Welcome To My Page

Add an Edge Server to Lync Server 2010

Deploying an Edge Server with Lync 2010

For this article I am going to add an Edge server and an XMPP gateway to an existing Lync environment. All articles moving forward will be built on the RTM bits of Lync, but to build the Front End server for this environment I followed the original article here, the only difference is the name of the server and the domain. The lab has the following servers and IPs:

Server Name	Role	IP Address
LyncDC.lyncguy.local	Domain Controller/DNS/CA	10.255.106.160
LyncFE.lyncguy.local	Lync Standard Edition Front End	10.255.106.161
Lyncedge.lyncguy.local	Lync Edge server – not domain joined	10.255.106.162 (internal NIC)

The active directory domain name for this lab is LyncGuy.local, with the public sip domain LyncGuy.com. I prefer to do these labs with different name spaces for AD and the public domain because that is the most common scenario I’ve run into in the real world. To make this work you have to have an internal copy of the public zone and an external copy; this is commonly referred to as “split brain DNS”.

To start with I have to create a copy of my public zone on my internal DNS server so internal clients can reach the Lync server directly. To accomplish this I’ve created the following records in DNS:

Record Type	DNS Entry	IP Address
A	meet.lyncguy.com	10.255.106.161
A	dialin.lyncguy.com	10.255.106.161
A	sip.lyncguy.com	10.255.106.161

We also need to create an SRV record for client automatic sign-in. The new record will be for “_sipinternaltls._tcp.lyncguy.com” and will point to sip.lyncguy.com on port 5061.

***Note – you can utilize another name here such as the Front End servers name, however the domain must match the sip domain. You also must have a SAN entry on the front end certificate to match this entry***

Now that our DNS zone is in order we can plan for our edge server. In this example I will be using 1 internal IP, 3 DMZ IPs and 3 Public IPs. Instead of placing the public IPs directly on the edge servers public NIC, I will NAT the public IPs to the private IPs with my lab ASA. I’ve also matched the last octet of the address to make it easier to manage at a glance.

Public Name	Public IP	DMZ IP
Sip.lyncguy.com	XX.102.182.163	10.255.110.163
Webconf.lyncguy.com	XX.102.182.164	10.255.110.164
Av.lyncguy.com	XX.102.182.165	10.255.110.165

Here is what the design looks like:

To start we need to add an edge to our topology, on the front end server (lyncfe) open “Lync Server Topology Builder”. Then we need to expand our topology, right click “Edge Pools” and choose “New Edge Pool”

Click “Next” on the “Define Edge Pool” page

Enter the FQDN you will be using for your edge and select “Single Computer Pool”

Next we have a screen offering 3 options:

§ “Use a Single FQDN & IP Address” – this option will not be selected because we have plenty of public IPs to use. If you only have 1 IP this is a good option – however this will force you to use ports other than 443 which aren’t always open outbound from corporate networks and may cause usability issues on networks you cannot control.

§ “Enable Federation (port 5061) – this option will configure the edge server to listen on port 5061 of the access edge IP for inbound federation traffic from other Lync and OCS environments

§ “The external IP address of this edge pool is translated by NAT” – this option tells Lync the IP addresses on the outside interface of the edge are not the actual public IP addresses. Putting the edge behind another firewall can give an extra layer of security and help prevent the server from being compromised.

For this scenario we have selected “Enable Federation (port 5061)” and “The external IP address of this edge pools is translated by NAT”

Next we define our public names for the edge roles, notice all roles use port 443. I would highly recommend using this method if possible.

Now we set the IP address for the internal network of our edge server. In this scenario I have placed the internal NIC on the same subnet as the domain controller and front end server. Because of limited resources in my lab I have configured the environment this way, whenever possible I recommend placing this NIC in another DMZ that has a higher security level than the DMZ for the outside interfaces.

At this point we specify the DMZ IP addresses of our edge server

In the next box we will enter the Public IP address of the A/V edge services (av.lyncguy.com). In OCS 2007 R2 we had to make sure the edge server could resolve the public name to the public IP, however, this box allows that requirement to be removed and we can just enter the IP here.

Next we select our next hop server (the front end server)

Next we click “Finish” and the wizard completes, we can now see our newly defined edge server in the Topology.

Now we can publish our topology.

Before we move on to working on the edge server we need to open the Lync Server Control Panel and configure our External User Access policies.

Under External Access Policy>Global Policy: Modify the existing policy to allow remote user access, federation and public IM connectivity (all of these are optional). Click “Commit” when you have selected the options that are right for your environment

Now under Access Edge Configuration>Global Policy: Modify the existing policy to Enable Federation, remote user access and anonymous access to meetings. I’ve also enabled dynamic domain discovery. This allows our Lync users to automatically add Lync/OCS users from other environments without requiring administrative configuration. This option may not be right for all environments, if it isn’t right for your environment you’ll want to use the “Federated Domains” tab to define the allowed domains and uncheck this option. Next click “Commit”

Now that our environment is ready, we need to export the topologies configuration to a file which we we’ll import during the Edge install. On the front end server open “Lync Server Management Shell” and run the command:

Export-csconfiguration –filename c:\topology_export.zip

The file “topology_export.zip” will now be on the C drive of your front end server. This file will need to be copied to the edge server.

Now that the topology has been updated we need to log into our edge server and configure it.

First we need to make sure that all the IP Addresses get assigned to the appropriate NIC.

On the internal NIC we will use only an IP Address and subnet mask, we cannot put a default gateway on this interface.

Next, on the external NIC we will fill in an IP address, subnet mask, default gateway and DNS, do not click “OK” yet

We also need to bind our other 2 IP addresses to the external NIC, to do this click the “Advanced” button and then click “Add” under “IP Addresses” and add each IP address

At this point we’ll want to add a route back to any internal networks the internal NIC. For this example I will be adding a route back to an internal network of 10.255.200.0/24, this could be another client or server subnet that the edge server will need to know how to route to. The edge’s internal interface must be able to route to all internal networks via a gateway on the same network as its internal NIC, so if you have multiple networks you will have to add them all. To do this we will use the route add command from a command prompt (Run As Administrator):

Route add –p 10.255.200.0 mask 255.255.255.0 10.255.106.1

The “-p” portion of this command makes the route persistent, “10.255.106.1” is the next hop router to reach the other internal networks.

Next we need to configure hostname of our edge server. When we configure this value we must also add a primary DNS suffix. This is different than adding the computer to the domain, but it does tell the computer it’s full name (i.e. LyncEdge.lyncguy.local).

Once you have updated the name and primary DNS suffix and you click “OK” you will be prompted to reboot the edge server.

While the edge server is rebooting we can add a DNS entry on the domain controller so all internal resources know how to reach the server by its “FQDN” – it’s not actually an FQDN because it isn’t domain joined, but the rest of the systems will need to be able to route to it like it is.

Once the edge has rebooted we will need to add the feature “Microsoft .NET Framework 3.5”, to do this open Server Manager, go to Features, click “Add Features” and choose “Microsoft .NET Framework 3.5”.

You can click “next” through all other screens and then click “Install”. Once the install completes we can move on to starting the Lync install. First we need to copy the topology_export.zip file created above to the C drive of the edge server.

Now we can run the CD, we will immediately be prompted to install the “Microsoft Visual C++ 2008 Redistributable”, click OK here:

The install window for Lync will pop up when the C++ install completes

Click “Install” and then accept the terms and click “OK”

Now we are back in the familiar Lync Server Deployment Wizard

Click on “Install or Update Lync Server System”

Under Step 1 we click “Run”

Select the topology_export.zip file from the C drive and click “Next”. This will allow the edge server to gather its settings from the export file.

A number of pre-requisites are installed at this point. When this completes click “Finish”

Now click “Run” under Step 2

Click “Next” and a number of pre-requisites are installed

Once the install completes we can open up the Services snap-in and see the Lync Services are now present

Before we can move on to Step 3 (Requesting Certificates), we need to make it possible for the edge server to resolve names of the internal servers it will talk to. This will include the CA because we will need to request the certificate for the internal interface from the internal CA. Also, we will need to trust the internal CA so we will need to export its certificate and install it on the edge server.

To allow the edge server to resolve some internal names but not all we have a few options, a DNS server in the DMZ is one, but for this article we will be editing the host file. The reason I’ve chosen not to utilize the internal DNS servers is to limit the number of servers the edge server can look up in case it is compromised.

The host file is located at “C:\windows\system32\drivers\etc”, the best method of editing this file is to run Notepad as administrator and then open this file (You’ll have to switch to “All Files” in the file type selection box)

For this scenario I will add entries for the CA and the Front End server:

Now that we can resolve the CA, we’ll use the web enrollment page to download the Root CA chain.

Open IE and go to https://lyncdc.lyncguy.local/certsrv, you may have to authenticate, if you do use your domain account. Click on “Download a CA Certificate, Certificate Chain, or CRL”

Click on “Download CA Certificate”

Save the file to the desktop or another location on the edge server.

Open the certificates snap-in for the local computer, expand “Trusted Root Certificate Authorites”, right click “Certificates” and choose “Import”

Browse to the file you download in the last step and click “Open”

This will import the certificate into the trusted store for the local computer.

Now we move on to Step 3 in the Deployment Wizard, requesting and installing certificates

Highlight “Edge Internal” and click “Request” – this will allow us to request the certificate for our internal communications between the edge server and the front end.

I won’t cover every step in this wizard; you should be using all defaults here other than information specific to your environment. I will however strongly suggest you do not add any SANs to this certificate. One other thing of note, you will want to do this certificate request online, specifying your internal CA as show below

You will also have to provide domain credentials to request the certificate

Once the request is completed the wizard will automatically take you to the next wizard to assign the certificate. Again, this is a next-next-finish scenario.

Because this is a lab scenario and I will not be requesting public certificates I will just re-run this wizard select “External Edge Certificate” for the second certificate. If you are using public certificates you will want to choose “Prepare Request now but send later (offline request)” for your request.

***One important difference between OCS 2007 R2 and Lync is the edge roles can now all share one certificate with a subject (CN) of only the access edge, you no longer need to re-generate the certificate for each role, utilizing that roles FQDN as the subject name. For information on how that worked in OCS 2007 R2 please see this article***

The new certificate will have the following fields automatically, unless you are configuring multiple sip domains there is no need to modify this or add additional SANs.

Subject (Common Name)	Sip.lyncguy.com
SAN 1	Webconf.lyncguy.com
SAN2	Sip.lyncguy.com

Now we can run Step 4 to start the services and our edge server should be up and running.

Once this process is complete the NATs and access lists must be created on the firewall to allow the appropriate traffic in and out. I have only covered the inbound rules in the table below, please see the edge server documentation or the Lync Server Planning Tool for more detail.

Rule 1	Public IP	Private IP	Allowed Protocol – Port
Access Edge (client access)	XX.102.182.163	10.255.110.163	TCP – 443
Access Edge (federation)	XX.102.182.163	10.255.110.163	TCP – 5061
Web Conferencing Edge	XX.102.182.164	10.255.110.164	TCP – 443
A/V Edge	XX.102.182.165	10.255.110.165	TCP – 443
A/V Edge	XX.102.182.165	10.255.110.165	UDP – 3478
A/V Edge	XX.102.182.165	10.255.110.165	TCP – 50,000 through 59,999
A/V Edge	XX.102.182.165	10.255.110.165	UDP – 50,000 through 59,999

After the firewall changes are made we need to create the A records for each of our services on the public DNS server

Record Type	Name	IP Address
A	Sip.lyncguy.com	XX.102.182.163
A	Webconf.lyncguy.com	XX.102.182.164
A	Av.lyncguy.com	XX.102.182.165

You will also need to create an SRV record for auto sign-in on the domain and federation. For automatic sign-in you can create an SRV record for _sip._tls.lyncguy.com pointing to your access edge server (sip.lyncguy.com) on port 443. For federation you will need to createn an SRV record for _sipfederationtls._tcp.lyncguy.com pointing to your access edge server on port 5061.

Now we can test the server using https://www.testocsconnectivity.com/ and get ready to deploy reverse proxy. For that I’m going to point you to Randy Wintle’s article on the subject.

Step By Step For Installing Lync Server 2010 consolidated standard edition server

Pre-requirements

I will base this server one Windows 2008 R2 Standard and it is placed on a Hyper-V 2008 R2 host. First we need to start with installing the pre-requirements. Please make sure that you have installed all available updates from Microsoft Update before you continue. To start the requirements installation we can use PowerShell.

To import the Server manager module run the following command:

Import-Module ServerManager

Now we can start the actual installation of all required components with the following command:

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Static-Content,Web-Default-Doc,Web-Http-Errors,Web-Http-Redirect,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Http-Logging,Web-Log-Libraries,Web-Http-Tracing,Web-Windows-Auth,Web-Client-Auth,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Console,Web-Scripting-Tools -Restart

After the installation the server will restart automatically since we added the –Restart parameter.

Also, install Microsoft Silverlight, this is needed to run the Lync Server 2010 installation GUI. Silverlight can be found here: http://www.microsoft.com/getsilverlight/Get-Started/Install/Default.aspx

The installation of Silverlight is very straight forward, after the download run Silverlight.exe and click on Install now. The installation process will start and when finished click Next and then Close.

We also need to create a file share on the Lync server 2010 server. I will place my directly under C: and name it LyncShare.

 

Share the folder and make sure that everyone has full control.

We will also be needing a number of DNS entries. Add the following records to your domain controllers DNS servers.

Name	Target
meet.sundis.local	<Lync 2010 Server IP>
admin.sundis.local	<Lync 2010 Server IP>
dialin.sundis.local	<Lync 2010 Server IP>

Now we are ready for the fun stuff!

Installing Lync Server 2010

Insert your Lync Server 2010, if AutoPlay does not start, navigate to your drive \Setup\amd64 and execute setup.exe. The first thing you will need to do is to install Microsoft Visual C++ 2008 Redistributable Package, click Yes to proceed.

When Microsoft Visual C++ 2008 Redistributable Package is installed you will need to choose the installation directory. The default location will be just fine for me, change the location to match your preferences and then click Install.

Next you need to accept the license agreement, check I accept the terms in the license agreement and then click Ok.

Now the Deployment Wizard launches and you will have a number of choices. We will start with Prepare Active Directory.

 

We will now have number of steps to complete, go through each of them starting from the top with Prepare Schema, click Run to start the wizard.

When the wizard starts click Next to continue.

The schema preparation is automatic, click Finish when the Task Status says Completed.

The next step is to Prepare Current Forest, click Run to start the wizard.

When the wizard starts click Next to continue.

We will configure the local domain, click Next to continue with defaults.

The forest preparation is also automatic, click Finish when the Task Status says Completed.

The last preparation wizard we need to run is Prepare Current Domain, click on Run to start the wizard.

When the wizard starts click Next to continue.

Again, the preparation is automatic, click Finish when the Task Status says Completed.

The last step is to grant access to the Microsoft Lync Server 2010 Control Panel, do the following:

1. Log on as a member of the Domain Admins group or the RTCUniversalServerAdmins group.
2. Open Active Directory Users and Computers, expand your domain, right-click the Users container, and then click Properties.
3. In CSAdministrator Properties, click the Members tab.
4. On the Members tab, click Add. In Select Users, Contacts, Computers, Service Accounts, or Groups dialog, locate the Enter the object names to select. Type the user name(s) or group name(s) to add to the group CSAdministrators. Click OK.
5. On the Members tab, confirm that the users or groups that you selected are present. Click OK.

After completing all the steps, click on Back to return to the Deployment Wizard.

Moving on, The Topology Builder is next and with this tool we create a topology that we use to deploy the actual Lync Server 2010 system. To start the installation click on Install Topology Builder.

The installation will now run and it is automatic, when it is finished we will move on to Preparing the first Standard Edition server.

 

On the introduction screen click Next to continue.

The installation will begin and when completed click Finished to close the wizard.

Now it is time to start with some configuration, locate the Lync Server Topology Builder on the Start Menu.

The first thing we need to do is to select if we have a topology we want to open or if we want to create a new one. Choose New Topology and click Ok.

Choose where to save your topology files, I will save my files in C:\Lync Server 2010 Topology Builder and call it sundis.tbxml. When you are finished choosing name ad location click Save.

Then enter a SIP domain that matches your preferences, I will enter sundis.local. This is the internal domain name in my family domain and will work well for the purpose of this installation, click Next to continue.

We will not add any additional SIP domains at this point, click Next to continue.

Enter a name for you default site, I will enter Sundis, then click Next to continue.

Enter your City, State and country and click Next to continue.

 

We want to continue to configure a front end pool so click Finish. When the New Front End Pool wizard starts click Next to continue.

Now we must define a FQDN for our Front End Pool. Wine this is a simple single server installation I will use the servers FQDN sundis-lync01.sundis.local. Chose Standard Edition Server and click Next to continue.

We will chose the following components for this installation:

• Conferencing (without Dial-in for now)
• Enterprise Voice
• Call Admission Control

Check those options and then click Next to continue.

We will collocate the mediation server, check Collocate Mediation Server and then click Next.

We will not enable any more components, click Next to continue.

We have already installed SQL server on the Lync Server 2010 server and the wizard finds it automatically. Click on Next to continue.

Now we will enter the share name we used when creating the file share earlier. I named the share LyncShare, enter your share name and click Next to continue.

We will not enter a public FQDN at the moment and will leave it as default, click Next  when finished.

We will not add a gateway at this moment, click on Finish to end the wizard.

When the wizard closes you will be presented with the Topology builder, Take a moment to go through the configuration, then go back to the original screen an click on Edit Topology.

In the left pane, select Simple URLs, in the main pane, enter a URL in the field Administrative access URL. In my case this is https://admin.sundis.local, then choose the Front end server to install Central Management Server on. If all is well you should only have one choice here, click Ok when done.

Now it is time to publish our topology to the management server. Back in the topology builder, click on Publish Topology in the Actions Pane.

When  the wizard has loaded, click on Next to start the publishing.

You should only have one Central Management Server, make sure it is selected in the drop-down list and then click Next.

When the wizard completes, make sure that all steps are successful an then click Finish.

Thanks for reading, I hope that you find it helpful!

Microsoft Lync 2010, Asterisk and Skype installation and integration guide

Trixbox is a great distribution of Asterisk, however it does break certain Asterisk standards and you can’t beat a good command line – yes in Asterisk’s case the command line is easier than a web interface.

So why not plain old Asterisk? AsteriskNOW makes light work of the install and I’m by no means a Linux guru! You can still opt for the FreePBX front end – but we will choose to not go down this dark path – trust me on this!

So let’s talk objectives…

1. Setup AsteriskNOW, configuring a SIP extension and corresponding dial-plan
2. Install and configure Skype for Asterisk (SFA), ensuring the SIP extension above can route in/out
3. Take the Lync 2010 Server install performed here and integrate it with AsteriskNOW
   • Make calls to and from the Asterisk SIP extension (Lync & SFA)
   • Make calls to and from the Lync client (SIP & SFA)

So here is an idea of how this will all piece together:

Sounds like a tall order right? Wrong. With AsteriskNOW and Lync Server 2010, it is reasonably straight forward and I will endeavor to document the end-to-end setup process.

Before I begin let me talk about SFA…

Skype as you may or may not be aware offers two SME level VoIP integrations:-

1. Skype for SIP (now re-branded as Skype Connect) – essentially a way of integrating Skype’s cloud of PSTN in/out connectivity including the capability to call Skype users (22.5k online as I type) to an SIP enabled IP PBX – for supported vendors see here.
2. Skype for Asterisk (SFA) – an add-on Asterisk channel driver which allows for Skype-to-Skype calls and access to Skype’s as cheap calling rates via your Asterisk end-point.

If you are already running an Asterisk based PBX you will probably want to know the difference. From a high level it comes down to the following:-

1. Cost – Skype Connect is subscription-based, you pay $6.95 per channel plus calling costs – not cheap for those who want to use this for a lab sized implementation.
2. Functionality – SFA is not channel-based, it is user-based, for a one off charge of $66 you get a single user license – sounds a bit more digestible, right? A single license would give you one channel. In this guide we will enable a single license be configured to route out from either SIP or Lync end points. From an inbound perspective you could create a Lync response group or Asterisk call group to broadcast inbound calls to multiple users.

One (or should i say three?) last caveat before we get on with the good stuff:-

1. Lync is currently in release candidate, it is unlikely to change on a grand scale, but be aware it is not supported by Microsoft
2. Lync (or OCS) + Asterisk integrations are not supported by Microsoft
3. This is a “just for fun” guide or lab setup only

Okay, with that over with let’s look at requirements

1. I’ll be using Windows Server 2008 R2 with Hyper-V to run Lync Server 2010 RC & AsteriskNOW
2. I have assigned 2gb of memory to Lync Server 2010 RC and 512mb to AsteriskNOW (I know this seems minimal but it is enough for this small test setup)
3. You’ll need to setup a Skype business account as SFA will not work with regular consumer accounts (you can route Skype-to-Skype calls between business and consumer accounts)
4. Once you have setup a free Skype business account you’ll need credit as without credit it won’t route out to PSTN. I suggest you test the account by adding it to a Skype software client first (if you hit any roadblocks further down the line you’ll be pleased to have ruled this potential issue out)
5. Buy an SFA single channel license which can be purchased directly from Digium, the makers of Asterisk, via their online store (currently at $66) – you’ll get a license key that we will activate later…

Let’s begin…

Download a copy of AsteriskNOW, I have opted for the 64-bit version here, whilst this is downloading (it is approximately 600mb), let’s setup our VM.

Create a name:

Set memory:

Don’t connect it to your virtual network, we’ll need to create a legacy network adaptor as we are using Linux

I’m going to accept the default options when configuring my virtual disk (this isn’t usually recommended for performance, but for AsteriskNOW it’ll be sufficient)

Once your bootable AsteriskNOW ISO is downloaded, select this as the operating system to boot from within Hyper-V Manager

Our summary, click Finish

Before we kick off the install, you’ll need to go to your settings and add one hardware component, the legacy network adaptor mentioned earlier – and make sure this is connected to your virtual network

Let’s start our VM! Fingers-crossed the AsteriskNOW ISO will boot and the install commences, select option 5 – Asterisk 1.6 only (we need Asterisk 1.6 for TCP support, a SIP trunk requirement for OCS and Lync)

Select yes, to accept the creation of partitions and wiping of data

The default partition scheme is fine, select next. Set your region, select next and create a root (or Administrator) password then click next.

The install will now commence, in my case I’m going to grab some breakfast…!

I’m back and the install is complete, eject your ISO via the Hyper-V toolbar, Select Media -> DVD Drive -> Eject. Then click reboot

During the boot sequence you’ll see a ton of text, which will all (hopefully) end with [   OK   ]. Upon completion you will see a Setup Agent, quit this and you will be presented with the screen below.

Login with your root account and start the network configuration utility, type system-config-network. You will then be presented with the screen below

Edit your network device “eth0 – Digital Equipment Corporation DECchip 21140 [FasterNet]“, remove the DHCP option and set a static address, in my case 192.168.10.30

Save and now edit your DNS configuration. In my case I have a local DNS server (192.168.10.253) but set this to suit your needs. I have also set my host name as ast.jacobs.local (jacobs.local is my local domain name) and set the search to my local domain. Then Save & Quit.

Once you are back to the command line type: shutdown –r now this will result in a reboot of the system. Once the system has completed a restart, login again as root. You should now be able to ping from this system to another address on your local network including the Internet (to check this, ping www.bing.com to ensure internet connectivity is working) – if you can’t then something has gone wrong! In some cases I have found that you need to head back into the network settings and re-input the DNS, this issue shouldn’t re-occur.

Now you are back to your Asterisk command line, type yum install register, you’ll be prompted to download the package, accept this by inputting Y and hitting enter. YUM is an abbreviated word for Yellow dog Updater Modified, it is a command line package management tool. The Register package is used to activate your SFA license.

Next we’ll update our version of AsteriskNOW, type yum update asterisk16, accept the upgraded packages (as detailed within our previous step)

Once completed, we’ll install SFA, type yum install asterisk16-skypeforasterisk, accept the package download. Once installed reboot, type shutdown –r now.

Once the reboot has completed login and we’ll register the SFA module (using the license key received from Digium). Login as root and type, register. Select option 1 (Digium Products), then option 7 Skype for Asterisk. Next you will be prompted to enter you SFA key, enter the key and register now. Click the space bar to run through the license agreement (does anyone read these?) and accept the agreement.  Complete your personal details and your license should be written to /var/lib/asterisk/licenses/ (you should back this up – I’ll explain this next). But one last reboot first, type shutdown –r now, our Asterisk install is now complete, next we’ll need to configure it!

To configure our Asterisk PBX we need to edit a number of text files, there are Linux-based editors, but in my experience they are not that user friendly and I like to perform this remotely using my friendly Windows PC, to do this you need an SSH client – I use WinSCP. Download a free copy via their website here. Once installed add a new site (see below)

Then change the default remote directory (as per the illustration below) and save the site.

Once saved click login. The first time you connect you will be prompted to save your Asterisk server key, click yes to add the host key to your cache. Finally enter your password, once connected an explorer type view of your Asterisk’s file system will be displayed – I have changed to a detailed view (choose view -> details)

Back-up your SFA license by copying the file from /var/lib/asterisk/licenses – there should only be one .lic file in there, just right click and copy to your desktop to save locally. Now head back to the folder /etc/asterisk – this is where our Asterisk config files are located.

We will be editing three files: (right click and “edit” within WinSCP)

1. Sip.conf – for main Asterisk settings (trunks/extensions)
2. Extensions.conf – for dial plans
3. Chan_skype.conf – SFA settings

First sip.conf, replace the content of your file with the following settings (you should probably backup your original conf files before)

[general]

context=default ; Default context for incoming calls

allowoverlap=no ; Disable overlap dialing support. (Default is yes)

udpbindaddr=0.0.0.0 ; IP address to bind UDP listen socket to (0.0.0.0 binds to all)

bindport=5060

bindaddr=0.0.0.0

tcpenable=yes ; Enable server for incoming TCP connections (default is no)

tcpbindaddr=0.0.0.0 ; IP address for TCP server to bind to (0.0.0.0 binds to all interfaces)

srvlookup=yes ; Enable DNS SRV lookups on outbound calls

notifyhold = yes ; Notify subscriptions on HOLD state (default: no)

[1001] ; A locally attached SIP extension

type=friend

callerid=1001

canreinvite=no

dtmfmode=rfc2833

mailbox=1001

disallow=all

allow=ulaw

transport=udp

secret=password

host=dynamic

context=default

[Lync_Trunk] ; Our Lync trunk

type=friend

port=5068 ; This is the default Lync Server TCP listening port

host=192.168.10.29 ; This should be the IP address of your Lync Server

dtmfmode=rfc2833

context=from-lync

qualify=yes

transport=tcp,udp

Next extensions.conf, replace the content of your file with the following settings

[general]

static=yes

writeprotect=no

[globals]

[default]

;dialling other extensions starting with 1 followed by three digits

exten=>_1XXX,1,Dial(SIP/${EXTEN},20)

exten=>_1XXX,n,hangup()

;send every digit after 9 to Skype for Asterisk

exten=>_9.,1,Dial(Skype/${EXTEN:1},20)

exten=>_9.,n,hangup()

;dialling other extensions starting with 2 followed by three digits

exten=>_2XXX,1,Dial(SIP/Lync_Trunk/${EXTEN},20)

exten=>_2XXX,n,hangup()

[from-lync]

;dialling other extensions starting with 1 followed by three digits

exten=>_1XXX,1,Dial(SIP/${EXTEN},20)

exten=>_1XXX,n,hangup()

;send other calls to Skype for Asterisk

exten=>_.,1,Dial(Skype/${EXTEN},20)

exten=>_.,n,hangup()

This dial plan will enable call routing between Lync , Asterisk & SFA. Finally configure your chan_skype.conf

You will need to change the default_user to represent your Skype ID, in my case:

;default_user=james_bond changed to (general section)

default_user=imapcblog

update the password

;secret=goldeneye changed to (user section)

secret=myskypepassword

change the default context to match your dial plan

;context=demo changed to (user section)

context=default

route the inbound calls to your Lync extension, in my case 2001

;exten=s changed to (user section)

exten=2001

Once you have configured all three config files reboot Asterisk, type shutdown –r now. Congratulation, your Asterisk configuration is complete! Next we need to configure Lync and pre-supposing you followed my previous Lync install guide here, you will need to head back into the Lync Topology Builder – we didn’t add a PSTN gateway previously. Download your Topology from the existing deployment and save the file locally, then add a PSTN gateway (see both steps below)

Once you have added the PSTN gateway you will have to re-publish the Topology, this will update the existing Topology with the new configuration settings, click finish

To permit call flow between both Lync and Asterisk worlds we need to define our Voice Routing within Lync Server 2010. Open the Lync Server Control Panel and access the Voice Routing options, we’ll need to configure our Dial Plan, Voice Policy, Route and PSTN Usage. I won’t walk you through this configuration (some is based upon location preferences, in my case UK), but I will show you the resulting configuration within the Lync Control Panel.

First the dial plan summary (pay close attention to my normalization rules) – this will route 1xxx to Asterisk, +44xxxxxxxxx to Asterisk and 2xxx internally (treated as local extension)

Next the Voice Policy, the default Global Policy should have the following PSTN usage records (these rules will handle our calls destined for Asterisk)

and the routes, as follows

Finally the PSTN usage, as follows

In my previous guide we created a test user, that user should now have his or her telephone details set, in our scenario tel:2001 (this is not best practice in a production deployment of Lync/OCS, but as a lab setup with a single PSTN number we should be given a free pass!) typically in production we would assign individual PSTN number and normalize to an internal DDI range i.e. +44208 555 2001 would normalize to 2001 when dialed.

With these settings committed successfully your setup should be complete, calls can now be made between both Asterisk and Lync, to setup a SIP based client I recommend X-Lite (for download and setup instruction follow my previous guide here)

Here we can see X-Lite to Lync

And the reverse Lync to X-Lite

Finally, let’s SkypeOut, first from Lync! (this illustration won’t mean a lot, but you will have to trust me – it works!)

That’s it, whilst I’m sure there are better ways of achieving PSTN breakout from OCS or Lync (with hardware/gateways), there is a certain amount of self-gratification from 100% software based VoIP.

I’m sure my configuration could have been applied in a number of different ways and you’ll probably notice that whilst X-Lite will permit Asterisk-to-Skype calls (dial 9 + Skype name), at this time Lync will not – only numbers can be passed (I’m happy to take suggestions on this). Otherwise let me know if you have spotted any errors or need guidance on issues (I’ll be moderating the comments below) and above all good luck and have some fun!

Microsoft Lync 2010 Consolidated Standard Server Installation Guide

This guide will run through a consolidated standard edition Installation, where all roles will be deployed on a single virtual machine except monitoring, archiving and edge roles.

So first off I’ll run you through some high-level preparation steps/assumptions:

• I’ve already installed a fresh copy of Windows 2008 R2 Standard on a Hyper-V 2008 R2 host, as this is a lab install I have only allocated 2gb of VM RAM (not supported in production) and a 72gb VM fixed disk (single partition) – strangely during the install should you choose to install on a secondary partition i.e. D:\ rather than C:\ most of the program files and database(s) end up on C:\.
• Apply all Windows Updates.
• Add to your domain.
• Within this guide I have Active Directory Certificate Services deployed for certificate generation.
• Now the prerequisites (based upon a Windows 2008 R2 install, 2008 x64 is supported, but unless your organization has licensing constraints I would strongly recommend you go down the R2 route).
• Add RSAT (only AD DS and AD LDS Tools are required) from within features in Server Manager (used for performing remote schema updates etc.) this will also prompt you to add the .NET Framework 3.5 feature, you mustaccept this.
• Add IIS, this is made easier by running this command line:

ServerManagerCmd.exe -Install Web-Server Web-Http-Redirect Web-Scripting-Tools Web-Windows-Auth Web-Client-Auth Web-Asp-Net Web-Log-Libraries Web-Http-Tracing Web-Basic-Auth

• Finally, install Silverlight from here (required to execute the Lync Server UI or Lync Server Control Panel).

Then Upon inserting (or mounting) your Lync RC ISO Internet Explorer will present the following options (left is server and right the client x32/x64 editions included).

The first thing you’ll see upon execution is a prompt asking you to install Microsoft Visual C++ 2008 Redistributable, click yes to install.

A few minutes later the following dialogue will appear. Given my single partition setup, I choose to accept the default installation directory.

Now you will be presented with a familiar looking wizard that will guide you through the install process. In my case I have already completed the Active Directory preparation steps and provided you are logged in with a Domain Admin or equivalent account and your AD is in good shape this should complete without a hitch (it did in my case!). As per the installation steps, once this is completed add your chosen admin account to the newly created CSAdministrator group.

Head back to the main deployment wizard screen and select the option to Prepare first Standard Edition Server (top right hand option). This will install a copy of SQL 2008 Express, Lync Server core installation files and create an RTC database – let this take its course and once complete you’ll be presented with the following dialogue.

Next install the Topology Builder via the main deployment screen, when this completes you gain a green tick to signify a successful install. Now the fun stuff, we need to define our topology by launching the topology builder via the start menu, as explained earlier Lync offers a difference in architecture to OCS 2007 and the Central Management Store (CMS) is no exception. The CMS is a SQL database where you publish your chosen topology, this takes away the dependency for Lync to require the AD for configuration purposes and is required to complete the installation.

Upon launching the Topology Builder we are presented with three options, choose New Topology (see below).

A dialogue will ask you to choose a save file/location, I’m going to accept the default location and call the file MyTopology.tbxml. Next you are asked for your primary SIP domain, I’ll be using my test AD domain for this Jacobs.local (see below).

You may notice that should you choose to input anything with invalid formatting, you’ll be asked to correct the problem and a RED square box will identify the bad string. Click next, I didn’t choose to add any additional SIP domains. Next give your site a name, I’ll use MyLab (see below).

Next site details, mine are below.

And with this completed you are prompted to open the New Front End Wizard, leave this checked. Here you’ll need to define the New Front End pool.

First of all we need to input the pool’s FQDN, in my case it will be lync.jacobs.local (Lync is the name of my server). I’ll also be opting for the Standard Edition Server Topology (they’ll be no high availability and an additional SQL Express instance, this will host the user and application store and will be installed automatically upon publishing the policy).

We are now going to select the features required and therefore destined to be collocated, I’ll be installing Conferencing (without Dial-in, I’m not going for PSTN voice integration for this lab setup), Enterprise Voice and Call Admission Control.

I’ll choose to collocate the Mediation Server (it will be redundant for now, given my choice to hang fire on voice integration).

Given my single server approach and lack of any need to archive, monitor or federate within my lab, I’ll choose to not select any additional server roles within the next screen.

I don’t need to define my SQL store as my Standard Edition will perform the SQL Express installation automatically.

Now we’ll need to create a file share, create it locally and ensure the account you are currently using to run the topology builder has read/write access to this folder. I’ll call my folder and share name “LyncShare”.

The next screen will ask you for an external URL, if you have a public facing FQDN for this server, it goes here. On the next screen (specify PSTN gateways, click finish, if you, like me are not configuring PSTN integration). You will now be taken back to the main topology builder screen, where you can view a detailed summary of your chosen setup. Click edit properties on the top right (below New Central Site) as you will need to add a few final tweaks.

First, you need to add an administrative URL, in my case https://admin.jacobs.localand select the front end server to install your CMS on (all things being equal you should have one option here, your previously specified pool FQDN).

You are all set to publish your topology! To do so select this option from the right hand side of the main topology builder screen.

If you followed the guide correctly validation should succeed, click next on the publish topology wizard.

Accept the front end pool default by clicking next.

Next the Central Management Store is created. When the wizard completes a text based to-do list can be presented with remaining tasks, you’ll need to create three DNS A records for the simple URLs specified – these should be directed to the IP address of your Lync Server (I won’t cover this). I will cover the final install step – the server components install.

To finish your server installation you need to head back to the Lync Server Deployment Wizard, now accessible via the start menu. Choose Install or Update Lync Server System to continue.

Choose step 1 to install a local CMS and choose the option to retrieve directly from the CMS.

Upon completion, click finish.

Choose step 2 to install Lync Server Components.

You may be asked to restart, should this occur click finish and manually restart your server. After logging back in re-execute the deployment wizard and click step 2 from within Install or Update Lync Server System for the second time, it will automatically resume from where it left off. With this complete, click finish.

Step 3 is where certificates are requested and assigned to the server and both internal/external web services. Click request (see below).

The following dialogue will be presented, choose to send the request immediately to an online certificate authority (this will submit via AD Certificate Services).

Select your local CA via the detected server list, click next until you see the option to specify a friendly name, I’ll use Lync.

Choose friendly organization names, country, state/city and click next. You now need to configure and accept subject alternate names (SAN) – this is where a single certificate can handle multiple common names or domain names. In my case I’ll accept my locally configured SIP domain. You can add additional names where you have a public facing FQDN, click finish to execute certificate commands. The assign the requested certificates (see below).

Upon completion the following screen will be presented.

Gentlemen start your services, or just click step 4! If you want to verify everything went A okay there is an option to launch services.msc. Looking good!

Let’s launch the Lync Server Control Panel via the start menu and enable a test user, provided you installed Silverlight and you’re A records resolve – in my case, admin.jacobs.local you should be asked to authenticate with your CSAdministrator admin details.

Within top actions enable a user for Lync Server. (see below)

Finally you will need to create a SRV DNS record for your new Lync Server, without this your Lync client will be unable to locate the server location. To create, access your DNS manager and right click the Forward Lookup Zone for your SIP FQDN. Then click other new records and Service Location (SRV), complete using your own server settings as per the illustration below.

All things being equal you should now be able to install and login with your Lync client by using the corresponding sign-in address.

Lync Server 2010 Installation Guide

I am presenting this deployment guide for other fellow UC enthusiasts to help on their own personal/test deployments. The best thing in Lync is that instead of archiving & monitoring and edge roles, everything is installed in a single Virtual Machine, hence the word consolidation. For voice-mail you need an Exchange deployment. This guide doesn’t have the integration for voice mail gateways.

I have made a few assumptions before delving into this. They are mentioned here for your ease.

a) An Active Directory server

b) Fresh installation of Windows Server 2008 R2 with all the windows updates and patches joined to your domain, I used VMware for virtualization but its up to your preference what you may use for virtualization. If you have spare server then by all means deploy everything on individual server.

c) The login alias should be a domain admin or a member of an equivalent group.

d) Installation of AD certificate services for certificate generation.

e) Install the RSAT role from the server manager (AD DS and AD LST are required) for remote schema update. Net Framework 3.5 installation is also required which will be prompted automatically and should be installed if you are not using Windows 2008 R2.

f) Install IIS. You can use this command to also install IIS but it’s your call how you want to do it.

ServerManagerCmd.exe -Install Web-Http-Redirect Web-Scripting-Tools Web-Windows-Auth Web-Client-Auth Web-Asp-Net Web-Log-Libraries Web-Http-Tracing Web-Basic-Auth

g) Install Silverlight which will need for installation.

Well.. once all that  is done you can insert the ISO into the virtual machine of burn a cd if you’re using an optical drive for installation and you will see this window in Internet Explorer. We are installing the server so we will choose the left Install button for server installation.

It will first ask you for the Visual C++ Redist installation. Click Yes to install it.

Once the installation for Visual C++ is complete you will see another window prompting the directory for the installation (changeable). If you are installing it on another partition other than C: you still need to have a bigger size of the C: partition as most of the files still end up in C Drive.

Accept the license agreement here.

The next windows would be a little familiar to people who have been working with the previous version of Communication server offerings of Microsoft. This is the deployment wizard.

Let’s choose the first AD preparation steps. In my case the screenshot has all the steps completed. They ran smoothly for me since before I mentioned that the account that I used to login the server with is a Domain Admin as well as Local Admins.

Once all the steps are completed for you, you can click back to go to the deployment wizard and click the Install or update Lync Server 2010.

Once all the steps are completed for you, you can click back to go to the deployment wizard and click the Install or update Lync Server 2010.

It’s time to install the Topology Builder via the main deployment screen, when this completes you gain a green tick to signify a successful install.

The next step is funny enough because now we need to make our Topology for Lync Server 2010 for this you have to go to start menu > Microsoft Lync Server (RC) > Lync Server Topology Builder.

The Popup will come up now click New Topology and Ok.

It will ask you to choose a save file/location I saved it as WhatDoUC. Next you are asked for your primary SIP domain, I’ll be using my test AD domain for this which is WhatDoUC.net (see below).

Click next, I didn’t choose to add any additional SIP domains. On next screen type the name of your site which is in my case WhatDoUC

Click Next and put Site Details which you can see below.

It’s completed now click on “Open the New Front End Wizard” and click Finish.

Now you’ll need to define the New Front End pool.

Click Next. Define the Front End Pool FQDN which is in my case Lync.WhatDoUC.net also I am using Standard Edition Server you can choose it on your own.

You will be asked to select the features required and therefore destined to be collocated, I’ll be installing Conferencing (without Dial-in, I’m not going for PSTN voice integration for this lab setup), Enterprise Voice and Call Admission Control.

Click Next. I am not going to collocate Mediation Server you can choose it your own.

Here I am going to click next without more roles because of my limited sources.

Here I don’t need to define my SQL store as my Standard Edition will perform the SQL Express installation automatically.

Here we’ll need to create a file share, create it locally and ensure the account you are currently using to run the topology builder has read/write access to this folder. I’ll call my folder and share name “Share”.

The next screen will ask about External URL which is in my case “Lync.WhatDoUC.net”

Now we are back to Topology Builder and we have to edit Topology so click on Edit Topology.

Now you need to add an administrative URL, in my case https://admin.WhatDoUC.net and select the front end server to install your CMS on (all things being equal you should have one option here which will your previously specified pool FQDN).

We are all set to publish our topology! To do so select this option from the right hand side of the main topology builder screen.

Here I want to tell you that if you followed the entire guide correctly validation should succeed, now click next on the publish topology wizard.

Click Next also Accept the front end pool default by clicking next.

Now we are back to the Lync Server Deployment Wizard, now accessible via the start menu. Choose Install or Update Lync Server System to continue.

At first step (Install Local Configuration Store) click Run.

Click Next and upon completion click Finish.

Now step 2 to install Lync Server Components.

After completion Re-Start your server and log in back to server and start the Wizard from Start Menu.

It’s time to Step 3 is where certificates are requested and assigned to the server and both internal/external web services. Click request.

On next screen click next.

Select your CA Server which is in my case my Active Directory, click next until you see the option to specify a friendly name, I’ll use WhatDoUC.

Choose friendly organization names, country, state/city and click next.

Now configure and accept subject alternate names (SAN) – this is where a single certificate can handle multiple common names or domain names. In my case I’ll accept my locally configured SIP domain. You can add additional names where you have a public facing FQDN, click finish to execute certificate commands. The assign the requested certificates. Click Finish.

On completion the following screen will appear.

Now It’s time to start Services and after that check the services status.

Now we are ready to run Lync Server 2010 control panel.

Microsoft Lync 2010 Prerequisites Installation

Microsoft Lync Server 2010 Media Bypass

What is it?

• Media Bypass allows for Lync clients to communicate directly with a qualified PSTN voice gateway or qualified IP-PBX without traversing the Mediation server for media transcoding
• When clients use Media Bypass, the Lync client uses the G.711 codec over SRTP

What are the benefits?

• Greatly simplifies topology
  • Allows for Mediation server to collocate with Front End server or SBA because of low CPU intensity
  • Greatly reduces the amount of servers needed in deployment resulting in lower TCO
• Optimizes media flow and quality
  • Eliminates unnecessary hops and potential points of failure
  • Saves WAN bandwidth
  • Improves voice quality with use of G.711 codec

However to enable Media Bypass, you must ensure that either the Media Gateway (SBA) or the IP-PBX does support the Media Bypass feature.

Below are some different scenarios for the Media bypass between 2 sites:

First Scenario:

In this scenario the Client in the main data center dials a PSTN number, so the client communicates directly with the gateway using G.711 codec without the need to used the mediation for transcoding from RTaudio to G.711 Codec.

Second Scenario:

In this scenario the client is located in the branch site where there is no Lync Servers installed , when the client places a PSTN call it communicates directly with the IP-PBX over G.711 without the need for getting back to the Data Center pool mediation for transcoding. However this scenario is only applicable if your IP-PBX does support the new Media Bypass feature.

Third Scenario:

In this scenario we have two clients placing the call , one from the Data Center and the second is in Branch site. you will typically have this case in the international sites where you want to enable the least cost routing for international numbers. Lets say the Main Data Center is in US and the branch Site is in Egypt , and both Clients will dial the same number which is a US number.

So the first client who is in the US data center will communicate to the mediation server directly over G.711, then the mediation will place the call through the Hosted SIP trunk to the PSTN also over G.711 since there is no local PBX available in the Data Center.

The Second Client who is in the Egypt branch site will dial the US number , the client will communication with the Mediation server place in the US Data center over RT Audio then the mediation will talk to the PSTN over G.711. In this second scenario we used RT Audio because it has got lots of features over the G.711 which consumes more bandwidth  , RT Audio gives much better quality over WAN due to correction mechanisms and the ability to overcome lost packets.

Fourth Scenario:

In this scenario we have the same case like the last one , however we have also enabled Call Admission Control ( CAC ) which is a new great feature in Lync Server 2010. It allows call control over WAN to assure the accepted number of call over the allocated bandwidth and to refuse any extra calls over the allowed limit. What makes this CAC feature great also is not only to control calls over the WAN, but also to give alternate route for calls over the PSTN rather than using the WAN.

Ok let me explain it , the Client in the Egypt branch site is placing an international call to US number , so the client tries to place the call through the mediation placed in the US data center over the WAN , however due to WAN full usage and the CAC control ( call admission control ) so the call is not allowed to be placed over the WAN , however in spite of dropping the call we find that the client is redirected with alternate route to his local GW to place the call as international number from his PSTN gateway.

Fifth Scenario:

In this scenario the Client who is placed in the branch site places a call to a PBX legacy endpoint which is placed in the main site data center , this endpoint is connected to the IP PBX where this IP-PBX does not yet support direct Media bypass.

So the Client communicates over the WAN to the mediation server over RT Audio, then the call is routed after transcoding from the Mediation to the IP-PBX over G.711, and finally the IP-PBX sends the call to the end point directly over G.711.

OCS / Lync Server Normalization Rules

When normalization rules were first explained to me in an Office Communications Server 2007 training class, I left thoroughly confused.

I spent quite a lot of time trying to understand how normalization rules work. First, I found that normalization rules are .Net Expressions. A quick search of the Internet for .Net Expression primers and help guides did not help with understanding how they worked.

I finally found a piece of software called RegEx Designer that allowed me to see what is happening in a .Net expression and more importantly a normalization rule.

Let’s start with why we need telephone numbers (straight from the IETF/ITU standards).

1. A telephone number is a string of decimal digits that uniquely indicates the network termination point.

2. The number contains the information necessary to route the call to the termination point.

A Normalization Rule modifies the user input and presents a fully routable telephone number that can be used by Office Communications Server (OCS) / Lync Server and the PSTN to deliver a voice call to the intended termination point. To OCS / Lync Server, your telephone number is effectively meaningless if it is not presented in E.164 format.

Humans are inconsistent, especially with how we write phone numbers down. People use parens, dashes, dots, and spaces for example. Users in a business might only know a 4 digit extension to call another employee. Normalization Rules help the humans enter the phone number in the format they are used to and then translate that to the pattern that OCS / Lync Server is expecting.

There are three main processes happening when a normalization rule is used.

1. Does the Phone Pattern Regular Expression match the input?

2. What is captured in the Phone Pattern Regular Expression to be used by the Translation Pattern Regular Expression?

3. What is the Translated number?

Example Normalization Rule

Phone Pattern Regular Expression: ^(2\d\d\d)$
Translation Pattern Regular Expression: +1425555$1

The “^” specifies that the match must occur at the beginning of the string.

Anything between parens is captured into a group. If there are more than one set of parens then there are multiple groups.

Any letter that is after “\” is considered a language element and has a special function. For example \d is a single digit wildcard. \D is a single character wild card.

“$” Specifies that the match must occur at the end of the string.

In the above example we are matching against any 4 digit number that starts with a 2. We are capturing the 2 into group 1 plus any other 3 digits that follow. If a number is 5 digits it will not match. If a number starts with any other number than 2 it will not match.

Now that we have captured group 1 we can take a look at the Translated Pattern Regular Expression

Phone Pattern Regular Expression: ^(2\d\d\d)$
Translation Pattern Regular Expression: +1425555$1

The +1425555 are absolute digits and will be inserted before the captured digits in group 1 “$1”. Each group is represented by a $ and a digit for the order in which they were captured. The second group captured would have a “$2” in the Translation Pattern Regular Expression.

If we entered 2345 then the translated pattern would be +1425552345.

What if we wanted to match against 5 digits and only capture 4 for example?

Phone Pattern Regular Expression: ^6(\d\d\d\d)$
Translation Pattern Regular Expression: +1425555$1

The above rule would match any 5 digit number that started with a 6. But, because the 6 is not within the Parens we will not capture the 6 into group 1.

If we entered 62345 then the translated pattern would be +1425552345.

Is there an easier way to specify multiple digits rather than writing\d\d\d\d?

Phone Pattern Regular Expression: ^6(\d\d\d\d)$
Translation Pattern Regular Expression: +1425555$1

Is as the same as

Phone Pattern Regular Expression: ^6(\d{4})$
Translation Pattern Regular Expression: +1425555$1

The {x} specifies the number of matches for the preceding Language Element. In this case we are looking for 4 digits. If I specified \D{4} then it would be 4 characters.

If we entered 62345 then the translated pattern would be +1425552345.

What does a normalization rule look like capturing multiple groups of numbers?

Phone Pattern Regular Expression: ^(\d{3})(\d{4})$
Translation Pattern Regular Expression: +1425$1$2

In the above Phone Pattern there are two sets of parens. Each set of parens captures into a different group. The first three digits are captured into group 1 “$1” and the next 4 digits are captured into group 2 “$2”.

In the Translation Pattern we use $1 and $2 after the +1425.

If we entered 5552345 then the translated pattern would be +1425552345.

What if we wanted to handle dashes, spaces, dots, and whatever else users dream up?

Phone Pattern Regular Expression: ^(\d{3})\D(\d{3})\D(\d{4})$
Translation Pattern Regular Expression: +1$1$2$3

In the Phone Pattern Regular Expression we are matching for 3 digits, then a single character. Then another three digits, and a single character. Then a final four digits. Since the \D is not within the parens we match against it, but are not capturing it. The result is the Translation Pattern has no dashes, dots, spaces, or any other character the user can dream up.

If we entered 425-555-2345 or 425.555.2345 then the translated pattern would be +1425552345.

Why do you use \D instead of [\s()\-\./] ?

Simple. It does the same thing and more! \D will match any non-digit. [\s()\-\./] will only match space, parens, dash or dots.

Is there a way to do optional matches?

Phone Pattern Regular Expression: ^9?(\d{3})\D(\d{3})\D(\d{4})$
Translation Pattern Regular Expression: +1$1$2$3

In the Phone Pattern Regular Expression above we start of with a “9?”. This means the expression will match if there is a 9 or not a 9. The key is using the question mark after the number (or character). This is handy if you want to be allow users to still dial a 9 like they used to on a PBX. They can type it in or not, we simply don’t care because it is optional and we are not capturing that digit into a group.

If we entered 9425-555-2345 or 425-555-2345 then the translated pattern would be +1425552345.

How would I do a wild card for any number of characters/digits?

Phone Pattern Regular Expression: ^\D*(\d{3})\D*(\d{3})\D*(\d{4})$
Translation Pattern Regular Expression: +1$1$2$3

The above Phone Pattern Regular Expression will look for any amount of characters until it matches against 3 digits. Then any amount of characters until it matches against another 3 digits. Then a match against the last four digits.

The benefit of this is that we can handle “(425) 555-1234” or “425-555-1234” or “4255551234” and to be honest we can handle this too “Your grandma 425 has white 555 hair 1234”. All the examples would be translated to +14255551234

How about logical OR?

Phone Pattern Regular Expression: ^\D*(303|720)\D*(\d{3})\D*(\d{4})$
Translation Pattern Regular Expression: +1$1$2$3

A logical OR is very handy if you need to handle multiple area codes, or NXXs (the second set of 3 digits for non-voice people). The pipe sign is what does the logical OR within the parens. The above Phone Pattern Regular Expression would look to match the first three digits to 303 or 720, but not both.

If we entered 303-555-2345 or (720) 555-2345 then the translated pattern would be either +1303552345 or +17205552345.

Conclusion

In my experience the above examples will help with 90% of the needs for Normalization Rules. There are much more complicated Normalization Rules that could be written, but I’ll leave that to another post. If you want to play around with Normalization Rules I strongly encourage downloading RegEx Designer so that you can visibly see how Normalization Rules work.