Blocking Calls on Lync Server and Skype for Business Based on Caller ID

Update 2016/04/01 – To avoid Missed call notifications check Missed call notification when the call is blocked by CallerIDBlock MSPL Script

Last week a customer asked how we can block calls in Lync Server. After some searching, I found the following post:

VoIPNorm’s UC Blog – Blocking Calls in Lync Based on Caller ID

Unfortunately, the comments refer that the script worked only on Lync Server 2010, but not on Lync Server 2013.

With the help of both the above blog script and the MSPL scripting reference, the script was rewritten to support Lync Server 2013 and Skype for Business Server 2015. The script is available in the TechNet Gallery for download:

MSPL: Blocking Calls on Lync Server/Skype for Business 2015 Based on CallerID
https://gallery.technet.microsoft.com/MSPL-Blocking-Calls-on-e6d52de9

In the script, we only need to replace <Lync Share Path> to the proper setting. On a Standard Pool this can be a local path, but on Enterprise Pool it makes more sense to use Lync Share. The reason for this is because all Front Ends must reach both the script and blocked number list files when we enable the script.

Create a new folder in Lync Server Share. In this new folder put the script file (CallerIDBlock.am) and the block list file (BlockedTelephoneNumbers.txt).

calleridblock01

Insert one line per blocked number in the BlockedTelephoneNumbers.txt file. The number must be exactly what the PSTN Gateway is sending to Lync Server. In this case, our gateway doesn’t send the “+”:

Phone,Action
01234567890,block
01234567891,block
01234567892,block

The next step is to add the script as a Lync Server Application. This can be done by entering the following cmdlet in Lync PowerShell:

New-CsServerApplication -Identity “Service:Registrar:<Lync/SfB Front End Pool>/CallerIDBlock” -Uri https://uclobby.com/2014/07/31/CallerIDBlock -Critical $false -ScriptName “\\<Lync/SfB Share Path>\CallerIDBlock\CallerIDBlock.am”

 calleridblock02

Now we need to Enable the new application. We could do it while we add it to Lync/SfB Server, but I prefer to enable it after.

Set-CsServerApplication -Identity “Service:Registrar:<Lync/SfB Front End Pool>/CallerIDBlock” -Enabled $true

Or in Lync Control Panel->Topology->ServerApplication:

 calleridblock03

Shortly afterwards Lync Server Event Viewer can be checked for the following message:

calleridblock04
Note: Check all Front Ends for this message.

When installing the Lync Server 2013 SDK, we can use AppLogger (located in “C:\Program Files\Microsoft Lync Server 2013\SDK\Bin”) to debug MSPL Scripts.

If the number isn’t present in the BlockedTelephoneNumbers.txt file, the message should look like this:

CallerIDBlock processing request:
From – 01234567890;phone-context=uk.*****.co.uk
To – +449876543210
Allowed by CallerIDBlock

After adding the line 01234567890,block to the BlockedTelephoneNumbers.txt file, the call is rejected and the message changes:

CallerIDBlock processing request:
From – 01234567890;phone-context=uk.*****.co.uk
To – +449876543210
Rejected by CallerIDBlock

If the phone-context is received, the script will only use the number before “;”.

 

19 thoughts on “Blocking Calls on Lync Server and Skype for Business Based on Caller ID

  1. Hello,

    Many thanks indeed, great work, worked fine with me at Lync 2013 (After small adjustment).

    there is a small mistake,
    at the text file (BlockedTelephoneNumbers.txt) you have mentioned that we have to write it with the following format: Number,Action

    while at the script it is Phone,Action

    so please correct the post.

    Thanks a lot again, helped us a lot.

    Regards,
    ME

  2. Trying to implement this, but we’re getting this error in the Lync Server event log, and filtering is not working:

    Invalid path for script-only application

    Path: \ourserver.name.hereLyncServer2013FileStoreCallerIDBlockCallerIDBlock.am
    Cause: Incorrect path was entered in while configuring this application
    Resolution:
    Fix the path using Set-CSServerApplication cmdlet

    I’ve deleted and re-created the script using the same instructions twice now… no luck. What am I missing?

    1. Hi
      Check the path and share/NTFS permissions.
      Alternatively you can try to use a local path, for example, change “\CallerIDBlock” to “C:CallerIDBlock” and copy the script to that location. Don´t forget to also change on the script the “BlockedTelephoneNumbers.txt” path.

      David

      1. Thanks David,

        so I can make it any URL, as long as they are the same, and the URL doesn’t necessarily have to reference a working public URL? Can I just put our domain name in there instead?

  3. I’d suggest adding another column to the file, “reason”. I’ve done that, and written a PowerShell script to add/remove/query the file, returning objects. So, you can view the list in PowerShell, complete with the reason a number was added to the list.

  4. is there any way possible via the script to disable the user from getting a notification. We have it currently tested in our environment and when trying to call from the blocked number the call drops with not even a ring which shows its working. However the user we are trying to call still receives a missed call notification. is there any way to prevent that through the script

  5. Thanks for that useful script!

    Is there any possibility to avoid a missed call notification to the recipient? I already tried to adjust the block reason to 487 (“Request Terminated”) – which disconnects the call for the blocked number – but the intended recipient still receives a missed call notification.

    Thanks in advance for possible suggestions!

  6. didn’t expect a reply so soon – impressed! 🙂

    Currently CU5, which should be upgraded soon…

    What was the version you tested it without MCN?

    Thanks David!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.