Tuesday, April 12, 2011

Some facts about MS LYNC 2010

Below are some interesting points about MS LYNC 2010, it may or may not be interesting for few, but for me these are interesting. Please add if you like

  • Topology builder will not show group chat servers. ( group chat is still the orphan child for lync)
  • Lync client will reeive notification if some one is trying to add you to the buddy list. (is'nt it interesting)
  • During first login to LYNC user will not see the directory for few hours (thats sad)
  • Their is no guarantee that load will balance in LYNC pool.( whats the logic)
  • If new user is enabled for LYNC, users have to wait for few hours to add the new user to the contact list.
  • Cannot force the address book sync.
  • HLB is used for HTTP/HTTPs traffic and LYNC pool is used for HA
  • EDGE server is on DMZ doesn't show in AD ( Security)
  • Director server receives both good and bad authentication. Front server receives only good logins ( thats really good)
  • Primary and backup registrar details is cached locally. So in case of failover client knows where to go ( thats smart)
  • Dial-in conference should be deployed in each pool
  • Anonymous meeting will always have one authenticated user to start the meeting
  • Authenticated meeting will have all user to login with password
  • Users wil not be authenticated with certificate during the first login.
  • Every IM opens in new window (imagine you have 50 people IM to you)
  • Recorded meeting are stored locally.
  • Cannot paste screenshot or images in LYNC
  • Cannot add custom images
  • Failed user dont have to disconnect, they will be placed in the lobby and the leader will be notified

Monday, March 14, 2011

Microsoft Lync Server Guides


Microsoft Lync Server 2010 Device Management and Troubleshooting Guide
The purpose of the Microsoft Lync Server 2010 Device Management and Troubleshooting Guide is to provide guidance on how to manage and update devices. It is also intended to answer frequently asked questions. This document identifies supported topologies, configurations, and scenarios described in detail in the Lync Server device deployment and planning documentation.

Read more

Microsoft Lync Server 2010 Standard Edition Deployment Guide
This document guides you through the process of deploying Lync Server 2010 Standard Edition and configuring dial-in conferencing.

Read more

Microsoft Lync Server 2010 Response Group Deployment Guide
This download guides you through the process of configuring the Response Group feature for Enterprise Voice.

Read more

Microsoft Lync Server 2010 Enterprise Voice Guide
This download contains two documents: Deploying Enterprise Voice at Central sites and Deploying Branch Sites

Read more

Enabling QoS with Microsoft Lync Server 2010
If your Windows Server network supports Quality of Service (QoS) management, you can take advantage of this functionality to optimize media traffic in your Microsoft Lync Server 2010 deployment. This guide shows you how.

Read more

Microsoft Lync Server 2010 Enterprise Edition Deployment Guide
This document guides you through the process of deploying Lync Server 2010 Enterprise Edition and configuring dial-in conferencing for Lync Server 2010.

Read more

Migrating from Communications Server 2007 R2 to Lync Server 2010
This document provides guidance from migration from Office Communications Server 2007 R2 to Microsoft Lync Server 2010.

Read more

Microsoft Lync Server 2010 Documentation Help File
This download contains a compiled help file (chm) of all the available Lync Server 2010 IT professional documentation on the Technical Library.

Read more

Microsoft Lync Server 2010 Monitoring Deployment Guide
This document guides you through the process of deploying Lync Server 2010 Monitoring Server.

Read more

Microsoft Lync Server 2010 Archiving Deployment Guide
The purpose of the Microsoft Lync Server 2010 Archiving Deployment Guide is to guide you through the process of deploying Lync Server 2010 Archiving Server and the related components that are required to support archiving of instant messaging and web conferencing (meeting) content.

Read more

Microsoft Lync Server 2010 Edge Server Deployment Guide
This document guides you through the process of deploying Lync Server 2010 edge servers and Directors.

Read more

Microsoft Lync Server 2010 Client and Device Deployment Guide
This download guides you through the process of deploying client software and devices for Lync 2010.

Read more

Microsoft Lync Server 2010 Active Directory Guide
This document guides you through the process of preparing Active Directory for Microsoft Lync Server 2010 and includes the Active Directory schema reference.

Read more

Microsoft Lync Server 2010 Call Park Deployment Guide
This download guides you through the process of configuring the Call Park call management feature for Enterprise Voice.

Read more

Microsoft Lync Server 2010 Reference: Call Data Recording and Quality of Experience Database Schema
This document describes the call detail recording (CDR) and the Quality of Experience (QoE) databases schemas in Microsoft Lync Server 2010.

Read more

Microsoft Lync Server 2010 Supportability Guide
This guide provides a central, high-level reference for supported server topologies and configurations and supported client configurations. It is also intended to answer frequently asked questions. This document identifies supported topologies, configurations, and scenarios described in detail in the Lync Server deployment and planning documentation.

Read more

Microsoft Lync Server 2010 Announcement Deployment Guide
This download guides you through the process of configuring the Announcement call management feature for Enterprise Voice.

Read more

Microsoft Lync Server 2010 Group Chat Administration Guide
This document guides you through the process of administering Lync Server 2010 Group Chat Server and the related components that are required to let organizations set up searchable, topic-based chat rooms that persist over time, allowing geographically distributed teams to better collaborate with one another while preserving organizational knowledge.

Read more

Microsoft Lync Server 2010 Group Chat Deployment Guide
This document guides you through the process of migrating and deploying Lync Server 2010 Group Chat Server and the related components that are required to let organizations set up searchable, topic-based chat rooms that persist over time, allowing geographically distributed teams to better collaborate with one another while preserving organizational knowledge.

Read more


Tuesday, February 1, 2011

Lync DNS Load Balancing and Server Draining

Recently I was onsite with a customer and was asked about DNS Load Balancing. How does it work? Why the change from OCS 2007 R2?

DNS Load Balancing

Microsoft Office Communications Server 2007 requires a Hardware Load Balancer (HLB) to provide resilience for the Enterprise pool. This configuration is both expensive and difficult to configure for SIP load balancing. Lync 2010 introduces DNS load balancing as an alternative to hardware load balancing.

How it Works

The front-end servers register their fully qualified domain name (FQDN) as A records in DNS. When the Enterprise pool is created, the pool FQDN is registered to return from DNS the list of IP addresses of all the front-end servers. The client attempts to connect to one of the IP addresses that were returned. If this connection fails, the client attempts to connect to the next IP address in the list until the connection succeeds.

Server Failure and Recovery

When a server fails, the physical registrar sequence is updated to show the server as unavailable and shared amongst all surviving servers by using a server-server heartbeat. Users are redirected to the next server in their logical registrar sequence and are then connected in backup mode. The server will be recovered returning the physical registrar sequence back to its original state.

Server Commission and Decommission

When topology changes occur, the logical registrar sequence is recalculated for all users. Some users are re-homed to a different front-end server in the same pool. When the server is fully operational, the heartbeat process updates the physical registrar sequence. This results in the batched re-registration process. Decommission is very similar to server failure, with the exception of the re-home to a new primary registrar being part of the decommission process. The topology change results in the recalculation of the logical registrar sequence. This step doesn't happen in a server failure.

You can use DNS load balancing for the SIP traffic on Front End pools and Director pools. With DNS load balancing deployed, you still need to also use hardware load balancers for these pools, but only for HTTP and Distributed Component Object Model (DCOM) traffic. The hardware load balancer is used for HTTP traffic from clients over ports 443 and 80, and for DCOM traffic over port 135 from administrators performing user moves.

Although you still need hardware load balancers for these pools, their setup and administration will be primarily for HTTP traffic, which the administrators of hardware load balancers are accustomed to.

DNS Load Balancing Decision Guidelines

Situation

DNS load balancing supported?

DNS load balancing recommended?

Hardware load balancer (only) recommended?

All or most users homed in the pool run Lync Server 2010 clients.

Yes

Yes

 

Many users homed in the pool still running older clients.

Yes

 

Yes

Interoperates only with other Lync Server 2010 servers.

Yes

Yes

 

Interoperates with many servers running earlier versions of Office Communications Server.

Yes

 

Yes

Running Exchange UM with Exchange 2010 SP1 (or not running Exchange UM)

Yes

Yes

 

Running Exchange UM with earlier versions of Exchange

Yes

 

Yes

Before you can use DNS load balancing, you must:

  1. Override the internal web services pool FQDN.
  2. Create DNS A host records to resolve the pool FQDN to the IP addresses of all the servers in the pool.
To override internal web services FQDN

1. From the Lync Server 2010 program group, open Topology Builder.

2. From the console tree, expand the Enterprise Edition Front End pools node.

3. Right-click the pool, click Edit Properties, and then click Web Services.

4. Below Internal web services, select the Override FQDN check box.

5. Type the pool FQDN that resolves to the physical IP addresses of the servers in the pool.

6. Below External web services, type the external pool FQDN that resolves to the virtual IP addresses of the pool, and then click OK.

7. From the console tree, select Lync Server 2010 , and then in the Actions pane, click Publish Topology.

To create DNS A Host Records for all internal pool servers

1. For each Front End Server in your pool, create a DNS A Host record that maps the pool FQDN to the IP address of that Front End Server.

For example, if you had a pool named pool1.contoso.edu  and three front-end servers, you would create the following DNS entries:

FQDN

Type

Data

Pool1.contoso.edu

Host A

192.168.1.10

Pool1.contoso.edu

Host A

192.168.1.20

Pool1.contoso.edu

Host A

192.168.1.30

     

 

Server Draining

A new feature called server draining enables you to take a server offline without any loss of service to users. When a server is drained it stops taking new connections and calls. These new connections and calls are routed through other servers in the pool. A server being drained allows its sessions on existing connections to continue until they naturally end. When all existing sessions have ended, the server is ready to be taken offline

Adding Custom Presence to Lync

Office Communicator has supported the customization of up to 4 additional presence states for some times, and there are many articles all over the Internet on this topic.  But I have not yet seen one specifically for Lync, so here is a brief overview. 

Basically the same configuration steps are used as what Office Communicator 2007 R2 required, since a change to the default security behavior was added after the 2007 (R1) client which prevented the use of non HTTPS connections to the configuration file.

  1. Create a new XML file on the local workstation and customize the presence states and descriptions.
  2. Disable SIP High Security Mode within Lync.
  3. Enable Custom Presence States within Lync.

So if you already know how to do this in the OCS R2 client, then follow the same steps.  For those of you new to the Communications Server products then here is a step-by-step walkthrough specifically for Lync.

Configuration File

The custom configuration information is stored in an XML file that must be manually created first.  Unique entries can be created with a few limitations: a maximum of 4 states and a limit of 64 characters in the description text.  This file can be accessed by the Lync client using either direct access to the file (via local disk or shared directory on a remote server) or as a web client using HTTP or HTTPS.

The aforementioned change between OC 2007 and 2007 R2 is the default behavior is now to force a secure connection to the XML file, limiting the option to only accessing the file via HTTPS.  This is fine when you want the same custom states to be available for multiple users across all workstations, but for simply adding the additional states to a single primary workstation for yourself using a local file is the best approach.

Because Lync follows the same default behavior of forcing HTTPS then in order to use a local XML file this behavior will need to be disabled, which will be addressed in the next section.  For now the following steps should be performed to create the configuration file and store it on the local workstation.

  • Copy the following text and save into a new text file named presence.xml saved somewhere on the local workstation. (e.g. c:\Windows\presence.xml).  (This file can be saved anywhere as long as file security settings allow read access to it.  Commonly it can be stored in either the client installation directory or user's documents folder.  I simply prefer to drop stuff in the system directory and the path is simple and does not include spaces which often require encapsulating paths within quotes.)

<customStates>
  <customState ID="1" availability="Busy">
    <activity LCID="1033">Urgent Interruptions Only</activity>
  </customState>
  <customState ID="2" availability="Busy">
    <activity LCID="1033">Customer Demo</activity>
  </customState>
  <customState ID="3" availability="Busy">
    <activity LCID="1033">In a Video Call</activity>
  </customState>
  <customState ID="4" availability="Busy">
    <activity LCID="1033">In Training Session</activity>
  </customState>
</customStates>

  • Within the presence.xml file edit the availability values and description text to customize each of the 4 custom states to the desired information.  The availability values are limited to the following strings: Online, Busy, and Do-Not-Disturb.  The activity string text is limited to a maximum of 64 characters.

Registry Settings

To trigger the Lync client to import and use the custom state information two settings will need to be set within the local  workstation's registry.  The first is to allow a local file to be read and removed the HTTPS requirement while the second settings tell Lync where to find the presence configuration file.

  • Create a new REG_DWORD value named EnableSIPHighSecurityMode in the Communicator Software Policies key shown below.  Enter the value of '0' to disable this security mode.

Path: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Communicator
Name: EnableSIPHighSecurityMode
Value: 0

  • Create a new REG_SZ value named CustomStateURL in the same key as shown below.  Enter the absolute path to the presence.xml file using the file:/// URL format.

Path: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Communicator
Name: CustomStateURL
Value: file:///C:/Windows/presence.xml

image

Restart Lync

  • Exit and restart the Lync client to pick up the configuration changes and then pull down the status menu to locate the new choices.

image

Lync 2010 Client Policies

Rejoice Lync Administrators!  Gone are the days of out-of-band provisioning (Group Policy) and utilizing in-band-provisioning (connecting to the server and getting custom settings).  This is great news as many companies have machines that are either domain-joined and/or are outside of the network.  Deploying Group Policies are not viable for non-domain joined machines and are possible to mobile workers if you are using Direct Access.  But, with Lync 2010, you won't have to worry about either.  Because Group Policies for Lync 2010 Client Settings have now been moved to in-band provisioning.  Lync 2010 uses the Lync Management Shell (LMS) to manage these in-band settings utilizing commands with the following noun: CSClientPolicy*.  Commands with this noun include:

  • New-CSClientPolicy
  • Get-CSClientPolicy
  • Set-CSClientPolicy
  • Grant-CSClientPolicy
  • Remove-CSClientPolicy
  • New-CSClientPolicyEntry

The main commands will will look at are the first four commands.

The biggest thing to note about Client Policies, is that they can be configured at three different levels.  These levels include:

  • User Level
  • Site Level
  • Global Level

By default, user policies are set at the Global Level.  Unfortunately, the Get-CSClientPolicy -Identity User, does not show anything other than the user set policies. So let's say I want to see what I am assigned.  I can run the following command:

Get-CSUser "Shudnow, Elan"

VoicePolicy                       : ChicagoVoicePolicy
ConferencingPolicy                :
PresencePolicy                    :
DialPlan                          :
LocationPolicy                    :
ClientPolicy                      : ChicagoClientPolicy
ClientVersionPolicy               :
ArchivingPolicy                   :
PinPolicy                         : ChicagoPinPolicy
ExternalAccessPolicy              :
HostedVoiceMail                   :
HostedVoicemailPolicy             :

If one of the variables above is $null, that doesn't mean you are not abiding by some policy.  The above will only display User Level Policies.  Site Level and Global Policies are not displayed.  This is because User Level Policies are readily available in Active Directory whereas the Site Level Policies and Global Policies.  More information on this as well as a script that can provide more verbose information showing what policies including Site Level Policies or Global Level Policies are included here.

But by default, we can see that no policies exist other than the Global Policy by running the following command:

Get-CsClientPolicy | FL Identity

There are some fundamental things you should know about when managing policies on users:

  • When we want to create policies, we use the New-CSClientPolicy command.
  • When we want to modify policies, we use the Set-CSClientPolicy command.
  • When using the Set-CSClientPolicy with no -Identity (as -Identity is actually Optional), the Global Policy is modified.
  • When using the Set-CSClientPolicy with the -Identity specified, if we want to modify or create a Site Policy, we prefice the Identity with site:.  For Example: Set-CSClientPolicy -Identity site:Chicago.
  • When using the Set-CSClientPolicy with the -Identity specified, if we want to modify or create a User Policy, we do not prefice the Identity. For Example: Set-CSClientPolicy -Idenitty ChicagoClientPolicy.
  • When setting a client policy on a user, we use the Grant-CSClientPolicy.  For Example: Grant-CsClientPolicy -Identity "Elan Shudnow" -PolicyName SalesPolicy

Example

Let's take a look at an example.  Let's remove the ability for my account to be able to display photos.  As you can see in the following screenshot, I currently have the ability to display photos:

We need to first create the ChicagoClientPolicy.  We do this by running the following command:

New-CSClientPolicy -Identity ChicagoClientPolicy

Now let's re-run the command we saw in the first screenshot in this article to verify we see both a Global Policy as well as our new ChicagoClientPolicy.

Get-CsClientPolicy | FL Identity

I will run the following two commands command to remove the ability to Display Photos for our new ChicagoClientPolicy and then verify the DisplayPhoto parameter is set to NoPhoto:

Set-CSClientPolicy -Identity ChicagoClientPolicy -DisplayPhoto NoPhoto
Get-CSClientPolicy -Identity ChicagoClientPolicy | Format-List DisplayPhoto

Now we'll have to assign the ChicagoClientPolicy to my user account and then verify it was assigned.  We do this by running the following commands:

Grant-CSClientPolicy -Identity "Shudnow, Elan" -PolicyName ChicagoClientPolicy
Get-CSUser -Identity "Shudnow, Elan" | FL ClientPolicy

After signing out and signing back in, voila, pictures are no longer there.  Success!

But, let's say we wanted to reverse this.  You may think to yourself, can I just set the setting to Null/Remove Policy or do I have to set the property to the opposite value to reset the registry setting?  Well, let's have a look.  I'm going to try to just remove the policy from my account and verify that and then see if that takes care of it.  I'll do this by running the following command:

Grant-CSClientPolicy -Identity "Shudnow, Elan" -PolicyName $Null
Get-CSUser -Identity "Shudnow, Elan" | FL ClientPolicy

After signing out and signing back in, voila, pictures are back.  Success again!

Friday, January 28, 2011

Server Hardware Platforms

Microsoft Lync Server 2010 communications software server roles and computers running Lync Server administrative tools require 64-bit hardware.
The specific hardware used for Lync Server 2010 deployment can vary depending on size and usage requirements. This section describes the recommended hardware. Although these are recommendations, not requirements, using hardware that does not meet these recommendations can result in significant performance impacts and other problems.
The following table describes the recommended hardware for all servers where you plan to install Lync Server 2010, except for the Director server role. These recommendations are based on a user pool of 80,000 users with eight Front End Servers and one Back End Server.

Hardware Recommendations for Servers Running Lync Server 2010

Hardware component Recommended
CPUOne of the following:
  • 64-bit dual processor, quad-core, 2.0 GHz or higher
  • 64-bit 4-way processor, dual-core, 2.0 GHz or higher
Intel Itanium processors are not supported for Lync Server 2010 server roles.
Memory16 GB
DiskLocal storage with at least 72 GB free disk space on a 10,000 RPM disk drive
Network1 network adapter required (2 recommended), each 1 Gbps or higher
Servers running the Director server role have lesser hardware requirements. These recommendations are based on a maximum of 39,000 external users per Front End pool (which follows the user model of 80,000 users per Front End pool, with 30% of users connecting externally and 1.5 multiple points of presence (MPOP)

Hardware Recommendations for Directors

Hardware component Recommended
CPUOne of the following:
  • 64-bit processor, quad-core, 2.0 GHz or higher
  • 64-bit dual processor, dual-core, 2.0 GHz or higher
Intel Itanium processors are not supported for Lync Server 2010 server roles.
Memory4 GB
DiskLocal storage with at least 72 GB free disk space on a 10,000 RPM disk drive
Network1 network adapter required (2 recommended), each 1 Gbps or higher
Back End Server requirements and requirements for other database servers are similar to those of servers running Lync Server 2010, except that Back End Servers require additional memory. The following table describes the recommended hardware for a Back End Server or other database servers, based on a 80,000 user pool with eight Front End Servers and one Back End Server with all databases required for you Lync Server deployment running on a single database server.

Hardware Recommendations for Back End Servers and Other Database Servers

Hardware component Recommended
CPUOne of the following:
  • 64-bit dual processor, quad-core, 2.0 GHz or higher
  • 64-bit 4-way processor, dual-core, 2.0 GHz or higher
Memory32 GB recommended for Back End Server (with or without collocated Archiving and Monitoring databases), 16 GB recommended for Archiving and Monitoring database (not collocated with the Back End Server).
DiskLocal storage with at least 72 GB free disk space on a 10,000 RPM disk drive
Network1 network adapter required (2 recommended), each 1 Gbps or higher each

Thursday, January 27, 2011

How to complete basic backup of your OCS installation, including configuration and databases.

First we look at the configuration on the front end server. In this scenario we will complete backup of Front end and mediation server from the front end server. If you have additional servers they are easily added to this script.
  • First Create an folder on the C: drive of the FE server called “Backup”
  • Browse to the new folder “c:\Backup”
  • Create a new .bat file called “OCS-backup.bat”
  • Edit the .bat file
—– Content of OCS-backup.bat——–
“C:\Program Files\Common Files\Microsoft Office Communications Server 2007\lcscmd” /config /action:export /level:machine /configfile:c:\backup\[name of front-end server]-Serversettings.xml /fqdn:[fqdn of front-end server]

“C:\Program Files\Common Files\Microsoft Office Communications Server 2007\lcscmd” /config /action:export /level:machine /configfile:c:\backup\[name of mediation server]Serversettings.xml /fqdn:[fqdn of mediation server]

“C:\Program Files\Common Files\Microsoft Office Communications Server 2007\lcscmd” /config /action:export /level:pool /configfile:c:\backup\[poolname]-Pool.xml /poolname:[poolname]


“C:\Program Files\Common Files\Microsoft Office Communications Server 2007\lcscmd” /config /action:export /level:global /configfile:c:\backup\[poolname]-Global.xml /poolname:
[poolname]

“C:\Program Files\Common Files\Microsoft Office Communications Server 2007\lcscmd” /config /action:export /level:global,pool /configfile:c:\backup\[poolname]-GlobalAndPool.xml /poolname:
[poolname]
————END————-
Please note that the pool name is the same as the hostname of the Front End server in Standard Edition deployment.
  • Save the file and give it a test run. You should get 5 .xml files in c:\backup directory
Backup of the Access Edge server is very similar. It should be backed up, however it is not needed every day, depending on your company’s security requirements. Backing up configuration every time a change is applied to the server is a very good idea.
The command is the same as for the Mediation and Front End server:
——-Access Edge Backup——–
“C:\Program Files\Common Files\Microsoft Office Communications Server 2007\lcscmd” /config /action:export /level:machine /configfile:c:\backup\Serversettings.xml /fqdn:
——–END——–
Then we move to backing up SQL Databases:
If you have a backup application that supports SQL 2005, its possible to backup the databases directly.
If you are left without this tool, there are other ways. In this case i will describe the procedure for the Standard edition of OCS deployments, and there for assume that OCS is using an SQL 2005 Express.
First you need the Microsoft SQL Server Management Studio Express
  • Download and install the package on your Front End server
This enables you to view and generate SQL scripts. For this deployment, the below scripts will work:
———–RTC-backup.sql———–
BACKUP DATABASE [rtc] TO DISK = N’C:\Backup\rtc.bak’ WITH NOFORMAT, INIT, NAME = N’rtc-Full Database Backup’, SKIP, NOREWIND, NOUNLOAD, STATS = 10
GO
—————END————–
———–RTCconfig-backup.sql———–
BACKUP DATABASE [rtcconfig] TO DISK = N’C:\Backup\rtcconfig.bak’ WITH NOFORMAT, INIT, NAME = N’rtcconfig-Full Database Backup’, SKIP, NOREWIND, NOUNLOAD, STATS = 10
GO
—————END————–
———–RTCdyn-backup.sql———–
BACKUP DATABASE [rtcdyn] TO DISK = N’C:\Backup\rtcdyn.bak’ WITH NOFORMAT, INIT, NAME = N’rtcdyn-Full Database Backup’, SKIP, NOREWIND, NOUNLOAD, STATS = 10
GO
—————END————–
  • Create the 3 .sql scripts and save them to the c:\backup folder.
  • Now create a new .bat file called OCS-sql-backup.bat
———–OCS-sql-backup.bat———–
sqlcmd -S .\rtc -i c:\backup\rtc-backup.sql
sqlcmd -S .\rtc -i c:\backup\rtcconfig-backup.sql
sqlcmd -S .\rtc -i c:\backup\rtcdyn-backup.sql
—————END————–
Now you have 2 .bat files (OCS-sql-backup.bat & OCS-backup.bat) and all that is left is to create a couple of Scheduled Task to run these every day, and configure your file level backup to take backup of the c:\Backup folder.

Lync 2010 v/s OCS 2007

OCS 2007 / 2007 R2Lync Server 2010
Virtualization not supported accepts some roles.Every role can be either virtual or physical.
A/V conferencing service cannot work separate.A/V conferencing service can run in a standalone server role which we can call A/V Conferencing Server.
No specific limits for A/V conferencing pool.If site has more than 10,000 users, we recommend that you deploy a separate A/V Conferencing pool.
No Survivable Branch Appliance.Survivable Branch Appliance, which is a new device introduced in Lync Server 2010.
Mediation role cannot be collocated with FE.Collocation of mediation with FE is recommended if you are not using SIP trunking or Direct SIP.
No Topology Builder.Lync 2010 giving you the opportunity to create your own topology for deployment.
No Central Management Store kind of thing.In Microsoft Lync Server 2010, configuration data about servers and services is moved to the Central Management store. Read-only copies of the data are replicated to all servers in the topology, including Edge Servers and survivable branch appliances
No Management Shell accept LCSCMD command.The Lync Server 2010 Management Shell is a new method of administration and management.
No Role base access control.Lync introduces role-based access control (RBAC). Lync Server 2010 includes 11 predefined roles that cover many common administrative tasks, also you can create custom roles.
MMC for Administration.Administration console is no longer using MMC, Lync Server Control Panel replaces the MMC administrative interfaces
No load balancing for SIP traffic.The Lync Server 2010 introduces DNS load balancing for SIP and media traffic (you will still need hardware LB for other traffic such as HTTP however this is the easiest part in configuring a HW load balancer)
Edge Server is separate and in DMZ.You manage Edge Servers from the internal network. All configuration data for servers and services resides in the Central Management database, which you can manage by using internal administrative tools.
No Support for hosted Exchange UM.Lync Server 2010 introduces support for integration with hosted Exchange UM.
No Support for Enhanced 9-1-1.Lync supports Enhanced 9-1-1 (E9-1-1) as part of your Enterprise Voice deployment.
1 Mediation means 1 Gateway.New for the Mediation Server in Microsoft Lync Server 2010 is the ability for a single Mediation Server to route outbound calls through multiple gateways.
No separate pool for Mediation.Lync Server 2010 has the ability for a Mediation Server to be deployed as a pool; this pool can be collocated with the Front End pool, or can be a standalone pool.
MOC cannot be updated through WSUS.Lync client can be updated through WSUS.
No support for Analog devices.Lync Server 2010 provides support for analog devices. Specifically, the supported analog devices are analog audio phone and analog fax machines. Now you can configure the analog gateways and devices in your organization to use Lync Server 2010.

Setting Up Your First Domain Controller With Windows Server 2008

  dcpromo.exe command, it will also be used to set up a Domain Controller on Windows Server 2008.

To use the command, click on Start  > Run > and then write dcpromo > Click OK

after the binaries were installed.

                        


The following table lists the additional wizard pages that appear for each deployment configuration when you select the Use advanced mode installation check box.
Deployment configuration
Advanced mode installation wizard pages
New forest
Domain NetBIOS name
New domain in an existing forest
On the Choose a Deployment Configuration page, the option to create a new domain tree appears only in advanced mode installation.
Domain NetBIOS name
Source Domain Controller
Additional domain controller in an existing domain
Install from Media
Source Domain Controller
Specify Password Replication Policy (for RODC installation only)
Create an account for a read-only domain controller (RODC) installation
Specify Password Replication Policy
Attach a server to an account for an RODC installation
Install from Media
Source Domain Controller

Directory Services Restore Mode Administrator Password (DSRM) page, write a password and confirm it. This password is used when the domain controller is started in Directory Services Restore Mode, which might be because Active Directory Domain Services is not running, or for tasks that must be performed offline.
Make sure that you memorize this password when you need it. I know many administrators forgot it when they most needed it !!



Make sure the password meet the password complexity requirements of the password policy, that is a password that contains a combination of uppercase and lowercase letters, numbers, and symbols. else you will receive the following message  :



  1. If you have set up a domain controller previously with Windows 2000 Server, or Windows Server 2003, then you would be familiar with the
  2. The system will start checking if Active Directory Domain Services ( AD DS) binaries are installed, then will start installing them. The binaries could be installed if you had run the dcpromo command previously and then canceled the operation
  3. The Active Directory Domain Services Installation Wizard will start, either enable the checkbox beside Use Advanced mode installation and Click Next , or keep it unselected and click on Next


  4. The Operating System Compatibility page will be displayed, take a moment to read it and click Next

  5. Choose Create a new domain in a new forest, Click Next

  6. Enter the Fully Qualified Domain Name of the forest root domain inside the textbox, click Next
  7. If you selected Use advanced mode installation on the Welcome page, the Domain NetBIOS Name page appears. On this page, type the NetBIOS name of the domain if necessary or accept the default name and then click Next.

  8. Select the Forest Functional Level, choose the level you desire and click on Next. Make sure to read the description of each functional level to understand the difference between each one.

  9. In the previous step, If you have selected any Forest Functional Level other than Windows Server 2008 and clicked on Next , you would then get a page to select the Domain Functional Level. Select it and then click on Next


  10. In the Additional Domain Controller Options page, you can select to install the Domain Name Service  to your server. Note that the First domain controller in a forest must be a Global Catalog  that's why the checkbox beside Global Catalog is selected and it cannot be cleared. The checkbox is also selected by default when you install an additional domain controller in an existing domain, however you can clear this checkbox if you do not want the additional domain controller to be a global catalog server. The first domain controller in a new forest or in a new domain can not be a Read Only Domain Controller (RODC), you can later add a RODC but you must have at least one Windows Server 2008 Domain Controller.

    I want to set my DC as a DNS Server as well, so I will keep the checkbox beside DNS Server selected and click on Next


  11. If the wizard cannot create a delegation for the DNS server, it displays a message to indicate that you can create the delegation manually. To continue, click Yes
  12. Now you will have the location where the domain controller database, log files and SYSVOL are stored on the server.
    The database stores information about the users, computers and other objects on the network. the log files record activities that are related to AD DS, such information about an object being updated. SYSVOL stores Group Policy objects and scripts. By default, SYSVOL is part of the operating system files in the Windows directory

    Either type or browse to the volume and folder where you want to store each, or accept the defaults and click on Next


  13. In the
  14. Summary page will be displayed showing you all the setting that you have set . It gives you the option to export the setting you have setup into an answer file for use with other unattended operations, if you wish to have such file, click on the Export settings button and save the file.


  15. DNS Installation will start

  16. Followed by installing Group Policy Management Console, the system will check first if it is installed or not.


  17. Configuring the local computer to host active  directory Domain Services and other operations will take place setting up this server as a Domain Controller









  18. Active Directory Domain Services installation will be completed, click Finish, then click on Restart Now to restart your server for the changes to take effect.




  19. Once the server is booted and you logon to it, click on  Start > Administrative Tools ,  will notice that following have been installed :
  • Active Directory Domains and Trusts
  • Active Directory Sites and Services
  • Active Directory Users and Computers
  • ADSI Edit
  • DNS
  • Group Policy Management


Summary
Setting up a Domain Controller in Windows Server 2008 to install Active Directory Domain Services is performed by running the dcpromo command. It has some new options like using Advanced Mode Installation, and exporting settings to an answer file . In my next articles, I will show you how to perform an unattended installation to set up your domain controller, and also how to set up an additional domain controller using Windows Server 2008

Wednesday, January 26, 2011

Lync Server 2010 lab requirement

  • Windows 2008 R2 as the OS for Lync
  • Windows 2008 R2 Active Directory (mbdomain.ad)
  • 1 Lync server SE (The Standard Edition server supports IM, presence, A/V conferencing and Web conferencing)
  • 1 Lync consolidated Edge server (Will be used later)
  • TMG as the edge firewall and reverse proxy (Will be used later)
  • Windows 2008 R2 CA standalone
  • Windows 7 for the Lync client
  • Remote Admin is enabled on the Lync server

LYNC 2010 Lab Setup

It’s official; the new name of OCS is Lync!   With the name change comes a number of new features including revamped management interfaces (Topology Builder, Deployment Wizard and CSCP) and a Management Shell with tons of great new scripting capabilities.
With all of these new features available, and a new way to deploy I thought it would be fitting to cover deploying a topology.   To start things off easy we’ll jump into a single box Standard Edition pool.  Over the next few articles I will add layers to this deployment until it resembles what you may want to use in your environment.
Keep in mind the RC is for lab use only; it is not a good idea to install this into your production domain.  Also, please read the reference documents here:
Now let’s start with a link to the download:
For this install you’ll need a DC/DNS/CA server (I named mine lyncdc.ocsguy.local), we’ll bypass that portion of the install to keep the article to a reasonable length.
Once you have your Lync Server on the domain we need to install all the pre-requisites:
Here’s a quick ServerManagerCMD script to make that happen, to use this open a Command Prompt (Run As Administrator) and paste the information below.  For formatting purposes copy this into notepad and make sure when wordwrap is unchecked it is all on one line.
****Begin Copy Below This Line****
servermanagercmd -i NET-Framework Web-WebServer Web-Common-Http Web-Static-Content Web-Default-Doc Web-Dir-Browsing Web-Http-Errors Web-Http-Redirect Web-Asp-Net Web-ISAPI-Ext Web-ISAPI-Filter Web-Http-Logging Web-Log-Libraries Web-Http-Tracing Web-Security Web-Windows-Auth Web-Client-Auth Web-Performance Web-Stat-Compression Web-Mgmt-Tools Web-Mgmt-Console Web-Scripting-Tools telnet-client rsat-adds
****End Copy Above This Line ****
Now that we have the roles and features necessary we reboot to complete the installation and start the install.
Go to your DVD Drive>Setup>AMD64>  and run Setup.exe
Click “OK” to install the vcredist package.
Next you will see the LyncServer 2010 Install screen (sometimes this is hidden behind your explorer window); click Install
After accepting the license agreement the install will begin.
Now we will see the “Deployment Wizard”, we’ll skip over the “Prepare Active Directory” section for the article (but you should do it if you are following along at home) and go right to install of the “Topology Builder”
And onto “Prepare First Standard Edition Server”, this preps our new lyncserver to house the Central Management Store (CMS).
This will take a couple of minutes, so now is a good time to get up and grab some coffee or stretch…
Now our server is ready to host the CMS and we can start out with the Topology Builder.
With Lync Microsoft has built a fantastic deployment configuration utility in the Topology Builder that allows you to create your entire topology all at once, and then it stores this topology in the CMS where each server can access it.  After the topology is published, you run the “Deployment Wizard” on each server and its rolls are automatically installed.  I must say I really like this utility!
So we open “Lync Server Topology Builder” and choose “New Topology”
We are prompted to select a name and a location to save the Topology Builder XML file to (tbxml).  Each time we open the topology builder we will be presented with this same option, after publishing the topology the first time we will choose “Download Topology”.  The great part of this is you can make a copy of this file every time you are logging in to make a change, in the event of an issue just grab the previous file and re-publish it.
Now we are creating our topology, we start by defining our SIP domain.  In this case I will be using ocsguy.info for the SIP domain, ocsguy.local is the internal domain name and will not be needed.
Now we define our first site
And now we are finished, notice the check box is selected to take us right into the “New Front End Wizard”:
On to the Front End configuration:
Make sure to check “Standard Edition”
We select our features, bypassing CAC and the collocated Mediation server for now.
And bypass the other roles for now
 
Now we need to create a file share named “Share” on the Front End server
  
Now we can see our topology in place and are ready to publish it

Once our topology is published, we need to go back into the Deployment Wizard and let the wizard configure our new standard edition server.
We choose “Install Local Configuration Store” first and select “Retrieve directly from Central Management Store” for the replica selection
Now on to step 2, this is almost identical to Step 1, with one exception.  You will be prompted to reboot the server and re-start the installation during this step:
Once you have restarted after the prompt you come right back into the deployment and run Step 2 again:
Now we request our certificate, this is a pretty standard process, I haven’t included every screenshot but the important ones are below
We now start the services (step 4)
Before we can enable our first user, we have to add the “Administrator” account to some roles in AD, from ADUC right click the administrative user, go to properties and open the “Member of” tab.  Add the Administrator account to the groups shown below.
Next, log off and back on to the Front End server to let the permissions take effect.
Now we can go out to our Communications Server Control Panel (CSCP).
If you haven’t installed SilverLight already you’ll see a prompt to do so now
  
Now we enable a test account:
Since we haven’t deployed Exchange yet we can’t base the SIP address on the email address so I chose SAMAccountName, make sure to choose your public SIP Domain (in this case ocsguy.info) and not your internal domain.
Now we log into DNS and create A records:
Lyncse.ocsguy.info          172.16.5.151
Dialin.ocsguy.info            172.16.5.151
Meet.ocsguy.info             172.16.5.151
And the SRV record:
_sipinternaltls._tcp.ocsguy.info:

And last but not least, we get to sign in (if the computer you are testing from isn’t joined to the domain you will need to import the root certificate).
After enabling a few more users you can begon testing and learning all of the great new features of Lync.  Check back soon as I will be going over the next step in the process, adding external connectivity.