As the Lync mobile clients are released so are the server side setup notes. This article will go through the steps for setting up your environment and make it ready for the Lync mobile clients.

Note: This post will be updated as the Lync community get more hands on with the service. Last update 23.12.2011

Lync Mobile features

Lync mobile client is released for Windows Phone 7, iPhone, iPad, Android and later on Nokia (Symbian). The feature set is about the same accross the platforms. There is no ability to view meeting content, video or do voice over IP. The main features is therefore

IM and presence
One Click join meetings
Call via work

For a detailed feature list see the TechNet article: http://technet.microsoft.com/en-us/library/hh691004.aspx

Planning for Lync Mobility

If you have a multi-homed Front End server the Mobility Service (Mcx) may sometimes fail

Reason: When calculating routing for a Mobility request the service makes a call to read DNS settings of the registered adapter. In some instances it is possible for the non-registered adapter to be returned.
This causes routing of the request to fail This is regardless subnet configuration on the second NIC
There should be a forthcoming Release Note or KB Article on this topic

If you use a Director it must be updated the same way as for a Front End

If you plan to support Lync Mobility and Push Notifications over a Wi-Fi you need to

Add lyncdiscover (and resolve it the external IP) in the internal DNS
Open TCP 5223 outbound in you firewall to support Push Notifications
For more information see TechNet Article: http://technet.microsoft.com/en-us/library/hh690030.aspx

Prerequisites

This Lync Mobility guide requires that your Lync solution is deployed with Lync Edge server and Reverse Proxy. This guide will only talk about Lync Mobility specific configuration

Install CU4 (November release) or later in you Lync infrastructure: http://go.microsoft.com/fwlink/?LinkID=208564.

Best practice when applying Lync CU: http://www.ultimate-communications.com/2011/12/best-practices-when-updating-lync-server-with-those-cumulative-updates-lync/
Remember to update the database manually as pointed out in part 6 of the above guide

IIS 7.5 is recommended because of some high load request limitations

If you are running Server 2008 and IIS 7.0 you need to configure ASP.NET flags to improve performance manually
See TechNet on this: http://technet.microsoft.com/en-us/library/hh690042.aspx

If you use Hardware Load Balancer

You must ensure that cookie-based persistence on a per port basis for external ports 4443 and 8080 on the hardware load balancer is configured
For Lync Server 2010 it is important to use cookie-based persistence so that multiple connections from a single client are sent to one server to maintain session state
For details on how to configure, see Load Balancing Requirements.

Install the IIS feature Dynamic Content Compression (Web-Dyn-Compression) on all involved Front End servers

Server 2008: ServerManagerCMD.exe –Install Web-Dyn-Compression
Server 2008 R2: Import-Module ServerManager; Add-WindowsFeature Web-Dyn-Compression

Enabling Lync Mobility

Configure Lync Mobility Autodiscover CNAME DNS records

Internal: lyncdiscoverinternal.sipdomain.com
- Point it to your Front End pool FQDN CNAME
- Is it needed? See this blogpost by Brendan Carius: http://blog.kloud.com.au/2011/12/12/lync-2010-mobility-do-i-need-lyncdiscoverinternal/
External: lyncdiscover.sipdomain.com
- Point it to your Reverse Proxy FQDN if using SSL or a new publishing rule and IP if you are using port 80
- To find you reverse proxy FQDN use this PowerShell oneliner on your Front End server
  - Get-CsService -WebServer | ft ABHandlerExternalUri

Configure listening ports for the Mobility Service (Mcx)

Verify that your server version is correct by running PowerShell cmdlet: Get-CsServerVersion
- Version should be 4.0.7577.0 or newer
In PowerShell run the following cmdlet for internal and external listening port
- Set-CsWebServer –Identity <internal FE Pool FQDN> -McxSipPrimaryListeningPort 5086 -McxSipExternalListeningPort 5087
Publish the updates to the CMS database
- Enable-CsTopology –verbose

Download and enable the Lync Mobility

Do not install, but download the McxStandalone.msi and place it in the following folder on all Front End servers and Directors
- Download link: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=28356
- Folder to place the file: C:\ProgramData\Microsoft\Lync Server\Deployment\cache\4.0.7577.0\setup
Run the Lync Server Deployment wizard, found under Administrative tools-> Lync Server
- In the wizard click Install or update Lync Server System
- Choose Step 2: Setup or Remove Lync Server components
- This will reconfigure the Lync Services on the Front End with the new listening ports
Verify that the server is configured correct, open IIS and check for Autodiscover and Mcx Vdirs

Update certificates on Front End and Edge/TMG

Still in the Lync Server Deployment Wizard choose step 3: Request, Install or Assign Certificates
You need to request a new certificate with the new name, make sure you get all additional SAN entries from the old certificate
If you use the same certificate on all Front End services you can use this PS onliner to get a list of your certificates SAN's
- On FE: Get-CsCertificate -Type default | Select-Object -ExpandProperty AlternativeNames
If you use the same certificate on Edge and TMG you can run the below command to get all SAN's
- On Edge: Get-CsCertificate -Type DataEdgeExternal | Select-Object -ExpandProperty AlternativeNames
To reissue the certificates using PowerShell see Ari Protheroe's blog post: http://ariprotheroe.wordpress.com/2011/12/10/reissuing-certificates-for-lync-mobile/

Configuring Push Notification

Push Notification is used by the Mobility Service to send notifications to Apple and Microsoft phones that has the Lync application running in the background to wake them up
To enable push notification run the following cmdlet:
- Set-CsPushNotificationConfiguration -EnableApplePushNotificationService $True -EnableMicrosoftPushNotificationService $True
You need to enable federation with Office365 as a hosted provider if you have not already done so
- New-CsHostingProvider -Identity "LyncOnline" -Enabled $True -ProxyFqdn "sipfed.online.lync.com" -VerificationLevel UseSourceVerification
You then need to set up a hosting proivder between your organization and the Push Notification Service at Lync Online
- New-CsAllowedDomain -Identity "push.lync.com"

Publishing externally

There is two possibilities when publishing Lync Mobility through a reverse proxy

Publish through port 80 using the same IP as your existing Lync publishing rule
- Pros: you don't have to update on your reverse proxy certificate with an extra SAN name
- Cons: you need to open port 80->8080 on a new rule and it is not recommende to do this by Microsoft
- Result: discovery information for you Lync mobile clients will get information about logon server unencrypted, the rest is encrypted the usual way
Publish through port 443 using the same IP as your existing Lync publishing rule
- Pros: All traffic will be encrypted, you just need to add lyncdiscover.sipdomain.com to public name on the publishing rule
- Cons: You need to add an extra SAN name for lyncdiscover.sipdomain.com on your reverse proxy certificate
- Result: all traffic are encrypted
Take a look at Adam Jacobs blogpost at the bottom for how to create a new rule

Testing and Troubleshooting

I have written a blogpost on how to test and troubleshoot Lync Mobile and Mobility here: Lync Server Mobility Troubleshooting Tips: http://msunified.net/2011/12/23/lync-server-mobility-troubleshooting-tips/

How to test the services

You can test that the services are working correct by accessing some URLs

To check that Autodiscover is working as expected, check the Autodiscover urls in a webbrowser

Get-CsService -WebServer | fl autodiscover* to find the urls
Example: https://<Webservices URL>/autodiscover/autodiscoverservice.svc/root/

To check that the mobility service is working use the following url

https://<FE pool FQDN>/mcx/mcxservice.svc

You can test the Push Notificaton Service using the following cmdlet where sip.sipdomain.com is you AccessEdgeFQDN

Test-CsFederatedPartner –TargetFqdn <internal edge fqdn> –Domain push.lync.com –ProxyFqdn sipfed.online.lync.com
Test-CsMcxPushNotification –AccessEdgeFqdn <internal edge fqdn>
NOTE: you may get a 30008 error when running Test-CsMcxPushNotification, but it is working anyway

You can test the Mobility Service using the following script, at this time it does not work with preconfigured CsHealthMonitoringConfiguration

$passwd1 = ConvertTo-SecureString "Password01" -AsPlainText -Force $passwd2 = ConvertTo-SecureString "Password02" -AsPlainText -Force
$tuc1 = New-Object Management.Automation.PSCredential("contoso\UserName1", $passwd1)
$tuc2 = New-Object Management.Automation.PSCredential("contoso\UserName2", $passwd2)
Test-CsMcxP2PIM -TargetFqdn pool01.contoso.com -SenderSipAddress sip:UserName1@contoso.com -SenderCredential $tuc1 -ReceiverSipAddress sip:UserName2@contoso.com -ReceiverCredential $tuc2 –v

Monitoring the Mobility Performance

There are several places you can monitor Mobility, here from TechNet:

References

MVP Adam Jacob's blog: http://imaucblog.com/archive/2011/12/09/step-by-step-microsoft-lync-2010-lync-mobility-mcx-installation-guide/
Ben Lee's blog: https://www.bibble-it.com/2011/12/10/configuring-lync-mobility-part-1
MVP Jeff Schertz's blog: http://blog.schertz.name/2011/12/deploying-the-lync-2010-mobility-service/
Lync Server Mobility Troubleshooting Tips: http://msunified.net/2011/12/23/lync-server-mobility-troubleshooting-tips/
Microsoft Lync Server 2010 Mobility Guide: http://www.microsoft.com/download/en/details.aspx?id=28355
Planning for Mobility: http://go.microsoft.com/fwlink/?LinkId=235303
Deploying Mobility: http://go.microsoft.com/fwlink/?LinkId=235304
Monitoring Mobility for Performance: http://go.microsoft.com/fwlink/?LinkId=235305

Dig SharePoint

Enabling Lync Server 2010 for Lync Mobile Clients