Microsoft just updated its support matrix for Lync 2013 (Finally) Where Netscaler is listed as supported for Reverse Proxy and for Load balancing –> http://technet.microsoft.com/en-us/office/dn788945
You can also read the deployment guide for Netscaler and Lync here –> http://www.citrix.com/content/dam/citrix/en_us/documents/partner-documents/microsoft-lync-2013-citrix-netscaler-deployment-guide.pdf
Now, in my previous post I went trough the roles and features of Lync 2010.
In order to get a better understanding of it, im going to walkthrough the installation and setup of a basic server.
This is going to consist of;
1 x SQL server (Back-end)
1 x Front-end server (Which is going to be collated with A/V Web conferencing roles)
So I’m most interested in trying VOIP, IM, Conferencing, desktop sharing.
Since this is going to be in a lab environment I don’t need the edge role and the director role. And I also don’t have a PSTN line or a SIP line, so I don’t need the mediation role as well. I will be implementing the archiving role and the monitoring role in a later post. I will also implement a front-end pool in case I want to install more front-end servers later on.
Before we continue, remember that you need to have a domain admin account, since we need to make changes to the schema, forest and the domain.
When we launch the setup on the Lync installation media,
This will deploy the files needed for the installation, (including the schema updates)
When that is done you can open the setup again and you will come to this screen.
(Note here thou, that I’ve already updated the schema and prepped the domain and the forest for this setup so if you haven’t done that yet you wont get the “Complete” mark there)
But if not we start with Preparing Active Directory –>
Click next –>
After this screen is done, take a look at the report that was generated under the appdata\local\temp folder.
Incase you want to verify that the changes made to the schema were correct, open ADSI edit –> Choose connect to –>
Check that the value for this is
Now that the schema updates are done we can prep the forest.
We get the same menu as before, just click continue –>
And again check the reports for errors. If you want you can double-check as see that these users appear in your AD.
these users are installed as a part of the script.
Next we continue with the domain prep –>
In case you have multiple DC’s you would want to double-check to see if the changes you made to the domain has been replicated.
Open the Lync shell and run the command “Get-csaddomain”
You should get the response LC_DOMAINSETTINGS_STATE_READY
Now that we are done with the AD changes, we can continue with the Lync setup.
Next we continue with the topology builder, this is the tool we use to setup our lync infrastructure.
So install this on the “to-be” lync server.
After its installed you can see that there’s a check mark behind it. So then you can open to topology builder.
The first menu – choose New topology.
Enter a sip domain. In my case it is test.local
click next, and then define the first site.
Now that you are finished, check the mark at “Open the new front end wizard” and click finish.
Click next here –>
I choose enterprise front end pool here , click next –>
now add the computers that are going to participate in the pool.
Click next –>
Now we choose what other features we wish that this pool should manage, in my case I choose only the first one
“Conferencing, audio, video and application sharing”
And click next –>
I don’t want to enable any of these features yet, so I just click next –>
Now we get to the SQL store, enter the server name of the SQL server, choose default instance if you haven’t chosen any other name for the instance during SQL install.
Now we have to define a file share,
(NOTE that the setup does not create this share It has to be created before continuing)
If you are doing this in a lab environment create a file share with EVERYONE:F access.
Click next –>
Specify a url for the external base URL, click finsh!
Now when that’s complete what did we actually do ?
We actually just created a file which contains XML on how we want our topology to look like.
As you can see we have the Front-end pool we created,
The File share & and SQL store, but this is just a config file nothing has been created on the SQL server and no files have been created on the file share.
So now we have to publish this topology
So click the Action button and choose Topology and choose Publish.
As a part of this you will get the option to create the Lync database as well, so click next.
After that is done, (and everything went smooth ) you will get this screen.
Now we have to open the to-do list and see what we have to do further.
This is just a text file, that says we need to update our DNS records for the pool and the other addresses.
But still we haven’t actually installed anything on the Front-end server we have defined as “scsm” So we continue the install.
We have created the topology, and distributed this to the back-end server. So now we have to install the Front-end server.
So start the setup menu again.
And click on the Install or update Lync Server system, click on the Install Local Configuration Store (this will setup a local SQL express and copy down the Configuration from the CMS)
Once that is done, we can continue with the installation, so back to the setup menu and choose “Setup or Remove Lync Server components”
Click next –> This will install the roles that are defined for the server in the topology
(This part might take a while, and will require a reboot, after the reboot run the setup again)
When that is done you will get back to the setup menu. Now we have to assign certificates to the server.
NOTE: This requires that you have your own PKI setup, if you haven’t configured a PKI before I suggest heading over to my other post regarding SCCM and PKI.
So start by clicking Request –>
Click next –>
Choose send the request immediately, ( or in case you have an offline ca choose that option ) that click next –>
I already have a CA in my domain so I select that I click next –>
If I had to use another account to get the certificates I would enter them here, but im fortunate that my current account is full admin so click next
This field will automatically get populated based on the topology so just click next –>
In my case I only have 1 SIP domain, so I mark it and click next.
if you have any other SAN you wish to enter, you can enter them here.
Now it is sending a request to the sub-ca, so after this is completed click next –>
Just click close now, and we get back to the wizard.
Even thou is says “Completed” It takes some time before the services all are started.
In my case it took over 1 min before the front-end service got started.
But now that they are all started, we can continue on to setting up Lync.
Now when that Is done remember to add the front-end pool host in DNS or you will get an error when you try to open the Lync Control Panel.
And remember the lync control panel is based on silverlight
You can download a trial of the Lync Client here –> http://www.microsoft.com/en-us/download/confirmation.aspx?id=10400
So when I enter my email@example.com and press login voila! it works.
(In my case I forgot to create the SRV which the client uses to find the dns name for the client, therefore I had to enter the FQDN for the server)
Incase you are having some trouble with connecting your client, open the options tab and choose
”Turn on Windows Event logging for Lync” then you can see in the application log if you are having any issues.
I will continue on with some posts regarding policies and such later.
For the last couple of weeks, I’ve been diving into Lync 2010.
I have wanted to learn more about this subject for a while now, but I’ve been busy pursuing other topics like the System Center 2012 release and other exams that I’ve taken like CEH and SCOM.
BTW: Also won a competition @Glasspaper in Norway, and won a new Nokia Lumia 800
One thing I’ve learned about Lync so far, is that it is huge!
Even thou I’ve read alot of Microsoft books in my day, I’m still trying to grasp all the roles and functions that are in Lync.
For my study I have been using the «Mastering Lync 2010″ Available from Amazon.
But what is Lync? (Previously known as Office communications server) Is part of Microsoft Unified Communication products.
It has VOIP functionality, IM (Instant Messaging), Desktop sharing, Group chat, XMPP connector ++++++
«A quick glimpse of the client» Which is available for almost every operating system WMP, IOS, Android, Mac, Windows
Lync can be integrated with Exchange, so if you are booked for a meeting from 10 – 12, you will get listed as «busy» in the Lync client.
Lync is broken down to these sets of roles
Front End Server and Back End Server
A/V Conferencing Server
The only two roles that are needed for a basic Lync setup is the Front End Server and the Back End Server (which is the SQL server) if you already have a sql cluster in place you can use that instead of a standalone back end server.
In a large enviroment, you would typically have more then 1 Front End Server, they need to be grouped to a Front End Pool, and one of the servers in that pool would need to be set as a Central Management Server, which manages all the configuration deployed to all the servers in the Lync Environment.
The Front End role has the following functionality
User authentication and registration
Presence information and contact card exchange
Address book services and distribution list expansion
IM functionality, including multiparty IM conferences
Web conferencing and application sharing (if deployed)
Application hosting services, for both applications included with Lync Server (for example, Conferencing Attendant and Response Group application) and third-party applications. So the Front-End role is the server that the users actually connect to with their client.
The A/V conferencing server, (you can install this on the same server as the front-end server) enables users to have real-time audio and/or video conferences without the need for external services such as the Microsoft Live Meeting service or a third-party audio bridge. If you install this role on a independent server you need to install the a local management store.
The Edge Server is the server that external users connect to, this server is connected to the internal and the public network (prefer the DMZ via/Nat) after this is deployed you would have to create an external users policy that you need to deploy for the users.
The Mediation role is needed for Enterprise Voice deployment, which is usually connected to your ITSP via a SIP-trunk, or a PSTN gateway or if you have your own IP-PBX. In Lync 2010 this role is collocated with the Front End Server by default.
The Lync monitoring role gathers data from Lync endpoints, servers and Lync phones. The data specifies media quality and usage data and stores them in a SQL database. The server also provides access to the data trough a reporting engine.
Archiving Server provides a repository for information exchanged via Lync Server, which consists of
- IM conversations,
- Content uploaded in Web conferences
- Conference events (joins, parts, etc.)
Director role is quite confusing, for internal users it redirects a user to the right client pool ( in a multiple pool environment ) if you don’t have a Director server installed, the user will find a pool via auto discover in dns.
For external users, it takes the workload of authentication of the front-end server, so when a user in a external network tries to connect to its Lync environment it will connect trough the Edge server, send a query to the director and then connect to the right client pool. So in case of DoS attack against your lync enviroment, your internal users are still able to connect.
Now all these roles play a vital function in your lync environment, to give you a better picture of it as a “whole” Microsoft has some nice pictures that describes the traffic flow for each role.
The first one represents IM & Presence Workload.
I always think that a picture describes more that thousand words.
As you can see there are two scenarios here, 1 for external users and 1 for internal users.
One role that I didn’t describe is the XMPP gateway, which always for federating with other sources of IM such as Google, Jabber etc.
The next one is for Enterprise Voice Workload, which basically is VOIP connected to the PSTN. As you can see here the Mediation Server is set as optional, this is because you usually install this on the same server as the front end server.
The mediation server is then connected to the PSTN, or a SIP trunk or a direct SIP connection.
The third one is for A/V and Web Conferencing.
This is also usually installed with the Front-end server.
In case you are looking for more information regarding Lync, stay tuned on the blog.
Also if you want sign up for a Office365 trial and give Lync online a try.
I also recommend you visit one of the following links.