Tag Archives: lync 2010

Lync 2010 Address book Service, a quick glance

Lync 2010Leave a comment

In the past I had written an article on Exchange 2010 address book service on how it generates the address book, distributed and client are updated. Here is the Web Link. I thought I should write one similar for Lync 2010 as well. This will give you a fair idea on Lync address book generation, synchronization and client updating process. Although it’s an entirely a different process than exchange 2010

Below is the high-level step to give you easy understating of this process

1. Lync address book service helps to generate both offline(Phones) and online address book(Lync) and its generally knows as Global Address list(GAL)

2. It also provides Address book web query service. Using these Lync clients can directory query active directory for group membership details.

3. Lync Address book service are part of the both Lync standard and Enterprise edition server

4. Only one server in a front pool can run address book service. So each front end pool will have its own address book server running address book service.

5. Address book service uses user replicator to query active directory service (AD DS) on a schedule interval and updates the data into the SQL Database RTCCab and RTC. This normally happen every 60 second

6. User Replica always performs read only from the Active directory and it use LDAP to query new and updated information on users, contacts and group objects from Active directory.

7. Address Book Server Synchronizes the user data from the RTCab database into files in the Address Book Server file store. It only pulls the new and updated data from the RTCab database. It occurs once every 24 hrs and by default it’s scheduled to run every day at 1:30 AM.

8. This schedule can be changed to multiple times depending on the requirement or it can be forced to run immediately with the help of Lync PowerShell cmdlets “Update-csAddressbook”

9. Address Book Server file store has two sets of address book files, One is for clients such as Lync 2010 with type .lsabs and other is the compact version for phone device in the format .dabs with some limited information which helps for the phone devices with lesser memory.

10. UNC Path of the Address Book Server file store is \\lyncserver\lyncshare\1-WebServices-1\ABFiles\

11. Multiples of .lsabs and .dabs are stored in Address Book Server file store. They are full address book files and delta address book files. Full address book files for lync clients start with the format F-xxxx.lsbs and delta file start with D-xxxx-yyyy.lsbs. Similarly for mobile devices, it starts with F-xxxx.dabs full version of files and C-xxxx-yyyy.dabs for compact delta version of the files. Where xxxx and yyyy represents the date in hexadecimal 0-based number of days since January 1, 2001

12. Address book file generations is most interesting part and below table 1 has outline the process of the same. This process is followed for both *.lsabs and *dabs types of files.

On Day 1 it generates full version of Address book file and on day 2, it generates one fuller version of the address book file along with the Delta file which information which are generated and updated after Day 1 full file generation. Similarly on Day 3, it generates one fuller version of the address book file and it also generated two delta file. First delta file has information which is generated between Day 2 and Day 3, second delta file has information which is generated between Day 1 and Day3. This goes on until for 30 days

DayFiles Generated (*.lsabs and *.dabs files)
Day 1Full (F1)
Day 2Full (F2), Delta of F2 – F1
Day 3Full (F3)

Delta of F3 –F2

Delta of F3 –F1

Day 4Full (F4)

Delta of F4 – F3

Delta of F4 – F2

Delta of F4 – F1

Day 5 – Day 29—-
Day 30
Full (F30)

Delta of F30-F29

Delta of F30-F28

—-

Delta of F30-F1

Table 1. Address book file generation (Table Source from TechNet – link)

13. Now the question is what happens on 31st day and how these files are deleted? Address book files will continue generate in the same fashion but from 31st day it also starts to delete all the files from Day 1 and on 32nd day it would generate the full and delta files and delete entire files of Day 2 files and this cycle continues.

14. How lync clients download the address book file? Once the lync client is authenticated then client will be provided with Address Book URL. It’s the UNC path of the Address Book Server file store.

15. Lync client uses this Address Book URL and attempts to download the current full data file for the first time and on following days it only downloads the delta files based on the last full download. E.g. on the 2 days client would only download delta of F2-F1 and on day 3 it would only download delta of F3-F2.

16. Lync client needs updated GAL immediately after every successful login, but it waits between 0 – 60 min to download the latest address book file after the successful login. This is just to make sure that clients are not overloading the server with address book request at a same time.

You have bunch of PowerShell cmdlets to manage Address book and few of them are below

Update-csAddressbook – To force synchronizes the all address book in the organization

Test-csAddressBoosService – Test and verify the address book service on the address book server

Set-CSaddressbookconfiguration – Configure various settings of Address book

Hope this article is informative and gives you a good idea on the address book service in lync 2010

Courtesy : TechNet.Microsoft.com

Configuring Exchange 2010 clients Outlook and Outlook Web App as Lync 2010 end points(IM and presence Integration with Exchange 2010 clients) using PowerShell

Lync 20101 Comment

One of the main purposes of Lync is IM and presence in the organization. The main idea is to initiate IM conversation on whichever the client you are and also to know the presence status if user is available for chat and kick the chat conversation. The main and cool idea of Microsoft is to integrate all its application and that’s been one of the key successes with Lync and Exchange.

Lync 2010 IM and Presence Integration with Outlook

Prerequisites:

1. Deployed Microsoft Exchange Server 2010 and Lync Server 2010.
2. Lync Frontend pool where user is located and client Access server can connect
3. Lync and mailbox enabled users

Lync 2010 IM and presence integration with outlook is automatically performed when you install Lync client on the work satiation. Lync client installs all the necessary add-ins for the outlook to pick up the presence details and also allows to chat directly from the outlook. This feature is only available in outlook 2007 and outlook 2010 clients. Below Figure 1 is reference snap.

Figure 1. Lync user presence on outlook client

You can configure the bunch of settings on the Lync client to integrate with Microsoft Exchange or Microsoft Outlook. Some of the settings like below Figure 2.

1. Update the presence based on my calendar information.
2. Save instance message conversations in my email conversations history folder etc..

Figure 2. Lync client integration with Microsoft Exchange and Microsoft outlook

Lync 2010 IM and Presence Integration with Outlook Web App

Lync 2010 IM and presence with outlook Web App is not automatically integrated. Specific configuration has to be performed.

Prerequisites:

1. Deployed Microsoft Exchange Server 2010 and Lync Server 2010.
2. Lync Frontend pool where user is located and client Access server can connect
3. Lync and mailbox enabled users
4. Exchange Certificate to be configured with Lync for integration (Make sure CA is trusted by both Exchange 2010 and Lync 2010)

Preparing the CAS servers for the integration

1. Download CWAOWASSPMain.msi from Microsoft Office Communications Server 2010 R2 Web Service Provider and extract the file  “c:\Web Service provider Installer Package” and it will extract below mentioned files. Execute and install “CWAOWAASSP.msi”

1. CWAOWAASSP.msi
2. Donnetfx35setup.exe
3. UcamRedist.msi
4. Vcredist_x64.exe

2. Download and Install the hotfix for OCS 2007 R2 web service provider from OCS 2007 R2 Web Service Provider Hotfix

3. Update Unified Communications Managed API 2.0 Redist (64 Bit) from Hotfix KB 2282949

Configuring Exchange 2010

1. Get the exchange certificate using the below PowerShell command

$Excert = (Get-ExchangeCertificate | Where {$_.Services -like “*IIS*”}).Thumbprint
$Excert

2. Using the above exchange certificate configure the OWA virtual directory.  Need to make sure to provide appropriate parameter “Instantmessagingservername” with front end pool name. In the below example I have given as lynccst.abc.com which is the front end pool name in my lab.

Get-ExchangeServer | Get-OWAVirtualDirectory | Set-OWAVirtualDirectory -InstantMessagingType OCS -InstantMessagingEnabled:$true -InstantMessagingCertificateThumbprint $Excert -InstantMessagingServerName lyncst.abc.com

Configure the Lync 2010

1. Access Lync Server management shell and execute the PowerShell cmdlet Get-Cssite to get the Site ID. In our lab the site ID is 1. Below is reference snap

2. Next we need to configure the Trusted application pool and Add ExchangeOutlookWebAccess as Trusted application

3. To configure Trusted application pool use the below mentioned PowerShell command on Lync management shell with the below parameter. You can ignore the warning message as its refering to the computer object which does not exists in the AD

  • Identity = CAS server or CAS Server Arrayname or any SAN name defined in the certificate
  • Registrar = Lync Frontend pool
  • SiteID = site id which we picked above
  • RequiresReplication = $false

New-CsTrustedApplicationPool -Identity mail.abc.com -Registrar lyncst.abc.com -Site 1 -RequiresReplication $false

4. Add Exchangeoutlookwebapp to the Trusted application using the PowerShell cmdlet and parameter as defined below

  • ApplicationId = ExchangeOutlookWebApp
  • TrustedApplicationPoolFqdn = CAS server or CAS Server Array name or any SAN name defined in the certificate
  • pool = Any free port (You can check the unused port using netstat -a | findstr 5060)

New-CsTrustedApplication -ApplicationId ExchangeOutlookWebApp -TrustedApplicationPoolFqdn mail.abc.com -Port 5060

5. Finally its time to publish the topology using the PowerShell cmdlet Enable-CStopology

6. login to the OWA and you should be able to view the status of the users.

I think every organization should use this feature to integrate between Lync 2010 and Exchange 2010. This makes life easier where users can initiate chat from any client they are in. In the above example I have defined only the integration with one front end pool from a specific CAS server. If you have multiple front end pool then the connected pool will proxy the request to the other pool. In a bigger organization where you have multiple AD site and frontend pool for each site then you may follow the same progress and configure the CAS server and the frontend pool on the specific site. Its also a best practice to configure in this fashion but there is definitely a additional load on the CAS server.

Reference link : Microsoft TechNet

I hope you can use this in your organization as well

Director role in Lync 2010

Lync 2010Leave a comment

Microsoft has introduced a new dedicated role in Lync 2010 and its known as Directory role. In OCS 2007 and R2 this role existed but was not a explicit role. it was just a frontend server with out any users homed on it.

It’s server which is generally placed before the front end pool. Its purely a optional server and it can be a single Directory role server or pool of servers behind a hardware load balancer or DNS load balancing. It can disadvantage if you have a single directory role server when it goes down. So its recommended to have multiple servers into the directory pool to avoid single point of failure. One more way of avoiding single point of failure is add multiple SRV records. One SRV record for Directory pool and other one for the Front end pool with different preference.

This role can only be deployed on the sever running Lync server2010 Enterprise edition and it cannot clubbed with any other role.

figure 1. Directory server/pool placement.

Director role acts has a mediator between Lync 2010 client and front end pool. Lync 2010 client can be coming form the Internal or Internet and service offered by the director server varies depending on the client source(Internal or Internet)

Director role service for Internal client

During deployment SRV record should be pointing to the director pool. So when the client issues a request on the SRV _sipinternaltls._tcp.<domain>.com record , then the service is handled by the director pool and it determine the front end pool where the users are located from its local database and and redirect to the correct pool. Its one more useful when you have a multiple front end pool.

Once the client determines its front end pool then director role server will not be communicated any more.

Director role service for Internet client

The main purpose of director role is for the users/client coming from the internet. Though its optional, its recommended to implement for security reasons and it allows and authenticates  clients are connecting from Internet. When users from the internet tries to connect the Lync server, it talks to the edge server and it will be forwards to director for the authentication. Once client is authenticated then it proxies the client request to the appropriate front end pool. It also maintains the communication path between the client and the user’s home pool as well as the Edge Server.

Refence link from DR Rez

DNS Requirement for Remote Access and local access of Lync 2010 client users

Exchange 2007, Lync 20102 Comments

DNS configuration varies depending the current DNS settings in the organization. You need get check if the current DNS is configured with DNS split brain syndrome or not. DNS split brain syndrome  is a beautiful concept as such and its very useful in a organization where you have same domain name space is followed in internal and external DNS.

Eg.

Internal DNS name space : abc.com
External DNS name space : abc.com

DNS with out split brain syndrome is where internal and external name space is different.

Eg.

Internal DNS name space : abc.local
External DNS name space : abc.com

Most organization follow this for security reasons.

Lets understand how the Lync Client 2010 will connect when you have two different name space. Before we get into this, lets understand what lync 2010 client needs to connect to its frontend server

When user enters the email address Eg. Krishna@abc.com in the lync client and click on connect then the client will take the user email domain eg abc.com and try to locate the sip server  using srv record in the DNS. SRV record will be in this format eg. “_sipinternaltls._tcp.abc.com” where abc.com is the domain name. With this SRV record lync client connects and access the front-end pool on port 5061.

lync client tries to query the SRV record in the following order and connects using the best available SRV record

_sipinternaltls._tcp.abc.com
_sipinternal._tcp.abc.com
_sip._tls.abc.com

With this information lets focus on the configuration required for the internal access of lync 2010 clients

Create a zone in the internal DNS that matches the external DNS zone (for example, abc.com) and create DNS A records corresponding to the Lync Server 2010 pool used for automatic configuration. For example, if a user is homed on pool01.abc.local but signs into Lync as user@abc.com, create an internal DNS zone called abc.com and inside it, create a DNS A record for pool01.abc.com or you can create a pin point zone which matching the external DNS zone. pin point zone can only be created using dnscmd.exe. below is the example to create pin point zone in the internal dns for the domain abc.com and front-end pool name pool01.abc.com

dnscmd . /zoneadd _sipinternaltls._tcp.abc.com. /dsprimary
dnscmd . /recordadd _sipinternaltls._tcp.abc.com. @ SRV 0 0 5061 pool01.abc.com.
dnscmd . /zoneadd pool01.abc.com. /dsprimary
dnscmd . /recordadd pool01.contoso.com. @ A 192.168.1.10
dnscmd . /recordadd pool01.contoso.com. @ A 192.168.1.11

We are good from the internal, similar configuration needs to be done from the Internet DNS as well.

Create a SRV record in Internet DNS “_sip._tls.abc.com” where abc.com is the domain name

Eg.
dnscmd . /recordadd _sip._tls.abc.com. @ SRV 0 0 443

As discussed earlier, lync client uses specific order to query the SRV records. When the lync client is accessing from the internet then the first two SRV request will fail as its not available in the Internet DNS zone and it would connect using the last SRV record “_sip._tls.abc.com” which is defined in the DNS zone

I hope this information helps you to have better understanding the DNS requirement