Installing And Configuring Microsoft Lync Server 2013
Installing and configuringMicrosoft Lync Server 2013Peter DornerAdvisory ArchitectIBMJanuary 30, 2014
Version HistoryBlockpoint/VersionDateContributorRevision Activity Description1.0/v.0001/25/2014Peter DornerInitial Version – AD preparation, SQL mirrorconfiguration1.0/v.0101/27/2014Peter DornerAdded Lync File Store config, DNS Settings1.0/v.0201/28/2014Peter DornerAdded Topology builder, FE Server installation1.0/v.0301/29/2014Peter DornerAdded 2nf FE installation, backup pool1.0/v.0401/30/2014Peter DornerAdded Reporting, PBX config and updating Lyncserver2
Contents1.Introduction . 52.Lync components . 5Lync Front End Server Pool . 5Lync File Share Server. 5Backend Database Servers . 5Monitoring. 5Mediation role . 6Lync Edge Server . 6Director. 6Persistent Chat . 6Survivable Branch Appliance . 6Load Balancing and High Availability . 63.DNS Name Resolution . 74.Autodiscover . 75.Initial network configuration: . 86.Prerequsites . 10Hyper-V based virtual machines . 10Lync Server Prerequisites . 107.Preparing the schema, forest and the domain. 12Verifying the new forest, schema and domain version . 148.Configuring Back End server for High Availability . 17Installing the SQL Servers . 19Installing SQL Witness server . 27Configuring SQL for Lync 2013 deployment. 32Configuring Windows Firewall . 32Configuring the Reporting Services . 369.Configuring Lync File store . 4410.Configure DNS . 45Setup Round Robin . 453
Creating SRV, A and CNAME records . 4511.Build out the Lync Topology . 4612.Checking database mirroring . 6213.Installing the first front end server . 64Step 1 – Install Local Configuration Store . 64Step 2 – Setup Lync Server Components . 65Step 3 – Request, Install Certificates. 66Step 4 – Starting Lync Services . 7414.Adding Front End Server to the pool . 7615.Reporting. 8216.PBX Integration . 85Configure the Mediation Server . 85Configure voice routing . 87Enable users for voice . 92Test . 9317.Updating Lync Server 2013 . 95Updating FE Server . 95Updating the SQL databases . 96Useful Links . 99References . 994
1. IntroductionThe following document is a build out for a hypothetical company called PS-United. Thecompany based in Miami, FL with one single Active Directory Forest along with one subnet and arecently built Exchange 2013. The build out is providing simple HA but no site resiliency. Thecompany recently purchased a PBX which has to be integrated to the new Lync environment inorder to use the Lync client for making phone calls.2. Lync componentsLync Front End Server PoolThe Front End pool provides the connection point to the clients. It’s responsible forregistering users, clients and routing them and because of this routing all connections from thesame user must go to the same front end server. One Lync server pool with 2 Front End serverwill be configured to provide basic failover. The pool will provide the following functionality tothe clients: User authenticationAddress book serviceInstant Messaging and presence informationAudio and video conferencingMediation server to provide connection to the existing PBX phone systemLync File Share ServerThe Lync File Share is used to generate and publish the Lync address book and store IMattachments. In this case no HA nor disaster recovery will be implemented, however if neededdeploying a DFS infrastructure can provide both feature using DFS replication between themember servers.Backend Database ServersLync has a requirement for a SQL server to store different databases associated with differentLync services. Lync2013 supports database mirroring for HA. Two servers with the Lync databasemirror and a third SQL Witness server is used to provide the same data for both databases. In theevent of a database server failure Lync will access to another server.MonitoringWith the monitoring role we can collect Usage information, call detail and call error records5
Quality metricsDetailed listing of the Call Admission Control (CAC)Failures within Lync communicationMediation roleThis role is used to connect Lync to the PSTN or PBX using SIP trunking.Lync Edge ServerThe purpose of edge server pool is to provide the communication mechanism for instantmessaging based communication to public IM providers. High availability is achieved withmultiple hardware load balanced Edge servers. It has the following remote capability: Remote Access for external usersFederation with other organizationsFederation with Windows Live, Yahoo!, AOL, Skype and XMPPDirectorThe Director role is required for enhanced security; it provides a role to validateauthentication requests within the DMZ for external users. In the event of a denial of serviceattack, the attack would end at the director role and no service interruption occur for internaluser.Persistent ChatPersistent chat server enables users to join multiparty, topic based conversations. A separatePersistent chat Front End server runs the service and a Persistent Chat Back End server stores thechat history and chat informations. Maximum of four Persistent Chat servers can installed toprovide HA.Survivable Branch ApplianceThe Survivable Branch Appliance is special all-in-one hardware device providing Lyncfunctionality. In the event of a WAN outage the appliance can provide local calling functionalitybut contact list and conference call would be unavailable.Load Balancing and High AvailabilityLoad balancing can be provided in two ways. DNS and hardware load balancing. Thisdocument does not cover hardware load balancer setup. High Availability (HA) is provided withinthe pool with multiple FE server. In case of a server failure due to the DNS setup and the resiliencewithin the pool users will be connected to the other available server.6
3. DNS Name ResolutionMicrosoft Lync has specific DNS requirements, in addition to the standard host A recordrequirements for individual servers and clusters, additional CNAME and SRV records are requiredfor load balancing and the advertisement of Lync services to the end clients. The DNSconfiguration is listed later in this document.4. AutodiscoverClients use Autodiscover to find the Lync pool. No SRV record is used for Autodiscover. A DNSA record pointing to the Lync pool will be used.7
5. Initial network configuration:Server nameRoleIPWindows VersionMiamiLyncDC-MIA-01DC, GC, DNS, Operations192.168.2.11/24MasterWindows Server 2008 R2Enterprise with SP1LyncDC-MIA-01DC, GC, DNS192.168.2.12/24Windows Server 2008 R2Enterprise with SP1LyncCAS-MIA-01Exchange 2013 CAS192.168.2.21/24Windows Server 2008 R2Enterprise with SP1LyncMBX-MIA-01Exchange 2013 Mailbox192.168.2.31/24Windows Server 2008 R2Enterprise with SP1LyncFE-MIA-01Lync 2013 Enterprise FE192.168.2.41/24serverWindows Server 2008 R2Enterprise with SP1LyncFE-MIA-02Lync 2013 Enterprise FE192.168.2.42/24serverWindows Server 2008 R2Enterprise with SP1LyncBE-MIA-01Lync 2013 BE server – SQL192.168.2.51/242012 EnterpriseWindows Server 2008 R2Enterprise with SP1LyncBE-MIA-02Lync 2013 BE server – SQL192.168.2.52/242012 EnterpriseWindows Server 2008 R2Enterprise with SP1LyncWN-MIA-01Witness server for SQL andFileShare server for Lync – 192.168.2.71/24SQL 2012 ExpressWindows Server 2008 R2Enterprise with SP1LyncCa-MIA-01CA server192.168.2.61/24Windows Server 2008 R2Enterprise with SP1PBXPBX System192.168.2.143/24Asterix PBX8
Windows Server 2008 forest and domain functional levelInternal domain name: ps-united.comExternal domain name: ps-united.comSingle Tier PKI InfrastructureExternal and Internal Exchange FQDNsOWA for MiamiAutodiscover for ExchangeInternal Autodiscover for LyncExternal Autodiscover for LyncLyncpool united.comlyncpool.ps-united.com9
6. PrerequsitesHyper-V based virtual machinesOn the Domain Controllers (DNS servers) for proper DNS resolution you need to run thefollowing commands otherwise the replication will failing between the sites using Hyper-V virtualswitchesdnscmd /Config /EnableEDnsProbes 0On all servers change the Network Card settings under Computer Management and disable thefollowing:IPv4 Large Send OffloadChecksum OffloadLync Server Prerequisites .NET 3.5 Framework.NET 4.5 FrameworkMicrosoft SilverlightWindows Management Framework 3.0Windows Identity Foundation 3.0KB2646886–install Persistent chato Microsoft Message Queuing7.5componentsareinstalledThe following IIS modules are required for the FE and Director servers Static ContentDefault DocumentHTTP ErrorsASP.NET.NET Extensibility,Internet Server API (ISAPI) ExtensionsISAPI FiltersHTTP LoggingLogging Tools10
TracingClient Certificate Mapping AuthenticationWindows AuthenticationRequest FilteringStatic Content CompressionDynamic Content CompressionIIS Management ConsoleIIS Management Scripts and ToolsUse the following PowerShell command to install the required IIS modules:Import-Module ServerManagerAdd-WindowsFeature Web-Static-Content, Web-Default-Doc, WebHttp-Errors, Web-Asp-Net, Web-Net-Ext, Web-ISAPI-Ext, Web-ISAPIFilter, Web-Http-Logging, Web-Log-Libraries, Web-Http-Tracing,Web-Windows-Auth, Web-Filtering, Web-Stat-Compression, Web-DynCompression, Web-Mgmt-Console, Web-Scripting-Tools, Web-BasicAuth, Web-Client-Auth –RestartAdd the Remote System Administration Tools and the Desktop Experience Windows feature byrunning the following cmdlets:Import-Module ServerManagerAdd-WindowsFeature RSAT-ADDS, Desktop-ExperienceInstall the Windows Media Format Runtime%systemroot%\system32\dism.exe /online es\Microsoft-WindowsMedia-Format-Package 31bf3856ad364e35 amd64 6.1.7601.17514.mum/ignorecheck11
7. Preparing the schema, forest and the domain.Before you can begin install Lync Server Management Shell by running the Setup.exe from theLync DVD.When it finished close the Lync Server Deployment Wizard and open Lync Server ManagementShell from the Start Menu12
Schema update will running against the holder of the schema master FSMO, the accountyou use need to be member of the Schema Admin group. You need the Active Directory DomainServiceToolsareinstalledbeforeyoubegin.Run the following cmdlet from the Lync ShellSchema upgrade - Install-CsAdServerSchemaForest prep - Enable-CsAdForestDomain prep - Enable-CsAdDomainYou can prepare your domain using the GUI. To do this start the Lync Server DeploymentWizard from Start Menu and select the Prepare Active Directory option. The preparation stepsare straight forward using the wizard.Add the Lync server administrators to the CSAdministrator, RTCUniversalServerAdminsand RTCUniversalUserAdmins group13
Verifying the new forest, schema and domain versionTo verify the schema update check the CN ms-RTC-SIP-SchemaVersion where therangeUpper value should be 1150 and the rangeLower 3 or run the Get-CsAdServerSchemacmdlet14
For forest preparation verification open Active Directory Users and Computers under theUsers OU you should security groups starting with CS and RTC. The complete list of the newgroups shown the following tableRTC GroupsCS lReadOnlyGroup OnlyAdministratorRTCUniversalServerReadOnlyGroup -CsAdServerSchemaFor more details of the forest preparation run the followingcmdletGet-CsAdForest -Report C:\ForestPrep.html15
Domain verificationGet-CsAdDomainGet-CsAdDomain -Report “C:\DomainPrepReport.html”16
8. Configuring Back End server for High AvailabilityThe Back End (BE) servers are database servers running Microsoft SQL and hosting thedatabases for archiving, monitoring and persistent chat. These databases can be collocated,however it’s not recommended to share these with other non-Lync databases. The BE serversalso serves a backup store for the pool’s user and conference data. A single BE server issupported, however SQL failover, HA and/or disaster recover (DR) is recommended. In this caseSQL mirroring will provide both the server and database HA. The BE servers don’t have any Lyncsoftware installed.Before the installation we create a SQL server service account, this account need to be partof the local administrator group on each SQL server with a strong password which never expires.Next we need for delegation otherwise a logon prompt will pop-up every time you open theReports web page (see step 14.). The Delegation tab is not visible by default on the ADUC and it17
has a dependency. Called SPN so first setup the SPN for the service account. Run the following ina command prompt windowSetspn -A http/lyncbe-mia-01 ps-united\sqlserviceNow open the Delegation tab of the SQLService account from its Properties window and selectTrust this user for delegation to any service (Kerberos only)Install .NET 3.5 via the Add Features option from Server Manager.18
Installing the SQL ServersStart the installation by selecting the New SQL Server stand-alone installation or add feature toan existing installation option19
On the next page enter the product key and go NextRead the License and select NextSelect SQL Feature installationSelect the following features on the features selection page Database Engine Serviceso SQL Server ReplicationReporting Services – NativeData Quality ClientSQL Server Data ToolsClient Tools ConnectivityManagement Tools – Basico Management Tools - Complete20
Select Next21
Select Named Instance on the Instance Configuration page and call it RTCOn the summary page select Next22
Set the domain account you created for SQL Server Agent, SQL Server Database Engine and SQLServer Reporting Services.23
Select Mixed Mode authentication and set a password for the SA account. Also here you can addthe administrators/administrator group who can manage the SQL ServerOn the Data Directories tab set the Database locations, in this case lave the defaults.24
Select Install Only for the Reporting services we will configure it later when all SQL Servers areinstalled.Select Next and Next on the following two pages25
Start the installation of the SQL ServerRepeat steps above to install the second SQL Server.26
Installing SQL Witness serverInstall SQL Server as you did for the BE server I highlight only the differences or you caninstall SQL Express version as we only use this for witness and need only the database engine,the
Microsoft Lync Server 2013 Peter Dorner Advisory Architect IBM January 30, 2014 . 2 . LyncMBX-MIA-01 Exchange 2013 Mailbox 192.168.2.31/24 Windows Server 2008 R2 Enterprise with SP1 . Configuring Back End server for High Availability The Back End (BE) servers are database servers running Microsoft SQL and hosting the .
The Lync integration with CIC uses several interfaces to communicate. These interfaces include: SIP Lync Client APIs Microsoft Unified Communications Managed API (UMCA) Active Directory Lync Presence Integration service Certification The CIC and Lync integration is a Microsoft
The Lync integration with CIC uses several interfaces to communicate. These interfaces include: SIP Lync Client APIs Microsoft Unified Communications Managed API (UMCA) Active Directory Lync Presence Integration service Certification The CIC and Lync integration is a Microsoft
Before using your phone, you must verify that the Microsoft Lync 2010 audio settings are properly configured to ro ute incoming and outgoing audio to and from your phone. To verify or configure Microsoft Lync 2010: 1 Start the Microsoft Lync 2010 application. 2 In the Microsoft Lync 2010 title bar, click the down arrow near the upper left corner.
LWA eliminates the need to install client software by using a browser -based client to join and participate in Lync Meetings from a shared device or PC, internet café, a personal/ home device or kiosk. External clients, partners and customers can join Lync Meetings with Lync Web App – eliminating the need to download and install the Lync .
The following Lync online meeting features are not available in Lync Web App: Computer audio Computer video Ability to upload PowerPoint presentations For a complete Lync online meeting experience that includes all of the above features, Lync Attendee is the solution.
Configuring Location-Based Routing in Microsoft Lync Server 2013 2014 Microsoft 4 o. On the Start screen, type Event and then click Event Viewer. p. Expand the Applications and Services Logs, and then click Lync Server. q. In the events list, locate and click Event ID 3013 associated with the LS Replica Replicator Agent Service source.This indicates that the change has been
8. Load Balancing Lync Note: It's highly recommended that you have a working Lync environment first before implementing the load balancer. Load Balancing Methods Supported Microsoft Lync supports two types of load balancing solutions: Domain Name System (DNS) load balancing and Hardware Load Balancing (HLB). DNS Load Balancing
In Lync 2013, the Microsoft Lync Director role has been incorporated directly into the FE server instead of having a separate instance of a virtual machine or a server. The FE Servers are used as registrars for all authentication requests. Active Directory Domain Services (AD DS) - All Lync servers referenced within the topology,
