Monday, June 10, 2013

OCS 2007 R2 to Lync 2010 Migration

Microsoft Lync 2010 Installation, Deployment & Configuration

This report contains 216 pages
Author: Rajaji. T










1                                  Introduction:

Microsoft Lync was previously known to be 'Microsoft Office Communication Server' is a host of organization that provides compatibility to users having synchronization for communication servers, file transferring processes and additional medium for instant messaging facility. The Microsoft Lync 2010 provides remarkable touch to video, voice and audio conferences through an external network organization which provides you an access to exchange a vast share of information through the web.

The Microsoft Communicator User Interface- Microsoft Lync 2010 is basically featuring the online meeting when clients attend from their relaxed zones by using the Microsoft Lync 2010. The communication tools provide an elaborative touch to communication field in relative technology world of Microsoft. 

The Microsoft Lync 2010 makes users to connect anywhere possible wherever internet connection is present without any requirement of VPN. This makes it works by far the best in Microsoft Communicator Interface of Lync version 2010. Without any hesitation, users can share their office personal information’s and connect globally at no greater costs.

Microsoft Lync 2010 makes it very easy to share the information over the globe among individuals through a secure way. At any time, users can share any application from their desktop, manipulate and control personal meeting and moreover transferring files or PowerPoint presentations through Microsoft Lync 2010 features.

The management of Microsoft Lync 2010 makes the work and sustainability of Lync server more ultraportable. What makes it more interesting is the, data is saved in the configuration option of Control Panel. The database were previously lost due to unprotection to management of conversations in Microsoft Communicator Interface, but now the work is made easy while every communications are recorded and saved under the managing category so that users can change it whenever needed. The database replicates the information stored to all servers.

Microsoft Lync 2010 gives a chance for users to get with their best performance in Business solutions through alternate contact web meeting through Microsoft Lync 2010 and conduct and upload presentation reports to Companies and organizations at anytime and anywhere possible. On-going discussions can now be carried out anywhere with Group Chat feature which enables a core group of team to work together with Discussions related to various issues only through Microsoft Lync 2010

Now with Microsoft Lync 2010, all offices can now restore anytime collaboration through urgent opening meeting which will help in placing a greater control over their time management. Users can escalate a simple discussion and engage themselves over a larger audio and video conferencing in real time. With Microsoft Lync 2010, users get in touch with full breadth to extend their source of communication to anyone across the world using IM Conversations and multitasking network with each other.

Microsoft Lync 2010 provides an extra durability of giving users a powerpacked performance on audio conferencing mode. Lync 2010 server provides a unique feature that captures the audio voice calls from anyone when their particular names are identified. Microsoft Lync 2010 enables the facility to users to carry over the voice calls or mute the calls within a particular time speed and helps in identifying users who are in distance confusion on journeys.
























2                                Microsoft Lync2010 Setup

The Lync and other features applied on the following servers IBM Blade Centre and VMWARE, details are as given below

VMWARE
Hostname: LYNC2010
IP Address: 10.0.0.104 / 255.255.252.0

DNS Load Balance
Virtual Name: LYNC
IP Address: 10.0.0.104 / 255.255.252.0
IP Address: 10.0.0.137 / 255.255.252.0

HS22 - Blade 10
Hostname: LYNC02
IP Address: 10.0.0.137 / 255.255.252.0

VMWARE
Hostname: LYNCPROXY
IP Address: 10.0.0.105 / 255.255.252.0
IP Address:30.0.0.3/255.255.255.224

VMWARE
Hostname: LYNCEDGE
IP Address: 10.0.0.106 / 255.255.252.0
IP Address:30.0.0.8/255.255.255.224

VMWARE
Hostname: sqlserver2008
IP Address: 10.0.0.94 / 255.255.252.0

VMWARE
Hostname: LYNCARCHIVE
IP Address: 10.0.0.112 / 255.255.252.0






2.1                   Lync 2010 Architecture





2.2                           Lync 2010 Internal Record

DNS Record
Type
Pointing to
LYNC02.Domain.com
A
10.0.0.137
LYNC2010. Domain.com
A
10.0.0.104
lync. Domain.com
A
10.0.0.137
lync. Domain.com
A
10.0.0.104
LYNCARCHIVE. Domain.com
A
10.0.0.112
LYNCEDGE. Domain.com
A
10.0.0.106
LYNCEDGE. Domain.com
A
30.0.0.8
LYNCPROXY. Domain.com
A
10.0.0.105
LYNCPROXY. Domain.com
A
30.0.0.3
Access. Domain.com
CNAME
lync. Domain.com
Admin. Domain.com
CNAME
lync. Domain.com
Dialin. Domain.com
CNAME
lync. Domain.com
lsweb. Domain.com
CNAME
lync. Domain.com
Meet. Domain.com
CNAME
lync. Domain.com
sip. Domain.com
CNAME
lync. Domain.com
_sipinternalstls._tcp. Domain.com
SRV
lync. Domain.com.
_ntp._udp. Domain.com
NTP
dc. Domain.com


2.3                           Lync2010 External Record

DNS Record
Type
Pointing to
lync. Domain.com
A
203.76.142.232
access. Domain.com
A
203.76.142.238
webcon. Domain.com
CNAME
203.76.142.238
lsrp. Domain.com
CNAME
203.76.142.232
Dialin. Domain.com
CNAME
203.76.142.232
lsweb-ext. Domain.com
CNAME
203.76.142.232
Meet. Domain.com
CNAME
203.76.142.232
_sip._tls. Domain.com
SRV
access. Domain.com


3                                  Front End Server

The Front End server is main server that runs many Lync services. Front end server and the database server are the required roles. Lync Front End pool is an array of load balanced servers that provide services to common group of users.

Front End server functions are:
  • Client registration and authentication
  • Presence availability information, DL expansion and address book services
  • IM services including IM conferences (chat rooms)
  • Web conferencing and app sharing

One front end pool server in the deployment run the CMS (central management server), which manages the master copy of the configuration data. A service connection point SCP is created for CMS during installation. This data is different from data that resides in the SQL database.












4                                  Server Prerequisite Software

Commands to install all pre-requisites... (On Windows Server 2008 R2)

4.1                            Install.Net Framework 3.5 with SP1

  1. Go to Start, click Administrative Tools, and then click Server Manager.
  2. In the console tree of Server Manager, right-click on Features, and then select Add Features.
  3. In the Select Features Window, select .Net Framework 3.5.1 Features


  1. You will receive a notification that additional role services and features are required for .Net Framework 3.5.1. Click Add Required Role Services.


  1. On the Select Features page, click Next.
  2. On the Web Server (IIS) page, click Next.
  3. On the Select Role Services page, accept the defaults, and then click Next.


  1. On the Confirm Installation Selections page, click Install.


  1. On the Installation Results page, verify the installation was successful, and then click Close. Close Server Manager.

4.2                            Install IIS

The following table indicates the required IIS role services.

Role Heading
Role Service
Common HTTP features installed
Static content
Common HTTP features installed
Default document
Common HTTP features installed
HTTP errors
Application development
ASP.NET
Application development
.NET extensibility
Application development
Internet Server API (ISAPI) extensions
Application development
ISAPI filters
Health and diagnostics
HTTP logging
Health and diagnostics
Logging tools
Health and diagnostics
Tracing
Security
Anonymous authentication (installed and enabled by default)
Security
Windows authentication
Security
Client Certificate Mapping authentication
Security
Request filtering
Performance
Static content compression
Management Tools
IIS Management Console
Management Tools
IIS Management Scripts and Tools

4.3                            Install the Remote Server Administration Tools

The Remote Server Administration Tools are required for some of the preparation steps further in this document. To install the Remote Server Administration Tools, follow these steps:

  1. Go to Start, click Administrative Tools, and then click Server Manager.
  2. In the console tree of Server Manager, right-click on Features, and then select Add Features.
  3. In the Select Features Window, expand Remote Server Administration Tools, select AD DS and AD LDS Tools, and then click Next.




  1. On the Confirm Installation Selections page, click Install.
  2. On the Installation Results page, verify the installation was successful, and then click Close.
  3. You will be prompted to restart the server. Go ahead and restart.

4.4                            Install Silverlight

Silverlight is required to run the Lync Server Control Panel.

4.5                            Install prerequisite using PowerShell

We can install IIS from Server Manager or by using the command line. Here are the steps to install IIS by using Windows PowerShell.

PS C:\> Import-Module ServerManager


PS C:\> Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Static-Content,Web-Default-Doc,Web-Http-Errors,Web-Http-Redirect,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Http-Logging,Web-Log-Libraries,Web-Http-Tracing,Web-Windows-Auth,Web-Client-Auth,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Console,Web-Scripting-Tools–Restart



Above command will install all the features required and reboot the machine.

5                                  Install the Lync Server Deployment Wizard

1.      Mount the Lync Server 2010 installation media.
2.      Navigate to the \Setup\amd64 directory.
3.      Execute the setup.exe file to start the Deployment Wizard.
4.      It'll check the availability of Microsoft Visual C++ 2008 redistributable on the system. If its not installed, it'll give you option to install the application. Click "Yes" to install it.




5.      The installation of Microsoft Visual C++ 2008 will take a short while. You will not see anything on the screen while this is being installed.
6.      Once completed, you will be presented with the following window. Adjust the installation location if you desire, and then click Install. By default, it'll select location. After selecting the right installation location, click on "Install".



7.      On the License Agreement page, accept the end-user license agreement, and then click OK.





8.      Once the installation of the Deployment Wizard is complete, you will be presented with the Lync Server 2010 - Deployment Wizard.

5.1                            Install the Lync Server Topology Builder


1.      Go to Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Deployment Wizard.



5.2         Topology Builder (TB):       

It is must to install Topology Builder (TB) before you can deploy a Lync Server. Topology Builder helps you to define sites and servers in the setup.

1.      Define a topology (xml file gets created).
2.      Topology Builder validates the topology.
3.      Publish the topology after successful validation.
4.      Publishing it puts it into the Communications Server central management store (which is created if it does not already exist).
5.      Click "Install Topology Builder" to install the TB. After installation of TB, it'll look like following in the deployment wizard.
Description: Microsoft_Lync_Server_TB_Install_Confirm










5.3                            Prepare Active Directory Domain Services

To prepare Active Directory Domain Services (AD DS) for your Microsoft Lync Server 2010 deployment, you must perform three steps in a specific sequence:
·         Prep Schema
·         Forest Prep
·         Domain Prep
Permission required for these three operations.

Action
Permission
Schema Prep
Forest Prep
Member of EnterpriseAdmins or DomainAdmins group for the forest root domain
Domain  Prep
Member of EnterpriseAdmins or DomainAdmins group for the specified domain

5.4                            Prepare the Schema

1.      Go to Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Deployment Wizard.
2.      Click Prepare Active Directory.



3.      On the Prepare Active Directory for Lync Server page, under Step 1: Prepare Schema, click Run.




4.      On the Prepare Schema page, click Next.


5.      On the Executing Commands page, verify the Task Status shows Completed, and then click Finish.

6.      This will extend the Active Directory schema for the use of Microsoft Lync Server 2010. You need to be an enterprise admin to perform this operation









In this case location of schema prep log was

Location:
C:\Usersocsr2\AppData\Local\Temp\2\Install-CSAdServerSchema-[2011_01_13][05_00_17].html

We have an OCS setup , so this is verify the process has completed successfully by checking the rangeUpper (1100) and rangeLower (14) values of the ms-RTC-SIP-SchemaVersion Schema object with adsiedit.msc.








If the schema is up to date, so that this command returns the following value : SCHEMA_VERSION_STATE_CURRENT


5.5                            Prepare the Forest


1.      Start, selecting All Programs, selecting Microsoft Lync Server 2010, and then clicking on Lync Server Deployment Wizard. The click Prepare Active Directory.
2.      On the Prepare Active Directory for Lync Server page, under Step 3: Prepare Current Forest, click Run.


3.      On the Prepare Forest page, click Next.


4.      On the Universal Group Location page, leave the Local domain option selected, and then click Next.

5.      On the Executing Commands page, verify the Task Status shows Completed, and then click Finish.
6.       







7.      Log Location:
C:\Users\ocsr2\AppData\Local\Temp\2\Enable-CSAdForest-d6ff24e5-d7b0-4d9b-8450-f4844d8c8d43.xml
8.      To check the status of forest prep, run the following command in PowerShell.

PS C:\> Get-CsAdForest
LC_FORESTSETTINGS_STATE_READY


5.6                            Prepare the Domains

1.      Start, selecting All Programs, selecting Microsoft Lync Server 2010, and then clicking on Lync Server Deployment Wizard. The click Prepare Active Directory.
2.      On the Prepare Active Directory for Lync Server page, under Step 5: Prepare Current Domain, click Run.


3.      On the Prepare Domain page, click Next.


4.      On the Executing Commands page, verify the Task Status shows Completed, and then click Finish.


5.      Log Location for domain prep action,

C:\Users\ocsr2\AppData\Local\Temp\2\Enable-CSAdDomain[2011_01_13][05_08_59].html



6.      To check the status of Domain Prep, run the following command.

PS C :\> Get-CsAdDomain
LC_DOMAINSETTINGS_STATE_READY






5.7                            Add DNS Records

Lync Server 2010 leverages DNS for various features

DNS Record
Type
Pointing to
LYNC02.Domain.com
A
10.0.0.137
LYNC2010. Domain.com
A
10.0.0.104
lync. Domain.com
A
10.0.0.137
lync. Domain.com
A
10.0.0.104
LYNCARCHIVE. Domain.com
A
10.0.0.112
LYNCEDGE. Domain.com
A
10.0.0.106
LYNCEDGE. Domain.com
A
30.0.0.8
LYNCPROXY. Domain.com
A
10.0.0.105
LYNCPROXY. Domain.com
A
30.0.0.3
access. Domain.com
CNAME
lync. Domain.com
Admin. Domain.com
CNAME
lync. Domain.com
Dialin. Domain.com
CNAME
lync. Domain.com
lsweb. Domain.com
CNAME
lync. Domain.com
Meet. Domain.com
CNAME
lync. Domain.com
sip. Domain.com
CNAME
lync. Domain.com
_sipinternalstls._tcp. Domain.com
SRV
lync. Domain.com
_ntp._udp. Domain.com
NTP
rdc. Domain.com

 

5.8                            Create the Lync File Share

The user account that we will use to publish the topology must have full control (read/write/modify) on the file share in order for Topology Builder to configure the required permissions. Because the file share cannot be located on the Front End Server. As a result, we decided to create the file share on the Database server.

Share name for this purpose in this article is “LyncFolder”

1. Log on to sqlserver2008
2. Go Start, click Computer, and then click Local Disk (D:).
3. Right-click in the Details Pane, select New, and then select Folder.
4. Name the new folder LyncShare.
5. Right-click on the LyncShare folder, select Properties, click on the Sharing Tab, and then click Advanced Sharing.
6. On the Advanced Sharing dialog box, select the Share this folder option, leave the Share Name field as LyncShare.


7. Click Permissions.
8. On the Permissions for LyncShare dialog box, check Allow next to Full Control, and then click OK.

9. Click OK, click OK, and then click Close.


6                                  Prepare the Microsoft Lync Server


Process to prepare the Lync Server does three things primarily.
1)      Checks following components for availability. If anyone them missing, it also installs that component.
2)      Creates firewall exception for SQL instance.
3)      Creates firewall exception for SQL browser.

1.      Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Deployment Wizard.
2.      On the Lync Server 2010 – Deployment Wizard page, click Prepare first Standard Edition server.




3.      On the Prepare single Standard Edition Server page, click Next.








4.      The installation of the Standard Edition Server database will take some time. When complete, click Finish.





5.      After this wizard completes, following components installed on the server.





6.1                            Define the Topology for Lync 2010 Standard Edition Server


Now we have all of the infrastructure preparation complete, so it’s time to move on to defining the topology for Lync 2010 Standard Edition in Topology Builder.

1.      Go to Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Topology Builder.



2.      On the Topology Builder dialog box, select the New Topology option, and then click OK.



3.      On the Save New Topology As dialog box, enter a name in the File name field, and then click OK.
4.      On the Define the primary domain page, enter the primary SIP domain (domainname.com), and then click Next.


5.      On the Specify additional supported domains page, click Next.


6.      On the Define the first site page, enter a site name into the Name field, enter a description into the Description field if desired, and then click Next.


7.      On the Specify site details page, enter the location details, and then click Next.


8.      On the New topology was successfully defined page, ensure the Open the New Front End Wizard when this wizard closes option is selected, and then click Finish.


9.      The Define the New Front End Pool wizard opens. Click Next.



10.  On the Define the Front End pool FQDN page, type lync. domainname.com into the Pool FQDN field, ensure the Standard Edition Server option is selected, and then click Next.





11.  On the Select features page, select the option and then click Next.

12.  On the Select collocated server roles page, select collocate A/V conferencing service leave all options unchecked, and then click Next.


13.  On the Associate server roles with this Front End pool page, ensure all options are unchecked, and then click Next.


14.  On the Define the SQL store page, type sqlserver2008. domainname.com, click Next.


15.  On the Define the file share page, type LyncShare into the sqlserver2008 field, and then click Next.


16.  On the Specify the Web Services URL page, click Finish.





6.2                            Publish the Topology


Now that the topology is created, and the initial Standard Edition Server has been prepared, it’s time to publish the topology.


1.      Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Topology Builder. You may need to open the topology we created above.
2.      In the console tree, right-click the Lync Server 2010 node, and then click Publish Topology.
3.      On the Publish the topology page, click Next.







4.      On the Select Central Management Server page, ensure the Front End pool (lync domainname.com) we created is selected, and then click Next.







5.      The Topology Builder will begin publishing the topology. When complete, ensure each step shows a status of Success, and then click Finish.


Setup the Lync 2010 Standard Edition Server

Now that the topology has been published, we’re ready to setup the Lync 2010 Standard Edition Server.

6.3                            Install the Local Configuration Store


1.      Go to Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Deployment Wizard.
2.      On the Lync Server 2010 – Deployment Wizard page, click Install or Update Lync Server System.






3.      On the Lync Server 2010 page, under Step 1: Install Local Configuration Store, click Run.


4.      On the Configure Local Replica of Central Management Store page, ensure the Retrieve directly from the Central Management Store option is selected, and then click Next.




5.      The installation of the Local Configure Store will begin.



6.      Verify the Task Status shows as Completed, and then click Finish.



6.4                            Install the Standard Edition Components


1.      On the Lync Server 2010 page, under Step 2: Setup or Remove Lync Server Components, click Run.


2.      On the Setup Lync Server Components page, click Next.


3.      The installation of the Standard Edition Components will begin.


4.      Once completed, the Task Status will show as The cmdlet completed with errors, and there will be a warning that the server must be restarted before installation can continue.




5.      Click Finish.

6.      On the Restart Required dialog box, click OK.



7.      Once Restarted the server, Click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Deployment Wizard.
8.      On the Lync Server 2010 – Deployment Wizard page, click Install or Update Lync Server System.
9.      On the Lync Server 2010 page, under Step 2: Setup or Remove Lync Server Components, click Run.




10.  On the Setup Lync Server Components page, click Next.


11.  The installation will proceed.
12.  Verify the installation is successful, and then click Finish.







6.5                            Request, Install, and Assign Certificates

1.      On the Lync Server 2010 page, under Step 3: Request, Install or Assign Certificates, click Run.


2.      On the Certificate Wizard page, click Request.


3.      On the Certificate Request page, click Next.


4.      On the Delayed or Immediate Requests page, ensure the Send the request immediately option is selected, and then click Next.


5.      On the Choose a certificate Authority (CA) page, verify the CA from the lab is detected, and then click Next.



6.      On the Certificate Authority Account page, click Next.


7.      On the Specify Alternate Certificate Template page, ensure the Use alternate certificate template for the selected certification authority option is not selected, and then click Next.

8.      On the Name and Security Settings page, use the default Friendly Name, Lync server (FE) Friendly Name, and then click Next.

9.      On the Organization Information page, click Next.



10.  On the Geographical Information page, click Next.


11.  On the Subject Name / Subject Alternate Names page, click Next.




12.  On the SIP Domain setting page, select domainname.com under Configured SIP domains, and then click Next.


13.  On the Configure Additional Subject Alternate Names page, click Next.

14.  On the Certificate Request Summary page, verify the summary information, and then click Next.




15.  On the Executing Commands page, ensure the Task Status shows as Completed, and then click Next.









16.  On the Online Certificate Request Status page, ensure the Assign this certificate to the Lync Server certificate usages option is selected, and then click Finish.


17.  On the Certificate Assignment page, click Next.

18.  On the Certificate Assignment Summary page, verify the summary information, and then click Next.




19.  On the Executing Commands page, ensure the Task Status shows as Completed, and then click Finish.




20.  The Certificate Wizard will now show a Status of Assigned for the certificate we installed. Click Close.



6.6                            Start Services

On the Lync Server 2010 page, under Step 4: Start Services click Run.



1.      On the Start Services page, click Next.


2.      On the Executing Commands page, ensure the Task Status shows as Completed, and then click Finish.


7         DNS Load Balancing            

                                                                                                                                                                                                                                                                                                                                    DNS load balancing is typically implemented at the application level                                                                                     
                                                                                                                                                                                                            Lync 2010 client tries to connect to a server in a pool by connecting to one of the IP addresses resulting from the DNS A query for the pool fully qualified domain name (FQDN).
There are two front end servers in a pool named lync. domainname.com, the following will happen:
     The Lync 2010 client will query DNS for lync. domainname.com and get back 2 IP addresses (not necessarily in this order), and cache them as follows:

Lync.Domain.com          10.0.0.104
Lync. Domain.com         10.0.0.137

     Then, the client attempts to establish a Transmission Control Protocol (TCP) connection to one of the IP addresses in its cache using a TCP SYN request. If that fails, the client tries the next IP address in its cache.

     If the TCP SYN request succeeds, the client attempts to connect to the front end server a SIP REGISTER.
     If the SIP REGISTER attempt fails (for example, a SIP lync. domainname.com error is returned), the client has intelligence built in to try each subsequent IP address in its cache.
     If it gets to the end without a successful connection, the user is notified that no Lync Server 2010 servers are available at the moment.

Note:

DNS-based load balancing is different from DNS round robin (DNS RR) which typically refers to load balancing by relying on DNS to provide one IP address corresponding to one of the servers in a pool, with a different IP being returned every time a DNS A record query is resolved by the DNS Server. Typically DNS RR only enables load balancing, but does not enable failover. For example, if the connection to the one IP address returned by the DNS A query fails, the connection fails. Therefore, DNS round robin is less reliable than DNS-based load balancing.


8                                  Lync 2010 Archival Installation


8.1                            Prerequisite Software:


·         Microsoft .NET Framework 3.5 with SP1 (to be installed using Server Manager)
·         Microsoft Visual C+ 2008 Redistributable (can be installed automatically by Lync Server 2010, if not already installed on the computer)
·         Windows Media Format Runtime (can be installed automatically by Lync Server 2010, if not already installed on the computer)
·         Windows PowerShell version 2.0 (is already installed on some Windows operating systems)
·         Windows Installer version 4.5

8.2                            Message queuing

Message Queuing, with Active Directory Integration enabled, on the server running Archiving Server and on each Front End Server and Standard Edition server that hosts users who will have IM archived.
To install Message Queuing by using Server Manager:

1.      Log on as a domain user with local administrator rights to the server that will be running Archiving Server or the Front End Server.
2.      Click Start, point to Programs, point to Administrative Tools, and then click Server Manager.
3.      Click Add Features.
4.      Expand Message Queuing, expand Message Queuing Services, and verify that the Message Queuing Server and Directory Service Integration check boxes are selected.
5.      Click Next, and then click Install.
6.      When prompted to restart the computer, click OK to complete the installation.

Note:

To ensure that Message Queuing is installed and ready for installation of Archiving Server, enable the Advanced Features on the View tab in Active Directory Users and Computers to view and verify that Message Queuing is enabled for the computer.
On the computer on which you want to install Archiving Server, log on using an account that is a member of the local Administrators group, is a domain user account that is a member of the RTCUniversalServerAdmins group, and has access permission for the SQL instance for the Archiving database (or an account with equivalent user rights).


Start the Lync Server Deployment Wizard from the Lync Server installation media.
1.      On the first page of the Lync Server Deployment Wizard, specify the installation location (by default, C:\Program Files\Microsoft Lync Server 2010).


2.      On the License Agreement page, review the license agreement, select the I accept the terms in the license agreement check box to proceed, and then click OK.


3.      On the Welcome page, click Install or Update Lync Server System.


4.      In Step 1: Install Local Configuration Store, click Run.




Note:

The Lync Server Deployment Wizard reads the configuration information from the Central Management store, which you defined using Topology Builder, and writes the XML configuration file to the local computer.
On the Configure Local Replica of Central Management Store page, click Retrieve directly from the Central Management Store (Requires read access to the Central Management Store).


In Step 2: Setup or Remove Lync Server Components click Run.

Note:

The Lync Server Deployment Wizard installs the Lync Server components specified in the XML configuration file stored on the local computer.


Description: 46





Skip Step 3: Request, Install or Assign Certificates, because there are no certificate requirements for the Archiving Server.

In Step 4: Start Services, click Run.
Note:

Before you start the services, verify that the LcsLog database was correctly created in the SQL Server instance you specified for Archiving Server.





5.      Click Exit.
6.      When the installation completes, click Finish.




8.3                            Deploying Monitoring Server Reports


1.      From the Lync Server 2010 installation folder or media, run Setup.exe to start the Lync Server Deployment Wizard.

2.      In the Lync Server Deployment Wizard, click Deploy Monitoring Server Reports.

Description: [image185.png]

3.      In Specify Monitoring Server Page, specify the Monitoring Server that you want to collect and store the call detail recording (CDR) and Quality of Experience (QoE) data.
4.      In Specify Monitoring Server Page, specify the instance of SQL Server Reporting Services that will publish the reports.



5.      In Specify Credential Page , specify the user credentials that we want to use to access the Monitoring Server database (QoEMetrics and LcsCDR)


6.      (Optional) In Specify Read-Only group page, specify the domain group that you want to grant read-only access to the Monitoring reports.

7.      Continuing on with the wizard will deploy the report pack:


Archival & Monitoring services completed successfully.

9                                  Lync 2010 Reverse Proxy Installation


Reverse proxy is a general concept which helps us to publish internal FQDNs to the external world (internet).

A proxy or forward proxy is a server (a computer system, devices or an application program) that acts as an intermediary for requests from internal clients seeking resources from external servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page or other resource, available from a different server. The proxy server evaluates the request according to its rules or filtering rules and pass on to the server inside or outside network. A proxy server can also act as a gateway between external and internal networks. A forward proxy secures networks by hiding IP address of internal network from outside network. It also cache contents and provide filtering functionality.

A reverse proxy as name suggests relays request from opposite direction i.e. from external clients to internal servers or perimeter servers i.e. a reverse proxy has more than one network cards and one NIC faces toward internet having another network card facing perimeter or internal network. A reverse is place in the neighbourhood of web servers. A reverse proxy also hides actual IP address of networks or servers from external or VPN clients. A reverse proxy encrypts data, provide load balancing, act as server cache, optimize compression and publish web sites for extranet.

Advantages: A reverse proxy server provides the following advantages over a direct connection to a web server:

·         Security
·         SSL encryption and acceleration
·         SSL bridging
·         SSL offloading
·         Load balancing

Role of Reverse Proxy in OCS environment!

We use reverse proxy to extend following three basic functionalities to the external users (internal users logged in from the internet).

•       Meeting content downloads during Web Conferencing (Live Meeting).

•       Expansion of Distribution List (DL).

•       Address book download.

External users will not be getting above mentioned services if we don’t have reverse proxy configured.

Software Requirements The Forefront Threat Management Gateway server requires installation
of the following components:
o   NET Framework 3.5, Service Pack 1
o   Windows Web Services API
o   Windows Update
o   Windows Installer 4.0

Description: [image40[1].png]

1.      Select Run Preparation Wizard. This Wizard will add the server role required for TMG to operate on the server. As we click through the installer you will have to choose a type of installation


2.      Click Next,


3.      Accept the End User License Agreement Click Next,




4.      TMG doesn’t require a key, this PID is auto-entered and not sacred.  Next , choose Forefront TMG services and management for a complete install.



5.      Verify the installation Path. Click  Next.


6.      Internal Network Designation.  Click Add to get started.

7.      We need to Add an Adapter





8.      Adjust as appropriate. Our ranges or all ranges.  Whatever is "internal”.  Click OK.

9.      Click . Next.

10.  Some Services will restart. Click Next.


11.  Click, restart.


12.  Click.  Install.







13.  All set.  Finish and then the TMG Management "Getting Started" Wizard starts.

9.1                            Network settings


1.      Let's Configure the Network Settings


2.      Run the wizard to configure network settings. This setup is an Edge Firewall configuration. Choose Edge and click Next

3.      Choose  internal network adapter to be associated with the LAN



4.      Then choose external network adapter , in this labelled DMZ.

5.      Confirm the information and choose finish.


9.2                            System Settings

1.      Let's Configure the System Settings


2.      Choose Configure System Settings which basically has you confirm the computer and domain settings

3.      Verify and then Finish.

9.3                            TMG Deployment


1.      let's Define the Deployment Options

2.      Choose Use the Microsoft Update service to check for update.  Next

3.      We're just doing Reverse Proxy here.  Click Next


4.      Feedback settings.  Next.


5.      Reporting settings. Select “None no information is sent to Microsoft and click   Next.

6.      Verify the information & click Finish.



9.4                            Deploy Web listener:

1.      We create a new Web Listener.  Click New. Give Web Listener name.  Click Next. .


2.      We're requiring SSL here.  Click Next.


3.      Where does the Web Listener - "listen" - on, so - the select External Network is the choice here.  Check that and


4.      Click "Select IP Addresses" option.


5.      We already exported and imported SSL certificates through our Lync process ,Choose that certificate here


6.      No authentication necessary here.  This is done on the Front End External IIS instance.  Click Next.


7.      Click Next

8.      Web Listener configured.  Click Finish




9.5                            Web Publishing Rule


1.      Now that the Web Listener is done, we can continue with our Web Publishing Rule setup.  Click Next.

Description: 6a00e5500aa9338833015392dbcca0970b-pi

2.      Firewall Policy -> New -> Web Site Publishing Rule. Enter the  rule  name.  Click Next

3.      On the Select Rule Action page, leave the default selection (Allow) and click Next.
4.      On the Publishing Type page, select the publish a server farm of load balanced web server and click Next.


5.      On the Server Connection Security page, you specify whether TMG will use SSL to
connect to the published Web server. For this rule, leave the default option and click Next.


6.      On the Internal Publishing Details page, type the internal site name (meet. domainname.com)  and click Next.


7.      For the Web site that we are publishing, our goal is to allow access to all the content within the Web server. Therefore, the path should be /*. Click Next.

8.      Name the load balanced applications name,


9.      Select the servers ,



10.  Verify the information & click finish





11.  Now that the Web Listener is done, we can continue with our Web Publishing Rule setup.  Click Next.



12.  Choose appropriate option.  Click Next.


13.  Choose All Users.  Click Next.


14.  Verify & Finish.



15.  Back to the Bridging Tab.  Make sure we redirect to 4443 as appropriate.  These ports were the ports chosen in your Topology for the External Web Services.


16.  The GUI shows all items in green, however if you select the /Log folder you will see the description below:


17.  On the Public Name tab, add the Simple URLS to the list of allowed public names.







10                              Lync Edge Server:

10.1                        Overview

To provide support for external user access, federation, and integration with public IM connectivity, we need to deploy Edge Servers and other components in the perimeter network, in addition to preparing the network and firewall infrastructure to support these components. Deployment includes using the tools provided in Microsoft Lync Server 2010 to start the deployment of Edge Servers. This section provides an overview of the Edge Server deployment process, the tools that u'll use to deploy Edge Servers, and best practices for deploying components to support external user access.




1.      Log on to the computer on which you want to install your Edge Server as a member of the local Administrators group or an account with equivalent user rights and permissions.


2.      Since the Edge server is not a part of the domain, it will not register its name and IP in the internal DNS servers so in order for internal pool to be able to look up the Edge server, we will need to create an A record manually:


10.2                        Define the Topology for a single Edge Server


1.      Start Topology Builder: Click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Topology Builder.
2.      In the console tree, expand the site in which you want to deploy an Edge Server.
3.      Right-click Edge pools, and then clicks New Edge Pool.
4.      In Define the New Edge Pool, click next.
5.      In Define the Edge pool FQDN page , Click Single computer pool Enter the FQDN is lync. domainname.com, and then click next.



6.      In Select features, do the following:

a.      If you plan to enable federation select the Enable federation (port 5061) check box.
b.      If you plan to use network address translation (NAT) for your public facing IP addresses, select the  external IP address of the Edge pool is translated by NAT check box.

7.      In Select features we did not chose to use a single FQDN and IP Address, type the External FQDNs for SIP Access, Web Conferencing and Audio Video, keeping the default ports (443).Click Next,

8.      In Define the Internal IP address, type the IP address of Edge Server in Internal IP address (10.0.0.113), and then click Next.


9.      In Define the External IP address, do the following

We  did not choose to use a single FQDN and IP Address for the SIP access, Web Conferencing service, and A/V Edge service, type the external IP addresses of the Edge Server in SIP Access, Web Conferencing, and A/V Conferencing, and then click Next


10.  In Public IP address, type the public IP address to be translated by NAT(10.0.0.106), and then click Next.



11.  In Define the next hop, in Next hop pool, select the name of the internal pool  (lync. domainname.com),Then click Next.


12.  In Associate Front End pools, specify internal pools, by selecting the names of the internal pools that are to use this Edge Server for communication with supported external users.

13.  Click Finish.& publish the topology







Result is verified.






Topology data available on an Edge Server by using Lync Server Management Shell

Start the Lync Server Management Shell: Click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Management Shell.
In the Lync Server Management Shell, run the following cmdlet:

Export-CsConfiguration –FileName c:\lyncfe.zip

Copy the exported file to external media (for example, a USB drive or a network share that is accessible from the Edge Server during deployment).



10.3                        LyncEdge Server Installation:


Lync Server 2010 requires the installation of other software on specific components prior to or during deployment. This includes software that is available with the operating system, downloadable software, and software that is automatically installed during installation of Lync Server 2010. Following is a list of additional software that can be required:

§  Windows Update
§  Message Queuing Server and Message Queuing Directory Service Integration
§  Microsoft .NET 3.5 with Service Pack 1 (SP1) Framework
§  Microsoft Visual C++ 2008 Redistributable
§  Microsoft Visual J# version 2.0 Redistributable
§  URL Rewrite Module version 2.0 Redistributable
§  Windows Media Format Runtime
§  Windows PowerShell version 2.0
§  Windows Installer version 4.5
§  Microsoft Silverlight 4 browser plug-in (Silverlight 4.0.50524.0 or the latest version for Lync Server Control Panel)
§  Active Directory Domain Services (AD DS) tools
§  SQL Server










1.      we can run the CD, we will immediately be prompted to install the “Microsoft Visual C++ 2008 Redistributable”, click OK here:


2.      The install window for Lync will pop up when the C++ install completes


3.      Click “Install” and then accept the terms and click “OK





4.      Choose Install or Update Lync Server System from the Deployment Wizard:




5.      Select Install Local Configuration Store:

Description: [image170.png]

6.      There is no option to retrieve the topology from the CMS because the Edge server is not joined to the domain so choose Import from a file and locate the zip package we copied over from the front-end server:

7.      Now it's installing the local copy of the topology/CMS... into a local SQL Express RTCLOCAL instance... The Deployment Wizard reads the configuration information from the configuration file and writes the XML configuration file to the local computer.


8.      All done. Click Finish



9.      Once the local configuration store has been installed, proceed with step 2: Setup or Remove Lync Server Components:



10.  Click “Next” and a number of pre-requisites are installed



10.4                        Request and Assign a Certificate for the Internal Interface


1.      The first certificate we’ll need is for the internal interface of the Edge server so select Edge internal and click on the Request button


2.      Select the Send the request immediately to an online certification authority:

3.      The wizard will  be able to detect your internal CA:


4.      Specify the credentials that can request a certificate from your internal CA

5.      Specify a friendly name for the certificate


6.      Fill in the information required for the certificate:




7.      Unlike the front-end server deployment, the wizard doesn’t automatically populate additional entries

8.      Review certificate the summary





9.      Once the request completes, assign the certificate immediately to the internal interface











10.5                        Assign Certificates for the External Interface


Edge uses to communicate to the Front End/Pool to replicate topology/CMS information.  Now it's time for the "external" certificate - for the public facing portion of the Edge.

1.      Highlight External Edge and click Request


2.      Click Next


3.      Save the file  , C:\filename.pfx source.  Click Next.























10.6                        Start Services

Log on to the computer where the Lync Server Deployment Wizard is installed as a member of the Domain Admins group and the RTCUniversalServerAdmins group.

1.      In the Lync Server Deployment Wizard, on the Lync Server 2010 page, next to Step 4: Start Services, click Run


2.      On the Start Services page, click Next to start the Lync Server services on the server.


3.      On the Executing Commands page, after all services have started successfully, click Finish

11                              Decommission Legacy Site

11.1                        To remove an Enterprise pool

Use the procedures described in this section to remove an Enterprise pool:
  1. Open Office Communications Server 2007 R2.
  2. In the console tree, expand the Forest node, and then expand Enterprise pools.
  3. Right-click the Enterprise pool (ocsr2pool. domainname.com)and then click Deactivate




4.      Then click the server role you want to deactivate.
5.       Deactivate all server roles,
Except the Front End Server, in the following sequence:
§  A/V Conferencing Server,
§  Web Conferencing Server, and
§  Web Components Server.


















11.2                        Deactivate Web Conferencing Server











11.3                        Deactivate Web components Server











11.4                        Deactivate Front End server





11.5                        Deactivate Enterprise Edition Server

C:\Program Files\Common Files\Microsoft Office Communications Server 2007 R2>
lcscmd.exe /Server /Role:EE /Action:Deactivate /Force <KeepDB>  <Force>

lcscmd.exe /Forest:schertz.lab /Action:RemovePool /PoolName:Pool1
lcscmd.exe /Forest: domainname.com /Action:Removal /PoolName:ocsr2pool

11.6                        Uninstall Web Conference Server


11.7                        Uninstall Web Components Server




11.8                        Remove Backward Compatibility:

After all pools are deactivated and all Edge Servers have been uninstalled, run the Topology Builder Merge wizard to remove the BackCompatSite.

To remove BackCompat site from Topology Builder
  1. Start Topology Builder: Click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Topology Builder.
  2. Select the option to Download topology from existing deployment and then click OK.
  3. In the Save Topology As dialog box, select the Topology Builder file you want to use, and click Save.
  4. In the Actions pane, click Merge 2007 or 2007 R2 Topology.

5.      Click Next to continue
6.      On the Specify Legacy Edge page, ensure that list of Edge Servers is empty. If the list is not empty, use the Remove button to remove all the legacy Edge Servers, and then click Next.

7.      On the Specify Internal SIP port setting page, click Next.

8.      On the Summary page, click Next to begin merging the topologies to remove the legacy site.
9.      Ignore the warning then click Finish.
10.  Right-click the BackCompatSite, and then click Delete.





No comments:

Post a Comment