// // Leave a Comment

Microsoft Lync 2010 and lync 2013 server coexistence certificate and Public IP Address requirements

Below are the Microsoft Lync Server 2010 and Lync Server 2013 server coexistence certificate and Public IP Address requirements,

IP Address Requirement for Lync Server

Lync 2010 ->  Lync 2010 server will require minimum 2 public IP address to publish Lync services to the Internet.
Public IP's 

  • sip.vmwareandme.com  (for lync 2010 edge server)
  • dilain.vmwareandme.com, meet.vmwareandme.com, lyncweb.vmwareandme.com & lyncdsiover.vmwareandme.com (lync 2010 web services)

Lync 2013 -> Lync 2013 server will require minimum 3 public IP address to publish Lync services to the Internet.
Public IP's 

  • sip2013.vmwareandme.com  ( for lync 2013 Edge server Role)
  • lyncweb2013.vmwareandme.com -you can use Lync 2010 Web Services IP address (i.e. dialin & meet)
  • webapp.vmwareandme.com (For Lync Server 2013 Web Apps Server)

Certificate Requirement for Lync Server

Lync 2010 -> 
1. sip.vmwareandme.com (for lync 2010 edge server)
2. dilain.vmwareandme.com, meet.vmwareandme.com, lyncweb.vmwareandme.com & lyncdsiover.vmwareandme.com (lync 2010 web services)

Lync 2013 ->

  • sip2013.vmwareandme.com (For lync 2013 Edge server Role)
  • lyncweb2013.vmwareandme.com -> you can continue to use Lync 2010 Certificate for dialin & meet. If you are using UCC certificate, then after complete migration from 2010 to 2013 you can delete old SAN names (such as lyncweb.vmwareandme.com) & crate new SAN's for Lync 2013 certificates.
  • webapp.vmwareandme.com (lync 2013 web Apps server)
Read More
// // Leave a Comment

Step By Step Guide Microsoft Lync 2010 and Lync 2013 Server Pools Coexistence and Migration

I would like to phase users from Lync 2010 to new Lync 2013 server in a phased manner. Currently I have Lync Server 2010 running and functioning including Lync mobility,Edge.  So I am going to install & configure Lync 2013 server along with current Lync 2010 server and once I complete my Lync 2013 step up my plan is to move users one by one to Lync 2013 from Lync 2010.

So users will not face any issues if we go for Lync 2010 and Lync 2013 coexistence.

Below is my set-up,

Lync 2010->
  • Lync Front End Server 2010
  • Lync Monitoring and Archiving Server 2010
  • Lync Edge 2010
  • Lync 2010 Mobility
  • SQL Server 2008 R2 for Lync 2010 
  • Microsoft TMG 2010 as Reverse proxy

Lync 2013->

  • Lync Front End 2013 (Windows 2012)
  • SQL Server 2012 for Lync 2013
In my case I have prepared new Windows server 2012 virtual machine for Lync server 2013.  So let get started,
First run Lync 2013 deployment wizard to Prepare Active Directory and Install Administrative Tools as shown below.

Once you install Administrative Tools, Open Lync Server 2013 Topology Builder select "Download Topology from existing deployment" . This step will download existing lync topology & then we can add new Lync 2013 pools.

New Topology builder three categories as below i.e. Lync Server 2010, Lync Server 2013 and Shared Components.
Navigate to Lync Server 2013, Right click on Enterprise Edition Front Server and select New Front End Pool as shown below to add new Lync 2013 pool.

Click Next to Continue.

Enter Lync 2013 pool FQDN it should be different from Lync Server 2010. Below are examples,
Lync Server 2010 Front End Pool FQDN - lync.vmwareandme.com
Lync Server 2013 Front End Pool FQDN - lync2013.vmwareandme.com

Add Computer FQDN that will be name of your Lync 2013 server & click Next.

Enable Conferencing, Enterprise Voice and Archiving & monitoring if you going to use it.

I am going to Collocate Mediation Server on Front End server so select the same & Click Next.

Currently I do not have edge server in my test lab so I have unchecked “Enable an edge pool to be used by the media component of this front end pool”. I am planning to use existing Lync 2010 Edge Server. If you install Edge you select below tab by modifying topology via topology builder.

Define your SQL Server Store and click Next.

Define your SQL Server Store and click Next.

Note- For Lync Server 2010 & Lync server 2013 always use different web services URL as shown below else you face lync 2010 & lync 2013 mobility coexistence issue.
 In my case,
Lync 2010 External Web Service URL - lyncweb.vmwareandme.com
Lync 2013 External Web Service URL - lyncweb2013.vmwareandme.com

Provide Web Apps Server details by clicking New option.

Define your SQL Server Store details for Archiving & monitoring server Role and click Next.

Now Publish your topology.

Once you published your topology, go to the Deployment wizard and select "Install or Update Lync Server System".

Now select "Install Local Configuration Store" and Click Run and complete the installation process as shown below.

Now select "Setup or Remove Lync Server Components" and Click Run and complete the installation process as shown below.

Now select "Request, Install or Assign Certificate" and Click Run and complete the installation process as shown below.

I have used Internal CA server to assign certificate to Lync 2013 server. Once you complete the above process, verify that all Lync services are running.

Now again open Topology Builder to make additional changes. Right-click on site and  choose Edit Properties and then Federation route and in Enable SIP federation I have selected my Lync 2010 Edge server and click OK.

In Topology Builder  right-click on new Lync 2013 server and select Edit properties-> General –> Associate Edge pool (for media components) here I have  selected my Lycn 2010 Edge server, click OK and Publish Topology.

Now my Lync 2013 server Setup is ready and I am ready to move Lync 2010 user to Lync 2013 server. So open Lync 2013 control Panel search for any user. Select User name-> click on Action->Move Selected users to Pool

Select Destination registrar pool as your Lync 2013 server pool & click on OK.

Now user will be the part of new Lync 2013 server pool as shown below.

You can use Move-CsUser command to move user registrar pool
# Move-CsUser -Identity santosh@vmwareandme.com –Target lync2013.vmwareandme.com


Simple URLs ->
In  Lync 2010 & Lync 2013 coexistence environment simple URLs can continue to point to Lync 2010 pool until and unless all users have been migrated to lync 2013.
When you are ready to decommission your old Lync 2010 pool then you can point your simple URLS to new Lync 2013.

I have moved one user from Lync 2010 Pool to Lync 2013 Pool and users are using the same meeting URL (https://meet.vmwareandme.com) to join an on-line meeting. When users starts on-line meeting connection always goes to the Lync 2010 front-end server as that's where I have the meeting URL, but when I move my user to Lync 2013 meeting launcher will point me to the new lync 2013 pool.

Lync Dialin URLs -> dialin.vmwareandme.com URL is pointing to our old Lync 2010 server and all Lync 2010 and Lync 2013 users will use the Lync 2010 dial in URL. When user from lync 2013 pool logs in into the Lync 2010 dialin page no Lync 2013 redirection will occur. User can use the Assigned Conference Information from Lync 2013 Dial In URL.

Mobiliy URLs -> Login to Lync 2013 Front End server & change Lync 2013 front end server web services URL to lync2013.vmwareandme.com & publish Lync topology. Do not use same web service for Lync 2010 & Lync 2013 else mobility will not work in coexistence.

Now you will be able to login to Lync 2010 as well as Lync 2013 server via Lync 2010 & Lync 2013 mobility App. When you login using lync 2010 user then lyncdiscover.vmwareandme.com traffic will be passed to Lync 2010 front end server. If user is identified as Lync 2013 then lyncdiscover.vmwareandme.com traffic will be passed to Lync 2013 front end server.

Read More
// // Leave a Comment

Step By Step Guide How To Configure IIS ARR (Application Routing Request) as Reverse Proxy for Lync 2013

IIS (ARR) Application Request Routing enables Web server administrators, hosting providers, and Content Delivery Networks (CDNs) to increase Web application scalability and reliability through rule-based routing, client and host name affinity, load balancing of HTTP server requests, and distributed disk caching.
Now TMG now being discontinued by Microsoft. Now most of the users are using IIS ARR or Apache as reverse proxy for Lync 2013. Here I am planning to IIS ARR (Application Request Routing) as a reverse proxy for my Lync 2013. As per Microsoft TechNet Internet Information Server Application Request Routing (IIS ARR) is a fully tested and supported option for implementing a reverse proxy for Lync Server 2010 and Lync Server 2013. Please check below TechNet article
IIS (ARR) Application Request Routing requirements,
Windows Server 2008
Windows 2008 R2
Windows Server 2012 OR Windows Server 2012 R2
You will need two NIC cards for IIS ARR, one is for external traffic with default gateway to get traffic from internet and second one for communicate with Lync 2013 front end server.
Note - Do not join reverse proxy server (IIS ARR) to your domain.

Install IIS on your ARR server. After installing IIS import Public certificate in your IIS ARR server
To do the same open IIS & click on “Server certificates”

Click on Import,

Provide certificate fie path, provide key & certificate store to import certificate.

Next we will install the Web Platform Components for downloading and installing IIS ARR.
Open below URL to install Web Platform Components http://www.microsoft.com/web/downloads/platform.aspx
Click on free download to Download and Install the Web Platform Installer 4.6.

In Web Platform Installer 4.6 window, search for “KB2589179" which will display the Application Request Routing 2.5. Select and click Add then Install to install IIS ARR.

Once installation gets completed. Close & re-open IIS manager. Now you will see new “Server farm” option in IIS.
Now right click “Server Farms”  & click on “Create Server Farsm”

Assign name to server farm & click next. Here I am using FQDN of my Lync webservices.

In Server Address tab enter your FQDN of your Enterprise Pool or Standard Edition Lync Server. Also in “Advance Settings” change http port to 8080 & https to 4443 as shown below and click Finish

Now you will be prompted to create Rewrite Rules, click Yes to continue.

Now your server farm is ready as shown below.
Now go to Caching and disable the disk cache.

Go to Proxy and change the time-out to 200 seconds.

Go to Routing Rules and disable the SSL offloading option.

Now go to URL Rewrite,

Double click on the ARR_Name_loadbalance_SSL Rule.

Now change the following options,
Pattern to (.*)
Using -> Regular Expression
Action Properties Scheme from http:// to https://

Now configure your firewall & publish meet, dialin & Lync web services & test it.
Repeat these steps for each simple URL you have. The goal here is to retain the simple URLs as they pass through ARR, so the Lync Front End URL rewriting rules recognize each simple URL as it comes in from ARR.

Read More