Enable Lync for new subdomains after lync deployment

If you have domain tree and you have deployed lync infrastructure, you can enable users from subdomain in lync. but after lync deployment if you add new domain in your tree and try to enable user from new domain  you will see error   you must prepare domain for lync, open lync shell, type  Enable-CSADDomain -Domain newChild_Domain_FQDN. after this you can enable users from new subdomin in lync.

How To add Lync Archiving role to an Existing Deployment

what can you do, if you already have lync infrastructure and you want to add archiving role to it? i’ll demonstrate it in my post. in lync infrastructure we have: 1) domain llab.corp 2) ca llab-ca.llab.corp 3) standard front end server( llab-lync.llab.corp) and we want to add arching server in our infrastructure to archive IM and conferencing.we need one machine llab-arch.llab.corp install sql 2008 on it. open topology builder in front end server and add archiving role define sql store, sql server must already install, you can have sql server in dedicated server and also archiving server role in another dedicated server, in my case it is all in one server. defile file share associate Front end pool and publish your new topology.on the llab-arch.llab.corp server where we have already sql server installed, install  this features           after installing this feature open lync server deployment wizard and click install or update lync server system, first install local configuration store which will retrieve directly from the central management store and click setup or remove lync server components   in the archiving role you don’t need certificate for server, so step certificate request and click start services . check if both service is started   after this configure infrastructure to archive im and web conferencing services   now we have archiving role in lync infrastructure. how to view archiving data? for viewing archiving data you need lync shell and some commands for example: to view all im from date 4/9/2012 to 5/9/2012 you need Export-CSArchivingData -DBInstance llab-arch.llab.corp -StartDate 4/9/2012 -EndDate 5/9/2012 -OutputFolder "C:\archivingdataforview"    this command will collect all im from 4/9/2012 to 5/9/2012  and will save in C:\archivingdataforview folder as eml files if you want to collect for one user you need add –useruri in command for example:Export-CSArchivingData -DBInstance llab-arch.llab.corp -StartDate 4/9/2012 -EndDate 5/9/2012 -OutputFolder "C:\archivingdataforview"  –useruri “gjambazishvili@lync.ge”     users need gui for archiving im view, so microsoft create great tool OCS Instant Message Archive Viewer, you can download it from http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=26201 . install it in your computer and open from this tool you can easy view archiving data, before use make sure you have sufficient privileges to connect database and of course you have network access to it.

Install Lync Server 2013 in Windows Server 2008 R2 (Part 2)

In Certificate wizard there is two certificate  column, first we all know and it was in lync 2010, certificate for internal web services and external web services, and second certificate is new in lync 2013   small description about OAuthTokenIssuer  is in slide, as i understood this certificate will be used for for server-to-server authentication and authorization. about OAuth (Open Authorization) read http://technet.microsoft.com/en-us/library/jj204817%28v=ocs.15%29 note that default certificate is stored in local , and OAuthTokenIssuer in global (In CMS? may be ).   after assign certificate you can start  lync services and check status of them. if all is started, everything is ok. and after it make srv records as it was in lync 2010, _sipinternaltls._tcp.domain.com if you want to login users with auto configuration of server addresses. and at last download lync 2013 client which is part of Office 365 ProPlus Preview, you can download it from http://technet.microsoft.com/en-US/evalcenter/hh973391 try to login   welcome to lync 2013!

Install Lync 2013 in windows server 2008 r2 (Part 1)

let’s try to install new lync 2013, it’s very interesting. we will install it as i said in server 2008 r2, first of all you must install prerequisites for lync 2013 we will install it in topology where lync 2010 is not. (migration posts will be soon ;) ) Prerequisites 1) .Net Framework 4.5 which is stored in installation folder in /setup/amd64 named dotNetfx45_Full_x86_x64.exe 2) Microsoft Visual C++11 x64 with minimum runtime –11.0.50531 (it will be installed automatically) 3) Windows Powershell V3.0  which is in Windows Management Framework 3.0 – RC  ( Windows6.1-KB2506143-x64.MSU ) download it from http://www.microsoft.com/en-us/download/details.aspx?id=29939 4) install Active Directory Administrative tools 5) Windows Identity Foundation ( Windows6.1-KB974405-x64.msu ) download it from http://www.microsoft.com/en-us/download/details.aspx?id=17331 6) IIS with Static Content, Default Document, HTTP Errors, ASP.NET, .NET Extensibility, Internet Server API (ISAPI) Extensions, ISAPI Filters, HTTP Logging, Logging Tools, Tracing, Client Certificate Mapping Authentication, Windows Authentication, Request Filtering, Static Content Compression, Dynamic Content Compression, IIS Management Console,the Media Foundation feature or Desktop Experience feature of Windows must be installed.   After installing all prerequisites  just double click Setup\amd64\Setup.exe there is standard procedures  for prepare schema, current forest, current domain, checking replications as it was in lync 2010. so after preparation phase we have   it’s time to install Administration tools from right side, and also we will install at this time standard edition, so click prepare first standard edition server. after it click install or update lync server system. because of this is the first server in topology there is no central management store, we must open topology builder and must make topology (as it was in lync 2010, so i’ll not describe this process in details   ).     you will see new topology builder, if you have lync 2010 this will be also showed in there .   after install Local Configuration store we have situation step where we setup or remove lync components is as it was. in step 3 we have small change part2    

Address book segregation in lync

If you have question about segregation address book in lync, I’ll say you, that it’s of course possible. when you have 2 or 3 or more thousand user in lync and you have multiple companies , which have request that to search only users that are only in their companies, you need address book segregation to solve this request. by default there is one address book which is placed in %lyncshare%\1-WebServices-1\ABFiles\00000000-0000-0000-0000-000000000000 , how can we segregate address book? it’s possible from active directory using msRTCSIP-GroupingID attribute and principle is that, users that have same value in  msRTCSIP-GroupingID they are in same address book, so if you have three company in your active directory and you want to segregate their address books you need three value of msRTCSIP-GroupingID, many people use objectGUID value of the parent organization unit of users. lets segregate you lab address book: we want to segregate two address book, first where users wiil be from ou staff and second where users will be from ou staff2 look objectGUID  of staff ou and copy it and write this value to users in the ou in msRTCSIP-GroupingID ,do it for staff2 ou also, so we have “B5 2E AE 85 AD E2 D0 41 8B 21 5D CA BA 2F 61 89” value in msRTCSIP-GroupingID  for users in ou staff  , and value “0C B8 4F 3B CA A8 4F 47 A2 93 99 76 87 97 BF 5C” in ou staff2. from lync shell update-csaddressbook , after 5-10 minute lets look in %lyncshare%\1-WebServices-1\ABFiles\00000000-0000-0000-0000-000000000000 we’ll see that there is three folder (two new folder), each for segregate address book. users which has no value in msRTCSIP-GroupingID (abfile 00000000-0000-0000-0000-000000000000) will search only users that don’t have value in msRTCSIP-GroupingID users which have “B5 2E AE 85 AD E2 D0 41 8B 21 5D CA BA 2F 61 89” value in msRTCSIP-GroupingID  can search only user with same value in msRTCSIP-GroupingID and  users which have value “0C B8 4F 3B CA A8 4F 47 A2 93 99 76 87 97 BF 5C” can search users only with same value. our address book is segregate with tree parts. So user Data Tutashkhia, Dimitri nikolaev and Shamili Gamarjoba are in same address book and they could not search user and user2          P.S address book segregation doesn’t means that, user from one address book cannot send message to user in another address book.when you use address book segregation it will work as federation (users can find each other with full sip address ).

How To add Lync Archiving role to an Existing Deployment

what can you do, if you already have lync infrastructure and you want to add archiving role to it? i’ll demonstrate it in my post. in lync infrastructure we have: 1) domain llab.corp 2) ca llab-ca.llab.corp 3) standard front end server( llab-lync.llab.corp) and we want to add arching server in our infrastructure to archive IM and conferencing.we need one machine llab-arch.llab.corp install sql 2008 on it. open topology builder in front end server and add archiving role   define sql store, sql server must already install, you can have sql server in dedicated server and also archiving server role in another dedicated server, in my case it is all in one server.   define file share   associate Front end pool   and publish your new topology.on the llab-arch.llab.corp server where we have already sql server installed, install this features   after installing this feature open lync server deployment wizard and click install or update lync server system, first install local configuration store which will retrieve directly from the central management store and click setup or remove lync server components   in the archiving role you don’t need certificate for server, so step certificate request and click start services . check if both service is started   after this configure infrastructure to archive im and web conferencing services     now we have archiving role in lync infrastructure. how to view archiving data? for viewing archiving data you need lync shell and some commands for example: to view all im from date 4/9/2012 to 5/9/2012 you need Export-CSArchivingData -DBInstance llab-arch.llab.corp -StartDate 4/9/2012 -EndDate 5/9/2012 -OutputFolder "C:\archivingdataforview" this command will collect all im from 4/9/2012 to 5/9/2012 and will save in C:\archivingdataforview folder as eml files if you want to collect for one user you need add –useruri in command for example:Export-CSArchivingData -DBInstance llab-arch.llab.corp -StartDate 4/9/2012 -EndDate 5/9/2012 -OutputFolder "C:\archivingdataforview" –useruri “gjambazishvili@lync.ge” users need gui for archiving im view, so microsoft create great tool OCS Instant Message Archive Viewer, you can download it from http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=26201 . install it in your computer and open   from this tool you can easy view archiving data, before use make sure you have sufficient privileges to connect database and of course you have network access to it.

How To Deploy Lync Standard Edition (part 2)

Prepare first standard Edition Server Install Topology Builder, open topology builder In primary sip domain write your sip domain, for me it will be lync.ge, I don’t need additional supported Sip Domains so click next           write Name of your site for me it is lync main site –click next than fill about you site and click next mark checkbox and click finish.     You must define the new front end pool click next In the FQDN write your server fqdn name and check standard edition server at this stage install only conferencing, which includes audio, video and application sharing(if you need install other features)   I’ll install other server roles in other posts, stay it as is in pictures. And click next.   Define file share make folder in c disk named shareforlync, in advanced sharing check “share this folder’, and in permissions give everyone full. Click finish after this, publish your topology!         After publish the topology close topology builder ok now click install or update lync server system First install local configuration store     step 2 setup or remove Lync Server Components click run     after installing lync components let’s request and assign certificates request certificate, if you have not internal ca choose offline certificate request       you can add sans into certificate           clicking next it will request our certificate check assign this certificate to lync server certificate usages you can review certificate details after clicking finish certificate assignment wizard will start start our lync services       check if all lync services started successful   Congratulations you have lync deployed!   now connect client to server. create new lync user. first create domain user user@llab.corp from lync control panel enable this user for lync   we must manually configure server name in client, because we have not deploy auto configuration setting in dns.

how to Deploy Lync Standard Edition (part 1)

In this post, I’ll demonstrate how to deploy lync server, as I sad in my first post lync standard edition is useful for lab deployment and I’ll demonstrate how to deploy lync standard edition server. There are some questions that I heard: what servers are necessary in infrastructure before install lync server? Is Exchange necessary before lync? First of all lets answer to this questions, without exchange you can have lync infrastructure, but there are features which need exchange, for example your history tab will not work, also wil not work features that need ews (ews is used for history tab), voice mails and etc. so you can have lync without exchange, but I think that every normal organization must have exchange, it’s the best mail server in the world. For lync infrastructure you need active directory, and internal ca (or you can buy certificate). In My lab We have installed domain: llab.corp domain controller: llab-dcr01.llab.corp 192.168.34.50 domain controller: llab-dcr02.llab.corp 192.168.34.51 CA: llab-ca 192.168.34.55 Lync Server: llab-lync.llab.corp 192.168.34.56 for Lync deployment we’ll use Lyncinstall@llab.corp user for installation, user must be a member of domain admins, Enterprise Admins and schema admins groups before start installation you must install .net framwork 3.5 sp1 or greater, on llab-lync.llab.corp let’s install .net framework, open Server Manager->Features->add Feature-> check .NET Framework Features-> Add Required Role Services ->click 3 times next - > click install –>close  also you need IIS Role services and this features go to installation folder setup\amd64 two click setup.exe, also you need Visual C++ 2008 Redistributable package to be installed, And click yes to install this, choose installation location, agree to the license agreement Choose prepare active directory in deployment wizard than Prepare schema, view log and sure that processing has completed successfully verify Replication Of Schema Partition http://technet.microsoft.com/library%28OCS.14%29/ms.lync.tbdep.DeployMainVerifySchemaPrep.aspx prepare Current forest, click next sure that processing has completed successfully Verify Replication of Global Catalog http://technet.microsoft.com/library%28OCS.14%29/ms.lync.tbdep.DeployMainVerifyForestPrep.aspx prepare Current Domain Verify Replication in the Domain http://technet.microsoft.com/library%28OCS.14%29/ms.lync.tbdep.DeployMainVerifyDomainPrep.aspx Add your installation user to CSAdministrator group. ok we finished “Prepare Active Directory” go to part 2.

About the author

Giorgi Jambazishvili
System Administrator
Ministry of Justice of Georgia