[Policy Recording Bot] How can i run locally?

[Gaku-Yamaguchi]

Hi Team.

I am going to run Policy Recording Bot locally. But I can't run this sample locally. I always get a exception.

How can i run locally? am I correct in steps below?

the steps I have done. 1, Got AppService Domain. (mydomain.com of course it's not real name)

2, Got Bot Registration and configured Teams Channel for calling like below.

3, Generated wild card certificate for mydomain.com with Let's Encrypt using Posh-ACME Powershell Module and Imported in my local machine certificate store.

4, Ran Ngrok.exe

5, Created CNAME Record in my azure dns zone for pointing to ngrok.

6, Ran the configure_cloud.ps1 script with these parameters. .\configure_cloud.ps1 -p .\V1.0Samples\LocalMediaSamples\PolicyRecordingBot -dns botsample.mydomain.com -cn botsample.mydomain.com -thumb {thumbprint from certificate I generated in step3} -bid {my bot registration displayname} -aid {my bot registration application Id} -as {my bot registration application secret. this is not guid i set actual value.}

7, Ran my Visual Studio 2019 as adminstrator.

8, Right click Policy Recording Bot Service in solution explorer and click Debug.

after above, I recieved an exception below.

Microsoft.Graph.Communications.Core.Exceptions.ServiceException HResult=0x80131500 Message=Code: mediaInitializationFailure Message: Media platform failed to initialize

Source=Microsoft.Graph.Communications.Calls.Media Stack Trace: at Microsoft.Graph.Communications.Calls.Media.MediaCommunicationsClientBuilderExtensions.SetMediaPlatformSettings(ICommunicationsClientBuilder statefulClientBuilder, MediaPlatformSettings mediaSettings) at Sample.PolicyRecordingBot.FrontEnd.Bot.Bot.Initialize(Service service, IGraphLogger logger) in C:\Work\Source\microsoft-graph-comms-samples-master\Samples\V1.0Samples\LocalMediaSamples\PolicyRecordingBot\FrontEnd\Bot\Bot.cs:line 94 at Sample.PolicyRecordingBot.FrontEnd.Service.Start() in C:\Work\Source\microsoft-graph-comms-samples-master\Samples\V1.0Samples\LocalMediaSamples\PolicyRecordingBot\FrontEnd\Service.cs:line 80 at Sample.PolicyRecordingBot.WorkerRole.WorkerRole.OnStart() in C:\Work\Source\microsoft-graph-comms-samples-master\Samples\V1.0Samples\LocalMediaSamples\PolicyRecordingBot\WorkerRole\WorkerRole.cs:line 92 at Microsoft.WindowsAzure.ServiceRuntime.RoleEnvironment.InitializeRoleInternal(RoleType roleTypeEnum) at Microsoft.WindowsAzure.ServiceRuntime.Implementation.Loader.RoleRuntimeBridge.b__0()

innerException 1: InvalidOperationException: Cannot access the certificate's private key. Make sure that the process has enough permissions to access the private key. Only CSP-stored certificates are supported by the media platform, CNG/KSP certificates are not supported.

the message seems my certificate is not CSP-stored certificate. but I don't think so. did someone get same problem? Is there someone who solved this problem? Please help!

[1fabi0]

I think you have to install your certificate from a pfx file into windows certificate store and to validate you can check if your certmgr.msc contains the certificate you installed from the pfx file

[Gaku-Yamaguchi]

Thanks @1fabi0 for commented. I installed certificate from a pfx file as below.

after that, a problem I posted is solved. I mean a bot can run continuously in my local machine. but another problem showed up. I set the ComplianceRecordingPolicy for teams user in accordance with Tutorial of this project(https://github.com/microsoftgraph/microsoft-graph-comms-samples/tree/master/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot) and tested but calls never connects and goes to a voicemail. It looks similar to #326. I got SocketException. TraceSource Error: 0 : [SkypeBotsMediaPlatform][AppId:7ffe6fd1-b6ab-4e2f-b2fe-950565a99ee6] TryCheckTcpConnectivity exception: System.Net.Sockets.SocketException (0x80004005): 対象のコンピューターによって拒否されたため、接続できませんでした。 xxx.xxx.xxx.xxx:13016 場所 System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port) 場所 Microsoft.Skype.Bots.Media.PlatformEnvironment.TryCheckTcpConnectivity(String fqdn, Int32 port) TraceSource Error: 0 : [SkypeBotsMediaPlatform][AppId:7ffe6fd1-b6ab-4e2f-b2fe-950565a99ee6] TryCheckTcpConnectivity exception: System.Net.Sockets.SocketException (0x80004005): 対象のコンピューターによって拒否されたため、接続できませんでした。 xxx.xxx.xxx.xxx:13016 場所 System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port) 場所 Microsoft.Skype.Bots.Media.PlatformEnvironment.TryCheckTcpConnectivity(String fqdn, Int32 port) TraceSource Error: 0 : [SkypeBotsMediaPlatform][AppId:7ffe6fd1-b6ab-4e2f-b2fe-950565a99ee6] Could not verify connectivity to the bot's media platform instance at botsample.ishiharaco.com:13016. Please verify that InstancePublicPort 13016 on the load balancer for botsample.ishiharaco.com is mapped to InstanceInternalPort port 8445 on the local machine.

so, I would like to ask about the certificate.

I think you have to install your certificate from a pfx file into windows certificate store and to validate you can check if your certmgr.msc contains the certificate you installed from the pfx file

I understood that you wrote "certificate" is certificate for botsample.mydomain.com. Do you mean "certificate" is for *.ngrok.io? Do I need any other configuration for my local machine?

[1fabi0]

Actually you have the correct certificate for your domain but please make sure that your domain is a cname pointing to ngrok, if you are using for your tcp connection 1.tcp.ngrok.io then your domain entry botsample.ishiharaco.com should be a cname entry to 1.tcp.ngrok.io

[Gaku-Yamaguchi]

Thanks @1fabi0 .

Actually you have the correct certificate for your domain but please make sure that your domain is a cname pointing to ngrok, if you are using for your tcp connection 1.tcp.ngrok.io then your domain entry botsample.ishiharaco.com should be a cname entry to 1.tcp.ngrok.io

I use 1.tcp.jp.ngrok.io for my tcp connection. so, I already set my DNSZone as below

Actually, It's have been set since beginning. but the problem still showed up.

[1fabi0]

It seems pretty much correct but I'm not sure why it ends in the entry with a dot, also make sure you are using correct instance public port and forwarding correct to instance internal port

[Gaku-Yamaguchi]

I checked my instance public port and found the code below in AzureConfiguration.cs.

When I run this project locally, RoleEnvironment.IsEmulated is true. so Instance public port is 13016.

and I saw a error message below. TraceSource Error: 0 : [SkypeBotsMediaPlatform][AppId:xxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxxxx] Could not verify connectivity to the bot's media platform instance at botsample.mydomain.com:13016. Please verify that InstancePublicPort 13016 on the load balancer for botsample.mydomain.com is mapped to InstanceInternalPort port 8445 on the local machine.

How can I check port 13016 on the load balancer for botsample.mydomain.com is mapped to Instance Internal Port 8445 on the local machine?

[Gaku-Yamaguchi]

Hi @1fabi0 and team,

I resolved the TCP error I wrote in previous comment.

I edited a code below in AzureConfiguration.cs

changed the port number to my ngrok port number like below. int mediaInstancePublicPort = RoleEnvironment.IsEmulated ? [my ngrok port number] : mediaControlEndpoint.PublicIPEndpoint.Port;

the exception doesn't show on my debug log. it seems no problem at all. but still bot doesn't connect and direct to a voicemail.

Does anyone have a solution for it?

Thanks.

[pacmanoth]

@Gaku-Yamaguchi Any chance you've figured out your problem last posted on June 29?

[Gaku-Yamaguchi]

@Gaku-Yamaguchi Any chance you've figured out your problem last posted on June 29?

No. I have no change for status. I still have same problem.

[1fabi0]

sorry for this late reply, but can you please check in the configuration of you bot registration that streaming Endpoint is enabled, i'm not sure what it exactly does, but I had issues with bots when it was not enabled before.

[danfer]

Hello @Gaku-Yamaguchi , @1fabi0, @pacmanoth , were any of you able to make this Policy Recording Bot to debug locally? in my case followed similar steps as this thread with no avail so far, thanks in advance