Thoughts From a Böt Named Flinch

I was on-the-ball with Lync Mobility. Literally the day Microsoft released the code is the day I had it up and running. Everything is working fine for us across all platforms (iOS, Android, WP7). However, push notifications failed 100% of the time for iOS and WP7 clients.

I spent some time digging in to it this week and made little progress. Everything looked to have been set up correctly according to the Microsoft Lync Mobility documentation. Before now, we have never enabled or used federation so I figured something was not set up right on my end, but I just couldn’t find it.

I got the following errors when running the Test-CsFederatedPartner command:

Test-CsFederatedPartner -TargetFqdn lyncsip.flinchböt.com -Domain push.lync.com -ProxyFqdn sipfed.online.lync.com

Test-CsFederatedPartner : No matching cluster found in topology. 
At line:1 char:24 
+ Test-CsFederatedPartner <<<<  -TargetFqdn lyncsip.flinchböt.com -Domain push.lync.com -ProxyFqdn sipfed.online.lync.com
     + CategoryInfo          : ResourceUnavailable: (:) [Test-CsFederatedPartner], InvalidOperationException
     + FullyQualifiedErrorId : NoMatchingClusterFound,Microsoft.Rtc.Management.    SyntheticTransactions.TestFederatedPartnerCmdlet

I ran a trace on our Edge server and all I saw was the following four lines:

TL_INFO(TF_PROTOCOL) [1]0DF8.0348::01/17/2012-18:38:36.716.00032fe7
(SIPStack,SIPAdminLog::TraceProtocolRecord:SIPAdminLog.cpp(125))$$begin_record
Trace-Correlation-Id: 2566608249
Instance-Id: 000C38E3
Direction: incoming;source="internal edge";destination="external edge"
Peer: Lync-Pool1.flinchböt.com:50152
Message-Type: request
Start-Line: OPTIONS sip:Options_User@push.lync.com SIP/2.0
From: ;epid=4DCAD82E1E;tag=e08772b84a
To:
CSeq: 1 OPTIONS
Call-ID: 30ce60a4c9ef4acb8e6faa1d225e7368
MAX-FORWARDS: 70
VIA: SIP/2.0/TLS 172.17.111.217:50152;branch=z9hG4bKd5a9251d
ROUTE: ;ms-edge-route
CONTACT:
CONTENT-LENGTH: 0
USER-AGENT: RTCC/4.0.0.0
Message-Body: – $$end_record

---

TL_ERROR(TF_DIAG) [1]0DF8.0348::01/17/2012-18:38:37.794.00036775 (SIPStack,SIPAdminLog::TraceDiagRecord:SIPAdminLog.cpp(143))$$begin_record
LogType: diagnostic
Severity: error
Text: Message was not sent because the connection was closed
SIP-Start-Line: OPTIONS sip:Options_User@push.lync.com SIP/2.0
SIP-Call-ID: 30ce60a4c9ef4acb8e6faa1d225e7368
SIP-CSeq: 1 OPTIONS
Peer: sipfed.online.lync.com:5061 $$end_record

---

TL_INFO(TF_PROTOCOL) [1]0DF8.0348::01/17/2012-18:38:37.794.00036a3c (SIPStack,SIPAdminLog::TraceProtocolRecord:SIPAdminLog.cpp(125))$$begin_record
Trace-Correlation-Id: 2566608249
Instance-Id: 000C38EF
Direction: outgoing;source="local";destination="internal edge"
Peer: Lync-Pool1.flinchböt.com:50152
Message-Type: response
Start-Line: SIP/2.0 504 Server time-out
From: ;epid=4DCAD82E1E;tag=e08772b84a
To: ;tag=A72C77DEDECC1EB69BC84F0272A958A8
CSeq: 1 OPTIONS
Call-ID: 30ce60a4c9ef4acb8e6faa1d225e7368
Via: SIP/2.0/TLS 172.17.111.217:50152;branch=z9hG4bKd5a9251d;ms-received-port=50152;ms-received-cid=BE300
ms-diagnostics: 1046;reason="Failed to connect to a federated peer server";WinsockFailureCode="10061(WSAECONNREFUSED)";WinsockFailureDescription="The peer actively refused the connection attempt";Peer="sipfed.online.lync.com";Port="5061";source="lyncsip.flinchböt.com"
Server: RTC/4.0
Content-Length: 0
ms-edge-proxy-message-trust: ms-source-type=EdgeProxyGenerated;ms-ep-fqdn=csedge.flinchböt.com;ms-source-verified-user=verified
Message-Body: –
$$end_record

---

TL_WARN(TF_DIAG) [1]0DF8.0348::01/17/2012-18:38:37.794.00036a8b (SIPStack,SIPAdminLog::TraceDiagRecord:SIPAdminLog.cpp(145))$$begin_record
LogType: diagnostic
Severity: warning
Text: Routing error occurred; check Result-Code field for more information
Result-Code: 0xc3e93c7f SIPPROXY_E_ROUTING_MSG_SEND_CLOSED
SIP-Start-Line: OPTIONS sip:Options_User@push.lync.com SIP/2.0
SIP-Call-ID: 30ce60a4c9ef4acb8e6faa1d225e7368
SIP-CSeq: 1 OPTIONS
Peer: sipfed.online.lync.com:5061
$$end_record

---

So basically, all this says is that it couldn’t connect to push.lync.com but I didn’t know WHY. We allow all outbound traffic on our upstream firewall…I thought. But what I was missing is that we DON’T! I am not the firewall admin so I just go by what people tell me or what I think I heard. Apparently, I heard wrong.

Come to find out our firewall was blocking port 5061 outbound so we could never establish a SIP connection with the online.sipfed.lync.com. Without that connection, federation didn’t work and without federation, push notifications didn’t work.

After our firewall guy opened up port 5061 outbound for our Edge servers, Lync Mobile push notifications began working like a champ!

Posted in Lync, Lync Mobile, WP7
Tags: Lync

I just got the e-mail from Microsoft that version 2.0 of Indianapolis News has been released. This version is (more or less) a custom coded version and in no way uses the AppMakr service. As such Indianapolis News 2.0 now has a full Metro UI and requires Windows Phone 7.1 (i.e. Mango). There will be no version 2 for Android so if you are an Android reader you can quit reading here (or run out and buy a Windows Phone!).

The direct link to download the app is right here.

There are a ton of new features and the stage is now set to fairly easily add more features in the future.

Beyond just changing the GUI, I’ve added a bunch of new news and information feeds.

You can track the Twitter feeds of government services like the Department of Public Works and check the daily air quality forecast from Knozone. There are also news feeds for some of the neighborhoods around the city such as Broad Ripple, Carmel, Fishers, etc.

Finally, for those completely bored, you can keep up on things like Groupon for Indianapolis, new pictures and videos tagged with Indianapolis on Flickr and Youtube, and seeing the latest crimes committed around this fair city.

I have plans to add additional features over time like weather and…uh…other stuff! If you have any recommendations for future additions, please leave a comment below.

And for those wondering about an update for Lync News, yes, there will be a 2.0 released in a few weeks with a similar list of features as this one as it’s basically the same code.

1/20/12 addition -

Quick note: I just submitted version 2.1 of this app. This adds some Super Bowl feeds, a tweak to one of the existig RSS feeds, a small modification to the article summary display and, most noticeably, a new icon. The new icon will now change colors as you change the Theme on your phone. This may be “sacrilege” as you can now make the Indianapolis Flag be all kinds of colors. If I get feedback from people hating it then I will switch back to the “classic” Indianapolis flag for the icon.

Posted in Indianapolis, Windows Phone, WP7
Tags: indianapolis, WP7

I just got the e-mail from Microsoft that version 1.9 of Lync News has been approved and published. It’ll take a little while still to make it to the Marketplace (most likely when I wake up in the morning). Here is the direct link to the app for Windows Phone and here is the Android link.

As of this writing, the app has been downloaded 4,112 times on Windows Phone and a surprisingly low 1,685 times for the Android version. I know this is wildly unscientific, but I would have imagined those numbers in the reverse. Maybe Windows Phone has a future…

There is only 1 new feature in this release:

Edited feed from Twitter for the #Lync hashtag to include @User.

I received a comment noting that the initial Twitter feed did not list the name of the users’s Twitter handle for any of the tweets. I dug around and found out how to do this and updated the app to reflect that. See – feedback works!

And for those keeping score at home, you’ll not that it appears version 1.8 was skipped. I think that is a reflection of my inability to properly title my blog entries than it does a skipped version number.

Posted in Lync
Tags: Lync

I just got the e-mail from Microsoft that version 1.7 of Lync News has been approved and published. It’ll take a little while still to make it to the Marketplace (most likely when I wake up in the morning). Here is the direct link to the app for Windows Phone and here is the Android link.

As of this writing, the app has been downloaded 1,261 times on Windows Phone and a surprisingly low 314 times for the Android version. I know this is wildly unscientific, but I would have imagined those numbers in the reverse. Maybe Windows Phone has a future…

There is only 1 new feature in this release:

Added a feed from Twitter for the #Lync hashtag.

I received an e-mail a few months ago from Ståle Hansen requesting this be added. I was quick to respond to him but slow to update the app with his great suggestion. I have added it to this release as you can see on the screenshot to the left.

I still have plans to do a full, custom version of this app instead of just using AppMakr. A lack of time and a lack of knowledge are conspiring against me. Just when I thought I’d have time, Lync mobility gets released chewing up valuable hours of catching my skills up on C#.

Posted in Lync
Tags: Lync

Yesterday a friend sent me an e-mail that simply said “I did not know about this” with a link to the Tommy Seebach version of the song “Apache”. (full video below).

What he didn’t know, and what I only found out a year or two ago, is that the song “Apache” has had quite a ride through modern musical history. I would venture to say that the majority of the planet is familiar with “Apache” via the Sugar Hill Gang’s song “Apache (Jump On It)”. My buddy basically said as much in a followup e-mail:

I always thought the Sugar Hill Gang were the originators of the song. I thought that was one reasons why they have been considered the forefront of the rap/hiphop movement.

Apache was one of my favorite closet songs back in the day. It was cool to like Rush and Nazareth in my parts but it wasn’t cool to like Sugar Hill Gang, so I kept it to myself. Even MTV didn’t give it rotation. Not even J.J Jackson.

The song was originally released in June of 1960 by the British group The Shadows. This version has almost no percussion. It’s actually kind of surprising this song has such a history based on its humble beginnings.

In 1961, Jörgen Ingmann released a cover of the song which reached number 2 on the US pop chart. This version features some space-age synth  and some noticeable percussion flair.

In 1972, Hot Butter released a version of Apache as a follow-up to their novelty hit Popcorn. This version is cheese upon cheese upon cheese.

The major step that turns this song from a cheesy instrumental into one of hip-hops most revered songs is when the Incredible Bongo Band released their version in 1973. This version is badass. The opening sequence and the bridge at the 2:25 mark are the absolute sound of breakbeat. It’s stunning to listen to today and it’s clear where the Sugar Hill Gang got their inspiration for their take on “Apache”. It’s also impressive to note just how much production quality improved from the early 60′s to the early 70′s and clearly how much more important rhythm had become. Man I could listen to that break for days…

A completely different version was also released in 1973 by Byron Lee and the Dragonaires. It was released on their oddly-spelled ”Reggay Fever” record. This one adds in some vocals which Tommy Seebach seems to build on in his version. This one has a nicely chilled reggae vibe.

The next notable version of “Apache” is in 1977 when another Dane, Tommy Seebach, gave the world not only a disco-tinged version but also one of the high points in Music Video. Just check this sucker out and tell me you won’t remember seeing this video for years to come! This video has become a bit of a meme and it’s the same video that got me to learn a bit of the history of this song that my buddy e-mailed to me. Tommy Seebach: The gateway drug for “Apache” knowledge.

And then the inevitable happened. Take a song with a memorable melody, swipe a big beat, and drop some rhymes over the top and you have a music classic that had as much to contribute to the sound of hip hop as anything else. This is the version I know best and I suspect most everyone else does as well. “Apache jump on it, jump on it, jump on it!”

Listen to the lyrics at the 4:15 mark. Is that a tip of the hat to the band Hot Butter (mentioned above) and to their most memorable song Popcorn?

At this point, “Apache” is a certified classic. From its humble beginnings as an instrumental by The Shadows to a big beat hip-hop epic, the song has adapted extremely well as music trends constantly move and change. From here, you can hear Apache referenced in all kinds of songs. Here’s Sir Mix-Alot paying homage to “Apache” and The Sugar Hill Gang in his song “Jump On It”.

And we’ll end with a version from the Fatboy Slim, the king of big-beat techno. After hearing this, go back and listen to that first version by The Shadows and realize that the original had almost no percussion whatsoever – primarily a rhythmic backing. Crazy how this song has evolved.

For more information about “Apache”, you can go here.

Apache. Jump on it.

Posted in Music
Tags: Apache

Now that I have Lync Mobility installed and working, I’ve decided to dig in to the policy settings available. At some point, I am sure we will justopen this feature to all of our employees. But while it is still new, I want to limit the people who can use it. I don’t need a random ticket opened because someone installed the Lync Mobile client on their own and they want to know how to do something. Let me figure that out first!

This is all covered in the Microsoft Lync 2010 Mobility Guide. And while the guide covers all the requisite PowerShell commands, it doesn’t dig too deeply into what i wanted to find out. In short: You can disable Lync Mobility at the Global level and still enable it on a per-user setting. In other words, user-level permissions take precedence over Global permissions.

In order to set up the scenario I want (Global permission disabled, user permission enabled, and those permissions assigned to a specific user) I used the following PowerShell commands:

First, let’s disable the global policy:

Set-CsMobilityPolicy –EnableMobility $False –EnableOutsideVoice $False

You can run “Get-CSMobilityPolicy” to verify the changes.

At this point, wait a while and see if the policy change takes effect. In my experience, it took about 30 minutes for the policy change to effect my ability to log in. Once you can’t connect, go ahead with the following steps.

Next you need to create a new user-level policy. Here is what I ran in PowerShell to accomplish this:

New-CsMobilityPolicy ”User Mobility” –EnableOutsideVoice $True -EnableMobility $True

Now if you run “Get-CsMobilityPolicy” you should see 2 policies. Note that Lync prepends your policy name with “tag:”. This is important in the next step where we assign the policy to a user which is donw like so:

Grant-CsMobilityPolicy –Identity –flinchböt@contoso.com –PolicyName “Tag:User Mobility”

This policy took effect fairly quickly. I’d say within 5 minutes I was able to successfully connect after having been denied by the global policy.

---

Now that I have my user policy defined, I want to assign it to a few test users. All of these users are members of an Active Directory Security Group. Surely there is a way to assign this policy to a group.

Well…there sort of is. You can use the following script to enumerate the members of a group and then apply the mobility policy to them. You aren’t assigning the policy to the group itself and there is no functionality to automatically apply the policy to any users added to the group after you run the script. I suppose you could set up a scheduled task if you need that kind of functionality.

I stole the script from http://blogs.technet.com/b/csps/archive/2010/06/06/scriptassignpolicytoallusers.aspx. Actually, it is verbatim to the script on that site except for the last line where I replaced Grant-CsClientPolicy with Grant-CsMobilityPolicy.

$strFilter = “(&(objectCategory=Group)(SamAccountName=” + $args[0] +”))”

$objDomain = New-Object System.DirectoryServices.DirectoryEntry

$objSearcher = New-Object System.DirectoryServices.DirectorySearcher

$objSearcher.SearchRoot = $objDomain

$objSearcher.Filter = $strFilter

$objSearcher.SearchScope = “Subtree”

$colProplist = “member”

foreach ($i in $colPropList)

    {[void] $objSearcher.PropertiesToLoad.Add($i)}

$colResults = $objSearcher.FindAll()

foreach ($objResult in $colResults)

    {$objItem = $objResult.Properties; $group = $objItem.member}

foreach ($x in $group)

    {

        Grant-CsMobilityPolicy $x -PolicyName $args[1]

    }

To run this, open a Lync PowerShell window. Assuming the file is saved as “c:\scripts\EnableMobility.ps1″ and assuming the name of your policy is “tag:User Mobility” and assuming the security group is named “IT Users”, you would run this command:

c:\scripts\EnableMobility.ps1 “tag:User Mobility” “IT Users”

This will then grant my mobility policy all members of the “IT Users” group.

---

Which leaves one final thing to figure out.

How do you know which users are enabled for mobility?

The easy way is to do a get-csuser. There is now a new value added to the output called “MobilityPolicy”. This will show you which Mobility Policy has been assigned to a given user, if one has been assigned at all.

Building on this post of mine, we can build a PowerShell command to export a list of all users enabled for a specific Mobility Policy. Running the following command kicks out a sorted .csv file of all users that are assigned the “tag:User Mobility” policy:

Get-CsUser -filter {MobilityPolicy -eq ‘tag:User Mobility’} | Sort-Object DisplayName | Select-Object Displayname, Registrarpool, LineURI | export-csv wrong_plan.csv

And if you want to get a dump of all users that have any Mobility policy assigned to them, give this one a go:

Get-CsUser -filter {MobilityPolicy -ne $NULL} | Sort-Object DisplayName | Select-Object Displayname, MobilityPolicy,Registrarpool, LineURI | export-csv wrong_plan.csv

---

Related little funny – just after I tested this and as I was writing this post, I got a call from a co-worker with whom I have never spoken. He wanted to know if and when we were going to support Lync Mobile. He had just installed the Lync client on his phone and couldn’t log in…because the POLICY I had created 20 minutes earlier was blocking him from logging in!

Posted in Lync, Lync Mobile
Tags: Lync, Lync Mobile, Powershell

Once you get Lync Mobile going, you pretty much never need to sign in (if you’ve selected “remember my password” on the login screen). But there might be times when you really do want to sign out – most likely for troubleshooting. I found the Sign Out seeting in a semi-logical place. It’s in the area where you can set your status.

The screen shot shows where you need to look.

Right there at the very bottom is the “sign out” option.

Posted in Lync, Lync Mobile
Tags: Lync, Lync Mobile

I installed the Lync Mobility server pieces last night.

When I woke up this morning, the Lync 2010 client was available on the Windows Phone Marketplace so I was able to test my previous nights work. To no surprise, the Lync 2010 mobile client could not connect.

The first error I received when trying to connect with the client was a generic “server unavailable” message. I started by running logging on my TMG reverse proxy. To simplify troubleshooting, I turned off WiFi on the phone. In order to determine my phone’s IP address, I used the System Information app (downloadable from here). You could also get the same information by pointing your phone’s browser to something like http://ipchicken.com. So I fired up the app, turned on logging, and tried to connect with the client. I stopped logging and then searched the TMG logs for the phone’s IP address. I couldn’t find it.

Uh…OK. That probably shouldn’t happen. So I did an nslookup for the DNS CNAME entry I added last night (lyncdiscover.company.com). The nslookup failed. That probably shouldn’t happen either. I hopped onto our public DNS server to verify everything was correct. Of course it wasn’t. I severely typo-ed ”lyncdiscover”. I corrected the spelling and then had to wait until the change got pushed out to our other public DNS server

Once the change had replicated, I tried connecting. Once again, I had TMG logging the connection. Once I again, I got an error on the client but this time I could at least see some action in the TMG logs. I reviwed the logs and saw that a packet had been blocked by the “[Enterprise] Default rule” rule. I’ve always found it to be a pain to troubleshoot errors that fall under that default rule but today I had luck. I reviewed the settings for my rule and saw that in the “Public Name” tab I had not added “lyncdiscover.company.com” into the list of permitted web sites. (Note that I also followed this tip before I started testing with the client. You may want to review that setting too.)

Once I did this, I got a different error on the client, something I always consider progress. This time, the error basically stated that I had provided incorrect login credentials. On the client login screen I picked the “More Details” option and under the “User name” value I entered in “domain\username”. My SIP address (first.last@company.com) is not the same as my user name (which is FirstInitialLastName@company.com). Once I added the info to the “User name” field….I got connected! BAM!

But the client sure wasn’t working very well. If I tried sending a n IM I got an error that it couldn’t be delivered. I got intermittent status update settings of my contacts (sometimes the colorful red/green/yellow, sometimes greyed out). In other words – even though I got connected it still wasn’t working.

I remembered seeing in the Microsoft Lync Server 2010 Mobility Guide that Microsoft recommends you use session persistence on your hardware load balancer, specifically cookie session persistence. Well, I checked into that last night and cookie-persistence wasn’t a setting on our HLB so I just carried on and hoped it would still work. So I returned to the HLB and enabled the only persistence it would let me choose which was SourceIP persistence. Once I set this up, everything works fine and continues to work fine with my Lync client.

There you have it – those were the major issues I had to troubleshoot to get Lync Mobility working. I found the 2010 Mobility Guide to be a really good document and I suggest you read it before installing the server piece. I also used this guide at MSunified.net since it did a really good job of boiling down all of the steps in the Mobility Guide to a straightforward checklist. This blog entry also helped me get a grasp on how the client connects and all of the steps the client goes through.

Posted in Lync
Tags: WP7, Lync, Windows Phone, Lync Mobile

Here is my cache of Windows Phone 7 ringtones. Do with them as you will.

In order to use them, copy them somewhere to your PC and sync them to your WP7 phone. Once the ringtones are synced, they should show up when you go to Settings/ringtones + sounds/Ringtone. Pick one off the list and you are good to go.

A Tribe Called Quest – Can I Kick It

Buari – Hard Times

Cabaret Voltaire – The Dream Ticket

Chubby Checker – The Twist

France Gall – Ein bisschen Goethe, ein bisschen Bonaparte

Front Line Assembly – Outcast

House of Pain-Jump Around

Joy Division – Transmission

Killing Joke – Millenium

Ladytron-Ghosts(Remix)

Love and Rockets-No New Tale to Tell

New Order – Your Silent Face

Postal Service – Such Great Heights

Soundgarden-Outshined

U2 – I Will Follow

Underworld-Born Slippy

Violent Femmes – Blister In The Sun

White Stripes-Seven Nation Army

 

 

 

 

 

Posted in Ring Tones, Ringtones, WP7
Tags: WP7