Lync and Exchange IM Integration
This article covers the Instant Messaging (IM) integration configuration between Lync Server 2010 and Exchange Server 2010 SP1. How this differs from my previous article on Lync and Exchange UM Integration is that focused on integrating Unified Messaging features like Voice Mail and the Outlook Voice Access attendant while this article covers IM/Presence related features of the Lync client which are baked directly into Outlook Web App.
Lync Server does not include a Web Access client like what was available in Office Communications Server. The Lync Server’s web client now only provides conferencing services for authenticated and anonymous attendees via a web-browser. The IM/Presence features are now only available in a web-browser-based embedded client from within Outlook Web App in Exchange Server 2010.
The lab environment used as examples was built using the same processes discussed in these three previous articles for Lync Server. A single consolidated Exchange 2010 SP1 server was also added in the recent UM integration article.
This process has been covered in various other articles online but I chose to include this in my series of deployment articles so that anyone using them for their own deployment can follow along just the same. Also the selection and order of prerequisite software is different in this article as it is the most current and reflects the latest changes in hotfix availability.
The following steps completed in this order in a greenfield deployment should yield a working UM environment in little time.
- Install the prerequisite software and associated hotfixes on the Exchange server.
- Enable various instant messaging settings on the Exchange Client Access service.
- Define a new Trusted Application Pool and configure the Trusted Application in Lync Server.
These steps begin right where the UM integration article left off, although the UM configuration is not required to setup the following IM integration. These integrations (UM or IM) can be performed in either order. Both the Exchange and Lync server hosts are running Windows Server 2008 R2, so the specific hotfixes and download in this article only address that specific server version.
1. Install Prerequisite Software
The first component to install is the Microsoft Office Communications Server 2007 R2 Web Service Provider which contains the necessary components to add basic IM and presence features into Outlook Web App.
- Download and install the CWAOWASSPMain.msi installation package on the Exchange Server where the Client Access Server role is running (e.g. lab1exch.csmvp.net). Select the default installation location as this package will only unpack the installation files and then drop them in the directory shown, it does not perform any component installation.
- Browse to the newly created directory (e.g. “c:web service provider installer package”) and run the vcredist_x64.exe package to install Visual C++2008. This component may already be installed if the UM integration was previously configured on this Exchange Server.
Next is the Unified Communications Managed API 2.0 Hotfix (KB 2400399) which installs the latest updates for the UC Managed API. Although this component is included in the unpacked Web Service Provider install directory a newer version needs to be used.
- Download and install the UcmaRedist.msp patch on the Exchange Server. Using the Programs and Features control panel verify the installed version is at least 3.5.6907.215. This component may also already be installed if UM integration is already configured.
Now the Web Service Provider components can be installed.
- Browse to the newly created directory (e.g. “c:web service provider installer package”) and execute the CWAOWASSP.msi package on the Exchange Server. The installation is nearly silent and only a brief status window will appear. Since no confirmation window appears the installation should be validated by using the Programs and Features control panel verify the installed version is at least 3.5.6907.57. (Make sure not to mistake the Installer Package as it also appears in the list with the same version; there should be two similar lines.)
The next component needed is the OCS 2007 R2 Web Service Provider Hotfix (KB 981256) which updates the Web Service Provider with the latest hotfixes. Take note that although the file name of this patch appears identical to the original installation file extracted in an early step the patch is not all-inclusive (notice .msi versus .msp).
- Download and install the CWAOWASSP.msp patch on the Exchange Server. The version number should now be incremented to 3.5.6907.202.
2. Configure Exchange Server
The Client Access Server configuration is performed using the Exchange Management Shell with a set of PowerShell cmdlets used to identify the current certificate and then populate the various InstantMessaging parameters.
The initial step is identify the certificate currently assigned to the IIS service in Exchange and record the thumbprint value.
- Display a list of installed certificates and their enabled services by using the following cmdlet. Copy the Thumbprint value for the certificate enabled for the IIS service.
- To make sure that only a single OWA Virtual Directory is currently configured on the Exchange Server (which is the default) execute the Get-OWaVirtualDirectory cmdlet and verify that the only returned result is owa (Default Web site).
If more than one entry is returned then either additional directories have been defined for the single CAS or there are multiple CAS hosts in the organization, each with it’s own OWA virtual directory. In the case of the latter the next step is the same as the cmdlet will place the same configuration on each virtual directory. But if only a single virtual directory or single CAS is to be targeted then drop the initial cmdlet in the example and add the -Identity switch to target only the desired virtual directory to configure.
- To select the single default OWA virtual directory and then configure the various InstantMessaging parameters use the following cmdlet with the discovered certificate thumbprint and the desired Lync Server FQDN (e.g. lab1ls.csmvp.net).
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InstantMessagingType OCS -InstantMessagingEnabled:$true –InstantMessagingCertificateThumbprint 851588624951A8181DAB0CB6A52C19AC4C15DFA4 -InstantMessagingServerName lab1ls.csmvp.net
- Perform an iisreset on the Exchange Server where the changes where applied to force and update of the IIS metbase and service. If this is a live environment then the /noforce option should be added to prevent dropping any active client connections.
3. Configure Lync Server
In this section the Topology Builder will be used to define a trusted application pool with the Exchange Server, followed by a PowerShell cmdlet used to enable the application connection and select a static port for communications with Exchange. Some additional cmdlets will also be used to display the configuration changes for verification purposes.
- Open up the Lync Server Topology Builder on the Lync Server and select the option to Download topology from existing deployment. Save the imported data to a local .tbxml file for editing.
- Expand the site and create a new Trusted Application Pool under Trusted Application Servers. Enter the FQDN of the Exchange Server with the CAS role which was just configured (e.g. lab1exch.csmvp.net) and select Single Computer Pool. (Alternatively use the virtual FQDN of the load balanced CAS array the Multiple Computer Pool setting in a large deployment.)
- Select the Next Hop Pool which will be the FQDN and Site name of the Lync Server. In this scenario there is a single server in a single site so there will not be any other choice to select from on this portion of the wizard.
- Complete the wizard and publish the topology changes to the Central Management Store.
- To verify the changes are seen by the Lync Server use the Get-CsTrustedApplicationPool cmdlet with the Lync Server Management Shell to display the trusted application pool configuration.
- The Get-CsTrustedApplicationComputer cmdlet will also show the defined computer object when the Single Computer Pool option is selected in the Topology Builder.
The next step in the configuration is to use the New-CsTrustedApplication cmdlet to define a trusted application and associate it to the new trusted application pool.
Before configuring the trusted application an open listening port on the Lync Server must be selected. Any unused port can be selected and in this example 5059 was chosen in an effort to keep it mathematically close to the other Lync Server related ports. If no output is shown in the command then that indicates the port is not currently used as a source listening port, nor are any connections established to foreign hosts using that as a destination port either.
- Enter the following command on the Lync Server to search for any current usage of the desired TCP port.
netstat -a | findstr 5059
- Use the following New-CsTrustedApplication cmdlet to create the trusted application and associate it with the new trusted application pool. (The ApplicationID value can be any desired string such as it is unique to the trusted application pool.)
New-CsTrustedApplication -ApplicationId ExchangeOWA -TrustedApplicationPoolFqdn lab1exch.csmvp.net -Port 5059
- As instructed by the previous command issue the Enable-CsTopology cmdlet to apply the latest configuration changes. The -v switch (for verbose) can be used to display the command progress as well as the location of the output log file.
- Open the referenced Enable-CsTopology-<GUID>.html file in the %TEMP% directory and search it for the ApplicationID provided (e.g. exchangeowa) to verify a successful activation.
4. Verify Integration
At this point the integration should be fully functional and can be verified by logging into Outlook Web App with a Lync-enabled and mailbox-enabled user account. The presence chiclets will be visible next to user’s names in the email header fields and are also drop-down menu activated to display the available communications modalities.