Blocking Calls on Lync Server and Skype for Business Based on Caller ID

Update 2016/04/01 – To avoid Missed call notifications check Missed call notification when the call is blocked by CallerIDBlock MSPL Script

Last week a customer asked how we can block calls in Lync Server. After some searching, I found the following post:

VoIPNorm’s UC Blog – Blocking Calls in Lync Based on Caller ID

Unfortunately, the comments refer that the script worked only on Lync Server 2010, but not on Lync Server 2013.

With the help of both the above blog script and the MSPL scripting reference, the script was rewritten to support Lync Server 2013 and Skype for Business Server 2015. The script is available in the TechNet Gallery for download:

MSPL: Blocking Calls on Lync Server/Skype for Business 2015 Based on CallerID
https://github.com/uclobby/CallerIDBlock

In the script, we only need to replace <Lync Share Path> to the proper setting. On a Standard Pool this can be a local path, but on Enterprise Pool it makes more sense to use Lync Share. The reason for this is because all Front Ends must reach both the script and blocked number list files when we enable the script.

Create a new folder in Lync Server Share. In this new folder put the script file (CallerIDBlock.am) and the block list file (BlockedTelephoneNumbers.txt).

calleridblock01

Insert one line per blocked number in the BlockedTelephoneNumbers.txt file. The number must be exactly what the PSTN Gateway is sending to Lync Server. In this case, our gateway doesn’t send the “+”:

Phone,Action
01234567890,block
01234567891,block
01234567892,block

The next step is to add the script as a Lync Server Application. This can be done by entering the following cmdlet in Lync PowerShell:

New-CsServerApplication -Identity “Service:Registrar:<Lync/SfB Front End Pool>/CallerIDBlock” -Uri http://uclobby.com/2014/07/31/CallerIDBlock -Critical $false -ScriptName “\\<Lync/SfB Share Path>\CallerIDBlock\CallerIDBlock.am”

Note: Please make sure that the URI is HTTP, some browser might change it to HTTPS.

calleridblock02

Now we need to Enable the new application. We could do it while we add it to Lync/SfB Server, but I prefer to enable it after.

Set-CsServerApplication -Identity “Service:Registrar:<Lync/SfB Front End Pool>/CallerIDBlock” -Enabled $true

Or in Lync Control Panel->Topology->ServerApplication:

 calleridblock03

Shortly afterwards Lync Server Event Viewer can be checked for the following message:

calleridblock04
Note: Check all Front Ends for this message.

When installing the Lync Server 2013 SDK, we can use AppLogger (located in “C:\Program Files\Microsoft Lync Server 2013\SDK\Bin”) to debug MSPL Scripts.

If the number isn’t present in the BlockedTelephoneNumbers.txt file, the message should look like this:

CallerIDBlock processing request:
From – 01234567890;phone-context=uk.*****.co.uk
To – +449876543210
Allowed by CallerIDBlock

After adding the line 01234567890,block to the BlockedTelephoneNumbers.txt file, the call is rejected and the message changes:

CallerIDBlock processing request:
From – 01234567890;phone-context=uk.*****.co.uk
To – +449876543210
Rejected by CallerIDBlock

If the phone-context is received, the script will only use the number before “;”.