuration -> EndPoint Phone Number and change the phone numbers above to the numbers you have configured for Analog Device in your Lync Environment. Delete the values if you have not configured Analog device. As of how to configure Analog Device Support, refer to this post: http://www.lynclog.com/2011/04/analog-phone-support-with-lync-2010.html


Go to Configuration -> Protocol Configuration -> Endpoint Settings -> Automatic Dialing and change the values to phone number in your Lync environment. This number can be user’s, RGS, Auto Attendant; basically a valid Lync number.


Go to Configuration -> Protocol Configuration -> Proxies, Registration, IP Groups -> Proxy Sets Table and replace the current value with your Lync co-located or Standalone Mediation FQDN:port number.


Go to Configuration->Network Settings->Application Settings and enter the IP address of your DNS internal DNS Server.

Next step – number Manipulation. This is the most complicated part and requires understanding of number manipulation in PSTN world.

Go to Configuration -> Protocol Configuration ->Dest Number IP -> Tel and… this gets tricky as it could.
Let’s talk about Milledgeville, Georgia. The local PSTN service provider requires local calls to be dialed as 7 digits. Any other number of digits causes the call to fail. Lync, however, sends E.164 to the gateway. So, for local calls, I need to “manipulate” the number i.e. leave the last 7 digits only and send them to Windstream. On other hand, here we have several NXX… 

 Little side note – the PSTN format is NPA-NXX-xxxx or AreaCode-Exchange-Extension. This is how Ma Bell knew where to send the call years back. Magic…

So, Milledgeville’s NPA is 478 and several NXX – 387,452,453,454,357 and so on. In order to “recognize” if the call is local or outside the Local Calling Area, I need to build a rules to do so. Look the example:

  1. On line 1 and capture all calls the begins with 1478378 and remove 4 digits on front, so 387xxxx will be send to the PSTN as local call.
  2. On line 2 I do so for numbers beginning with 1478452. I will need to do so for all NXX in my area.
  3. On line 3 I have a rule to catch E.164 number (if one sneaks in somehow) and remove + from front
  4. And on line 4, a general rule that sends everything else as it is i.e. number that DOES NOT start with 1478 and it is outside my Local Calling Area.
One more step and we’re done.


Go to Configuration -> Protocol Configuration -> Routing Tables -> IP to Trunk Group Routing
  1. The first line tells MP to route call for 14785551010 (the Analog Phone on FSO port 1) to… port #1. So, replace this number with the phone number you configured in Lync. Remove the value if you have not.
  2. Second line is same (applies to the second Analog Phone)
  3. Line #3 tells MP to send any other number to Trunk group #3 (which includes our FXS ports) and so, any call for number different from Analog Phone #1 or #2 will be send to PSTN (after manipulation).
This is it. Burn the changes and test your new configuration.

Let me know if I missed a step or something does not work as expected.

Integrating Exchange UM with Lync 2010

Until now, my lab was under domain “drago.ws”. Recently I acquired “lynclog.com” and for the last two days I have been deploying another lab. From now on, our examples will be on this lab – still same topology, different domain.

Now that I have deployed Microsoft Exchange 2010 SP1, it is time to configure Unified Messaging role to work with Lync and further extend testing for voicemail, Subscriber Access, Auto attendant etc. As usual, when deploying new software and/or roles, I made sure the OS and product is fully patched and updated. Another habit of mine is to resolve all errors or warnings in the Windows Event log before attempt to integrate products and services. My previous experience thought me that something “innocent” that I postponed for resolving later sometimes lead to major problem else seems unrelated…

On my UM server, first I made sure TLS is enabled. Fact is – I could not install certificate on the UM server unless TLS or Dial is enabled.




Because TLS support was turned ON, our UM server needs a certificate, else the service will not start. This certificate must be from Trusted Root CA and since UM is internal service only, a certificate form our Domain CA will be sufficient.

In EMC, server node, click on your UM server and proceed further












I just created offline certificate request. Now I will go to my Domain Certificate Services we site and process the request.




Here I need to open my request (c:\um.req) with notepad and copy the content. It is very important to copy the text exactly as it is. I always use STRL + A to make sure only the necessary text was copied.

…paste the text in the request page and submit the request.



Next step is to complete the pending request. Click on the request to see “Complete Pending Request” option…




…and now I see the certificate as Valid. However, I must assign service(s) to it.




At the end, I have a valid certificate assigned to UM server. Reboot and let’s move further.


Next, I will create UM dial plan.







My dial plan is not completed yet. I still must create Subscriber access number and so other customization.





***Note that here I used two numbers - +14785550001 which is full US E.164 number and “+0099” which, because has “+” on front, is still considered E.164. I want to see if this number can be utilized later somehow.


***ALERT***ALERT***ALERT***

Apparently there are some changes introduced with SP1. Make sure you follow the next steps or your Auto Attendant will not be able to transfer to extensions.



***You must apply at his point.






 Next, I will customize my UM Mailbox Policy created automatically when the Dial plan was enabled. Since this is lab, I will change the Minimum PIN Policy to 4 digits and remove the PIN expiration.




…and leave the rest to default settings.


Lastly, Auto Attendant. Frankly, with the introduction of RGS, I rarely use AA except in one case (the Main college number, where the caller has an option to dial by extension or name).




…and customize it.







Let’s move to our front end server and execute “C:\Program Files\Common Files\Microsoft Lync Server 2010\Support\OcsUmUtil.exe” from Command Prompt.







Oops. I forgot to change the Name of the contact object.


Move back to the UM server. In Exchange Management Shell, navigate to C:\Program Files\Microsoft\Exchange Server\V14\Scripts and execute .\ExchUCUtil.ps1



 The setup is now completed and test calls to Subscriber Access and Auto attendant numbers were successful with all features functioning as expected.