Category Archives: Lync

Lync Server 2013 – Location Based Routing


Location Based Routing is an impressive feature of Lync Server 2013 which distinct Lync Server 2013 from other UC solutions. LBR allows full fledge Lync 2013 Enterprise Voice deployment for those enterprises who are doing business in regulated countries such as India, UAE, Egypt etc. Lync enterprise voice deployment with LBR requires well-versed planning and designing as your one wrong step can disturb entire voice setup. Now, questions come to every Lync professional if LBR requires planning & designing; it means LBR is not enabled by default or in other ways, LBR configuration part comes later.

Question: If LBR is not enable by default and needs additional configuration, which methodology Lync Server uses by default?

Answer: LCR

Many Exchange professional who are reading this blog, can assume LCR means Local Continuous Replication which was introduced in Exchange Server 2007.

By default Lync server uses Least Cost Routing methodology. Least cost routing can reduce the call rates by minimizing toll charges and maximizing WAN uses, which can benefit to the enterprises but in another ways it is a revenue loss for PSTN service providers.

LBR Benefits:

  • Comply with regulations that restricts IP-to-PSTN routing in pre-defined cases.
  • Routes PSTN calls based on caller’s location to prevent toll bypass.
  • Scoped to specific locations, gateways, and users based on Network configuration.
  • Route call to the gateway closest to the calling party which increase QoS & QoE.
  • Minimize use of WAN which result in better QoS & QoE.

LBR Capabilities:

  • Route outgoing calls to a PSTN gateway local to the caller’s location.
  • Prevent incoming calls if the Lync client is not in the PSTN gateway’s location.
  • Route outgoing calls through international PSTN gateways when there is no local gateway.
  • Ensures that conferences do not have a mix of users from different locations and PSTN dial-out.

Outbound routing:

Trunk-to-trunk routing:

Inbound routing:


There are many test cases involve in LBR implementation which need to be tested. Implementation steps and test cases is explained in the next part of this article.

Courtesy: Lync Conference 2014.

Advertisements

A trusted server….. error while publishing Lync Server 2013 topology


You may see “A trusted server….” error while publishing Lync Server 2013 topology.

In my case, I was adding Archiving and Monitoring role in existing Lync environment and had never faced this issue before.

After searching and looking into the error, I observed this error is occurring because of some existing entries in Active Directory.

To resolve this issue, I followed the below steps.

Note: Please take your AD backup before playing with ADSI Edit or ask your AD expert to perform the same activity.

  1. Open ADSI Edit (adsiedit.msc)
  2. Open Configuration partition and navigate to CN=Services>CN=RTC Service>CN=Trusted Services.

  1. Go to the properties of each entry under “CN=Trusted Services”.
  2. Type “msrtc” to search the Lync attributes in the property.

  1. Cross verify “TrustedServiceType” and “TrustedServerFQDN” with the error.
  2. Close the property and delete the entry.
  3. Publish the topology.
  4. If you get the same error again with different TrustedServiceType, follow the same procedure one more time.

Finally, publish the topology 🙂

Lync Server 2013 Brick Model


Messaging is a business critical application for any enterprise. To increase the productivity, instant or real-time communication is very much required. Lync has become a more suitable option for business productivity which serves all real-time workloads such as IM/Presence, Audio/Video & Web conferencing, Group/Persistent Chat, Application & Desktop sharing and Enterprise Voice.

While enterprises are moving towards an application for real-time communication, services availability is concern for IT decision makers. To avoid complexities and provide more availability Microsoft came up with brick model architecture for Lync 2013. It allows scaling out your Lync FE servers from 1 to 12 and each server can support up to maximum 6666 concurrent users. Lync Server 2013 is loosely coupled with Lync Back End SQL server and use lazy writes feature to write data in SQL Back End server.

Lync Server 2013 divides users in a group and each group is dynamically assigned to three Front End Server, primary secondary and tertiary. Once user logs in, primary server serves the services and replicate the data across secondary and tertiary using synchronous replication as well as update the SQL backend server using asynchronous replication known as lazy writes. In case of primary server failure secondary server serves the services.

In Lync server 2013, Front End server keeps rtc, rtcdyn and xds database in local sql express store. To know more about Lync 2013 databases please go through Lync Server 2013 databases.

Now, we should talk about how brick model works. Basically, brick model is based on windows fabric and it consider nodes majority for availability. That’s why you need minimum three Front End servers to achieve high availability. The majority is considered when n/2 or n+1/2 Front End servers are alive.

For maintenance, you should restart/down one server at a time. If all Front End servers go down due to the power outage or any other reasons, please make sure you are starting all Front End servers at the same time.

Virtualization best practices for Lync


Lync is an instant communication application which provides many modalities to end users such as IM/Presence, A/V, Conferencing, Group/Persistent Chat, Enterprise Voice etc. To achieve all these functionalities, organizations need to deploy many roles on different-2 servers. Therefore, many roles require many servers and as number of servers will increase, cost will increase respectively. To provide better ROI with restraint TCO, Lync can be deployed as a Virtualized solution.

While virtualizing Lync, Performance and stability should be taken care. To achieve complete virtualized solution follow virtualization best practices for Lync.

Microsoft recommends below best practices for Lync virtualized solution.

Processor

  • You should disable hyperthreading on all hosts.
  • Do not use processor oversubscription; maintain a 1:1 ratio of virtual CPU to physical CPU.
  • Make sure your host servers support nested page tables (NPT) and extended page tables (EPT). [Intel use EPT terminology while AMD use NPT terminology]
  • Disable non-uniform memory access (NUMA) spanning on the hypervisor, as this can reduce guest performance.

Memory

  • Do not configure dynamic memory or memory overcommitment on host servers.

Network

  • Use Virtual Machine Queue (VMQ) to optimize synthetic NIC performance.
  • Use physical NIC segregation for host versus guest communications.
  • Single-root I/O virtualization (SR-IOV) is recommended. The specific configuration you should use depends on the host chipset and network adapter/driver. (SR-IOV is recommended but not mandatory, you can still use NIC teaming at host level.)

Storage

  • Use fixed or pass-through disks rather than dynamic disks. (I recommend, use fixed disks in VHDX format instead of pass-through.)
  • Use MPIO (Multipath I/O) for your storage Back End Server.

Hypervisor

  • Virtual machine portability or failover techniques such as live migration are not supported.
  • Hypervisors require an amount of overhead (typically 6 percent to 10 percent) above and beyond what the virtual guest requires. This overhead can involve both CPU and memory.
  • Windows Server 2008 SP2 is not supported as a guest operating system.

Apart from Lync server roles, you can also virtualize other components such as Load Balancer and Session Broader Controller.

Configure DHCP Server options for Lync Phones


Setting up entire Lync Infrastructure is fun for Lync Professionals but real fun always come at last moment when end users start enjoying Lync services from their end user devices. To setup Lync soft client is quite easy while configure Lync phone devices are tricky one.

Trick comes with automate process of Lync phone devices which start from getting an IP address from DHCP server and end with user specific configuration such as selecting Time zone. Most of the companies use DHCP server to provide IP address to the client machine, simply Lync Phone devices can get an IP address from same DHCP server but it needs more to complete the entire configuration.

First of all, we have to understand any Lync client can only login if time is synchronized between Lync Server and Client. To meet this requirement starts with DHCP option 42.

If you have time server in your existing environment, specify the same in DHCP configuration option 42.

Let’s take an example if you don’t have time server in your existing environment then you can configure domain controller (PDC) as a time server.

  1. Create a record as shown below.

  1. Create service record as shown below.

Once you are done with this, specify same server address in DHCP option 004 & 042 and domain name in option 119.



Rest all the options you can see below need to be configured. But 🙂 you’ll not get any option with specific vendor by default in your DHCP server.

To make it simple MS provide dhcputil.exe in Microsoft Lync Server 2013 Front End / Standard Edition Servers.

 

Just copy this dhcputil.exe file in DHCP server and run below command

DHCPUtil.exe -SipServer <Lync Server Pool FQDN > -WebServer <Lync Server Internal Web FQDN> -RunConfigScript

In my case, I have copied dhcputil.exe in c drive of dhcp server.

C:\> DHCPUtil.exe -SipServer se01.insidemstech.com -WebServer sewebint.insidemstech.com –RunConfigScript

Once you will run the above cmdlet, it will add & configure all the required option as shown below

If you want to verify your dhcp configuration, run DHCPUtil.exe –EmulateClient from client computer.

If it doesn’t give any errors. It means you are done.

Now you can set pin for your Lync users and get logged in through Lync Phone Edition devices.

I hope it helped 🙂

 

How does Lync Federation work?


Lync federation also known as external connectivity which allows a lync user to connect with users in other organization as well as public IM domains and XMPP. Lync support two kinds of federation open and close. When an organization allow open federation that means the organization has enabled automatic discovery while closed means the organization has disabled automatic discovery and added specific domain to allow federation.

Lync federation can be configured from Lync Control Panel as well as from Lync Management Shell.

It is time to know “how does lync federation work?” Let’s take an example of two organizations contoso.com and fabrikam.com. Both organizations have open federation.

Below is the step by step procedure:

  1. UserA (sipuri:usera@contoso.com) is looking for UserB (sipuri:userb@fabrikam.com)
  2. First of all it will check the access edge configuration for federated domain.
  3. As UserA request for sipuri: userb@fabrikam.com and in my case both domain is configured for open federation, the request will go to Access Edge Server and Access Edge Server will do lookup for domain name fabrikam.com.
  4. If fabrikam.com domain exists then it will look for the SRV record _sipfederationtls._tcp.fabrikam.com.
  5. Once it will get the destination address of fabrikam.com access edge server then it will try to establish the SIP/MTLS:5061 connection.
  6. Once Fabrikam.com will receive the request from contoso.com, fabrikam.com will check the access edge configuration to verify allow/block federated domains.
  7. Once the connection will be establish between both Lync Front End Pools / Lync Standard Edition Servers via Access Edge Server, UserA and UserB will talk to each other.

 

Note:

  1. All the required ports should be open in both ends.
  2. SRV record entry should exist in External Certificate.
  3. Federated domain should be allowed in both ends.
  4. XMPP doesn’t use SIP/MTLS:5061. It use XMPP/TCP:5269 to connect access edge server from public network and XMPP/MTLS:23456 to connect Front End Pool.

IIS ARR on Windows 8.1 for Lync 2013


Reverse Proxy is a key part of the infrastructure topology which help users to access application from the internet. As Microsoft has no futuristic road-map for TMG/UAG and other products which provide same kind of functionality may expensive and costly. Therefore, Microsoft came up with inexpensive reverse proxy solution which works on IIS 7 onwards. It is very simple to configure and can be configured on Windows server operating system as well as on client operating system.

Let’s start step by step procedure to configure Internet Information Service Application Request Routing (IIS ARR) on window 8.1. The basic requirements to configure IIS ARR is 2 NIC’s and IIS 7 & above.

(Note: If you are using IIS ARR behind the internal firewall then don’t forget to add the route for inbound traffic and don’t specify any gateway in your internal NIC.)

The system should not be part of the domain. One network will connect to your internal network and another network will connect to the internet.

 

 

Install windows 8.1 Enterprise.

 

Add DNS Suffix.

 

Configure both NIC’s. In my setup “Edge” will talk to internal network and “External” will talk to Internet. Don’t configure gateway and dns in internal NIC.

 

Install IIS with default features.

 

There are two ways two install IIS ARR components.

  1. Automatic (If you have internet connection on your IIS ARR, you can use this option.)
  2. Manual (if you don’t have internet connectivity.)

For automatic installation just download “Windows Platform Installer” and run wpilauncher.exe.

 

Type ARR in search menu and enter, you will get Application Request Routing 3.0 and click on add and then click on install.

 

You will get the list of dependency including AAR 3.0. Click on I accept to install.

 

If you don’t have internet connection on your IIS ARR server, you can follow the same steps till now on any machine where you have internet connection and can download all dependencies by clicking on “Direct Download Link”.

Now, you can install everything manually including IIS features which are not installed by default by cross checking in the above window.

 

 

 

 

 

 

 

 

 

 

 

Once you have done with installation, please assign certificate to IIS which should have following SAN’s.

  1. Lyncdiscover.doamin.com
  2. Dailin.domain.com
  3. Meet.domain.com
  4. LyncExternalWebSerivice.domain.com (FQDN of external Lync Web Services)
  5. WACExt.domain.com (FQDN of external WAC services) – only if you are publishing WAC url.

     

Open IIS Manager and cross verify assigned certificate.

 

Right click on Server Farms and create new server farm.

 

Define server farm name and click on next.

 

Define IP address of you FE Pool or FQDN* of your FE Pool.

(Note: If you use FQDN then you should make entry in host file.)

 

Make server entry and change the port in advance settings as below.

 

Now, you can see your server farm.

 

Follow the same steps and add all your require server farms.

 

Now go to you websites and click on bindings.

 

Do the necessary bindings with port 443 for https.

 

 

 

Now, you have to go to in each farm and change configuration under Caching, Proxy and Routing rules.

 

Uncheck “Enable disk cache”

 

Click on apply.

 

Now, change time-out (seconds) to 180-200.

 

Click on apply.

 

Uncheck “Enable SSL offloading” in Routing Rules.

 

Click on apply.

 

Now, It is time to configure URL Rewrite settings.

 

You have to keep only _SSL URL path.

 

Click on each and add the condition (HTTP_HOST)

 

 

 

 

 

Follow the same steps for all server farms.

Now, we are done with the configuration.