Walk Through – Lync Server 2010 Deployment (Part 5)

last post, we published the topology and understand the changes made during this process, such as creating the CMS database, setting configuration store location, and creating the necessary databases.

Today, I will guide to create appropriate ‘A’ and ‘SRV’ records on DC that are required for automatic client logon and the process of the Lync deployment.

On DC, click Start, click Administrative Tools, and then click DNS.
In the DNS Manager, expand, expand Forward Lookup Zones, and then click “domain”
Right-click “domain”, and then click New Host (A or AAAA).

In the New Host window, in the Name box, enter the pool name.
In the IP Address box, type 10.1.10.40, and then click Add Host. At the DNS prompt, click OK.

repeat the same step above for dialin, meet & admin
At the DNS prompt, click OK, and then click Done.

Right-click the domain, and then click Other New Records.

In Select a resource record type window, click Service Location (SRV), and then click Create Record.

In the Service box, type _sipinternaltls.
In the Protocol box, type _tcp.
Leave the Priority and Weight entries as their defaults.
In the Port Number box, type 5061.
In the Host offering this service text box, enter the pool name, and then click OK.
Click Done.

Right-click “Domain”, and then click Other New Records.
In Select a resource record type window, click Service Location (SRV), and then click Create Record.
In the Service box, type _sip.
In the Protocol box, type _tls.
Leave the Priority and Weight entries as their defaults.
In the Port Number box, type 5061.
In the Host offering this service text box, enter the pool/FrontEnd FQDN, and then click OK.
Click Done and close DNS Manager.

Once you done the DNS, the next four steps in the deployment wizard to complete the setup of a Lync Server 2010 Front End server. You going to install a Local Configuration Store, set up components, request and configure certificates, and then start the Lync Services.

Step 1: Install the Local Configuration Store.
On the Lync Server, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Deployment Wizard.

On the Deployment Wizard page, click Install or Update Lync Server System.

Next to Step 1: Install Local Configuration Store, click Run.

On the Configure Local Replica of Central Management Store page, verify that Retrieve directly from the Central Management Store is selected, and then click Next.

On the Executing Commands page, when the Task Status shows as Completed, click Finish.

Step 2: Set up components.
On Deployment Wizard page, next to Step 2: Setup or Remove Lync Server Components, click Run.

On the Setup Lync Server components page, click Next.

On the Executing Commands page, when the Task status shows as Completed, click Finish.

Step 3: Request, Install or Assign Certificates.
On Deployment Wizard page, next to Step 3: Request, Install or Assign Certificates, click Run.

In the Certificate Wizard window, click Request.

On the Certificate Request page, click Next.

On the Delayed or Immediate Requests page, verify that Send the request immediately to an online certification authority is selected, and then click Next.

On the Choose a Certification Authority (CA) page, verify that  the CA Server is listed, and then click Next.

On the Certification Authority Account page, leave the box clear, and then click Next.

On the Specify Alternate Certificate Template page, leave the box clear, and then click Next.

On the Name and Security Settings page, in the Friendly Name box, enter a name, and then click Next.

On the Organization Information page, in the Organization box, enter your organization name. In the Organizational Unit box, type IT, and then click Next.

On the Geographical Information page, in the Country/Region drop-down list, select the country that you stay. In the State/Province box, type the state name if applicable. In the City/Locality box, enter the city name, and then click Next.

On the Subject Name/Subject Alternate Names page, review the Subject Name and Subject Alternate Names automatically populated, and then click Next.

On the SIP Domain setting on Subject Alternate Names (SANs) page, select the SIP Domain check box, and then click Next.

On the Configure Additional Subject Alternate Names page, leave the fields blank, and then click Next.

On the Certificate Request Summary page, click Next.

On the Executing Commands page, when the Task Status shows as Completed, click Next.

On the Online Certificate Request Status page, verify that the Assign this certificate to Lync Server certificate usages check box is selected, and then click Finish.

On the Certificate Assignment page, click Next.

On the Certificate Assignment Summary page, click Next.

On the Executing Commands page, when the Task Status shows as Completed, click Finish.

On the Certificate Wizard, click the down arrow next to Default Certificate to expand the Certificate Type. Verify that Server Default, Web Services Internal, and Web Services External all show as Assigned, and then click Close.

Step 4: Start Lync Server Services.
On Deployment Wizard page, next to Step 4: Start Services, click Run.

On the Start Services page, click Next.

On the Executing Commands page, when the Task Status shows as Completed, click Finish.

On the Deployment Wizard page, click Exit.

take all for now, next week we will go through the configuration.

Walk Through – Lync Server 2010 Deployment (Part 4)

last week I stop at installing Topology Builder.

this week you will start the Topology Builder tool and define the default Session Initiation Protocol (SIP) domain. Your deployment must include at least one central site and can include zero to many branch sites. A site represents a geographical location of your network and is a set of computers well connected by a high-speed, low-latency network, such as a single local area network (LAN) or two networks connected by a high-speed fiber optic network. Note that Lync Server 2010 sites are a separate concept from Active Directory sites and Microsoft Exchange sites.

At the installed topology builder machine, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Topology Builder.

In the Topology Builder wizard, on the Welcome to Topology Builder page, select New Topology and then click OK. (if you follow my last few post. we have export the topology from the planning tools, so we will use the exported tbxml)

Here right click the “Lync Server 2010” –> “Edit Properties”

Lync Server 2010 requires you to set up a simple Uniform Resource Locator (URL) for the administrative website.
On the Topology Builder, in the Navigation pane, right-click Lync Server 2010 and then click Edit Properties.
On the Edit Properties page, under Simple URLs, in the Administrative access URL box, type https://admin.theunify.net
Under Central Management Server, in the Front End server to install Central Management Server on menu, select pool01.theunify.net (MIAMI) and then click OK.

fill in the missing fields indicate at the left panel.

once done, it should look like the screen below.

Publish the topology.
Each time that you use Topology Builder to build your topology, you must publish the topology to a database in the Central Management Store (CMS) so the data can be used for deployment of Lync Server 2010 servers. You will see the list of things that will be performed when running this for the first time.
a. Switch to the Topology Builder.
b. Right-click Lync Server 2010 and then click Publish Topology.

It will take a moment for the Publish Topology wizard to appear.
On the Publish the topology page, review the actions that will be performed and then click Next.

On the Create databases page, verify that MIA-SQL.theunify.net is selected and then click Next.
On the Select Central Management Server page, verify that the front end pool menu displays pool01.theunify.net MIAMI and then click Next.

Wait as the topology is published. This will take about two minutes.

On the Publishing wizard complete page, verify that all steps show as Success. Under Next steps click the link to open the to-do list.

Review the Next Steps.txt file that opens and the instructions to run local setup on each server in the list and then close Notepad.

Back on the Publishing wizard complete page, click Finish.

Close the Lync Server 2010 Topology Builder

we will stop here and will continue next post.

Walk Through – Lync Server 2010 Deployment (Part 3)

sorry for the long delay. let continue the part 3 of the walkthrough of Lync installation.

in the last post, we have ended at Lync planning tool. from there you can move on to next which is the installation of Lync.

The following prerequisites must installed before the Lync installation.

• Microsoft Internet Information Services (IIS) 7.0 Rewrite package
• Microsoft Visual C++® 2008 Redistributable Package
• Microsoft Silverlight®
• Microsoft .NET Framework 3.5 with SP1
• Microsoft Windows PowerShell® 2.0

The following features have also need to be install preinstalled:

• Message Queuing
• IIS 7.0 was installed with the following command:
  ServerManagerCmd.exe -Install Web-Server Web-Http-Redirect Web-Scripting-Tools Web-Windows-Auth Web-Asp-Net Web-Log-Libraries Web-Http-Tracing Web-Basic-Auth
• AD DS Tools
• Desktop Experience (needed for Lync Server 2010 on Windows Server 2008 R2)

more info, can click link http://msunified.net/2010/11/23/installing-lync-server-2010-prerequisites-on-windows-server-2008-r2/

go to the Lync server (member server) and insert the setup DVD and run the setup. (local path\Setup\amd64 and double-click Setup.exe)

On the Microsoft Lync Server 2010 page, leave the default values for the Installation Location, and then click Install.

On the License Agreement page, select I accept the terms in the license agreement and then click OK.

Wait while setup starts.

Prepare the AD DS Schema

This step extends the Active Directory Domain Services schema by adding new classes and attributes that are used by Lync Server 2010. This would need to be run once for each forest in your deployment.

On the Microsoft Lync Server 2010 Deployment Wizard page, click Prepare Active Directory.

• On the Prepare Active Directory for Lync Server page, next to Step 1: Prepare Schema, click Run.

• On the Prepare Schema page, click Next.
  Wait as the wizard executes the commands to prepare the schema.

When the Task Status shows as Completed, click Finish.

Prepare the AD DS Forest

This step creates global settings and universal groups that are used by Lync Server 2010. This would need to be run once for each forest in your deployment.

On the Microsoft Lync Server 2010 Deployment Wizard page, on the Prepare Active Directory for Lync Server page, near Step 3: Prepare Current Forest, click Run.

On the Prepare Forest page, click Next.

On the Universal Group Location page, verify that Local Domain is selected and then click Next.

Wait as the wizard executes the commands to prepare the forest.
When the Task Status shows as Completed, click Finish.

Prepare the AD DS domain

This step adds permissions on objects to be used by members of universal groups and would need to be run once per user domain or server domain.

On LS-FE, on the Prepare Active Directory for Lync Server page, next to Step 5: Prepare Current Domain, click Run.

On the Prepare Domain page, click Next.

Wait as the wizard executes the commands to prepare the domain.When the Task Status shows as Completed, click Finish.
On the Prepare Active Directory for Lync Server page, click Back.

Install the Topology Builder

On Lync Server 2010 Deployment Wizard, click Install Topology Builder.
Wait for the tool to be installed. This will only take a few seconds and there will be no prompts.
Leave the Lync Server 2010 Deployment Wizard running.
Close Windows Explorer.

that all for now, I will continue in the next post.

Office 365 – Lync Online Federation How to??

Check out my recent post at MSDN conjunction with Office 365 Launch.

 

http://blogs.msdn.com/b/mvpawardprogram/archive/2011/06/27/mvps-for-office-365-lync-online-federation.aspx?wa=wsignin1.0

Walk Through – Lync Server 2010 Planning Tool (Part 2)

So sorry for the delay. Let’s continue the walkthrough

STEP 20: External User Access
This window mainly serve for Edge Server Role. its asking you do you want to deploy edge for external user access, and what is the percentage of user going to access. And do you want to have HA and what type of load balancing do you want to have? DNS or Hardware Load Balancer?
lastly, do you want to deploy director as well?

If you enable access for external users by deploying Edge Servers, it always recommend you should also deploy a Director. A Director is a server running Microsoft Lync Server 2010 that authenticates user requests, but does not home any user accounts. When you use a Director to authenticate external users, it does the following:

• Relieves servers in the Front End pool from the overhead of performing authentication of these users.
• Helps insulate internal Front End pools from malicious traffic, such as denial-of-service (DoS) attacks.
• Ends traffic at the Director when the network is flooded with invalid external traffic in a DoS or similar attack. As a result, internal users should not experience any effect on performance.

Let’s select “Yes” for this demo.

when you click “Next” a popup telling you that Hardware Load Balancer is recommended. but do you still want to continue with DNS Load Balancer? Click “Yes” to continue.

STEP 21: Virtualization of Server Roles
This screen is telling you that in early question you indicate you want to virtualized the servers.

STEP 22: Collocation
You do have a option to collocation Mediation Server.

STEP 23: Branch Sites
This window serves to let you enter the number of Branch Sites.

STEP 24: Add Another Central Site
This is the last question that planning tools is asking. This ask do you want to add another Central Site? For this demo, we select ‘No’.

STEP 25: Planning Tool Finished Successfully
Last slide! This is just an information.

Click “Draw” to have the Lync Planning Tool draw your topology!
You’ll have a full map of your Lync deployment. The tabs along the bottom give edge diagrams and information.

From here you can save the planning to Excel, Visio or Topology Builder.

The second part of the walkthrough ended here. Next I will continue the part 3 with the deployment.

2011 Microsoft MVP Award

On April 1st 2011, I got the very nice and surprising email. Email state that I’ve been awarded a 2011 Microsoft MVP Award for Lync. I’m seriously happy and honored by recognition of my work in Microsoft Unified Communication Community.

Million thanks to all for the nice words.

Microsoft Federated Edge Server IP Address Change March 18, 2011

 

Microsoft’s federated edge server is being upgraded to Lync Server 2010, which includes an IP address change.

Product version: Lync Server 2010

The federated edge server that supports Instant Messaging and conferencing with external companies will be migrated to Microsoft Lync Server 2010 on Friday, March 18, 2011.

After the server migration, the IP address for the microsoft.com SIP domain will change to 65.55.130.30. External companies who are federated with Microsoft may need to make changes to their infrastructure outlined in Instructions below in order for the federation to continue to function successfully.

Instructions

Notify your contact with the external company that the IP address for the microsoft.com SIP domain is changing to 65.55.130.30 on Friday March 18, 2011. Depending on how their infrastructure is configured, they may need to make one of the following changes:

• Companies configured as direct federations using an IP address (not sipfed.microsoft.com) will need to update their configuration to the new IP address.
• Companies using a firewall to filter by IP address will need to update their Access Control List (ACL) to the new IP address.

Note: External companies that are configured as an Enhanced federation and who have configured their firewall to Allow All (inbound and outbound) on TCP:5061 according to Microsoft’s recommendations do not need to make any changes. They will experience a brief interruption in their ability to contact Microsoft employees through Lync or Communicator while the A record in DNS is automatically updated to reflect the new IP address.

To ensure connectivity with Microsoft while making this change, consider keeping the existing firewall rule and adding a new rule for the changed IP address. This approach reduces failed Instant Messaging and Presence updates during the actual transition and protects communications if implementation is delayed or the change must be rolled back.

Summary

Customers that originally configured their federation route with Microsoft to use an IP address will have to modify that entry and possibly their firewall rules to ensure communications continue successfully.

Article taken from NextHop