You are on page 1of 464

MICROSOFT INTERNAL TEACH

M I C R O S O F T

20336B

L E A R N I N G

P R O D U C T

MCT USE ONLY. STUDENT USE PROHIBITED

O F F I C I A L

Core Solutions of Microsoft Lync Server


2013

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

ii Core Solutions of Microsoft Lync Server 2013

Information in this document, including URL and other Internet Web site references, is subject to change
without notice. Unless otherwise noted, the example companies, organizations, products, domain names,
e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with
any real company, organization, product, domain name, e-mail address, logo, person, place or event is
intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the
user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in
or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical,
photocopying, recording, or otherwise), or for any purpose, without the express written permission of
Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property
rights covering subject matter in this document. Except as expressly provided in any written license
agreement from Microsoft, the furnishing of this document does not give you any license to these
patents, trademarks, copyrights, or other intellectual property.

The names of manufacturers, products, or URLs are provided for informational purposes only and
Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding
these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a
manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links
may be provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not
responsible for the contents of any linked site or any link contained in a linked site, or any changes or
updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission
received from any linked site. Microsoft is providing these links to you only as a convenience, and the
inclusion of any link does not imply endorsement of Microsoft of the site or the products contained
therein.
2013 Microsoft Corporation. All rights reserved.

Microsoft and the trademarks listed at


http://www.microsoft.com/about/legal/en/us/IntellectualProperty/Trademarks/EN-US.aspx are trademarks of
the Microsoft group of companies. All other trademarks are property of their respective owners

Product Number: 20336B


Part Number: X18-77465
Released: 05/2013

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT LICENSE TERMS


MICROSOFT INSTRUCTOR-LED COURSEWARE

MICROSOFT INTERNAL TEACH

These license terms are an agreement between Microsoft Corporation (or based on where you live, one of its
affiliates) and you. Please read them. They apply to your use of the content accompanying this agreement which
includes the media on which you received it, if any. These license terms also apply to Trainer Content and any
updates and supplements for the Licensed Content unless other terms accompany those items. If so, those terms
apply.
BY ACCESSING, DOWNLOADING OR USING THE LICENSED CONTENT, YOU ACCEPT THESE TERMS.
IF YOU DO NOT ACCEPT THEM, DO NOT ACCESS, DOWNLOAD OR USE THE LICENSED CONTENT.
If you comply with these license terms, you have the rights below for each license you acquire.
1.

DEFINITIONS.

a. Authorized Learning Center means a Microsoft IT Academy Program Member, Microsoft Learning
Competency Member, or such other entity as Microsoft may designate from time to time.

b. Authorized Training Session means the instructor-led training class using Microsoft Instructor-Led
Courseware conducted by a Trainer at or through an Authorized Learning Center.
c.

Classroom Device means one (1) dedicated, secure computer that an Authorized Learning Center owns
or controls that is located at an Authorized Learning Centers training facilities that meets or exceeds the
hardware level specified for the particular Microsoft Instructor-Led Courseware.

d. End User means an individual who is (i) duly enrolled in and attending an Authorized Training Session
or Private Training Session, (ii) an employee of a MPN Member, or (iii) a Microsoft full-time employee.
e. Licensed Content means the content accompanying this agreement which may include the Microsoft
Instructor-Led Courseware or Trainer Content.
f.

Microsoft Certified Trainer or MCT means an individual who is (i) engaged to teach a training session
to End Users on behalf of an Authorized Learning Center or MPN Member, and (ii) currently certified as a
Microsoft Certified Trainer under the Microsoft Certification Program.

g. Microsoft Instructor-Led Courseware means the Microsoft-branded instructor-led training course that
educates IT professionals and developers on Microsoft technologies. A Microsoft Instructor-Led
Courseware title may be branded as MOC, Microsoft Dynamics or Microsoft Business Group courseware.
h. Microsoft IT Academy Program Member means an active member of the Microsoft IT Academy
Program.
i.

Microsoft Learning Competency Member means an active member of the Microsoft Partner Network
program in good standing that currently holds the Learning Competency status.

j.

MOC means the Official Microsoft Learning Product instructor-led courseware known as Microsoft
Official Course that educates IT professionals and developers on Microsoft technologies.

k.

MPN Member means an active silver or gold-level Microsoft Partner Network program member in good
standing.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

l.

Personal Device means one (1) personal computer, device, workstation or other digital electronic device
that you personally own or control that meets or exceeds the hardware level specified for the particular
Microsoft Instructor-Led Courseware.

m. Private Training Session means the instructor-led training classes provided by MPN Members for
corporate customers to teach a predefined learning objective using Microsoft Instructor-Led Courseware.
These classes are not advertised or promoted to the general public and class attendance is restricted to
individuals employed by or contracted by the corporate customer.
n. Trainer means (i) an academically accredited educator engaged by a Microsoft IT Academy Program
Member to teach an Authorized Training Session, and/or (ii) a MCT.

o. Trainer Content means the trainer version of the Microsoft Instructor-Led Courseware and additional
supplemental content designated solely for Trainers use to teach a training session using the Microsoft
Instructor-Led Courseware. Trainer Content may include Microsoft PowerPoint presentations, trainer
preparation guide, train the trainer materials, Microsoft One Note packs, classroom setup guide and Prerelease course feedback form. To clarify, Trainer Content does not include any software, virtual hard
disks or virtual machines.

2.

USE RIGHTS. The Licensed Content is licensed not sold. The Licensed Content is licensed on a one copy
per user basis, such that you must acquire a license for each individual that accesses or uses the Licensed
Content.

2.1

Below are five separate sets of use rights. Only one set of rights apply to you.

a. If you are a Microsoft IT Academy Program Member:


i. Each license acquired on behalf of yourself may only be used to review one (1) copy of the Microsoft
Instructor-Led Courseware in the form provided to you. If the Microsoft Instructor-Led Courseware is
in digital format, you may install one (1) copy on up to three (3) Personal Devices. You may not
install the Microsoft Instructor-Led Courseware on a device you do not own or control.
ii. For each license you acquire on behalf of an End User or Trainer, you may either:
1. distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End
User who is enrolled in the Authorized Training Session, and only immediately prior to the
commencement of the Authorized Training Session that is the subject matter of the Microsoft
Instructor-Led Courseware being provided, or
2. provide one (1) End User with the unique redemption code and instructions on how they can
access one (1) digital version of the Microsoft Instructor-Led Courseware, or
3. provide one (1) Trainer with the unique redemption code and instructions on how they can
access one (1) Trainer Content,
provided you comply with the following:
iii. you will only provide access to the Licensed Content to those individuals who have acquired a valid
license to the Licensed Content,
iv. you will ensure each End User attending an Authorized Training Session has their own valid licensed
copy of the Microsoft Instructor-Led Courseware that is the subject of the Authorized Training
Session,
v. you will ensure that each End User provided with the hard-copy version of the Microsoft InstructorLed Courseware will be presented with a copy of this agreement and each End User will agree that
their use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement
prior to providing them with the Microsoft Instructor-Led Courseware. Each individual will be required
to denote their acceptance of this agreement in a manner that is enforceable under local law prior to
their accessing the Microsoft Instructor-Led Courseware,
vi. you will ensure that each Trainer teaching an Authorized Training Session has their own valid
licensed copy of the Trainer Content that is the subject of the Authorized Training Session,

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

vii. you will only use qualified Trainers who have in-depth knowledge of and experience with the
Microsoft technology that is the subject of the Microsoft Instructor-Led Courseware being taught for
all your Authorized Training Sessions,
viii. you will only deliver a maximum of 15 hours of training per week for each Authorized Training
Session that uses a MOC title, and
ix. you acknowledge that Trainers that are not MCTs will not have access to all of the trainer resources
for the Microsoft Instructor-Led Courseware.

b. If you are a Microsoft Learning Competency Member:


i. Each license acquired on behalf of yourself may only be used to review one (1) copy of the Microsoft
Instructor-Led Courseware in the form provided to you. If the Microsoft Instructor-Led Courseware is
in digital format, you may install one (1) copy on up to three (3) Personal Devices. You may not
install the Microsoft Instructor-Led Courseware on a device you do not own or control.
ii. For each license you acquire on behalf of an End User or Trainer, you may either:
1. distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End
User attending the Authorized Training Session and only immediately prior to the
commencement of the Authorized Training Session that is the subject matter of the Microsoft
Instructor-Led Courseware provided, or
2. provide one (1) End User attending the Authorized Training Session with the unique redemption
code and instructions on how they can access one (1) digital version of the Microsoft InstructorLed Courseware, or
3. you will provide one (1) Trainer with the unique redemption code and instructions on how they
can access one (1) Trainer Content,
provided you comply with the following:
iii. you will only provide access to the Licensed Content to those individuals who have acquired a valid
license to the Licensed Content,
iv. you will ensure that each End User attending an Authorized Training Session has their own valid
licensed copy of the Microsoft Instructor-Led Courseware that is the subject of the Authorized
Training Session,
v. you will ensure that each End User provided with a hard-copy version of the Microsoft Instructor-Led
Courseware will be presented with a copy of this agreement and each End User will agree that their
use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to
providing them with the Microsoft Instructor-Led Courseware. Each individual will be required to
denote their acceptance of this agreement in a manner that is enforceable under local law prior to
their accessing the Microsoft Instructor-Led Courseware,
vi. you will ensure that each Trainer teaching an Authorized Training Session has their own valid
licensed copy of the Trainer Content that is the subject of the Authorized Training Session,
vii. you will only use qualified Trainers who hold the applicable Microsoft Certification credential that is
the subject of the Microsoft Instructor-Led Courseware being taught for your Authorized Training
Sessions,
viii. you will only use qualified MCTs who also hold the applicable Microsoft Certification credential that is
the subject of the MOC title being taught for all your Authorized Training Sessions using MOC,
ix. you will only provide access to the Microsoft Instructor-Led Courseware to End Users, and
x. you will only provide access to the Trainer Content to Trainers.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

c.

If you are a MPN Member:


i. Each license acquired on behalf of yourself may only be used to review one (1) copy of the Microsoft
Instructor-Led Courseware in the form provided to you. If the Microsoft Instructor-Led Courseware is
in digital format, you may install one (1) copy on up to three (3) Personal Devices. You may not
install the Microsoft Instructor-Led Courseware on a device you do not own or control.
ii. For each license you acquire on behalf of an End User or Trainer, you may either:
1. distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End
User attending the Private Training Session, and only immediately prior to the commencement
of the Private Training Session that is the subject matter of the Microsoft Instructor-Led
Courseware being provided, or
2. provide one (1) End User who is attending the Private Training Session with the unique
redemption code and instructions on how they can access one (1) digital version of the
Microsoft Instructor-Led Courseware, or
3. you will provide one (1) Trainer who is teaching the Private Training Session with the unique
redemption code and instructions on how they can access one (1) Trainer Content,
provided you comply with the following:
iii. you will only provide access to the Licensed Content to those individuals who have acquired a valid
license to the Licensed Content,
iv. you will ensure that each End User attending an Private Training Session has their own valid licensed
copy of the Microsoft Instructor-Led Courseware that is the subject of the Private Training Session,
v. you will ensure that each End User provided with a hard copy version of the Microsoft Instructor-Led
Courseware will be presented with a copy of this agreement and each End User will agree that their
use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to
providing them with the Microsoft Instructor-Led Courseware. Each individual will be required to
denote their acceptance of this agreement in a manner that is enforceable under local law prior to
their accessing the Microsoft Instructor-Led Courseware,
vi. you will ensure that each Trainer teaching an Private Training Session has their own valid licensed
copy of the Trainer Content that is the subject of the Private Training Session,
vii. you will only use qualified Trainers who hold the applicable Microsoft Certification credential that is
the subject of the Microsoft Instructor-Led Courseware being taught for all your Private Training
Sessions,
viii. you will only use qualified MCTs who hold the applicable Microsoft Certification credential that is the
subject of the MOC title being taught for all your Private Training Sessions using MOC,
ix. you will only provide access to the Microsoft Instructor-Led Courseware to End Users, and
x. you will only provide access to the Trainer Content to Trainers.

d. If you are an End User:


For each license you acquire, you may use the Microsoft Instructor-Led Courseware solely for your
personal training use. If the Microsoft Instructor-Led Courseware is in digital format, you may access the
Microsoft Instructor-Led Courseware online using the unique redemption code provided to you by the
training provider and install and use one (1) copy of the Microsoft Instructor-Led Courseware on up to
three (3) Personal Devices. You may also print one (1) copy of the Microsoft Instructor-Led Courseware.
You may not install the Microsoft Instructor-Led Courseware on a device you do not own or control.
e. If you are a Trainer.
i.
For each license you acquire, you may install and use one (1) copy of the Trainer Content in the
form provided to you on one (1) Personal Device solely to prepare and deliver an Authorized
Training Session or Private Training Session, and install one (1) additional copy on another Personal
Device as a backup copy, which may be used only to reinstall the Trainer Content. You may not
install or use a copy of the Trainer Content on a device you do not own or control. You may also
print one (1) copy of the Trainer Content solely to prepare for and deliver an Authorized Training
Session or Private Training Session.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

ii.

You may customize the written portions of the Trainer Content that are logically associated with
instruction of a training session in accordance with the most recent version of the MCT agreement.
If you elect to exercise the foregoing rights, you agree to comply with the following: (i)
customizations may only be used for teaching Authorized Training Sessions and Private Training
Sessions, and (ii) all customizations will comply with this agreement. For clarity, any use of
customize refers only to changing the order of slides and content, and/or not using all the slides or
content, it does not mean changing or modifying any slide or content.

2.2 Separation of Components. The Licensed Content is licensed as a single unit and you may not
separate their components and install them on different devices.

2.3 Redistribution of Licensed Content. Except as expressly provided in the use rights above, you may
not distribute any Licensed Content or any portion thereof (including any permitted modifications) to any
third parties without the express written permission of Microsoft.
2.4 Third Party Programs and Services. The Licensed Content may contain third party programs or
services. These license terms will apply to your use of those third party programs or services, unless other
terms accompany those programs and services.
2.5 Additional Terms. Some Licensed Content may contain components with additional terms,
conditions, and licenses regarding its use. Any non-conflicting terms in those conditions and licenses also
apply to your use of that respective component and supplements the terms described in this agreement.

3.

LICENSED CONTENT BASED ON PRE-RELEASE TECHNOLOGY. If the Licensed Contents subject


matter is based on a pre-release version of Microsoft technology (Pre-release), then in addition to the
other provisions in this agreement, these terms also apply:

a. Pre-Release Licensed Content. This Licensed Content subject matter is on the Pre-release version of
the Microsoft technology. The technology may not work the way a final version of the technology will
and we may change the technology for the final version. We also may not release a final version.
Licensed Content based on the final version of the technology may not contain the same information as
the Licensed Content based on the Pre-release version. Microsoft is under no obligation to provide you
with any further content, including any Licensed Content based on the final version of the technology.
b. Feedback. If you agree to give feedback about the Licensed Content to Microsoft, either directly or
through its third party designee, you give to Microsoft without charge, the right to use, share and
commercialize your feedback in any way and for any purpose. You also give to third parties, without
charge, any patent rights needed for their products, technologies and services to use or interface with
any specific parts of a Microsoft software, Microsoft product, or service that includes the feedback. You
will not give feedback that is subject to a license that requires Microsoft to license its software,
technologies, or products to third parties because we include your feedback in them. These rights
survive this agreement.
c.

Pre-release Term. If you are an Microsoft IT Academy Program Member, Microsoft Learning
Competency Member, MPN Member or Trainer, you will cease using all copies of the Licensed Content on
the Pre-release technology upon (i) the date which Microsoft informs you is the end date for using the
Licensed Content on the Pre-release technology, or (ii) sixty (60) days after the commercial release of the
technology that is the subject of the Licensed Content, whichever is earliest (Pre-release term).
Upon expiration or termination of the Pre-release term, you will irretrievably delete and destroy all copies
of the Licensed Content in your possession or under your control.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

4.

SCOPE OF LICENSE. The Licensed Content is licensed, not sold. This agreement only gives you some
rights to use the Licensed Content. Microsoft reserves all other rights. Unless applicable law gives you more
rights despite this limitation, you may use the Licensed Content only as expressly permitted in this
agreement. In doing so, you must comply with any technical limitations in the Licensed Content that only
allows you to use it in certain ways. Except as expressly permitted in this agreement, you may not:

access or allow any individual to access the Licensed Content if they have not acquired a valid license
for the Licensed Content,

alter, remove or obscure any copyright or other protective notices (including watermarks), branding
or identifications contained in the Licensed Content,

modify or create a derivative work of any Licensed Content,

publicly display, or make the Licensed Content available for others to access or use,

copy, print, install, sell, publish, transmit, lend, adapt, reuse, link to or post, make available or
distribute the Licensed Content to any third party,

work around any technical limitations in the Licensed Content, or

reverse engineer, decompile, remove or otherwise thwart any protections or disassemble the
Licensed Content except and only to the extent that applicable law expressly permits, despite this
limitation.

5. RESERVATION OF RIGHTS AND OWNERSHIP. Microsoft reserves all rights not expressly granted to
you in this agreement. The Licensed Content is protected by copyright and other intellectual property laws
and treaties. Microsoft or its suppliers own the title, copyright, and other intellectual property rights in the
Licensed Content.

6.

EXPORT RESTRICTIONS. The Licensed Content is subject to United States export laws and regulations.
You must comply with all domestic and international export laws and regulations that apply to the Licensed
Content. These laws include restrictions on destinations, end users and end use. For additional information,
see www.microsoft.com/exporting.

7.

SUPPORT SERVICES. Because the Licensed Content is as is, we may not provide support services for it.

8.

TERMINATION. Without prejudice to any other rights, Microsoft may terminate this agreement if you fail
to comply with the terms and conditions of this agreement. Upon termination of this agreement for any
reason, you will immediately stop all use of and delete and destroy all copies of the Licensed Content in
your possession or under your control.

9.

LINKS TO THIRD PARTY SITES. You may link to third party sites through the use of the Licensed
Content. The third party sites are not under the control of Microsoft, and Microsoft is not responsible for
the contents of any third party sites, any links contained in third party sites, or any changes or updates to
third party sites. Microsoft is not responsible for webcasting or any other form of transmission received
from any third party sites. Microsoft is providing these links to third party sites to you only as a
convenience, and the inclusion of any link does not imply an endorsement by Microsoft of the third party
site.

10.

ENTIRE AGREEMENT. This agreement, and any additional terms for the Trainer Content, updates and
supplements are the entire agreement for the Licensed Content, updates and supplements.

11.

APPLICABLE LAW.
a. United States. If you acquired the Licensed Content in the United States, Washington state law governs
the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws
principles. The laws of the state where you live govern all other claims, including claims under state
consumer protection laws, unfair competition laws, and in tort.

MCT USE ONLY. STUDENT USE PROHIBITED

b. Outside the United States. If you acquired the Licensed Content in any other country, the laws of that
country apply.

MICROSOFT INTERNAL TEACH

12.

LEGAL EFFECT. This agreement describes certain legal rights. You may have other rights under the laws
of your country. You may also have rights with respect to the party from whom you acquired the Licensed
Content. This agreement does not change your rights under the laws of your country if the laws of your
country do not permit it to do so.

13.

DISCLAIMER OF WARRANTY. THE LICENSED CONTENT IS LICENSED "AS-IS" AND "AS


AVAILABLE." YOU BEAR THE RISK OF USING IT. MICROSOFT AND ITS RESPECTIVE
AFFILIATES GIVES NO EXPRESS WARRANTIES, GUARANTEES, OR CONDITIONS. YOU MAY
HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT
CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, MICROSOFT AND
ITS RESPECTIVE AFFILIATES EXCLUDES ANY IMPLIED WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.

14.

LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM
MICROSOFT, ITS RESPECTIVE AFFILIATES AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP
TO US$5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL,
LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES.

This limitation applies to


o
anything related to the Licensed Content, services, content (including code) on third party Internet
sites or third-party programs; and
o
claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence,
or other tort to the extent permitted by applicable law.
It also applies even if Microsoft knew or should have known about the possibility of the damages. The
above limitation or exclusion may not apply to you because your country may not allow the exclusion or
limitation of incidental, consequential or other damages.

Please note: As this Licensed Content is distributed in Quebec, Canada, some of the clauses in this
agreement are provided below in French.
Remarque : Ce le contenu sous licence tant distribu au Qubec, Canada, certaines des clauses
dans ce contrat sont fournies ci-dessous en franais.

EXONRATION DE GARANTIE. Le contenu sous licence vis par une licence est offert tel quel . Toute
utilisation de ce contenu sous licence est votre seule risque et pril. Microsoft naccorde aucune autre garantie
expresse. Vous pouvez bnficier de droits additionnels en vertu du droit local sur la protection dues
consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties
implicites de qualit marchande, dadquation un usage particulier et dabsence de contrefaon sont exclues.

LIMITATION DES DOMMAGES-INTRTS ET EXCLUSION DE RESPONSABILIT POUR LES


DOMMAGES. Vous pouvez obtenir de Microsoft et de ses fournisseurs une indemnisation en cas de dommages
directs uniquement hauteur de 5,00 $ US. Vous ne pouvez prtendre aucune indemnisation pour les autres
dommages, y compris les dommages spciaux, indirects ou accessoires et pertes de bnfices.
Cette limitation concerne:
tout ce qui est reli au le contenu sous licence, aux services ou au contenu (y compris le code)
figurant sur des sites Internet tiers ou dans des programmes tiers; et.
les rclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilit
stricte, de ngligence ou dune autre faute dans la limite autorise par la loi en vigueur.

MCT USE ONLY. STUDENT USE PROHIBITED

Elle sapplique galement, mme si Microsoft connaissait ou devrait connatre lventualit dun tel dommage. Si
votre pays nautorise pas lexclusion ou la limitation de responsabilit pour les dommages indirects, accessoires
ou de quelque nature que ce soit, il se peut que la limitation ou lexclusion ci-dessus ne sappliquera pas votre
gard.

MICROSOFT INTERNAL TEACH

EFFET JURIDIQUE. Le prsent contrat dcrit certains droits juridiques. Vous pourriez avoir dautres droits
prvus par les lois de votre pays. Le prsent contrat ne modifie pas les droits que vous confrent les lois de votre
pays si celles-ci ne le permettent pas.
Revised September 2012

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

x Core Solutions of Microsoft Lync Server 2013

Acknowledgments

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013

xi

MICROSOFT INTERNAL TEACH

Microsoft Learning wants to acknowledge and thank the following for their contribution toward
developing this title. Their effort at various stages in the development has ensured that you have a good
classroom experience.

Bryan Nyce Subject Matter Expert

Bryan Nyce is a UC Voice Architect with Microsoft Consulting Services (MCS) Voice Center of Excellence.
He has worked with Lync since the original product inception as part of Exchange 2000, through LCS and
OCS, as a trainer, consultant and speaker. Bryan has also contributed content to the Lync Masters
program, and serves as an instructor for the Lync Masters and upcoming MCSM: Communications
programs. Bryans speaking activities include major community events such as TechReady and Ignite. As a
consultant over the last 15 years, Bryan has also worked with multiple other Microsoft solutions such as
Exchange, Hyper-V and System Center, and third party solutions from Cisco (Voice/Security), F5 and
VMware.

Javed Tufail Subject Matter Expert

Javed Tufail is an Architect at Center of Excellence with Microsoft Consulting Services. He has over 14
years of experience in the Unified Communications field and has extensive knowledge about Unified
Communications, VoIP Industry Products and Protocols. Over the past year Javed has been involved in
developing voice over ip courses and boot camps and has successfully delivered those at various forums.
Javed has been a speaker at Industry leading conferences such as Microsoft TechEd and Cisco Live. Javed
has also been involved in developing the Lync 2013 Ignite content and has been part of the team that
delivered it successfully at Scottsdale, AZ and Sydney, Australia. Javed hold various industry certifications
including MCP, CCIE and VCP4 certifications.

Korneel Bullens - Subject Matter Expert

Korneel Bullens is a Lync 2010 MCM and is working within the Microsoft Consultancy Service Voice Center
of Excellence as an Unified Communications Voice Architect. Korneel has delivered numerous courses on
Lync and Lync Voice and has contributed to the developed of a wide variety of courseware. He has
worked with both small and multinational companies as an architect and implementation consultant

Gareth Ireland - Subject Matter Expert

Gareth has been in the Microsoft IT services industry for 14 years, working in Africa and the Middle East,
and spent six years working as a Senior Consultant for Microsoft Consulting Services based in South Africa.
Experiences in Active Directory and Exchange four years ago he decided to take a more holistic view
towards Unified Communication and began assisting customers and partners in the design and
deployment of OCS Server 2007, OCS 2007 R2, Lync Server 2010 and more recently of Lync Server 2013 in
their enterprise. Gareth is an OCS R2 Master and has also participated in the several Lync OneTap
programs assisting TAP customers in planning and implementing the early adoption of Lync Server 2010
and Lync Server 2013.
Gareth now works as a UC Voice Architect for Microsoft Consultant Services Voice Centre of Excellence in
the MEA region driving the adoption of Lync Voice. His more notable contributions to the UC community
over past years have been the release of Office Communication Server 2007 R2 Operations Guide white
paper of which he is the original author and as a contributing author of the Lync Server 2010 and Lync
Server 2013 Product Line Architectures. He is extremely passionate about the potential Microsoft Unified
Communications can unlock for customers and their information users.

Module 1: Architecture and design approach for Microsoft Lync Server 2013

MICROSOFT INTERNAL TEACH

Lesson 1: Overview of Lync Server 2013 Architecture

1-2

Lesson 2: Overview of Lync Server 2013 Core Capabilities

1-14

Lesson 3: Introduction to the Lync Server 2013 Design Process

1-21

Lesson 4: Assessing Infrastructure Requirements and Updating the Design 1-29


Lesson 5: Planning for all Microsoft Solutions Framework Phases

1-37

Module 2: Designing a Lync Server 2013 Topology


Lesson 1: Planning Infrastructure Requirements for Lync Server 2013

2-2

Lesson 2: Using the Lync Server 2013 Planning Tool

2-9

Lesson 3: Using Topology Builder

2-12

Lesson 4: Planning the Server Infrastructure

2-18

Lesson 5: Designing Documentation Using Microsoft Office

2-22

Lab: Preparing the Environment and Deploying a Lync Server 2013 Pool

2-24

Module 3: Configuring Users and Rights in Microsoft Lync Server 2013


Lesson 1: Managing Lync Server 2013

3-2

Lesson 2: Introduction to Role Based Access Control

3-6

Lab: Configuring Users and Rights in Lync Server 2013

3-9

Module 4: Client and Device Deployment and Management


Lesson 1: Preparing for Client Deployment
Lesson 2: Deploying and Managing Lync 2013 Clients

4-2
4-5

Lesson 3: Preparing for Device Deployment

4-11

Lesson 4: Deploying and Managing IP Phones

4-16

Lab: Client and Device Management

4-21

Module 5: Conferencing in Lync Server 2013


Lesson 1: Introduction to Conferencing in Lync Server 2013

5-2

Lesson 2: Designing for AudioVideo and Web Conferencing

5-11

Lesson 3: Dial-In Conferencing in Lync Server 2013

5-19

Lesson 4: Managing and Administering Conferencing

5-28

Lab: Conferencing in Microsoft Lync Server 2013

5-34

Module 6: Designing and Deploying External Access


Lesson 1: Conferencing and External Capabilities of Lync Server 2013

6-2

Lesson 2: Planning for IM and Presence Federation

6-9

Lesson 3: Designing Edge Services

6-13

Lab: Designing and Deploying for External Scenarios

6-25

MCT USE ONLY. STUDENT USE PROHIBITED

xii Core Solutions of Microsoft Lync Server 2013

MICROSOFT INTERNAL TEACH

Module 7: Deploying Microsoft Lync Server 2013 Persistent Chat


Lesson 1: Overview Lync Server 2013 Persistent Chat architecture

7-2

Lesson 2: Design Lync Server 2013 Persistent Chat

7-5

Lesson 3: Deploy and Configure Lync Server 2013 Persistent Chat

7-9

Lab: Deploying Persistent Chat Server

7-11

Module 8: Monitoring and Archiving


Lesson 1: Describing the Archiving Service

8-2

Lesson 2: Describing the Monitoring Service

8-7

Lesson 3: Configuring Archiving and Monitoring

8-11

Lab: Configuring and Using Archiving and Monitoring in Lync Server 2013 8-16

Module 9: Administrating and Maintenance of Lync Server 2013


Lesson 1: Introduction to Lync Server 2013 troubleshooting tools

9-2

Lesson 2: Understanding Lync Server 2013 Operational tasks

9-11

Lesson 3: Develop Lync Server 2013 troubleshooting techniques

9-20

Lesson 4: Introduction to analyzing Lync Server 2013 logs and traces

9-22

Lab: Administrating and Maintenance of Lync Server 2013

9-26

Module 10: High Availability in Lync Server 2013


Lesson 1: High Availability in Lync Server 2013

10-2

Lesson 2: Configuring High Availability in Lync Server 2013

10-6

Lesson 3: Planning for Load Balancing

10-10

Lesson 4: Designing Load Balancing

10-14

Lab: Configuring High Availability in Lync Server 2013

10-21

Module 11: Disaster Recovery in Lync Server 2013


Lesson 1: Disaster Recovery in Lync Server 2013

11-2

Lesson 2: Tools for Backing up and Restoring Lync Server 2013

11-9

Lesson 3: Critical Lync Server 2013 Data to Back Up and Restore

11-11

Lesson 4: Critical Lync Server 2013 Data to Export and Import

11-13

Lesson 5: Designing Branch Site Resiliency

11-16

Lab: Configuring Disaster Recovery in Lync Server 2013

11-22

Module 12: Planning a Migration to Lync Server 2013


Lesson 1: Overview of Coexistence and Migration

12-2

Lesson 2: Migration Steps

12-10

Lesson 3: Planning for Clients and Devices

12-20

Lesson 4: Designing a Client Migration and Device Migration Strategy

12-31

Lab: Planning a Migration to Lync Server 2013 (Paper-based)

12-37

Course Evaluation: Course Evaluation

12-40

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013

xiii

About This Course

MICROSOFT INTERNAL TEACH

This section provides a brief description of the course, audience, suggested prerequisites, and course
objectives.

MCT USE ONLY. STUDENT USE PROHIBITED

About This Course

This instructor-led course teaches IT professionals how to plan, design, deploy, configure, and administer
a Microsoft Lync Server 2013 solution. The course emphasizes Lync Server 2013 Enterprise Unified
Communications features with particular emphasis on coexisting with and migrating from legacy
communication services. The labs in this course create a solution that includes IM and Presence,
Conferencing, and Persistent Chat. This course helps the student prepare for Exam 70-336.

Audience

This course is intended for IT consultants and telecommunications consulting professionals who design,
plan, deploy, and maintain solutions for unified communications (UC). Candidates should be able to
translate business requirements into technical architecture and design for a UC solution. In addition,
Business Application Administrators (BAAs) who are engaged in the administering line-of-business (LOB)
projects in conjunction with internal business customers would benefit from understanding of managing
Lync Server 2013.

Student Prerequisites
This course requires that you meet the following prerequisites:

Experience managing software in a Windows 2008 R2 enterprise server or Windows Server 2012
environment.
Experience managing an application remotely using Windows PowerShell 2.0.
Experience managing and configuring databases.
An introduction to Active Directory Domain Services

Course Objectives
After completing this course, students will be able to:

Describe the overall server and client Lync Server 2013 architecture.
Describe Lync 2013 features and user scenarios.
Describe the Lync Server deployment process.
Describe the components of a Lync Server 2013 Design.
Plan for Microsoft Solutions Framework for Lync 2013
Plan Infrastructure Requirements for Lync Server 2013
Use the Lync Server 2013 Planning Tool
Use Topology Builder
Plan for Site Topology
Design a Site Topology
Plan the Server Infrastructure
Design Documentation Using Microsoft Office
Use Lync Server 2013 management interfaces.
Configure Role-Based Access Control.
Prepare for client deployment.
Deploy and manage clients.
Prepare for device deployment.
Deploy and manage Internet Protocol (IP) phones.
Describe conferencing in Lync Server 2013.

MICROSOFT INTERNAL TEACH

Describe dial-in conferencing in Lync Server 2013.


Manage and administer dial-in conferencing in Lync Server 2013.Describe the conferencing
capabilities of Lync Server 2013
Design audio and video for web conferencing.
Plan for instant message and presence Federation.
Design Edge services.
Describe the features and concepts for Persistent Chat in Lync Server 2013.
Design Lync Server 2013 to include Persistent Chat.
Deploy and configure Persistent chat in Lync Server 2013.
Describe the Archiving service.
Describe the Monitoring service.
Configure the Archiving and Monitoring services.
Describe and use the Lync Server 2013 troubleshooting tools.
Describe the required daily, weekly, and monthly maintenance tasks.
Describe the fundamental troubleshooting approach to Lync Server 2013 issues.
Use SIP commands and analyze SIP logs.
Describe high availability in Lync Server 2013.
Configure High Availability features in Lync Server 2013.
Plan for load balancing in Lync Server 2013.
Design load balancing in Lync Server 2013.
Describe the high availability options in Lync Server 2013.
Describe the tools for backing up and restoring Lync Server 2013 data.
Backup and restore critical Lync Server 2013 data.
Export and import critical Lync Server 2013 data.
Describe design considerations for branch site scenarios.
Describe the migration process.
Describe migration and coexistence topologies.
Plan for client and device migration
Design a software deployment strategy for Lync 2013.

Course Outline
The course outline is as follows:
Module 1, Architecture Overview and design approach of Microsoft Lync Server 2013
Module 2, Designing a Lync Server 2013 Topology
Module 3, Configuring Users and Rights in Microsoft Lync Server 2013
Module 4, Client and Device Deployment and Management
Module 5, Conferencing in Lync Server 2013
Module 6, Designing and Deploying External Access
Module 7, Deploying Microsoft Lync Server 2013 Persistent Chat
Module 8, Monitoring and Archiving
Module 9, Administrating and Maintenance of Lync Server 2013
Module 10, High Availability in Lync Server 2013
Module 11, Disaster Recovery in Lync Server 2013
Module 12, Planning a Migration to Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

About This Course

ii

Course Materials

MICROSOFT INTERNAL TEACH

The following materials are included with your kit:

Course Handbook: a succinct classroom learning guide that provides the critical technical
information in a crisp, tightly-focused format, which is essential for an effective in-class learning
experience.

MCT USE ONLY. STUDENT USE PROHIBITED

About This Course

iii

Lessons: guide you through the learning objectives and provide the key points that are critical to
the success of the in-class learning experience.

Labs: provide a real-world, hands-on platform for you to apply the knowledge and skills learned
in the module.

Module Reviews and Takeaways: provide on-the-job reference material to boost knowledge
and skills retention.

Lab Answer Keys: provide step-by-step lab solution guidance.

Course Companion Content: searchable, easy-to-browse digital content with integrated premium
online resources that supplement the Course Handbook.

Modules: include companion content, such as questions and answers, detailed demo steps and
additional reading links, for each lesson. Additionally, they include Lab Review questions and
answers and Module Reviews and Takeaways sections, which contain the review questions and
answers, best practices, common issues and troubleshooting tips with answers, and real-world
issues and scenarios with answers.

Resources: include well-categorized additional resources that give you immediate access to the
most current premium content on TechNet, MSDN, or Microsoft Press.
Note: For this version of the Courseware on Prerelease Software (specify RC0/Beta etc.),
Companion Content is not available. However, the Companion Content will be published when
the next (B) version of this course is released, and students who have taken this course will be
able to download the Companion Content at that time from the
http://www.microsoft.com/learning/companionmoc site. Please check with your instructor
when the B version of this course is scheduled to release to learn when you can access
Companion Content for this course.

Student Course files: includes the Allfiles.exe, a self-extracting executable file that contains all
required files for the labs and demonstrations.

Note: For this version of the Courseware on Prerelease Software (specify RC0/Beta etc.), Allfiles.exe
file is not available. However, this file will be published when the next (B) version of this course is
released, and students who have taken this course will be able to download the Allfiles.exe at that
time from the http://www.microsoft.com/learning/companionmoc site.

Course evaluation: at the end of the course, you will have the opportunity to complete an
online evaluation to provide feedback on the course, training facility, and instructor. To provide
additional comments or feedback on the course, send an email to support@mscourseware.com.
To inquire about the Microsoft Certification Program, send an email to mcphelp@microsoft.com.

About This Course

Virtual Machine Environment

MCT USE ONLY. STUDENT USE PROHIBITED

iv

MICROSOFT INTERNAL TEACH

This section provides the information for setting up the classroom environment to support the business
scenario of the course.

Virtual Machine Configuration


In this course, you will use Microsoft Hyper-Vto perform the labs.
Note: At the end of each lab, you should close the virtual machine and not save any
changes. To close a virtual machine (VM) without saving the changes, perform the following
steps:
1. On the virtual machine, on the Action menu, click Close.
2. In the Close dialog box, in the What do you want the virtual machine to do? list, click
Turn off and delete changes, and then click OK.

The following table shows the role of each virtual machine that is used in this course; another set of virtual
machines that end in -02 are for use in the module 2 labs only:
Virtual machine

Role

20336A-RED-SQL1-03

SQL server on Redmond domain

20336A-RED-FE1-03

Front end server on Redmond domain

20336A-LON-WAC01-03

Web access server

20336A-LON-CHAT1-03

Lync Chat server

20336A-LON-EX1-03

Exchange server

20336A-LON-ROUT1-03

Router

20336A-LON-DC1-03

Domain controller

20336A-LON-SQL1-03

First SQL server on London domain

20336A-LON-SQL2-03

Second SQL server on London domain

20336A-LON-FE1-03

Front end server on London domain

20336A-LON-EDGE1-03

Lync Edge server

20336A-LON-CL1-03

Windows 8 client on London domain

20336A-RED-CL1-03

Windows 8 client on Redmond domain

Software Configuration

MICROSOFT INTERNAL TEACH

The following software is installed on the various VMs:

Lync Server 2013

SQL Server 2012

Exchange 2013

Windows Server 2012

Windows 8 client

Course Files

MCT USE ONLY. STUDENT USE PROHIBITED

About This Course

The files associated with the labs in this course are located in the X:\Labfiles\LabXX folder on the student
computers.

Classroom Setup
Each classroom computer will have the same virtual machine configured in the same way.

Course Hardware Level

To ensure a satisfactory student experience, Microsoft Learning requires a minimum equipment


configuration for trainer and student computers in all Microsoft Certified Partner for Learning Solutions
(CPLS) classrooms in which Official Microsoft Learning Product courseware is taught.
Hardware Level 7

64 bit Intel Virtualization Technology (Intel VT) or AMD Virtualization (AMD-V) processor (2.8 Ghz
dual core or better recommended)

Dual 500 GB hard disks 7200 RPM SATA or faster (striped). Note that the course can run using a single
120GB hard disk if dual 500BG disks are not available.

16GB RAM.

DVD drive (dual layer recommended)

Network adapter with Internet connectivity

Dual SVGA monitors 17 or larger supporting 1440X900 minimum resolution

Video adapter that supports 14400 x 900 resolution

Microsoft Mouse or compatible pointing device

Sound card with amplified speakers

Approved Microsoft Lync Headset (optional)

In addition, the instructor computer must be connected to a projection display device that supports
SVGA 1024 x 768 pixels, 16 bit colors.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

About This Course


vi

MCT USE ONLY. STUDENT USE PROHIBITED


1-1

MICROSOFT INTERNAL TEACH

Module1

Architecture and Design Approach for Microsoft Lync Server


2013
Contents:
Module Overview

1-1

Lesson 1: Overview of Lync Server 2013 Architecture

1-2

Lesson 2: Overview of Lync Server 2013 Core Capabilities

1-14

Lesson 3: Introduction to the Lync Server 2013 Design Process

1-21

Lesson 4: Assessing Infrastructure Requirements and Updating the Design

1-29

Lesson 5: Planning for all Microsoft Solutions Framework Phases

1-37

Module Review and Takeaways

1-44

Module Overview

Microsoft Lync Server 2013 offers several enhancements to server roles and client features, and new tools for
administration. You should understand the overall architecture of Lync Server 2013 and the core capabilities
offered. This understanding will help you plan and design a Lync Server 2013 implementation that meets
organizational and user needs. You should also be familiar with the key features and functionality of Lync Server
2013, and with Microsoft Solutions Framework (MSF), which requires a structured approach to project
management and execution.

Objectives

Describe the overall server and client Lync Server 2013 architecture.

Describe the features and user scenarios of Lync 2013.

Describe the deployment process of Lync Server 2013.

Describe the components of a Lync Server 2013 design.

Plan for Microsoft Solutions Framework for Lync 2013.

Lesson 1

MICROSOFT INTERNAL TEACH

Overview of Lync Server 2013 Architecture

MCT USE ONLY. STUDENT USE PROHIBITED

1-2 Architecture and Design Approach for Microsoft Lync Server 2013

Lync Server 2013 introduces many new features and significant enhancements to existing features and
functionality of the previous versions. To use Lync Server 2013, you should understand its architecture,
and be able to use the server features, client features, and administrative tools. This will help you to better
plan and design a Lync Server 2013 implementation that meets organizational needs. You should also
know about the enhancements in call routing, hosted voice, mediation server and gateway topologies, call
translation rules, and call management, which have improved Enterprise Voice. Lync Server 2013 is built
on a Session Initiation Protocol (SIP)based foundation, and you should know how Lync Server 2013 uses
SIP to create, modify, and terminate the sessions.

Lesson Objectives
After completing this lesson, you will be able to:

Describe the deployment options for Lync 2013.

Describe the overall server and client architecture in Lync Server 2013.

Describe server roles in Lync Server 2013.

Describe the available clients for Lync Server 2013.

Describe the administrative tools and administrative enhancements in Lync Server 2013.

Describe the functions of the Central Management Database.

Describe how Lync Server 2013 is built on an SIP-based foundation.

Describe integration with Lync Online.

Describe the voice features in Lync Server 2013.

Deployment Options
When you plan for Lync, you should first
determine how to deploy Microsoft Lyncas Lync
Server 2013 on premises, or Lync Onlinewith
Microsoft Office 365 in the cloud.

Lync Server 2013 on-premises. This choice


provides the complete feature set of Lync and
flexibility in configuring, customizing, and
operating your deployment. All servers are
installed on-site and maintained by your
organization. An on-premises deployment
provides the full range of Lync Server features.

Lync Online in the cloud. Lync Online is


designed for organizations that want the cost and agility benefits of cloud-based instant messaging,
presence, and meetings, without sacrificing the business-class capabilities of Lync Server. With Lync
Online, Microsoft deploys and maintains the required server infrastructure, and handles on-going
maintenance, patches, and upgrades. Some features available in an on-premises deployment are not
available in Lync Online.

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 1-3

Lync Hybrid (Split Domain). In a full Lync Hybrid, a single domain is shared across on-premises and
online deployment, and requires a Lync 2013 tenant in Office 365. Lync 2013 introduces new
scenarios for hybrid deployments. As available now in Office 365, it will be able to have Exchange
going to the cloud while keeping Lync on-premises. The value of hybrid scenarios in Lync 2013 is the
possibility to be able to either migrate everybody or just a subset of users to Lync Online from Lync
Server 2010 on-premises. It is therefore possible to imagine that some users will be moved to the
cloud based on their location or their usage profile.

The goal of Lync 2013 Hybrid architecture is to offer multiple scenarios where most of the existing
and new customers can fit in, based on their technical and functional needs. By knowing the features
that are available in the cloud and what gets migrated between on-premises and online deployments,
you can make the migration scenario clear and predictable.

Which is the best type of deployment will depend on the workloads you want to deploy, and the
geographical and business status of your organization.

Lync Server 2013 Architecture


Operating System and Processor
Support
Lync Server 2013 is available only in a 64-bit
edition, and it requires 64bit hardware and the
64bit edition of Microsoft Windows Server
2008 R2 SP1 or Microsoft Windows Server 2012.
However, you do not need to run 64bit hardware
or software on client computers. All server roles of
Lync Server 2013 require one of the following
operating systems:

The 64-bit edition of Windows Server 2008 R2


SP1 Standard, the 64-bit edition of Windows Server 2008 R2 SP1 Enterprise, or the 64-bit edition of
Windows Server 2008 R2 SP1 Datacenter

The 64-bit edition of Windows Server 2012 Standard, the 64-bit edition of Windows Server 2012
Enterprise, or the 64-bit edition of Windows Server 2012 Datacenter

Lync Server 2013 Standard Edition and Enterprise Edition

Lync Server 2013 Standard Edition is suitable for small organizations, and for pilot projects of large
organizations. The Standard Edition has many Lync Server 2013 features, such as instant messaging (IM),
Presence, conferencing, Enterprise Voice, and the necessary databases, to run on a single server. By using
Lync Server 2013 Standard Edition Server, you can help users experience all the rich features of Lync
Server. However, unlike Enterprise Edition, your solution will not provide high availability.

Required Server Roles


The required server roles for Lync Server 2013 are the front-end server, and the back-end server for
Enterprise Edition.

Optional Server Roles

Optionally, you can deploy an Edge Server, Mediation Server, or Director, based on the organizational
needs for your Lync Server 2013 deployment.

Enterprise Voice and Unified Messaging

MCT USE ONLY. STUDENT USE PROHIBITED

1-4 Architecture and Design Approach for Microsoft Lync Server 2013

MICROSOFT INTERNAL TEACH

A Lync Server 2013 Enterprise Voice deployment supports calls to and from the public switched telephone
network (PSTN). If you plan to deploy Microsoft Exchange Server in the organization, you can use
Exchange Server Unified Messaging (UM) features to provide voice mail to Enterprise Voice users. Lync
Server 2013 also supports analog devices in the Enterprise Voice environment.
Question: Which server roles can be collocated?

Lync Server 2013 Server Roles


Each server running Lync Server runs one or more
server roles. A server role is a defined set of Lync
Server functionalities provided by that server. You
do not need to deploy all available server roles in
your network. Install only the server roles that
contain the functionality that you want.
If you are not familiar with server roles in Lync
Server, you can use the Planning Tool as a guide
to get the best solution for the servers that you
need to deploy, based on the features that you
want. The following list provides an overview of
the server roles and their general features:

Standard Edition Server

Front-end server and back-end server

Edge Server

Mediation Server

Director

Persistent Chat front-end server

Persistent Chat Store (Persistent Chat back-end server)

Persistent Chat Compliance Store (Persistent Chat Compliance back-end server)

For most server roles, for scalability and high availability, you can deploy pools of multiple servers all
running the same server role. Each server in a pool must run an identical server role or roles. For most
types of pools in Lync Server, you must deploy a load balancer to spread traffic between the various
servers in the pool. Lync Server supports both Domain Name System (DNS) load balancing and hardware
load balancers.

Standard Edition Server

The Standard Edition server is designed for small organizations, and for pilot projects of large
organizations. It enables many of the features of Lync Server, including the necessary databases, to run on
a single server. This enables you to have Lync Server functionality at a lower cost, but does not provide a
true high-availability solution.
The Standard Edition server enables you to use instant messaging (IM), presence, conferencing, and
Enterprise Voice, all running on one server. For a high-availability solution, use Lync Server Enterprise
Edition.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-5

Front-End Server and Back-End Server

MICROSOFT INTERNAL TEACH

In Lync Server Enterprise Edition, the front-end server is the core server role, and runs many basic Lync
Server functions. The front-end servers, along with the back-end servers, are the only server roles required
in any Lync Server Enterprise Edition deployment.
A Front-End pool is a set of front-end servers, configured identically, that work together to provide
services for a common group of users. A pool of multiple servers running the same role provides
scalability and failover capability.
The front-end server includes the following features:

User authentication and registration.

Presence information and contact card exchange.

Address book services and distribution list expansion.

IM functionality, including multiparty IM conferences.

Web conferencing, PSTN dial-in conferencing and A/V conferencing (if deployed).

Application hosting, for both applications included with Lync Server (for example, Conferencing
Attendant and Response Group application), and third-party applications.

Optionally, Monitoring, to collect usage information in the form of call detail records (CDRs) and call
error records (CERs). This information provides metrics about the quality of the media (audio and
video) traversing your network for both Enterprise Voice calls and A/V conferences.

Web components to supported web-based tasks such as web scheduler and join launcher.

Optionally, Archiving, to archive IM communications and meeting content for compliance reasons.

In Lync Server 2010 and prior versions, Monitoring and Archiving were separate server roles, not
collocated on the front-end server.

Optionally, if Persistent chat is enabled, Persistent Chat Web Services for Chat Room Management
and Persistent Chat Web Services for File Upload/Download.

Front-end pools are also the primary store for user and conference data. Information about each user is
replicated among three front-end servers in the pool, and backed up on the back-end servers.
Additionally, one front-end pool in the deployment also runs the Central Management Server, which
manages and deploys basic configuration data to all servers running Lync Server. The Central
Management Server also provides Lync Server Management Shell and file transfer capabilities.

The back-end servers are database servers running Microsoft SQL Server that provide the database
services for the front-end pool. The back-end servers serve as backup stores for the pool users, and for
conference data, and they are the primary stores for other databases such as the Response Group
database. You can have a single back-end server, but a solution that uses SQL Server mirroring is
recommended for failover. Back-end servers do not run any Lync Server software.
Note: We do not recommend collocating Lync Server databases with other databases. If
you do so, availability and performance may be affected. Information stored in the back-end
server databases includes presence information, users' Contacts lists, conferencing data, including
persistent data about the state of all current conferences, and conference scheduling data.

Edge Server

Edge Server enables your users to communicate and collaborate with users outside the organizations
firewalls. These external users can include the organizations own users who are currently working offsite,

MCT USE ONLY. STUDENT USE PROHIBITED

1-6 Architecture and Design Approach for Microsoft Lync Server 2013

MICROSOFT INTERNAL TEACH

users from federated partner organizations, and outside users who have been invited to join conferences
hosted on your Lync Server deployment. Edge Server also enables connectivity to public IM connectivity
services, including Windows Live, AOL, Yahoo!, and Google Talk.

Deploying Edge Server also enables mobility services, which supports Lync functionality on mobile
devices. Users can use supported Apple iOS, Android, Windows Phone, or Nokia mobile devices to
perform activities such as sending and receiving instant messages, viewing contacts, and viewing
presence. In addition, mobile devices support some Enterprise Voice features, such as click to join a
conference, Call via Work, single number reach, voice mail, and missed calls. The mobility feature also
supports push notifications for mobile devices that do not support applications running in the
background. A push notification is a notification that is sent to a mobile device about an event that occurs
while a mobile application is inactive.
Edge Servers also include a fully-integrated Extensible Messaging and Presence Protocol (XMPP) proxy,
with an XMPP gateway included on front-end servers. You can configure these XMPP components to
enable your Lync Server 2013 users to add contacts from XMPP-based partners (such as Google Talk) for
instant messaging and presence.

Mediation Server

Mediation Server is a necessary component for implementing Enterprise Voice and dial-in conferencing.
Mediation Server translates signalling, and in some configurations, media between your internal Lync
Server infrastructure and a public switched telephone network (PSTN) gateway, IP-PBX, or a Session
Initiation Protocol (SIP) trunk. You can run Mediation Server collocated on the same server as front-end
server, or separated into a stand-alone Mediation Server pool.

Director

Directors can authenticate Lync Server user requests, but they do not host user accounts or provide
presence or conferencing services. Directors are most useful to enhance security in deployments that
enable external user access. The Director can authenticate requests before sending them to internal
servers. In the case of a denial-of-service attack, the attack ends with the Director and does not reach the
front-end servers.

Persistent Chat Server Roles

Persistent chat enables users to participate in multiparty, topic-based conversations that persist over time.
The Persistent Chat front-end server runs the persistent chat service. The Persistent Chat back-end server
stores the chat history data, and information about categories and chat rooms. The optional Persistent
Chat Compliance back-end server can store the chat content and compliance events for the purpose of
compliance.
Servers running Lync Server Standard Edition can also run Persistent chat collocated on the same server.
You cannot collocate the Persistent Chat front-end server with Enterprise Edition front-end server.
Question: What are the four functions managed by the front-end server?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-7

MICROSOFT INTERNAL TEACH

Lync Server 2013 Clients


Lync Server 2013 supports several types of client
software that you can deploy to your users,
including computer-installed client software, webbased clients, and mobile devices.

Lync 2013
Lync 2013 is the full-featured client for Lync
Server. The Lync 2013 user interface has been
redesigned and includes newly integrated features,
such as persistent chat (Lync 2010 had a separate
client for chat functionality), tabbed conversations,
video preview, and multiparty video.
Lync 2013 client setup is part of the Microsoft Office setup program on the installation media.

Online Meeting Add-in for Lync 2013

The Online Meeting Add-in for Lync 2013 supports meeting management from within the Microsoft
Outlook messaging and collaboration client. The Online Meeting Add-in for Lync 2013 software installs
automatically with Lync 2013.

Lync Web Scheduler

Lync Web Scheduler is a web-based meeting scheduling and management tool for users who do not have
access to Microsoft Outlook, or who are on an operating system not based on Windows. With Lync Web
Scheduler, users can create new meetings, modify existing meetings, and send invitations by using their
preferred email program.

Lync Web App

Lync Web App is the web-based conferencing client for Lync Server 2013 meetings. In this release, the
inclusion of computer audio and video to Lync Web App provides a complete in-meeting experience for
anyone who does not have a Lync client installed locally. Meeting participants have access to all
collaboration and sharing features, and presenter meeting controls.

If Lync 2013 is not installed on a users computer and the user clicks a meeting link in a meeting request,
Lync Web App opens. You can also configure the Meeting Join page to enable users to join meetings by
using previous versions of clients.
Because of the enhancements to Lync Web App, an updated version of Microsoft Lync 2010 Attendee is
not available for Lync Server 2013. Lync Web App is the client of choice for participants outside your
organization. With Lync Web App, no local client installation is required, although audio, video, and
sharing features require installation of a plug-in during first use.

Lync 2013 Basic

Lync 2013 Basic is a downloadable client for customers who have a licensed, on-premises Lync Server
2013 deployment and customers who subscribe to a Microsoft Office 365 plan that does not include the
full Lync 2013 client. The Lync Basic client includes enhanced presence, contacts, IM, Lync meetings, and
basic voice functionality. Features not supported in Lync Basic include multiparty video, OneNote
integration, virtual desktop infrastructure (VDI) support, skill search, recording, Enterprise Voice features,
and advanced call handling (for example, call forwarding and Team Call).

Supported Clients from Previous Releases


Lync Server 2013 supports the following clients from previous server releases. You can make certain
previous clients, noted here, available to users when they join meetings.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

1-8 Architecture and Design Approach for Microsoft Lync Server 2013

Lync 2010 Mobile. Lync Server 2013 supports all Microsoft Lync 2010 mobile apps. Microsoft Lync
2010 Mobile provides IM, enhanced presence, and telephony for users in your organization who are
connecting from a smartphone or a phone running a Professional edition of Windows Mobile. You
can instruct your users to install Microsoft Lync 2010 Mobile by directing them to the app
marketplace for their mobile phone.

Lync Phone Edition. Lync Phone Edition software for intelligent IP phones (for example, USB-attached
phones) has not been updated for Lync Server 2013. Lync Phone Edition continues to be supported
for placing and receiving calls, enhanced presence, and client audio capabilities for conferences.

Lync 2010 Attendant. The Microsoft Lync 2010 Attendant integrated call-management program
enables a receptionist to manage multiple conversations at the same time through rapid call
handling, IM, and on-screen routing.
Question: Which Lync Server 2013 clients can be used without Lync 2013 to participate in
online conferences?

Lync Server 2013 Administrative Tools


The administrative tools are installed by default on
each Lync Server server. Additionally, you can
install the administrative tools on other computers,
such as dedicated administrative consoles. Ensure
that you review the infrastructure, operating
system, software, and administrator rights
requirements before you install or use the Lync
Server administrative tools.
The administrative tools consist of the following:

Lync Server Deployment Wizard. Use to deploy


Lync Server and to install all administrative
tools.

Lync Server Topology Builder. Use to define components in your deployment.

Lync Server Control Panel. Use for on-going management of your deployment by using a web-based
interface.

Lync Server Management Shell. Use for on-going management of your deployment by using the
command line.

Lync Centralized Logging Service. Use to troubleshoot problems in your deployment.

You can manage your deployment by primarily using Topology Builder and Lync Server Control Panel.

Deployment Wizard

You must use the Lync Server Deployment Wizard included on the installation media to install all
administrative tools onto a computer on which you have not already installed Lync Server. During the
administrative tools installation process, the Lync Server Deployment Wizard is installed locally, along with
the other tools so that you can later use it to install files for additional components, or remove files for
components that you do not want on the computer.

Topology Builder

For details about deployment tasks that you can perform by using Topology Builder, see the Deployment
documentation for each server role.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-9

MICROSOFT INTERNAL TEACH

Lync Server Control Panel

You can use Lync Server 2013 Control Panel to perform most of the administrative tasks required to
manage and maintain Lync Server 2013. Lync Server Control Panel provides you with a graphical user
interface (GUI) to manage the configuration of the servers running Lync Server, in addition to the users,
clients, and devices in your organization. Lync Server Management Shell uses Lync Server Control Panel as
the underlying mechanism to perform Lync Server configuration.
Lync Server Control Panel is automatically installed on every Lync Server front-end server or Standard
Edition server. In this release, you administer Edge Servers remotely. You can also install Lync Server
Control Panel on another computer, such as a management console from which you want to centrally
manage Lync Server.
Note: To configure settings by using Lync Server Control Panel, you must be logged on by
using an account that is assigned to the CsAdministrator role. To configure settings by using Lync
Server Control Panel, you must use a computer with a minimum screen resolution of 1024 x 768.

Lync Server Management Shell

In Lync Server, the Lync Server Management Shell provides a new method for administration and
management. Lync Server Management Shell is a powerful management interface, built on the Windows
PowerShell command-line interface that includes a comprehensive set of cmdlets that are specific to Lync
Server. With Lync Server Management Shell, you gain a rich set of configuration and automation controls.
Topology Builder and Lync Server Control Panel both implement subsets of these cmdlets to support the
management of Lync Server. The Lync Server Management Shell includes cmdlets for all Lync Server
administration tasks, and you can use the cmdlets individually to manage your deployment.

Logging Tool

The Lync Server Logging Tool facilitates troubleshooting by capturing logging and tracing information
from the product while the product is running. You can use the tool to run debug sessions on any Lync
Server server role.
For more information about the Logging Tool, see the Lync Server 2010 Logging Tool
documentation on the TechNet Library at:
http://go.microsoft.com/fwlink/p/?linkId=199265

Role-based access control

In Lync Server 2013, administrative tasks are delegated to users by using the new role-based access
control (RBAC) feature. When you install Lync Server, a number of RBAC roles are created for you. These
roles correspond to universal security groups in Active Directoryfor example, the RBAC role,
CsHelpDesk, corresponds to the CsHelpDesk group found in the Users container in Active Directory. In
addition, each RBAC role is associated with a set of Lync Server Windows PowerShell cmdlets; these
cmdlets represent the tasks that can be carried out by users who have been assigned the given RBAC role.
For example, the CsHelpDesk role has been assigned the Lock-CsClientPin and UnlockCsClientPin cmdlets;
that means that users who have been assigned the CsHelpDesk role can lock and unlock user PIN
numbers. However, the CsHelpDesk role has not been assigned the New-CsVoicePolicy cmdlet; that
means that users who have been assigned the CsHelpDesk role cannot create new voice policies.

MICROSOFT INTERNAL TEACH

Central Management Database


With Lync Server 2013, configuration data about
servers and services are located in the Central
Management Database. The Central Management
Database provides a robust, schematized storage
of the data needed to define, set up, maintain,
administer, describe, and operate a Lync Server
2013 deployment. The Central Management
Database also validates data to ensure
configuration consistency. All changes to
configuration data happen at the Central
Management Database, which eliminates any outof-sync data issues. The data in the Central
Management Database is replicated as read-only copies to all servers in the topology, including Edge
Servers.

MCT USE ONLY. STUDENT USE PROHIBITED

1-10 Architecture and Design Approach for Microsoft Lync Server 2013

To administer servers and services, you can use Lync Management Shell or Lync Server 2013 Control Panel
to update the settings in the Central Management Database. The Central Management Database
replicates these configuration changes to all the servers in your deployment.
You can store user information in Microsoft Active Directory Domain Services (AD DS) and the Central
Management Database. You can use AD DS to store basic Lync Server 2013 user information, such as the
users SIP Uniform Resource Identifier (URI) and phone number. You can use the Central Management
Database to store user policy information. Using AD DS provides backward compatibility with earlier
versions of Lync Server 2013.
The central management server runs on one server in a front-end server pool in a Lync Server 2013
Enterprise Editionbased deployment or on a single front-end server in a Lync Server 2013 Standard
Editionbased deployment.
Question: Where does the Central Management Database replicate configuration changes
to? How is that beneficial?

Session Initiation ProtocolBased Foundation


Lync Server 2013 is built on SIP-based architecture
similar to most modern enterprise Voice over
Internet Protocol (VoIP) and Unified
Communications solutions. Although SIP has
gained industry-wide acceptance and is more than
ten years old, it is still a fairly new standard.
Various Internet Engineering Task Force (IETF)
working groups are working to further standardize
and develop complementary solutions.
SIP-related request for comments (RFCs) and the
IETF working group documents are the
foundational design elements underlying the
Microsoft Unified Communications solution. To facilitate interoperability and interfacing with other
systems, Lync Server 2013 has been built on standards, wherever possible.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-11

MICROSOFT INTERNAL TEACH

SIP Definition

The abstract of RFC 3261 defines SIP as an application-layer control or signaling protocol for creating,
modifying, and terminating sessions between one or more participants. These sessions include Internetbased telephone calls, multimedia distribution, and multimedia conferences. You can use SIP to set up
media sessions of any kind and not just telephony, modify the sessions while they are on, and then
terminate the connections after the sessions are complete. For example, a participant can start an instant
messaging session with another participant, add audio, and then video to the existing call, and finally
terminate it. There is more to SIP than just handling media; SIP can be extended to perform multiple tasks.
For example, SIP can manage the publishing and requesting of Presence information and the delivery of
instant messages.
Because of the dynamic evolution of Unified Communications, Lync Server 2013 and similar products are
not just based on RFC 3261, but also on the 200 or more IETF Internet drafts and proposed standards, and
SIP-related RFCs. Unified Communications products are based on a range of these RFCs. The following
table describes some drafts and standards that Lync Server 2013 is built on.
RFC/Draft

Description

RFC 2782

This is a DNS resource record (DNS RR) for


specifying the location of services, for
example, DNS service (SRV) records, and is
used to locate servers and services in Lync
Server 2013.

RFC 3428

This is about the SIP for instant messaging


and Presence leveraging extension
(SIMPLE) that is used for IM conferencing.

RFC 3966

This is about the URI for telephone


numbers. It defines how phone numbers
should be represented in SIP
communications.

RFC 5239

This is a framework for centralized


conferencing (XCON) and is the
architecture behind audio/video
conferencing and web conferencing in
Lync Server 2013.

ICE draft vg
& draft v19

This is about ICE, a protocol for Network


Address Translation (NAT) traversal for
offer/answer. These Internet drafts for ICE
are used in Microsoft Office
Communications Server 2007, Microsoft
Communications Server 2007 R2, and Lync
Server 2013.

There are many more RFCs and if you are interested in knowing more about the standard and nonstandard protocols that are used and how they are used, you can read the Microsoft Office protocol
documents on the Microsoft website.
Question: What do you think are the benefits of using a SIP-based foundation in your
organization?

Lync 2013 Hybrid Coexistence

MICROSOFT INTERNAL TEACH

There are two prerequisites for Hybrid deployment


to work:

Deploy DirSync to have user provisioning and


Global Address List (GAL) managed in the
cloud, based on the admin operations
performed on-premises (user creation,
modification, removal, and so on).

Deploy Active Directory Federation Services


(AD FS) to enable users to use their corporate
credentials to access cloud services.

On the diagram, Lync 2010+ pool could be 2010


(with appropriate Cumulative Updates) or 2013.

MCT USE ONLY. STUDENT USE PROHIBITED

1-12 Architecture and Design Approach for Microsoft Lync Server 2013

Federation must use a Lync 2010+ Federation Edge, which must route traffic to a Lync 2010+ pool. If the
company is only using OCS 2007 R2, it will have to deploy Lync 2010 or Lync 2013 to be able to federate
with Office 365, in case the company wants to deploy a Hybrid scenario or wants to migrate existing onpremises users to the cloud.
When looking at this type of architecture, it is important to keep in mind that redundancy is important.
Edge and the next-hop pool must be redundant to ensure that flow between on-premises and online
deployments will not stop, when a single server failure occurs.

Enterprise Voice in Lync Server 2013


Lync Server 2013 introduces several new features
that enhance Enterprise Voice. These are describes
as follows:

Call features. Lync Server 2013 provides a


significantly wider range of configuration
options for call forwarding and simultaneous
ringing. For example, if an organization does
not want incoming calls to be forwarded
externally to PSTN, an administrator can apply
a special voice policy to deploy this restriction.

Caller ID. Lync Server 2013 provides the


administrator the flexibility to modify the
format of the calling partys phone number. This Caller ID presentation feature enables the
administrator to modify the calling partys phone number to a dialing format that is understood by
the trunk peer, if necessary. Additionally, delegates can now set up simultaneous ringing to their
mobile devices for incoming calls to their managers. This provides delegates with more flexibility,
enabling them to answer calls on behalf of their manager, without being tied to a desk phone.

Voice Mail. Lync Server 2013 introduces Voice Mail Escape, an enhancement for managing voice mail.
You can use the feature to detect when a call has been routed to voice mail, and you can prevent the
call from being immediately routed to the users mobile phone voice mail without giving the user the
opportunity to answer the call. This scenario occurs when the user enables simultaneous ringing to
their mobile phone, and their mobile phone is turned off, out of battery, or out of range. Voicemail
Escape detects that the call was immediately answered by the users mobile phone voice mail, and

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-13

MICROSOFT INTERNAL TEACH

disconnects the call to the mobile phone voice mail. The call continues to ring on the users other
endpoints, giving the user the opportunity to answer the call. If the user does not answer the call, the
call is routed to the corporate voice mail.

M:N routing. This is a gateway that can point to multiple Mediation servers.

Response Group Service (RGS) manager. This role is dedicated for day-to-day use.

Inter-trunk routing. This allows Lync to be at the center of a voice deployment. Lync can receive a call
on a trunk and send it on another trunk if the called number is not a Lync user.

Voice is now available in the cloud.

Lync now supports IPV6 deployment. but we recommend that you use dual-stack IPV6/IPV4 to allow
all scenarios (coexistence, third party interop, and so on).

A/V support in VDI environment. A/V is directly captured on the local computer.

Lesson 2

MICROSOFT INTERNAL TEACH

Overview of Lync Server 2013 Core Capabilities

MCT USE ONLY. STUDENT USE PROHIBITED

1-14 Architecture and Design Approach for Microsoft Lync Server 2013

Lync 2013 is a single unified client that provides a Unified Communications solution with features such as
IM, Presence, voice, video, and web conferencing. You need to know how the conferencing clients, Lync
2013 Web App and Lync 2013 Attendee, can be used in remote scenarios. By knowing about the
capabilities of Lync Server 2013, you can better plan for your deployment for internal and external users.
You should also know about the various scenarios in which external users need to access the Lync Server
2013 deployment, and how you can plan for it, based on the support provided for internal and external
users in Lync Server 2013.

Lesson Objectives

Describe the features of Lync 2013.

Describe the features of Lync 2013 conferencing clients.

Describe the external user scenarios for Lync 2013.

Describe the capabilities of Lync 2013 in external user scenarios.

Lync 2013 Features


As a single unified client, Lync 2013 integrates all
the features of a Unified Communications solution,
including IM, Presence, voice, video, and web
conferencing.
Enhanced User Interface
Lync 2013 displays IM, phone, and meeting
capabilities at the top level, along with the contact
list. New tabbed lists include a users current and
recent conversations, and missed calls. Users can
switch between conversation windows. Also, with
the Activity Feed, users can see each others latest
activities, such as new office moves, personal
photos, or status notes.
Me Area

The Me area provides location enhancements, activity feed, and photo features. Lync 2013 can detect the
location of users as they travel between home and work, thereby allowing their contacts to see whether
they are on the road or in a different building. In case of an emergency, E9-1-1 services can find users
easily.
Contact Card

Lync 2013 offers an extended contact card that shows information about the user, the organization, or
distribution groups. Users can display contacts by group, availability, or by level of privacy, with or without
photos. They can start conversations and meetings from the Contacts list just by pointing to the contact.
Contacts can be searched by using keywords such as a contacts title, team, or other expert quality that
might appear on their contact card.
Privacy Enhancements

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-15

Users can assign various levels of access to their contacts depending on their relationship with them, such
as Family or Workgroup. Enhanced presence and privacy relationships allow organizations to show
Presence for individuals who have been explicitly added to contact lists.

MICROSOFT INTERNAL TEACH

Sharing Feature Enhancements

The sharing feature has been enhanced in Lync 2013 to include application sharing, meeting, recording,
playback, whiteboard, and annotation tools. Users can create presentations by using the Microsoft Office
PowerPoint 2013 presentation graphics program. Users can collaborate by using the whiteboard, and
tools such as text, ink, drawings, and images.
Polling

The polling feature enhances collaboration by enabling presenters to quickly determine participants
preferences. During online meetings and conversations, presenters can use polling to gather anonymous
responses from participants. Presenters can view poll results and choose to show or hide the results to the
attendees.
Improved Meeting Join Experience
Joining meetings is faster. After a user has installed Lync 2013, the user typically takes less than two
seconds to join a meeting. Users can easily schedule meetings and invite others before and during
meetings.
Conferencing Attendance and Scheduling

In Lync 2013, the process of sending invitations has been simplified by including a shorter https:// style
Uniform Resource Locator (URL). The meeting organizer can change the language of the invitation from
English to another language, and schedule online meetings when Lync Server 2013 is not available.
Mobile phone users can join audio conferences from the invitation. The meeting organizer can change
permissions with a single click. There is no configuration required for the audio conferencing provider.
These options are automatically selected.
PSTN Dial-in Conferencing Enhancements

When users join a call, a minimal number of short, concise prompts occur. Callers will no longer be
disconnected if no one is available to accept the call. Instead, they wait in the lobby. Meeting organizers
can accept or decline admission to a caller waiting in the lobby. Callers also have access to dual-tone
multifrequency (DTMF) commands through a Help menu item. Callers are notified when calls are
recorded.
Video Enhancements

Lync 2013 provides video controls and full-screen video experience. Lync Server 2013 also supports
panoramic video, multipoint video, subscription video, Video Graphics Array (VGA), and high definition
(HD) video in conferences.

Video is enhanced with face detection and smart framing, so that a participants video moves to help
keep them centered in the frame.

High-definition video is now supported in two-party calls and multiparty conferences. Users can
experience resolutions up to HD 1080p.

Participants can select from different meeting layouts. Gallery View shows all participants pictures or
videos; Speaker View shows the meeting content and only the current speakers video or picture;
Presentation View shows meeting content only; Compact View shows just the meeting controls.

With the new Gallery feature, participants can see multiple video feeds at the same time. If the
conference has more than five participants, video feeds of only the most active participants appear in
the top row, and pictures appear for the other participants.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

1-16 Architecture and Design Approach for Microsoft Lync Server 2013

Participants can use video pinning to select one or more of the available video feeds to be visible at
all times.

Presenters can use the Video Spotlight feature to select one persons video feed so that every
participant in the meeting sees that participant only.

Administrative Enhancements

Lync 2013 provides support for delegate features so that delegates do not have to switch between Lync
2013 and the Lync 2013 Attendant console. Also, in Lync 2013, a delegate can support multiple managers
and use collaboration tools such as application sharing and file transfer, which are not supported by the
Lync 2013 Attendant console.
Call Park and Retrieve

The call park and retrieve feature enables calls to be sent to a general holding area for pickup or retrieval,
by an appropriate response group or individual.
Diagnostics

Pre-call and in-call diagnostics alert users when network quality is poor. During a call, twelve types of
audio quality issues from network, computer, and device sources are diagnosed and communicated to
users. For example, if a user gets a message that the call quality is poor; the user can quickly switch to a
landline phone or mobile phone.
Improved Device Handling
In Lync Server 2013, device handling has been improved to support multiple devices, including USB
devices. In addition, users can switch between devices while in conversation, with a single click.
Emergency Services Support

When a caller makes an emergency call from Lync 2013, the location of the caller is automatically sent to
emergency services. Emergency responders receive the physical location of the phone from which a call
was placed. This requires the implementation of E-9-1-1.
Call Handling

Delegates can support their manager easily by using Lync 2013. Shared lines and the ability to interrupt
the manager at any time, and quick transfer of the line empower delegates with the access they need.
Response group handling of calls is enhanced to support anonymous agents. Response group agents can
answer calls anonymously so that the workflow is not circumvented by callers who use a direct line.
Enhanced Phone Experience

Lync 2013 provides all the functions of a traditional PBX system, in addition to useful productivity
features. The Lync 2013 user interface (UI) includes a tally of the number of missed calls and voice mail
that alerts the user of recent activity. The Phone tab provides a list of voice mails and call logs, and an onscreen dial pad.
Office and Windows 8 Integration
A users contacts, instant messaging, and sharing content are available in Microsoft Office 2013
applications, including Microsoft Office Outlook, Microsoft Office Word 2013, Microsoft Office
PowerPoint 2013, Microsoft Office Excel 2013, and Microsoft SharePoint 2013.

Demonstration: How to Examine Lync 2013 Features


Demonstration Steps
Start the virtual machines

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-17

Logon to Lync 2013


Start a conversation

MICROSOFT INTERNAL TEACH

Examine the content sharing options in the conversation.

Lync Server 2013 Conferencing Clients


To enable users who do not have Lync 2013 to
participate in meetings and conferences, Lync
Server 2013 has an alternativeLync 2013 Web
App. This client provides a good conferencing join
experience and provides access to attend and
present Lync Server 2013 meetings. The following
table lists key features of different Lync
conferencing clients.

Feature/capability

Lync
2013

Lync Win
Store App

Lync 2013 Basic

Lync Web App

Add computer
audio

Add video

View in multiparty
video

Use in-meeting
presenter controls

Access detailed
meeting roster

Participate in
multiparty IM

Share the desktop


(if enabled)

X (Needs plug-in)

Share a program
(if enabled)

X (Needs plug-in)

Add anonymous
participants (if
enabled)

Use dial-in audio


conferencing

Initiate a meeting

X
X

X
X

MICROSOFT INTERNAL TEACH

Feature/capability

Lync
2013

Lync Win
Store App

Lync 2013 Basic

Lync Web App

Add Microsoft
PowerPoint files

Navigate
Microsoft
PowerPoint files

Use OneNote
meeting notes

Use a whiteboard

Conduct polls

Share files

External User Scenarios


External users are users who log on to the Lync
Server 2013 deployment from outside the firewall
or by using a web browser. You can authorize
external users to use Lync Server 2013 to
communicate with internal users. Internal users are
users who log on to Lync Server 2013 from inside
the firewall. In this context, you need to
understand the differences between remote users,
federated users, public IM users, XMPP, and
anonymous users.

MCT USE ONLY. STUDENT USE PROHIBITED

1-18 Architecture and Design Approach for Microsoft Lync Server 2013

Remote users. Are users within the


organization who log on to Lync Server 2013
through the Edge Server. They are not connected to the organizations network directly or through a
virtual private network (VPN), for example, business travelers and telecommuters.

Federated users. Are users who have an account with a trusted customer or partner organization.
When you have a federated relationship with an organization domain, you authorize other users in
that domain to access your Lync Server deployment. This type of relationship is known as federation,
and it assumes that you trust that the federated organization has authenticated its users correctly.

Public IM users. Are users who use IM services, such as Windows Live Messenger. The specific public
IM provisioning process ensures that IM users can interact with Lync Server 2013. To configure public
IM connectivity with public IMs such as Windows Live Messenger, you may need to have a separate
license, depending on your licensing model.

Anonymous users. Are users who have received invitations to participate remotely in a conference,
regardless of whether they have a user account in your organization's AD DS or in a supported
federated domain.

XMPP users. Are users who have an account on an XMPP-based system. Edge Server introduces a fully
integrated XMPP proxy (deployed on the Edge Servers) and an XMPP gateway (deployed on your
front-end servers). You can deploy XMPP federation as an optional component. By adding and

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-19

configuring the XMPP proxy and XMPP gateway, you can enable your Microsoft Lync 2013 users to
add contacts from XMPP-based partners for instant messaging (IM) and presence.

MICROSOFT INTERNAL TEACH

Question: Based on your experience, what is your opinion about firewall traversal of
communications, including audio, video, and files?

External User Capabilities


During planning, you should examine the various
scenarios in which internal users and external users
will interact and use Lync Server 2013 features and
functionality. In this context, you need to know
about the conferencing capabilities available in
Lync Server 2013 for various types of users.

Conferencing Capabilities Available to


Internal Users
You can plan for various scenarios in which
internal users can interact with external users.

IM and Presence. Users can participate in oneto-one IM conversations with public IM users and have IM conferences with remote and federated
users. Users can also view the Presence information of remote, federated, and public IM users. They
can add remote users, federated users, and public IM users to their contact list.

Web conferencing. Meeting organizers can invite remote users, federated users, and anonymous users
to web conferences as either presenters or attendees. Presenters can share applications or their
desktop with federated users, and they can give control to federated users.

Audio/video conferencing. Meeting organizers can specify whether audio and video of the meeting
needs to be hosted for conferences on the internal Lync Server 2013 deployment.

Conferencing Capabilities Available to Remote Users


You can plan for various scenarios in which remote users use the Lync Server 2013 deployment.

IM and Presence. Users can send instant messages and view Presence status without using a VPN to
log on to the internal network. They can add users from federated partners and users of supported
public IM service providers to their contact list. They can also view those users Presence status, even
while they are signed in remotely.

Web conferencing. Users can participate in web conferences as if they were logged on to the internal
network.

Audio/video conferencing. Users can participate in audio/video conferences as if they were logged on
to the internal network.

Conferencing Capabilities Available to Federated Users

The functionality available to federated users depends on the option you choose during planning and
deployment. You can choose either of the following options:

IM and Presence only. Users can participate in IM conversations with individual Lync Server 2013 users
in the organization and access Presence information. However, they cannot participate in Lync Server
2013 multiparty conferences, and they are restricted to peer-to-peer conferencing. You can choose
this option whether or not you deploy conferencing support internally.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

1-20 Architecture and Design Approach for Microsoft Lync Server 2013

IM and Presence, web conferencing, and A/V conferencing. Users can participate in IM conversations
with individual Lync Server 2013 users in the organization and access Presence information. They can
also participate in web conferences and audio/video conferences, if you have planned for it in your
Lync Server 2013 deployment. Federated users have access to the full feature set, except the Lync
Server 2013 address book.

Conferencing Capabilities Available to Public IM Users

The functionality available to federated and public IM users depends on the option you choose for them
during planning and deployment. You can choose either of the following options:

IM and Presence only. Users can participate in IM conversations with individual Lync Server 2013 users
in the organization and access Presence information. However, they cannot participate in Lync Server
2013 multiparty conferences, and they are restricted to peer-to-peer conferencing.

IM and Presence, and Peer-to-Peer Audio/Video. In addition to peer-to-peer IM conferencing and


viewing Presence, public IM users can participate in audio/video peer-to-peer calls with Windows Live
Messenger users.

Conferencing Capabilities Available to Anonymous Users

Anonymous users can participate in IM, web conferences, and audio conferences that are hosted on the
internal deployment. However, they require an invitation to access those features.

Conferencing Capabilities Available to Extensible Messaging and Presence Protocol


(XMPP) Users

Lync Server 2013 introduces a fully integrated Extensible Messaging and Presence Protocol (XMPP) proxy
(deployed on the Edge Servers) and an XMPP gateway deployed on your front-end servers. You can
deploy XMPP federation as an optional component. Adding and configuring the XMPP proxy and XMPP
gateway will enable your Microsoft Lync 2013 users to add contacts from XMPP-based partners for instant
messaging and presence.
Question: Do you perceive opportunities for business usage for audio sessions between Lync
Server 2013 and Skype?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-21

Lesson 3

MICROSOFT INTERNAL TEACH

Introduction to the Lync Server 2013 Design Process

The various phases of a Lync Server 2013 deployment are envisioning, planning, stabilizing, deploying,
and operating. Though the sequence of these phases may vary from project to project, the underlying
objective is to manage the deployment in a structured manner. By understanding these phases and
knowing how to convert business drivers into actual functionality, you can effectively meet organizational
requirements and user needs. You must get stakeholder consensus on key aspects and decisions in the
deployment. You must also plan for user education. This is necessary to ensure that users are aware of all
the Lync 2013 features to best meet the organizational business goals.

Lesson Objectives

Describe the phases of the deployment process of Lync Server 2013.

Describe the sequence in the deployment phases of Lync Server 2013.

Describe how business drivers can be converted to design decisions.

Describe the importance of stakeholder participation in the design phase.

Describe the importance of user education in a Lync Server 2013 implementation.

Phases in a Lync Server 2013 Deployment


The deployment process for a Lync Server 2013
implementation begins with the envisioning
phase. The involvement of the information
technology (IT) department in the project usually
begins after the business decision to implement a
Unified Communications solution has been made.
The major phases of a Lync Server 2013
deployment are:

Envisioning

To determine the scope and plan the


implementation of a Unified Communications
solution such as Lync Server 2013, you should
implement the project in several phases. You can create one or more phases between the initial-state
deployment and the end-state deployment, based on organizational needs. The decisions on phasing and
how to phase your Unified Communications project is usually an iterative process that is based on the
business and technical requirements of the organization.

Planning

During planning, you need to plan for infrastructure requirements and for any dependencies related to
the basic requirements for Lync Server 2013. Based on these decisions, your plan will further evolve to
include external user access and voice requirements. Decisions on external user access and voice
requirements depend on the phasing decisions made in the Envisioning phase.

Stabilizing

The outcome of the Envisioning and Planning stages is the functional specification of the design
document. At this stage, you need to validate the assumptions made during planning on how users will
use the Lync Server 2013 solution. You also need to test and validate the technical assumptions

MCT USE ONLY. STUDENT USE PROHIBITED

1-22 Architecture and Design Approach for Microsoft Lync Server 2013

underlying the design solution. For example, you might need to test whether Lync Server 2013 integrates
well with gateways and whether the current firmware versions can coexist and work in various scenarios.
Stabilizing also involves acquiring support resources and finalizing the design, before you deploy the Lync
Server 2013 solution.

MICROSOFT INTERNAL TEACH

Deployment

The Deployment phase may vary in Lync Server 2013 implementations, based on the actual
implementation. In some scenarios, it will include migration from previous versions of Lync Server 2013.
You can begin deployment by preparing Microsoft Active Directory, implementing the Central
Management Database, and then implementing the first Lync Server 2013 front-end server pool. In the
Standard Edition, you need to prepare the first Standard Edition Server that also includes the Central
Management Database.

Operation

You do not usually plan for operations during planning. However, identifying new operational procedures
or changing existing operational procedures is an important part of the planning phase. If you identify
these operational procedures during planning, your implementation will be successful, because all
stakeholders will have the required documentation ready, and this helps smooth transition.
Question: Does this planning process reflect the planning process you are using now? What
are you doing differently?

Lync Server 2013 Brick Model Approach


In previous versions, the back-end database was
always a bottleneck that prevented more users on
a single pool, and more servers per pool. In Lync
2013, the dependency between the pool and the
back end is less strict: the front-end servers are
managing user states between each other. There
are only lazy writes to the back end, which are
required to rehydrate a pool (after a pool was shut
down completely), and disaster recovery.

User states are copied between the front-end


servers in a pool, directly. Each user belongs to a
specific user group, and a three-server peer pool
holds a copy of the data of each user group. If one of the servers is not online anymore, the secondary (or
tertiary) server will automatically take over for this user group.

To always have at least one server per user group available, you require a minimum quorum per pool. This
is described in a later slide.
All these changes allow pools to scale out to more servers than Lync 2010 allowed.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-23

MICROSOFT INTERNAL TEACH

Sequence of Lync Server 2013 Deployment Phases


When you deploy Lync Server 2013, you will
discern best practices based on your experience.
You can use the best practices in future
deployments. The following are some best
practices you can apply when determining the
phases for your deployment and the order in
which the features and functionality should be
implemented in the organization.

Internal Deployment

Most organizations start with installing and


configuring Lync Server 2013 functionality within
the organization network through local area
network (LAN), wide area network (WAN), and VPN. They deploy IM, Presence, and web conferencing
capabilities.

Small organizations can install Lync Server 2013 Standard Edition, which provides them with most of the
features of Lync Server 2013, except external user access and voice telephony. Organizations that require
redundancy can start with a pilot project, and then proceed to production. If they anticipate the need for
redundancy or the need for additional servers to provide more capacity when moving to production, they
can deploy a single-server Enterprise Edition installation of Lync Server 2013. This installation comprises
one front-end server and a back end Microsoft SQL Server. In this installation, it is very easy to add a
secondary server and then implement DNS load balancing and hardware network load balancing for both
servers, rather than migrate from a Lync Server 2013 Standard Edition installation.
Although it is possible to deploy video at this stage, many organizations do not pursue this in the
beginning, because of the bandwidth requirements for video. Also, implementing video adds to
complexity. Implementing instant messaging and Presence is an easy way to start the deployment, and is
easily accepted. IM and its success in the organization can be used as a driver for additional functionality.

PSTN Dial-in Conferencing

In many organizations, PSTN dial-in conferencing is deployed with the initial deployment. The main
reason for this is to save cost, where organizations can perceive the cost benefits in a complete Lync
Server 2013 project within a 312 month timeframe. In addition, deploying PSTN dial-in conferencing is a
good approach to start work with telephony and gateways. If you are not familiar with telephony and
gateways, you can gain good experience when deploying PSTN dial-in conferencing.

External Deployment

Performing the Edge Server deployment for external scenarios can be quite challenging, primarily because
of firewall implementation issues. Because of these challenges, some organizations deploy external
scenarios many months after the internal deployment has been completed and rolled out to users. With
Lync Server 2013, the planning and deployment of Edge Scenarios has been simplified and this will
probably change this timeframe considerably.
In some organizations, PSTN Dial-in Conferencing and Edge Server deployment are deployed at the same
time because they complement each other. With both options available, users can easily join a web
conference, in various situations. An external user who has been invited to a web conference, an internal
user who is driving toward work, and an internal user without access to a computer can join the meeting.

Enterprise Voice or PBX integration

Implementation of Enterprise Voice or PBX integration can be complex, depending on your choice of
integration method. The simplest method to perform Enterprise Voice or PBX integration is by using a

qualified SIP-to-PSTN gateway or SIP Trunking. In all voice deployments, but especially when
implementing Direct SIP and Remote Call Control (RCC), possessing knowledge on SIP is a great
advantage, because you can debug and troubleshoot any issues during integration. Enterprise Voice
deployment usually includes dial-in conferencing, if it has not already been deployed.

MICROSOFT INTERNAL TEACH

Sequence of Phases
The following are examples of the possible order of sequence for deployment:

Internal deployment, external deployment, PSTN dial-in conferencing, and then Voice

Internal deployment and voice deployment, and then external deployment

MCT USE ONLY. STUDENT USE PROHIBITED

1-24 Architecture and Design Approach for Microsoft Lync Server 2013

The order of Lync Server 2013 deployment depends on the business drivers of the organization. If an
organizations main business driver is access for remote users, work-from-home users, or traveling users,
you will need both internal and external deployments, simultaneously.
Question: How can you plan for challenges in funding issues when implementing a Lync
Server 2013 solution in an organization?

Converting Business Drivers to Design Decisions


Identifying the Business Drivers

Making the transition from the vision for a Unified


Communications solution to making concrete
design decisions is the most important part of
envisioning and planning. Like any vision for a
dynamic real-time solution, the Microsoft vision of
Unified Communications is for a holistic solution
that brings together the various real-time
communication systems and creates new ways for
people to connect with each other. You can derive
your Lync Server 2013 solution from this overall
vision. You need to evaluate organizational needs and user needs to determine the actual functionalities
of Lync Server 2013 or Microsoft Exchange Server Unified Messaging that you would like to deploy in
your Lync Server 2013 implementation.
You need to ask the right questions, which will help you determine the key driver for the deployment.
Determining the key driver helps you determine how to execute the project in various phases, and the
sequence of these phases.

Converting Business Drivers to Design Decisions

After you determine the main business drivers behind a Lync Server 2013 implementation, you can delve
deeper to determine the technical scope of the project. To do this, you can seek answers for some of the
following questions from the organizations stakeholders. The answers to each of these questions translate
into actual functionality, drive your design decisions, and later serve as inputs when you work with the
Lync 2013 Planning Tool.
Note: At the writing of this section, the Lync 2013 Planning Tool had not been released yet.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-25

MICROSOFT INTERNAL TEACH

Answers to these questions indicate the various scenarios and the related functionality that you should
implement to support these scenarios. You can identify the functionalities that are mandatory and those
that are optional.

Stakeholder Participation in the Design Phase


Stakeholder participation is a very important part
in a Lync Server 2013 implementation. Though the
main reason is that you need financial funding for
the project, there are other reasons also. A Unified
Communications-based project affects many
facets of an organization. For example, after Lync
Server 2013 has been implemented, it may change
the roles and responsibilities of team members
working in the telephony department.

The stakeholders in the organization with whom


you need to interact are diverse and may include
departments that are responsible for various areas,
depending on the size of the organization. The following is a list of areas that a Lync Server 2013
implementation will impact. This list is indicative and may vary from project to project, and organization
to organization.

Network. Involves decisions about DNS, firewalls, VPN, public key infrastructure (PKI), and Internet
service providers (ISPs).

Server. Involves decisions about Active Directory, including identity management and provisioning,
and Exchange Server, backup, and monitoring requirements.

Client Desktops. Involves decisions about installing Windows operating system, Microsoft Office, or
other applications.

Education. Involves decisions about user education, Help Desk team member education, and
education for overall operations personnel.

Operations. Involves decisions about handling change management, processes, and working toward
the use of Lync Server 2013 for organization-wide operations.

Telephony. Involves decisions about whether to deploy Enterprise Voice and PSTN connectivity for the
Lync Server 2013 implementation.

Lync Server 2013 is a Unified Communicationbased solution, that involves dependencies on both
Microsoft-based and non-Microsoft infrastructure services. Therefore, you must involve stakeholders
related to these areas in your project. You also need to rely heavily on the stable operations of these
infrastructure areas. The following are some of the key areas that you must consider during a Lync Server
2013 implementation:

Firewall

Deploying Lync Server 2013 for internal use in an organization is usually not too complicated. However,
some organizations may have specific requirements for firewalls between different organizational
departments, regions, or countries. For example, financial institutions operating in Switzerland, Gibraltar,
and other countries have requirements for keeping archiving of voice and IM local to the country.

MICROSOFT INTERNAL TEACH

Network

MCT USE ONLY. STUDENT USE PROHIBITED

1-26 Architecture and Design Approach for Microsoft Lync Server 2013

If you want to implement IP telephony platform and audio/video conferencing in your Lync Server 2013
solution, you will require coordination with and cooperation of the Network department. To achieve good
and consistent voice and video quality, the network, devices, gateways, and servers need to function well.
To facilitate this, Lync Server 2013 supports network layer traffic management by using call admission
control, and end-to-end monitoring and troubleshooting of voice quality by using the Monitoring Server
role.

If IP telephony is already deployed in the organization, the required network support may already be
available for IP telephony. However, you may not be able to directly re-use the solution with Lync Server
2013 because Lync Server 2013 may not support the standards that the current IP telephony solution uses.
For example, Lync Server 2013 does not support Resource Reservation Protocol (RSVP).

Telephony

If you plan to include telephony in the Lync Server 2013 deployment, you might need to manage a few
people-related soft-skill issues. In many organizations, when telephony is introduced as part of the Lync
Server 2013 solution, the telephone department may resist the changes. Some of the reasons for their
resistance may be valid, while others may originate from a failure to correctly interpret the Lync Server
2013 approach to voice, or a lack of comprehension for the troubleshooting tools available for design and
capacity planning.

Educating Stakeholders

The best method to manage these technical and nontechnical issues is to educate all stakeholders on the
Lync Server 2013 solution. If you are only familiar with Microsoft infrastructure products, you should
attempt to know more about telephony and be familiar with the telephony terminology. You can read
beginners guides on Voice over IP and legacy PSTN/Time Division Multiplexing (TDM) telephony
terminology to know more about these subjects.

Hiring Help

If the organization hires an experienced Lync Server 2013 telephony consultant, at least during the initial
phases of the project, it may be easier to deal with some of the technical and nontechnical challenges.
These consultants could be experts who have passed the Microsoft Unified Communications (UC) Voice
Specialization Exam and/or partners who are members of the Microsoft Voice Partner Program (VPP).
They might also have passed the Microsoft Certified Master Exam and have a thorough understanding of
the Lync 2013 product.

Management Support

Support from senior management is vital for the success of the project. With good support from the
management, you can easily transition from the current environment to a full-fledged UC solution that
also contains voice. Management support is beneficial throughout the project, especially in providing the
right direction to all stakeholders.
Question: Have you seen issues with lack of stakeholder participation in other projects?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-27

MICROSOFT INTERNAL TEACH

Discussion: Importance of User Education


Users are familiar with some capabilities of Lync
Server 2013, such as IM and Presence because
these capabilities are already popular to most
users, for example, how to use public instant
messaging products such as Windows Live, which
is similar to Lync 2013. However, some capabilities,
such as web conferencing or audio/video
conferencing, require users to possess more skills
than basic telephony functions.
Discuss the answers to questions on the
importance of user education.

Do you think user education is a necessary part of a Lync Server 2013


implementation?

Many issues related to a Unified Communications deployment originate from a failure to educate
users when the solution is rolled out. Sometimes, there is a failure to set the right expectations among
users about the Unified Communications solution.

If the organization wants to fully benefit from the Lync Server 2013 implementation, user education is
important.

Some companies specialize on training related to organizational rollout and user education on
Unified Communications. They are not experts at implementing UC, because they do not have a
technical background. However, they understand how to help organizations to fully utilize and
benefit from the Unified Communications solution. You should recommend for such services for users
in the organization.

What has been your experience in trying to educate users about UC-based solutions?

You can deliver user education through various methods. Delivering training to several thousand
users can be quite challenging. Using the standard classroom training may not be possible or
effective. Therefore, delivering online training through e-learning or video-based training is an
option. Microsoft provides a few Quick Start guides and question/answer cards on Lync Server 2013
and Unified Communications, which you can use for user training.

Departmental and inter-departmental meetings can be organised by using Lync Server 2013 so that
users experience the benefits from the solution. User training can also be held by using Lync 2013
meetings so that users can experience how the product can be used in real-time. Evangelists for
Unified Communications can be identified in the organization to help users who have queries about
Lync 2013 or have challenges in using some features, such as web conferencing or audio/video
conferencing.

Microsoft Lync 2013 Rollout an Adoption Success Kit (RASK)

The Lync Rollout and Adoption Success Kit (RASK) is designed to help you achieve rapid, sustained
adoption of Lync 2013 and long-term operational success. It focuses on the organizational readiness,
change management, and user experience aspects of your Lync 2013 rollout.

RASK uses an intuitive framework with valuable resources and prescriptive guidance to ensure that these
critical components are considered, incorporated, and properly aligned from the earliest stages of your
technical deployment through run state operations.

MCT USE ONLY. STUDENT USE PROHIBITED

1-28 Architecture and Design Approach for Microsoft Lync Server 2013

RASK is organized into 3 core components: Rollout phases, Readiness focus areas, and the Deployment
readiness report. Together, these components create a flexible framework that is easy to
customize according to the unique characteristics of your organization, and that is relevant to
deployments of almost any size or complexity.

MICROSOFT INTERNAL TEACH

Lync Adoption and Training Kit


http://go.microsoft.com/fwlink/?linkid=242037

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-29

Lesson 4

MICROSOFT INTERNAL TEACH

Assessing Infrastructure Requirements and Updating the


Design

A Lync Server 2013 design contains various components. Before you begin deploying Lync Server 2013,
you should assess the current network and infrastructure of your organization. This will help you to plan,
design, and implement Lync Server 2013 so that it works well for your organizational needs. You need to
assess session initiation protocol (SIP) domains and update the design accordingly. You will also need to
assess Exchange Server integration, client integration, and voice requirements, and update your design
during the planning phase. In addition, you will need to analyze the importance of documenting the
business and technical requirements.

Lesson Objectives

Describe the components of a Lync Server 2013 design.

Assess SIP domains and update the design.

Assess Exchange Server integration and update the design.

Assess client integration and update the design.

Assess voice requirements and update the design.

Discuss the importance of documenting the business and technical requirements.

Components of a Lync Server 2013 Design


A functional specification document includes the
conceptual design and is one of the outputs of the
planning phase. This document can be used to
review estimates about project size, and calculate
the number of servers, licenses, and work hours.
The functional specification helps you
communicate the overall design to stakeholders in
the organization.

There are several layers of design in a Lync Server


2013 solution, including conceptual design, logical
design, and physical design. The further you get
into the development process, the more detailed
the design will be. For example, during conceptual design, if you anticipate that you need two front-end
servers and one back-end SQL Server, during logical design, you will drill down to details about the design
of each server role.

Conceptual Design

The conceptual design depicts the functionality of each major feature of the solution. It captures how the
solution will work for both users and administrators. The design team needs to consider the needs of all
user profile groups when designing the solution. To determine user needs correctly, the design team must
have a clear understanding of the requirements. You can perform requirements analysis by reviewing the
documents that you develop during Envisioning, include the following:

Business requirements

User requirements

MICROSOFT INTERNAL TEACH

Usage scenarios

Operational requirements

System requirements

MCT USE ONLY. STUDENT USE PROHIBITED

1-30 Architecture and Design Approach for Microsoft Lync Server 2013

The design team incorporates these requirements in terms of descriptions that eventually become part of
the functional specification. You then need to convert the conceptual design into a logical design.

Logical Design

The logical design provides information on components and roles of the architecture, component
behavior, and relationship between the components. In the logical design, you need to convert the
content from the conceptual design to an abstract model that highlights the logical objects and entities of
architecture. For example, in an infrastructure project, the architecture can include a series of block
diagrams showing networks, service components, and network connection elements. You can show
components that are out of scope of the project, but may interact with the subject of the migration. The
logical design helps in refining the requirements that were created in the conceptual design. You now
need to implement the physical design from the logical design.

Physical Design

The physical design of the solution specifies the logical objects that fit into specific physical objects of
architecture. The physical design includes the anticipated metrics to assess performance goals, uptime
goals, and milestones of the solution. For example, the physical design might include metrics for network
performance and the requirements to meet these metrics. You might also need to establish the
production metrics for various deployment scenarios. The design strategy may include how the existing
application or infrastructure implementation will be replaced by the new implementation without
violating ongoing service level agreements (SLAs). It should depict the start point of the current
organizational state until the end-state environment, showing specific deployment activities. The
deployment scenarios must show both the desired end-state and the path to reach that end-state.

You can use the Lync Server 2013 Planning Tool to create the conceptual design of your Lync Server 2013
implementation. However, before using the planning tool, you need to assess the current infrastructure
requirements in detail.
Note: The Lync 2013 Planning Tool can be found here: http://www.microsoft.com/enus/download/details.aspx?id=36823.
Question: How can you apply the components of design to a Lync Server 2013 project?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-31

MICROSOFT INTERNAL TEACH

Assessing the Required SIP Domains and Updating the Design


You can use SIP to set up, control, and manage
voice and multimedia sessions. SIP URI is an
address or identity of a SIP entity. The SIP URI
contains two parts, namely, SIP number or
identifier, and SIP domain. In a SIP address, the SIP
identifier is followed by an "@" symbol, and is
followed by the SIP domain. For example, in the
SIP URI, claus@contoso.com, "contoso.com" is the
SIP domain and "claus" is the SIP identifier. You
can use a SIP domain as a namespace for creating
user IDs. You can also use the SIP domain for
federation with other systems, such as federated
Lync Server 2013, public instant messaging, or Jabber XMPP.

Need for a Single SIP URI

To use Lync 2013 features such as Presence in Outlook 2013 in the organization and in partner
organizations, you should keep the users primary Simple Mail Transfer Protocol (SMTP) domain and SIP
URI identical. Otherwise, partner integration will pose a challenge. For example, if a user has a primary
SMTP email address, claus.hansen@contoso.com, and a SIP URI address, claush@contoso.com, you cannot
provide transparent integration with federated partners.

Gather Existing SMTP Domain Names on the Network

Planning for required SIP domains is similar to collecting the SMTP domains that are currently in use in
the organization. You can assign only one SIP URI for each user. While a user can have many email
addresses, that user can have only one primary SMTP email address.

In real-time, you may start work with organizations assuming that they only have one SMTP domain.
However, after further investigation or during actual deployment, you might discover that the
organization has, for example, 20 SMTP domains that are in use. In such a situation, the following are the
decisions you should advise the organization to make:

Only use one or a few SIP domains.

Use one SIP domain for every SMTP domain.

Determine how to choose the SIP address for users who have different email addresses, for example,
claus.hansen@contoso.com, claush@contoso.com, and claus@contososales.com.

You can ensure that there is a single SIP domain in a Lync Server 2013 deployment by planning
thoroughly and by determining effective methods to collate and make the SIP domain identical for all
users. One method to collate existing SMTP domain names is to use PowerShell script.
The following code example shows how you can gather SMTP domains that are currently in use in the
organization from Exchange Server 2007 or Exchange Server 2013.

get-mailbox | select primarysmtpaddress | % {$_ -replace "^([^@]+)@", ""} | sort -unique

Impact of Changing the SIP URI

When you make changes to the SIP URI, you also need to consider that if a users SIP URI is changed, for
example, from claush@contoso.com to claus@contosales.com, this change will be reflected for users with
the same Lync Server 2013 implementation. However, federated users on the contact list will not be
notified about this change. Therefore, after the SIP URI has been shared with external users by the
organization, you should not change the SIP URI.

Question: How is the SIP URI different from the mail URI?

MICROSOFT INTERNAL TEACH

Assessing Exchange Server Integration and Updating the Design


To integrate Lync 2013 with Microsoft Office
2013 applications, you need to review and plan
the configuration, to ensure that you have
everything required for a successful integration.
You need to assess and plan for integration
between Lync 2013 and Exchange Server to access
and update shared information. You must also
review the integration features that you can
configure during Lync 2013 deployment. You can
use in-band server settings to control the level of
Lync 2013 integration with Microsoft Office
2013 applications.

Lync 2013 Integration with Exchange Server

MCT USE ONLY. STUDENT USE PROHIBITED

1-32 Architecture and Design Approach for Microsoft Lync Server 2013

To support Lync 2013 integration, both Lync 2013 and Outlook 2013 read and write information directly
to Exchange Server. In this context, you need to know how to plan for the Exchange Server interfaces used
by Lync 2013 and Outlook 2013.
To display information about a contact in an email message, Office Outlook 2013 first retrieves the
contacts SIP address locally, and then makes a remote procedure call (RPC) to Exchange Server, if
required. During a single Outlook 2013 session, the number of RPCs decrease as more SIP addresses are
cached. In Lync 2013, integration features use either Messaging Application Programming Interface
(MAPI) or make Exchange Web Services calls to Exchange Server for the following purposes:

To access conversation history and missed calls

To play back voice mail messages

To display Free/Busy information and working hours

To display meeting subject, time, and location

To display Out of Office status and note

You need to remember that Office Outlook 2013 makes remote procedure calls to resolve SIP addresses
only, if you select the Display online status next to a person name option. To view this option in Office
Outlook 2013 from the Tools menu, click Options, click Other, and then click Person Names. Choose an
Appropriate Exchange Server Communication Interface.

You can evaluate the communication interfaces used by Lync 2013 to access and update features shared
with Office Outlook 2013. Lync 2013 makes Exchange Server calls either directly, through MAPI or
Exchange Web Services (EWS), or indirectly, by using the Microsoft Office Outlook Object Model.

Plan for Publishing Free/Busy Information

A Lync 2013 user cannot access another users availability or schedule directly. Therefore, Free/Busy and
Out of Office details are published as part of a contacts extended presence information. This works as
follows:

On User As computer, Lync 2013 sends Exchange Web Services calls to determine User As Free/Busy
and Out of Office status.

Lync 2013 then updates User As enhanced Presence data with this information.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-33

Other Lync 2013 and Microsoft Office 2013 users can now view User As schedule details and Out of
Office status, if applicable.

MICROSOFT INTERNAL TEACH

The availability of Free/Busy and Out of Office information about a contact is also controlled by a users
Privacy Relationship settings.

Controlling Integration

All Outlook 2013 integration features are enabled by default, but can be controlled individually by using
Lync 2013 or by using in-band server settings.
When you plan for the Lync Server 2013 solution, you can use the in-band server settings to enable or
disable individual integration features, either during deployment or during maintenance.

Planning for the Appropriate Exchange Server Version

Lync 2013 supports various versions of Exchange Server. Microsoft Outlook must be installed on the client
computer to handle Extended MAPI calls, and some features require the use of Exchange Web Services
(EWS). Depending on the Exchange Server version in the organization, you can plan for integration with
Microsoft Office 2013 applications.
Lync 2013 supports integration with the following versions of Exchange:

Microsoft Exchange Server 2007 Service Pack 1 (SP1) or latest service pack

Microsoft Exchange Server 2010 or latest service pack

Microsoft Exchange Server 2013


Question: What do you think of the change from a MAPI-based approach to EWS?

Assessing Client Integration and Updating the Design


Lync Server 2013 supports interoperability among
Lync Server 2013 clients. Most IM, Presence, and
existing voice features are also supported when
interacting with Office Communications Server
2007 R2 and Office Communications Server 2007
clients. When installing Lync Server 2013 or
migrating from previous versions of Lync Server
2013, you need to consider certain factors that are
important for client integration. You need to
examine and plan for interoperability among users
who use various Lync Server 2013 clients and
previous versions of Lync Server 2013 clients.

Be Aware of New Client Features

Determine the client features that you need to deploy during planning. In Lync Server 2013, there are a
few changes to client configuration, installation and updates, and alternate meeting clients for users who
do not have Lync 2013 installed. Lync 2013 also has improved privacy and scenario changes. You should
be aware of these changes, when you plan for client integration.

Plan for Client Deployment

Determine the clients you want to use for your topology. Lync Server 2013 provides various clients for
mobile devices, web-based clients, and computer-installed clients.

Determine Hardware and Software Requirements


Determine the hardware and software requirements for Lync Server 2013 clients. Ensure that your
topology supports the hardware and software requirements.

MICROSOFT INTERNAL TEACH

Examine Policies and In-Band Settings

MCT USE ONLY. STUDENT USE PROHIBITED

1-34 Architecture and Design Approach for Microsoft Lync Server 2013

With Lync Server 2013, most policies for clients are no longer controlled by Group Policy Object (GPO),
but delivered by using in-band settings. In Lync Server 2013, you can use Group Policies for client boot
strapping, such as setting security policies, Transport Layer Security (TLS) or TCP, or to determine whether
the tour of the interface should be displayed. You should plan for the configuration of client Group Policy
settings for boot strapping before the user signs in to the server for the first time. Also, for migration
projects, you can configure the client version policy to control the client software versions.
You can configure most Group Policy settings in previous versions of Lync Server 2013, such as Office
Communications Server 2007, by using Windows PowerShell cmdlets, New-CsClientPolicy, or SetCsClientPolicy. With the new approach in Lync Server 2013 toward in-band settings, you can plan for
moving appropriate Group Policy settings from GPOs to policies. You can also plan for eventual
coexistence of policies for Lync 2013 clients and GPOs for previous versions of Lync Server 2013 clients
during migration.

Consider Compatibility of Client Versions


Determine how Lync 2013 will interact with previous versions of Lync 2013, and installed versions of
Microsoft Office and Exchange Server.

Consider Voice Interoperability for Meetings

Office Communicator 2007 does not support voice features available in Communicator 2007 R2 and Lync
2013, such as call park, team call, and response group service. The following are some call park issues that
you should be aware of, during migration:

You cannot park a call from an Office Communications Server 2007 client or device.

Conferencing interoperability may also be difficult.

When a user account is moved from Office Communications Server 2007 R2 to a Lync Server 2013 server,
the meetings already scheduled by the user and the users personal identification number (PIN) are
moved. However, you should advise the meeting organizers to reload content into their scheduled
meetings after migration. You do not need to assign a new PIN.
The following table describes the Lync 2013 interoperability with meetings hosted or scheduled on
previous versions of Office Communications Server.
Lync 2013 Interoperability
with Previous Versions

Lync 2013 User Experience

Scheduling

Lync 2013 users cannot schedule meetings on earlier


server versions.
When modifying the end date, subject, or attendee list
of meetings migrated from previous server versions to
Lync Server 2013, users are prompted to convert the
meeting to Lync Server 2013.

Joining

No issues.

In meeting

New Lync 2013 features are unavailable.

Question: Where would you put your effort in the client integration and to update the
design?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-35

MICROSOFT INTERNAL TEACH

Assessing Voice Requirements and Updating the Design


As part of the envisioning process, you will need to
investigate the voice requirements and technology
options for the organization. The organization
may already have chosen some of the features
that they would like to provide for their users, and
you can use this in you initial investigation to
determine voice requirements. You might have
accomplished some part of this investigation when
you analyzed the business needs and converted
them into design decisions.
Moving forward, you need to both investigate and
decide on the options for deploying voice in your
Lync Server 2013 deployment. Some of the voice deployment options may include:

Using SIP-to-PSTN gateways, including Survivable Branch Appliances.

Direct SIP by using PBX.

SIP-to-PSTN Gateway to PBX.

SIP Trunking.

Current dialing habits and dial plans.

Devices.

During envisioning, you need to evaluate the options available for the organization, perform an initial
assessment, and make design decisions on the various methods that you plan to use. For example, some
branch offices may use Direct SIP, while others may use SIP Trunking. You need to consider such
requirements in your plan.

At this stage, it may be neither feasible nor necessary to decide on the final voice implementation design.
However, you need to create the first version of your vision and scope document. You will need to make
some initial decisions to perform a rough calculation of the project cost and expected savings for the
organization. For example, removing a PBX, which has an expensive yearly maintenance contract, would
be a tangible benefit that you can highlight to project stakeholders and senior management.
In the envisioning phase, you can leave certain options open for further investigation. For example, you
will be able to perform a more detailed technology evaluation during the planning phase. So, a decision
may also be to deliver possible solutions:

If possible, use Direct SIP from vendor PBX to Lync Server 2013.

Use a fall back plan of SIP-to-PSTN Gateway from PBX to Lync Server 2013.

MICROSOFT INTERNAL TEACH

Discussion: Importance of Documenting the Business and Technical


Requirements
Based on the information collected from the
business, organization, and stakeholders, and the
technical information gathering sessions, you need
to records and discuss the design with
stakeholders.
Discuss the answers related to the importance of
documenting the business and technical
requirements.

Why should business and technical


requirements be documented?

MCT USE ONLY. STUDENT USE PROHIBITED

1-36 Architecture and Design Approach for Microsoft Lync Server 2013

Helps stakeholders from the business side


Concepts described as metaphors are often easier to understand, and they are effective in creating a
common understanding of the overall business goal of the project. The conceptual design helps
people from the business side to visualize some of the technical, financial, and productivity benefits
they can obtain by implementing the Lync Server 2013 solution.

Helps stakeholders from the technical sideWhen the documentation of the technical design is
considered, you can use a Microsoft Office Visio diagram to effectively communicate the design
solution. Your description in the conceptual design should be simple and direct. A good conceptual
design of about 4-5 pages, which clearly records how organizational needs and user needs are going
to be met, is better than a 75-page document that stakeholders may not read.

How do you records the business requirements and ensure that they are met?

Record the business requirementsCreate a numbered list of all the requirements in the logical and
physical design, and correlate this numbered list to the conceptual design, to ensure that all
requirements are met.

Why should you receive feedback from stakeholders and update the design at key
milestones?

Get feedback from stakeholders at every milestoneInvolve stakeholders during the project at
specific milestones and show them the current planned design, and get their feedback on whether
the design will meet their needs. Their opinions help you keep the scope of the project in perspective;
and if there is a change in scope, it can be handled, as and when required.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-37

Lesson 5

MICROSOFT INTERNAL TEACH

Planning for all Microsoft Solutions Framework Phases

When making design decisions in the envisioning and planning phases, you need to involve the key teams
in the organizations to ensure that the Lync Server 2013 implementation meets organization needs.
Following the plan, build, deploy, and operate model, based on the Microsoft Solutions Framework (MSF),
will help you effectively use the existing processes and activities.
Migration to Lync Server 2013 can involve migration from previous versions of the product such as Office
Communications Server 2007 and 2007 R2 to Lync Server 2013, and migrating existing audio/video, web,
or voice platform to Lync Server 2013. By planning for the right migration strategy, you can ensure a
smooth transition to Lync Server 2013.
Establishing the initial state and end-state environment of the deployment at various stages can help you
effectively build a good technology plan for the organization. In addition, the functional specification
provides clarity by serving as a technical description of the solution and as a contract between the
organization and the project team.

Lesson Objectives

Describe the importance of discussions with stakeholders during the envisioning and planning phases.

Describe how to plan for project extensibility.

Describe how to plan the best strategy for migration.

Describe the need to decide on initial state and end-state environment of various project stages.

Describe the components of a functional specification.

Microsoft Solutions Framework Project Approach

Body of Work

Deliverables

Sign Off

A Project Definition
Report/Vision and Scope
Document

Milestone 1:

Phase 1Envisioning
Project Definition
Workshop (PDW)

Risk Assessment
Document
Project Structure

Vision and Scope


Approved
Agreement on Overall
Direction, Feature Set

Body of Work

Deliverables
Document and HighLevel Project Plan

MICROSOFT INTERNAL TEACH

Communication Plan

Sign Off
and General Timetable
Interim Milestones
Core Team Organised
Vision and Scope Drafted

Phase 2Planning
Project Planning,
Architecture, Design, and
Initial Testing

Functional Specifications:
solution Architecture and
Designs
Network Assessment
Report
Initial Solution Testing
Master Project Plan
Master Project Schedule
Risk Management Plan

Milestone 2:
Project Plans Approved
Project Baselined and
Placed Under Change
Control
Interim Milestones
Technology Validation
(Current and Third-Party
Environment)
Functional Specification
Baselined
Master Plan Baselined
Master Schedule
Baselined
Development and Test
Environment Setup

Phase 3Design/Developing
Building of Solution
Infrastructure Components
and Documentation

Solution as per Functional


Specifications
Detailed Designs
Functional Specification
Frozen

Milestone 3:
Scope Complete Sign-off
Features Complete,
Solution Ready for
External Testing and
Stabilisation

Test Specifications and


Test Cases

Interim Milestones:

Deployment Planning

Internal Builds Complete

Golden Release

Milestone 4:

Release Notes

Release Readiness Signoff

Phase 4Stabilizing
Testing of Finalized
Solution in Production
Environment (Pilot).

Performance Support
Elements
Project Documents

Responsibility
Transferred from Project
Team to Operations and
Support Teams

Milestone Review

Interim Milestones

Test Results

Pre-Production Testing

MCT USE ONLY. STUDENT USE PROHIBITED

1-38 Architecture and Design Approach for Microsoft Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-39

Body of Work

Deliverables

Sign Off
Complete

MICROSOFT INTERNAL TEACH

User Acceptance Testing


Complete
Pilot Complete
Phase 5Deploying
Deployment of Core
Technology and Site
Components, transition to
Operations and Support

Operations and Support


Information
Procedures and Processes
Final Versions of Project
Documents
Documentation
Repository for Project
Documentation
Project Close-Out Report
Customer Satisfaction
Data
Definition of Next Steps

Milestone 5:
Deployment Complete
Sign-off
Customer Agrees that
Project Team Has Met
Their Objectives; Success
Criteria Have Been Met
Interim Milestones
Core Components
Deployed
Site Deployments
Complete
Deployment Stable

Discussion: Design Decisions in the Envisioning and Planning Phases


Although project management models such as the
MSF explain how to execute a project in a
structured manner, in actually practice, executing
all projects smoothly in real time may be difficult.
Discuss the answers related to how design
decisions should be made during the envisioning
and planning phases.

During envisioning, you build prototypes, set


design goals, and create a conceptual design.
Therefore, you make some initial design decisions
in this phase, and then continue with your
decision-making process in the planning phase.
You transition from presenting the overall goals at a high level to specific objectives and documentation
in the logical design and physical design of the solution. Because these design decisions influence the rest
of the project, you must involve the stakeholders in the initial envisioning phase. Key constraints and
design influencing factors can be identified early in the project. Also, having involvement from
stakeholders from the test and release teams during design prepares the organization for the future rollout of the Lync Server 2013 implementation.

Discussion Questions

MCT USE ONLY. STUDENT USE PROHIBITED

1-40 Architecture and Design Approach for Microsoft Lync Server 2013

MICROSOFT INTERNAL TEACH

Do you usually involve team members from operations during the initial envisioning
phases?

Often, team members from the operations team are not involved in initial discussions and during design.
One reason for this can be that the initial decisions of a project are taken at the business level. Then, these
business personnel, along with an IT manager or IT architect, complete most of the envisioning phase
before handing it off to the IT department. The reason why organizations do not involve team members
from the operations team is to save the time of operational resources. The design solution may not truly
reflect the scenarios at the operations level. Organizations should do this only if the IT manager or IT
architect is able to view the solution from an operation perspective.
The Microsoft presentation on MSF (Presentation at MSF for Danfoss.ppt) states that the reasons for
failure have very little to do with technology. The issue, instead, is with the processes people use to be
successful with technology. These reasons are not related to a single persons capabilities, but to the way
people work together. MSF is built to improve the way people work together to deliver technology
solutions.

What benefits do you think can be reaped, if any, from the early involvement of
stakeholders other than the business and IT management, and a few select IT
architects?

Early identification of design influencing factors creates a better scoping of the actual project cost in
terms of time and material. This way, smoother deployments and roll-outs can happen during production.

Planning for Project Extendibility


The MSF project model is related to Microsoft
Operations Framework (MOF), which provides an
approach to achieving mission-critical production
system reliability, availability, and manageability.
MOF is based on an internationally accepted set of
best practices in IT service management, called the
IT Infrastructure Library (ITIL). MSF and MOF have
been designed to work well together, and
independently.
The key goals for MSF are to drive an
organizations success through business and
technology alignment, ensure high quality
solutions, accelerate delivery, reduce costs, minimize risks, and improve team effectiveness.

Following the plan, build, deploy, and operate model will help you to effectively use the existing ITIL
processes and activities. You can use MOF for the detailed service management functions, which include
key processes. In MOF, each process has a key set of activities coupled to it. Planning for the after-life of a
project by using MSF and MOF is about designing, building, and deploying, and using the tools necessary
to refine and expand the scope of your Lync Server 2013 implementation. The MSF and MOF process
models provide guidance on how to implement value-added activities.
Most organizations face challenges in delivering IT solutions. However, MSF brings together a wide body
of experience that you can use in your projects. You can choose and customize the parts of the MSF
model that resolve your critical problems, and put those parts into practice.
Question: Are you familiar with MSF and MOF or similar frameworks? If yes, what is your
experience with them?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-41

MICROSOFT INTERNAL TEACH

Initial State and End-State Environment


Describing an initial state and an end-state
environment as part of the project documentation
can be useful in describing the implementation of
Lync Server 2013 in the organization to users and
the management.

To manage the expectations of stakeholders and


users, you need to describe the initial state
environment, and then the end-state environment.
For example, you may start with Stage UC1 and
move to UC2 in the first phase. UC2 becomes the
initial state environment for the next phase, before
you proceed to move to stage UC3. Describing the
different end states from the beginning of the project can also be used as a tool to convince some
extremely eager stakeholders, who might insist on implementing all the features in a single
implementation, which may not be feasible. With an initial state and end-state plan, you can explain that
during a certain phase, it is feasible and practical to implement the features and functionality planned for
that phase.
The following is an example of a simplified description of Lync Server 2013 deployment phases:

Phase UC1: Deployment of Lync Server 2013 Internally


o

Presence, IM, and Conferencing

Audio/video

Phase UC2: Deployment of Lync Server 2013 Externally


o

Inviting customers/partners to meetings

Federation

Phase UC3: Deployment of Voice


o

Dial-in conferencing

Lync Server 2013 as soft phone

Phase UC4: Building Contextual Communication into Business Applications


o

Presence-enabling Enterprise Resource Planning (ERP) and customer relationship management


(CRM)

Building workflows around business processes or applications

By establishing the initial state and the end-state plans, you can effectively build a technology plan for the
organization. If you add dates to each of these milestones, you can indicate to the organization what to
expect and by when. Revisiting the initial state and end-state plans, when each phase is completed, allow
you to plan for each upcoming phase also.
Question: Would this deployment approach fit your organization?

MICROSOFT INTERNAL TEACH

Components of a Functional Specification


Developing the solution design and architecture
begins with a design process. The end results
should be more than just the conceptual, logical,
and physical design. The end result should be a
functional specification document. A basic
functional specification should include:

A summary of the vision/scope document as


agreed upon and refined, including
background information to place the solution
in a business context

Any additional user and customer


requirements beyond those already identified
in the vision/scope document

The solution design

Specifications of the components that will be part of the solution

MCT USE ONLY. STUDENT USE PROHIBITED

1-42 Architecture and Design Approach for Microsoft Lync Server 2013

The functional specification must describe, without ambiguity, the complete functionality of the solution.
Quantitative measurements should be included in the functional specification whenever possible.
Quantifying performance or business metrics in a functional specification is significant because the
information can be used to drive justifications, for example, in development and operations, for a project.
These metrics are as much a part of the specification as any other functional details. The following list
describes the information that should be included in the functional specification:

Features. The functional specification should record the complete set of planned features for the
solution. The features of the solution should be expressed by using both words and diagrams, if
possible. Quantitative specifications for the solution, such as database capacity, concurrent user
capacity, and performance metrics should be clearly stated.

Security Requirements. A functional specification should specify the strength of security to be used for
concepts such as transactions, including a description of any encryption standards to be used. A
description of the types and locations of the security systems should also be included.

Legal Requirements. Legal requirements must be clearly understood and stated in the functional
specification, including what needs to be done to adhere to these requirements. For example, custom
solutions to meet a custom user scenario, a governmental requirement, or a business policy can be a
part of the legal requirement.

Risk Analysis Documents. Risk analysis documents should include descriptions of potential impact to
the project and mitigation strategies. For example, the risk analysis documents should state what the
risk of failing to obtain necessary hardware would be, and the documents should provide a mitigation
strategy for dealing with this risk.

The following are examples of information that should not be included in a functional specification
document:

Details of Software Architecture. Too much detail in a functional specification can overburden a
project team with extraneous facts.

Detailed Database Schema. A high-level description of database details is sufficient to include in a


functional specification.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 1-43

MICROSOFT INTERNAL TEACH

Interim Milestone: Functional Specification Baselined

At the interim milestone, the functional specification is complete enough for customer and stakeholder
review. At this stage, the team specifies a baseline of the specification and begins to track changes
formally. The functional specification is maintained as a detailed description of the various solution
components and how the solution will look and operate. The functional specification can be changed only
with customer approval. In the end, the functional specification serves as the basis for building the master
project plan and schedule.
Question: Are you aware of the templates and tools that Microsoft provides to create a
functional specification, and if so, do you have experience in using them?

Module Review and Takeaways

MICROSOFT INTERNAL TEACH

Review Question(s)

MCT USE ONLY. STUDENT USE PROHIBITED

1-44 Architecture and Design Approach for Microsoft Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED


2-1

MICROSOFT INTERNAL TEACH

Module2
Designing a Lync Server 2013 Topology
Contents:
Module Overview

2-1

Lesson 1: Planning the Infrastructure Requirements for Lync Server 2013

2-2

Lesson 2: Using the Lync Server 2013 Planning Tool

2-9

Lesson 3: Using Topology Builder

2-12

Lesson 4: Planning the Server Infrastructure

2-18

Lesson 5: Designing Documentation by Using Microsoft Office

2-22

Lab: Preparing the Environment and Deploying a Lync Server 2013 Pool

2-24

Module Review and Takeaways

2-29

Module Overview

Designing a complex Microsoft Lync Server 2013 topology, including defining the network sites and
network regions, and sizing and placing server roles, can be challenging. The topology must adhere to
organizational compliance requirements, if any. When you design the topology, you must consider the
infrastructure requirements of the organization. To make your work easier, Lync Server 2013 provides
tools such as Planning Tool and Topology Builder to plan, design, and publish your Lync Server 2013
topology. Using these tools, you can plan and design an effective site topology. In addition, you need to
create a document of your design and update it throughout the project, by using tools such as
Microsoft Office 2010 or 2013.

Objectives

Plan the infrastructure requirements for Lync Server 2013.

Use the Lync Server 2013 Planning Tool.

Use Topology Builder.

Plan for site topology.

Design the site topology.

Plan the server infrastructure.

Design the documentation by using Microsoft Office.

Lesson 1

MCT USE ONLY. STUDENT USE PROHIBITED

2-2 Designing a Lync Server 2013 Topology

MICROSOFT INTERNAL TEACH

Planning the Infrastructure Requirements for Lync Server


2013

As a Unified Communications architect, when you plan for a Lync Server 2013 solution, you need to plan
for server hardware and software requirements. You must ensure that all the network and infrastructure
components work well with Lync Server 2013. Based on your evaluation of the utilization of resources, you
may need to readjust and realign your original plan, for a successful implementation.

Lesson Objectives

Plan for server hardware in a physical server-based topology.

Plan for server hardware in a virtualized server topology.

Plan for server software for Lync Server 2013.

Plan the network and infrastructure dependencies for Lync Server 2013.

Plan for client hardware and software requirements.

Plan for web browser requirements.

Planning for Server Hardware in a Physical Server-Based Topology


Physical Server-Based Topology or
Virtualized-Server Based Topology
You should consider two major factors when
planning for hardware requirements.

Whether to run Lync Server 2013 in a physical


server-based environment, and if so,
determine the server hardware requirements
for the environment.

Whether to run Lync Server 2013 in a


virtualized environment, and if so, determine
the server hardware requirements for the virtualized environment.

Considerations for a Physical Server-Based Topology

When you plan for hardware and software platform requirements for Lync Server 2013, you need to
consider the server hardware and operating systems that you want to install on the servers. These server
requirements apply to each server in the Lync Server 2013 deployment, including each front-end server,
Edge Server, and every additional Lync Server 2013 server role. Server requirements also include the
hardware and software for the database servers in your deployment, for example, the back-end server.

The hardware required for each server in the Lync Server 2013 deployment varies, based on the size of the
organization, and the usage. You need to consider the user size and usage of the Lync Server 2013
functionalities in the organization. For example, if the recommendation for Lync Server 2013 Standard
Edition is a Dual Quad-Core server with 32 gigabyte (GB) of random access memory (RAM) for up to 5,000
users, the same configuration will not be required for a Lync Server 2013 implementation with 400 users,
who use only instant messaging (IM).

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 2-3

Based on these considerations, you need to design your Lync Server 2013 deployment with assumptions
related to hardware requirements. For example, for a design involving 5,000 concurrent users, you might
assume that at a given moment, 250 users are running web conferencing, 250 users are sharing their
desktops, 100 users are running audio/video conferencing, 750 users are using IM, and the remaining
users are dormant. Consequently, the scaling up or scaling down of hardware will depend on these
organizational needs and expected usage.

With Lync 2013 and support for Hyper-V 3.0, the hardware requirements for Lync Server 2013 remain the
same as that for a virtualized or physical deployment. If the Lync Server can be supplied with the same
hardware requirements when running in a virtual environment as if it is running in a physical environment,
the same amount of users will be supported.
Question: How do hardware requirements affect your current server procurement strategy?

Planning for Server Hardware in a Virtualized Server Topology


Lync Server 2013 virtualization topologies support
most workloads such as instant messaging (IM),
Presence, conferencing, and Enterprise Voice. If
you want the topologies to support Hyper-V or
other third-party virtualization software, you need
to install Windows Server 2008 R2 as the host
operating system as a minimum, while Windows
Server 2012 is the recommended operating
system.

Considerations for a Virtualized


Topology

While deciding whether to run Lync Server 2013 in


a virtualized environment, you should consider the impact of your decision on the design and cost. By
examining the following considerations, you can help the organization determine whether to virtualize
the Lync Server 2013 deployment:

Virtualization adds network latency, which may affect voice and video quality. You need to examine
your Lync Server 2013 solution to determine whether the added latency due to virtualization will
affect the deployment.

The requirements for each physical server are high, and each physical server can only run about 2-4
servers.

The choice between virtualization and physical hardware depends on your organization's virtualization
strategy, and whether these considerations will affect your deployment.

Supported Virtualization Topologies

If you choose to virtualize your deployment, you can use the Standard Edition Server and Enterprise
Edition topologies for virtualization. You can configure the data center topology to either support all
server roles that are completely virtualized, or support a mixture of physical and virtualized servers. Pool
servers cannot be mixed; they either need to be virtualized, or physical.
The recommended virtualization technology is Windows Server 2012 with Hyper-V 3.0.

Managing Your Virtual Environment

To manage the virtualized Lync Server topology, you can use Microsoft System Center Virtual Machine
Manager, with either Hyper-V or VMware. You need not use Terminal Services or Remote Desktop

MCT USE ONLY. STUDENT USE PROHIBITED

2-4 Designing a Lync Server 2013 Topology

Services to manage the virtual machines. You can view and manage performance, and view components
such as disk space. You can also save a virtual machine as a template for creating other instances.

MICROSOFT INTERNAL TEACH

Because Microsoft System Center Virtual Machine Manager uses Windows PowerShell, you can create
scripts that integrate with Lync Server 2013 Management Shell to manage Lync Server 2013.
Question: How critical is it for your organization to deploy virtualization? Will the restrictions
discussed affect the decision?

Planning the Server Software for Lync Server 2013


Lync Server 2013 is designed to run on servers that
have a 64-bit processor. While this is a
requirement for servers, if you want to use
administrative tools such as Topology Builder or
PowerShell from a client computer, the client
computer must also be 64-bit based. All server
roles and computers running Lync Server 2013
administrative tools run on 64-bit editions of the
operating system.
To ensure efficiency in administration, you must
ensure that you use the same operating system on
all servers, and use the latest version of the
operating system. All server roles support the same Windows Server operating systems. The required
operating system support for server roles, such as database servers, depends on the software that you
install on those servers.
Plan for Operating Systems for Server Roles
Lync Server 2013 supports the 64-bit editions of the following operating systems:

Microsoft Windows Server 2008 R2 Standard operating system

Microsoft Windows Server 2008 R2 Enterprise operating system

Microsoft Windows Server 2008 Standard operating system with Service Pack 2 (SP2)

Microsoft Windows Server 2008 Enterprise operating system with SP2

Microsoft Windows Server 2012 Standard Edition with GUI

Microsoft Windows Server 2012 Datacenter Edition with GUI

By default, Lync Server 2013 administrative tools are installed on the server running Lync Server 2013.
However, you need to install administrative tools separately on computers that run Windows operating
systems.
Lync Server 2013 is not supported on the following operating systems:

Server Core installation of Windows Server 2008 R2 or Windows Server 2008

Windows Web Server 2008 R2 operating system or the Windows Web Server 2008 operating system

Windows Server 2008 R2 HPC Edition or Windows Server 2008 HPC Edition

Windows Server 2012 Core Edition

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-5

Plan for Operating Systems for Other Servers

Operating system support for other servers, besides the servers on which you deploy Lync Server 2013
server roles, will vary based on the software that you plan to install on those servers.

MICROSOFT INTERNAL TEACH

Plan for Database Software and Clustering Support


To install Lync Server 2013, you need the following database management systems for the back-end
database, the archiving database, and the monitoring database:

Microsoft SQL Server 2008 with SP1 Enterprise database software (64-bit Edition)

Microsoft SQL Server 2008 Express (64-bit Edition), only for Standard Edition server, which is
automatically installed by Lync Server 2013 on each Standard Edition server

Microsoft SQL Server 2012 Standard or Enterprise Edition

Lync Server 2013 only supports SQL Server database mirroring. To use the Monitoring Server role, you
need to install SQL Server Reporting Services. You cannot use SQL Server Web Edition, SQL Server
Workgroup Edition, and database clustering with Lync Server 2013.
Question: Which components of your Lync Server 2013 require a plan for software support?

Planning the Network and Infrastructure Dependencies for Lync Server


2013
When planning a Lync Server 2013 solution, you
need to ensure that the various network and
infrastructure components work well with Lync
Server 2013. For example, evaluate and ensure
that the certificate infrastructure has been planned
for. In several deployments, the certificate
infrastructure may be in place, but the individual
who should be responsible for the role may not be
assigned. This may result in expiry of the Root
Certificates or Certificate Revocation Lists. If the
certificate is not updated by the person
performing the role, it may affect Lync Server 2013
functionality.

Plan for Active Directory Support

Lync Server 2013 relies on Microsoft Active Directory to store global settings and groups that are
necessary for the deployment and management of Lync Server 2013. Active Directory also provides user
authentication. Lync Server 2013 supports the following Active Directory Domain Services (AD DS)
topologies:

Single forest with single domain

Single forest with a single tree and multiple domains

Single forest with multiple trees and disjoint namespaces

Multiple forests in a central forest topology

Multiple forests in a resource forest topology

If your organization is running in a resource forest model, you should deploy Forefront Identity Manager
or similar directory synchronization software, to support your forest model.

Plan for Forest and Domain Functional Level

MCT USE ONLY. STUDENT USE PROHIBITED

2-6 Designing a Lync Server 2013 Topology

MICROSOFT INTERNAL TEACH

You must raise all the forests in which you deploy Lync Server 2013 to a forest functional level of Windows
Server 2008 R2, Windows Server 2008, or Windows Server 2003. You must raise all the domains in which
you deploy Lync Server 2013 to a domain functional level of Windows Server 2008 R2, Windows
Server 2008, or Windows Server 2003.

Plan for Support for Read-Only Domain Controllers

You can deploy AD DS that include read-only domain controllers or read-only global catalog servers, if
there are writable domain controllers.

Plan for Locked Down AD DS Environments

Lync Server 2013 can be deployed in a locked-down Active Directory environment. In a locked-down AD
DS environment, users and computer objects are often placed in specific organizational units (OUs) with
permissions inheritance disabled to help secure administrative delegation. This also enables the use of
Group Policy objects (GPOs) to enforce security policies.

Plan for Certificate Infrastructure Support

Lync Server 2013 requires a public key infrastructure (PKI) to support Transport Layer Security (TLS) and
mutual TLS (MTLS) connections. By default, Lync Server 2013 is configured to use TLS for client-to-server
connections. You can use MTLS to connect servers. You should get MTLS certificates issued by trusted
certification authorities (CAs) for Lync Server 2010.
Lync Server 2013 supports certificates that are issued from the following CAs:
Certificates issued from an internal CA are:

Windows Server 2008 operating system CA

Windows Server 2008 R2 operating system CA

Windows Server 2003 Enterprise Edition operating system with Service Pack 1 (SP1) CA

Windows Server 2003 operating system with SP1 stand-alone CA. Although this certificate is
supported by Lync Server 2013, we do not recommend it.

Certificates issued from a public CA:

If there is no internal certificate infrastructure available, you will need to either deploy a certificate
infrastructure or buy certificates. You can speed up the deployment process by buying certificates
externally with one year expiration until you have your own certificate infrastructure ready.

Plan for Domain Name System (DNS) Infrastructure Support


You can use the Domain Name System (DNS) with Lync Server 2013 to:

Discover internal servers or pools for server-to-server communications.

Allow clients to discover the front-end pool or Standard Edition server that is used for various Session
Initiation Protocol (SIP) transactions.

Associate simple URLs for conferences with the servers hosting those conferences.

Allow external servers and clients to connect to Edge Servers or the HTTP reverse proxy for IM or
conferencing.

Enable unified communications (UC) devices that are not logged on to discover the front-end pool or
Standard Edition server running the Device Update service, to obtain updates and send logs.

Enable external servers and clients to connect to Edge Servers or the HTTP reverse proxy for IM or
conferencing.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-7

Set up DNS load balancing.

Lync Server 2013 does not support internationalized domain names (IDNs).

MICROSOFT INTERNAL TEACH

Plan for Internet Information Services (IIS) Support

Several components of Lync Server 2013 require Internet Information Services (IIS). When the web server
(IIS) role is enabled on Windows Server 2008, various role services are installed by default. If the
appropriate roles are not installed, Lync Server will generate a prompt for their installation.

Plan for Network Infrastructure Requirements

The network adapter card of each server in the Lync Server 2013 topology must support at least 1 gigabit
per second (Gbps). You should connect all server roles within the Lync Server 2013 topology by using a
low latency and high bandwidth local area network (LAN). The LAN size is dependent on the size of the
topology.

Plan for Audio/Video Network Requirements

You can configure the external firewall as a Network Address Translation (NAT), regardless of whether you
deploy a single or multiple Edge Servers for the site. If your organization uses a Quality of Service (QoS)
infrastructure, you can design the media subsystem to work within this existing infrastructure. If you use
IPSec, you need to disable IPSec over the port ranges used for audio/video traffic.

Plan for IP and Networking Protocol Support


Lync Server 2013 supports the following IP and networking protocols:

Internet Protocols: Lync Server 2013 supports IP version 4 (IPv4) and IP version 6 (IPv6), and dual IP
stack implementation.

SIP Transport Protocols: SIP can use at least three transport types and these are User Datagram
Protocol (UDP), TCP, and Transport Layer Security (TLS). In the default SIP transport configuration, SIP
is enabled to run over TLS.

Plan for Exchange Server Support

You need to consider the various versions of Exchange Server that Lync 2010 supports. You must install
Microsoft Office Outlook on the client computer to handle Extended Messaging API calls; some features
also require the use of Exchange Web Services (EWS).

Planning for Client Hardware and Software Requirements


You need to ensure that the client hardware meets
the minimum requirements. You must evaluate the
current utilization of hardware in the user
environment. For example, if a business function is
running several CPU-and-memory intensive
applications, you need to ensure that there is
enough available memory and sufficient CPU
cycles to run Lync 2013. You may also need to
ensure that there is enough CPU power to deliver
the encoding and decoding necessary for
audio/video conferencing.

Evaluate if there are still Windows XP and Windows Vista Clients

MCT USE ONLY. STUDENT USE PROHIBITED

2-8 Designing a Lync Server 2013 Topology

MICROSOFT INTERNAL TEACH

A lot of companies will still be running Windows XP at the time of Lync Server 2013 deployment. This
operating system is unsupported for Lync 2013, just as Windows Vista is unsupported. This might prove to
be a deployment blocker and needs to be addressed.

Lync Server 2013 Features Available with Microsoft Office 2010 and Microsoft Office
2013
There are certain features of Lync Server 2013 that are available only with Microsoft Office 2010 and
Microsoft Office 2013. The following is the list of these features:

New Contact Card with expanded options such as video call and desktop sharing

Quick search from the Office Outlook Find a Contact box

Reply with an IM or call from the Outlook Home ribbon in the Mail, Calendar, Contacts, and Tasks
folders

Lync Contact List in Office Outlook To-Do Bar

Office Backstage or file tab Presence, application sharing, and file transfer

Presence menu in Microsoft Office SharePoint Workspace 2010 (formerly Microsoft Office Groove
2007)

Presence menu extensibility

Planning for Web Browser Requirements


Users may need to participate in conferences from
their browsers. You may not be able to determine
the operating systems and browsers that your
customers and partners use. However, you should
plan for such scenarios and facilitate users to
participate in conferences from their browsers.
Lync Web App does not require any administrative
rights, only a small activeX plugin that will enable
audio and video into the client.
Question: In which scenario would users need
to install Lync Web App?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-9

Lesson 2

Using the Lync Server 2013 Planning Tool

MICROSOFT INTERNAL TEACH

In this lesson, you will learn about the Planning tool, its capabilities, and benefits. In addition, you will
learn about exploring a sample design by using the Planning tool and exporting the configuration data.

Lesson Objectives

Describe the capabilities and benefits of the Planning tool.

Design a topology by using the Planning tool.

Export the configuration data.

Describe how to use the Planning tool to experiment with various scenarios based on the conceptual
design.

Capabilities and Benefits of the Planning Tool


You can use the Planning tool to design your
topology, including the identifying and defining of
the components in your topology, fully qualified
domain names (FQDNs), IP addresses, and other
information.

After you specify the information about your


topology in the Planning tool, it creates a
Microsoft Office Visio diagram of your topology
and allows you to export the topology for use with
Topology Builder. Based on the questions, the tool
generates a topology that follows Lync Server
2013 guidelines and best practices. You can also
use the tool to view various deployment options. The tool shows both a global view of all your sites,
including central sites and branch sites, and detailed views showing the Lync Server 2013 servers and
other components at each site. The tool will provide you with a guideline, but is not always the solution
the customer is looking for. You can use the Tool to help you design your topology, but make sure the
tool does not become leading in your design.

You can run the Planning tool multiple times, with different options and compare the different topologies.
You can also load the design in the tool and make changes to it. After you create the topology, you can
use the Export to Topology Builder option in the Planning tool, to export your topology to an Extensible
Markup Language (XML) file. You can provide this XML file as input to Topology Builder.
You can use the Planning tool only for exporting your initial topology design. After you export the
topology to Topology Builder and begin working with it, you can no longer use the Planning tool to
modify your topology. However, you can use the tool to test and validate assumptions about the impact
of changes that you make to your design, and to document your design.

Benefits of Using the Planning Tool

Although using the Planning Tool is optional, it simplifies the planning and deployment processes
because you can export the information from the Planning tool to Topology Builder. Besides, the Planning
tool automatically populates much of the information that Topology Builder requires for the deployment
of components.

MCT USE ONLY. STUDENT USE PROHIBITED

2-10 Designing a Lync Server 2013 Topology

Using the Planning tool is advantageous as it provides various options that can be used in a given
scenario. You need not prepare a plan before using the tool. The tool is an informative and useful way to
understand the types of questions that may come up during the envisioning phase and the planning
phase.

MICROSOFT INTERNAL TEACH

Question: When can you start working with the Planning Tool?

Exploring Deployment Scenarios by Using the Planning Tool


You can provide inputs about your organizational
topology in the Planning tool. For example, in the
sample topology, the following are the inputs
provided:

Inputs
Aalborg: 1,500 users
All features
3 x Branch Offices; each having 250 users
No resilient network connection to branch office
2 calls per hour
Gateway deployment with E1 interface and 4 ports
External User Access from Aalborg
Using a Director
High availability for users
All features:
Copenhagen: 800 users
No branch offices
SIP Trunking that supports DNS load balancing and Early Media
High availability in all instances
Enable All Users for both Enterprise Voice
Enable All Users for Unified Messaging (UM); checking 4 times per day
In the sample topology, the assumptions were:

No redundancy on all components

No redundant network connections to the Branch Office sites.

Based on these inputs, you will receive a summary of hardware requirements. You can change the current
topology to provide different inputs. For example, in the sample topology, if you removed the need for
high availability and added redundant networks to the branch office sites, the output changes. Based on
the inputs, there is a difference in the two designs, in terms of the required hardware, implementation
time, and project complexity.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-11

MICROSOFT INTERNAL TEACH

Question: Do you see this as a tool you can use for your initial planning decisions?

Lesson 3

MICROSOFT INTERNAL TEACH

Using Topology Builder

MCT USE ONLY. STUDENT USE PROHIBITED

2-12 Designing a Lync Server 2013 Topology

Topology Builder and Central Management Database were significant enhancements in Lync Server 2010
and have been further improved in Lync Server 2013. In this lesson you will examine the Lync Server 2013
topology setup process. You can use the Topology Builder to save and publish a topology to the Central
Management Database.

Lesson Objectives

Describe the Lync Server 2013 topology setup process.

Describe the purpose of the Topology Builder tool.

Publish a topology by using Topology Builder.

Describe the components of Central Management Store in Lync Server 2013.

Describe the components of the deployment model of Lync Server 2013.

Lync Server 2013 Topology Setup Process


Your deployment process for Lync Server 2013 is
determined by the Lync Server 2013 topology and
the components that you plan to install. The
deployment process also depends on whether you
plan to deploy an Enterprise Edition pool or a
Standard Edition server. The following is the Lync
Server 2013 topology setup process:
1.

Prepare Active Directory Domain Services for


Lync Server 2013. Before you deploy and
operate Lync Server 2013, you must prepare
Active Directory Domain Services (AD DS) by
extending the schema and then creating and
configuring objects. The schema extensions add the Active Directory classes and attributes that are
required by Lync Server 2013. You need to prepare AD DS for deploying Lync Server, and assign setup
and organizational unit (OU) permissions.

2.

Use the Planning tool to design the topology (Optional). You can use the Planning tool to design your
topology. This tool helps you to identify and define the components in your topology, configure fully
qualified domain names (FQDNs), define IP addresses, and provide other information. After you
specify the information in the Planning tool, it creates a Microsoft Office Visio diagram of your
topology. The use of the Planning tool is optional. However, using it can simplify the planning and
deployment processes. This is because the information you export from it to Topology Builder
automatically populates the information that Topology Builder requires for deploying the
components.

3.

Publish the topology. In a Lync Server 2013 Enterprise Edition, the published topology XML document
is stored in the back-end database that supports the first front-end server pool. In the Lync Server
2013 Standard Edition, the topology is stored in the SQL Express Edition database. Remote access is
not enabled by default. However, you can change this during the setup process.

4.

Set up Lync Server 2013. After you publish the topology document to the database, you need to run
the local setup of the first Lync Server 2013 server again. After you complete this installation, the

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-13

MICROSOFT INTERNAL TEACH

setup routine provides a reference of a Service Connection Point (SCP) object from Active Directory.
This object points the setup to the Central Management Database. You should install the Lync Server
2013 component as defined in the topology document and perform the activation of services and
roles of the component accordingly.
5.

Install the certificates. You can use the certificate wizard to generate the certificate request. After
running the wizard, you can install the received certificate response on the server specified for this
purpose and bind the certificate to specified Lync Server 2013 services and roles.

6.

Modify the design. As you make some changes to your Lync Server 2013 environment, for example,
change the URL path for web services, or change a port that IIS uses, you need to reflect those
changes in the topology document by using Topology Builder. Then, you must publish the new
topology document. After this, you will be prompted to rerun the setup on the Lync Server 2013
servers to update the configuration changes.
Question: How can you prepare AD DS as part of the topology setup process?

Topology Builder Tool


You use Topology Builder to create, adjust, and
publish your topology. Topology Builder also
validates your topology before you begin server
installations. When you install Lync Server 2013 on
individual servers, the servers read the published
topology as part of the installation process, and
the installation program deploys the server as
directed in the topology.
The following are the high-level steps to publish
your topology by using Topology Builder:
1.

Configure the servers and settings in your


topology.

2.

View the topology that Topology Builder displays after retrieving the XML file provided by the
Planning tool.
a.

Emphasize that editing the XML file by hand is unsupported.

3.

Build the infrastructure visually by creating sites, pools, edge, and conferencing information.

4.

Add information such as IP addresses and FQDNs of servers.

5.

Validate the topology by using Topology Builder and verify if the topology is approved.

6.

Publish the topology.

When you publish the topology, Lync Server 2013 places the topology in the Central Management
Database, which is created at this stage if it does not already exist. Then, when you install Lync Server on
each server in your deployment, the server reads the topology from the Central Management database
and installs a replica copy of the Central Management Database into a new local SQL Server Instance.
After configuring the first version of the topology, you can use the Topology Builder tool to publish the
configuration to the Central Management Server. The Central Management Server replicates this
configuration to all Central Management Databases in your environment. You can also use Topology
Builder to change the configuration of your topology in the later stages of the design and deployment.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

2-14 Designing a Lync Server 2013 Topology

If you are very familiar with Lync Server 2013 and need less prescriptive guidance, you can skip the
Planning tool and use the wizards in Topology Builder for the initial design of your deployment, and for
the validation and publishing steps. Although you can create and edit the topology XML manually, you
should avoid this because any error in manual editing might lead to failure of large portions of your
deployment. You might need to perform manual editing in rare situations. In such situations, follow the
recommendations in the Lync Server 2013 product documentation.
Whether you use the Planning tool or Topology Builder to define the topology, you are required to
publish the topology by using Topology Builder before you install Lync Server 2013 on servers.

If you import the topology design from the Planning tool, some of the information is pre-populated in
Topology Builder. Therefore, you need to specify only the configuration information that is not prepopulated. If you import the topology design from the Planning tool and define a topology directly by
using Topology Builder, you must manually specify all required configuration information.

Using Topology Builder to plan and publish a topology is a mandatory step. You cannot bypass Topology
Builder and install Lync Server 2013 individually on the servers in your deployment. Each server must
retrieve and use the topology information from a validated, published topology XML file, in the Central
Management Database.
Question: Would you use the Planning tool or Topology Builder to build you topology?
What would be your reasons for doing so?

Demonstration: How to Save and Publish a Topology by Using Topology


Builder
Demonstration Steps
Log on to 20336B-LON-FE01-03 as adatum\administrator, with the password, Pa$$w0rd.
Open Lync Server Topology Builder.
Save the Topology
Publish the Topology
Question: After you import your Planning tool results into Topology Builder and start the
deployment of Lync Server 2013, can changes that you make using the Planning Tool be
imported into Topology Builder?

Overview of the Central Management Store


The Central Management Store in Lync Server
2013 includes the Central Management Database,
schema documents, Central Management Server,
and replica.

Central Management Database


Central Management Database is an SQL database
containing configuration data and XML
configuration documents. Some XML documents
stored in the Central Management Database are
configuration, policy, and topology documents.
Using the Central Management Database, a
database administrator can change the settings

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-15

without changing the Active Directory schema.

Schema Documents

MICROSOFT INTERNAL TEACH

You can classify schema documents into three types based on how they are exposed to the administrator:

Deployment schemas. Describe how the deployment is configured, for example, the topology schema.
Most deployment schemas only support the global scope. Many of these schemas are not directly
exposed to the administrator, with the exception of the topology schema.

Policy schemas. Contain information about the user permissions for setting up conferences and
Presence. After creating a policy document, you can assign it to one or more users. Policy schemas
use the tag scope.

Settings schemas. Contain configuration information pertaining to specific roles within the
deployment. You can scope the setting schemas to an individual site or service.

Central Management Server

The Central Management Server runs on the Lync Server 2013 front-end server that is deployed first in
your Lync Server 2013 pool. The Central Management Server replicates all changes in the Central
Management Database to all Lync Server 2013 servers as required to be updated through replication. The
database administrators can also expand the replication capability of the Central Management Server by
performing configuration replication on the Edge Server. However, database administrators need to use
certificates because the Edge Server is normally not domain joined. The HTTP/HTTPS listener on the Edge
Server receives these configuration updates; therefore, there is no need to use Internet Information
Services for this purpose.

Replica

Lync Server 2013 contains a replica, a SQL Server Express database, which runs on each Lync Server 2013
server role and contains a copy of the complete topology from the Central Management Database.
Therefore, when a server starts and finds that its configuration replica is current, it does not require
connecting with any root Forest Global Catalog or Domain Controller server to start its services. Moreover,
if the Central Management Database is offline, each Lync Server 2013 server role will use the data from its
local replica, and this will result in more resiliency. AD DS is used to store basic Lync Server 2013 user
information, such as the users SIP Uniform Resource Identifier (URI) and phone number.

To administer servers and services, you use Topology Builder, Lync Server 2013 Management Shell, or the
Lync Server Control Panel, which then retrieve the settings in the Central Management Store.
Configuration changes are replicated to all the servers in your deployment by the Central Management
Server, which runs on one of the servers in the front-end pool, if you are using Lync Server 2013 Enterprise
Edition server, or the front-end server, if you are using Lync Server 2013 Standard Edition server, in your
deployment.
Question: What is the difference between the Central Management Store, Central
Management Database, and the Central Management Server?

MICROSOFT INTERNAL TEACH

Lync Server 2013 Deployment Model


The top level of the Lync Server 2013 Deployment
model comprises the global object that represents
the entire environment, and it functions as a policy
boundary. The next level contains sites, which
comprise central sites and possibly branch office
sites. The central site is usually a data center with
IT staff, while the branch site is a site with or
without IT staff. On the next level are pools, which
are associated with the central site, and they host
the users and services. The Lync Server 2013
deployment model is also used in policy definition
for users. Policies will flow top-down through to
the user level. The following are the policies you can use:

Global. You can apply this policy globally to the entire environment.

Site. You can apply this policy to a specific site.

Service. You can apply this policy to a specific service.

Tag. This policy uses an arbitrary string to specify its uniqueness. Usually, the string is not truly
arbitrary, but it has different meanings depending on the document.
Question: At what level in the deployment model can policies be applied?

Central and Branch Office Sites


A site represents a geographical location of your
network. A site is a set of computers that are wellconnected by a high-speed, low-latency network,
such as a single LAN or two networks connected
through a high-speed fiber optic network. You
need to begin the design process of Lync Server
2013 deployment by defining the central and
branch office sites for your organization. The
design for the Lync Server 2013 deployment is
affected by the design of your server
infrastructure, especially the locations of the data
centers. For example, if you have three data
centers for resiliency reasons, you need three central sites.

Central and Branch Office Sites

MCT USE ONLY. STUDENT USE PROHIBITED

2-16 Designing a Lync Server 2013 Topology

Central sites contain one front-end pool or Standard Edition server. Your deployment must include at
least one central site, and can include zero to many branch sites. Each branch site is affiliated with one
central site. The branch site users gain access to most functionalities of Lync Server 2013 from the servers
at the associated central site.

Branch sites with less-resilient links should use the Survival Branch Appliance that provides resiliency in
times of wide area network (WAN) failures. A Survival Branch Appliance combines a public switched
telephone network (PSTN) gateway with some Lync Server 2013 functionality. For example, in a site where
you have deployed Survival Branch Appliance, users can still send and receive Enterprise Voice calls, even
if the WAN connecting the branch site to the central site is unavailable.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-17

Branch sites with resilient WAN can connect to the central site by using a PSTN gateway, and optionally,
use a Mediation Server.

MICROSOFT INTERNAL TEACH

Question: How do central and branch office sites and site topology design correlate with
Active Directory sites?

Demonstration: How to Design a Site Topology by Using Topology Builder


Demonstration Steps
Open Lync Server Topology Builder
Download a topology from an existing deployment
Create a new Central Site
Configure a new Front End pool.
Create a Branch Site
Explore the branch site settings.

Lesson 4

MICROSOFT INTERNAL TEACH

Planning the Server Infrastructure

MCT USE ONLY. STUDENT USE PROHIBITED

2-18 Designing a Lync Server 2013 Topology

To plan the server infrastructure, you should consider user requirements. First, select Standard Edition or
Enterprise Editionbased licensing, and then select the type of pool that is required for the deployment.
Before you select the server, consider capacity and scaling requirements based on the number of users in
the organization. You should also consider the different server pools and collocation scenarios, in addition
to capacity and scaling.

Lesson Objectives

Determine the appropriate server editions.

Describe the different types of pools.

Describe the capacity and scaling considerations.

Plan for Server Editions


Choosing between Lync Server 2013 Standard
Edition and Lync Server 2013 Enterprise Editionbased server licensing depends on user
requirements in the organization. If the
organization needs high availability, you can plan
to deploy Lync Server 2013 Enterprise Edition.
You should use SQL mirror for the back-end
servers, for high availability. This mirror can be
shared with different applications, it must,
however, be a dedicated instance.

Lync Server 2013 Standard Edition

Lync Server 2013 Standard Edition requires that primary server components and the database for storing
user and conference information are configured on a single computer. Lync Server 2013 Standard Edition
is recommended for organizations that do not require higher availability, rendered by using load
balancing. The Standard Edition does support pool failover, just as the Enterprise Edition does.

Lync Server 2013 Enterprise Edition


Lync Server 2013 Enterprise Edition enables separation of server role functionality and data storage to
achieve higher capacity and availability. Lync Server 2013 Enterprise Edition is recommended for
organizations that require higher availability, rendered through load balancing. An Enterprise Edition
License is bought on a front-end basis.

License for Lync Server 2013 Roles

Many Lync Server 2013 roles do not require any additional licensing. These roles and features require the
licensing of only the Lync Server 2013 Standard Edition or Enterprise Edition for the pool. For example, if
Lync Server 2013 is deployed as the Director role, this server does not require an additional Lync Server
2013 Standard or Enterprise Edition server license. However, you need to purchase the Windows Server
operating system licenses, SQL Server 2008 licenses, and other similar licenses.
Question: Which types of servers require licensing other than Lync Server Standard Edition
and Lync Server 2013 Enterprise Edition pools?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-19

MICROSOFT INTERNAL TEACH

Types of Pools
Lync Server 2013 comprises several types of server
pools. These server pools are Enterprise Edition
front-end server pool, Conferencing server pool,
Mediation server pool, and Director server pool.

Enterprise Edition Front-End Server Pool


All pools use DNS-based load balancing, except
the front-end server pool, which can perform
hardware load balancing. In a coexistence
environment with a previous version of Lync
Server 2013, you need to remember that DNSbased load balancing is not supported by earlier
versions of clients.

Mediation Server Pool

Depending on how you deploy Enterprise Voice support, you can collocate the Mediation Server in a
front-end pool or deploy a stand-alone Mediation Server or Mediation Server pool. You can use DNS load
balancing or application load balancing, when appropriate, to distribute traffic from a gateway peer of a
Mediation Server pool. These gateways can include an IP-PSTN gateway, IP-PBX, or SIP trunk Session
Border Control (SBC).

Persistent Chat Pool

The Persistent Chat pool is a new kind of pool introduced in Lync Server 2013. It hosts the Persistent Chat
Servers and can consist of eight servers in total, four active and four passive. The Persistent Chat Pool is
the only kind of pool that supports being spread over two data centers.

Director Pool

Directors can be single-instance servers or can be installed as a load-balanced pool of multiple Directors
for higher availability and capacity. Both hardware load balancing (HLB) and DNS load balancing are
supported. A Director or Director pool facilitates user authentication and redirection of Lync Server user
requests to the users home pool. The home pool is either a front-end pool or a Standard Edition server.
We recommend that you deploy a Director pool in each central site that supports external user access. A
Director pool is deployed in each central site with one or more front-end pools. Each Director pool can
contain a maximum of 10 Directors. A Director cannot be collocated with any other server role.
Question: Which server pool is required as a mandate in a Lync Server 2013 Enterprise
Edition deployment?

MICROSOFT INTERNAL TEACH

Capacity and Scaling Considerations


When designing the server infrastructure, you
need to plan for capacity and scaling in your
organization. You can do this based on reference
topologies provided by Lync Server 2013. The
important reference topologies are:

Front End Reference Topology with Limited


High Availability

Front End Reference Topology with High


Availability and a Single Data Center

High Availability for all Server Pools

MCT USE ONLY. STUDENT USE PROHIBITED

2-20 Designing a Lync Server 2013 Topology

For an organization with about 15,000 users, you


can assure performance by having just one Director Server, Edge Server, and A/V Conferencing Server.
However, to provide high availability for each server, you can deploy pools containing two servers of each
type.

Single Consolidated Edge

Suppose your organization requires support for fewer than 5,000 Access Edge service client connections,
1,000 active web conferencing service client connections, 500 concurrent A/V Edge sessions, and high
availability of the Edge Server is not important. Using this topology in this scenario, you can get the
advantage of lower hardware cost and simpler deployment. If you need greater capacity or require high
availability, you need to deploy the scaled consolidated Edge Server topology.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-21

Scaled Consolidated Edge: DNS or Hardware Load-Balanced

MICROSOFT INTERNAL TEACH

In the Edge Server pool topology, two or more Edge Servers are deployed as a load-balanced pool on the
perimeter network of the data center. You can use DNS load balancing for generating traffic to both the
external and internal Edge interfaces.

Hardware Load Balancing on Edge Servers

In this topology, hardware load balancing is supported for load balancing the Edge Servers of Lync Server
2013 when you are using publicly routable IP addresses for the Edge external interfaces, or for previous
versions of Lync Server 2013 or Unified Messaging.

Virtualization
You can run a virtualized topology of Lync Server 2013 in both small and enterprise topologies.

Collocation

Collocation in a Unified Communications project helps reduce cost and time. Therefore, when you design
a topology, you should start with collocation until technical reasons or capacity reasons require you to
split roles to multiple servers.
Question: What are the deployment options for an organization with 6,000 users?

Lesson 5

MICROSOFT INTERNAL TEACH

Designing Documentation by Using Microsoft Office

MCT USE ONLY. STUDENT USE PROHIBITED

2-22 Designing a Lync Server 2013 Topology

A good design document should be well-structured and have all the information that a person might
need to understand the deployment of Lync Server 2013. You should also know the benefits of having a
good design document and the various options available for documenting the design.

Lesson Objectives

Describe the benefits of good design documentation.

Describe the various options for documenting the design.

Describe the server infrastructure design in Microsoft Office Visio.

Benefits of Documenting the Design


A good design document should ideally present
the conceptual and logical-level-design in a wellstructured and organized manner. To create
several levels of design, from conceptual to logical
to physical, you can refer to the Microsoft
Solutions Framework process. In your design
document, describe the conceptual design. It
should be easy to read and understand by a
technical or non-technical person who wants an
overview of the solution. However, for those who
want to delve into details of the solution, retain
the logical and perhaps the physical design, in
your documentation.

Maintain the design document so that the conceptual and logical levels are described early in the project.
This enables each person or working group to maintain a lower-level physical design for each of their
responsibility areas.

Options for Design Documentation


Usually, Microsoft Office Word along with
embedded drawings and tables is the preferred
choice as a tool for creating the design document.
Microsoft Office Visio is also a good tool for
documenting the design. Office Visio is useful in
documenting the following:

Server and Network Architecture, including IP


addresses and Servers

Edge Design

Certificates design

Based on your expertise with Microsoft Office


Visio, you can also include the server architecture drawing.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-23

You may use one or more Microsoft Office Excel spreadsheets for detailed documentation.

MICROSOFT INTERNAL TEACH

Question: Which software should you use to update documentations?

Server Infrastructure Design in Microsoft Office Visio


You can show several layers of a Lync Server 2013
solution in a single Office Visio diagram. You can
display the following:

Servers and services-naming documentation

IP address documentation

VLAN documentation

Perimeter network design

Network components and server roles

WAN and LAN design

Internet access

The Planning tool for Lync Server 2013 helps you create the initial Office Visio diagrams. You can later
expand them as required by the organization.
Question: What does good server infrastructure design documentation provide you?

Lab: Preparing the Environment and Deploying a Lync


Server 2013 Pool

MICROSOFT INTERNAL TEACH

Scenario

MCT USE ONLY. STUDENT USE PROHIBITED

2-24 Designing a Lync Server 2013 Topology

You are the Network Administrator for A Datum Corporation, and you have been tasked with deploying
Lync Server 2013. You will prepare your Microsoft Active Directory for Microsoft Lync Server 2013,
configure a topology by using the Topology Builder, publish it, and then deploy two Enterprise Edition
front-end servers. After deployment, you will enable the sales users and send a test message between
them.
Estimated Time: 180 minutes

Exercise 1: Preparing for Lync Server 2013


Scenario

In this lab First you will prepare the VMs that you will be working on. Once the VMs are up and running,
on the following VMs, 20336B-LON-FE1-02 & 20336B-RED-FE1-02 attach the Lync ISO. Prepare your
Active directory, and create a file share Lyncshare for your Lync deployment.
*Remember to add administrator to CSAdminstrator group (to access LSCP)

Note On all virtual machines, verify that all of the services set to start automatically have started. Most
notably, check the Exchange, SQL Server, and Lync Server 2013 services. If any are not started, right-click
each and then click Start.
The main tasks for this exercise are as follows:
1. Prepare Active Directory for Lync Server 2013.
2. Add an administrator to the CSAdministrator group.
3. Prepare the File Shares for Lync Server 2013.

Task 1: Prepare Active Directory for Lync Server 2013.


Start the Virtual Machines
Install Software

Task 2: Add an administrator to the CSAdministrator group.


Add an administrator to the CSAdministrator group.

Task 3: Prepare the File Shares for Lync Server 2013.


Prepare the File Shares for Lync Server 2013.

Results: After completing this exercise, you should have prepared Active Directory for an installation of
Lync Server 2013.

Exercise 2: Configuring a Lync Server 2013 Topology


Scenario
In this exercise you will be building your Lync topology with following options:

Topology name : Lab2.tbxml


Primary SIP Domain : Adatum.com
First site : London (Site 0) : City name London, Country/Region Code +44

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-25

MICROSOFT INTERNAL TEACH

Front End pool FQDN :lon-pool.ADatum.com. and it should be Enterprise Edition Front End Pool
Computer FQDN : lon-fe01.adatum.com
In Features Conferencing (includes audio, video and application sharing), Dial in (PSTN)
conferencing, Enterprise Voice and Call Admission Control
Mediation server should be collocated
Nothing is associated with this front end pool
SQL Server FQDN : Lon-SQL01.ADatum.com
Named Instance : LYNC.
No SQL mirroring
File Server FQDN : Lon-SQL01.adatum.com
File Share : LyncShare,
Make sure Override Internal Web Services Pool FQDN is selected : use lon-poolwebint.adatum.com
External Base URL : lon-poolweb-ext.adatum.com
No Office Web Apps Server
Once the topology is created add a new Central site with these options
Name : Redmond (Site 1), City Redmond, Country/Region Code +1
Front End pool FQDN : red-pool.ADatum.com, it should be Enterprise Edition Front End Pool
Computer FQDN : red-fe01.adatum.com.
Features include : Conferencing(includes audio, video and application sharing), Dial in (PSTN)
conferencing, Enterprise Voice and Call Admission Control
Mediation server should be collocated
Nothing is associated with this front end pool
SQL Server FQDN : Red-SQL01.ADatum.com
Named Instance : LYNC.
No SQL mirroring
File Server FQDN : RED-SQL02.adatum.com
File Share : LyncShare,
Make sure Override Internal Web Services Pool FQDN is selected : use red-poolwebint.adatum.com
External Base URL : red-poolweb-ext.adatum.com
No Office Web Apps Server
Administrative URL: https://lyncadmin.adatum.com.
Central Management Server should be on lon-pool.adatum.com London (Site 0)

(To configure DNS and certificates for your deployment please follow the steps mentioned in the tasks)
The main tasks for this exercise are as follows:
1. Deploy and run the Topology Builder.
2. Configure the Administrative Access URL.

Task 1: Deploy and run the Topology Builder.


Deploy and run the Topology Builder

Task 2: Configure the Administrative Access URL.


Configure the Administrative Access URL.

Results: After completing this exercise, you should have created and edited a publishable topology.

Exercise 3: Publishing the Topology

MICROSOFT INTERNAL TEACH

Scenario

MCT USE ONLY. STUDENT USE PROHIBITED

2-26 Designing a Lync Server 2013 Topology

In this exercise, you will publish the topology and understand the changes made during this process, such
as creating the CMS database, setting the configuration store location, and creating the necessary
databases.
The main task for this exercise is to publish the topology.
The main tasks for this exercise are as follows:
1. Publish the topology.

Task 1: Publish the topology.


Publish the topology.

Results: After completing this exercise, you should have a published topology.

Exercise 4: Configuring Domain Name Server (DNS)


Scenario
In this exercise, you will use the DNS Microsoft Management Console (MMC) to create appropriate A
and SRV records on LON-DC1 that are required for automatic client logon.
The main task for this exercise is to create the necessary DNS records for Lync Server 2013.
The main tasks for this exercise are as follows:
1. Create the necessary DNS Records for Lync Server 2013.

Task 1: Create the necessary DNS Records for Lync Server 2013.
Create the necessary DNS Records for Lync Server 2013.

Exercise 5: Deploying the Front-End Server Role


Scenario

In this exercise, you will walk through the four steps in the deployment wizard to complete the setup of a
Lync Server 2013 front-end server. You will install a Local Configuration Store, set up components, request
and configure certificates, and then start the Lync Services.
Note The steps for Lon-FE01 and Red-FE01 can be completed in parallel.
The main tasks for this exercise are as follows:
1. Install the local configuration store.
2. Set up components.
3. Request and assign certificates.
4. Start Lync Server Services.
5. Install the Local Configuration Store.
6. Set up components.
7. Request and assign certificates.
8. Start Lync Server Services.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 2-27

Task 1: Install the local configuration store.


Install the Local Configuration Store.

Task 2: Set up components.

MICROSOFT INTERNAL TEACH

Set up components.

Task 3: Request and assign certificates.


Request and assign certificates.

Task 4: Start Lync Server Services.


Start Lync Server Services.

Task 5: Install the Local Configuration Store.


Install the Local Configuration Store.

Task 6: Set up components.


Set up components.

Task 7: Request and assign certificates.


Request and assign certificates.

Task 8: Start Lync Server Services.


Start Lync Server Services.

Results: After completing this exercise, you should have a configured Lync Server 2013 deployment.

Exercise 6: Configuring Exchange UM and Enabling Users (optional lab


exercise)
Scenario
In this exercise, you will configure Exchange Unified Messaging (UM) in conjunction with Lync Server
2013. You will also enable the users for Lync Serve 2013 and Exchange Unified Messaging.
The main tasks for this exercise are as follows:
1. Configure Exchange UM.
2. Configure Lync for Exchange UM.
3. Enable users for Lync Enterprise Voice and Exchange UM.

Task 1: Configure Exchange UM.


Configure Exchange UM

Task 2: Configure Lync for Exchange UM.


Configure Lync for Exchange UM

Task 3: Enable users for Lync Enterprise Voice and Exchange UM.
Enable users for Lync Enterprise Voice and Exchange UM

Module Review and Takeaways

MICROSOFT INTERNAL TEACH

Best Practice:
Ensure that you identify and involve the other stakeholders required for a successful Lync Server
implementation as early as possible and get approval on the deployment plans before starting
any work. This helps minimize deployment delays and roadblocks in implementing changes to
firewalls or other network configurations, acquiring certificates, preparing Active Directory
Domain Services, and configuring DNS, PBXs, or gateways. The likelihood that these items are
owned or managed by one entity decrease with the size of the organization. Not involving the
appropriate departments early during the planning phase to cause roadblocks and delays in the
subsequent deployment. Remember to schedule the appropriate time for change management
approvals and scheduling, in a large organization.

Common Issues and Troubleshooting Tips


Common Issue

Troubleshooting Tip

Topology publishing wizard: Creating


database completed with warnings

Topology publishing wizard: Database


creation fails on the back-end SQL Server
for Lync Server Enterprise Edition

Review Question(s)
Question: For a Greenfield Deployment of Lync Server 2013 or migration from Office
Communications Server 2007 R2, which two actions must be completed before you can
publish a topology by using Topology Builder?
Question: After publishing the topology, but before clicking the Finish button in the
publishing wizard, what should you do?

Real-world Issues and Scenarios


Contoso plans to deploy both Lync Standard Edition Server and Enterprise Edition. Which should they
deploy first?

MCT USE ONLY. STUDENT USE PROHIBITED

2-28 Designing a Lync Server 2013 Topology

Answer: They should deploy Enterprise Edition first to host the Central Management Store. If they plan to
start a pilot with Standard Edition, they would need to first prepare the Standard Edition server to host the
CMS, and then later move the CMS.

MCT USE ONLY. STUDENT USE PROHIBITED


3-1

MICROSOFT INTERNAL TEACH

Module3

Configuring Users and Rights in Microsoft Lync Server 2013


Contents:
Module Overview

3-1

Lesson 1: Managing Lync Server 2013

3-2

Lesson 2: Introduction to Role-Based Access Control

3-6

Lab: Configuring Users and Rights in Lync Server 2013

3-9

Module Review and Takeaways

Module Overview

3-11

To configure and manage users in Microsoft Lync Server 2013, you can use a variety of methods.
Lync Server 2013 provides configuration management options, including Lync Server Control Panel and
Lync Server Management Shell. You can use basic syntax for working in Windows PowerShell because it
has powerful scripting capabilities. You can also use the administrative model of the new role-based
access control (RBAC) in Lync Server 2013. The administrative model provides predefined roles, which you
can assign to administrators, and you can create new custom roles.

Objectives

Use Lync Server 2013 management interfaces.

Configure role-based access control.

Lesson 1

MICROSOFT INTERNAL TEACH

Managing Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

3-2 Configuring Users and Rights in Microsoft Lync Server 2013

You can use the Lync Server Control Panel, PowerShell 3.0, and Lync Server Management Shell to manage
your Lync Server 2013 communications system. These tools, along with PowerShell cmdlets enable you to
manage users in your organization.

Lesson Objectives

Manage users with Lync Server Control Panel.

Explore PowerShell 3.0 cmdlets.

Manage users with Lync Server Management Shell.

Lync Server Control Panel


The Lync Server Control Panel is a web-based user
interface that replaces the
Microsoft Management Console (MMC) interface
from previous releases. The Lync Server Control
Panel extends the management functionality to
any Microsoft Silverlightcapable browser. You
can use the Lync Server Control Panel to perform
the following tasks:

Search for and configure users. You can search


for users by display name, first name, last
name, Security Accounts Manager (SAM)
account name, Session Initiation Protocol (SIP)
address, or line Uniform Resource Identifier (URI). You can then use the results of your search query to
configure users for Lync Server 2013, and perform other related tasks such as assigning policies, and
changing or removing personal identification numbers (PINs).

Enable or disable users. After you create a user account in Active Directory Users and Computers,
you can enable or disable a user account in Lync Server 2013. When you disable a previously enabled
user account, you do not lose the Lync Server 2013 settings that you configured for that user account.
Therefore, you can choose to re-enable the user without reconfiguring the user account.

Assign policies to users. You can assign specific policies to a user or a group of users, such as
conferencing policies, supported client version policies, archiving policies, or remote user access
policies.

Assign users to a server or pool. You can assign users to a server or move them to a specific pool
under the Edit or move users link in the Lync Server Control Panel.

Set a users dial-in conferencing PIN. You can configure global PIN policies, such as the required
minimum length. In addition, you can configure PIN policies for individual users or sites. You can
choose to generate the PIN automatically, or create one manually.

Lync Server Control Panel is automatically installed on every front-end server or Standard Edition server in
your deployment. In Lync Server 2013, Edge Servers are managed remotely by using the Lync Server
Control Panel, which is not exposed externally to the web.

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 3-3

Note: You cannot use Lync Server Control Panel to manage users who are members of the Active
Directory Domain Admins group. For Domain Admin users, you can use Lync Server Control Panel to
perform read-only search operations. To perform write operations on Domain Admin users, such as
enabling or disabling Lync Server 2013, or changing pool or policy assignments, telephony settings, SIP
address, and so on, you must use Windows PowerShell cmdlets while logged on as a Domain
Administrator with appropriate RBAC credentials.
For more information about PowerShell cmdlets, see Using PowerShell 3.0 in this module.

Lync Server Management Shell


The Lync Server Management Shell is another
method of administration for a Lync Server 2013
communications system. The decision to use
Lync Server Control Panel or Lync Server
Management Shell is up to youyou can perform
all Lync Server 2013 management tasks by using
either tool. One advantage of the Lync Server
Management Shell is that it is useful for running
scripts to automate common administrative tasks.

Lync Server Management Shell is automatically


installed on every Lync Server Enterprise Edition
front-end server or Standard Edition server in your
deployment. The Management Shell is built on the Windows PowerShell 3.0 command-line interface, and
it includes more than 550 product-specific cmdlets for administering Lync Server 2013.

Lync Server Cmdlet Syntax

Each PowerShell cmdlet (pronounced command-let) consists of a term (typically a verb) followed by a
dash, and then followed by a noun as shown in the following example.
New-CsUserReplicatorConfiguration

Typing new conveys to PowerShell what you want to do. The dash-noun combination signifies a
parameter. In this example, PowerShell creates a new collection of user replicator configuration settings.
The user replicator periodically retrieves up-to-date user account information from Active Directory and
then synchronizes the new information with the current user data stored by Lync Server 2013.
The following table lists the other commonly-used verbs in PowerShell.
PowerShell Verbs
Approve

Clear

Debug

Disable

Enable

Export

Get

Grant

Import

Install

Invoke

Lock

Move

Remove

Revoke

Set

Stop

Test

Unblock

Update

For more information about PowerShell cmdlets, see Using PowerShell 3.0 in this module.

MICROSOFT INTERNAL TEACH

Using PowerShell 3.0


Because both the Lync Server Management Shell
and the Lync Server Control Panel are built on the
Windows PowerShell 3.0 command-line interface,
being comfortable in working with the syntax and
capabilities of PowerShell is important. If you are
new to PowerShell, but familiar with scripting, an
overview of how to use PowerShell 3.0 with
Lync Server 2013 will be helpful.

Why Use PowerShell?

MCT USE ONLY. STUDENT USE PROHIBITED

3-4 Configuring Users and Rights in Microsoft Lync Server 2013

PowerShell is built on the


Microsoft .NET Framework common language
runtime (CLR), and PowerShell accepts and returns
.NET Framework objects. By using product-specific commands, PowerShell gives you access to the file
system on the computer and enables you to access other data stores, such as the registry and the digital
signature certificate stores, just as easily as you can access the file system. It is designed specifically for
systems administrators to make configuration and management tasks easier.

Using PowerShell Cmdlets

As previously mentioned, each PowerShell cmdlet consists of a verb followed by a dash, and then followed
by a noun as shown in the following example.
Get-Help

If you want to receive help on a specific cmdlet, type the following.


Get-Help New-CsVoicePolicy

This command returns the most commonly-sought help for creating a new voice policy.
For more detailed help on a topic, you can add a parameter, preceded by a dash, as shown in the
following example.
Get-Help New-CsVoicePolicy -Examples

For all available help on a topic, use the parameter Full.

Note: You can get help on each cmdlet directly from the command line and from the
Lync Server 2013 Help file. There are two specific Help files available for cmdletsRTCCmdlets.chm and
RGSCmdlets.chm.

Using Cmdlet Parameters


A parameter is a way of adding additional information to a cmdlet, and limiting the amount of
information that is returned.
For example, if you want to find all the services running on a particular server, type the following
command.
Get-Service

If you want to return only the Lync Server 2013 services and their active status, type the following
command.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 3-5

Get-CsWindowsService

MICROSOFT INTERNAL TEACH

In the following example, the DisplayName parameter is followed with the value, Windows Update, to
convey to the Get-Service cmdlet that is should get only those services with a DisplayName property
equal to Windows Update.
Get-Service -DisplayName "Windows Update"

Note: In this example, the double quotation marks before and after Windows Update are
required because the string contains a space. Otherwise, double quotation marks are unnecessary when
assigning a one-word value to a parameter.

Using Wildcards

To further refine your results, you can use wildcards. The primary wildcard characters in PowerShell are the
asterisk (*), which represents one or more characters, and the question mark (?), which represents a single
character.
For example, if you want to display all services that have a display name beginning with windows, but
want to exclude any services that contain the word audio in the Name or DisplayName, type the
following command.
Get-Service -DisplayName windows* -Exclude *audio*

PowerShell Scripting
In addition to running cmdlets, you can use PowerShell 2.0 to run scripts that automate your more
commonly performed tasks. A script in PowerShell is simply a text file that contains your typed
commands. The lab for this module guides you through the process of running a PowerShell script.

Lesson 2

Introduction to Role-Based Access Control

MCT USE ONLY. STUDENT USE PROHIBITED

3-6 Configuring Users and Rights in Microsoft Lync Server 2013

MICROSOFT INTERNAL TEACH

You can use Lync to delegate specific tasks and permissions to certain administrative staff. This delegation
is done through role-based access control or RBAC.

Lesson Objectives

Describe role-based access control (RBAC).

Describe predefined role based access control roles.

Describe the new features in Lync Server 2013 RBAC.

Overview of Role-Based Access Control (RBAC)


To enable you to delegate administrative tasks
while maintaining high standards for security, Lync
Server 2013 offers role-based access control
(RBAC). With RBAC, administrative privilege is
granted to users by assigning administrative roles
to them. Lync Server 2013 includes a rich set of
built-in administrative roles. You can also create
new roles and specify a custom list of cmdlets for
each new role, and you can add scripts of cmdlets
to the allowed tasks of both predefined and
custom RBAC roles.

Better Server Security and Centralization

With RBAC, access and authorization is based precisely on a users Lync Server role. This enables use of the
security practice of "least privilege," granting administrators and users only the rights that are necessary
for their job.

Note: RBAC restrictions work only on administrators working remotely, using either the Lync
Server Control Panel or Lync Server Management Shell. A user sitting at a server running Lync Server is
not restricted by RBAC. Therefore, physical security of your Lync Server is important to preserve RBAC
restrictions.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 3-7

MICROSOFT INTERNAL TEACH

Predefined Role-Based Access Control Roles


In RBAC, a role is enabled to use a list of cmdlets,
designed to be useful for a certain type of
administrator or technician. A scope is the set of
objects that the cmdlets, defined in a role, can
operate on. The objects that scope affects can be
either user accounts (grouped by organizational
unit) or servers (grouped by site).
Predefined roles are set up during the initial Lync
installation process.

All predefined roles shipped in Lync Server have a


global scope and cannot be modified. To follow
least privilege practices, you should not assign
users to roles with global scope if they are going to administer only a limited set of servers or users. To
follow least privilege practices, you can create roles that are based on an existing role, but with a more
limited scope.

Creating a New Role

To create a role that has access to a set of cmdlets not in one of the predefined roles, or to a set of scripts
or modules, you start by using one of the predefined roles as a template. Note that the scripts and
modules that roles can run must be stored in the following locations:

The Lync module path, which is, by default, C:\Program Files\Common Files\Microsoft Lync Server
2013\Modules\Lync

The user script path, which is, by default, C:\Program Files\Common Files\Microsoft Lync Server
2013\AdminScripts

To create a new role, you use the New-CsAdminRole cmdlet. Before running New-CsAdminRole, you must
create the underlying security group that will be associated with this role.
The following cmdlets serve as an example of a creating a new role. They create a new role type called,
MyHelpDeskScriptRole. The new role has the abilities of the predefined CsHelpDesk role, and can
additionally run the functions in a script named, testscript.
New-CsAdminRole -Identity "MyHelpDeskScriptRole" -Template CsHelpDesk -ScriptModules
@{Add="testScript.ps1"}

For this cmdlet to work, you must first create the security group, MyHelpDeskScriptRole.

After this cmdlet runs, you can assign users directly to this role (in which case they have global scope), or
create a scoped role, based on this role.

RBAC Scope
The three limitations that make up the CSAdminRole:

Every CSAdminRole must be based on one template.

All CSAdminRoles are the available templates.

Templates include config and user scopes.

Roles can also be assigned a user or config scope:

User scope will enable you to define the set of users that can be modified, based upon OU
membership. These permissions are transitive, so sub-users in sub-OUs can be modified.

Config scope enables you to define a Lync site for which an admin can manage servers and policies.

Whats New in Lync Server 2013 RBAC

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

3-8 Configuring Users and Rights in Microsoft Lync Server 2013

Lync Server 2013 enhances the role-based access


control (RBAC) feature in two ways. You can now
create custom roles, which each have privileges for
only a set of cmdlets you specify. These custom
roles can also be given privilege to run scripts of
cmdlets.
Additionally, Lync Server 2013 includes two new
predefined roles:

Users given the Response Group Manager role


can manage specific Response Group queues
in your organization, but not necessarily have
management rights for other queues or the
Response Group application as a whole.

Users given the Persistent Chat Manager role can manage specific Persistent Chat rooms in your
organization, but not necessarily have management rights for other rooms or the Persistent Chat
feature as a whole.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 3-9

Lab: Configuring Users and Rights in Lync Server 2013


Scenario

MICROSOFT INTERNAL TEACH

You have successfully deployed Microsoft Lync Server 2013 at Adatum. You will now provision users
and delegate administrative rights.

Lab Setup
Estimated Time: 45 minutes
Note Ensure that -02 virtual machines from the previous lab are shut down.
Ensure that students close the virtual machines that end in -02, prior to starting this lab.

Exercise 1: Start the virtual machines for the lab


Scenario

In this exercise, you will start the virtual machines necessary for the remainder of the labs in this course.

IMPORTANT On all virtual machines, verify that all the services set to start automatically have started. To
do so, click Start, click Administrative Tools and then click Services. In the Services console, verify all
services that are set to Automatic start have started. Most notably, check the Microsoft Exchange,
Microsoft SQL Server, and Lync Server 2013 services. If any are not started, right-click each, and then
click Start.
The main tasks for this exercise are as follows:
1. Start the virtual machines.

Task 1: Start the virtual machines.


Start the virtual machines

Results: After completing this exercise, all virtual machines should start properly.

Exercise 2: Using the Lync Server Management Shell


Scenario

In this lab you will be using Lync server management shell to enable all the users in the manager OU in
active directory for lon-pool.adatum.com. By using their email address as their SIP Uri. And then validate it
by doing IM sessions between various users.
The main tasks for this exercise are as follows:
1. Validate group membership.
2. Enable users for Lync Server 2013.
3. Validate the configuration.

Task 1: Validate group membership.


Validate group membership.

Task 2: Enable users for Lync Server 2013.


Enable users for Lync Server 2013.

Task 3: Validate the configuration.

MICROSOFT INTERNAL TEACH

Validate the configuration

MCT USE ONLY. STUDENT USE PROHIBITED

3-10 Configuring Users and Rights in Microsoft Lync Server 2013

Results: After completing this exercise, you should have provisioned users based on an Active Directory
attribute, in this case, group membership, by using the Lync Server Management Shell.

Exercise 3: Configuring Role-Based Access Control


Scenario
In this exercise, you will be grant user Adam Lync administrator rights and user Joe Helpdesk
administrator rights.
The main tasks for this exercise are as follows:
1. Validate user rights.
2. Grant rights to specific users.
3. Validate that RBAC has been applied.

Task 1: Validate user rights.


Validate user rights.

Task 2: Grant rights to specific users.


Grant right to specific users.

Task 3: Validate that RBAC has been applied.


Validate that RBAC has been applied.

Results: After completing this exercise, you should be able to use RBAC and know how basic Active
Directory group membership modifies rights within Lync Server 2013.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 3-11

Module Review and Takeaways

MICROSOFT INTERNAL TEACH

Best Practice:

When planning for role-based access control (RBAC), remember that to follow least privilege practices,
you should not assign users to roles with global scope if they are going to administer only a limited set
of servers or users. All predefined roles shipped in Lync Server have a global scope. To accomplish this,
create roles that are based on an existing role, but with a more limited scope.

Common Issues and Troubleshooting Tips


Common Issue

Troubleshooting Tip

When you try to enable users or modify


users who are members of the domain
admins group, using Lync Server Control
Panel, you receive an error similar to
"Insufficient access rights to perform the
operation 0002098: SecErr:DSID-03150BB(,
problem 4003 (INSUFF_ACCESS_RIGHTS),
data 0

Troubleshooting Lync Server 2013 Control


Panel

Review Question(s)
Question: If someone deletes or disables a Lync user account, is it possible to audit who did
it?
Question: Is a user working directly on a server running Lync Server 2013 restricted by
RBAC?

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

3-12 Configuring Users and Rights in Microsoft Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED


4-1

MICROSOFT INTERNAL TEACH

Module4
Client and Device Deployment and Management
Contents:
Module Overview

4-1

Lesson 1: Preparing for Client Deployment

4-2

Lesson 2: Deploying and Managing Lync 2013 Clients

4-6

Lesson 3: Preparing for Device Deployment

4-12

Lesson 4: Deploying and Managing IP Phones

4-17

Lab: Client and Device Management

4-22

Module Review and Takeaways

4-25

Module Overview

Microsoft Lync Server 2013 introduces new ways to create and define client and user policies, and
new procedures to deploy clients and devices. You should know how to plan for introducing Lync Server
2013 clients into your network and the various phone devices that are supported. You should also know
how to effectively manage the desktop clients and devices.

Objectives

Prepare for client deployment.

Deploy and manage clients.

Prepare for device deployment.

Deploy and manage IP phones.

Lesson 1

MICROSOFT INTERNAL TEACH

Preparing for Client Deployment


There are a number of clients that are available for use with Lync Server 2013 and you can use various
options available for deploying them, including in-band provisioning and
Active Directory Domain Services (AD DS) Group Policy. You can also configure client policies and
settings, and assign these policies to users.

Lesson Objectives

Configure client policies and settings.

Create and assign client policies.

Configuring Client Policies and Settings


In Microsoft Office Communications Server (OCS),
user policies for client applications were applied
through Group Policy. Using Active Directory to
distribute Group Policy requires that you work
with individuals from the
Active Directory Domain Services group to
configure clients. Additionally, Group Policy is only
configurable at the global and user levels.

In-Band Provisioning

MCT USE ONLY. STUDENT USE PROHIBITED

4-2 Client and Device Deployment and Management

Just as in Lync Server 2010, in Lync Server 2013,


most client policies are now controlled through
server-based in-band provisioning. Although it is
still possible to configure and manage client policies by using Group Policy, administrators can also use inband provisioning settings to manage policies by using the Lync Server Control Panel, the
Microsoft Windows PowerShell command-line interface, or both. Administrators can now perform most
client configuration tasks themselves, and apply policies with more precision by assigning them at the
global, site, or tag level. (Tags are settings that can be applied to a single user or to a group of users.)

Group Policies

There are still some essential policies and settings that you can only configure by using Group Policy.
These include client configuration policies that specify, for example, the default servers and security mode
that the client should use until sign-in is complete. Because these policies take effect before the client
signs in and begins receiving in-band provisioning settings from the server, they must exist in the client
computers registry before initial sign-in.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-3

MICROSOFT INTERNAL TEACH

Creating and Assigning Client Policies


In Lync Server 2013, client policiesother than
Group Policy policies required for bootstrapping
are configured by using the Lync Server Control
Panel or the Lync Server Management Shell.

Client Policies Configured Using In-Band


Provisioning
The following table describes the client-related
settings that are configurable in the Lync Server
Control Panel, and maps each group of settings to
its corresponding Lync Server Management Shell
cmdlet.
Lync Server
Control Panel
group
Users

Instant
Messaging
(IM) and
Presence

Description

Lync Server2013 cmdlets

Enable or disable users.


Create or modify users.
Move users or groups between
pools.
Configure a users Session Initiation
Protocol (SIP) address and registrar
pool.
Set, lock, or unlock users personal
identification number (PIN).
Assign users or groups to policies
defined in other Control Panel
groups.

CSAdUser
CSUser
Examples:

Allow or block IM hyperlink


prefixes.
Allow or block file extensions.

CsFileTransferFilterConfiguration
CsImFilterConfiguration
Examples:

Enable-CsUser Identity Alex


Delgado RegistrarPool
pool.fabrikam.com
SipAddressTypeSamAccountName
SipDomain fabrikam.com
Get-CsAdUser Identity Alex
Delgado
Set-CsUser -Identity "Alex Delgado" EnterpriseVoiceEnabled $True
LineUri tel:+14805551000
PrivateLine tel:+14255555000

New-CsFileTransferFilterConfiguration
Identity site:Redmond Extensions
@{Add=.ps1}
New-CsImFilterConfiguration Identity site:Redmond -Prefixes
@{add="rtsp:", "urn:"}

Conferencing

Define conferencing policies and


permissions.
Enable recording.
Set default meeting options.

CSConferencingPolicy
CsConferencingConfiguration
Examples:
New-CsConferencingPolicy Identity

Lync Server
Control Panel
group

Description

MICROSOFT INTERNAL TEACH

Configure a dial-in access number.


Configure a dial-in PIN policy.

Lync Server2013 cmdlets


site:Redmond Description Redmond
Default Conferencing Policy
AllowIPAudio $true AllowIPVideo
$false EnableDesktopSharing
Desktop
Set-CsConferencingConfiguration
Identity Global Organization
Fabrikam Corporation

Clients

Configure client version control.


Configure device update rules,
logging, and firmware testing.

CsClientVersionConfiguration
CsClientVersionPolicy
CsClientVersionPolicyRule
CsUCPhoneConfiguration
Examples:
New-CsClientVersionConfiguation
Identity site:Miami Enabled $true
New-CsClientVersionPolicy Identity
site:Miami
$x = [guid]::NewGuid()
New-CsClientVersionPolicyRule Parent "site:Miami" -RuleId $x MajorVersion 4 -UserAgentInHouse
Set-CsUCPhoneConfiguration Identity site:Miami PhoneLockTimeout "00:30:00"

Client Bootstrapping Policies Configured Using Group Policy

MCT USE ONLY. STUDENT USE PROHIBITED

4-4 Client and Device Deployment and Management

In Lync Server 2013, most settings are configurable through the Lync Server Control Panel. However,
Group Policy objects (GPOs) are still used for client bootstrapping and other settings that take effect
before the client signs in and receives in-band provisioning settings from the server. For more
information about the Group Policy settings required for client bootstrapping, see the Lync Server 2013
Help file topic, Key Client Policies and Settings.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-5

Lesson 2

MICROSOFT INTERNAL TEACH

Deploying and Managing Lync 2013 Clients

Lync Server 2013 communications software supports several types of client software that you can deploy
to your organizations users, including computer-installed client software and web-based clients. You
should be familiar with the essential deployment and configuration options that you can use when
deploying the Lync Server 2013 clients.

Lesson Objectives

Deploy Lync 2013.

Configure Lync 2013.

Deploy Lync 2010 Attendant.

Deploy Lync Web App.

Deploy Lync 2013 Mobile.

Deploy Lync 2013 in a Virtual Desktop Infrastructure (VDI) environment

Deploying Lync 2013


Microsoft Lync 2013 is the default client for Lync
Server 2013 meetings. You can deploy Lync 2013
through an IT-managed deployment, or you can
allow end-users to install Lync 2013 individually.
The method you choose depends on the size and
security requirements of your organization, the
deployment methods you already have in place,
and the experience level of your users, among
other factors.

If you choose to allow users to install Lync 2013,


you can deploy it by using a file server on your
network as a software distribution point for the
Windows Installer package. You can then send an email message to users explaining the installation
process and providing a link to the distribution point. Up until the point they install the new client, the old
client will remain functional against the new Lync Server 2013back end.

Managed Deployment
If you choose to manage the deployment, you have the following installation options:

Microsoft System Center Configuration Manager. Use this product for more complex softwareinstallation scenarios, where scheduling, inventory, reporting, status, and support for an installation
across a wide area network (WAN) are required.

Active Directory Group Policy. You can create a Group Policy object to deploy Lync Server 2013 to
specific users or computers, based on group memberships.

Windows logon scripts. The logon script performs an unattended installation of Lync 2013 when a user
logs on. GPOs can be used to target logon scripts to specific devices or users.

Configuring Lync 2013

MICROSOFT INTERNAL TEACH

You can choose to configure a number of options


for your Lync 2013 clients. These include:

Configuring Domain Name System (DNS) for


automatic client sign-in.

Configuring the client version policy.

Configuring the meeting join page.

Configuring enhanced privacy mode.

Configuring DNS for Automatic Client


Sign-In

MCT USE ONLY. STUDENT USE PROHIBITED

4-6 Client and Device Deployment and Management

If your organization chooses to support automatic


client sign-in, you should configure DNS records to enable automatic client discovery of the appropriate
Standard Edition server or front-end pool.

You must designate a single server or pool to distribute and authenticate client sign-in requests. For high
availability, we recommend that you configure a Director pool for this function.
You must also create a single, internal DNS Service Location (SRV) record that maps to the fully qualified
domain name (FQDN) of the Director pool (or front-end pool/Standard Edition server) that distributes
sign-in requests from clients:

For complete auto discovery, create the lyncdiscover URL; Lyncdiscover.<domain>

For internal Transport Layer Security (TLS) communications, use _sipinternaltls._tls.<domain>.

If Transmission Control Protocol (TCP) is allowed, for internal TCP connections, use _sipinternal._tcp.
<domain> -.

Note: The SIP domain refers to the host portion of the SIP Uniform Resource Identifiers (URIs)
assigned to users. For example, if SIP URIs are of the form, john@contoso.com, contoso.com is the SIP
domain. The SIP domain may be different from the internal Active Directory Domain Services domain.

Configuring the Client Version Policy


In Lync Server 2013, the default client version policy requires that all clients run a minimum of
Microsoft Office Communicator 2007 R2. You can also reconfigure the client version policy to send the
client to an upgrade URL, instead of being blocked.

You use Lync Server Control Panel to edit the default client version policy. In addition to creating a global
policy, you can create client version policies for a particular service or site, or user-scoped policies that can
be assigned to individual users.

Note: Because anonymous users are not associated with a user, site, or service, anonymous users
are affected by global-level policies only.

Configuring the Meeting Join Page

You can control the clients that are available for joining Lync 2013 meetings by configuring the meeting
join page. This page opens each time a user clicks a meeting link, and the page provides a way for users

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-7

to join online meetings by using an alternate client. By default, the meeting join page includes the option
to use the Lync Web App.

MICROSOFT INTERNAL TEACH

You configure the meeting join page in the Lync Server Control Panel or the Lync Server Management
Shell by using the following cmdlets.
New-CsWebServiceConfiguration
Set-CsWebServiceConfiguration

Customizing the Online Meeting Add-in


You can customize the Online Meeting Add-in for Lync 2013 by:

Adding custom footers by using the Set-csConferencing cmdlet.

Configuring available meeting options and meeting-option defaults by using Lync Server 2013 inband provisioning.

In addition, users can change the language of the meeting invitation to English when non-English versions
of the Microsoft Office Outlook messaging and collaboration client and Lync 2013 are installed.

Configuring Enhanced Privacy Mode

Enhanced privacy mode enables users to restrict their presence information so that it is visible only to
contacts listed in their contact list. You configure this option by using the EnablePrivacyMode parameter
in the CsPrivacyConfiguration cmdlet. When EnablePrivacyMode is set to True, the option to restrict
privacy information to contacts becomes available to users in the Lync 2013 client.

Note: Lync 2013 privacy settings do not apply to client versions before Lync 2010.

Deploying Lync 2010 Attendant


Microsoft Lync 2010 Attendant is an intuitive callmanagement application that helps a receptionist
manage large numbers of simultaneous calls. Lync
2013 Attendant runs in a full-screen window to
provide a streamlined desktop experience. You
can use Lync 2010 Attendant to:

See conversation queues and contact lists.

Perform directory searches and Click to Call.

Transfer calls.

Set up conferences without switching


windows.

Manage multiple conversations with rapid call handling, IM, and on-screen routing capabilities.

From an administrative perspective, you can deploy Lync 2010 Attendant within your organization by
using any method that supports a Microsoft Windows Installer package (.msi file). Additionally, you can
control key features and settings by using installation scripts or AD DS Group Policies.

The Lync 2010 Attendant is the only Attendant client that is released for Lync Server 2013. There will not
be a special Lync 2013 version of this attendant.

MICROSOFT INTERNAL TEACH

Deploying Lync Web App


Microsoft Lync Web App is a
Microsoft Internet Information Services (IIS) web
application that installs with Lync Server 2013 and
is enabled by default. No additional server
configuration is necessary. When users click a
meeting URL, they are presented with the meeting
join page, which always provides the option to join
the meeting by using Lync Web App, if there is no
compatible Lync client installed.
The Lync Web App uses an ActiveX control for
audio, video, and desktop sharing, and can be
installed without any local admin rights.

Operating
system

32-bit
Intern
et
Explo
rer 10

64-bit
Interne
t
Explore
r 10

32-bit
Interne
t
Explore
r9

64-bit
Interne
t
Explore
r9

32-bit
Interne
t
Explore
r8

64-bit
Interne
t
Explore
r8

32-bit
Versio
n of
Firefox
12.X

64-bit
Versio
n of
Safari
5.X

MCT USE ONLY. STUDENT USE PROHIBITED

4-8 Client and Device Deployment and Management

32-bit
Versio
n of
Chrom
e 18.x

Windows
8 (Intelbased)

Yes

Yes

N/A

N/A

N/A

N/A

Yes

N/A

Yes

Windows
7 with
Service
Pack 1
(SP1)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

No

Yes

Windows
Vista with
Service
Pack 2
(SP2)

Yes

No

Yes

No

Yes

No

Yes

No

Yes

Windows
XP with
Service
Pack 3
(SP3)

N/A

N/A

N/A

N/A

Yes

No

Yes

No

Yes

Windows
Server
2008 R2
with SP1

Yes

Yes

Yes

Yes

Yes

Yes

Yes

No

Yes

Windows
Server
2008 with
SP22

Yes

No

Yes

No

Yes

No

Yes

No

Yes

Mac OS-

N/A

N/A

N/A

N/A

N/A

N/A

Yes

Yes

Yes

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-9

Deploying Lync 2013 Mobile Clients

MICROSOFT INTERNAL TEACH

Microsoft Lync 2013 features full feature mobile


clients. These clients have not been released at this
point in time, but the following is known:

They will be available for Android, IPhone,


Ipad, Windows Phone 8, and Microsoft
Windows 8 RT. These clients will have support
for audio, video and desktop sharing.

Installation will be user-based. There will not


be administrative installs, but only installs
from the marketplace of that specific device.
The applications will be provided free of
charge only, and existing Lync 2013 CAL is
needed.

There are special mobile policies that enable the device to be configured to disallow audio/video and
desktop sharing over 3G/4G, forcing it to only use a wireless network (Wi-Fi), or else, disallow the
usage of media.

Deploying Lync 2013 in a VDI Environment


Microsoft Lync Server 2013 is the first version of
Lync Server to support deployment in a Virtual
Desktop Infrastructure (VDI) environment.
We supply a special VDI client that has to be
deployed on the physical access device. This
device can be running Windows 7 (embedded) or
Windows 8 ( embedded). There is no support for
different operating systems, at this point in time.
Using the set-csclientconfiguration cmdlet, all
users that will be using the VDI plugin must have
the EnableMediaRedirection value set to true.

When the Lync 2013 client detects that it is being run in a VDI environment, the audio and video will be
redirected to the local plug-in running on the VDI client. The client running on the host will provide a
blue background on which the VDI plug-in will then project the video. This provides for a local
termination point for audio and video, and ensures the best quality for the user.
The following points are known issues or limitations when running in a VDI environment;

There is limited support for Call Delegation and Response Group Agent Annonymization features.

There is no support for the following features:


o

Integrated Audio Device and Video Device tuning pages

Multi-view video

Recording of conversations

Joining meetings anonymously (that is, joining Lync meetings hosted by an organization that
does not federate with your organization)

MICROSOFT INTERNAL TEACH

Using the Lync VDI plug-in, along with a Lync Phone Edition device

Call continuity in case of a network outage

Customized ringtones and music on hold features

MCT USE ONLY. STUDENT USE PROHIBITED

4-10 Client and Device Deployment and Management

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-11

Lesson 3

MICROSOFT INTERNAL TEACH

Preparing for Device Deployment

In Lync Server 2013, a device may refer to any Unified Communication (UC) device, including headsets
and webcams. However, we will discuss the IP phone here, because it is a managed device. Phones
running Microsoft Lync 2013 Phone Edition enable users to interact with the Lync Server 2013
communication and collaboration features. A new addition in Lync Server 2013 is the support for 3PIP
devices. These are Lync compatible devices that can be developed by any third-party for direct
registration on Lync Server 2013.

You should be familiar with the planning requirements for deploying Lync Server 2013 IP phones and the
configuration steps that you must perform to enable their use.

Lesson Objectives

Describe the supported IP phones.

Plan for device deployment.

Configure DNS and Dynamic Host Configuration Protocol (DHCP).

Supported IP Phones
Lync Server 2013 supports three types of
IP phones:

Desk phones. These phones are designed to


be used by employees at their desk. Desk
phones are also known as information worker
or knowledge worker phones.

Common area phones. These phones are


designed to be used in shared areas, such as
lobbies, kitchens, factory floors, and shared
workspaces, and can be customized to
provide different sets of Lync Server2010
features.

Conferencing phones. These phones are designed to be used in meeting rooms.

Desk Phones

Lync Server 2013 provides options for both IP desk phones and USB phones. IP phones provide a broader
set of UC features and do not need to be connected to a computer that is running Lync 2013 to provide
communication and collaboration features. USB phones require this connection because they are simply
an extension of a local Lync 2013 client. IP phones will not allow users to log on unless the users are
configured for Enterprise Voice. USB phones allow all users to log on, regardless of their configuration.
USB phones work for Lync 2013 calls by using the Internet, without requiring Enterprise Voice or a
connection to the public switched telephone network (PSTN).
Lync Server 2013 continues the support of:

Aastra 6725ip

Polycom CX500

Polycom CX600

HP 4120

Polycom CX700

LG/Nortel 8540

MICROSOFT INTERNAL TEACH

Lync Server 2013 also introduces support for the following USB desk phones:

Polycom CX100

Polycom CX200

Polycom CX300

Plantronics Calisto 420

Plantronics Calisto 540

Common Area Phones


The supported common area phones are:

Aastra 6721ip

Polycom CX500

HP 4110

MCT USE ONLY. STUDENT USE PROHIBITED

4-12 Client and Device Deployment and Management

Because all of the common area phones are IP phones, they do not need to be connected to a computer
to provide Lync Server 2013 UC functionality.

What Is a Hot-Desk Phone?


A hot-desk phone is a common area phone that allows users to log on to their own user accounts. The
features, policies, and settings associated with their user account will apply for as long as the user is
logged on. When the user logs off, the phone provides basic common area phone usage.

Conferencing Devices

Conference room devices transmit high-quality audio, and those with video capabilities track the person
who is currently speaking. The supported conferencing devices are:

Polycom CX5000 (audio/video)

Polycom CX3000 (audio)

Third-Party IP Phones
With the release of Lync Server 2013, we are now
focusing on third-party IP phones, better known as
3PIP phones. These phones were previously known
as Lync compatible phones.
These phones will need to support the same
phones as the Lync-optimized IP phones, but
because they are running firmware developed
directly by the phone manufacturer, these phone
will get more and faster firmware updates. Also,
new features, which were previously unsupported,
such as 802.1x, will be supported.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-13

MICROSOFT INTERNAL TEACH

Planning for Device Deployment


When planning IP phone deployment, you need to
be aware that there are a number of prerequisite
conditions that your Lync Server 2010 system
infrastructure must meet. Before you can enable
these devices to connect to Lync 2013, you must
perform the following tasks:

Enable Enterprise Voice. Ensure that each


device user is enabled for Enterprise Voice. To
do so, you must deploy a Mediation Server
and configure a trunk for telephony.

Create required DNS and DHCP records.

Set up dial plans, voice policies, and routes. Set up dial plans, voice policies, and outbound call
routes for IP phone users.

Associate phones with contact objects. Associate all common area phones with an AD DS contact
object.

Enable a PIN policy. Enable PIN authentication on Lync Server 2013 and ensure that an appropriate
PIN policy is in place.

Best Practices
For optimal audio quality, you need to:

Separate Voice over Internet Protocol (VoIP) traffic from other network traffic by configuring
Differentiated Services Code Point (DSCP) tagging or any other form of Quality of Service (QoS) and
putting voice traffic in the correct queues.

Advise users to attach their laptop or computer to a wired network, instead of a wireless network. IP
phones are required to do this.

Enable correct exceptions for separating Lync traffic from other traffic when connecting over a virtual
private network (VPN) or direct access. Lync traffic should always pass directly through the Edge
Server when accessing from the outside.

For more information about configuring Enterprise Voice, see Configuring Basic Enterprise Voice and,
Extending Enterprise Voice Functionality from this handbook.

Configuring DNS and DHCP


To provide IP phone connectivity, you must create
and publish certain Domain Name System (DNS)
records. You must also specify certain
configuration options for Dynamic Host
Configuration Protocol (DHCP) servers.

DNS
In addition to the DNS records required for autoconfiguration, the following table describes the
records that you must create and publish to a DNS
service within the corporate network, if you are

deploying IP phones.

MICROSOFT INTERNAL TEACH

Type

Value

Description

FQDNs for the pool(s) that


host the Enhanced
Registrars

The new Lync Server 2013 DNS load balancing feature


requires you to specify the server FQDN and the pool
FQDN, using the same IP address for each server in the
pool, and you should create A records for all pools that
contain an Enhanced Registrar.
If you use hardware load balancing, just specify A
records for each pool that contains an Enhanced
Registrar. This allows external devices to connect by
using SIP over TLS to the Enhanced Registrar internally.

SRV

_sipinternal._tcp.<SIP
domain>

You specify the two SIP FQDNs for internal routing, one
for communications over TCP, and the other for TCP
communications secured by TLS.

ucupdates-r2.<SIP
domain>

You specify the web services portion of the Device


Update services URL. The device appends
:443/RequestHandler/ucdevice.upx. Ensure that the
Hardware Load Balancer (HLB) translates external
requests to use :443/RequestHandler/ucdevice.upx.
(The external port is 443.)

Note: If the pool is already deployed, this information can be referenced from the Lync Server
Control Panel Topology tab by selecting the Edge server properties.

DHCP

MCT USE ONLY. STUDENT USE PROHIBITED

4-14 Client and Device Deployment and Management

DHCP provides an automated way to distribute and update IP addresses and other configuration
information on a network. For connectivity, IP phones require the web services URL and Enhanced
Registrar FQDN from the DHCP server. You can configure this in your corporate DHCP server, or you can
use the DHCP server provided with the Lync Registrar. The Lync Server 2013 DHCP server does not lease
addresses, and can be used safely in conjunction with any other DCHP server.
You can enable the Lync Server 2013 DHCP server by using the following Lync Server Management Shell
command.
set-CsRegistrarConfiguration EnableDHCPServer $true

You must ensure that broadcast packets from devices can reach the DHCP server(s) by configuring DHCP
relay agents to forward DHCP packets to the Lync Server 2013 DHCP servers.
To enable IP Phones to discover and connect to Lync Server 2013, you must ensure that the following
options are set on the organizations DHCP servers. You can use the DHCPUtil.exe utility to configure
these options.
Option

Value

Description

43

CS Pool
Certificate
Provisioning
Service URL

Specify the internal URL in the form of


https://lyncWebPoolFQDN:443/CertProv/CertProvisioningService.svc
(Note This is an example only.)

120

FQDN for

Specify the FQDN of the pool that will be the first

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-15

MICROSOFT INTERNAL TEACH

Option

43

Value

Description

theca Pool
Registrar

logon server for the device. Typically, this is a Director


pool. If you do not deploy a Director pool, this is the
front-end pool FQDN. The pool FQDN suffix must
match the users SIP URI.

VLAN ID

We recommend that you use a VLAN. However, if you


decide not to use a VLAN for Unified Communications,
or if you use Link Layer Discovery Protocol(LLDP)enabled switches in the enterprise to provide VLAN IDs,
do not set this option. Note that option 43 is not an
independent option. Depending on the Vendor Class
ID for which it is configured, the option may have
different values. The client identifies the vendor for
which it wants the information as option 60 in the
DHCP request.

Lesson 4

MICROSOFT INTERNAL TEACH

Deploying and Managing IP Phones


To deploy and manage IP phones, you can perform the steps in the recommended process. We
recommend that you deploy only qualified UC devices that display the Optimized for Microsoft Lync
mark.

Lesson Objectives

Provision users.

Configure common area phones.

Verify call functionality.

Perform device updates.

Provisioning Users
Before you connect an IP phone to Lync Server
2013, you must configure an authentication PIN
on the device for the user.
The PIN can be configured by the user on the
Dial-In Conferencing page, or you can set the PIN
from the Lync Server Control Panel. Alternatively,
run the following cmdlet in the Lync Server
Management Shell.
Set -CSClientPIN

This cmdlet enables the phone to discover Lync


Server 2013, connect, and then authenticate by using the PIN. After authentication, a Lync Server 2013
signed certificate is downloaded to the phone. The certificate is then cached and used for subsequent
authentication.

Configuring Common Area Phones


Before you deploy common area phones, you
must set up a common area account and
optionally configure policies to designate call
control behavior. For example, you might want to
allow call transfers from a common area phone in
a conference room, but not from a common area
phone in a lobby. You can also set up phones to
block external usage and compromised accounts,
and configure hot-desk phones. A hot-desk phone
is one to which a user can log on to Lync Server
2013 and their specific user profile settings will
apply.
To configure common area phones, you must perform the following:

MCT USE ONLY. STUDENT USE PROHIBITED

4-16 Client and Device Deployment and Management

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-17

1.

Create a new contact object for each common area phone. If an AD DS object already exists,
ensure that this object is not SIP-enabled.

MICROSOFT INTERNAL TEACH

If the object is SIP-enabled, you must remove the Lync Server 2010 attributes by running the following
cmdlet.
Disable-csUser

You can then configure the phone by running the following cmdlet.
New-csCommonAreaPhone

2.

Create required policies for common area phones. Creating specific policies for common area
phones is optional. However, you might want to create policies for lobby phones that have more
restrictive policies than meeting-room phones. The types of policies that you can create include client,
voice, conferencing, and PIN policies.

Policy

Setting

Use

DeviceType (AD)

Urn:device:commonareaphone

ClientPolicy

EnableHotdesking
HotdeskingTimeout

Enables user to log on to a


common area device.
Specifies timeout value.

VoicePolicy

EnableCallTransfer
EnableCallPark
AllowCallForwarding

Enables UI for call transfer.


Enables UI for call park.
Enables UI for call forwarding.

MeetingPolicy

AllowIPAudio

Enables UI for conference


escalation.

ExternalAccessPolicy

EnableOutsideAccess

Enables external access.

Improved Manageability of Common Area Phones

Lync Server 2013 introduces several enhancements to existing manageability features, and several new
features that improve the administrative experience for configuring and managing common area phones.

Enhancements

Usage information is captured in the call detail record (CDR) database.

Call quality information is captured in the Quality of Experience (QoE) database.

Update server is used to update devices.

New Features

Certification authority (CA) discovery is configured in DHCP.

A contact object is used to configure a common area account.

Device inventory is easily managed by creating a device inventory report.

MICROSOFT INTERNAL TEACH

Verifying Call Functionality


The primary tools for managing and monitoring IP
phones are the Lync Server Control Panel, the
Lync Server Management Shell, and the Device
Update service. The following table lists the tools
and the functionality that they provide for
verifying the call and the quality of service (QoS).

Tool/service

Purpose

Location

Lync Server Control


Panel

Useful when setting up dial plans,


voice policies, calls routes, device
logs, and PINs, and starting web
services and managing Device
Updates.

Lync Server Control Panel

Lync Server
Management Shell

Useful when setting up contact


objects and policies for devices,
and for troubleshooting.

Lync Server 2013


Management Shell

Device Logs

Useful when provisioning,


monitoring, and troubleshooting.

Update Server Web


Services and then browse
to the correct folder.

Device Update
service

Useful when deploying new


devices, and downloading, testing,
and deploying updates. You can
also roll back to previously installed
software versions.

Accessible through the


Lync Server Control Panel
or Windows PowerShell.

IP Phone Inventory
Report tool

Useful when monitoring and


troubleshooting issues on IP
phones. You can also use this tool
to create reports.

Monitoring Server Reports

Power-on self-test
(POST)

Useful when monitoring and


troubleshooting issues on the
phone. You can use this tool to test
the health of the DDR2 RAM.

On the device. (While the


device is starting up, press
* + 7 to start POST. If the
test fails, the preboot code
returns an error message
and the startup process
ends.)

Monitoring Server
Reports

Useful when monitoring and


troubleshooting issues related to
user activity and media quality.
There is a QoE report for user
activity that searches for Call Detail
Records (CDRs) based on user alias.
Another report for media quality
searches individual detail records

Monitoring Server Reports

MCT USE ONLY. STUDENT USE PROHIBITED

4-18 Client and Device Deployment and Management

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-19

Tool/service

Purpose

Location

MICROSOFT INTERNAL TEACH

for signal values captured from the


users device microphone or
speaker.
Reset (Hard, Factory)

Useful when troubleshooting issues


on the new IP phones. Hard Reset
enables users to delete all usercreated data (such as device logs,
registry settings, and credentials).
The Factory Reset enables users to
revert the device to the last
working software version, in the
event that the phone is updated to
a version that is causing issues.

Performing Device Updates


Lync Server 2013 includes the Device Update
service, which is accessible through the Lync Server
Control Panel. Device Update enables you to
upload your previously downloaded updates from
Microsoft, test them, and then deploy the updates
to the IP phones in your organization. You can
also use Device Update to roll back devices to
previous software versions. The log files and audit
information in the Device Updates folder store
inventory details about the devices in your
organizations and help you verify information
about them, such as the current firmware version.
You should check for device updates at least every three months.

On the device. (When the


device starts, press both *#
(Hard) or 46 (Factory) to
reset the device.)

When you download updates (.cab files) from the Microsoft Help and Support website, you must upload
them to the Device Update service by using the Lync Server Management Shell. You will have an
opportunity to perform these steps in the lab for this module.

Device Updates File store

The Device Updates file store is the central repository for all update information, logs, and audit
information, and provides the installation point for devices that require updates. The Device Update file
store is a folder that is installed as part of the web services role on the front-end server.
In Lync Server 2013 Standard Edition, the file store is automatically created by the installer in the Web
Services folder, under the installation folder. The default path is: %Program Files%\Microsoft Lync
Server\Web Services\Device Update Files.

In Lync Server 2013 Enterprise Edition, prior to installation, you must create a shared folder to contain
both client and device update files. You must then specify the location of this folder when you run the
Create Front End Pool Wizard during deployment.

Note: We recommend that you create a quota on the Device Update log file store by using the
File Server Resource Manager. A quota helps ensure that the number of log files does not exceed the

available storage; otherwise, you may encounter problems for the web services role. We recommend
that you set a file store quota, whether or not you use the Device Update service.

MICROSOFT INTERNAL TEACH

For more information about setting up a quota by using the File Server Resource manager,
see File Server Resource Manager Step-by-Step Guide for Windows Server 2008 at
http://go.microsoft.com/fwlink/?LinkId=201142

MCT USE ONLY. STUDENT USE PROHIBITED

4-20 Client and Device Deployment and Management

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-21

Lab: Client and Device Management

MICROSOFT INTERNAL TEACH

Scenario

With users configured for Microsoft Lync Server 2013, you have been tasked with deploying devices
and clients. The management and security team at A Datum Corporation have developed client and
device requirements that match company policies.
You will create and assign client and device policies at the global, site, and user levels by using the
available Lync Server tools to enforce the defined company policies with granular control.
Estimated Time: 35 minutes

Exercise 1: Starting the virtual machines


Scenario
In this lab, we will turn on and connect to all the virtual machines.
The main tasks for this exercise are as follows:
1. Start the virtual machines.

Task 1: Start the virtual machines.


Start the virtual machines

Results: After completing this exercise, you will have started all the virtual machines to complete the
remaining exercises.

Exercise 2: Creating and Assigning Client Policies


Scenario
In this Lab you will create three different client policies:

Global with following parameters: Allow safe transfer for attendants, disallow communications with the
federated contacts, disable emoticons, enable hotdesking with a timeout of 30 seconds, and with an IM
warning "Warning: All communications within ADatum may be logged and viewed at any time and for
any reason. Use of the ADatum Instant Messaging Service is a privilege. Abuse of the system may result
in loss of said privilege. This is a Global Message"

Site with the following parameters: for site Redmond (Site 1) with Description "Redmond Default
Client Policy", enabling music on hold, allowing full screen video, enable exchange contact sync and
with an IM warning "Warning: All communications within ADatum may be logged and viewed at any
time and for any reason. Use of the ADatum Instant Messaging Service is a privilege. Abuse of the
system may result in loss of said privilege. This is a Redmond Local Message"

Marketing with following parameters: Description "ADatum Executive Client Policy" allows appearing
offline, enabling music on holds, allowing full screen video, allowing media redirection, and enabling
exchange contact sync.

Grant users Alex, Marketing client policy.

Important: On all virtual machines, verify whether all of the services set to start automatically have
started. Most notably, check the Microsoft Exchange, Microsoft SQL Server, and Lync Server 2013
services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console,
verify that all services set to Automatic start have started. If not, right-click the service, and then click
Start.

The main tasks for this exercise are as follows:


1. Create client policies by using a PowerShell script.

MICROSOFT INTERNAL TEACH

2. Verify the client policy is applied to users.

Task 1: Create client policies by using a PowerShell script.


Create client policies by using a PowerShell script.

Task 2: Verify the client policy is applied to users.


Verify client policy application to users.

Results: After completing this exercise, you should be able to describe how to create client policies in
Lync 2013, how to apply them, and then see the effects of the client policies.

Exercise 3: Creating and Assigning Device Policies


Scenario

MCT USE ONLY. STUDENT USE PROHIBITED

4-22 Client and Device Deployment and Management

In this exercise, you will use the Lync Server Management Shell to edit the global policies and create site
device polices. The device policies include PIN and logging requirements, and the application of the
policies will be simulated. You will also configure the settings for a common area phone.
The main tasks for this exercise are as follows:
1. Create and edit device policies by using a PowerShell script.
2. Verify that the device policy is created.

Task 1: Create and edit device policies by using a PowerShell script.


Create and edit device policies by using a PowerShell script.

Task 2: Verify that the device policy is created.


Verify device policy creation.

Results: After completing this exercise, you should have created device policies and edited the global
policies by using a PowerShell script. This script should also configure a new common area phone.

Exercise 4: Configuring a Device Update


Scenario
In this exercise, you will create device update policy and a site level test device policy with following
parameters:
Site : Redmond (Site 1)
Device name : Test Aries.
Identifier type : Serial number
Unique identifier : 1111111111
The main tasks for this exercise are as follows:
1. Import a Device Update .cab file.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-23

2. Create a Test Device policy.


3. Approve the device updates.

Task 1: Import a Device Update .cab file.

MICROSOFT INTERNAL TEACH

Import a Device Update .cab file.

Task 2: Create a Test Device policy.


Create a Test Device policy.

Task 3: Approve the device updates.


Approve the device updates.

Results: After completing this exercise, you should have installed a new device update file, uploaded it
into Lync Server, tested it on a specific device, and then approved it for all devices.

Exercise 5: Creating and Assigning Mobile Device Policies


Scenario

In this exercise, you will use the Lync Server Management Shell to edit the global Device Policy to allow
for Mobility.
The main tasks for this exercise are as follows:
1. Create and edit device policies by using a PowerShell script.
2. Verify mobile device policy creation.

Task 1: Create and edit device policies by using a PowerShell script.


Create and edit device policies by using a PowerShell script.

Task 2: Verify mobile device policy creation.


Verify mobile device policy creation.

Results: After completing this exercise, you should have created a mobile device policy.

Module Review and Takeaways


Common Issues and Troubleshooting Tips

MICROSOFT INTERNAL TEACH

Common Issue

Troubleshooting Tip

Lync sign-in errors

Lync for Windows Store app sign-in issue

Lync VDI pairing issues

Review Question(s)
Question: Does the Lync 2013 setup program uninstall previous versions of Lync or Office
Communicator?
Question: What do you use to deploy Lync 2013 Group Policy settings?

Real-world Issues and Scenarios


Contoso plans to deploy Lync Server 2013 and already has an existing Lync Server 2010 infrastructure.
Should they deploy servers or clients first?

MCT USE ONLY. STUDENT USE PROHIBITED

4-24 Client and Device Deployment and Management

1.

Lync Server 2010 supports the new Lync 2013 clients. This enables organizations that are migrating
from Lync Server 2010 to roll out new clients independent of Lync Server upgrades. For more
information, see the Server and Client Compatibility section at:
http://go.microsoft.com/fwlink/?LinkId=282047

2.

When planning for clients to use automatic discovery to find their registration point for a given SIP
URI, you can run into issues in environments that do not use split-brain DNS, nor want to establish
split-brain DNS. Split-brain DNS is where one set of internally managed DNS servers provide
resolution for DNS queries for internal resources, and a set of externally managed DNS servers
provide resolution for DNS queries to external resources published for access from the Internet. In
split-brain DNS environments, the solution for publishing DNS records required for Lync clients is
straightforward. Additionally, putting internal records in an external DNS could reveal internal
addressing to the outside world.

What do you do? The answer is to create "pinpoint" DNS zones. This type of DNS zone is a single record
represented by the zone itself. For example, if you need to have _sipinternaltls._tcp.contoso.com as an
SRV record pointing to pool.contoso.com for internal client resolution, you would create a pinpoint DNS
zone record for zones, "_sipinternaltls._tcp.contoso.com" and "pool.contoso.com", by using, for example,
the DNSCMD command-line tool.
Following is an example.
dnscmd . /zoneadd _sipinternaltls._tcp.contoso.com. /dsprimary
dnscmd . /recordadd _sipinternaltls._tcp.contoso.com. @ SRV 0 0 5061 pool.contoso.com.
dnscmd . /zoneadd pool.contoso.com. /dsprimary
dnscmd . /recordadd pool.contoso.com. @ A 192.168.1.25
3.

If both Lync 2013 for the desktop and Lync Windows Store app are installed on the computer, you
have to set one of them as the default client to use for meetings. The first time you click the Join Lync
Meeting link in an Outlook calendar reminder to connect to a meeting, the Default Meeting Client

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 4-25

MICROSOFT INTERNAL TEACH

dialog box appears. Select either Microsoft Lync or Lync (which means Lync Windows Store app), and
then click OK. The next time you join a Lync Meeting from an Outlook calendar reminder, the
meeting client you selected will be used automatically. You can change this behavior in the Default
Programs settings.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

4-26 Client and Device Deployment and Management

MCT USE ONLY. STUDENT USE PROHIBITED


5-1

MICROSOFT INTERNAL TEACH

Module5
Conferencing in Lync Server 2013
Contents:
Module Overview

5-1

Lesson 1: Introduction to Conferencing in Lync Server 2013

5-2

Lesson 2: Designing for Audio/Video and Web Conferencing

5-11

Lesson 3: Dial-In Conferencing in Lync Server 2013

5-20

Lesson 4: Managing and Administering Conferencing

5-29

Lab: Conferencing in Microsoft Lync Server 2013

5-35

Module Review and Takeaways

5-39

Module Overview

Conferencing is a core feature of Microsoft Lync Server 2013. You can use conferencing feature in Lync
Server 2013 for dial-in conferencing and for managing and administering conferencing policies.

Objectives

Describe conferencing in Lync Server 2013.

Describe dial-in conferencing in Lync Server 2013.

Manage and administer dial-in conferencing in Lync Server 2013.

Lesson 1

MICROSOFT INTERNAL TEACH

Introduction to Conferencing in Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

5-2 Conferencing in Lync Server 2013

Conferencing in Lync Server 2013 includes the conferencing modes, new conferencing features, and
conferencing architecture and infrastructure components. You should be familiar with all these
components. You should also be familiar with call flows among conferencing components, and be able to
describe the considerations for Lync Server 2013 deployment and migration.

Lesson Objectives

Describe the conferencing modes in Lync Server 2013.

Describe the new Lync Server 2013 conferencing features.

Discuss the conferencing architecture and infrastructure components.

Describe conferencing call flows among conferencing components.

Describe the considerations for conferencing deployment and migration.

Conferencing Modes in Lync Server 2013


Lync Server 2013 communications software offers
a rich set of conferencing modes, including web
conferencing, application sharing, instant
messaging (IM) conferencing, audio/video (A/V)
conferencing, and dial-in conferencing. You can
choose to deploy all supported types of
conferencing modes, or just some of them.

A/V Conferencing

A/V conferencing enables users to have real-time


audio and video conferences without the need for
external services, such as the Microsoft Live
Meeting service or a third-party audio bridge. A/V
conferencing requires appropriate client devices, such as headsets for audio conferences and webcams for
video conferences. .
With a single click, users can schedule a meeting from Outlook. Details, such as meeting time, location,
and attendees, are based on the familiar Outlook template. Additionally, conference call-specific
information, such as dial-in number, meeting IDs, and personal identification number (PIN) reminders, are
automatically populated.

To help ensure that only the authorized people participate in a call, Lync Server provides multiple levels of
authentication for participants. Users who join by using Lync are already authenticated by Active Directory
Domain Services and do not need to enter a PIN, pass code, or meeting ID.
Lync simplifies the video conferencing user experience by incorporating video into the unified client so
that scheduling a meeting with video or escalating to video spontaneously is seamless.

Lync Server makes it easy to add video to a standard phone call in just one click. When there are multiple
participants in a video call or a conference, each user can see video from up to five other users
simultaneously, or a presenter can choose just one video source to be seen exclusively by everyone.

High-definition video (resolution 1270 x 720; aspect ratio 16:9) and VGA video (resolution 640 x 480;
aspect ratio 4:3) are supported for peer-to-peer calls between users running Lync on high-end computers.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-3

The resolution viewed by each participant in a single conversation may differ, depending on the video
capabilities of each users hardware.

MICROSOFT INTERNAL TEACH

Web Conferencing

Web conferencing is integrated with the overall enterprise messaging infrastructure of Lync Server 2013.
When combined with A/V conferencing, web conferencing delivers real-time collaboration that is simple
to manage. With web conferencing, users can share and collaborate on documents, such as Microsoft
PowerPoint presentations, during their online conferences. Additionally, users can share all or part of their
desktop with each other in real time.

Dial-in Conferencing

Dial-in conferencing enables users to join the audio portion of a Lync Server 2013 conference by using a
public switched telephone network (PSTN) phone without requiring a third-party audio conferencing
provider.

New Conferencing Features in Lync Server 2013


Lync Server 2013 includes the following web and
A/V conferencing features:

Client Features
Lync Server 2013 includes the following new client
features:

Scheduling Infrastructure Changes.


Administrators can customize email invitations
for online meetings by using Lync Server
Control Panel or Lync Server Management
Shell. Customizations can include URLs for
logos, help text, legal text, and footer text. All
subsequent invitations will include the customizations.

Join Launcher. Lync Server 2013 updates the Join launcher to validate each meeting before launching
a client, and to provide support for opening a meeting in the following clients:

Windows Phone 7

Android devices

Apple iOS devices

Windows 8

Internet Explorer 10

Video Enhancements.
o

Gallery View and HD Video Conferencing. In video conferences, users can see videos of up to five
conference participants at the same time.

HD Video. Users can experience resolutions up to HD 1080p in two-party calls and multiparty
conferences.

Presenter Only Video Mode. Presenters can configure the conference so that only the video from
the presenter is shown. This mode prevents distractions in large conferences when multiple video
streams are available and locking to different sources. This mode also applies to video captured
and provided by conferencing devices.

MICROSOFT INTERNAL TEACH

Video Spotlight. Presenters can configure the conference so that only the video from a selected
participant, who is a video source, is seen by everyone in the conference. This mode also applies
to video captured and provided by conferencing devices for panoramic video.

VDI Plug-in: The Lync 2013 client now supports audio and video in a virtual desktop infrastructure
(VDI) environment. A user can connect an audio or video device (for example, a headset or a camera)
to the local computer (for example, a thin client or repurposed computer). The user can connect to
the virtual machine, sign in to the Lync 2013 client that is running on the virtual machine, and
participate in real-time audio and video communication as though the client is running locally.

Conference Administrative Features

MCT USE ONLY. STUDENT USE PROHIBITED

5-4 Conferencing in Lync Server 2013

Outlook Scheduling Add-in. Lync Server 2013 includes the following new conference administrative
feature:
The Online Meeting Add-in for Lync 2013 includes meeting invite customization and new
meeting options:
o

Administrators can customize the organizations meeting invitations by adding a


custom logo, a support URL, a legal disclaimer URL, or custom footer text.

New attendee mute controls allow meeting organizers to schedule conferences that
have attendee audio and video muted by default.

Dial-out Conferencing for non-Enterprise Voice users. Lync Server 2013 now allows participants who
are not Enterprise Voice-enabled to initiate dial-out calls from a meeting conference. The
administrator can configure this feature.

Integration with Office Setup. The Lync 2013 client and the Online Meeting Add-in for Lync 2013
which supports meeting management from within the Outlook messaging and collaboration client
are now both included with the Office 2013 Setup program.

In previous versions of Lync and Office Communicator, you could use Windows Installer properties to
customize and control the Office installation. Because Lync 2013 is integrated with Office setup, you can
use the following to customize the Lync 2013 setup:
o

The Office Customization Tool (OCT)

Config.xml to perform installation tasks

Setup command-line options

Conference Participant Features


Lync Server 2013 includes the following new conference participant features:

Presence while sharing. When Lync detects that a user is sharing, Lync automatically assigns the user a
Presenting status. This status blocks all incoming communications unless the sender is assigned the
Workgroup privacy relationship. If the user is using the sharing feature entirely on a secondary
monitor, Lync does not assign a Presenting status.

Merge this call into. While in a meeting, users can merge another open conversation into the meeting
by using Merge This Call Into, on the More Options () menu.

View/Show Participants. To see participants names, users can hover the mouse pointer over the View
Participants button, or click Show Participant List to dock the panel in the meeting.

Conference Presenter Features


Lync Server 2013 includes the following new conference presenter features:

Manage Presentable Content. Users can also use the Manage Presentable Content menu to choose
which content they want to share.

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 5-5

Share Content and Lead Meeting Activities. Users can switch between content types by using Share
content and lead meeting activities at the lowermost part of the meeting room window.

Presence While Sharing. When Lync detects that a user is sharing, Lync automatically assigns the user
a Presenting status. This status blocks all incoming communications unless the sender is assigned the
Workgroup privacy relationship. If the user is using the sharing feature entirely on a secondary
monitor, Lync does not assign a Presenting status.

Presentation Mode. In an A/V conference, the presenter can set the conference state so that all other
participants, including anybody who subsequently joins the meeting, are muted. While the
conference is in this state, individual participants cannot unmute themselves. The presenter can later
change the conference state, for example, to open the conference for questions. At that time, users
receive a notification that they can now unmute themselves.

Conference Scheduling Infrastructure Changes


Administrators can customize email invitations for
online meetings by using Lync Server Control
Panel or Lync Server Management Shell.
Customizations can include URLs for logos, help
text, legal text, and footer text. All subsequent
invitations will include the customizations. This
feature is available on Office 365 Tenant and OnPremises deployments.

Join Launcher
Lync Server 2013 updates the Join Launcher to
validate each meeting before launching a client,
and to provide support for opening a meeting in
the following clients:

Windows Phone 7

Android devices

Apple iOS devices

Windows 8

Internet Explorer 10

Join Launcher is a small application that runs on


each front-end server. It helps you to launch the right client (such as a computer, mobile, or no Lync
endpoint installed). If no Lync endpoint installed is found, Lync Web App is launched. If a client is not
detected, it redirects to Marketplace to download a client.

You should start the web client where the Organizer is homed, because this provides the appropriate
experience (Lync 2010 or Lync 2013). The closer you get to the server, the better is the experience and
performance for the end-user.

Join Launcher with Director

When the entire infrastructure components are Lync 2013, the scenario is simpler. When the user clicks
the Join online meeting link, the request goes to the Director. The Director locates Front-End 2 (FE2) on

MCT USE ONLY. STUDENT USE PROHIBITED

5-6 Conferencing in Lync Server 2013

the specific pool where the organizer is installed. The request is therefore proxied to the proper Front-End
server.

MICROSOFT INTERNAL TEACH

Join Launcher without Director


You do not need a Director to direct traffic, although the Director provides good isolation between
internal and external networks. In this scenario, the meeting URL points to the second pool. Pool 2
identifies that the meeting is actually homed on Pool 1 Front-End 2 server and proxies the request.

Lync Server 2010 and 2013 Coexistence


You may see this typically in migration scenarios. A new Lync 2013 pool is deployed in the current
infrastructure. The existing Director (with Cumulative Update for Lync Server 2010: November 2011 or
later) sends the request to the correct pool and the front-end server.

Join Launcher Hybrid Deployment

In this scenario, you can have on-premise presence. Some users are hosted on the Lync Online Solution. In
this particular example, the meeting happens on Lync Online; however, the meeting URL still points to
On-premise. When the URL is clicked, the client connects to the On-premise Director. The On-Premise
Director will try to determine where the meeting is, through Deployment Locator. In this case, the Director
determines the meeting is hosted by Lync Online. The conference URL is validated by using SIP protocol
and you get the correct URL that you should really be accessing.

In-Conference Collaboration
Previously, when a PowerPoint presentation was
shared, the client converted the PowerPoint into a
lower format (PowerPoint 1997-2003) version.
That version was sent to the server. The server
then instructed all the clients to download a copy
of that PowerPoint. The embedded PowerPoint
viewer of the client would then be able to view it.
The server at this point only sends instructions (go
back, go to slide #, go forward). This native viewer
had limitations.

The solution is using a browser/HTML5+


integration. Instead of converting the PowerPoint
to a lower format, you convert the PowerPoint to DHTML / JavaScript, so that all the form factors can view
a version of it. The WAC (Web Application Companion, also called the Office Web Apps Server) server
helps you to achieve that. WAC is shared among all major components, such as Lync, Exchange, and
SharePoint.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-7

MICROSOFT INTERNAL TEACH

Office Web Application Server Integration


On the slide, at the left and middle, you see the
Lync components, and on the right is the WAC
server. A user tries to drop a PowerPoint file into
the meeting. The file is sent to the server without
any conversion. The server performs the
encryption and saves it to the content file share.
The presenter wants to present this presentation.
At this point, the WAC server generates a dynamic
URL. (This URL is in the config database and when
you deploy the Lync server, you identify where the
WAC server is located). The Web Conferencing
Server does a discovery from the URL that was
configured for WAC for:

The base URL for presentation (internal and external).

The base URL for viewing the presentation (internal and external).

When the request is made to present a file, the base URL is taken to encode a few things such as file ID,
meeting ID, unique identifier of the actual front-end server hosting the meeting) and sends it to the client.
Additional security is also provided by a session lifetime token and is put in the URL. After the viewer
client gets the URL, the client connects to the provided URL to view the presentation from the WAC
server. The WAC server then makes the request to the Lync Server and the file is provided through the
filecontent server. Then, the presentation happens directly between the client and the WAC server.

Topology Impacts
Topology ImpactsEnterprise Edition
The WAC server is not built specifically for Lync. It
has Office viewing and editing capability to
support many scenarios from SharePoint and
Exchange Servers. You should set up a centralized
WAC server farm so all related components can be
used suitably.
From an Enterprise Edition perspective, a Lync
pool is set up as usual, to identify where the WAC
server is deployed (basically specifying a URL).

Topology ImpactStandard Edition

Standard Edition is usually used for small deployments. In such scenarios, you would have a Lync Standard
Edition and a WAC server. Again, you would have to define the URL for the WAC server when deploying
Lync Standard Edition. We recommend that you have two virtual machines, one for Lync and the second
for the WAC server, on the same physical server.

Topology ImpactsWAC External Access

The clients connect to both the Lync and WAC server through the Reverse Proxy. All traffic between Lync
and WAC stays on the internal network.

MICROSOFT INTERNAL TEACH

Conference Dial-Out for Non-Voice Enabled Users


Lync Server 2013 now allows participants who are
not Enterprise Voiceenabled to initiate dial-out
calls from a meeting conference. This feature is
configurable by the administrator.
Conferencing dial-outs for non-voice users will be
supported even if the Organizer is not voice
enabled:

No need for static routing configuration

New organizer conferencing policy setting to


enable dial-out for non-voice users

Requires granting a valid Voice Policy to nonvoice users

MCT USE ONLY. STUDENT USE PROHIBITED

5-8 Conferencing in Lync Server 2013

Dial-out behavior for mobile users stays the same as with Lync 2010 Cumulative Update 4 (CU4) (when
mobility was introduced).

Archiving for Conferences


You can archive two items with Lync 2013the
whiteboard and poll. Prior to Lync 2013, the
archiving was done on a three-tiered platform,
namely front-end (first tier), Archiving Server (midtier) and Database (third-tier). With Lync 2013, the
need for the mid-tier Archiving Server has been
removed because the Archiving Server role is
moved to the front-end server. When Archiving
captures information from different sessions in real
time, it caches the sessions as part of the overall
data replication scheme. High availability is
provided by replicating all that temporary data.
Hence, from a compliance perspective, if one front-end fails, that data is not lost.

Exchange preserves the mail box data in many different ways and levels. Lync 2013 offers two high-level
integrations with Exchange, with respect to Archiving:
1.

Exchange is the one place where you can configure archiving settings for the user for email, IM, and
Conference Archiving. In the past, without the Exchange integration, IM and Conference Archiving
had to be done on Lync.

2.

Information captured from Lync sessions is put directly into the Exchange mail boxes. Discovery tools
provided by Exchange can then be used to search for the Lync communication records.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-9

Deployment and Migration Considerations

MICROSOFT INTERNAL TEACH

Deployment Considerations
Determining which conferencing capabilities to
deploy depends not only on the features you want
available to your users, but also on your network
bandwidth capabilities. You should consider the
following factors when you want to deploy
conferencing.

Enabling Web Conferencing with


Collaboration and Application Sharing

To enable web conferencing that includes


document collaboration and application sharing, you must enable conferencing for your front-end pool in
the Lync Server Topology Builder. Enabling conferencing enables both web conferencing and A/V
conferencing.
Application sharing requires and uses more network bandwidth than document collaboration. Lync Server
2013 communications software provides a throttling mechanism to control each application-sharing
session. By default, this is set to 50,000 kilobits for each session.
If you do not want to enable application sharing, but you do want document collaboration, you can
enable conferencing, and use meeting policies to disable application sharing.

Enabling A/V Conferencing

If you want to enable A/V conferencing, you must enable conferencing for your front-end pool in the
Lync Server 2013 Topology Builder. Enabling conferencing enables both web conferencing and A/V
conferencing.

A/V conferencing requires and uses more network bandwidth than document collaboration. If you do not
want to enable A/V conferencing, but you do want web conferencing, you can enable conferencing and
use meeting policies to disable A/V conferences.

If you do want to enable audio conferences, but not video conferences, you can enable A/V conferencing,
and use meeting policies to prevent video conferences. Alternatively, you can enable A/V conferencing,
and allow only certain users to start or participate in A/V conferences.
Note A complete Enterprise Voice solution is not necessary for A/V conferencing. If you enable A/V
conferencing, users can add audio to their conferences if they have audio devices, even if you use a
private branch exchange (PBX) for your telephone solution.

Enabling Users to Join the Audio Portion of Conferences When Using a PSTN Phone
If you want to enable users to join the audio portion of conferences when using a PSTN phone, you
should deploy and enable dial-in conferencing. Invited users, both inside and outside your organization,
can then join the audio portion of conferences by using a PSTN phone.
Note Dial-in conferencing requires Enterprise Voice to be configured.

Enabling External Users with Lync Server 2013 Clients to Join the Conference

If you want to enable external users with Lync Server clients to join the types of conferences that you have
enabled, you should deploy Edge Servers. Allowing external participation in meetings maximizes an

MCT USE ONLY. STUDENT USE PROHIBITED

5-10 Conferencing in Lync Server 2013

MICROSOFT INTERNAL TEACH

organizations investment in Lync Server. For example, users with laptops with Lync Server 2013 can join
conferences from wherever they areat home, in an airport, or at customer siteswithout the need for a
PSTN connection.

Additionally, if you deploy Edge Servers, you can create federated relationships with other organizations
such as your customers or vendorsand users from those organizations can more easily collaborate with
your users.

Migration Considerations
You should also consider the following factors when migrating users.

Migrating Users Based on Their Conferencing Needs

Consider migrating frequent meeting organizers early in the process so that they can take advantage of
the new sharing, collaboration, and lobby management features of Lync Server 2013.

Migrating Existing Meetings and Meeting Content


When a user account is moved from Microsoft Office Communications Server 2007 R2 to a Lync Server
2013 server, the following information moves along with the user account:

Meetings already scheduled by the user. This only includes Communicator conference calls (conf: URL
scheme). Live Meetings are not migrated to Lync 2013. Users will need to reschedule these meetings
as new Lync meetings. This is discussed in more detail later in the course.

The users PIN. The users current PIN continues to work until it expires or the user requests a new
PIN.

The following information does not move to the new server:

Meeting content. You should advise meeting organizers to reload content into their scheduled
meetings, after migration.
Note Existing dial-in conferencing numbers work whether the meeting is hosted on Office
Communicator 2007 R2/Lync 2010 server or a Lync Server 2013 server. However, the latest Office
Communicator 2007 R2/Lync 2010 cumulative update is required on the Office Communicator 2007
R2/Lync 2010 server pools.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-11

Lesson 2

MICROSOFT INTERNAL TEACH

Designing for Audio/Video and Web Conferencing

Before you design for audio/video and web conferencing in a Lync Server 2013 deployment, you must
consider the business and compliance requirements. Designing for web conferencing will require you to
select between hosted and on-premises conferencing. You should be able to design audio/video and web
conferencing, design conferencing policies, and calculate network requirements for audio/video and web
data.

Lesson Objectives

Assess detailed business and compliance requirements.

Decide between hosted and on-premises conferencing.

Describe conferencing policies related to audio/video and web conferencing.

Design audio/video and web conferencing policies.

Design simple URLs.

Calculate network requirements for audio/video and web data.

Discussion: Assessing Business and Compliance Requirements


In most organizations, video, audio and web
conferencing features of Lync Server 2013 have
become an essential part of the conferencing
modalities. While assessing requirements for video
conferencing, remember that video conferencing
is intensive on central processing unit (CPU)
resources and network resources.
In this context, it is important that you discuss the
expected usage of video conferencing with
stakeholders and validate their expectations
during piloting. In addition, you should discuss the
general business requirements for conferencing
and compliance requirements.

MICROSOFT INTERNAL TEACH

Discussion: Choosing Between Hosted and On-Premises Conferencing


In the past, web conferencing was delivered as a
hosted-only service in the form of Microsoft Live
Meeting. With Microsoft Office Communications
Server 2007 and Microsoft Office
Communications Server 2007 R2, web
conferencing is integrated with audio, video, and
PSTN dial-in, and it is delivered as an on-premises
service.
The Lync Server 2013 platform allows complete
integration between on-premises and hosted
services because both solutions are built with the
same bits and have the same architecture. These
services are built by using Microsoft Lync Online and Microsoft Office 365.

MCT USE ONLY. STUDENT USE PROHIBITED

5-12 Conferencing in Lync Server 2013

As an infrastructure architect, you need to choose between on-premises and hosted services based on the
features and scalability that are required by the organization. Before choosing between on-premises and
hosted services, you need to analyze the following criteria:

Scalability. The service should enable hosting large multinational conferences by using Lync Online.

Support. The service should support users from many time zones and nationalities.

Time to deploy. The service should take less time to deploy. A hosted web conferencing service
solution needs less time to plan and design than an on-premises service solution.

Flexibility in deployment. The service should be easily deployable, for example, the head office onpremises, and certain branch offices online.

Conferencing Policies for Audio/Video and Web Conferencing


In Lync Server 2013, dial-in conferencing policies
related to audio/video and web conferencing are
handled at three different levelsGlobal, Site, and
User. You can apply these policies to two different
types of usersOrganizer Policy and Participant
Policy.
Before designing policies, you need to consider
the following default settings for each user type
and analyze how to configure each setting.

Organizer PolicyDefault Settings


The following are the default settings of the
Organizer Policy:

The maximum meeting size is 250.

Audio and video are enabled for meetings.

Anonymous users can be invited to meetings.

Meetings cannot be recorded.

If audio is enabled, users can dial in to the meetings by using PSTN.

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 5-13

If audio is enabled, anonymous users cannot dial out from meetings. To allow anonymous users to
dial out, you need to select the Allow anonymous users to dial out check box.

Data collaboration and annotations are allowed.

Content can be downloaded by external users.

PowerPoint decks are enabled.

Files can be transferred.

Meetings can be scheduled by using application sharing.

If schedule meetings are allowed, both application sharing and desktop sharing are allowed.

If application sharing is allowed, users can take control of the sharing.

If users are allowed to take control of the sharing, by default, external users cannot control shared
applications.

Participant PolicyDefault Settings


The following are the default settings of Participant Policy:

Peer-to-peer transfers are allowed.

Peer-to-peer recording is not allowed.

Participants can join with multiple video streams.


Question: At what levels can you assign conferencing policies for conferencing?

Designing Audio/Video and Web Conferencing Policies


In Lync Server 2013, you can design conferencing
policies for various features that you want to
control. To do this, you must plan the position of
essential communication features for security or
compliance requirements. In addition, you should
control the elements of platform scalability. The
following table outlines the design areas, notes or
limitations, and design decisions for scaling and
security.

Design area

Note/Limitation

Design decision

Scaling
Video

Audio and especially video


requires network bandwidth
and the processing power of
the CPU for the server and
client endpoints.

You can control the


bandwidth by changing the
video setting from VGA to
Common Intermediate
Format (CIF). Another option
is to enable video for sites
with sufficient bandwidth or
for groups of users who
require sufficient CPU

MICROSOFT INTERNAL TEACH

Design area

Note/Limitation

Design decision
processing power.
When the AllowMultiView
parameter is set to True, the
default value enables users
to schedule conferences that
allow multiview; that is,
clients can receive multiple
video streams during a
given conference. This
setting applies to the user
who organizes the
conference: if set to False,
no conference created by a
user affected by this policy
can include multiview.
However, the user can
participate in other
conferences where
multiview is allowed.

Meeting size

Each pool can host a meeting


for one through 250 users at a
time. While the meeting is in
progress, the pool can also
host other smaller conferences
for up to 125 users.
Lync Server 2013 can support
large meetings up to 1,000
participants. Supporting large
meetings of up to 1,000 users
requires creating an
appropriate topology,
meeting hardware and
software prerequisites, and
configuring the environment
appropriately.

If you require the system to


host large conferences, add
a separate pool for
conferencing. Alternatively,
you can apply a user-specific
conferencing policy to allow
a limited group of users to
create large conferences.

PSTN dial-in

Dial-in requires scaling of


PSTN access either through
gateways, Direct SIP, or SIP
trunks.

Depending on business
requirements and funding,
you have the option to allow
only groups of users or sites
access to the PSTN dial-in.

PSTN dial-out

Allow anonymous
conferencing users to dial-out
to their own phone number,
and join the audio portion of
a conference.

This is a good user-friendly


option for anonymous users
and depends on business
requirements. You must
note the server cost
implications on your
organization.

You can allow participants to


share your desktop and
applications during a

The security risk involves a


malicious user who can
share the content of the

Security
Application and
desktop sharing

MCT USE ONLY. STUDENT USE PROHIBITED

5-14 Conferencing in Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-15

MICROSOFT INTERNAL TEACH

Design area

Note/Limitation

Design decision

conference or a peer-to-peer
session.

screen containing sensitive


data. If you disable this
feature, it will severely
reduce the usability and the
profitability gains derived
from the solution.

Content download and


file transfer

You can allow all users to


download the content from
conferences that can be
authenticated, federated, and
anonymous. A similar security
option is to allow peer-topeer file transfers.

You need to control files


entering and leaving your
network because of malware
detection and
confidentiality. You should
discuss this with the
concerned stakeholders of
the organization, and then
set policies accordingly.

Anonymous
participants

Anonymous participants are


unauthenticated. You and
your federated partners can
identify these participants by
their email address.

SMTP traffic is usually


unencrypted, and therefore,
can be intercepted. With
information provided in the
email, a malicious user can
join a meeting and get
unintentional access to
information.

Preventing recording of
meetings

The meetings can be recorded


only on the local machines
from where the presenter or
attendee is joining the
meeting or audio call.

You should discuss this


concern with the security
organization. You must plan
whether the recording is to
be enabled for all
presenters, participants,
authenticated participants,
and anonymous users.

Question: Describe how security designs can drive the collaboration solution of an
organization?

Designing Simple URLs


A simple URL is used to simplify the URLs
displayed to users in a meeting. However,
internally, the SIP Uniform Resource Identifier
(URI) technically still remains the conference ID.
For example, consider the following URLs:

Simple URL:
https://meet.adatum.com/bill/VT9IKTHG

SIP URI:
sip:bill@adatum.com;gruu;opaque=app:conf:f
ocus:id:VT9IKTHG

The following are the three simple URLs that Lync


Server 2013 communications software supports:

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

5-16 Conferencing in Lync Server 2013

Meet. It is used as the base URL for all conferences in the site or organization. You can define a
different meet URL per SIP domain.

Dial-in. It enables access to the Dial-in Conferencing Settings webpage. This page displays conference
dial-in numbers with their available languages, assigned conference information, and in-conference
Dual Tone Multi-Frequency (DTMF) controls. This simple URL supports management of PIN and
assigned conferencing information.

Admin. It enables quick access to the Lync Server 2013 Control Panel. The design for simple URLs
applies to the Admin URL also. This simple URL is only used internally.

Simple URL scope

You can configure a global scope for simple URLs. You can specify multiple simple URLs for both dial-in
and meet, but only the meet URLs can be attached to a SIP domain. Having a separate meet URL per SIP
domain allows an organization to have multiple SIP domains with a separate identity to the outside world.
This is not possible for the dial-in page.

DNS design impact

These simple URLs require a Split brain DNS. The DNS records must be resolved differently for external
and internal clients. Externally, the DNS record must point to the reverse proxy, and internally the same
DNS record must point to the internal pool.
Using a split brain DNS, you can host a DNS zone on various networks with different DNS records.
Therefore, the fully qualified domain name (FQDN) can point the Internet to your reverse proxy, but the
same FQDN points to the pool in your internal deployment.

Discussion: Calculating Network Requirements for Conferencing Data


You need to consider a number of factors such as
audio/video payloads and network traffic sharing
bandwidth usages while calculating network
requirements for conferencing data. In addition,
you need to create the necessary assumptions
about profiling your design decisions to calculate
the number of concurrent sessions of different
media types. To create your own profiling, you can
refer to the Lync Server 2013 User Models section
of the Capacity Planning documentation.
The following table outlines audio codec and
payload for conferencing.
Audio codec

Audio payload bitrate


(Kbps)

G.722

64.0

G.722 Stereo

128.0

Siren

16.0

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-17

The following table outlines the video codec, resolution, and video payloads for conferencing.

MICROSOFT INTERNAL TEACH

Video Codec

Resolution and aspect ratio

Maximum video payload


bitrate (Kbps)

H.264

320x180 (16:9)
212x160 (4:3)

250

H.264/RTVideo

424x240 (16:9))
320x240 (4:3

350

H.264

480x270 (16:9)
424x320 (4:3)

450

H.264/RTVideo

640x360 (16:9)
640x480 (4:3)

800

H.264

848x480 (16:9)

1500

H.264

960x540 (16:9)

2000

H.264/RTVideo

1280x720 (16:9)

2500

H.264

1920x1080 (16:9)

4000

H.264/RTVideo

960x144 (20:3)

500

H.264

1280x192 (20:3)

1000

H.264

1920x288 (20:3)

2000

The following table outlines an example from the Lync Server 2013 user models that you can use to
profile network requirements for conferencing data.

Conferencing Model
Category
Scheduled meetings versus "Meet now"
meetings
Conferencing client distribution

Description
Scheduled: 60 percent
Unscheduled: 40 percent
The following are percentages of client
distributions for scheduled meetings:
Conferencing users for Lync Server 2013:
75 percent
Conferencing users for Microsoft Lync
Server 2013 Web App: 25 percent
The following are percentages of client
distributions for unscheduled meetings:
Conferencing users for Lync Server 2013:
65 percent
Conferencing users for previous versions
of clients, including Office Communicator
2007 R2 or Lync 2010: 30 percent
Conferencing users for Microsoft Lync

Category

Description
Server 2013 Web App: 5 percent

MICROSOFT INTERNAL TEACH

Meeting concurrency

Meeting audio distribution

About 5 percent of users will be in


conferences during working hours.
Therefore, in an 80,000-user pool, as many
as 4,000 users might be in conferences at
any one time.
About 40 percent of users for mixed VoIP
audio and dial-in conferencing, with a 3:1
ratio of VoIP users to dial-in users
VoIP audio: 35 percent
Audio for dial-in conferencing only: 15
percent
No audio (such as IM-only conferences): 10
percent

Lync Bandwidth Calculator


With the Lync Server 2013 Bandwidth Calculator,
you can enter information about your users and
the Lync Server features that you want to deploy,
and the calculator will determine bandwidth
requirements for the wide area network (WAN)
that connects sites in your deployment.
A Microsoft Excel spreadsheet that
calculates WAN bandwidth requirements for a
Lync Server deployment based on
administrator-specified user profiles and
network information. At the time of this
writing, the Lync 2013 version of this
calculator was not available.
http://go.microsoft.com/fwlink/?LinkId=273835

MCT USE ONLY. STUDENT USE PROHIBITED

5-18 Conferencing in Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-19

Lesson 3

Dial-In Conferencing in Lync Server 2013

MICROSOFT INTERNAL TEACH

Lesson Objectives

Describe the dial-in conferencing features in Lync Server 2013.

Describe the requirements for dial-in conferencing.

Describe the configuration options for dial-in conferencing in Lync Server 2013.

Describe the deployment steps for dial-in conferencing in Lync Server 2013.

Dial-In Conferencing Support


Dial-in conferencing supports the following types
of users:

Enterprise users. Enterprise users have Active


Directory Domain Services (AD DS)
credentials and Lync Server 2013 accounts
within their organization.

Anonymous users. Anonymous users do not


have enterprise credentials within an
organization.

Note In the dial-in conferencing context, a user


in a federated partners organization who uses the PSTN to connect to a conference is treated like an
anonymous user.

Enterprise Users Who Join a Dial-In Conference

Enterprise users or conference leaders who join a conference enabled for dial-in access can dial one of the
conference access numbers and then are prompted to enter the conference ID. If a leader has not yet
joined the meeting, users can either enter their unified communications (UC) extension (or full phone
number) and PIN, or wait to be admitted by a leader. Meeting organizers can join the meeting as a leader
by entering just their PIN from an authenticated device.

Authenticating Enterprise Users

The front-end server uses a combination of a full phone number or extension, and PIN, to uniquely map
enterprise users to their Active Directory credentials. As a result, enterprise users are authenticated and
identified by name in the conference. Enterprise users can also assume a conference role predefined by
the organizer.
Note Enterprise users who dial-in from an office IP phone or from Lync 2013 are not prompted for
their phone number because they are already authenticated.

Anonymous Users Who Join a Dial-In Conference

Anonymous users who want to join a dial-in conference can dial one of the conference access numbers
and they are prompted to enter the conference ID. Anonymous users are not admitted to the conference
until at least one leader or authenticated user has joined. Also, they cannot be assigned a predefined role

MCT USE ONLY. STUDENT USE PROHIBITED

5-20 Conferencing in Lync Server 2013

MICROSOFT INTERNAL TEACH

unless the meeting policy allows users dialing in to bypass the lobby. Unauthenticated anonymous users
are also prompted to record their name. The recorded name identifies unauthenticated users in the
conference.
Note Enterprise users who choose not to enter their phone number and PIN are not authenticated,
and thus, are prompted to record their name.

Closing or Locking Meetings


When scheduling a meeting, the meeting organizer can choose to restrict access to the meeting by
closing or locking the meeting. In this case, dial-in users are requested to authenticate. If they fail or
choose not to authenticate, they are transferred to the lobby, where they wait until a leader accepts or
rejects, them or they are timed out and then disconnected.

Dial-In Participants
Dial-in participants hear music if they are waiting to be admitted to the conference. After they are
admitted to a conference, dial-in users can participate in the audio portion of the conference and can
exercise dual-tone multi-frequency (DTMF) commands by using the phone keypad.
Dial-in participants, whether or not they dial from the PSTN, hear personal announcements during the
conference, such as whether:

They have been muted or unmuted.

The meeting is being recorded.

Someone is waiting in the lobby.

All dial-in participants can exercise DTMF commands to hear Help, listen to the conference roster, and
mute themselves.

Dial-in Leaders

Dial-in leaders and some client users can exercise DTMF commands to turn participants' ability to unmute
on or off, lock or unlock the conference, admit people from the lobby, and turn entry and exit
announcements on or off. Leaders and some client users can also use a DTMF command to admit
everyone from the lobby, which changes the permissions of the meeting to allow anyone who
subsequently joins.
Note Participants who join the conference by clicking a link, instead of dialing in, do not hear
personal announcements.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-21

Requirements for Dial-in Conferencing

MICROSOFT INTERNAL TEACH

Hardware and Software Requirements


In addition to the hardware and software
requirements for front-end servers, other
requirements include Application service,
Conferencing Attendant, Conferencing
Announcement, the Dial-In Conferencing settings
webpage, and at least one Mediation Server/PSTN
Gateway.

Conferencing Attendant and Conferencing


Announcement require that Windows Media
Format Runtime is installed on front-end servers;
this is included in the Windows Desktop Experience in Windows Server 2008 R2, or in the Microsoft Media
Foundation in Windows Server 2012.
Windows Media Format Runtime is required to play Windows Media Audio (WMA) files that are used for
music on hold, recorded names, and prompts. Windows Media Format Runtime is installed automatically
when you run Setup.
Note We recommend that you install Windows Media Format Runtime before you run Setup because
Windows Media Format requires you to restart your computer after it is installed.

Port Requirements

If you use a load balancer, ensure that the load balancer is configured for the ports used by any
applications that will run in the pool. These ports are default settings that you can change by using the
Set-CsApplicationServer cmdlet.
Note All instances of the same application in a pool use the same SIP listening port.
The following table lists and describes the ports that are used by dial-in conferencing.
Port
number

Description

5072

Used by Conferencing Attendant for SIP listening requests

5073

Used by Conferencing Announcement for SIP listening requests

Audio File Requirements

Lync Server 2013 does not support customization of voice prompts and music for dial-in conferencing.
Conferencing Attendant and Conferencing Announcement have the following requirements for music on
hold, recorded name, and audio prompt files:

WMA file format

16-bit mono

48 kbps 2-pass constant bit rate (CBR)

Speech level at -24decibals

MCT USE ONLY. STUDENT USE PROHIBITED

5-22 Conferencing in Lync Server 2013

Note If you have a strong business need that requires you to change the default voice prompt or music
file, you can customize your media files by following the procedure found in the article located at
http://go.microsoft.com/fwlink/?LinkId=210264.

MICROSOFT INTERNAL TEACH

Authenticated User Requirements

Dial-in conferencing users must have a unique phone number or extension assigned to their account. This
requirement supports authentication during dial-in. Enterprise users (that is, users who have AD DS
credentials and Lync Server 2013 accounts within your organization) enter their phone number (or
extension) and a PIN to dial-in to conferences as authenticated users.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-23

MICROSOFT INTERNAL TEACH

Configuration Options for Dial-in Conferencing


The Lync Server 2013 communications software
contains several components that are used for
dial-in conferencing. These components are
automatically installed and activated when a pool
server is configured with dial-in conferencing
within the Topology Builder.

Application Service
Application service provides a platform for
deploying, hosting, and managing unified
communications (UC) applications. Dial-in
conferencing uses two UC applications that
require Application serviceConferencing
Attendant and Conferencing Announcement.

Conferencing Attendant

Conferencing Attendant is a unified communications application that accepts PSTN calls, plays prompts,
and joins the calls to an A/V conference. When a user is prompted to enter their conference information,
Conferencing Attendant uses interactive voice response (IVR). When the call is connected to the
conference, Conferencing Attendant backs out and client access server (CAS) takes over.

Conferencing Announcement

Conferencing Announcement is a UC application that plays tones and prompts to PSTN participants on
certain actions, such as when participants join or leave a conference, participants are muted or unmuted,
someone enters the conference lobby, or the conference is locked or unlocked. Conferencing
Announcement also supports DTMF commands from the phone keypad.

Dial-in Conferencing Settings Webpage

The Dial-in Conferencing Settings webpage displays conference dial-in numbers with their available
languages, assigned conference information (for meetings that do not need to be scheduled), and inconference DTMF controls. It also supports management of PIN and assigned conferencing information.
The Dial-in Conferencing Settings webpage is automatically installed as part of web services.

Lync Server 2013 Mediation Server and PSTN Gateway

Dial-in conferencing requires a Mediation Server to translate signaling between Lync Server 2013 and the
PSTN. For dial-in conferencing, you must deploy at least one Mediation Server and at least one of the
following:

A PSTN gateway

An IP-PBX

A Session Border Controller (SBC) for an Internet telephony service provider to which you connect by
configuring a SIP trunk

Note If your Lync design includes Enterprise Voice, Mediation Servers and PSTN connectivity options
will already be part of the deployment. If you are not deploying Enterprise Voice, you will need to
deploy at least one Mediation Server and at least one PSTN connectivity option for dial-in conferencing
to function.

File Store
File store is used for recorded name audio files. File store is a standard component in every Enterprise
Edition or Standard Edition deployment.

MICROSOFT INTERNAL TEACH

User Store
User store is used to store user Lync Server 2013 PINs. PINs are encrypted. The user store is a standard
component in every Lync Server 2013 Enterprise Edition or Lync Server 2013 Standard Edition
deployment.

Lync Server Control Panel


Some dial-in settings can be configured by using Lync Server Control Panel. For example, Lync Server
Control Panel can be used to configure Conferencing Policy settings that specify whether a PSTN
conference dial-in is enabled or whether users can invite anonymous participants to a conference.

Lync Server Management Shell


All dial-in settings can be configured by using Lync Server Management Shell cmdlets. Lync Server
Management Shell cmdlets are available for deploying, configuring, running, monitoring, and
troubleshooting Conferencing Attendant and Conferencing Announcement.

MCT USE ONLY. STUDENT USE PROHIBITED

5-24 Conferencing in Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-25

Deploying Dial-In Conferencing

MICROSOFT INTERNAL TEACH

Before you can configure dial-in conferencing, you


need to deploy either Enterprise Voice or a
Mediation Server and a PSTN connectivity option.
All the steps described in the following section
must be performed before users can dial-in from
the PSTN to join an audio/video conference.
Note If you are migrating from Office
Communications Server 2007 R2, you must
apply at least Cumulative Update 5 (CU5) to
your Office Communications Server 2007 R2
environment before deploying dial-in
conferencing. CU5 supports participants dialing Office Communications Server 2007 R2 access
numbers to join Lync Server 2010/2013 conferences.

Step 1: Create a Topology.

Create a topology that includes the Conferencing workload, along with a Mediation Server and PSTN
gateway, and deploy the front-end pool or Standard Edition server. You can also update or modify a
topology configuration by performing the following step:

Run Topology Builder, and then click the dial-in conferencing option.

Note This step is required only if you do not deploy Enterprise Voice and do not collate the
Mediation Server with the Enterprise Edition front-end server or Standard Edition server. If you deploy
Enterprise Voice, you install and configure Mediation Servers and PSTN gateways as part of the
Enterprise Voice deployment. If you collate the Mediation Server, you install and configure the
Mediation Server as part of the front-end pool or Standard Edition server deployment.
The following permissions are required to create a topology:

Domain Admins Group

RTCUniversalServerAdmins Group

CsVoiceAdminstrator

CsAdminstrator

Step 2: Configure Dial Plans for Dial-In Conferencing.

If you deploy Enterprise Voice, you set up dial plans as part of that deployment, and you need to ensure
that the dial plans also accommodate dial-in conferencing. If you do not deploy Enterprise Voice, you
need to set up dial plans for dial-in conferencing.
Use the Lync Server Control Panel or Lync Server Management Shell to set up dial plans as follows:
1.

Create one or more dial plans for routing dial-in access phone numbers.

2.

Assign a default dial plan to each pool. Set the Dial-in conferencing region to the geographic location
to which the dial plan applies. The region associates the dial plan with dial-in access numbers.

The following permissions are required to configure dial plans for dial-in conferencing:

CsVoiceAdminstrator

CsAdministrator

Step 3: Ensure Dial Plans Are Assigned Regions.

MCT USE ONLY. STUDENT USE PROHIBITED

5-26 Conferencing in Lync Server 2013

MICROSOFT INTERNAL TEACH

Run the Get-CsDialPlan and Set-CsDialPlan cmdlets to ensure that all dial plans have a region assigned,
or set the region by using the Lync Server Control Panel.
The following permissions are required to ensure dial plans for assigned regions:

CsVoiceAdminstrator

CsAdministrator

Step 4: Verify PIN Policy Settings (Optional).

Use Lync Server Control Panel or Lync Server Management Shell to view or modify the conferencing PIN
Policy. You can specify minimum PIN length, maximum number of logon attempts, PIN expiration, and
whether common patterns are allowable.
The following permission is required to verify policy settings:

CsAdministrator

Step 5: Configure Conferencing Policy for Dial-in Conferencing.

Use Lync Server Control Panel or Lync Server Management Shell set-csdialinconferencingconfiguration to
configure Conferencing Policy settings. Specify whether:

PSTN conference dial-in is enabled.

Users can invite anonymous participants.

Unauthenticated users can join a conference by using a dial-out phone. With dial-out phone, the
conference server calls the user, and the user answers the phone to join the conference.

The following permission is required to configure conferencing policy for dial-in conferencing:

CsAdministrator

Step 6: Configure Dial-In Conferencing Access Numbers

Use Lync Server Control Panel or Lync Server Management Shell to set up dial-in access numbers that
users call to dial-in to a conference, and specify the regions that associate the access number with the
appropriate dial plans. The first three access numbers for the region specified by the organizer's dial plan
are included in the conference invitation. All access numbers are available on the Dial-in Conferencing
Settings webpage.
Note After you create dial-in access numbers, you can use the SetCsDialInConferencingAccessNumber cmdlet to modify the display name of the Active Directory
contact objects, so that users can more easily identify the correct access number.
The following permission is required to configure dial-in conferencing access numbers:

CsAdministrator

Step 7: Verify Dial-in Conferencing Settings (Optional).

Use the Get-CsDialinConferencingAccessNumber cmdlet to search for dial plans that have a dial-in
conferencing region that is not used by any access number, and for access numbers that have no region
assigned.
The following permissions are required to verify dial-in conferencing settings:

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 5-27

CsAdministrator

CsViewOnlyAdministrator

CsServerAdminstrator

CsHelpDesk

Step 8: Modify Key Mapping for DTMF Commands (Optional).

Use the Set-CsDialinConferencingDtmfConfiguration cmdlet to modify the keys used for DTMF
commands, which participants can use to control conference settings (such as mute and unmute, or lock
and unlock).
The following permission is required to modify mapping for DTMF commands:

CsAdministrator

Step 9: Modify Conference Join and Leave Announcements (Optional).

Use the Set-CsDialinConferencingConfiguration cmdlet to change how announcements work when


participants join and leave conferences.
The following permission is required to modify conference join and leave announcements:

CsAdministrator

Step 10: Test Dial-in Conferencing (Optional).

Use the Test-CsDialInConferencing cmdlet to test that the access numbers for the specified pool work
correctly.
The following permission is required to test dial-in conferencing:

CsAdministrator

Step 11: Configure User Account Settings.

Use Lync Server Control Panel or Lync Server Management Shell to configure the telephony line URI as a
unique, normalized phone number (for example, tel:+14255550200; ext=0200).
The following permissions are required to configure user account settings:

CsAdministrator

CsUserAdminstrator

Step 12: Welcome Users to Dial-in Conferencing and Set the Initial PIN (Optional).
Use the Set-CsPinSendCAWelcomeMail script to set users' initial PINs and send a welcome email
message that contains the initial PIN and a link to the Dial-in Conferencing Settings webpage.
For example: Set-CsPinSendCAWelcomeMail UserUri user@fabrikam.com SmtpServer
mail.fabrikam.com From admin@fabrikam.com.

The following permissions are required to welcome users to dial-in conferencing and set the initial PIN:

CsAdministrator

CsUserAdminstrator

Lesson 4

MICROSOFT INTERNAL TEACH

Managing and Administering Conferencing

MCT USE ONLY. STUDENT USE PROHIBITED

5-28 Conferencing in Lync Server 2013

Most of the policy settings that determine Lync Server 2013 conferencing are configurable through Lync
Server Control Panel. However, there are several essential policies and settings that impact conferencing
and that can only be configured by using Lync Server Management Shell. You should, therefore, know
how to manage and administer conferencing policies by using Lync Server Control Panel and Lync Server
Management Shell.

Lesson Objectives

Manage and administer conferencing by using Lync Server Control Panel.

Manage and administer conferencing by using Lync Server Management Shell.

Describe conferencing polices in Lync Server 2013.

Using Lync Server Control Panel to Manage and Administer Conferencing


Policies
Creating a New User Policy
The conferencing policy is one of the individual
settings of a user account that can be configured
in Lync Server Control Panel. The following
procedure describes how to create a new user
policy:
1.

Open Lync Server Control Panel.

2.

On the left navigation bar, click


Conferencing.

3.

On the Conferencing Policy tab, click New,


and then click User policy.

4.

In the New Conferencing Policy dialog box, in the Name box, type the policy name.

5.

To modify the default policy settings, choose from any of the following options.

Setting
Maximum meeting size
Allow users to invite anonymous users
Enable recording
Audio/video
Maximum video resolution allowed for
conferencing
Data collaboration:
Allow external users to download content

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-29

Setting
Allow users to transfer files

MICROSOFT INTERNAL TEACH

Allow users to transfer files by using peer-topeer


Enable the use of annotations
Allows users to schedule meetings with
application sharing
Allows users to take control
Allow external users to control shared
applications
6.

Click Commit.

Important Lync Server Control Panel cannot be used to manage users who are members of the
Active Directory Domain Admins group. For Domain Admin users, you can use Lync Server Control
Panel only to perform read-only search operations. To perform write operations as Domain Admin
users, such as enable or disable for Lync Server, change pool or policy assignments, telephony
settings, SIP address, or perform other tasks, you must use Windows PowerShell cmdlets while logged
on as a Domain Admin.

Modifying the Default Global Conferencing Policy

The default conferencing policy defines your global-level meeting policies at the forest level for your
organization. The following procedure describes how to use Lync Server Control Panel to make changes
to the global policy.
1.

Open Lync Server Control Panel.

2.

On the left navigation bar, click Conferencing.

3.

On the Conferencing Policy tab, double-click the Global policy to open the Edit Conferencing
Policy dialog box.

4.

In the Edit Conferencing Policy dialog box, choose from any of the following options.

Setting
Maximum meeting size
Allow participants to invite anonymous users
Enable recording
Audio/video
Maximum video resolution allowed for
conferencing
Data collaboration:
Allow federated and anonymous participants
to download content

Setting
Allow participants to transfer files
Enable annotations

MICROSOFT INTERNAL TEACH

Enable polls
Application sharing
Allow participants to take control
Allow federated and anonymous participants to
take control
Enable peer-to-peer file transfer
Enable peer-to-peer recording
5.

Click Commit.

MCT USE ONLY. STUDENT USE PROHIBITED

5-30 Conferencing in Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-31

Using Lync Server Management Shell to Manage and Administer


Conferencing Configuration

MICROSOFT INTERNAL TEACH

To use cmdlets to configure conferencing settings


for Lync Server 2013:
1.

Open Lync Server 2013 Management Shell.

2.

Run the following cmdlet.

GetCsConferencingConfiguration

This cmdlet returns the conferencing configuration


settings.
3.

Run the following cmdlet with the options you


want to change.

Set-CsConferencingConfiguration

Note You can also create additional sets of conferencing configuration settings for specific sites. Use
the New-CsConferencingConfiguration cmdlet with a site identity. When you create new
conferencing configuration settings for sites, the site settings take precedence over the global
settings.

MICROSOFT INTERNAL TEACH

Conferencing Configuration Settings


Conferencing configuration settings determine
such factors as the maximum allowed size for
meeting content, the content grace period, and
the URLs for the internal and external downloads
of the supported client.

Content
The content-related setting includes:

ContentGracePeriod. Indicates how long


conference content will remain on the server
after the end of the conference. The
ContentGracePeriod must be specified by
using the format: Days:Hours:Minutes:Seconds.

MaxContentStorageMb. Maximum amount of file space (in megabytes) allowed for the storage of
meeting content.

Media
The media-related settings include:

MCT USE ONLY. STUDENT USE PROHIBITED

5-32 Conferencing in Lync Server 2013

ClientMediaPort. Represents the starting port number used for client media.

ClientMediaPortRange. Indicates the total number of ports available for client media.

ClientMediaPortRangeEnabled. When set to True, clients will use the specified port range for media
traffic. When set to False (the default value) any available port (from port 1024 through port 65535)
will be used to accommodate media traffic.

Audio
The audio-related settings include:

ClientAudioPort. Represents the starting port number used for client audio.

ClientAudioPortRange. Indicates the total number of ports available for client audio.

Video
The video-related settings include:

ClientVideoPort. Represents the starting port number used for client video.

ClientVideoPortRange. Indicates the total number of ports available for client video.

Application Sharing
The client application sharing-related settings include:

ClientAppSharingPort. Represents the starting port number used for application sharing.

ClientAppSharingPortRange. Indicates the total number of ports available for application sharing.

MaxBandwidthPerAppSharingServiceMb. Indicates the maximum amount of bandwidth (in


megabytes) set aside for the Application Sharing Conferencing service.

File Transfer
The client file transfer-related settings include:

ClientFileTransferPort. Represents the starting port number used for file transfers.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-33

ClientFileTransferPortRange. Indicates the total number of ports available for file transfers.

SIP

MICROSOFT INTERNAL TEACH

The SIP-related settings include:

ClientSipDynamicPort. Represents the starting port number used for SIP traffic.

ClientSipDynamicPortRange. Indicates the total number of ports available for SIP traffic.

Organization
The organization-related setting includes:

Organization. The name of the organization hosting the conference.

Help Desk
The help desk-related settings include:

HelpDeskInternalUrl. URL where internal users who click Help during a conference will be directed.

HelpDeskExternalUrl. URL where external users who click Help during a conference will be directed.

Console Download
The console download-related settings include:

ConsoleDownloadInternalUrl. URL where internal users can download a supported client.

ConsoleDownloadExternalUrl. URL where external users can download a supported client.

Lab: Conferencing in Microsoft Lync Server 2013

MICROSOFT INTERNAL TEACH

Scenario

MCT USE ONLY. STUDENT USE PROHIBITED

5-34 Conferencing in Lync Server 2013

Adatum Services currently utilizes outside services for voice and data conferencing. Using current Lync
2013 investment, you will configure and deploy voice conferencing per region and provide each user with
the correct number based on their location-using policies.

Objectives
1.

Deploy the Web Apps Component server for Microsoft Lync Server 2013.

2.

Configure multiple dial-in conferencing numbers.

3.

Configure conferencing global, site and user policies.

4.

Test and verify the conferencing experience.

Lab Setup
Estimated Time: 75 minutes
The goal of this lab is to:

Introduce the new UC client and help build an understanding of its integration components.

Create and configure policies to manage conferencing settings.

Exercise 1: Deploying Lync Server 2013 ConferencingInstalling Office


Web App Server
Scenario
In this exercise you will be deploying Office Web App server with the following configurations:

Fully qualified domain name (FQDN) : lon-wac01.adatum.com.

Office Web Apps server discovery URL : https://lon-wac01.adatum.com/hosting/discovery/

Do the same for London pool.

Associate the Web App Server with Redmond and London pool.

The main tasks for this exercise are as follows:


1. Start the virtual machines.
2. Associate the WAC server to the pool.
3. Publish the topology.
4. Create a certificate request.
5. Process the certificate request.
6. Import the new certificate.
7. Install Office Web Apps Server 2013.
8. Load the Office Web Apps Windows PowerShell module.
9. Create the new web applications farm.
10. Verify the Office Web Apps configuration.
11. Verify WAC Server URL Discovery.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-35

Task 1: Start the virtual machines.


Start the virtual machines

Task 2: Associate the WAC server to the pool.

MICROSOFT INTERNAL TEACH

Associating the WAC Server to the Pool

Task 3: Publish the topology.


Publish the Topology

Task 4: Create a certificate request.


Create a certificate request.

Task 5: Process the certificate request.


Process the Certificate request.

Task 6: Import the new certificate.


Import the new certificate

Task 7: Install Office Web Apps Server 2013.


Install Office Web Apps Server 2013

Task 8: Load the Office Web Apps Windows PowerShell module.


Load the Office Web Apps Windows PowerShell module

Task 9: Create the new web applications farm.


Create the New Web Applications Farm.

Task 10: Verify the Office Web Apps configuration.


Verify the Office Web Apps Configuration

Task 11: Verify WAC Server URL Discovery.


Verify WAC Server URL Discovery

Exercise 2: Configuring Dial-in Conferencing


Scenario
In this exercise you will setup Web App server in your Lync deployment and setup a data conference
where one user will share a power point deck. You will also configure dial in conferencing with the
following configurations:

US Dial-in Conferencing Number +14255552345, SIP URI USCAA.

UK Dial-in Conferencing Number +442055554567, SIP URI UKCAA

Important On all virtual machines, verify that all the services set to start automatically have started. Most
notably, check the Exchange, SQL Server, and Lync Server 2013 services. To do so, click Start, click
Administrative Tools, and then click Services. In the Services console, verify that all services set to
Automatic start have started. If not, right-click the service, and then click Start.
The main tasks for this exercise are as follows:
1. Configure regions for the dial plans.
2. Create the dial-in access number for the US region.

3. Create the dial-in access number for the UK region.


4. Test the dial-in access numbers.

Task 1: Configure regions for the dial plans.

MICROSOFT INTERNAL TEACH

Configure regions for the dial plans.

Task 2: Create the dial-in access number for the US region.


Create the dial-in access number for the U.S. region.

Task 3: Create the dial-in access number for the UK region.


Create the dial-in access number for the UK region.

Task 4: Test the dial-in access numbers.


Test the dial-in access numbers.

MCT USE ONLY. STUDENT USE PROHIBITED

5-36 Conferencing in Lync Server 2013

Results: After completing this exercise, you should have configured dial-in conferencing, first by
configuring Regions for the dial plans, and then configuring US and UK dial-in access numbers. Then, you
used the Lync Server 2013 Management Shell to test the conferencing numbers.

Exercise 3: Configuring Conferencing Policies


Scenario
In this exercise you will Create four different conferencing policies:

Global with following parameters Allow participants to invite anonymous users, disable Enable PSTN
dial-in conferencing, disable Data collaboration disallow participants to take control, allow application
sharing and disallow peer to peer file transfer.

Site for London the Maximum meeting size should be 100, allow Recording, and enable PSTN dial-in
conferencing.

Site for Redmond the Maximum meeting size should be 100, disallow Recording, and enable PSTN
dial-in conferencing.

User with Description Adatum Unrestricted Conferencing Policy, allow Recording, allow federated and
anonymous participants to record, allow anonymous participants to dial out, allow federated and
anonymous participants to take control and Enable peer-to-peer recording

Assign users Adam Barr and Alex Darrow global conferencing policy and do the required testing. And
then assign them Unrestricted conferencing policy and do the required testing.
The main tasks for this exercise are as follows:
1. Edit the global conferencing policy.
2. Create the site conferencing policies.
3. Create a user conferencing policy.
4. Configure users for conferencing.

Task 1: Edit the global conferencing policy.


Edit the global conferencing policy.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 5-37

Task 2: Create the site conferencing policies.


Create the site conferencing policies.

Task 3: Create a user conferencing policy.

MICROSOFT INTERNAL TEACH

Create a user conferencing policy.

Task 4: Configure users for conferencing.


Configure Users for Conferencing

Results: After completing this exercise, you should have edited the global conferencing policy, created
two site policies and one unrestricted user policy.

Exercise 4: Experiencing Lync Server 2013 Conferencing


Scenario

In this exercise, you will test the dial-in conferencing user experience, review the various conferencing
policies being applied, and see their resulting restrictions. Test the remaining modalitiesmulti-party, IM,
audio, and application sharing (including file transfer). You will then assign the user conferencing policy to
Adam and Joe, and view it being applied.
The main tasks for this exercise are as follows:
1. Experience dial-in conferencing.
2. Test and verify conferencing.
3. Assign conferencing policies to users.

Task 1: Experience dial-in conferencing.


Experience dial-in conferencing.

Task 2: Test and verify conferencing.


Test and verify conferencing.

Task 3: Assign conferencing policies to users.


Assign conferencing policies to users.

Results: After completing this exercise, you should have tested and verified the dial-in conferencing
access numbers you earlier configured. You also tested and verified the application of conferencing
policies, and reviewed the features of Lync Server 2013 conferencing.

Module Review and Takeaways

MICROSOFT INTERNAL TEACH

Best Practice:
Interoperability Considerations for Video Conferencing
You should be aware of the different types of experience that users may have during the coexistence
phase of migration, when there is interoperability between legacy clients and a Lync Server 2013 pool,
or Lync Server 2013 clients and a legacy pool.
Lync Server 2013 Pools
Users may experience the following when a legacy client is used in a Lync Server 2013 pool:

MCT USE ONLY. STUDENT USE PROHIBITED

5-38 Conferencing in Lync Server 2013

For two-party calls, video resolution is the same as in the legacy pool.

For multiparty conferences, video resolution and video conferencing features are the same as in the
legacy pool. Gallery View and high resolution are not available.

Legacy Pools
Users may experience the following when a Lync Server 2013 client is used in a legacy pool:

For two-party calls, Lync Server 2013 clients can use new features such as:
o

H.264, which is available if both participants use Lync Server 2013 clients.

The Lync Server 2013 client uses the default value for TotalReceiveVideoBitRateKb, because the
legacy server does not send this information with in-band provisioning.

For multiparty conferences, video resolution and video conferencing features are the same as
experienced by a legacy client in the legacy pool.

When a legacy server hosts a Lync Server 2013 client, it is possible to configure video conferencing
bandwidth so that all users in the pool receive only low-resolution video, but send high-resolution
video. An example of this is when MaxVideoRateAllowed is set to CIF-250K in the media configuration
and VideoBitRateKb is set to 2,000 kbps in the conferencing policy. The effect in this situation is that
high resolution is not possible for users in the pool.
Because MaxVideoRateAllowed is no longer used for Lync Server 2013 clients, it cannot prevent Lync
Server 2013 clients from requesting high-resolution video. Instead, set VideoBitRateKb in the
conferencing policy for all users in the pool to the same value as MaxVideoRateAllowed (that is, CIF is
set to 250 kbps, or VGA is set to 600 kbps, or HD is set to 1,500 kbps).

Review Question(s)
Question: What is another option for providing external access to Office Web Apps server?
Question: Does dial-in conferencing support media bypass?

MCT USE ONLY. STUDENT USE PROHIBITED


6-1

MICROSOFT INTERNAL TEACH

Module6
Designing and Deploying External Access
Contents:
Module Overview

6-1

Lesson 1: Conferencing and External Capabilities of Lync Server 2013

6-2

Lesson 2: Planning for IM and Presence Federation

6-10

Lesson 3: Designing Edge Services

6-15

Lab: Designing and Deploying for External Scenarios

6-27

Module Review and Takeaways

6-30

Module Overview

Microsoft Lync Server 2013 contains a number of external access components and capabilities, and
you need to use these components in you design, to meet the organizations needs. You should be able
to design a solution for external scenarios that support a variety of internal and external users connected
to the Internet, so that they can access their corporate network or the public switched telephone network
(PSTN) for conferencing.

Objectives

Describe the conferencing capabilities of Lync Server 2013.

Design audio and video for web conferencing.

Plan for instant message and presence federation.

Design Edge Services.

Lesson 1

MICROSOFT INTERNAL TEACH

Conferencing and External Capabilities of Lync Server


2013

MCT USE ONLY. STUDENT USE PROHIBITED

6-2 Designing and Deploying External Access

Lync Server 2013 is a Unified Communications platform; therefore, conferencing is the main focus of the
software. While deploying Lync Server 2013, you need to plan for Presence and instant messaging (IM),
audio/video conferencing, and web conferencing. You will also need to consider users outside the firewall
who may be using the Extensible Messaging and Presence Protocol (XMPP) Gateway. To control the types
of communications that travel across the firewall, you can create global policies. You can also design the
various conferencing capabilities that comprise a Lync Server 2013 solution. You should also be able to
use the security features in conferencing and external scenarios.

Lesson Objectives

Describe the conferencing capabilities of Lync Server 2013.

Describe Public Instant Messaging in Lync Server 2013.

Describe the XMPP Gateway features.

Describe controlling usage through policies.

Describe the security features in conferencing and external scenarios.

Conferencing Capabilities of Lync Server 2013


Lync Server 2013 is a Unified Communications
platform that provides conferencing capabilities
from a single unified server. Although internal
conferencing is useful for your organization, the
capability of conferencing with external partners is
equally valuable. Lync Server 2013 provides
conferencing facilities for both internal and
external users. You can use the Lync Server 2013
for the following conferencing needs:

Instant messaging conferencing

Web conferencing

Audio conferencing

Video conferencing

PSTN conferencing, including the combination of PSTN and audio conferencing

Audio conferencing provider (ACP) integration (online only)

Integration with third-party audio/video Session Initiation Protocol (SIP) endpoints and multipoint
control units (MCUs)

Although there are a variety of access methods and client versions that provide varied conferencing
capabilities, Lync Server 2013 provides a rich conferencing experience. As part of your solution design,
you must assess the best solution for each of your user scenarios.
Question: In your opinion, are there any important conferencing modalities missing from
Lync Server 2013?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-3

MICROSOFT INTERNAL TEACH

Overview of Public Instant Messaging


The use of Internet for Presence and instant
messaging (IM), audio/video, and web
conferencing has evolved from private usage to
widespread business usage. As a result, Unified
Communications (UC) now offers Presence and IM
to most of its vendors. Private consumers and
some small-sized business organizations use these
Public Instant Messaging products as their primary
UC tool. However, these Public IM products might
be inadequate in terms of security, central
management, compliance management, and
records retention.

Solution with Lync Server 2013

Lync Server 2013 provides a Public IM Connectivity (PIC) service that enables users to integrate the IM
client with instant messaging applications such as Windows Live Messenger and Skype. Using PIC,
users can get the required security and compliance management that Lync Server 2013 provides. Besides
integration with various instant messaging applications, PIC also provides peer-to-peer audio and video
between Lync Server 2013 clients and Windows Live Messenger 2011, and later.
At release, Lync Server 2013 will also provide PIC to the Skype service, and peer-to-peer instant
messaging, Presence, and audio collaboration.

PIC Provisioning Process

PIC provisioning is completed by checking that you have the appropriate licenses, and then by filling out
a form with details about your organization, supported SIP domains, and your technical setup. Before you
do this, you should plan your firewall and Edge Server configuration according to the PIC provisioning
guide, and plan the access for the necessary IP addresses and firewall ports.
During the PIC provisioning process, some of the tasks that need to be completed are:

Preparing the provisioning process on time.

Managing any namespace collisions between existing Windows Live Messenger users and the Lync
Server 2013 implementation.

PIC does not support Domain Name System (DNS) load balancing for your Edge Servers.

Email Name as Sign-in Name (EASI) Domains

Another challenge for PIC provisioning is with regard to domains. Windows Live Messenger supports EASI
domains, also referred to as vanity domains. Suppose a user has already signed up for Windows Live
Messenger with, for example, user@adatum.com, and the organization starts the PIC provisioning process.
After completing the process, the user will have to change his or her existing Windows Live ID to a new
ID. Additionally, if you want to add the user@easidomain.com address, you have to enter the syntax: user
(easidomain.com)@msn.com, instead of just typing in the Uniform Resource Locator (URL).
Question: Lync Server 2013 provides security and compliance as long as communication is
internal to the organization. What happens after traffic leaves the Lync Server 2013 Edge
Server and travels to the PIC user? Is security still guaranteed?

MICROSOFT INTERNAL TEACH

Features of XMPP Gateway


The XMPP gateway enables Lync Server 2013 users
to communicate with users who use XMPP-based
IM, and Presence providers. The XMPP Gateway
provides the following features for end-users:

Add and delete each other as contacts.

Publish Presence and subscribe for each


others Presence.

Engage in one-to-one IM conversations.

You can use XMPP Gateway in three different


scenariospublic federation and hosted network,
federation between two organizations, and onpremises deployment with Jabber.

Public Federation with Hosted Network

MCT USE ONLY. STUDENT USE PROHIBITED

6-4 Designing and Deploying External Access

This deployment deals with the federation of Lync Server 2013 users with hosted users across the public
Internet cloud. For this topology, you should deploy the XMPP gateway on the public network.

Federation between Two Organizations

This deployment tackles the communication between Lync Server 2013 users who are present in one
domain and communicating with Jabber users installed in another domain across the Internet cloud. For
this topology, you can deploy Lync Server 2013, Edge Server, and the XMPP gateway in one organization,
and the XMPP Server in the other organization.

On-Premises Deployment with Jabber

This deployment deals with the communication of Lync Server 2013 users with Jabber users. For this
topology, you can deploy Lync Server, Edge Server, and the XMPP gateway in one sub-domain, and XMPP
Server in the other sub-domain.
Question: Can you describe the available deployment models? In which scenarios are these
models most appropriate?

Lync Server 2013 XMPP Federation


Lync Server 2013 introduces a fully integrated
XMPP proxy (deployed on the Edge Servers) and
an XMPP gateway deployed on your front-end
servers. You can deploy XMPP federation as an
optional component. Adding and configuring the
XMPP proxy and XMPP gateway will enable your
Microsoft Lync 2013 users to add contacts from
XMPP-based partners for instant messaging and
Presence.
Note: Currently, the XMPP services in Lync
Server 2013 only provide instant messaging and
Presence between Lync clients and XMPP-based contacts.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-5

MICROSOFT INTERNAL TEACH

Previous versions of Lync Server and Office Communications Server provided an XMPP gateway that could
be deployed as a separate server role to allow federating with XMPP deployments. In Microsoft Lync
Server 2013, the XMPP functionality can be deployed as a feature. XMPP functionality is installed in two
parts: an XMPP proxy that runs on the Edge Server, and the XMPP gateway that runs on the front-end
servers.

XMPP FederationArchitecture
The following improvements have been made in
XMPP Federation:

XMPP has been made a first class federation


route that is built into the Edge Servers.
o

XMPP is set up the same way as


federation.

XMPP has the same limitations (in and out


through the one Edge pool).

The second Edge pool is used for High


Availability (HA)/Disaster Recovery (DR).

Google Talk is the tested scenario, but is prevented from opening to other XMPP gateways.
o

Multiple SIP domains are now supported.

Usage Control through Policies


You can control the flow of communication across
the firewall by creating global policies. Global
policies check the communication flow between
users on either side of the firewall. Configuring
settings also checks the communication flow. You
can create and apply policies for individual
internal users or for specific types of external users
so that the communications between internal and
external users is controlled.

Consider a scenario where you allow users in


federated domains to access IM and Presence, but
not audio/video conferencing or web
conferencing. In another scenario, you can globally disable video conferencing, and allow only some
specific groups of users to use it. Planning and using conferencing policies are an effective way to enforce
the policies of your organization and control bandwidth usage.
A conferencing policy defines the features and capabilities for users during a conference (also known as a
meeting). Conferencing policy settings encompass a wide variety of scheduling and participation options,
ranging from whether a meeting can include IP audio and video, to the maximum number of people who
can attend. Administrators can use the conferencing policy to manage security, bandwidth, and legal
aspects of meetings.

You can define a conferencing policy on three levels: global scope, site scope, and user scope. Settings
apply to a specific user from the narrowest scope to the widest scope. If you assign a user policy to a user,

those settings take precedence. If you do not assign a user policy, site settings apply. If no user or site
policies apply, the global policy provides the default settings.

MCT USE ONLY. STUDENT USE PROHIBITED

6-6 Designing and Deploying External Access

MICROSOFT INTERNAL TEACH

A global policy exists by default, so you cannot create a new global policy. You also cannot delete the
existing global policy, but you can change the existing global policy to customize your default settings.

By default, there are no policies configured to support external user access, including remote user access
and federated user access, even if you have already enabled external user access support for your
organization. To control the use of external user access, you must configure one or more policies,
specifying the type of external user access supported for each policy. The following policy scopes are
available for creation and configuration.

Global policy. The global policy is created when you deploy your Edge Servers. By default, no external
user access options are enabled in the global policy. To support external user access at the global
level, you configure the global policy to support one or more types of external user access options.
The global policy applies to all users in your organization, but site policies and user policies override
the global policy. If you delete the global policy, you do not remove it. Instead, you reset it to the
default setting.

Site policy. You can create and configure one or more site policies to limit support for external user
access to specific sites. The configuration in the site policy overrides the global policy, but only for the
specific site covered by the site policy. For example, if you enable remote user access in the global
policy, you might specify a site policy that disables remote user access for a specific site. By default, a
site policy is applied to all users of that site, but you can assign a user policy to a user to override the
site policy setting.

User policy. You can create and configure one or more user policies to limit support for remote user
access to specific users. The configuration in the user policy overrides the global and site policy, but
only for the specific users to whom the user policy is assigned. For example, if you enable remote user
access in the global policy and site policy, you might specify a user policy that disables remote user
access and then assign that user policy to specific users. If you create a user policy, you must apply it
to one or more users before it takes effect.

Note: Lync Server policy settings that are applied at one policy level can override settings
that are applied at another policy level. Lync Server policy precedence is user policy (most
influence) overrides a site policy, and a Site policy overrides a global policy (least influence). This
means that the closer the policy setting is to the object that the policy is affecting, the more
influence it has on the object.
When configuring policies for external access, the following settings are available:

Enable communications with federated users. You can select this option if you want to support user
access to federated partner domains. This setting configures the ability for users to communicate with
other SIP federated domains, and hosted providers like Microsoft Office 365. Selecting this setting
enables you to select the option to allow communication with XMPP federated domains.
As an option, you can select Enable communications with XMPP federated partners if you first select
Enable communications with federated users. XMPP federation is a federation with organizations that
use XMPP.

Note: If you enable XMPP federation, you must also select to deploy XMPP federation in
the Edge pools configuration section of Topology Builder.

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 6-7

Enable communications with remote users. You can select this option if you want users in your
organization who are outside your firewall, such as telecommuters and users who are traveling, to
connect to Lync Server over the Internet.

Enable communications with public users. You can select this option if you want internal users to
communicate with public IM provider contacts, such as those provided by Windows Live and Skype.
Question: What are the options you have for blocking unwanted users from participating in
web and audio/video conferences?

Security in Conferencing and External Scenarios


Security is an inherent feature of Lync Server 2013.
While conferencing with external users such as
remote users of the organization or federated
users of partner organizations, you must consider
a few security measures. This helps you to justify
the security of the software to your organization
and design a secure solution.
The following list of options helps you influence
the security level for conferencing.

Plan for usage of one or many Directors for


pre-authentication and offloading
authentication traffic from internal front-end
servers, thereby preventing malicious and denial-of-service attacks to reach the internal pool.

Note: The role of the Director server in the Lync Server 2013 topology has not changed. It
still hosts web services and pre-authenticates incoming user requests, and directs external users
to their home pool. Changing the Director from a recommended role to an optional role does
not diminish the value of the Director, but emphasizes reducing server count and other hardware
requirements (for example, hardware load balancers for the Director) without compromising
features and functionality. Because the front-end servers can do the same job as the Director with
no impact to services provided, you can choose to optionally deploy Directors. You can safely
exclude the Director with confidence that the front-end servers will provide the same services in
their place.

Set the conferencing policies to prevent unsupported usage scenarios. Consider the scenario of
downloading material for attendees and transferring of files.

Keep the default security settings that require Transport Layer Security (TLS) or Secure Sockets Layer
(SSL) in all signaling and media.

Evaluate the need for using applications that help prevent attack from malicious software, such as
Forefront Security for Lync Server 2013.

Note: At the writing of this document, ForeFront for Lync Server 2013 was still in
development.

Avoid deployment of your Edge Servers in an internal domain. You can use the workgroup or
perimeter domain, instead.

MICROSOFT INTERNAL TEACH

Deploy the Edge Server between an internal firewall and an external firewall.

Lock down Edge Servers for additional security.

Evaluate the need for anonymous or federated access to your organization. You must trust the
authentication that your partners implement in their organizations.
Question: In which scenarios do you have security concerns in a Lync Server 2013 solution?

MCT USE ONLY. STUDENT USE PROHIBITED

6-8 Designing and Deploying External Access

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-9

Lesson 2

MICROSOFT INTERNAL TEACH

Planning for IM and Presence Federation

When you plan for IM and Presence federation, you need to be aware of the different federation scenarios
available for federation with partners running Lync Server 2013. IM and Presence federation may also
require Lync Server 2013 to interoperate with non-Microsoft environments. You should be familiar with
the federation and interoperability scenarios, and the public instant messaging provisioning process to
plan for IM, including the supported functionality.

Lesson Objectives

Describe federation scenarios.

Describe interoperability scenarios.

Explain the public instant messaging provisioning process.

Describe supported functionality.

Designing Federation in Lync Server 2013


In a Lync Server 2013 deployment, internal users
can conference with external participants, such as
remote users, federated users, and anonymous
users by using an Edge Server. Therefore, while
designing the Lync Server 2013 deployment, you
need to place the Edge Server on the perimeter
networkbetween an internal and external
firewall. You also need to place the public network
or Internet and the internal network on both sides
of the Edge Server.

On the perimeter network, the Edge Server uses


three services: Access Edge, Web Conferencing
Edge, and Audio/Video Edge Server. The Reverse Proxy publishes external web services, including meeting
content, address book, and group expansion. The Director acts as a next hop server on the internal
network and is an optional role. However, it provides additional security. Additionally, in a deployment
with multiple internal pools, the Director offloads the distribution of users to their home pools.
Some of the federation options available to partners running Lync Server 2013, Lync Server 2010, Office
Communications Server 2007, Office Communications Server 2007 R2, or Microsoft Office Live
Communications Server are as follows:

Direct Federation

In this option, you can allow federation only with specific SIP domains and certain servers at these SIP
domains. Organizations federating with a limited number of partners or enabling very high volume SIP
traffic between two large federated organizations can benefit from this federation option.

Enhanced Federation

In this option, you can allow federation with specific SIP domains. Servers are auto-resolved through DNS
service records. Organizations that federate with a limited number of partners who use open federation or
enable very high volume of SIP traffic between two large federated organizations can benefit from this
federation option.

Open Federation

MCT USE ONLY. STUDENT USE PROHIBITED

6-10 Designing and Deploying External Access

MICROSOFT INTERNAL TEACH

In this option, Lync Server 2013 automatically identifies the federation partners. This federation option
works in combination with a block list, where you can lock certain domains for communication. It is the
most user-friendly federation option. However, you must initiate a process to monitor the Event Viewer to
add partners to the list of Enhanced Federation partners or SIP domains that you want to block.
The open federation option has the following limitations:

Requests only 1,000 SIP URIs

Allows only 20 messages per second


Question: Which communication modalities does federation support?

Designing Interoperability in Lync Server 2013


Before setting up interoperability, you need to set
up internal and external Lync Server 2013
deployments for federation. In addition, you must
discuss with the concerned stakeholders and
vendors and decide about the required
interoperability for the organization. Depending
on the business requirement of your organization,
you can set up interoperability for Lync Server
2013 with non-Lync Server 2013 environments
such as Google TalkTM and Jabber.

As discussed earlier, Lync Server 2013 introduces a


fully integrated XMPP proxy (deployed on the
Edge Servers) and an XMPP gateway deployed on your front-end servers. You can deploy XMPP
federation as an optional component. Adding and configuring the XMPP proxy and XMPP gateway will
enable your Microsoft Lync 2013 users to add contacts from XMPP-based partners for instant messaging
and Presence.
Note: Currently, the XMPP services in Lync Server 2013 only provide instant messaging and
Presence between Lync clients and XMPP-based contacts.
You can enable federation with Google Talk and Jabber by using Lync Server 2013 Edge as an XMPP
proxy and the Lync Server 2013 front-end as an XMPP gateway.

Besides Google Talk and Jabber, Lync Server 2013 also supports federation with certain third-party
Presence solutions such as IBM Lotus Sametime and Cisco Presence. Integration with Cisco Presence
allows integration for IM and Presence with Lync Server 2013 by using specific adaptive security
appliances and gateways. These are some of the interoperability options. The interoperability program is
an ever evolving program, and keeps adding new interoperability scenarios.
Note: At the writing of this document, we cannot confirm which versions of IBM SameTime
and Cisco Presence have been tested with Lync Server 2013.
For more information about the Unified Communications Open Interoperability Program
http://go.microsoft.com/fwlink/?LinkId=273836

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-11

Question: Do you think interoperability will be relevant for most organizations?

MICROSOFT INTERNAL TEACH

Implementing the Public Instant Messaging Provisioning Process


In general, you need both licensing and
provisioning for Public IM in Lync Server 2013. You
do not require any additional licenses, beyond
your Lync Server 2013 Client Access License, to
federate with Windows Live and Skype. However,
you need Lync Server 2013 PIC to federate with
third-party IM service providers. Federation with
some of these IM service providers requires a peruser subscription license to enable Lync Server
2013 PIC. The provisioning process for Public IM is
described in detail in the Lync Server 2013 PIC
provisioning guide. You can start the provisioning
process when you set up your internal and external Lync Server 2013 deployment for federation.
As part of the provisioning process, you need to provide the following details to Microsoft:

Microsoft Agreement Number

Access Edge service FQDN

SIP domains

Any additional Access Edge service FQDNs

Contact information

The information provided by you is tested, your credibility is established, and then you are provided
access to the environment. After testing, you will be notified and the provisioning process for each PIC
domain will begin.
Question: In which scenarios can PIC be of interest to your organization?

Functionalities Supported by Lync Server 2013


In a Lync Server 2013 topology, you can use the
Edge Server based on the type of required
communication partner.
The following features are supported by Edge
Server:

Presence. The current availability of a user

IM one-to-one. Two-party instant messages

IM conferencing. IM sessions with more than


two users

Collaboration. Share the desktop, one or more


applications, whiteboard, and files

Audio/video one-to-one. Two party audio/video

Audio/video conferencing. Audio/video sessions with more than two people

Capabilities Available to Remote Users

MCT USE ONLY. STUDENT USE PROHIBITED

6-12 Designing and Deploying External Access

MICROSOFT INTERNAL TEACH

During planning, you can consider the various scenarios in which remote users use the Lync Server 2013
deployment.

IM and Presence. Users can send instant messages and view Presence status without using a virtual
private network (VPN) to log on to the internal network. They can add users from federated partners
and users of supported public IM service providers to their contact list, and they can view those users
Presence status, even while they are signed in remotely.

Web conferencing. Users can participate in web conferences as if they were logged on to the internal
network.

Audio/video conferencing. Users can participate in audio/video conferences as if they were logged on
to the internal network.

Capabilities Available to Federated Users


The functionality available to federated users depends on the option you choose during planning and
deployment. You can choose either of the following options:

IM and Presence only. Users can participate in IM conversations with individual Lync Server 2013 users
in the organization and access Presence information. However, they cannot participate in Lync Server
2013 multi-party conferences, and they are restricted to peer-to-peer conferencing. You can choose
this option whether or not you deploy conferencing support internally.

IM and Presence, web conferencing, and A/V conferencing. Users can participate in IM conversations
with individual Lync Server 2013 users in the organization and access Presence information. They can
also participate in web conferences and audio/video conferences, if you have planned for it in your
Lync Server 2013 deployment. Federated users have access to the full feature set, except the Lync
Server 2013 Address Book.

Capabilities Available to Public IM Users

The functionality available to federated and public IM users depends on the option you choose for them
during planning and deployment. You can choose either of the following options:

IM and Presence only. Users can participate in IM conversations with individual Lync Server 2013 users
in the organization and access Presence information. However, they cannot participate in Lync Server
2013 multi-party conferences, and they are restricted to peer-to-peer conferencing.

IM and Presence, and peer-to-peer audio/video. In addition to peer-to-peer IM conferencing and


viewing Presence, public IM users can participate in audio/video peer-to-peer calls with Windows Live
Messenger users.

Capabilities Available to Anonymous Users

Anonymous users can participate in IM, web conferences, and audio conferences that are hosted on the
internal deployment; however, they require an invitation to access these features.

Capabilities Available to XMPP Users

Adding and configuring the XMPP proxy and XMPP gateway will enable your Microsoft Lync 2013 users
to add contacts from XMPP-based partners for peer-to-peer instant messaging and presence.
Question: Does anonymous user indicate a lack of security?
Question: Do you perceive opportunities for business usage for audio sessions between Lync
Server 2013 and Skype?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-13

Lesson 3

Designing Edge Services

MICROSOFT INTERNAL TEACH

To design Edge services, you should be familiar with firewall requirements for external scenarios, identify
Edge network requirements, define filters, and determine your deployment options for Edge Services.

In a Lync Server 2013 deployment, DNS is a core infrastructure component without which the Lync Server
2013 infrastructure cannot function. You should know about the uses of DNS, required DNS records, and
requirements for DNS servers.

You should also know about Public Key Infrastructure (PKI) and certificates, and how to use TLS and
Mutual Transport Layer Security (MTLS or Mutual TLS) in your Lync Server 2013 environment. In addition,
you should know about the uses of PKI, subject names, and subject alternative names, including the types
of certificates and certificate providers.

Lesson Objectives

Describe how to design firewall requirements for external scenarios.

Describe Edge network requirements.

Define filters.

Describe the uses of DNS in Lync Server 2013 infrastructure.

Describe how to identify the required DNS records, and requirements for DNS servers.

Describe the uses of PKI in Lync Server 2013 architecture.

Describe the usage of subject names and subject alternative names.

Describe how to plan for types of certificates and certificate providers.

Describe how certificates are used in other scenarios.

Firewall Requirements Design for External Scenarios


Based on your design of a simple URL, the design
of the Reverse Proxy firewall rules is straight
forward. You can either publish meet.adatum.com
and add a SAN each time you add a SIP domain,
or you can use the static approach with
cs.adatum.com/meet for all your SIP domains.
With the Edge Server, the configuration is a bit
more complex and you have to include the
stakeholders from your security/network
organization in the discussions, early in the
project.
You can consider the following design options:

Audio/video when federating with Office Communications Server 2007, and later

Audio/video with Windows Live Messenger

Audio with Skype

Allowing Remote Desktop sharing

Allowing file transfer only in Lync Server 2013


Question: Which other tool can you use to help you with this design?

MICROSOFT INTERNAL TEACH

Question: How important are the modalities that require the 50.00059.999 port range?
Question: How do you think your security or firewall organization will respond to these
requirements?

Edge Network Requirements


Network Address Translation (NAT) is the concept
of translating one address to another. This enables
you to hide one or more private IP addresses
behind a single public IP address. This also helps
save IP addresses because multiple private IP
addresses are masked behind one public IP
address.
Using the Scaled Edge (DNS load balanced) option
as an example, you can see that it supports high
availability, can use non-routable private IP
addresses (with NAT) or routable public IP
addresses assigned to the Edge external interfaces,
and reduces cost because a hardware load balancer is not required.

MCT USE ONLY. STUDENT USE PROHIBITED

6-14 Designing and Deploying External Access

In Lync Server 2013, if you use NAT, you always have to use either routable IP addresses or a 1:1 relation,
where one routable IP address corresponds exactly to one private IP address.
Depending on the following deployment scenarios, routable IP addresses or NAT must be used:

The internal interface of the Edge Server must always be routable. It can still be an internal IP address;
however, an internal client must be able to reach the IP address of the internal Edge interface without
any NAT.

A single Edge Server requires a 1:1 NAT. In Office Communications Server 2007 R2, we required a
routable IP. However, the 1:1 NAT scenario is tested, and therefore, supports the deployment
scenario. You must configure symmetric NAT for incoming and outgoing traffic.

A hardware load balancing (HLB) requires always routable IP addresses.

DNS load balancing requires a 1:1 NAT.

Depending on your DNS architecture, you may need to set up a hosts file for resolution of internal hosts
on your network. The recommended approach is to point DNS to your internal DNS servers. However, this
works if your internal DNS forwards unresolved requests to public DNS servers.
Question: Can you use NAT to translate the internal network interface of the Edge Server?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-15

MICROSOFT INTERNAL TEACH

Defining Filters
When you allow content to be published to
external users and content to be sent from
external users to internal users, you might want to
control this situation. The options in Lync Server
2013 include controlling specific versions of clients
allowed, defining file filters based on extensions
and URL filtersallowing or disallowing certain
URLs.
In Lync Server 2013, you can configure filters from
the Microsoft Lync Server 2013 Control Panel. You
need to use the IM and Presence tab for file and
URL filters, and the Clients tab for Client Version
Policies.

File Filters

File filters can be applied either on a global level or on a site level. You can use these filters to block all
files or only block certain types of files from entering your network. By default, the following files are
blocked.
Blocked Files
.ade
.adp
.app
.asp
.bas
.bat
.cer
.cmd
.com
.cpl
.crt

.csh
.exe
.fxp
.grp
.hta
.inf
.ins
.isp
.its
.js
.jse

.ksh
.lnk
.mad
.maf
.mag
.mam
.maq
.mar
.mas
.mat
.mau

mav
.maw
.mda
.mdb
.mde
.mdt
.mdw
.mdz
.msc
.msi
.msp

mst
.ocx
.ops
.pcd
.pif
.pl
.pnp
.prf
.prg
.pst
.reg

scf
.scr
.sct
.shb
.shs
.tmp
.url
.vb
.vbe
.vbs
.vsmacros

vss
.vst
.vsw
.ws
.wsc
.wsf
.wsh

You can either change this list or use the Block all option.

URL Filters

With URL filters, you can block certain URLs from being clicked, and you can define this at a global level
or at a site level. For example, you can block ftp, gopher, news, and similar filters, or just enable URL filter
and provide a warning message.
To configure how hyperlinks are handled in instant message conversations, you select one of the
following options under Hyperlink prefix:

Do not filter. URLs in messages are sent through the server. When you choose this option, the Allow
message box appears. In the Allow message box, specify the notice that you want to insert at the
beginning of each instant message containing hyperlinks. This notice can consist of no more than
65,535 characters.

Block hyperlinks. Delivery of instant messages containing active hyperlinks is blocked by Lync Server,
and an error message is displayed to the sender.

Send warning message. Lync Server permits active hyperlinks in instant messages, but includes a
warning. When you choose this option, the Warning message box appears. In the Warning

MCT USE ONLY. STUDENT USE PROHIBITED

6-16 Designing and Deploying External Access

message box, you must type the warning that you want to include with instant messages containing
valid hyperlinks. For example, the warning might state the potential dangers of clicking an unknown
link, or it might refer to your organizations relevant policies and requirements. The warning can be
no more than 65,535 characters.

MICROSOFT INTERNAL TEACH

Circumventing File and URL filters

These filters are based on specific file names or URLs, so renaming your file names or renaming your URLs
is enough to circumvent the filters. After receiving a file or URL, the user can rename the file or URL to its
original name and use it.
For more advanced filtering capabilities, you should look at solutions from Microsoft ForeFront or
third-party solutions that look at the actual file content to determine the type of file being sent, and
provide more granular policy options.

Client Versioning Filters

Client Versioning Filters can be applied at a global, site, pool, and user level. You can use Client Versioning
Filters to block and upgrade clients, so that you can ensure a certain minimum version level of your Lync
Server 2013 clients in your organization.

Client Versioning Filters can be useful for several reasons. One reason is that you need a minimum security
update level for clients, for example, for a down-level client to work correctly with Lync Server 2013.
Another reason is that it can be a performance or security update that you need, to ensure that it is
applied to the connecting clients before you allow them access to your system. When you identify an
unsupported version of the client, you have several options, including Block, Block with URL (To upgrade
location), Allow, and Allow with URL (To upgrade location).

Version rules are used to determine which client applications are allowed to log on to Lync Server. When a
user attempts to log on to Lync Server, his or her client application sends a SIP header to the server; this
header includes detailed information about the application, including the major version, minor version,
and build number of the software. The version information is then checked against a collection of client
version rules to determine if any rules apply to that particular application. Consider the following example.
A user attempts to log on by using Microsoft Office Communicator 2007 R2. Before the user can log on to
Lync Server, the system will check to see if there is a client version rule that applies to Office
Communicator 2007 R2. If a rule exists, Lync Server will take the action specified by the rule. That action
must be one of the following:

Allow. The user will be allowed to log on.

AllowWithUrl. The user will be allowed to log on, and a message will be displayed pointing the user to
a URL where the latest version of Lync can be downloaded and installed. The URL must point to a
website that you have created yourself; no such site is created for you when you install Lync Server.

Block. The user will not be allowed to log on.

BlockWithUrl. The user will not be allowed to log on, but a message will be displayed pointing him or
her to a URL where the latest version of Lync can be downloaded and installed. The URL must point
to a website that you have created yourself; no such site is created for you when you install Lync
Server.

Client version rules are collected in client version policies; you can configure these policies at the
global scope, the site scope, the service scope (Registrar service), or the per-user scope. You can use
the Set-CsClientVersionPolicyRule cmdlet to modify the properties of an existing client version rule.
Question: Can you get any inspiration for policies from other applications/usages in your
organization?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-17

MICROSOFT INTERNAL TEACH

DNS Usage in Lync Server 2013


The clients and servers use DNS to discover
services and provide device updates, and are an
important component in providing the following
DNS load balancing services in Lync Server 2013:

Discover internal servers or pools for serverto-server communications.

Enable clients to discover the front-end pool


or Standard Edition server used for various SIP
transactions.

Enable unified Communications (UC) devices


that are not logged on to discover the frontend pool or Standard Edition server running Device Update web service, obtain updates, and send
logs.

Enable external servers and clients to connect to Edge Servers or the HTTP reverse proxy for instant
messaging (IM) or conferencing.

Enable external UC devices to connect to Device Update web service through Edge Servers or the
HTTP reverse proxy and obtain updates.

Enable mobile clients to automatically discover web services resources without requiring users to
manually enter URLs in device settings.

Typically, the DNS server is based on Windows Server, but other DNS implementations are also supported
if they are able to support the requirements for Lync Server 2013. To plan for the installation of Lync
Server 2013 and the DNS required records, you can use the Lync Server 2013 Planning Tool. After
finalizing your topology design, you can access the external and internal DNS records listed under the
DNS Report tab, in Edge Admin Report, under the Planning Tool Report option.

Split-brain DNS is known by a number of names, for example, split DNS or split-horizon DNS. It describes
a DNS configuration where there are two DNS zones with the same namespaceDNS zone services
internal-only requests, and DNS zone services external-only requests. However, many of the DNS SRV and
A records contained in the internal DNS will not be contained in the external DNS. The reverse is also true.
In cases where the same DNS record exists in both the internal and external DNS (for example,
www.contoso.com), the IP address returned will be different based on where (internal or external) the
query was initiated.
In a Lync Server 2013 deployment, DNS is important. If you host your own external DNS servers, while
planning and designing the topology, you must focus on the availability of these services, both internally
and externally. Deploying a Standard Edition front-end server in a remote location for survivability may
not be beneficial, if the DNS resolution is dependent on a remote wide area network (WAN) connectivity.
You must note that Survivable Branch Appliances (SBA) and servers can use Dynamic Host Configuration
Protocol (DHCP) for survivability, but only for the SIP registrar and Mediation Server role included in Lync
Server 2013.
Question: Can you use third-party DNS servers?

MICROSOFT INTERNAL TEACH

Identifying Required DNS Records


Consider a scenario where a simple design for
Adatum.com is created with a single Standard
Edition server and an Edge Server. The DNS
records are required externally and internally.
Assuming that you use a split-brain DNS solution,
the namespace, adatum.com, is used both
internally and externally.
If you want to support litwareinc.com as an
additional SIP domain on the same Lync Server
2013 installation, you would need extra DNS
records, and these would be as follows.
Location

DNS Record

Target

Purpose

External
DNS

SRV: _sip._tls.litwareinc.com

Access Edge
Server:
sip.litwareinc.com
port:443

Automatic
configuration
for
litewareinc.com
users

External
DNS

SRV:
_sipfederationtls._tcp.litwareinc.com

Access Edge
Server:
sip.litwareinc.com
port:5061

Discoverable
for Federation
for
litewareinc.com
domain

External
DNS

A: sip.litwareinc.com

IP of Access Edge
Server

Access Edge
Server IP

External
DNS

A: meet.litwareinc.com

IP of Reverse
Proxy

Simple URL for


meetings for
litewareinc.com
hosted
meetings

MCT USE ONLY. STUDENT USE PROHIBITED

6-18 Designing and Deploying External Access

You can choose the Simple URL option where there is a DNS host name for each supported SIP domain
for federation, and provide remote access to company users. This way, users can work with the
litwareinc.com domain, but you need to add extra DNS records.

If you need to support multiple SIP domains and if the list of supported DNS domains is changing on a
regular basisfor example, every six monthsthen, it is easier to use the Simple URL option where the
DNS host name stays the same. In this option, the DNS domain names stay the same on the reverse proxy.
You still need to change the Access Edge certificate.
The preceding examples only show the external records required. In the following example, only one SIP
domain is supported in the same environment.
Location
Internal
DNS

DNS Record
(A)

fe01.adatum.com

Target
IP address
of
Standard
Edition
Server

Purpose
This is the host
record for the
Standard
Edition Server

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-19

Location

DNS Record

MICROSOFT INTERNAL TEACH

Internal
DNS

(SRV)

Target

_sipinternaltls._tcp.adatum.com

Purpose

_tcp for
port 5061
pointing to
FQDN of
Standard
Edition
Server

For Lync Server


2013 autoconfiguration

In addition, you need some more internal DNS records, the first for the internal Edge interface and the
next for device time synchronization and device updates.
Location

DNS Record

Target

Purpose

Internal
DNS

lsedge.adatum.com

IP of Edge
Internal Interface

Consolidated
Edge internal
interface

Internal
DNS

ucupdatesr2.adatum.com

IP of Standard
Edition Server

Used for Lync


2013 device
updates

Internal
DNS

SRV

_ntp._udp.adatum.com

timeServerFQDN

123

Network Time
Protocol (NTP)
source
required for
Microsoft Lync
2013 Phone
Edition devices

To support conferences internally, you need to use a split-brain DNS solution, including some records on
the same DNS zone that you publish externally. These are as follows.
Location

DNS Record

Target

Purpose

Internal DNS

dialin.adatum.com

IP of Standard
Edition Server

Dial-in conferencing
published internally

Internal DNS

meet.adatum.com

IP of Standard
Edition Server

Conferences published
internally

Internal DNS

admin.adatum.com

IP of Standard
Edition Server

Microsoft Lync Server


2013 Control Panel
published internally

DNS records are required for different services and you must have knowledge of these records. However,
considering the amount of DNS records required, it is an important part of your project to create a proper
design that not only includes all important aspects, but also a plan for maintaining the records required,
and decommissioning those records that are no longer required. The given example of 20 DNS records
only shows a simple design. If you deploy high availability and Directors with support for multiple SIP
domains, then your design would be more complex and will require thorough planning and maintenance.
Question: Can you provide some examples for how you record your DNS design?

MICROSOFT INTERNAL TEACH

PKI Certificate Usage in Lync Server 2013


In Lync Server 2013 implementation, certificates
are a critical component. Within the Lync Server
2013 infrastructure, you can use PKI while using
TLS and MTLS. You can use Lync Server 2013
certificates for:

TLS connections between client and server.

MTLS connections between servers.

Federation that uses automatic DNS discovery


of partners.

Remote user access for IM.

External user access to audio/video sessions, application sharing, and conferencing.

Mobile requests that use automatic discovery of web service.

Persistent Chat web services for file upload/download.

For Lync Server 2013, the following certificate requirements must be met:

MCT USE ONLY. STUDENT USE PROHIBITED

6-20 Designing and Deploying External Access

All server certificates support server authorization (Server EKU).

All server certificates contain a Certificate Revocation List (CRL) Distribution Point (CDP).

Auto-enrollment is supported for internal servers running Lync Server 2013.

Auto-enrollment is not supported for Lync Server 2013 Edge Servers.

When you submit a web-based certificate request to a Windows Server 2003 CA, you must submit it
from a computer running either Windows Server 2003 with SP2, or Windows XP.

Note: Although KB922706 provides support for resolving issues with enrolling web
certificates against a Windows Server 2003 Certificate Services web enrolment, it does not make it
possible to use Windows Server 2008, Windows Vista, or Windows 7 to request a certificate from
a Windows Server 2003 CA.

Key lengths of 1,024, 2,048, and 4,096 are supported.

The default hash algorithm is RSA. The ECDH_P256, ECDH_P384, and ECDH_P521 hash algorithms are
also supported

During deployment, certificates have been one of the greatest challenges with the previous versions of
Lync Server 2013. Although, Lync Server 2013 helps get the certificate configuration right, because of its
built-in functionality, you need to consider the certificate requirements when designing Lync Server 2013
solutions.
Question: Can you use an external third-party certificate authority for all certificates in a
Lync Server 2013 deployment, thereby negating the requirement for an internal PKI
implementation?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-21

MICROSOFT INTERNAL TEACH

Subject Names and Subject Alternate Names


The certificate authority (CA) needs to meet
specific requirements for certificate names when
planning for a PKI implementation with Lync
Server 2013.

Subject Names
The Subject Name of a given X.509 certificate is
the primary name of the certificate. This is the
most basic type of certificate name used and is
supported by all PKIs and CA implementations,
including all commercial third-party certificate
authorities.

Subject Alternate Name

In some cases, having the subject name for the server roles that have a certificate is not sufficient. In such
cases, the certificates also contain the attribute called, SAN.
The Subject Alternative Name property on an X.509 certificate provides alternative subject names in the
certificate. This enables TLS and MTLS connections to use different names, which all resolve to the same
physical or virtual server.
In a Lync Server 2013 implementation, the following places use certificates with SAN:

Edge Servers (typically used for the Access Edge role). On the Edge Servers, the same certificate may be
used for more than one server role. The subject name may be used for web conferencing Edge as a
SAN with the Access Edge FQDN for each supported SIP domain.

Front End servers and Directors. SAN certificates are used on the servers or pools that perform user
authentication. SAN certificates are used for the SIP connectivity.

Correlation between certificate subject name and the subject alternative names

Both subject names and SAN are correlated as some systems require that the first SAN in a certificate
should be the same as the subject name. Although this is not a requirement when using systems that are
fully compliant with SAN certificates, it is still considered a best practice for certificates.
Question: Is there a limit on the number of SAN entries that can be included in a certificate?

Planning for Types of Certificates and Providers


In relation to a Lync Server 2013 deployment, a
key part of planning for PKI usage is selecting the
types of certificates. You also need to be aware of
the limitations that are associated with each type
of certificate.

PKI considerations
In comparison to the Office Communication Server
2007 R2, Lync Server 2013 provides a smoother
process for requesting and applying certificates.
However, you need to consider the complexity
that is involved in designing, implementing,

operating, and maintaining a PKI.

MICROSOFT INTERNAL TEACH

Considerations for public certificates

MCT USE ONLY. STUDENT USE PROHIBITED

6-22 Designing and Deploying External Access

Although you can deploy public certificates for the entire Lync Server 2013 infrastructure, the cost of
doing so might be excessive. However, for some roles, almost all Lync Server deployments use public
certificates. This is because public certificates are necessary for public IM connectivity and Lync federation
with other organizations. You can use public certificates for the following purposes:

Lync Server Access Edge

Lync Server web conferencing Edge

Reverse proxy for meeting content and address book download

Exchange web services, if Exchange 2013, 2010, or 2007 is deployed

If you choose to deploy public certificates, you need to consider the following:

CRL Download Locations. CRL download locations do not typically need further consideration because
they are handled by the public certificate provider. However, you need to ensure that all servers that
use public certificates are able to access the CRL download location URLs for these certificates. Also
ensure that the Edge Server can access CRL download URLs for the certificates presented by
federation partners.

Root Certificate Support. You need to ensure that any public certificate provider that you use has its
root certificate included as standard with Windows clients. If the root certificate of the provider that
you use is not supported on Windows clients such as Windows 7, Windows Vista, or Windows XP, you
will need to import this root certificate to the clients, either as part of a deployment image, or by
using Group Policy.

You need to apply the same considerations for clients that will use mobile clients to access the Lync Server
2013 infrastructure. The way in which you import root certificates to mobile devices varies from platform
to platform. Therefore, you should either ensure that the devices you use trust the root certificates, or use
the method supported by the specific device or platform to import the relevant root certificates to that
device.
As new types and models of mobile devices and client operating systems are introduced, root certificate
support is an issue that will require ongoing planning and awareness.

Considerations for private certificates


You can normally deploy private certificates for all internal Lync Server 2013 roles and for the internal
interface of Lync Server 2013 Edge Servers. However, you should ensure that the certificates that Lync
Server 2013 uses are all web server certificates, and not computer certificates.

If you choose to deploy private certificates that are preferably issued from a Windows Server Certificate
Authority for some purposes, you need to meet some requirements to ensure that the Lync Server 2013
environment functions as intended.

CRL download locations

When deploying an internal CA from Microsoft or otherwise, a key item that you need to configure is the
CRL download location. It is the location from where a system can download a list of certificates that have
been revoked by the issuing CA. Many systems consider a certificate invalid if they are unable to
download CRL from the CA that has issued the certificate in question.
For internal Active Directoryjoined clients, you will normally not face any problem for CRL download
from an internal Microsoft PKI. However, a typical scenario where a missing or incorrectly configured CRL
download location can cause problems is on the internal interface of Lync Server 2013 Edge Servers.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-23

MICROSOFT INTERNAL TEACH

When a front-end server or Director Server communicates with the Edge Server, the latter will process the
certificate presented by the front-end server or Director Server. The Edge Server then attempts to retrieve
the CRL to determine if the certificate presented has been revoked by the issuing CA. If the Edge Server
fails to retrieve the CRL, it considers the certificate invalid, and communication does not proceed.
Therefore, in practice, you should publish both full and delta CRL to a web server URL, which the Edge
Server can access on its internal interface. You should then add this address to the list of CRL download
locations on the CA. You need to perform this task before requesting certificates for the Lync Server 2013
environment, because the CRL download location list is not updated for certificates that have already
been issued.
You should be aware of this critical issue when operating internal PKI, because an incorrectly configured
or poorly maintained PKI can pose major problems when deploying Lync Server 2013. In addition, the
need to troubleshoot certificate issues is a very common occurrence in many deployments and you need
to ensure that this does not become an issue in your deployment.

Although deploying a Windows Server Certificate Authority is a simple task with newer versions of
Windows Server, you cannot get a fully configured PKI that is immediately usable for Lync Server 2013 just
by deploying this server role. You need to properly design, configure, and maintain the PKI as per
Microsoft best practices or of other vendors, if deploying a non-Microsoft PKI.

Considerations for choosing PKI providers

There are a number of different providers ranging from small to large, who offer public certificates. When
you select a PKI provider for Lync Server 2013 certificates, you need to consider the following factors:

By default, install the root certificates of the providers in the client operating systems that will be
used. This is applicable for both computers and mobile devices.

The provider supports SAN in X.509 certificates. The actual number of supported SANs in a given
certificate must be sufficient for your usage.

The provider supports certificate key lengths of at least 2,048 bytes for higher security.

Be cautious of providers who merely issue certificate authorities to the Root CAs of other providers.
Ideally, you need to use a CA that has full control of both their Root CAs and any intermediate or
issuing CAs in the certification path.

The cost of obtaining certificates can vary among providers because of various factors such as support
plans and certificate types. You should choose the provider whose services best suit the organizational
needs, while keeping the above points in mind.
Question: If you use federation in Lync Server 2013, can you federate with organizations that
use their own (private) certificates, instead of public certificates on their Access Edge Server
of either Office Communications Server or Lync Server 2013?

Other Certificate Usage Scenarios

MICROSOFT INTERNAL TEACH

In the Lync Server 2013 infrastructure, there are


some other usage scenarios where certificates can
be used.
The use of Survivable Branch Appliances (SBAs)
utilizes certificates in a specific way; therefore, you
must plan while deploying SBAs. Consider a
scenario where you have users in a remote office,
which contains an SBA with PSTN connectivity. The
remote office is connected to the rest of the
infrastructure by using a WAN link. If the WAN link
is not available, clients will be unable to provide
their credentials to the Lync Server 2013
infrastructure and sign in to Lync Server 2013. To resolve this problem, you can use SBA that handles
authentication differently than a primary registrar, when clients connect to it.

MCT USE ONLY. STUDENT USE PROHIBITED

6-24 Designing and Deploying External Access

As part of provisioning, the SBA gets a certificate installed on it, and this certificate is used for client
authentication when the client connects to register to the SBA. The SBA looks at the SIP domain part of
the SIP URI of the client attempting to register, and compares it to the installed certificate. If the domain
part of the SIP URI matches the domain that is present in the SBA certificate, either in the form of a
Canonical Name (CN) or SAN entry, the client is allowed to register to the SBA.
To ensure that the clients are registered, you should plan for all potential SIP domains to be listed in the
SBA certificate. A client might be refused registration if the SIP domain cannot be matched by the SBA
certificate. In addition, if you add additional SIP domains after deploying SBA, these may need to have
their certificates updated to include the new SIP domains.

Web services also require the use of certificates in Lync Server 2013. However, typically, this is covered by
the server certificate installed on each Lync front-end server.
Question: If you have a domain controller available in a remote location where clients are
signing in to an SBA, does this remove the reliance on certificates for client authentication?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-25

Lab: Designing and Deploying for External Scenarios

MICROSOFT INTERNAL TEACH

Scenario

You are a Unified Communications Architect for Adatum Corporation, an enterprise-level


organization. Adatum Corporation needs to deploy an Edge topology to enable remote users to use
the same modalities without having to use virtual private network (VPN). You have been asked to
review business requirements based on the initial planning. You will then need to explore the Edge
Deployment in the Lync Planning Tool and determine how to use this tool for more detailed
planning. Finally, you need to deploy the Edge Server and validate that it is functioning and available.
Estimated Time: 70 minutes

Exercise 1: Defining the Edge Server in the Topology


Scenario
As an architect, you will define the Edge Server in the existing topology.
In this exercise you will add Edge server to the deployment with following configurations:

Edge pool FQDN : lon-edge01.adatum.com

Enable federation (port 5061)

Enable XMPP federation (port 5269)

Access edge FQDN sip.adatum.com (port 443)

Web Conferencing FQDN webconf.adatum.com (port 443)

A/V FQDN av.adatum.com (port 443)

Internal IP address 172.16.0.40

External IP address of Access Edge Service 131.107.155.3

External IP address of Web Conferencing Edge 131.107.155.4

External IP address of A/V Edge 131.107.155.5

Next hop lon-pool.adatum.com London (Site 0)

Associate lon-pool.adatum.com and red-pool.adatum.com

The main tasks for this exercise are as follows:


1. Start the virtual machines.
2. Verify the status of the replication.
3. Add the new Edge Server to the existing topology.
4. Export the new topology.

Task 1: Start the virtual machines.


Start the virtual machines

Task 2: Verify the status of the replication.


Verify the status of the replication.

Task 3: Add the new Edge Server to the existing topology.


Add the new Edge server to the existing topology.

Task 4: Export the new topology.

MICROSOFT INTERNAL TEACH

Export the new topology.

MCT USE ONLY. STUDENT USE PROHIBITED

6-26 Designing and Deploying External Access

Results: After completing this exercise, you should have defined a new Edge Pool, defined internal and
external FQDNs and IP addresses, and then published the topology. You should have also exported the
configuration for Edge Server role deployment.

Exercise 2: Deploying Edge Server and Configuring Remote Access


Scenario

In this exercise you will deploy edge server bits on the server, request and assign certificate for the server
and configure it for external access, with the following configurations:

External IP address of LON-EDGE01

131.107.155.3 and 255.255.0.0 subnet mask

131.107.155.4 and 255.255.0.0 subnet mask

131.107.155.5 and 255.255.0.0 subnet mask

Once configured edit Global External access policy with following configuration:

Enable federation

Enable partner domain discovery

Enable remote user access

Enable anonymous user access to conferences

The main tasks for this exercise are as follows:


1. Set up the Edge Server.
2. Install the Edge Server role.
3. Request and assign certificates.
4. Start the Lync Server Edge services.
5. Grant rights to external user access.

Task 1: Set up the Edge Server.


Set up the Edge server.

Task 2: Install the Edge Server role.


Install the Edge server role.

Task 3: Request and assign certificates.


Request and assign certificates.

Task 4: Start the Lync Server Edge services.


Start the Lync Server Edge services.

Task 5: Grant rights to external user access


Grant rights to external users.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 6-27

Exercise 3: Validating the Edge Server


Scenario
Validate Edge server configuration and functionality

MICROSOFT INTERNAL TEACH

The main tasks for this exercise are as follows:


1. Verify the status of the replication.
2. Validate the Lync Edge Server connectivity.

Task 1: Verify the status of the replication.


Verify the status of the replication.

Task 2: Validate the Lync Edge Server connectivity.


Validate the Lync Edge Server connectivity.

Module Review and Takeaways


Common Issues and Troubleshooting Tips

MICROSOFT INTERNAL TEACH

Common Issue

Troubleshooting Tip

Central Management Store replication to


the Lync Edge fails.

Running Lync Server 2013 Deployment


Wizard on Edge Server completes, but
Edge is not installed. Logs show a warning
that states that the host was not found in
the topology, and all roles will be
uninstalled.

Review Question(s)
Question: What has changed regarding Public IM Connectivity User Subscription License?
Question: How is XMPP like SIP Federation?
Question: XMPP introduces two new ports that need to be open in the perimeter firewalls.
What are they?

Tools
Changes in Lync Server 2013 That Affect Edge Server Planning
http://go.microsoft.com/fwlink/?LinkId=282227

MCT USE ONLY. STUDENT USE PROHIBITED

6-28 Designing and Deploying External Access

MCT USE ONLY. STUDENT USE PROHIBITED


7-1

MICROSOFT INTERNAL TEACH

Module7
Deploying Microsoft Lync Server 2013 Persistent Chat
Contents:
Module Overview

7-1

Lesson 1: Overview of Persistent Chat Architecture in Lync Server 2013

7-2

Lesson 2: Designing Lync Server 2013 Persistent Chat

7-5

Lesson 3: Deploying and Configuring Lync Server 2013 Persistent Chat

7-9

Lab: Deploying Persistent Chat Server

7-11

Module Review and Takeaways

7-14

Module Overview

In any organization, employees need to interact with each other in the course of their work. This
interaction can be a one-to-one meeting or a meeting that involves several participants across many
locations. To ensure smooth interaction of employees in an organization, you need to plan, design, and
deploy Lync Server 2013 Persistent Chat in the enterprise.

Objectives

Describe the features and concepts for Persistent Chat in Lync Server 2013.

Design Lync Server 2013 to include Persistent Chat.

Deploy and configure Persistent Chat in Lync Server 2013.

Lesson 1

MICROSOFT INTERNAL TEACH

Overview of Persistent Chat Architecture in Lync Server


2013
In Lync Server 2013, Persistent Chat Server enables you to participate in multiparty, topic-based
conversations that persist over time. You can use various components that are necessary to deploy
Persistent Chat within your Lync 2013 deployment.

Lesson Objectives

Describe the Persistent Chat server.

Describe the components and topologies for Persistent Chat server.

Describe the technical requirements for Persistent Chat server.

Overview of Persistent Chat Server


Persistent Chat Server enables users to participate
in multiparty, topic-based conversations that
persist over time. Persistent Chat Server can help
your organization do the following:

MCT USE ONLY. STUDENT USE PROHIBITED

7-2 Deploying Microsoft Lync Server 2013 Persistent Chat

Improve communication between


geographically dispersed and cross-functional
teams. By using Persistent Chat, teams can
efficiently share information, ideas, and
decisions with one another. The messages
posted to chat rooms (discussion forums) can
persist (that is, can be available over time), so
that people from different locations and
departments can participate, even when they are not simultaneously online. When a user connects to
a chat room, backchat (a configurable number of chat-history messages) is automatically loaded in
the chat room to give the user a context for the conversation.

Improve information awareness. By using client-side filters, users can define conditionssuch as
keywords in message content, or the value of the "from" field in a messageto receive notification
when those conditions are met in Persistent Chat instant messages or chat room messages. This way,
users can stay up-to-date with the content that interests them most.

Improve communication with their extended organization. By making it easy to collaborate over longrunning topics with others in the organization, and by providing a persistent place to share
information, Persistent Chat helps improve communication.

Reduce information overload. Users can follow chat rooms and messages of most interest by using
client-side filters, and they can add chat rooms that they want to follow, to their contact list.

Increase dispersion of important knowledge and information. Documents and links can be included
within conversations for access by all the team members. By posting questions to a broader team,
users can benefit from responses by subject matter experts. Integration with other information
systems enables important organizational data to be easily communicated to large groups.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 7-3

MICROSOFT INTERNAL TEACH

Persistent Chat Topologies


You can deploy Persistent Chat Server as an
optional role with Lync Server 2013. Persistent
Chat services run in a dedicated pool, and a
Persistent Chat Server pool depends on a Lync
Server pool to route messages to it. Clients use
Extensible Chat Communication over SIP (XCCOS).
The Lync Server front-end servers are configured
to route the traffic to a Persistent Chat Server pool.
Persistent Chat Server supports the following
topologies:

Single-Server Topology

Multiple-Server Topology

You can add Persistent Chat Server to your Lync Server 2013 deployment by using Topology Builder. You
can add a single server or multiple servers to the Persistent Chat Server pool in your topology.

Single-Server Topology

The minimum configuration and simplest deployment for Persistent Chat Server is a single Persistent Chat
Server front-end server topology. This deployment requires a single server that runs Persistent Chat
(which, optionally, runs the Compliance service, if compliance is enabled). This server hosts both the SQL
Server database, and if compliance is required, the SQL Server database that stores the compliance data.

Multiple-Server Topology

To provide greater capacity and reliability, you can deploy a multiple-server topology. The multiple-server
topology can include as many as four active computers running Persistent Chat Server (high availability
and disaster recovery configurations will allow up to eight, but only four can be active and the remaining
four are standby). Each server can support as many as 20,000 concurrent users, for a total of 80,000
concurrent users connected to a Persistent Chat Server pool with four servers. A multiple-server topology
is the same as the single-server topology, except that multiple servers host Persistent Chat server, and can
scale higher. Multiple computers running Persistent Chat Server should reside in the same Active Directory
Domain Services (AD DS) domain as Lync Server and the Compliance service.

Components and Requirements of Persistent Chat Server


Persistent Chat server components include:

One or more computers running Persistent


Chat Server and providing the following
services:
o

Persistent Chat service

Compliance service, which is turned on if


compliance is enabled

Server(s) that host the SQL Server back-end


database for hosting the Persistent Chat
content

If compliance is enabled, a server(s) that host the SQL Server back-end database for hosting the
Persistent Chat compliance database.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

7-4 Deploying Microsoft Lync Server 2013 Persistent Chat

Each computer that hosts the Persistent Chat Server must have access to an existing Lync Server 2013
topology, which includes a Lync Server 2013, front-end server. The front-end server is the foundation for
Session Initiation Protocol (SIP) routing, which makes communication between computers running
Persistent Chat Server and the Persistent Chat functionality possible. Before you begin to deploy Persistent
Chat Server, verify the deployment of Lync Server 2013, Standard Edition, or a Lync Server front-end pool
and any other internal computers running Lync Server, as appropriate to your organization.
The Persistent Chat Server uses the Persistent Chat database to store chat history, configuration, and user
provisioning data. Optionally, it uses the Persistent Chat compliance database to store compliance data.
Note: The Persistent Chat database (mgc) and the compliance database (mgccomp) can be
located in the same instance of SQL Server or on different SQL Servers.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 7-5

Lesson 2

MICROSOFT INTERNAL TEACH

Designing Lync Server 2013 Persistent Chat

Designing your Persistent Chat deployment properly for your organization is as important as any other
Lync 2013 system. You need to ensure that organizational productivity is not adversely affected. In
addition, you must ensure compliance with legal requirements and standards. To design a Persistent Chat
deployment, you should be familiar with the elements in a Persistent Chat infrastructure.

Lesson Objectives

Define the organizations requirements for Persistent Chat Server.

Design a Persistent Chat Server infrastructure.

Design a Persistent Chat room.

Organizational Requirements
Before you deploy the Persistent Chat Server for
your organization, you must consider the
following key questions to optimize your
deployment:
1.

Who (user profile) should be enabled for


Persistent Chat server? Persistent Chat Server
is enabled by a policy that can be set at a
global, site, pool or user level.

2.

How many users (scale) should be enabled for


Persistent Chat Server? Persistent Chat Server
supports 150,000 provisioned users (enabled
by policy), and a maximum of 80,000
concurrent users of the Persistent Chat Server. A single Persistent Chat Server can support 20,000
connected users, and a single Persistent Chat Server pool can have up to four active servers for a total
of 80,000 concurrently connected users.

3.

Are you migrating from a previous version of Group Chat Server, or are you deploying Persistent Chat
Server for the first time?

4.

Are there compliance requirements? Persistent Chat Server supports compliance. The compliance
service runs collocated on the Persistent Chat Server front-end server, as opposed to the requirement
for a separate computer in previous Group Chat Server deployments. Compliance is optional, and if
chosen, requires a compliance database that must be configured to store compliance data and
events. You may also want to configure an adapter to take the data from the compliance database
and convert it to another format (such as XML files or Exchange-hosted archives).

5.

How do you want to control scopes, ethical boundaries, and access? You can define categories to
segregate these boundaries, and choose who is allowed to be in rooms that are created in each of
these categories.

6.

How do you want to control who can create rooms? You can configure creators, appropriate to your
categories, who can create rooms. Creators can assign other members as Chat Room Managers for
ongoing management of the rooms (adding or removing additional members), according to the
scope for AllowedMembers/DeniedMembers configured by the category.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

7-6 Deploying Microsoft Lync Server 2013 Persistent Chat

7.

How do you want to create rooms? Persistent Chat Server provides a web-based feature for creating
and managing rooms, from the Lync 2013 client. You can choose to define a custom solution (by
using the Persistent Chat Server Software Development Kit (SDK)) that implements your business
requirements and workflows, and configures Persistent Chat Server to direct users to your custom
solution.

8.

What kind of add-ins do you want to provision? Add-ins enhance the in-room experience by taking
advantage of the extensibility pane in the Lync 2013 client to provide context that is relevant to the
room. You can choose what general add-ins might be most useful (for example, your company
website, internal collaboration documents, and so on). Chat room managers can choose one of the
registered add-ins and associate it with their rooms, if required.

9.

What kind of high availability and disaster recovery requirements do you have? Persistent Chat Server
supports SQL Server mirroring for high availability and supports up to eight servers (four active and
four standby) in a stretched pool with SQL Server log shipping for disaster recovery.

10. Are there regulatory requirements? If your company is in a country/region where data needs to be
kept globally, you may need to deploy multiple Persistent Chat Server pools, each local to a specific
geography. A room, category, or add-in does not span poolsit belongs to only one Persistent Chat
Server pool. Users can be configured to have access to rooms in one or more pools, depending on
how you design your categories.

Server Infrastructure
In Lync Server 2013, Persistent Chat Server is part
of the Lync Server 2013 infrastructure.
Persistent Chat Server is available with Lync Server
2013 Enterprise Edition as a separate pool (not
collocated with the Enterprise Edition front-end
servers). Persistent Chat Server requires a SQL
Server back-end server in your Enterprise Edition
pool to store the chat room content and other
relevant metadata. We recommend that you install
the PersistentChatStore on a dedicated SQL Server
back-end server, although collocating Lync Server
2013 back-end server and PersistentChatStore on
the same SQL Server instance is supported.
Persistent Chat Server can be deployed with Lync Server 2013 Standard Edition. In this case, the
PersistentChatService front-end server is collocated on the Standard Edition computer, and the
PersistentChatStore back-end server can be deployed on the local SQL Server Express instance.
Note: We do not support high availability for Persistent Chat Server Standard Edition.
Performance and scale will be limited. Furthermore, we support only new Persistent Chat Server
Standard Edition servers. We do not support upgrading Lync Server 2010, Group Chat Server to a
Lync Server 2013 Persistent Chat Server Standard Edition.

If your organization requires compliance support, you can enable the Persistent Chat Server Compliance
service on the Persistent Chat Server front-end server. A separate database is required for compliance. At
a minimum, each topology requires a server with Lync Server 2013 installed and a server with SQL Server
database software installed.

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 7-7

The Persistent Chat Server front-end server, PersistentChatService, can be deployed on one or more
stand-alone computers in a Lync Server 2013 Enterprise Edition pool. They cannot be collocated on the
Lync Server Enterprise Edition front-end servers. Persistent Chat Server can be deployed by the
Bootstrapper, just like other Lync Server roles. The Persistent Chat Web Services for File Upload/Download
and Persistent Chat Web Services for Chat Room Management are web components deployed on the
Lync Server 2013 front-end servers.
A single Persistent Chat Server front-end server can support 20,000 active users. You can have a Persistent
Chat Server pool with up to four active front-ends supporting a total of 80,000 concurrent users. The
Persistent Chat back-end server, PersistentChatStore, stores the chat rooms and categories. We
recommend that you install the PersistentChatStore on a dedicated SQL Server back-end server in your
Enterprise Edition pool; although we support collocating Lync Server 2013 back-end server and
PersistentChatStore on the same SQL Server instance.

Designing a Persistent Chat Room


As you create your categories and Persistent Chat
rooms, and design your scoping and membership,
the following guidelines can help you in your
planning:

If your company does not require an ethical


wall, do not narrow the scope in your
category tree. Put all your users in the scope
of one category, and create all chat rooms in
that category. Subsequently, use only
membership lists to grant or restrict access to
each chat room.

In most cases, you should enable users to


create new chat rooms so that discussions about new topics can be started any time. Enable this by
making the Creators list the same as the AllowedMembers list. However, if you want to allow only a
central support team or designated users to create rooms, then make the Creators list as the
appropriate subset.

Give each chat room a complete name and description summary that describes where it fits in with
your organization. Because users cannot see the category name when they use the chat room, you
cannot rely on the category name to help users determine the intended discussion forum for the chat
room.

You may want to have a custom room creation workflow if you have certain naming conventions or
other access controls or validations to implement. The Persistent Chat configuration enables you to
customize the RoomManagementUrl to something that you host. For example, when users click
Create a room in their Lync client, they can be redirected to your custom solution.

Create a variety of add-ins that help enhance the experience of chat rooms by bringing in other
business data into chat rooms. Administrators must register the add-ins that they want to allow in the
system. Chat room managers and creators can choose from the list of allowed add-ins for the ones
most relevant to their respective rooms.

Configuring add-ins for Persistent Chat rooms

In Lync Server 2013 Control Panel, you can use the Add-in section of the Persistent Chat page to associate
URLs with Persistent Chat rooms. These URLs appear in the Lync 2013 client in the chat room in the
conversation extensibility pane. An administrator must include the Add-ins in the list of registered add-ins,

MCT USE ONLY. STUDENT USE PROHIBITED

7-8 Deploying Microsoft Lync Server 2013 Persistent Chat

MICROSOFT INTERNAL TEACH

and chat room managers/creators have to associate rooms with one of the registered add-ins before users
can see this upgrade in their Lync 2013 client.
Add-ins are used to extend the in-room experience. A typical add-in might include a URL pointing to a
Silverlight application that intercepts when a stock ticker is posted to a chat room, and shows the stock
history in the extensibility pane. Other examples include embedding an OneNote 2013 URL in the chat
room as an add-in to include some shared context, such as "Top of mind" or "Topic of the day."

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 7-9

Lesson 3

MICROSOFT INTERNAL TEACH

Deploying and Configuring Lync Server 2013 Persistent


Chat

After you have designed and planned Persistent Chat in your Lync 2013 system, you can deploy it and set
up the chat room. You should be familiar with the deployment process and the tool used to configure
and manage chat rooms.

Lesson Objectives

Deploy a Persistent Chat Server infrastructure.

Configure and manage a Persistent Chat room.

Deploying Persistent Chat


Before starting the deployment of Persistent Chat
Server, you must install the required operating
system on hardware that meets the system
requirements on servers. Next, ensure that the
prerequisite software is installed. The prerequisite
software for Persistent Chat Server is the same as
the prerequisite software for the Lync Server 2013
front-end servers and the Lync Server 2013
Standard Edition server on which Persistent Chat
Server features are installed. The prerequisite
software required for the Persistent Chat Server
file store is the same as that for Lync Server 2013.

Add to the topology

After you install the prerequisite software on each server on which you plan to deploy Lync Server 2013,
Persistent Chat Server, you must use Topology Builder to add Persistent Chat Server support to your
topology, and then publish the topology.

Deploy the Persistent Chat Server


Installing Persistent Chat Server is integrated into the Lync Server 2013 setup and uses the same
Bootstrapper that Lync Server 2013 uses for installation.

Configure the Administrator

In Lync Server 2013, users who perform specific tasks must be assigned as members of one or more
specific groups. Role-based access control (RBAC) can also be used to grant privileges by assigning users
to predefined Lync Server 2013 administrative roles. Before configuring and administering Persistent Chat
Server, ensure that the appropriate user rights and permissions are in place, and that any users to be
classified as Persistent Chat administrators are added to the CsPersistentChatAdministrator security group.

Configure Persistent Chat

After deploying support for Lync Server 2013, Persistent Chat Server in Topology Builder, you use the Lync
Server 2013 Control Panel to configure how Persistent Chat Server is implemented in your deployment. In
the Lync Server 2013 Control Panel, you can use the Persistent Chat Policy page of the Persistent Chat
group to manage policies at a global, pool, site, or user level, including configuring the default global
policy and creating one or more additional user and site policies for your deployment. If a user is enabled

for Persistent Chat Server by policy, then the Persistent Chat Server environment appears in that users
Lync 2013 client.

MICROSOFT INTERNAL TEACH

Note: In the topology, Persistent Chat Server site policies apply globally, per users pool, or
per users site, or per user.

Configure and Manage a Room


Configuring Persistent Chat rooms is commonly
handled by users or other central teams by using
Windows PowerShell command-line interface. An
administrator typically does not manage chat
rooms. However, if you have to create and
manage chat rooms, you can use the Windows
PowerShell command-line interface, or add
yourself as a member of a chat room and use the
Lync 2013 client.
To create a new Persistent Chat Server room with
PowerShell, type the following code.
New-CsPersistentChatRoom -Name Foo1 PersistentChatPoolFqdn client.contoso.com -Category client.contoso.com\Foo [other
parameters]

To make changes to an existing Persistent Chat Server room use the following:
Set-CsPersistentChatRoom -Identity testCat -Members @{Add="sip:user1@contoso.com",
"CN=container,DC=contoso,DC=com"}
Set-CsPersistentChatRoom -Identity testCat -Managers @{Add="sip:user2@contoso.com"}
Set-CsPersistentChatRoom -Identity testCat -Presenters @{Add="sip:user1@contoso.com"}

MCT USE ONLY. STUDENT USE PROHIBITED

7-10 Deploying Microsoft Lync Server 2013 Persistent Chat

Persistent Chat Server enables users to collaborate by posting messages into Persistent Chat rooms. The
data is persisted on the server, and members of the room have access to the data, including historical
data. However, users with different roles have different access to the persisted data.
When a message is deleted, you cannot undo the action. However, deleted messages can be restored if
there is a backup. If a Persistent Chat Compliance server is enabled, old messages are persisted in the
compliance database.

Note: This chat room data usage applies to the Lync Server 2013, Persistent Chat Server API
application, except for the case when the administrator role is involved. The Persistent Chat Server API
cannot be used to perform any of the administrators operations. You must perform these operations in
the Lync Server Management Shell.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 7-11

Lab: Deploying Persistent Chat Server

MICROSOFT INTERNAL TEACH

Scenario

Adatum has a corporate policy and legal requirement to ensure instant messages that take place between
the sales team members to be available even when users leave the chat and also when they want to join
the chat back they could see the previous messages and also search the chat for any specific word or
message, they also want to ensure that no other department should participate in the chat sessions of the
sales team and vice versa. Adatum decided to deploy Lync server persistent chat capability to meet their
corporate and legal requirements. Estimated Time: 50 minutes

Exercise 1: Defining a Persistent Chat Topology


Scenario

In this exercise you will add persistent chat server in your Lync topology with the following configurations:

Pool FQDN,: Lon-CHAT01.adatum.com

Should be Single Computer Pool

Display Name : ADatum Persistent Chat Pool

Default Port

Enable Compliance

SQL Server Store : lon-sql01.adatum.com\LYNC

No SQL Server Store Mirroring

Compliance SQL Server Store ; lon-sql01.adatum.com\LYNC.

No SQL Server Store Mirroring

File store : lon-sql02.adatum.com\lyncshare

Next hop server : lon-pool.adatum.com London (Site 0)


The main tasks for this exercise are as follows:
1. Start the virtual machines.
2. Deploy and run the Topology Builder.

Task 1: Start the virtual machines.


Start the Virtual Machines

Task 2: Deploy and run the Topology Builder.


Deploy and run the Topology Builder.

Results: After completing this exercise, you should have published the persistent Chat pool to the
topology.

Exercise 2: Installing Persistent Chat and Compliance Service


Scenario
In this exercise you will be deploying persistent chat and compliance service in your deployment on
20336B-LON-CHAT1-03 virtual machine, also create and assign required certificates.

The main tasks for this exercise are as follows:


1. Install the local configuration store.
2. Set up components.

MICROSOFT INTERNAL TEACH

3. Request and assign certificates.


4. Start Lync Persistent Chat services.

Task 1: Install the local configuration store.


Install the Local Configuration Store.

Task 2: Set up components.


Set up components.

Task 3: Request and assign certificates.


Request and assign certificates.

Task 4: Start Lync Persistent Chat services.


Start Lync Persistent Chat Services.

Exercise 3: Configuring and Using Persistent Chat Rooms


Scenario
In this exercise you will configure Persistent chat rooms with the following configurations, and enable
users for that room.

Enable user : Allie Bellew for Lync and make her part of lon-pool.adatum.com

SIP Uri : Email address

Enterprise Telephony : Enabled

Create Persistent chat room from Lync server control panel

New Category : persistentChatServer:lon-chat01.adatum.com

Name : Sales persistent Chat Room

Description : Chat Room for Sales Users

File Upload : Enabled

Allowed members : sales Organizational Unit

Creators section: add Aaren Ekelund. Click Aaren Ekelund,

Persistent Chat global Policy : enable persistent chat

Create a chat room for Sales employee :

As adatum\aaren on Lon-Cl1 Create a Chat Room.

Room Name Sales War Room

Description : this is the war room for the sales team of Adatum

Privacy option : closed

Managers : Aaren Ekelund

Members : try and add both Allie Bellew and Dan Park

MCT USE ONLY. STUDENT USE PROHIBITED

7-12 Deploying Microsoft Lync Server 2013 Persistent Chat

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 7-13

The main tasks for this exercise are as follows:


1. Enable users.
2. Grant rights to create the Persistent Chat room.

MICROSOFT INTERNAL TEACH

3. Create the Persistent Chat room for the Sales employees.

Task 1: Enable users.


Enable Users

Task 2: Grant rights to create the Persistent Chat room.


Grant Rights to creating the persistent Chat Room

Task 3: Create the Persistent Chat room for the Sales employees.
Create the Persistent Chat Room for Sales

Module Review and Takeaways

MICROSOFT INTERNAL TEACH

Best Practice:
Persistent Chat Server supports a stretched pool architecture that enables a single Persistent Chat
Server pool to be stretched across two sites. It is important to remember here that SQL Server
mirroring is used to provide high availability for the Persistent Chat Server content database and
Persistent Chat compliance database within a data center (same location), and that SQL Server
Log Shipping is used for cross-site disaster recovery.

Common Issues and Troubleshooting Tips


Common Issue

Troubleshooting Tip

Lync 2013 client shows chat room access


may be limited.

Lync Server 2013 Persistent Chat


installation fails during setup when
running the Lync Server 2013 Deployment
Wizard.

Review Question(s)
Question: What additional software is required for Persistent Chat front-end servers?
Question: Does Lync Server 2013 allow for chat rooms to have contacts outside the
immediate organization to join in and participate in the room?

Real-world Issues and Scenarios


Contoso plans to migrate Lync Server 2010, Group Chat to Lync Server 2013, Persistent Chat. What do
they need to consider when deploying Lync 2013 clients?

MCT USE ONLY. STUDENT USE PROHIBITED

7-14 Deploying Microsoft Lync Server 2013 Persistent Chat

While Lync 2013 clients can be used against a Lync Server 2010 pool, they cannot be used against Lync
Server 2010, Group Chat. If you roll out the Lync 2013 client first during a migration, you need to leave
the Lync 2010 Group Chat client installed because Lync 2013 clients are not compatible with Lync Server
2010, Group Chat.

Additionally, the Lync 2013 client does not support the file transfer feature in Persistent Chat. You will
need to use the legacy Group Chat client to take advantage of the file transfer feature in Lync Server 2013
Persistent Chat.

MCT USE ONLY. STUDENT USE PROHIBITED


8-1

MICROSOFT INTERNAL TEACH

Module8
Monitoring and Archiving
Contents:
Module Overview

8-1

Lesson 1: The Archiving Service

8-2

Lesson 2: The Monitoring Service

8-7

Lesson 3: Configuring Archiving and Monitoring

8-11

Lab: Configuring and Using Archiving and Monitoring in Lync Server 2013

8-16

Module Review and Takeaways

8-19

Module Overview

In Microsoft Lync Server 2013, the Archiving service provides a solution for archiving the content of
instant messages (IM) and web conferencing communications in support of your compliance
requirements.

The Monitoring service collects numerical data about the quality of calls on your network, and details
about participants, device names, drivers, IP addresses, and endpoint types involved in calls and sessions.
This Quality of Experience (QoE) data enables you to monitor the quality of real sessions and perform
troubleshooting in response to end-user issues. In addition, these types of call detail statistics are useful
for monitoring usage trends and calculating your organizations overall return on investment (ROI).

You should, therefore, know about the features and configuration of both the Monitoring and Archiving
services. In addition, you should know how to interpret the QoE reports and use this information to better
manage and deliver high-quality user experience for Lync Server 2013.

Objectives

Describe the Archiving service.

Describe the Monitoring service.

Configure the Archiving and Monitoring services.

Lesson 1

MICROSOFT INTERNAL TEACH

The Archiving Service

MCT USE ONLY. STUDENT USE PROHIBITED

8-2 Monitoring and Archiving

Corporations and other organizations are subject to an increasing number of industry and government
regulations that require the retention of specific types of communications. With the Archiving server
feature, Lync Server 2013 provides a way for you to archive IM content, web conferencing (meeting)
content, or both that are sent through Lync Server 2013. The Archiving service provides various
components that you can use to archive meeting content. To do this, you should be aware of the process
for configuring the Archiving service and the capabilities offered by the Archiving server role.

Lesson Objectives

List the features and components of the Archiving service.

Explain IM archiving.

Describe conferencing compliance in Lync Server 2013.

Describe archiving policy options in Lync Server 2013.

Features and Components of the Archiving Service


Lync Server 2013 communications software
introduces several new features and components
that enhance your ability to archive IM and
meeting content for compliance purposes.

Features
The new archiving features in Lync Server 2013
include:

Collocation on front-end servers. In previous


versions of Microsoft Lync Server, the
Archiving Role was deployed as a separate
Archiving Server Role. In Lync Server 2013,
Archiving is an optional feature available on all Front End Servers.

Exchange integration option. Data storage for Archiving can be integrated into Exchange Server 2013
for all users who have mailboxes on Exchange 2013 and have their mailboxes put on In-Place Hold.
This removes the need to deploy separate SQL databases for archiving.

Searchable transcript of archived information. Data archived to Exchange 2013 is searchable and
discoverable. If Exchange 2013 integration is not used, Lync Server 2013 provides a session export
option that you can use by running the Lync Server 2013 cmdlet Export-CsArchivingData.

SQL store mirroring. If Exchange 2013 integration is not being used, Lync Server 2013 Archiving will
use SQL databases, and includes the ability to provide availability for the archiving SQL databases by
using SQL mirroring. This is an optional topology in which you deploy two Back End Servers for a
Front End pool, and set up synchronous SQL mirroring for all the Lync databases running on the Back
End Servers. SQL Mirroring will be discussed in detail later in this module.

Components
The Archiving service includes the following three components:

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 8-3

Unified data collection agents. The agents are responsible for capturing the messages to be archived.
These agents are installed and activated automatically on every front-end pool and Standard Edition
server. However, no messages are captured unless archiving is enabled and appropriately configured.
Archiving can be enabled at the global level, site level, or for specific users.

Archiving data storage. Archived data can be stored in the following locations:
o

Exchange Server 2013 storage. When Exchange integration is enabled, user mailboxes placed on
Exchange Server 2013 use the users Exchange Mailbox for data storage, but only if the mailboxes
have been put on In-Place Hold.

SQL Server storage. When users mailboxes are saved on Lync Server 2013, and Exchange 2013
integration is not enabled (or desired), archiving data is stored in a SQL database.

IM Archiving
If you deploy Archiving, you can set it to archive
instant messages and conferences, and specify the
users for whom archiving is enabled.
When you deploy Archiving, a global policy is
created by default. You can use the global policy
to enable archiving of internal communications
(communications between internal users) and
external communications (communications that
include at least one external user). You can also
specify the users for whom archiving is enabled by
creating policies for specific users or sites.

If archiving is enabled for at least one user, you


can archive the instant messages from their multiparty conferences, even if not all users in the conference
have been configured for archiving.

If Exchange Server 2013 integration is configured, you can control archiving for the user by configuring an
In-Place Hold on the users mailbox in Exchange. Additional control is available by using the following
cmdlet. ExchangeArchivingPolicy parameter of Set-CsUser

Conferencing Compliance
Lync Server 2013 consolidates conferencing
compliance storage and management to make it
easier for you to administer. In Lync Server 2013:

Archiving policy settings for both IM and


meetings are unified for easier administration.

The core archiving store consolidates IM


content and web conferencing attendee
entries and exits. (The content of meeting
handouts is still stored on the file share used
by the front-end or Standard Edition Servers.)
Note: Archiving of internal or external

communications is not enabled by default.

MICROSOFT INTERNAL TEACH

When you enable archiving for a particular user, all instant messages and meeting content in both IM
conferences and web conferences that the user participates in, are archived.
Group conferences are archived if one of the following policies is configured to enable archiving:

At least one of the participants has a user policy configured to require archiving.

The global policy or site policy is configured to enable archiving of all group conferencing.

Content That Is Archived


Content that is archived includes the following:

Content of peer-to-peer instant messages

Content of multiparty instant messages

Content of web conferences, including uploaded content (such as handouts) and events (such as
joining, leaving, uploading, sharing, and changing visibility)

Whiteboards and polls shared during a conference

Content That Is Not Archived


Content that is not archived includes the following:

Peer-to-peer file transfers

Audio/video for peer-to-peer and conferences

Content of desktop-sharing sessions

Content of application-sharing sessions


Note: You can record A/V or application sharing or both in the Lync 2013 client.

Archiving Configuration
You can control the configuration of archiving for
your organization by configuring policies at three
levels:

Global

Site

Pool (Service)

For each archiving configuration, you can specify


whether archiving is enabled, whether to archive
IM, or IM and web conferencing, enable exchange
integration, and configure purging.

Global Archiving Configuration

MCT USE ONLY. STUDENT USE PROHIBITED

8-4 Monitoring and Archiving

A global configuration for Archiving is created automatically when Lync is deployed. However, no
Archiving options are enabled in the global configuration, by default. This is the most common place to
configure Archiving.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 8-5

Site Archiving Configuration

MICROSOFT INTERNAL TEACH

Archiving options can be applied to specific Lync central sites by creating and configuring options in an
Archiving configuration for each respective site. A site configuration overrides the global configuration,
but only for the specified site.

Pool Archiving Configuration

Archiving options can be applied to specific pools by creating and configuring options in an Archiving
configuration for each respective pool. A pool configuration overrides the global and site (if configured)
configuration, but only for the specified pool.

Archiving Policy Options


You can control the scope of archiving for your
organization by configuring policies at three
levels:

Global

Site

User

For each archiving policy, you can specify whether


to archive only IM sessions or to archive both IM
and conferencing sessions.

Global Archiving Policy

A default global archiving policy is automatically created when you deploy the Archiving server role. The
global policy applies to all users and sites in your deployment. The global policy specifies whether to
enable archiving of internal communications, external communications, or both.
The global policy can specify that instant messages from all multiparty conferences are archived, even if
you have set archiving policies for specified users and sites.
Note: By default, archiving is not enabled for either internal communications or external
communications. Also, the global policy cannot be deleted.

Site Archiving Policy

You can enable archiving support for specific sites. For example, to enable archiving support for a small
number of sites, you can set the global archiving policy to not archive internal or external
communications, and then you can create a site policy for each site in which you want to enable archiving.
As with the global policy, you decide whether to enable archiving of internal communications, external
communications, or both.

User Archiving Policy

You can choose to enable or disable archiving support for specific users. As with global and site policies,
you can specify whether to enable archiving of internal communications, external communications, or
both.
For example, to disable archiving support for specific users at a site, you can:

Set the global archiving policy to not archive internal and external communications.

Create a site policy for the site to enable archiving for the site.

Create a user policy that disables archiving support for the users.

If you create both site and user policies, user policies override site policies.

MICROSOFT INTERNAL TEACH

Exchange Archiving

MCT USE ONLY. STUDENT USE PROHIBITED

8-6 Monitoring and Archiving

Additionally, you can configure Exchange 2013 integration for Archiving. When Exchange 2013
integration is configured, and the users mailbox is located on an Exchange 2013 Mailbox Server, the value
for ExchangeArchivingPolicy determines how Lync will handle archiving.
You can choose to enable or disable archiving support for specific users by using the Set-CsUser cmdlet,
setting the ExchangeArchivingPolicy parameter to:

Uninitialized. Indicates that archiving will be based on the In-Place Hold settings configured for the user's
Exchange mailbox. If In-Place Hold has not been enabled on the user's mailbox, the user will have his or
her messaging and web conferencing transcripts archived in Lync Server.
UseLyncArchivingPolicy. Indicates that the user's instant messaging and web conferencing transcripts
should be archived in Lync Server, rather than in Exchange.

NoArchiving. Indicates that the user's instant messaging and web conferencing transcripts should not be
archived at all. Note that this setting overrides any Lync Server archiving policies assigned to the user.

ArchivingToExchange. Indicates that the user's instant messaging and web conferencing transcripts should
be archived to Exchange, regardless of the In-Place Hold settings that have (or have not) been assigned to
the user's mailbox.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 8-7

Lesson 2

MICROSOFT INTERNAL TEACH

The Monitoring Service

In Lync Server 2013, the Monitoring service collects performance metrics and provides you with reporting
capabilities to help ensure the quality of your Lync Server 2013 communications system. You can use the
Quality of Experience (QoE) and Call Detail Records (CDR) features and the capabilities offered by the
Monitoring service.

Lesson Objectives

List the features and components of the Monitoring service.

Explain QoE and CDR.

Describe the SQL Server Reporting features with QoE.

Describe the Monitoring policy options in Lync Server 2013.

Features and Components of the Monitoring Service


In Lync Server 2013, you can use monitoring to
collect data that describes the media quality on
your network and endpoints that are involved in
communications sessions through your
Lync Server 2013 deployment. You can collect
usage information related to:

Voice over Internet Protocol (VoIP) calls

IM messages

A/V conversations

Meetings

Application sharing

File transfers

Error and troubleshooting

Components

The Monitoring service is collocated on the existing front-end servers, and includes the following four
components:

Unified data collection agents. The CDR and QoE agents are installed automatically on every front-end
server.

Monitoring databases. To store and collect data, the Monitoring service requires databases that use
SQL Server. The databases can be collocated on the back-end SQL instance, or on a different
computer. Separate databases are required for CDR and QoE information. They both always run on
the same instance of SQL Server.

Microsoft Systems Center Operations Manager (SCOM) Management Pack. This is an optional
component. The Call Reliability and Media Quality Monitoring component of SCOM use Monitoring
server CDR and QoE data to generate near real-time alerts showing the health of call reliability and
media quality.

Monitoring Server Reports. This is also an optional component. It contains out-of-the-box reports on
usage, call diagnostic information, and media quality information based on the data stored in the
CDR and QoE databases. The reports are generated by using SQL Server Reporting Services.

Supported Topologies

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

8-8 Monitoring and Archiving

Each Monitoring database can capture data from one or more Enterprise Edition pools, and Standard
Edition servers.

Supported Database Collocation


Monitoring data can share a SQL Server instance with other types of data. Typically, the call detail
recording database (LcsCdr) and the Quality of Experience database (QoEMetrics) share the same SQL
instance; it is also common for the two monitoring databases to be in the same SQL instance as the
archiving database (LcsLog).

The only real requirement with SQL Server instances is that any one instance of SQL Server is limited to
the following:

One instance of the Lync Server 2013 back-end database. (As a general rule, we do not recommend
that your monitoring database be collocated in the same SQL instance, or even on the same
computer, as the back-end database. Although technically possible, you run the risk of the
monitoring database using up disk space needed by the back-end database.)

One instance of the call detail recording database.

One instance of the Quality of Experience database.

One instance of the archiving database.

Quality of Experience and Call Detail Recording


In Lync Server 2013, QoE records capture
numerical data that indicates the media quality in
calls and sessions. CDRs capture usage and
diagnostic information. In Lync Server 2013, both
CDR and QoE functionality is enabled by default
when you deploy the Monitoring server role.

QoE

QoE records not only capture numerical data


about the quality of calls on your network, but
also capture information about participants, device
names, drivers, IP addresses, and endpoint types
involved in calls and sessions. These quality metrics
are collected at the end of every VoIP call and every video call from the participant endpoints, including
IP phones, Lync Server 2013, some legacy clients, and A/V conferencing servers and Mediation Servers. For
Mediation Servers, metrics are gathered from both the path between the Mediation server and UC
endpoints, and the path between the Mediation Server and the media gateway.
You can run the following query against the QoEMetrics database to get jitter and packet loss average for
all audio streams.
selectavg(cast(JitterInterArrival as bigint)) as JitterAvg, avg(PacketLossRate) as
PacketLossRateAvg from AudioStream

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 8-9

CDR

MICROSOFT INTERNAL TEACH

CDRs capture usage information related to VoIP calls, IM messages, A/V conversations, meetings, file
transfers, application sharing, and remote assistance.
Note: The actual content of IM messages is not captured in CDR data. To preserve IM
content for compliance reasons, use the Archiving server feature.

CDR data is frequently used for billing purposes and is therefore very important in many deployments. In
Lync Server 2013, CDR data is captured for both peer-to-peer and multiparty conferences.

The CDR database in Lync Server 2013 includes new usage and diagnostic data for Lync Server 2013
features, including conferencing, registration, and device diagnostics. There is also comprehensive data for
usage tracking and voice-quality diagnostics.
For example, using SQL Server Management Studio, you can run the following query against the LcsCDR
database to find the total number of public switched telephone networks (PSTNs) to Unified
Communications (UC) calls.
Select Count(*) as 'Number of PSTN to UC Calls'
From VoipDetails as voipd
Join SessionDetails as sd on (voipd.SessionIdTime = sd.SessionIdTime and
voipd.SessionIdSeq = sd.SessionIdSeq and sd.User1Id is null)
and FromNumberId in (SELECT PhoneId from Phones)
and FromGatewayId is not null

SQL Server Reporting Services


Lync Server 2013 uses Microsoft SQL Server
Reporting Services to publish Monitoring server
reports. These reports are published to a web
server where you can read them with a browser.
You also have the ability to schedule the delivery
of reports in email messages. The Monitoring
server contains a standard set of reports that
describe the data and define the report that will
be created by the SQL Server Reporting Services.

Installing SQL Server


To use the SQL Server reports, you must install
SQL Server on the computer that hosts the
Monitoring server database. The database engine component of SQL Server is required to run the
database. The Reporting Services component of SQL Server is required to run the reports. The two
components do not have to reside on the same logical server.
You must install the Monitoring server reports on the instance of SQL Server running the Reporting
Services.
Lync Server 2013 supports the following 64-bit versions of SQL Server:

Standard or Enterprise Edition of SQL Server 2008 R2. Latest service pack is recommended.

Standard or Enterprise Edition of SQL Server 2012. Latest service pack is recommended.

Verifying the Web Service URLs


After deploying Reporting Services, you need to verify that the Reporting Services web services URLs,
which are used to view the Monitoring server reports, are working correctly.

MICROSOFT INTERNAL TEACH

To verify that the URLs work:

MCT USE ONLY. STUDENT USE PROHIBITED

8-10 Monitoring and Archiving

1.

Open Reporting Services Configuration Manager from the SQL Server Configuration Tools.

2.

Connect to your instance of Reporting Server.

3.

On the web services URL page, click the URLs listed under Report Server Web Service URLs to verify
that the link can be opened.

You deploy Monitoring server reports to this link. You are given the option to use either HTTP or HTTPS
to deploy the reports. If both are available, Reporting Services is installed to HTTPS.

Monitoring Policy Options


You can configure Monitoring server settings for
CDR and QoE by using the Lync Server Control
Panel or Lync Server Management Shell cmdlets.
Your options include whether monitoring is
enabled or disabled, whether monitoring is
applied at the global or site level (you cannot set
monitoring policy at the user level), and the length
of data retention.

Configuring Monitoring Server by Using


the Lync 2013 Control Panel
To configure the Monitoring server:
1.

Open Lync Server Control Panel.

2.

Click Monitoring and Archiving and do the following:

Click the Call Detail Recording tab to enable or disable Call Detail Recording and configure Call
Detail Recording purging settings.

Click the QoE Data tab to enable or disable QoE and configure QoE purging settings (as seen on the
slide).

Configuring Monitoring Server by Using the Lync 2013 Management Shell

Whether you use the Management Shell or Control Panel is purely a matter of preference. If you prefer to
use the Management Shell, you can use the following cmdlets to configure the Monitoring server:
To configure CDR settings, use the following cmdlets.
New-, Set-, Get- and Remove-CsCdrConfiguration

To configure QoE settings, use the following cmdlets.


New-, Set-, Get- and Remove-CsQoEConfiguration

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 8-11

Lesson 3

MICROSOFT INTERNAL TEACH

Configuring Archiving and Monitoring

To enable archiving of IM and web conferencing content that is sent through Lync Server 2013, you must
add Archiving to the topology and publish the new topology. To enable CDR and QoE data collection and
reporting, you must add Monitoring to the topology and publish the new topology.
You can perform specific steps to implement the Archiving and Monitoring service for Lync Server 2013.

Lesson Objectives

Identify the steps for implementing the Archiving service.

Configure the Archiving service.

Identify the steps for implementing the Monitoring service.

Configure the Monitoring service.

Implementing the Archiving Service


Before you can configure and use archiving, you
must first select the data storage platform
(Exchange or SQL), and then define Archiving in
the topology. You also need to define the policies
that specify how archiving is implemented in your
organization.

Scope
You can specify policies to control the archiving of
specific content at the global, site, and user levels.
Your scope should include which policies are
required, whether archiving is to be enabled for
internal communications, external
communications, or both, and which workloads are to be archived.

Critical Mode

You can specify that the Archiving configuration should run in critical mode if archiving is mission-critical
in your organization. In critical mode, if instant messages and conferencing content cannot be archived,
Lync Server 2013 blocks specific functionality. For example:

If the Archiving service is temporarily unable to send a message to the Lync Storage Service, IM
functionality is blocked until archiving support is restored.

If a web conferencing user uploads a file, but the file cannot be copied to the Archiving file store, all
active conferences hosted in the pool are switched to restricted mode, and new conferences cannot
be activated.

The blocking of IM and conferencing does not affect any other Lync Server 2013 feature and functionality
because it is primarily intended to ensure that compliance requirements are met.

Long-Term Archival (SQL Database Stores)


The archiving SQL database is not intended for long-term retention. Therefore, data needs to be
periodically moved to other storage locations.

MICROSOFT INTERNAL TEACH

Lync Server 2013 provides a session export tool that you can use to export archived data and create
searchable transcripts of the archived data. The Lync Server 2013 Data Session Export Tool can create
searchable transcripts of archived data. The session export tool can be used to:

Create transcripts from archived data such as multi-part email messages as a multi-part MIME
formatted Microsoft Office Outlook Express Electronic Mail (EML) format .eml file. The content
consists of the IM or conference transcript, the conference activity file (as an attachment), and
uploaded conference files, including handouts (as attachments). Transcripts can be created for all
users or specific users.

Mark records that have been exported as safe to delete.

MCT USE ONLY. STUDENT USE PROHIBITED

8-12 Monitoring and Archiving

The Data Session Export Tool creates a single transcript for each completed communications session that
occurred within the specified date range.
To run the Data Session Export Tool, you use the following Lync Server 2013 cmdlet.

Export-CsArchivingData -DBInstance<Database\Instance> -StartDate "10/1/2013 12:00:00" EndDate "1/1/2011 12:00:00"-OutputFolder d:\arch_export

Purge Mode
You can specify if archiving data should be purged. By default, purging is not enabled. If you enable
archiving data purge mode, you must specify one of the following options:

Purge archiving data after a specific number of days, regardless of whether it has been exported. The
minimum number of days is 1, the maximum is 2,562 days.

Purge archiving data only after it is exported (which also includes data that has been uploaded to
Exchange). This option purges those records that have been exported by the session export tool and
marked as safe to delete.

You configure purge settings by using the Archiving Configuration tab in Lync Server Control Panel.

If Exchange integration is enabled, purging is controlled by Exchange for users who have mailboxes stored
on Exchange 2013 Mailbox Servers and put on In-Place Hold. The exception is for conferencing files,
which are stored in the Lync File Share.

Configuring the Archiving Service


The Archiving Service is collocated on the frontend server role in Lync Server 2013, in the form of
unified data collection agents. There is no separate
server that is required, as there was in previous
versions of Lync Server.

Create the Appropriate Topology


When deploying Archiving in Lync Server 2013,
data can be stored in SQL databases, or Exchange
2013 mailboxes. If Exchange 2013 integration is
not being utilized, then the administrator must
define the SQL Stores that will be used for
Archiving in Topology Builder, and associate them
to the corresponding Standard or Enterprise Edition pools.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 8-13

If Exchange 2013 integration is being used, server-to-server authentication must be configured. Prior to
configuring server-to-server authentication, you must assign appropriate certificates to each server, and
configure each server to be a partner application of the other server.

MICROSOFT INTERNAL TEACH

To configure Lync Server 2013 to be a partner application for Exchange Server 2013, use the ConfigureEnterprisePartnerApplication.ps1 PowerShell script, which is provided with Exchange Server 2013.
"C:\Program Files\Microsoft\Exchange Server\V15\Scripts\ConfigureEnterprisePartnerApplication.ps1
-AuthMetaDataUrl 'https://atl-cs-001.litwareinc.com/metadata/json/1' -ApplicationType
Lync"

To configure Exchange Server 2013 to be a partner application for Lync Server 2013, use the NewCsPartnerApplication cmdlet in Lync Management Shell.
New-CsPartnerApplication -Identity Exchange -ApplicationTrustLevel Full -MetadataUrl
"https://autodiscover.litwareinc.com/autodiscover/metadata/json/1"

Configuring Archiving Policies

Next, you configure Archiving policies by using the Archiving Policy tab of Lync Server Control Panel.
You can use the default global policy, or you can configure specific policies to control whether archiving is
enabled for sites and users.
For each site that you have deployed, you can create an archiving policy to control whether archiving is
enabled or disabled for internal communications, external communications, or both.

The configuration in the site policy overrides the global policy, but only for that specific site covered by
the site policy. For example, if you enable archiving of internal and external communications in the global
policy, you might specify a site policy that disables archiving for internal communications, external
communications, or both, for that one site.
Note: You cannot delete the global policy. If you attempt to delete it, the configuration
resets to the default value.

Creating a User Policy for Archiving

Configuring per-user archiving policies is optional. However, if you deploy per-user policies, you must
explicitly assign them to users, groups, or contact objects. Archiving requirements automatically revert to
default to those defined in the global-level conferencing policy when no specific site-level or per-user
policy is assigned.
You can create an archiving policy to control whether archiving for specific users is enabled or disabled
for internal communications, external communications, or both.

The configuration in the user policy overrides the global policy and site policies, but only for the specific
users covered by the user policy. For example, if you enable archiving of internal and external
communications in the global policy, you might specify a site policy that disables it for internal
communications, external communications, or both for that one site. You may then specify a user policy
that enables archiving for a specific group of users at that site.
When Exchange archiving integration is enabled, the ExchangeArchivingPolicy parameter can be
configured through Lync Management Shell (this is not exposed in the Lync Server Control Panel).

For example, to configure a user account so that instant messaging and web conferencing transcripts are
always archived to Exchange, you can use a command similar to the following code example.
Set-CsUser -Identity "Ken Myer" -ExchangeArchivingPolicy ArchivingToExchange

Implementing the Monitoring Service

MICROSOFT INTERNAL TEACH

To deploy and configure the Monitoring service,


you perform the following four steps:
1.

Install SQL Server and


Microsoft SQL Server Reporting Services, and
verify the Reporting Services web service
URLs.

2.

Define a SQL Server Store (or use an existing


SQL Server Store) in the topology by using
Topology Builder.

3.

Enable Monitoring on the pool, select the


corresponding SQL Server Store, and then
publish the topology.

4.

Deploy Monitoring Server Reports to an instance of SQL Server Reporting Services.

Step 1: Install SQL Server and Microsoft SQL Server Reporting Services

MCT USE ONLY. STUDENT USE PROHIBITED

8-14 Monitoring and Archiving

SQL Server is required for the Monitoring service to store the collected QoE and CDR data. Monitoring
server describes this data by using a standard set of reports published by SQL Server Reporting Services.
To view these reports, you must install an instance of SQL Server Reporting Services.

Install SQL Server on the computer that will host the Monitoring server database. This can be a dedicated
database server, or it can be collocated on the same SQL instance used for the Enterprise Edition frontend pool.
Note: SQL Server Express Edition is not supported.
You should install the same versions of SQL Server Reporting Services and SQL Server.
For more information about SQL Server, see the SQL Server Tech Center at:
http://go.microsoft.com/fwlink/?LinkId=129045
For more information about SQL Server Reporting Services, see Install Reporting Services
Native Mode Report Server (SSRS) at:
http://go.microsoft.com/fwlink/?LinkId=275645

You can configure the reporting service while installing the SQL Server Reporting Services, or you can use
the Reporting Services Configuration Tool to configure the Report server after installation is complete.
For more information about configuring the Reporting Services, see Reporting Services
Configuration Manager at:
http://go.microsoft.com/fwlink/?LinkId=204090
For more information about how to configure Reporting Services, click this link:
http://go.microsoft.com/fwlink/?LinkId=187488

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 8-15

Verify the web service URLs

MICROSOFT INTERNAL TEACH

After deploying SQL Server Reporting Services, you should verify that the Reporting Services web service
URLs are working correctly. These URLs are used to view the Monitoring Server reports. You have the
option to use either HTTP or HTTPS to deploy the reports. SQL Server Reporting Services will be installed
to use HTTPS if both are available.

For more information about how verify Reporting Services installation, see How to: Verify a
Reporting Services Installation at:
http://go.microsoft.com/fwlink/?LinkId=187490

Step 2: Define the SQL Server store in the topology

Before you can deploy Monitoring services, you must use Topology Builder to define the required
database or database instance to your internal topology, and then publish the new topology. You can use
the same database server defined previously in an Enterprise Edition deployment, or you can define a new
SQL Server Store. Optionally, SQL mirroring can be configured for this SQL Server Store to provide high
availability. This will be discussed in the module on, High Availability and Disaster Recovery.

Step 3: Associate the Monitoring Database Store

In Topology Builder, select the pool(s) on which to enable monitoring, and associate the corresponding
SQL Server Store.

Step 4: Deploy Monitoring Server Reports

You must also deploy the Monitoring Server Reports by using the Lync Server Deployment Wizard.
However, you must ensure that you have appropriate permissions. The minimum set of permissions must
include local server administrator, domain user, RtcUniversalServerAdmins, and monitoring database
(SQL Server Reporting Services) read/write permissions.

Configuring the Monitoring Service


You can configure Monitoring server settings for
CDR and QoE by using either Lync Server Control
Panel or Lync Server Management Shell cmdlets.
Using Control Panel is generally more popular
because of its ease of use, unless a given task can
be simplified through scripting automation. The
types of settings you can configure for the
Monitoring server include specifying whether CDR
and QoE are enabled or disabled, and specifying
the data retention period.

Data Purge

By default, both CDR data and QoE data are


purged after 60 days. You can specify whether you want to retain the data for a longer or shorter period
of time. If you disable either CDR or QoE, data that was captured while CDR or QoE was enabled will also
be subject to purging.
Note: You should configure CDR and QoE to retain data for the same number of days. Each
call in the Call Detail Reports, available from the Monitoring Server reports home page, includes
CDR and QoE information. If the purging duration for CDR and QoE is different, some calls may
only include CDR data, while others may only include QoE data.

Lab: Configuring and Using Archiving and Monitoring in


Lync Server 2013

MICROSOFT INTERNAL TEACH

Scenario

MCT USE ONLY. STUDENT USE PROHIBITED

8-16 Monitoring and Archiving

Adatum management, in consultation with the legal department, has decided to deploy Monitoring and
Archiving for quality control and compliance reasons. Adatum management also wants to configure
Microsoft SQL Server Reporting and deploy Microsoft Lync Server 2013 Monitoring reports. Finally,
Adatum is using Exchange Server 2013, and would like to archive messages to the Exchange store.

Lab Setup
Estimated Time: 80 minutes

Important We recommend that the steps in this and every lab be split between the two students in your
pod. The students can determine when to share tasks so that both students gain an understanding of the
concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do
tasks at the same time, you may overwrite each others work and possibly lose data.

Exercise 1: Configuring Lync Archiving to Exchange 2013


Scenario

In this exercise, you will Configure Exchange server 2013 as Archiving server for Lync, and generate some
archiving data. Also you will view that archiving data via exchange control panel. Please follow the steps
mentioned in the Tasks below to complete this exercise.
The main tasks for this exercise are as follows:
1. Start the virtual machines.
2. Add the administrator account to RTCUniversalServerAdmins.
3. Configure Lync Server 2013 to be a partner application for Exchange Server 2013.
4. Configure Exchange Server 2013 to be a partner application for Lync Server 2013.
5. Configure Lync Server 2013 to use Exchange Server 2013 for archiving.
6. Generate traffic to be archived.
7. View archived data by using Exchange Control Panel.

Task 1: Start the virtual machines.


Start the virtual machines.

Task 2: Add the administrator account to RTCUniversalServerAdmins.


Add the administrator account to RTCUniversalServerAdmins

Task 3: Configure Lync Server 2013 to be a partner application for Exchange Server
2013.
Configure Lync Server 2013 to be a Partner Application for Exchange Server 2013.

Task 4: Configure Exchange Server 2013 to be a partner application for Lync Server
2013.
Configure Exchange Server 2013 to be a Partner Application for Lync Server 2013.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 8-17

Task 5: Configure Lync Server 2013 to use Exchange Server 2013 for archiving.
Configure Lync Server 2013 to use Exchange Server 2013 for archiving.

Task 6: Generate traffic to be archived.

MICROSOFT INTERNAL TEACH

Generate traffic to be archived.

Task 7: View archived data by using Exchange Control Panel.


View archived data by using Exchange Control Panel.

Results: After completing this exercise, you should have configured archiving settings, including polices,
configurations and Exchange integration for Adatum. You should also have generated some IM and web
conferencing traffic to be archived. Finally, you will have viewed the archived data by using Exchange
Control Panel.

Exercise 2: Configuring the Monitoring Server Role and the Lync Server
Monitoring Reports
Scenario
In this exercise you will be enabling the Monitoring server role and Monitoring Reports in your Lync
deployment with backend SQL lon-sql02.adatum.com and Named Instance: LYNC
The main tasks for this exercise are as follows:
1. Define Monitoring in Topology Builder.
2. Publish the topology.
3. Deploy the Lync Server Monitoring Reports.

Task 1: Define Monitoring in Topology Builder.


Define Monitoring in Topology Builder.

Task 2: Publish the topology.


Publish the Topology.

Task 3: Deploy the Lync Server Monitoring Reports.


Deploy the Lync Server Monitoring Reports.

Results: After completing this exercise, you should have defined Monitoring in the Topology, and
successfully published the changes. Then, you should have deployed the Lync Server Monitoring Reports.

Exercise 3: Exploring the Lync Server Monitoring Reports


Scenario

In this exercise, you will connect to the SQL Reporting Service URL and view various reports. You will view
reports from a number of reporting groups to gain awareness about the amount of detail that is collected
by the Monitoring server. You will export a report to different formats and then view the Dashboard. You
have the option to create a custom report by adjusting the reporting options on any existing report.
The main tasks for this exercise are as follows:
1. Generate data in the Monitoring database.

2. Connect to Lync Server Monitoring Reports and review the Dashboard.


3. Review various CDR and QoE reports.

Task 1: Generate data in the Monitoring database.

MICROSOFT INTERNAL TEACH

Generate data in the Monitoring database.

Task 2: Connect to Lync Server Monitoring Reports and review the Dashboard.
Connect to Lync Server Monitoring Reports and review the Dashboard.

Task 3: Review various CDR and QoE reports.


Review various CDR and QoE reports.

Results: After completing this exercise, you should have reviewed the collected CDR and QoE data
displayed on the Dashboard. You should have also reviewed several reports from each of the four
categories of reports, including manipulating the data displayed and understanding how to export the
reports to different formats.

MCT USE ONLY. STUDENT USE PROHIBITED

8-18 Monitoring and Archiving

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 8-19

Module Review and Takeaways

MICROSOFT INTERNAL TEACH

Best Practice:
Consider the following scenario. An organization wants migrate from a legacy Lync version where
archiving compliance is required. The organization plans to migrate to Exchange 2013 and have
Exchange legacy compliance enabled. In such a scenario, you should consider configuring and
enabling both Archiving to Exchange 2013 and to Lync Server 2013, to maintain compliance
requirements. After the migration of users is complete to both Exchange Server 2013 and Lync
Server 2013, you should then disable Lync Server 2013 Archiving.
We recommend that you deploy Monitoring and Monitoring Server Reports, especially when you
deploy Enterprise Voice, because the monitoring data and reports are valuable in
troubleshooting call quality issues.

Common Issues and Troubleshooting Tips


Common Issue

Troubleshooting Tip

Get-CsUser shows ExchangeArchivingPolicy


as Unintialized.

Review Question(s)
Question: In Lync Server 2013, which server roles are no longer separate roles, but are now
product features?
Question: Can multiple central sites share Archiving or Monitoring that has been deployed
in only one central site?

Real-world Issues and Scenarios

Contoso has a cross-forest environment in which Lync Server 2013 and Exchange Server 2013 are
deployed in different forests. If a Lync administrator enables Exchange archiving for users with Exchange
2013 mailboxes, then the SMTP addresses of the users' need to be synchronized to the Lync forest and
added to the proxy address attribute. What happens if the SMTP address is null.
1.

The UDCAgent will check if the user has an SMTP address. If the user does not have an SMTP address,
the agent drops archiving for that user and logs an event in the event log.

2.

When Exchange and Lync Server are located in different forests, you must configure the
ExchangeArchivingPolicy property for each user by using Set-CsUser.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

8-20 Monitoring and Archiving

MCT USE ONLY. STUDENT USE PROHIBITED


9-1

MICROSOFT INTERNAL TEACH

Module9
Administration and Maintenance of Lync Server 2013
Contents:
Module Overview

9-1

Lesson 1: Introduction to Lync Server 2013 troubleshooting tools

9-2

Lesson 2: Understanding Lync Server 2013 Operational Tasks

9-11

Lesson 3: Developing Lync Server 2013 Troubleshooting Techniques

9-20

Lesson 4: Introduction to analyzing Lync Server 2013 logs and traces

9-22

Lab: Administration and Maintenance of Lync Server 2013

9-26

Module Review and Takeaways

9-29

Module Overview

Lync Server 2013 provides various administration tools and operational best practices needed to maintain
Lync Server 2013 in the enterprise. You can also use a number of basic techniques and tools when
troubleshooting Lync Server 2013.

Objectives

Describe and use the Lync Server 2013 troubleshooting tools.

Describe the daily, weekly, and monthly maintenance tasks.

Describe the fundamental troubleshooting approach to Lync Server 2013 issues.

Use SIP commands and analyze SIP logs.

Lesson 1

Introduction to Lync Server 2013 troubleshooting tools

MCT USE ONLY. STUDENT USE PROHIBITED

9-2 Administration and Maintenance of Lync Server 2013

MICROSOFT INTERNAL TEACH

Before you embark on the tasks needed to maintain Lync Server 2013, you must become familiar with the
administrative tool that Lync Server 2013 offers.

Lesson Objectives

Describe the capabilities of the Lync Server Deployment Wizard.

Describe the Lync Server Topology Builder.

Use the Lync Server Control Panel.

Use the Lync Server Management Shell.

Use the Lync Server Best Practice Analyzer.

Describe the Lync Server Centralized Logging Service.

Use the Microsoft Network Monitor.

Software Requirements for Lync Server Administrative Tools


To install and use Lync Server 2013 administrative
tools in addition to the operating system
requirements, you require the following software.

Microsoft .NET Framework 4.5


The 64-bit edition of Microsoft .NET Framework
4.5 is required for Lync Server 2013.

Windows PowerShell 3.0


Windows PowerShell 3.0 is required for running
any component of Microsoft Lync Server 2013. For
more information about installing Windows
PowerShell 3.0, see Installing Windows PowerShell
3.0.

Windows Installer Version 4.5

Lync Server 2013 uses Windows Installer technology to install, uninstall, and maintain various server roles.
Windows Installer version 4.5 is available as a redistributable component for the Windows Server
operating system.
Download Windows Installer 4.5 from the Microsoft Download Center at:
http://go.microsoft.com/fwlink/p/?linkid=197395

Microsoft Silverlight 5 browser plug-in


Lync Server 2013 Control Panel is a web-based tool and requires that you install the latest version.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-3

MICROSOFT INTERNAL TEACH

Lync Server Deployment Wizard


You must use the Lync Server Deployment Wizard
included on the installation media to install all
administrative tools onto a computer on which
you have not already installed Lync Server. During
the administrative tools installation process, the
Lync Server Deployment Wizard is installed locally
along with the other tools. You can later use it to
install files for additional components or remove
files for components that you do not want on the
computer.

You should know how to install the administrative


tools you need to use to deploy and manage Lync
Server 2013. The administrative tools are installed by default on each server running Lync Server 2013.
Additionally, you can install the administrative tools on other computers, such as dedicated administrative
consoles. We strongly recommend that you install the administrative tools on a computer that is in the
same domain or forest as the Lync Server 2013 deployment you are creating. By doing so, you ensure that
Active Directory Domain Services (AD DS) preparation steps are already complete. You can then use the
administrative tools on that computer to publish your topology.
Ensure that you review the infrastructure, operating system, software, and administrator rights
requirements before you install or use the Lync Server 2013 administrative tools.
Note: If your organization requires that you locate Internet Information Services (IIS) and
all web services on a drive other than the system drive, you can change the installation location
path for the Lync Server files in the Setup dialog box. If you install the Setup files to this path,
including OCSCore.msi, the rest of the Lync Server 2013 files will be deployed to this drive also.

To install the Lync Server 2013 administrative tools


1.

Log on as a local administrator (minimum requirement) to the computer where you want to install
the administrative tools. If you are logged on as a standard user on the Windows Vista or Windows 7
operating systems, and User Account Control (UAC) is enabled, you will be prompted for the local
administrator or a domain equivalent user name and password.

2.

Locate the installation media on your computer, and then double-click \Setup\amd64\Setup.exe.

3.

If you are prompted to install the Microsoft Visual C++ 2008 distributable, click Yes.

4.

On the Microsoft Lync Server 2013 Installation Location page, click OK. Change the path to another
location or drive if you need to have the files installed to another location.

5.

On the End User License Agreement page, review the license terms, click I accept, and then click
OK. This step is required before you can continue.

6.

On the Microsoft Lync Server 2013 Deployment Wizard page, click Install Administrator Tools.

7.

When the installation successfully completes, click Exit.

MICROSOFT INTERNAL TEACH

Lync Server Topology Builder


Running Topology Builder to define a new
topology or to modify an existing topology does
not require membership in a local administrator or
privileged domain group. Topology Builder guides
you through the steps necessary to define your
topology for an Enterprise Edition front-end pool
or a Standard Edition, based on your configuration
requirements.

MCT USE ONLY. STUDENT USE PROHIBITED

9-4 Administration and Maintenance of Lync Server 2013

Exporting. After you publish your topology, the


Lync Server Deployment Wizard requires access to
the data, to start the deployment process on the
server. On the internal network, the data is
accessible directly from the servers, but Edge Servers that are not in the internal domain cannot access the
data. To make the topology configuration data available for deployment of an Edge Server, you must
export the topology.
Publishing. Each time you use Topology Builder to build your topology, you must publish the topology to
a database in the Central Management Store (CMS) so that the data can be used for deployment of Lync
Server servers. Use the following procedure to publish your topology:

To publish the topology


1.

In Topology Builder, in the console tree, right-click Communications Server 2013, and then click
Publish.

2.

On the Welcome page of the wizard, click Next.

3.

On the Topology Builder found a CMS store page, click Next.

4.

On the Create other databases page, click Next.

5.

When the status indicates that database creation succeeded, do the following:
a.

To view the log, click View log.

b.

To close the wizard, click Finish.

PowerShell. Windows PowerShell is a scripting language and command-shell environment used to


automate the administration of Communications Server, and the server operating system.
Communications Server supports Windows PowerShell version 2.0. Previous versions of Windows
PowerShell must be removed prior to installing Windows PowerShell version 2.0.

Certificates. A task that Administrators will face is the process of creating, installing, and assigning
certificates to internal pool servers. If you need to make changes to your topology after your initial
deployment (for example, to add a server to your topology), you must run Topology Builder to make the
changes. Then, publish the topology again, prior to deploying the new component in your topology. Use
the following procedure to open Topology Builder to make changes to your topology.

To open Topology Builder to design the topology


1.

Log on as a member of the Domain Admins group and the RTCUniversalServerAdmins group to the
computer where Topology Builder is installed.

Note: You can define a topology by using an account that is a member of the local users
group, but to read, publish, or enable a topology, which is required to install a Lync Server 2013
server, you must use an account that is a member of the Domain Admins group and the

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-5

MICROSOFT INTERNAL TEACH

RTCUniversalServerAdmins group. This account must have full control permissions (that is,
read, write, and modify) on the file share that you are going to use for the archiving file store.
This will enable the Topology Builder to configure the required discretionary access control list
(DACL), or an account with equivalent user rights.
2.

Start Topology Builder. Click Start, click All Programs, click Microsoft Lync Server 2013, and then click
Lync Server Topology Builder.

To open Topology Builder to publish the topology


1.

Log on as a member of the Domain Admins group and the RTCUniversalServerAdmins group to the
computer where Topology Builder is installed.

Note: Configuration of some functionality requires additional permissions. For example, to


publish a topology that you create to add archiving components requires an account that also
has full control permissions (that is, read, write, and modify) on the file share to be used for the
archiving file store. This will enable Topology Builder to configure the required DACLs. For details,
see the specific procedure for the component that you want to add to a topology.
2.

Start Topology Builder. Click Start, click All Programs, click Microsoft Lync Server 2013, and then click
Lync Server Topology Builder.

Lync Server Control Panel


You can use Lync Server 2013 Control Panel to
perform most of the administrative tasks required
to manage and maintain Lync Server 2013. Lync
Server Control Panel provides you with a graphical
user interface (GUI) to manage the configuration
of the servers running Lync Server, in addition to
the users, clients, and devices in your organization.
Lync Server Management Shell uses Lync Server
Control Panel as the underlying mechanism to
perform Lync Server configuration.
Using the Lync Server Control Panel, you can
manage and configure the following:

Servers

Users

Clients

Devices

Security

Persistent Chat

Enterprise Voice

Conferencing

Federation and Remote Access

Monitoring and Archiving

MICROSOFT INTERNAL TEACH

Network Configuration

Topology

Lync Server Control Panel is automatically installed on every Lync Server front-end server or Standard
Edition server. In Lync 2013, you administer Edge Servers remotely. You can also install Lync Server
Control Panel on another computer, such as a management console from which you want to centrally
manage Lync Server.
Note: To configure settings by using Lync Server Control Panel, you must be logged on by
using an account that is assigned to the CsAdministrator role.

MCT USE ONLY. STUDENT USE PROHIBITED

9-6 Administration and Maintenance of Lync Server 2013

To configure settings by using Lync Server Control Panel, you must also use a computer with a minimum
screen resolution of 1,024 x 768.

Lync Server Management Shell


In Lync Server, the Lync Server Management Shell
provides a new method for administration and
management. Lync Server Management Shell is a
powerful management interface, built on the
Windows PowerShell command-line interface, and
it includes a comprehensive set of cmdlets that are
specific to Lync Server.

With Lync Server Management Shell, you gain a


rich set of configuration and automation controls.
Topology Builder and Lync Server Control Panel
both implement subsets of these cmdlets to
support management of Lync Server. The Lync
Server Management Shell includes cmdlets for all Lync Server administration tasks, and you can use the
cmdlets individually to manage your deployment.

Note: In regards to PowerShell management for Lync Online tenants. The commands available are a
subset of the on-premises PowerShell command list. For a list of currently available Lync Online Cmdlets
click here http://go.microsoft.com/fwlink/?LinkId=393439.

Lync Server Best Practice Analyzer


You can use Microsoft Lync Server 2013, Best
Practices Analyzer to identify and resolve
problems in your Lync Server deployment. The
Lync Server 2013, Best Practices Analyzer gathers
configuration information from Lync Server 2013
components.
With proper network access, you can use the Best
Practices Analyzer to examine servers running
Active Directory Domain Services, Exchange Server
Unified Messaging (UM), and Lync Server. Using
the Best Practices Analyzer, you can perform the

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-7

MICROSOFT INTERNAL TEACH

following tasks:

Proactively check and verify that the configuration is set according to recommended best practices

Automatically detect required updates to Lync Server 2013

Generate a list of issues, such as sub-optimal configuration settings, unsupported options, missing
updates, or practices that we do not recommend

Troubleshoot specific problems

Best Practices Analyzer provides the following features:

Minimal installation prerequisites

Online documentation about reported issues, including troubleshooting tips

Configuration information that you can save for later review

State-of-the-art system analysis


Link to the Lync Server 2013 Best Practices Analyzer.
http://go.microsoft.com/fwlink/p/?linkid=249178

Lync Server Centralized Logging Service (CLS)


The Lync Server Logging Tool facilitates
troubleshooting by capturing logging and tracing
information from Lync while the Lync is running.
You can use the tool to run debug sessions on any
Lync Server server role.
Centralized Logging Service (CLS) is a new
feature in Lync Server 2013 Preview. It provides a
mechanism to enable/disable logging across all
Lync servers in a deployment from a single
interface and to search the resulting logs from the
same interface.
You specify what should be logged based on the
scenario you want to investigate. The scenarios supported are:

AlwaysOn

MediaConnectivity

ApplicationSharing

AudioVideoConferencingIssue

HybridVoice

IncomingAndOutgoingCall

VoiceMail

IMAndPresence

AddressBook

DeviceUpdate

LYSSAndUCS

MICROSOFT INTERNAL TEACH

CLS

SP

WAC

UserReplicator

HostedMigration

MonitoringAndArchiving

LILRLegacy

LILRLYSS

MeetingJoin

RGS

CPS

XMPP

CAA

MCT USE ONLY. STUDENT USE PROHIBITED

9-8 Administration and Maintenance of Lync Server 2013

The AlwaysOn scenario is special. CLS is designed to have that scenario running by default. This way, when
an issue occurs, you do not have to turn on logging, reproduce the issue and then view your logs. The
expectation is that there is enough logging occurring with AlwaysOn; so when an issue occurs, you will
already have the logs available. If AlwaysOn does not provide you with enough logs, you can turn on a
particular scenario to get a more detailed set of logs.
CLS is implemented by agents and a controller used by the Lync Administrator to interact with CLS.

The Lync Server Centralized Logging Service Agent service (also known as ClsAgent) runs on all Lync 2013
Preview servers in the deployment. The purpose of the agent is to respond to requests to enable/disable
logging, and to respond to search requests.

The Lync Administrator controls the agents through the ClsController interface. ClsController is a program
default installed into C:\Program Files\Common Files\Microsoft Lync Server 2013\ClsAgent. You can
specify different parameters to ClsController, and you can see detailed usage information about
parameters and their values by just running ClsController without parameters.
The typical sequence of commands that you want to run are as follows.
ClsController.exe -start scenario <scenario> pools <pool fqdn>
Repro issue
ClsController.exe -stop scenario <scenario> pools <pool fqdn>
ClsController.exe -flush pools <pool fqdn>
ClsController.exe -search pools <pool fqdn> components <component> loglevel
<loglevel>

For example, to investigate an issue with UCS for a user on the lync.contoso.com pool, you can run the
following commands.
ClsController.exe
Repro issue
ClsController.exe
ClsController.exe
ClsController.exe

-start scenario lyssanducs pools lync.contoso.com

-stop scenario lyssanducs pools lync.contoso.com


-flush pools lync.contoso.com
-search pools lync.contoso.com components lyss loglevel verbose

The last invocation of ClsController will write the resulting log entries to standard output, so you might
want to re-direct it to a file by using >.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-9

You can get an understanding of which components are included in which CLS scenarios by using the
following Lync Management Shell command.
Get-CsClsScenario

MICROSOFT INTERNAL TEACH

To find the components or providers in the CPS scenario, you can use the following commands:
PS C:\> $scenario=Get-CsClsScenario global/cps
PS C:\> foreach ($sc in $scenario.provider) { $sc.name }
CpsDiagnostics
CpsHostingFramework
CpsOrbit
Collaboration
S4
Sipstack

Microsoft Network Monitor


Network Monitor 3.4 is a protocol analyser. It
enables you to capture, view, and analyze network
traffic.
Note: At the writing of this material,
Microsoft was working on its successor, Microsoft
Message Analyzer, and is making beta copies of
that available from the Connect site. If you join
that beta program, you can try out Message
Analyzer and provide feedback on it.

Microsoft Message Analyzer


Message Analyzer is more than a network sniffer or packet tracing tool. Its key capabilities include:

Integrated "live" event and message capture at various system levels and endpoints

Parsing and validation of protocol messages and sequences

Automatic parsing of event messages described by Event Tracing for Windows (ETW) manifests

Summarized grid displaytop level is operations (requests matched with responses)

User controlled "on the fly" grouping by message attributes

Ability to browse for logs of different types (.cap, .etl, .txt), and import them together

Automatic re-assembly and ability to render payloads

Ability to import text logs, and parse them into key element/value pairs

Support for Trace Scenarios (one or more message providers, filters, and views)

MICROSOFT INTERNAL TEACH

Office Communications Server (OCS) and Lync Remote Connectivity


The Office Communications Server/Lync Remote
Connectivity Analyzer is a web-based application
that helps IT Administrators to validate and
diagnose end-to-end Lync Server scenarios. The
application facilitates testing of the connectivity of
a remote user to Lync Server. The site simulates
multiple Lync client access scenarios from outside
the users infrastructure and reports whether the
test was successful.
You access and run the application
directly from the Office Communications
Server/Lync Remote Connectivity Analyzer
website at:
http://go.microsoft.com/fwlink/?LinkId=275436
To use the tool, you must first specify the test method:

MCT USE ONLY. STUDENT USE PROHIBITED

9-10 Administration and Maintenance of Lync Server 2013

Test remote client connectivity to Office Communications Server by specifying the FQDN of the
Access Edge Server and the port.

Test remote client connectivity to Office Communications Server by using auto-discovery to find the
Access Edge Server and port to which to connect.

After you select one of the two test methods you want to use for the test, you specify the required
information, including the user account to be used in the test. Then, the application attempts to connect
to the Access Edge Server and complete the following test steps:

Resolve the host name in DNS.

Test the TCP port to ensure that it is open.

Test the certificate for validity.

Remotely sign in the remote user to Office Communications Server through the Access Edge Server
on the appropriate port.

The tool can indicate where the test was successful, provide details about the results of each test step and
if any test step failed, identify which step failed, and provide information about how to resolve the issue.
The tool can identify DNS name resolution issues for both the manual transport layer security (TLS) and
automatic client sign-in, including DNS configurations issues, TLS connectivity issues, and domain
credential issues for remote user sign-in.

Because the test results identify exactly what failed and provide detailed information about the problem,
this tool can help streamline the testing and troubleshooting processes.
Note: For security reasons, you should create a separate test account to use for your tests,
instead of using an actual account in your organization.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-11

Lesson 2

MICROSOFT INTERNAL TEACH

Understanding Lync Server 2013 Operational Tasks

Operations management involves administering an organizations infrastructure components, and


includes the day-to-day administrative tasks, both planned and on-demand, that are required to keep an
IT system operating smoothly.
In a Lync Server 2013 environment, typical system administration tasks include enabling users, moving
Lync Server 2013 users (if required), backing up data, managing settings, monitoring system status and
performance, and managing connectivity.
You can use various resources to help you define what standard procedures are required in the
organization, and how to perform them. Because each organization is unique, you may have to further
customize and adapt these resources to suit everyday requirements.

Standard operational procedures change, and documentation occasionally needs to be revised. As


changes are made, the change management process, as defined in the Service Management Functions of
the Microsoft Operational Framework, should identify how each change is likely to affect how and when
administrative tasks are performed. Use the change management function to update and control the
procedural documentation.
We recommend that operational tasks be separated into manageable workloads, where tasks are
performed on a daily, weekly, and monthly basis. Daily tasks should focus efforts on aspects that are
critical to the functioning of a system; and monthly tasks should focus more on ensuring the long-term
health of a system. The tasks that must be performed can be separated into the following categories:

Common Lync Server 2013 Operational Tasks

Daily Tasks

Weekly Tasks

Monthly Tasks

Lesson Objectives

Describe Common Lync Server 2013 operational tasks.

Describe the required daily maintenance tasks.

Describe the required weekly maintenance tasks.

Describe the required monthly maintenance tasks.

MICROSOFT INTERNAL TEACH

Common Lync Server 2013 Operational Tasks


For more information about each procedure,
see the Lync Server 2013 Help file or the Lync
Server 2013 Operations page on TechNet.
http://go.microsoft.com/fwlink/?LinkId=1852
83

Managing Users
You can use the Lync Server 2013 Control Panel
and Lync Server 2013 Management Shell to
manage the following user accounts in Lync Server
2013:

Active Directory Contacts and User Accounts

User Accounts Enabled for Lync Server 2013

User Contacts

Managing Lync Server Topology


You can perform the following tasks by using the Topology page in Lync Server 2013 Control Panel:

View a list of computers running Lync Server 2013.

View the status of services running on a computer.

View details about a service.

Start or stop Lync Server 2013 services.

Prevent sessions for services.

View Microsoft SIP processing language server applications.

Enable or disable a Microsoft SIP processing language server application.

Mark a Microsoft SIP processing language application as critical or not critical.

View a list of trusted applications.

View simple URL details.

Upgrade or update front-end servers.

Add or remove a front-end server.

Upgrade or update a back-end server or Standard Edition server.

Managing IM and Presence Settings


You can perform the following tasks by using the IM and Presence group in Lync Server 2013 Control
Panel:

Configure Privacy Settings

Configure file transfer and URL filtering for Instant Messaging (IM).

Assign per-user Presence policies.

Configuring Presence providers.

MCT USE ONLY. STUDENT USE PROHIBITED

9-12 Administration and Maintenance of Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-13

Managing Persistent Chat

MICROSOFT INTERNAL TEACH

You can perform the following tasks by using the Persistent Chat group in Lync Server 2013 Control
Panel:

Manage categories, rooms, and add-ins.

Manage Persistent Chat user access.

Operate and maintain the Persistent Chat system.

Managing Voice Policies and Routing

You can perform the following tasks by using the IM and Presence group in Lync Server 2013 Control
Panel:

Define translation rules and normalization rules

Configure trunks.

Configure voice policies, PSTN usage records, and voice routes.

Configure dial plans.

Managing Call Management Features

Enterprise Voice call management features control how incoming calls are routed and answered. You can
perform the following tasks in Lync Server 2013 by using the call management features:

Manage Call Park.

Manage response groups.

Manage calls to unassigned numbers.

Managing Conferences and Meetings

You can manage the following components by using the pages in the Conferencing group in Lync Server
Control Panel:

Conference directories

Conference disclaimer

Conferencing Server information

configuration settings for meetings

Conferencing policies

Dial-in Conferencing (configuration/access numbers)

Managing Devices, Phones, and Client Applications

You can manage the following components by using the pages in the Clients group in Lync Server Control
Panel:

Analog devices

Common area phones

Meeting rooms

Mobile Phones (Policy/Push notifications/MCX configuration/Autodiscover)

Test devices

Lync Phone Edition configuration settings

Device update web service (File/Log/Configuration/Rules)

Client applications that can be used to log on to Lync Server 2013

Media configuration

Lync (Client policy/Client policy entry)

MICROSOFT INTERNAL TEACH

Managing Federation and External Access to Lync Server 2013


You can perform the following tasks by using the Federation and External Access page in Lync Server
2013 Control Panel and in Topology Builder:

Manage External Access Policy for your organization.

Manage Access Edge configuration for your organization.

Manage SIP federated domains for your organization.

Manage SIP Federated Providers for Your Organization

Manage XMPP federated partners for your organization.

Configure federation support for a Lync Online customer.

Manage Monitoring and Health Configuration

MCT USE ONLY. STUDENT USE PROHIBITED

9-14 Administration and Maintenance of Lync Server 2013

You can manage the following components for monitoring and health configuration tasks in Lync Server
2013 Control Panel and Lync Server 2013 Management Shell:

Call Detail Recording (CDR)

Quality of Experience (QoE)

Centralized Logging Service

Monitoring Mobility for Performance

Monitoring Reports

Managing Archiving
You can perform the following tasks to manage Archiving in Lync Server 2013 Control Panel and Lync
Server 2013 Management Shell:

Manage the Archiving of internal and external communications.

Manage Archiving configuration options for your organization, sites, and pools.

Change Archiving database options.

Export archived data.

Managing Lync Server Network Infrastructure

You can perform the following procedures and tasks in Lync Server 2013 Control Panel and Lync Server
2013 Management Shell to manage the Lync Server 2013 network infrastructure:

Manage replication.

Manage Quality of Service (QoS).

Manage call admission control.

Managing Lync Server 2013 network interfaces.

Prevent new connections to Lync Server for server maintenance.

Managing Lync Server 2013 Services and Server Roles


You can perform the following task for the services and server roles in Lync Server 2013:

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 9-15

Manage audio/video (A/V) Edge Servers.

Configure a new trusted application server.

Manage Lync Server 2013 services.

Administer the Address Book service.

Change the web services URL.

Managing Lync Server 2013 Disaster Recovery, High Availability, and Backup Service

Administrators can perform the following procedures for disaster recovery operations, and for maintaining
the backup service, which synchronizes the data in paired front-end pools.
Disaster recovery procedures, both failover and failback, are manual. If there is a disaster, the
administrator must manually invoke the failover procedures. The procedure for failback after the pool is
repaired is also manually performed.

Configure and Monitor the backup service.

Fail over a pool.

Fail back a pool.

Fail over a mirrored database.

Fail over the Edge pool used for Lync Server federation.

Fail over the Edge pool used for XMPP federation.

Failing back the Edge pool used for Lync Server federation or XMPP federation.

Change the Edge pool associated with a front-end pool.

Restore Conference contents by using the backup service.

Daily Tasks
Performing Physical Environmental
Checks
Before checking the performance, availability, and
functionality of the Lync Server 2013 deployment,
you should check the physical environment.
For more information about each
procedure, see the Lync Server 2013 Help file
or the Lync Server 2013 Operations page on
TechNet.
http://go.microsoft.com/fwlink/?LinkId=1852
83

Performing and Monitoring Backups

Your business priorities should drive the specification of backup and restore requirements for your
organization. Performing backups of the servers and data is the first line of defense in planning for a
disaster. The Export-CsConfiguration and Import-CsConfiguration cmdlets are used to back up and
restore your Lync Server topology, configuration settings, and policies during a Central Management
Store upgrade. The Export-CsConfiguration cmdlet enables you to export data to a .zip file; you can

MCT USE ONLY. STUDENT USE PROHIBITED

9-16 Administration and Maintenance of Lync Server 2013

then use the Import-CsConfiguration cmdlet to read that .zip file and restore the topology,
configuration settings and policies to the Central Management Store. After that, the replication services of
Lync Server will replicate the restored information to other computers running the Lync Server services.

MICROSOFT INTERNAL TEACH

Checking Disk Usage

Hard disks drives are a critical component of the Lync Server 2013 deployment. Without sufficient free
disk volume, neither the operating system nor the Lync Server 2013 databases can function correctly. You
must monitor the Lync Server 2013 back-end database statistics daily to ensure that servers do not run
out of disk space, and prepare to add storage resources as required.

Checking Event Viewer

You can use Windows Event Viewer to obtain information about service failures, replication errors in the
Active Directory Domain Service (AD DS), and warnings about system resources such as virtual memory
and disk space.

Monitoring Lync Server 2013 Performance

Lync Server 2013 performance is affected by various factors such as: user profiles, system architecture,
software, hardware components, and third-party integration points such as gateways and telephony
equipment. You should monitor the Lync Server 2013 performance for all such components. You must
also monitor network connectivity and performance, Windows Active Directory service configuration and
performance, and the Windows operating system functionality.

Monitoring Operating System


You must monitor the performance of all servers and components in the Lync Server 2013 server,
especially the operating system.

Monitoring Network Performance

Lync Server 2013 is a real-time communications technology that relies heavily on the network to enable
communication between userseither through instant messaging, voice calls, or video communication.
You must, therefore, monitor the network performance on an ongoing basis to ensure that a users
chosen communication modality provides the best possible experience.

Scanning for Viruses and Checking Virus Definitions

Installing an Instant Messaginglevel antivirus product is highly recommended. Instant Messaging (IM) is a
well-known source for proliferating both virus and malicious software throughout an organization.
Forefront Security for Lync Server provides multi-engine scanning with virus, malicious software, file and
keyword filter protection, and seamless integration with Lync Server.

Viewing and Analyzing Monitoring Server Reports

Monitoring Server reports provide several different measures of voice quality so that you can monitor the
Quality of Experience (QoE) that is being delivered to end-users. Additionally, Monitoring Server includes
several built-in reports that you can use to watch usage and media quality trends on your company
network, and troubleshoot media quality problems that may arise.

Ensuring All Required Lync Server 2013 Services are running


Monitoring Event Logs; it is also important that the organizations monitoring solution, for example
System Center Is proactively monitoring vital Lync services.

Verify CMS Replication Status

When an administrator makes a change of some kind to Lync Server (for example, when an administrator
creates a new voice policy or changes the Address Book Server configuration settings), the change is
recorded in the Central Management Store. The change must then be replicated to all the computers
running Lync Server services or server roles. The Get-CsManagementStoreReplicationStatus cmdlet

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-17

enables you to verify the replication status for any (or all) of the Lync Server computers in your
organization.

MICROSOFT INTERNAL TEACH

Validating Address Book

The Address Book Service (ABS) and the Address Book web query provide essential services for all client
types in Lync Server 2013.
To test these two services, you can use Synthetic transactions in Windows PowerShell by typing the
following command.
Test-CsAddressBookService

Viewing Status of Global Settings for Forest

For each Enterprise pool and Standard Edition server pool, you can view information about the global
settings, and the status of other components used by the pool through the Lync Server 2013 Control
Panel and Topology Builder.

Viewing Edge Server Settings

For each Enterprise pool and Standard Edition server pool, you can view information about the Edge
status, and the status of other components used by the pool through the Lync Server 2013 Control Panel
and Topology Builder.
Viewing Status of Pool

For each Enterprise pool and Standard Edition server pool, you can view information about pool status,
and the status of other components used by the pool through the Lync Server 2013 Control Panel.

Monitoring Back-End Lync Server 2013 Storage Performance

The Lync Server 2013 back-end databases are a critical part of the Lync Server 2013 deployment. We
recommend that you constantly monitor the databases and respective transaction logs to ensure that the
Lync Server 2013 back-end is performing optimally.

Running Synthetic Transactions

Synthetic transactions are typically conducted in two different ways. You can use the
CsHealthMonitoringConfiguration cmdlets to set up test users for each of their Registrar pools. These
test users are a pair of users who have been preconfigured for use with synthetic transactions. (Typically,
these are test accounts and not accounts that belong to actual users.) With test users configured for a
pool, you can run a synthetic transaction against that pool without having to specify the identities of (and
supply the credentials for) the user accounts involved in the test.
Alternatively, you can run a synthetic transaction by using actual user accounts. For example, if two users
are unable to exchange instant messages, you can run a synthetic transaction by using those two user
accounts (as opposed to a pair of test accounts), and then try to diagnose and resolve the problem. If you
decide to conduct a synthetic transaction by using actual user accounts, you will need to use the logon
names and passwords for each user.
Debug UCS cmdlet
The Debug-CsUnifiedContactStore cmdlet enables administrators to verify whether a specific user or a
specific set of users (that is, all the users with accounts homed in a particular pool) have their contact lists
stored in the unified contact store.

Weekly Tasks

MICROSOFT INTERNAL TEACH

The following tasks are the required weekly


maintenance tasks that you should perform to
maintain a healthy Lync Server environment.
For more details about each procedure,
see the Lync Server 2013 Help file or the Lync
Server 2013 Operations page on TechNet.
http://go.microsoft.com/fwlink/?LinkId=1852
83

Archiving Event Logs


If event logs are not configured to overwrite
events as required, they must be regularly archived and deleted. This action is especially important for
security logs, which may be required when investigating attempted security breaches.

Checking for Security Updates

MCT USE ONLY. STUDENT USE PROHIBITED

9-18 Administration and Maintenance of Lync Server 2013

Identify any new service packs, hotfixes, or cumulative updates. If appropriate, test these in a test lab, and
use the change control procedures to arrange for deployment to the production servers. Also, Lync Server
component updates are now available as part of Windows update. All Lync Server component updates
must be updated at the same time, on all of the servers running Lync Server for which the updates are
applicable.

Verifying Server Certificates

Using the Windows MMC Certificate console, you can verify that all certificates are still valid and not
nearing expiration. If some are nearing expiration, you should renew or purchase a new certificate for that
particular role.

Updating and Running the Best Practices Analyzer

You can use Microsoft Lync Server 2013, Best Practices Analyzer to identify and resolve problems with
your Lync Server deployment. The Lync Server 2013, Best Practices Analyzer gathers configuration
information from Lync Server 2013 components. Update and run the Best Practices Analyzer every week
and review the report and take action on remediation.

Reviewing SCOM Monitoring Reports


Obtain and review Lync Server 2013 Management Pack and Quality of Experience reports.

Generating and Viewing Database Reports for Enterprise Pools


For each Enterprise pool, administrators should use the Database tab to view the database name, and
retrieve and view reports from the database.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-19

MICROSOFT INTERNAL TEACH

Monthly Tasks
Monthly tasks are tasks that are not required on a
frequent or regular basis, but you still need to
perform the monthly tasks to maintain the
solution over time.
For more details about each procedure,
see the Lync Server 2013 Help file or the Lync
Server 2013 Operations page on TechNet.
http://go.microsoft.com/fwlink/?LinkId=1852
83

Performing Security Checks


Perform regular audits of all security aspects, including firewall rules, user rights, group membership,
delegate rights, and so on.

Reviewing the Capacity Planning

Review capacity data for the previous month, and produce a plan for any upgrades that may be required
in the coming months to keep the system operating within the limits specified by your company's servicelevel agreements (SLAs).

Conducting Disaster Recovery Testing

Perform a system recovery for a Lync Server 2013 pool to test your documented disaster recovery process.
This test will simulate a complete hardware failure for one server, and ensure that the resources, plans,
and data are available for recovery. Try to rotate the focus of the test each month, so that you test the
failure of a different server or other equipment every time.
Note that the schedule by which organizations perform disaster recovery testing will vary. It is, however,
critical that disaster recovery testing is not ignored or neglected.

Lesson 3

MCT USE ONLY. STUDENT USE PROHIBITED

9-20 Administration and Maintenance of Lync Server 2013

MICROSOFT INTERNAL TEACH

Developing Lync Server 2013 Troubleshooting Techniques


An organization must be prepared to deal with unexpected problems and should have a procedure to
manage problems from the point at which they are reported until their resolution. You should, therefore,
record information about how support staff diagnosed a problem so that you can use that information in
the future to avoid unnecessarily repeating completed work. Recording such information will also enable
you to troubleshoot Lync Server issues and use those tools that would best assist you in the
troubleshooting effort.

Lesson Objectives

Describe the fundamental troubleshooting approach for Lync Server 2013 issues

Describe which tools to use when troubleshooting a Lync Server 2013 issue.

Troubleshooting Approach for Lync Server 2013 Issues


The following diagram illustrates the high-level
troubleshooting steps recommended when
installing and troubleshooting Lync Server 2013.

Tools to Resolve a Lync Server 2013 Issue


IM and Presence
You should know which tools are best to used
when troubleshooting IM and Presence. The
following tools should be used to maintain and
troubleshoot Lync Server 2013 IM and Presence:

Synthetic Transactions

Lync Central Logging Service

Event Viewer

Lync Client Logs

Snooper

DbAnalyze

LyncParser

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-21

SQL Server 2012 Performance Dashboard

Lync 2013 Best Practices Analyzer

Conferencing and Remote Access

MICROSOFT INTERNAL TEACH

To troubleshoot Conferencing and Remote Access, the following tools:

Network Monitor (NetMon)

Monitoring Server

Lync Server Remote Connectivity Analyzer

Enterprise Voice
To troubleshooting Enterprise Voice, you can use the following tools:

Router Helper

SEFAUtil

SBASetupAnalyzer

Synthetic Transactions

Lync Central Logging Service

Event Viewer

Lync Client Logs

Snooper

Bandwidth Policy Service Monitor

Lesson 4

MCT USE ONLY. STUDENT USE PROHIBITED

9-22 Administration and Maintenance of Lync Server 2013

Introduction to analyzing Lync Server 2013 logs and traces

MICROSOFT INTERNAL TEACH

In this lesson we discuss SIP and Session Description Protocol (SDP) with the aim of making students
familiar with basic concepts so that they can begin to explore SIP logs when troubleshooting.

Lesson Objectives

Describe SIP components.

Describe SDP components.

Session Initiation Protocol (SIP) Overview


SIP Components
The following is a list of the components that form
entities used to transmit and receive SIP.

A SIP entity receives or transmits a SIP request.

SIP entities include the following:


o

User Agentclient or server

Proxy serverEdge Server

Redirect serverDirector server

Registrar serverDirector or front-end server

Presence serverFront-end server

GatewayPSTN gateway

Back to back agentEdge Server

SIP Message Header


The following items make up a SIP message header.

Start Line. The first line in a SIP request. Indicates the type of transaction, for example, INVITE.

Via. Indicates the path taken by the request thus far, and the path that needs to be taken when
routing the response.

SIP dialog. Contains certain pieces of state needed to further the message transmission. A SIP dialog
must contain the following:
o

From tag

To tag

Call ID

Contact URI

Route set

Command Sequence. Identifies and orders transactions

Max Forwards. Limits the number of hops on route to its destination.

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 9-23

Proxy-Authenticate/Authorize. Contains the authentication challenge/response.

Contact. Provides a SIP URI that can be used to contact the specific User Agent for subsequent
requests.

User Agent. Provides detailed information about the User Agent client such as software version.

Allow. Lists the methods or request types supported by the User Agent generating the SIP message

Options. Is a method of discovering the capabilities of another party without actually calling that
party.

Supported. Lists features supported by the User Agent that are beyond the core SIP capabilities.

SIP Requests
The following table lists the SIP Request Methods. These requests are followed by SIP Responses.
Request

Description

INVITE

Indicates a client is being invited to participate in a call session.


Request for a conversation.

ACK

Confirms that the client has received a final response to an INVITE


request.

BYE

Terminates a call and can be sent by either the caller or the called
party.

CANCEL

Cancels any pending request.

OPTIONS

Queries the capabilities of servers. Indicates functionality that a User


Agent can offer.

REGISTER

Logon. Registers the address listed in the To header field with a SIP
server.

PRACK

Provisional acknowledgement.

SUBSCRIBE

Subscribes for an Event of Notification from the Notifier. Request for


Presence.

NOTIFY

Notifies the subscriber of a new event.

PUBLISH

Publishes an event to the server.

INFO

Sends mid-session information that does not modify the session state.

REFER

Asks recipient to issue SIP request (call transfer).

MESSAGE

Transports instant messages by using SIP.

UPDATE

Modifies the state of a session without changing the state of the


dialog.

SIP Response
The following table lists the type of possible SIP responses offered by Lync Server 2013.

MICROSOFT INTERNAL TEACH

Response

Description

Example

1XX

Provisional

100 Trying

2XXX

Successful

200 OK

3XX

Redirection

303 Redirect

4XX

Client Error

404 Not Found

5XX

Server Error

504 Server
Time Out

6XX

Global Failure

603 Decline

Session Description Protocol


You should also know about Session Description
Protocol (SDP) and what it is used for in Lync
Server 2013.

IETF RFC 4566


o

SDP is intended for describing


multimedia sessions for the purpose of
session announcement, session invitation,
and other forms of multimedia session
initiation.

SDP is text-based and forms part of the SIP


message body describing:
o

Specific Real-time Transport Protocol (RTP) sessions

Types of media (audio/video)

Type of protocol (TCP/UDP/RTP)

Format of media (H264/Codec)

Information about how to expect those media (Port/IP)

SIP Message Body Example


Moving on to the body of a SIP Message. This section provides an example of Session Description
Protocol and what it is used for in Lync Server 2013

Session description
v= (protocol version)
o= (owner/creator and session identifier).
s= (session name)
i=* (session information)
u=* (URI of description)
e=* (email address)
p=* (phone number)
c=* (connection information - not required if included in all media)
b=* (bandwidth information)

MCT USE ONLY. STUDENT USE PROHIBITED

9-24 Administration and Maintenance of Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-25

MICROSOFT INTERNAL TEACH

One or more time descriptions


z=* (time zone adjustments)
k=* (encryption key)
a=* (zero or more session attribute lines)
Zero or more media descriptions (see below)

Time description
t= (time the session is active)
r=* (zero or more repeat times)

Media description
m= (media name and transport address)
i=* (media title)
c=* (connection informationoptional if included at session-level)
b=* (bandwidth information)
k=* (encryption key)
a=* (zero or more media attribute lines)

RTP Payload Type Numbers


RTP payload type numbers appear in the m= and rtpmap lines of the SDP.

MCT USE ONLY. STUDENT USE PROHIBITED

9-26 Administration and Maintenance of Lync Server 2013

Lab: Administration and Maintenance of Lync Server 2013

MICROSOFT INTERNAL TEACH

Scenario

The administrator of Adatums Lync 2013 environment is going on long sick leave. You have been
appointed as the replacement and need to refresh your knowledge on the administrative tasks that you
should perform and some basic troubleshooting to ensure that the system is safe.
Estimated Time: 75 minutes

Exercise 1: Reviewing Lync Server 2013 Maintenance/Operational Tasks


(Paper-based lab)
Scenario

Students should be grouped into teams of four students per group. Each group must identify when
operational tasks should be performed for Adatum. Each group should get the file, LabSupp9_Adatum
Lync Maintenance_Lab.docx. This file includes a list of operational tasks that students must place into the
following task categories:

Daily tasks

Weekly tasks

Monthly tasks

As needed tasks

Exercise 2: Reviewing Lync Server 2013 Administration Tools


Scenario
In this exercise you will explore:

Lync server Topology Builder

Lync server control panel

Lync server management shell to see various option and configurations that you can change in Lync

Network monitor to view RTP traffic in a Lync to Lync call.


The main tasks for this exercise are as follows:
1. Start the virtual machines
2. Explore the Lync Server Topology Builder.
3. Explore the Lync Server Control Panel
4. Use Lync Server Management Shell to get user data and replication status.
5. Use Network Monitor to view Real Time Protocol (RTP) traffic.

Task 1: Start the virtual machines


Start the virtual machines.

Task 2: Explore the Lync Server Topology Builder.


Use the Lync Server Topology Builder

Task 3: Explore the Lync Server Control Panel


Use Lync Server Control Panel

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-27

Task 4: Use Lync Server Management Shell to get user data and replication status.
Use Lync Server Management Shell

Task 5: Use Network Monitor to view Real Time Protocol (RTP) traffic.

MICROSOFT INTERNAL TEACH

Use Network Monitor to view RTP traffic

Results: At the end of this exercise, you will see how Microsoft Network Monitor with Lync Parsers can be
a useful tool for troubleshooting. However, you will need to practice this regularly to gain more familiarity
with this tool.

Exercise 3: Enabling the Centralized Logging Service


Scenario

You will run basic Lync transactions such as a conference, and use the SIP logging tools and Network
Monitor to analyze the nature of the traffic. As an administrator, you will set up logging and then analyze
the logs.

Important Before starting this lab, install the Lync Server 2013 Debugging Tools on 20336B-LON-FE1-03.
To do this, first mount the ISO needed.
Mount ISOs needed for the lab
1.

Open the Hyper-V Manager console.

2.

Click 20336B-LON-FE1-03. In the Actions pane, click Settings.

3.

Under Hardware, click DVD Drive.

4.

Click Image file, and then click Browse.

5.

Browse to C:\Program Files\Microsoft Learning\20336\Drives\, and then click LyncTools.iso.

6.

Click Open, and then click OK.

7.

On 20336B-LON-FE1-03, in Windows Explorer, browse to the newly mounted drive (likely D:\)
double-click LyncDebugTools.msi. Install the file by accepting all the defaults.

The main tasks for this exercise are as follows:


1. Configure the Central Logging Service to capture logs on LON-FE1.
2. Simulate Lync transactions between clients.
3. Search the log generated by the Centralized Logging Service.
4. Use Snooper from the Lync Debugging Tools to view the log file output.

Task 1: Configure the Central Logging Service to capture logs on LON-FE1.


Configure Central Logging Service

Task 2: Simulate Lync transactions between clients.


Simulate Lync transactions between clients.

Task 3: Search the log generated by the Centralized Logging Service.


Stop the Central Logging Service

Task 4: Use Snooper from the Lync Debugging Tools to view the logfile output.
Use Snooper from the Lync Debugging Tools to view the logfile output.

MICROSOFT INTERNAL TEACH

Question: From Exercise 1, Task 2


Which server in the Adatum Lync Server deployment hosts the Master Central Management
Store?
Question:
On which protocol and port is the Mediation Server listening for signaling and traffic
Question:
Which audio codec is being used here? G711, RTA WB, RTA NB, Siren or G722?

MCT USE ONLY. STUDENT USE PROHIBITED

9-28 Administration and Maintenance of Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 9-29

Module Review and Takeaways

MICROSOFT INTERNAL TEACH

Best Practice: Troubleshooting Basics


When troubleshooting, you need to define the issue by using the following guidelines:

Use open-ended questions to gather information and increase understanding:


o

Can you tell me more about your problem?

Could you help me understand your issue?

What have you tried?

Ask questions to clarify the problem, rather than make assumptions:


o

What do you mean by the Lync client is slow?

Can you show me how its slow?

What do you mean when you say it doesn't work?

Ask core questions to narrow the problem:


o

When did the problem start?

Has this ever worked before?

Does the problem produce any error message? If so, what is the exact message?

How often does the problem occur?

What may have changed before the problem started?

When was the last change implemented in the environment, and what was changed?

Next, establish the scope of the problem. Is it related to a single user, multiple users, a single
location, or is it an enterprise wide issue or outage? The larger the scope, the higher the priority
becomes in resolving the problem.
You can investigate network issues by performing some go-no-go checks by using Ping, Telnet,
NSLookup, and Internet Explorer. For example, if a Lync user cannot log on, it may be because of
a wrong connection to the server, provided the account is not locked and is enabled. A Lync
2013 client attempts automatic discovery of the Lync pool by querying DNS for the DNS records
in a particular order, so is the client able to resolve the required DNS records? Running
IPCONFIG /DisplayDNS will show the current client DNS cache on the local computer. Is the Lync
client surfacing an error message in the user interface? This may provide a clue.
Check the event logs and client logs.
The example is not inclusive because there can be other causes, but is provided to start down a
path of understanding the issue to be resolved, ruling out the client side, and determining if it is
a network infrastructure issue, or server-side issue.

Common Issues and Troubleshooting Tips


Common Issue
Stopping CLS logging fails.

Troubleshooting Tip

Review Question(s)

MICROSOFT INTERNAL TEACH

Question: Besides the Best Practices Analyzer, which Lync Server cmdlets can be used to
verify service activation and group permissions for your installation of Lync Server?
Question: What can you use to verify that users are able to successfully complete tasks such
as logging on to Lync, exchanging instant messages, or making calls to the public switched
telephone network?
Question: For Centralized Logging Service to work, the Controller must be able to contact
each Lync Server CLS Agent. Which ports must be opened inbound on every Lync Server,
including the Lync Edge Server?
Question: Explain the SIP Registration Process.

Real-world Issues and Scenarios

MCT USE ONLY. STUDENT USE PROHIBITED

9-30 Administration and Maintenance of Lync Server 2013

In relation to performing and monitoring backups, you can use additional export and import cmdlets for
preserving various Lync Server and user data, in case of disaster, besides <Export | Import>CsConfiguration. You can also use cmdlets for the following:

Response Group Configuration (CsRgsConfiguration)

User Data (CsUserData)

Location Information Service (CsLisConfiguration)

Additionally, Lync Server Control Panel provides the capability to import and export the Enterprise Voice
Routing configuration. Review the product documentation to become familiar with the usage scenarios
for these cmdlets.

Tools
NextHop Community

Familiarize yourself with the NextHop Community portal. It has a wealth of information around Microsoft
Lync Server all in one place. http://go.microsoft.com/fwlink/?LinkId=208446

You can also search the Lync Blogs for information for more detailed technical articles, troubleshooting
articles, technical references, and related information that can help you ramp up, solve specific issues, and
acquire tips from other Lync experts.

Performance Counters

Windows operating systems include a tool called Perfmon.exe, which can be used to display a detailed
view of counters within the server, and of any applications installed. Lync Server 2013 has a plethora of
application-specific counters that can be used to determine the health of your Lync Server.
You can get a list of all performance counters on a server by running TypePerf.exe -q > counters.txt.
You can reference an article on using Lync PowerShell to view performance counters:
http://go.microsoft.com/fwlink/?LinkId=287057

Take advantage of the performance counters and the information they provide by deploying System
Center Operation Manager and the Lync Management Packs. This will provide real-time information
about the overall health of your environment and enable you to configure real-time alerts, so that you are
aware of potential issues before your users call you to resolve any issue.

MCT USE ONLY. STUDENT USE PROHIBITED


10-1

MICROSOFT INTERNAL TEACH

Module10
High Availability in Lync Server 2013
Contents:
Module Overview

10-1

Lesson 1: High Availability in Lync Server 2013

10-2

Lesson 2: Configuring High Availability in Lync Server 2013

10-6

Lesson 3: Planning for Load Balancing

10-10

Lesson 4: Designing Load Balancing

10-14

Lab: Configuring High Availability in Lync Server 2013

10-21

Module Review and Takeaways

10-25

Module Overview

After you migrate voice communications to Microsoft Lync Server 2013, you should provide high
availability and disaster recovery procedures that minimize downtime, speed recovery, and achieve the
appropriate level of application availability in the event of a failure. You should be aware about the
requirements for high availability with Lync Server 2013. You should also be able to plan and design for
load balancing with Lync Server 2013.

Objectives

Describe high availability in Lync Server 2013.

Configure high availability features in Lync Server 2013.

Plan for load balancing in Lync Server 2013.

Design load balancing in Lync Server 2013.

Lesson 1

MICROSOFT INTERNAL TEACH

High Availability in Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

10-2 High Availability in Lync Server 2013

Providing high availability in Lync Server 2013 includes the new Distributed Pool Architecture, back-end
server availability through SQL mirroring, file sharing with Distributed File System (DFS), and Persistent
Chat availability. You can select from various infrastructure options to provide additional fault tolerance.

Lesson Objectives

Describe high availability in Lync Server 2013.

Describe the new front-end pool architecture.

Describe the new option for back-end server availability.

Describe the options for File Share availability.

Describe the options for Persistent Chat availability.

Resiliency and High Availability


As a system architect, you must know what
resiliency and high availability are in the context of
Lync Server 2013 before assessing the
requirements for high resiliency.

Resiliency is the ability of a system to minimize


disruption of service or functionality during a
component failure. High availability is the ability of
a system to be constantly available to its users. A
service or system designed in such a manner is
intended to be available to its users continuously
with only minimal scheduled or unscheduled
unavailability because of planned maintenance or
outages. Resiliency makes high availability possible. While assessing the requirements in any given
deployment, you must consider resiliency and high availability together, because they are closely related.
The scaling of the infrastructure depends on the interpretation of high availability by the organization. If
performance must not be in any way impacted, even if part of the environment is unavailable, this could
necessitate a certain degree of over-provisioning during normal operation.

Often, with Lync Server 2013, high availability is considered to be within a physical site, while disaster
recovery is considered to be between physical sites. Your focus should be on the high availability aspects
within a site.
Question: Which edition of Lync Server will you install for a high availability solution?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-3

Front End Pool Architecture

MICROSOFT INTERNAL TEACH

In Lync Server 2013, the architecture for Enterprise


Edition front-end pools has changed to a
distributed systems architecture.
In previous versions of Lync Server, the back-end
SQL database was the real-time data store. While
this provided a central location for pool members
to utilize, it also became a performance
bottleneck. In Lync Server 2013, information about
a particular user is kept on local SQL instances on
the front-end servers (up to three)one is the
Master, and the other two are Replicas.
The Fabric Manager automatically distributes the
load across the front-end servers in the pool, improving performance and scalability in the pool, and
eliminating a single back-end SQL instance as a single point of failure.

The current recommendation is a minimum of three front-end servers in an Enterprise Edition pool.
Additional details on this can be found in the Deploying Enterprise Edition Pools topic, in Lesson 2 of
this module.

Back-End Server High Availability


Although the back-end database is no longer the
real-time store in Lync Server 2013, it still houses
critical data for the Lync deployment. The backend SQL Server serves as backup storage for user
and conference data, and is the primary storage
location for other databases, such as Response
Group Services. Previously, in Lync Server 2010,
SQL clustering was used to provide back-end
server high availability.

High availability for the back-end server is


provided through the deployment of two SQL
Servers, using synchronous (also called high safety mode) SQL mirroring. Any reference to SQL mirroring,
in the context of Lync Server 2013, always refers to synchronous mirroring; asynchronous mirroring is not
supported as part of back-end server high availability in Lync Server 2013.
Note: SQL Server 2012 offers a feature called AlwaysOn Availability Groups, which is meant to be a
replacement for SQL mirroring (which is still supported on SQL Server 2012, although it is deprecated).
This feature is not supported in Lync Server 2013. Additional details about AlwaysOn Availability Groups
can be found at: http://go.microsoft.com/fwlink/?LinkId=287059

For additional details about SQL mirroring, see:


http://go.microsoft.com/fwlink/?LinkId=134606

MCT USE ONLY. STUDENT USE PROHIBITED

10-4 High Availability in Lync Server 2013

MICROSOFT INTERNAL TEACH

The recovery time objective (RTO) for automatic back-end SQL failover is five minutes, and data loss is not
anticipated because of the synchronous configuration. The recovery point objective (RPO) is also five
minutes.
The user experience depends on whether a SQL witness is deployed along with the SQL mirror. With a
witness deployed, when the principal fails, fail over happens automatically, and users should not notice
much interruption in ongoing sessions. When a SQL witness is not deployed, the administrator must
manually invoke the failover process. During the time it takes for administrative action, users can be
affectedactive sessions can continue for about 30 minutes. After that time, or if the user attempts to
perform a persistent change (such as adding a contact) during that time, that user will be placed into a
resiliency mode.

File Sharing High Availability


The file store in Lync Server 2013 contains system
data and conferencing content. Each pool
deployed must have a file store associated with it.
A single file store can be shared by multiple pools.
When deploying the file store, to ensure high
availability, the Distributed File Service (DFS) can
be used. DFS supports the ability to fail over from
one file server to another.
Detailed information on deployment of
DFS can be found at the following link:
http://go.microsoft.com/fwlink/?LinkId=275025

When using DFS, you must remember that DFS replication is a best-effort file replication mechanism. As
such, there are no published RTO (Recovery Time Objective)/RPO (Recovery Point Objective) numbers.
Generally, failover between DFS servers happens quickly; however, data replication delays may possibly
prevent users from being able to continue work in progress when a failover occurs.

If data that is contained on the file store is critical, it should be backed up frequently. DFS replication does
not protect against accidental data deletion or corruption, so backing up the data is advisable.

Persistent Chat High Availability


Lync Server 2013 includes Persistent Chat as a
server role. Previously, Persistent Chat (formerly
called Group Chat) was a third-party trusted
application.
Persistent Chat servers can be deployed in the
following topologies:

Lync Server 2013 Enterprise Edition single


server, Persistent Chat server front-end server

Lync Server 2013 Enterprise Edition multiple


servers, Persistent Chat server front-end server

Lync Server 2013 Standard Edition server,

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-5

using SQL Server Express

MICROSOFT INTERNAL TEACH

Lync Server 2013 Standard Edition server and Persistent Chat server on separate servers, using
Standard Edition server as the next hop server

Persistent from a high availability perspective, a multiple-server pool should be deployed. This pool will
also require SQL Server to host the backend databasesthese databases can be collocated on an existing
back-end SQL Server (used by the front-end pool), or a dedicated SQL instance can be used. Additionally,
the SQL databases can utilize SQL mirroring to provide availability.

Stretched Pool Topologies


This pool can be stretched across two data centers following these two topologies:

Stretched Persistent Chat server pool when data centers are geo-located with high bandwidth/low
latency. In this case, there would be four servers in each data center (for a total of eight), and two
servers would be active in each data center (because you have high bandwidth and low latency).

Stretched Persistent Chat server pool when data centers are geo-located with low bandwidth/high
latency. In this case, there would be four servers in each data center (for a total of eight). However, all
four active servers would be in one data center only (because you have low bandwidth and high
latency).

SQL log shipping is used to provide replication of the data between the SQL instance in data center one,
and the SQL instance in data center two. This is discussed further in the Disaster Recovery module.

Lesson 2

Configuring High Availability in Lync Server 2013

MICROSOFT INTERNAL TEACH

This lesson discusses the configuration of Lync Server 2013 high availability features.

Lesson Objectives

Configure high availability for the back-end server.

Describe the deployment considerations for Enterprise Edition pools.

Configuring High Availability for Back-End Server


To deploy SQL mirroring, a minimum of SQL
Server 2008 R2 is required.

Requirements
In general, setting up SQL mirroring between the
two back-end servers with a witness requires the
following:

The primary servers version of SQL Server


must support SQL mirroring.

For more information about which


features are supported by various editions of
SQL Server 2012, see:
http://go.microsoft.com/fwlink/?LinkId=151940

The primary, mirror, and the witness (if deployed) must have the same version of SQL Server.

The primary and the mirror must have the same edition of SQL Server. The witness may have a
different edition.
For more information about the SQL witness, see:
http://go.microsoft.com/fwlink/?LinkId=116096

Configuration and Management


To configure SQL mirroring while creating a pool in Topology Builder:

MCT USE ONLY. STUDENT USE PROHIBITED

10-6 High Availability in Lync Server 2013

1.

On the Define the SQL Store page, next to the SQL store box, click New.

2.

On the Define new SQL Store page, specify the primary store, select This SQL instance is in
mirroring relation, specify the SQL mirroring port number (the default is 5022), and then click OK.

3.

Return to the Define the SQL store page, and select Enable SQL Store mirroring.

4.

In the Define new SQL Store page, specify the SQL store to be used as the mirror. Select This SQL
instance is in mirroring relation, specify the port number (the default is 5022), and then click OK.

5.

If you want a witness for this mirror, do the following:


a.

Select Use SQL mirroring witness to enable automatic failover.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-7

MICROSOFT INTERNAL TEACH

6.

b.

On the Define the SQL Store page, select Use SQL mirroring witness to enable automatic
failover, and specify the SQL store to be used as the witness.

c.

Specify the port number (the default is 7022), and then click OK.

After you have defined your front-end pool and all other roles in your topology, use Topology Builder
to publish the topology. When the topology is published, if the front-end pool that hosts Central
Management Store has SQL mirroring enabled, you will see an option to create both primary and
mirror SQL store databases. Click Settings, and then type the path to use as the file share for the
mirroring backup.
Click OK, and then click Next to create the databases and publish the topology. The mirroring and
the witness (if specified) will be deployed. You can use Topology Builder to edit the properties of an
already existing pool to enable SQL mirroring.

To add SQL mirroring to an existing Front End pool in Topology Builder:


1.

In Topology Builder, right-click the pool, and then click Edit Properties.

2.

Select Enable SQL Store Mirroring, and then, next to Mirroring SQL Store, click New.

3.

Specify the SQL store that you want to use as the mirror.

4.

Select This SQL instance is in mirroring relation, specify the SQL mirroring port number (the
default port is 5022), and then click OK.

5.

If you want to configure a witness, select Use SQL mirroring witness to enable automatic failover,
and then click New.

6.

Specify the SQL store that you want to use as the witness.

7.

Select This SQL instance is in mirroring relation, specify the SQL mirroring port number (the
default port is 7022), and then click OK.

8.

Click OK.

9.

Publish the topology. When you do so, you will be prompted to install the database.

You must then install the database before starting the next procedure.
You should keep the following in mind when you set up SQL mirroring:

If a mirroring endpoint already exists, it will be re-used with the ports defined there, and will ignore
the ones you specify in the topology.

Any port already allocated for other applications on the same server, including those for other SQL
instances, should not be used for the installed SQL instances at hand. This implies that if you have
more than one SQL instance installed on the same server, they must not use the same port for
mirroring. For more information, refer to the following articles:
"Specify a Server Network Address (Database Mirroring)" in the MSDN Library at:
http://go.microsoft.com/fwlink/p/?LinkId=247346
"The Database Mirroring Endpoint (SQL Server)" at:
http://go.microsoft.com/fwlink/p/?LinkId=247347

Deploying Enterprise Edition Pools

MICROSOFT INTERNAL TEACH

Deployment Planning
In Lync Server 2013, the recommendation is to
deploy a minimum of three front-end servers in a
pool. When two servers are involved, the
preference is to install two Standard Edition pools,
and pair them together, rather than building a
front-end pool with only two front-end servers. If
such a pool is deployed, use the following
guidelines:

MCT USE ONLY. STUDENT USE PROHIBITED

10-8 High Availability in Lync Server 2013

If one front-end server fails, you should try to


recover the failed server as soon as you can.
Similarly, if you need to upgrade one of the two servers, bring it back online as soon as the upgrade is
completed.

If you need to stop both servers at the same time, do the following when the downtime for the pool
is finished:
o

The best practice is to restart both front-end servers at the same time.

If the two servers cannot be restarted at the same time, you should re-start them in the reverse
order of the order in which they were stopped.

If you cannot re-start them in that order, run the following cmdlet before starting the pool.

Reset -CsPoolRegistrarState -ResetType QuorumLossRecovery -PoolFQDN <FQDN>

Pool Management

When deploying a front-end pool, it is critical that a minimum number of front-end servers are up and
running, to ensure that the pool is functional. The following table shows the details of pool size, and the
minimum running servers for the pool to be functional.
Total number of front-end servers in the
pool

Number of servers that must be running


for the pool to be functional

12

34

56

78

910

1112

If the number of servers running falls below the functional level as shown in the preceding table, the
remaining servers in the pool go into survivability mode, and you will see the following message in the
event log: Local Pool Manager has been disconnected from Pool Fabric Manager. (Id: 32163). After five
minutes, if the number of running servers is still below the threshold level, the remaining servers in the
pool will stop all Lync Server services, and the following messages will appear in the event log: Pool
Manager failed to connect to Fabric Pool Manager (id: 32170) Server is being shut down because fabric
pool manager could not be initialized (id: 32173).

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-9

If servers are added to, or removed from the pool configuration in Topology Builder, and then published
successfully, the existing front-end servers must be restarted.

MICROSOFT INTERNAL TEACH

The recommendation is to restart the servers one at a time. In the unlikely event that the entire pool was
offline when the configuration change occurred, you will need to run the following cmdlet.
Reset-CsPoolRegistrarState -PoolFQDN <PoolFQDN> -ResetType ServiceReset

Lesson 3

MICROSOFT INTERNAL TEACH

Planning for Load Balancing

MCT USE ONLY. STUDENT USE PROHIBITED

10-10 High Availability in Lync Server 2013

Load balancing refers to the distribution of client connections among the servers in a server pool.
Deploying load balancing is based on the organizations resiliency requirements. Lync Server 2010
introduced Domain Name System (DNS) load balancing, which Lync Server 2013 continues to utilize. You
can use DNS load balancing to reduce the administration overheads for load balancing on your network
and balance Session Initiation Protocol (SIP) traffic and media traffic.
You should be aware about the requirements so that you can assess the need for load balancing, the
types of load balancing, and the components in the infrastructure that do not support DNS load
balancing. Then, you will be able to plan for load balancing services and servers. You will also be able to
plan for the coexistence of load balancing with the earlier versions of Lync 2013 clients.

Lesson Objectives

Describe DNS load balancing and hardware-based load balancing.

Plan for load balancing infrastructure components.

Plan for coexistence.

DNS and Hardware-Based Load Balancing


After you decide to implement load balancing,
you can use two methods to load balance the
network traffichardware load balancing and
DNS load balancing (with hardware load
balancing).

Hardware Load Balancing


Hardware load balancing requires separate load
balancing devices that receive client traffic on
dedicated virtual IP addresses (VIPs). These load
balancing devices distribute client connections to
servers in the pool that they are load balancing.

In previous versions of Lync Server 2013, hardware load balancing was the only available method that
network administrators could use. However, load balancing HTTP/HTTPS is different from the task of load
balancing SIP traffic.

The SIP client holds transactions of a longer duration because it registers with a server in the front-end
server pool, and retains the connection over an extended time period. Handling such long-term
transactions can be difficult for some hardware load balancing implementations. Lync Server 2010
introduced DNS load balancing to meet the need for load balancing SIP traffic, and this continues in Lync
Server 2013. DNS load balancing for SIP facilitates the deployment of Hardware load balancers, which are
required for all HTTP(S) traffic in Lync Server.

DNS Load Balancing

DNS load balancing works by having two DNS A records registered for each member of a server pool.
One DNS A record relates to the server's own fully qualified domain name (FQDN) and the other record
relates to the front-end server pool FQDN. When a client queries for the DNS Service (SRV) record to
connect, the DNS Server responds with all IP addresses that are registered with the front-end server pool

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-11

FQDN. The front-end server pools, Edge Server pools, Director pools, and stand-alone Mediation Server
pools support DNS load balancing.

MICROSOFT INTERNAL TEACH

Differences between Using Hardware Load Balancing and DNS Load Balancing

The difference in DNS registrations between using hardware load balancing and DNS load balancing is
illustrated in the following table.

Load Balancing on Office Communications Server 2007 R2 Using Hardware Load


Balancing

In the following example, pool.adatum.com running on Office Communications Server 2007 R2 has three
front-end serversvan-fe01, van-fe02, and van-fe0.
Server

DNS FQDN

DNS A record IP address

Pool VIP

pool.adatum.com

10.10.0.99

Front-end server

van-fe01.adatum.com

10.10.0.20

Front-end server

van-fe02.adatum.com

10.10.0.30

Front-end server

van-fe03.adatum.com

10.10.0.40

Load Balancing on Lync Server 2013 by Using DNS Load Balancing

The following table provides a list of DNS configurations for DNS load balancing for a Lync Server 2013
Front-end server pool. In the example, pool.adatum.com running on Lync Server 2013 has three Frontend serversvan-fe01, van-fe02, and van-fe03.
Server

DNS FQDN

DNS A record IP address

Pool

pool.adatum.com

10.10.0.20

Pool

pool.adatum.com

10.10.0.30

Pool

pool.adatum.com

10.10.0.40

Front-end server

van-fe01.adatum.com

10.10.0.20

Front-end server

van-fe02.adatum.com

10.10.0.30

Front-end server

van-fe03.adatum.com

10.10.0.40

Question: How does DNS load balancing simplify the deployment of hardware load
balancers with Lync Server 2013, when compared with the earlier versions of the product?

MICROSOFT INTERNAL TEACH

Planning for Load Balancing Infrastructure Components


A challenge that network administrators face while
using DNS load balancing is managing
components within the Lync Server 2013
infrastructure. Because DNS load balancing is a
new feature with Lync Server 2010/2013, only Lync
Server 2010/2013 clients can use it. DNS load
balancing is not supported by legacy clients.
Besides the previous versions of Office
Communications Server clients, the Lync Server
2013 deployment might be connected to several
other components, which may not support DNS
load balancing. Some examples of such
components are:

MCT USE ONLY. STUDENT USE PROHIBITED

10-12 High Availability in Lync Server 2013

A former Office Communications Server R2 front-end server pool in the Lync Server 2013 topology.

A federated organization running Office Communications Server 2007 R2 Edge Server.

Instant message exchange with users of various public instant messaging (IM) services, such as
Microsoft Windows Live Messenger, America Online, and Yahoo!, and Extensible Messaging and
Presence Protocol (XMPP)based providers and servers, such as Google Talk and Jabber.

An IP private branch exchange (PBX) or IP-public switched telephone network (PSTN) as specified in
the Open Interoperability Program.

You need to consider scenarios where these systems connect to a Lync Server 2013 front-end server pool.
If all servers in the Lync Server 2013 pool are operational, these systems will function without any issues.
During the planning process, you should identify the components that do not support DNS load
balancing and plan the mitigation strategies. For example, some hardware devices might have firmware
updates that enable support for DNS load balancing.

In some scenarios, you may have to migrate from the earlier versions of servers and clients. However, you
need to closely match this inability with organizational requirements or any service level agreements
(SLAs) that specify the need for high availability, which might have an impact on the affected services. In
such scenarios, you might need to use hardware load balancing during the transition period to ensure
that load balancing and resiliency work as required, to support users.
Question: Does DNS load balancing in Lync Server 2013 remove the need for hardware load
balancers in your solution?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-13

MICROSOFT INTERNAL TEACH

Planning for Coexistence

During the planning phase, you must recognize


that organizations that use the infrastructure and
hardware load balancers with the previous
versions of Lync Server need to be accommodated
in the Lync Server 2013 deployment. These
hardware load balancers can simultaneously
handle load balancing for several server pools.
Therefore, if SLAs allow, administrators can use the
existing hardware load balancers in a migration or
coexistence scenario, where an existing hardware
load balancer may handle load balancing for both
Office Communications Server 2007 R2 servers and
Lync Server 2013 servers. In a migration scenario, clients running an earlier version of Lync will often be
upgraded, within a relatively short timeframe.

While planning for coexistence, you need to be aware that server draining, which allows you to drain all
active connections from a server, is only possible in DNS load balancing. In this situation, the hardware
load balancer will continue to direct clients to a server targeted for draining.
Whether you decide to upgrade Office Communications Server 2007 R2 or to deploy hardware load
balancing to accommodate SIP traffic, ensure that the selected solution is aligned with the long-term
goals of the Lync Server 2013 deployment and the long-term needs of the organization.
Question: How will selecting hardware load balancing for SIP traffic affect the management
of a Lync Server 2013 Enterprise front-end server pool in a production environment?

Lesson 4

MICROSOFT INTERNAL TEACH

Designing Load Balancing

MCT USE ONLY. STUDENT USE PROHIBITED

10-14 High Availability in Lync Server 2013

While load balancing a Lync Server 2013 deployment, you need to plan and design the servers and
services that need to be load balanced and the load balancing technology to be used. Then, you need to
manage the coexistence for the previous versions of Lync Server 2013. You should, therefore, know how
to design for load balancing for a Lync Server 2013 solution.

Lesson Objectives

Design DNS-based load balancing.

List DNS load balancing requirements.

Design hardware-based load balancing.

List hardware-based load balancing requirements.

Design load balancing for servers and services.

Describe the guidelines for deploying DNS load balancing for front-end server pools.

Design load balancing for coexistence with earlier versions of clients and devices.

Designing DNS-Based Load Balancing


Designing DNS-based load balancing is less
complex than designing hardware load balancing.
Performing a successful DNS load balancing
design depends on getting the right records
registered in the DNS, so that the client and
servers that use DNS load balancing can function
as intended.
In DNS load balancing, a DNS A record containing
the pool name for each server in the front-end
server pool, points to the IP address of each pool
member, and to the individual A records for the
server FQDNs. Note that you still need a VIP for
the traffic that uses hardware load balancing. However, the pool name that is used for client SIP
connections does not resolve to any address on the hardware load balancer.

The following table provides a list of IP addresses for each pool member and the individual A records for
the server FQDNs in the sample topology.
Server(s)

DNS FQDN

DNS A Record IP

Web VIP

web.adatum.com

10.10.0.99

Pool

pool.adatum.com

10.10.0.20

Pool

pool.adatum.com

10.10.0.30

Front-end

van-fe01.adatum.com

10.10.0.20

Front-end

van-fe02.adatum.com

10.10.0.30

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-15

Question: Can you use DNS load balancing for a server running Lync Server 2013 Standard
Edition?

MICROSOFT INTERNAL TEACH

DNS Load Balancing Requirements


Domain Name System (DNS) load balancing
balances network traffic that is unique to Lync
Server 2013, such as SIP traffic and media traffic.
DNS load balancing is supported for the following:

Front-end pools

Edge Server pools

Director pools

Stand-alone Mediation Server pools

A front-end pool that is configured to use DNS


load balancing must have the two FQDNs defined
within the topology and DNS. The DNS records should be created as A records rather than CNAME
records:

The regular pool FQDN that is used by DNS load balancing (for example, pool1.contoso.com) and
that resolves to the physical IPs of the servers in the pool

Another FQDN for the web services of the pool (for example, web1.contoso.com), which resolves to a
hardware load-balanced virtual IP address of the pool

Prerequisites for Using DNS Load Balancing


Before you can use DNS load balancing, you must:

Override the internal web services pool FQDN.

Create DNS A host records to resolve the pool FQDN to the IP addresses of all servers in the pool.

To override internal web services FQDN:


1.

From the Lync Server 2013 program group, open Topology Builder.

2.

In the console tree, expand the Enterprise Edition Front End pools node.

3.

Right-click the pool, click Edit Properties, and then click Web Services.

4.

Under Internal web services, select the Override FQDN check box.

5.

Type the consolidated front-end pool FQDN that resolves to the hardware load-balanced virtual IP
addresses of the servers in the pool.

6.

Under External web services, type the external pool FQDN that resolves to the hardware loadbalanced virtual IP addresses of the pool, and then click OK.

7.

In the console tree, select Lync Server 2013, and then, in the Actions pane, click Publish Topology.

8.

Start the Deployment Wizard on each Lync Server 2013 server that is impacted, and then run Setup
again.

To create DNS Host (A) Records for all internal pool servers

For each front-end server in your pool, create a DNS Host (A) record that maps the pool FQDN to the IP
address of that front-end server. For example, if you had a pool named, pool1.contoso.com, and three

front-end servers with IPs of 192.168.1.1, 192.168.1.2, and 192.168.1.3, you would create the following
DNS entries.

MICROSOFT INTERNAL TEACH

FQDN

Type

Data

Pool1.contoso.com

Host (A)

192.168.1.1

Pool1.contoso.com

Host (A)

192.168.1.2

Pool1.contoso.com

Host (A)

192.168.1.3

MCT USE ONLY. STUDENT USE PROHIBITED

10-16 High Availability in Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-17

MICROSOFT INTERNAL TEACH

Designing Hardware-Based Load Balancing


Hardware load balancing is required for the
HTTP/HTTPS client-server traffic within the Lync
Server 2013 infrastructure. However, if you choose
to deploy hardware load balancing only, without
DNS load balancing, the DNS configuration and
the client connection process is similar to the
process in previous versions of Lync Server 2013.
While designing a hardware load balancing-only
deployment for Lync Server 2013, you need to
resolve the pool name to the VIP on the hardware
load balancers, and not to an individual server in
the pool. Consider the same sample topology used
for designing DNS load balancing, but assume that instead of DNS load balancing, hardware load
balancing is used to manage all the traffic. In this scenario, the following are the DNS entries.
Server

DNS FQDN

DNS A Record IP

Pool VIP

pool.adatum.com

10.10.0.99

Front-end

van-fe01.adatum.com

10.10.0.20

Front-end

van-fe02.adatum.com

10.10.0.30

Hardware Load Balancing Requirements


In most enterprises, the setup and maintenance of
hardware load balancers (HLBs) is provided by a
different organization than those who would
manage the Lync Server 2013 environment, such
as the network team. When using Lync Server
2013 with HLB, you need to ensure that all
prerequisites and infrastructure requirements are
met, and that the HLBs have been properly
deployed before deploying your Edge Servers.

Prerequisites for HLBs


An HLB for a Lync Server 2013 pool must meet the
following requirements:

Must expose a VIP

Must allow multiple ports to be opened to the same VIP (TCP/UDP)

Must provide TCP-level affinity

Must provide a configurable TCP idle-timeout interval with a maximum value greater than or equal to
the minimum of the REGISTER refresh or SIP Keep-Alive interval of 30 minutes

Can support a rich set of metrics (round robin, least connections, weighted, and so on); we
recommend a least connections-based load-balancing mechanism for the HLB

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

10-18 High Availability in Lync Server 2013

Must detect service availability by port (often called a heartbeat, or monitor); the polling interval must
be a configurable value with a minimum value of at least five seconds

Must allow for adding and removing servers to the pool without shutting down

If port monitoring is configured and one or more ports are generating errors in the event log, modify
the port monitoring rule(s) to allow a full TCP handshake (SYN/SYN-ACK/ACK) versus marking the
service as UP if it returns a SYN-ACK (that is, a partial TCP handshake (SYN/SYN-ACK); this is
sometimes referred to as TCP-half open

Infrastructure Requirements for HLB


The infrastructure for HLBs for a Lync Server 2013 pool must meet the following requirements:

The VIP must be resolvable from a single DNS A record.

The VIP must be a static IP address.

The Lync Server 2013 server behind the HLB must have a registered FQDN. The IP address registered
for this FQDN must be publicly accessible from within the enterprise.

The network adapter must have exactly one static IP address. This IP address will be used for the
incoming load-balanced traffic.

Designing Servers and Services for Load Balancing


DNS load balancing is supported for front-end
pools, Edge Server pools, Director pools, and
stand-alone Mediation Server pools.

Design Guidelines for DNS Load


Balancing on Front-End Pools and
Director Pools
You can use DNS load balancing for the SIP traffic
on front-end pools and Director pools. When you
deploy DNS load balancing, you will still need to
use hardware load balancers for these pools, but
only for HTTP traffic. You can use the hardware
load balancer for the HTTP/HTTPS traffic from
clients over ports 443 and 80. However, you will still need hardware load balancers for the front-end
server and Director pools, but their setup and administration will be primarily for HTTP/HTTPS traffic.

Design Guidelines for DNS Load Balancing for Legacy Computers

DNS load balancing is supported only by servers running Lync Server 2013/2010 and Lync Server
2013/2010 clients. Versions of clients and servers prior to Lync 2010 (legacy systems) can still connect to
front-end pools and Director pools configured with DNS load balancing, but if the legacy client cannot
make a connection to the first server that DNS load balancing refers them to, they will be unable to fail
over to another server in the pool.

To resolve this issue, you should have only a few legacy clients or servers, or you should plan to perform
the migration of these computers to Lync Server 2013. Alternatively, you can achieve load balancing of
connections from the previous clients and server by implementing DNS round-robin on the DNS server. In
this scenario, the DNS server will reply with a different order of front-end server pool IPs, each time a DNS
query reaches it. This, in turn, will ensure that connections from legacy computers are load balanced.
However, this will not provide failover capability if a front-end server is unavailable.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-19

MICROSOFT INTERNAL TEACH

In addition, if you plan to use Exchange Server Unified Messaging, you should remember that only
Microsoft Exchange 2010 SP1 interoperates with Lync Server 2013 DNS load balancing. If you use a
previous version of Exchange Server, you will be unable able to provide failover capabilities for users who
are using Exchange Server Unified Messaging capabilities, such as listening to their voice mail through
their mailbox.

Design Guidelines for DNS Load Balancing for Edge Server Pools

To deploy DNS load balancing on the external interface of your Edge Server pool, you need relevant DNS
entries. For the Access Edge service, you need one entry for each server in the pool. Each entry must
resolve the FQDN of the Access Edge service, such as sip.contoso.com, to the IP address of the Access
Edge service on one of the Edge Servers in the pool. For the web conferencing Edge service, you need one
entry for each server in the pool. Each entry must resolve the FQDN of the web conferencing Edge service,
such as webconf.contoso.com, to the IP address of the web conferencing Edge service on one of the Edge
Servers in the pool. For the audio/video conferencing Edge service, you need to add an entry for each
server in the pool. Each entry must resolve the FQDN of the audio/video conferencing Edge service, such
as av.contoso.com, to the IP address of the audio/video conferencing Edge service on one of the Edge
Servers in the pool.
To deploy DNS load balancing on the internal interface of your Edge Server pool, you need to add a DNS
entry for each Edge Server in the pool. Each entry should resolve the internal FQDN of the Edge Server
pool, such as sip.internal.com, to the IP address of one of the Edge Servers in the pool.

Design Guidelines for DNS Load Balancing on Mediation Server Pools

You can use DNS load balancing on stand-alone Mediation Server pools without using a hardware load
balancer. All SIP and media traffic is balanced by DNS load balancing. To deploy DNS load balancing on a
Mediation Server pool, you must provision DNS to resolve the pool FQDN, such as
mediationpool1.contoso.com, to the IP addresses of all servers in the pool, such as 192.168.1.1 or
192.168.1.2.
Question: Which considerations should you remember while deciding on the servers or
services that need load balancing?

Guidelines for Deploying DNS Load Balancing for Front-End Server Pool
The following are the guidelines for deploying
DNS load balancing in your Lync Server 2013
solution:

When all or most users run Lync Server 2013


clients, we recommend that you use DNS load
balancing.

When many users on the pool are still running


older clients, we recommend that you use
hardware load balancing.

When interaction occurs only with other Lync


Server 2013 servers, we recommend that you
use DNS load balancing.

When interaction occurs with many servers running earlier versions of Office Communications Server,
we recommend that you use hardware load balancing.

If you are using Exchange Server 2010 SP1 or later versions, use DNS load balancing.

If Exchange Server Unified Messaging prior to Exchange 2010 SP1 is used, we recommend that you
use hardware load balancing.
Question: Can you name some examples where DNS load balancing is not supported?

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

10-20 High Availability in Lync Server 2013

Designing a Coexistence Strategy


During the planning phase, you need to recognize
that organizations that use the infrastructure and
hardware load balancers with the previous
versions of Lync Server 2013 need to be
accommodated in the Lync Server 2013
deployment. Depending on the organizational
requirements and cost concerns, you may:

Provide hardware load balancing for all clients


and servers.

Retain an existing hardware load balancing


setup for legacy clients and legacy servers.

Provide load balancing for Lync Server 2013 clients and server only.

If you choose not to provide load balancing for clients prior to Lync 2010, combine it with a strategy for
moving from coexistence into Lync Server 2013 environment.
Question: How will previous versions of Lync Server 2013 interact in an environment where
DNS load balancing is used for SIP traffic?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-21

Lab: Configuring High Availability in Lync Server 2013

MICROSOFT INTERNAL TEACH

Scenario

All Adatum unified communications have been migrated to the Microsoft Lync Server 2013
environment and company policy requires a high availability plan for all critical systems. The Adatum
Infrastructure Architect has designed a solution; you must use this design and perform the necessary steps
to provide the ability to recover in the event of a disaster.

Lab Setup
Estimated Time: 30 minutes

LON-CL1 as Adatum\Adam,
with the password, Pa$$w0rd

RED-CL1 as Adatum\Alex,
with the password, Pa$$w0rd

We recommend that the steps in this and every lab be split between two students in your class. The
students can determine when to share tasks so that both students gain an understanding of the concepts
of each lab. If you need help, please inform the instructor. Note that if you both try to do tasks at the
same time, you may overwrite each others work and possibly lose data.

Exercise 1: Configuring Database Mirroring


Scenario

In this exercise you will be configuring SQL database mirroring for Lync deployment with the following
configurations:

Create a new folder SQLMirrorShare. On Lon-DC1

Share this folder with following permissions

Remove : Everyone group,

Add : Service Accounts object

Add : Administrators;SQLSvc

Assign Full Control

For SQLSvc user account : Full Control

Update your Lync Topology with following configurations:

For Lon-pool Enable SQL store mirroring

SQL Server FQDN : lon-sql02.adatum.com

Named Instance : LYNC.

Mirroring witness : enable automatic failover

SQL Server FQDN : lon-dc1.adatum.com

Named Instance : LYNC.

Note of the default witness port number

Mirror port number : 5022

MCT USE ONLY. STUDENT USE PROHIBITED

10-22 High Availability in Lync Server 2013

Note: On all virtual machines, verify that all of the services set to start automatically have started. Most
notably, check the Microsoft SQL Server and Lync Server 2013 services. To do so, click Start, click
Administrative Tools, and then click Services. In the Services console, verify that all services that are set
to Automatic start have started. If not, right-click the service, and then click Start.

MICROSOFT INTERNAL TEACH

The main tasks for this exercise are as follows:


1. Start the virtual machines.
2. Create and assign permissions for the SQL mirroring file share.
3. Configure SQL mirroring in the topology.
4. Configure the mirror port for LON-SQL01.
5. Publish the topology.
6. Verify the configuration with SQL Management Studio.

Task 1: Start the virtual machines.


Start the virtual machines.

Task 2: Create and assign permissions for the SQL mirroring file share.

Create SQLMirrorShare folder


Adjust sharing settings for SQLMirrorShare folder.
Adjust permissions for SQLMirrorShare folder to enable Full Control for the SQLSvc user account and
Administrators group.

Task 3: Configure SQL mirroring in the topology.


Define a new SQL Server Store.

Task 4: Configure the mirror port for LON-SQL01.


Edit the Mirror port number.

Task 5: Publish the topology.


Publish the topology in Topology Builder.

Task 6: Verify the configuration with SQL Management Studio.


Adjust the SQL Server.

Results: After completing this exercise, you should have used Topology Builder to establish database
mirroring between two defined SQL instances, and verified the configuration by using the SQL
Management Studio tool.

Exercise 2: Experiencing a Scheduled SQL Server Outage


Scenario
In this exercise you will experience Lync client behavior in a scheduled and unscheduled SQL server
outage.
The main tasks for this exercise are as follows:
1. Sign in as Adam Barr on LON-CL1.
2. Sign in as Alex Darrow on RED-CL1.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-23

3. Observe client behavior.


4. Initiate failover to the mirrored database instance.
5. Observe client behavior.

MICROSOFT INTERNAL TEACH

6. Initiate failback to the primary database instance.

Task 1: Sign in as Adam Barr on LON-CL1.


Logon to the client virtual machine.

Task 2: Sign in as Alex Darrow on RED-CL1.


Make a Lync Call

Task 3: Observe client behavior.


Change the status of the user.

Task 4: Initiate failover to the mirrored database instance.


Run commands on the Front End server.

Task 5: Observe client behavior.


Close the active call between Adam and Alex.

Task 6: Initiate failback to the primary database instance.


Run commands with the Lync Management Shell.

Results: After completing this exercise, you should have used the Lync Server 2013 Management Shell to
perform manual failover of the databases from the primary SQL instance to the mirror SQL instance, and
back.

Exercise 3: Experiencing an Unscheduled SQL Server Outage


Scenario

In this exercise, you will simulate a SQL Server failure by stopping the SQL service on the SQL Server, lonsql01.adatum.com. Because a witness is deployed, failover will be automatic. You will note the client
experience, and verify failover by using Lync Management Shell. You will start a conversation between
Adam Barr and Alex Darrow and then monitor the status of the session as each step is performed. This will
let you observe the behavior that will be experienced by end-users.
The main tasks for this exercise are as follows:
1. Sign in as Adam Barr on LON-CL1 and make a Lync call.
2. Simulate a failure of LON-SQL01.
3. Observe client behavior.
4. Validate database failover to the mirrored database.
5. Resume services on LON-SQL01.
6. Observe database status.

Task 1: Sign in as Adam Barr on LON-CL1 and make a Lync call.


Open the Lync client.

Task 2: Simulate a failure of LON-SQL01.


Stop the SQL Server Lync Service.

Task 3: Observe client behavior.

MICROSOFT INTERNAL TEACH

Change Adam Barrs status to available

Task 4: Validate database failover to the mirrored database.


Run commands in Lync Management Shell

Task 5: Resume services on LON-SQL01.


Start the SQL Server Lync service.

Task 6: Observe database status.


Run commands in Lync Management Shell against the front end server.

MCT USE ONLY. STUDENT USE PROHIBITED

10-24 High Availability in Lync Server 2013

Results: After completing this exercise, you should have observed the automatic failover process between
mirrored databases in Lync Server 2013, by using the Lync Management Shell to verify.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 10-25

Module Review and Takeaways


Common Issues and Troubleshooting Tips

MICROSOFT INTERNAL TEACH

Common Issue

Troubleshooting Tip

The Topology Publishing Wizard


completed with errors on Creating Mirror
Database.

An administrator cannot run the


Uninstall-csMirrorDB cmdlet after
removing the mirroring database in
Topology Builder.

Review Question(s)
Question: What option do you use to provide back-end high availability in Lync Server
2013? Do you use SQL Server Always-on Availability Groups, Synchronous SQL Mirroring,
SQL Clustering, or SQL Log Shipping?
Question: When servers are added to, or removed from the pool configuration in Topology
Builder, and the topology is successfully published, what additional action must be taken?
Question: What capability does deploying a SQL witness provide?
Question: If you deploy an Enterprise Edition front-end pool that contains only two frontend servers, and both servers need to be stopped at the same time, what is the sequence of
steps to bring them back online?

Real-world Issues and Scenarios

Contoso has deployed an Enterprise Edition front-end pool that contains three front-end servers and two
back-end mirrored servers. They plan to apply Windows updates to the servers, but want to minimize the
service outage. What steps should they take?

They should first run the Get-CsPoolUpgradeReadinessState cmdlet on a front-end server in the pool to
obtain information about the upgrade readiness for the Lync Server 2013 pool. The returned information
includes the number of front-end servers assigned to the pool; the number of currently active front-end
servers; the name of the upgrade domain; and a True/False value that indicates whether the current state
of the pool allows it to be upgraded. Note that this cmdlet must be run locally on a front-end server in
the pool being checked. There are no options enabling you to run Get-CsPoolUpgradeReadinessState
remotely.

The front-end servers in an Enterprise Edition pool are organized into upgrade domains. These are subsets
of front-end servers in the pool. Upgrade domains are created automatically by Topology Builder. We
recommend that when you upgrade front-end servers, you perform the upgrades one server at a time.
Stop one server first, upgrade it, and then restart it before you upgrade another server. Ensure that you
keep a track of which servers you have upgraded so far.
If the value of PoolUpgradeState is Busy, wait for 10 minutes, and then try GetCsPoolUpgradeReadiness again. If you see Busy for at least three consecutive times, after waiting 10
minutes between each attempt, or if you see any result of InsufficientActiveFrontEnds for
PoolUpgradeState, then there is a problem with the pool. If this pool is paired with another front-end
pool in a disaster recovery topology, you should fail the pool over to the backup pool, and then update
the servers in this pool.

If the value of PoolUpgradeState is Ready, continue to the next step.

MCT USE ONLY. STUDENT USE PROHIBITED

10-26 High Availability in Lync Server 2013

MICROSOFT INTERNAL TEACH

The Get-CsPoolUpgradeReadiness cmdlet also returns information about each upgrade domain in the
pool, and about which front-end servers are in each upgrade domain. If the ReadyforUpgrade value is
True for the upgrade domain that contains the server you want to upgrade, you can safely upgrade that
server now. To do so, perform the following steps:
1.

Stop new connections to the front-end server by using the Stop -CsWindowsServices -Graceful
cmdlet.

2.

Apply any updates.

3.

Restart the server, and ensure that it accepts new connections.

4.

Run Get-CsPoolUpgradeReadiness state and wait about five minutes after returning True before
stopping services on the next front-end server that you will update. Repeat the process.

5.

After updating the front-end servers in the pool, you are ready to proceed with the steps to update
the back-end servers.

First, you should determine which back-end database is the principal, and which is the mirror, by typing
the following cmdlet.
Get-CsDatabaseMirrorState -PoolFqdn <poolFQDN> -DatabaseType <database>

Note If more than one type of Lync database is hosted on the back-end, you should get and verify the
database mirror state for each of them.

Important If the Central Management Store is hosted in this pool, determine the primary and mirror, and
fail it over first.
Perform the fail over of the user database by typing the following cmdlet.
Invoke-CsDatabaseFailover -PoolFqdn <poolFQDN> -DatabaseType <database type> NewPrincipal mirror -Verbose

Note If more than one type of Lync database is hosted on the back-end, you should fail over each of
them.

Important If the Central Management Store is hosted in this pool, determine the primary and mirror, and
fail it over first.
After the failover of the Lync databases is complete, perform the updates and restart server/services, if
required. Execute the cmdlet to verify the CsDatabaseMirrorState.

Note If the mirror state shows as suspended, you may need to start SQL Server Management Studio and
connect to the SQL Server. Then, for each database that shows as suspended, select it, right-click and
select Tasks, then select Mirror, and on the Database Properties page for Mirroring, click Resume.
Repeat for any additional databases.
When Get-CsDatabaseMirrorState shows mirroring status as synchronized, fail back to the principal
database by running the following cmdlets for each database type.
Invoke-CsDatabaseFailover -PoolFqdn <poolFQDN> -DatabaseType <database type> NewPrincipal primary -Verbose

After failover is complete, perform updates on the mirror server.

MCT USE ONLY. STUDENT USE PROHIBITED


11-1

MICROSOFT INTERNAL TEACH

Module11
Disaster Recovery in Lync Server 2013
Contents:
Module Overview

11-1

Lesson 1: Disaster Recovery in Lync Server 2013

11-2

Lesson 2: Tools for Backing Up and Restoring Lync Server 2013

11-10

Lesson 3: Critical Lync Server 2013 Data to Back Up and Restore

11-12

Lesson 4: Critical Lync Server 2013 Data to Export and Import

11-15

Lesson 5: Designing Branch Site Resiliency

11-18

Lab: Configuring Disaster Recovery in Lync Server 2013

11-24

Module Review and Takeaways

11-27

Module Overview

After you migrate voice communications to Microsoft Lync Server 2013, you should provide high
availability and disaster recovery procedures that minimize downtime, speed recovery, and achieve the
appropriate level of application availability in the event of a failure. Lync Server 2013contains a number of
new disaster recovery features. You can use the tools and methods available for successfully backing up
and restoring a Lync Server 2013 environment, and back up, restore, export, and import critical Lync
Server 2013 data. You can also use Lync Server 2013 to design for branch site resiliency.

Objectives

Describe the high availability options in Lync Server 2013.

Describe the tools for backing up and restoring Lync Server 2013 data.

Backup and restore critical Lync Server 2013 data.

Export and import critical Lync Server 2013 data.

Describe the design considerations for branch site scenarios.

Lesson 1

MICROSOFT INTERNAL TEACH

Disaster Recovery in Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

11-2 Disaster Recovery in Lync Server 2013

Lync Server 2013 provides a number of disaster recovery options, such as front-end pool pairing, the Lync
Backup Service, and Persistent Chat stretched pools. You can use various commands to manage disaster
recovery in Lync Server 2013.

Lesson Objectives

Describe the high availability and disaster recovery life cycle for Lync 2013.

Describe and configure front-end pool pairing.

Describe and configure the Lync Backup Service.

Describe and configure Lync Persistent Chat in a disaster recovery scenario.

Manage disaster recovery in Lync Server 2013.

Lync Server 2013 High Availability and Disaster Recovery Life Cycle
The following table shows the life cycle of high
availability and disaster recovery in Lync Server
2013. The table lists the various scenarios, the
associated tasks, and the Lync Server 2013 tool or
tools that you can use in each scenario.

Scenario

Admin task

Mode

Lync Server 2013 Tools

Design

Server and capacity


planning

Manual

Planning Tool

Back-end high
availability
configuration

Setting up SQL mirroring


(without witness)

Manual

Topology Builder; SQL

Setting up SQL mirroring


(with witness)

Manual

Topology Builder; SQL

Pool disaster
recovery
configuration

Pairing two Lync 2013


pools

Manual

Topology Builder

Back-end
failure

Back-end failover (with


witness)

Auto

Not applicable

Back-end failover
(without witness)

Manual

PowerShell cmdlets

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-3

MICROSOFT INTERNAL TEACH

Scenario

Admin task

Mode

Lync Server 2013 Tools

Back-end
maintenance

Back-end failover (with


or without witness)

Manual

PowerShell cmdlets

Recoverable
pool failure

Failover/failback
between two pools with
or without Central
Management Store
(CMS).

Manual

PowerShell cmdlets

Auto

Not applicable

Manual

Topology Builder/PowerShell
cmdlets

Minor version upgrade


PSTN trunk
failure

Switch to a backup trunk

Unrecoverable
pool failure
(AB)

Failover AB; restore A


from B; failback BA

Manual

PowerShell cmdlets

Unrecoverable
pool failure
(ABC)

Failover AB; restore A


from B in C; failback
BC

Manual

Topology Builder; PowerShell


cmdlets

Director
Reverse
Proxy/Edge
Server cluster
failure

Repoint next hop

Manual

Topology Builder

Site failure

Lync 2013 pools:


failover/failback two
pools
Lync 2010 pools: backup
and restore

Manual

PowerShell cmdlets

Front-End Pool Pairing


Pool Pairing provides disaster recovery capabilities
for all workloads in Lync Server 2013. Previously, in
Lync Server 2010, you could configure Primary and
Backup Registrars, which provided resiliency for
the voice workload only.

With pool pairing, each site contains a front-end


pool, which is paired with a corresponding frontend pool in the other site. Both sites are active,
and the Lync Server Backup Service provides realtime data replication to keep the pools
synchronized. The Backup Service is a new feature
in Lync Server 2013, designed to support the
disaster recovery solution, and discussed in the upcoming slide. It is installed in a front-end pool when
you pair the pool with another front-end pool.

Planning for Pool Pairing


The following items must be considered when pairing pools:

MICROSOFT INTERNAL TEACH

Pairing is 1:1 and reciprocal:

MCT USE ONLY. STUDENT USE PROHIBITED

11-4 Disaster Recovery in Lync Server 2013

The same editions should be paired to each other (Enterprise pool to Enterprise pool, Standard
pool to Standard pool).

The same platforms should be paired to each other (Physical to Physical, and Virtual to Virtual).

There is no distance restriction between pools that are paired to each other. However, we recommend
that you keep paired pools within the same world region.

Each pool in a pair should be sized to handle the capacity of both pools combined, if one of the pools
fails.

Even though backup relationships between two front-end pools must be 1:1 and symmetrical, each
front-end pool can still also be the backup registrar for any number of Survivable Branch Appliances
(SBA) or Survivable Branch Servers (SBS), just as in Lync Server 2010. However, disaster recovery
support is not extended to these appliances. For example, if we have Pool1 and Pool2 paired, and
SBA1 is using Pool1 for its backup registrar, when Pool1 fails, and the administrator invokes failover to
Pool2, SBA1 will not be able to then use Pool2 for user services. The administrator must redefine the
relationship in Topology Builder for SBA1.

For pool failover and pool failback, the engineering target for recovery time objective (RTO) is 30
minutes. This is the time required for the failover to happen, after administrators have determined
there was a disaster and initiated the failover procedures. It does not include the time for
administrators to assess the situation and make a decision, nor does it include the time for users to
sign in again, after failover is complete.

For pool failover and pool failback, the engineering target for recovery point objective (RPO) is 30
minutes. This represents the time measure of data that may be lost because of the disaster, due to
replication latency of the Backup Service. For example, if a pool goes down at 10:00 A.M., and the
RPO is 30 minutes, data written to the pool between 9:30 A.M. and 10:00 A.M. might not have
replicated to the backup pool, and would be lost.

All RTO and RPO numbers assume two data centers within the same world region with high-speed,
low-latency transport between them.

The Central Management Store (CMS) will be protected with pool pairing, assuming the pool that is
paired is the CMS Master.

Deploying Pool Pairing


Pool pairing is configured by using Lync Server Topology Builder. Detailed instructions can be
found at:
http://go.microsoft.com/fwlink/p/?LinkId=275029

When a pool fails, the administrator must perform a pool failover manually, using Lync Management Shell
cmdlets. These are discussed in the Managing Disaster Recovery topic of this lesson.
During a pool failure, users will be in Resiliency Mode.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-5

Lync Backup Service

MICROSOFT INTERNAL TEACH

The Lync Server Backup Service provides real-time


data replication to keep the pools synchronized.
The animated slide shows the relationship
between two pools that are paired together.

When pools are paired together, the Lync


Backup Service is installed on all pool
members. Only one front-end in each pool is
active, selected by a random algorithm.

The default interval for synchronization is two


minutes, and can be changed by using the
Set-CsBackupServiceConfiguration cmdlet.

The Lync Backup Service contains multiple backup modules, including one for the Central
Management Store (CMS), file store, and user store. Each module interacts with the Lync Backup
Service to send data to the peer in the secondary site.

Configuring and Monitoring the Backup Service


You can use the following Lync Server Management Shell commands to configure and monitor the
Backup Service.
To see the Backup Service configuration, type the following command.
GetCsBackupServiceConfiguration

To set the Backup Service synchronization interval, type the following command.
Set-CsBackupServiceConfiguration SyncInterval interval

For example, the following command sets the interval to three minutes:
Set-CsBackupServiceConfiguration SyncInterval 00:03:00

Note: Although you can use this cmdlet to change the default synchronization interval for the
Backup Service, you should not do so unless it is absolutely necessary, because the sync interval has a
great impact on the Backup Service performance and the recovery point objective (RPO).
To get the Backup Service status for a particular pool, type the following command.
Get-CsBackupServiceStatus -PoolFqdn <pool FQDN>

Note: The Backup Service synchronization status is defined unidirectional from a pool (P1) to its
backup pool (P2). The synchronization status from P1 to P2 can be different than the one from P2 to P1.
For P1 to P2, Backup Service is in a steady state if all the changes made in P1 are completely
replicated over to P2 within the synchronization interval. It is in the final state if there are no more
changes to be synchronized from P1 to P2. Both states indicate a snapshot of the Backup Service at the
time the cmdlet is run. This does not imply that the state returned will stay as is afterward. In particular,
the final state will continue to hold only if P1 does not generate any changes after the cmdlet is run.
This is true in the case of failing P1 over to P2 after P1 is placed into the read-only mode as part of the
Invoke-CsPoolfailover execution logic.

To get information about the backup relationship for a particular pool, type the following command.
Get-CsPoolBackupRelationship -PoolFQDN <poolFQDN>

MICROSOFT INTERNAL TEACH

To force a Backup Service synchronization, type the following command.


Invoke-CsBackupServiceSync -PoolFqdn <poolFqdn> [-BackupModule
{All|PresenceFocus|DataConf|CMSMaster}]

Persistent Chat Stretched Pool


Stretched Pool Topologies
This pool can be stretched across two data centers
following these two topologies:

MCT USE ONLY. STUDENT USE PROHIBITED

11-6 Disaster Recovery in Lync Server 2013

Stretched Persistent Chat Server pool when


data centers are geo-located with high
bandwidth/low latency. In this case, there
would be four servers in each data center (for
a total of eight), and two servers would be
active in each data center (because you have
high bandwidth and low latency).

Stretched Persistent Chat Server pool when data centers are geo-located with low bandwidth/high
latency. In this case, there would be four servers in each data center (for a total of eight). However, all
four active servers would be in one data center only (because you have low bandwidth and high
latency).

Database Requirements
The following list shows the database requirements:

One dedicated database instance is located in the same physical data center in which the home front
end of the Persistent Chat Server service is located. This database will serve as the SQL Server mirror
for the primary Persistent Chat database. Optionally, designate an additional SQL Server to serve as
the mirroring witness, if you want an automated fail over to the mirror database.

One dedicated database instance is located in the other physical data center. This database will serve
as the SQL Server Log Shipping secondary database for the database in the primary data center.

One dedicated database instance serves as the SQL Server mirror for the secondary database.
Optionally, designate an additional SQL Server to serve as the mirroring witness. Both of these must
be located in the same physical data center as the secondary database.

If Persistent Chat Server compliance is enabled, an additional three dedicated database instances are
required. Their distribution is the same as those previously outlined for the Persistent Chat database.
While it is possible for the compliance database to share the same SQL Server instance as the
Persistent Chat database, we recommend stand-alone instances for high availability and disaster
recovery.

Data Replication

Data is replicated between the two SQL instances by using SQL Log Shipping. As a result, file share
locations will be required and designated for the SQL Server Log Shipping Transaction Logs. This share is
not defined as part of a File Store role in the topology.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-7

For more information about Log Shipping, see:


http://go.microsoft.com/fwlink/p/?LinkId=216765

MICROSOFT INTERNAL TEACH

Note: Do not use DFS shares for log shipping.

Deployment
Deployment of Persistent Chat in a stretched pool requires the following:

Creating a pool in Topology Builder, and designating specific Persistent Chat servers as Active versus
Passive.

Configure SQL Log Shipping between the primary SQL instance, and the secondary SQL instance (or
primary mirror and secondary database, if you use SQL mirroring).
For more information about setting up log shipping for the primary SQL database, see:
http://go.microsoft.com/fwlink/p/?LinkId=275030

For more information about setting up log shipping between the primary mirror and the log
shipping secondary database, see:
http://go.microsoft.com/fwlink/p/?LinkId=275031

Managing Disaster Recovery


Disaster recovery scenarios require that you
perform specific procedures.

Front-End Pool Failover


When performing a pool failover, the process must
be invoked manually by a system administrator.
The high level steps are as follows:
1.

Ensure you have a backup of the Central


Management Store.

Export-CsConfiguration FileName
c:\CsConfigurationFile.zip -Verbose
Export-CsLisConfiguration FileName
c:\CsLisConfigurationFile.zip Verbose

If the Central Management Store is not available, use the LocalStore option:

Export-CsConfiguration FileName c:\CsConfigurationFile.zip LocalStore -Verbose


Export-CsLisConfiguration FileName c:\CsLisConfigurationFile.zip LocalStore Verbose

2.

Locate the Central Management Server. If the pool that has failed owns the Central Management
Server, this must be failed over first.

Invoke-CsManagementServerFailover -WhatIf

3.

When failing over the Central Management Server, first determine if the pool that hosted the Central
Management Server was using database mirroring, and which back-end server is the principal.

MICROSOFT INTERNAL TEACH

Get-CsDatabaseMirrorState -DatabaseType CMS -PoolFqdn <Backup_Pool Fqdn>

4.

Use the Invoke-CsManagementServerFailover cmdlet to fail over CMS.

5.

Install the Central Management Store on the backup pool.

6.

Fail over the users from Pool1 to Pool2 by using the Invoke-CsPoolFailover cmdlet.

7.

If applicable, change the Edge Server to use the new next hop pool.
a.

In the same siteuse Topology Builder.

b.

In a different siteuse the following cmdlet.

Set-CsEdgeServer -Identity EdgeServer:<edge server FQDN> -Registrar


Registrar:<NextHopPoolFQDN>

Front-End Pool Failback


After the pool that experienced the disaster is back online, failback is performed by using the InvokeCsPoolFailback cmdlet.

Edge Pool Failover/Failback

MCT USE ONLY. STUDENT USE PROHIBITED

11-8 Disaster Recovery in Lync Server 2013

When the pool that services Federation fails, the Federation route must be changed. For Lync Federation,
this is performed in Topology Builder. For XMPP Federation, this is performed by using the following
cmdlet.
Set-CsSite Site2 -XmppExternalFederationRoute EdgeServer2.contoso.com

Restoring Conference Content

If the conference information stored in the file store of a front-end pool becomes unavailable, you must
restore this information so that users located in the pool retain their conference data. If the front-end
pool that lost conference data is paired with another front-end pool, you can use the Backup Service to
restore the data.
Assume that Pool1 is paired to Pool2, and Pool1 has lost conferencing data.
1.

You can use the Invoke-CsBackupServiceSync cmdlet to perform this task.

Invoke-CsBackupServiceSync -PoolFqdn <Pool2 FQDN> -BackupModule ConfServices.DataConf

2.

You can use the Get-CsBackupServiceStatus cmdlet to check the process status, typing the
following code.

Get-CsBackupServiceStatus -PoolFqdn <Pool2 FQDN> -BackupModule ConfServices.DataConf

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-9

Lesson 2

Tools for Backing Up and Restoring Lync Server 2013

MICROSOFT INTERNAL TEACH

This lesson covers the native Microsoft Windows and Lync Server 2013 tools that can be used to back
up and restore the critical data.

Lesson Objectives

Describe the Windows tools for backing up and restoring critical data.

Describe the Lync Server 2013 tools for backing up and restoring critical data.

Windows Tools for Backing Up and Restoring Data


Microsoft Windows PowerShellTM enables you to
manage Lync Server 2013 from the command line.
PowerShell includes a command-line environment,
product-specific commands, and a full scripting
language. Lync Server 2013s PowerShell module
includes approximately 730 product-specific
cmdlets that you can use to manage every aspect
of your deployment.
A complete list of cmdlets and their descriptions is
available directly from the command line. To
access the cmdlets, in Lync Server Management
Shell, from the command prompt, type the
following command.
Get-Help <cmdlet name> -Full

For example, to retrieve help from the command prompt on the New-CsVoicePolicy cmdlet, type the
following command.
Get-Help New-CsVoicePolicy -Full

Lync Server 2013 Tools for Backing Up and Restoring Data


Lync Server Management Shell
Lync Server Management Shell is a management
interface that is built on Windows PowerShell
command-line interface technology. It consists of
a rich set of Lync Server 2013 cmdlets that can be
used for management and administration of Lync
Server 2013. To run the Lync Server 2013 cmdlets,
open Lync Server Management Shell.

MCT USE ONLY. STUDENT USE PROHIBITED

11-10 Disaster Recovery in Lync Server 2013

MICROSOFT INTERNAL TEACH

Note: If you open a Windows PowerShell window, rather than the Lync Server Management Shell,
by default you will not be able to run the Lync Server 2013 cmdlets. To run the Lync Server 2013
cmdlets from within Windows PowerShell, first type the following at the Windows PowerShell command
prompt.
Import-Module Lync

The Lync Server Management Shell is automatically installed on every Lync Server 2013 Enterprise Edition
front-end server or Standard Edition server.

Response Group Export-Import Tool

Moving the Response Group configuration data from one pool to another and restoring it after a disaster
are uncommon but vital scenarios to ensure business continuity. Although Windows PowerShell provides
all of the pieces needed to perform these tasks, it still requires advanced scripting. The Response Group
Export-Import tool simplifies these scenarios.
Response Group Export-Import is a Windows PowerShell script that enhances the Lync Server
Management Shell by adding two additional cmdlets to export the complete Response Group
configuration from a given pool, and import this configuration to another (or the same) pool.

The Response Group Export-Import script populates the Lync Server Management Shell with the following
two new cmdlets:

Export-CsRgsConfiguration. This cmdlet outputs a ZIP archive that contains a dump of the Response
Group configuration for a given pool (passed as a parameter).

Import-CsRgsConfiguration. This cmdlet indicates success or failure when importing the Response
Group configuration that was generated by Export-CsRgsConfiguration to a specified pool (passed
as a parameter).

To prevent major outages in case of disaster, you should perform a daily backup of the Response Group
configuration. In case of a dramatic event that destroys all the Lync Server 2013 data, the administrator
can restore the full Response Group configuration as soon as the replacement servers are functional.

Topology Builder

Topology Builder facilitates the definition of a topology and its components, and it is essential for the
deployment of Lync Server 2013 servers. Topology Builder can use the XML topology file provided by the
Planning Tool to start the initial design of the topology, or the wizards in Topology Builder can be used to
design the deployment. Lync Server 2013 publishes the Topology Builder results to a Central
Management Store that is used to configure all Lync Server 2013 servers in the organization.
Topology Builder enables you to export your published topology to an XML file that can be used to
publish a new topology elsewhere.

Note: You cannot install Lync Server 2013 servers without using Topology Builder or the XML
output of the Topology Builder and manually publishing the information by using Lync Server
Management Shell.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-11

Lesson 3

Critical Lync Server 2013 Data to Back Up and Restore

MICROSOFT INTERNAL TEACH

This lesson discusses the data that must be backed up and then restored in Lync Server 2013.

Lesson Objectives

Backup and restore SQL Server databases.

Backup and restore RgsConfig.

Backup and restore Call Park Service (CPS) music-on-hold files.

SQL Server Databases to Back Up and Restore


To back up or restore the SQL Server databases,
use the SQL Server backup tools or a third-party
backup solution.
You should back up the following Lync-specific
SQL Server databases:

Xds. Maintains the configuration of the


current Lync Server 2013 topology as defined
and published by Topology Builder.

Lis. Location Information Service (LIS) data file.

Rtcxds. Persistent user data, such as access


control lists (ACLs), contacts, and scheduled
conferences.

RGSConfig. Lync Server Response Group service data file for the configuration of services.

LcsLog. The archiving database.

LcsCdr. Data store for the Call Detail Recording (CDR) process of the Monitoring server.

QoEMetrics database. Quality of Experience (QoE) data file stored from the Monitoring server.

Mgc. Persistent Chat data, which is the actual chat content posted in chat rooms.

Backing Up and Restoring RgsConfig


Response Group is an Enterprise Voice call
management feature. You must back up and
restore RgsConfig before changes are made, and
as a best practice for disaster preparedness. Lync
Server 2013 includes commands to manage
Response Groups natively. Previously, a script was
required to be run.

Backing Up RgsConfig
To back up Response Group configurations for a
pool, run the following command.

MCT USE ONLY. STUDENT USE PROHIBITED

11-12 Disaster Recovery in Lync Server 2013

Export-CsRgsConfiguration Source "service:ApplicationServer:<pool FQDN>" -FileName <path


and file name for backup>

MICROSOFT INTERNAL TEACH

For example, you type the following code to back up Response Group configurations.
Export-CsRgsConfiguration Source ApplicationServer:pool01.contoso.com FileName
C:\RgsConfiguration.zip

RgsConfig is backed up into the RgsConfiguration.zip file.

Restoring RgsConfig
To back up Response Group configurations for a pool, run the following command.
Import-CsRgsConfiguration -Destination "service:ApplicationServer:<pool FQDN>"
OverwriteOwner -FileName "<path and file name of the backed up file>"

For example, you type the following code to restore the Response Group configurations.

Import-CsRgsConfiguration -Destination "service:ApplicationServer:pool01.contoso.com"


OverwriteOwner -FileName "C:\RgsConfiguration.zip"

RgsConfig is now restored.

Backing Up and Restoring CPS Music Files


Backing Up CPS Music Files (Optional)
Custom music-on-hold or Call Park Service (CPS)
files are stored in the file system configured in the
Lync Server 2013 topology (Application server).
The location of the files may vary, but the files can
be located from the Lync Server Management
Shell by using the following command.
Get-CsService ApplicationServer

This command returns the various Application


servers in the Topology. Select
AppServerserviceID and then use it in the following command (Miami-ApplicationServer-1).
(Get-CsService ((Get-CsService ApplicationServer| ?{$_.ServiceId eq MiamiApplicationServer-1}).FileStore)).UncPath

This command returns the Universal Naming Convention (UNC) path of the Application server (\\miasql1\mcs) where the music-on-hold file is stored (\\mia-sql1\mcs\Miami-ApplicationServer1\AppServerFiles\CPS\CpsMoH.wma). Because this is a simple file, it can be backed up by using any
backup method.

Restoring CPS Music Files

Backed-up music-on-hold files can be restored by copying and pasting the files back into their original
location.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-13

Lesson 4

Critical Lync Server 2013 Data to Export and Import

MICROSOFT INTERNAL TEACH

This lesson discusses the data that must be exported and then imported in Lync Server 2013.

Lesson Objectives

Export and import Lync Server 2013 Config.

Export and import Location Information Server (LIS) Config.

Export and import user data.

Exporting and Importing Lync Server 2013 Config


Exporting Lync Server 2013 Config
Exporting Lync Server 2013 Config requires the
same process that is used when configuring an
Edge Server. The topology and the environmental
settings that is, Call Admission Control [CAC]
config, are stored in the exported file. The data
should be exported before performing any work
on the topology, or before a Lync Server 2013 role
server displays a problem.
You can use the following Lync Server
Management Shell export command to export the
file.
Export-CsConfiguration FileName <CMS backup file name>

Importing Lync Server 2013 Config

The Central Management Server configuration can be restored to a new RtcLocal database by using the
Lync Server Management Shell or the Deployment Wizard. To perform this procedure on a Lync Server
2013 server, either start the Lync Server 2013 Deployment Wizard, or the Lync Server Management Shell.

Using Lync Server Deployment Wizard


To use the Lync Server Deployment Wizard to import Lync Server 2013 Config:
1.

Install or update the Lync Server system.

2.

Install the local configuration store.

3.

Select the local file and then select the exported ZIP file.

Using the Lync Server Management Shell

To use Lync Server Management Shell to import Lync Server 2013 Config, type the following command
and then press Enter.
Import-CsConfiguration -FileName<CMS backup file name> -LocalStore

Exporting and Importing LIS Config

MICROSOFT INTERNAL TEACH

Exporting LIS Configuration


The Lync Server 2013 Location Information Server
(LIS) Configuration stores the locations defined
within the location service and their status,
whether they are validated or not.
The Lync Server Management Shell export
command is as follows.
Export-CsLisConfiguration FileName <LIS
backup file name>

Importing LIS Configuration

MCT USE ONLY. STUDENT USE PROHIBITED

11-14 Disaster Recovery in Lync Server 2013

The Location configuration may be restored into a LIS database by using Lync Server Management Shell.
This command can be run to restore changes made to the LIS configuration.
After any changes are made to the LIS configuration, ensure that you republish the settings by using
Lync Server Management Shell (Publish-CsLisConfiguration).
The Lync Server Management Shell import command is as follows.
Import-CsLisConfiguration FileName <LIS backup file name>

Exporting and Importing User Data


Exporting User Data
User data includes the user contacts, groups, and
access levels set by the user. Previous versions of
Lync and Office Communications Server used the
DbImpExp.exe command to export user datathis
command has been removed in Lync 2013.
Lync Server 2013 includes a native cmdlet for
exporting user data.
Export-CsUserData -PoolFqdn <Fqdn> FileName <String>.com\rtc

For example, you can type the following code to export user data.
Export-CsUserData -PoolFqdn "atl-cs-001.adatum.com" FileName
C:\Logs\ExportedUserData.zip"

Importing User Data


A users personal contact list, contact groups, and privacy relationships can be restored at any time by
using the Import-CsUserData cmdlet.
Type the following command to import user data.
Import-CsUserData -PoolFqdn <Fqdn> -FileName <String>

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-15

For example:

MICROSOFT INTERNAL TEACH

Import-CsUserData -PoolFqdn "atl-cs-001.adatum.com" FileName


"C:\Logs\ExportedUserData.zip"

Lesson 5

MICROSOFT INTERNAL TEACH

Designing Branch Site Resiliency

MCT USE ONLY. STUDENT USE PROHIBITED

11-16 Disaster Recovery in Lync Server 2013

In a Lync Server 2013 deployment, you can use many components to provide resiliency for the voice
infrastructure. When designing site resiliency, you will also need to plan the rerouting of incoming and
outgoing PSTN calls, in case of PSTN connectivity failures. You should know about site resiliency options,
rerouting inbound and outbound PSTN calls, and the guidelines for creating a resilient network design
and voice design. You will also become familiar with the best practices for designing site resiliency.

Lesson Objectives

Describe the site resiliency options.

Compare centralized PSTN access and distributed PSTN access.

Plan for rerouting inbound and outbound PSTN calls.

Describe the guidelines for creating a resilient network design.

Describe the guidelines for creating a resilient voice design.

Describe the best practices for designing site resiliency.

Reviewing Site Resiliency Options


In a Lync Server 2013 deployment, you can deploy
a number of components to provide resiliency for
the voice infrastructure in a site.

Survivable Branch Appliance (SBA)


This is a third-party device that consists of a server
running the Windows Server 2008 R2 operating
system, Lync Server 2013 Registrar, Mediation
Server software, and an IP-PSTN gateway in a
single appliance chassis. Using the built-in IP-PSTN
gateway or a SIP trunk to a telephone service
provider, the SBA can terminate PSTN calls.

For a smaller site, you can deploy a local SBA and designate the SBA as the backup registrar for users.
Under normal circumstances, the users register with a front-end server or pool in a central site. During a
WAN outage, users can use the SBA for registration. Using SBA for registration ensures availability of
limited local functionality, along with the ability to make and receive calls over the PSTN.

If there are between 500 and 1,000 users in a site, you can choose to use a Survivable Branch Server (SBS)
instead of an SBA. An SBS is basically an SBA, deployed on separate hardware. You can then connect the
SBS to a local gateway. By using more powerful hardware than what the SBA can provide, you can achieve
greater scalability.

SIP Trunking
The ability of Lync Server 2013 to use SIP trunks for PSTN connectivity helps provide resiliency in some
scenarios. By deploying redundant trunks in single locations or connecting multiple trunks in different
sites, you can route calls even if the primary connection is unavailable.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-17

Media Bypass

MICROSOFT INTERNAL TEACH

Media bypass enables clients to send media directly to the Mediation Server peer, which can improve
audio quality and reduce the bandwidth consumption on WAN links. Users in branch sites with PSTN
connectivity but no server infrastructure can benefit from this functionality. It ensures that the topology
uses WAN links efficiently.

Call Admission Control (CAC), Edge Servers, and PSTN Rerouting

Using CAC on bandwidth-constrained WAN links, Lync Server 2013 ensures that WAN bandwidth is
efficiently used. If a saturated WAN link causes CAC to deny a call, you can configure rerouting of denied
calls.
Consider a scenario where two sites have a dedicated multiprotocol label switching (MPLS) connection,
and the Lync Server Edge Servers in both locations connect to the Internet. You can configure CAC to
reroute calls across the Internet link if CAC denies the calls across the MPLS link. You need not use the
MPLS link; you divert the traffic between the Edge Servers. Similarly, you can reroute calls, which CAC
denies, because of a congested link or calls that cannot reach their gateway because of WAN outage,
through local PSTN connectivity.
You can use a number of different ways to accommodate various degrees of site resiliency in the Lync
Server 2013 infrastructure. Choose the resiliency methods based on the network layout of your
environment and the workloads that require resiliency.
Question: Do you consider an SBA sufficient for the resiliency requirements of a branch site?

Centralized PSTN Access vs. Distributed PSTN Access


You can deploy a combination of centralized and
distributed PSTN topologies in a Lync Server 2013
environment. Both options have their advantages
and disadvantages. Centralizing the PSTN
connectivity in your environment yields major
benefits. However, in some scenarios, you may
need to design for distributed PSTN access.

Centralized PSTN Access


Centralized PSTN access provides the following
advantages:

You use fewer hardware resources, such as


Mediation Servers and gateways, in comparison with a distributed design.

You provide easier PSTN resiliency or high availability in a few central sites.

You benefit from cost efficiency if branch sites are well-connected to a central site with PSTN
connectivity

Voice routing configuration is easier to design, build, and maintain.

You need not handle least-cost routing, because with centralized PSTN connectivity, the IP telephony
provider is normally responsible for this task.

Centralized PSTN access, however, has the following disadvantages:

It is highly dependent on reliability and availability of WAN connections.

It may require additional investment in WAN links to provide the needed availability.

Distributed PSTN Access

MICROSOFT INTERNAL TEACH

Distributed PSTN access provides the following advantages:

MCT USE ONLY. STUDENT USE PROHIBITED

11-18 Disaster Recovery in Lync Server 2013

You enjoy greater flexibility in the choice of PSTN connectivity for branch sites.

You can provide local PSTN connectivity for sites with poor WAN connections

You combine distributed PSTN access with central SIP trunking infrastructure greater flexibility.

Distributed PSTN access works easily with analog devices such as alarm systems and fax machines at
branch sites.

The disadvantages of distributed PSTN access are:

It requires more hardware such as Mediation Servers and gateways, compared to centralized PSTN
connectivity

It is more complex when designing voice routing configuration.

It involves higher administrative overhead (more PSTN providers and administrator-configured leastcost routing)

For some larger deployments, you may need to provide centralized PSTN access in some regions and use
a distributed model in other regions.
In most cases, similar to other design decisions in your Lync Server 2013 environment, network
infrastructure may govern your choices. The network infrastructure also dictates the possible
implementations.
Question: When should an organization choose to switch from a decentralized PSTN access
topology to a centralized access topology, or from a centralized access topology to a
decentralized PSTN access topology?

Planning for Rerouting Incoming and Outgoing PSTN Calls


When planning for resiliency and high availability
for Enterprise Voice, you must consider how to
handle the rerouting of incoming and outgoing
PSTN calls, in case of PSTN connectivity failures.

Rerouting of Incoming PSTN Calls


Rerouting incoming PSTN calls is more complex
than rerouting outgoing calls. You can successfully
reroute incoming PSTN calls if you identify the
capabilities available, the source of the problem
with incoming routing, and the PSTN connectivity
structure provided in the Lync Server 2013
environment.
When you plan for rerouting of incoming PSTN calls, you should consider the following:

If the SIP trunk provider is able to hand off calls to your Mediation Server, the provider may have
multiple Session Border Controllers (SBCs) for a given trunk. Each of these connects to individual
Mediation Servers.

The SIP trunk provider may route the call to a SIP trunk in some other site based on the connectivity
of redundant links to sites. Additionally, we recommend that the SIP trunk should use a dedicated
MPLS connection for connectivity to your environment.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-19

MICROSOFT INTERNAL TEACH

While using advanced gateways or IP-PBX with capabilities that can provide rerouting of incoming
calls, a popular failover method that you can adopt is to reroute incoming calls to mobile phones of
users.

While considering rerouting of inbound calls from the PSTN, all stakeholders must agree on an acceptable
definition of rerouting. For example, you can consider routing calls to cell phone numbers available to
users, if Lync Server 2013 Enterprise Voice is unavailable to fulfill the requirements. Otherwise, you must
plan for rerouting calls to alternative PSTN entry points in other Lync Server 2013 sites. If you require
rerouting of calls to alternative PSTN entry points, you will need to have the same telephony provider for
all the affected PSTN connection points. In any case, the ability to reroute incoming PSTN calls requires
some coordination with the chosen telephony provider.

Rerouting of Outgoing PSTN Calls

The process of rerouting outgoing PSTN calls is simpler than rerouting incoming PSTN calls. You need at
least two different PSTN connections in your environment to reroute outgoing PSTN calls. The process is
independent of the location of these connections. You can configure rerouting of outgoing PSTN calls by
adding more gateways to your voice routes. When you plan for rerouting of outgoing PSTN calls, you
should consider the following:

Ensure that the alternative PSTN gateways and their associated PSTN connections are scaled to
handle the additional call volume if the primary gateways are unavailable.

Ensure that the rerouting of outgoing PSTN calls through a gateway located in another country is not
accidental. Rerouting should be evaluated for both resiliency provided and potential costs.

Ensure that the rerouted calls meet the legal requirements for Voice over IP (VoIP) calling.

You can configure outgoing rerouting of PSTN calls within the Lync Server 2013 Control Panel after your
Enterprise Voice topology is deployed. The incoming rerouting will require configuration outside the Lync
Server 2013 environment.
Question: What are the usage scenarios where the ability of an advanced gateway or IP-PBX
to reroute inbound calls to mobile phones of users could be a viable option?

Guidelines for Creating a Resilient Network Design


When designing the Lync Server 2013 topology,
you must consider the available network
infrastructure to meet the business requirements
of the environment.
When evaluating the network design for a Lync
Server 2013 environment, consider the following
guidelines:

Use redundant WAN links between central


sites, or between branch sites and central sites,
if mandated by business requirements.

Consider the connectivity all the way from one


endpoint to another, encompassing all network hops in between, including redundant network
equipment at both ends of your individual links for true redundancy.

Consider the procedure to handle call rejection on a bandwidth-constrained WAN link when
employing CAC.

Use Lync Edge Servers because they can help provide alternative paths for access to services.

No network is more resilient than its weakest component.

Consider that a resilient distributed network is highly dependent on your WAN providers.

MCT USE ONLY. STUDENT USE PROHIBITED

11-20 Disaster Recovery in Lync Server 2013

MICROSOFT INTERNAL TEACH

The components of a resilient network design can vary from one organization to another. While designing
your Lync Server 2013 topology, you must consider the organizations requirements.
Question: What are the components of a resilient network design?

Guidelines for Creating a Resilient Voice Design


You should always be aware that the resilience of
your voice design will to a certain degree be
dependent on the network infrastructure.
However, a good voice design can help to
mitigate less-than-optimal conditions in the
enterprise network. To create a resilient voice
design, consider the following guidelines during
the design process:

If your Enterprise Voice is the primary


telephony solution, you should always provide
rerouting capabilities for inbound and
outbound PSTN calls.

Use the capabilities of your telephony service providers for resiliency and high availability of PSTN
connections.

Consider the available network infrastructure and deploy local PSTN connectivity to sites with nonresilient WAN connections, in the form of SBAs.

Consider telephony as a business-critical workload when deployed in production.


Question: Do you consider the use of mobile phones for telephony backup through gateway
routing to be a usable way to provide voice resiliency on its own?

Best Practices for Designing Site Resiliency


You can create a resilient Lync Server 2013 design
in different ways. The design of your topology is
governed by the following factors:

Network layout

User distribution in relation to sites

Site link availability, quality, and bandwidth


characteristics

Workloads required for users in each site

Specific organizational requirements for


resiliency

PSTN connectivity available

After assessing the characteristics and requirements for your deployment, you can determine the site
resiliency. You must gather the following information:

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 11-21

Workloads to be handled by each site

Sites that need some or all of their workloads available locally

Requirement for redundant WAN links

Options for PSTN rerouting

You should consider the following best practices for designing site resiliency:

Be aware that business requirements should form the basis of your site resiliency design.

Consider options for making WAN links redundant.

Be aware that the required workloads are more relevant than the number of users in a site.

Consider that Enterprise Voice is critical in a production environment.

Ensure that the network infrastructure is resilient.


Question: Which factor has the most impact on how a resilient site topology will look in
Lync Server 2013?

Lab: Configuring Disaster Recovery in Lync Server 2013

MICROSOFT INTERNAL TEACH

Scenario

MCT USE ONLY. STUDENT USE PROHIBITED

11-22 Disaster Recovery in Lync Server 2013

All Adatum unified communications have been migrated to the Microsoft Lync Server 2013
environment and company policy requires a Disaster Recovery plan for all critical systems. The Adatum
Infrastructure Architect has designed a solution; you must use this design and perform the necessary steps
to provide the ability to recover in the event of a disaster.

Lab Setup
Estimated Time: 50 minutes

LON-CL1 as Adatum\Adam,
with the password, Pa$$w0rd

RED-CL1 as Adatum\Alex,
with the password, Pa$$w0rd

Important We recommend that the steps in this and every lab be split between two students in your
class. The students can determine when to share tasks so that both students gain an understanding of the
concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do
tasks at the same time, you may overwrite each others work and possibly lose data.

Exercise 1: Configure Pool Pairing


Scenario
In this exercise, you will use Topology Builder to configure pool pairing between two existing pools.

Note: On all virtual machines, verify that all of the services set to start automatically have started.
Most notably, check the Exchange, Microsoft SQL Server and Lync Server 2013 services. To do so, click
Start, click Administrative Tools, and then click Services. In the Services console, verify that all services
that are set to Automatic start have started. If not, right-click the service, and then click Start.
The main tasks for this exercise are as follows:
1. Start the virtual machines.
2. Add the administrator account to RTCUniversalServerAdmins.
3. Configure pool pairing.
4. Publish the topology.
5. Update the Lync Server 2013 components.
6. Start the Lync Server 2013 services.
7. Invoke the Backup Services.

Task 1: Start the virtual machines.


Start the virtual machines

Task 2: Add the administrator account to RTCUniversalServerAdmins.


Add the administrator account to RTCUniversalServerAdmins

Task 3: Configure pool pairing.


Configure Pool Pairing

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-23

Task 4: Publish the topology.


Publish the Topology

Task 5: Update the Lync Server 2013 components.

MICROSOFT INTERNAL TEACH

Update the Lync Server 2013 Components.

Task 6: Start the Lync Server 2013 services.


Start the Lync Server 2013 services

Task 7: Invoke the Backup Services.


Invoke the Backup Services.

Results: After completing this exercise, you should have used Topology Builder to configure pool pairing
between two existing pools.

Exercise 2: Experiencing a Pool Failure or Outage


Scenario

In this exercise, you will simulate a pool failure by stopping the front-end service on the Redmond Pool
front-end server (RED-FE01). You will then invoke failover from the failed pool to the backup pool, to
restore services. You will start an online meeting with Adam Barr and Alex Darrow and then monitor the
status of the session as each step is performed. This will let you observe the behavior that will be
experienced by end-users.
The main tasks for this exercise are as follows:
1. Sign in as Adam Barr on LON-CL1.
2. Sign in as Alex Darrow on RED-CL1.
3. Start a Lync Online Meeting on LON-CL1 and join the meeting from RED-CL1.
4. Simulate a failure of the pool in the Redmond central site.
5. Observe client behavior.
6. Invoke failover to the backup pool.
7. Observe client behavior.
8. Resume services on the pool in the Redmond central site.
9. Invoke failback to the primary pool.
10. Observe client behavior.

Task 1: Sign in as Adam Barr on LON-CL1.


Sign in as Adam Barr on LON-CL1.

Task 2: Sign in as Alex Darrow on RED-CL1.


Sign in as Alex Darrow on RED-CL1.

Task 3: Start a Lync Online Meeting on LON-CL1 and join the meeting from RED-CL1.
Start a Lync Online Meeting on LON-CL1 and join from RED-CL1

Task 4: Simulate a failure of the pool in the Redmond central site.


Simulate a failure of the pool in the Redmond Central Site

Task 5: Observe client behavior.

MICROSOFT INTERNAL TEACH

Observe client behavior.

Task 6: Invoke failover to the backup pool.


Invoke failover to the backup pool

Task 7: Observe client behavior.


Observe client behavior.

Task 8: Resume services on the pool in the Redmond central site.


Resume services on the pool in the Redmond Central Site

Task 9: Invoke failback to the primary pool.


Invoke failback to the primary pool

Task 10: Observe client behavior.


Observe client behavior.

MCT USE ONLY. STUDENT USE PROHIBITED

11-24 Disaster Recovery in Lync Server 2013

Results: After completing this exercise, you will have observed client behavior during a pool failure. You
will have also used Lync Management Shell to invoke failover to the backup pool, to restore services for
the users on the failed pool.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 11-25

Module Review and Takeaways

MICROSOFT INTERNAL TEACH

Best Practice:

Implementing disaster recovery steps to fail over a pool can seem daunting, or you may wonder what
state the topology is in, after someone else has started the steps. This may also cause some confusion
on next steps. You should keep the following guidelines in mind to help you perform the correct steps.
First, determine where the Central Management Store is located. Does it need to be failed first, if it is in
the affected pool.
Get-CsManageStoreReplicationStatus -CentralManagementStoreStatus
If CMS is on Lync Server 2010 in a coexistence scenario, then the Lync Server 2010 failover procedures
prevail, otherwise if CMS is on a pool running Lync Server 2013, follow the product documentation
steps at http://go.microsoft.com/fwlink/?LinkId=282343
Has the pool been failed over by someone else? To determine this, you can use the following
command.
Get-CsRegistrarConfiguration
This cmdlet returns the state of Lync 2013 pools in the environment. The PoolState will either be Active
or FailedOver. When running cmdlets, include the -Verbose parameter to ensure that information
about the cmdlet execution, including eventual failure or success of the test and location of any logs or
reports generated by the cmdlet is displayed on the screen. To do this, you can use the following
cmdlet.
Get-CsPoolBackupRelationship -PoolFqdn
This cmdlet returns information about the backup pool associated with a Microsoft Lync Server 2013
pool.

Common Issues and Troubleshooting Tips


Common Issue

Troubleshooting Tip

Invoke-CsPoolFailOver, Invoke-CsPoolFailBack, or InvokeCsBackUpServiceSync or other related cmdlets fail to perform a


Windows Communication Foundation (WCF) call to back up the
service instance on the computer.

Review Question(s)
Question: By which method in Lync Server 2013 provides disaster recovery?
Question: When you configure and enable front-end pool pairing for disaster recovery, what
additional Lync service is installed?
Question: For pool failover and pool failback, the engineering target for recovery time
objective (RTO) is 30 minutes. What is the meaning of RTO?

Real-world Issues and Scenarios

Contoso has only three physical servers to dedicate to deploying Lync Server 2013. One will be the Lync
Edge Server. Contoso has sufficient SQL servers for back-ends and reverse proxy, in place, already for
other web services that can be utilized to publish Lync Server 2013 web services. They want only the best
high availability and disaster recovery solution with the two additional physical servers? What should they
do?
Answer:
They should deploy two Standard Edition pools with a paired backup relationship.

MCT USE ONLY. STUDENT USE PROHIBITED

11-26 Disaster Recovery in Lync Server 2013

Contoso has deployed the two Standard Edition pools with a paired backup relationship and now want to
understand the Lync Backup Service.

MICROSOFT INTERNAL TEACH

1.

The Lync Backup service synchronizes user data and conference content between paired Enterprise
Pools or Standard Edition servers. The synchronization cycle occurs every two minutes (by default).
Changes are exported in batches to ZIP files in the Backup pool. Source pool signals the Backup pool
to import the changes. When changes have been imported, The ZIP file is removed and a cookie is
returned to the Source pool.

At the beginning of the next synchronization cycle, the Source pool uses the cookie as a starting point for
exporting the changes to the Backup pool. Additionally, when the Backup-CsPool or InvokeCsPoolFailover cmdlets are run, they trigger the Backup Service to check for changes and send them to
the paired pool. The same process is simultaneously running to replicate the changes from the Backup
Pool to the Source Pool. Replication of UserServices.PresenceFocus and ConfServices.DataConf modules is
bi-directional between pools. Replication of CentralMgmt.CMSMaster module is one-way only (Active ->
Passive).
2.

The Backup Service Modules are:


a.
b.
c.

3.

UserServices.PresenceFocus (User Data)


ConfServices.DataConf (Conferencing Data)
CentralMgmt.CMSMaster (Central Management Data)

Get-CsBackupServiceStatus returns the following results:

ActiveMachineFqdn

: L2013FE01.contoso.com

OverallExportStatus

: ErrorState

OverallImportStatus

: NormalState

BackupModules : {UserServices.PresenceFocus:[ErrorState,NormalState],
ConfServices.DataConf:[FinalState,NormalState]}

Understanding State Descriptions


The table below describes the various export state.
Export Status

Description

FinalState

All changes have been successfully exported from the Source pool and
successfully imported to the Backup pool.

SteadyState

The Backup module in the Source pool is able to export all changes to the
Backup pool in a single batch.

NonSteadyState

The Backup module in the Source pool is not able to export all changes to
the Backup pool in a single batch (too many changes result in a backlog).

ErrorState

The Backup module in the Source pool is unable to export the changes to
the Backup pool because of failure.

Import Status

Description

NormalState

The import operation is working well.

ErrorState

The Backup service failed to import the new changes.

MCT USE ONLY. STUDENT USE PROHIBITED


12-1

MICROSOFT INTERNAL TEACH

Module12
Planning a Migration to Lync Server 2013
Contents:
Module Overview

12-1

Lesson 1: Overview of Coexistence and Migration

12-2

Lesson 2: Migration Steps

12-10

Lesson 3: Planning for Clients and Devices

12-20

Lesson 4: Designing a Client Migration and Device Migration Strategy

12-31

Lab: Planning a Migration to Lync Server 2013 (Paper-based)

12-37

Module Review and Takeaways

12-39

Module Overview
The process of migration requires that you know about coexistence and migration in Microsoft Lync
Server 2013. You should be able to design the infrastructure migration strategy and the migration
strategy for Lync Server 2013 clients and devices.

Objectives

Describe the migration process.

Describe migration and coexistence topologies.

Plan for device support and device requirements.

Design a software deployment strategy.

Lesson 1

MICROSOFT INTERNAL TEACH

Overview of Coexistence and Migration


In Microsoft Lync Server 2013, migration refers to migrating users and devices. Before successfully
migrating to Lync Server 2013, you need to plan the migration approach and the voice migration
strategies. You also need to ensure that the prerequisites for the existing infrastructure are fulfilled.

Lesson Objectives

Describe the migration concept.

Describe the approach to migration.

Describe the pre-requisites for the existing infrastructure.

Describe the migration of services.

Overview of Migration
Lync Server 2013 migration refers to migrating
users and devices, but not upgrading them. This is
because, with each product release, a product
evolves from its earlier version and there are major
changes. For example, from Microsoft Office
Communications Server 2007 to Office
Communications Server 2007 R2, the product
changed from a 32-bit product to a 64-bit
product. More changes occurred from Office
Communications Server 2007 R2 to Lync Server
2013, where the management architecture was
redesigned extensively.

MCT USE ONLY. STUDENT USE PROHIBITED

12-2 Planning a Migration to Lync Server 2013

While some organizations find migration a challenge because they find it difficult to upgrade a server
from one major version to another, other organizations perceive it to be easier. There are many benefits
of migration over upgrading, because the former involves a clean installation, and there is no remaining
data from earlier versions. In migration, the hardware platform can evolve to a virtualized environment,
where provisioning new servers is not considered a major issue.

Lync Server 2013 migration may also involve migrating from an existing voice infrastructure to Lync Server
2013. Although, the approach here is to migrate users and direct inward dialing (DID), you need to design
a device strategy. This strategy might involve tasks such as:

Providing end-users with headsets.

Ensuring that users receive Universal Serial Bus (USB) handsets.

Determining the need of new IP phones for them.

Examining whether the existing devices can be re-used by using support for these from Lync Server
2013 and gateway vendors.

Some other migration tasks that are more complex may have dependencies on existing infrastructure
components. An example is Domain Name System (DNS) load balancing that is not compatible with
earlier version endpoints, be it devices, phones, or other servers. Another example is a situation where
Office Communications Server 2007 R1 or Office Communications Server 2007 R2 co-exist with private
branch exchange (PBX) that is already implemented in some form. For Remote Call Control (RCC)

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-3

gateways from vendors, it is possible that a certain gateway version only supports Office Communications
Server R1, but not Office Communications Server R2. Also, some gateway versions support Office
Communications Server R2, but not Office Communications Server R1, thus complicating the migration
procedure.

MICROSOFT INTERNAL TEACH

Terms

Migration. Refers to moving your production deployment from a previous version of Lync Server 2010 to
Lync Server 2013.
Upgrade. Refers to installing a newer version of software on a server or client computer.

Coexistence. Is the temporary environment that exists during migration when some functionality has been
migrated to Lync Server 2013 and other functionality still remains on a prior version of Lync Server 2010
Interoperability. Is the ability of your deployment to operate successfully during the period of coexistence.
Question: What are the benefits of a migration approach versus an upgrade approach, and
vice versa?

Migration Approach

In nearly every migration, you should use the sideby-side migration path. In a side-by-side
migration, you deploy a new server with Lync
Server 2013, alongside a corresponding server that
is running Lync Server 2010, and then transfer
operations to the new server. If it becomes
necessary to roll back to Lync Server 2010, you
only have to shift operations back to the original
servers. Be aware that in this situation any new
meetings scheduled with upgraded clients will not
work, and the clients would also need to be
downgraded. In this approach, you build a full
Lync Server 2013 environment running side-by-side with an Office Communications Server 2007 R2/Lync
2010 environment. This approach is different from Office Communications Server R2, where you migrate
inside outfront-end servers, and then Edge Servers.

The new approach emphasizes on continuity of service. The approach also advocates running a pilot first,
and then moving to production. This would build your confidence to move from an end-user-experience
perspective to an administrator-perspective. Developing confidence is important because you need
people to be confident and provide good feedback as you migrate and roll out the Lync Server 2013
solution.
The other benefit of this approach is that it minimizes the impact of change. For example, if you are
running a trial to migrate the users, the impact will be minimal when compared with the outside-in or
inside-out approach. One of the features of this approach is the flexibility of speed and scaling to meet
the specific migration needs of your environment.

After you have deployed Lync Server 2013 in parallel with Lync Server 2010, the deployment represents a
coexistence testing state of Lync Server 2013 and Lync Server 2010. While in this state, you must test and
ensure that services are started, that each site can be administered, and clients can communicate with
current and legacy users. Prior to the migration of all users, you must understand the state of each
deployment and ensure that each deployment is functional and working properly. Typically, the
coexistence testing phase exists throughout the pilot testing of Lync Server 2013. Legacy users are moved

MCT USE ONLY. STUDENT USE PROHIBITED

12-4 Planning a Migration to Lync Server 2013

MICROSOFT INTERNAL TEACH

to Lync Server 2013 for a period of time to ensure that application compatibility, features, and functions
are working properly. After pilot testing, users and applications are moved to the production version of
Lync Server 2013, and the legacy pools and applications of Lync Server 2010 are retired.
Note: You must migrate the Edge Servers and Director servers in Lync Server 2013 in
parallel. This implies that they must be the same version. You should always check the
compatibility of Open Interoperability Program with Lync Server 2013.

You must thoroughly consider the design options because they have an impact on your migration plan.
Using the side-by-side approach, you can pilot each of your sites. If they are geographically, culturally, or
organizationally differentsuch as factory workers, office workers, and traveling sales forceyou can
avoid any unwanted experience during the pilot of each site. The approach allows speeding up the
migration process, if everything works smoothly and user feedback is good.
You must also note that user perception is the key to their evaluation of the migration process. A
challenging experience will affect their overall evaluation of the entire project, and Lync as a Unified
Communications platform.

Support Boundaries
Lync Server 2013 supports migration from either
of the following:

Microsoft Lync Server 2010

Microsoft Office Communications Server 2007


R2

Migration from an environment running both of


these previous versions is not supported.
Migration from earlier versions, such as Microsoft
Office Communications Server 2007 or Live
Communications Server 2005, is not supported. If
your previous deployment included Group Chat,
you must migrate it separately.

For details about the ability of Lync Server 2013 clients to coexist and interact with clients from earlier
versions of Lync Server and Office Communications Server, see Client Interoperability in Lync 2013, in
the Planning documentations.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-5

Pre-Requisites for Migration

MICROSOFT INTERNAL TEACH

In a Lync Server 2013 architecture planning


process, you must consider the pre-requisites that
need to be in place before migration.

Topology Requirements
Lync Server 2013 supported topologies have
changed, which may also affect your deployment.
The Archiving and Monitoring server roles have
been moved to the front-end servers. You must
evaluate your current topology against the new
capabilities of the Lync 2013. If your current
topology does not match up to the new planned
deployment, then you must change your
migration strategy.

Office Communications Server 2007 R2/Lync 2010 Server and Client Updates

To migrate from Office Communications Server 2007 R2 to Lync Server 2013, you require some minimum
security update levels. The following table specifies the update details.
Application

Update

URL

Office
Communicator 2007
R2

July 2010
Update
package

http://go.microsoft.com/fwlink/?LinkId=204763

Microsoft Office Live


Meeting 2007

July 2010
Update
package

http://go.microsoft.com/fwlink/?LinkId=204764

Microsoft Office Live


Meeting
Conferencing AddIn

July 2010
Update
package

http://go.microsoft.com/fwlink/?LinkId=204765

Office
Communications
Server 2007 R2

September
2010 Update
package

http://go.microsoft.com/fwlink/?LinkId=204766

Office
Communicator 2007
R2 Phone Edition

July 2010
Update
package

http://go.microsoft.com/fwlink/?LinkId=204767

Lync 2010

October
2012 Update
package

http://go.microsoft.com/fwlink/?LinkId=279692

Lync Server 2010

October
2012 Update
package

http://go.microsoft.com/fwlink/?LinkId=279693

Microsoft SQL Server

There are many components that require upgrades, such as SQL Server. You will face two issues while
using SQL Serverperformance and version compatibility.

MCT USE ONLY. STUDENT USE PROHIBITED

12-6 Planning a Migration to Lync Server 2013

You must identify dependencies in the planning and design phases to avoid challenging situations during
actual deployment. You can use the latest version of the Lync Server 2013 supportability guide to identify
dependencies and supported versions of software and hardware.

MICROSOFT INTERNAL TEACH

Telephony prerequisites

The dependencies and migration options can be more complex for telephony interoperability. You must
check for references in the Microsoft Unified Communications Open Interoperability Program website.
You can find a list of all qualified and supported IP PBXs, gateways, and Session Initiation Protocol (SIP)
trunk providers, including the minimum firmware or software required to support Lync Server 2013.

While designing and planning Lync Server 2013, identify and prepare your solution for interoperability.
Note that if an IP PBX is not interoperable with Lync Server 2013, you can usually achieve interoperability
by using a gateway qualified through the Microsoft Unified Communications Open Interoperability
Program.
Question: Does Lync Server 2013 support Edge topology?

Overview of Service Migration


In a Lync Server 2013 deployment, in addition to
the servers and users, you need to migrate
services. Such services may be company
developed, independent software vendor (ISV)
developed, or Microsoft developed applications.

Company ISV/developed applications


Such applications can be diverse. You must consult
the application developers or ISV to understand
their requirements and support of Lync Server
2010.

Microsoft Unified Communications Application Server

Unified Communications Application Services (UCAS) Enterprise Voice applications were added in the
Office Communications Server 2007 R2 release to provide key Enterprise Voice features. Examples of such
features are:

Dial-in conferencing (Conferencing Attendant and Conferencing Announcement Service)

Basic Automatic Call Distribution (Response Group Service)

Office Communications Server server-side functions to extend Enterprise Voice to cellular phones
(Outside Voice Control)

In a migration scenario, you need to migrate Response Groups and Conferencing Services.

Response Groups

The Response Group settings, such as agent groups, queues, and workflows that you create on Lync
Server 2010, can directly migrate to Lync Server 2013. When you migrate Response Group settings, all the
configuration settings, audio files, and contact objects are moved from the Office Communications
Servers 2007 R2 pool to the Lync Server 2013 pool. Lync Server 2013 handles all calls to migrated
response group phone numbers.

To migrate Response Group settings from Office Communications Server 2007 R2 to Lync Server 2013,
you need to run a migration cmdlet and then update the Uniform Resource Locator (URL) that users need,

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-7

MICROSOFT INTERNAL TEACH

to log on. Clients running on the legacy client versions can use the Lync Server 2013 Response Groups,
and they need to log on manually to the Response Group webpage if they are in a Formal Agent Group.
The Response Group tab in Communicator 2007 R2 will no longer function with the Lync Server 2013
Response Groups. This could be a reason to move clients that are in a Response Group to the Lync 2013
client with priority.

Dial-in Conferencing
During migration, you must plan the timing to move dial-in conferencing services from Office
Communications Server 2007 R2 to Lync Server 2013.

Dial-in access numbers migrate in a two-step process when migrating from Office Communications Server
2007R2. You need to run the Import-CsLegacyConfiguration cmdlet to migrate dial plans and other
dial-in access number settings. When you are ready to move the dial-in conferencing services to Lync
Server 2013, you run the Move-CsApplicationEndpoint cmdlet to migrate the contact objects.
Note: After running the Import-CsLegacyConfiguration cmdlet, the migrated dial-in
access numbers exist both in your Office Communications Server 2007 R2 pool and in the Lync
Server 2013 pool.

Exchange Server Unified Messaging

To migrate Auto Attendant and Subscriber Access contact objects to the new Lync Server 2013
deployment, you need to use the Get-CsExUmContact and Move-CsExUmContact cmdlets to move the
objects from the legacy Office Communications Server 2007 R2/Lync 2010 deployment to the new Lync
Server 2013 deployment. On Exchange Server, you then need to run the ExchUCUtil Windows PowerShell
script. You perform the following task by using the script:

Grant Lync Server permission to read Unified Messaging Active Directory Domain Services (AD DS)
objects.

Create Unified Messaging IP gateways.

Create Unified Messaging hunt groups.


Question: Can you directly migrate Response Groups from Office Communications Server
2007 R2 to Lync Server 2013?

Voice Routing Coexistence


There are three main points to consider:
1.

For outbound calls, the Home Server (where


the user account resides) and the Mediation
Server can mix and match versions, except
when Office Communications Server (OCS)
2007 R2 is the Home Server. In that case, the
Mediation Server must also be OCS 2007 R2
version.

2.

For inbound calls, the Mediation Server and


next hop server versions must match. This
means that you cannot have an OCS 2007 R2
Mediation Server with the next hop of Lync

MCT USE ONLY. STUDENT USE PROHIBITED

12-8 Planning a Migration to Lync Server 2013

2013. Keep this in mind when performing migrationsbecause you will not be able to decommission
the old OCS 2007 R2 pool as long as you have OCS 2007 R2 Mediation Servers deployed.

MICROSOFT INTERNAL TEACH

3.

SBAsthe new 2013 SBA cannot use a Lync 2010 Pool as a backup registrar. Lync 2010 SBA can use a
Lync 2013 pool.
Version Information used in the related slide:

15 = Lync Server 2013 (Wave 15)

14 = Lync Server 2010 (Wave 14)

13 = OCS 2007 R2 (Wave 13)

Migrating from Legacy Versions


You must consider two approaches for the legacy
versions:

From Lync Server 2010where Central


Management Store (CMS) is already
established, and the client is already
unified to a single Lync 2010 client.
From Office Communications Server
(OCS) 2007 R2where you have to
introduce CMS, and populate it with
relevant data from the OCS 2007 R2
environment

Migrating from Lync Server 2010

When migrating from Lync Server 2010, the process is more streamlined. Lync 2010 already uses the CMS
and Lync 2013 will simply use the existing CMS instance. CMS can be moved to a Lync 2013 instance.
Typically, this would be at the end of the migration from Lync 2010 to Lync 2013.
Users are migrated by using either Lync Control Panel or PowerShell (Move-CsUser).

Migrating from Office Communicator Server 2007 R2


For topologies, you can run the Merge Wizard from Topology Builder, which synchronizes the server
entries for both OCS 2007 R2 and Lync Server 2013 environments. The wizard will also import all
conferencing directories. If you want to run these steps from Lync Management Shell, you use the
following commands.
To import the topologyMerge-CsLegacyTopology and
To import conferencing directoriesImport-CsLegacyConferenceDirectory
Rerun these steps whenever you change your Legacy topology.

If you have applications from other third-party vendors or if you developed applications within your
environment by using the Unified Communications Managed API (UCMA), the merge will also move those
customer server entries for those applications, so that they can communicate between OCS 2007 R2 and
Lync Server 2013 servers. Another consideration is when you have applications from another third-party
vendor, you can reach out to those vendors prior to migration and investigate their plans about how they
are going to implement the integration with Lync Server 2013 during the coexistence period.
For configuration, run the following command.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-9

MICROSOFT INTERNAL TEACH

To import/move the configurationImport-CSLegacyConfiguration

It is important to know that the Move-CsLegacyUser cmdlet relies on information imported by ImportCsLegacyConfiguration. That means that, when running Move-CsLegacyUser, you might receive an
error message informing you that you must run Import-CsLegacyConfiguration before proceeding. If
that happens, you must re-run Import-CsLegacyConfiguration before you will be able to move the
Legacy user. The parameter, ReplaceExisting, instructs Import-CsLegacyConfiguration to overwrite any
previously imported policies or settings that have changed since the last time the cmdlet was run.
For migrating user accounts:
Users can be moved with Lync Server Control Panel. If you want to use Lync Management Shell
recommended if you move a large number of usersthe following cmdlets can be used.

Move-CSLegacyuser This is the preferred command for moving users from OCS 2007 R2 pools to Lync
Server 2013 pools.

Move-CSUser This is used to move users from a Lync Server 2013 pool back to an OCS 2007 R2 pool.
Again, there will be some data loss, which is to be expected because it is not a perfect scenario, but it is a
way of recovering if something happens on the Lync Server 2013 pool that your end-users do not expect.
There are also other move cmdlets that you can use.

Move-CSApplicationEndpoint This is the cmdlet that your vendors will run if they need to move the
application endpoints themselves, being the contact objects stored in Active Directory. The cmdlet is also
used, when moving dial-in conferencing numbers from OCS 2007 R2 to Lync.

Move-CSRgsConfiguration This is the cmdlet that you use to move the Response Groups from your OCS
2007 R2 environment to a Lync Server 2013 pool. (This is described later, , along with what Response
Group Service (RGS) interoperability capabilities will be available to you.)
Move-CsExUmContact You use this cmdlet to move your Exchange unified messaging contact objects
the subscriber access and the auto attendantfrom OCS 2007 R2 to Lync

Move-CsConferenceDirectory You use this cmdlet to move the conference directory from OCS 2007 R2
completely to Lync, and you need to do this before decommissioning your OCS 2007 R2 pool. If you fail
to move the directory before decommissioning your pool, dial-in conferences created on the old pool will
not work anymore. If the directory is moved while you still have active users on your OCS 2007 R2 pool, a
new conferencing directory will be created on the that pool.

Lesson 2

MICROSOFT INTERNAL TEACH

Migration Steps

MCT USE ONLY. STUDENT USE PROHIBITED

12-10 Planning a Migration to Lync Server 2013

To design a migration strategy for Lync Server 2013, you need to examine the migration strategy for sites
and servers, the process of migrating to Lync Server 2013, and how to deactivate and migrate from Office
Communications Server 2007 R2 to Lync Server 2013.

Lesson Objectives

Describe the migration steps.

Describe the migration and coexistence topologies.

Determine the process of migrating to Lync Server 2013 in stages 1-9.

Describe the additional considerations.

Deactivate Office Communications Server 2007 R2.

Determine the best practices for designing a migration strategy.

Discuss the best practices for pilot implementation.

Overview of Migration Steps


The expectation is that you need to start with a
plan, especially if you are a customer who is not
just running the front-end role. You will need to
consider which roles you are moving first, when to
get your gateways, when to have your applications
availableall of those factors deserve some well
thought out considerations up front.
Careful consideration is required to choose and
recruit pilot users. Pilot users are going to be the
people that you will trust to provide proper
feedback. In some cases, you will need to educate
them. However, after you get over that user
education, you should be able to determine that your plan is progressing as you expected.

Plan to pilot first and more than from a pool perspective. You should also include piloting the Edge Server
role in your plan.

Because you have the Edge Server and Director coupled, there are features that are specifically dependent
on Edge Server and Director. We recommend that you set up those servers so that you can see and
experience the full value of Lync Server 2013 within your pilot deployment. Keep in mind, though, that the
Director role in Lync Server 2013 is now an optional role.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-11

MICROSOFT INTERNAL TEACH

Defining a Site and Server Migration Strategy


The map on the slide not a typical environment, it
is a geographical map from a customer. The
customers organization is geo-located, and they
have primary sites, branch sites, and different IT
departments. These different IT departments have
different policies and different budgets. The
reason to start planning now is to ensure that all
aspects are sorted as early as possible. A number
of migrations get stuck because of policy
differences between geographies and IT
departments. So, planning early is ideal. Having
computers with the latest updates applied will
ensure that interoperability will work.

Process of Migrating to Lync Server 2013Stage 1


Proper planning has to be done with respect to:

Migrating users.

Migrating Archiving and Monitoring Servers.

Migrating Group Chat servers.

Administering servers after migration.

Migrating multiple sites and pools.

Migrating XMPP federation.

Starting phase 2migration configuration.

A generally accepted best practice for migrations


is to create several test users and use them to conduct systems tests. After you have successfully moved
and tested those accounts, you should identify a group of pilot production users, move their accounts,
and then conduct validation tests on them. When you get satisfactory results, you can move the rest of
the users to the new deployment.

If you deployed Archiving Server and Monitoring Server in your Lync Server 2010 environment, you can
deploy these servers in your Lync Server 2013 environment after you migrate your front-end pools. If
archiving and monitoring functionalities are critical to your organization, you should add archiving and
monitoring to your Lync Server 2013 pilot pool before you migrate, so that the functionality is available
during the migration process.

If you deployed Group Chat Server in your legacy Lync Server 2010 environment, you must deploy Lync
Server 2013 Persistent Chat Server. Group Chat Server and Persistent Chat Server can coexist, but content
(for example, chat rooms) is not shared across these servers. To access the legacy Group Chat Server
content from Persistent Chat Server, you must migrate the Group Chat Server to Persistent Chat Server.
In general, you must use the administrative tool that corresponds to the server version that you want to
manage. You cannot install the Lync Server 2010 and the Lync Server 2013 administrative tools on the
same computer. Also, the Lync Server 2013 Control Panel is not installed automatically on each server.
Lync Server 2013 supports multisite and multi-pool deployments.

Process of Migrating to Lync Server 2013Stag 2

MICROSOFT INTERNAL TEACH

Before you begin the actual migration, you need


to:
1.

Deploy the most recent updates for the legacy


environment.

2.

Back up the legacy environment.

3.

Complete the Active Directory, Forest, and


Domain preparation that are necessary for
migrating to Lync Server 2010.

Process of Migrating to Lync Server 2013Stage 3


The first step in your migration is to bring up your
first pool. This can be a small pool or Standard
Edition server that you are going to set up within
your pilot environment. For a pilot, you need not
have a high degree of service, but you can set up
components that are functional as you test and
plan for your migration. You can use this first pool
to run your cmdlets on, to perform the actual
migration.

MCT USE ONLY. STUDENT USE PROHIBITED

12-12 Planning a Migration to Lync Server 2013

After the preparation steps are complete, the


production pilot pool can be deployed. This pool
is deployed side-by-side with the existing Office
Communications Server 2007 R2 or Lync Server 2010 pool(s). During installation, references for the Lync
Server 2013 components will be written into Active Directory for legacy interoperability.
If the legacy environment is Office Communications Server (OCS), you will need to merge the topology
into Lync. Remember, to successfully perform this operation, you will need the Windows Management
Instrumentation (WMI) Backward Compatibility software installed on the Lync Server 13 preview pool.
At this stage, Lync Server 2013 can use the existing legacy topology for routing. This includes external
remote access and federation (through the legacy Edge/Director shown), including legacy voice
components (such as legacy Mediation Servers).

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-13

MICROSOFT INTERNAL TEACH

Process of Migrating to Lync Server 2013Stage 4


You can move a single user or groups of users to
your new Microsoft Lync Server 2013 deployment
by using the following two methods: Lync Server
Control Panel and Lync Server Management Shell.
In this stage, tasks that are outlined must be
complete during pilot deployment, and prior to
moving your deployment of Lync Server 2013
from a pilot deployment to a production-level
deployment
As mentioned earlier, before migrating users
(especially from Office Communications Server
2007 R2), ensure that the configuration items have
been successfully migrated over. (Merge-CsLegacyTopology, and so on)

The goal in this phase is to test users located in the new Lync Server 2013 pool with both the new client,
and with the legacy clients. Ensure that you point out legacy client limitations against the new pool, but
do not go into detail. Additional details are discussed in the client interoperability section, later.

Functional tests should be carried out on the newly deployed pool, to ensure the pool has been properly
deployed. Additionally, interoperability tests should be performed, to ensure users in the legacy pools can
properly interact with users in the new Lync Server 2013 pool.

Process of Migrating to Lync Server 2013Stage 5


In this stage, you need to add a Lync Server 2013
Edge Server to the pilot pool deployment.
The Edge Server and Director components are
deployed together. In Lync Server 2013, the
Director role is now considered an optional role.

The role of the Director server in the Lync Server


2013 topology has not changed, compared to
Lync Server 2010. It still hosts web services, preauthenticates incoming user requests, and directs
external users to their home pool. Changing the
Director from a recommended role to an optional
role does not diminish the value of the Director,
but emphasizes reducing server count and other hardware requirements (for example, hardware load
balancers for the Director) without compromising the features and functionality. Because the front-end
servers can do the same job as the Director with no impact to services provided, you can optionally
deploy Directors, if you want to. You can safely exclude the Director with confidence that the front-end
servers will provide the same services in their place.

Remote Access. To ensure that the users in Lync Server 2013 pools use the Lync 2013 Edge Server for
signaling, you will need to configure the clients to connect manually. Automatic configuration is
controlled through the SRV record in DNS, and you cannot use DNS to direct clients to specific Edge
Servers based on the client version. From a Media Relay Authentication Service (MRAS) perspective, the
Lync Server 2013 pool can utilize the legacy Edge deployment, or the pool can be configured to use the
new Lync 2013 Edge Server.

MCT USE ONLY. STUDENT USE PROHIBITED

12-14 Planning a Migration to Lync Server 2013

Federation. This continues to use the legacy federation route (either Office Communications Server 2007
R2 or Lync 2010).

MICROSOFT INTERNAL TEACH

Process of Migrating to Lync Server 2013Stage 6


Finally, bring up your latest pool to support
migrating the rest of your users from your
environment. Before you get to this point, you are
probably going to want to have one more
checkpoint with your trial users. By the time you
get to this point, the IT department may be doing
this through multiple sites, and through multiple
data centers.

Process of Migrating to Lync Server 2013Stage 7


Once your latest Pool is up, at this stage, you will
want to begin moving the rest of your users.
Before you get to this point, you are going to
want to have one more checkpoint with your trial
users regarding what we know that has been a fire
and what we know that has been an issue. By the
time you get to this point, the IT department are
going to be doing this through multiple sites,
through multiple data centers and will need to
have a good sense for what it takes to get this
work done.

Process of Migrating to Lync Server 2013Stage 8


At this stage, if all you had was (1) Enterprise
Edition or (1) Standard Edition pool, you could
have stopped at stage 5. This stage is for the
bigger deployments that need to move out. You
have already done all the previous work.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-15

MICROSOFT INTERNAL TEACH

Process of Migrating to Lync Server 2013Stage 9


At this stage, the calls from remote users and the
federated calls can now be routed to the Lync
2013 Edge. After the legacy Edge is deactivated, it
is separated from the Active Directory Domain
Services.
At this stage, the hardware can be recovered by
uninstalling the legacy Edge software.
As a last step, merge the topology so as to remove
the legacy topology from Lync Server 2013
Content Management Store.

Additional Considerations
The preceding post-migrations tasks must be
completed to ensure that there are no issues with
the new setup.
Migrating dial-in access numbers from Lync Server
2010 to Lync Server 2013 requires running the
Move-CsApplicationEndpoint cmdlet to migrate
the contact objects. During the Lync Server 2010
and Lync Server 2013 coexistence period, dial-in
access numbers that you created in Lync Server
2013 behave similarly to the dial-in access
numbers that you create in Lync Server 2010.

You must finish migrating the dial-in access


numbers that point to a Lync Server 2010 pool before you decommission the Lync Server 2010 pool. If
you do not complete the migration of the dial-in access numbers as described in the following procedure,
incoming calls to the access numbers will fail.
In previous versions, you could modify the behavior of the meeting join page if you wanted to allow users
to join meetings with Office Communicator 2007 R2 or Lync 2010 Attendant. However, these settings
have been deprecated in Lync Server 2013and Lync Web App (with the media plug-in) is the preferred
client.
If your legacy deployment contained an Archiving Server or a Monitoring Server, after migrating to Lync
Server 2013, those servers can be removed from the legacy environment, provided all users have been
removed from any remaining legacy pools. You can remove the Archiving Server or Monitoring Server in
any sequence. The key requirement is that all users have been removed from any remaining legacy pools.
In a mixed environment, if you create a new trusted application server, you must set the next hop pool to
be a Lync Server 2013 pool. In a mixed environment, both the legacy Lync Server 2010 pool and the Lync
Server 2013 pool appear in the drop-down list. Selecting the legacy pool is not supported

MICROSOFT INTERNAL TEACH

Deactivating and Migrating Office Communications Server 2007 R2


After deploying Lync Server 2013, and migrating
all users and servers to Lync Server 2013, you need
to decommission your legacy environment,
thereby completing the migration to Lync Server
2013.
To ensure that Active Directory settings are
cleaned up when removing the Office
Communications Server 2007 R2 environment, you
need to perform the following procedure for
deactivation and removal:
1.

Deactivate server roles to remove associated


Active Directory objects.

2.

Remove Enterprise Pools (if using Enterprise Edition).

3.

Uninstall server components.

4.

Clean up file shares and databases.

MCT USE ONLY. STUDENT USE PROHIBITED

12-16 Planning a Migration to Lync Server 2013

Before you begin the decommissioning process, you should ensure that all users have been migrated to
Lync Server 2013. You can do this by using the Office Communications Server 2007 R2 Administration
Console. While decommissioning, the users should be located in the legacy environment.
In addition, you can use Lcscmd.exe to back up the user data in the RTC database before
decommissioning the Standard Edition front-end servers or Enterprise pools. After backing up the user
data, you need to check the output file to ensure that it contains the required data.

Deactivation of Server Roles


You need to adhere to the following specific sequence for deactivating the server roles:

If you are removing a Standard Edition server or one or all server roles in an Enterprise pool, remove the
Office Communications Server 2007 R2 components in the following sequence:
All Unified Communications applications:

Microsoft Office Communications Server 2007 R2, Conferencing Attendant

Microsoft Office Communications Server 2007 R2, Conferencing Announcement Service

Microsoft Office Communications Server 2007 R2, Response Group Service

Microsoft Office Communications Server 2007 R2, Outside Voice Control

Microsoft Office Communications Server 2007 R2, Application Host

Microsoft Office Communications Server 2007 R2, Application Sharing Server

Microsoft Office Communications Server 2007 R2, Audio/Video Conferencing Server

Microsoft Office Communications Server 2007 R2, Web Conferencing Server

Microsoft Office Communications Server 2007 R2, Web Components Server

In an Enterprise Edition deployment, Microsoft Office Communications Server 2007 R2, front-end
Server

In a Standard Edition deployment, Microsoft Office Communications Server 2007 R2, Standard Edition
server

Microsoft Office Communications Server 2007 R2, Core Components

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 12-17

Microsoft Office Communications Server 2007 R2, Unified Communications Managed API 2.0 Core
Redistribution package

Microsoft Office Communications Server 2007 R2, Unified Communications Managed API 2.0 Speech
Redistribution package

Microsoft Office Communications Server 2007 R2, Unified Communications Managed API 2.0
Windows Workflow Activities Redistribution package

If you are removing an Edge Server, a Mediation Server, an Archiving Server, or a Monitoring Server,
remove the Office Communications Server 2007 R2 components in the following sequence:
1.

Microsoft Office Communications Server 2007 R2, Edge Server

2.

Microsoft Office Communications Server 2007 R2, Mediation Server

3.

Microsoft Office Communications Server 2007 R2, Archiving Server

4.

Microsoft Office Communications Server 2007 R2, Monitoring Server

5.

Microsoft Office Communications Server 2007 R2, Core Components

6.

Microsoft Office Communications Server 2007 R2, Unified Communications Managed API 2.0 Core
Redistribution package

If you are removing only an A/V Conferencing Server or Web Conferencing Server, remove the Office
Communications Server 2007 R2 components in the following sequence:
1.

Microsoft Office Communications Server 2007 R2, Audio/Video Conferencing Server

2.

Microsoft Office Communications Server 2007 R2, Web Conferencing Server

After completing the deactivation of the server roles, you need to remove Office Communications Server
2007 R2 Enterprise pools that may be present in your environment. If you are only using Standard Edition
front-end servers, no further steps are needed for deactivation.

Enterprise pool removal


You can remove an Enterprise pool by using either the Office Communications Server 2007 R2
Administration Console or the lcscmd.exe command-line utility.

Uninstallation of server components and server clean-up

MCT USE ONLY. STUDENT USE PROHIBITED

12-18 Planning a Migration to Lync Server 2013

MICROSOFT INTERNAL TEACH

After all server roles have been deactivated, and any legacy Enterprise pools have been removed, you can
proceed to uninstall all Office Communications Server 2007 R2 components on the servers and remove
the installation binaries from the servers.

After uninstallation, you need to manually remove file shares used by Office Communications Server 2007
R2, and databases and log files for both Standard Edition front-end servers and Enterprise pools.
Note: Archiving and Monitoring server databases should not be deleted, unless stipulated
by organizational policy. Because you cannot transfer monitoring and archiving data from an
Office Communications Server 2007 R2 environment to the Lync Server 2013 monitoring and
archiving databases, you must retain the legacy databases if you need to access data from these
after a migration.

Based on the organizational requirements, you can re-set the legacy Office Communications Server 2007
R2 servers for other purposes.

Best Practices for Designing a Migration Strategy


Designing a successful migration strategy is the
key to the success of your project. The following
are the best practices for designing your migration
strategy:
Pilot user groups. These users will be Lync Server
2013 users with Lync Server 2013 software. As part
of the pilot, ensure that you understand the
scheduled Meeting Experience and how this
applies to your end-users in different scenarios, for
example, when users are migrated to Lync Server
2013, but not upgraded to Lync 2013.
Edge routing. Planning and designing the removal
of the federation route and the remote access routes are required to provide full functionality to your
clients, in terms of securing continuity of service during migration.
Firewall. You need to plan for some new firewall and load balancing ports.

DNS-based load balancing support. When designing a migration strategy, you need to consider a number
of legacy clients or components that do not support DNS load balancing, including Exchange Unified
Messaging, legacy pools, gateways, and legacy Office Communications.

Dual administration during coexistence. You should match the management tool that you used to the
version of the products you have deployed. In addition, keep in mind that you do not write back from
Lync Server 2010 to previous versions. For example, if you need to make a policy change, you might want
to do that from the legacy pool first, and have those changes propagated out to the Lync Server 2010
pool accordingly by using Windows PowerShell.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-19

MICROSOFT INTERNAL TEACH

Discussion: Best Practices for Pilot Implementation


Pilot implementation can be many things and
mean different things to different people. You
might have seen pilots from ten to thousands of
users, each having different objectives and goals.
As part of your planning process, you must decide
exactly what information and feedback you expect
to gain from end-users.
Question: How do you select pilot users?
Question: How do you get feedback from
users?
Question: How can helpdesk be used in a
pilot?

Lesson 3

MICROSOFT INTERNAL TEACH

Planning for Clients and Devices

MCT USE ONLY. STUDENT USE PROHIBITED

12-20 Planning a Migration to Lync Server 2013

During a Lync Server 2013 migration, the major transfer is related to clients and devices. The immediate
user interaction is with software clients and hardware devices. You must plan your migration to ensure a
smooth user experience. You should also examine related considerations while planning for client and
devices, such as device support and requirements.

Lesson Objectives

Assess detailed business requirements for clients and devices.

Describe the types of Lync Server 2013 clients and devices.

Describe coexistence options for clients.

Describe how to plan for client version policies for Communications Server 2007 R2 and Lync Server
2013 clients.

Plan for device support and device requirements.

Discussion: Assessing the Business Requirements for Clients and Devices


Based on the business requirements of clients and
devices, you must choose the migration strategy.
Ensure that you consider the workloads of the
organization to evaluate the migration options for
clients and devices.
Consider the following details when you assess the
business requirements of clients and devices for
migrating to Lync Server 2013:

Identify the types of clients, such as Microsoft


Office Communicator, Microsoft Office
Communicator Attendant, Phone Edition, and
analog devices currently in use within the
organization.

Evaluate the functionality that the current clients and devices use.
This is primarily relevant for software clients.

If the organization has deployed multiple Microsoft Office Communication Server 2007 or Microsoft
Office Communication Server 2007 R2 pools, examine the client and device usage in each individual
pool.

Assess whether the features in use have deprecated or been replaced in Lync Server 2013.

While migrating to a Lync Server 2013 environment, the current usage patterns and the need to maintain
them governs the business requirements of client and devices. Usually, the users transition to new clients
and hardware devices, which are updated or replaced as part of a migration. However, based on the
specific business requirements, certain groups of clients may need to retain software such as the Live
Meeting client during and after a migration.
Question: Discuss a scenario where users may need to retain the Live Meeting client on their
computers even after migrating to Lync Server 2010?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-21

MICROSOFT INTERNAL TEACH

Types of Lync Server 2013 Clients and Devices


From the server side, we support back to one
version (N-1) clients (Office Communications
Server 2007 R2 is interoperable for migration
purposes). Lync Web App (LWA) is available for
conferencing join, providing full A/V capabilities.
LWA does not provide stand-alone IM/P
capabilities at this time; however Exchange
2010/2013 OWA integration can provide this
feature.

The Lync 2013 client can sign in to the Lync Server


2010 pool, which would permit the customer to
upgrade the client to the Office 2013 suite prior to
upgrading the Lync Servers to Lync 2013. From a deployment perspective, the Lync 2013 client is part of
the Office 2013 suite, but can also be deployed separately.
Lync Server 2013 supports several types of client software. You can deploy Lync Server 2013 in your
organization for users, using computer installed with client software, web-based clients, and mobile
devices.

Legacy Clients

In addition to the new clients and devices introduced with Lync Server 2013, you can use certain clients
from previous versions of the software, for example, Lync 2010. The version you use determines the
features available to these clients. These clients will not receive up-level functionality, even if you use them
to connect to a Lync Server 2013 environment.

Analog Phones

Lync Server 2013 provides support for analog devices. The supported analog devices are analog audio
phones and analog fax machines. Analog devices can support other analog devices such as a pagers,
modems, or teletype/telecommunication devices for the deaf or hard of hearing (TTY/TDD), but that relies
on public switched telephone network (PSTN) gateway-specific support for the device.
You can configure the analog gateways and devices in your organization to use Lync Server 2013. This
enables the analog devices to use Lync Server 2013 to make and receive calls. Lync Server 2013 makes
routing decisions and logs calls in call detail records (CDRs) for analog devices, similar to the other
devices.

Coexistence Options for Clients


While migrating from a previous version to Lync
Server 2013, you must evaluate the functioning of
the deployed client software during and after the
migration.
The specifics of your environment may require the
hosting of users on both Lync Server 2013 and an
earlier version of the product, for example, Office
Communications Server 2007 R2. If you do not
deploy the Lync 2013 client software, clients may
still be using Office Communicator 2007 R2, even
after you migrate to Lync Server 2013.

MICROSOFT INTERNAL TEACH

Lync Server 2013 handles IM, Presence, audio/video calls, and conferencing in a single client.

MCT USE ONLY. STUDENT USE PROHIBITED

12-22 Planning a Migration to Lync Server 2013

As a best practice, prior to migrating users to Lync Server 2013, to enable earlier version clients to sign in
to Lync Server 2013, apply the latest cumulative updates for Office Communications Server 2007 R2,
depending on the client in your environment. While migrating users to Lync Server 2013, the primary
consideration is the handling of meetings. Because Lync Server 2013 handles meetings differently, you
must evaluate the effect it has on users, and the client software that they can use to attend meetings in a
migration scenario.

Changes to Online Meetings in Lync Server 2013


Previous versions of Lync Server 2010 support two types of meetings:

Conference calls (Lync 2010 client, conf:// URL prefix)

Web conferences (Live Meeting client, meet:// URL prefix)when migrated from OCS 2007/R2

In Lync Server 2013, all newly scheduled meetings use Lync 2013 as the primary client, and have a URL
prefix of https://. During migration, Lync Server 2013 fully supports earlier meeting types:

Previously scheduled Lync meetings from Lync 2010 move to the new pool. However, if migrating
from OCS 2007 R2, Live Meetings will not be migrated, and must be manually rescheduled.

Users, who have migrated to the Lync Server 2013 server but are using the Lync 2010 client, can
modify and create previous Lync online meetings.

Default Lync Server 2013 Meeting Options

In earlier versions of Lync Server 2010, anonymous users could attend meetings by default. In Lync Server
2013, the default meeting access is set to My Company. When anonymous users and participants use
dial-in conferencing, and if the authentication fails, the calls are transferred to the lobby. Presenters can
admit these users to the meeting.

Lync Server 2013 Meeting Clients

You can join meetings scheduled through the Online Meeting Add-in for Lync Server 2013 by using the
following clients:

Lync 2013

Lync Web App

You cannot join meetings scheduled through the Online Meeting Add-in for Lync Server 2013, by using
the following clients:

Communicator Web Access

Microsoft Office Live Meeting 2007

Office Communicator 2007 R2

Users, who do not have Lync 2013 installed, can use the Lync Web App with the A/V plug-in.

Migrating Existing Meetings and Meeting Content

When you move a user account from Office Communications Server 2007 R2 to a Lync Server 2013 server,
the following information moves along with the user account:

The personal identification number (PIN) of the user. The current PIN works until expiry or until the
user requests a new PIN.

The following information does not move to the new server:

Meeting content. After migration, meeting organizers must reload content into their scheduled
meetings.

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT INTERNAL TEACH

Core Solutions of Microsoft Lync Server 2013 12-23

When you first use the Online Meeting Add-in for Lync Server 2013 to schedule new meetings, a new
default conference identifier is created. The HTTP address and the conference ID, which is re-used for all
scheduled meetings, create the default conference identifier. This can be an issue for organizers, who
memorize their conference identifier and share it with others. If for any reason an organizer wants to
change his or her default conference ID, he or she can do so through the dial-in webpage (accessed
through the simple URL, for example, https://dialin.adatum.com/.)
Most meeting attendees join by clicking the join link in the new meeting invitation. However, previously
scheduled Office Communications Server 2007 R2 Live Meetings will no longer work.

User Experience During MigrationBefore Installing Lync 2013

After you migrate a user to the Lync Server 2013, and before installing new clients, care must be taken
when using older client versions. The Lync 2010 client will retain all functionality when used against a Lync
Server 2013 pool (but will not be able to take advantage of any of the new Lync Server 2013 features). The
Office Communications Server 2007 R2 client, however, is interoperable with Lync Server 2013 for Instant
Messaging and Presence, but not for conferencing

User Experience During MigrationAfter Installing Lync 2013


When a migrated user installs Lync 2013, the Online Meeting Add-in for Lync 2013 is automatically
installed. The following are the effects of this installation:

All subsequently scheduled meetings use the new meeting format, which uses an https:// address.

In an IT-managed deployment of Lync Server 2013, the administrator can uninstall the Conferencing
Add-in for Office Outlook that schedules Live Meeting server and service-based meetings. However,
there may be users who need to continue to schedule Live Meeting service meetings. In this case, the
administrator can allow both add-ins to coexist.

Meetings with Federated Organizations that Use Previous Clients

Users in federated organizations who are using Office Communicator 2007 or Office Communicator 2005
clients cannot join Lync Server 2013 meetings in your organization if the organizer locks those meetings.
You must reschedule these meetings in Lync Server 2013 to enable federated participants, who join the
meeting by using the new https:// meeting URL, to use Lync 2013 or Lync Web App.

Lync Server 2013 Compatibility with Meetings on Earlier Versions of Office


Communications Server
Users who have Lync 2013 installed can attend meetings hosted on earlier versions of Office
Communications Server, under the following considerations:

To attend Live Meeting web conferences, Lync 2013 users must install the Live Meeting client. The
instructions for installing the Live Meeting client are provided in the invitation email.

Configuring the Meeting Join webpage

To control the clients available for joining scheduled Lync Server 2013 meetings, you can configure the
meeting join page. When a user accesses a meeting link, the meeting join page identifies the client on the
computer. On detecting the installation of the client, the default client opens and joins the meeting. If a
client is not installed, the meeting join page displays options for joining the meeting with alternate clients.
The meeting join page defaults to the Lync Web App option. In addition to this option, you can opt to
show links for Lync 2010 Attendee or a previous version of Communicator. The scenarios are as follows:

If no Lync Server 2013 client is installed, the meeting join webpage displays the following options to
the users:
o

Use Lync Web App.

MICROSOFT INTERNAL TEACH

Use a previous version of Lync.

MCT USE ONLY. STUDENT USE PROHIBITED

12-24 Planning a Migration to Lync Server 2013

For the scenario in which Lync 2013 is not installed, you can configure the meeting join by using the
New-CsWebServiceConfiguration or Set-CsWebServiceConfiguration Windows PowerShell cmdlets
with the ShowDownloadCommunicatorAttendeeLink and ShowJoinUsingLegacyClientLink
parameters. In Lync Server 2013, however, these options have been deprecated, and Lync Web App
should be the primary client used for meeting joins.

Planning for Client Version Policies


You can use client version policies to define a set
of rules that specify the client versions that your
Lync Server 2013 environment supports. When
two different versions of clients interact, the
features that are available to either client are
limited by the capabilities of the other released
client. By using client version policies, you can
ensure that the required client versions and
updates are used in your Lync Server 2013
environment.

Using Client Version Policy to Specify


Supported and Restricted Versions

You can create client version policies to explicitly specify the supported or restricted client versions. When
a client logs on or is invited to a session, the client version policy determines the client version by
checking the SIP User Agent header. Depending on the client version and the rules that you have
configured, you can use one of the following options by using the client version policy:

Allow. Allows the client to log on to the pool.

Allow and Upgrade. Allows the client to log on and receive updates from Windows Server Update
Service or Microsoft Update. This option is available only when user agent OC is selected. Selecting
this option causes a notification to appear the next time users sign in to Lync 2013. The notification
states that an update is available, even if updates have not yet been released to Windows Server
Update Service or Microsoft Update. To avoid confusion, you should choose this action only after
updates become available.

Allow with URL. Allows the client to log on and provides a message to the user that indicates that the
user can upgrade their client. The message contains the URL that you specify, and the user can click
the URL to access the page to upgrade their client.

Block. Prevents the client from logging on to the pool.

Block and Upgrade. Prevents the Lync 2013 clients from logging on, but allows them to receive
updates from Windows Server Update Service or Microsoft Update. This option is available only for
Lync Server 2013, and where User Agent is OC.

Block with URL. Prevents the client from logging on, and presents a message to the user that indicates
that the user is using a client that is not supported. The message comes with the URL that you specify,
and the user can click the URL to access the page represented.

Client Version Check


You can use the Client Version Check to restrict the client versions that your Lync Server 2013
environment can use. By doing so, you can solve most incompatibility and performance problems that
might be caused, for example, by versions of client software where the latest updates have not been

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-25

MICROSOFT INTERNAL TEACH

installed. Each pool maintains a client version control list that you can configure. The client version list
contains the rules that specify the client versions that you want to filter and the appropriate action for
each client version. The following are the major features of Client Version Check:

Can act according to client version number.

Can also act according to a client version that is less than or equal to, or greater than or equal to the
version number that you specify.

Includes a configuration option that specifies the default actions for clients. These actions are not
included in the client version control list.

Specifies the way in which clients are handled during logon.

The Client Version Check provides options for configuring the following.

User Agent Header. Is the name of the agent for the client version.
Client Name

User Agent

Lync 2013, Lync 2010, Office


Communicator

OC

Lync Web App, Communicator Web Access

CWA

Lync Phone Edition, Office Communicator


Phone

OCPhone

Communicator Phone Edition Platform

CPE

Unified Communications Platform

UCCP

Lync 2010 Attendee

AOC

Live Meeting Add-In

LiveMeetingAddins

Office Live Meeting

LMC

Windows Messenger

WM

Real-time Communications Client

RTC

Lync 2010 for iPad

iPadLync

Lync 2010 for iPhone

iPhoneLync

Lync 2010 for Windows Phone

WPLync

Lync 2010 for Nokia

NokiaLync

Lync 2010 for Android

AndroidLync

Mobility service

MoService

Identity. Specifies the scope within which you can apply the rule. If multiple rules with different scope
levels are triggered, you should apply the scope with the lowest level of granularity. For example, if a
service level rule states that the client should be blocked, but a user level rule states that the client
should be allowed, the client will be allowed because the user level rule is the most granular.

MCT USE ONLY. STUDENT USE PROHIBITED

12-26 Planning a Migration to Lync Server 2013

MICROSOFT INTERNAL TEACH

However, anonymous users are affected by global-level policies only because they are not associated
with a user, site, or service.

Client Version Number. Includes the major version number, the minor version number, the build
number, and the Quick Fix Engineering (QFE) number. The number is presented in the following
format: <major version>.<minor version>.<build number>.<QFE number>.

Matching Rules. Specify the comparison operations that you need to perform to identify the specific
version or range of versions of the client to which the filtering action is to apply.

Action to Take Based on Client Version. Within this, the available values are Allow, Block, Allow with
URL, Block with URL, Allow and Upgrade, and Block and Upgrade. To install a new client, local
administrator credentials are required.

Client Download URL. Is used only for the Block with URL and Allow with URL options.

Planning for Use of Client Version Policies

When planning the use of client version policies, start by looking at the client versions that are currently in
use, in the environment that you want to migrate to Lync Server 2013. There are several ways in which
you can determine the client versions that are currently in use:

Refer to the Client Version Summary in the Office Communications Server 2007 R2 administration
tools.

Refer to the Office Communications Server 2007 R2/Lync 2010 Monitoring Server reports.

Use the software inventory functionality in System Center Configuration Manager.

When you install Lync Server 2013, a default list of rules is also installed. You can customize the setup
rules for your deployment, edit an existing rule, or create a new rule. Also, if you do not want to block
earlier versions of the client, you will need to modify the default list.

The default client version policies for Lync Server 2013 will block any client version of Office
Communicator 2007. The client version policies for Lync Server 2013 will also block any Office
Communicator 2007 R2 client with a version equal to or lower than 3.5.6907.233. You need to relate these
requirements with those of your environment. However, we suggested that you deploy the latest
cumulative updates for all previous version clients before migrating users to Lync Server 2013. This
ensures a smoother user experience.
By determining the client versions that are currently in use, you can also uncover clients running very old
versions of Office Communications Server client software in your environment. If you identify such clients,
you need to bring these clients into compliance before starting a migration to Lync Server 2013.
When migrating your users to Lync Server 2013, you need to plan for deploying the new client software
to these users. Depending on the requirements of the organization, you can do this planning for selected
groups of users as they are migrated, or after completing the migration of all users. However, in both
cases, you can use client version policies to support your client software rollout.

After deploying Lync 2013 client software, you can build policies that disallow using the earlier versions of
clients outright, or direct these to download the links for updated client software. These policies are
especially useful for clients that are not managed, such as workstations that are not Active Directory
members, or may not be reachable by your normal software distribution framework, such as System
Center Configuration Manager.

When you complete the migration of all users to Lync Server 2013 and they start using Lync 2013 client
software, you need to adjust the client version policy to deny connections from all previous version clients.
This ensures that you do not risk a forgotten previous version client connecting to your environment and
potentially causing compatibility problems for the user.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-27

Question: Can you use client version policies to automatically update clients running specific
software versions?

MICROSOFT INTERNAL TEACH

Planning for Device Support and Device Requirements


Similar to the previous versions of Lync Server,
there are specific requirements that your
infrastructure should meet, to support the use of
Lync Server 2013 devices. In Lync Server 2013, the
term device refers to any Unified
Communications (UC) device such as a headset
and webcam. The primary UC device that is
discussed in this lesson is the phone. Phones that
run Lync 2013 Phone Edition offer the following
features:

Allow users to interact with the


communication and collaboration features of
Lync Server 2013

Provide basic and advanced phone features, including new voice features such as Enhanced 9-1-1
(E9-1-1) and the Call Park application

Provide voice connections to Lync Server 2013 and Live Meeting Sessions (hosted on a Live Meeting
Service, or older Office Communications Server 2007 R2 pool only)

Can access contacts, conversation history, and calendar information stored in Microsoft Exchange
email

Lync Server 2013 supports IP and USB phone devices. Lync Server 2013 also supports analog devices, but
they are not connected directly to Lync Server 2013. Analog devices are connected through supported IPPSTN gateways with analog ports.
There are three basic types of Lync Server phone devices:

Desk Phones. Are handset IP or USB devices that employees use at their desks. They are also known as
information workers or worker phones.

Conferencing Devices. Are hands-free IP or USB phones that are used in meeting rooms.

Common Area Phones. Are handset IP phones that are used in shared areas such as lobbies, kitchens,
factory floors, and shared workspaces. You can customize these phones to provide different sets of
Lync Server 2013 features.

When planning to support devices in Lync Server 2013, only the IP phone devices have specific
requirements in relation to the infrastructure in which they are deployed. For Lync Server 2013 software
clients, USB phone devices basically function as headsets, and they do not require additional deployment
considerations, other than the ones done for the software clients themselves.

Lync Server 2013 Component Requirements for Devices


When planning your deployment, you need to consider the following specific Lync Server 2013
component requirements:

Web Services. On each front-end server, the Device Update Service runs as a web service. You can
share the configuration between all front-end servers in the pool, but cannot replicate between pools
or Standard Edition servers.

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

12-28 Planning a Migration to Lync Server 2013

Enterprise Voice. If you want a Lync Server 2013 user to use a phone device, you need to enable the
user for Enterprise Voice. Also, like any Enterprise Voice deployment, you need to configure and test
the dial plans, voice policies, and outbound call routes before deploying Lync Server 2013 phone
devices.

Contact Objects for Common Area Phones. You need to associate the phones that are not locked for
specific users, with a Microsoft Active Directory contact object. Similar to user accounts, you can
assign policies and voice plans to contact objects, thereby providing a method to manage the device.

PIN Authentication and Policy. For deploying phones from the line of IP phones designed for Lync
Server 2013, you need to enable personal identification number (PIN) authentication on Lync Server
2013. You also need to have an appropriate PIN policy that allows automatic authentication on user
sign-in with a number of IP phones.

System and Infrastructure Requirements for Lync Server 2013 Phone Devices

When you deploy Lync 2013 phone devices, aside from the configuration within Lync Server 2013 itself,
the environment hosting the Lync Server 2013 servers and clients must also provide specific functionality.
You need to accommodate this functionality in your planning for device deployment:

Power over Ethernet (PoE)

A majority of Lync 2013 phone devices can use PoE, instead of a traditional power supply. This can make
deployment easier because you only need network connectivity to the phone devices. However, you need
to provide PoE on the Ethernet connection that goes to the device; this in turn imposes specific
requirements for network switches in your environment.
When planning for the deployment of Lync phone devices, ensure that PoE is available in the locations
where you will be placing Lync 2013 IP phone devices. For this, you will need to clarify the requirements
with the network teams of the organization where you are deploying Lync Server 2013. Although you can
use a traditional power supply for each IP phone, it is much more convenient if PoE is available on the
network.

Link Layer Discovery ProtocolMedia Endpoint Discovery (LLDP-MED)

Lync 2013 Phone Edition supports LLDP-MED. You should use LLDP-MED if you are deploying Lync 2013
Phone Edition devices and using the E9-1-1 functionality. LLDP defines a standard protocol for network
devices to advertise their location on a local area network (LAN). The LLDP-MED extension helps device
location discovery. Note that the connecting switch must also support LLDP-MED.

Network Port Requirements

When the device is inside the corporate network, IP phones use port 443 for making requests to the
Device Update web service and port 80 for the actual retrieval of the update files. IP phones also use port
80 to download the Root Certification Authority certificate if PIN and certificate authentication is used. If
the device is located outside the corporate network, IP phones use port 443 (HTTPS) for making requests
and retrieving updates to the device.

DNS Requirements

With regard to server discovery and sign-in, the Lync 2013 phone devices use the same DNS records as a
normal Lync 2013 client, and these are A and service (SRV) records.

However, for some older devices to receive device updates, you might need a separate A record, by using
the following code.
A record ucupdates-r2. <SIP domain>.

This record needs to be available both externally and internally.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-29

Additionally, you need to recognize that the DNS requirements for Lync 2013 phone devices are the same
as Lync Server 2010. As a result, many of these entries may already exist in the current environment when
performing a migration.

MICROSOFT INTERNAL TEACH

Dynamic Host Configuration Protocol (DHCP) Requirements

To obtain the web services URL and Registrar fully qualified domain name (FQDN), Lync 2013 phones use
DHCP. Therefore, you need to ensure that you are providing DHCP in your environment. For doing this,
you can use either Enterprise DHCP servers or Lync Registrar DHCP servers.
In Lync Server 2013 connectivity, you can use the following DHCP options:

Option 120 (SIP servers). It is defined in RFC 3361 and is used to return a list of SIP servers.

Option 43. It is a complicated option and has many sub-options, and sometimes many values. The
effective value for option 43 is the Lync Pool Certificate Provisioning Service URL. You can use the
utility, DHCPUtil.exe, to assist with configuring this option on your Windows DHCP servers.

Enterprise DHCP Servers

Enterprise DHCP Servers are DHCP servers that the Enterprise is already using, and they provide IP
discovery and other services. Enterprise DHCP Servers can be either Windows DHCP servers, which are
part of Windows Server, or can be manufactured by other vendors, such as Cisco Systems.

When you configure a data center site, you should use Enterprise DHCP servers because of the following
reasons:

Enterprise DHCP servers do not require re-configuration of all the BOOTP relay agents to relay
packets to a new server.

If you use a DHCP server that is included with the Lync Server 2013 Registrar, it results in unneeded
packets being sent to an additional DHCP server. Because there is no participation of DHCP in the
address acquisition process, these types of packets will be ignored.

If you enable the DHCP server by using the Registrar, it adds one more responsibilities to the frontend server or Director role. This can potentially affect the performance and the core functionality of
Windows Server.

Registrar DHCP Servers

The built-in DHCP component of Registrars can listen for DHCP broadcasts. In addition, the DHCP
component can also respond to appropriate DHCP INFORM packets. A scenario for a built-in DHCP
component is small branch offices, which do not have DHCP servers and have minimal server
administration. Also, the component does not participate in or affect the IP acquisition process in the
Enterprise. Therefore, it is completely safe to use the Registrar DHCP Servers side-by-side with the existing
DHCP servers.
The DHCP component only responds to DHCP INFORM messages, which:

Have a vendor class identifier such as MS-UC-client.

Ask for Option 120 or 43 by using the parameter request list of option 55.

If a branch office does not have an Enterprise DHCP server, you need the Registrar running the DHCP
server because of the following reasons:

Because the branch does not have an Enterprise DHCP server, it relies on DHCP functionality provided
by routers. It is therefore not possible to configure DHCP options on these.

All UC devices can be in the same subnet, depending on the branch size. In such a case, you do not
require relay configuration. However, if there are multiple subnets, it is likely that they are not many
in number and reconfiguration is manageable.

You can more easily enable DHCP on the Registrar in comparison to configuring and deploying an
Enterprise DHCP server for the vender-specific Lync Server DHCP options.

Using the Registrar DHCP Server and Static DNS

MICROSOFT INTERNAL TEACH

MCT USE ONLY. STUDENT USE PROHIBITED

12-30 Planning a Migration to Lync Server 2013

The DHCP server on the Registrar does not grant IP leases, but provides only the web services URL and
Registrar FQDN. It is best to deploy DHCP servers on the Registrar in the subnets where the servers
running Lync Server 2013 are located. This is because these servers do not provide IP addresses, but
provide the preceding DHCP options. The servers that are running Lync Server 2013 need these options
available. Therefore, if you are using static DNS for Lync Server 2013 host machines, you need to also
deploy Lync DHCP and Enterprise DHCP servers.

Certificates

While deploying Lync Server 2013 phone devices, you need to ensure that the devices trust the certificates
presented by Lync Server 2013 and Microsoft Exchange Server Unified Messaging. For this, typically, you
will need to get the Root Certificate of your internal certificate authority on to the device.
However, when you migrate from Office Communications Server 2007 R2/Lync 2010 and have been using
Office Communicator 2007 R2/Lync 2010 Phone Edition devices, you already have the necessary
components in place for phone devices to function.
There are several ways in which you can import a Root Certificate on a Lync 2013 phone device. The most
used method involves adding the Root Certificate to the caCertificate attribute in Active Directory. You
can do this by running the following command.
certutil -f -dspublish <Root CA certificate in .cer file> RootCA

However, for this method to work, you need to have the Root Certificate available in .cer format.

This method can make the Root Certificate available to the Lync 2013 phone devices, which are then able
to sign in to your environment.

When you use public certificates for your internal Lync Server 2013 deployment, you need to ensure that
the public certificate provider is one that the Lync 2013 phone devices support. This is because you would
not want to publish a third-party root certificate in the same manner as described above. You can get a
list of the supported public certificate authorities for Lync Phone Edition by referring to the Lync Server
2013 documentation.
You need to take into account a number of considerations in your Lync Server 2013 deployment to
deploy Lync phone devices. Even if you may have a well-functioning deployment that uses Lync software
clients, it does not guarantee that the deployment has been properly prepared for Phone Edition
deployment.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-31

Lesson 4

MICROSOFT INTERNAL TEACH

Designing a Client Migration and Device Migration


Strategy

There are several considerations that you must examine while designing Group Policy, and policies and
devices. You should also know how to design a software deployment strategy, and the best practices for
migrating clients, devices, and users.

Lesson Objectives

Design Group Policy.

Design policies for devices.

Design a software deployment strategy.

Describe the best practices for client, device, and user migrations.

Designing Group Policy

In Lync Server 2013, the Group Policy settings


used in earlier versions of Office Communications
Server are now controlled by in-band provisioning
client policies that are server-based. In-band
provisioning settings are managed by using the
Lync Server Control Panel, the Windows
PowerShell command-line interface, or both.
These tools replace the Windows Management
Interface (WMI) snap-in used to manage policy
settings in earlier versions of Office
Communications Server. For example, in Office
Communications Server 2007 R2, you can use
Group Policy to override conferencing policies for specific users. In Lync Server 2013, you can centrally
manage all policy settings and apply them at the global, site, or tag levels. Tags are settings that can be
applied to a single user or to a group of users.

If you have an existing Office Communications Server 2007 R2 deployment, Office Communications Server
2007 R2 clients will continue to use Group Policy during side-by-side migration. However, if you want
policy settings to be applied to Lync Server 2013 clients, you need to configure the equivalent Lync Server
2013 in-band provisioning settings.
When designing your migration to Lync Server 2013, you should review the Group Policy settings that are
used for client configuration in the legacy environment. You can then use these as a starting point for
choosing the in-band configuration settings, or build new client configuration settings. However, you
should evaluate the Group Policy settings before migrating clients and users. If you make changes to the
way the clients are configured on the Lync Server 2013 environment, you must communicate these
changes to users as a part of migration planning.
Although Lync Server 2013 transfers most client configurations to in-band provisioning, there are a
number of Group Policy settings that are required for client bootstrapping. These are policies that take
effect before the client logs on and begins receiving in-band provisioning settings from the server.

Because Office Communicator 2007 R2 client bootstrapping policies are used by Lync 2013, it is only
necessary to configure them if you want to change existing policies or if you want to set new policies. If

you do not plan to configure client bootstrapping policies or you want legacy client bootstrapping
policies to remain in effect, no action is necessary.

MCT USE ONLY. STUDENT USE PROHIBITED

12-32 Planning a Migration to Lync Server 2013

MICROSOFT INTERNAL TEACH

There are several advantages to the Lync Server 2013 approach of using in-band provisioning, instead of
Group Policy, when configuring clients. The following table compares the two types of client
configurations.
In-band provisioning settings

Group Policy settings

Administrators can handle all client


configuration tasks in a single location, by
using a single user interface.

Administrators must often work with other


departments in the organization. For
example, administrators manage Active
Directory Domain Services (AD DS) or
messaging to configure clients.

Settings can be configured at the global


level, that is, domain or organizational unit.
Settings can also be configured at the site
or tag level.

Settings can only be configured at the


global and user levels.

In-band provisioning settings that are


server-based provide a consistent end-user
experience for people who are not joined
to the corporate domain, or for people
who join by using devices or remote
clients.

Group Policy settings that are distributed


by using Active Directory require that users
be connected to the corporate domain by
using a computer.

Settings take effect at the Lync sign-in.

Users must log off from the Windows


operating system and then log back on for
settings to take effect.

In-band provisioning settings that are


server-based help make clients secure
because they do not depend on the client
application to enforce the policy.

Client applications can be modified by a


malicious user.

You should aim to move all clients to Lync Server 2013 client software as part of your migration plan. This
will give users a better experience and will allow them to use the full Lync Server 2013 feature set, which is
not available when using legacy client software.
To design your Group Policies and in-band provisioning settings, you should:

Evaluate current Group Policy settings for Lync 2010 or Office Communicator 2007 R2 configuration.

Review available client configuration options in Lync Server 2013.

Determine the changes that are needed to current policy settings.

Configure bootstrapping policies for Lync Server 2013.

Configure Lync 2013 client policies.

You should also evaluate organizational requirements with the project stakeholders before deciding
on the client configuration for your Lync Server 2013 deployment. Even though you may be
migrating from an earlier version of Office Communications Server, organizational requirements
might have evolved or changed since that versions configuration was designed and implemented.
Question: Why are some Group Policy settings still required for Lync Server 2013 clients
when you can use in-band provisioning?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-33

MICROSOFT INTERNAL TEACH

Designing Policies for Devices


When your Lync Server 2013 deployment includes
Lync 2013 phone devices, you need to consider
some important factors. These relate both to the
initial deployment of devices and to the ongoing
maintenance and operation of these devices.
As Lync Server 2013 phone devices are somewhat
different than the typical Lync 2013 software
client, you will normally implement policies that
are specific to phone devices. You configure
policies for phone devices in the same way as you
configure policies for sites or users.

An example would be common area phones.


These would require other policies than your typical Lync Server 2013 clientsfor example, simultaneous
ringing would be disabled, as would team call and call delegation. To configure this, you would create a
user voice policy and assign this to the common area phones in the Lync Server 2013 environment.
When you design policies for phone devices, you should consider the following:

The usage profile of the phone devices for which you are designing the policies.

The physical locations where the devices will be located.

The calling features that should be enabled or disabled.

Enabling of hot-desk phones if common area phones are deployed. When hot-desk phones are
deployed, users can log on to the phone by using their Lync Server credentials. Among other things,
this gives users easy access to their contacts.

You will normally deploy user policies for common area phones, because you do not want a general site
or even global policy applied to these devices. Common area phones require special considerations,
because these may be placed in locations where non-organizational staff can access them. For example,
you may have a common area phone placed in a lobby or reception area, and such a phone would
normally be locked down through policies, so that a person using the phone in the lobby would not be
able to access conferences by using this device.

Device Update Service

After you decide to deploy Lync 2013 Phone Edition devices in your environment, you must consider how
you will use the Device Update Service, which is a part of Lync Server 2013.
The Device Update Service is a web service that runs on all front-end servers, and is used to provide
firmware or software updates to Lync 2013 Phone Edition devices.

When deployed in a front-end pool, the service configuration is shared between the servers in the pool,
but not between pools, or between Standard Edition servers.

In versions earlier to Office Communications Server 2007, it was a challenging task to install and configure
the Device Update Service. However, in Office Communications Server 2007 R2, the Device Update Service
became an integral part of the server infrastructure, and this is carried forward with Lync Server 2010 and
2013.
When designing your Lync Server 2013 infrastructure, you need decide about how to use the Device
Update service in your environment. For this, you need to consider the following:

The makes and models of devices that you will be deploying. Because you must download updates for
each specific Lync 2013 Phone Edition device manually to your Device Update Service, you may want

MCT USE ONLY. STUDENT USE PROHIBITED

12-34 Planning a Migration to Lync Server 2013

MICROSOFT INTERNAL TEACH

to limit the amount of different devices that you deploy on each front-end pool or Standard Edition
server.

The devices of each type that should be deployed as test devices. You should designate at least one test
device for each type of device that you deploy in your environment. This test device will enable you
to try new firmware releases before applying them to the rest of the devices in your environment.

Supporting devices located outside your corporate network. If you are supporting devices outside your
network, you need to ensure that devices can connect to the Device Update Service from outside
your corporate network.

Considering these, you should be able to design and implement a successful Device Update Service in
your Lync Server 2013 environment.
Question: If you have several front-end server pools or Standard Edition servers, can you
manage the Device Update Service on a global level?

Designing a Software Deployment Strategy

When you migrate to Lync Server 2013 from an


earlier version of Office Communications Server,
the task of deploying client software needs to be
considered in your solution design. The Lync 2013
client is likely to be the main client used in a Lync
Server 2013 environment, and as such, you will
need a method for deploying this throughout your
environment. Typically, you deploy Lync 2013 by
using the method that you currently use for
software distribution in your environment, which
could be System Center Configuration Manager.
Alternatively, you may use other software
distribution solutions. For situations where you are not able to deploy in this manner, such as with your
managed corporate client computers, you may consider the following additional methods of deployment:

Application downloadFrom a corporate website, and manual installation.

Remote controlOf clients by IT administrators who install the software for the user.

The Lync 2013 client will not uninstall any existing Office Communicator 2007 R2/Lync 2010 client as
part of its installation routine.

For remote clients, new remote access solutions such as Microsoft Unified Access Gateway (UAG)
DirectAccess may be used to enable you to distribute Lync 2013 clients to remote, domain-joined clients
in the same manner as with your in-house clients.
When you start migrating users to Lync Server 2013, you may need to ensure that the migrated users
have access to Lync 2013 Web App, or Lync 2013 Attendee to attend meetings hosted on Lync Server
2013.

Lync 2013 Web App

The Lync 2013 Web App client is a web-based client provided by the web components server on each
Lync Server 2013 front-end server, and as such, is immediately available to internal users when you deploy
Lync Server 2013. This new version includes computer audio and video support. For external users, you
will need to publish access to it by using a reverse proxy, which is similar to the process for publishing
access to the Address book and meeting content.

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-35

Question: Are you required to deploy Lync Server 2013 client software by using software
distribution solutions such as System Center Configuration Manager?

MICROSOFT INTERNAL TEACH

Client Deployment Strategy


The minimum operating system required is
Windows 7. Lync is part of the Microsoft Office
family, and the Lync 2013 client will be available as
part of the Office 2013 suite, or as a stand-alone
package.
Currently, the Lync 2013/Office 2013 installers do
not remove the existing Lync 2010 installation,
allowing both legacy and new clients to be
installed on the same computer side-by-side.
(However, only one is running at any given time).

Live Meeting
In Lync Server 2010, a service existed called the
Lync Web Conferencing Compatibility Service,
which was essentially the Live Meeting MCU from
OCS 2007 R2. It would service any Legacy onpremise Live Meetings that were created in the
OCS/OCS 2007 R2 environments. However, Lync
Server 2013 does not contain this service. As such,
Legacy Live Meetings (that start with meet://) will
no longer work.

If the user is currently located in an OCS 2007 R2


or Lync Server 2010 pool, and the user still has the
OCS 2007 R2 client (with the Legacy Outlook AddIn), he or she will still be able to create, schedule, and attend both on-premise and hosted Live Meetings
(Schedule a Live Meeting). After the user account is migrated to Lync Server 2013, the user will no
longer be able to create, schedule, or attend any on-premise Live Meetings (including meetings already
created). He or she will be able to continue to schedule Hosted Live Meetings, by using the Live Meeting
Service, if he or she subscribes to that service. New meetings should be created as Lync Online Meetings.
Special consideration needs to be given to OCS 2007 R2 clients, however, because they cannot create
Lync Online Meetings. They can, however, create meetings on Lync Server 2013 by using the Schedule a
Conference Call item in the Legacy Outlook Add-In. The solution is to upgrade the client to Lync 2013,
enabling them to create Lync Online Meetings with all expected features.

For existing on-premise Live Meetings, users will be required to manually reschedule their meetings. A
tool (run by a user) is currently planned that will search the users calendar for both Lync and Live
Meetings, and enable the user to open those meetings from a simple interface. On opening, the old
meeting information is stripped from the body, and custom properties are cleared such that the user can
click Lync Meeting to make it a new online meeting against their new topology. Then, the use can click
Send Update to update the meeting attendees with the new details.

Best Practices for Client, Device, and User Migrations

MICROSOFT INTERNAL TEACH

The following are the best practices for designing


client, device, and user migrations:

MCT USE ONLY. STUDENT USE PROHIBITED

12-36 Planning a Migration to Lync Server 2013

The Lync Server 2013 environment should be


fully configured before migrating users.

Configure Enterprise Voice.

Migrate Group Policy settings to in-band


provisioning.

Consider specific requirements for Lync Server


2013 or Office Communications Server 2007
R2 Phone Edition devicesDNS, DHCP, and
certificate publication.

Do not deploy Lync 2013 clients prior to moving users when migrating from OCS 2007 R2. The Lync
2013 client can be used against Lync 2010.

Be aware that using the Lync 2013 client with earlier versions of Office Communications Server is
unsupported.

Ensure that users can participate in meetings hosted on Lync Server 2013.

Make Lync 2013 Web App available to non-Windows clients.

Do not remove Live Meeting clients as part of your Lync client rollout.

Educate users on the new conferencing clients, prior to deployment.

Use Microsoft-supplied user training materials, available online.

Be aware that proper user education is the key to a successful adaptation of Lync Server 2013.

Inform users of coexistence considerations when moving to Lync Server 2013.

Move users in logical groups.

Move users together based on organizational grouping, such as departments and sites.

If possible, move users who organize and participate in conferences with each other.

Always do pilot client, device, and user migrations.

Use pilot migrations to validate configurations, client deployment, and functionality.

Perform pilot migration of users, clients, and devices to Lync Server 2013.

Use pilot migrations as trial runs to adjust and prepare for full-scale migrations.

Ensure consistent security update levels for clients and devices across your deployment.

Monitor the client versions that are used in your environment.

Update clients to required levels before any migration is performed.

Use client version policies to block unwanted client versions in your environment before, during, and
after migration.
Question: Why should you avoid removing the Live Meeting client by default when rolling
out the Lync Server 2013 client software?

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-37

Lab: Planning a Migration to Lync Server 2013 (Paperbased)

MICROSOFT INTERNAL TEACH

Scenario

Adatum Corporation is using Office Communications Server 2007 R2 for the past few years for all the
modalities including enterprise Voice (EV) for all its users, 50% of their users have OCS R2 qualified
devices, and currently they have deployed CU4 on their OCS R2 servers. Adatum users currently use Live
meeting service for data conferencing and Adatum has given different conferencing capabilities to
different sets of users. Adatum also has PIC enabled at London site and London site has federation setup
too as of today they are quite happy with its performance. Stakeholders of the organization have decided
to migrate to Lync Server 2013. You have been asked to use the prevalent features of Lync Server 2013
and explain to the stakeholders how adding these features will increase the business continuity for the
organization, and design a migration plan for Adatum to move to Lync 2013 with minimum downtime
and keep all the existing voice, conference, client and device policies. The plan should also make sure that
there is no downtime for PIC and Federation capabilities. And Adatum has been informed about the
discontinuation of Live meeting services so they want all their web conferences to be Lync 2013
conferences.
Estimated Time: 30 minutes

Exercise 1: Creating a Migration Plan


Scenario

In this exercise you will create a Migration plan for Adatum from OCS 2007 R2 to Lync 2013, keep in mind
five compelling features of Lync 2013 and the different phases of the migration.
The main tasks for this exercise are as follows:
1. Determine five key features of Lync Server 2013.

Task 1: Determine five key features of Lync Server 2013.

Decide on five key features of Lync Server 2013 that you feel are important, and list the reasons why
Adatum Corporation should migrate

Exercise 2: Documenting the Migration Phases


Scenario

List the phases of the migration from Office Communications Server 2007 R2 to Lync Server 2013. List the
phases of the migration from Lync Server 2010 to Lync Server 2013.
The main tasks for this exercise are as follows:
1. List the phases of migration from Office Communications Server 2007 R2 to Lync Server 2013.
2. List the phases of migration from Lync Server 2010 to Lync Server 2013.

Task 1: List the phases of migration from Office Communications Server 2007 R2 to
Lync Server 2013.
Phase 1
Phase 2
Phase 3
Phase 4
Phase 5
Phase 6

MICROSOFT INTERNAL TEACH

Phase 7
Phase 8
Phase 9
Phase 10

Task 2: List the phases of migration from Lync Server 2010 to Lync Server 2013.
Phase 1
Phase 2
Phase 3
Phase 4
Phase 5
Phase 6
Phase 7
Phase 8

MCT USE ONLY. STUDENT USE PROHIBITED

12-38 Planning a Migration to Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED

Core Solutions of Microsoft Lync Server 2013 12-39

Module Review and Takeaways

MICROSOFT INTERNAL TEACH

Best Practice:
When migrating from Office Communications Server 2007 R2 to Lync Server 2013, any time you
add or remove servers in the Office Communications Server 2007 R2 environment, you must start
Topology Builder and run the Merge Office Communications Server 2007 R2 topology data into
the Central Management Store. Then, publish the topology to update Lync Server 2013 about the
changes.
Microsoft Lync Server 2013 Control Panel and the Move-CsLegacyUser cmdlet require that user
names are properly formed and do not have leading or trailing spaces. You cannot move a user
account by using Lync Server 2013 Control Panel or the Move-CsLegacyUser cmdlet if the user
account contains leading or trailing spaces. Ensure that your user accounts meet this
requirement.
Locating users on Lync Server 2013 does not require that you deploy upgraded clients at the
same time. New functionality will be available to users only when they have upgraded to the new
client software. If migrating from Lync Server 2010 to Lync Server 2013, you can deploy Lync
2013 clients first, before deploying Lync Server 2013 pools because Lync 2013 clients work
against Lync Server 2010, provided the appropriate Lync Server 2010 cumulative updates have
been deployed.

Review Question(s)
Question: Which Event Source and ID can you filter on, when verifying user replication
during migration?
Question: When you configure and enable front-end pool pairing for disaster recovery, what
additional Lync service is installed?
Question: When migrating users of Lync Server 2013 to Microsoft Exchange 2013, you can
use both Exchange storage and Lync Server storage on an interim basis, while you complete
the migration. When is permanent use of both Exchange and Lync Server storage enabled for
Lync Server 2013?
Question: In Lync Server 2013, after a migration from Communications Server 2007 R2, what
actions can you perform with Live Meeting conferences?
Question: What is the first step in preparing for any migration after the planning phase is
complete?

Real-world Issues and Scenarios

Contoso has deployed Office Communications Server 2007 R2 and is in the process of migrating to Lync
Server 2010? What should they do before they migrate to Lync Server 2013?

Answer:
They should first complete the migration to Lync Server 2010 as a tri-existence scenario is not supported.
Contoso migrated from Office Communications Server 2007 to Office Communications Server 2007 R2,
but never migrated the Office Communications Server Global Settings from the Systems container to the
Configuration container in Active Directory Domain Services. Can they migrate to Lync Server 2013?
Answer:

Yes. However, they may have to run some cmdlets from the Lync Server Management Shell during the
Active Directory Preparation because they assume that the global settings are stored in the Configuration
container.

Course Evaluation
Your evaluation of this course will help Microsoft understand the quality of your learning experience.

MICROSOFT INTERNAL TEACH

Please work with your training provider to access the course evaluation form.
Microsoft will keep your answers to this survey private and confidential and will use your responses to
improve your future learning experience. Your open and honest feedback is valuable and appreciated.

MCT USE ONLY. STUDENT USE PROHIBITED

12-40 Planning a Migration to Lync Server 2013

MCT USE ONLY. STUDENT USE PROHIBITED


L2-1

Module2: Designing a Lync Server 2013 Topology

MICROSOFT INTERNAL TEACH

Lab: Preparing the Environment and


Deploying a Lync Server 2013 Pool
Exercise 1: Preparing for Lync Server 2013
Task 1: Prepare Active Directory for Lync Server 2013.
The virtual machines are configured to automatically log on as Adatum\Administrator with the
password, Pa$$w0rd, except for the following virtual machines:

LON-CL1-02 as Adatum\Adam, with the password, Pa$$w0rd

RED-CL1 as Adatum\Alex, with the password, Pa$$w0rd


To begin this lab, you must start and connect to the appropriate virtual machines by using the
following steps in this specific order:

1.

On Host1, click Start, click Administrative Tools, and then click Hyper-V Manager.

2.

In the Virtual Machines list, if the virtual machine, 20336B-LON-DC1-02, is not running:
a.

Right-click 20336B-LON-DC1-02, and then click Start.

b.

Right-click 20336B-LON-DC1-02, and then click Connect.

c.

In the Virtual Machine Connection window, wait until the virtual machine has booted up
completely before continuing.

3.

On Host2, click Start, click Administrative Tools, and then click Hyper-V Manager.

4.

In the Virtual Machines list, if the virtual machine, 20336B-LON-ROUT1-02, is not running:

5.

6.

7.

8.

a.

Right-click 20336B-LON-ROUT1-02, and then click Start.

b.

Right-click 20336B-LON-ROUT1-02, and then click Connect.

c.

In the Virtual Machine Connection window, wait until the virtual machine has booted up
completely before continuing.

On Host1, in the Virtual Machines list, if the virtual machine, 20336B-LON-SQL1-02, is not running:
a.

Right-click 20336B-LON-SQL1-02, and then click Start.

b.

Right-click 20336B-LON-SQL1-02, and then click Connect.

On Host1, in the Virtual Machines list, if the virtual machine, 20336B-LON-CL1-02, is not running:
a.

Right-click 20336B-LON-CL1-02, and then click Start.

b.

Right-click 20336B-LON-CL1-02, and then click Connect.

On Host1, in the Virtual Machines list, if the virtual machine, 20336B-LON-FE1-02, is not running:
a.

First ensure that 20336B-LON-SQL1-02 has booted completely before starting this virtual
machine.

b.

Right-click 20336B-LON-FE1-02, and then click Start.

c.

Right-click 20336B-LON-FE1-02, and then click Connect.

On Host2, in the Virtual Machines list, if the virtual machine, 20336B-RED-SQL1-02, is not running:
a.

Right-click 20336B-RED-SQL1-02, and then click Start.

Core Solutions of Microsoft Lync Server 2013

b.

MICROSOFT INTERNAL TEACH

9.

Right-click 20336B-RED-SQL1-02, and then click Connect.

On Host2, in the Virtual Machines list, if the virtual machine, 20336B-LON-EX1-02, is not running:
a.

Right-click 20336B-LON-EX1-02, and then click Start.

b.

Right-click 20336B-LON-EX1-02, and then click Connect.

10. On Host2, in the Virtual Machines list, if the virtual machine, 20336B-RED-FE1-02, is not running:
a.

First ensure that 20336B-RED-SQL1-02 has booted completely before starting this virtual
machine.

b.

Right-click 20336B-RED-FE1-02, and then click Start.

c.

Right-click 20336B-RED-FE1-02, and then click Connect.

11. On Host2, in the Virtual Machines list, if the virtual machine, 20336B-RED-CL1-02, is not running:
a.

Right-click 20336B-RED-CL1-02, and then click Start.

b.

Right-click 20336B-RED-CL1-02, and then click Connect.

12. On Host2, when 20336B-RED-CL1-02 has booted up completely, close the Virtual Machine
Connection window.
13. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop
Connection.
14. In the Remote Desktop Connection window, click Options.
15. Click the Local Resources tab, and then, under Remote audio, click Settings.
16. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it.
17. Under Remote audio recording, click Record from this computer, and then click OK.
18. Click the General tab.
19. Under Logon settings, in the Computer box, type red-cl1.Adatum.com.
20. In the User name box, type Adatum\Alex, and then click Connect.
21. On the Remote Desktop Connection page, click Connect.

MCT USE ONLY. STUDENT USE PROHIBITED

L2-2

22. In the Remote Desktop Connection window, select the Dont ask me again for connections to this
computer check box, and then click Connect.

23. In the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK, click Yes.
24. On Host1, when 20336B-LON-CL1-02 has booted up completely, close the Virtual Machine
Connection window.
25. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop
Connection.
26. In the Remote Desktop Connection window, click Options.
27. Click the Local Resources tab, and then, under Remote audio, click Settings.
28. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it.
29. Under Remote audio recording, click Record from this computer, and then click OK.
30. Click the General tab.
31. Under Logon settings, in the Computer box, type lon-cl1.Adatum.com.
32. In the User name box, type Adatum\Adam, and then click Connect.

MCT USE ONLY. STUDENT USE PROHIBITED


L2-3

33. In the Remote Desktop Connection window, select the Dont ask me again for connections to this
computer check box (if it appears), and then click Connect.

MICROSOFT INTERNAL TEACH

34. In the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK.

Verify that all services set to Automatic have started on all virtual machines. Most notably, check the
Microsoft Exchange, Lync Server 2013, and Microsoft SQL Server services. To do so, complete the
following steps:
1.

On each virtual machine, open Server Manager, click Tools, and then click Services.

2.

In the Services console, verify that all services set to Automatic start have started.

3.

If not, right-click the service, and then click Start.

Important Note All connections to LON-CL1-02 and RED-CL1-02, and will require using a Remote
Desktop Connection with remote audio playback and remote audio recording enabled, unless
otherwise specifically stated.

Mount ISOs needed for the lab


1.

Open the Hyper-V Manager console.

2.

On Host 1, click 20336B-LON-FE1-02. In the Actions pane, click Settings.

3.

Under Hardware, click DVD Drive.

4.

Click Image file, and then click Browse.

5.

Browse to C:\Program Files\Microsoft Learning\20336\Drives\, and then click


en_lync_server_2013_x64_dvd_1043673.iso.

6.

Click Open, and then click OK.

7.

Repeat steps 2 through 6 for 20336B-RED-FE1-02.


Install Software:

1.

On LON-FE01, in Windows Explorer, open D:\.

2.

On the Microsoft Lync Server 2013 pop-up answer yes to the question if to install the Microsoft Visual
C++ runtime.

3.

On the Installation Location page, leave the default location, and then click Install.

4.

On the End User License Agreement page, select the I accept the terms in the license agreement
check box, and then click OK.

5.

On the Deployment Wizard, click Prepare Active Directory.

6.

On the Prepare Active Directory for Lync Server page, next to Step 1: Prepare Schema, click Run.

7.

On the Prepare Schema page, click Next.


Note: Wait as the wizard runs the commands to prepare the schema.

8.

When the Task Status shows as Completed, click Finish.

9.

On the Prepare Active Directory for Lync Server page, near Step 3: Prepare Current Forest, click Run.

10. On the Prepare Forest page, click Next.

11. On the Universal Group Location page, verify that Local Domain is selected, and then click Next.

Core Solutions of Microsoft Lync Server 2013

Note: Wait as the wizard runs the commands to prepare the forest.
12. When the Task Status shows as Completed, click Finish.

MCT USE ONLY. STUDENT USE PROHIBITED

L2-4

MICROSOFT INTERNAL TEACH

13. On the Prepare Active Directory for Lync Server page, next to Step 5: Prepare Current Domain, click
Run.
14. On the Prepare Domain page, click Next.
Note: Wait as the wizard runs the commands to prepare the domain.
15. When the Task Status shows as Completed, click Finish.
16. On the Deployment Wizard, click Exit.

Task 2: Add an administrator to the CSAdministrator group.


1.

On LON-FE01, click Start, and then click Active Directory Users and Computers.

2.

In the Active Directory Users and Computers administrative snap-in, in the navigation pane, expand
ADatum.com, and then click the Users container.

3.

In the Results pane, right-click the CSAdministrator group, and then click Properties.

4.

On the CSAdministrator Properties page, click the Members tab, and then click Add.

5.

On the Select Users, Contacts, Computers, Service Accounts, or Groups page, in the Enter the object
names to select box, type Administrator, and then click OK.

6.

On the CSAdministrator Properties page, click OK.

7.

Close the Active Directory Users and Computers Microsoft Management Console (MMC).

Task 3: Prepare the File Shares for Lync Server 2013.


1.

On LON-SQL01, open file explorer and navigate to C:

2.

Create a new folder named, LyncShare.

3.

Right-click the LyncShare folder, and then select Share with, specific People

4.

Ensure that Administrator is listed as read/write and Administrators group is listed as Owner.

5.

Click Share, and then click Done.

6.

On RED-SQL01, open file explorer and navigate to C:

7.

Create a new folder named, LyncShare.

8.

Right-click this folder and select Share with, specific People

9.

Ensure that Administrator is listed as read/write and Administrators group is listed as Owner.

10. Click Share, and then click Done.

Results: After completing this exercise, you should have prepared Active Directory for an installation of
Lync Server 2013.

MCT USE ONLY. STUDENT USE PROHIBITED


L2-5

Exercise 2: Configuring a Lync Server 2013 Topology

MICROSOFT INTERNAL TEACH

Task 1: Deploy and run the Topology Builder.


1.

On LON-FE01, click Start, and then click Lync Server Deployment Wizard.

2.

In the Deployment Wizard, click Install Administrative Tools.


Note: There is no further user interaction needed to complete the installation.

3.

Click Start, and then click Lync Server Topology Builder.

4.

On the Topology Builder page, click New Topology, and then click OK.

5.

In the Save New Topology As window, navigate to the desktop and save the topology as Lab2.tbxml.

6.

On the Define the primary domain page, in the Primary SIP Domain box, type ADatum.com, and then
click Next twice.

7.

On the Define the first site page, in the Name box, type London (Site 0), and then click Next.

8.

On the Specify site details page, in the City box, type London.

9.

In the Country/Region Code box, type +44, and then click Next.

10. On the New topology was successfully defined page, verify that Open the New Front End Wizard
when this wizard closes is selected, and then click Finish.

11. On the Define New Front End Pool wizard, on the Define the New Front End pool page, click Next.
12. On the Define the Front End pool FQDN page, in the Pool FQDN box, type lon-pool.ADatum.com.
Verify that Enterprise Edition Front End Pool is selected, and then click Next.
13. On the Define the computers in this Pool page, in the Computer FQDN box, type lonfe01.adatum.com, click Add, and then click Next.

14. On the Select Features page, select the Conferencing(includes audio, video and application sharing),
Dial in (PSTN) conferencing, Enterprise Voice and Call Admission Control check boxes, and then click
Next.

15. On the Select collocated server roles page, select the Collocate Mediation Server check box, and then
click Next.
16. On the Associate server roles with this Front End pool page, clear all check boxes, and then click
Next.
17. On the Define the SQL store page, click New, and then, in the SQL Server FQDN box, type LonSQL01.ADatum.com.
18. Click Named Instance, and then type LYNC.
19. Clear the this SQL instance is in mirroring relation check box, click OK, and then click next.

20. On the Define the file store page, click Define a new file store, and then, in the File Server FQDN
box, type Lon-SQL01.adatum.com.
21. In the File Share box, type LyncShare, and then click Next.

22. On the Specify the Web Services URL page, select the Override Internal Web Services Pool FQDN
checkbox. Then, in the box, type lon-poolweb-int.adatum.com, in the External Base URL, update the
URL to lon-poolweb-ext.adatum.com, and then click Next.

23. On the Select an Office Web Apps Server page, clear the Associate pool with an Office Web Apps
Server check box, and then click Finish.
24. In the Topology Builder right-click Lync Server, and then select New Central Site.

Core Solutions of Microsoft Lync Server 2013

25. On the Define new central site page, in the Name box, type Redmond (Site 1), and then click
Next.
26. On the Specify site details page, in the City box, type Redmond.

MICROSOFT INTERNAL TEACH

27. In the Country/Region Code box, type +1, and then click Next.

MCT USE ONLY. STUDENT USE PROHIBITED

L2-6

28. On the Central site was successfully defined page, verify that Open the New Front End Wizard when
this wizard closes is selected, and then click Finish.

29. On the Define New Front End Pool wizard, on the Define the New Front End pool page, click Next.
30. On the Define the Front End pool FQDN page, in the Pool FQDN box, type red-pool.ADatum.com.
Verify that Enterprise Edition Front End Pool is selected, and then click Next.
31. On the Define the computers in this Pool page, in the Computer FQDN box, type redfe01.adatum.com, click Add, and then click Next.

32. On the Select Features page, select the Conferencing(includes audio, video and application sharing),
Dial in (PSTN) conferencing, Enterprise Voice and Call Admission Control check boxes, and then click
Next.

33. On the Select collocated server roles page, select the Collocate Mediation Server check box, and then
click Next.
34. On the Associate server roles with this Front End pool page, clear all check boxes, and then click
Next.
35. On the Define the SQL store page, click New , and then, in the SQL Server FQDN box, type RedSQL01.ADatum.com
36. Click named Instance, and then type LYNC.
37. Clear the this SQL instance is in mirroring relation check box, click OK, and then click next.
38. On the Define the file store page, click Define a new file store, and then, in the File Server FQDN
box, type Red-SQL01.adatum.com.
39. In the File Share box, type LyncShare, and then click Next.

40. On the Specify the Web Services URL page, select Override Internal Web Services Pool FQDN
checkbox. Then, in the box, type red-poolweb-int.adatum.com, in the External Base URL, update the
URL to red-poolweb-ext.adatum.com, and then click Next.

41. On the Select an Office Web Apps Server, clear the Associate pool with an Office Web Apps Server
check box, and then click Finish.

Task 2: Configure the Administrative Access URL.


1.

On LON-FE01, in the Topology Builder, in the Navigation pane, right-click Lync Server, and then click
Edit Properties.

2.

On the Edit Properties page, under Simple URLs, in the Administrative access URL box, type
https://lyncadmin.adatum.com.

3.

In the Central Management Server Section, use the drop-down menu to select the lonpool.adatum.com London (Site 0) as the front-end server on which to install central management
server, and then click OK.

Results: After completing this exercise, you should have created and edited a publishable topology.

MCT USE ONLY. STUDENT USE PROHIBITED


L2-7

Exercise 3: Publishing the Topology

MICROSOFT INTERNAL TEACH

Task 1: Publish the topology.


1.

On LON-FE01, in the Topology Builder, right-click Lync Server, and then click Publish Topology.

2.

On the Publish topology page, review the actions that will be performed, and then click Next.

3.

On the Select Central Management Server, verify that the lon-pool.adatum.com London (Site 0) is
selected, and then click Next.

4.

On the Create databases page, verify that both the lon-sql01.adatum.com and the redsql01.adatum.com are selected, and then click Next.

5.

On the Publishing wizard complete page, verify that all steps show as Success. If any step finishes
with completed with warnings, review these warnings to verify that they are not serious. SQL Server
might generate an error about Setting SQL Server Show Advanced Options to 1.

6.

Under Next steps, click the link to open the to-do list.

7.

Review the NextSteps.txt file that opens and the instructions to run local setup on each server in the
list, and then close Notepad.

8.

On the Publishing wizard complete page, click Finish.

9.

Close the Lync Server 2013 Topology Builder.

Results: After completing this exercise, you should have a published topology.

Core Solutions of Microsoft Lync Server 2013

Exercise 4: Configuring Domain Name Server (DNS)

MICROSOFT INTERNAL TEACH

Task 1: Create the necessary DNS Records for Lync Server 2013.

MCT USE ONLY. STUDENT USE PROHIBITED

L2-8

1.

On LON-DC1, click Start, and then click\type DNS.

2.

In DNS Manager, expand LON-DC1, expand Forward Lookup Zones, and then click ADatum.com.

3.

Right-click ADatum.com, and then click New Host (A or AAAA).

4.

In the New Host window, in the Name box, type dialin.

5.

In the IP Address box, type 172.16.0.31, and then click Add Host.

6.

At the DNS prompt, click OK.

7.

In the New Host window, in the Name box, type lon-pool.

8.

In the IP Address box, type 172.16.0.31, and then click Add Host.

9.

At the DNS prompt, click OK.

10. In the New Host window, in the Name box, type lon-poolweb-int.
11. In the IP Address box, type 172.16.0.31, and then click Add Host.
12. At the DNS prompt, click OK.
13. In the New Host window, in the Name box, type lyncadmin.
14. In the IP Address box, type 172.16.0.31, and then click Add Host.
15. At the DNS prompt, click OK.
16. In the New Host window, in the Name box, type lyncdiscoverinternal.
17. In the IP Address box, type 172.16.0.31, and then click Add Host.
18. At the DNS prompt, click OK.
19. In the New Host window, in the Name box, type meet.
20. In the IP Address box, type 172.16.0.31, and then click Add Host.
21. At the DNS prompt, click OK.
22. In the New Host window, in the Name box, type red-pool.
23. In the IP Address box, type 172.16.1.31, and then click Add Host.
24. At the DNS prompt, click OK.
25. In the New Host window, in the Name box, type red-poolweb-int.
26. In the IP Address box, type 172.16.1.31, and then click Add Host.
27. At the DNS prompt, click OK, and then click Done.
28. Right-click ADatum.com, and then click Other New Records.
29. In the Select a resource record type window, click Service Location (SRV), and then click Create
Record.
30. In the Service box, type _sipinternaltls.
31. In the Protocol box, type _tcp.
32. Leave the Priority and Weight entries as their defaults.
33. In the Port Number box, type 5061.

MCT USE ONLY. STUDENT USE PROHIBITED


L2-9

34. In the Host offering this service text box, type lon-pool.ADatum.com, and then click OK.

35. In Select a resource record type window, click Service Location (SRV), and then click Create Record.
36. In the Service box, type _sipinternaltls.

MICROSOFT INTERNAL TEACH

37. In the Protocol box, type _tcp.


38. Leave the Priority entry at the default. Enter 10 for Weight.
39. In the Port Number box, type 5061.
40. In the Host offering this service text box, type red-pool.ADatum.com, and then click OK.
41. Click Done, and then close DNS Manager.

Exercise 5: Deploying the Front-End Server Role

MICROSOFT INTERNAL TEACH

Task 1: Install the local configuration store.

MCT USE ONLY. STUDENT USE PROHIBITED

L2-10 Core Solutions of Microsoft Lync Server 2013

1.

On LON-FE01, click Start, and then click Lync Server Deployment Wizard.

2.

On the Lync Server 2013 - Deployment Wizard page, click Install or Update Lync Server System.

3.

On the Lync Server 2013 - Deployment Wizard page, next to Step 1: Install Local Configuration Store,
click Run.

4.

On the Configure Local Replica of Central Management Store page, verify that Retrieve directly from
the Central Management Store is selected, and then click Next. This step will take about 10 minutes
to execute.

5.

On the Executing Commands page, when the Task Status shows Completed, click Finish.

Task 2: Set up components.


1.

On LON-FE01, on the Lync Server 2013 - Deployment Wizard page, next to Step 2: Setup or Remove
Lync Server Components, click Run.

2.

On the Setup Lync Server components page, click Next. This step will take approximately 10
minutes to run.

3.

On the Executing Commands page, when the Task status shows Completed, click Finish.

Task 3: Request and assign certificates.


1.

On LON-FE01, on the Lync Server 2013 - Deployment Wizard page, next to Step 3: Request, Install or
Assign Certificates, click Run.

2.

In the Certificate Wizard window, select the Default Certificate, and then click Request.

3.

On the Certificate Request page, click Next.

4.

On the Delayed or Immediate Requests page, verify that Send the request immediately to an online
certification authority is selected, and then click Next.

5.

On the Choose a Certification Authority (CA) page, verify that LON-DC1.adatum.com\adatum-londc1-ca is listed, and then click Next.

6.

On the Certification Authority Account page, leave the box clear, and then click Next.

7.

On the Specify Alternate Certificate Template page, leave the box clear, and then click Next.

8.

On the Name and Security Settings page, in the Friendly Name box, type LON-FE01 Lync Server
Certificate, and then click Next.

9.

On the Organization Information page, in the Organization box, type A Datum.

10. In the Organizational Unit box, type IT, and then click Next.

11. On the Geographical Information page, in the Country/Region drop-down list, click United Kingdom.
12. In the State/Province box, type England.
13. In the City/Locality box, type London, and then click Next.
14. On the Subject Name/Subject Alternate Names page, review the Subject Name and Subject
Alternative Names automatically populated, and then click Next.

15. On the SIP Domain setting on Subject Alternate Names page, select the ADatum.com check box, and
then click Next.

MCT USE ONLY. STUDENT USE PROHIBITED


L2-11

16. On the Configure Additional Subject Alternate Names page, leave the fields blank, and then click
Next.
17. On the Certificate Request Summary page, click Next.

MICROSOFT INTERNAL TEACH

18. On the Executing Commands page, when the Task Status shows Completed, click Next.

19. On the Online Certificate Request Status page, verify that the Assign this certificate to Lync Server
certificate usages check box is selected, and then click Finish.
20. On the Certificate Assignment page, click Next.
21. On the Certificate Assignment Summary page, click Next.
22. On the Executing Commands page, when the Task Status shows Completed, click Finish.

23. On the Certificate Wizard, click the down arrow next to Default Certificate to expand the Certificate
Type.
24. Verify that Server Default, Web Services Internal, and Web Services External all show as Assigned.
25. In the Certificate Wizard window, select the OAuthTokenIssuer, and then click Request.
26. On the Certificate Request page, click Next.

27. On the Delayed or Immediate Requests page, verify that Send the request immediately to an online
certification authority is selected, and then click Next.
28. On the Choose a Certification Authority (CA) page, verify that LON-DC1.adatum.com\adatum-londc1-ca is listed, and then click Next.
29. On the Certification Authority Account page, leave the box clear, and then click Next.
30. On the Specify Alternate Certificate Template page, leave the box clear, and then click Next.

31. On the Name and Security Settings page, in the Friendly Name box, type Adatum OAUTH Certificate,
and then click Next.
32. On the Organization Information page, in the Organization box, type A Datum.
33. In the Organizational Unit box, type IT, and then click Next.

34. On the Geographical Information page, in the Country/Region drop-down list, click United Kingdom.
35. In the State/Province box, type England.
36. In the City/Locality box, type London, and then click Next.
37. On the Subject Name/Subject Alternative Names page, review the Subject Name that is
automatically populated, and then click Next.

38. On the Configure Additional Subject Alternate Names page, leave the fields blank, and then click
Next.
39. On the Certificate Request Summary page, click Next.
40. On the Executing Commands page, when the Task Status shows Completed, click Next.

41. On the Online Certificate Request Status page, verify that the Assign this certificate to Lync Server
certificate usages check box is selected, and then click Finish.
42. On the Certificate Assignment page, click Next.
43. On the Certificate Assignment Summary page, click Next.
44. On the Executing Commands page, when the Task Status shows Completed, click Finish.

MCT USE ONLY. STUDENT USE PROHIBITED

L2-12 Core Solutions of Microsoft Lync Server 2013

45. On the Certificate Wizard, click the down arrow next to OAuthTokenIssuer to expand the Certificate
Type.
46. Verify that the OAuthTokenIssuer shows Assigned.

MICROSOFT INTERNAL TEACH

47. Click Close to close the Certificate Wizard.

Task 4: Start Lync Server Services.


1.

On LON-FE01, on the Lync Server 2013 - Deployment Wizard page, next to Step 4: Start Services, click
Run.

2.

On the Start Services page, click Next.

3.

On the Executing Commands page, when the Task Status shows Completed, click Finish.

4.

On the Lync Server 2013 Deployment Wizard page, click Exit.

Task 5: Install the Local Configuration Store.


1.

On RED-FE01, in Windows Explorer, open D:\Setup\AMD64\setup.exe.

2.

On the Microsoft Lync Server 2013 pop-up answer yes to the question if to install the Microsoft Visual
C++ runtime.

3.

On the Installation Location page, leave the default location, and then click Install.

4.

On the End User License Agreement page, select the I accept the terms in the license agreement
check box, and then click OK.

5.

On the Lync Server 2013 - Deployment Wizard page, click Install or Update Lync Server System.

6.

On the Lync Server 2013 - Deployment Wizard page, next to Step 1: Install Local Configuration
Store, click Run.

7.

On the Configure Local Replica of Central Management Store page, verify that Retrieve directly
from the Central Management Store is selected, and then click Next.

8.

On the Executing Commands page, when the Task Status shows as Completed, click Finish.

Task 6: Set up components.


1.

On RED-FE01, on the Lync Server 2013 - Deployment Wizard page, next to Step 2: Setup or Remove
Lync Server Components, click Run.

2.

On the Setup Lync Server components page, click Next.

3.

On the Executing Commands page, when the Task status shows as Completed, click Finish.

Task 7: Request and assign certificates.


1.

On RED-FE01, on the Lync Server 2013 - Deployment Wizard page, next to Step 3: Request, Install
or Assign Certificates, click Run.

2.

In the Certificate Wizard window, select the Default Certificate, and then click Request.

3.

On the Certificate Request page, click Next.

4.

On the Delayed or Immediate Requests page, verify that Send the request immediately to an
online certification authority is selected, and then click Next.

5.

On the Choose a Certification Authority (CA) page, verify that LON-DC1.adatum.com\adatum-londc1-ca is listed, and then click Next.

6.

On the Certification Authority Account page, leave the box clear, and then click Next.

7.

On the Specify Alternate Certificate Template page, leave the box clear, and then click Next.

MCT USE ONLY. STUDENT USE PROHIBITED


L2-13

8.

On the Name and Security Settings page, in the Friendly Name box, type RED-FE01 Lync Server
Certificate, and then click Next.

9.

On the Organization Information page, in the Organization box, type A Datum.

MICROSOFT INTERNAL TEACH

10. In the Organizational Unit box, type IT, and then click Next.

11. On the Geographical Information page, in the Country/Region drop-down list, click United States.
12. In the State/Province box, type Washington.
13. In the City/Locality box, type Redmond, and then click Next.
14. On the Subject Name/Subject Alternative Names page, review the Subject Name and Subject
Alternative Names automatically populated, and then click Next.

15. On the SIP Domain setting on Subject Alternate Names (SANs) page, select the ADatum.com check
box, and then click Next.
16. On the Configure Additional Subject Alternative Names page, leave the fields blank, and then click
Next.
17. On the Certificate Request Summary page, click Next.
18. On the Executing Commands page, when the Task Status shows as Completed, click Next.

19. On the Online Certificate Request Status page, verify that the Assign this certificate to Lync Server
certificate usages check box is selected, and then click Finish.
20. On the Certificate Assignment page, click Next.
21. On the Certificate Assignment Summary page, click Next.
22. On the Executing Commands page, when the Task Status shows as Completed, click Finish.

23. On the Certificate Wizard, click the down arrow next to Default Certificate to expand the Certificate
Type.
24. Verify that Server Default, Web Services Internal, and Web Services External all show as Assigned.
25. Click Close to close the Certificate Wizard

Task 8: Start Lync Server Services.


1.

On Red-FE01, on the Lync Server 2013 - Deployment Wizard page, next to Step 4: Start Services,
click Run.

2.

On the Start Services page, click Next.

3.

On the Executing Commands page, when the Task Status shows as Completed, click Finish.

4.

On the Lync Server 2013 Deployment Wizard page, click Exit.

Results: After completing this exercise, you should have a configured Lync Server 2013 deployment.

Exercise 6: Configuring Exchange UM and Enabling Users (optional lab


exercise)

MICROSOFT I