Now that the general public has access to the Release Candidate software for Lync Server 2010 it is now appropriate to cover the deployment process in depth. The purpose of this article is to take a look at what the installation process actually does in order to generate a deeper understanding of the product. Not just simply follow a bunch of screenshots of the deployment wizard.
I’m starting with the Standard Edition as this is both the simpler approach and the more common deployment for testing purposes. A host of new features and concepts have been introduced which are all available in single-server Standard Edition pool, not to mention that the required amount of individual physical hosts have been reduced thanks to improved collocation support. So a single Windows Server can now fill the role of both a consolidated Standard Edition server and a Mediation server. Additional roles like the Monitoring Server can also be collocated with the Standard Edition server, but a full SQL Server installation must be performed on the server prior to deploying Lync Server on it. Previous versions of OCS Standard Edition did not support this level of co-mingling, or support anything but the default SQL Express instance.
For the purposes of this walkthrough I will start to introduce a number of PowerShell cmdlets in some of the processes, but understanding that PowerShell may still be new to many people I will utilize the deployment wizard throughout the majority of the steps. Later on I plan to document a complete Lync Server deployment using PowerShell cmdlets at every possible step.
Much of this process is already detailed in Microsoft’s official Lync Server 2010 (RC) Lab Deployment Guide but I’ve gone into further details on many of the steps, as well as mixed up some of the order as a few of the prerequisite steps are redundant. That document also includes configuration and deployment steps for a Director and Edge Server which I will not cover now, but will address in later articles.
Update: This process is identical to (and has been tested with) the public release version of Lync Server 2010.
Environment
- Physical Host: Windows Server 2008 R2 Hyper-V running on a Core2 Duo desktop-class system with 8GB RAM.
- Domain Controller: A single Windows Server 2003 guest promoted to a domain controller for the new Active Directory forest root domain of csmvp.net. (Newer versions of Windows Server 2008 can be used but for the sake of saving precious RAM resources on my lab server I opted for Server 2003.)
- Lync Server: A second virtual guest running Windows Server 2008 R2 x64 Enterprise and joined to the csmvp.net domain.
- The domain account used to perform all steps is a member of the Domain Admins, Enterprise Admins, and Schema Admins domain security groups.
- The Forest and Domain functional levels were elevated to Windows Server 2003.
- A Windows Enterprise Certificate Authority was deployed on the DC.
Active Directory Preparation
Before we can run any of the AD preparation steps included in the deployment wizard a few server prerequisites must first be installed. The various IIS features are not required until just prior to deploying the Lync Server components but for simplicities sake installing all features in one step is best.
- Launch Windows PowerShell buy selecting ‘Run As Administrator’ and enter the following cmdlets to quickly install the .NET Framework 3.5.1 package, the Remote Server Administrative Tools, and all IIS7 features then perform the required server reboot. (The Telnet Client is not a requirement but I always install the feature as it is a handy troubleshooting tool. If Windows Server 2008 SP2 is used then PowerShell 2.0 will also need to be installed).
PS C:> Import-Module ServerManager
PS C:> Add-WindowsFeature NET-Framework,RSAT-ADDS,Telnet-Client,Web-Server,Web-Static-Content,Web-Default-Doc,Web-Http-Errors,Web-Http-Redirect,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Http-Logging,Web-Log-Libraries,Web-Http-Tracing,Web-Windows-Auth,Web-Client-Auth,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Console,Web-Scripting-Tools -Restart
- From the installation media launch the setup wizard found at the following location:
\Setup\amd64\setup.exe
- At this point the setup will automatically ask to install the Microsoft Visual C++ 2008 Redistributable x64 package. Confirm and wait for the next setup window to appear. (It may take a minute as the installation runs in silent mode, but also keep an eye on the taskbar as the installation window likes to pop-up behind other windows. Also note that this process no longer leaves a bunch of files on the root of the drive where it is installed as the previous OCS installation used to.)
- Accept the default Installation Location, or enter a different path, and select Install. Then accept the End User License Agreement.
C:\Program Files\Microsoft Lync Server 2010
- From the main menu select Install Topology Builder to install the Administrator Tools on the local server. This will install the Lync Server Management Shell which will be used to execute a few cmdlets to verify various AD preparation steps.
- From the Deployment Wizard select Prepare Active Directory. Run Step 1: Prepare Schema and review the log to verify no errors were reported. Verify the process using has completed successfully by checking the rangeUpper (1100) and rangeLower (14) values of the ms-RTC-SIP-SchemaVersion Schema object with adsiedit.msc.
- Run Step 2: Prepare Forest and use the settings in the table below. Review the results log to verify no errors were reported.
Universal Group Location Local Domain
- Verify that the forest preparation was successful by executing the following cmdlet from the Lync Server Management Shell and looking for a response of LC_FORESTSETTINGS_STATE_READY.
PS C:> Get-CsAdForest
LC_FORESTSETTINGS_STATE_READY
- Run Step 3: Prepare Domain and review the log to verify no errors were reported. Verify that the process was successful by executing the following cmdlet from the Lync Server Management Shell and looking for a response of LC_DOMAINSETTINGS_STATE_READY.
PS C:> Get-CsAdDomain
LC_DOMAINSETTINGS_STATE_READY
Server Preparation
In previous beta builds a number of prerequisite supporting installations had to be manually deployed, but in the Release Candidate we see our first glimpse of how the upcoming RTM product will smoothly handle all of these for us.
This process will install the SQL 2008 Native Client and SQL Server 2008 Express, as well as configure firewall exceptions for SQL. Mostly importantly it also deploys the first SQL Express named instance, simply called RTC. This instance will be the default location for the Central Management Store which is where Lync will store the majority of the global (forest-wide) configuration data. The RTC Service container in the AD Configuration partition is still used to store some data, but mainly for coexistence with previous versions of OCS.
- From the main Deployment Wizard menu select Prepare first Standard Edition server.
<snipped>
Checking prerequisite WMIEnabled…prerequisite satisfied.
Checking prerequisite NoOtherVersionInstalled…prerequisite satisfied.
Checking prerequisite SupportedOS…prerequisite satisfied.
Checking prerequisite PowerShell2…prerequisite satisfied.
Checking prerequisite VCredist…prerequisite satisfied.
Checking prerequisite SqlNativeClient…installing…success
Checking prerequisite SqlBackcompat…prerequisite satisfied.
Checking prerequisite UcmaRedist…prerequisite satisfied.
Checking prerequisite SqlExpressRtc…installing…success> Creating firewall exception for SQL instance
netsh advfirewall firewall add rule name="OCS SQL RTC Access" dir=in action=allow program="c:Program Files\Microsoft SQL Server\MSSQL10.RTC\MSSQL\Binn\sqlservr.exe" enable=yes profile=any
Ok.> Creating firewall exception for SQL Browser
netsh advfirewall firewall add rule name="SQL Browser" dir=in action=allow protocol=UDP localport=1434
Ok.
- A quick glance at the Programs and Features control panel shows all of the components which were just installed.
- Also locate and launch the SQL Server Configuration Manager to verify the local SQL services are properly installed and running.
- The newly installed SQL Server Express instance default database files can be found in the following default location:
- In a slight change from previous versions of Communications Server it’s not enough to simply be logged in as a Domain Admin to fully administer the Lync Server environment. Before moving further the domain Administrator account used throughout this process should be added as a member to the domain security groups CsAdministrator and RTCUniversalServerAdmins.
- This user account should then logoff and back on to the Windows Server where Lync is being installed to update the associated security token. Once logged back on use the following commands in the Windows Command Prompt to verify the new group membership:
C:> whoami /groups /fo list | findstr /i CsAdmin
Group Name: CSMVP\CSAdministratorC:>whoami /groups /fo list | findstr /i RTCUniv
Group Name: CSMVP\RTCUniversalGlobalReadOnlyGroup
Group Name: CSMVP\RTCUniversalUserReadOnlyGroup
Group Name: CSMVP\RTCUniversalServerAdmins
Group Name: CSMVP\RTCUniversalServerReadOnlyGroup
Group Name: CSMVP\RTCUniversalGlobalWriteGroup
The final preparation step is to manually create a file share on the server which will later be referenced during the Lync Server topology configuration.
- Create a new folder on the server named lyncshare anywhere on the server. The following path was used in this lab deployment:
C:\Program Files\Microsoft Lync Server 2010\LyncShare
- Configure the NTFS file security on the new folder to grant Read & Execute permissions to Everyone.
- Also verify that the Administrators group is already granted Full Control.
- Then enable file sharing with the Share name of lyncshare and configure the share permissions so the administrator account used to perform the installation is granted Full Control. A later server deployment process will customize the share and file permissions accordingly.
Topology Builder
Because the Lab Deployment Guide uses the Planning Tool and this is not required I will instead walkthrough the basic Topology Builder process.
- Launch the Lync Server Topology Builder application found in the Microsoft Lync Server 2010 (RC) program group.
- Select New Topology from initial prompt and save the .tbxml file with any desired name (e.g. chicago.tbxml).
- For the Primary SIP domain enter the desired domain namespace (e.g. csmvp.net). This does not have to be the same namespace utilized by Active Directory. If an Exchange Server or other messaging platform exists in this forest then whatever the current primary SMTP namespace is should typically be selected as the SIP domain as well.
- Do not add an additional supported domains at this point unless desired. A single SIP domain is sufficient to test all of the features of Lync Server in a lab environment.
- Define the Name (e.g. Chicago) and Description (e.g. Main Site) of the first site. This is also a new component of Lync Server as previous versions did not include and type of site definition. The site information will be used by many of the new resiliency features in Lync Server.
- Provide City, State/Province, and Country/Region Code information specific to your first site.
- Complete the topology definition and open the New Front End Wizard.
- In the Define New Front End Pool wizard select the following options and enter the desired information specific to your own lab. The pool FQDN should be the FQDN of the server where you will be installing the Lync Server Standard Edition server components.
Define the Front End Pool FQDN
FQDN lab1ls.csmvp.net Type Standard Edition Server
Select Features
- Conferencing, which includes audio, video, and application sharing
- Dial-In Conferencing
- Enterprise Voice
- Call Admission Control
Select Collocated Server Roles
- Collocate A/V Conferencing Server
- Collocate Mediation Server
Associate Server Roles with this Front End Pool
- (Leave all options unchecked )
Define the SQL Store
- Because this is a standard Edition installation and SQL Express has already been deployed all options are disabled. The default RTC instance on the local server will be used.
Define the File Share
File Server FQDN lab1ls.csmvp.net File Share lyncshare
Specify the Web Services URL
Internal Base URL lab1ls.csmvp.net External Base URL external.csmvp.net
Specify PSTN Gateways
- Leave these options blank for now as Enterprise Voice will be enabled in a later article.
- Back at the main Topology Builder window select Edit Properties on the Lync Server 2010 (RC) root-level object. Highlight the Simple URLs section and enter the desired Administrative Access URL. (Note the additional for Phone Access URLs and Meeting URLs are already configured.)
https://admin.csmvp.net
- Also highlight the Central Management Server section and select the new Front-End server from the drop-down menu if it is not already selected.
At this point it is now time to publish the topology which will populate the RTC instance with new databases, create the folder structure in the shared directory, and publish configuration settings into the CMS and Active Directory.
- From the Action menu select Publish Topology. Select the local server FQDN for the Central Management Store location which should be the only option in the drop-down menu. If all previous configuration steps were completed correctly then the wizard should complete successfully.
As indicated by the To-Do List shown under Next Steps a couple of DNS records will need to be manually created to match the FQDN set in the Lync Server topology.
- Create new DNS Host (A) records on the internal DNS server’s forward lookup zone which matches the SIP domain used. Each record should point to the static IP address used by the server where the Standard Edition roles will be deployed.
To validate and understand the changes the Topology Builder has applied to Active Directory there are a number of places to look throughout the various results logs, within Active Directory, and the SQL databases themselves.
- Highlight Setting Central Management Store location… on the Publishing wizard complete window and select View Logs. This log shows that the Set-CsConfigurationStoreLocation cmdlet was used to define the location of the CMS for all future Lync Servers to know how to locate the forest’s configuration data.
- Use adsiedit.msc to view the Configuration context and browse to the path shown below. View the properties on the only object in the Global Settings container to see that the supplied configuration data among the attribute values. Also note that the whenCreated attribute should coincide with the time the topology was just published.
CN=Global Settings,CN=RTC Service,CN=Services,CN=Configuration,DC=csmvp,DC=net
- From another computer on the network with SQL Server 2008 Management Studio Express installed the SQL Server Management Studio can be used to connect to the RTC instance on the Lync Server to view the databases. Here we see the XDS and LIS databases created by the CMS setup.
- The raw database files can be found on the Lync Server in the default installation directory shown below.
- Additionally the manually defined file share is now populated with new folder structure.
Summary
At this point all organization preparation steps have been completed and the next step is to actually install the Standard Edition server components.
The next article in this series jumps right into that process with Part 2.
Hi Jeff, thanks for the writeup – I'm a little confused though. I have noticed that a lot of bloggers use the same domain names for their internal AD as they do their external dns, which ends up confusing things especially when dealing with OCS!
I am trying to set up my lab and I'm a little confused about the DNS names above. Let's say I use test.local internally and test.com externally… Why would I configure test.com DNS on my domain controllers instead of my external DNS server? Seems like twice the work to keep records updated in both places.
But now for the 3 hostnames above, I assume they are based on the external names (in my case admin.test.com etc) – but are supposed to point to internal IPs? I guess we wouldn't want to configure these records on the outside world dns to point to internal IPs. So are we basically forced to do split-brain dns here, maintaining separate records for test.com on our internal and external dns servers?
Thanks!
Wes
Wes, in real-world deployments typically you'll find separate namespaces between the Active Directory forest/domain and the publicly accessible SMTP/SIP namespaces, so your question is quite common. For the purposes of keeping this article simple I used the same namespace, but 9 times of of 10 the namespaces are different. You are correct in that split-brain is required as their will be some internal-only records you'll want to resolve which should NOT be included in the public, external DNS zones. So typically the zone records will not match 100% between internal and external zones. It is (slightly) more administration work but is necessary for a secure, working environment.
Take a look at Geoff Clark's article on split-brain DNS with OCS for more details: http://blogs.technet.com/b/gclark/archive/2009/05…
Regarding the Lync-related records each of these should be set on the internal DNS server but would use the same namespace as your SIP domain typically. So if your server FQDN is lync1.test.local but your primary SIP domain is test.com then the additional DNS A records would also be created in test.com. Generally the rule of thumb is any URLs used by clients or staff to access services should be in the SIP domain namespace, while server-to-server communications utilize the AD namesapce as the server's FQDN matches that.
Got it, thanks!
[…] September 23, 2010 by Jeff Schertz · Leave a Comment This blog post is part 2 of a multi-article series and is a continuation of this previous article: Lync Server 2010 RC Deployment – Part 1 […]
I confess, I have not been on this website in a very long time. yet it absolutely was another delight to see your great content.
Helpful blog, bookmarked the website with hopes to read more!
This is a really good read for me, Must admit that you are one of the best bloggers I ever saw.Thanks for posting this informative article.
[…] lab environment used as examples was built using the same processes discussed in these three previous articles for Lync Server. A single consolidated Exchange 2010 SP1 server was also […]
[…] lab environment used as examples was built using the same processes discussed in these three previous articles for Lync Server. A single consolidated Exchange 2010 SP1 server was also […]
[…] Part 1: http://blog.schertz.name/2010/09/lync2010rc-deployment-part1/ […]
[…] Part 1: http://blog.schertz.name/2010/09/lync2010rc-deployment-part1/ […]
Hi! Great page. But when i follow your instruction I get an error that MSMQ Feature is missing. So that is another feature thats needed before installation.
Alexander, the Message Queuing (MSMQ) components are only required if also deploying a Monitoring and/or Archiving Server. I will address those server roles in a later article.
Hi everyone;
I'm getting the following error message upon running the install file setup.exe in the amd64 folder in my windows server 2008 R2 that i just installed, i have looked a lot for this and also found an un ended thread over it http://social.technet.microsoft.com/Forums/en-US/… please help
Error Message:
The version of this file is not compatible with the verion of windows you re running.
Check your computers system info to see wherthere you need an x86 or x64 version of the programme.
My hardware is Intel i3 core 3.20
AcpI x64 bit PC
with 2 Gb ram
Please help i am stuck at this
Mohsin Khalid
I also have same error: The version of this file is not compatible with the verion of windows you re running….
Intel Xeon X5660 @ 2.8 GHz (2 processors)
4 GB ram
Windows Server 2008 R2 Standard (SP1)
on XenCenter version 5.6
Lien vers les rôles et features de Lync 2010 et comment les installer…
Je reprends cet article pour le compléter. En effet, il m’es ……
Hi Ryan/Mohsin,
For Lync Server setup, below are the support server OS and it must be 64bit.
Windows Server 2008 R2 Standard Edition
Windows Server 2008 R2 Enterprise Edition
Windows Server 2008 R2 Datacenter Edition
Windows Server 2008 Standard Edition with SP2
Windows Server 2008 Enterprise Edition with SP2
Windows Server 2008 Datacenter Edition with SP2
Cheers,
Mohit Verma
Great article Jeff, but there is an error in it. If you define the share as simply "share" during the topology creation as per your document, the topology publication WILL FAIL! as there is no share on the lync server by that name. If you use "LyncShare" that you created earlier in the process, everything publishes correctly. just thought you should know about the error!
Pierre, thanks for letting me know. I've fixed the typo.
[…] See: http://blog.schertz.name/2010/09/lync2010rc-deployment-part1/ […]
[…] See: Jeff Schertz’s blog for a good step by step intro: http://blog.schertz.name/2010/09/lync2010rc-deployment-part1/ […]
has anyone experience with having the file share on a file server
– other than Windows (e.g. NetApp)
– in another, but fully trusted forest (resource forest scenario, file share in account forest)?
Thanks,
Jürgen
does anyone know why the file share of a director pool is not allowed to reside on the file server as the Front End Server Pool and vice versa?
Thanks,
Jürgen
The main reason that prevents this is that the Lync topology does not allow the re-use of FQDN in most scenarios, thus the server FQDN that hosts the file share must be a unique FQDN within the topology.
I keep getting an error during the "Prepare single Standard Edition Server" portion
Checking prerequisite SqlExpressRtc…installing…failure code -2068578304
Prerequisite installation failed: SqlExpressRtc
Jeff:
I am going nuts on this one!!
I have installed Lync many times, I was doing a test installation in my lab and I am on part one:
whoami /groups /fo list | findstr /i csadmin
whoami /groups /fo list | findstr /i csrtcuniv
Fails on the SE server, but does not fail on the DC, I can successfully ping from the DC from the SE server. Publishing the topology fails from the SE server.
I have never seen this before!!! Any ideas??
BK
[…] Lync Server 2010 RC Deployment – Part 1 http://blog.schertz.name/2010/09/lync2010rc-deployment-part1/ […]
[…] Lync Server 2010 Deployment – Part 1 […]
Hi Jeff, Good information on your site. My question is I'm seeing conflicting info on upgrading and deploying new Communication versions.
I'm not upgrading to OCS 2007 first so I would like definite steps on the LYNC 2010 install. I'm setting up new 2008 R2 with new exchange 2010 and new Lync 2010. Exchange is done, can I install lync 2010 first before I decommission LCS 2005 SP1? I do not want any of the old LCS 2005settings.
Also, when I delete the LCS pool and decommission the LCS server, do I have to run the unprep on LCS or can I leave that and continue on with my new LYNC deployment?
Kevin, you can install Lync before removing the LCS servers, but each user account should be disabled in LCS prior to enabling it in Lync.
[…] Lync Server 2010 Deployment – Part 1 […]
Hi Jeff,
Wonder if you can answer a coexitence question. I'm having trouble finding any info about this and I'm told on Technet Lync forum that it will not work.
New server 2008 R2 with Exchange 2010 already in production. I want to install new Lync server 2010 on this server but I'm told that exchange and Lync will not run side by side on the same server.
New Lync will not have external access and I need only IM and presence installed and I plan on using a local server certificate for Lync.
Any good information you can give me.
Technically it's possible to collocate Exchange and Lync on the same server, but it will require extensive modifications which is all completely unsupported (additional IP addresses and manual reassignment of web services). You might find more pleasure out of banging your head against a wall if you decide to go this route. 🙂
As somebody who tried to do this, I can confirm the sentence “You might find more pleasure out of banging your head against a wall if you decide to go this route.”
Hi Jeff,
Hope you are well. Thanks for your posts on Lync and Exchange. Im no qualified tech, but your blogs have helped me set things up.
Just a quick question, I've set things up and, lync mobility, owa intigration and remote access all seem to work. However on the Lync Server Control Panel, under Topology the service status shows up as N/A for everything on the Standard Edition Server.. I know it was shwing a server icon with a green at some point. Any idea how I can sort this out?
Kind regards
Hammad
At minimum you sometimes need to just refresh (F5) that window. Otherwise that could indicate some type of CMS replication issues (or lag) with your servers.
Jeff,
I have always enjoyed your blogs. I find them very helpful because we are setting up a Lync demo in our lab. You noted in your environment that you are running on a single Hyper-v computer with 8g RAM. I have looked (not just here, but on MS site as well) for the specs for ‘tuning down’ an installation for Proof of Concept on a single Hyper-v (or VMWare) server but have not had much success. Do you have the specs for your lab config somewhere?
Thanks!
Mike
Mike, my home lab is actually just an old custom Pentium 4 PC with 8GB of RAM running Server 2008 R2. It's slow, but works for what I need it to do. If I were to build something today I'd just get a current generation CPU with 16GB RAM and a couple SSD drives and call it a day 🙂
Our lab has a dual-quad core server w/16G RAM. But all the 'recommendations' for building the Lync servers (FE, Director, Edge etc.) all say 4 CPU and 8G RAM and that means 2 servers before we are running out of RAM and CPU. Yes, we can 'overcommit' on them both, but that's only 2 out out of like 3-5 servers needed for the proof of concept. Will Lync work (limited # of users, under 50 actually) on less? Say 2 CPU and 2-4G RAM?
You don't need the Director Server (unless you plan to use it in production and want to build out an identical scenario). Windows Server 2008 will not like any less than 2GB of RAM and once you install a Lync role you'll need more. Typically I've seen lots of virtual memory swapping with a LyncServer running less than 3GB of RAM. The CPU doesn't matter, it's just going to impact performance. The TechNet specs are for a production deployments support thousands of users.
This is a fantastic guide, thank you for this it really helped me setup lync on my company infrastructure. But i would say if anyone is getting the "sqlexressinstance" failed to install please restart then please delete this registry key – HKEY_Local_MachineSystemCurrentControlSetControlSession Manager
and then delete the following key:
PendingFileRenameOperations
reason for this is that a print driver is being installed each time and needs to be removed then you can continue. 🙂
Great guide Jeff thanks!
Ted T
CTO
HB Commununations
You forgot to mention about Windows Media Format Runtime Pre-Requisites.
Yes, but the Lync Server Deployment Wizard will prompt the user to install this package automatically if it's not already installed on the server. The only change will be a required reboot after this package is installed, so just relaunch the deployment wizard after the reboot and proceed.
[…] http://blog.schertz.name/2010/09/lync2010rc-deployment-part1/ […]
Hi Jeff,
I have a question deploying a enterprise lync pool (6 servers) behind a hardware load balancer, what IP address should I use for the default gateway? We are using as the default gateway an L3 forwarder in the load balancer instead of the default switch / router ? Which should we use? Do you ever use as default gateway the load balancer????
Hey there! This is my first visit to your blog! We are a collection
of volunteers and starting a new project in a community
in the same niche. Your blog provided us useful information to work on.
You have done a marvellous job!
Great guide Jeff thanks!
[…] lab environment used as examples was built using the same processes discussed in these three previous articles for Lync Server. A single consolidated Exchange 2010 SP1 server was also […]
Dear Jeff,
My installation fails at the step: Prepare First Standard Edition Server; when it get to installing SQL Express. it gives an error. I already have installed SQL Server 2008 with all the services running. I can log into it either using Windows authentication or sa.
How can I solve this issue?!
Thanks!
You should not have the full SQL Server installation already on the same server, Lync will install the SQL Express package itself which is most likely your conflict.