Microsoft Lync Configuration Trainer Handbook

MCT USE ONLY.
STUDENT USE PROHIBITED
O F F I C I A L
M I C R O S O F T
L E A R N I N G
P R O D U C T
10533A
Deploying, Configuring, and Administering Microsoft Lync Server 2010
ii
MCT USE ONLY. STUDENT USE PROHIBITED
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links may be provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. 2011 Microsoft Corporation. All rights reserved. Microsoft, and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks are property of their respective owners.
Product Number: 10533A Part Number: X17-52341 Released: 5/2011
iii
iv
vi
vii
viii
ix
Acknowledgements
Microsoft Learning would like to acknowledge and thank the following for their contribution towards developing this title. Their effort at various stages in the development has ensured that you have a good classroom experience.
Kelly McMahon Content Developer

For the past 10 years Kelly has been designing courseware and other technical communications for Microsoft. She has developed training materials for a broad range of Microsoft technologies including Microsoft Exchange, Microsoft Windows, Microsoft Dynamics, Microsoft SharePoint, and others. Her focus is on creating comprehensive learning experiences for the IT Professional and Developer audiences. In her spare time, Kelly is also pursuing an MBA with an expected graduation date of June 2011.
Anne Bockman Hansen Content Developer

Anne has 15 years of experience in instructional design, technical writing, and project management. She is experienced in designing curriculum for a wide variety of content areas, including Microsoft Exchange Server, Microsoft SQL Server, Microsoft Windows Server, Microsoft SharePoint, and Microsoft Office. Anne received a Masters of Science degree in Technical Communication from the University of Washington College of Engineering in 1996. She lives in the country with her husband Barry and their 9-month-old twins, Anne and Barry.
Thom Foreman Subject Matter Expert

Thom Foreman is an Infrastructure Consultant and Technical Trainer for Wadeware, based in Kirkland, WA, with more than 12 years of experience in the IT industry. Thom performs real-world IT consulting throughout the Puget Sound region and uses this experience to create Microsoft courseware and instructional content, specializing in Microsoft Lync Server 2010, Microsoft Office Communications Server 2007 R2, Microsoft Exchange Server 2007, and Exchange Server 2010. Thom has worked on numerous Microsoft courses and training materials, including creating the Lync Server 2010 Ignite, Office Communications Server Ignite, and Office Communications Server R2 Voice Ignite labs, as well as contributing to numerous other courses for the Unified Communications Team.
Brian Ricks Subject Matter Expert

Since 1993, Brian has been working in the IT field implementing Microsoft solutions. In 1999 he obtained his first Microsoft Certified Professional (MCP) certification and in 2006 received the MVP award from Microsoft in what is now Lync Server 2010. In 2009 Brian started BriComp Computers, LLC, where he provides consulting services to companies large and small as an Architect and Subject Matter Expert for infrastructure and Unified Communications. Brian holds many credentials, including MCP, Microsoft Certified Systems Engineer (MCSE), MVP, and MBA. He resides in Gilbert, Arizona, with his wife and two young boys ages 11 and 14.
Mark Stafford Technical Reviewer

Mark has been working in IT for well over a decade and has significant real-world experience running a contact center on several different releases of the Lync Server 2010 product family. He has been awarded a Microsoft Certified Masters in Office Communications Server 2007 and Lync Server 2010. Mark has varied professional interests including Unified Communications, application development, and business intelligence. In his spare time, he helps raise his son Caelan and daughters Mia and Calista with his wife, Janet.
xi
Contents
Module 1: Features and Architecture of Microsoft Lync Server 2010
Lesson 1: Features of Lync Server 2010 Lesson 2: Architecture and Server Roles Lesson 3: New Management Tools 1-3 1-15 1-24
Module 2: Deploying Microsoft Lync Server 2010

Lesson 1: Preparing for Deployment Lesson 2: Reviewing the Design Process Lesson 3: Deploying Lync Server 2010 Lab: Preparing the Environment and Deploying a Lync Server 2010 Pool 2-3 2-18 2-21 2-31
Module 3: Configuring Users and Rights in Microsoft Lync Server 2010

Lesson 1: Managing Lync Server 2010 Lesson 2: Role-Based Access Control Lab: Configuring Users and Rights in Lync Server 2010 3-3 3-10 3-15
Module 4: Client and Device Deployment and Management

Lesson 1: Preparing for Client Deployment Lesson 2: Deploying and Managing Lync 2010 Clients Lesson 3: Preparing for Device Deployment Lesson 4: Deploying and Managing IP Phones Lab: Client and Device Management 4-3 4-8 4-17 4-24 4-32
Module 5: External User Access

Lesson 1: Edge Server Role Lesson 2: Topologies for External User Access Lesson 3: Preparing for External User Access Lesson 4: Edge Server Deployment Process Lab: Deploying External User Access 5-3 5-7 5-11 5-22 5-30
Module 6: Configuring Basic Enterprise Voice Functionality

Lesson 1: Features of Lync Server 2010 Enterprise Voice Lesson 2: Preparing for Enterprise Voice Lesson 3: Deploying Enterprise Voice Lab: Configuring Basic Enterprise Voice Functionality 6-3 6-10 6-19 6-29
xii
Module 7: Extending Enterprise Voice Functionality

Lesson 1: Configuring Enterprise Voice Lesson 2: Introducing Call Park Lesson 3: Introducing the Announcement Service Lab: Implementing Enterprise Voice 7-3 7-9 7-16 7-22
Module 8: Microsoft Exchange Server 2010 SP1 Unified Messaging Integration

Lesson 1: Overview of Exchange Server 2010 SP1 Unified Messaging Lesson 2: Prerequisites for Integrating Exchange Server 2010 SP1 UM with Lync Server 2010 Lesson 3: Integrating Exchange Server 2010 SP1 UM with Lync Server 2010 Lab: Integrating Exchange Server 2010 SP1 Unified Messaging Integration with Lync Server 2010 8-3 8-8 8-16 8-25
Module 9: Implementing Response Groups

Lesson 1: Overview of the Response Group Service and Its Application Lesson 2: Response Group Service Components Lesson 3: Response Group Service Management Tools Lab: Configuring the Lync Server 2010 Response Group Service 9-3 9-8 9-23 9-29
Module 10: Conferencing in Lync Server 2010

Lesson 1: Introduction to Conferencing in Lync Server 2010 Lesson 2: Dial-In Conferencing in Lync Server 2010 Lesson 3: Managing and Administering Conferencing Policies Lab: Conferencing Configuration and Deployment 10-3 10-14 10-25 10-32
Module 11: Monitoring and Archiving

Lesson 1: Describing the Archiving Service Lesson 2: Describing the Monitoring Service Lesson 3: Configuring Archiving and Monitoring Lab: Configuring and Using Archiving and Monitoring in Lync Server 2010 11-3 11-11 11-19 11-27
Module 12: High Availability and Disaster Recovery in Lync Server 2010
Lesson 1: High Availability Options Lesson 2: Tools for Backing Up and Restoring Lync Server 2010 Lesson 3: Critical Lync Server Data to Export and Import Lesson 4: Critical Lync Server 2010 Data to Export and Import Lab: Preparing for and Recovering from a Disaster 12-3 12-14 12-18 12-23 12-28
xiii
Module 13: Call Admission Control

Lesson 1: Overview of Call Admission Control Lesson 2: Implementing Call Admission Control Lab: Implementing Call Admission Control 13-3 13-14 13-22
Module 14: Deploying and Configuring Enhanced 9-1-1

Lesson 1: Overview of E9-1-1 Lesson 2: Deploying and Configuring E9-1-1 Lab: Configuring the Lync Server 2010 Location Information Service for E9-1-1 Calling 14-3 14-12 14-24
Module 15: Voice Resiliency Features of Lync Server 2010

Lesson 1: Voice Resiliency in Lync Server 2010 Lesson 2: Features Available During Various Outage Scenarios Lab: Implementing Voice Resiliency in Lync Server 2010 15-3 15-14 15-21
Lab Answer Keys
xiv
About This Course
About This Course

This section provides you with a brief description of the course, audience, suggested prerequisites, and course objectives.
Course Description
This five-day instructor-led course teaches IT professionals how to deploy, configure, and administer a Microsoft Lync Server 2010 solution. The course emphasizes Lync Server 2010 Enterprise Voice features from a deployment and configuration perspective. The labs in this course build on each other to create a solution that includes IM and Presence, Conferencing, and Enterprise Voice. This course helps the student prepare for Exam 70-664.
Audience
This course is intended for IT professionals and telecommunications professionals, who want to learn how to install, configure, manage, and maintain a Lync Server 2010 environment.
Student Prerequisites
Students should have at least three years experience working with unified communications (UC) software, including knowledge of and experience with Microsoft Office Communications Server 2007 R2. In addition to their professional experience, students who attend this training should have an understanding of the following telecommunications concepts: The difference between time-division multiplexing (TDM) and Voice over Internet Protocol (VoIP) Gateways and Private Branch Exchange (PBX) systems Session Initiation Protocol (SIP) Codecs Dialing plans
Students should also understand the following general concepts: Networking fundamentals, including Transmission Control Protocol (TCP), IP, User Datagram Protocol (UDP), Domain Name System (DNS) Active Directory Domain Services (AD DS) principles and management Microsoft Windows Server 2008 fundamentals Public Key Infrastructure (PKI) Microsoft Exchange messaging concepts Microsoft Windows PowerShell basics Microsoft SQL Server concepts and operations
Course Objectives
After completing this course, students will be able to: Describe how the features and architecture of Lync Server 2010 enable real-time communication and collaboration. Deploy Lync Server 2010. Configure users and rights using Role-Based Access Control (RBAC).
ii
About This Course
Deploy and manage Lync 2010 clients. Configure and manage external user access using the Edge server role. Deploy basic Enterprise Voice functionality. Extend Enterprise Voice functionality to include trunk options, Call Park orbit, and the Unassigned Number feature. Integrate Microsoft Exchange Server 2010 Service Pack 1 (SP1) Unified Messaging (UM) with Lync Server 2010. Configure the Response Group Service, including agent groups, queues, and workflows. Configure and manage conferencing. Configure and use archiving and monitoring. Perform backup and restore of critical Lync Server 2010 data. Improve bandwidth management using Call Admission Control (CAC). Configure and deploy Enhanced 9-1-1 (E9-1-1). Configure a Survivable Branch Server for a branch office.
Course Outline
This section provides an outline of the course: Module 1, Features and Architecture of Microsoft Lync Server 2010, introduces the architecture and topology of Lync Server 2010. It also provides a high-level overview of Lync Server 2010 features and capabilities, including enhanced social-networking capabilities, and the improved administrative experience provided by the Central Management Store (CMS) and Lync Server Control Panel. Additionally, it provides an overview of the new Topology Builder tool. Module 2, Deploying Microsoft Lync Server 2010, introduces the planning and implementation tasks necessary for deploying Lync Server 2010 Enterprise Edition. It also explains the Lync Server 2010 infrastructure requirements, the topology design and publishing process, as well as the steps required to prepare AD DS, deploy a Front End server and pool, and prepare for the deployment of the remaining server roles. Module 3, Configuring Users and Rights in Microsoft Lync Server 2010, explains how to configure and manage users in Lync Server 2010. It describes the configuration management options in Lync Server 2010, including the Lync Server Control Panel and the Lync Server Management Shell. It also covers the basic syntax for working in Windows PowerShell. Additionally, it describes the Role-Based Access Control (RBAC) administrative model in Lync Server 2010 and highlights the predefined roles and the process for creating new custom roles. Module 4, Client and Device Deployment and Management, explains how to effectively manage desktop clients and devices in a Lync Server 2010 environment. It describes how to create and define client and user policies in Lync Server 2010, as well as new procedures for deploying clients and devices. Module 5, External User Access, explains how to support external access in a Lync Server 2010 deployment. It describes the features and functionalities of the Edge server that support user communication and collaboration with external users, and internal user access to public IM services. Additionally, it explains how to configure network routing for the Edge server, obtain and install certificates, and create and modify Access Edge Policies for federated, remote, and public scenarios.
About This Course
iii
Module 6, Configuring Basic Enterprise Voice Functionality, provides an overview of the major components, features and topology requirements of Lync Server 2010 Enterprise Voice. It explains the capabilities and components that are new or enhanced in Lync Server 2010. It also describes how to prepare, configure, and deploy basic Enterprise Voice functionality. Module 7, Extending Enterprise Voice Functionality, explains how to configure policies, routes, and usage records. It also describes how to implement the call park and unassigned number features. Module 8, Microsoft Exchange Server 2010 SP1 Unified Messaging (UM) Integration, describes the prerequisites for integrating Exchange Server 2010 UM with Lync Server 2010. It also explains how to create and configure a UM dial plan. Additionally, it covers how to use the tools and services needed to integrate Exchange Server 2010 UM with Lync Server 2010. Finally, it explains how to enable a user for UM integration with Lync Server 2010. Module 9, Implementing Response Groups, introduces the Response Group Service (RGS) and the changes that have been implemented with Lync Server 2010. It describes RGS components, including queues, agent groups, workflows, and interactive workflows. It also explains how to use tools such as Lync Server Control Panel, Lync Server Management Shell, and Response Group Configuration Tool to manage workflows. Module 10, Conferencing in Microsoft Lync Server 2010, introduces the conferencing abilities provided by Lync Server 2010. It also explains dial-in conferencing in Lync Server 2010 and how to manage and administer conferencing policies. Module 11, Monitoring and Archiving, describes the features and configuration of the Monitoring and Archiving services. It also explains how to interpret the Quality of Experience (QoE) reports and use this information to better manage and deliver a high-quality user experience for Lync Server 2010. Module 12, High Availability and Disaster Recovery in Microsoft Lync Server 2010, explains the requirements for high availability and the requirements for the DNS Load Balancing feature. It also describes the tools and methods for successfully backing up and restoring a Lync Server 2010 environment. Additionally, it explains how to back up, restore, export, and import critical Lync Server 2010 data. Module 13, Call Admission Control, introduces Call Admission Control (CAC) in Lync Server 2010 and describes the various CAC components. It explains how to deploy and use CAC bandwidth management to help prioritize and control allocation of network resources to real-time communications sessions. Module 14, Deploying and Configuring Enhanced 9-1-1, introduces the Location Information Server (LIS), which builds on Enhanced 9-1-1 (E9-1-1) technology to provide location information to users of a network. It explains how to deploy and configure LIS for use with or without E9-1-1. Module 15, Voice Resiliency Features of Lync Server 2010, describes the features of Lync Server 2010 that ensure voice resiliency. It explains how voice resiliency is used to provide continuous Enterprise Voice service so that users can continue making and receiving calls, even if the central site or the WAN link from a branch to its central site becomes unavailable. It also explores multiple failure scenarios such as central site failover, branch site failover, and WAN failover.
iv
About This Course
Course Materials
The following materials are included with your kit: Course Handbook A succinct classroom learning guide that provides all the critical technical information in a crisp, tightly-focused format, which is just right for an effective in-class learning experience. Lessons: Guide you through the learning objectives and provide the key points that are critical to the success of the in-class learning experience. Labs: Provide a real-world, hands-on platform for you to apply the knowledge and skills learned in the module. Module Reviews and Takeaways: Provide improved on-the-job reference material to boost knowledge and skills retention. Lab Answer Keys: Provide step-by-step lab solution guidance at your finger tips when its needed.
Course Companion Content on the http://www.microsoft.com/learning/companionmoc/ Site: Searchable, easy-to-navigate digital content with integrated premium on-line resources designed to supplement the Course Handbook. Modules: Include companion content, such as questions and answers, detailed demo steps and additional reading links, for each lesson. Additionally, they include Lab Review questions and answers and Module Reviews and Takeaways sections, which contain the review questions and answers, best practices, common issues and troubleshooting tips with answers, and real-world issues and scenarios with answers. Resources: Include well-categorized additional resources that give you immediate access to the most up-to-date premium content on TechNet, MSDN, Microsoft Press
Student Course files on the http://www.microsoft.com/learning/companionmoc/ Site: Includes the Allfiles.exe, a self-extracting executable file that contains all the files required for the labs and demonstrations. Course evaluation At the end of the course, you will have the opportunity to complete an online evaluation to provide feedback on the course, training facility, and instructor. To provide additional comments or feedback on the course, send e-mail to support@mscourseware.com. To inquire about the Microsoft Certification Program, send e-mail to mcphelp@microsoft.com.
About This Course
Virtual Machine Environment

This section provides the information for setting up the classroom environment to support the business scenario of the course.
Virtual Machine Configuration

In this course, you will use Microsoft Virtual Server 2005 R2 with SP1 to perform the labs.
Important: At the end of each lab, you must close the virtual machine and must not save any changes. To close a virtual machine without saving the changes, perform the following steps: 1. 2. On the virtual machine, on the Action menu, click Close. In the Close dialog box, in the What do you want the virtual machine to do? list, click Turn off and delete changes, and then click OK.
The following table shows the role of each virtual machine used in this course: Virtual machine Role Domain controller in the fabrikam.com domain DNS, CA Miami Member server in the fabrikam.com domain SQL Server 2008 SP1 Miami Member server in the fabrikam.com domain Lync Server 2010 Enterprise Edition Server Miami Member server in the fabrikam.com domain Internal Client Miami Domain controller in the fabrikam.com domain DNS, CA, Exchange 2010 SP1 Miami Member server in the fabrikam.com domain SQL Server 2008 SP1 Miami Member server in the fabrikam.com domain Lync Server 2010 Standard Edition Server Miami Member server in the fabrikam.com domain Lync Server 2010 Standard Edition Server Rome Member server in the fabrikam.com domain Lync Server 2010 Survivable Branch Server Redmond Member server in the fabrikam.com domain Lync Server 2010 Monitoring and Archiving Server Miami Stand-alone server
10533A-MIA-DC1.1
10533A-MIA-SQL1.1
10533A-MIA-LS1.1
10533A-MIA-CL1.1 10533A-MIA-DC1.2
10533A-MIA-SQL1.2
10533A-MIA-LS1.2
10533A-ROM-LS2.2
10533A-RED-SBS1.2
10533A-MIA-AM1.2
10533A-MIA-RAS1.2
vi
About This Course
Virtual machine
Role RRAS server and External DNS Miami
10533A-MIA-ED1.2
Stand-alone server Lync Server 2010 Edge Server Miami Internal Client Miami PBX Emulator Host Member server in the fabrikam.com domain Internal Client Redmond Member server in the fabrikam.com domain Internal Client Rome Member server in the fabrikam.com domain Internet Client External
10533A-MIA-CL1.2
10533A-RED-CL2.2
10533A-ROM-CL3.2
10533A-INT-CL4.2
Course Files
The course files needed for this class are located on the various virtual machines in C:\LabFiles.
Classroom Setup
Refer to the Setup Guide for instructions on setting up the classroom.
Course Hardware Level

To ensure a satisfactory student experience, Microsoft Learning requires a minimum equipment configuration for trainer and student computers in all Microsoft Certified Partner for Learning Solutions (CPLS) classrooms in which Official Microsoft Learning Product courseware is taught. Hardware level 6 is required for this course. Refer to the Setup Guide for more information.
Features and Architecture of Microsoft Lync Server 2010
1-1
Module 1
Contents:
Lesson 1: Features of Lync Server 2010 Lesson 2: Architecture and Server Roles Lesson 3: New Management Tools 1-3 1-15 1-24
1-2
Module Overview
The Microsoft Lync Server 2010 communications software introduces many new features beyond what was available in previous versions of Microsoft communications solutions. Lync Server 2010 has a completely redesigned and streamlined management infrastructure. It supports security, compliance, and extensibility for a true enterprise-grade unified communications (UC) platform. It also offers the resiliency, scalability, and critical features necessary to enhance or replace traditional Private Branch eXchange (PBX) systems. Lync Server 2010 provides new ways for users to connect, share information, and collaborate. By establishing a single solution that integrates voice, Instant Messaging (IM), and Web conferencing within familiar Microsoft Office applications, Lync Server 2010 delivers a streamlined solution for todays busy information workers. In this module, you will learn about the architecture and topology of Lync Server 2010. You will also learn about the high-level features, the enhanced social networking capabilities, and the improved administrative experience provided by the new Central Management Store and the Lync Server Control Panel. This module also provides an overview of the new Topology Builder tool, which enables you to implement an appropriate architecture based on your organizations specifications.
Objectives
After completing this module, you will be able to: Describe the features and capabilities of Lync Server 2010. Describe the new architecture and server roles of Lync Server 2010. Describe the new management tools of Lync Server 2010.
1-3
Lesson 1
Features of Lync Server 2010
This lesson provides you with an overview of the features and capabilities of Lync Server 2010. It also introduces the new client-side communication and collaboration capabilities provided by the social networking enhancements of Lync Server 2010. In addition, you will learn about the new Lync Server 2010 management tools, including the Lync Server Control Panel, Lync Server Management Shell, and Topology Builder.
Objectives
After completing this lesson, you will be able to: Describe the key Lync Server 2010 feature areas. Explain Converge Communications. Explore the social-networking additions. Describe the new Enterprise Voice features. Explore the Lync Server 2010 tools. Describe the Microsoft Lync 2010 clients.
1-4
Overview of Lync Server 2010
The overarching goal of Lync Server 2010 is to provide customers with an experience that unifies real-time communication and collaboration in a holistic manner, while being a solution that is easy to deploy and administer. Based on customer feedback, Lync Server 2010 has been redesigned to provide significant architectural improvements, as well as enhancements to several features that increase the reliability, voice quality, and manageability of the system.
New Management and Administrative Features

Several management, monitoring, and archiving enhancements are provided that help administrators manage and monitor the system more quickly and easily.
Central Management Server or Central Management Store

In Lync Server 2010, all configuration data about servers, services, and user policy is moved to the Central Management Server (or the Central Management Store (CMS), whichever you are using). The CMS provides robust storage of the data needed to define, set up, and maintain a Lync Server 2010 deployment. It also validates the data to ensure configuration consistency, and then replicates read-only copies to all servers in the topology, including Edge servers. This eliminates the out-of-sync problems experienced with earlier versions. For more information about Central Management Server or Central Management Store, see Lesson 2, Architecture and Server Roles, in this module.
Role-Based Access Control (RBAC)

Lync Server 2010 uses RBAC, providing administrators with access rights that are specific to their job function. Following the principle of least privilege, the predefined roles in Lync Server 2010 enhance system-wide security and help to ease the learning curve for new administrators. Administrators can also create custom roles. For more information about Role-based Access Control, see Module 3, Configuring Users and Rights in Lync Server 2010.
1-5
New Features for Managing Edge Servers

In Lync Server 2010, you manage Edge servers from the internal network. Because all configuration data for servers and services resides in the CMS, Edge Server management is simplified through use of internal administrative tools. After you deploy Edge servers and configure the required ports, configuration data is automatically pushed from the CMS to each Edge server. This strategy offers the following advantages: Simplified installation. You do not have to install administrative tools on Edge servers. Streamlined management of Lync Server 2010 components. You can now configure Edge servers from a centralized location with a single user interface. Consistent synchronization of internal and external Lync Server 2010 configuration changes. Server configuration changes are pushed out to Edge servers as they are made. Improved security. You do not need to log on to Edge servers to perform administrative tasks.
For more information on managing Edge Servers, see Module 4, Client and Device Deployment and Management.
New Client Features

Lync 2010, formerly known as Microsoft Communicator 2007, has a redesigned user interface that provides an enhanced and more intuitive way for users to communicate using voice and video. New calling features include: Click to Call from Contacts In-call quality information Separate phone environment with a familiar dual-tone multi-frequency (DTMF) dial pad
These features help to increase overall discoverability and user confidence. With one click, users can easily share video in calls and conferences. A new panoramic video feature enables users to see the entire room in multiparty conferences. A separate video window allows the use of dual monitors, enabling users to watch video on one monitor while doing full-screen application or desktop sharing on another monitor.
New Enterprise Voice Features

Lync Server 2010 introduces several new features that enhance Enterprise Voice, including: Enhanced voice resiliency in central sites and branch offices. Lync Server 2010 introduces the new Backup Registrar feature for enhanced voice resiliency. Call Admission Control (CAC) for bandwidth management. This new feature provides functionality for determining optimal routing and managing available bandwidth by redirecting calls to an alternate gateway, as needed. Hosted Exchange Unified Messaging (UM). Full support for hosted Exchange UM integration is provided. Media bypass. This new feature for media path optimization provides bandwidth savings and improved call quality. Emergency dialing (Enhanced 9-1-1 [E-9-1-1]). Enhanced location information is provided for improving the response time of emergency services. New Mediation server and gateway topologies. New for the Mediation server is the ability for a single Mediation server to control multiple gateways. The Mediation server can now be collocated with the Front End server.
Each of these topics will be discussed in more detail later in this module.
1-6
What Is Converge Communications?
Converge Communications is the ability to connect people and teams by sharing presence information and enabling communication through short voice and instant messaging (IM) conversations, ad-hoc meetings, structured team meetings, and presentations. The combination of these features can greatly enhance an organizations collaboration and productivity. IM, presence, and conferencing are the core capabilities of Lync Server 2010 communications software, and are automatically deployed and enabled in every Lync Server 2010 installation.
Instant Messaging
IM enables employees to communicate with each other in real time on their computers by using textbased messages. If you deploy Edge servers, you can also enable your users to exchange instant messages with users of public IM services, including any or all of the following: Microsoft Windows Live, AOL, and Yahoo!, as well as Extensible Messaging and Presence Protocol (XMPP)based providers and servers, such as Google Talk and Jabber. Note that a separate license is required for public IM connectivity with AOL and Yahoo!. Based on customer feedback, many IM components have been enhanced to increase reliability and the overall user experience. For example, the client now automatically rejoins IM conferences in case of a transient network drop-off. Enhanced privacy features provide users with more control over the publishing of their location data and photo. The timeout for users has also been reduced to ensure that fresh presence information is always displayed, and half-states have been removed from a users availability status.
Presence
Presence provides information to users about the status and availability of others on the network. A users presence status provides information to help others decide the best way to contact the user: by means of IM, telephone, or email. A users presence status is exposed as an icon in Lync 2010 and other presenceaware applications, including the Microsoft Office 2010 Suite and Microsoft SharePoint technologies.
1-7
You can greatly increase the benefits of your organizations investment in Lync Server 2010 conferencing by deploying an Edge server to enable secure communications between your Lync Server 2010 deployment and external users. Your organizations remote users, as well as users at federated organizations, can see each others presence and communicate by using secure IM. The only components required for IM and presence are: Your organizations Front End servers or Standard Edition servers. IM and presence capabilities are always enabled on these servers. A load balancer (if you have a pool of multiple Enterprise Edition Front End servers). You can use either a hardware load balancer for all load-balancing traffic, or use Domain Name System (DNS) load balancing for most of your traffic.
Conferencing
Lync Server 2010 provides conferencing capabilities that make it simpler and more intuitive for users to participate in instant meetings. Now users can begin a conversation in IM and then decide to transition to a collaborative work experience by extending their desktop or an application to the conversation. By fully integrating Lync Server 2010 conferencing options within Microsoft Office 2010, users can choose to start a conversation directly from within an Office application while they are working. Some other enhancements to conferencing include: Single meeting client. Lync 2010 is the only client needed for all types of meetings, including both scheduled and ad-hoc meetings. This client replaces the need for the Live Meeting client and the Microsoft Office Outlook Add-in. Downloadable meeting client. There is now a downloadable client that enables users without Lync 2010 or even Microsoft Windows to attend (and even present) in meetings. This enables external team members to join a meeting, without having the full functionality for IM, presence, or meeting scheduling, by using only a web browser. Meet simple URL. You can now create simple Uniform Resource Locators (URLs) for joining meetings, dial-in conferencing, and performing administrative tasks that are easy to remember and to communicate. Assigned conference IDs. By default, every meeting organized by a particular user has the same conference URL and conference ID for dial-in users. This enables dial-in users to remember just one conference ID to join all meetings organized by this user. Dial-in conferencing lobby. Participants who use dial-in conferencing but for whom authentication fails no longer need to disconnect and retry. These users are transferred to the lobby, the leader is notified, and the users then wait until a leader either accepts or rejects them or their connection times out. While in the lobby, the users hear music. Recorded name for anonymous callers. Users who are not authenticated are prompted to record their name. The recorded name identifies unauthenticated users in the conference. Simplified leader join. When dialing into a conference, a leader can join more easily than in past versions. Entering the callers phone number is no longer required.
1-8
Social Networking Additions
Peer-to-peer social networking through technology surpasses more traditional means of maintaining contact with your business partners and remote colleagues, such as the Rolodex and the business card. Lync Server 2010 represents the convergence of enterprise software and social connectivity, and the Lync 2010 client provides the ability to expose meaningful user information to your teammates through the inclusion of pictures and up-to-date status messages.
New Social Networking Features

Lync 2010 introduces new features that enhance social networking for users, including: Live contact card. Through the aggregation of data from Lync 2010, Active Directory Domain Services (AD DS), Microsoft Exchange Personal Contacts, Live Contact Card provides detailed presence information about all of your contacts. This includes; status, organizational chart information, and location. It provides instant communication through multiple modalities (email, IM, and phone). When integrated with SharePoint, Live Contact Card can also draw people together by enabling users to advertise their area of expertise and interests within the enterprise. Contact spoken name. Contact lists in Lync 2010 can provide users with a recording of their contacts spoken name, enabling them to properly pronounce the names of a diverse workforce. Contact photos. Contact lists in Lync 2010 can show photographs, along with job title, skills, and interests. An activity feed enables users to share where they are and what they are currently doing. Keyword search. Through Live Contact Card information, users can search by keyword to find people. If the person is offline, users can quickly find another person with similar qualifications. Communicate within context. Lync 2010 provides the same user experience from within all Office 2010 applications, enabling anytime communication and collaboration within the context of work in progress. Enhanced privacy controls. Users now have more choice in how they make their personal information available to others. For example, a user can choose to show his or her presence information only to those people in his or her contact list. A user can also choose whether to display location information.
1-9
Enterprise Voice Features
This section describes Enterprise Voice functionality that is new or has been enhanced for Lync Server 2010. Each feature has its own set of planning considerations, deployment requirements, and configuration steps, which will be discussed in more detail later in this course.
Bandwidth Management Feature

Real-time communications are sensitive to the latency and packet loss that can occur on congested networks. Call Admission Control (CAC) functionality has been added in Lync Server 2010 to help prevent poor quality of experience for users on congested networks. CAC determines, based on available network bandwidth, whether to allow real-time communications sessions to be established. CAC can also provide an alternative route for calls when the preferred route does not have the required bandwidth. The alternative route could be by way of the public switched telephone network (PSTN), or via the Internet over the Edge servers.
Enhanced Emergency Dialing

Lync Server 2010 supports Enhanced 9-1-1 (E9-1-1) as part of an Enterprise Voice deployment. E9-1-1 is an emergency notification feature that includes detailed physical address information when contacting emergency services (in North America). By deploying an E9-1-1 system, an organization can provide the exact location of the emergency call such as the phone number, building, floor, and conference room to the closest Public Safety Answering Point (PSAP), enabling the dispatch of emergency services to the exact location of the caller in distress. Currently, this enhanced feature is supported only for sites in North America. However, basic location information services (LIS) functions are available with or without E9-1-1.
Media Bypass
In Lync Server 2010, the flow of media can now be configured to bypass the Mediation server when possible. This capability improves call quality by optimizing the media path, reducing latency, minimizing unnecessary transcoding, limiting packet loss, and eliminating potential points of failure.
1-10
For more information about Mediation server, see Lesson 2, Architecture and Server Roles, in this module.
Voice Routing Enhancements

Lync Server 2010 provides a number of voice-routing enhancements that provide flexibility and control to administrators. For example, in previous releases, outbound number normalization was not possible, and all other number manipulation was done on the gateway. Lync Server 2010 enables centrally managed number formatting through simple wizard-based translation rules, which are applied prior to routing to the PBX/PSTN. Additionally, enhanced voice policies provide greater administrative control of user voice entitlements, such as disallowing long-distance calls from a common area phone. The new voice policy interface makes it easy to create and edit voice policies on a per-user or group basis.
Analog Device Management

Unlike earlier versions, Lync Server 2010 provides support for analog devices such as analog audio phones and analog fax machines. You can now configure the analog gateways and devices in your organization to use Lync Server 2010 to make and receive calls. Lync Server 2010 makes routing decisions and logs calls just as it does for any other device.
Malicious Call Tracing

Malicious call tracing enables users to flag incoming calls that are harassing, threatening, or obscene. Immediately after hanging up, the user can select an option to report the call as malicious. If they do so, a trace request is sent to mark the record of the call, and an event is logged. Administrators can then identify the call, the calling number, and the gateway or Session Initiation Protocol (SIP) trunk over which the call was received. A Monitoring server must be deployed for malicious call tracing to be used.
Call Translation Rules

In previous versions, all dial strings had to be normalized for the purpose of performing reverse number lookup (RNL) as part of call routing. However, downstream components such as gateways, PBXs, or SIP trunks sometimes require numbers in local dialing formats. As a result, in Microsoft Office Communications Server 2007 R2, it was necessary to configure downstream components individually, or even reroute calls, to accept dial strings. However, Lync Server 2010 simplifies this process by enabling you to create call-translation rules that assist in manipulating the Request URI E.164 format prior to routing it to the gateway.
Enhanced Voice Resiliency

Voice resiliency refers to the ability of users to continue making and receiving calls in the event that a central site becomes unavailable. In Lync Server 2010, each user that is enabled for Enterprise Voice is assigned to a particular Registrar pool, which becomes that users primary Registrar pool. For resiliency, the primary Registrar pool has a single designated backup Registrar pool located at another site where users are automatically directed in the event of a failure.
Enhanced PBX Interoperability

For those customers who choose to maintain their PBX, Lync Server 2010 now has the ability to network, connect, and share presence information with any PBX system by using direct SIP for signaling, G.711, and other standard codecs. This gives PBX phone users a streamlined unified conferencing experience by allowing them to automatically join a conference through a desk phone. Note: For more information, see the Microsoft Unified Communications Open Interoperability Program at http://technet.microsoft.com/en-us/lync/gg131938.aspx.
1-11
Hosted Exchange Unified Messaging (UM)

In addition to the support that previous releases have provided for integration with on-premise deployments of Exchange Unified Messaging (UM), Lync Server 2010 introduces support for integration with hosted Exchange UM. This enables you to provide voice messaging to your users if you migrate some or all of the users to a hosted Exchange service provider, such as Microsoft Exchange Online.
Call Park
The new Call Park application in Lync Server 2010 makes it possible for Enterprise Voice users to put a call on hold and then retrieve it later from any phone. When a user parks a call, Call Park provides an orbit number that identifies where the call is temporarily held. The user who parked the call can either dial the orbit number to retrieve the parked call, or use an external mechanism, such as IM or a paging system, to notify someone else of the number for retrieval. Call Park is useful for continuing a call from a different location and for transferring a call when the final recipient is unknown. Note: The Call Park feature is not available for analog devices.
1-12
Lync Server 2010 Tools
Lync Server 2010 includes new management and administrative tools that help simplify the planning and validation of your deployment. Each of these tools is discussed in more detail in later modules. Microsoft Lync Server 2010 Planning Tool. This planning wizard asks a series of questions about your organization, including the features you want to enable and your capacity-planning needs, and then creates a recommended deployment topology based on your answers. Microsoft Lync Server 2010 Topology Builder. This installation component is used to create, adjust, and publish your planned topology. When you install Lync Server 2010 on individual servers, the servers read the published topology as part of the installation process, and the installation program deploys the server as directed in the topology. New Microsoft Lync Server Control Panel. The Lync Server Control Panel uses Microsoft Silverlight to present a Web-based graphical user interface (GUI). The new Lync Server Control Panel enables administrators to manage their systems from anywhere on the corporate network without needing to have specialized management software installed on the computer. New Microsoft Lync Server 2010 Management Shell. Built upon the Microsoft Windows PowerShell command-line interface, the Lync Server 2010 Management Shell includes a comprehensive set of cmdlets (commandlets) for all Lync Server 2010 administrative tasks. Lync Server 2010 is governed through RBAC, and each role is associated with a specific list of Lync Server 2010 Management Shell cmdlets that users in that role are allowed to run.
1-13
Lync 2010 Clients
Lync Server 2010 supports several types of software for your organizations users, including computerinstalled client software, web-based clients, and mobile devices.
Microsoft Lync 2010

Microsoft Lync 2010 is the primary client software for Lync Server 2010. Features include presence, contact management, IM, telephony, and greatly enhanced online conferencing. Microsoft Silverlight browser plug-in version 4.0 is required for Lync 2010, which is installed automatically during setup.
Online Meeting Add-in for Microsoft Outlook

The Online Meeting Add-in for Lync 2010 supports online meeting management from within Outlook. This software is installed automatically with Lync 2010. Microsoft Silverlight browser plug-in version 4.0 is required for the Online Meeting Add-in for Lync 2010. It is installed automatically during Lync 2010 setup.
Microsoft Lync Add-in for Phone Number Detection

On non-Secure Sockets Layer (SSL) web pages, this software automatically detects phone number patterns and displays a phone icon that users can click to dial when Enterprise Voice is enabled. It is automatically installed during setup.
Microsoft Lync 2010 Phone Edition

Microsoft Lync 2010 Phone Edition is software that runs on intelligent Internet Protocol (IP) phones (for example, USB-attached phones) and supports placing and receiving calls, enhanced presence, and client audio capabilities for web conferences.
Microsoft Lync 2010 Attendee

Microsoft Lync 2010 Attendee is a rich conferencing client that allows users without Lync 2010 installed to fully participate in Lync Server 2010 online meetings. Lync Attendee can be installed on a per-user basis, so you can choose to selectively deploy this client during migration, or allow users to download and install it as needed.
1-14
Microsoft Lync Web App

Microsoft Lync Web App is a web-based conferencing client that supports most Lync 2010 collaboration and sharing features, as well as presenter meeting controls and dial-in and dial-out voice conferencing. For users who do not have Lync 2010 installed, you can offer this conferencing option when it is not practical or possible to install Lync Attendee.
Microsoft Lync Mobile for Windows Mobile

Microsoft Lync 2010 Mobile provides IM, enhanced presence, and telephony for users in your organization who are connecting from a Smartphone or Windows Professional mobile device.
1-15
Lesson 2
Architecture and Server Roles
This lesson provides you with an introduction to the architecture and server roles of Lync Server 2010, including supported topologies, the new CMS, Mediation server capabilities, DNS and hardware load balancing, and virtualization support.
Objectives
After completing this lesson, you will be able to: Describe the new CMS. Describe the supported topologies. Define the server roles. Explore the new Mediation server capabilities. Explain the DNS load-balancing features. Explore virtualization support in Lync Server 2010.
1-16
Central Management Store
Earlier versions of Microsoft Office Communications Server stored configuration data within Active Directory, Microsoft SQL Server, and Windows Management Instrumentation (WMI). One impact of this design is that making even a small setting change requires changing the schema in Active Directory. This is not a process undertaken lightly, particularly in large organizations.
CMS Storage
In Lync Server 2010, all topology, policy, and configuration data are stored in the CMS. The CMS database provides storage for all data about servers, services, and users in the system. CMS validates the data to ensure configuration consistency. Read-only copies are then replicated to all servers in your deployment by the CMS, which runs on one Front End pool or one Standard Edition server in your deployment. This replication eliminates the out-of-sync errors that would sometimes occur with the Edge servers, and adds system-wide resiliency in the event of CMS outage.
Active Directory Storage

For backward compatibility purposes, a subset of information is still stored within Active Directory, enabling pools from previous Office Communications Server versions to reference and route traffic. Storing basic user information such as the users SIP URI and phone number within Active Directory may also enable some third-party applications that were developed for previous versions of Lync Server 2010 to continue to function.
Administering CMS
To administer and manage the servers, services, and user policies stored within CMS, you can use Lync Server Management Shell or Lync Server Control Panel, which then makes the setting changes in CMS.
1-17
Supported Topologies
Lync Server 2010 is available in two editions: Standard and Enterprise. The Enterprise Edition server requires a minimum of two servers in the deployment a Front End and a Back End server. The Front End server is the core server role and the Back End server provides the database. The Standard Edition server combines the Front End and Back End roles onto a single server. This topology is easy to deploy, and it enables IM, presence, conferencing, and Enterprise Voice for smaller organizations (or pilot projects) that do not require a high-availability solution.
Front End Pools

A Front End pool is a set of Front End servers, configured identically, that work together to provide services for a common group of users, with full scalability and failover capabilities. A Front End server (or Front End pool) provides the following functionality: User authentication and registration Presence information and contact card exchange Address book services and distribution list expansion IM functionality, including multi-party IM conferences Web conferencing and application sharing (if deployed) Application hosting services Application services for application hosting and host applications (for example, Response Group Application)
Additionally, one Front End pool in the deployment also runs the CMS.
Back End Servers

The Back End servers are database servers running Microsoft SQL Server that provide the database services for the Front End pool. You can have a single Back End server, or a cluster for failover. Back End
1-18
servers do not run any Lync Server 2010 software. If you already have a SQL Server cluster that you are using for other applications, you can also use this cluster for Lync Server 2010, if performance allows. Information stored in the Back End server databases includes presence information, users contact lists, conferencing data (including persistent data about the state of all current conferences), and conference scheduling data. The following are three reference topologies to help you envision the different scenarios where a Standard Edition versus an Enterprise Edition should be deployed.
Single Server Standard Edition Reference Topology

For a smaller Enterprise or pilot implementations with fewer than 5,000 users, you can deploy Lync Server 2010 Standard Edition with the following recommendations: Deploy an Edge server and reverse proxy for remote access/external conferencing and federation. Use PSTN or SIP trunks to provide telephony integration. Note: PSTN may require additional gateways. Deploy Exchange UM for voice mail integration. Use Active Directory/DNS Services and internal PKI for certificate management. Use Survivable Branch Appliances (SBAs) for resiliency in remote locations. Deploy Standard Edition in a Paired solution (Primary and Secondary) for inexpensive failover and for redundancy.
Medium to Large Deployment Reference Topology

For single datacenter deployments with up to 80,000 users (which is the single pool limit), or a single datacenter with branch offices, you can deploy Lync Server 2010 Enterprise Edition with the following recommendations: Use DNS load balancing for SIP on Front End servers, Edge servers, and the Directory server. Use a Hardware Load Balancer (HLB) for Secure HTTP (HTTPS), Distributed Component Object Model (DCOM), Reverse Proxy, and Edge Pool for Remote Access, External Conferencing, and Federation. Deploy a Monitoring server to record call quality. Deploy an A/V Conferencing Pool for scalability, collocated on the Front End servers. Deploy a Director Pool, which is a dedicated server role. You can use Standard Edition for the Director Pool, which can be DNS load-balanced, providing cost savings by not requiring additional SQL Server computers. Use PSTN or SIP Trunks to provide telephony integration. Note that PSTN may require additional gateways. Deploy Exchange UM for voice-mail integration. Use AD/DNS Services and Internal public key infrastructure (PKI) for certificate management. Deploy SBAs for voice resiliency in each of the remote locations.
1-19
Defining the Server Roles
In addition to the Front End and Back End server roles, Lync Server 2010 includes the following server roles: Director. When deployed in the internal network, the Director acts as a next-hop server. This optional role offers an additional layer of security, and in a deployment with multiple internal pools, offloads the distribution of users to their home pools. Edge server. Deployed in the perimeter network, the Edge server enables communication with external participants, including remote users, federated users (using Public Internet Connectivity [PIC]), and anonymous users. The Edge server can be deployed as a single server or as a pool. The Edge server role runs three services: Access Edge, Web Conferencing Edge, and A/V Edge. Additionally, there is a Reverse Proxy, which publishes meeting content, address book, and group expansion. Archiving server. The Archiving server enables support for archiving Lync 2010 IM and web conferencing for companies that must follow compliance regulations. The Archiving server can be collocated with the Monitoring server. Monitoring server. The Monitoring server is useful for monitoring and troubleshooting issues related to user activity and media quality. It contains a Quality of Experience (QoE) report for user activity that searches for Call Detail Records (CDRs) based on user alias, and another report for media quality that searches individual detail records for signal values captured from the users device microphone or speaker. Survivable Branch Appliance. The Survivable Branch Appliance (SBA) is a server appliance with an embedded PSTN gateway running Microsoft Windows Server 2008 R2 and Lync Server 2010. It is designed for branch sites that host between 25 and 1,000 users, when the return on investment does not support a full deployment, or where local administrative support is not available. The SBA can provide basic phone services to users at the branch site when the wide area network (WAN) link to the Lync Server 2010 central site is down.
1-20
Survivable Branch Server. The Survivable Branch Server is a Windows server that has Lync Server 2010 Registrar and Mediation server software installed. It is designed for branch sites that host between 1,000 and 5,000 users who lack a resilient WAN connection and have trained Lync Server 2010 administrators available. It must be configured to connect to either an IP/PSTN gateway or a SIP trunk to a telephone service provider. A/V MCU. This is an optional role that can be either collocated or stand-alone, as needed for scale. An improvement to previous versions is that this server role can now be shared across multiple pools in the same site. Mediation server. This is an optional role that can be collocated on the Front End servers. New for the Mediation server in Lync Server 2010 is the ability for a single Mediation server to control multiple gateways.
Each of these server roles are discussed in more detail in the lessons and modules that follow.
1-21
Mediation Server Capabilities
In Lync Server 2010, the Mediation server is the central component for Enterprise Voice and dial-in conferencing. The Mediation server translates signaling and (in some configurations) media between your internal Lync Server 2010 infrastructure and an IP-PBX gateway or IP-PSTN gateway, or a SIP trunk. In Lync Server 2010, the Mediation server now provides mapping with multiple gateways. The flow of media can also be configured to bypass the Mediation server when possible and flow directly to a gateway. This capability improves call quality by optimizing the media path, reducing latency, minimizing unnecessary transcoding, limiting packet loss, and eliminating potential points of failure.
Media Bypass
Media Bypass is a feature that provides bandwidth savings in configurations where a Mediation server and a PSTN gateway/IP-PBX/SIP trunk are at different sites connected by WAN links with constrained bandwidth. Additionally, you no longer need a Mediation server in most local sites. When you enable Media Bypass, a globally unique bypass ID is generated for all network sites. When a user makes a PSTN call, the Mediation server compares the bypass ID of the client subnet with the bypass ID of the gateway subnet. If the two bypass IDs match, Media Bypass is used for the call. If the bypass IDs do not match, media for the call flows through the Mediation server at the central site. When a user receives a call from the PSTN, the users client compares its bypass ID to that of the PSTN gateway. If the two bypass IDs match, media flows directly from the gateway to the client, bypassing the Mediation server. Offloading the media processing from the Mediation server to pool servers for bypassed calls also improves scalability and the quality of the call.
1-22
DNS Load Balancing
Lync Server 2010 implements DNS load balancing, a software solution that can greatly reduce your organizations administrative overhead for configuring hardware load balancing on your network. The Front End pool, the Edge server pool, and the Director pool have DNS load balancing for SIP traffic deployed. You can also use DNS load balancing on standalone Mediation Server pools. This eliminates the need for hardware load balancers for the internal interface of the Edge servers, and significantly lessens the setup and maintenance of the hardware load balancers for the other pools, as the hardware load balancers are needed only for HTTP traffic specific to the Web Services role. For more information on DNS Load Balancing, see Module 12, High Availability and Load Balancing.
1-23
Virtualization Support
Lync Server 2010 supports all workloads and server roles, including Enterprise Voice, in both physical and virtualized topologies. However, scalability and user capacity in a virtualized topology is reduced by roughly 50 percent of what is offered by a Lync Server 2010 topology running only on physical servers. In a virtualized deployment, CPU usage has a direct correlation to voice quality, especially at the beginning of the hour when many new conferences typically begin. Lync Server 2010 supports virtualization of the following servers: Front End servers. If you virtualize a Front End server, you can also virtualize some or all of the other server roles of that site. Standard Edition servers. When deploying a virtualized Standard Edition server, the only server roles that can be deployed with it are the Director, Monitoring server, Archiving server, and Edge server. Edge servers. Virtualization is supported for Front End pools and Standard Edition servers.
Support is included for both of the following virtualization technologies: Microsoft Windows Server 2008 R2 Hyper-V VMWare
To run Windows Server on a virtualization technology other than Hyper-V or Virtual Server, the virtualization product should be one that is validated by the Server Virtualization Validation Program (SVVP), which is available at http://go.microsoft.com/fwlink/?LinkID=209686&clcid=0x409.
1-24
Lesson 3
New Management Tools
This lesson provides you with an introduction to the new management tools of Lync Server 2010, including; RBAC, Lync Server Control Panel, and the Management Shell. All administrative functionality is available through both the Lync Server Control Panel and the Management Shell, so the choice is completely up to you.
Objectives
After completing this lesson, you will be able to: Explain Role-based Access Control. Explore the Lync Server Control Panel. Explore the Lync Server Management Shell.
1-25
Role-Based Access Control
The new administrative model for Lync Server 2010 involves Role-Based Access Control (RBAC). RBAC enables administrators to delegate control of specific management tasks using the security best practice of least privilege.
RBAC Example
For example, instead of granting Help desk and support personnel full administrator privileges, you can give these employees very specific rights, such as: Manage user accounts, and only user accounts. Manage Enterprise Voice components. Manage archiving and Archiving Server, and so on.
In addition, these rights can be limited in scope; for example, someone can be given the right to manage Enterprise Voice, but in the Redmond site only, while someone else can be given the right to manage users, but only those user accounts in the Finance organizational unit (OU).
Benefit of RBAC
One benefit of RBAC is that as an administrator, you will not have to learn the entire management interface and all of its functionsyou can focus specifically on your areas of expertise. You can create custom RBAC roles by combining one or more of the predefined roles to create a superset role. For more information on RBAC, see Module 3, Configuring Users and Rights.
1-26
Lync Server Control Panel
Lync Server Control Panel replaces the multiple administrative tools from previous releases, such as Microsoft Management Console (MMC), Active Directory Users and Computers, Response Group tools, WMI, Group Policy objects (GPOs), and local registry settings. Lync Server Control Panel provides you with a single web-based tool with a graphical user interface (GUI) where all policies are reflected. This makes it easier for you to understand the policy that is in effect for a given user. Intuitive navigation makes identifying the proper location for setting configuration straightforward. Another time-saving advantage of the Lync Server Control Panel is that your queries can now be saved and reused.
Policy Management
Policies allow you to define the features and functionality for which a user or a set of users are enabled. Policies can be applied at each of four levels: Global, Site, Pool, and User. Lync Server 2010 supports the universal groups in the Windows Server 2008 and Windows Server 2003 operating systems and follows the same inheritance methodology as Active Directory Group Policies. More information on this topic will be provided in Module 3, Configuring Users and Rights in Lync Server 2010.
1-27
Lync Server Management Shell
The Lync Server Management Shell is a new method of system administration and management. In previous versions, the supported automation application programming interface (API) was WMI. Because of customer feedback that WMI was difficult to use for automating tasks such as managing user policies and entitlements in a consistent way, Lync Server Management Shell has been built on the Windows PowerShell command-line interface. This improvement provides consistency among the administration of other Microsoft products, such as Exchange, Active Directory, and SQL Server, and allows you to accomplish administrative tasks using simple one-line commands or complex scripts. Lync Server 2010 cmdlets encompass the full scope of management functions, allowing you to configure and test every aspect of the environment from within PowerShell 2.0, including: User management. You can search for users and enable, disable, and assign Lync Server policies. Configuration management. You can define server roles and configure policies at the Global/Site level. Device management. You can configure and test devices, common area phones, and analog devices. Policy management. You can set archiving policies, configure external access, and manage voice policies. Deployment management. You can manage certificates, review setup steps, and manage your topology. Voice applications. You can configure and modify response groups, configure the conferencing attendant, manage bandwidth, and manage external applications. Synthetic transactions. You can test phone calls, perform SIP registrations, and set up simple conferencing.
1-28
Module Review and Takeaways
Review Questions
1. 2. 3. What are some of the new management and administrative features in Lync Server 2010? What sort of functionality does a Front End server or Front End pool provide? What are the four levels at which policies can be applied in Lync Server 2010?
Deploying Microsoft Lync Server 2010
2-1
Module 2
Contents:
Lesson 1: Preparing for Deployment Lesson 2: Reviewing the Design Process Lesson 3: Deploying Lync Server 2010 Lab: Preparing the Environment and Deploying a Lync Server 2010 Pool 2-3 2-18 2-21 2-31
2-2
Module Overview
This module presents you with the planning and implementation tasks that are necessary for the deployment of Microsoft Lync Server 2010 Enterprise Edition. Your specific deployment process is determined by the Lync Server 2010 topology and components that you decide to install, including whether you want to deploy an Enterprise Edition pool or a Standard Edition server. The lessons in this module cover the Lync Server 2010 infrastructure requirements, the topology design and publishing process, and the steps required to prepare Microsoft Active Directory Domain Services (AD DS), deploy a Front End server and pool, and prepare for the deployment of the remaining server roles. After completing this module, you will be able to: Prepare for the deployment of Lync Server 2010. Review the design process. Deploy Lync Server 2010.
2-3
Lesson 1
Preparing for Deployment
In this lesson, you will review the necessary steps for preparing for a Lync Server 2010 deployment. This includes preparing the infrastructure, ensuring that the appropriate software and hardware components are in place, planning for certificates, and considering the client, device, and network requirements. After completing this lesson, you will be able to: Inspect the Active Directory infrastructure. Assess load-balancing options. Validate the required operating system and Microsoft Windows components. Consider an internal versus an external public key infrastructure (PKI) solution. Examine the client requirements. Examine the device requirements. Describe the physical network and file share requirements.
2-4
Active Directory Infrastructure Requirements
Lync Server 2010 communications software supports the same AD DS topologies as Microsoft Office Communications Server 2007 R2 and Microsoft Office Communications Server 2007. The following topologies are supported: Single forest with single domain. This is a common and simple topology. Single forest with multiple domains. In this topology, the domain where you create users can be different from the domain where you deploy Lync Server 2010. However, you must deploy an Enterprise pool within a single domain. Lync Server 2010 contains support for Windows universal administrator groups, which enables cross-domain administration. Single forest with multiple trees. This topology consists of two or more domains that define independent tree structures and separate Active Directory namespaces. Multiple forests in a central forest topology. This topology uses contact objects to represent users in other forests. The central forest hosts user accounts for any users in the forest. A directory synchronization product, such as Microsoft Identity Integration Server (MIIS), Microsoft Forefront Identity Manager (FIM) 2010, or Microsoft Identity Lifecycle Manager (ILM) 2007 Feature Pack 1 (FP1) is used to synchronize the creation or deletion of user accounts within the organization. Multiple forests in a resource forest topology. In this topology, one forest is dedicated to running server applications, such as Microsoft Exchange Server and Lync Server 2010. The resource forest hosts the server applications and a synchronized representation of the active user object, but it does not contain logon-enabled user accounts. When you deploy Lync Server 2010 in this type of topology, you create one disabled user object in the resource forest for every user account in the user forests. If Microsoft Exchange is already deployed in the resource forest, the disabled user accounts may already exist. A directory synchronization product manages the life cycle of user accounts.
Active Directory Requirements

Before you start the process of preparing AD DS for Lync Server 2010, you must ensure that all domain controllers (including global catalog servers) meet the following prerequisites:
2-5
Microsoft Windows Server 2008 R2, Windows Server 2008, Windows Server 2003 R2, or Windows Server 2003 must be installed. All domains must be raised to Windows Server 2003 domain functional level. The forest must be raised to a Windows Server 2003 forest functional level.
Lync Server 2010 supports AD DS deployments that include read-only domain controllers or read-only global catalog servers, as long as there are writable domain controllers available.
2-6
Load Balancing Options
Lync Server 2010 supports Domain Name System (DNS) load balancing for many features of Front End pools, Edge server pools, Director pools, and stand-alone Mediation server pools.
DNS Load Balancing on Front End Pools and Director Pools

DNS load balancing is supported only by servers running Lync Server 2010 and Lync Server 2010 clients. You cannot achieve load balancing of connections from older clients and servers by implementing DNS round robin on the DNS servera hardware load balancer is required. Additionally, if you are using Exchange Unified Messaging (UM), only Exchange Server 2010 SP1 interoperates with Lync Server 2010 DNS load balancing. To deploy DNS load balancing on Front End pools and Director pools, you must: Create two fully qualified domain names (FQDNs). A regular pool FQDN is required on the DNS server for resolving the physical Internet Protocol (IP) addresses of the servers in the pool, and another FQDN is required on the hardware load balancer for web services to resolve the virtual IP address of the pool. You create this extra FQDN for the pools web services by using Topology Builder. Provision DNS. Provision the DNS server to resolve the pool FQDN to the IP addresses of all servers in the pool.
DNS Load Balancing on Edge Server Pools

We recommend that you deploy DNS load balancing on the external interface of your Edge servers. You can also deploy load balancing on the internal interface; however, when an Edge server has failed, failover is lost and some users might experience a denial of request. To deploy DNS load balancing on the external interface of your Edge server pool, you must create the following DNS entries: Lync Server Access Edge service. Create one entry for each server in the pool. Each entry must resolve the FQDN of the Lync Server Access Edge service to the IP address of the Lync Server Access Edge service on one of the Edge servers in the pool.
2-7
Lync Server web Conferencing Edge service. Create one entry for each server in the pool. Each entry must resolve the FQDN of the Lync Server web Conferencing Edge service to the IP address of the Lync Server web Conferencing Edge service on one of the Edge servers in the pool. Lync Server Audio/Video Edge service. Create one entry for each server in the pool. Each entry must resolve the FQDN of the Lync Server Audio/Video (A/V) Edge service to the IP address of the Lync Server A/V Conferencing Edge service on one of the Edge servers in the pool.
Using DNS Load Balancing on Stand-Alone Mediation Server Pools

You can use DNS load balancing on stand-alone Mediation server pools without the need for a hardware load balancer. All Session Initiation Protocol (SIP) and media traffic is balanced by DNS load balancing. To deploy DNS load balancing on a Mediation server pool, you must provision DNS to resolve the pool FQDN to the IP addresses of all servers in the pool.
2-8
Operating System and Windows Component Requirements
In addition to the hardware and operating system requirements for server platforms, Lync Server 2010 may require the installation of additional software on the servers that you deploy. Some of the software requirements only apply to specific server roles or components, so they may not be required for your particular deployment. The slide lists all of the software components that may be required for Lync Server 2010. However, this topic covers only those software components that you may need to download, enable, or install that are not automatically installed during the Lync Server 2010 setup process. Before deploying Lync Server 2010, you must install the following operating system updates: Microsoft Knowledge Base article 968929, Windows Management Framework (Windows PowerShell 2.0, WinRM 2.0, and BITS 4.0), at http://go.microsoft.com/fwlink/?linkid=197390 For each server that has Microsoft Internet Information Services (IIS) installed, you must install the following updates: o o IIS URL Rewrite module at http://go.microsoft.com/fwlink/?linkid=197391 IIS Application Request Routing module at http://go.microsoft.com/fwlink/?linkid=197392
Windows PowerShell Version 2.0

Lync Server 2010 Management Shell requires Microsoft Windows PowerShell command-line interface version 2.0. You must remove previous versions of Windows PowerShell prior to installing Windows PowerShell version 2.0. For details about downloading Windows PowerShell version 2.0, see Knowledge Base article 968929, Windows Management Framework (Windows PowerShell 2.0, WinRM 2.0, and BITS 4.0), which is available at http://go.microsoft.com/fwlink/?linkid=197390.
2-9
Microsoft .NET Framework Requirements

The 64-bit edition of Microsoft .NET Framework 3.5 with SP1 is required for Lync Server 2010. The setup process of Lync Server 2010 prompts you to install this prerequisite, and it automatically installs it if it is not already installed on the computer. However, if you install Lync Server 2010 by using the command line, you need to manually install .NET Framework 3.5 SP1 on the server, which is available at http://go.microsoft.com/fwlink/?linkid=197398.
Microsoft Visual C++ 2008 Redistributable Package Requirements

The Microsoft Visual C++ 2008 redistributable package is required for Lync Server 2010. If you install Lync Server 2010 by using the Lync Server Deployment Wizard, setup prompts you to install this prerequisite. However, if you install Lync Server 2010 by using the command line, you need to manually install this prerequisite on the server, which is available at http://go.microsoft.com/fwlink/?linkid=197399.
Message Queuing
Lync Server 2010 uses the Microsoft Message Queuing (MSMQ) technology with the following server roles: Front End server Mediation server Archiving server Monitoring server A/V Conferencing server
The Message Queuing service must be enabled on all servers prior to deploying any of the above listed server roles. Message Queuing can be installed as an optional feature in Windows Server 2008.
Windows Installer Version 4.5

Lync Server 2010 uses Windows Installer technology to install, uninstall, and maintain various server roles. Windows Installer version 4.5 is available as a redistributable component for the Windows Server operating system, which is available at http://go.microsoft.com/fwlink/?linkid=197395.
Windows Media Format Runtime Requirements

To use the Call Park, Announcement, and Response Group applications, you must install Windows Media Format Runtime on Front End servers. We recommend that you install Windows Media Format Runtime before installing Lync Server 2010. If Lync Server 2010 does not find this software on the server, it will prompt you to install it; you must then restart the server to complete the installation.
2-10
Certificate Infrastructure Requirements
Lync Server 2010 requires a PKI to support Transport Layer Security (TLS) and mutual TLS (MTLS) connections, as well as other services. If you are allowing external access, a PKI infrastructure must be in place. We recommend that you use certificates issued from a public certification authority (CA). Additional requirements for certificates include: All server certificates must support server authentication (Server EKU). Auto-enrollment is supported for internally facing servers, but it is not supported for Edge servers.
Internally Facing Servers

The internal servers that require certificates include: Standard Edition server Enterprise Edition Front End server Stand-alone A/V Conferencing server Mediation server Director server
You can use the Lync Server 2010 Certificate Wizard to request these certificates. Although using certificates from an internal CA is recommended for internal servers, you can also obtain certificates for internal servers from a public CA.
External User Access

Lync Server 2010 supports the use of a single certificate for Access and web Conferencing Edge external interfaces, and the internal interface of the A/V Edge. The Edge internal interface can use either a private or a public certificate. Requirements for the private (or public) certificate used for the Edge internal interface are as follows:
2-11
The certificate must be issued by an internal CA or an approved public CA that supports subject alternative name. For details, see Knowledge Base article 929395, Unified Communications Certificate Partners for Exchange Server and for Communications Server, at http://go.microsoft.com/fwlink/?LinkId=140898. If the certificate will be used on an Edge pool, it must be created as exportable, with the same certificate used on each Edge server in the Edge pool. The subject name of the certificate is the Edge internal interface FQDN or hardware load balancer virtual IP (VIP) address (for example, csedge.contoso.com). No subject alternative name list is required.
If you are deploying multiple, load-balanced Edge servers at a site, the A/V authentication certificate that is installed on each Edge server must be from the same CA and must use the same private key. In other words, the certificate must be exportable if it is to be used on more than one server. Note: Microsoft recommends that both NTLM and Kerberos be enabled as authentication options if you plan to support remote users.
Group Chat
To install Lync Server 2010 Group Chat, you must have a certificate issued by the same CA as the one used by Lync Server 2010 internal servers for each server running the Lookup service, Channel service, and web service. Ensure that you have the required certificate(s) before you start the Group Chat installation, especially if you are using an external CA.
2-12
Client Requirements
Before deploying Lync 2010 clients, you must configure several essential policies and settings. These include client bootstrapping policies, client version policy, and key in-band provisioning settings.
Client Bootstrapping Policies

Client bootstrapping policies specify, for example, the default servers and security mode that the client should use until sign-in is complete. Because client bootstrapping policies take effect before the client signs in and begins receiving in-band provisioning settings from the server, you use Group Policy to configure them.
Client Version Policy

The default Client Version Policy requires that all clients are running a minimum of Microsoft Office Communicator 2007 R2. If clients in your environment are running earlier versions of Communicator, you might need to reconfigure the Client Version rules to prevent clients and devices from being unexpectedly blocked or updated when connecting to Lync Server 2010. You can modify the default rule, or you can add a rule higher in the Client Version Policy list to override the default rule. Additionally, as cumulative updates are released, you should configure the Client Version Policy to require the latest updates. The following options are available when editing the client version policy: Allow the client to log on. Allow the client to log on and receive updates from Windows Server Update Service or Microsoft Update. Allow the client to log on and display a message about where to download another client version. Block the client from logging on. Block the client from logging on and allow the client to receive updates from Windows Server Update Service or Microsoft Update.
2-13
Block the client from logging on and display a message about where to download another client version.
Key In-Band Settings

Most of the Group Policy settings in Lync Server 2010 are controlled by server-based client policies, also known as in-band provisioning. In-band provisioning settings can significantly impact the user experience and therefore should be configured before client deployment. In Lync Server 2010, client policies (except for those required for bootstrapping) are configured by using the Windows PowerShell cmdlets NewCsClientPolicy or Set-CsClientPolicy. For more information about client requirements, see Module 4, Client and Device Deployment.
2-14
Device Requirements
Lync Server 2010 expands the line of available unified communications (UC) devices to include a new line of IP phones. Before you deploy UC phones, ensure that the following recommended Lync Server 2010 communications software components are in place.
Device Update Service

The Device Update service, which is an automated way to update your IP phones, is installed with web services on the Front End server. Important: In Lync Server 2010 Enterprise Edition, you may have multiple servers in the pool. For each instance of web services running on servers in a pool, there is a separate instance of the Device Update service running in the pool. When you make a configuration change to the Device Update service, the changes are propagated to all servers in that pool, but not to servers in any other pool.
Enterprise Voice
Enterprise Voice is the voice over Internet Protocol (VoIP) solution in Lync Server 2010 that allows users to make calls and use rich communication and collaboration features, such as viewing enhanced presence information or location information for contacts in your organizations address book. Enterprise Voice must be enabled for each device user. To check whether Enterprise Voice is enabled for a user, in Lync Server Control Panel, find the user and then view the users details. If the user is enabled for Enterprise Voice, the check box Enabled for Lync Server will be selected, and the Telephony drop-down list will show Enterprise Voice as selected.
Contact Objects for Common Area Phones and Analog Devices

You must associate all phones with a specific user or an Active Directory contact object. With contact objects, as with user accounts, you can assign policies and voice plans for managing the device.
2-15
Important: When you create a contact object for an analog device (for example, by using the NewCSAnalogDevice command), you must specify the correct categorization of the analog device as either a fax machine (such as fax, modem, Teletype-33 (TTY), or a voice device. The designation of fax affects how the call will be routed.
Dial Plans, Voice Polices, and Outbound Call Routes

Before deploying Lync Server 2010, you must set up the following rules for users: Dial plans. Dial plans are sets of normalization rules that translate phone numbers for a given location, user, or contact object into a single standard (E.164) format. This allows UC device users to make calls to the public switched telephone network (PSTN). Voice policies. Voice policies are records that define call permissions for users, sites, or an entire organization, and include various calling features that can be enabled or disabled as appropriate. Voice policies must be set up for device users. Call routes. Call routes are rules that specify how Lync Server 2010 handles outbound calls from UC devices. Lync Server 2010 uses routes to associate a target phone number with one or more media gateways or SIP trunks and one or more PSTN usage records.
Least-Cost Routing
Lync Server 2010 enables you to specify the PSTN gateways through which you want to route numbers. The recommended best practice is to select routes that incur the lowest costs and implement them accordingly. When selecting a gateway, choose the one closest to the destination location to minimize long-distance charges. For example, if you are in New York and calling a number in Rome, you should carry the call over the IP network to the gateway in your Rome office, thereby incurring a charge only for a local call. You use Lync Server Control Panel to verify whether dial plans, voice policies, and call routes are set up for users, and to set up or modify these user policies. Note: If your organization has Microsoft Exchange Server deployed, you can also configure Exchange UM and Lync Server 2010 to work together. For more information about Exchange Unified Messaging, see Module 8, Exchange 2010 SP1 UM Integration.
PIN Authentication and Policy

If you are deploying the new line of IP phonesAastra 6721ip, Polycom CX600, Polycom CX500, or Polycom CX3000you must enable personal identification number (PIN) authentication on Lync Server 2010, and set the appropriate PIN policy. This allows automatic authentication when a user signs in. You set the PIN policy on the PIN Policy page of the Security group in Lync Server Control Panel. Also in Security, you should click web Service and verify that PIN authentication is enabled in the Global policy.
2-16
Physical Network and File Share Requirements
The proper network infrastructure for your Lync Server 2010 deployment is vital to both user adoption and the overall success of your communication system. Inadequate network throughput increases response times and can result in a solution that fails to achieve the goals of enhanced collaboration and connectivity. The network adapter card of each server in the Lync Server 2010 topology must support at least 1 gigabit per second (Gbps). In general, you should connect all server roles by using a low-latency and high-bandwidth local area network (LAN). The size of the LAN is dependent on the size of the topology: Standard Edition topologies. Servers should be in a network that supports 1 Gbps Ethernet or equivalent. Front End pool topologies. Most servers should be in a network that supports more than 1 Gbps, especially when supporting A/V conferencing and application sharing.
PSTN integration can be achieved with a supported PSTN Gateway, IP-PBX, or SIP trunk.
Media Requirements
Follow these recommendations for optimized A/V in a Lync Server 2010 deployment: Configure the external firewall as a NAT (whether the site has only a single Edge server or multiple Edge servers deployed). Deploy the media subsystem within an existing Quality of Service (QoS) infrastructure that prioritizes capacity for PSTN data flows. Disable Internet Protocol security (IPsec) over the port ranges used for A/V traffic.
Ensuring Media Quality

For optimal media quality, you must ensure that proper network provisioning and capacity planning has been performed:
2-17
Lync Server 2010 media endpoints can adapt to varying network conditions. However, in an underprovisioned network, the ability of the Lync Server 2010 media endpoints to dynamically deal with varying network conditions (for example, temporary high packet loss) is reduced. Networks must be provisioned to support throughput of 45 kilobits per second (Kbps) per audio stream and 300 Kbps per video stream, if enabled, during peak usage periods. For network links where provisioning is extremely costly and difficult, you might need to consider provisioning for a lower volume of traffic. In this scenario, you let the elasticity of the Lync Server 2010 media endpoints absorb the difference between that traffic volume and the peak traffic level, at the cost of some reduction in quality. However, in this case, there is a decrease in the systems ability to absorb sudden peaks in traffic. For links that cannot be correctly provisioned in the short term (for example, a site with very poor wide area network [WAN] links), consider disabling video for certain users. Provision your network to ensure a maximum end-to-end delay (latency) of 150 milliseconds (ms) under peak load. Latency is the one network impairment that Lync Server 2010 media components cannot reduce, and it is important to find and eliminate the weak points.
2-18
Lesson 2
Reviewing the Design Process
The design process for a Lync Server 2010 communications system has been greatly aided by the introduction of the Lync Server Planning Tool, which is used by systems architects to design the communications system topology. The Planning Tool creates an .xml file, which you then use in the Topology Builder to configure and publish your topology. In this lesson, you will learn about the Microsoft Lync Server 2010 Planning Tool, and how the topology design and the components have been chosen for installation. After completing this lesson, you will be able to: Describe the purpose of the Planning Tool. List the requirements of the Planning Tool.
2-19
Purpose of the Planning Tool
The Planning Tool is an optional component in Lync Server 2010 that helps you design your topology. The tool prompts you to identify much of the information required for the components in your topology, such as FQDNs and IP addresses. The Planning Tool then provides several views of a deployment, based on your answers. It shows both a global view of all your sites (both central sites and branch sites), and detailed views showing the servers and other components at each site.
Running the Planning Tool

Running the Planning Tool does not obligate you to any specific deployment or initiate any processes. In fact, running the Planning Tool even before you have a firm plan in mind can help you understand the kinds of questions you need to think about in your planning process. You can run the Planning Tool multiple times, answering questions differently, and then compare the outcomes. If you have a design with which you are mostly satisfied, but that you need to change, you can return to the Planning Tool, load the design, and make the changes. It takes about 15 minutes to complete the Planning Tool once.
Exporting the Topology

After you are completely satisfied, you can use the Export to Topology Builder option to export your planned topology to an Extensible Markup Language (XML) file that you can then input to Topology Builder. You use the Planning Tool only for your initial topology design. After you export the topology to Topology Builder and begin working with it there, you can no longer use the Planning Tool to modify your topology. The Topology Builder is covered in Lesson 3 of this module. Note: For this release of Lync Server 2010, some of the information that you enter into the Planning Tool must be re-specified in the Topology Builder wizard. Extending the Planning Tool to include all required topology information is scheduled for the next release
2-20
Requirements of the Planning Tool
The Planning Tool is an x86 application that can run on x86-based or x64-based computers. To install the Planning Tool, your computer must be running the following: Microsoft Windows 7, Windows Server 2008 R2, Windows Server 2008 with Service Pack 2 (SP2), or Microsoft Windows Vista with SP2 (64-bit or 32-bit) Microsoft .NET Framework 3.5 with SP1(or later) Note: After you import your Planning Tool results into Topology Builder and start the deployment, any changes that you make by using the Planning Tool cannot be imported into Topology Builder. Therefore, any server roles that you add later must be configured manually in Topology Builder.
2-21
Lesson 3
Deploying Lync Server 2010
The deployment process for Lync Server 2010 is determined by the Lync Server 2010 topology and the components you want to install, including whether you want to deploy an Enterprise Edition pool or a Standard Edition server. This lesson covers the steps for deploying Lync Server 2010 Enterprise Edition server. You will learn how to prepare Active Directory, deploy a Front End server pool, and deploy additional server roles. After completing this lesson, you will be able to: Identify the steps for deploying Lync Server 2010. Describe how to prepare Active Directory. Describe the changes occurring during the topology publishing process. Describe the Front End server and Pool deployment process. Describe the deployment process for the remaining server roles.
2-22
Deployment Model
Although previous versions of Lync Server 2010 have always implicitly been deployed in sites and pools, this is now explicitly defined as the deployment model in Lync Server 2010. The hierarchy is composed of the following objects: Global. One Global object represents the entire environment. The Global object is composed of a collection of sites. Sites. Sites represent both Central and Branch sites. An example of a Central site is a datacenter, while a Branch site is a location with no IT staff, most likely an appliance used for resiliency. Sites are made up of Enterprise or Standard Edition Pools, which host users and services. Pools. Pools host users and services, such as Instant Messaging (IM), Conferencing, and VoIP. Users. Users refer to end users.
This model also represents the boundaries for policy definitions and their application within your environment. The Topology Builder is used to define the appropriate structure for your environment. Policies flow from the top down, to a per-user level at the pool.
2-23
Preparing Active Directory
You can use the Deployment Wizard or PowerShell 2.0 cmdlets to prepare AD DS. Either way, to prepare AD DS for deployment, you must perform three steps in a specific sequenceschema preparation, forest preparation, and domain preparation. If you are interested in gaining more experience with using PowerShell, the specific cmdlets for preparing AD DS are provided below.
Step 1: Schema Preparation

This step extends the Active Directory schema by adding new classes and attributes that are used by Lync Server 2010. In the root domain for each forest in your deployment, run the following cmdlets against the schema master.
Install-CSAdServerSchema ldf <PathtoLDFfiles> Current state: Get-CsAdServerSchema
Note: The schema preparation cmdlet (Install-CsAdServerSchema) must access the Schema Master, which requires that the remote registry service is running and that the remote registry key is enabled. If the remote registry service cannot be enabled on the Schema Master, you can run the cmdlet locally on the Schema Master.
Step 2: Forest Preparation

This step creates global settings and universal groups that are used by Lync Server 2010. You must ensure that the schema preparation changes have been replicated to all domain controllers before performing the forest preparation procedure. If replication is not completed, an error occurs. In the root domain of each forest in your deployment, run the following cmdlets.
Enable-CSAdForest Current state: Get-CSAdForest
2-24
Note: If you are performing a new Lync Server 2010 deployment, global settings are stored in the Configuration partition. If you are upgrading from a previous version of Office Communications Server, you can continue to use the System container.
Step 3: Domain Preparation

This step adds the necessary access control entries (ACEs) to universal groups that grant permissions to host and manage users within the domain. Run the following cmdlets once per user (or server domain by using the domain parameter) on a member server in each domain where Lync Server 2010 will be deployed.
Enable-CSAdDomain Current state: Get-CSAdDomain
Note: If your organization uses custom containers instead of the three built-in containers (Users, Computers, and Domain Controllers), you must grant read access to the custom containers for the Authenticated Users group by using the Grant-CsOuPermission cmdlet, as follows: GrantCsOuPermission -ObjectType <User | InetOrgPerson | Contact | AppContact.> -OU <DN of the OU, excluding the domain root portion of the DN>
2-25
The Topology Publishing Process
After preparing Active Directory, the next step in the Lync Server 2010 deployment process is installing the Topology Builder tool and authoring your Lync Server 2010 topology. Using the Topology Builder wizard, you can configure your first server by authoring a Topology document. You must create at least one pool before you can publish the authored Topology document. When the Topology document is published, the document is inserted into the Central Management Store (CMS) database supporting the first pool. For Enterprise Edition, Topology Builder automatically creates the CMS database for you when you deploy your topology. For more information about the topology publishing process, see Deploying Front End Servers and Pools in this module.
2-26
Deploying Front End Servers and Pools
After you have successfully published a topology, you will need to install and set up server roles by using the Lync Server 2010 Deployment Wizard. You will need to use the Deployment Wizard to complete all four deployment steps, including: 1. 2. 3. 4. Installing the local configuration store Installing the Front End servers Configuring certificates Starting services
Step 1: Installing the Local Configuration Store

The Local Configuration Store is a Microsoft SQL Server Express local copy of the CMS, which is the full instance of the SQL Server database. Every Lync Server 2010 server runs a local instance named RTCLOCAL.
Step 2: Installing the Front End Servers

The next step is setting up the Lync Server 2010 components. The wizard-based setup routine is as follows: 1. 2. 3. 4. References a Service Connection Point (SCP) object from Active Directory, which points to the CMS database Retrieves the Topology document Installs the Lync Server 2010 components (and the role defined therein) Performs activation of those services and roles
The components that you deploy are specific to the server role that you are deploying and the options you specified in your published topology.
2-27
Step 3: Configuring Certificates

Step 3 of the Deployment Wizard enables you to request, install, or assign certificates. Each Front End server requires three certificatesa default certificate, a web internal certificate, and a web external certificate. You use the Deployment Wizard to configure a certificate from an Internal Enterprise Root CA that has been deployed by your organization with offline request processing. Alternately, you can obtain certificates from an external CA. This process binds the certificate to the specified Lync Server 2010 services and roles. Throughout the certificate management lifecycle, you use the Certificate Wizard for renewing and reassigning certificates.
Step 4: Starting Services

After you install the Local Configuration Store on your Front End servers, install the Lync Server 2010 components, and configure certificates on a Front End server, you must start the Lync Server 2010 services on the server. To do this, use the Lync Server Deployment Wizard. As future changes are made to your Lync Server 2010 environmentfor example, you decide to change the URL path for web services, or change a port that IIS usesyou reflect those changes by: Authoring a new Topology document by using the Topology Builder wizard. Publishing the new Topology document. Running setup again on the affected Lync Server 2010 servers.
2-28
Deploying Other Server Roles
Other Lync Server 2010 server roles that you might want to deploy include: Edge server A/V Conferencing server Monitoring server Archiving server Survivable Branch Appliance (SBA) or Survivable Branch Server (SBS)
Edge Server
Providing external user access for Lync Server 2010 requires that you deploy at least one Edge server and one reverse proxy in your perimeter network. Additionally, you might need to deploy a Director in your internal network. Each Edge server has the following system requirements. Hardware component CPU Minimum requirement Either: Memory Disk Network 64-bit dual processor, quad-core, 2.0 gigahertz (GHz) 64-bit 4-way processor, dual-core, 2.0 GHz
12 gigabytes (GB) (16 GB for all other server roles except for the back-end server, which is 32 GB) Local storage with 30 GB free disk space 2-port 1 Gbps network adapter
2-29
Edge server requires either the: -or 64-bit edition of Windows Server 2008 R2 (Enterprise or Standard Edition) 64-bit edition of Windows Server 2008 (Enterprise or Standard Edition) with SP2
Edge server also requires the following programs: Microsoft .NET 3.5 SP1 Windows PowerShell 2.0 Microsoft Visual C++ 2008C redistributable (which is not automatically installed as part of Edge server installation)
For more information about Edge server, see Module 5, External User Access.
A/V Conferencing Server

You can choose to collocate an A/V Conferencing server on a Front End or Standard Edition server, or you can deploy a stand-alone A/V Conferencing server. For more information about collocating an A/V Conferencing server, see Module 6, Deploying Basic Enterprise Voice Functionality and Module 7, Extending Enterprise Voice Functionality.
Monitoring Server
A Monitoring server deployment has the following prerequisites: A Lync Server 2010 deployment Message Queuing SQL Server database software and SQL Server Reporting Services
Except for the preceding prerequisites, Monitoring server hardware and software requirements are the same as for a typical Lync Server 2010 deployment. You use the following steps to deploy a Monitoring server: 1. 2. 3. 4. 5. Install and configure Message Queuing for the Monitoring server. Deploy SQL Server and SQL Server Reporting Services. Define a Monitoring server topology by using Topology Builder and publish the topology. Install Monitoring server by using the Lync Server Deployment Wizard. Deploy Monitoring server reports to an instance of SQL Server Reporting Services.
For more information about Monitoring server, see Module 11, Monitoring and Archiving.
Archiving Server
As with the deployment of other Lync Server 2010 components, deployment of an Archiving server requires that you use Topology Builder to create and publish a topology that incorporates the necessary components prior to installing Lync Server 2010 on an Archiving server. You can deploy an Archiving server at the same time that you deploy your initial topology, or after you have deployed at least one Front End pool or Standard Edition server. If you enable archiving in one Front End pool or Standard Edition server, you should then enable it for all other Front End pools and Standard Edition servers in your deployment.
2-30
If archiving is critical in your organization for compliance reasons, be sure to deploy an Archiving server and enable archiving for all appropriate users before you enable those users for Lync Server 2010. For more information about Archiving server, see Module 11, Monitoring and Archiving.
Survivable Branch Appliance or Server

Branch site users get most of their Lync Server 2010 functionality from the server at the central site. Branch sites with an SBA or an SBS are more resilient in times of WAN or central site failures than branch sites without one of these solutions. For example, in a site with an SBA or SBS deployed, users can still make and receive PSTN calls if the network connecting the branch site to the central site is down. Each branch site is associated with one central site. To provide calls to and from the PSTN, a branch site may contain any of the following: Survivable Branch Server Survivable Branch Appliance PSTN gateway/IP PBX/SIP trunk
Another way to achieve branch-site resiliency is by using an IP/PSTN gateway or SIP trunk with a full-scale Lync Server 2010 deployment at the branch site.
2-31
Lab: Preparing the Environment and Deploying a Lync Server 2010 Pool
Lab Scenario
You are the Network Administrator for Fabrikam, Inc., and have been tasked with deploying Lync Server 2010. You will prepare your Active Directory for Lync Server 2010, configure a topology by using the Topology Builder, publish it, and then deploy one Enterprise Edition Front End server.
Start the virtual machines

For Labs 2, 3 and 4, each student should have their own set of virtual machines and will perform all of the steps by themselves. The set of virtual machines include: 10533A-MIA-DC1.1 10533A-MIA-SQL1.1 10533A-MIA-LS1.1 10533A-MIA-CL1.1
Use the Hyper-V Manager to start and connect to the MIA-DC1 virtual machine and wait for it to completely startup. . Start and connect to the rest of the virtual machines (10533A-MIA-SQL1.1, 10533A-MIA-LS1.1, and 10533A-MIA-Cl1.1) before beginning labs. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machine: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd
To begin this lab, you must connect to the appropriate virtual machines by using the following steps: 1. 2. On the host computer, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, right-click 10533A-MIA-DC1.1 and click Start.
2-32
3. 4. 5. 6. 7. 8. 9.
Right-click 10533A-MIA-DC1.1 and click Connect. In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing. In the Virtual Machines list, right-click 10533A-MIA-SQL1.1 and click Start. Right-click 10533A-MIA-SQL1.1 and click Connect. In the Virtual Machines list, right-click 10533A-MIA-LS1.1 and click Start. Right-click 10533A-MIA-LS1.1 and click Connect. In the Virtual Machines list, right-click 10533A-MIA-CL1.1 and click Start.
10. Right-click 10533A-MIA-CL1.1 and click Connect. 11. When 10533A-MIA-CL1.1 has booted up completely, close the Virtual Machine Connection window. 12. On the host, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 13. In the Remote Desktop Connection window, click Options. 14. Click the Local Resources tab, and then under Remote audio, click Settings. 15. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 16. Under Remote audio recording, click Record from this computer, and then click OK. 17. Click the General tab. 18. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 19. In the User name box, type Fabrikam\Andreas, and then click Connect. 20. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Connect. 21. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 22. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Important: All connections to MIA-CL1 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
Note: If the virtual machines are reporting that they need to be activated, run slmgr.vbs rearm from a command prompt and then reboot the server.
2-33
Exercise 1: Preparing for Lync Server 2010

Scenario
In the first exercise, you will prepare Active Directory for Lync Server 2010 and add the Administrator in the CSAdministrator group. The main tasks for this exercise are as follows: 1. 2. Prepare Active Directory for Lync Server 2010. Add an administrator to the CSAdministrator group.
Task 1: Prepare Active Directory for Lync Server 2010.

1. 2. 3. On MIA-LS1, launch the Lync Server 2010 Deployment Wizard. Using the Lync Server 2010 Deployment wizard, perform the steps to Prepare Active Directory. Close the Deployment Wizard.
Task 2: Add an administrator to the CSAdministrator Group.

1. 2. 3. On MIA-DC1, launch Active Directory Users and Computers. Add Fabrikam\Administrator to the CSAdministrator group. Log off of MIA-LS1 and then log back on as Fabrikam\Administrator with the password of Pa$$w0rd Results: After this exercise, you should have prepared Active Directory for an installation of Lync Server 2010.
2-34
Exercise 2: Configuring a Lync Server 2010 Topology

Scenario
In this exercise, you will install and use the Topology Builder to build the Lync Server 2010 topology and configure the administrative URLs. The main tasks for this exercise are as follows: 1. 2. Deploy and run the Topology Builder. Configure the Administrative Access URL.
Task 1: Deploy and run the Topology Builder.

1. 2. 3. On MIA-LS1, start the Lync Server Deployment Wizard. Install and start the Topology Builder. In the Topology Builder, perform the following steps: a. b. c. d. Select New Topology. Browse to the Desktop and enter the file name Lab2. Use fabrikam.com as your SIP domain. Enter the following information for the site. Entry Miami Miami Florida +1 selected pool.fabrikam.com MIA-LS1.fabrikam.com
Wizard step Name City State/Province Country/Region Code Open the New Front End Wizard when this wizard closes Pool FQDN: Computer FQDN: e.
Finish the New Topology wizard, using the following information. Entry Conferencing, which includes audio, video and application sharing (only) Collocate A/V Conferencing service None SQL Server FQDN: Type MIA-SQL1.fabrikam.com Select Default Instance File Server FQDN: Type MIA-SQL1.fabrikam.com
Wizard step Select features Select collocated server roles Associated server roles with this Front End pool Define the SQL Store (new)
Define the file share (new)
2-35
Wizard step
Entry File Share: Type fileshare
Specify the Web Services
Leave default
Task 2: Configure the Administrative Access URL.

1. On MIA-LS1, in the Topology Builder, configure the Administrative Access URL to be https://admin.fabrikam.com. Results: After this exercise, you should have created and edited a publishable topology.
2-36
Exercise 3: Publishing the Topology

Scenario
In this exercise, you will publish the topology and understand the changes made during this process, such as creating the CMS database, setting the configuration store location, and creating the necessary databases. The main task for this exercise is to publish your topology.
Task 1: Publish the topology.

1. 2. 3. 4. 5. On MIA-LS1, use the Topology Builder to publish the topology. Verify that MIA-SQL1.Fabrikam.com is selected to create the databases. Select Pool.fabrikam.com for the Central Management Service. Verify that the topology publishes successfully. Read the to-do list.' Results: After this exercise, you should have published the topology.
2-37
Exercise 4: Configuring Domain Name Server (DNS)

Scenario
In this exercise, you will use the DNS MMC to create appropriate A and SRV records on MIA-DC1 that are required for automatic client logon. The main task for this exercise is to create the necessary DNS records for Lync Server 2010.
Task 1: Create the necessary DNS records for Lync Server 2010.
1. 2. On MIA-DC1, open DNS Manager. In the Fabrikam.com Forward Lookup zone, create the following DNS records: 'A' Pool 10.0.10.12 'A' Dialin 10.0.10.12 'A' Meet 10.0.10.12 'A' Admin 10.0.10.12 'SRV' _sip._tls.fabrikam.com 5061 pool.fabrikam.com 'SRV' _sipinternaltls._tcp.fabrikam.com 5061 pool.fabrikam.com
2-38
Exercise 5: Deploying the Front End Server Role

Scenario
In this exercise, you will walk through the four steps in the deployment wizard to complete the setup of a Lync Server 2010 Front End server. You will install a Local Configuration Store, set up components, request and configure certificates, and then start the Lync Services. The main tasks for this exercise are as follows: 1. 2. 3. 4. Install the Local Configuration Store. Set up components. Request and assign certificates. Start Lync Server Services.
Task 1: Install the Local Configuration Store.

1. 2. On MIA-LS1, using the Lync Server 2010 Deployment Wizard, perform the steps to install or update Lync Server System and install the Local Configuration Store. Verify that the Local Configuration Store will retrieve directly from the CMS.
Task 2: Set up components.

1. On MIA-LS1, using the Lync Server 2010 Deployment Wizard, perform the steps to set up or remove Lync Server components.
Task 3: Request and assign certificates.

1. On MIA-LS1, using the Lync Server 2010 Deployment Wizard, perform the steps to request, install, or assign certificates.
Use the following information to request and assign the necessary certificates. Wizard step Certification Authority Name and Security Entry MIA-DC1.Fabrikam.com\FabrikamCA Friendly Name: Type MIA-LS1 Lync Server Certificate Bit Length: Select 2048 Organization: Type Fabrikam Corporation Organizational Unit: Type IT Country/Region: Select United States State/Province: Type Florida City/Locality: Type Miami Select Fabrikam.com Expand the Certificate Type: Server Default Web Services Internal Web Services External Verify all show as Assigned.
Organization Information
Geographical Information
SIP Domain setting on Subject Alternate Name (SANs) Certificate Wizard
2-39
Task 4: Start Lync Server Services.

1. On MIA-LS1, using the Lync Server 2010 Deployment Wizard, perform the steps to start the Lync Server 2010 services. Results: After this exercise, you should have a configured Lync Server 2010 deployment.
2-40
Review Questions
1. 2. 3. Does Microsoft recommend deploying load balancing on the external Edge server? What about the internal Edge server? Why or why not? If you deploy multiple load-balanced Edge servers at a single site, what are the requirements for the A/V Edge certificates?
Common Issues
Issue Faxes are not being received or sent properly. You have made changes to the Device Update service, but those changes are not propagating to all servers. Troubleshooting tip When you create a contact object for an analog device, you must specify the correct categorization of the analog device as either a fax machine (such as fax, modem, TTY) or a voice device. Improper designation affects call routing. If you have multiple Front End servers in your deployment, for each instance of web Services there is a separate instance of Device Update service running in the pool. When you make a configuration change to the Device Update service, those changes are propagated to all the servers in that pool, but not to servers in any other pool. Therefore, you need to make configuration changes in each pool.
Configuring Users and Rights in Microsoft Lync Server 2010
3-1
Module 3
Contents:
Lesson 1: Managing Lync Server 2010 Lesson 2: Role-Based Access Control Lab: Configuring Users and Rights in Lync Server 2010 3-3 3-10 3-15
3-2
Module Overview
The purpose of this module is to introduce you to the methods available for configuring and managing users in Microsoft Lync Server 2010. You will learn about the configuration management options in Lync Server 2010, including the Lync Server Control Panel and the Lync Server Management Shell. You will learn the basic syntax for working in Windows PowerShell and recognize the powerful scripting capabilities of this tool. You will also learn about the new Role-Based Access Control (RBAC) administrative model in Lync Server 2010and become familiar with the predefined roles to which you can assign administrators, and the process for creating new custom roles.
Objectives
After completing this module, you will be able to: Use Lync Server 2010 management interfaces. Configure Role-Based Access Control.
3-3
Lesson 1
Managing Lync Server 2010
This lesson provides an introduction to using the Lync Server Control Panel, PowerShell 2.0, and Lync Server Management Shell for managing your Lync Server 2010 communications system.
Objectives
After completing this lesson, you will be able to: Manage users with Lync Server Control Panel. Explore PowerShell 2.0 cmdlets. Manage users with Lync Server Management Shell.
3-4
The Lync Server Control Panel is a web-based user interface that replaces the Microsoft Management Console (MMC) interface from previous releases. The Lync Server Control Panel extends the management functionality to any Microsoft Silverlightcapable browser. You can use the Lync Server Control Panel to: Search for and configure users. You can search for users by display name, first name, last name, Security Accounts Manager (SAM) account name, Session Initiation Protocol (SIP) address, or line Uniform Resource Identifier (URI). You can then use the results of your search query to configure users for Lync Server 2010 and perform other related tasks such as assigning policies and changing or removing personal identification numbers (PINs). Enable or disable users. After creating a user account in Active Directory Users and Computers, you can enable or disable a user account in Lync Server 2010. When you disable a previously enabled user account, you do not lose the Lync Server 2010 settings that you configured for that user account. Therefore, you can choose to re-enable the user without needing to reconfigure the user account. Assign policies to users. You can assign specific policies to a user or a group of users, such as conferencing policies, supported client version policies, archiving policies, or remote user access policies. Assign users to a server or pool. You can assign users to a server or move them to a specific pool under the Edit or move users link in the Lync Server Control Panel. Set a users dial-in conferencing PIN. You can configure global PIN policies, such as the required minimum length. In addition, you can configure PIN policies for individual users or sites. You can choose to generate the PIN automatically or create one manually.
Lync Server Control Panel is automatically installed on every Front End or Standard Edition server in your deployment. In Lync Server 2010, Edge servers are managed remotely by using the Lync Server Control Panel, which is not exposed externally to the web.
3-5
Note: You cannot use Lync Server Control Panel to manage users who are members of the Active Directory Domain Admins group. For Domain Admin users, you can use Lync Server Control Panel to perform read-only search operations. To perform write operations on Domain Admin users, such as enabling or disabling Lync Server 2010, or changing pool or policy assignments, telephony settings, SIP address, etc., you must use Windows PowerShell cmdlets while logged on as a Domain Administrator with appropriate RBAC credentials. For more information about PowerShell cmdlets, see Using PowerShell 2.0 in this module.
3-6
The Lync Server Management Shell is another method of administration for a Lync Server 2010 communications system. The decision to use Lync Server Control Panel or Lync Server Management Shell is up to youyou can perform all Lync Server 2010 management tasks by using either tool. One advantage of the Lync Server Management Shell is that it is useful for running scripts to automate common administrative tasks. Lync Server Management Shell is automatically installed on every Lync Server Enterprise Edition Front End server or Standard Edition server in your deployment. The Management Shell is built on the Windows PowerShell 2.0 command-line interface, and includes more than550 product-specific cmdlets for administering Lync Server 2010.
Lync Server Cmdlet Syntax

Each PowerShell cmdlet (pronounced command-let) consists of a term (typically a verb) followed by a dash and then followed by a noun as shown in the following example.
New-CsUserReplicatorConfiguration
Typing new tells PowerShell what you want to do, which is followed by a dash and then a noun. The dash-noun combination signifies a parameter. In this example, PowerShell creates a new collection of user replicator configuration settings. The user replicator periodically retrieves up-to-date user account information from Active Directory and then synchronizes the new information with the current user data stored by Lync Server 2010. Other commonly used verbs in PowerShell are shown in the following table. Approve Enable Clear Export Debug Get Disable Grant
3-7
Approve Import Move Stop
Clear Install Remove Test
Debug Invoke Revoke Unblock
Disable Lock Set Update
For more information about PowerShell cmdlets, see Using PowerShell 2.0 in this module.
3-8
Using PowerShell 2.0
Because both the Lync Server Management Shell and the Lync Server Control Panel are built on the Windows PowerShell 2.0 command-line interface, it is important that you are comfortable working with the syntax and capabilities of PowerShell. This topic assumes that you are new to PowerShell but familiar with scripting, and provides you with an introduction to using PowerShell 2.0 with Lync Server 2010.
Why Use PowerShell?

PowerShell is built on the Microsoft .NET Framework common language runtime (CLR) and the Microsoft .NET Framework, and PowerShell accepts and returns .NET Framework objects. By using product-specific commands, PowerShell gives you access to the file system on the computer and enables you to access other data stores, such as the registry and the digital signature certificate stores, just as easily as you can access the file system. It is designed specifically for systems administrators to make configuration and management tasks easier.
Using PowerShell Cmdlets

As previously mentioned, each PowerShell cmdlet consists of a verb followed by a dash and then followed by a noun as shown in the following example.
Get-Help
If you want to receive help on a specific cmdlet, type the following.

Get-Help New-CsVoicePolicy
This command returns the most commonly sought help for creating a new voice policy. For more detailed help on a topic, you can add a parameter, preceded by a dash, as shown in the following example.
Get-Help New-CsVoicePolicy -Examples
3-9
For all available help on a topic, use the parameter Full. Note: You can get help on each cmdlet directly from the command line and also from the Lync Server 2010 Help file. There are two specific Help files available for cmdletsRTCCmdlets.chm and RGSCmdlets.chm.
Using Cmdlet Parameters

A parameter is a way of adding additional information to a cmdlet, limiting the amount of information that is returned. For example, if you want to find all the services running on a particular server, type the following.
Get-Service
If you want to return only the Lync Server 2010 services and their active status, type the following.
Get-CsWindowsService
In the following example, the DisplayName parameter is followed with the value Windows Update to tell the Get-Service cmdlet to get only those services with a DisplayName property equal to Windows Update.
Get-Service -DisplayName "Windows Update"
Note: In this example, the quotes around Windows Update are required because the string contains a space. Otherwise, quotes are unnecessary when assigning a one-word value to a parameter.
Using Wildcards
To further refine your results, you can use wildcards. The primary wildcard characters in PowerShell are the asterisk (*), representing one or more characters, and the question mark (?), representing a single character. For example, if you want to display all services that have a display name beginning with windows, but want to exclude any that contain the word audio in the Name or DisplayName, type the following.
Get-Service -DisplayName windows* -Exclude *audio*
PowerShell Scripting
In addition to running cmdlets, you can use PowerShell 2.0 to run scripts that automate your more commonly performed tasks. A script in PowerShell is simply a text file containing your typed commands. The lab for this module guides you through the process of running a PowerShell script.
3-10
Lesson 2
Role-Based Access Control
This lesson explores the new Role-Based Access Control (RBAC) administrative model within Lync Server 2010 and the rights associated with each role. You will learn how to assign user membership within the roles and how to create custom roles to accommodate the specific administrative needs of your organization.
Objectives
After completing this lesson, you will be able to: Describe the concept of RBAC. Explain how RBAC is used in Lync Server 2010. Configure RBAC.
3-11
What Is Role-Based Access Control?
RBAC is an access control method that enables you to delegate administrative access to a system or program based on an administrators job functions. RBAC enables the security best practice of least privilege. RBAC roles are used to specify the management tasks that users are allowed to carry out, and to determine the scope in which users will be allowed to perform these tasks. In Lync Server 2010, granting administrative access is performed either by assigning users to redefined administrative roles or by creating and assigning users to custom roles. The following table highlights the predefined roles that limit access to management functions. Built-in role CsAdministrator CSArchivingAdministrator CSHelpDesk CsServerAdministrator CSUserAdministrator CSViewOnlyAdministrator CSVoiceAdministrator CSResponseGroupAdministrator CSLocationAdministrator Capabilities Top level; can assign roles Archiving configuration and policies; exclusive access to some functions Read-only view with access to troubleshooting tasks Manage, monitor, and troubleshoot services, including start, stop, and drain Provision, move, and assign policies to users View-only access to configuration, health Voice settings and policies Response Group Service (RGS) management Lowest level; E9-1-1 rights
3-12
How Lync Server 2010 Uses RBAC
Each of the predefined roles in Lync Server 2010 is associated with an underlying Active Directory security group (created in Active Directory when you deploy Lync Server 2010) and a corresponding Windows PowerShell cmdlet. Any user that you assign to an RBAC role has all the rights granted to the security group and the specific cmdlets assigned to that role. The scope of a role is the set of objects on which the cmdlets defined in that role can operate. These objects can be either user accounts (grouped by organizational unit) or servers (grouped by site). By default, all predefined roles in Lync Server 2010 have a global scope.
Applying Security Best Practices

To follow the security practice of least privilege, you must create custom roles for Lync Server 2010 administration that are based on the predefined roles, but have a more limited scope. Users who have the CsAdministrator role can create all types of roles, including roles based on CsAdministrator, and assign users to them. The best practice is to assign the CsAdministrator role to a very small set of trusted users within your organization. Important: RBAC restrictions apply only to administrators working remotely, using either the Lync Server Control Panel or Lync Server Management Shell. A user working directly on a server running Lync Server 2010 is not restricted by RBAC. Therefore, you must ensure the physical security of your Lync Server 2010 servers to preserve RBAC restrictions and follow the best practice of managing your system from the workstation.
3-13
Configuring RBAC
You can create custom roles for managing Lync Server 2010 by combining one or more of the predefined roles to create a superset role and by modifying the scope of an existing role.
Step 1: Creating Custom Roles

To create a new role in Lync Server 2010, you must first create a universal security group in Active Directory that shares a name with the role. For example, to create a new role based on CsAdministrator for Site01, you must: 1. 2. Create a universal security group with the name SamAccountNameSite01ServerAdministrators. Create a new role with the following PowerShell command.
New-CsAdminRole Identity Site01ServerAdministrators Template CsAdministrator ConfigScopes site:Site01
Step 2: Limiting Server Scope

The second step in creating custom roles is to limit the scope of servers that the users of a custom role and/or security group can administer. For example, the following cmdlet creates a new role named Site01ServerAdministrators based on the predefined CsServerAdministrator role, and limits the scope of the new role to only the servers located in Site01. For this command to work, the Site01 site must be predefined.
New-CsAdminRole -Identity "Site01ServerAdministrators" -Template CsServerAdministrator ConfigScopes site:Site01"
After you run this, all users who are members of the Site01ServerAdministrators group will have server administrator privileges only for the servers in Site01. Any users who are later added to this security group also gain the privileges of this role.
3-14
Step 3: Limiting User Scope

The following example limits user scope instead of server scope. It creates a Sales Users Administrator role to administer the user accounts in the Sales organizational unit (OU). As previously mentioned, for this command to work, the SalesUsersAdministrator security group must have already been created.
New-CsAdminRole -Identity "SalesUsersAdministrator" -Template CsUserAdministrator UserScopes OU:OU=Sales, OU=Lync Tenants, DC=Domain, DC=com"
You can assign a user to multiple RBAC roles by adding the user to the underlying Active Directory groups that correspond to each role.
3-15
Lab: Configuring Users and Rights in Lync Server 2010
Lab Scenario
You have successfully deployed Lync Server 2010 at Fabrikam, Inc.You will now provision users and delegate administrative rights.

This lab requires the virtual machines from the previous lab and depends on Lab 2 being completed.The virtual machines are configured to automatically logon as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machine: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd
To begin this lab, you must connect to the appropriate virtual machines by using the following steps: 1. 2. On the host computer, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, if the virtual machine 10533A-MIA-DC1.1 is not started: a. b. 3. 4. Right-click 10533A-MIA-DC1.1 and click Start. Right-click 10533A-MIA-DC1.1 and click Connect.
In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing. In the Virtual Machines list,if the virtual machine 10533A-MIA-SQL1.1 is not started: a. b. Right-click 10533A-MIA-SQL1.1 and click Start. Right-click 10533A-MIA-SQL1.1 and click Connect.
5.
In the Virtual Machines list, if the virtual machine 10533A-MIA-LS1.1 is not started: a. Right-click 10533A-MIA-LS1.1 and click Start.
3-16
b. 6.
Right-click 10533A-MIA-LS1.1 and click Connect.
In the Virtual Machines list, if the virtual machine 10533A-MIA-CL1.1 is not started: a. b. Right-click 10533A-MIA-CL1.1 and click Start. Right-click 10533A-MIA-CL1.1and click Connect.
7. 8. 9.
When 10533A-MIA-CL1.1 has booted up completely, close the Virtual Machine Connection window. On the host, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. In the Remote Desktop Connection window, click Options.
10. Click the Local Resources tab, and then under Remoteaudio, click Settings. 11. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 12. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 13. Click the General tab. 14. Under Logon settings, in the Computerbox, type mia-cl1.fabrikam.com. 15. In the User namebox, type Fabrikam\Andreas, and then click Connect. 16. On the Remote Desktop Connection window,select the Dont ask me again for connections to this computer check box, and then click Connect. 17. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 18. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services that are set to Automatic start have started. If not, right-click the service and click Start.
3-17
Exercise 1: Using the Lync Server Control Panel

Scenario
In this exercise, you will use the Lync Server Control Panel to provision and administer users for Lync Server 2010. The main tasks for this exercise areas follows: 1. 2. Enable users. Validate the configuration.
IMPORTANT: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server, and Lync Server 2010 services. To do so, click Start, click Administrative Tools and then click Services. In the Services console, verify all services that are set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Enable users.

1. On MIA-LS1, launch Internet Explorer. a. 2. 3. To enable auto logon, add *.fabrikam.com to Local Intranet Sites in Microsoft Internet Explorer Security.
On MIA-LS1, start the Lync Server Control Panel by running https://admin.fabrikam.comor opening it on the Start menu. Enable the following users: Andreas Herbinger Anna Lidman Conor Cunningham EbruErsan Patricia Doyle Paul West
4.
Use the following settings: Pool: Pool.fabrikam.com Use the format: SAMAccountName@fabrikam.com Telephony: PC-to-PC only Remaining settings: 'Default'
Task 2: Validate the configuration.

1. 2. 3. 4. On MIA-LS1, use the Lync Server Management Shell to update the Address book and the User Database. On the host, import the Fabrikam CA certificate as a Trusted Root Certification Authority from \\MIADC1\Certenroll. Install Lync 2010 from \\MIA-LS1.Fabrikam.com\C$\LabFiles\ Validate the ability to logon to Lync Server 2010 and have conversations.
3-18
a.
On the host, sign in to Lync as Conor. Conor@Fabrikam.com, Pa$$w0rd
b.
On MIA-CL1 sign in as Andreas by using a Remote Desktop Connection with remote audio playback and remote audio recording enabled. Andreas@Fabrikam.com, Pa$$w0rd
c. d.
Launch Lync 2010. Add each other as contacts and have an instant messaging (IM) conversation between Andreas and Conor.
NOTE: You may have to wait a moment for Address book synchronization or enter the full SIP URI, such as andreas@fabrikam.com. e. Add Marcel as a contact for Andreas and Conor.
Results:After completing this exercise, you should have enabled existing Active Directory users by using the Lync Server Control Panel. Then, you should have installed Lync Server 2010 on the host and verified Lync Server 2010 connectivity and functionality.
3-19
Exercise 2: Using the Lync Server Management Shell

Scenario
In this exercise, you will use the Lync Server Management Shell to provision users for Lync Server 2010 based on their Active Directory group membership. The main tasks for this exercise are as follows: 1. 2. 3. Validate group membership. Enable users for Lync Server 2010. Validate the configuration.
Task 1: Validate group membership.

1. 2. 3. On MIA-DC1, launch Active Directory Users and Computers. Browse to the Executives OU. Review the Executives group membership.
Task 2: Enable users for Lync Server 2010.

1. On MIA-LS1, use the Lync Server Management Shell to enable all users in the Executives OU for Lync Server and assign them to the pool.fabrikam.com pool.

1. Validate the ability to logon to Lync 2010. a. On MIA-CL1, sign in as Marcelby using a Remote Desktop Connection as described at the beginning of this lab. b. c. Fabrikam\marcel, Pa$$w0rd
Launch Lync 2010 and notice that Marcel can log on. Have a conversation with Conor.
Results: After this exercise, you should have provisioned users based on an Active Directory attribute, in this case group membership,by using the Lync Server Management Shell.
3-20
Exercise 3: Configuring Role-Based Access Control

Scenario
In this exercise, you will grant administrative rights to users and verify that those rights have been applied in accordance with RBAC. The main tasks for this exercise are as follows: 1. 2. 3. Validate user rights. Grant rights to specific users. Validate that RBAC has been applied.
Task 1: Validate user rights.

1. 2. 3. On MIA-CL1, start Internet Explorer. Navigate to https://admin.fabrikam.com Log on as Andreas. 4. Fabrikam\Andreas, Pa$$w0rd
Validate that access is denied.
Task 2: Grant rights to specific users.

1. 2. On MIA-DC1, add Andreas to the CSAdministratorgroup. On MIA-DC1, add Conor Cunningham to the CSHelpDeskgroup.
Task 3: Validate that RBAC has been applied.

1. 2. 3. 4. Validate that access now is granted and that the user has the assigned rights in the Lync Server Control Panel. On MIA-CL1, start Internet Explorer. Navigate to https://admin.fabrikam.com Log on as Andreas.
3-21
5.
Fabrikam\Andreas, Pa$$w0rd
Validate that access is now granted and that the user has the assigned rights in the Lync Server Control Panel. On MIA-LS1, start Internet Explorer. Navigate to https://admin.fabrikam.com Log on as Conor. Fabrikam\Conor, Pa$$w0rd
6. 7. 8.
9.
Validate that access is granted and that the user has the assigned rights in the Lync Server Control Panel.
10. Compare Conors available options to Andreas available options. Results: After this exercise, you should have understood RBAC and how basic Active Directory group membership modifies rights within Lync Server 2010.
Important: After this lab, we recommended that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, rightclick, and then click Snapshot.
3-22
Review Questions
1. 2. 3. 4. 5. 6. What are the two ways to administer users in Lync Server 2010? What are the benefits of each tool for administering users? What security best practice can be achieved with RBAC? What are the steps needed to create a new role? What types of scoping are available for new roles? In what situation does RBAC not apply?
Common Issues Related to Desktop Application Support

Identify the causes for the following common issues related to a particular technology area in the module and fill in the troubleshooting tips. For answers, refer to the relevant lessons in the module. Issue http://admin.<domain> returns 404 not found Lync Server Control Panel requires authentication Error with Lync Server 2010 cmdlet Cannot create new role Troubleshooting tip Verify the simple URL assigned to Lync Server Control Panel. Use Microsoft Internet Explorer and add a simple URL to trusted sites. Use Get-Help <cmdlet> and Get-Help <cmdlet> -Examples to get more detail on the cmdlet. Verify membership in CsAdministrator.
3-23
Real-World Issues and Scenarios

1. You are troubleshooting at a client machine and need to adjust some Lync Server 2010 settings on the users account. What administrative tool would you use to manage the users account and why? You are enabling a batch of 200 user accounts for Lync Server 2010. You have a comma-delimited file that contains the users SAM account name and phone number. What administrative tool would allow you to create the user accounts efficiently and accurately? Your company has two locations. Executives and administrative staff are in one location and all other roles are in the other location. You have hired a Lync Server 2010 administrator dedicated to supporting the executive staff. You are following best practices and creating an RBAC role. How would you scope the RBAC role? Why? You are locking down the security on your Lync Server 2010 servers. What roles should be allowed to access the server by usingRemote Desktop? Why?
2.
3.
4.
3-24
Client and Device Deployment and Management
4-1
Module 4
Contents:
Lesson 1: Preparing for Client Deployment Lesson 2: Deploying and Managing Lync 2010 Clients Lesson 3: Preparing for Device Deployment Lesson 4: Deploying and Managing IP Phones Lab: Client and Device Management 4-3 4-8 4-17 4-24 4-32
4-2
Module Overview
Microsoft Lync Server 2010 introduces new ways of creating and defining client and user policies, as well as new procedures for deploying clients and devices. In this module, you will learn how to plan for introducing Lync Server 2010 clients into your network and the various phone devices that are supported. You will also learn how to effectively manage the desktop clients and devices.
Objectives
After completing this module, you will be able to: Prepare for client deployment. Deploy and manage clients. Prepare for device deployment. Deploy and manage Internet Protocol (IP) phones.
4-3
Lesson 1
Preparing for Client Deployment
This lesson introduces you to the clients that are available for use with Lync Server 2010 and the options available for deploying them, including in-band provisioning and Active Directory Domain Services (AD DS) Group Policy. You will learn how to configure client policies and settings and assign these policies to users.
Objectives
After completing this lesson, you will be able to: Configure client policies and settings. Create and assign client policies.
4-4
Configuring Client Policies and Settings
In Microsoft Office Communications Server (OCS), user policies for client applications were applied through Group Policy. Using Active Directory to distribute Group Policy requires that you work with individuals from the Active Directory Domain Services group to configure clients. Additionally, Group Policy is only configurable at the global and user levels.
In-Band Provisioning
In Lync Server 2010, most client policies are now controlled through server-based in-band provisioning. Although it is still possible to configure and manage client policies by using Group Policy, administrators can also use in-band provisioning settings to manage policies by using the Lync Server Control Panel, the Microsoft Windows PowerShell command-line interface, or both. Administrators can now perform most client configuration tasks themselves, and apply policies with more precision by assigning them at the global, site, or tag level. (Tags are settings that can be applied to a single user or to a group of users.)
Group Policies
There are still some essential policies and settings that you can only configure by using Group Policy. These include client configuration policies that specify, for example, the default servers and security mode that the client should use until sign-in is complete. Because these policies take effect before the client signs in and begins receiving in-band provisioning settings from the server, they must exist in the client computers registry before initial sign-in.
4-5
Creating and Assigning Client Policies
In Lync Server 2010, client policiesother than Group Policy policies required for bootstrappingare configured by using the Lync Server Control Panel or the Lync Server Management Shell.
Client Policies Configured Using In-Band Provisioning

The following table describes the client-related settings that are configurable in the Lync Server Control Panel, and maps each group of settings to its corresponding Lync Server Management Shell cmdlet.
4-6
Lync Server Control Panel group
Description
Lync Server2010 cmdlets CSAdUser CSUser
Users
Enable or disable users. Create or modify users. Move users or groups between pools. Configure a users Session Initiation Protocol (SIP) address and registrar pool. Set, lock, or unlock users personal identification number (PIN). Assign users or groups to policies defined in other Control Panel groups.
Examples:
Enable-CsUser Identity Alex Delgado RegistrarPool pool.fabrikam.com SipAddressTypeSamAccountName SipDomain fabrikam.com
Get-CsAdUser Identity Alex Delgado
Set-CsUser -Identity "Alex Delgado" EnterpriseVoiceEnabled $True LineUri tel:+14805551000 PrivateLine tel:+14255555000
CsFileTransferFilterConfiguration CsImFilterConfiguration Examples: Instant Messaging (IM) and Presence Allow or block IM hyperlink prefixes. Allow or block file extensions.
New-CsFileTransferFilterConfiguration Identity site:Redmond Extensions @{Add=.ps1}
New-CsImFilterConfiguration -Identity site:Redmond -Prefixes @{add="rtsp:", "urn:"}
4-7
CSConferencingPolicy CsConferencingConfiguration Examples: Define conferencing policies and permissions. Enable recording. Set default meeting options. Configure a dial-in access number. Configure a dial-in PIN policy.
New-CsConferencingPolicy Identity site:Redmond Description Redmond Default Conferencing Policy AllowIPAudio $true AllowIPVideo $false EnableDesktopSharing Desktop
Conferencing
Set-CsConferencingConfiguration Identity Global Organization Fabrikam Corporation
CsClientVersionConfiguration CsClientVersionPolicy CsClientVersionPolicyRule CsUCPhoneConfiguration Examples:

New-CsClientVersionConfiguation Identity site:Miami Enabled $true
Clients
Configure client version control. Configure device update rules, logging, and firmware testing.
New-CsClientVersionPolicy Identity site:Miami
$x = [guid]::NewGuid() New-CsClientVersionPolicyRule -Parent "site:Miami" -RuleId $x -MajorVersion 4 -UserAgentInHouse
Set-CsUCPhoneConfiguration -Identity site:Miami -PhoneLockTimeout "00:30:00"
Client Bootstrapping Policies Configured Using Group Policy

In Lync Server 2010, most settings are configurable through the Lync Server Control Panel. However, Group Policy Objects (GPOs) are still used for client bootstrapping and other settings that take effect before the client signs in and receives in-band provisioning settings from the server. For more information on the Group Policy settings required for client bootstrapping, see the Lync Server 2010 Help file topic, Key Client Policies and Settings.
4-8
Lesson 2
Deploying and Managing Lync 2010 Clients
Lync Server 2010 communications software supports several types of client software that you can deploy to your organizations users, including computer-installed client software and web-based clients. This lesson covers the essential deployment and configuration options that you must consider when deploying the Lync Server 2010 clients.
Objectives
After completing this lesson, you will be able to: Deploy Lync 2010. Configure Lync 2010. Deploy Lync 2010 Attendee. Deploy Lync Web App. Deploy Lync 2010 Attendant.
4-9
Deploying Lync 2010
Microsoft Lync 2010 (previously Microsoft Office Communicator) is the default client for Lync Server 2010 meetings. You can deploy Lync Server 2010 through an IT-managed deployment, or you can allow end users to install Lync 2010 individually the first time they attempt to join a meeting. The method you choose depends on the size and security requirements of your organization, the deployment methods you already have in place, and the experience level of your users, among other factors. If you choose to allow users to self-install, you can deploy Lync 2010 by using a file server on your network as a software distribution point for the Windows Installer package. You can then send email to users explaining the installation process and provide a link to the distribution point.
Windows Installer Command-Line Options

If you use Windows Installer for deploying Lync 2010, you have the following command-line options: Quiet-mode installation.You can suppress the installation user interface by using the Windows Installer command-line option /passive in your script.
msiexec /i Lync.msi /passive
The filename Lync.msi is used as an example only. The actual name of the Lync 2010 .msi file that you deploy might be different. Log file generation.You can generate a log file during Lync 2010 setup by adding /l*v followed by a file name to the Windows Installer command line.
msiexec /qn /i Lync.msi /l*v logfile.txt.
The asterisk specifies that all possible errors, warnings, and status messages are written to the log file, and the v specifies that all messages are verbose. Other log file flags are possible; for example, /lem generates a log file that contains only errors and out-of-memory or fatal exit information.
4-10
For a complete list of log file options, see the Windows Installer documentation on the Microsoft MSDN website. Event trace log (ETL) files, which may also be generated on your computer in the <username>/Tracing folder, enable you to troubleshoot problems.
Managed Deployment
If you choose to manage the deployment, you have the following installation options: Microsoft Systems Management Server 2003 (SMS) or Microsoft System Center Configuration Manager 2007 R2. Use these products for more complex software-installation scenarios, where scheduling, inventory, reporting, status, and support for an installation across a widearea network (WAN) are required. Active Directory Group Policy.You can create a Group Policy object to deploy Lync Server 2010 to specific users or computers based on group memberships. Windows logon scripts.The logon script performs an unattended installation of Lync 2010 when a user logs on. GPOs can be used to target logon scripts to specific devices or users.
4-11
Configuring Lync 2010
You can choose to configure a number of options for your Lync 2010 clients. These include: Configuring Domain Name System (DNS) for automatic client sign-in. Configuring the client version policy. Configuring the meeting join page. Configuring enhanced privacy mode. Customizing the Online Meeting Add-in.
Configuring DNS for Automatic Client Sign-In

If your organization chooses to support automatic client sign-in, you should configure DNS records to enable automatic client discovery of the appropriate Standard Edition server or Front End pool. You must designate a single server or pool to distribute and authenticate client sign-in requests. For high availability, we recommend that you configure a Director pool for this function. You must also create a single, internal DNS Service Location (SRV) record that maps to the fully qualified domain name (FQDN) of the Director pool (or Front End pool/Standard Edition server) that distributes sign-in requests from clients: For internal Transport Layer Security (TLS) communications, use _sipinternaltls._tls.<domain>. If Transmission Control Protocol (TCP) is allowed, for internal TCP connections,use _sipinternal._tcp. <domain> -.
Note: Here, the SIP domain refers to the host portion of the SIP Uniform Resource Identifiers (URIs) assigned to users. For example, if SIP URIs are of the form john@contoso.com, contoso.com is the SIP domain. The SIP domain may be different from the internal Active Directory Domain Services domain.
4-12
Configuring the Client Version Policy

In Lync Server 2010, the default client version policy requires that all clients are running a minimum of Microsoft Office Communicator 2007 R2. If clients in your environment are running earlier versions of Communicator, you might need to reconfigure the Client Version rules to prevent clients and devices from being unexpectedly blocked or updated when connecting to Lync Server 2010. You use Lync Server Control Panel to edit the default client version policy. In addition to creating a global policy, you can create client version policies for a particular service or site, or user-scoped policies that can be assigned to individual users. Note: Because anonymous users are not associated with a user, site, or service, anonymous users are affected by global-level policies only.
Configuring the Meeting Join Page

You can control the clients that are available for joining Lync 2010 meetings by configuring the meeting join page. This page opens each time a user clicks a meeting link and provides a way for users to join online meetings by using an alternate client. By default, the meeting join page includes the option to download the Lync 2010 Attendee client and Lync Web App. If you prefer not to deploy Lync 2010 Attendee, you can remove the download link from the meeting join page. You configure the meeting join page in the Lync Server Control Panel or the Lync Server Management Shell by using the following cmdlets.
New-CsWebServiceConfiguration Set-CsWebServiceConfiguration
Customizing the Online Meeting Add-in

You can customize the Online Meeting Add-in for Lync 2010 by: Adding custom text to an online meeting invitation by using a Microsoft Exchange Server 2010 or Microsoft Exchange Server 2007 Hub Transport server transport rule. Configuring available meeting options and meeting-option defaults by using Lync Server 2010 inband provisioning.
In addition, users can change the language of the meeting invitation to English when non-English versions of the Microsoft Office Outlook messaging and collaboration client and Lync 2010 are installed.
Configuring Enhanced Privacy Mode

Enhanced privacy mode enables users to restrict their presence information so that it is visible only to contacts listed in their Contact List. You configure this option by using the EnablePrivacyMode parameter in the CsPrivacyConfigurationcmdlet. When EnablePrivacyMode is set to True, the option to restrict privacy information to contacts becomes available to users in the Lync 2010 client. Note: Lync 2010 privacy settings do not apply to earlier client versions.
4-13
Deploying Lync 2010 Attendee
Lync 2010 Attendee is a conferencing client that allows users who do not have Lync 2010 installed to fully participate in Lync Server 2010 online meetings. Lync 2010 Attendee provides IM, audio, and video, as well as collaboration tools such as application sharing, screen sharing, attachments, whiteboards, polling, and Microsoft Office PowerPoint slide presentations.
Deployment Options
Lync 2010 Attendee can be installed on a per-user basis; so you can choose to selectively deploy this client, or allow users to download and install it as needed. There are two installers for Lync 2010 Attendeeuser and admin. Both require local computer administrative rights for installation. The admin installer modifies all local and future user profiles, while the user installer only modifies the profile of the user who is installing it. Using the admin installer, you can pre-stage the application on all computers, if desired.
Configuring the Meeting Join Page

By default, the meeting join page includes the option to download the Lync 2010 Attendee client. You can control the clients that are available for joining scheduled Lync Server 2010 meetings by configuring the meeting join page.
4-14
Deploying Lync Web App
Microsoft Lync Web App is a Microsoft Internet Information Services (IIS) web application that installs with Lync Server 2010 and is enabled by default. No additional server configuration is necessary. When users click a meeting URL, they are presented with the meeting join page, which always provides the option to join the meeting by using Lync Web App. The main administrative client-related consideration for Lync Web App is whether to deploy software prerequisites in advance or to allow users to install them when prompted. The Microsoft Silverlight 4.0 browser plug-in, which is a prerequisite for Lync Web App, is installed by running an .exe program. You can deploy Silverlight 4.0 to client computers, or you can allow users to be prompted for installation when they first start Lync Web App. Local admin rights are required to install Silverlight if it is not already installed. The sharing feature in Lync Web App requires a Microsoft ActiveX control. The first time that users initiate a sharing session, they will be prompted to download the required ActiveX control. Local web browser rights are required to run the elevated application. Lync Web App is supported in a variety of operating system and browser configurations, as detailed in the following table. OS Microsoft Windows 7 Microsoft Windows Vista SP2 Microsoft Windows XP SP3 Internet Explorer 8 Yes Yes IE 7 IE 6 Firefox 3.X Yes Yes Safari 5.X Safari 4.X
Yes Yes
Yes
Yes
Yes
Yes
4-15
Windows XP SP2 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2003 Windows Server 2000 SP4 Mac OS 10.4.8+ (Intelbased)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
4-16
Deploying Lync 2010 Attendant
Microsoft Lync 2010 Attendant is an intuitive call-management application that helps a receptionist manage large numbers of simultaneous calls. Lync 2010 Attendant runs in a full-screen window to provide a streamlined desktop experience. You can use Lync 2010 Attendant to: See conversation queues and contact lists. Perform directory searches and Click to Call. Transfer calls. Set up conferences without switching windows. Manage multiple conversations with rapid call handling, IM, and on-screen routing capabilities.
From an administrative perspective, you can deploy Lync 2010 Attendant within your organization by using any method that supports a Microsoft Windows Installer package (.msi file). Additionally, you can control key features and settings by using installation scripts or AD DS Group Policies.
4-17
Lesson 3
Preparing for Device Deployment
In Lync Server 2010, a device may refer to any unified communication (UC) device, including headsets and webcams, but the device that is discussed in this lesson is the IP phone because it is a managed device. Phones running Microsoft Lync 2010 Phone Edition allow users to interact with the Lync Server 2010 communication and collaboration features. This lesson covers the planning requirements for deploying Lync Server 2010 IP phones and the configuration steps that you must perform to enable their use.
Objectives
After completing this lesson, you will be able to: Describe the supported IP phones. Plan for device deployment. Configure DNS and Dynamic Host Configuration Protocol (DHCP).
4-18
Supported IP Phones
Lync Server 2010 supports three types of IP phones:

Desk phones.These phones are designed to be used by employees at their desk. Desk phones are also known as information worker or knowledge worker phones. Common area phones.These phones are designed to be used in shared areas,such as lobbies, kitchens, factory floors, and shared workspaces, and can be customized to provide different sets of Lync Server2010 features. Conferencing phones.These phones are designed to be used in meeting rooms.
Desk Phones
Lync Server 2010 provides options for both IP desk phones and Universal Serial Bus (USB) phones. IP phones provide a broader set of UC features and do not need to be connected to a computer that is running Lync 2010 to provide communication and collaboration features. USB phones require this connection as they are simply an extension of a local Lync 2010 client. IP phones will not allow users to log on unless the users are configured for Enterprise Voice. USB phones allow all users to log on regardless of their configuration. USB phones work for Lync 2010 calls by using the Internet, without requiring Enterprise Voice or a connection to the public switched telephone network (PSTN). In addition to the previously supported devices, Lync Server 2010 introduces support for the following IP desk phones: Aastra 6725ip (new) Polycom CX500 (new) Polycom CX600 (new) Polycom CX700 (OCS 2007 R2 device (with upgrade)) LG/Nortel 8540 (OCS 2007 R2 device (with upgrade))
Lync Server 2010also introduces support the following USB desk phones:
4-19
Polycom CX100 Polycom CX200 Polycom CX300 (new) Plantronics Calisto 420 Plantronics Calisto 540
Common Area Phones

The supported common area phones are: Aastra 6721ip (new) Polycom CX500 (new)
Because all of the common area phones are IP phones, they do not need to be connected to a computer to provide Lync Server 2010 UC functionality.
What Is a Hot-Desk Phone?

A hot-desk phone is a common area phone that allows users to log on to their own user accounts. The features, policies, and settings associated with their user account will apply for as long as the user is logged on. When the user logs out, the phone provides basic common area phone usage.
Conferencing Devices
Conference room devices transmit high-quality audio, and those with video capabilities track the person who is currently speaking. The supported conferencing devices are: Polycom CX5000 (audio/video) Polycom CX3000 (audio)
4-20
Planning for Device Deployment
When planning IP phone deployment, you need to be aware that there are a number of prerequisite conditions that your Lync Server2010 system infrastructure must meet. Before you can enable these devices to connect to Lync 2010, you must perform the following tasks: Verify Web Services.Verify that Web Services is running on your Front End Servers, and install the Device Update service. Enable Enterprise Voice.Ensure that each device user is enabled for Enterprise Voice. To do so, you must have deployed a Mediation server and configured a trunk for telephony. Set up dial plans, voice policies, and routes.Set up dial plans, voice policies, and outbound call routes for IP phone users. Associate phones with contact objects.Associate all common area phones with an Active Directory Domain Services contact object. Enable a PIN policy.Enable PIN authentication on Lync Server 2010 and ensure that an appropriate PIN policy is in place.
Best Practices
For optimal audio quality, you need to: Separate Voice over Internet Protocol (VoIP) traffic from other network traffic by configuring the virtual local area network (VLAN) to which the devices connect to provide only VoIP connectivity. Advise users to attach their USB device to a wired network, instead of a wireless network. (IP phones are required to do this.) Deploy Direct Access, instead of Remote Access, to remote users who are using USB phones.
For more information on configuring Enterprise Voice, see Module 6, Configuring Basic Enterprise Voice and Module 7, Extending Enterprise Voice Functionality.
4-21
Configuring DNS and DHCP
To provide IP phone connectivity, you must create and publish certain Domain Name System (DNS) records, and specify certain configuration options for Dynamic Host Configuration Protocol (DHCP) servers.
DNS
In addition to the DNS records required for auto-configuration, the following table describes the records that you must create and publish to a DNS service within the corporate network, if you are deploying IP phones.
4-22
Type
Value
Note The new Lync Server 2010 DNS load balancing feature requires you to specify the server FQDN and the pool FQDN, using the same IP address, for each server in the pool, and to create A records for all pools that contain an Enhanced Registrar. If you are using hardware load balancing, just specify A records for each pool that contains an Enhanced Registrar. This allows external devices to connect by using SIP over TLS to the Enhanced Registrar internally. Specifies the two SIP FQDNs for internal routing, one for communications over TCP and one for TCP communications secured by TLS. Specifies the Web Services portion of the Device Update services URL. The device appends :443/RequestHandler/ucdevice.upx. Make sure that the HLB translates external requests to use :443/RequestHandler/ucdevice.upx. (The external port is 443.)
FQDNs for the pool(s) hosting the Enhanced Registrars
SRV
_sipinternal._tcp.<SIP domain>
ucupdates-r2.<SIP domain>
Note: If the pool is already deployed, this information can be referenced from the Lync Server Control Panel Topology tab by selecting the Edge server properties.
DHCP
DHCP provides an automated way to distribute and update IP addresses and other configuration information on a network. For connectivity, IP phones require the Web Services URL and Enhanced Registrar FQDN from the DHCP server. You can configure this in your corporate DHCP server, or you can use the DHCP server provided with the Lync Registrar. The Lync Server 2010 DHCP server does not lease addresses, and can be used safely in conjunction with any other DCHP server. You can enable the Lync Server 2010 DHCP server by using the following Lync Server Management Shell command.
set-CsRegistrarConfiguration EnableDHCPServer $true
You must ensure that broadcast packets from devices can reach the DHCP server(s) by configuring DHCP relay agents to forward DHCP packets to the Lync Server 2010 DHCP servers. To enable IP Phones to discover and connect to Lync Server 2010, you must ensure that the following options are set on the organizations DHCP servers. Option Value CS Pool Certificate Provisioning Service URL FQDN for theca Pool Registrar Note Specify the internal URL in the form of https://lyncWebPoolFQDN:443/CertProv/CertProvision-ingService.svc (Note: This is an example only.) Specify the FQDN of the pool that will be the first logon server for the device. Typically this is a Director pool. If you do not deploy a Director pool, this is the Front End pool FQDN. The pool FQDN suffix must match the users SIP URI.
43
120
4-23
43
VLAN ID
We recommend that youuse a VLAN. However, if you decide not to use a VLAN for unified communications, or if you use Link Layer Discovery Protocol(LLDP)-enabled switches in the enterprise to provide VLAN IDs, do not set this option. Note that option 43 is not an independent option. Depending on the Vendor Class ID for which it is configured, the option may have different values. The client identifies the vendor for which it wants the information as option 60 in the DHCP request.
4-24
Lesson 4
Deploying and Managing IP Phones
This lesson covers the recommended process for deploying and managing IP phones. We recommend that you deploy only qualified UC devices that display the Optimized for Microsoft Lync word mark. For a list of recommended devices, see Phones and Devices Optimized for Microsoft Lync at http://go.microsoft.com/fwlink/?linkid=186185.
Objectives
After completing this lesson, you will be able to: Provision users. Configure common area phones. Verify call functionality. Perform device updates.
4-25
Provisioning Users
Before an IP phone can connect to Lync Server 2010, an authentication PIN for the user must be configured on the device. The PIN can be configured by the user on the Dial-In Conferencing page, or you can set the PIN from the Lync Server Control Panel, or by running the following cmdlet in the Lync Server Management Shell.
Set -CSClientPIN
This allows the phone to discover Lync Server 2010, connect, and then authenticate by using the PIN. After authentication, a Lync Server 2010 signed certificate is downloaded to the phone. The certificate is then cached and used for subsequent authentication.
4-26
Configuring Common Area Phones
Before you deploy common area phones, you must set up a common area account and optionally configure policies to designate call control behavior. For example, you might want to allow call transfers from a common area phone in a conference room but not from a common area phone in a lobby. You can also set up phones to block external usage and compromised accounts and configure hot-desk phones. A hot-desk phone is one to which a user can log on to Lync Server2010 and their specific user profile settings will apply. To configure common area phones, you must perform the following: 1. Create a new contact object for each common area phone. If an AD DS object already exists, ensure that this object is not SIP-enabled. If the object is SIP-enabled, you must remove the Lync Server2010 attributes by running the following cmdlet.
Disable-csUser
You can then configure the phone by running the following cmdlet.
New-csCommonAreaPhone
2.
Create required policies for common area phones.Creating specific policies for common area phones is optional. However, you might want to create policies for lobby phones that have more restrictive policies than meeting-room phones. The types of policies that you can create include client, voice, conferencing, and PIN policies.
4-27
Policy DeviceType (AD) ClientPolicy
Setting Urn:device:commonareaphone EnableHotdesking HotdeskingTimeout EnableCallTransfer EnableCallPark AllowCallForwarding AllowIPAudio EnableOutsideAccess
Use
Enables user to log on to common area device. Specifies timeout value. Enables UI for call transfer. Enables UI for call park. Enables UI for call forwarding. Enables UI for conference escalation. Enables external access.
VoicePolicy MeetingPolicy ExternalAccessPolicy
Improved Manageability of Common Area Phones

Lync Server 2010introduces several enhancements to existing manageability features, and several new features that improve the administrative experience for configuring and managing common area phones.
Enhancements
Usage information is all captured in the call detail record (CDR) database. Call quality information is captured in the Quality of Experience (QoE) database. Update server is used to update devices.
New Features
Certification authority (CA) discovery is configured in DHCP. A contact object is used to configure a common area account. Device inventory is easily managed by creating a device inventory report.
4-28
Verifying Call Functionality
The primary tools for managing and monitoring IP phones are the Lync Server Control Panel, the Lync Server Management Shell, and the Device Update service. The following table lists the tools and the functionality that they can provide to you for verifying call functionality and quality of service (QoS). Tool/service Purpose Useful when setting up dial plans, voice policies, calls routes, device logs, and PINs, as well as starting Web Services and managing Device Updates. Useful when setting up contact objects and policies for devices and for troubleshooting. Useful when provisioning, monitoring, and troubleshooting. Useful when deploying new devices and for downloading, testing, and deploying updates. You can also roll back to previously installed software versions. Useful when monitoring and troubleshooting issues on IP phones. This tool allows you to create reports. Location
Lync Server Management Shell Device logs
Lync Server 2010 Management Shell Update Server Web Services and then browse to the correct folder.
Device Update service
Accessible through the Lync Server Control Panel or Windows PowerShell.
IP Phone Inventory Report tool
Monitoring Server Reports
4-29
Power-on self-test (POST)
Useful when monitoring and troubleshooting issues on the phone. The tool allows you to test the health of the DDR2 RAM. Useful when monitoring and troubleshooting issues related to user activity and media quality. There is a QoE report for user activity that searches for CDRs based on user alias, and another report for media quality that searches individual detail records for signal values captured from the users device microphone or speaker. Useful when troubleshooting issues on the new IP phones. Hard Reset allowsusers to delete all user-created data (such as device logs, registry settings, and credentials). The Factory Reset allowsusers to revert the device back to the last working software version, in the event that the phone is updated to a version that is causing issues.
On the device. (While the device is starting up, press * + 7 to start POST. If the test fails, the preboot code returns an error message and the startup process ends.)
Reset (Hard, Factory)
On the device. (While the device starts up, press # + 4 + BACKSPACE to start the reset.)
4-30
Performing Device Updates
Lync Server 2010 includes the Device Update service, which is accessible through the Lync Server Control Panel. Device Update allows you to upload your previously downloaded updates from Microsoft, test them, and then deploy the updates to the IP phones in your organization. You can also use Device Update to roll back devices to previous software versions. The log files and audit information stored in the Device Updates folder are useful for inventorying the devices in your organizations and verifying information about them, such as the current firmware version. You should check for device updates at least every three months. When you download updates (.cab files) from the Microsoft Help and Support website, you must upload them to the Device Update service by using the Lync Server Management Shell. You will have a chance to perform these steps during the lab for this module.
Device Updates Filestore

The Device Updates filestore is the central repository for all update information, logs, and audit information, and provides the installation point for devices that require updates. The Device Update filestore is a folder that is installed as part of the Web Services role on the Front End server. In Lync Server 2010 Standard Edition, the filestore is automatically created by the installer in the Web Services folder, under the installation folder. The default path is: %Program Files%\Microsoft Lync Server\Web Services\Device Update Files. In Lync Server 2010 Enterprise Edition, prior to installation, you must create a shared folder to contain both client and device update files. You must then specify the location of this folder when running the Create Front End Pool wizard during deployment. Important:We recommend that you create a quota on the Device Update log file store by using the File Server Resource Manager. A quota helps ensure that the number of log files does not exceed the available storage, which could cause problems for the Web Services role. We recommend that you set a filestore quota whether or not you are using the Device Update service.
4-31
For more information on setting up a quota by using the File Server Resource manager, see File Server Resource Manager Step-by-Step Guide for Windows Server 2008 at http://go.microsoft.com/fwlink/?LinkId=201142.
4-32
Lab: Client and Device Management
Scenario
With users configured for Lync Server 2010, you have been tasked with deploying devices and clients. The management and security team in Fabrikam Inc. have developed client and device requirements that match company policies. You will create and assign client and device policies at the global, site, and user levels by using the available Lync Server 2010 tools to enforce the defined company policies with granular control.

This lab requires the virtual machines running from the previous lab and depends on the completion of Labs2 and 3.The virtual machines are configured to automatically logon as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machine: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd
In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing. In the Virtual Machines list,if the virtual machine 10533A-MIA-SQL1.1 is not started: a. Right-click 10533A-MIA-SQL1.1 and click Start.
4-33
b. 5.
Right-click 10533A-MIA-SQL1.1 and click Connect.
In the Virtual Machines list, if the virtual machine 10533A-MIA-LS1.1 is not started: a. b. Right-click 10533A-MIA-LS1.1 and click Start. Right-click 10533A-MIA-LS1.1 and click Connect.
6.
In the Virtual Machines list, if the virtual machine 10533A-MIA-CL1.1 is not started: a. b. Right-click 10533A-MIA-CL1.1 and click Start. Right-click 10533A-MIA-CL1.1 and click Connect.
7. 8. 9.
10. Click the Local Resources tab, and then under Remoteaudio, click Settings. 11. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 12. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 13. Click the General tab. 14. Under Logon settings, in the Computerbox, type mia-cl1.fabrikam.com. 15. In the User namebox, type Fabrikam\Andreas, and then click Connect. 16. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Connect. 17. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 18. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Tip: The longer commands in this lab are already typed up in PS1 files located in C:\LabFiles on MIALS1.Not all commands are included.
4-34
Exercise 1: Creating and Assigning Client Policies

Scenario
In this exercise, you will use Windows PowerShell to create client policies. You will then use the Lync Server Control Panel to assign these policies to selected users. The main tasks for this exercise are as follows: 1. 2. Create client policies by using a PowerShell script. Verify client policy application to users.
Important: On all virtual machines, verify whether all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server, and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Create client policies by using a PowerShell script.

1. 2. Sign out of Lync on the host and MIA-CL1. On MIA-LS1, use the Lync Server Management Shell to create a Global client policy with the following features. Step Scope AttendantSafeTransfer BlockConversationFromFederatedContacts DisableEmoticons EnableHotDesking HotDeskingTimeout Value Global True True True True 00:00:30 Warning: All communications within Fabrikam may be logged and viewed at any time and for any reason. Use of the Fabrikam Instant Messaging service is a privilege. Abuse of the system may result in loss of said privilege.
IMWarning
3.
Use the Lync Server Management Shell to create and edit a Miami Site client policy with the following features. Step Scope Description EnableClientMusicOnHold Value Miami Miami Default Client Policy True
4-35
Step EnableFullScreenVideo EnableVOIPCallDefault EnableExchangeContactSync
Value True True True Warning: All communications within Fabrikam may be logged and viewed at any time and for any reason. Use of the Fabrikam Instant Messaging service is a privilege. Abuse of the system may result in loss of said privilege.
IMWarning
4.
Use the Lync Server Management Shell to create and edit an Executive User client policy with the following features. Step Scope Description EnableAppearOffline EnableClientMusicOnHold EnableFullScreenVideo EnableVOIPCallDefault EnableExchangeContactSync Value Tag:Executive Fabrikam Executive Client Policy True True True True True
5.
Use the Lync Server Management Shell to verify that the policies were created, and then review the settings.
Note: This command is not included in the ps1 file. 6. Use the Lync Server Management Shell to apply the Executive User policy to the members of the Executives OU.
Task 2: Verify client policy application to users.

1. 2. 3. In the Lync Server Control Panel, in Users, verify that the Executives client policy was applied to Marcel. Log onto Lync 2010 as Marcel on MIA-CL1, and as Conor on the host. Verify client policy application to Marcel (Executive) and Conor (Site).
Results: After completing this exercise, you should be able to describe how to create client policies in Lync 2010, how to apply them, and then see the effects of the client policies.
4-36
Exercise 2: Creating and Assigning Device Policies

Scenario
In this exercise, you will use the Lync Server Management Shell to edit theglobal and create site device polices. The device policies include PIN and logging requirements, and application of the policies will be simulated. You will also configure the settings for a common area phone. The main tasks for this exercise are as follows: 1. 2. Create and edit device policies by using a PowerShell script. Verify device policy creation.
Task 1: Create and edit device policies by using a PowerShell script.

1. On MIA-LS1, use the Lync Server Management Shell to create and edit a Miami Site Device Update Configuration with the following features. Step Scope LogCleanUpInterval 2. Value Site: Miami 7.00:00:00
Use the Lync Server Management Shell to edit the Global Phone Configuration with the following features. Step Scope EnforcePhoneLock CalendarPollInterval PhoneLockTimeout MinPhonePinLength LoggingLevel Value Global True 00:30:00 00:05:00 8 Off
3.
Use the Lync Server Management Shell to create and edit a Miami Site Phone Configuration with the following features. Step Scope EnforcePhoneLock CalendarPollInterval PhoneLockTimeout MinPhonePinLength LoggingLevel Value Site:Miami True 00:03:00 01:00:00 8 Low
4-37
4.
Use the Lync Server Management Shell to create and configure a Common Area Phone with the following features. Step LineUri SipAddress Description DisplayName DisplayNumber OU RegistrarPool Value Tel:+14255551000 Sip:MiamiLobby@Fabrikam.com Lobby Phone in Miami Miami Lobby Phone (425) 555-1000 cn=Users,dc=Fabrikam,dc=com Pool.fabrikam.com
Task 2: Verify device policy creation.

1. 2. In the Lync Server Control Panel, in Clients, verify the creation of device configuration policies and the editing done to the Global device configuration policies and Device Log configuration policies. In the Lync Server Management Shell, verify the creation of the common area phone and review the settings.
Note: This command is not included in the ps1 file. Results: After completing this exercise, you should have created device policies and edited the Global policies by using a PowerShell script. This script also configured a new common area phone.
4-38
Exercise 3: Configuring a Device Update

Scenario
In this exercise, you will use the Lync Server Management Shell to import a Device Update .cab file. After the file has been imported, you will create a Test Device policy prior to approving the update. The main tasks for this exercise are as follows: 1. 2. 3. Import a Device Update .cab file. Create a Test Device policy. Approve the device updates.
Task 1: Import a Device Update .cab file.

1. 2. 3. Execute UCUpdates.exe from C:\LabFiles and extract the file to C:\. Use the Lync Server Management Shell to import the new Device Update files. Use the Lync Server Control Panel to verify that the .cab file was successfully loaded.
Task 2: Create a Test Device policy.

1. 2. Use the Lync Server Control Panel to create a new Site test device and test the uploaded .cab file. Use the following information to create the Site test device. Wizard step Site Device Name Identifier Type Unique identifier Value Miami Test Tanjay Serial Number 1111111111 (this is ten ones)
Task 3: Approve the device updates.

1. Use the Lync Server Control Panel to approve all of the device updates. Results: After completing this exercise, you should have learned how to install a new device update file, how to load it into Lync Server, how to test it on a specific device, and how to approve it for all devices.
Important: After this lab, we recommend that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, rightclick, and then click Snapshot.
4-39
Review Questions
1. 2. What are the two methods of applying client policies in Lync 2010? Name three or more supported clients for Lync Server 2010. What infrastructure requirements must be in place for hot-desk phones to be able to sign in?
3.
Common Issues Related to the Device Connection Process

Identify the causes for the following common issues related to a particular technology area in the module and fill in the troubleshooting tips. For answers, refer to relevant lessons in the module. Issue Clients must be manually configured to sign in Devices are not updating automatically Users cannot sign in to an IP phone; Address book downloads are saturating the network Troubleshooting tip Ensure that the appropriate SRV and A records have been created for each Lync Server 2010 pool. Ensure that an A record for uc-updates-r2.<sip domain> has been created in DNS, reboot the device and refrain from using the device for 10 minutes after signing in. Ensure that the user has configured their PIN. Ensure that group policy and IIS are configured to enable BITS and throttle connections.

1. 2. Contoso, Ltdhas a group of roaming salespeople whose calls should never be denied by Call Admission Control (CAC). What type of scope should be applied to the voice policy? Several users at Fabrikam use Macintosh OS X. What devices are these users able to use?
4-40
3.
The administrator for Wingtip Toys is attempting to provide additional security for IM and is trying to prevent links from being clickable. The policy should target a branch site that has agreed to pilot the changes. What type of policy should you create, and what scope should it be given?
Best Practices for Supporting Users Running Applications on Windows XP

There are very occasional breaking changes that make upgrading older devices a multi-step process. Consider the following best practices: Update devices as soon as possible. Target a receptive pilot group for policy changes. The pilot group should exercise a broad range of functionality for best results. Plan for user training when deploying new clients and devices. Although Lync 2010 is extremely user friendly, sharing a couple of tips will facilitate adoption.
Tools
Tool NSLookup Use for Used to verify SRV and A record resolution. Helpful for troubleshooting address book download and device update problems. Where to find it This is a built-in Microsoft Windows tool accessible from the command prompt. This tool is part of the IIS Microsoft Management Console (MMC) accessible from the command prompt.
IIS logs
5-1
Module 5
Contents:
Lesson 1: Edge Server Role Lesson 2: Topologies for External User Access Lesson 3: Preparing for External User Access Lesson 4: Edge Server Deployment Process Lab: Deploying External User Access 5-3 5-7 5-11 5-22 5-30
5-2
Module Overview
This module enables you to identify the components required to support external user access in your Microsoft Lync Server 2010 deployment. External users may include your employees who are working remotely, and individuals who are external to your company, such as business partners with whom you participate in web conferences. You will learn about the features and functionality of the Edge server that support user communication and collaboration with external users, and internal user access to public instant messaging (IM) services. Note that Edge server support for Enterprise Voice is covered in other modules. The lessons in this module cover the roles for the Edge server and related components that may be required in order to meet the needs of your external user access and service level agreements (SLAs). It identifies requirements that will influence topology selection during the planning process. You will also learn how to configure network routing for the Edge server, obtain and install certificates, and create and modify Access Edge policies for federated, remote, and public scenarios.
Objectives
After completing this module, you will be able to: Define the Edge server role. Consider topologies for external user access. Prepare for external user access. Deploy Edge server.
5-3
Lesson 1
Edge Server Role
The Edge server enables your internal users to communicate and collaborate with external users who are outside of your organizations firewalls, and also provides functionality for internal users to access the system from outside the corporate firewall. The Edge server also supports connectivity for your internal users to public IM services including Microsoft Windows Live, AOL, and Yahoo!. The Edge server controls traffic across the firewall so that external users can access services that you choose to make available to them in your Lync Server 2010 deployment. The Edge server does not provide any other access to your internal network. The Edge server is typically deployed between your internal network and the public Internet in a perimeter network. The Edge server may be a single server or can be deployed as a load-balanced Edge pool. In this lesson, you will review the roles and services of the Edge server and perimeter network required for deployment. The types of external users are defined, and the services they can access in your internal Lync Server 2010 deployment are identified.
Objectives
After completing this lesson, you will be able to: Define external user types. Discuss the components of external communication and identify the types of access that the Edge server role supports.
5-4
Defining External User Types
The term external user refers to a user who accesses services in your Lync Server 2010 deployment from outside the firewall. External users can be your own users working offsite, users at federated partner organizations, and other external users you invite to join a conference or meeting hosted in your Lync Server 2010 infrastructure.
External User Types and the Services Available to Them

Lync Server 2010 provides services to the following types of external users: Remote users. These are your organizations own users, such as business travelers and telecommuters, when they are working outside your firewalls and are using their laptops with Lync 2010 client software or other Lync Server 2010 supported devices. Remote users have virtually all the same capabilities when working remotely that they have when working inside the company firewall. Federated users. Users from a trusted federated organization can be authorized for remote access with one of two service options chosen during deployment: IM and presence only IM and presence, web conferencing, and audio/video (A/V) conferencing You can provide federated users with access to features of Lync Server 2010, except for the address book. Anonymous users. Anonymous users have no user account in your organization or federated organizations. By invitation, such users may participate in IM, web conferences, and audio conferences hosted on your internal deployment. Public IM users. Public IM users can be authorized for one of two service options chosen during deployment: IM and presence only (limited to peer-to-peer IM and presence viewing)
5-5
IM and presence, web conferencing, and A/V conferencing (peer-to-peer IM conferencing, viewing presence, participation in A/V conferencing by using the latest Windows Live Messenger client, which is currently in Beta IIRC) Public IM users are unable to participate in file transfer or application sharing. The availability of other features to public IM users depends on their public IM service provider.
5-6
Components of External Communication
The Edge server controls traffic across the firewall and is the primary component controlling external communication. Authorized external users access the Edge server to connect to your internal Lync Server 2010 deployment, but the Edge server does not provide any other access to the internal network. The Edge server runs the following services: Access Edge service. The Access Edge service provides a single, trusted connection point for both outbound and inbound Session Initiation Protocol (SIP) traffic. Web Conferencing Edge service. The Web Conferencing Edge service enables external users to join meetings that are hosted on your internal Lync Server 2010 communications software deployment. A/V Edge service. The A/V Edge service makes audio, video, application sharing, and file transfer available to external users. Your users can add audio and video to meetings that include external participants, and they can share audio and video directly with an external user in point-to-point sessions. The A/V Edge service also provides support for desktop sharing and file transfer.
5-7
Lesson 2
Topologies for External User Access
Lync Server 2010 supports three topology options for external user access. Your choice of topology to best support external access to your Lync Server 2010 deployment is dependent on your capacity and service-level requirements for the services you want to make available. It is also highly influenced by your current internal and external network infrastructure. The primary requirements driving your topology selection are high availability and load balancing. High availability requirements for your external user access require a load-balancing option in your Edge server perimeter deployment. This is not to be confused with other Front End server load-balancing you have in your internal topology. Compatibility of your Lync Server 2010 deployment with federated partners and with other external web services offered by your enterprise also influences your load-balancing alternative.
Objectives
After completing this lesson, you will be able to define and recommend the appropriate Edge topology option for your organization for: Single consolidated Edge using network address translation (NAT) or public Internet Protocols (IPs). Scaled consolidated Edge using NAT and DNS load balancing. Scaled consolidated Edge using public IP and hardware load balancing.
5-8
Single Consolidated Edge
The Single Consolidated Edge topology is the simplest of the three options and may be appropriate for smaller deployments that do not have a high availability requirement. Characteristics of the Single Consolidated Edge topology include: No high availability of the Edge topology. This is independent of the high availability configured for your internal Lync Server 2010 services. Can support NAT on external Edge server interface. All three external Edge services would have to use NAT. May be deployed as a single consolidated Edge using public IPs.
5-9
Scaled Consolidated Edge Using DNS Load Balancing
The Scaled Consolidated Edge topology with DNS load balancing may be appropriate for some deployments that need high availability for Edge services. Characteristics of the scaled consolidated Edge topology using DNS load balancing include: High availability of the Edge topology is provided for external users that support DNS load balancing. No additional hardware is required. NAT for external Edge server interfaces is required for DNS load balancing. All three external Edge services must use NAT. A single public certificate can be applied to Edge interfaces and services. High availability is not supported with: External access to Microsoft Exchange Server 2007 or Exchange Server 2010 Unified Messaging (UM). (High availability is supported with Exchange Server 2010 SP1 UM.) Federated partners running Microsoft Office Communications Server 2007 or Microsoft Office Communications Server 2007 R2 High availability for public IM connectivity (PIC) or multi-server reverse proxy
5-10
Scaled Consolidated Edge Using Hardware Load Balancing
The Scaled Consolidated Edge topology using hardware load balancing is the most robust Edge server deployment for high-availability requirements. It can provide high-availability failover and load-balancing options for the broadest range of external and internal services. It avoids compatibility and environmentmanagement concerns for federated partners or other services your enterprise has deployed on the Internet. Characteristics of the scaled consolidated Edge topology using hardware load balancing include: High availability and load balancing of the Edge topology for external users Supports use of publicly routable IP addresses on external interfaces of Edge servers required for some high-availability requirements Supports high availability for multiple-server reverse proxy Supports high availability requirements for federated and PIC users
Compatible with: External access to Exchange Server 2007/Exchange Server 2010 UM Federated partners running Office Communications Server 2007 or Office Communications Server 2007 R2
Additional load-balancing hardware is required in the perimeter network Cannot support NAT on external Edge server interface
5-11
Lesson 3
Preparing for External User Access
This lesson focuses on the data you need to collect when preparing for external user access to your Lync Server 2010 communication system. In this lesson, you will consider your firewall, DNS, reverse proxy, and certificate requirements, and their dependencies for an Edge server deployment. As your organization prepares for external user access, you may be responsible for gathering data and planning for the different requirements for external user access. Alternatively, you may be given that information by someone else in your organization to enable you to implement external user access to your Lync Server 2010 communication system. In either case, it is important to have an understanding of the preparation activities that should be completed for a successful Edge server deployment.
Objectives
After completing this lesson, you will be able to: Gather required data. Prepare for DNS requirements. Prepare for firewall requirements. Prepare for reverse proxy requirements. Prepare for Director server requirements.
5-12
Gathering Data
The Lync Server 2010 Planning Tool has greatly simplified the planning and deployment of Edge server topology. The primary decision points for your topology selection are your requirements for high availability, performance, and backward compatibility with existing web services and federated partners. These requirements can also influence load-balancing requirements. Now you can use one of the recommended Edge Topology Data Collection Templates as a reference for your target deployment to help you gather and document the data needed for your Edge access services, including: Identifying external users and service requirements External user types Services and feature sets to be offered Federation requirements Downward compatibility requirements
Identifying high availability and load-balancing requirements Documenting IP addresses and IP fully qualified domain names (FQDNs) Internal and external IP addresses and FQDNs.
Identifying both legacy and new requirements such as coexistence, simple URLs for web services, and load balancing
Selecting an Edge Topology

Based on your requirements, you can use the Planning Tool to select one of the following Edge server topologies: Single Consolidated Edge Scaled Consolidated Edge Using DNS Load Balancing
5-13
Scaled Consolidated Edge Using Hardware Load Balancing
A summary of the topology options is as follows: Failover for: High availability NAT Additional public IP required UM (remote user) PIC and Federation with older versions of Office Communications Server No No
Single Edge Scaled Edge (DNS LB)
No Yes
Yes Yes
No Yes
Scaled Edge Yes (Hardware LB)
No
Yes
Yes
5-14
Preparing for DNS Requirements
Whether you or someone else in your organization is responsible for the preparation tasks for external user access, there are specific factors you need to consider when preparing for Domain Name System (DNS).
Internal DNS
All Lync Server 2010 servers and clients running Lync 2010 in the corporate network point to the internal DNS servers for resolving DNS queries for your internal DNS zone. The internal DNS will contain: DNS A records for the internal interfaces of each Edge server in the perimeter network. DNS A records for the internal interface of each reverse proxy server in the perimeter network, if needed.
External DNS
External user clients and federated partners using the Internet to access your enterprise use external DNS to resolve DNS queries for external domain names and services that you choose to make visible through your Edge deployment. The external DNS contains: DNS A and Service Location (SRV) records for auto configuration of the Edge external interface of each Lync Server 2010 service that is available through the perimeter Edge network DNS A records for each externally visible simple URL DNS A records for the reverse proxy external interface of each reverse proxy server in the perimeter network
DNS for Automatic Configuration of External Clients

When automatic configuration for external client access or the PIC is used, specific DNS SRV records are required. These records act in the same way that a mail exchanger (MX) record provides the name of the correct mail Simple Mail Transfer Protocol (SMTP) server; for example:
5-15
_sipexternaltls._tcp.fabrikam.com, 443, sip.fabrikam.com _sip._tls.fabrikam.com, 443, sip.fabrikam.com _sipfederationtls._tcp.fabrikam.com, 5061, sip.fabrikam.com
Split Brain DNS

In the context of this lesson, Split Brain DNS refers to the ability and requirement for your external DNS and internal DNS servers to resolve DNS queries for the same host name to different host IP addresses and services. For example, sip.fabrikam.com will resolve to 10.5.5.5 internally, and sip.fabrikam.com will resolve to 169.254.15.182 externally. Your external DNS directs requests by external users and partners through to your Lync Server Access Edge. Your internal DNS directs requests from internal users and Lync Server 2010 hosts through the Edge server when communicating with external users and partners.
DNS Load Balancing

DNS load balancing is essentially pointing more than one DNS A record to the same IP address. You may find it helpful to use the following flow chart for determining your DNS requirements. Use the following chart to help you determine your DNS requirements.
5-16
5-17
Preparing for Firewall Requirements
The recommended Edge server topology uses both external and internal firewalls to isolate your Edge server perimeter network topology. You can refer to the following flow chart for identifying and planning your firewall and 50,000-59,999 port ranges in your target deployment.
5-18
Typically, another group in an enterprise organization manages and configures firewalls. If this is the case, you should share this information with that group as early in your planning process as possible. Note: Best practice for Lync Server 2010 is to open the 50,000-59,999 port range outbound for Remote Desktop Protocol (RDP)/Transmission Control Protocol (TCP) for the A/V Edge external interface, if corporate policy allows. For more information on firewall ports, protocols, and IPsec exceptions for Lync Server 2010 servers and clients, see the Lync Server 2010 Help file topic, A/V Edge Service Port Range Requirements.
5-19
Preparing for Reverse Proxy Requirements
Use of a reverse proxy in your Edge server deployment is recommended if you must support federation, but it is required if you want to support sign-in of remote users. It is recommended that the reverse proxy support is located within your Edge server perimeter network. You can implement reverse proxy support on an existing reverse proxy server that supports other applications. You can deploy multiple reverse proxy servers for high availability and load balancing by using hardware load balancing. Some of the features that require use of reverse proxy for your external user deployment include: Enabling external users to download meeting content Enabling external users to expand distribution groups Enabling remote users to download files from the Address Book Accessing the dial-in web page Accessing the Location Information Service (LIS) Enabling external connections to the Device Update service Use of simple URLs for external users Enabling the use of a Director server for external user traffic Isolating Denial of Service (DoS) attacks at the Director protecting internal Lync Server 2010 servers Hardware load balancing in an Edge network topology
Reverse Proxy Certificate Requirements

Each reverse proxy server requires a web server certificate for use by the listening service. The web server certificate must be issued by a public certification authority (CA). Lync Server 2010 requires you to publish the following certificates for reverse proxy.
5-20
Role/subject name
Used to publish Address Book files Distribution list expansion Online meeting content Phone Edition upgrade files AdminFQDN is not published externally Dial-in conferencing information Online Meeting URL
Subject name syntax (examples) ocsrp.fabrikam.com Note: ExternalWebFarmFQDN = the ReverseProxyExternalFQDN
externalWebFarmFQDN
Simple URL / AdminFQDN Simple URL / DialinFQDN Simple URL / MeetFQDN
N/A dialin.fabrikam.com meet.fabrikam.com
Note: The externalWebFarmFQDN value is used for Lync Server 2010 users. In coexistence scenarios, it is likely that there will already be an externalWebFarmFQDN value for existing Office Communications Server 2007 R2 or Office Communications Server 2007 users. In that scenario, make a new one dedicated to Lync Server 2010.
For DialinFQDN, MeetFQDN, and AdminFQDN, this table assumes that you have chosen dedicated simple URLs for each role.
5-21
Considering Director Server
The Director is now a unique server role located on an internal server or server pool in your internal network. It can serve as an internal next hop for inbound SIP traffic flowing from the Edge server to the internal destination servers. This is an optional role, capable of providing the following benefits and functionality for external user access: Authenticates inbound requests. The Director role authenticates user requests and then refers them to their home pools, but does not home any user accounts. It provides SIP Registrar, SIP Proxy, and web services only. The Director authenticates inbound SIP requests and proxies the request, forwarding them to the users home pool or home server. May improve security and reliability. It is recommended that you deploy a Director for enhanced security, reliability, and performance. The Director helps insulate Enterprise pools from malicious traffic such as DoS attacks from the Internet. Invalid or malicious external traffic ends at the Director. Internal users should not see any effect on performance. May improve performance. If your deployment includes multiple Front End pools in a central site, a Director can reduce the authentication workload on one of the pools and thereby improve overall performance, providing a single pool for authentication regardless of the users home registrar server. Facilitates use of simple URLs. If you have not deployed a Director, you need to designate one internal Front End host pool to handle all requests that are using your simple URLs. (If this is not the users home pool, the service request will be redirected to the web services on the users home pool.)
5-22
Lesson 4
Edge Server Deployment Process
In this lesson, you will review the Edge server deployment process, the tools used for Edge server deployment, and deployment best practices. The lesson presents an overview of the steps involved in a typical deployment process to add external user access to an existing Lync Server 2010 deployment. Some of these deployment steps will be performed in subsequent lab exercises.
Objectives
After completing this lesson, you will be able to: Describe best practices for Edge server external user access. Identify Edge server certificate requirements. Prepare for an Edge server deployment. Deploy Edge servers.
5-23
Best Practices for External User Access
Use the following best practices to enhance Edge server performance and security and facilitate the deployment of your perimeter network and Edge servers: Deploy Edge servers only after you have tested and verified operation of your internal Lync Server 2010 deployment. Edge servers should be deployed in a workgroup rather than an internal domain. Active Directory Domain Services (AD DS) must be kept out of the perimeter network to avoid significant security risks. Deploy Edge servers in a firewall-protected perimeter edge network with external-facing and internal-facing firewalls. Test your Edge servers in a staging area or lab environment if possible, before you deploy them in your production environment. Run the Best Practices Analyzer tool. Deploy Edge servers in your production perimeter network only when you are satisfied that your deployment works correctly and meets your requirements. For security reasons, disable all services that are not essential to the Edge server. Run only programs that embody routing logic and that are written in Microsoft SIP Processing Language (MSPL) with the Microsoft Unified Communications Managed API (UCMA) 3.0. Enable monitoring and security auditing on the computers supporting your Edge services as early as possible. Use a computer that has two network adapters to provide physical separation of the internal and external network interfaces. The internal and external adapters should be on two different subnets. Deploy the Edge server between an internal firewall and an external firewall to ensure strict routing from one network edge to the other, as well as to protect your internal deployment behind two levels of firewall.
5-24
Deploy Director(s) in the internal network to relieve Front End pool servers from the overhead of performing authentication of external users and SIP redirection to the home pool of the user if there are multiple pools in your Lync Server 2010 deployment. The use of Director(s) will also help insulate home servers and Front End pools from external malicious traffic such as DOS attacks.
5-25
Edge Server Certificate Requirements
Public certificates are required to support external user access to your Edge server deployment. One or more public certificates may be needed, depending on your requirements. Certificate considerations and requirements include the following: A public certificate must be issued by an approved public CA that supports Subject Alternative Name. For details, see Microsoft Knowledge Base article 929395, Unified Communications Certificate Partners for Exchange Server and for Communications Server, at http://go.microsoft.com/fwlink/?LinkId=202834. Certificates for public Internet access to the external-facing Edge servers that are pooled must be created as exportable, with the same certificate used on each Edge server in the Edge pool. The Subject Name of the certificate is the access Edge external interface FQDN or hardware load balancer virtual IP (VIP) address (for example, access.fabrikam.com). The Subject Alternative Name list contains the FQDNs of the following: The access Edge external interface or hardware load balancer VIP (for example, access.fabrikam.com), repeating the Subject Name. The Web Conferencing Edge external interface or hardware load balancer VIP (for example, webcon.fabrikam.com). If using client auto-configuration, include any SIP domain FQDNs used within your company (for example, sip.fabrikam.com).
Multiple Certificates for Edge Services

Separate public certificates are sometimes used for each external-facing service and simple URL. Depending on your requirements, a separate public certificate could be required for each of the following: Web Conferencing external Edge service A/V Authentication service internal server interface
5-26
Access Edge external service Reverse proxy Each simple URL
For instance, you might have an access.fabrikam.com, avconf.fabrikam.com, webconf.fabrikam.com, and arp.fabrikam.com. However, separation of the simple URLs is not likely, as that would require a separate pool for each function (i.e., meet.fabrikam.com and pudialin.fabrikam.com).
Single Certificate for All External Edge Services

Lync Server 2010 now supports the use of a single public certificate for Access and Web Conferencing Edge external interfaces and the A/V Authentication Edge interface. For deployments that have a single pool, or where multiple pools share the same dial-in conferencing and meeting simple URLs, you can create a single publishing rule and corresponding certificate.
Internal Certificates
Internal certificates are required for the following internal interfaces in your Edge server deployment: Web Conferencing internal Edge service A/V Authentication service internal server edge Access Edge internal service Reverse proxy
Requesting Certificates
You can request, assign, and install a certificate using the Install Wizard when installing an Edge server. You can also request certificates before installation, but make sure that certificates are exportable and contain all the required storage area network (SAN) names. The enrollment process is not automated. If internal certificates are used for the internal Edge interfaces (as recommended), you must install the internal CA root certificate into each Edge servers local computer certificate store.
5-27
Preparing for Deployment
At this point you should have all the data collected that is required for your deployment. This includes documentation of your current environment and your production target environment as well as topology diagrams and data-gathering templates. You might also need to create topology diagrams and data-gathering templates for your test/lab environment that closely simulate your target production deployment. Carefully note any differences in the two environments to avoid introducing errors.
Deployment Prerequisites for External User Access

Before attempting to deploy your perimeter network and implement support for external users, you should have successfully deployed and tested your Lync Server 2010 internal servers, including an Enterprise pool or a Standard Edition server. If you plan to deploy Directors in your internal network deploy them prior to beginning deployment of your Edge servers.
5-28
Deployment Process
This topic provides an overview of the phases in the Edge server deployment process. At this point, it is assumed that you have performed all pre-deployment steps. The deployment steps identified here are for adding an Edge server into a new deployment of Lync Server 2010. Steps for migrating from prior versions of Office Communications Server are outside the scope of this course. Deploying Edge server is a three step process:
Set up Edge servers

1. 2. 3. 4. 5. 6. Install prerequisite software on computers where you plan to deploy the Edge server role. Transport the topology configuration file to each Edge server. Install the Lync Server 2010 software on each Edge server. Configure the Edge servers. Request and install certificates for each Edge server. Start the Edge server services.
Configure support for external user access

1. Use the Lync Server Control Panel to configure support for each of the following (as applicable): a) b) c) d) Remote user access Federation Public IM connectivity Anonymous users.
Configure user accounts for remote user access, federation, public IM connectivity, and anonymous user support (as applicable).
5-29
Verify your Edge configuration

1. 2. Verify server connectivity and replication of configuration data from internal servers. Verify that external users can connect, including remote users, users in federated domains, public IM users, and anonymous users, as appropriate to your deployment.
5-30
Lab: Deploying External User Access
Lab Scenario:
You are the Network Administrator for Fabrikam, Inc and have been tasked with installing the Lync Server 2010 Edge server into your existing infrastructure to provide remote access to external users for; web conferencing, A/V, audio conferencing, and presence. Your Edge deployment must also provide access to public IM services for your internal users. In this lab, you will: 1. 2. 3. 4. 5. Reconfigure the current Lync Server 2010 Lab topology to include an Edge server and related components using the Topology Builder. Export the Lync Server configuration to the Edge server. Deploy the Edge server role. Configure the External Access policy and Access Edge configuration. Test and Verify External User Access to the services offered. Important: We recommended that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.
5-31
Virtual Lab Environment topology diagram:
5-32

For Labs 5 through 15, a new set of virtual machines will be used and they are split between the two Hyper-V hosts in the pod. They include: 10533A-MIA-DC1.2 10533A-MIA-SQL1.2 10533A-MIA-ED1.2 10533A-ROM-LS2.2 10533A-ROM-CL3.2 10533A-INT-CL4.2 10533A-MIA-LS1.2 10533A-MIA-AM1.2 10533A-RED-SBS1.2 10533A-MIA-CL1.2 10533A-RED-CL2.2 10533A-MIA-RAS1.2
Before you start any virtual machines, verify that the set 1 virtual machines are completely shut down and off. For this lab, use the Hyper-V Manager to start and connect to the 10533A-MIA-DC1.2 virtual machine on Host1 and wait for it to completely start up. Next, start 10533A-MIA-RAS1.2 on the Host2 and wait for it to completely start up. When both of these machines have completely started, start the rest of the set 2 virtual machines on both Host1 and Host2. Host1: 10533A-MIA-SQL1.2 10533A-MIA-ED1.2 10533A-ROM-LS2.2 10533A-ROM-CL3.2 10533A-INT-CL4.2
Host2: 10533A-MIA-LS1.2 10533A-MIA-AM1.2 10533A-RED-SBS1.2 10533A-MIA-CL1.2 10533A-RED-CL2.2
The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd
5-33
ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
To begin this lab, you must connect to the appropriate virtual machines by using the following steps: 1. 2. 3. 4. 5. 6. 7. 8. 9. On Host1, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, right-click 10533A-MIA-DC1.2, and click Start. Right-click 10533A-MIA-DC1.2 and click Connect. In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing. On Host2, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, right-click 10533A-MIA-RAS1.2 and click Start. Right-click 10533A-MIA-RAS1.2 and click Connect. In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing. On Host1, in the Virtual Machines list, right-click 10533A-MIA-SQL1.2 and click Start.
10. Right-click 10533A-MIA-SQL1.2 and click Connect. 11. On Host1, in the Virtual Machines list, right-click 10533A-ROM-LS2.2 and click Start. 12. Right-click 10533A-ROM-LS2.2 and click Connect. 13. On Host1, in the Virtual Machines list, right-click 10533A-MIA-ED1.2 and click Start. 14. Right-click 10533A-MIA-ED1.2 and click Connect. 15. On Host1, in the Virtual Machines list, right-click 10533A-ROM-CL3.2 and click Start. 16. Right-click 10533A-ROM-CL3.2 and click Connect. 17. On Host1, in the Virtual Machines list, right-click 10533A-INT-CL4.2 and click Start. 18. Right-click 10533A-INT-CL4.2 and click Connect. 19. On Host2, in the Virtual Machines list, right-click 10533A-MIA-LS1.2 and click Start. 20. Right-click 10533A-MIA-LS1.2 and click Connect. 21. On Host2, in the Virtual Machines list, right-click 10533A-MIA-AM1.2 and click Start. 22. Right-click 10533A-MIA-AM1.2 and click Connect. 23. On Host2, in the Virtual Machines list, right-click 10533A-RED-SBS1.2 and click Start. 24. Right-click 10533A-RED-SBS1.2 and click Connect. 25. On Host2, in the Virtual Machines list, right-click 10533A-MIA-CL1.2 and click Start. 26. Right-click 10533A-MIA-CL1.2 and click Connect. 27. On Host2, in the Virtual Machines list, right-click 10533A-RED-CL2.2 and click Start. 28. Right-click 10533A-RED-CL2.2 and click Connect.
5-34
29. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 30. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 31. In the Remote Desktop Connection window, click Options. 32. Click the Local Resources tab, and then under Remote audio, click Settings. 33. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 34. Under Remote audio recording, click Record from this computer, and then click OK. 35. Click the General tab. 36. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 37. In the User name box, type Fabrikam\Andreas, and then click Connect. 38. On the Remote Desktop Connection page, click Connect. 39. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 40. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 41. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 42. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 43. In the Remote Desktop Connection window, click Options. 44. Click the Local Resources tab, and then under Remote audio, click Settings. 45. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 46. Under Remote audio recording, click Record from this computer, and then click OK. 47. Click the General tab. 48. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 49. In the User name box, type Fabrikam\Ebru, and then click Connect. 50. On the Remote Desktop Connection page, click Connect. 51. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 52. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 53. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 54. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 55. In the Remote Desktop Connection window, click Options. 56. Click the Local Resources tab, and then under Remote audio, click Settings. 57. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 58. Under Remote audio recording, click Record from this computer, and then click OK. 59. Click the General tab.
5-35
60. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 61. In the User name box, type Fabrikam\Marcel, and then click Connect. 62. On the Remote Desktop Connection page, click Connect. 63. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 64. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 65. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 66. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 67. In the Remote Desktop Connection window, click Options. 68. Click the Local Resources tab, and then under Remote audio, click Settings. 69. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 70. Under Remote audio recording, click Record from this computer, and then click OK. 71. Click the General tab. 72. Under Logon settings, in the Computer box, type int-cl4. 73. In the User name box, type INT-CL4\Administrator, and then click Connect. 74. On the Remote Desktop Connection page, click Connect. 75. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 76. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start. Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
Note: If the virtual machines are reporting that they need to be activated, run slmgr.vbs rearm from a command prompt and then reboot the server.
5-36
Exercise 1: Configuring the Topology for External Access

Scenario
Define a new Edge server topology to allow remote access for your users and federated partners for conferencing, A/V and SIP, as well as provide public IM connectivity. Using Topology Builder: download the current (Lab) virtual Lync Server 2010 deployment, add the Edge Server, and define the services. Then publish the new topology into the central management store. Export the new topology, so that it can be used to configure and install the Edge server The main tasks for this exercise are as follows: 1. 2. Add the new Edge server to the existing topology. Export the new topology.
Task 1: Add the new Edge server to the existing topology.

1. 2. Using Topology Builder, define a new Single computer Edge pool to the Fabrikam topology in the Miami site. Use the information in the following tables to complete the wizard. Wizard Step Value
Edge Pool FQDN Select features

3.
mia-ed1.fabrikam.com Single computer pool Enable Federation (Port 5061)
Define the external FQDNs and IP addresses. Use the following information. External FQDNs sip.fabrikam.com webconf.fabrikam.com avconf.fabrikam.com Port 443 443 443
4. 5.
Define the internal IP address as 10.0.10.14. Define the external IP addresses. Use the following information. External FQDNs SIP Access Web Conferencing A/V Conferencing IP Address 172.16.10.100 172.16.10.101 172.16.10.102
5-37
6.
Finish the Define New Edge Pool wizard with the following information. Wizard Step Next Hop Value mia-ls1.fabrikam.com Miami mia-ls1.fabrikam.com red-sbs1.fabrikam.com rom-ls2.fabrikam.com
Associated Front End Pools
7. 8.
Edit the Miami site and enable this Edge server as the Site federation route assignment. Publish the new topology and verify it was successful published.
Task 2: Export the new topology.

1. 2. Using Lync Server Management Shell, export the new configuration as Config.zip. Copy the Config.zip file to C:\Labfiles on the Edge server. Results: After this exercise, you should have defined a new Edge Pool, defined internal and external FQDNs and IP addresses, and then published the topology. You should have also exported the configuration for Edge server role deployment.
5-38
Exercise 2: Deploying Edge Server and Configuring Remote Access

Scenario
Using the Lync Server Deployment Wizard, define and install the Edge server roles. Configure certificates and start the Edge services. The Lync Server 2010 setup files are located on the Edge server in C:\LabFiles\LS2010. The main tasks for this exercise are as follows: 1. 2. 3. 4. Install the Edge server role. Request and assign certificates. Start the Lync Server Edge services. Create the necessary Edge DNS records.
Task 1: Install the Edge server role.

1. 2. 3. On MIA-ED1, launch Lync Server 2010 Setup. Use the Lync Server Deployment wizard to install Local Configuration Store by using the exported Config.zip file. Use the Lync Server Deployment wizard to set up or remove Lync Server components.

Note: For the Lab environment and the virtual topology, you will use private certificates from internal CA, requesting them real time during Lync Server setup. The internal CA is MIADC1.Fabrikam.com\FabrikamCA. If your certificate request fails or is denied, restart the Active Directory Certificate Services on MIA-DC1 and retry the request steps in this section. 1. 2. Use the Lync Server - Deployment Wizard to request and assign certificates from the internal CA. Use the following information in the Certificate Request wizard to request a certificate for the Edge internal interface. Wizard Step Internal CA Friendly Name Organization Organizational Unit Country/Region State/Province City/Locality SIP Domain setting on Subject Alternate Names (SANs) Value MIA-DC1.Fabrikam.com\FabrikamCA. MIA-ED1 Internal Certificate Bit Length: 2048 Fabrikam IT United States Florida Miami Fabrikam.com
5-39
3. 4.
Use the Certificate Assignment wizard to assign the MIA-ED1 Internal Certificate to the Edge internal interface. Use the following information in the Certificate Request wizard to request a certificate for the External Edge interface. Wizard Step Internal CA Friendly Name Organization Organizational Unit Country/Region State/Province City/Locality Value MIA-DC1.Fabrikam.com\FabrikamCA. MIA-ED1 External Certificate Bit Length: 2048 Fabrikam Corporation IT United States Florida Miami
5.
Use the Certificate Assignment wizard to assign the MIA-ED1 External Certificate to the External Edge interface.
Task 3: Start the Lync Server Edge services.

1. Use the Lync Server Deployment wizard to start the Services on the Edge server.
Task 4: Create the necessary Edge DNS records.

You now need to create the necessary DNS records for external user access. The MIA-RAS1 virtual machine is acting as the public DNS server for this environment and it is where you will create the records. 1. 2. On MIA-RAS1, create the necessary HOST and SRV records. Use the following table to create the HOST records. HOST record (A) sip webconf avconf 3. IP Address 172.16.10.100 172.16.10.101 172.16.10.102
5-40
4.
Use the following table to create the SRV records. Service _sipexternaltls Protocol _tcp Priority and Port Weight Defaults Defaults Defaults 443 5061 443 Host offering the service sip.fabrikam.com sip.fabrikam.com sip.fabrikam.com
_sipfederationtls _tcp _sip _tls
Results: After this exercise, you should have gone through the process of moving an exported local configuration store to an Edge server, and then deploying the Edge server role. You will have also created the necessary public DNS records.
5-41
Exercise 3: Testing and Verifying External User Access

Scenario
You will now test and verify external user access by using Microsoft Lync 2010 on the external client virtual machine. You will also verify that remote access is available for IM, presence, web, and A/V conferencing. The main tasks for this exercise are as follows: 1. 2. Grant rights to external user access. Test external user access.
Task 1: Grant rights to external user access.

1. 2. Using the Lync Server Control Panel, configure the External Access Policy to enable communications with Federated, remote and public users for everyone. For the Access Edge Configuration policy, enable federation, partner domain discovery, remote user access and anonymous user access to conferences.
Task 2: Test external user access.

1. 2. 3. 4. On MIA-CL1, ensure you are logged on to Microsoft Lync as Andreas@Fabrikam.com. On RED-CL2, ensure you are logged on to Microsoft Lync as Tzipi@Fabrikam.com. On ROM-CL3, ensure you are logged on to Microsoft Lync as Marcel@Fabrikam.com. On INT-CL4, log on to the VM as INT-CL4\Administrator.
NOTE: The local administrator profile is setup for Ebru Ersan. 5. 6. 7. On INT-CL4, log on to Microsoft Lync as Ebru@Fabrikam.com, Fabrikam\Ebru with the password of Pa$$w0rd Have various IM sessions between the internal and external clients. Test external Web and A/V Conferencing by adding a third participant to the IM session, RED-CL2 logged in as Fabrikam\Tzipi. Determine what features are available, such as: Desktop sharing Application sharing Adding Audio Note: This environment does not have an HTTP Reverse Proxy, so not all features will be available.
Results: After completing this exercise, you should have tested and verified your Edge server deployment by logging on to Lync from an external client and testing IM and Presence, as well as web and A/V conferencing. Important: After this lab, we recommended that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, right-click, and then click Snapshot.
5-42
Review Questions
1. 2. 3. What are the four types of external users and the DNS records required for those users to sign in? What are the three available Edge services and what do they do? What other role is necessary in the Edge infrastructure? What does the Director role do, and how does it benefit Lync Server 2010 pools with Edge infrastructure?
Common Issues
Issue Troubleshooting tip
Remote clients are able to join web Ensure that the HTTP Reverse Proxy has been configured correctly. conferences but are only able to access some types of content. Internal users are not able to communicate with PIC users on AOL and Yahoo! services. DNS load balancing is not working properly for Edge servers. Edge server installation is failing. Verify that the PIC provisioning process has been completed for your organization. This process exists entirely outside of your Lync Server 2010 infrastructure and incurs some additional licensing fees. Verify that all external Edge services are using NAT. Verify that the topology has been transported to the Edge server; this is necessary for the initial configuration.

1. Contoso wants to ensure high availability of IM for internal users communicating with PIC contacts. What type of load balancing should be implemented?
5-43
2. 3.
Fabrikam is configuring the external firewall for its Lync Server 2010 Edge deployment. What ports should be opened for Access Edge service and Audio/Video Edge service? Wingtip Toys is investigating security concerns with the Lync Server 2010 Edge infrastructure for compliance reasons. What types of Lync Server 2010 traffic are encrypted outside of the firewall?
Best Practices
Supplement or modify the following best practices for your own work situations: Consider your load-balancing requirements carefully. DNS load balancing can alleviate loads on the hardware load balancer, but it is not supported by all clients. Ensure that the high port range (50,000-59,999) is open for outgoing TCP connections. If you are not federating with other companies, you do not need to open this port range. Use certificates issued by public certification authorities on the external edge of your Edge services. This ensures maximum compatibility with other entities.
Tools
Tool Use for Where to find it
PortQuery and Telnet
Useful for verifying Telnet is a feature of Server Manager. PortQuery is available for that a server can be download at: connected to on a http://go.microsoft.com/fwlink/?LinkID=210230&clcid=0x409 given port. A quick way to verify that remote http://go.microsoft.com/fwlink/?LinkID=210238&clcid=0x409 users can log on and that other basic functionality is in place. A good way to see how reliable a http://go.microsoft.com/fwlink/?LinkID=210243&clcid=0x409 connection is; it gives statistics on packet loss, latency, and jitter.
Remote Connectivity Analyzer
Pingtest.net
5-44
Configuring Basic Enterprise Voice Functionality
6-1
Module 6
Contents:
Lesson 1: Features of Lync Server 2010 Enterprise Voice Lesson 2: Preparing for Enterprise Voice Lesson 3: Deploying Enterprise Voice Lab: Configuring Basic Enterprise Voice Functionality 6-3 6-10 6-19 6-29
6-2
Module Overview
Enterprise Voice is Microsofts software powered Voice over Internet Protocol (VoIP) solution. Enterprise Voice enables Microsoft Lync Server 2010 users to choose the most appropriate way to communicate with colleagues throughout the enterprise, whether telephone, Instant Messaging, computer to computer, or audio/video conference. Because VoIP sessions can traverse network address translations (NATs) and firewalls, users working at home or traveling can use the Internet to communicate with coworkers. This creates the opportunity to prevent incurring long-distance charges without the use of a virtual private network (VPN). This module provides you with an overview of the major components, features, and topology requirements of Lync Server 2010 Enterprise Voice. You will learn about the capabilities and components that are new or enhanced in Lync Server 2010. You will also learn about the preparation, configuration, and deployment of basic Enterprise Voice functionality. An in-depth presentation of all the features and functions of Enterprise Voice and the benefits and opportunities of a comprehensive integrated voice, media, and unified communications (UC) infrastructure is beyond the scope of this module. Some of the features identified in this module will be discussed in more detail in other modules.
Objectives
After completing this module, you will be able to: Describe the features of Lync Server 2010Enterprise Voice. Prepare for the deployment of Lync Server 2010Enterprise Voice. Deploy and configure Lync Server 2010Enterprise Voice functionality.
6-3
Lesson 1
Features of Lync Server 2010 Enterprise Voice
This lesson provides an overview of those Enterprise Voice features that have been available in versions prior to Lync Server 2010, and introduces the functionality that is new or enhanced for Lync Server 2010.
Objectives
After completing this lesson, you will be able to: Describe howLync Server 2010 Enterprise Voice provides a complete telephony solution. Describe the features that are substantially unchanged from Microsoft Office Communications Server (OCS) 2007 R2 Enterprise Voice. Describe the new or enhanced functionality in Lync Server 2010 Enterprise Voice.
6-4
Overview of Lync Server 2010 Enterprise Voice
Lync Server 2010 Enterprise Voice provides a complete telephony infrastructure, including: Traditional telephony features including those found on most private branch exchange (PBX) systems Enhancements such as audio/video (A/V) conferencing, application sharing, and instant messaging (IM) integration Active Directory Domain Services (AD DS) integration for identity and provisioning, providing features such as access to contact lists and calendars A choice of UC alternatives for the integration of email and voicemail messages
Extending IP and PBX Interoperability

Lync Server 2010 extends the connectivity of enterprise users by providing traditional IP and time division multiplexing (TDM) PBX functionality, plus enhanced features such as integrated presence, IM, audio, video, and Web conferencing. Lync Server 2010 uses Active Directory for user identity and provisioning, and for providing some of these enhanced features such as Contact Lists and IM integration.
Exchange Unified Messaging Integration

Lync Server 2010 Enterprise Voice also enables integration of your telephony infrastructure with an onpremises Microsoft Exchange Unified Messaging (UM) or Hosted Exchange UM system. This combines voice messaging and email messaging into a single messaging infrastructure that is accessible to users from a telephone or a computer. UM and Lync Server 2010 work together to provide call answering, Outlook Voice Access, and auto-attendant services to users of Enterprise Voice. More information on Exchange integration is provided in Module 8, Exchange 2010 SP1 UM Integration.
Interoperability with Enterprise Management Tools

Management of dial plans, call authorization, and call detail records (CDRs) are enhanced and improved by interoperability with standard enterprise tools including Active Directory and Microsoft SQL Server. Microsoft Windows PowerShell can now be used for configuration, and Microsoft System Center
6-5
Operations Manager (SCOM) can be used for monitoring capabilities, all of which will help to streamline your IT infrastructure by reducing the need for stand-alone solutions.
Integration with Multiple Tools and Vendors

The open nature of Enterprise Voice allows for integration with products from many vendors, and the development tools allow your enterprise developers and third-party vendors to integrateLync Server 2010 communication capabilities into future products.
6-6
Features from Office Communications Server 2007 R2
The same features that were available in Microsoft Office Communications Server 2007 R2 are also available in Lync Server 2010. This section describes the features that have been retained from OCS 2007 R2.
PSTN Connectivity
A Lync Server 2010 Enterprise Voice deployment supports calls to and from the public switched telephone network (PSTN). Connecting Enterprise Voice to the PSTN requires one or more of the following: A Session Initiation Protocol (SIP) trunk to an Internet Telephony Service Provider (ITSP) An IP-PBX connected to the PSTN A PSTN gateway connected to the PSTN A Survivable Branch Appliance (SBA) or Survivable Branch Server connected to the PSTN
For more information about the PSTN connectivity options supported by Lync Server 2010, see the Lync Server 2010Help file topic Features and Capabilities of Enterprise Voice.
Traditional Calling Features

Lync Server 2010 provides common calling features such as Click to Call, call waiting, hold, forward, transfer, reverse number lookup, and Divert to Voice Mail or IM. New and enhanced features in Lync Server 2010 Enterprise Voice are discussed later in this lesson.
Exchange Unified Messaging Voice Mail

As in prior versions of Enterprise Voice, the Exchange UM features of Microsoft Exchange Server provide voicemail and UM functionality.
6-7
New or Enhanced Functionality in Lync Server 2010 Enterprise Voice
The following functionality is new or enhanced for Lync Server 2010 Enterprise Voice.
Emergency Services
Lync Server 2010supports enhanced 9-1-1 (E9-1-1) for North America. This feature provides additional location information to dispatchers of emergency services. A Location Policy contains the settings that define how E9-1-1 is implemented in your organization. You can assign a policy at the global level or at a specific location, or you can assign a user-specific policy. When a client is not located within a subnet, wireless service set identifier (SSID), or switch port association that has a defined location policy, it defaults to your global policy assignment.
Voice Resiliency
The new voice resiliency capability allows a site with a SBA or Survivable Branch Server to continue to provide users with the ability to make and receive Enterprise Voice calls if the wide area network (WAN) connecting the branch site to the central site is down. It can also be set up to provide resiliency between central sites.
Call Admission Control (CAC)

CAC is a way to manage whether new calls for voice or video should be established depending on available network bandwidth. If a new voice call exceeds the bandwidth limit you have set for the destination on a WAN, the call is either blocked or rerouted. CACin Lync Server 2010 offers four main benefits: It is simple to deploy and manage without requiring additional equipment, such as specially configured gatekeepers. It addresses critical UC use cases, such as roaming users and multiple points of presence. CAC policies are enforced according to where the endpoint is located, not where the user is homed.
6-8
Note: CAC policies can be exempted on a per-user basis. It can be applied to other traffic, such as video calls and A/V conferencing sessions. It provides the flexibility to define a logical network that is different from your physical network topology.
Mediation Server Media Bypass

To support the features of the Enterprise Voice workload as well as dial-in conferencing, you must deploy at least one Mediation server. Each Mediation server must be configured as an intermediary between your internal Lync Server 2010VoIP infrastructure and at least one gateway peer (an IP-PSTN gateway, an IPPBX, or a Session Border Controller [SBC] for an Internet Telephony Service Provider to which you connect by configuring a SIP trunk) that you define in your topology. Media bypass is a new routing feature in Lync Server 2010 that removes the Mediation server from the media path whenever possible. Media bypass can improve voice quality by reducing latency and needless translation, and by reducing the possibility of packet loss and the number of points of potential failure. On PBX systems that support media bypass, bypassing the Mediation server can improve scalability. This reduction in load complements the ability of the Mediation server to control multiple gateways. Note: Media bypass and CAC work together to manage bandwidth control for all media. Media bypass facilitates media flow over well-connected links; CAC manages traffic on links with bandwidth constraints. Note: Media bypass is not an option when using SIP trunks with the Mediation server as the point of termination.
Call Park
Lync Server 2010 provides users with the ability to put a call on hold and then retrieve it from another phone. When a call is parked, the original answering phone becomes free for another call.
Announcement Service
The Announcement Service enables you to configure how incoming phone calls are handled when the dialed number is valid but it is not assigned to any user or phone. You can configure thisservice to transfer these calls to a predetermined destination (phone number, SIP Uniform Resource Identifier (URI), or voicemail) or play an audio announcement, or both. Using the Announcement application can help you avoida situation where a caller misdials and hears a busy tone, or the SIP client receives an error message.
Response Group Service

With the Response Group Service (RGS), you can route and queue incoming calls to designated persons for special purposes, such as customer service, an internal Help desk, or general telephone support for a department. Some significant features that have been added for Lync Server 2010 include: Anonymous calling capabilities Enhanced call routing Caller experience improvements Integrated management
6-9
Outbound Route Translation

As in previous Enterprise Voice versions, dial strings are normalized to E.164 format for reverse number lookup (RNL) during call routing. With Lync Server 2010,you no longer have to individually configure downstream components, or sometimes reroute calls when downstream components cannot accept E.164 dial strings. Now you can create translation rules that assist in manipulating the Request URI E.164 format before the call is routed. For example, you could write a rule to remove +44 from the head of a dial string and replace it with 0144 before the call is routed to a gateway.
Larger Device Portfolio

A rich selection of VoIP-enabled endpoint devices are certified to be Optimized for Microsoft Lync. These endpoints offer a high-quality user experience and are available in a wide variety of form factors and prices. The Enterprise Voice environment now includes support for the following analog devices: Analog phones and fax machines connected to an analog port of a gateway or PBX Analog Terminal Adapter (ATA) gateways (with 2 to 4 analog ports) that are connected to a SIP-PSTN gateway SIP-PSTN analog gateways (PSTN gateways) with native analog ports
Malicious Call Tracing

The Malicious Call Tracing (MCT) feature now allows users to flag harassing, threatening, or obscene phone calls. Immediately after hanging up, the user can select an option to report the call as malicious. When such a call is reported, a trace request is sent to mark the record of the call, and an event is logged. Administrators can then identify the call, the calling number, and the gateway or SIP trunk over which the call was received. The Monitoring server must be deployed to support this feature.
6-10
Lesson 2
Preparing for Enterprise Voice
The process of preparing for Enterprise Voice depends on your existing topology, infrastructure, and the Enterprise Voice functionality that you want to support. You must also consider the type and number of sites you have deployed and their geographical locations, the call volume at each site, and the types of network links that connect sites. Whether you want to provide redundancy and failover for voice functionality for each site is another consideration, as well as whether you want to continue using existing PBX equipment.
Objectives
After completing this lesson, you will be able to: Consider your sites and regions. Consider your local area network (LAN) topology options. Consider yourWANtopology options. Describe your PSTN connectivity options. Identify the system and software prerequisites for deploying Enterprise Voice.
6-11
Considering Sites and Regions
There are two types of sites in a Lync Server 2010 deployment: central sites and branch sites. All deployments must have a central site. In each central or branch site, you must deploy at least one Lync Server 2010Front End pool or Standard Edition server.
Central Sites and Branch Sites

In every Lync Server 2010 deployment, you must designate at least one site as a central site. You may or may not have branch sites in your deployment, but if you do, you must associate each branch site with exactly one central site. Users at a branch site will get their Lync Server 2010 functionality and Enterprise Voice services that are not deployed locally from their central site through the WAN. This may include presence, conferencing, and voicemail retrieval.
Network Regions
In Lync Server 2010 Enterprise Voice, a network region refers to your WAN network topology. Many large or geographically dispersed enterprises may group sites into network regions to manage and deploy their WAN topology. When deciding which branch site you relate to which central site, you typically want to follow your regional network WAN topology for best performance.
6-12
Local Area Network Topology Options
In general, you should connect all server roles within the Lync Server 2010 topology by using a lowlatency and high-bandwidth LAN. All servers should be in a network that supports 1 gigabit per second (Gbps) Ethernet or equivalent. SBAsat branch locations should be in a LAN network that supports at least 100 megabits per second (Mbps). Devices and endpointsshould be in a LAN network that supports a minimum of 10Mbps with low latency. A LAN of 100Mbps is recommended.
LAN Topology Options Dependent on WAN Resiliency

WAN resiliency refers to the redundancy and reliability of the WAN links serving the site and their ability to provide high availability and high-quality connectivity between sites.
Branch Site with WAN Resiliency

When your central site does have WAN resiliency, you have the following two options for your branch site: You have the option to deploy a PSTN gateway at each branch site using an SBA to provide local direct inward dialing (DID) termination for users at those sites. If you have resilient WAN links, but the bandwidth on the WAN link is likely to be constrained, configure CAC for that link.
Branch Site without WAN Resiliency

If you have abranch site that does not have resilient WAN links to the central site, and you require a dial tone in the event of a WAN outage, you must deploy one of the following: An SBA A Survivable Branch Server
6-13
With either alternative, users can still make and receive Enterprise Voice calls by using a local PSTN gateway, even if the WAN connecting the branch site to the central site is down.
Survivable Branch Appliance Solution

It is recommended that you deploy an SBA at the branch site if you: Do not have resilient WAN links. Host fewer than 1,000 users at your branch site. Do not have local trained Lync Server 2010 administrators available.
Survivable Branch Server Solution

It is recommended that you deploy a Survivable Branch Server with a small gateway at the branch site if: You do not have resilient WAN links. You host between 1,000 and 5,000 users at the branch site. You have trained Lync Server 2010 administrators available.
You should also consider enabling media bypass on constrained links if you have a gateway peer that supports media bypass.
6-14
Wide Area Network Considerations
As you consider the branch sites in the topology where you will deploy Enterprise Voice, it is important to consider the network regions to which those sites belong. For each branch site where you must provide PSTN connectivity, you must decide whether gateways will be deployed locally, whether SBAs will be deployed, and whether you will configure SIP trunks (either locally or at the central site) to an ITSP. The quality, capacity, and resiliency of the network links in your IP WAN topology have a direct impact on the deployment alternatives that are viable and appropriate for each branch site in your Enterprise Voice deployment.
WAN Bandwidth Capacity

You can use the Lync Server Planning Tool to help identify the additional bandwidth you expect to add tothe network links between your central site and the branch sites with your Enterprise Voice deployment.
End-to-End Network Latency

Network latency information is used to determine your local requirements for the number of Mediation servers and gateways. This will be discussed further in subsequent topics about LAN requirements and PSTN connectivity. To ensure optimal voice and media quality, you must provision your network to ensure a maximum endto-end delay (latency) of 150 milliseconds (ms) under peak load. The ideal round-trip latency is under 100 ms. Latency is the one network impairment that Lync Server 2010media components cannot reduce, and it is important to find and eliminate the weak points.
WAN Resiliency
Consider whether you have, or plan to deploy, resilient WAN links between the branch and central sites. There are obvious advantages to providing branch-site resiliency to your organization, namely that if you lose the connection to the central site, branch site users will continue to have Enterprise Voice service.
6-15
PSTN Connectivity
Identify what PSTN connectivity services are available at each site. These services can be significantly different across regions and even sites within a region. If they offer SIP trunking or SIP gateway services, it opens up other deployment alternatives. Trunking and PSTN connectivity options are discussed in more detail in the following topic, PSTN Connectivity Options.
6-16
PSTN Connectivity Options
An enterprise-quality VoIP solution with Lync Server 2010must enable calls to and from the PSTN without a decline in quality and reliability. Users should not be aware of the underlying technology when they place and receive calls a call between the Enterprise Voice infrastructure and the PSTN should seem like any other call. To support PSTN connections, there are deployment alternatives that can address branch sites and central sites of all sizes.This includes the ability to deploy SIP trunking and media gateways. Lync Server 2010Enterprise Voice can also provide traditional PBX services without the need to install a PBX.
SIP Connectivity Options

The following options are available: SIP trunks to an ITSP Direct SIP connections to a PSTN gateway Direct SIP connections to a IP PBX
SIP Trunks
The term trunk is derived from legacy circuit-switched technology and refers to a dedicated physical line that connects telephone switching equipment. These were usually time division multiplexing (TDM) trunks. Legacy TDM PBXs typically connect to the PSTN service provider using T1 (or similar) trunks. Like the predecessorTDMtrunks, SIP trunks are connections between two separate telephony networks. However, SIP trunk(s)are virtual connections established over any of the SIP trunkingIP connection types supported by the service provider, such as the Internet.
6-17
Advantages of Using a SIP Trunk Connection

When you use a SIP trunk service from a vendor registered with the Microsoft Unified Communications Open Interoperability Program (OIP), media gateways may not be required, in which case, your infrastructure costsare reduced. Additional cost savings can include: Long-distance calls typically cost much less through a SIP trunk. You can cut manageability costs and reduce the complexity of deployment. Basic rate interface (BRI) and primary rate interface (PRI) fees can be eliminated. In legacy TDM trunking, service providers charge for calls by the minute. The cost of SIP trunking may be based on bandwidth usage, which you can buy in smaller, more economical increments.
Direct SIP to a PSTN Gateway

Direct SIP connections are implemented in essentially the same way as a SIP trunk. Both must home/peer with the external interface of a Mediation server.Direct SIP connections are SIP connections that do not exit the local network, but instead connect to a PSTN gateway or PBX on the LAN within your internal network. In a Direct SIP deployment, VoIP calls are routed over the internal IP network (LAN). Calls that must use the PSTN are routed through the appropriate media gateway. A VoIP-only deployment can use a small, qualified gateway to support analog phone line requirements for fax machines and other analog phone system devices.
Direct SIP to PBX

If you have an existing voice infrastructure with a PBX, you can use your PBX with Lync Server 2010 Enterprise Voice. Enterprise Voice PBX integration scenarios include: IP-PBX. A Direct SIP connection is made between the PBX and the Mediation server. (TDM) PBX. A PSTN gateway is used between the Mediation server and the PBX.
If you have a PBX in your environment, the Mediation server handles calls between Enterprise Voice users and the PBX.
6-18
Prerequisites for Enterprise Voice
The following are Lync Server 2010 system and software prerequisites for an Enterprise Voice communication system: You have installed Lync Server 2010 Standard Edition or Enterprise Edition and it is operational on your network. If deploying Edge servers, you have deployed all Edge servers and they are operational in your perimeter network. You have configured either Microsoft Exchange Server 2007 Service Pack 3 (SP3) or Microsoft Exchange Server 2010 for integrating Exchange Unified Messaging. You have defined and enabled one or more users for Lync Server 2010. Lync Server 2010clients and devices are already successfully deployed. Mediation servers must be running either: o o o o Microsoft Windows Server 2008 R2 Standard/Enterprise/Datacenter Edition Microsoft Windows Server 2008 Standard/Enterprise/Datacenter with SP2 and Windows Installer 4.5 Microsoft .NET Framework 3.5 SP1 PowerShell 2.0
Topology Builder is installed on a server on your network.
6-19
Lesson 3
Deploying Enterprise Voice
In this lesson, you will learn how to deploy the components of Enterprise Voice into an environment whereLync Server 2010has previously been deployed.
Objectives
After completing this lesson, you will be able to: Install the Mediation server role. Configure dial plans. Consider external gateway options. Consider trunk configuration options.
6-20
Installing the Mediation Server Role
By default in Lync Server 2010, the Mediation server is collocated on the Standard Edition server or the Front End server in an Enterprise pool at central sites. The Mediation server can also be deployed in a stand-alone pool for performance reasons. The number of PSTN calls that can be handled and the number of computers required in the pool will depend on: The number of gateway peers that the Mediation server pool controls. The busy-hour traffic through those gateways. The percentage of calls that bypass the Mediation server.
Collocated or Standalone?
When determining whether to collocate the Mediation server or deploy it in a stand-alone pool, you must consider the processing requirements of Front End servers for: Non media bypass PSTN calls. A/V Conferencing server (if it is collocated). Signaling interactions for the number of busy-hour calls that need to be supported. (You should allow at least 30 percent of CPU for this.)
If there is not enough CPU on the Front End servers, you must deploy a stand-alone pool of Mediation servers. The Lync Server Planning Tool can help you determine the appropriate choice for deploying the Mediation server. For the Enterprise Voice workload, in addition to highlighting available Enterprise Voice features and capabilities, the Planning Tool will also alert you to the central or branch site factors that you need to account for in your environment.
6-21
Deploying Mediation Servers

There are no restrictions regarding the order in which you define Mediation servers and gateway peers in your topology. Regardless of which you choose to define first, you use Topology Builder to define and publish them before you can configure PSTN connectivity.
6-22
Configuring Dial Plans
As you learned in Module 4, Deploying Clients and Devices, a dial plan is a named set of normalization rules that translate phone numbers for a named location, individual user, or contact object for purposes of phone authorization and call routing. There are four types of dial plans in Lync Server 2010: User dial plan. Use this type of dial plan for users, groups, or Contact objects. Pool dial plan. Use this type of dial plan for a PSTN gateway or a registrar. Site dial plan. Use this type of dial plan for an entire site, except for any users or groups that are assigned to a user dial plan. Global dial plan. This is the default dial plan installed with the product. You can edit the global dial plan, but you cannot delete it. This dial plan applies to all Enterprise Voice users, groups, and contact objects in your deployment that have not been assigned to a specific user, pool, or site dial plan.
Dial Plan Scope

A dial plan scope defines the hierarchical level at which you can apply the dial plan. In Lync Server 2010, the hierarchy is as follows: The specific user dial plan applies first. If a user dial plan is not assigned, the registrar pool dial plan applies. If there is no registrar pool dial plan, the site dial plan applies. If there is no other dial plan applicable to the user, the global dial plan applies.
Creating Your Dial Plans

You can use either the Lync Server Control Panel or the Lync Server Management Shell to create your dial plans. Either way, you must specify values in the following fields, as required.
6-23
Name and Simple Name

For user dial plans, specify a descriptive name that uniquely identifies the user, group, or Contact object. For site dial plans, the Name field is automatically populated with the site name and cannot be changed. For pool dial plans, the Name field is automatically populated with the PSTN gateway or Front End pool FQDN and cannot be changed.
Description
It isrecommended that you use a common, recognizable name for the geographic location where the dial plan is to be used. For example, if the dial plan name is Redmond.Fabrikam.com, the description would be Redmond.
Dial-in Conferencing Region

If you are deploying dial-in conferencing, you must specify a dial-in conferencing region(s) to associate your dial-in conferencing access numbers with a dial plan.
External Access Prefix

You can specify an external access prefix of up to four characters (#, *, and 0-9) if users need to dial one or more additional leading digits to get an external line (for example, 9). Note: If you specify an external access prefix, you do not need to create an additional normalization rule to accommodate the prefix.
Normalization Rules
Normalization rules use .NET Framework regular expressions to specify numeric match patterns that the server uses to translate dial strings to E.164 format for the purpose of performing reverse number lookup. With the Lync Server Control Panel, you can easily create normalization rules without needing to learn the underlying logic behind how they are created. Bysimply entering the starting digits and the length of the dial strings to be matched, the Lync Server Control Panel generates the corresponding regular expression for you.
6-24
Considering External Gateway Options
PSTN gateways are third-party hardware components that translate signaling and media between the Enterprise Voice infrastructure and the PSTN, either directly or through connection to SIP trunks. In either topology, the gateway terminates the PSTN. The gatewaymay be isolated in its own subnet connected to the enterprise network through the Mediation server. Determining the number, size, and location of PSTN gateways is perhaps the most important decision you must make when planning your Enterprise Voice infrastructure.
Gateway Topologies
Take the following approach when considering the fundamental questions around the number, size, and location of gateway deployment: 1. 2. 3. Count the sites at which you want to provide PSTN connectivity by using Enterprise Voice. Estimate the traffic at each site (number of users and average number of calls per hour per user). Deploy one or more gateways at each site to handle the anticipated traffic.
Distributed Gateway Topology

The resulting distributed gateway topology is shown on the slide. With this topology, calls among workers at each site and between sites are all routed over your intranet. Calls to the PSTN are routed over the enterprise IP network to the gateways that are closest to the location of the destination numbers.
Central Site Topology

If your organization supports many sites located across one or more continents, deploying a separate gateway at each site is impractical. To address this, many large companies prefer to deploy one or a few large telephony central sites. A central site topology diagram is also shown on the slide.
6-25
In this topology, several large gateways sufficient to accommodate the anticipated user load are deployed at each central site. All calls to users in the enterprise are forwarded by the companys telephone service provider to a central site. Routing logic at the central site determines whether the call should be routed over the intranet or to the PSTN.
Gateway Location
Gateway location may also determine the types of gateways you choose and how they are configured. There are various PSTN protocols, none of which is a worldwide standard. If all your gateways are located in a single country/region, this is not an issue. However, if you locate gateways in several countries/regions, you must configure each gateway according to the PSTN standards of that country/region. Moreover, gateways that are certified for operation in Canada, for example, may not be certified in India, Brazil, or the European Union.
Gateway Size and Number

The media gateways that most organizations will consider deploying range in size from 2 to as many as 960 ports. (There are even larger gateways, but these are used mainly by telephone service providers.) When estimating the number of ports your organization requires, use the following guidelines: Organizations with light telephony usage (one PSTN call per user per hour) should allocate one port for every 15 users. For example, if you have 20 users, you will require a gateway with two ports. Organizations with moderate telephony usage (two PSTN calls per user per hour) should allocate one port for every 10 users. For example, if you have 100 users, you will require a total of 10 ports allocated among one or more gateways. Organizations with heavy telephony usage (three or more PSTN calls per user per hour) should allocate one port for every five users. For example, if you have 47,000 users, you will require a total of 9,400 ports allocated among at least 10 large gateways.
You can acquire additional ports as the number of users or amount of traffic in your organization increases. For any given number of users that you must support, you have the choice of deploying fewer, larger gateways, or smaller ones. As a rule, a minimum of two gateways for an organization is recommended to maintain high or partial availability if one gateway fails.
6-26
SIP Configuration Options
SIP is used to initiate and manage VoIP communications sessions for basic telephone service, as well as for many additional real-time communication services such as IM, conferencing, presence detection, and multimedia. A SIP trunk is an IP connection that establishes a SIP communications link between your organization and an ITSP beyond your firewall. Typically, a SIP trunk is used to connect your organizations central site to an ITSP. In some cases, you may also opt to use SIP trunking to connect your branch site to an ITSP.
SIP Trunks versus Direct SIP Connections

SIP trunks are connections between two separate SIP networks: the Lync Server 2010 enterprise and the ITSP. Unlike circuit-switched trunks, SIP trunks are virtual connections that can be established over any of the supported SIP trunking connection types. Direct SIP connections, on the other hand, are SIP connections that do not cross the local network boundary. (That is, they connect to a PSTN gateway or PBX within your internal network.)
SIP Trunking
To implement SIP trunking, you must route the connection through a Mediation server, which proxies communication sessions between Lync Server 2010 clients and the service provider and transcodes media when necessary. As a best practice, you should configure each Mediation server to have an internal and an external network interface. The internal interface connects to the Front End servers. The external interface is commonly called the gateway interface because it has traditionally been used to connect the Mediation server to a PSTN gateway or an IP-PBX. To implement a SIP trunk, you connect the external interface of the Mediation server to the external edge component of the ITSP.
6-27
Centralized SIP Trunking

Centralized SIP trunking routes all VoIP traffic, including branch site traffic, through your central site. The centralized deployment model is simple, cost-effective, and generally the recommended approach for implementing SIP trunks with Lync Server 2010.
Distributed SIP Trunking

Distributed SIP trunking is a deployment model in which you implement a local SIP trunk at one or more branch sites. VoIP traffic is then routed from the branch site directly to a service provider without going through the central site. Distributed SIP trunking is required only in the following cases: The branch site requires survivable phone connectivity (for example, if the WAN goes down). This requirement should be analyzed for each branch site; some of your branches may require redundancy and failover, while others may not. Resiliency is required between two central sites. You need to make sure a SIP trunk terminates at each central site. For example, if you have Dublin and Tukwila central sites and both use only one sites SIP trunk, if the trunk goes down, the other sites users cannot make PSTN calls. The branch site and central site are in different countries/regions. For compatibility and legal reasons, you need at least one SIP trunk per country/region.
Depending on the geographical location of sites and how much traffic you anticipate within your enterprise, you may not want to route all users through the central SIP trunk, or you may opt to route some users through a SIP trunk at their branch site. To analyze your needs, answer the following questions: How big is each site? (That is, how many users are enabled for Enterprise Voice?) Which DID numbers at each site get the most phone calls? Does least-cost routing make sense? For example, you may be able to reduce costs by routing all calls to the European Union (EU) through an EU trunk and to the USA through a USA trunk.
The decision whether to deploy centralized or distributed SIP trunking requires a cost-benefit analysis. In some cases, it may be advantageous to opt for the distributed deployment model even if it is not required. In a completely centralized deployment, all branch site traffic is routed over WAN links. Instead of paying for the bandwidth required for WAN linking, you may want to use distributed SIP trunking. For example, you can deploy a Standard Edition server at a branch site with federation to the central site, or deploy an SBA or a Survivable Branch Server with a small gateway.
Direct SIP
You can use Direct SIP connections to connect Lync Server 2010 to either of the following: An IP-PBX A PSTN gateway
Internal SIP Trunks

Internal SIP trunks are defined from a Mediation server/gateway at one site and a Mediation server/gateway at another site or another SIP domain. Examples of internal SIP trunking include: Data Center Site 1 to Data Center Site 2 Data Center Site to Branch Site Branch Site 1 to Branch Site 2
6-28
Branch Site to local IP PBX or PSTN gateway at Data Center
Selecting a Connection Type

The most appropriate SIP trunking connection type for your enterprise depends on your requirements and budget. Consider the following: For mid-size or larger enterprises, a Multi-Protocol Label Switching network connection usually provides the greatest value. This type of connection can provide the bandwidth at a cheaper rate than a specialized private network. Large enterprises may require a private fiber-optic, T1, T3 or higher connection (E1, E3, or higher in the European Union). For small enterprise or branch sites with low call volume, SIP trunking through the Internet may be the best choice. This connection type is not recommended for mid-size or larger sites.
6-29
Lab: Configuring Basic Enterprise Voice Functionality
Scenario
During this lab, you will perform several tasks related to configuring Microsoft Lync Server 2010 Enterprise Voice. You will use the Topology Builder to add the necessary PSTN Endpoints and then publish the new topology. Then you will begin Lync Server Enterprise Voice deployment by creating three Dial Plans and a series of Normalization Rules for the two sites and the branch site. In this lab you will: Edit the topology to include the PSTN gateways. Publish the new topology. Create dial plans for Miami, Redmond, and Rome. Create normalization rules for the three dial plans.
As the administrator for Fabrikam, you want to deploy Enterprise Voice at the Miami, Rome, and Redmond sites. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.
6-30

This lab requires the virtual machines running from the previous lab and depends on the completion of Lab 5.The virtual machines are configured to automatically logon as Fabrikam\Administrator with the password Pa$$w0rd, except for the following Virtual Machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
To begin this lab, you must connect to the appropriate virtual machines by using the following steps: 1. 2. On Host1, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, if the virtual machine 10533A-MIA-DC1.2 is not running: a. b. c. 3. 4. Right-click 10533A-MIA-DC1.2 and click Start. Right-click 10533A-MIA-DC1.2 and click Connect. In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing.
On Host2, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, if the virtual machine 10533A-MIA-RAS1.2 is not running: a. b. c. Right-click 10533A-MIA-RAS1.2 and click Start. Right-click 10533A-MIA-RAS1.2 and click Connect. In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing.
5.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-MIA-SQL1.2 is not running: a. b. Right-click 10533A-MIA-SQL1.2 and click Start. Right-click 10533A-MIA-SQL1.2 and click Connect.
6.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-ROM-LS2.2 is not running: a. b. Right-click 10533A-ROM-LS2.2 and click Start. Right-click 10533A-ROM-LS2.2 and click Connect.
7.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-MIA-ED1.2 is not running: a. b. Right-click 10533A-MIA-ED1.2 and click Start. Right-click 10533A-MIA-ED1.2 and click Connect.
8.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-ROM-CL3.2 is not running: a. b. Right-click 10533A-ROM-CL3.2 and click Start. Right-click 10533A-ROM-CL3.2 and click Connect.
9.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-INT-CL4.2 is not running:
6-31
a. b.
Right-click 10533A-INT-CL4.2 and click Start. Right-click 10533A-INT-CL4.2 and click Connect.
10. On Host2, in the Virtual Machines list, if the virtual machine 10533A-MIA-LS1.2is not running: a. b. Right-click 10533A-MIA-LS1.2 and click Start. Right-click 10533A-MIA-LS1.2 and click Connect.
11. On Host2, in the Virtual Machines list, if the virtual machine 10533A-MIA-AM1.2 is not running: a. b. Right-click 10533A-MIA-AM1.2 and click Start. Right-click 10533A-MIA-AM1.2 and click Connect.
12. On Host2, in the Virtual Machines list, if the virtual machine 10533A-RED-SBS1.2 is not running: a. b. Right-click 10533A-RED-SBS1.2 and click Start. Right-click 10533A-RED-SBS1.2 and click Connect.
13. On Host2, in the Virtual Machines list, if the virtual machine 10533A-MIA-CL1.2 is not running: a. b. Right-click 10533A-MIA-CL1.2 and click Start. Right-click 10533A-MIA-CL1.2 and click Connect.
14. On Host2, in the Virtual Machines list, if the virtual machine 10533A-RED-CL2.2 is not running: a. b. Right-click 10533A-RED-CL2.2 and click Start. Right-click 10533A-RED-CL2.2 and click Connect.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remoteaudio, click Settings. 19. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 20. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computerbox, type mia-cl1.fabrikam.com. 23. In the User namebox, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remoteaudio, click Settings.
6-32
31. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 32. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computerbox, type red-cl2.fabrikam.com. 35. In the User namebox, type Fabrikam\Ebru, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remoteaudio, click Settings. 43. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 44. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computerbox, type rom-cl3.fabrikam.com. 47. In the User namebox, type Fabrikam\Marcel. and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remoteaudio, click Settings. 55. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 56. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computerbox, type int-cl4. 59. In the User namebox, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK.
6-33
62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start. Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
6-34
6-35
Exercise 1: Configuring the Topology for Enterprise Voice

Scenario
In this exercise, you will configure PSTN gateways for Miami, Rome, and Redmond. They will all point to the PSTN emulator running on MIA-CL1. Create new PSTN gatewaysfor Miami, Rome, and Redmond. Configure the PSTN IP addresses of the Front End Servers. Publish the new topology. Important: On all virtual machines, verify whether all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server, and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Create new PSTN gateways for Miami, Rome, and Redmond.
1. On MIA-LS1, use the Topology Builder to create a new IP/PSTN Gateway for Miami. Wizard Step Gateway FQDN or IP Address Value 1.1.1.1
Listening port for IP/PSTN gateway 5060 SIP Transport Protocol 2. TCP
On MIA-LS1, use the Topology Builder to create a new IP/PSTN Gateway for Rome. Wizard Step Gateway FQDN or IP Address Value 1.1.1.3
Listening port for IP/PSTN gateway 5060 SIP Transport Protocol TCP
3. On MIA-LS1, use the Topology Builder to create a new IP/PSTN Gateway to Redmond. Wizard Step Gateway FQDN or IP Address Value 1.1.1.2
Listening port for IP/PSTN gateway 5060 SIP Transport Protocol TCP
Task 2: Configure the PSTN IP addresses for the Front End Servers.
1. 2. 3. 4. On MIA-LS1, use the Topology Builder to configure MIA-LS1.Fabrikam.com to limit service usage to selected IP Addresses. Set 10.0.10.12 for the Primary IP address. Set 1.1.1.12 for the PSTN IP address. Enable the TCP port on the Mediation Server and set the listening port to 5060.
6-36
5. 6. 7. 8. 9.
Associate the 1.1.1.1 PSTN Gateway to this Mediation server. Use the Topology Builder to configure ROM-LS2.Fabrikam.com to limit service usage to selected IP Addresses. Set 10.0.30.12 for the Primary IP address. Set 1.1.3.12 for the PSTN IP address. Enable the TCP port on the Mediation Server and set the listening port to 5060.
10. Associate the 1.1.1.3 PSTN Gateway to this Mediation server. 11. Use the Topology Builder to configure RED-SBS1.Fabrikam.com to limit service usage to selected IP Addresses. 12. Set 10.0.20.12 for the Primary IP address. 13. Set 1.1.2.12 for the PSTN IP address. 14. Enable the TCP port on the Mediation Server and set the listening port to 5060. 15. Associate the 1.1.1.2 PSTN Gateway to this Mediation server.
Task 3: Publish the new topology.

1. On MIA-LS1, use the Topology Builder to publish the new topology.
Results: After this exercise, you should have configured the topology for Enterprise Voice by configuring PSTN Gateways and limiting service usages to specific IP addresses on all of the front end servers, and then publishing the new topology.
6-37
Exercise 2: Configuring Lync Server 2010 Enterprise Voice

In this exercise, you will configure Lync Server 2010 Enterprise Voice Dial Plans and Normalization Rules. The steps involved are: Create Dial Plans for Miami, Rome, and Redmond. Create normalization rules for the Miami location. Create normalization rules for the Rome location. Create normalization rules for the Redmond location.
Task 1: Create dial plans for Miami, Rome, and Redmond.

1. On MIA-LS1, use the Lync Server Control Panel to create three different Site Dial Plans using the following information for their simple names. Site Miami Rome Redmond Simple name Miami.Fabrikam.com Rome.Fabrikam.com Redmond.Fabrikam.com
Task 2: Create normalization rules for the Miami location.

1. On MIA-LS1, use the Lync Server Control Panel to create normalization rules for Miami.
Miami
Name Fabrikam US Operator Starting Digits Length 0 Exactly 1 Digits to Remove Digits to Add 1 +13055552009 Test 0 to +13055552009 Fabrikam Italy 9 Operator Miami 4 Digit 2 Internal Redmond 4 Digit Internal Rome 4 Digit Internal Miami 7 Digit 3 Exactly 1 1 +390655554005 9 to +390655554005 Exactly 4 0 +1305555 2001 to +13055552001 Exactly 4 0 +1425555 3001 to +14255553001 4 Exactly 4 0 +39065555 4001 to +390655554001 Exactly 7 0 +1305 5552001 to +13055552001 US 10 Digit Exactly 10 0 +1 3055552001 to +13055552001
6-38
Name US 11 Digit Long Distance US International 2.
Starting Digits Length 1 Exactly 11
Digits to Remove Digits to Add 0 +
Test 13055552001 to +13055552001
011
At Least 5
011390655554001 to +390655554001
Remove the Prefix All rule.
Task 3: Create normalization rules for the Rome location.

1. On MIA-LS1, use the Lync Server Control Panel to create or select normalization rules for Redmond.
Rome
Digits to Remov e 1
Name Fabrikam US Operator Fabrikam Italy Operator Miami 4 Digit Internal Redmond 4 Digit Internal Rome 4 Digit Internal
Starting Digits Length 0 Exactly 1
Digits to Add +13055552009
Test 0 to +13055552009
Exactly 1
+390655554005 9 to +390655554005
Exactly 4
+1305555
2001 to +13055552001
Exactly 4
+1425555
3001 to +14255553001
Exactly 4
+39065555
4001 to +390655554001
Rome Local and 0[1-9] National Rome International 2. 00
At Least 8 2
0554395001 +54395001
At Least 4 2
0013055552001 to +13055552001
Remove the Prefix All rule.
Task 4: Create normalization rules for the Redmond location.

1. On MIA-LS1, use the Lync Server Control Panel to create or select normalization rules for Redmond.
6-39
Redmond
Name Fabrikam US Operator Fabrikam Italy Operator Miami 4 Digit Internal Redmond 4 Digit Internal Rome 4 Digit Internal Redmond 7 Digit Local US 10 Digit Starting Digits Length 0 Digits to Remove Digits to Add Test
Exactly 1 1
+13055552009 0 to +13055552009
Exactly 1 1
+39065555400 9 to 5 +390655554005 +1305555 2001 to +13055552001
Exactly 4 0
Exactly 4 0
+1425555
3001 to +14255553001
Exactly 4 0
+39065555
4001 to +390655554001
Exactly 7 0
+1425
5553001 to +14255553001
Exactly 10 1 Exactly 11 At Least 5
+1
4255553001 to +14255553001
US 11 Digit Long Distance US International 2. 3.
14255553001 to +14255553001
011
011390655554001 to +390655554001
Remove the Prefix All rule. Commit all changes.
Results: After this exercise, you should have created new user dial plans for Miami, Redmond and Rome, as well as normalization rules for each dial plan.
Important: After this lab, it is recommended that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, rightclick and then click Snapshot.
6-40
Review Questions
1. 2. 3. Name five or more features that Enterprise Voice and PBXs have in common. Is Lync Server 2010 capable of replacing a PBX? Why or why not? How does media bypass affect Enterprise Voice in Lync Server 2010? What types of calls are eligible for media bypass? Are conference calls eligible for media bypass? What types of PSTN connectivity are possible for Enterprise Voice? Which option doesn't require any additional on-premise hardware? What are the pros and cons of each option?
Common Issues Related to a Particular Technology Area in This Module

Issue Some telephony vendors do not deliver inbound calls with the dial string formatted as E.164 Dial strings do not normalize as expected Users should be prevented from calling toll numbers starting with 900 Troubleshooting tip Work with the telephony vendor to get the dial strings formatted as E.164, or select a new telephony vendor certified by the Microsoft Unified Communications Open Interoperability Program (OIP). Use the Lync Server Control Panel to set up a test case to see what rules are matching and applying formatting. The order of the normalization rules may need to be adjusted. Normalization rules and routes can be configured to reject numbers by including an exclamation mark preceding what should be rejected; e.g., ^(!900)\d+$.

1. Contoso has two offices connected by a private T1 connection. Each office also has a 100-megabit Internet connection. The T1 connection should be preferred for voice traffic for its low latency, but it is only capable of handling 50 percent of the concurrent calls between offices. What service should
6-41
Contoso configure to take advantage of the T1 connection but also allow all calls to be made? How should it be configured? 2. Fabrikam has a branch office with 600 users connected to the central office by a single WAN link. The branch office has a direct connection to the PSTN and a local administrator who has been trained in Lync Server 2010. In the event of WAN link failure, the branch office must maintain the ability to make PSTN calls. What options are available for voice resiliency? Wingtip Toys would like to route certain calls to a group of people and have identified team call, Response Group Services, and Call Park as viable options. What are the advantages and disadvantages of each approach, and which approach might be best for Wingtip Toys?
3.
Best Practices Related to a Particular Technology Area in This Module

Where possible, configure your normalization rules to normalize dial strings to E.164 format. Leverage the Microsoft Unified Communications Open Interoperability Program (OIP) when selecting hardware or telephony partners for Enterprise Voice. Monitor your Enterprise Voice infrastructure with the Quality of Experience Monitoring server.
Tools
Tool The Pre-Call Diagnostics tool Use for Test network quality for voice traffic. The tool tests the connection directly back to the Lync Server 2010infrastructure and provides statistics on packet loss, jitter, and even scores the statistics with a mean opinion score (MOS). Allows Lync Server 2010 administrators to configure and run test cases to verify proper execution of normalization rules, usages, and routes
Lync Server 2010 has a number of Make test calls synthetic transactions, such as TestCsPstnOutboundCall
6-42
Extending Enterprise Voice Functionality
7-1
Module 7
Contents:
Lesson 1: Configuring Enterprise Voice Lesson 2: Introducing Call Park Lesson 3: Introducing the Announcement Service Lab: Implementing Enterprise Voice 7-3 7-9 7-16 7-22
7-2
Module Overview
This module builds upon Module 6, Configuring Basic Enterprise Voice Functionality. In this module, you will learn how to implement a complete voice solution. You will learn about configuring policies, routes, and usage records. You will also learn about implementing the Call Park and unassigned number features.
Objectives
After completing this module, you will be able to: Configure Enterprise Voice functionality. Introduce the Call Park feature into your Enterprise Voice deployment of Lync Server 2010. Introduce the unassigned number feature into your Enterprise Voice deployment of Lync Server 2010.
7-3
Lesson 1
Configuring Enterprise Voice
This lesson covers the processes of configuring Enterprise Voice functionality in Lync Server 2010. In Enterprise Voice, voice policies, Public Switched Telephone Network (PSTN) usage records, and voice routes are integrally related. The recommended workflow for a new Enterprise Voice deployment is to start by configuring a voice policy that includes the appropriate PSTN usage records, and then associate the appropriate routes to each PSTN usage record.
Objectives
After completing this lesson, you will be able to: Configure voice policies. Create PSTN usage records. Configure voice routes.
7-4
Configuring Voice Policies
Voice policies are a set of calling features that control the types of actions that users are allowed to perform. Voice policies are enabled or disabled on a per-user basis.
Calling Features
You can enable or disable the following call features for each voice policy: Call forwarding. Enables users to forward calls to other phones and client devices. Enabled by default. Delegation. Enables users to specify other users to send and receive calls on their behalf. Enabled by default. Call transfer. Enables users to transfer calls to other users. Enabled by default. Call park. Enables users to park calls and then pick up the call from a different phone or client. Disabled by default.
For more information on Call Park, see Lesson 2, Introducing the Call Park Feature. Simultaneous ringing. Enables incoming calls to ring on an additional phone (for example, a mobile phone) or other endpoint devices. Enabled by default. Team call. Enables users on a defined team to answer calls for other members of the team. Enabled by default. PSTN reroute. Enables calls made by users who are assigned this policy to other enterprise users to be rerouted on the PSTN if the wide area network (WAN) is congested or unavailable. Enabled by default. Bandwidth policy override. Enables administrators to override Call Admission Control (CAC) policy decisions for a particular user. Disabled by default. Malicious call tracing. Enables users to report malicious calls by using the Microsoft Lync 2010 client, and then flags such calls in the call detail records (CDRs). Disabled by default.
7-5
Creating a New Voice Policy

To create a new voice policy, you can use the Lync Server Control Panel. On the Voice Policy tab of the Voice Routing page, click New.
In the process of creating a voice policy, you must associate your voice policy with at least one PSTN usage record. For more information on PSTN usage records, see the topic Creating Usage Records.
Considering Voice Policy Scope

When creating voice policies for your Enterprise Voice deployment, remember the following: Your Global voice policy will apply to all Enterprise Voice users who are not explicitly assigned a sitelevel or per-user policy. A Site policy applies to an entire site, except for any users or groups that are assigned to a user policy. You can choose which call features you want to enable for each voice policy. Each voice policy must have at least one associated PSTN usage record. The PSTN usage record name must be unique within the Enterprise Voice deployment. The order of PSTN usage records in the voice policy is significant. For optimum performance, arrange the PSTN usage records by frequency of use, with the most frequent on top. For example: RedmondLocal, RedmondLongDist, RedmondInternational, RedmondBackup.
7-6
Creating PSTN Usage Records
PSTN usage records specify the types of calls (local, long distance, and international) that a user or a group of users are allowed to make. Call routes are also assigned PSTN usage records, which serve to match routes with the users who are authorized to use them. A user can only place calls that use the routes for which they have a matching PSTN usage record.
Creation Process
Creating PSTN usage records consists mainly of listing all the call permissions that are currently in force in your organization, from the CEO to temporary workers, consultants, and contingent staff. This process also provides an opportunity to reexamine and revise existing permissions. You can create PSTN usage records only for those permissions that apply to your anticipated Enterprise Voice users. However, a better long-range solution may be to create PSTN usage records for all permissions, regardless of whether some permissions currently apply to the group of users to be enabled for Enterprise Voice. If permissions change or new users with different permissions are added, you will have already created the required PSTN usage records. When you create a new voice policy in Lync Server Control Panel, you associate and configure PSTN usage records for the voice policy.
7-7
Configuring Routes
Voice routes specify where Lync Server 2010 directs outbound calls placed by Enterprise Voice users. A voice route associates target phone numbers with one or more media gateways or Session Initiation Protocol (SIP) trunks and one or more PSTN usage records. When a user dials a number, Lync 2010 applies the appropriate normalization rules and substitutes the normalized number for the dialed number. The final step in defining that logic is creating a separately named call route for each set of target phone numbers that are listed in each dial plan.
Prerequisites for Configuring Routes

Before you define outbound call routes, you must complete the following steps: 1. 2. 3. Deploy one or more media gateways or SIP trunking connections and Lync Server 2010 Mediation servers. Create dial plans as needed for sites, individuals, and Contact objects. Create PSTN usage records.
For each route, you must specify: A name by which it can be readily identified. An optional description in cases where the name alone may not be sufficient to describe the route. The regular expression that identifies the target phone numbers that the route is capable of handling, along with exceptions to which the matching pattern is not to be applied. The fully qualified domain name (FQDN) of one or more of the gateways that you want to assign to the route. The PSTN usage records that users must have in order to call numbers matching the target phone number regular expression.
7-8
Choosing Least-Cost Routes

The ability to specify the PSTN gateways to which various numbers are routed enables you to determine which routes incur the lowest costs and implement them accordingly. The guideline for selecting gateways is to choose the one closest to the location of the destination number to minimize long distance charges. For example, if you are in New York and calling a number in Rome, you would carry the call over the IP network to the gateway in your Rome office, thereby incurring a charge only for a local call. For an example of how least-cost routing might be used, consider the following example. Fabrikam decides to allow German users to dial U.S. numbers by using the U.S. gateway. Fabrikam also wants to configure the system so that all calls from U.S. Lync Server 2010 users to Germany and adjacent countries terminate on the German gateway. This saves money, because a call from Germany to Austria, for example, is less expensive than a call from the U.S. to Austria.
Configuring Routes
You can specify call routes on the Voice Routing page of the Lync Server Control Panel. These call routes populate the server routing table, which Lync Server 2010 uses to route calls that are destined for the PSTN. Important: Ensure that only one user at a time modifies the Voice Routing configuration settings. Any time you create a voice route, you must run the Commit all command to publish the configuration change. Before you publish pending changes, run the Review uncommitted changes command and cancel any configuration changes that you do not want to publish. All pending changes must be published at the same time. If you navigate away from the Voice Routing page before committing pending changes, all pending changes are lost.
7-9
Lesson 2
Introducing Call Park
Call Park is a call-management feature that enables you to place a call on hold and retrieve it later from another phone. This feature is useful for continuing a call from a different location and for transferring a call when the final recipient is unknown. Calls from any IP, private branch exchange (PBX), PSTN, or mobile phone can be parked. This lesson provides an understanding of the Call Park feature and how to configure it for use.
Objectives
After completing this lesson, you will be able to: Describe the purpose of the Call Park feature. List the components of the Call Park feature. Deploy Call Park.
7-10
Purpose of Call Park
When a user parks a call, Lync Server 2010 transfers the call to a temporary number, known as an orbit, where the call is held until someone retrieves it or it times out. After a call is parked, any Lync 2010 user can dial the orbit number and retrieve the parked call. The Call Park application is automatically installed when you deploy Enterprise Voice.
Clients Supported for the Call Park Feature

You can use the following clients to park calls: Lync 2010 Microsoft Lync 2010 Attendant Microsoft Lync 2010 Phone Edition Note: Only audio calls can be parked. Instant messages and conferences cannot be parked. You can use the following clients to retrieve calls that are parked on Call Park: Lync 2010 Microsoft Office Communicator 2007 R2 Lync 2010 Attendant Microsoft Office Communications Server 2007 R2 Attendant Microsoft Lync 2010 Phone Edition Microsoft Office Communicator 2007 R2 Phone Edition IP common area phones
7-11
Non-IP phones that are connected to the Lync Server 2010 infrastructure, including common area phones and PBX phones
Note: Federated users cannot retrieve parked calls.
7-12
Components of the Call Park Feature
The components required by Call Park are installed and enabled when you deploy Enterprise Voice. The following Lync Server 2010 components support the Call Park application: Application service. The Application service provides a platform for deploying, hosting, and managing Unified Communications (UC) applications, such as the Call Park application. The Application service is automatically installed on every Front End server in an Enterprise pool and on every Standard Edition server. Call Park application. The Call Park application is one of the UC applications that are hosted by the Application service. It is included automatically when you deploy Enterprise Voice. Call Park parks and retrieves calls and manages call park orbits. Music on hold file. If music is enabled, the music file is played while a call is parked. A default music file is included when the Call Park application is installed. File Store. The Call Park application uses File Store to hold custom audio files.
7-13
Deploying Call Park
Before the Call Park feature can be used, you must complete the following steps: 1. 2. 3. 4. 5. Configure the call park orbit ranges in the orbit table. Configure Call Park settings (optional). Configure a voice policy to enable Call Park for users. Verify normalization rules for Call Park. Verify your Call Park deployment.
Configuring the Orbit Table

You need to configure the Call Park orbit table with the ranges of extension numbers that are reserved by your organization for parked calls. These extensions need to be virtual extensions; that is, extensions that have no user or phone assigned to them. Each Lync Server 2010 pool where a Call Park application is deployed and configured can have one or more orbit ranges. Each Call Park orbit range must have a globally unique name and a unique set of extensions across the Lync Server 2010 deployment. An orbit range typically encompasses 100 or fewer orbits. Each range can be much larger, as long as it is smaller than the maximum of 10,000 orbits per range and you have fewer than 50,000 orbits per pool. You can create multiple Call Park orbit ranges for each Lync Server 2010 pool where Call Park is deployed.
Creating a Call Park Orbit Range

You can use the Lync Server Control Panel or Lync Server Management Shell to create a new range of numbers for parking calls. Either way, you must log on to the computer as a member of the Administrators group, the Domain Admins group, and the RTCUniversalServerAdmins group, or as a member of a group that is assigned a delegated administrative role to configure orbit ranges. When choosing the number range for the extensions in your Call Park orbit, the value you enter must be a string that begins with either the character * or #, or a number 1 through 9. The first number cannot be a zero. Subsequent numbers may be any number from 0 through 9, up to seven numbers. If you do not
7-14
choose to require the character * or #, you may have a total of eight numbers, but the first number cannot be zero. Finally, you must enter the FQDN or service ID of the destination server, which is the Application service that hosts the Call Park application.
Configuring Call Park Settings (Optional)

When you install the Call Park application, global settings are configured by default. You can modify the global settings, and you can also specify site-specific settings by using the Lync Server Management Shell. You can specify the following settings: The amount of time that elapses after a call has been parked before it rings back to the phone where the call was answered. The default is 1 minute 30 seconds (1:30). Whether music is played while the call is parked. You can also specify your own music file to use in place of the default music file that is included with Lync Server 2010. The number of times a parked call rings back to the answering phone before it is forwarded to the fallback Uniform Resource Identifier (URI) that is specified. The default is 1. The SIP address of the user or response group to which an unanswered parked call is routed when the maximum call pickup attempts is exceeded. The default is no forwarding address. Note: If you customize music on hold and want the same music for multiple sites, you must configure the music file for each site that runs the Call Park application.
Note: We recommend that you configure the OnTimeoutURI option for the fallback destination to use when a parked call times out and ringback fails.
Using the Lync Server Management Shell

The command to configure Call Park settings in Lync Server Management Shell is as follows.
New-CsCpsConfiguration Identity site:<sitename to apply settings> -CallPickupTimeoutThreshold<hh:mm:ss> -EnableMusicOnHold<$true | $false> -MaxCallPickupAttempts<number of rings> -OnTimeoutURIsip:<sip URI for routing unanswered call>
Configuring Voice Policies

Users cannot park calls or retrieve parked calls until they are enabled for Call Park in voice policy. You can enable Call Park voice policy at the global, site, or user level. User takes precedence over site scope, and site takes precedence over global scope. You can configure voice policy for Call Park by using the Lync Server Control Panel or the Lync Server Management Shell. Either way, you must log on to the computer as a member of the Administrators group, the Domain Admins group, and the RTCUniversalServerAdmins group, or as a member of a group that is assigned a delegated administrative role.
Using Lync Server Management Shell to Set Voice Policy

Use the following command to set voice policy for Call Park in the Lync Server Management Shell.
7-15
Set-CsVoicePolicy Identity <VoicePolicy> EnableCallPark $true
Verifying Normalization Rules

Call Park orbits must not be normalized. Check your dial plans to ensure that your orbit numbers are not normalized. Important: Ensure that the default normalization rule in your dial plans does not contain ^(\d*). Otherwise, your Call Park normalization rule will not execute.
Verify Your Deployment

After you install and configure Call Park, you need to verify the configuration to ensure that parking and retrieving calls works as expected. At a minimum, perform the following: Call a user who has Call Park enabled and have the user park the call. Dial the orbit number to retrieve the call. Park another call, let the parked call time out, and do not pick up the ringback. Verify that the timedout call is correctly routed to the fallback destination that is specified for OnTimeoutURI.
7-16
Lesson 3
Introducing the Announcement Service
This lesson covers the Announcement Service. The Announcement Service is a call management feature that allows you to specify what happens to calls made to unassigned phone numbers. These are numbers that are valid for your organization, but are not currently assigned to a person, phone, or other device. Note: Other telephony systems call the unassigned number feature vacant number routing. Calls to unassigned numbers can be configured to hear a recorded message or be transferred to a different destination. The alternate destination may be a phone number, SIP URI, or voice mail.
Objectives
After completing this lesson, you will be able to: Describe the Announcement Service. Configure announcements. Deploy the unassigned number feature.
7-17
What Is the Announcement Service?
In Lync Server 2010, the Announcement Service is a component of the Response Group application, and is comprised of several components: Application service. Application service provides a platform for deploying, hosting, and managing unified communications managed applications (UCMA). Application service is automatically installed on every Front End server in an Enterprise pool and on every Standard Edition server. Response Group application. The Response Group application is one of the UC applications that are hosted by Application service. The Response Group application is required to route calls made to unassigned phone numbers. Audio files. Audio files are used for the announcements. File Store. The Announcement application uses File Store to store its audio files.
The Announcement Service is automatically installed as a feature of the Response Group application on the Front End server or Standard Edition server when Enterprise Voice is deployed. The Announcement Service answers the unassigned number call and may play an audio message and then either disconnect or transfer the call to another destination, such as to an operator. If you do not configure the unassigned number feature of the Announcement Service, a caller who misdials or calls a number not currently assigned hears a busy tone. A SIP client receives an error message.
7-18
Configuring Announcements
You can use the Lync Server Control Panel or the Lync Server Management Shell to configure the Announcement Service. The process is as follows: 1. 2. Create the announcement by recording and uploading audio files or by using text-to-speech (TTS). Configure the unassigned number ranges in the unassigned number table and associate them with the appropriate announcement.
Creating the Announcement

To create an announcement, perform the following steps: 1. For audio prompts: a. b. Record the audio file by using any audio recording application capable of creating a .WAV file. Import the contents of the audio file to File Store by running the following cmdlet in the Lync Server Management Shell.
Import-CsAnnouncementFile
2.
For a TTS prompt, or no prompt: Run the following cmdlet to create and name the announcement.
New-CsAnnouncement
3.
Assign the new announcement to a number range in the unassigned number table.
Using an Unassigned Number Table

You create the unassigned number table to identify those numbers that you want to flag as unassigned and direct to the Announcement application. The table is invoked when a caller dials a number that is currently not assigned.
7-19
Including all valid extensions in the unassigned number table makes it easy to specify the action that occurs whenever someone leaves your organization, without needing to reconfigure the table. However, if you include only unassigned extensions in the table, you can specify the action that occurs for specific numbers. For example, if you change the extension for your Help desk, you can include the old Help number in the table and assign it to an announcement that provides the new number.
7-20
Creating the Unassigned Number Table
Before you configure the unassigned number table, you must already either have your Announcements defined or have a Microsoft Exchange Unified Messaging (UM) Auto Attendant set up.
Creating the Unassigned Number Table

You create the unassigned number table by using the Lync Server Control Panel. You must log on as a member of the Administrators group, the Domain Admins group, and the RTCUniversalServerAdmins group, or as a member of a group that is assigned a delegated administrative role. To create the unassigned number table: 1. 2. 3. 4. In the Lync Server Control Panel, in the left navigation bar, click Voice Features. On the Unassigned Number page, on the Unassigned Number tab, click New. In the New Unassigned Number Range dialog box, in the Name box, type the name for this range of numbers. In the first Number range box, type the first number in the range of numbers. The value must be less than or equal to the value specified in the second Number range box, which specifies the last number in the range of numbers. Note: The number must match the regular expression (tel:)?(\+)?[1-9]\d{0,17}(;ext=[1-9]\d{0,9})?. This means the number may begin with the string tel: (if you do not specify that string it is automatically added for you), a plus sign (+), and a digit 1 through 9. The phone number can be up to 17 digits and can be followed by an extension in the format ;ext= followed by the extension number. 5. In the second Number range box, type the last number in the range of numbers.
7-21
Note: The value must be greater than or equal to the number specified as the first number in the range. The number must match the regular expression (tel:)?(\+)?[1-9]\d{0,17}(;ext=[1-9]\d{0,9})?. This means the number may begin with the string tel: (if you dont specify that string it will be automatically added for you), a plus sign (+), and a digit 1 through 9. The phone number can be up to 17 digits and may be followed by an extension in the format ;ext= followed by the extension number. 6. In the FQDN of destination server field, do one of the following: -or 7. Click Exchange UM. Click Announcement.
If in the previous step you clicked Announcement, do the following: a. Click Announcement service, click Select, select the service ID of the Application service that runs the Announcement application that will handle incoming calls to this range of unassigned numbers, and then click OK. In the Announcement field, select the announcement that will be played for this range of unassigned numbers.
b. 8. 9.
If in the previous step you clicked Exchange UM, click Auto Attendant phone number, click Select, select the phone number that will be used for this range of unassigned numbers, and then click OK. Click OK.
10. On the Unassigned Number page, ensure that the unassigned number ranges are arranged in the order you want. To change a ranges position in the table, highlight the range in the list, and then click the up or down arrow. Tip: Lync Server 2010 searches the unassigned number table from top to bottom and uses the first range that matches the unassigned number. If you have a range that specifies a last-resort action, ensure that the range is at the end of the list.
7-22
Lab: Implementing Enterprise Voice
Scenario
Building on the current voice implementation of Lync Server 2010, management has decided to configure and enable additional Enterprise Voice features to the company. In this lab, you will configure the Routes and Trunk options, create and configure a call park orbit, and configure the unassigned number feature. After configuring the voice features you will test and verify their setup. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

This lab requires the virtual machines running from the previous lab and depends on the completion of Lab 5 and 6. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
7-23
5.
6.
7.
8.
9.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-INT-CL4.2 is not running: a. b. Right-click 10533A-INT-CL4.2 and click Start. Right-click 10533A-INT-CL4.2 and click Connect.
10. On Host2, in the Virtual Machines list, if the virtual machine 10533A-MIA-LS1.2 is not running: a. b. Right-click 10533A-MIA-LS1.2 and click Start. Right-click 10533A-MIA-LS1.2 and click Connect.
12. On Host2, in the Virtual Machines list, if the virtual machine 10533A-RED-SBS1.2 is not running: a. Right-click 10533A-RED-SBS1.2 and click Start.
7-24
b.
Right-click 10533A-RED-SBS1.2 and click Connect.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings. 19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 23. In the User name box, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window.
7-25
40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start. Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
7-26
7-27
Exercise 1: Configuring Voice Policies and PSTN Usages

In this exercise, you will create various voice policies and PSTN Usages for each site. You will create two user voice policies for each site, one that allows long international calls and one that allows long distance calls. You will then create a site voice policy that is more restricted and will only allow local calls. The steps involved are: 1. 2. 3. Create the Miami voice policies and PSTN usages. Create the Redmond voice policies and PSTN usages. Create the Rome voice policies and PSTN usages.
Task 1: Create the Miami voice policies and PSTN usages.

1. 2. 3. On MIA-LS1, use the Lync Server Control Panel to create a user policy that allows International calls and is called Miami International. Select Enable malicious call tracing. Create the following PSTN Usages: a. b. c. 4. 5. 6. Miami Local Miami Long Distance Miami International
Create a user voice policy for Miami that allows long distance and is called Miami Long Distance. Select Enable malicious call tracing. Select the following PSTN usages: a. b. Miami Local Miami Long Distance
7. 8. 9.
Create a site voice policy for Miami that allows only local calls. Select Enable malicious call tracing. Select the following PSTN usage: a. Miami Local
Task 2: Create the Redmond voice policies and PSTN usages.

1. 2. 3. On MIA-LS1, use the Lync Server Control Panel to create a user policy that allows International calls and is called Redmond International. Select Enable malicious call tracing. Create the following PSTN Usages: a. b. Redmond Local Redmond Long Distance
7-28
c. 4. 5. 6.
Redmond International
Create a user voice policy for Redmond that allows long distance and is called Redmond Long Distance. Select Enable malicious call tracing. Select the following PSTN usages: a. b. Redmond Local Redmond Long Distance
7. 8. 9.
Create a site voice policy for Redmond that allows only local calls. Select Enable malicious call tracing. Select the following PSTN usage: a. Redmond Local
Task 3: Create the Rome voice policies and PSTN usages.

1. 2. 3. On MIA-LS1, use the Lync Server Control Panel to create a user policy that allows International calls and is called Rome International. Select Enable malicious call tracing. Create the following PSTN usages: a. b. c. 4. 5. 6. Rome Local Rome Long Distance Rome International
Create a user voice policy for Rome that allows long distance and is called Rome Long Distance. Select Enable malicious call tracing. Select the following PSTN usages: a. b. Rome Local Rome Long Distance
7. 8. 9.
Create a site voice policy for Rome that allows only local calls. Select Enable malicious call tracing. Select the following PSTN usage: a. Rome Local
Results: After this exercise, you should have created the voice policies and PSTN usages for each site. This included two user voice policies and one site voice policy for each.
7-29
Exercise 2: Configuring Routes and Site Trunks

Scenario
In the two data sites and the branch office, each must route their local calls to their local PSTN gateway, and to reduce calling costs to the other sites when a call is identified as local to that site. In this exercise, you will create various routes, including least-cost routes, for the three sites, and you will also create trunk configurations for each site. The main tasks for this exercise are as follows: 1. 2. 3. 4. 5. 6. Create routes for the Miami site. Create routes for the Redmond site. Create routes for the Rome site. Create a trunk configuration for the Miami site. Create a trunk configuration for the Redmond site. Create a trunk configuration for the Rome site.
Task 1: Create routes for the Miami site.

1. 2. On MIA-LS1, use the Lync Server Control Panel to create routes for the Miami site. Use the following table to create the Miami routes.
Miami Routes
Starting Route Name Digits Miami Local +1305 Match Pattern Associated Gateways ^\+1305 PstnGateway:1.1.1.1 PstnGateway:1.1.1.2 Miami National +1 ^\+1 PstnGateway:1.1.1.1 PstnGateway:1.1.1.2 Miami + ^\+(?!(1)) International Exceptions: +1 US to Rome LCR US to Italy LCR +3906 ^\+3906 PstnGateway:1.1.1.1 PstnGateway:1.1.1.2 PstnGateway:1.1.1.3 PstnGateway:1.1.1.1 +390 ^\+390 PstnGateway:1.1.1.3 PstnGateway:1.1.1.1 Redmond Local Miami Local Rome Long Distance Miami International Associated PSTN Usage Miami Local Redmond Local Miami Long Distance
Task 2: Create routes for the Redmond site.

1. 2. On MIA-LS1, use the Lync Server Control Panel to create routes for the Redmond site. Use the following table to create the Redmond routes.
7-30
Redmond Routes
Starting Route Name Digits Redmond Local Redmond National +1425 Match Pattern Associated Gateways ^\+1425 PstnGateway:1.1.1.2 PstnGateway:1.1.1.1 +1 ^\+1 PstnGateway:1.1.1.2 PstnGateway:1.1.1.1 Redmond + ^\+(?!(1)) International Exceptions: +1 PstnGateway:1.1.1.2 PstnGateway:1.1.1.1 Redmond International Associated PSTN Usage Redmond Local Miami Local Redmond Long Distance
Task 3: Create routes for the Rome site.

1. 2. On MIA-LS1, use the Lync Server Control Panel to create routes for the Rome site. Use the following table to create the Rome routes.
Rome Routes
Starting Route Name Digits Rome Local +3906 Match Pattern Associated Gateways ^\+3906 PstnGateway:1.1.1.3 PstnGateway:1.1.1.1 Rome National +390 ^\+390 PstnGateway:1.1.1.3 PstnGateway:1.1.1.1 Rome + ^\+(?!(390)) International Exceptions: +390 Rome to Redmond LCR Rome to Miami LCR Rome to US LCR +1425 ^\+1425 PstnGateway:1.1.1.3 PstnGateway:1.1.1.1 PstnGateway:1.1.1.2 PstnGateway:1.1.1.1 +1305 ^\+1305 PstnGateway:1.1.1.1 PstnGateway:1.1.1.2 +1 ^\+1 PstnGateway:1.1.1.1 PstnGateway:1.1.1.2 Rome Long Distance Rome Local Rome Local Rome International Rome Long Distance Associated PSTN Usage Rome Local
Task 4: Create a trunk configuration for the Miami site.

1. 2. 3. On MIA-LS1, use the Lync Server Control Panel to create a trunk configuration for the Miami site. Set the Encryption support level to Optional. Clear Enable refer support.
7-31
4.
Use the following table to create two translation rules.
Miami
Name US PSTN Rome PSTN Starting Digits +1 +39 Length Exactly 12 Exactly 13 Digits to Remove 1 1 Match Pattern ^\+(1\d{10})$ ^\+(39\d{10})$
Task 5: Create a trunk configuration for the Redmond site.

1. 2. 3. 4. On MIA-LS1, use the Lync Server Control Panel to create a trunk configuration for the Redmond site. Set the Encryption support level to Optional. Clear Enable refer support. Select the U.S. PSTN and Rome PSTN translation rules you created earlier.
Task 6: Create a trunk configuration for the Rome site.

1. 2. 3. 4. 5. On MIA-LS1, use the Lync Server Control Panel to create a trunk configuration for the Rome site. Set the Encryption support level to Optional. Clear Enable refer support. Select the U.S. PSTN and Rome PSTN translation rules you created earlier. Commit all changes.
Results: After this exercise, you should have created trunk configurations for each site and two translation rules for each.
7-32
Exercise 3: Configuring Call Park

Scenario
In this exercise, you will configure Call Park. You will first configure a Call Park Orbit that starts at *500 and ends at *599 for Miami, and *600 and *699 for Rome. Then, you will enable Call Park on the various voice policies. The main tasks for this exercise are as follows: 1. 2. 3. Configure a Call Park Orbit for Miami. Configure a Call Park Orbit for Rome. Configure Music on Hold and enable Call Park.
Task 1: Configure a Call Park Orbit for Miami.

1. 2. 3. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create a Miami Orbit number range for Miami. Set the range to start at *500 and end at *599. Select mia-ls1.fabrikam.com.
Task 2: Configure a Call Park Orbit for Rome.

1. 2. 3. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create a Rome Orbit number range for Rome. Set the range to start at *600 and end at *699. Select rom-ls2.fabrikam.com.
Task 3: Configure Music on Hold and enable Call Park.

1. 2. On MIA-LS1, use the Lync Server Management Shell to enable music on hold. Use the Lync Server Management Shell to enable Call Park for all of the voice policies.
Results: After this exercise, you should have created two call park orbits, enabled music on hold, and enabled Call Park for all of the voice policies.
7-33
Exercise 4: Configuring the Unassigned Numbers Feature

Scenario
In this exercise, you will configure the unassigned numbers feature of Lync Server 2010. You will create three announcements, one for Miami and Rome, and another for the executive number range that transfers the call to the operator. You will then configure unassigned numbers for the three sites, including one that is specific to the executive number range. The main tasks for this exercise are as follows: 1. 2. 3. 4. Configure the Announcement service for Miami and Rome. Create an Unassigned Number range for Miami. Create an Unassigned Number range for Redmond. Create an Unassigned Number range for Rome.
Task 1: Configure the Announcement service for Miami and Rome.

1. On MIA-LS1, use the Lync Server Management Shell to create an unassigned number announcement for the mia-ls1.fabrikam.com pool. Use the following information for the announcement. Field Name Identity Language TextToSpeechPrompt Value English Unassigned Number Announcement service:ApplicationServer:mia-ls1.fabrikam.com en-US The number you called is currently out of service. Check the number and try your call again.
2.
Use the Lync Server Management Shell to create an unassigned number announcement for the romls2.fabrikam.com pool. Use the following information for the announcement. Field Name Identity Language TextToSpeechPrompt Value Italian Unassigned Number Announcement service:ApplicationServer:rom-ls2.fabrikam.com It-IT Il numerochiamato e attualmentefuoriservizio. Controllareilnumero e provare di nuovo la chiamata.
3.
Use use the Lync Server Management Shell to create an unassigned number announcement for the executive number range. Use the following information for the announcement. Field Name Identity Language Value Executive Unassigned Number Announcement service:ApplicationServer:mia-ls1.fabrikam.com en-US
7-34
Field TextToSpeechPrompt
Value This persons phone number has changed. You will now be transferred to the operator. sip:+13055552009@fabrikam.com;user=phone
TargetURI
Task 2: Create an Unassigned Number range for Miami.

1. On MIA-LS1, use the Lync Server Management Shell or the Lync Server Control Panel to create an unassigned number range for Miami Internal Numbers. Use the following information. Field Name Number Range Start Number Range End Announcement Service FQDN of destination server Announcement 2. Value Miami Internal Numbers tel:+13055552000 tel:+13055552099 Announcement ApplicationServer:mia-ls1.fabrikam.com English Unassigned Number Announcement
Use the Lync Server Management Shell or the Lync Server Control Panel to create an unassigned number range for Miami Executives. Use the following information. Field Name Number Range Start Number Range End Announcement Service FQDN of destination server Announcement Value Executive Numbers tel:+13055552100 tel:+13055552199 Announcement ApplicationServer:mia-ls1.fabrikam.com Executive Unassigned Number Announcement
Task 3: Create an Unassigned Number range for Redmond.

1. On MIA-LS1, use the Lync Server Management Shell or the Lync Server Control Panel to create an unassigned number range for Redmond Internal Numbers. Use the following information.
7-35
Field Name Number Range Start Number Range End Announcement Service FQDN of destination server Announcement
Value Redmond Internal Numbers tel:+14255553000 tel:+14255553099 Announcement ApplicationServer:mia-ls1.fabrikam.com English Unassigned Number Announcement
Task 4: Create an Unassigned Number range for Rome.

1. On MIA-LS1, use the Lync Server Management Shell or the Lync Server Control Panel to create an unassigned number range for Rome Internal Numbers. Use the following information. Field Name Number Range Start Number Range End Announcement Service FQDN of destination server Announcement 2. Commit all changes. Value Rome Internal Numbers tel:+390655554000 tel:+390655554099 Announcement ApplicationServer:rom-ls2.fabrikam.com Italian Unassigned Number Announcement
Results: After this exercise, you should have configured the unassigned numbers feature of Lync Server 2010, which includes various announcements and unassigned number ranges.
7-36
Exercise 5: Configuring Users for Enterprise Voice

Scenario
In this exercise, you will configure users for Enterprise Voice. You will enable them for Enterprise Voice, and then configure a line URI and voice policy. The main tasks for this exercise are as follows: 1. 2. 3. Configure users in Miami for Enterprise Voice. Configure users in Redmond for Enterprise Voice. Configure users in Rome for Enterprise Voice.
Task 1: Configure users in Miami for Enterprise Voice.

1. On Mia-LS1, use the Lync Server Control Panel or Lync Server Management Shell to configure users in the Miami site. Telephony Enterprise Voice Enterprise Voice Enterprise Voice Enterprise Voice Enterprise Voice Enterprise Voice Enterprise Voice Line URI tel:+13055552100 tel:+13055552002 tel:+13055552003 tel:+13055552004 tel:+13055552005 tel:+13055552008 tel:+13055552009 Voice Policy Miami International Miami Long Distance Miami Long Distance Miami International Miami International Miami International Miami International
User Scott MacDonald Andreas Herbinger Conor Cunningham Anna Lidman EbruErsan Patricia Doyle Paul West
Task 2: Configure users in Redmond for Enterprise Voice.

1. On Mia-LS1, use the Lync Server Control Panel or Lync Server Management Shell to configure users in the Redmond site. Telephony Line URI Voice Policy Redmond International Redmond Long Distance Redmond Long Distance Redmond International
User Jason Carlson TzipiButnaru Franz Kohl Shu Ito
Enterprise Voice tel:+14255553001 Enterprise Voice tel:+14255553002 Enterprise Voice tel:+14255553003 Enterprise Voice tel:+14255553004
Task 3: Configure users in Rome for Enterprise Voice.

1. On Mia-LS1, use the Lync Server Control Panel or Lync Server Management Shell to configure users in the Rome site.
7-37
User Marcel Truempy
Telephony Enterprise Voice
Line URI tel:+390655554001 tel:+390655554002 tel:+390655554003 tel:+390655554005 tel:+390655554009
Voice Policy Rome International Rome Long Distance Rome Long Distance Rome International Rome Long Distance
Luca Dellamore Enterprise Voice Shane DeSeranno NunoFarinha Axel Delgado Enterprise Voice Enterprise Voice Enterprise Voice
Results: After this exercise, you should have configured various users for Enterprise Voice in the three sites. You should have also configured a line URI and assigned a voice policy.
7-38
Exercise 6: Testing and Verifying Enterprise Voice Functionality

Scenario
In this exercise, you will test the Enterprise Voice topology you just configured. You will make a series of calls that demonstrate the behavior of number normalization, PSTN routing, application of policies, Call Park features, etc. The PBX Emulator is installed on MIA-CL1 and will need to be started. When a call is successfully routed to the PBX Emulator, you will see the dialed number and other call information scroll through the command window on MIA-CL1, and the caller will hear the Windows log off .WAV file played repeatedly. The main tasks for this exercise are as follows: 1. 2. 3. Sign in to Lync 2010 and test number normalization. Test Lync 2010 calling and outbound PSTN calling. Test Call Park and Unassigned Numbers.
Task 1: Sign in to Lync 2010 and test number normalization.

1. On Mia-CL1, double-click the Start PBX Emulator shortcut on the desktop. A Command window will open and remain open. 2. 3. 4. 5. 6. On Mia-CL1, sign in to Lync 2010 as Tzipi and test phone number normalization for Redmond users. On Mia-CL1, log off as Tzipi and log back on as Andreas. Sign in to Lync 2010 as Andreas and test phone number normalization for Miami users. On Rom-CL3, log on as Marcel. Sign in to Lync 2010 as Marcel and test phone number normalization for Rome users.
Task 2: Test Lync 2010 calling and outbound PSTN calling.

1. 2. 3. 4. 5. 6. 7. On Mia-CL1 logged on as Andreas, call Marcel on Rom-CL3. On Rom-CL3 logged on as Marcel, answer the call to verify Lync 2010 calling between sites. On Rom-CL3, call Andreas. On Rom-CL3, call 0055551212 and verify that it is routed to the PBX emulator. Wait to hear the Windows audio file that shows the call being successfully routed to the PBX emulator. On MIA-CL1, call 2065551212 and verify that it is routed to the PBX emulator. Wait to hear the Windows audio file that shows the call being successfully routed to the PBX emulator. NOTE: If the call does not go through, restart the Lync Server Mediation service on MIA-LS1 and retry.
Task 3: Test Call Park and Unassigned Numbers.

1. 2. 3. On Mia-CL1 logged on as Andreas, call Marcel on Rom-CL3. On Rom-CL3 logged on as Marcel, answer the call, and then park the call. On RED-CL2, log on to Lync 2010 as Paul.
7-39
4.
On MIA-CL1, test the Miami, Redmond, Rome, and Executive unassigned number announcements. Results: After this exercise, you should have tested the Enterprise Voice configuration you have configured over the last two labs. You should have verified number normalization, policy application, call routing internally and outbound to the PSTN. You also tested the new Call Park and Unassigned Number features by parking calls and calling unassigned numbers and hearing the configured announcements.
Important: After this lab, we recommend that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, right-click, and then click Snapshot.
7-40
Review Questions
1. 2. 3. How do normalization rules, PSTN usages, and routes work together to determine whether a user can make a call and where that call will be sent? What clients are capable of parking calls? What clients are capable of retrieving parked calls? To what destinations can the announcement service transfer a call?
Common Issues
Issue An undesirable route is selected when some users dial a given phone number. Troubleshooting tip Use the Lync Server Control Panel to set up a test case to see which usage and route are selected. The order of usages and routes might need to be adjusted, or a usage might need to be associated with a user or route.
Users need to be able to answer Enable simultaneous ringing on the users policy and configure their calls on their mobile phone or simultaneous ring for the user to also call the mobile phone. Lync 2010 client. Call Park has been configured with a valid orbit containing 100 numbers, but users are unable to park calls. When a call is received from the PSTN, a fast busy signal is played back to the caller. Ensure that the normalization rules do not contain a match for the orbitin the case of a match for both Call Park orbit and normalization rule, the normalization rule wins. Ensure that the announcement service is properly configured and that the number in question is in the unassigned number table.
7-41

1. Contoso is a sales organization that has high turnover. Calls to salespeople who have left the company should be routed to a dedicated Response Group. All other calls should be routed to the Microsoft Exchange Auto Attendant. How can Contoso configure Lync Server 2010 in this manner? Fabrikam utilizes the Call Park service heavily, but is sometimes unable to answer parked calls promptly. Given an expected average wait time of 5 minutes, what should you do to ensure that parked calls that cannot be picked up within that time period are able to leave a message? How would you make those changes? Wingtip Toys has offices in the United States, France, and China. A route capable of calling nationally exists in each location. Callers in France should be able to call any number in any of the three nations. Callers in the United States and China should only be able to call their respective countries. How many phone usages are necessary to achieve this goal, and what are they?
2.
3.
Best Practices
Supplement or modify the following best practices for your own work situations: 1. 2. 3. Model usages according to permissionsfor instance, if some callers are only allowed to call local numbers, you need a Local usage. Leverage the Announcement Service to route calls to unassigned numbers to a valid destination. Configure Call Park with an OnTimeoutUri to provide a better experience for parked calls.
7-42
Microsoft Exchange Server 2010 SP1Unified Messaging Integration
8-1
Module 8
Contents:
Lesson 1: Overview of Exchange Server 2010 SP1 Unified Messaging Lesson 2: Prerequisites for Integrating Exchange Server 2010 SP1 UM with Lync Server 2010 Lesson 3: Integrating Exchange Server 2010 SP1 UM with Lync Server 2010 Lab: Integrating Exchange Server 2010 SP1 Unified Messaging Integration with Lync Server 2010 8-25 8-16 8-8 8-3
8-2
Module Overview
Integrating Microsoft Exchange Server 2010 Service Pack 1 (SP1) Unified Messaging (UM) and Microsoft Lync Server 2010 requires careful planning and a clear understanding of the technologies involved, the features you want to enable, and important configuration details that you must be aware of to successfully complete your deployment. In this module, you will learn about the prerequisites for integrating Exchange Server 2010 UM with Lync Server 2010, such as the permissions required to configure UM and how to configure UM on Exchange Server 2010 SP1. You will also learn about UM dial plan requirements and how to create and configure a UM dial plan. The module then prepares you to use the tools and services needed to integrateExchange Server 2010 UM withLync Server 2010. Finally, you will learn how to enable a user for UM integration with Lync Server 2010.
Objectives
After completing this module, you will be able to: Discuss Exchange Server 2010 SP1 Unified Messaging. Perform the tasks necessary to prepare for the integration of Exchange Server 2010 SP1UM with Lync Server 2010. IntegrateExchange Server 2010 SP1UM with Lync Server 2010.
8-3
Lesson 1
Overview of Exchange Server 2010 SP1 Unified Messaging
This lesson provides you with an overview of Exchange Server 2010 SP1 Unified Messaging. You will learn how the features of UM integrate with Lync Server 2010 to create a more complete solution. After completing this lesson, you will be able to: Describe Exchange Server 2010 SP1 Unified Messaging. Explain the benefits of integrating Exchange UM with Lync Server 2010.
8-4
What Is Unified Messaging?
Exchange Server 2010 Unified Messaging (UM) combines voice messaging, fax messaging, and email messaging into one store, accessible from many different devices. UM integrates Microsoft Exchange with telephony networks so that users can access their messages using Outlook Voice Access, from any telephone, from a mobile phone, or from the computer.
Single Messaging Infrastructure

Exchange Server 2010 SP1UM combines voice messaging and email messaging into a single messaging infrastructure.
Single Mailbox
UM puts all email and voice messages into one Exchange Server 2010 mailbox that can be accessed from many different devices.
Voice Mail
UM voice mail features include the ability to answer an incoming call on behalf of a user, play a personal greeting, record a message, and submit it for delivery to the users Inbox as an email message. Notification of unanswered calls is sent to the users Microsoft Office Outlook and Outlook Web Access inboxes. The subject and priority of calls can be displayed in a way that resembles the way they are displayed for email.
Subscriber Access
A subscriber is an internal business user or network user who is enabled for Exchange Server 2010 SP1UM. Subscriber access is used by users to access their individual mailboxes in order to retrieve email, voice messages, contacts, and calendaring information. Outlook Voice Access is the new Exchange Server 2010 SP1UM feature that lets subscribers access their Exchange Server 2010 SP1 mailbox. Subscriber access enables an Enterprise Voice user to access voice mail, calendar, and contacts from a telephony interface. A subscriber access number is configured by the Exchange administrator on a UM dial plan.
8-5
Auto Attendant
In telephony or UM environments, an automated attendant or auto attendant menu system transfers callers to the extension of a user or department without the intervention of a receptionist or an operator. In many auto attendant systems, a receptionist or operator can be reached by pressing or saying zero. The automated attendant is a feature in most modern Private Branch Exchanges (PBXs) and UM solutions.
8-6
Benefits of Integrating with Lync Server 2010
The UM component of Exchange Server 2010 SP1 provides voice mail functionality for Lync Server 2010. Voice mail messages to Lync Server 2010 users are delivered to the recipients Outlook inbox. After UM servers are deployed on a network, users can access their messages using Outlook Voice Access, from Lync 2010, from any telephone, from a mobile phone, or from the computer. Meeting tools are integrated into Outlook 2010 to enable organizers to schedule a meeting or start an impromptu conference with a single click and make it just as easy for attendees to join.
Voicemail, Email, and IM Benefits

When Lync Server 2010 and Lync 2010 clients are integrated with the UM capability in Exchange Server 2010 SP1: Users can see if they have new voice mail either from the main Lync 2010 window or by looking at the icon in the notification area at the bottom of the screen. Users can click the Play button on the voice message to hear the audio portion of messages, or use Exchange Server 2010 SP1 to open the message in Outlook 2010 and view the transcript. Lync Server 2010 can divert calls to Exchange UM, dynamically or on a static basis, as well as allow users to connect to the UM service to change their greetings or access other voice functionality. Lync Server 2010 presence features encourage instant communication when possible, but also provide information about whether a user is in a meeting or out of the office, indicating that instant communication is not possible.
Message Waiting Indicator

Message Waiting Indicator is an Exchange UM feature that notifies a user that they have a new voice mail message. With Lync 2010, you no longer need to switch to Outlook to manage your voice mail. You donot even need Outlook on your computer, because Lync 2010 will instead use Exchange Web Services (EWS). Lync 2010 can manage the read/unread state as you listen to the voice mail. Voice mail can be played back from within Lync 2010. You can also reply directly to the voice mail from within Lync 2010.
8-7
Unified Contacts
In environments that integrate Lync Server 2010 with Exchange Server 2010 SP1UM, Exchange Server maintains a single unified contact store for contacts across Lync 2010, the Outlook 2010 messaging and collaboration client, and other endpoints, eliminating the need to maintain multiple contact lists, and provides a consistent experience across programs. All contact identities between Lync Server 2010, Exchange Server 2010, and other endpoints are shared and remain one identity, with Exchange Server acting as the single contact store. Users may also rename contacts or add other details to their contacts cards for additional context or personal reference.
Unified Conferencing
Lync 2010 integrates with Outlook to make scheduling, joining, and facilitating meetings easier. Lync 2010 is the only client needed for all types of meetings, both scheduled and spontaneous. Outlook 2010 calendar integration also reflects Lync 2010 presence settings; for example: In a Meeting. The contacts Outlook calendar shows that the contact has a scheduled meeting. Out of Office.The contacts Outlook calendar or Out of Office Assistant indicates that he or she is out of the office.
8-8
Lesson 2
Prerequisites for Integrating Exchange Server 2010 SP1 UM with Lync Server 2010
This lesson discusses the prerequisites necessary for integrating Exchange Server 2010 SP1 UM with Lync Server 2010. After completing this lesson, you will be able to: Describe the changes implemented in Exchange Server 2010 SP1that are specific to UM. Explain the permissions required to configure Exchange UM. Describe the Exchange UM dial plan requirements for Lync Server 2010. Create and configure a UM dial plan.
8-9
Exchange Server 2010 SP1 Changes Supporting UM
The UM server role has been improved in Exchange Server 2010 SP1,with new features added. This section describes the differences between Exchange Server 2010 RTM and Exchange Server 2010 SP1UM and some of the new changes to Exchange Server 2010 SP1 UM.
Exchange Control Panel Improvements

Two Exchange Server 2010 SP1 Control Panel improvements include the UM Management user interface (UI) and the UM reporting features. UM Management UI addition. The UM Management UI in the Exchange Control Panel makes it possible to manage all UM components in a web browser. Using the UM Management UI,you can create UM dial plans, UM mailbox policies, UM IP gateways, and UM auto attendants, and enable users for UM. UM reporting feature additions. The UM reporting features added in Exchange Server 2010 SP1 include call summaries and statistics and call details for UM-enabled users. These reports are displayed in the Exchange Control Panel.
UM Dial Plan Improvements

Exchange Server 2010 SP1 includes the UM Dial Plan Wizard and the ability to create a secondary UM dial plan. UM Dial Plan Wizard and Set-UMServer addition. When deployingUM in Exchange Server 2010 RTM, you had to add or associate a UM server with a UM dial plan after you created the dial plan. In SP1, you can add or associate a UM server with a UM dial plan when you create a UM dial plan. An additional page has been added to the New UM Dial Plan wizard that lets you add a UM server to the dial plan. Secondary UM dial plan addition. In Exchange Server 2010 SP1, you can add a secondary UM dial plan for a UM-enabled user. Secondary dial plans allow administrators to assign two extension numbers to a UM-enabled user.
8-10
Deployment and Migration Improvements

Exchange Server 2010 SP1 fully supports Lync Server 2010 deployment and migration. Lync Server 2010 deployment support. You must deploy Lync Server 2010 if you are deploying UM in a cross-premises environment. UM is fully supported and functional with Lync Server 2010, including Message Waiting Indicator notifications. Lync Server 2010 migration support.If you are deploying or migrating from Microsoft Exchange Server 2007 to Exchange Server 2010 and your Exchange deployment is integrated with Lync Server 2010, Exchange Server 2010 SP1 includes support for migration of Session Initiation Protocol (SIP)Uniform Resource Identifier (URI) dial plans (SIP URI dial plans) that are used with Microsoft Office Communications Server 2007 and Office Communications Server 2007 R2. Also, in Exchange Server 2010 SP1, it is no longer required that you have anOffice Communications Server location profile that has the same name as the phone context property of the SIP URI dial plan. Important: Do not include spaces in the dial plan name or it will not perform properly.
Communication Improvements
Exchange Server 2010 SP1 provides language support, Call Answering improvements, and Caller Name Display enhancements. New UM Language Pack additions.UM language packs make it possible for the Exchange Server 2010 UM server to speak additional languages to callers and recognize languages other than U.S. English (en-US) when callers use Automatic Speech Recognition (ASR) or when voice messages are transcribed. Call Answering Rules improvements. Using Call Answering Rules, end users can control how their incoming calls should be handled. Call Answering Rules are applied to incoming calls much as Inbox rules are applied to incoming email messages. Caller Name Display enhancements. Caller ID resolution has been enhanced in Exchange Server 2010 SP1. Names can now be displayed for voice messages from unresolved numbers using Caller Name Display. With Caller Name Display, IP gateways or IP PBXs pass caller name information as part of the SIP FROM header. Unified Communications Managed API addition. Beginning with Exchange Server 2010 SP1, the UM server relies on Unified Communications Managed application programming interface (API) v. 2.0 (UCMA) for its underlying SIP signaling and speech processing. This dependency requires that the UCMA platform and prerequisites be installed on the UM server before Exchange Server 2010 UM SP1 installation or upgrade.
8-11
Permissions Required to Configure Exchange Server 2010 UM
The permissions required to perform tasks on the UM server role vary depending on the procedure being performed or the cmdlet you want to run. To determinethe permissions that are requiredto perform a task or run a cmdlet, do the following: 1. 2. Find the feature that is most closely related to the procedure you want to perform or the cmdlet you want to run. Find the permissions required for the feature. You must be assigned one of the features role groups, an equivalent custom role group, or an equivalent management role. You can also click on a role group to see its management roles. If a feature lists more than one role group, you need to be assigned to only one of the role groups to use the feature. Run the Get-ManagementRoleAssignmentcmdlet to look at the role groups or management roles assigned to you to see if you have the permissions that are necessary to manage the feature. Note: You must be assigned the Role Management role to run the GetManagementRoleAssignment cmdlet.
3.
Permissions Required for UM Components and Features

Nearly all of the UM components and features require Organization Management and UM Management permissions. These include: UM auto attendants UM call data and summary reports UM dial plans UM hunt groups UM IP gateways
8-12
UM mailbox policies UM mailboxes UM prompts UM server
Note: The UM server component requires Organization Management and Server Management permissions.
8-13
Exchange Server 2010 UM Dial Plan Requirements
A dial plan is a set of phone number normalization rules that translate phone numbers dialed from a specific location to a single standard (E.164) format for purposes of phone authorization and call routing. Note:PreExchange Server 2010 SP1, a user can be a member of only one UM dial plan. You can also use a UM dial plan to establish a common set of policies for a group of users. For example, you can enable different languages for different UM dial plans, or you can enable different features for different UM dial plans.
Integrating a Telephony Network with Exchange UM

When you integrate a telephony network with Exchange Server 2010UM, there must be a hardware device known as an IP gateway that connects your telephony network to your IP-based network. IP gateways convert circuit-switched protocols found in a telephony network to a data-switched protocol such as IP. Each IP gateway in your organization is represented by a UM IP gateway object in Active Directory Domain Services (AD DS). Note:Lync Server 2010 can function as an IP gateway.
Associating UM Servers with Dial Plans

Exchange Server 2010UM requires that you create at least one UM dial plan and that the UM dial plan has a UM server and a UM IP gateway associated with it. After you install the UM server role on an Exchange Server 2010 computer, you must associate the UM server with at least one UM dial plan before it will answer calls. You can also associate a single UM server with multiple UM dial plans. After the UM server is associated with a UM dial plan, you must create a UM IP gateway and associate it with the UM dial plan that was created.
8-14
Important: Each time you create a UM dial plan, a UM mailbox policy will also be created. The UM mailbox policy will be named <Dial Plan Name> Default Policy.
Creating the UM IP Gateway

When you create the first UM IP gateway and specify a UM dial plan at the time you create it, a default UM hunt group is also created. Creating and associating these objects in AD DS enables the UM server to receive calls from the IP gateway and then process incoming calls for users who are associated with the UM dial plan. When a call comes in to the IP gateway, it forwards the call to a UM server, and the UM server tries to match the extension number of the user to the associated UM dial plan.
8-15
Creating and Configuring a UM Dial Plan
A UM dial plan is created using an organization-wide scope and contains configuration information related to your telephony network. A UM dial plan establishes a link from the telephone extension number of an Exchange Server 2010 recipient in Active Directory to a UM-enabled mailbox. When you create a UM dial plan, you can configure the number of digits in the extension numbers, the URI type, and the Voice over Internet Protocol (VoIP) security setting for the dial plan. Each time that you create a UM dial plan, a UM mailbox policy is also created. The UM mailbox policy is named <DialPlanName> Default Policy.
Creating a UM Dial Plan

You can create a UM Dial Plan by using the Exchange Management Consoles New UM Dial Plan Wizard, or by using the Exchange Management Shell.
Configuring the Dial Plan

After you create a UM dial plan, you can view and configure a variety of settings. For example, you can configure the level of VoIP security, the audio codec, and dialing restrictions. The settings that you configure on the UM dial plan affect all users who are associated with the dial plan through a UM mailbox policy.
8-16
Lesson 3
Integrating Exchange Server 2010 SP1 UM with Lync Server 2010
This lesson provides an overview of the key tools used for integrating Exchange Server 2010 UM with Lync Server 2010 and then describes the steps for performing this process. This lesson also explains how to enable a user for UM integration with Lync Server 2010. After completing this lesson, you will be able to: Describe the tools for integrating Exchange Server 2010UM with Lync Server 2010. Integrate Exchange Server 2010 SP1UM with Lync Server 2010. Explain how to route a users voice mail calls to hosted Exchange Server 2010UM.
8-17
Tools for Integrating Exchange Server SP1 UM with Lync Server 2010
The primary tools for integrating Exchange Server 2010 SP1voice mail features with Lync Server 2010 are the Exchange UM Integration Utility (OcsUmUtil.exe) and the ExchUCUtil tool (ExchUCUtil.ps1). This section describes these tools.
Exchange UM Integration Utility

The Exchange UM Integration Utility is a command-line tool that you can use to integrate Lync Server 2010 and Exchange UM to enable Enterprise Voice messaging. It allows you to create contact objects in Active Directory that Lync Server 2010 uses to link to the Exchange UM AutoAttendant and Subscriber Access numbers. The Exchange UM Integration Utility has two functions: It creates contact objects for all defined Exchange UM subscriber access and autoattendants. These objects are needed to route incoming subscriber access and autoattendant calls to Exchange UM. It verifies that the Exchange UM SIP dial plan names match the corresponding Lync Server 2010 dial plans. This functionality is needed to enable the routing of outgoing calls from Exchange UM to Lync Server 2010 and to ensure that the correct number normalization is performed. The tool does not correct any mismatches; it only displays them.
Use the Exchange UM Integration Utility in the following situations: When initially configuring integration between Lync Server 2010 and Exchange UM. UM configuration needs to be completed before you run this tool. When new Exchange UM dial plans are installed for Lync Server 2010, or when additional subscriber access and autoattendants are added to an existing Lync Server 2010related dial plan. Troubleshooting inbound routing from Lync Server 2010 to Exchange UM subscriber access and autoattendant numbers.
8-18
Troubleshooting outbound routing from Exchange UM to Lync Server 2010 for features such as Play on Phone and Call Back.
ExchUCUtil Tool
The ExchUCUtil tool (ExchUCUtil.ps1) is a script that has two functions: It grants Lync Server 2010 permission to read Exchange UM AD DS objects specifically Exchange UM attributes so that it can create contact objects for each autoattendant and subscriber access. It creates a UMIP gateway object for each Lync Server 2010 pool, and associates the gateways to the UM SIP dial plans that are defined for Lync Server 2010.
You can run the tool when you initially configure Exchange UM for use with Lync Server 2010, and again after the Exchange UM SIP dial plans are created for Lync Server 2010. You must run the tool again in the following situations: When a new UM SIP dial plan is created for Lync Server 2010. When a new Lync Server 2010 server is deployed.
8-19
Integrating Exchange Server 2010 SP1 UM with Lync Server 2010
If you want to integrate Exchange UM with Lync Server 2010, you must perform the tasks described in this section. This topic assumes that you have deployed Lync Server 2010 with a collocated Mediation server and that you have enabled users for Lync Server 2010, but that you have not necessarily performed all deployment and configuration steps to enable Enterprise Voice.
Step 1: Deploy Microsoft Exchange Server 2010 SP1

Install the following Exchange Server roles in either the same forest or a different forest as Lync Server 2010: UM Hub Transport Client Access Mailbox Caution: If Lync Server 2010 and Exchange UM are installed in different forests, configure each Exchange forest to trust the Lync Server 2010 forest. To perform this task, you must have Enterprise Administrators permissions (if this is the first Exchange server in the organization) or Exchange Organization Administrator (if this is not the first Exchange server in the organization). For more information, see Exchange Server 2010 or higher deployment documentation at http://go.microsoft.com/fwlink/?LinkId=201158.
Step 2: Create and Configure a New Exchange UM SIP Dial Plan

On the Exchange UM server, create a SIP dial plan based on your organizations specific deployment requirements, and then associate the UM servers and users with the appropriate SIP dial plan.
8-20
To perform this task, you must have Exchange Organization Administrator permissions.
Step 3: Install Certificates

Download and install certificates for each Exchange UM server from a trusted root certificate authority (CA). The certificates are required for mutual TLS (MTLS) between the servers running Exchange UM and Lync Server 2010. To perform this task, you must have Administrators permissions.
Step 4: Configure Security Settings for the Exchange UM SIP Dial Plan
To encrypt Enterprise Voice traffic, configure the security settings on the Exchange UM SIP dial plan as SIP Secured or Secured. This is an especially important step if you have deployed or plan to deploy Lync 2010 Phone Edition devices in your environment. For Lync 2010 Phone Edition devices to function in an environment with Exchange UM integration, Lync Server 2010 encryption settings must align with the Exchange UM dial plan security settings. To perform this task, you must have Exchange Organization Administrator permissions.
Step 5: Add UM Servers to the Exchange UM SIP Dial Plan

To enable a newly installed UM server to answer and process incoming calls, you must add the UM server to a UM dial plan. In this case, add the server to the Exchange UM SIP dial plan. To perform this task, you must have Administrators and Exchange Server Administrators permissions.
Step 6: Configure Mailboxes with SIP Addresses

Assign SIP addresses to the mailboxes of Enterprise Voice users who will be using Exchange UM features. To perform this task, you must have Lync Server Administrator and Exchange Recipient Administrator permissions.
Step 7: Run the exchucutil.ps1 Script

On the Exchange UM server, open the Exchange Management Shell and run the exchucutil.ps1 script, which does the following: Grants Lync Server 2010 permission to read Exchange UM AD DS objects; specifically, the SIP dial plans created in the previous task. Creates a UM IP gateway object in AD DS for each Lync Server 2010 Enterprise Edition pool or Standard Edition server that hosts users who are enabled for Enterprise Voice. Creates an Exchange UM hunt group for each gateway. The hunt group pilot identifier will be the name of the dial plan that is associated with the corresponding gateway. These need to be mapped one-to-one if there is more than one dial plan.
To perform this task, you must have Exchange Organization Administrator and Exchange Recipient Administrator permissions.
Step 8: Configure Lync Server 2010 Dial Plans

If you are integrating with Exchange Server 2007 (SP1) or higher, or Exchange Server 2010, create a new Enterprise Voice dial plan with a name that matches the Exchange UM dial plan fully qualified domain name (FQDN). If you are integrating with Exchange Server 2010 SP1, ensure that suitable global/site-level or pool-level Enterprise Voice dial plans have been configured.
8-21
Note: If you are integrating with Exchange Server 2010 SP1, the Lync Server 2010 dial plan and Exchange UM SIP dial plan names do not need to match. To perform this task, you must have RTCUniversalServerAdmins permissions.
Step 9: Run the Exchange UM Integration Utility

On the Lync Server 2010 server, run ocsumutil.exe, which: Creates Subscriber Access and Auto Attendant contact objects. Validates that there is an Enterprise Voice dial plan with a name that matches the Exchange UMdialplan.FQDN.
If you are running Exchange Server 2010 (SP1), the dial plan names do not need to match, and you can ignore the tools warning about this. This utility works by scanning AD DS for Exchange UM settings and allowing the Lync Server 2010 administrator to view, create, and edit contact objects.
Permissions Requirements
To perform this task, you must have RTCUniversalServerAdmins and RTCUniversalUserAdmins permissions. Important: To run ocsumutil.exe successfully, the user must belong to both of these groups.
Note: To create Contact objects, the user who runs ocsumutil.exe must have the correct permission to the AD DS organization unit where the new contact objects are stored. This permission can be granted by running the Grant-CsOUPermissioncmdlet. You must run the Exchange UM Integration Utility from a user account with the following characteristics: Membership in the RTCUniversalServerAdmins group (which includes rights to read Exchange Server UM settings) Domain rights to create contact objects in the specified organizational unit (OU) container
When you run the Exchange UM Integration Utility, it performs the following tasks: Creates contact objects for each autoattendant and subscriber access number to be used by Enterprise Voice users. Verifies that the name of each Enterprise Voice dial plan matches its corresponding UM dial plan phone context. This matching is necessary only if the UM dial plan is running on a version of Exchange earlier than Exchange Server 2010 SP1.
It is important that before you run the Exchange UM Integration Utility, you have done the following: Created one or more Exchange UM dial plans, as described in the Exchange product documentation. Created one or more corresponding Lync Server 2010 dial plans.
8-22
Important: If you are using a version of Exchange that is earlier than Exchange Server 2010 SP1, you must enter the FQDN of the corresponding Exchange UM SIP dial plan in the Lync Server 2010 dial plan Simple namebox. If you are using Exchange Server 2010 SP1 or later, this dial plan namematching is not necessary. Created an autoattendant and made sure that both the subscriber access number and autoattendant number are in E.164 format.
Step 10: Perform Other Enterprise Voice Configuration Steps

If necessary, perform other Enterprise Voice Configuration Steps. If you have not already configured Enterprise Voice settings on your servers or users, do one or more of the following: Deploy and configure media gateways and Mediation servers. Define voice policies, Public Switched Telephone Network (PSTN) usage records, and outbound call routes. Enable users for Enterprise Voice. Optionally, configure specific users with dial plans.
Other configuration steps may be required, depending on the Enterprise Voice features that you enable. To perform this task, you must have RTCUniversalServerAdmins or RTCUniversalUserAdmins permissions.
Step 11: Enable Enterprise Voice Users for Exchange UM

On the Exchange UM server, ensure that a UM mailbox policy has been created and that each user has a unique extension number assignment, and then enable the user for UM. To perform this task, you must have Exchange Recipient Administrator permissions.
8-23
Hosted UM Integration with Lync Server 2010
This section describes how to enable a users voice mail calls to be routed to hosted Exchange UM. Hosted Exchange enables you to offer messaging services from basic email to higher-value services, such as providing additional storage, hosting personal domains, and calendars. Important: Before a Lync Server 2010 user can be enabled for hosted voice mail, a hosted voice mail policy that applies to the users account must be deployed. To enable a user for hosted voice mail, you must: 1. 2. Open the Lync Server 2010 Management Shell. Run the Set-CsUsercmdlet to configure the user account for hosted voice mail. For example, run:
Set-CsUser -HostedVoiceMail $True -Identity "fabrikam\kenmyer"
The previous example sets the following parameters: HostedVoiceMail enables a users voice mail calls to be routed to hosted Exchange UM. It also signals Lync 2010 to light up the call voicemail indicator. Identity specifies the user account to be modified. The Identity value can be specified using any of the following formats: The users SIP address The users AD DSUser-Principal-Name The users domain\logon name (for example, fabrikam\kenmyer)
8-24
The users AD DS Display-Name (for example, Ken Myer). If using the Display-Name as the Identity value, you can use the asterisk (*) wildcard character. For example, the Identity* Smith returns all the users who have a Display-Name that ends with the string value Smith. Note: You cannot use the users AD DSSAM-Account-Name as the Identity value because the SAM-Account-Name is not necessarily unique in the forest.
The msExchUCVoiceMail-Settings Attribute

Lync Server 2010 introduces a new user attribute named msExchUCVoiceMail-Settings, which is created as part of the Lync Server 2010AD DS schema preparation. This multivalued attribute holds voice mail settings that are shared by Lync Server 2010 and the hosted Exchange service. The hosted Exchange service may in some cases set the value of the msExchUCVoiceMail-Settings attribute in the process of enabling Exchange UM, or during the process of transferring mailboxes to a hosted Exchange server. If this attribute is not set by Exchange, the Lync Server 2010 administrator must set it by running the Set-CsUsercmdlet, as described earlier in this topic.
The msExchUCVoiceMail-Settings Attribute Key/Value Pairs

The attributes key/value pairs and their authors are shown in the following table. Value ExchangeHostedVoiceMail=1 Author Exchange Meaning User has been enabled for hosted UM access by Exchange Server. The Lync Server 2010 ExUM Routing application will check the users hosted voice mail policy for routing details. User has been disabled for hosted UM access by Exchange Server.
ExchangeHostedVoiceMail=0 CsHostedVoiceMail=1
Exchange
Lync Server 2010 User has been enabled for hosted UM access by Lync Server 2010. The Lync Server 2010 ExUM Routing application will check the users hosted voice mail policy for routing details. Lync Server 2010 User has been disabled for hosted UM access by Lync Server 2010.
CsHostedVoiceMail=0
Note: If the attribute already has values other than one of the Lync Server 2010 key/value pairs (CSHostedVoiceMail=0 or CSHostedVoiceMail=1), a warning will indicate that the attribute may be managed by a different application. For example, if the key/value pair ExchangeHostedVoiceMail=0 or ExchangeHostedVoiceMail=1 is already present, you will have to acknowledge that the attribute should be overwritten.
8-25
Lab: Integrating Exchange Server 2010 SP1 Unified Messaging Integration with Lync Server 2010
Scenario
During this lab, you will perform several tasks related to configuring Microsoft Lync Server 2010 (RC) and Exchange Server 2010 SP1UM integration.The UM component of Exchange Server 2010 SP1 is designed to be the voice mail solution for Lync Server 2010. Anyone can dial aLync 2010 user and leave a voice mail message, which will then be delivered to the recipients Microsoft Office Outlook Inbox. In this lab you will: 1. 2. 3. 4. 5. Create and edit a UM dial plan. Associate the Exchange Server with the new dial plan. Create and configure a UM auto attendant. Run the EXCHUCUTIL.PS1 script. Use the OCSUmUtil.exe tool to configure integration.
As the administrator for Fabrikam, Inc. you want to integrate your current existing deployment of Lync Server 2010 with Microsoft Exchange Server 2010 SP1UM to further take advantage of the voice features of Lync Server 2010 and Exchange Server 2010 SP1. You have already installed and configured the UM server role and will now make the necessary configuration changes. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.
8-26

This lab requires the virtual machines running from the previous lab and depends on the completion of Labs 5 through 7.The virtual machines are configured to automatically logon as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
5.
6.
7.
8.
9.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-INT-CL4.2 is not running: a. Right-click 10533A-INT-CL4.2 and click Start.
8-27
b.
Right-click 10533A-INT-CL4.2 and click Connect.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remoteaudio, click Settings. 19. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 20. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computerbox, type mia-cl1.fabrikam.com. 23. In the User namebox, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remoteaudio, click Settings. 31. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it.
8-28
32. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computerbox, type red-cl2.fabrikam.com. 35. In the User namebox, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remoteaudio, click Settings. 43. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 44. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computerbox, type rom-cl3.fabrikam.com. 47. In the User namebox, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remoteaudio, click Settings. 55. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 56. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computerbox, type int-cl4. 59. In the User namebox, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes.
8-29
Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
8-30
8-31
Exercise 1: Configuring Exchange Server 2010 SP1 UM to Work with Lync Server 2010 Enterprise Voice
Scenario
In this exercise, you will go through the steps of configuring Exchange Server 2010 SP1 Unified Messaging integration with Lync Server 2010. The steps involved are: Create a new Unified Messaging dial plan for Miami. Create a new Unified Messaging dial plan for Rome. Create new UM Auto Attendants. Run the EXCHUCUTIL.PS1 script.
First, you will configure Exchange Server 2010 SP1Unified Messaging to work with Lync Server 2010. This includes creating and configuring dial plans for Miami and Rome, creating auto attendants for Miami and Rome, and then running the EXCHUCUTIL.PS1 script. Important: On all virtual machines, verify whether all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server, and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Create a new Unified Messagingdial planfor Miami.

1. On MIA-DC1, use the Exchange Management console, to create a new UM Dial Plan for Miami using the following information. Value Miami 4 SIP URI Secured 1 MIA-DC1
Wizard Step Name Number of digits in extension numbers URI Type VoIP security Country/Region code UM Server 2.
Edit the UM Dial Plan to configure a telephone number for the Subscriber Access Number, assign the phone number +13055552999.
3. 4.
Edit the UM Dial Plan and configure an In-Country/Region Rule Group that allows all calls. Edit the Default policy and configure an In-Country/RegionRule Group that allows all calls.
Task 2: Create a new Unified Messaging dial plan for Rome.

1. Use the Exchange Management Consoleto create a new UM Dial Plan for Rome using the following information.
8-32
Wizard Step Name Number of digits in extension numbers URI Type VoIP security Country/Region code UM Server 2. 3. 4.
Value Rome 4 SIP URI Secured 39 MIA-DC1
Edit the UM Dial Plan to configure a telephone number for the Subscriber Access Number, assign the phone number +390655554999. Edit the UM Dial Plan and configure an In-Country/Region Rule Group that allows all calls. Edit the Default policy and configure an In-Country/Region Rule Group that allows all calls.
Task 3: Create new UM Auto Attendants.

1. On MIA-DC1, use the Exchange Management Console to create a new UM Auto Attendant for Miami using the following information. Value Miami_AA Miami +13055552000
Wizard Step Name Associated Dial Plan Pilot Identifier 2. 3.
Create the Auto Attendant as enabled and speech-enabled. Create a new UM Auto Attendant for Rome using the following information. Value Rome_AA Rome +390655554000
Wizard Step Name Associated Dial Plan Pilot Identifier 4.
Create the Auto Attendant as enabled and speech-enabled.
Task 4: Run the ExchUcUtil.ps1 script.

1. On MIA-DC1, use the Exchange Management Shell to run the ExchUcUtil.ps1 script located in C:\Program Files\Microsoft\Exchange Server\V14\Scripts. Results: After this exercise, you should have created new UM Dial Plans and UM Auto Attendants for Miami and Rome, and then run the ExchUcUtil.ps1 script.
8-33
Exercise 2: Configuring Lync Server 2010 to Work with Exchange Server 2010SP1 Unified Messaging
Scenario
In this exercise, you will configure Lync Server 2010 integration with Exchange Server 2010 SP1Unified Messaging. The steps involved are: 1. 2. Use the Exchange Integration tool to configure Lync Server 2010. Configure inbound normalization rules on the global dial plan.
You will first run the OcsUMUtil.exe tool to create contact objects in Lync Server 2010, restart the Exchange UM service and then configure inbound normalization rules.
Task 1: Use the Exchange Integration Tool to configure Lync Server 2010.
1. 2. On MIA-LS1, from a command line, run the OcsUmUtil.exe located in c:\Program Files\Common Files\Microsoft Lync Server 2010\ Support. On MIA-DC1, restart the Exchange UM service.
Task 2: Configure inbound normalization on the global dial plan.

1. 2. On MIA-LS1, use the Lync Server Control Panel to create an inbound normalization rule for the Auto Attendant that adds +1 to the number you assigned earlier to the Auto Attendant. Create an inbound normalization rule for the Subscriber Access Number that adds +1 to the number you assigned earlier to the Subscriber Access Number. Results: After this exercise, you should have used the Exchange Integration tool to create the contact objects in Lync Server 2010.
8-34
Exercise 3: Testing and Verifying Integration

Scenario
Test and verify integration between Exchange Server 2010 SP1 UM and Lync Server 2010. To do this, you will perform the following tasks. 1. 2. 3. Enable users for Exchange UM. Log onto Lync 2010 and configure voice mail. Use Lync 2010, Outlook, and OWA to leave and retrieve voice mail.
Task 1: Enable users for Exchange UM.

1. On MIA-DC1, use the Exchange Management Console or Exchange Management Shell to enable the following users for Exchange UM. UM Mailbox Policy Miami Default Policy PIN 305425 305425 305425 305425 305425 305425 305425 305425 305425 305425 305425 305425 305425 305425 Mailbox Extension 2100 2002 2003 2004 2005 2008 2009 3001 3002 3003 3004 4001 4002 4003 Alias scott@fabrikam.com andreas@fabrikam.com conor@fabrikam.com anna@fabrikam.com ebru@fabrikam.com patricia@fabrikam.com paul@fabrikam.com jason@fabrikam.com tzipi@fabrikam.com franz@fabrikam.com shu@fabrikam.com marcel@fabrikam.com luca@fabrikam.com shane@fabrikam.com
User Scott MacDonald
Andreas Herbinger Miami Default Policy Conor Cunningham Anna Lidman EbruErsan Patricia Doyle Paul West Jason Carlson TzipiButnaru Franz Kohl Shu Ito Marcel Truempy Luca Dellamore Shane DeSerrano Miami Default Policy Miami Default Policy Miami Default Policy Miami Default Policy Miami Default Policy Miami Default Policy Miami Default Policy Miami Default Policy Miami Default Policy Rome Default Policy Rome Default Policy Rome Default
8-35
User
UM Mailbox Policy Policy
PIN
Mailbox Extension
Alias
NunoFarinha Axel Delgado
Rome Default Policy Rome Default Policy
305425 305425
4005 4009
nuno@fabrikam.com axel@fabrikam.com
Task 2: Log on to Lync 2010 and configure voice mail.

1. 2. 3. 4. 5. On MIA-CL1 logged on as Andreas, log on toLync 2010 as Andreas and check voice mail. In Lync 2010, call the Exchange Auto Attendant and change Andreas greeting. Use Lync 2010 to listen to Andreas calendar, email, etc. On ROM-CL3 logged on as Marcel, log onto Lync 2010 and change Marcels voice mail box greeting. In Lync 2010, call the Exchange Auto Attendant and check e-mail, calendar, personal settings, etc.
Note: If the Voice Mail options or menus are not showing in Lync, log out of Lync and log back on to have the configurations applied.
Task 3: Use Lync 2010, Outlook, and OWA to leave and retrieve voice mail.
1. 2. 3. 4. 5. On ROM-CL3, in Lync 2010, next to Andreas name, click Call Voice Mail. Listen to the greeting you configured for Andreas and then leave her a short (10-15 seconds) voice message. On MIA-CL1, logged on as Andreas, open Outlook and wait as the voice mail is sent to Andreas Outlook inbox. Use Outlook to view and listen to the voice mail from Marcel. Use https://mail.fabrikam.com/owa to listen to and view the voice mail from Marcel. Results: After this exercise, you should have tested and verified the Exchange Server 2010 SP1UM and Lync Server 2010 integration by using Lync 2010 to configure Marcel and Andreas voice mail and then leaving messages. You then viewed the voice mail messages by using Outlook and OWA.
Important: After this lab, it is recommended that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, right-click and then click Snapshot.
8-36
Review Questions
1. 2. What versions of Exchange UM support integration with Lync Server 2010? Are hosted offerings supported? What are the various levels of VoIP security available in Exchange UM? If Lync Server 2010 is encrypting both signaling and media, what is the appropriate setting for VoIP security in Exchange UM? What are the high-level steps for configuring Exchange UM integration? What permissions are required for most UM components and features?
3. 4.
Common Issues
Issue Calls to Exchange UM cannot be completed. Calls to Exchange UM by remote users are inconsistent. Troubleshooting tip Ensure that the VoIP security settings are set appropriately given Lync Server 2010 configuration. Ensure that you are running Exchange Server 2010 SP1 or that the dial plan names match. Ensure that Exchange Server 2010 SP1 is installed or that the Edge services are hardware load-balanced.

1. Fabrikam currently has a contract with Office365.com for hosted Exchange services. What needs to be configured for Lync Server 2010 to use hosted Exchange UM? Does anything need to be done peruser? Fabrikam has deployed Lync Server 2010 with DNS load balancing.Several users operate remotely. Fabrikam currently has Exchange Server 2003 in place and wants to deploy Exchange UM. What version of Exchange must Fabrikam upgrade to?
2.
8-37
3.
Wingtip Toys has deployed Lync Server 2010 with three sites and five pools. There are no conflicting extensions. How many UM IP gateways are required to connect to Exchange UM? How many UM IP dial plans are required to connect to Exchange UM?
Best Practices
Supplement or modify the following best practices for your own work situations: 1. Exchange UM servers are less sensitive to latency than Mediation servers. If you cannot put your Exchange UM server in the same location as the PSTN connectivity, opt for geographical distance between the Mediation server and Exchange UM server rather than between the Mediation server and PSTN drop-off. For optimal security, configure Lync Server 2010 to require encryption of signaling and media, and set Exchange UM VoIP Security to Secured. For the broadest compatibility, leave Exchange UM configured to record voicemail in MP3 format. For maximum compression, configure Exchange UM to record voicemail in WMA format.
2. 3.
Tools
Tool The Exchange Server 2010 UM Troubleshooting Tools The Exchange UM Test Phone Description A cmdlet that provides a great deal of troubleshooting information about Exchange UM. Provides a way to call directly into Exchange UM to test various pieces of functionality.
8-38
Implementing Response Groups
9-1
Module 9
Contents:
Lesson 1: Overview of the Response Group Service Lesson 2: Response Group Service Components Lesson 3: Response Group Service Management Tools Lab: Configuring the Lync Server 2010 Response Group Service 9-3 9-8 9-23 9-29
9-2
Module Overview
In this module, you will learn about the Response Group Service and the changes that have been implemented with Microsoft Lync Server 2010. You will also learn about the components of the Response Group Service, including queues, agent groups, workflows, and interactive workflows. Finally, you will learn about the tools used to manage workflows, such as Lync Server Control Panel, Lync Server Management Shell, and Response Group Configuration Tool.
Objectives
After completing this module, you will be able to: Describe the function of the Response Group Service and its new features. Describe the components of the Response Group Service and their settings. Describe the tools used to configure and manage response groups.
9-3
Lesson 1
Overview of the Response Group Service
The purpose of this lesson is to provide an overview of the Response Group Service, its application in a typical workplace, and the new features that are implemented in Lync Server 2010.
Objectives
After completing this lesson, you will be able to: Explain the function of the Response Group Service. Describe the new features of the Response Group Service implemented in Lync Server 2010.
9-4
What Is the Response Group Service?
The Response Group Service enables administrators to create and configure one or more response groups (also known as workflows). The purpose of a response group is to route and queue incoming phone calls to one or more designated Lync Server 2010enabled users, who are known as agents. The workflow routes calls to agents according to the rules that you specify when you create and configure the workflow. The Response Group Service calls the list of available agents in a manner that you specify until an agent answers. If no agent is immediately available, the workflow typically places the call in a queue. The Response Group Service uses presence and availability to make intelligent call-routing decisions.
Components of the Response Group Service

The Response Group Service includes the following components: Agents Queues Business hours Holidays Basic workflows Interactive workflows
Predefined Workflow Templates

Predefined templates are provided to make it easy for you to create and configure new workflows. For example, when you configure a workflow, you can: Specify a welcome message Provide music on hold
9-5
Gather caller information by using interactive voice response (IVR) Configure business hours Limit queue size Specify how a call is handled when a queue is full
Typical Response Group Service Usage Scenarios

Typical usage scenarios include an internal Help desk, a customer service desk, or a general external call handler. Response Group Service is a good solution for departmental or function-oriented call-routing needs, such as a Human Relations Benefits line or to route calls when several receptionists are needed.
9-6
New Features of the Response Group Service
This section describes the Response Group Service application features that are new in Lync Server 2010.
New Agent Anonymization

You can configure a response group so that agents can accept incoming calls and make outgoing calls on behalf of the response group without revealing their identity. When anonymous calling is enabled, callers cannot call agents directly unless the agent expressly offers a direct number. During an anonymous call, the agent can see that the call is anonymous. The agent can put the call on hold, make both blind and consultative transfers, and park and retrieve the call. Anonymous calls cannot start from an instant messaging (IM) or audio and/or video session, but the agent or the caller can add IM and video after the call is established. For example, if a caller has called a Response Group configured to anonymize agents and has been connected to an agent, the caller is aware that they are connected to the service desk, but the identity of the agent the caller is connected to is obscured, preventing direct access or callbacks. Note: Anonymous calls do not support conferencing, application sharing, desktop sharing, file transfer, whiteboarding and data collaboration, or call recording.
New Attendant Routing Method

With the new attendant routing method, all agents who are signed into Lync Server 2010 and the Response Group application are called at the same time for every incoming call, regardless of their current presence status. With attendant routing, Lync Server 2010 Attendant users who are designated as agents can see all the calls that are waiting and answer waiting calls in any order. When a call is answered, the other Lync Server 2010 Attendant users no longer see the call.
9-7
Integrated Manageability
In Lync Server 2010, Response Group Service manageability is integrated with Lync Server 2010 manageability. The Lync Server Management Shell cmdlets support all Response Group Service management tasks, and the Lync Server Control Panel supports common Response Group Service management tasks. You can use the Lync Server Management Shell to create a workflow that is beyond the four-queue depth presented by the Response Group Configuration Tool.
Caller Experience Improvements

In Lync Server 2010, Response Group Service supports more flexible IVR configurations and prompts, such as for invalid or no response to IVR questions and messages before music on hold or queue timeouts.
More Robust Web Service

In Lync Server 2010, the Response Group Service application provides a more robust web service that supports customized agent consoles. You can use the web service to retrieve information about agents, agent group membership, agent sign-in status, call status for groups, and the response groups that support anonymous calls.
9-8
Lesson 2
Response Group Service Components
The purpose of this lesson is to describe the components of the Response Group Service. It will also cover the settings of each component and what each setting does. After completing this lesson, you will be able to: Describe agent group settings. Describe queue settings. Describe business hour settings. Describe holiday settings. Describe basic workflow settings. Describe interactive workflow settings.
9-9
Agent Group Settings
When you create an agent group, you select the agents that are assigned to the group and specify additional group settings, such as the routing method and whether an agent must sign in to and out of the group. The following steps describe the settings when creating an agent group.
Step 1: Activate and Name the Agent Group

Before you can create an agent group, you must activate and name it. For example, on the computer where Lync Server 2010 tools are installed, you must log on as a member of the RTCUniversalServerAdmins group.
Step 2: Set Up the Participation Policy

Select one of the following settings to set up the sign-in behavior for the group: Informal. Select this setting to specify that agents in the group cannot sign in to and out of the group. Agents are automatically signed in to the group when they sign in to Lync Server 2010. Formal. Select this setting to specify that agents in the group must sign in to and out of the group. When you select this option, agents must sign in to and out of the response group by means of a web page.
Step 3: Specify the Alert Time (Seconds)

The Alert time (seconds) setting is used to specify the time required to call an agent before offering the call to the next available agent. (The default is 20 seconds.)
Step 4: Determine the Routing Method

Select one of the following methods for routing calls to agents in the group: Longest idle. Select this setting to offer a new call first to the agent who has been idle the longest (that is, the agent who has had a presence of Available in Lync 2010 for the longest period of time).
9-10
Parallel. Select this setting to offer a new call to all available agents at the same time. The call is connected to the first agent who is available and accepts it. Round robin. Select this setting to offer a new call to each available agent in turn. Serial. Select this setting to always offer a new call to the agents in the order in which they are listed in the Agents list based on availability. Attendant. Select this setting to offer a new call to all agents who are signed in to Lync Server 2010 and the Response Group Service application at the same time, regardless of their current presence status. Lync Server 2010 Attendant users who are configured as agents can see all the calls that are waiting and answer waiting calls in any order. The call is sent to the first agent who accepts it, and the other Lync Server 2010 Attendant users no longer see the call.
Step 5: Create an Agents List

Select one of the following settings to specify how you want to create your agents list: Use a Microsoft Exchange Server distribution list. If you select this option, you use an existing email distribution list and type the email address of the distribution list (for example, NetworkSupport@fabrikam.com). If you use an email distribution list, you are subject to the following constraints: You cannot select multiple distribution lists for the agent group. Each group supports only a single distribution list. If the distribution list contains one or more distribution lists, members of the nested distribution lists are not added to the agent list. If serial or round robin routing is selected, the server offers an incoming call to the appropriate agent according to the routing method and according to the order in which agents are listed in the distribution list. If you use an email distribution list, hidden memberships or hidden lists might become visible to the response group administrator or users, as follows: If a distribution list was configured so that the membership is hidden and the response group administrator assigns the distribution list to the agent list, users can call the group to find out who the members are. If a distribution list was configured so that it is hidden in the Exchange Global Address List, the response group administrator might be able to see the distribution list and assign it to the agent list if the response group process has the appropriate permissions, even if the administrator does not have the appropriate permissions.
Use a custom list of agents. If you select this option, you select one or more users you want to assign as agents for this group. Note: If the group is using either round robin or serial routing, arrange the agents in the order in which you want them to be offered calls.
9-11
Queue Settings
Queues hold callers until an agent answers the call. When the Response Group application searches for an available agent, it searches agent groups in the order in which you list them. You can select the agent groups that are assigned to the queue and specify queue behavior, such as limiting the number of calls that the queue can hold and the period of time that a call waits until an agent answers the call. This section describes queue settings.
Step 1: Select a Service and Activate and Name the Queue

In this step, you select a service and then activate and name the queue. Select a service. Select this setting to choose the Application Server service for which you want to add the queue. Activate and name the queue. Right-click the queues folder, click New queue, and then on the General tab, in the Name box, type a name for the queue. Select groups. Select this setting to choose one or more groups that you want to assign to the queue. Note: When the server searches for an available agent in the queue, it uses group order. That is, the first group in the list is searched first, followed by the second group in the list, and so on. To change the order of the groups in the Groups list, click a group, and then click the up arrow or down arrow button.
Step 2: Enable Queue Timeout

Queue timeout specifies a maximum period of time for a caller to wait on hold before an agent answers the call. In this step, you enable queue timeout by selecting options from the following settings: Time-out period (seconds). Select this setting to specify the maximum number of seconds a caller waits for an agent to answer the call.
9-12
Call target. Select this setting to specify the action that occurs when a call times out. These options include: Disconnect. Select this setting to disconnect the call after timeout. Forward to voicemail. Select this setting to forward the call to voice mail. Forward to telephone number. Select this setting to forward the call to another telephone number. Forward to SIP address. Select this setting to forward the call to another Session Initiation Protocol (SIP) address. Forward to another queue. Select this setting to forward the call to another queue.
Step 3: Enable Queue Overflow

In this step, you enable queue overflow by selecting options from the following settings: Maximum number of calls. Select this setting to determine the maximum number of calls that you want the queue to hold. Forward the call. Select this setting to determine which call to forward when the queue is full Newest call or Oldest call. Disconnect. Select this setting to disconnect the call after timeout. Forward to voicemail. Select this setting to forward the call to voice mail. Forward to telephone number. Select this setting to forward the call to another telephone number. Forward to SIP address. Select this setting to forward the call to another SIP address. Forward to another queue. Select this setting to forward the call to another queue.
9-13
Business Hours Settings
Business hours indicate when the response group is available to take calls and how to handle calls that are made when the response group is not available. Before you configure your workflows, you can define your business hours and holidays. Then, when you configure a workflow, you apply the business hours and holidays that you defined in advance to the workflow. Note: You do not need to predefine business hours if your response group is always open or if you use only custom business hours.
Defining Business Hours

When defining business hours, you have the following options: Your time zone. Select the time zone for the workflow. The time zone is used to calculate the hours that the workflow is open and closed. For example, if the workflow is configured to use the North American Eastern Time zone, and the workflow is scheduled to open at 7:00 A.M. and close at 11:00 P.M., the open and close times are 7:00 Eastern Time and 23:00 Eastern Time, respectively. (You must enter the times in 24-hour format.) Use a preset schedule. Select a preset schedule to automatically specify the days and hours that the response group is available. Note: You need to define preset schedules before you configure the workflow. You define preset schedules by using the New-CsRgsHoursOfBusinesscmdlet. Use a custom schedule. Select this option if you want to create a schedule specific to this workflow.
9-14
Day. If you are creating a custom schedule, select each day of the week that you want the workflow to be available. If you are using a preset schedule, the days are automatically set based on the selected schedule. Open. If you are creating a custom schedule, use this field with the Close field to specify the hours that agents are available to answer calls. If you are using a preset schedule, the hours are automatically set based on the selected schedule. You must enter times in 24-hour format. For example, if your office works a 9 A.M. to 5 P.M. workday and closes at noon for lunch, you configure this schedule as Open 9:00, Close 12:00, Open 13:00, and Close 17:00. Close. If you are creating a custom schedule, use this field with the Open field to specify the hours that agents are available to answer calls. If you are using a preset schedule, the hours are automatically set based on the selected schedule. Play a message when the response group is outside of business hours. Select this option to have callers hear a message if they call when the response group is not available. Use text-to-speech. If you choose to play a message outside of business hours and do not have a recording of that message, you can select this option to synthesize audio from a text message. Enter the text for the message in the text box. Note: Do not include markup tags in the text you enter. If you include markup tags, you will receive an error message.
Select a recording. If you choose to play a message outside of business hours, select this option to use an audio file recording for the message. Click the recording link if you want to upload a new audio file. Disconnect call. Select this option if you want to disconnect the call after playing the outside-ofbusiness-hours message. Forward to voicemail. Select this option if you want to forward the call to voice mail after playing the outside-of-business-hours message, and enter the address of the voice mail. The format of the voice mail address is username@domainname (for example, bob@fabrikam.com). Forward to SIP URI. Select this option if you want to forward the call to another user after playing the outside-of-business-hours message, and enter the address of the user. The format for the user address is username@domainname. Forward to telephone number.Select this option if you want to forward the call to another telephone number, and enter the telephone number. The format of the telephone number is number@domainname (for example, +14255550121@fabrikam.com).
9-15
Holiday Settings
Holidays define the days that agents will not be working and are therefore not available to take calls. Holiday sets are collections of holidays; for example, the national and/or regional holidays for year 2011 might be a holiday set. Multiple holiday sets can apply to a workflow; for example, you might define a set of national and/or regional holidays for the calendar year, another set of holidays for company days off, and another set of holidays for team events. Any combination of the holiday sets can apply to a workflow. To define holidays and holiday sets, you must use the New-CsRgsHoliday and New-CsRgsHolidaySet cmdlets. The New-CsRgsHoliday cmdlet defines individual holidays, and the New-CsRgsHolidaySet cmdlet identifies which holidays are in a holiday set. Note: To apply holidays to a workflow, you must predefine at least one set of holidays. To apply business hours to a workflow, you can either predefine the business hours, or you can create custom business hours. However, custom business hours apply only to a specific workflow and cannot be reused for other workflows. You can create custom business hours in advance or at the time you configure the workflow.
Making Holiday Settings

When defining holiday settings, you have the following options: Standard holiday lists. Select one or more holiday sets that identify the days that the response group is closed for business. Note: You need to define your holidays and holiday sets before you configure the workflow. To define holidays and holiday sets, use the New-CsRgsHoliday and New-CsRgsHolidaySetcmdlets.
9-16
Play a message during holidays. Select this option to have callers hear a message if they call when the response group is on holiday. Use text-to-speech. If you choose to play a message on holidays, select this option to use text converted to speech for the message, and type the text for the message in the text box. Note: Do not include markup tags in the text you enter. If you include markup tags, you will receive an error message. An error message occurs because the speech engine literally interprets all text entered into the input box, and markup code is misinterpreted.
Select a recording. If you choose to play a message on holidays, select this option to use an audio file recording for the message. Click the recording link if you want to upload a new audio file. Disconnect call. Select this option if you want to disconnect the call after playing the holiday message. Forward to voicemail. Select this option if you want to forward the call to voice mail after playing the holiday message, and enter the address of the voice mail. The format of the voice mail address is username@domainname (for example, bob@fabrikam.com). Forward to SIP URI. Select this option if you want to forward the call to another user after playing the holiday message, and enter the address of the user. The format for the user address is username@domainname. Forward to telephone number. Select this option if you want to forward the call to another telephone number, and enter the telephone number. The format of the telephone number is number@domainname (for example, +14255550121@fabrikam.com).
9-17
Basic Workflow Settings
A workflow defines the behavior of a call from the time the phone rings to the time somebody answers the call. The workflow includes queue and routing information and can include IVR information. When you create a workflow, you use the Response Group Configuration Tool to specify which queue to use and other settings, such as a welcome message, music on hold, business hours, and questions that the Response Group application asks the caller. This section describes basic workflows, which can include queue and routing information. The next section describes the more advanced version of workflow functionality referred to as interactive workflows. Interactive workflows use IVR to allow a computer to detect voice and dual-tone multi-frequency (DTMF) keypad inputs. Note: You must create groups and queues before you create a workflow.
Note: You must be assigned the CsAdministrator role or the CsResponseGroupAdministrator role to create and configure workflows.
Step 1: Activate and Name the Workflow

This following list describes the general settings for a workflow: Activate the workflow. Choose this setting to enable users to call the workflow. Enable for federation. Choose this setting to allow federated users to call the group. Enable agent anonymity. Choose this setting to hide the identity of the agent, whether the agent is the callee or the caller.
9-18
Note: Anonymizing is client versiondependent. Older clients do not understand or support the anonymizing feature, so a Lync Server 2010 client is required. When you make agents anonymous, calls cannot start with IM or video, although the agent or the caller can add IM and video after the call is established. An anonymous agent can also put calls on hold, transfer calls (both blind and consultative transfers), and park and retrieve calls. Anonymous calls do not support conferencing, application sharing and desktop sharing, file transfer, whiteboarding and data collaboration, and call recording. Enter the address of the group that will receive the calls. For this setting, type the SIP address of the group that you want to answer calls to the workflow. Display name. For this setting, type the name that clients, such as Lync Server 2010, are to display. Note: Do not include the "<" or ">" characters in the display name. Do not enter a display name of "RGS Presence Watcher" or "Announcement Service," because these names are reserved names. Telephone number. For this setting, enter the line Uniform Resource Identifier (URI) for the response group (for example, E.164 format). Display number. For this setting, type the formatted number to display for the response group (for example, E.164 format). Description. For this setting, specify the workflow description that appears on the Lync Server 2010 contact card. This setting is optional.
Step 2: Select a Language

For this setting, choose the language that you want to use for speech recognition and text-to-speech. Note: Although all the available language packs are displayed in this list, only the U.S. English speech pack is installed by default. If you want to use another language, install the speech pack before you configure the workflow.
Step 3: Configure a Welcome Message

You can play a welcome message for callers. The welcome message can be a text message that is converted to speech for callers or an audio file (Wave (.wav) or Windows Media Audio (.wma) format) that contains the welcome message. When you configure a welcome message, you can choose from the following options: Use text-to-speech. Choose this option if you want to use text converted to speech for the welcome message and to type the text for the welcome message in the text box. Note: If you choose to play a welcome message, you must type something in the Use text-tospeech box even if you select a recording, because the text-to-speech content is displayed for the agent.
9-19
Note: Do not include markup tags in the text you enter. If you include markup tags, you will receive an error message. Select a recording. Choose this option if you want to use an audio file recording for the welcome message. Click the recording link if you want to upload a new audio file.
Step 4: Specify Your Business Hours and Time Zone

The business hours and time zone settings define when the workflow is available to answer calls and specify the action to take for calls outside of business hours. When you specify your business hours and time zone, you can choose from the following options: Use a preset schedule. Response Group administrators can use the New-CsRgsHoursOfBusiness cmdlet to create predefined schedules that can be used for any number of response groups. Use a custom schedule. You can specify the days and hours to define the business hours schedule for a specific response group. When someone calls outside of business hours, you must specify an action. You can: Play a message. Disconnect the call. Forward the caller to voice mail, another SIP URI, or another telephone number.
Step 5: Specify Your Holidays

The holiday settings define the days that the response group is closed for business and specify the action to take on those days. Specifying your holidays includes the following options: Specify one or more standard holiday sets. Play a message. Disconnect the call. Forward the caller to voice mail, another SIP URI, or another telephone number. Note: There are no predefined holiday schedules. You must create holiday sets by using the Lync Server Management Shell.
Step 6: Configure Music on Hold

Callers listen to music on hold while they wait for an agent. The music on hold can be a default recording or a .wma or .wav file that you upload. When you configure music on hold, you can choose from the following options: Use default. Choose this option if you want to use the default music on hold. Select a music file. Choose this option if you want to specify a different audio file recording for the music on hold. Click the music link to upload a new audio file. Note: Ensure that you have the appropriate rights to distribute the music file you have chosen.
9-20
Interactive Workflow Settings
An interactive workflow routes calls by using Interactive Voice Response (IVR) questions and answers. Interactive workflows support up to two levels of questions when configured by using the Response Group Configuration Tool, with each question having up to four possible answers. The IVR asks the caller a question that has up to four possible answers, and depending on the callers response, routes the caller to a queue or asks a second question. The second question can also have four possible answers. Depending on the answer to the second-level question, the caller is routed to the appropriate queue. You can use .wav or .wma files for settings such as messages or the music that is played when users are on hold. After you upload an audio file, you can listen to the file to verify that you selected the correct file. To listen to the audio file, click the name of the file. Note: The Response Group Service is also commonly called an enhanced hunt group or IVR system. This section describes interactive workflow settings.
Configure Interactive Voice Response

Specify the first question that you want to ask the caller. You have the following options when configuring IVR: Use text-to-speech. Choose this option if you want to enter the question as text, and enter the question in the text box. Note: Do not include markup tags in the text you enter. If you include markup tags, you will receive an error message.
9-21
Note: The # symbol is translated by the text-to-speech engine as the word number. If you need to refer to the # key, use the key name instead of the symbol in your prompt. For example, To talk to the sales organization, press the pound key. Select a recording. Choose this option if you want to play an audio recording for the question. Click the recording link if you want to upload a new audio file.
Response 1
Specify the first possible answer to the question. You can allow for responses by voice, keypad input, or both. Important: Do not use double quotes (") in voice responses. Double quotes cause the IVR to work incorrectly. Enter a voice response. Enter the answer that you want the caller to say. The callers response is converted by using speech recognition. Assign keypad response. Select the keypad digit that you want the caller to press. Send to a queue. Choose this option if you want to route the caller to a queue. Ask another question. Choose this option if you want to ask a follow-up question. You can then enter another question and up to four possible responses. To include Response 3 and Response 4 for the follow-up question, select the associated check box.
Response 2
Specify the second possible answer to the question. You can allow for responses by voice, keypad input, or both. Enter a voice response. Enter the answer that you want the caller to say. The callers response is converted by using speech recognition. Assign keypad response. Choose the keypad digit that you want the caller to press. Send to a queue. Choose this option if you want to route the caller to a queue. In Select a queue, click the queue to use. Ask another question. Choose this option if you want to ask a follow-up question. You can then enter another question and up to four possible answers. To include Response 3 and Response 4 for the follow-up question, select the associated check box.
Response 3 and 4
To include a third and fourth response to the first question, select the associated check box, and then specify the possible answers as you did for Response 1 and Response 2. Note: If a caller answers a question incorrectly (that is, the answer is not one of the specified responses) or does not provide an answer, the caller gets another chance to answer the question. The caller can attempt to answer the question correctly five times before being disconnected.
9-22
Important: Do not include double quotes (") when you specify voice responses. If you do, you can save the workflow, but the workflow will not properly.
9-23
Lesson 3
Response Group Service Management Tools
This lesson covers the three management tools that are used to configure and maintain the Response Group Service. Not every task can be completed with one management tool, so it is important to understand all three tools and what can be accomplished with each. In general, the Lync Server Management Shell should be used when configuring advanced workflows because it is useful for batching, while the Lync Server Control Panel and the Response Group Service Configuration website are more useful for configuring basic workflows, or for users who prefer a Graphical User Interface (GUI). After completing this lesson, you will be able to: Configure and manage the Response Group Service by using Lync Server Control Panel. Configure and manage the Response Group Service by using Lync Server Management Shell. Configure and manage the Response Group Service by using the Response Group Configuration tool.
9-24
Configuring and Managing the Response Group Service by Using the Lync Server Control Panel
The Lync Server Control Panel provides a GUI that enables you to manage the configuration of the Lync Server 2010 servers, users, clients, and devices in your organization. The Lync Server Control Panel uses the Lync Server Management Shell as the underlying mechanism to perform Lync Server configuration. You can use the Lync Server Control Panel to set up and configure agent groups and queues for response groups. Important: To configure settings by using the Lync Server Control Panel, you must be logged on by using an account that is a member of the CsAdministrator group.
Creating a Response Group

The following procedure describes how to create a response group by using the Lync Server Control Panel: 1. 2. 3. 4. 5. 6. 7. 8. Click Response Groups, click Group, and then click New. Select the application server servicing the group. In the appropriate boxes, type a name, description, participation policy, and so on. Click Queue, and then click New. Select the application server servicing the queue. In the appropriate boxes, type a name and description, select your groups, and so on. Click Workflow, and then click Create or Edit a Workflow. Select the application server servicing the workflow. Microsoft Internet Explorer launches and loads the Response Group Configuration Tool.
9-25
Note: In the future, you will be able to go directly to the Response Group Configuration Tool by navigating directly to the web address. 9. Next to Hunt Group, click Create. To create simple routing to a hunt group you define any additional settings such as welcome message, availability, and music on hold. -orNext to Interactive, click Create to create. In addition to Hunt Group settings, you can specify up to two levels of questions that callers will hear. Each question can have up to four possible answers.
9-26
Configuring and Managing the Response Group Service by Using the Lync Server Management Shell
In Lync Server 2010, the Lync Server Management Shell is a new method of administration and management. The Lync Server Management Shell is a management interface, built on the Microsoft Windows PowerShell command-line interface that includes a comprehensive set of cmdlets (commandlets) that are specific to Lync Server 2010. You can configure all Response Group settings by using Lync Server Management Shell cmdlets.

Use the following cmdlets to create a response group by using the Lync Server Management Shell: 1. 2. 3. 4. 5. 6. 7. 8. 9. New-CsRgsAgentGroup New-CsRgsAnswer New-CsRgsCallAction New-CsRgsHoliday New-CsRgsHolidaySet New-CsRgsHoursOfBusiness New-CsRgsPrompt New-CsRgsQuestion New-CsRgsQueue
10. New-CsRgsTimeRange 11. New-CsRgsWorkflow
9-27
Configuring and Managing the Response Group Service by Using the Response Group Configuration Tool
The Response Group Configuration Tool is a browser-based tool that creates and manages workflows. The Response Group Configuration Tool is used when a GUI is desired to facilitate creating, configuring, and managing workflows. This tool starts automatically when you click Create or edit a workflow in the Lync Server Control Panel. Important: The Response Group Configuration Tool is a Lync Server 2010 component that is installed with the Web Components server. Depending on how your network is set up, the Web Components server may be considered to be in the Internet zone for some client computers. In this case, because the Response Group Configuration Tool uses scripting, the default Microsoft Internet Explorer settings may prevent the Response Group Configuration Tool from functioning.
Important: In some situations, you may not be able to log on to the Response Group Configuration Tool from the Front End server where Response Group Service runs. If this is the case, log on to the Response Group Configuration Tool from a different server or from a client computer.

The following procedure describes how to create a response group by using the Response Group Configuration Tool: 1. 2. 3. Open the Lync Server Control Panel. Click Response Groups, and then click the Workflow tab. On the Workflow page, click New.
9-28
The Response Group Configuration Tool web page opens. The remaining steps depend on the component you want to configure and are discussed in the previous section titled Basic Workflow Settings.
Note: You can also open the Response Group Configuration Tool web page directly from a web browser by connecting to https://<FQDN of Front End or Standard Edition server>/RgsConfig.
9-29
Lab: Configuring the Lync Server 2010 Response Group Service
Scenario
Fabrikam has continued to grow, increasing the demand placed on the companys receptionist and reducing efficiency, while increasing the time needed to answer incoming calls. Management has decided to implement multiple Lync Server 2010 Response Groups to handle the increased call volume and route calls to the correct departments without ringing the receptionist when possible. In this lab, you will deploy the Response Group Service, including agent groups, queues, and workflows. You will also configure the Agent Anonymization feature. The planning committee created the following diagram mappings based on the details of the preferred Response Group configuration.
9-30
9-31
IMPORTANT: We recommend that the steps in this and every other lab in the course be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you might overwrite each others work and possibly lose data.
9-32

This lab requires the virtual machines running from the previous lab and depends on the completion of Lab 5 through 8.The virtual machines are configured to automatically logon as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
5.
6.
7.
8.
9.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-INT-CL4.2 is not running: a. Right-click 10533A-INT-CL4.2 and click Start.
9-33
b.
Right-click 10533A-INT-CL4.2 and click Connect.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings. 19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 23. In the User name box, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it.
9-34
32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes.
9-35
Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
9-36
The virtual lab environment topology is shown in the following diagram.
9-37
Exercise 1: Configuring Agent Groups and Queues

Scenario
In this exercise, you will create agent groups and queues for both the U.S. and Italy offices. You will create three for the U.S., one for Sales, one for Accounting, and one for Operator. You will also create three for Italy. You will use the users that are logged on to the various clients we have, and those configured as the Operator. The main tasks for this exercise are as follows: 1. 2. 3. 4. Configure U.S. groups. Configure Italy groups. Configure U.S. queues. Configure Italy queues.
IMPORTANT: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, Microsoft SQL Server, and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Configure U.S. groups.

1. 2. Sign out of Lync 2010 on MIA-CL1, RED-CL2 and ROM-CL3. Use the Lync Server Management Shell or Lync Server Control Panel to create the U.S. Sales Group by using the following information. Value ApplicationServer:mia-ls1.fabrikam.com US Sales Group Informal Serial Tzipi Butnaru Andreas Herbinger 3. Use the Lync Server Management Shell or Lync Server Control Panel to create the U.S. Accounting Group by using the following information. Value ApplicationServer:mia-ls1.fabrikam.com US Accounting Group Informal Parallel
Field Service Name Participation policy Routing method Agents
Field Service Name Participation policy Routing method
9-38
Field Agents
Value Marcel Truempy Andreas Herbinger
4.
Use the Lync Server Management Shell or Lync Server Control Panel to create the U.S. Operator Group by using the following information. Value ApplicationServer:mia-ls1.fabrikam.com US Operator Group Informal Attendant Paul West
Task 2: Configure Italy groups.

1. Use the Lync Server Management Shell or Lync Server Control Panel to create the Italy Sales Group by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Italy Sales Group Informal Serial Andreas Herbinger Marcel Truempy 2. Use the Lync Server Management Shell or Lync Server Control Panel to create the Italy Accounting Group by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Italy Accounting Group Informal Parallel Marcel Truempy Tzipi Butnaru
9-39
3.
Use the Lync Server Management Shell or Lync Server Control Panel to create the Italy Operator Group by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Italy Operator Group Informal Attendant Nuno Farinha
Task 3: Configure U.S. queues.

1. Use the Lync Server Management Shell or Lync Server Control Panel to create the U.S. Operator Queue by using the following information. Value ApplicationServer:mia-ls1.fabrikam.com US Operator Queue US Operator Group checked Forward to voice mail sip:paul@fabrikam.com checked 5 Newest call Forward to voice mail sip:paul@fabrikam.com
Field Service Name Groups Enable queue time-out Call action SIP address Enable queue overflow Maximum number of calls Forward the call Call action SIP address 2.
Use the Lync Server Management Shell or Lync Server Control Panel to create the U.S. Sales Queue by using the following information. Value ApplicationServer:mia-ls1.fabrikam.com US Sales Queue US Sales Group checked Forward to another queue
Field Service Name Groups Enable queue time-out Call action
9-40
Field SIP address Enable queue overflow Maximum number of calls Forward the call Call action SIP address 3.
Value US Operator Queue checked 5 Newest call Forward to voice mail sip:scott@fabrikam.com
Use the Lync Server Management Shell or Lync Server Control Panel to create the U.S. Accounting Queue by using the following information. Value ApplicationServer:mia-ls1.fabrikam.com US Accounting Queue US Accounting Group checked Forward to another queue US Operator Queue checked 5 Newest call Forward to voice mail sip:vijay@fabrikam.com
Field Service Name Groups Enable queue time-out Call action SIP address Enable queue overflow Maximum number of calls Forward the call Call action SIP address
Task 4: Configure Italy queues.

1. Use the Lync Server Management Shell or Lync Server Control Panel to create the Italy Operator Queue by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Italy Operator Queue Italy Operator Group checked Forward to SIP address
Field Service Name Groups Enable queue time-out Call action
9-41
Field SIP address Enable queue overflow Maximum number of calls Forward the call Call action SIP address 2.
Value sip:nuno@fabrikam.com checked 5 Newest call Forward to voice mail sip:nuno@fabrikam.com
Use the Lync Server Management Shell or Lync Server Control Panel to create the Italy Sales Queue by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Italy Sales Queue Italy Sales Group checked Forward to another queue Italy Operator Queue checked 5 Newest call Forward to voice mail sip:marcel@fabrikam.com
Field Service Name Groups Enable queue time-out Call action SIP address Enable queue overflow Maximum number of calls Forward the call Call action SIP address 3.
Use the Lync Server Management Shell or Lync Server Control Panel to create the Italy Accounting Queue by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Italy Accounting Queue Italy Accounting Group checked Forward to another queue Italy Operator Queue
Field Service Name Groups Enable queue time-out Call action SIP address
9-42
Field Enable queue overflow Maximum number of calls Forward the call Call action SIP address
Value checked 5 Newest call Forward to voice mail sip:vijay@fabrikam.com
Results: After this exercise, you should have created three U.S. queues and groups and three Italy queues and groups.
9-43
Exercise 2: Configuring Workflows

Scenario
In this exercise, you will create and configure basic hunt groups that will be used in workflows to be created later. You will also configure Agent Anonymization. The main tasks for this exercise are as follows: 1. 2. Configure a one-level interactive workflow for the U.S. Configure a one-level interactive workflow for the Italy.
Task 1: Configure a one-level interactive workflow for the U.S.

1. Use the Lync Server Response Group Configuration Tool to create the U.S. interactive workflow by using the following information. Field Service 1 SIP: Display name Telephone number Display number Description Value ApplicationServer:mia-ls1.fabrikam.com USivr@Fabrikam.com Fabrikam US +13055552222 +1 (305) 555-2222 The Fabrikam US response group workflow.
Step
Enable agent anonymity checked 2 3 Language Play a welcome message. Choose the message format. Use text-to-speech 4 Your time zone Hours of operation English (United States)(en-US) Checked
Thank you for calling the Fabrikam US office. (UTC-04:00) Atlantic Time (Canada) Monday through Friday 08:00 to 17:00 For whatever day of the week it is you are performing this lab, set the Open time to 00:00 and set the Close time to 23:59. Note: The above open and close times are to avoid hitting the after-hours message unexpectedly, depending on your current time and time zone.
Play a message when the response group is outside of business hours Use text-to-speech
Checked
The Fabrikam US office is currently closed. Please call back during normal business hours or leave a message.
9-44
Step
Field Forward to voice mail SIP
Value Checked paul@fabrikam.com To speak to sales, press one or say sales. To speak to accounting, press two or say accounting. To speak to the operator, press zero or say operator. Sales 1 US Sales Queue Accounting 2 US Accounting Queue Operator 0 US Operator Queue
Use text-to-speech
Response Enter a voice response 1 Assign a keypad response Send to a queue Response Enter a voice response 2 Assign a keypad response Send to a queue Response Enter a voice response 3 Assign a keypad response Send to a queue
Task 2: Configure a one-level interactive workflow for Italy.

1. Use the Lync Server Response Group Configuration Tool to create the Italy interactive workflow by using the following information. Field Service 1 SIP: Display name Telephone number Display number Description Value ApplicationServer:rom-ls2.fabrikam.com ItalyIVR@Fabrikam.com Fabrikam Italy +390655554444 +39-06-5555-4444 The Fabrikam Italy response group workflow.
Step
Enable agent anonymity checked 2 3 Language Play a welcome message. Choose the italiano (italia) (it-IT) Checked
9-45
Step
Field message format. Select a recording
Value
C:\LabFiles\Recordings\ItalyIVRStep3.wav (UTC+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna Monday through Friday 08:00 to 17:00 For whatever day of the week it is you are performing this lab, set the Open time to 00:00 and set the Close time to 23:59. Note: The above open and close times are to avoid hitting the after-hours message unexpectedly, depending on your current time and time zone.
Your time zone Hours of operation
Play a message when the response group is outside of business hours Select a recording Forward to voice mail SIP 7 Select a recording
Checked
C:\LabFiles\Recordings\ItalyIVRStep4.wav Checked nuno@fabrikam.com C:\LabFiles\Recordings\ItalyIVRStep7.wav Vendite 1 Italy Sales Queue Contabilita 2 Italy Accounting Queue Operatore 0 ItalyOperator Queue
Response Enter a voice response 1 Assign a keypad response Send to a queue Response Enter a voice response 2 Assign a keypad response Send to a queue Response Enter a voice response 3 Assign a keypad response Send to a queue
Results: After this exercise, you should have created two one-level interactive workflows, both with three possible responses.
9-46
Exercise 3: Verifying the Response Group Service Behavior

Scenario
In this exercise, you will log on to various workflows and observe the behavior of the various workflows with different configurations and settings. The main tasks for this exercise are as follows: 1. 2. Verify the U.S. workflow behavior. Verify the Italy workflow behavior.
Task 1: Verify the U.S. workflow behavior.

1. 2. 3. 4. Log on to Lync 2010 on MIA-CL1 as Andreas, log on to RED-CL2as Tzipi, and log on to ROM-CL3 as Marcel. On ROM-CL3, dial the U.S. workflow number, and then say Sales, or dial 1. Do not answer the call. Verify that Tzipi is called first, click Decline that the call then rolls over to Andreas, and that it is then routed to Pauls voice mailbox. Disconnect the call without leaving a voice mail. Note: If the call is not routed to the agents, restart the Lync Server Response Group service on MIALS1 and ROM-Lync Server 2010. Repeat the call and then have Tzipi answer the call. Verify that the answering agent information is not provided. Disconnect the call. On RED-CL2, dial the U.S. workflow number, and then say Accounting, or dial 2. Do not answer the call. Verify that Marcel and Andreas are called at the same time, and that the call then rolls over to Pauls voice mailbox. Disconnect the call without leaving a voice mail.
5. 6. 7. 8. 9.
10. Repeat the call and then have Marcel answer the call. Verify that the answering agent information is not provided. 11. Disconnect the call. 12. Log on to Lync 2010 on MIA-CL1 as Paul. 13. On RED-CL2, dial the U.S. workflow number, and then say Operator, or dial 0. 14. Do not answer the call. Verify that the call goes to Paul and that it then rolls over to his voice mailbox. 15. Disconnect the call without leaving a voice mail. 16. Repeat the call and then answer the call. Verify that the answering agent information is not provided. 17. Disconnect the call.
Task 2: Verify the Italy workflow behavior.

1. 2. 3. 4. Log on to Lync 2010 on MIA-CL1 as Andreas. On MIA-CL1, dial the Italy workflow number and say contibilita (accounting), or dial 2. Do not answer the call. Verify that Marcel and Tzipi are called at the same time, and that the call then rolls over to Nunos voice mailbox. Disconnect the call without leaving a voice mail.
9-47
5. 6. 7. 8. 9.
Repeat the call and then have Marcel answer the call. Verify that the answering agent information is not provided. Disconnect the call. On RED-CL2, dial the Italy workflow number and say vendite (sales), or dial 1. Do not answer the call. Verify that Andreas is called first, click Decline, then the call then rolls over to Marcel, and that it then it rolls over to Nunos voice mailbox. Disconnect the call without leaving a voice mail.
10. Repeat the call and then have Andreas answer the call. Verify that the answering agent information is not provided. 11. Disconnect the call. 12. Log on to Lync 2010 on ROM-CL3 as Nuno. 13. On RED-CL2, dial the Italy workflow number and say Operatore (operator),or dial 0. 14. Do not answer the call. Verify that the call goes to Nuno and that it then rolls over to his voice mailbox. 15. Disconnect the call without leaving a voice mail. 16. Repeat the call and then answer the call. Verify that the answering agent information is not provided. 17. Disconnect the call.
Results: After completing this exercise, you should have verified the behavior of the Response Group configuration by making a series of phone calls to both workflows.
Important: After completing this lab, we recommend that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Microsoft Hyper-V Manager, highlight all running virtual machines, right-click, and then click Snapshot.
9-48
Review Questions
1. What is Response Group agent anonymization? What methods of collaboration are incompatible with anonymization? What methods of collaboration are only available after an anonymous call has started? The three major components necessary to create a response group are a workflow, queue, and agent group. In what order should they be created? What options are available for forming agent groups? Can any existing groups from Active Directory Domain Services be used?
2. 3.
Common Issues
Issue An agent has signed in to Lync 2010 and is available, but is not getting any calls from the response group. Troubleshooting tip Check to see whether the agent is part of a formal agent group and if so, whether the agent has signed in to the agent group.
An agent has signed in to Check to see whether the response group is configured to Microsoft Office Communications anonymize agents and if so, upgrade the agent's client to Server 2007 R2 and is available, but Lync 2010. is not getting any calls from the informal response group.

1. Fabrikam would like to configure a response group IVR that asks, What operating system are you using? and allows five different responses. What UI options are available for creating the queues? The agent groups? The workflows?
9-49
2.
Fabrikam has a significant number of inbound calls that are handled by a team of receptionists. The receptionists should be able to see the full list of callers that have yet to receive a response. Callers should hear a welcome message and hold music while waiting to speak to a receptionist. What type of routing should the response group use? What client will the receptionists need to use? Wingtip Toys has configured a response group that sometimes receives so many calls that hold times rise above 10 minutes. To prevent a poor customer experience, Wingtip Toys would like to configure new calls to go to voice mail if there are more than 15 callers already in queue. How should the response group be configured?
3.
Best Practices
Supplement or modify the following best practices for your own work situations: For better user experiences, limit each menu to four or fewer options, and order them by most frequently to least frequently used. Use professionally recorded voice prompts for a more polished experience. For IVRs that service older populations, try to record messages in a female voice the higher pitch is easier for some people to hear.
9-50
Conferencing in Lync Server 2010
10-1
Module 10
Contents:
Lesson 1: Introduction to Conferencing in Lync Server 2010 Lesson 2: Dial-In Conferencing in Lync Server 2010 Lesson 3: Managing and Administering Conferencing Policies Lab: Conferencing Configuration and Deployment 10-3 10-14 10-25 10-32
10-2
Module Overview
Conferencing is a core feature of Microsoft Lync Server 2010. This module introduces conferencing in Lync Server 2010, discusses dial-in conferencing in Lync Server 2010, and describes how to manage and administer conferencing policies.
Objectives
After completing this module, you will be able to: Describe conferencing in Lync Server 2010. Describe dial-in conferencing in Lync Server 2010. Manage and administer dial-in conferencing in Lync Server 2010.
10-3
Lesson 1
Introduction to Conferencing in Lync Server 2010
This lesson will provide an overview of conferencing in Lync Server 2010. This includes the conferencing modes, new conferencing features, and conferencing architecture and infrastructure components in Lync Server 2010. This lesson also explains call flows among conferencing components, and Lync Server 2010 deployment and migration considerations.
Objectives
After completing this lesson, you will be able to: Describe the conferencing modes in Lync Server 2010. Describe the new Lync Server 2010 conferencing features. Discuss the conferencing architecture and infrastructure components. Explain conferencing call flows among conferencing components. Explain the conferencing deployment and migration considerations.
10-4
Conferencing Modes in Lync Server 2010
Lync Server 2010 communications software offers a rich set of conferencing modes, including web conferencing, application sharing, instant messaging (IM) conferencing, audio/video (A/V) conferencing, and dial-in conferencing. You can choose to deploy all supported types of conferencing modes, or just some of them. This section describes these conferencing modes.
Web Conferencing
Web conferencing is integrated with the overall enterprise messaging infrastructure of Lync Server 2010 and, combined with A/V conferencing, delivers real-time collaboration that is simple to manage. With web conferencing, users can share and collaborate on documents, such as Microsoft PowerPoint presentations, during their online conferences. Additionally, users can share all or part of their desktop with each other in real time.
IM Conferencing
Lync Server 2010 enables IM conferencing, in which more than two parties communicate in a single IM session.
Audio Conferencing
Audio conferencing with Lync Server 2010 enables users to schedule, join, and manage conferences from personal computers, web, phones, and mobile devices. The Lync Server 2010 solution includes audio conferencing, which helps reduce or eliminate the cost of third-party conferencing systems.
A/V Conferencing
A/V conferencing enables users to have real-time audio and video conferences without the need for external services, such as the Microsoft Live Meeting service or a third-party audio bridge. A/V conferencing requires appropriate client devices, such as headsets for audio conferences and webcams for video conferences.
10-5
Dial-In Conferencing
Dial-in conferencing allows users to join the audio portion of a Lync Server 2010 conference by using a public switched telephone network (PSTN) phone without requiring a third party audio conferencing provider.
10-6
New Conferencing Features in Lync Server 2010
Lync Server 2010 includes the following web and A/V conferencing features:
Client Features
Lync Server 2010 includes the following new client features: Single Meeting Client. Lync Server 2010 is the only client needed for all types of meetings. Lync Server 2010 replaces the need for the Live Meeting client and the Microsoft Office Outlook 2007 Add-In. New Downloadable Meeting Client. Microsoft Lync 2010 Attendee is a new downloadable client that enables users without Lync Server 2010 to attend meetings. It does not include presence or meeting scheduling.
Conference Administrative Features

Lync Server 2010 includes the following new conference administrative feature: Meet simple URL. You can create simple Uniform Resource Locators (URLs) for joining meetings, dialin conferencing, and administrative tasks that are easy to remember and to communicate. One simple URL is the Meet simple URL, which becomes the base for all links, which users click to join conferences.
Conference Participant Features

Lync Server 2010 includes the following new conference participant features: Lobby Provides Improved User Join Experience. Anonymous users and participants who use dial-in conferencing, but for whom authentication fails, no longer need to disconnect and retry. These users are transferred to the lobby, the leader is notified, and the users wait until a leader either accepts or rejects them or their connection times out. New Conferencing Modes. During a conference a user can share their entire desktop or an individual application. Lync Server 2010 also provides client-side meeting recording and playback, whiteboard and annotation tools, and presentations created by using the Microsoft PowerPoint presentation graphics program.
10-7
Controls to Toggle Entry and Exit Announcements. By default, entry and exit announcements in an A/V conference are audible to everyone, no matter how they join the conference. Each user can turn these announcements on or off for his or her own client.
Conference Presenter Features

Lync Server 2010 includes the following new conference presenter features: New Meeting Admission Policy and Controls. Users who organize meetings can change the authorization type of attendees after sending the invitation, if they discover the original settings were incorrect. They can even change these authorization types during the meeting. For example, an organizer can elevate the privileges of an attendee to make them a presenter. Enhanced Meeting Access Levels. Users can specify a more granular set of access permissions on meetings they organize. For example, Lync Server 2010 now includes a lobby, which gives conference presenters the ability to better manage and control their meetings. Polling. Presenters can use polling to gather anonymous responses from participants and determine participant preferences. All presenters can see the results and can either hide the results or show them to all attendees. Assigned Conference IDs. By default, every meeting organized by a particular user has the same conference URL and conference ID for dial-in users. This enables dial-in users to remember just one conference ID to join all meetings organized by this user, and is similar to how meetings hosted on audio conference providers (ACPs) work. Presentation Mode. In an A/V conference, the presenter can set the conference state so that all other participants, including anybody who subsequently joins the meeting, are muted. While the conference is in this state, individual participants cannot unmute themselves. The presenter can later change the conference state, for example, to open the conference for questions. At that time, users receive a notification that they can now unmute themselves.
10-8
Conferencing Architecture and Infrastructure Components
The main conferencing infrastructure components of Lync Server 2010 are the Focus Factory, Focus Conferencing Server Factory, and Conferencing Database. This section describes these components.
Focus Factory
The Focus Factory is a Session Initiation Protocol (SIP) entity that creates, deletes, and modifies meetings in the conferencing database. The Focus Factory manipulates meetings in the conferencing database according to Centralized Conferencing Control Protocol (C3P) commands that are issued by clients.
Focus
The Focus is on the central policy and state manager for a conference and acts as the coordinator for all aspects of the conference. The Focus is responsible for the following: Enforcing the conference control policy Managing the overall security for a conference Managing conference participant roles and privileges Sending conference state notifications to clients Providing a conduit for control commands to flow between clients and conferencing servers
Conferencing Server Factory

The Conferencing Server Factory is responsible for provisioning a conference for a particular media type on a conferencing server. The Conferencing Server Factory can also take into account the current load on the conferencing servers before assigning a conferencing server to a conference. There is one Conferencing Server Factory instance on each Front End Server, which handles all media types.
10-9
Conferencing Database
A Focus holds important information for the entire conference, including all conference participants. If a Focus instance fails, it must be possible to restart the conference. To support this, any state information that is needed to resume the conference persists in a conferencing database, which runs on a SQL Server back-end database. In Lync Server 2010, presence, registrar information, and conferencing information are stored in different tables of the same physical database.
10-10
Call Flows Among Conferencing Components
This section describes the sequence of call flows that are required among conference components to create a conference, invite the appropriate components and users, and enable participants to join.
Scheduling a Conference
The following sequence of steps describes how the scheduling model enables client and server to cooperate in creating a scheduled conference: Using organizer input, the scheduling client (Microsoft Outlook) generates a unique conference ID. 1. The scheduling client contacts the Focus Factory on the conferencing server (either Lync Server 2010 Standard Edition or a Lync Server 2010 Enterprise Edition front-end server) and requests a new meeting. This request and subsequent meeting commands that are exchanged between client and servers use C3P over SIP. The Focus Factory determines whether the organizer is authorized to create a conference. If so, the Focus Factory returns a unique conference SIP Uniform Resource Identifier (URI) to the scheduling client. The scheduling client, after receiving the conference SIP URI from the Focus Factory, uses it to create a Conference Join URL, which includes the conference ID, conference key, and parameters indicating whether the conference is audio only or a full collaborative meeting. The scheduling client sends an email invitation to all meeting participants, including the organizer. This invitation contains the Conference Join URL, which participants can click to join the conference.
2.
3.
4.
Joining a Conference
A meeting invitation contains the following elements: The Conference Join URI A link for first-time participants to test and validate their ability to join the conference Audio instructions
10-11
List of participants Dial-in personal identification number (PIN) instructions
10-12
Deployment and Migration Considerations
Deployment Considerations
Determining which conferencing capabilities to deploy depends not only on the features you want available to your users, but also on your network bandwidth capabilities. This section discusses factors to consider when you want to deploy conferencing.
Enabling Web Conferencing with Collaboration and Application Sharing

To enable web conferencing that includes document collaboration and application sharing, you must enable conferencing for your Front End pool in the Lync Server Topology Builder. Enabling conferencing enables both web conferencing and A/V conferencing. Application sharing requires and uses more network bandwidth than document collaboration. Lync Server 2010 communications software provides a throttling mechanism to control each application sharing session. By default, this is set to 1.5 megabytes (MB) per second for each session. If you do not want to enable application sharing but you do want document collaboration, you can enable conferencing and use meeting policies to disable application sharing.
Enabling A/V Conferencing

If you want to enable A/V conferencing, you must enable conferencing for your Front End pool in the Lync Server 2010 Topology Builder. Enabling conferencing enables both web conferencing and A/V conferencing. A/V conferencing requires and uses more network bandwidth than document collaboration. If you do not want to enable A/V conferencing but you do want web conferencing, you can enable conferencing and use meeting policies to disable A/V conferences. If you do want to enable audio conferences but not video conferences, you can enable A/V conferencing and use meeting policies to prevent video conferences. Alternatively, you can enable A/V conferencing and allow only certain users to start or participate in A/V conferences.
10-13
Note: A complete Enterprise Voice solution is not necessary for A/V conferencing. If you enable A/V conferencing, users can add audio to their conferences if they have audio devices, even if you use a private branch exchange (PBX) for your telephone solution.
Enabling Users to Join the Audio Portion of Conferences When Using a PSTN Phone
If you want to enable users to join the audio portion of conferences when using a PSTN phone, you should deploy and enable dial-in conferencing. Invited users, both inside and outside of your organization, can then join the audio portion of conferences by using a PSTN phone. Note: Dial-in conferencing requires Enterprise Voice to be configured.
Enabling External Users with Lync Server 2010 Clients to Join the Conference
If you want to enable external users with Lync Server clients to join the types of conferences that you have enabled, you should deploy Edge Servers. Allowing external participation in meetings maximizes an organizations investment in Lync Server. For example, users with laptops with Lync Server 2010 can join conferences from wherever they areat home, in an airport, or at customer sites without the need for a PSTN connection. Additionally, if you deploy Edge Servers, you can create federated relationships with other organizations such as your customers or vendors and users from those organizations can more easily collaborate with your users.
Migration Considerations
The following section discusses considerations when migrating users.
Migrating Users Based on Their Conferencing Needs

Consider migrating frequent meeting organizers early in the process so that they can take advantage of the new sharing, collaboration, and lobby management features of Lync Server 2010.
Migrating Existing Meetings and Meeting Content

When a user account is moved from Microsoft Office Communications Server 2007 R2 to a Lync Server 2010 server, the following information moves along with the user account: Meetings already scheduled by the user. This includes Communicator conference calls (conf: URL scheme) and Live Meeting conferences (meet: URL scheme). Note: Live Meeting must be used for any conferences that are migrated with the meet: scheme. The users PIN. The users current PIN continues to work until it expires or the user requests a new PIN.
The following information does not move to the new server: Meeting content. You should advise meeting organizers to reload content into their scheduled meetings after migration. Note: Existing dial-in conferencing numbers work whether the meeting is hosted on Office Communicator 2007 R2 server or a Lync Server 2010 server. However, the latest Office Communicator 2007 R2 cumulative update is required on the Office Communicator 2007 R2 server pools.
10-14
Lesson 2
Dial-In Conferencing in Lync Server 2010
This lesson discusses dial-in conferencing, and the configuration and requirements for dial-in conferencing.
Objectives
After completing this lesson, you will be able to: Explain the dial-in conferencing features in Lync Server 2010. Describe the requirements for dial-in conferencing. Explain the configuration options for dial-in conferencing in Lync Server 2010. Describe the deployment steps for dial-in conferencing in Lync Server 2010.
10-15
Dial-In Conferencing Support
Dial-in conferencing supports the following: Enterprise users. Enterprise users have Active Directory Domain Services (AD DS) credentials and Lync Server 2010 accounts within their organization. Anonymous users. Anonymous users do not have enterprise credentials within an organization.
This section describes dial-conferencing support for enterprise users and anonymous users. Note: In the dial-in conferencing context, a user in a federated partners organization who uses the PSTN to connect to a conference is treated like an anonymous user.
Enterprise Users Who Join a Dial-In Conference

Enterprise users or conference leaders who join a conference enabled for dial-in access dial one of the conference access numbers and then are prompted to enter the conference ID. If a leader has not yet joined the meeting, users can either enter their unified communications (UC) extension (or full phone number) and PIN or wait to be admitted by a leader. Meeting organizers can join the meeting as a leader by entering just their PIN from an authenticated device.
Authenticating Enterprise Users

The front-end server uses the combination of a full phone number or extension, and PIN, to uniquely map enterprise users to their Active Directory credentials. As a result, enterprise users are authenticated and identified by name in the conference. Enterprise users can also assume a conference role predefined by the organizer.
10-16
Note: Enterprise users who dial-in from an office Internet Protocol (IP) phone or from Lync Server 2010 or Lync Server 2010 Attendant are not prompted for their phone number because they are already authenticated.
Anonymous Users Who Join a Dial-In Conference

Anonymous users who want to join a dial-in conference dial one of the conference access numbers and they are prompted to enter the conference ID. Anonymous users are not admitted to the conference until at least one leader or authenticated user has joined, and they cannot be assigned a predefined role unless the meeting policy allows users dialing in to bypass the lobby. Unauthenticated anonymous users are also prompted to record their name. The recorded name identifies unauthenticated users in the conference. Note: Enterprise users who choose not to enter their phone number and PIN are not authenticated and, thus, are prompted to record their name.
Closing or Locking Meetings

When scheduling a meeting, the meeting organizer can choose to restrict access to the meeting by closing or locking the meeting. In this case, dial-in users are requested to authenticate. If they fail or choose not to authenticate, they are transferred to the lobby, where they wait until a leader accepts or rejects them or they timed out and are disconnected.
Dial-In Participants
Dial-in participants hear music if they are waiting to be admitted to the conference. After they are admitted to a conference, dial-in users can participate in the audio portion of the conference and can exercise dual-tone multi-frequency (DTMF) commands by using the phone keypad. Dial-in participants, whether or not they dial from the PSTN, hear personal announcements during the conference, such as whether: They have been muted or unmuted The meeting is being recorded Someone is waiting in the lobby
All dial-in participants can exercise DTMF commands to hear Help, listen to the conference roster, and mute themselves.
Dial-in Leaders
Dial-in leaders and some client users can exercise DTMF commands to turn participants' ability to unmute on or off, lock or unlock the conference, admit people from the lobby, and turn entry and exit announcements on or off. Leaders and some client users can also use a DTMF command to admit everyone from the lobby, which changes the permissions of the meeting to allow anyone who subsequently joins. Note: Participants who join the conference by clicking a link instead of dialing in do not hear personal announcements.
10-17
Requirements for Dial-in Conferencing
This section describes the requirements for the components that are specific to dial-in conferencing.
Hardware and Software Requirements

In addition to the hardware and software requirements for front-end servers, other requirements include Application service, Conferencing Attendant, and Conferencing Announcement. Conferencing Attendant and Conferencing Announcement require that Windows Media Format Runtime is installed on front-end servers running Windows Server 2008 R2 or Windows Server 2008. Windows Media Format Runtime is required to play Windows Media audio (WMA) files that are used for music on hold, recorded names, and prompts. Windows Media Format Runtime is installed automatically when you run Setup. Note: It is recommended that you install Windows Media Format Runtime before you run Setup because Windows Media Format requires you to restart your computer after it is installed.
Port Requirements
If you use a load balancer, ensure that the load balancer is configured for the ports used by any applications that will run in the pool. These ports are default settings that you can change by using the Set-CsApplicationServer cmdlet. Note: All instances of the same application in a pool use the same SIP listening port. The following table lists and describes the ports that are used by dial-in conferencing.
10-18
Port number 5072 5073
Description Used by Conferencing Attendant for SIP listening requests Used by Conferencing Announcement for SIP listening requests
Audio File Requirements

Lync Server 2010 does not support customization of voice prompts and music for dial-in conferencing. Conferencing Attendant and Conferencing Announcement have the following requirements for music on hold, recorded name, and audio prompt files: WMA file format 16-bit mono 48 kbps 2-pass CBR (constant bit rate) Speech level at -24DB
Note: If you have a strong business need that requires you to change the default voice prompt or music file, you can customize your media files by following the procedure found in the article located at http://support.microsoft.com/kb/961177.
Authenticated User Requirements

Dial-in conferencing users must have a unique phone number or extension assigned to their account. This requirement supports authentication during dial-in. Enterprise users (that is, users who have AD DS credentials and Lync Server 2010 accounts within your organization) enter their phone number (or extension) and a PIN to dial-in to conferences as an authenticated user.
10-19
Configuration Options for Dial-in Conferencing
This section describes the Lync Server 2010 communications software components that are used for dialin conferencing. These components are automatically installed and activated when a Pool server is configured with dial-in conferencing within the Topology Builder.
Application Service
Application service provides a platform for deploying, hosting, and managing unified communications (UC) applications. Dial-in conferencing uses two UC applications that require Application service: Conferencing Attendant and Conferencing Announcement.
Conferencing Attendant Application

Conferencing Attendant is a unified communications application that accepts PSTN calls, plays prompts, and joins the calls to an A/V conference. When a user is prompted to enter their conference information, Conferencing Attendant Application uses Interactive Voice Response (IVR). When the call is connected to the conference, Conferencing Attendant Application backs out and client access server (CAS) takes over.
Conferencing Announcement Application

Conferencing Announcement is a UC application that plays tones and prompts to PSTN participants on certain actions, such as when participants join or leave a conference, participants are muted or unmuted, someone enters the conference lobby, or the conference is locked or unlocked. Conferencing Announcement also supports DTMF commands from the phone keypad.
Dial-in Conferencing Settings Web Page

The Dial-in Conferencing Settings web page displays conference dial-in numbers with their available languages, assigned conference information (for meetings that do not need to be scheduled), and inconference DTMF controls. It also supports management of PIN and assigned conferencing information. The Dial-in Conferencing Settings web page is automatically installed as part of Web Services.
10-20
Lync Server 2010 Mediation Server and PSTN Gateway

Dial-in conferencing requires a Mediation Server to translate signaling between Lync Server 2010 and the PSTN. For dial-in conferencing, you must deploy at least one Mediation Server and at least one of the following: A PSTN gateway An IP-PBX A Session Border Controller (SBC) for an Internet telephony service provider to which you connect by configuring a SIP trunk
Note: If your Lync design includes Enterprise Voice, Mediation Servers and PSTN connectivity options will already be part of the deployment. If you are not deploying Enterprise Voice, you will need to deploy at least one Mediation Server and at least one PSTN connectivity option for dial-in conferencing to function.
File Store
File store is used for recorded name audio files. File Store is a standard component in every Enterprise Edition or Standard Edition deployment.
User Store
User store is used to store user Lync Server 2010 PINs. PINs are encrypted. The User store is a standard component in every Lync Server 2010 Enterprise Edition or Lync Server 2010 Standard Edition deployment.

Some dial-in settings can be configured by using Lync Server Control Panel. For example, Lync Server Control Panel can be used to configure Conferencing Policy settings that specify whether a PSTN conference dial-in is enabled or whether users can invite anonymous participants to a conference.

All dial-in settings can be configured by using Lync Server Management Shell cmdlets. Lync Server Management Shell cmdlets are available for deploying, configuring, running, monitoring, and troubleshooting Conferencing Attendant and Conferencing Announcement.
10-21
Deploying Dial-In Conferencing
Before you can configure dial-in conferencing, you need to deploy either Enterprise Voice or a Mediation Server and a PSTN connectivity option. All the steps described in this section must be performed before users can dial-in from the PSTN to join an audio/video conference. Note: If you are migrating from Office Communications Server 2007 R2, you must apply at least Cumulative Update 5 (CU5) to your Office Communications Server 2007 R2 environment before
10-22
deploying dial-in conferencing. CU5 supports participants dialing Office Communications Server 2007 R2 access numbers to join Lync Server 2010 conferences.
Step 1: Create a Topology

Create a topology that includes the Conferencing workload, including a Mediation Server and PSTN gateway, and deploy the Front End pool or Standard Edition server. The following step describes how to update or modify a topology configuration: Run Topology Builder to update or modify the topology configuration, and then click the dial-in conferencing option. Note: This step is required only if you do not deploy Enterprise Voice and do not collate the Mediation Server with the Enterprise Edition front-end Server or Standard Edition server. If you deploy Enterprise Voice, you install and configure Mediation Servers and PSTN gateways as part of the Enterprise Voice deployment. If you collate the Mediation Server, you install and configure the Mediation Server as part of the Front End pool or Standard Edition server deployment. The permissions required to create a topology are: Domain Admins Group RTCUniversalServerAdmins Group CsVoiceAdminstrator CsAdminstrator
Step 2: Configure Dial Plans for Dial-In Conferencing

If you deploy Enterprise Voice, you set up dial plans as part of that deployment, and you need to ensure that the dial plans also accommodate dial-in conferencing. If you do not deploy Enterprise Voice, you need to set up dial plans for dial-in conferencing. Use the Lync Server Control Panel or Lync Server Management Shell to set up dial plans as follows: 1. 2. Create one or more dial plans for routing dial-in access phone numbers. Assign a default dial plan to each pool. Set the Dial-in conferencing region to the geographic location to which the dial plan applies. The region associates the dial plan with dial-in access numbers.
The permissions required to configure dial plans for dial-in conferencing are: CsVoiceAdminstrator CsAdministrator
Step 3: Ensure Dial Plans Are Assigned Regions

Run the Get-CsDialPlan and Set-CsDialPlan cmdlets to ensure that all dial plans have a region assigned or set the region using the Lync Server Control Panel. The permissions required to ensure dial plans for assigned regions are: CsVoiceAdminstrator CsAdministrator
10-23
Step 4: Verify PIN Policy Settings (Optional)

Use Lync Server Control Panel or Lync Server Management Shell to view or modify the conferencing PIN Policy. You can specify minimum PIN length, maximum number of logon attempts, PIN expiration, and whether common patterns are allowable. The permission required to verify policy settings is: CsAdministrator
Step 5: Configure Conferencing Policy for Dial-In Conferencing

Use Lync Server Control Panel or Lync Server Management Shell set-csdialinconferencingconfiguration to configure Conferencing Policy settings. Specify whether: PSTN conference dial-in is enabled. Users can invite anonymous participants. Unauthenticated users can join a conference by using dial-out phoning. With dial-out phoning, the conference server calls the user, and the user answers the phone to join the conference.
The permission required to configure conferencing policy for dial-in conferencing is: CsAdministrator
Step 6: Configure Dial-In Conferencing Access Numbers

Use Lync Server Control Panel or Lync Server Management Shell to set up dial-in access numbers that users call to dial-in to a conference, and specify the regions that associate the access number with the appropriate dial plans. The first three access numbers for the region specified by the organizer's dial plan are included in the conference invitation. All access numbers are available on the Dial-in Conferencing Settings web page. Note: After you create dial-in access numbers, you can use the SetCsDialInConferencingAccessNumber cmdlet to modify the display name of the Active Directory contact objects so that users can more easily identify the correct access number. The permission required to configure dial-in conferencing access numbers is: CsAdministrator
Step 7: Verify Dial-In Conferencing Settings (Optional)

Use the Get-CsDialinConferencingAccessNumber cmdlet to search for dial plans that have a dial-in conferencing region that is not used by any access number and for access numbers that have no region assigned. The permissions required to verify dial-in conferencing settings are: CsAdministrator CsViewOnlyAdministrator CsServerAdminstrator CsHelpDesk
10-24
Step 8: Modify Key Mapping for DTMF Commands (Optional)

Use the Set-CsDialinConferencingDtmfConfiguration cmdlet to modify the keys used for DTMF commands, which participants can use to control conference settings (such as mute and unmute or lock and unlock). The permission required to modify mapping for DTMF commands is: CsAdministrator
Step 9: Modify Conference Join and Leave Announcements (Optional)

Use the Set-CsDialinConferencingConfiguration cmdlet to change how announcements work when participants join and leave conferences. The permission required to modify conference join and leave announcements is: CsAdministrator
Step 10: Test Dial-In Conferencing (Optional)

Use the Test-CsDialInConferencing cmdlet to test that the access numbers for the specified pool work correctly. The permission required to test dial-in conferencing is: CsAdministrator
Step 11: Configure User Account Settings

Use Lync Server Control Panel or Lync Server Management Shell to configure the telephony Line URI as a unique, normalized phone number (for example, tel:+14255550200;ext=0200). The permissions required to configure user account settings are: CsAdministrator CsUserAdminstrator
Step 12: Welcome Users to Dial-In Conferencing and Set the Initial PIN (Optional)
Use the Set-CsPinSendCAWelcomeMail script to set users' initial PINs and send a welcome email that contains the initial PIN and a link to the Dial-in Conferencing Settings web page. For example: Set-CsPinSendCAWelcomeMail UserUri user@fabrikam.com SmtpServer mail.fabrikam.com From admin@fabrikam.com. The permissions required to welcome users to dial-in conferencing and set the initial PIN are: CsAdministrator CsUserAdminstrator
10-25
Lesson 3
Managing and Administering Conferencing
Most of the policy settings that determine Lync Server 2010 conferencing are configurable through Lync Server Control Panel. However, there are several essential policies and settings that impact conferencing and that can only be configured by using Lync Server Management Shell. This lesson discusses how to manage and administer conferencing policies by using Lync Server Control Panel and Lync Server Management Shell.
Objectives
After completing this lesson, you will be able to: Manage and administer conferencing by using Lync Server Control Panel. Manage and administer conferencing by using Lync Server Management Shell. Explain conferencing polices in Lync Server 2010.
10-26
Using Lync Server Control Panel to Manage and Administer Conferencing Policies
Creating a New User Policy

The conferencing policy is one of the individual settings of a user account that can be configured in Lync Server Control Panel. The following procedure describes how to create a new user policy: 1. 2. 3. 4. 5. Open Lync Server Control Panel. In the left navigation bar, click Conferencing. On the Conferencing Policy tab, click New, and then click User policy. In the New Conferencing Policy dialog box, in the Name box, type the policy name. To modify the default policy settings, choose from any of the following options.
Setting Maximum meeting size Allow users to invite anonymous users Enable recording Audio/video Maximum video resolution allowed for conferencing Data collaboration: Allow external users to download content Allow users to transfer files Allow users to transfer files by using peer-to-peer
10-27
Setting Enable the use of annotations
Allows users to schedule meetings with application sharing Allows users to take control Allow external users to control shared applications 6. Click Commit. Important: Lync Server Control Panel cannot be used to manage users who are members of the Active Directory Domain Admins group. For Domain Admin users, you can use Lync Server Control Panel only to perform read-only search operations. To perform write operations as Domain Admin users, such as enable or disable for Lync Server, change pool or policy assignments, telephony settings, SIP address, or perform other tasks, you must use Windows PowerShell cmdlets while logged on as a Domain Admin.
Modifying the Default Global Conferencing Policy

The default conferencing policy defines your global-level meeting policies at the forest level for your organization. The following procedure describes how to use Lync Server Control Panel to make changes to the global policy. 1. 2. 3. 4. Open Lync Server Control Panel. In the left navigation bar, click Conferencing. On the Conferencing Policy tab, double-click the Global policy to open the Edit Conferencing Policy dialog box. In the Edit Conferencing Policy dialog box, choose from any of the following options.
Setting Maximum meeting size Allow participants to invite anonymous users Enable recording Audio/video Maximum video resolution allowed for conferencing Data collaboration: Allow federated and anonymous participants to download content Allow participants to transfer files Enable annotations Enable polls
Application sharing Allow participants to take control Allow federated and anonymous participants to take control
10-28
Setting Enable peer-to-peer file transfer Enable peer-to-peer recording 5. Click Commit.
10-29
Using Lync Server Management Shell to Manage and Administer Conferencing Policies
To use cmdlets to configure conferencing settings for Lync Server 2010: 1. 2. Open Lync Server 2010 Management Shell. Run:
Get CsConferencingConfiguration
This cmdlet returns the conferencing configuration settings. 3. Run the following cmdlet with the options you want to change:
Set-CsConferencingConfiguration
Note: You can also create additional sets of conferencing configuration settings for specific sites. Use the New- CsConferencingConfiguration cmdlet with a site identity. When you create new conferencing configuration settings for sites, the site settings take precedence over the global settings.
10-30
Conferencing Policy Settings
Conferencing policy settings determine such things as the maximum allowed size for meeting content; the content grace period; and the URLs for the internal and external downloads of the supported client. This section describes these settings.
Content
The content-related setting includes: ContentGracePeriod. Indicates how long conference content will remain on the server following the end of the conference. The ContentGracePeriod must be specified using the format Days:Hours:Minutes:Seconds. MaxContentStorageMb. Maximum amount of file space (in megabytes) allowed for the storage of meeting content
Media
The media-related settings include: ClientMediaPort. Represents the starting port number used for client media. ClientMediaPortRange. Indicates the total number of ports available for client media. ClientMediaPortRangeEnabled. When set to True, clients will use the specified port range for media traffic. When set to False (the default value) any available port (from port 1024 through port 65535) will be used to accommodate media traffic.
Audio
The audio-related settings include: ClientAudioPort. Represents the starting port number used for client audio. ClientAudioPortRange. Indicates the total number of ports available for client audio.
10-31
Video
The video-related settings include: ClientVideoPort. Represents the starting port number used for client video. ClientVideoPortRange. Indicates the total number of ports available for client video.
Application Sharing
The client application sharing-related settings include: ClientAppSharingPort. Represents the starting port number used for application sharing. ClientAppSharingPortRange. Indicates the total number of ports available for application sharing. MaxBandwidthPerAppSharingServiceMb. Indicates the maximum amount of bandwidth (in megabytes) set aside for the Application Sharing Conferencing service.
File Transfer
The client file transfer-related settings include: ClientFileTransferPort. Represents the starting port number used for file transfers. ClientFileTransferPortRange. Indicates the total number of ports available for file transfers.
SIP
The SIP-related settings include: ClientSipDynamicPort. Represents the starting port number used for SIP traffic. ClientSipDynamicPortRange. Indicates the total number of ports available for SIP traffic.
Organization
The organization-related setting includes: Organization. The name of the organization hosting the conference.
Help Desk
The help desk-related settings include: HelpDeskInternalUrl. URL where internal users who click Help during a conference will be directed. HelpDeskExternalUrl. URL where external users who click Help during a conference will be directed.
Console Download
The console download-related settings include: ConsoleDownloadInternalUrl. URL where internal users can download a supported client. ConsoleDownloadExternalUrl. URL where external users can download a supported client.
10-32
Lab: Conferencing Configuration and Deployment
During this lab, you will configure the various components of Lync Server 2010 conferencing. First, you will configure dial-in conferencing, designating a dial-in conferencing number for Miami and Rome. Then you will configure conferencing policies by editing the global policy to be more restricted, create conferencing policies for both sites, and create specific polices for users. Lastly, you will test and verify dial-in conferencing and the conferencing policies you just created. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is up to the students to determine when to share tasks so that both students gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

This lab requires the virtual machines running from the previous lab and depends on the completion of Lab 5 through 9. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
10-33
5.
6.
7.
8.
9.
10-34
b.
10-35
40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services that are set to Automatic start have started. If not, right-click the service and click Start. Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
10-36
10-37
Exercise 1: Configuring Dial-In Conferencing

Scenario
In this exercise, you will configure dial-in conferencing for Fabrikam, by configuring Dial-In conferencing numbers for Miami and Rome. You will also use Lync Server Management Shell to test the dial-in access number. The main tasks for this exercise are as follows: 1. 2. 3. 4. Configure regions for the dial plans. Create the dial-in access number for the U.S. region. Create the dial-in access number for the Italy region. Test the dial-in access numbers. Important: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server and Lync Server 2010 services. To do so, click Start, click Administrative Tools and then click Services. In the Services console, verify all services that are set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Configure regions for the dial plans.

1. 2. 3. 4. On MIA-LS1, use the Lync Server Control Panel or Lync Server Management Shell to configure US Region as the Global dial plan. Use the Lync Server Control Panel or Lync Server Management Shell to configure US Region as the Miami and Redmond dial plans. Use the Lync Server Control Panel or Lync Server Management Shell to configure Italy Region as the Rome dial plan. Commit all changes.
Task 2: Create the dial-in access number for the U.S. region.
1. On MIA-LS1, use the Lync Server Control Panel or Lync Server Management Shell to configure a U.S. Region Dial-In Conferencing number, by using the following information. Value +1 (305) 555-2345 US Dial-in Conferencing Number tel:+13055552345 Sip:USCAA @Fabrikam.com Mia-ls1.fabrikam.com English (United States) Italiano (Italia) US Region
Field Display number Display name Line URI SIP URI Pool Primary language Secondary Languages Associated Regions
10-38
Task 3: Create the dial-in access number for the Italy region.
1. On MIA-LS1, use the Lync Server Control Panel or Lync Server Management Shell to configure an Italy Region Dial-In Conferencing number, by using the following information. Value +39-06-5555-4567 Italy Dial-in Conferencing Number tel:+390655554567 Sip: ItalyCAA @Fabrikam.com rom-ls2.fabrikam.com Italiano (Italia) English (United States) Italy Region
Field Display number Display name Line URI SIP URI Pool Primary language Secondary Languages Associated Regions
Task 4: Test the dial-in access numbers.

1. 2. On MIA-LS1, use the Lync Server Management Shell to test the Dial-in Access Numbers. In the Lync Server 2010 Management Shell, type the following command, and then press Enter.
$cred = Get-Credential
3. 4. 5.
At the Windows PowerShell Credential Request window, in the User name box, type Andreas@Fabrikam.com In the Password box, type Pa$$w0rd, and then click OK. In the Lync Server Management Shell, type the following command, and then press Enter.
Test-CsDialInConferencing UserSipAddress sip:andreas@fabrikam.com UserCredential $cred TargetFqdn mia-ls1.fabrikam.com
6.
In the Lync Server Management Shell, type the following command, and then press Enter.
Test-CsDialInConferencing UserSipAddress sip:andreas@fabrikam.com UserCredential $cred TargetFqdn rom-ls2.fabrikam.com
7.
Verify that both results show as Success.
Note: If these commands fail, restart the Front-End services on MIA-LS1 and ROM-LS2 and then retry the commands.
Results: After this exercise, you should have configured dial-in conferencing, first by configuring Regions for the dial plans, and then configuring a US and Italy Dial-in Access number. Then you used the Lync Server 2010 Management Shell to test the Conferencing numbers.
10-39
Exercise 2: Configuring Conferencing Policies

Scenario
In this exercise, you will edit the global conferencing policy. You will then create site policies for two locations. The global policy will determine the default conferencing settings for the organization. The site policies will be specific for each location, while the user policies will be for super users and executives. The main tasks for this exercise are as follows: 1. 2. 3. Edit the global conferencing policy. Create the site conferencing policies. Create a user conferencing policy.
Task 1: Edit the global conferencing policy.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to edit the global conferencing policy, by using the following information. Value 10 Disabled Disabled 352*288(CIF) None Disabled Enable application sharing Disabled
Field Maximum meeting size Allow participants to invite anonymous users Enable PSTN dial-in conferencing Maximum video resolution allowed for conferencing Data Collaboration Allow participants to take control Participant policy Enable peer-to-peer file transfer
Task 2: Create the site conferencing policies.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the Miami site conferencing policy, by using the following information. Value 100 Enable Recording Enabled
Field Maximum meeting size Recording Enable PSTN dial-in conferencing 2.
On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the Rome site conferencing policy, by using the following information. Value 100
Field Maximum meeting size
10-40
Field Recording Enable PSTN dial-in conferencing
Value None Enabled
Task 3: Create a user conferencing policy.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create an unrestricted user conferencing policy, by using the following information. Value Unrestricted Conferencing Policy
Field Name
Description
Recording Allow federated and anonymous participants to record Allow anonymous participants to dial out Allow federated and anonymous participants to take control Enable peer-to-peer recording
Fabrikams unrestricted conferencing policy.

Enable Recording Enabled Enabled Enabled Enabled
Results: After this exercise, you should have edited the Global conferencing policy, created two site policies and one unrestricted user policy.
10-41
Exercise 3: Experiencing Lync Server 2010 Conferencing

Scenario
In this exercise, you will test the dial-in conferencing user experience, as well as seeing the various conferencing policies being applied and their resulting restrictions. Test the remaining modalities including multi-party, IM, audio, and application sharing (including file transfer). You will then assign the user conferencing policy to Andreas and Tzipi and view it being applied. Note: If you have problems opening Outlook on any of the clients, use the Mail (32 bit) MMC in Control Panel to delete the current profile, and then recreate the profile. The main tasks for this exercise are as follows: 1. 2. 3. Experience dial-in conferencing. Test and verify conferencing. Assign conferencing policies to users and verify application.
Task 1: Experience dial-in conferencing.

1. 2. 3. 4. 5. 6. Sign out of Lync 2010 and close Outlook on all virtual machine clients. Sign in to Lync 2010 on MIA-CL1 as Andreas and then open Outlook. Sign in to Lync 2010 on RED-CL2 as Tzipi and then open Outlook. Sign in to Lync 2010 on ROM-CL3 as Marcel and then open Outlook. On MIA-CL1, in Lync 2010, click the Phone tab and then click PIN. Sign in to the Dial-in Conferencing Settings and PIN Management page and retrieve Andreas Conference ID and Meeting URL.
Note: If you are note prompted for credentials or get an error, click Sign in with a different account, and then enter Andreas credentials. 7. Create a new PIN for Andreas by using 305425 as the PIN. 8. 9. Notice the features of Dial-in Conferencing, such as DTMF controls, entrance and exit announcements, and the option for different languages. On all three clients, call the U.S. dial-in access number and enter Andreas conference ID to start an ad-hoc dial-in conference.
10. Repeat these steps for the Rome dial-in access number.
Task 2: Test and verify conferencing.

1. 2. 3. 4. 5. 6. On MIA-CL1, in Andreas Outlook Calendar, click New Online Meeting. Click Meeting options, view the various default settings, and then click Cancel. Invite Tzipi and Marcel to the meeting invite, fill out a subject, and send the invite. In the meeting invite, notice the meeting join information provided and other information, such as Conference ID. Attend the meeting on all three clients. Test the following features of Conferencing: Application Sharing Requesting and giving control
10-42
7. 8.
Desktop Sharing Requesting and giving control
Data collaboration: Annotations
Whiteboards Polls Recording Audio
On ROM-CL3, in Marcels Outlook Calendar, start a New Online Meeting. Notice the Rome sites conferencing policy is being applied and what features are available.
Task 3: Assign conferencing policies to users and verify application.

1. 2. 3. 4. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to assign the Unrestricted Conferencing Policy to Andreas Herbinger and Tzipi Butnaru. Close Lync 2010 and Outlook on MIA-CL1 and then sign back in as Andreas. Close Lync 2010 and Outlook on RED-CL2 and then sign back in as Tzipi. On RED-CL2, start an online meeting and notice the application of the user conferencing policy, and what features are available. Results: After this exercise, you should have tested and verified the dial-in conferencing access numbers you earlier configured, tested and verified application of conferencing policies, and reviewed the features of Lync Server 2010 conferencing.
Important: After this lab, we recommend that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, right-click and then click Snapshot.
10-43
Review Questions
1. 2. 3. What is Focus responsible for on a Lync Server 2010 infrastructure? What is Focus Factory responsible for? What are the possible ways to authenticate against a dial-in conference in Lync Server 2010? Name three or more settings that can be controlled by a conferencing policy.
Common Issues
Issue A number of callers have successfully joined a dial-in conference but new callers are not able to join. The leader of a conference is not able to successfully authenticate. Dial-in participants complain that they are unable to hear chimes when other participants join or leave the conference. Get-CsUser does not show a conferencing policy for a given user. Troubleshooting tip Check the maximum meeting size to see whether the maximum meeting size has been reached.
Check to ensure that the leader has set a PIN. Ensure that CAS is running and that the participant has not disabled conference notifications.
Get-CsUser only displays user policies, a more complicated PowerShell script or the UI is required to look at all policies that apply to a user.
10-44

1. Contoso would like to enable audio conferencing and dial-in conferencing for collaboration, but does not want video conferencing to be available in order to conserve bandwidth. How should Contoso configure Lync Server 2010 to achieve the desired objectives? Fabrikam is planning a dial-in conferencing deployment. Currently Fabrikam has a minimal Lync Server 2010 infrastructure with only IM and presence functionality deployed. What prerequisites are necessary for Fabrikam to deploy before they can successfully deploy dial-in conferencing? What are some components of Lync Server 2010 that are used by dial-in conferencing that are already deployed? Wingtip Toys would like to apply a special conferencing policy to members of the Marketing department. All users in the Marketing department exist within a special organizational unit. What PowerShell command can be used to apply a conferencing policy to these users?
2.
3.
Best Practices
Consider policy settings carefully before implementation. Opting for meeting sizes that are too small, video resolution that is too low, or limiting features can unnecessarily detract from the user experience. Educate users on specifics of conferencing including etiquette, such as muting yourself when not speaking; limitations, such as not being able to transfer a conference; and how to add/remove modalities. When configuring dial-in conferencing to support multiple countries, provide regional dial-in numbers configured with appropriate primary languages. The Lync 2010 client contains built in logging that is disabled by default. By enabling logging and signing in, you will create a log file in %userprofile%\Tracing that includes the in-band provisioning information. The log file also has conferencing policy settings included.
Monitoring and Archiving
11-1
Module 11
Contents:
Lesson 1: Describing the Archiving Service Lesson 2: Describing the Monitoring Service Lesson 3: Configuring Archiving and Monitoring Lab: Configuring and Using Archiving and Monitoring in Lync Server 2010 11-3 11-11 11-19 11-27
11-2
Module Overview
In Microsoft Lync Server 2010, the Archiving server provides a solution for archiving the content of instant messages (IM) and web conferencing communications in support of your compliance requirements. The Monitoring server role collects numerical data about the quality of calls on your network, and details about participants, device names, drivers, IP addresses, and endpoint types involved in calls and sessions. This Quality of Experience (QoE) data enables you to monitor the quality of real sessions and perform troubleshooting in response to end-user issues. In addition, these types of call detail statistics are useful for monitoring usage trends and calculating your organizations overall return on investment (ROI). This module discusses the features and configuration of both the Monitoring and Archiving services. You will learn how to interpret the QoE reports and use this information to better manage and deliver a highquality user experience for Lync Server 2010. After completing this module, you will be able to: Describe the Archiving service. Describe the Monitoring service. Configure the Archiving and Monitoring services.
11-3
Lesson 1
Describing the Archiving Service
Corporations and other organizations are subject to an increasing number of industry and government regulations that require the retention of specific types of communications. With the Archiving server feature, Lync Server 2010 provides a way for you to archive IM content, web conferencing (meeting) content, or both that is sent through Lync Server 2010. This lesson covers the components and process for configuring the Archiving service and the capabilities offered by the Archiving server role. After completing this lesson, you will be able to: List the features and components of the Archiving service. Explain IM archiving. Describe conferencing compliance in Lync Server 2010. Describe archiving policy options in Lync Server 2010.
11-4
Features and Components of the Archiving Service
Lync Server 2010 communications software introduces several new features and components that enhance your ability to archive IM and meeting content for compliance purposes.
Features
The new archiving features in Lync Server 2010 include: Consolidated content management. In previous versions of Microsoft Office Communications Server, the archiving web conferencing (meeting) content and IM content was managed separately, and the archived content was stored separately. In Lync Server 2010, archiving of IM and meeting content are now consolidated as follows: Archiving policy settings for both IM and meetings are unified to make administration easier. The core archiving store now consolidates IM content and web conferencing attendee entries and exits. The content of meeting handouts is still stored on a separate file share.
Searchable transcript of archived information. Lync Server 2010 provides a new session export tool that you can use by running a Lync Server 2010 cmdlet (commandlet). The tool creates a searchable transcript of archived content. Included in this transcript is IM content, meeting attendee entries and exits, and links to files that were shared during the web conferences. Per-user settings honored for conferences. Per-user archiving settings in Lync Server 2010 are honored for all types of conferences. If a users activity is being archived, all of the IM meeting content in IM conferences and web conferences that the user participates in is archived. New policy settings. Lync Server 2010 includes new policy settings that can be used to disable Lync Server 2010 features that cannot be archived. This includes annotation, application sharing, and peer-to-peer file transfers. This feature helps ensure that all of your users communications are archived, if this is required for compliance.
11-5
Components
The Archiving service includes the following three components: Archiving agents. The agents are responsible for capturing the messages to be archived and sending them to the destination queue on the Archiving server. These agents are installed and activated automatically on every Front End pool and Standard Edition server. Agents on the Front End pool are activated automatically. However, no messages are captured unless an Archiving server is deployed and associated with that Front End pool or Standard Edition server and archiving is enabled. Archiving can be enabled at the global level, at a site level, or for specific users. Archiving server. This is the server role that reads the messages from the archiving agents on the Front End servers and writes them to the Archiving back-end database. The Archiving server can be collocated with the Monitoring server role. Archiving server back-end database. This database runs on Microsoft SQL Server and stores the archived messages. The database can be collocated on the same computer as the Archiving server, or it can be on a different computer. Message Queuing (MSMQ). The Monitoring service requires that message queuing is installed on each Monitoring server and each Front End server that reports data to the Monitoring server. Message queuing must be installed in Active Directory Domain Services (AD DS) integration mode.
11-6
IM Archiving
If you deploy an Archiving server and associate it with Front End pools, you can set it to archive instant messages and conferences and specify the users for which archiving is enabled. When you deploy an Archiving server, a global policy is created by default. You can use the global policy to enable archiving of internal communications (communications between internal users) and external communications (communications that include at least one non-internal user). You can also specify the users for whom archiving is enabled by creating policies for specific users or sites. If archiving is enabled for at least one user, you can archive the instant messages from their multiparty conferences, even if not all users in the conference have been configured for archiving.
11-7
Conferencing Compliance
Lync Server 2010 consolidates conferencing compliance storage and management to make it easier for you to administer. In Office Communications Server, the archiving of IM content and web conferencing (meeting) content was managed and stored separately. In Lync Server 2010: Archiving policy settings for both IM and meetings are unified for easier administration. The core archiving store consolidates IM content and web conferencing attendee entries and exits. (The content of meeting handouts is still stored on a separate file share.)
Note: Archiving of internal or external communications is not enabled by default. When you enable archiving for a particular user, all of the instant messages and meeting content in both IM conferences and web conferences that the user participates in are archived. Group conferences are archived if one of the following policies is configured to enable archiving: At least one of the participants has a user policy configured to require archiving. The global policy or a site policy is configured to enable archiving of all group conferencing.
Content That Is Archived

Content that is archived includes the following: Content of peer-to-peer instant messages Content of multiparty instant messages Content of web conferences, including uploaded content (such as handouts) and events (such as joining, leaving, uploading sharing, and changing visibility)
11-8
Content That Is Not Archived

Content that is not archived includes the following: Peer-to-peer file transfers Content of audio/video (A/V) sharing sessions Content of application sharing sessions Web conferencing annotations and polls
Note: You can record A/V and/or application sharing in the Lync 2010 client.
11-9
Archiving Policy Options
You can control the scope of archiving for your organization by configuring policies at three levels: Global Site User
For each archiving policy, you can specify whether to archive only IM sessions or to archive both IM and conferencing sessions.
Global Archiving Policy

A default global archiving policy is automatically created when you deploy the Archiving server role. The global policy applies to all users and sites in your deployment. The global policy specifies whether to enable archiving of internal communications, external communications, or both. The global policy can specify that instant messages from all multiparty conferences are archived, even if you have set archiving policies for specified users and sites. Note: By default, archiving is not enabled for either internal communications or external communications. Also, the global policy cannot be deleted.
Site Archiving Policy

You can enable archiving support for specific sites. For example, to enable archiving support for a small number of sites, you can set the global archiving policy to not archive internal or external communications, and then you can create a site policy for each site in which you want to enable archiving. As with the global policy, you decide whether to enable archiving of internal communications, external communications, or both.
11-10
User Archiving Policy

You can choose to enable or disable archiving support for specific users. As with global and site policies, you can specify whether to enable archiving of internal communications, external communications, or both. For example, to disable archiving support for specific users at a site, you could: Set the global archiving policy to not archive internal and external communications. Create a site policy for the site to enable archiving for the site. Create a user policy that disables archiving support for the users.
If you create both site and user policies, user policies override site policies.
11-11
Lesson 2
Describing the Monitoring Service
In Lync Server 2010, the Monitoring server collects performance metrics and provides you with reporting capabilities to help ensure the quality of your Lync Server 2010 communications system. This lesson covers the Quality of Experience (QoE) and Call Detail Records (CDR) features and the capabilities offered by the Monitoring service in Lync Server 2010. After completing this lesson, you will be able to: List the features and components of the Monitoring service. Explain QoE and CDR. Describe the SQL Server Reporting features with QoE. Describe the monitoring policy options in Lync Server 2010.
11-12
Features and Components of the Monitoring Service
In Lync Server 2010, the Monitoring server is a server role that collects data that describes the media quality on your network and endpoints that are involved in communications sessions through your Lync Server 2010 deployment. It collects usage information related to: Voice over Internet Protocol (VoIP) calls IM messages A/V conversations Meetings Application sharing File transfers Error and troubleshooting information
Components
The Monitoring service includes the following six components: Data collection agents. The CDR and QoE agents are installed automatically on every Front End server. These agents intercept Session Initiation Protocol (SIP) messages and send data to the destination queue on the Monitoring server. The QoE agent receives QoE data reports from endpoints by means of SIP SERVICE requests, and sends the data to the destination queue on the Monitoring server. The data can also be sent to third-party consumers by using Hypertext Transfer Protocol (HTTP) POST. Monitoring server. The server itself receives data from the CDR and the QoE collection agents by way of message queuing and records it to the SQL Server Monitoring server database. Monitoring server databases. To store and collect captured data, the Monitoring server requires databases that use SQL Server. The databases can be collocated on the same computer as the Monitoring server, or on a different computer. Separate databases are required for CDR and QoE information. They both always run on the same instance of SQL Server.
11-13
Message queuing. The Monitoring service requires that message queuing is installed on each Monitoring server and each Front End server that reports data to the Monitoring servers. Message queuing must be installed in AD DS integration mode. Microsoft Systems Center Operations Manager (SCOM) Management Pack. This is an optional component. The Call Reliability and Media Quality Monitoring component of SCOM uses Monitoring server CDR and QoE data to generate near real-time alerts showing the health of call reliability and media quality. Monitoring Server Reports. This is also an optional component. It contains out-of-the-box reports on usage, call diagnostic information, and media quality information based on the data stored in the CDR and QoE databases. The reports are generated by using SQL Server Reporting Services.
Supported Topologies
Each Monitoring server can capture data from one or more Enterprise Edition pools, and Standard Edition servers. When you deploy a Monitoring server, you associate it with the pools or servers that it is to monitor. The following figure illustrates two possible Monitoring server topologies.
Supported Collocation
You can collocate the Monitoring server and the Monitoring server databases on the same server or install them on separate servers. However, scalability should be considered before you decide to collocate the Monitoring server or its databases with other server roles or databases. A Monitoring server can be collocated with an Archiving server. If the Monitoring server and Archiving server are collocated, their databases can be hosted on that same server as well, or can be located together on another server, or separated onto different database servers. The server hosting the Monitoring server databases can also host other databases. The following scenarios are supported: Monitoring server databases collocated with one or more other Lync Server 2010 databases (including the back-end database, Archiving database, and Response Group application database, for example). Monitoring server databases collocated with databases of third-party products.
11-14
Quality of Experience and Call Detail Recording
In Lync Server 2010, QoE records capture numerical data that indicates the media quality in calls and sessions. CDRs capture usage and diagnostic information. In Lync Server 2010, both CDR and QoE functionality is enabled by default when you deploy the Monitoring server role.
QoE
QoE records not only capture numerical data about the quality of calls on your network, but also capture information about participants, device names, drivers, IP addresses, and endpoint types involved in calls and sessions, and more. These quality metrics are collected at the end of every VoIP call and every video call from the participant endpoints, including IP phones, Lync Server 2010, some legacy clients, and A/V Conferencing servers and Mediation servers. For Mediation servers, metrics are gathered from both the leg between the Mediation server and UC endpoints, and the leg between the Mediation server and the media gateway. You can run the following query against the QoEMetrics database to get jitter and packet loss average for all audio streams.
selectavg(cast(JitterInterArrival as bigint)) as JitterAvg, avg(PacketLossRate) as PacketLossRateAvg from AudioStream
CDR
CDRs capture usage information related to VoIP calls, IM messages, A/V conversations, meetings, file transfers, application sharing, and remote assistance. Note. The actual content of IM messages is not captured in CDR data. To preserve IM content for compliance reasons, use the Archiving server feature.
11-15
CDR data is frequently used for billing purposes and is therefore very important in many deployments. In Lync Server 2010, CDR data is captured for both peer-to-peer and multiparty conferences. The CDR database in Lync Server 2010 includes new usage and diagnostic data for Lync Server 2010 features, including conferencing, registration, and device diagnostics. There is also comprehensive data for usage tracking and voice-quality diagnostics. For example, using SQL Server Management Studio, you can run the following query against the LcsCDR database to find the total number of conferences that used Meeting Console.
select COUNT(*) as 'Live Meeting Count' from ( SELECT distinct c.SessionIdTime, c.SessionIdSeq fromMcuJoinsAndLeaves as mj inner join Mcus m on m.McuId = mj.McuId inner join Conferences c on c.SessionIdTime = mj.SessionIdTime and c.SessionIdSeq = mj.SessionIdSeq inner join UriTypesut on ut.UriTypeId = m.McuTypeId whereut.UriType= 'conf:data-conf' ) tmp
11-16
SQL Server Reporting Services
Lync Server 2010 uses Microsoft SQL Server Reporting Services to publish Monitoring Server Reports. These reports are published to a web server where you can read them with a browser. You also have the ability to schedule the delivery of reports in email. The Monitoring server contains a standard set of reports that are used to describe the data and define the report that will be created by the SQL Server Reporting Services.
Installing SQL Server

To use the SQL Server reports, you must install SQL Server on the computer that hosts the Monitoring server database. The database engine component of SQL Server is required to run the database. The Reporting Services component of SQL Server is required to run the reports. The two components do not have to reside on the same logical server. You must install the Monitoring Server Reports on the instance of SQL Server running the Reporting Services. Lync Server 2010 supports the following 64-bit versions of SQL Server: Standard or Enterprise Edition of SQL Server 2005 with Service Pack 3 (SP3) Standard or Enterprise Edition of SQL Server 2008 with Service Pack 1 (SP1)
11-17
Verifying the Web Service URLs

After deploying Reporting Services, you need to verify that the Reporting Services web services URLs, which are used to view the Monitoring Server Reports, are working correctly. To verify that the URLs work: 1. 2. 3. Open Reporting Services Configuration Manager from the SQL Server Configuration Tools. Connect to your instance of Reporting Server. On the Web Services URL page, click the URLs listed under Report Server Web Service URLs to verify that the link can be opened.
You deploy Monitoring Server Reports to this link. You are given the option to use either HTTP or HTTPS to deploy reports. If both are available, Reporting Services are installed to HTTPS.
11-18
Monitoring Policy Options
You can configure Monitoring server settings for CDR and QoE by using the Lync Server Control Panel or Lync Server Management Shell cmdlets. Your options include whether monitoring is enabled or disabled, whether monitoring is applied at the global or site level (you cannot set monitoring policy at the user level), and the length of data retention.
Configuring Monitoring Server Using the Lync 2010 Control Panel

To configure the Monitoring server: 1. 2. Open Lync Server Control Panel. Click Monitoring and Archiving and do the following: Click the Call Detail Recording tab to enable or disable Call Detail Recording and configure Call Detail Recording purging settings. Click the QoE Data tab to enable or disable QoE and configure QoE purging settings (as seen on the slide).
Configuring Monitoring Server Using the Lync 2010 Management Shell

Whether you use the Management Shell or Control Panel is purely a matter of preference. If you prefer to use the Management Shell, you can use the following cmdlets to configure the Monitoring server: To configure CDR settings, use the following cmdlets.
New-, Set-, Get- and Remove-CsCdrConfiguration
To configure QoE settings, usethe following cmdlets.

New-, Set-, Get- and Remove-CsQoEConfiguration
11-19
Lesson 3
Configuring Archiving and Monitoring
To enable archiving of IM and web conferencing content that is sent through Lync Server 2010, you must deploy the Archiving server. To enable CDR and QoE data collection and reporting, you must deploy the Monitoring server. This lesson covers the steps required for implementing the Archiving and Monitoring service for Lync Server 2010. After completing this lesson, you will be able to: Identify the steps for implementing the Archiving service. Configure the Archiving service. Identify the steps for implementing the Monitoring service. Configure the Monitoring service.
11-20
Implementing the Archiving Service
Before you can configure and use archiving, you must first install the Archiving server and connect it to the back-end Archiving store. You also need to define the policies that specify how archiving is implemented in your organization.
Scope
You can specify policies to control the archiving of specific content at the global, site, and user levels. Your scope includes which policies are required, and whether archiving is to be enabled for internal communications, external communications, or both, as well as which workloads are to be archived.
Critical Mode
You can specify that the Archiving server should run in critical mode if archiving is mission-critical in your organization. In critical mode, if instant messages and conferencing content cannot be archived, Lync Server 2010 blocks specific functionality. For example: If the Archiving service is temporarily unable to send a message to the database queue or insert a message into the database, IM and conferencing functionality are both blocked until archiving support is restored. If a web conferencing user uploads a file, but the file cannot be copied to the archiving file store, conferencing functionality is blocked until the problem is resolved. IM functionality, however, is not blocked.
The blocking of IM and conferencing does not affect any other Lync Server 2010 feature and functionality because it is primarily intended to ensure that compliance requirements are met.
Long-Term Archival
The archiving database is not intended for long-term retention. Therefore, data needs to be periodically moved to other storage locations.
11-21
Lync Server 2010 provides a session export tool that you can use to export archived data and create searchable transcripts of the archived data. The Lync Server 2010 Data Session Export Tool can create searchable transcripts of archived data. The session export tool can be used to do the following: Create transcripts from archived data such as multi-part email messages as a multi-part MIME formatted Microsoft Office Outlook Express Electronic Mail (EML) format .eml file. The content consists of the IM or conference transcript, the conference activity file (as an attachment), and uploaded conference files, including handouts (as attachments). Transcripts can be created for all users or specific users. Mark records that have been exported as safe to delete.
The Data Session Export Tool creates a single transcript for each completed communications session that occurred within the specified date range that is specified. To run the Data Session Export Tool, you use the following Lync Server 2010 cmdlet.
Export-CsArchivingData -DBInstance<Database\Instance> -StartDate "10/1/2010 12:00:00" EndDate "1/1/2011 12:00:00"-OutputFolder d:\arch_export
Purge Mode
You can specify if archiving data should be purged. By default, purging is not enabled. If you enable archiving data purge mode, you must specify one of the following options: Purge archiving data after a specific number of days regardless of whether it has been exported. The minimum number of days is 1, the maximum is 2562 days. Purge archiving data only after it is exported. This option purges those records that have been exported by the session export tool and marked as safe to delete.
You configure purge settings by using the Archiving Configuration tab in Lync Server Control Panel.
11-22
Configuring the Archiving Service
The Lync Server Deployment Wizard uses the configuration file generated by Topology Builder to install the necessary files and set up the Archiving server. The process that the Deployment Wizard takes you through for installing the Archiving server and starting the Lync Server Archiving services is: 1. 2. 3. Install the local configuration store. Set up Lync Server 2010 components, as specified in the XML configuration file. Start the Lync Server 2010 Archiving service.
Configuring Archiving Policies

Next, you configure Archiving policies by using the Archiving Policy tab of Lync Server Control Panel. You can use the default global policy, or you can configure specific policies to control whether archiving is enabled for sites and users. For each site that you have deployed, you can create an archiving policy to control whether archiving is enabled or disabled for internal communications, external communications, or both. The configuration in the site policy overrides the global policy, but only for that specific site covered by the site policy. For example, if you enable archiving of internal and external communications in the global policy, you might specify a site policy that disables it for internal communications, external communications, or both for that one site. Note: You cannot delete the global policy. If you attempt to delete it, the configuration resets to the default values.
11-23
Creating a User Policy for Archiving

Configuring per-user archiving policies is optional. However, if you deploy per-user policies, you must explicitly assign them to users, groups, or contact objects. Archiving requirements automatically default to those defined in the global-level conferencing policy when no specific site-level or per-user policy is assigned. You can create an archiving policy to control whether archiving for specific users is enabled or disabled for internal communications, external communications, or both. The configuration in the user policy overrides the global policy and site policies, but only for the specific users covered by the user policy. For example, if you enable archiving of internal and external communications in the global policy, you might specify a site policy that disables it for internal communications, external communications, or both for that one site. You could then specify a user policy that enables archiving for a specific group of users at that site.
11-24
Implementing the Monitoring Service
The following five steps are required to deploy the Monitoring server role and configure the Monitoring service: 1. 2. 3. 4. 5. Install and configure message queuing for the Monitoring server. Install SQL Server and Microsoft SQL Server Reporting Services and verify the Reporting Services web service URLs. Define a Monitoring server topology by using Topology Builder, and then publish the topology. Install the Monitoring server by using the Lync Server Deployment Wizard. Deploy Monitoring Server Reports to an instance of SQL Server Reporting Services.
Step 1: Install and Configure Message Queuing for the Monitoring Server
The Monitoring server databases use message queuing to pass QoE data to the Monitoring server. Message queuing ensures the reliability of data transfer because, if the service is not running on the Monitoring server, or if the sever is rebooting, the QoE message remains on the originating server until the message can be delivered. Before deploying a Monitoring server, you must install message queuing and enable Directory Service Integration on the following servers: Monitoring server Each Front End server from which a Monitoring server will collect data
Step 2: Install SQL Server and Microsoft SQL Server Reporting Services
SQL Server is required for the Monitoring server to store the collected QoE and CDR data. Monitoring server describes this data by using a standard set of reports published by SQL Server Reporting Services. To view these reports, you must install an instance of SQL Server Reporting Services. Install SQL Server on the computer that will host the Monitoring server database. This can be a dedicated database server, or it can be collocated on the same computer that runs the Monitoring server.
11-25
Note: SQL Server Express Edition is not supported. You should install the same versions of SQL Server Reporting Services and SQL Server. For details about SQL Server, see the SQL Server Tech Center at http://go.microsoft.com/fwlink/?LinkId=129045. For details about SQL Server Reporting Services, see Considerations for Installing Reporting Services at http://go.microsoft.com/fwlink/?LinkID=131042. You can configure the reporting service while installing the SQL Server Reporting Services, or you can use the Reporting Services Configuration Tool to configure the report server after installation is complete. For more information, see Reporting Services Configuration Tool at http://go.microsoft.com/fwlink/?LinkId=204090 and Reporting Services Configuration How-to Topics at http://go.microsoft.com/fwlink/?LinkId=187488.
Verify the Web Service URLs

After deploying SQL Server Reporting Services, you should verify that the Reporting Services web service URLs are working correctly. These URLs are used to view the Monitoring Server Reports. You have the option to use either HTTP or HTTPS to deploy the reports. SQL Server Reporting Services will be installed to use HTTPS if both are available. For more information, see How to: Verify a Reporting Services Installation at http://go.microsoft.com/fwlink/?LinkId=187490.
Step 3: Add the Monitor Server to the Topology

Before you can deploy a Monitoring server, you must use Topology Builder to add the Monitor server and the required database or database instance to your internal topology, and then publish the new topology. You can use the same database server defined previously in an Enterprise Edition deployment, but you must specify separate instances for your database to be supported. Topology Builder is also used to configure the Front End pools that are associated with the Monitoring server.
Step 4: Install the Monitoring Server

The Lync Server Deployment Wizard uses the configuration file generated by Topology Builder to install the Monitoring server role.
Step 5: Deploy Monitoring Server Reports

You must also deploy the Monitoring Server Reports by using the Lync Server Deployment Wizard. However, you must ensure that you have appropriate permissions. The minimum set of permissions must include local server administrator, domain user, RtcUniversalServerAdmins, and monitoring database (SQL Server Reporting Services) read/write permissions.
11-26
Configuring the Monitoring Service
As mentioned earlier in this module, you can configure Monitoring server settings for CDR and QoE by using either Lync Server Control Panel or Lync Server Management Shell cmdlets. Most people choose to use Control Panel for its ease of use, unless a given task can be simplified through scripting automation. The types of settings you can configure for the Monitoring server includes specifying whether CDR and QoE is enabled or disabled, and specifying the data retention period.
Data Purge
By default, both CDR data and QoE data is purged after 60 days. You can specify whether you want to retain the data for a longer or shorter period of time. If you disable either CDR or QoE, data that was captured while CDR or QoE was enabled will also be subject to purging. Note: You should configure CDR and QoE to retain data for the same number of days. Each call in the Call Detail Reports, available from the Monitoring Server reports homepage, includes CDR and QoE information. If the purging duration for CDR and QoE is different, some calls may only include CDR data, while others may only include QoE data.
11-27
Lab: Configuring and Using Archiving and Monitoring in Lync Server 2010
Fabrikam management, in consultation with the legal department, has decided to deploy the Monitoring and Archiving server roles for quality control and compliance reasons. The roles have already been deployed and now have to be configured. Fabrikam management also wants to configure SQL Server Reporting and deploy Lync Server 2010 Monitoring reports. They would like to enable archiving for the organization by default, but also have a private archiving policy that does not archive any sessions that can be applied for specific users. They would also like to retain archived IM and web conferencing sessions in Miami for 60 days, Redmond for 7, and to not archive at all in Rome. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

This lab requires the virtual machines running from the previous lab and depends on the completion of Lab 5 through 10.The virtual machines are configured to automatically logon as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd
11-28
MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
5.
6.
7.
8.
9.
11-29
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings. 19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 23. In the User name box, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes.
11-30
39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
11-31
Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed. Virtual Lab Environment topology diagram:
11-32
Exercise 1: Configuring the Archiving Server Role

Scenario
In this exercise, you will configure the Archiving Server role for Fabrikam. This will include configuring the global archiving policy and creating a user archiving policy. You will also create site archiving configurations for each of the three sites. The main tasks for this exercise are as follows: 1. 2. 3. 4. Configure Archiving policy settings. Edit and create site archiving configurations. Generate traffic to be archived. View archived data by using SQL Server Management Studio.
IMPORTANT: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Configure Archiving policy settings.

1. 2. 3. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to enable archiving of internal and external communications. Use the Lync Server Management Shell or Lync Server Control Panel to create a user Archiving policy called Fabrikam Private Archiving Policy that does not archive internal or external communications. Use the Lync Server Management Shell or Lync Server Control Panel to assign the Fabrikam Private Archiving Policy to Tzipi.
Task 2: Edit and create site archiving configurations.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to edit the global archiving configuration that archives IM and web conferencing sessions and blocks IM or web conferencing sessions if archiving fails. Use the Lync Server Management Shell or Lync Server Control Panel to create a Miami site archiving configuration that archives IM and web conferencing sessions and purges archived data after 60 days. Use the Lync Server Management Shell or Lync Server Control Panel to create a Redmond site archiving configuration that archives IM and web conferencing sessions and purges archived data after 7 days. Use the Lync Server Management Shell or Lync Server Control Panel to create a Rome site archiving configuration that disables archiving of IM and web conferencing sessions.
2. 3.
4.
Task 3: Generate traffic to be archived.

1. 2. 3. 4. Sign out of Lync 2010 on MIA-CL1 and RED-CL2. Log off of ROM-CL3 as Marcel, and log back on as Anna. On MIA-CL1, sign in to Lync 2010 as Andreas, on RED-CL2, sign in to Lync 2010as Tzipi, and on ROMCL3, sign in to Lync 2010as Anna. Create multiple IM and web conferencing sessions between the three clients. Ensure that you have a web conference between Anna and Andreas only and that you upload content to the conference.
11-33
Note: There is a profile on ROM-CL3 for Fabrikam\Anna and a profile on RED-CL2 for Fabrikam\Conor. 5. 6. 7. Log off of ROM-CL3 as Anna, and log back on as Marcel, and then sign in to Lync 2010 as Marcel. Log off of RED-CL2 as Tzipi, and log back on as Conor, and then sign into Lync 2010 as Conor. Have more IM and web conferencing sessions between the three clients.
Task 4: View archived data by using SQL Server Management Studio.

1. 2. Use SQL Server Management Studio to query and retrieve archived data. On MIA-LS1, open Windows Explorer, navigate to C:\FileShare\1-ArchivingServer-1\DataConf, and view the data in this directory. Results: After this exercise, you should have configured archiving settings, including polices and configurations for Fabrikam. Following this, you should have generated some IM and web conferencing traffic to get archived. Lastly, you will have reviewed different ways of viewing the archived data.
11-34
Exercise 2: Configuring the Monitoring Server Role and the Lync Server Monitoring Reports
Scenario
In this exercise, you will configure the Monitoring server role that has already been installed. You will first verify that the Monitoring policy for CDR and QoE has been enabled by default and that all services are running. You will then configure SQL Server Reporting Services and deploy monitoring server reports. The main tasks for this exercise are as follows: 1. 2. 3. Verify the Monitoring server configuration. Configure SQL Server Reporting Services. Deploy the Lync Server Monitoring Reports.
Task 1: Verify the Monitoring server configuration.

1. 2. 3. On MIA-LS1, use Lync Server Control Panel to verify that monitoring of call detail recording and CDR purging have been enabled on the Global CDR Monitoring policy. Use Lync Server Control Panel to verify that monitoring of QoE data and QoE purging has been enabled on the Global QoE Monitoring policy. On MIA-AM1, use the Services console to verify that all Lync Server 2010 services are running. If not, start them.
Task 2: Configure SQL Server Reporting Services.

1. On MIA-SQL1, use the Reporting Services Configuration Manager to configure a certificate for the web service URL. A certificate called MIA-SQL1.Fabrikam.com has already been requested and imported.
Task 3: Deploy the Lync Server Monitoring Reports.

1. On MIA-LS1, use the Lync Server Deployment Wizard to deploy the Monitoring Server reports. Use Fabrikam\Administrator for the credentials and use RTCUniversalReadOnlyAdmins for the readonly Group. Results: After this exercise, you should have verified that the Monitoring CDR and QoE features are already enabled. Then, you should have configured a certificate for the SQL Server Reporting Services and then deployed the Lync Server Monitoring Reports.
11-35
Exercise 3: Exploring the Lync Server Monitoring Reports

Scenario
In this exercise, you will connect to the SQL Reporting Service URL and view various reports. You will view reports from a number of reporting groups to gain awareness about the amount of detail that is collected by the Monitoring server. You will export a report to different formats and also view the Dashboard. You have the option to create a custom report by adjusting the reporting options on any existing report. The main tasks for this exercise are as follows: 1. 2. Connect to Lync Server Monitoring Reports and review the Dashboard. Review various CDR and QoE reports.
Task 1: Connect to Lync Server Monitoring Reports and review the Dashboard.
1. 2. On MIA-LS1, use Lync Server Control Panel to open the Monitoring Server Reports. Connect to the Monitoring Server Reports URL and review the Dashboard. Note: If you get an error connecting to the Dashboard, perform the following tasks: 1. On MIA-SQL1, open SQL Server Management Studio and connect to the default instance. 2. 3. 4. 5. 3. Change the Database from Master to LcsCDR. Click New Query. In the Query window, type dbo.RtcGenerateSummaryTables, and then click Execute. The command is case sensitive. Repeat these steps, changing the database from LcsCDR to QOEMetrics. View the collected data on the Dashboard. 4. System usage data Per-user call diagnostics data Call diagnostics data Media quality diagnostics data
Change to the monthly view and review.
Task 2: Review various CDR and QoE reports.

1. 2. 3. 4. 5. 6. Review the various System Usage Reports. Review the Call Diagnostic Reports (Per User). Review the Call Diagnostic Reports. Review the Media Quality Diagnostic Reports. Notice the different formats the reports can be exported to, such as XML, Word, or PDF, and then export a report to the Word format and open it on one of the clients by using Word. Create a custom report by editing the report parameters at the top of the page.
11-36
Results: After this exercise, you should have reviewed the collected CDR and QoE data displayed on the Dashboard. You should have also reviewed several reports from each of the four categories of reports, including manipulating the data displayed and understanding how to export the reports to different formats.
11-37
Review Questions
1. 2. 3. What Lync Server 2010 server role is responsible for storing call detail records (CDRs)? What types of content cannot be archived? What infrastructure components are required in order to install the Lync Server 2010 Monitoring server role?
Common Issues
Issue IMs are not being archived. Call quality is reported as consistently poor for some calls. Troubleshooting tip Ensure that the MSMQ service is running on all servers and that the queue name is correct. Look for high latency (>100ms) and jitter (look at Degradation jitter average) on affected calls; look for common traits such as hardware and connection type.
Call quality is reported as very poor Look for bursty loss (burst density, burst length) on calls. for a small portion of some calls.
11-38

1. 2. Contoso is currently subject to e-discovery litigation and must ensure that all IM conversations are archived. In addition to configuring archiving, what should Contoso do to ensure compliance? Fabrikam is interested in measuring the overall quality of Enterprise Voice calls for users in a branch site in order to determine whether to place a direct connection to the Public Switched Telephone Network (PSTN) in that location. What should Fabrikam compare to get an overall indication of the quality of the calls? Wingtip Toys would like to archive IM conversations, but the company is concerned about the server hosting the Archiving role. They would like to be able to reboot the server from time to time during production hours. When the server reboots, will Wingtip Toys lose data in the archive? Why or why not?
3.
High Availability and Disaster Recovery in Lync Server 2010
12-1
Module 12
Contents:
Lesson 1: High Availability Options Lesson 2: Tools for Backing Up and Restoring Lync Server 2010 Lesson 3: Critical Lync Server Data to Export and Import Lesson 4: Critical Lync Server 2010 Data to Export and Import Lab: Preparing for and Recovering from a Disaster 12-3 12-14 12-18 12-23 12-28
12-2
Module Overview
After you migrate voice communications to Microsoft Lync Server 2010, you should provide high availability and disaster recovery procedures that minimize downtime, speed recovery, and achieve the appropriate level of application availability in the event of a failure. This module describes the requirements for high availability as well as the requirements for the new Domain Name System (DNS) load balancing feature. This module also discusses the tools and methods for successfully backing up and restoring a Lync Server 2010 environment. Finally, this module discusses how to back up and restore, and export and import, critical Lync Server 2010 data.
Objectives
After completing this module, you will be able to: Describe the high availability options in Lync Server 2010. Describe the tools for backing up and restoring Lync Server 2010 data. Back up and restore critical Lync Server 2010 data. Export and import critical Lync Server 2010 data.
12-3
Lesson 1
High Availability Options
This lesson describes the high availability options in Lync Server 2010, such as the enterprise server role deployment, scaled server role deployment, and load balancing. The lesson also describes the possible infrastructure options needed to provide additional fault tolerance.
Objectives
After completing this lesson, you will be able to: Describe high availability in the enterprise server role deployment. Describe high availability in the scaled server role deployment. List the requirements for hardware load balancing. List the requirements for DNS load balancing. Configure Microsoft SQL Server failover clustering.
12-4
The Enterprise Server Role Deployment
The enterprise server role entails multiple Front End servers with a SQL Server Back End server. Each Front End server running Lync Server 2010 runs one or more server roles. You should install only the server roles that provide the functionality that your organization needs. The Microsoft Lync Server 2010 Planning Tool can guide you in selecting the servers you need to deploy based on the features you want to use. Lync Server 2010 includes the following server options: Front End server and Back End server A/V Conferencing server Edge server Mediation server Monitoring server Archiving server Director
In general, for high availability, it is recommended that you install more Front End servers than required for the total load. This enables the system to continue to function if one server fails. The server that failed can then be patched or managed without impacting the production installation. An Enterprise pool may contain 1 to 10 Front End server members, and its size may be dynamically adjusted by updating the topology and adding and/or removing a server role as required. The Back End servers are database servers running SQL Server that provide the database services for the Front End pool. You can have a single Back End server, but an active and/or passive SQL Server cluster is recommended for failover.
12-5
Back End servers do not run any Lync Server 2010 software. If you already have an active and/or passive SQL Server cluster that you are using for other applications, you can also use this cluster for Lync Server 2010, if performance allows. Note: If you use a SQL Server cluster for Lync Server 2010, a separate instance of Lync Server 2010 is required. Information stored in the Back End server databases includes presence information, users Contacts lists, conferencing data (including persistent data about the state of all current conferences), and conference scheduling data.
12-6
The Scaled Server Role Deployment
A scaled server role deployment refers to server roles that are spread out among multiple servers. For most server roles, for the purposes of scalability and high availability, you can deploy pools of multiple servers all running the identical server role. A pool provides scalability and failover capability for your users. The Back End servers are database servers running SQL Server that provide the database services for the Front End pool. For some types of pools in Lync Server 2010, you must deploy a hardware load balancer (HLB) to distribute traffic between the various servers in the pool. For example, Front End server pools require HLBs for true high availability regardless of whether DNS load balancing is used. Mediation server pools can require HLBs depending on function and role. Edge server pools require HLBs in the event that Public IM Connectivity (PIC) and federation high availability is required. To provide high availability, deploy at least two Edge servers in a pool. A single Edge pool will support up to 10 Edge servers. If more capacity is required, you can deploy multiple Edge pools. As a general rule, 10 percent of a given user base will need external access.
Front End Server Functionality

A Front End server may include the following functionality: Inbound/outbound routing User authentication and registration Presence information and contact card exchange Address book services and distribution list expansion Instant Messaging (IM) functionality, including multiparty IM conferences Web conferencing and application sharing (if deployed) Application hosting services, for both applications included with Lync Server 2010 (for example, Conferencing Attendant and Response Group application) and third-party applications
12-7
Call Admission Control (CAC)
Additionally, one Front End pool in the deployment runs the Central Management Server (CMS), which manages and deploys basic configuration data to all servers running Lync Server 2010. The CMS also provides Lync Server Management Shell and file transfer capabilities between Lync Server 2010 servers.
12-8
Hardware Load Balancing Requirements
In most enterprises, the setup and maintenance of hardware load balancers (HLBs) are provided by a different organization than those who would manage the Lync Server 2010 environment, such as the network team. When using Lync Server 2010 with HLB, you need to ensure that all prerequisites and infrastructure requirements are met, and that the HLBs have been properly deployed before deploying your Edge servers.
Prerequisites for HLBs

An HLB for a Lync Server 2010 pool must meet the following requirements: Must expose a VIP (Virtual Internet Protocol) Must allow multiple ports to be opened to the same VIP (TCP/UDP) Must provide Transmission Control Protocol (TCP)level affinity Must provide a configurable TCP idle-timeout interval with a maximum value greater than or equal to the minimum of the REGISTER refresh or Session Initiation Protocol (SIP) Keep-Alive interval of 30 minutes Can support a rich set of metrics (round robin, least connections, weighted, and so forth); least connectionsbased load-balancing mechanism is recommended for the HLB Must detect service availability by port (often called a heartbeat, or monitor); the polling interval must be a configurable value with a minimum value of at least five seconds Must allow for adding and removing servers to the pool without shutting down If port monitoring is configured and one or more ports are generating errors in the event log, modify the port monitoring rule(s) to allow a full TCP handshake (SYN/SYN-ACK/ACK) vs. marking the service as UP if it returns a SYN-ACK (i.e., a partial TCP handshake (SYN/SYN-ACK); this is sometimes referred to as TCP-half open
12-9
Infrastructure Requirements for HLB

The infrastructure for HLBs for a Lync Server 2010 pool must meet the following requirements: The VIP must be resolvable from a single Domain Name System (DNS) A record. The VIP must be a static Internet Protocol (IP) address. The Lync Server 2010 server behind the HLB must have a registered fully qualified domain name (FQDN). The IP address registered for this FQDN must be publicly accessible from within the enterprise. The network adapter must have exactly one static IP address. This IP address will be used for the incoming load-balanced traffic.
12-10
DNS Load Balancing Requirements
Domain Name System (DNS) Load Balancing balances network traffic that is unique to Lync Server 2010, such as SIP traffic and media traffic. DNS load balancing is supported for the following: Front End pools Edge server pools Director pools Stand-alone Mediation server pools
A Front End pool that is configured to use DNS load balancing must have the two FQDNs defined within the topology and DNS. The DNS records should be created as A records rather than CNAME records: The regular pool FQDN that is used by DNS load balancing (for example, pool1.contoso.com) and that resolves to the physical IPs of the servers in the pool Another FQDN for the pools web services (for example, web1.contoso.com), which resolves to a hardware load-balanced virtual IP address of the pool
Prerequisites for Using DNS Load Balancing

Before you can use DNS load balancing, you must: Override the internal Web services pool FQDN. Create DNS A host records to resolve the pool FQDN to the IP addresses of all servers in the pool.
To override internal web services FQDN: 1. 2. 3. From the Lync Server 2010 program group, open Topology Builder. In the console tree, expand the Enterprise Edition Front End pools node. Right-click the pool, clickEdit Properties, and then click Web Services.
12-11
4. 5. 6. 7. 8.
UnderInternal web services, select the Override FQDN check box. Type the consolidated Front End pool FQDN that resolves to the hardware load-balanced virtual IP addresses of the servers in the pool. UnderExternal web services, type the external pool FQDN that resolves to the hardware loadbalanced virtual IP addresses of the pool, and then click OK. In the console tree, select Lync Server 2010, and then in the Actions pane, click Publish Topology. Start the Deployment Wizard on each Lync Server 2010 server that is impacted, and then run Setup again.
To create DNS Host (A) Records for all internal pool servers 1. For each Front End server in your pool, create a DNS Host (A) record that maps the pool FQDN to the IP address of that Front End Server. For example, if you had a pool named pool1.contoso.com and three Front End servers with IPs of 192.168.1.1, 192.168.1.2, and 192.168.1.3, you would create the following DNS entries: FQDN Pool1.contoso.com Pool1.contoso.com Pool1.contoso.com Type Host (A) Host (A) Host (A) Data 192.168.1.1 192.168.1.2 192.168.1.3
12-12
Configuring SQL Server Failover Clustering
Lync Server 2010 supports clustering for Microsoft SQL Server 2008 and Microsoft SQL Server 2005 in a minimum of two-node Active/Passive configuration. You should set up and configure the SQL Server cluster before you install and deploy the Enterprise Edition Front End server and Back End database. Important: To install and deploy the databases on the SQL Server, you must be a member of the SQL Server sysadminsrole for SQL Server on which you are installing the database files. If you are not a member of the SQL Server sysadminsrole, you will need to request that you be added to the group until the database files are deployed. If you cannot be made a member of the sysadminsrole, you should provide your SQL Server database administrator with the script to configure and deploy the databases.
Configuring SQL Clustering

The procedure for configuring SQL clustering is as follows: 1. After you complete the installation and configuration of SQL Server clustering, you define the SQL Server store in Topology Builder by using the SQL Server instance virtual cluster name (as configured in the setup for SQL Server clustering) and the instance name of the SQL Server database engine provisioned for Lync Server 2010. This is different from a single SQL Server, as you will not use the SQL Server FQDN. Note: The individual Microsoft Windows Server cluster nodes do not have to be configured. 2. If you are using Topology Builder to deploy your databases, you must be a member of the SQL Server sysadmin group. If a person is a member of the SQL Server sysadmin group but does not have privileges in the domain (for example, a SQL Server Database Administrator role), they have the permissions to create the databases but insufficient permissions to read necessary information in Lync Server 2010.
12-13
3.
Ensure that the database folder and log files folder SQL Server instance defaults are mapped correctly to the shared disks in the SQL Server cluster by using SQL Server Management Studio. This is a required procedure if you will use the option Create Databases Using Topology Builder. To install the databases to the SQL Server, do one of the following: Create databases by using Topology Builder. Create SQL Server cluster databases with Microsoft Windows PowerShell cmdlets (commenadlets). These procedures are described below.
4.
Creating Databases by Using Topology Builder

1. Open Topology Builder. Caution: The following procedure assumes that you have defined and configured your topology in Topology Builder. To use Topology Builder to publish the topology and configure the database, you must log on as a user with the correct permissions and group memberships. 2. 3. In Topology Builder, as you publish the topology, you will see the screen. Click the Advanced button. Select Database File Location has two options that determine how the database files are deployed to the SQL Server cluster. Select one of the following: Automatically determine the database file location. This selection uses an algorithm to determine the database log and data file locations based on the drive configuration on the SQL Server. The files will be distributed in such a way as to attempt to provide optimal performance. Use SQL Server instance defaults. Selecting this option installs the log and data files according to the SQL Server instance settings. After deployment of the database files to the SQL Server, your SQL database administrator may want to relocate the files to optimize performance for your particular SQL Server configuration requirements.
4.
Complete the publishing of the topology and confirm that there were no errors during the operation.
Creating SQL Server Cluster Databases with PowerShell Cmdlets

1. 2. Production SQL Server clusters typically require that logs and data files be placed strategically for performance reasons. To begin, open the Lync Server Management Shell. Run the Install-CsDatabasecmdlet to install the Topology Builder configured databases:
Install-CsDatabase -ConfiguredDatabases -SqlServerFqdn<fully qualified domain name of SQL Server cluster> -ForInstance<named instance> -DatabasePaths<logfile path>,<database file path> -Report <path to report file>
For example:
Install-CsDatabase -ConfiguredDatabases -SqlServerFqdn sqlvirt.contoso.net -ForInstance RTC -DatabasePaths "g:\rtcdynlog","h:\rtclog","i:\dbs" -Report "C:\Reports\Install-SQLCluster-DBs.htm"
12-14
Lesson 2
Tools for Backing up and Restoring Lync Server 2010
This lesson covers the native Microsoft Windows and Lync Server 2010 tools that can be used to back up and restore the critical data.
Objectives
After completing this lesson, you will be able to: Describe the Windows tools for backing up and restoring critical data. Describe the Lync Server 2010 tools for backing up and restoring critical data.
12-15
Windows Tools for Backing up and Restoring Data
Microsoft Windows PowerShell allows you to manage Lync Server 2010 from the command line. It includes a command-line environment, product-specific commands, and a full scripting language. Lync Server 2010 includes approximately 550 product-specific cmdlets that you can use to manage every aspect of your deployment. A complete list of cmdlets and their descriptions is available directly from the command line. To access the cmdlets, in Lync Server Management Shell, from the command prompt, type:
Get-Help <cmdlet name> -Full
For example, to retrieve help from the command prompt on the New-CsVoicePolicycmdlet, type the following:
Get-Help New-CsVoicePolicy -Full
12-16
Lync Server 2010 Tools for Backing Up and Restoring Data

Lync Server Management Shell is a management interface that is built on Windows PowerShell commandline interface technology. It consists of a rich set of Lync Server 2010 cmdlets that can be used for management and administration of Lync Server 2010. To run the Lync Server 2010 cmdlets, open Lync Server Management Shell. Caution: If you open a Windows PowerShell window rather than the Lync Server Management Shell, by default you will not be able to run the Lync Server 2010 cmdlets. To run the Lync Server 2010 cmdlets from within Windows PowerShell, first type the following at the Windows PowerShell command prompt: Import-Module Lync The Lync Server Management Shell is automatically installed on every Lync Server 2010 Enterprise Edition Front End server or Standard Edition server.
Response Group Export-Import Tool

Moving the Response Group configuration data from one pool to another and restoring it after a disaster are uncommon but vital scenarios to ensure business continuity. Although Windows PowerShell provides all of the pieces needed to perform these tasks, it still requires advanced scripting. The Response Group Export-Import tool simplifies these scenarios. Response Group Export-Import is a Windows PowerShell script that enhances the Lync Server Management Shell by adding two additional cmdlets to export the complete Response Group configuration from a given pool and import this configuration to another (or the same) pool. The Response Group Export-Import script populates the Lync Server Management Shell with the following two new cmdlets:
12-17
Export-CsRgsConfiguration. This cmdlet outputs a ZIP archive that contains a dump of the Response Group configuration for a given pool (passed as a parameter). Import-CsRgsConfiguration. This cmdlet indicates success or failure when importing the Response Group configuration that was generated by Export-CsRgsConfiguration to a specified pool (passed as a parameter).
To prevent major outages in case of disaster, you should perform a daily backup of the Response Group configuration. In the case of a dramatic event that destroys all the Lync Server 2010 data, the administrator can restore the full Response Group configuration as soon as the replacement servers are functional.
Topology Builder
Topology Builder facilitates the definition of a topology and its components and is essential to deployment of Lync Server 2010 servers. Topology Builder can use the Extensible Markup Language (XML) topology file provided by the Planning Tool to start the initial design of the topology, or the wizards in Topology Builder can be used to design the deployment. Lync Server 2010 publishes the Topology Builder results to a Central Management Store that is used to configure all Lync Server 2010 servers in the organization. Topology Builder enables you to export your published topology to an XML file that can be used to publish a new topology elsewhere. Note: You cannot install Lync Server 2010 servers without using Topology Builder or the XML output of the Topology Builder and manually publishing the information by using Lync Server Management Shell.
Dbimpexp.exe
Dbimpexp.exe is a database import and export tool that is used to import and export homed resources and associated data to and from the Lync Server 2010 database. It is often used to restore user information, such as user contacts from the database, usually by means of an XML file. An example is dbimpexp /hrxmlfile:"foo.xml" /sqlserver:sql1.
12-18
Lesson 3
Critical Lync Server 2010 Data to Back Up and Restore
This lesson covers the data that must be backed up and then restored in Lync Server 2010.
Objectives
After completing this lesson, you will be able to: Back up and restore SQL Server databases. Back up and restore RgsConfig. Back up and restore Call Park Service (CPS) music-on-hold files.
12-19
SQL Server Databases to Back Up and Restore
To back up or restore the SQL Server databases discussed in this section, use the SQL Server backup tools or a third-party backup solution. The following SQL Server databases should be backed up: Xds. Maintains the configuration of the current Lync Server 2010 topology as defined and published by Topology Builder. Lis. Location Information Service (LIS) data file. RTC. Persistent user data, such as access control lists (ACLs), contacts, home server or pool, scheduled conferences. RTCAb. Real-time communications (RTC) address book database that is the SQL Server repository where Address Book service information is stored. RGSConfig.Lync Server Response Group service data file for the configuration of the services. LcsLog.LcLog is the name of the archiving database. LcsCdr. Data store for the Call Detail Recording (CDR) process of the Monitoring server. QoEMetrics database. Quality of Experience (QoE) data file stored from the Monitoring server.
Note: If you back up the topology by using Topology Builder, you do not need to backup Xds. If you back up contacts by using dbimpexp, it is possible to not back up RTC; however, it is recommended.
Note: When moving the RTC or RTCDYN database, DB chaining must be re-enabled or the Front End servers cannot attach to the Back End database.
12-20
Backing Up and Restoring RgsConfig
Response Group is an Enterprise Voice call management feature. It is important to back up and restore RgsConfig before changes are made, and as a best practice for disaster preparedness. This section describes how to back up and restore RgsConfig.
Backing UpRgsConfig
Lync Server 2010 includes Windows PowerShell scripts that can be used to backup Response Group Service files. These scripts must be manually loaded into memory prior to use. They are located on the installation media at \Support\RgsImportExport.ps1. To load the module, in the Lync Server Management Shell, type the following command and then press Enter:
Import-Module F:\Support\RgsImportExport\RgsImportExport.ps1
After the module is installed, the Export-CsRgsConfiguationcmdlet is available. To run the ExportCsRgsConfiguationcmdlet, type the following command and then press Enter:
Export-CsRgsConfiguration Miami-ApplicationServer-1 FileName RgsBackup.zip
The RgsConfig is backed up into the RgsBackup.zip file where the command was run.
Restoring RgsConfig
Windows PowerShell scripts are also used to restore Response Group Service files. These scripts also must be manually loaded into memory and are located on the installation media at \Support\RgsImportExport.ps1. In Lync Server Management Shell, type the following command and then press Enter:
Import-Module F:\Support\RgsImportExport\RgsImportExport.ps1
12-21
After the module is installed, the Import-CsRgsConfiguationcmdlet is available. To run the ImportCsRgsConfiguationcmdlet, type the following command and then press Enter:
Import-CsRgsConfiguration Miami-ApplicationServer-1 FileName RgsBackup.zip
RgsConfig is now restored.
12-22
Backing Up and Restoring CPS Music Files
Backing Up CPS Music Files (Optional)

Custom music-on-hold files are stored in the file system configured in the Lync Server 2010 topology (Application server). The location of the files may vary, but the files can be located from the Lync Server Management Shell by using the following command:
Get-CsService ApplicationServer
This command returns the various Application servers in the Topology. Select AppServerserviceID and then use it in the following command (Miami-ApplicationServer-1):
(Get-CsService ((Get-CsService ApplicationServer| ?{$_.ServiceId eq MiamiApplicationServer-1}).FileStore)).UncPath
This command returns the information Universal Naming Convention (UNC) path of the Application server (\\mia-sql1\mcs) where the music-on-hold file is stored (\\mia-sql1\mcs\Miami-ApplicationServer1\AppServerFiles\CPS\CpsMoH.wma). Because this is a simple file, it can be backed up by using any backup method.
Restoring CPS Music Files

Backed-up music-on-hold files can be restored by simply copying and pasting the files back into their original location.
12-23
Lesson 4
Critical Lync Server 2010 Data to Export and Import
This lesson covers the data that must be exported and then imported in Lync Server 2010.
Objectives
After completing this lesson, you will be able to: Export and import Lync Server 2010 Config. Export and import Location Information Server (LIS) Config. Export and import user data.
12-24
Exporting and Importing Lync Server 2010 Config
Exporting Lync Server 2010 Config

Exporting Lync Server 2010 Config entails the same process that is used when configuring an Edge server. The topology and the environmental settings (i.e., Call Admission Control [CAC] config) are stored in the exported file. The data should be exported before performing any work on the topology, or before a Lync Server 2010 role server displays a problem. The Lync Server Management Shell export command is:
Export-CsConfiguration -FileName<CMS backup file name>
Importing Lync Server 2010 Config

The Central Management Server (CMS) configuration can be restored to a new RtcLocal database by using the Lync Server Management Shell or the Deployment Wizard. To perform this procedure on a Lync Server 2010 server, either start the Lync Server 2010 Deployment Wizard or the Lync Server Management Shell.
Using Lync Server Deployment Wizard

To use the Lync Server Deployment Wizard to import Lync Server 2010 Config: 1. 2. 3. Install or update the Lync Server system. Install the local configuration store. Select the local file and then select the exported zip file.
Using the Lync Server Management Shell

To use Lync Server Management Shell to import Lync Server 2010 Config, type the following command and then press Enter.
12-25
Import-CsConfiguration -FileName<CMS backup file name> -LocalStore
12-26
Exporting and Importing LIS Config
Exporting LIS Configuration

The Lync Server 2010 Location Information Server (LIS) Configuration stores the locations defined within the Location service and their status, whether they are validated or not. The Lync Server Management Shell export command is:
Export-CsLisConfiguration -FileName<LIS backup file name>
Importing LIS Configuration

The Location configuration may be restored into a LIS database by using Lync Server Management Shell. This command can be run to restore changes made to the LIS configuration. After any changes are made to the LIS configuration, make sure to republish the settings by using Lync Server Management Shell (Publish-CsLisConfiguration). The Lync Server Management Shell import command is:
Import-CsLisConfiguration -FileName<LIS backup file name>
12-27
Exporting and Importing User Data
Exporting User Data

User data includes the user contacts, groups, and access levels set by the user. The process of backing up information to an XML file remains unchanged from Microsoft Office Communications Server 2007 R2 and Dbimpexp.exe (Database Import/Export) is still used; however, the tool included with Lync Server 2010 should be used. Dbimpexp.exe is found by default at %Program Files%\Common Files\Microsoft Communications Server 2010\Support. The command line for exporting user data is:
DBImpExp.exe /hrxmlfile:d:\Backup.xml /sqlserver:mia-sql1.fabrikam.com\rtc
Importing User Data

A users personal contact list, contact groups, and privacy relationships can be restored at any time by using the Dbimpexp.exe tool. The command for importing user data is:
DBImpExp.exe /import /hrxmlfile:d:\Backup.xml /sqlserver:mia-sql1.fabrikam.com /dbname:rtc
12-28
Lab: Preparing for and Recovering from a Disaster
All Fabrikam voice communication has been migrated to the Lync Server 2010 environment and company policy requires a Disaster Recovery plan for all critical systems. The Fabrikam Infrastructure Architect has designed a solution; you must use this design and perform the necessary steps in order to provide the ability to recover in the event of a disaster. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

12-29
5.
6.
7.
8.
9.
12-30
b.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remoteaudio, click Settings. 19. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 20. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computerbox, type mia-cl1.fabrikam.com. 23. In the User namebox, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remoteaudio, click Settings. 31. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 32. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computerbox, type red-cl2.fabrikam.com. 35. In the User namebox, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window.
12-31
40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remoteaudio, click Settings. 43. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 44. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computerbox, type rom-cl3.fabrikam.com. 47. In the User namebox, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remoteaudio, click Settings. 55. Under Remote audio playback, verify thatPlay on this computer is selected. If it is not, select it. 56. Under Remote audiorecording, clickRecord from thiscomputer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computerbox, type int-cl4. 59. In the User namebox, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Passwordbox, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start. Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
12-32
12-33
Exercise 1: Using System and Application Tools to Back Up Lync Server 2010
Scenario
In this exercise, you will use the SQL Management Studio to back up critical Lync Server 2010 system databases. The main tasks for this exercise are as follows: 1. 2. 3. 4. Take a snapshot of all running virtual machines. Back up Lync Server 2010 Archiving and Monitoring databases. Back up the Lync Server 2010 Central Management Store. Create a SQL Server database maintenance plan.
Important: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server, and Lync Server 2010 services. To do so, click Start, click Administrative Tools and then click Services. In the Services console, verify that all services that are set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Take a snapshot of all running virtual machines.

1. 2. 3. On both hosts, use the Hyper-V Manager to make a snapshot of all running virtual machines. Rename the snapshot by appending Before Lab 12 to the name of the snapshots. You will take this snapshot in case any of the restore procedures in this Lab do not perform as directed.
Task 2: Back up Lync Server 2010 Archiving and Monitoring databases.

1. On MIA-SQL1, use SQL Server Management Studio to create a one-time back-up the following databases: LcsLog LcsCDR QoEMetrics ReportServer ReportServerTempDB
Task 3: Back up the Lync Server 2010 Central Management Store.

1. On MIA- SQL1, use SQL Server Management Studio to connect to MIA-LS1\RTC and create a onetime back-up the following databases: cpsdyn xds lis rtc rtcab rtcab1
12-34
rtcdyn rgsconfig rgsdyn
Task 4: Create a SQL Server database maintenance plan.

1. On MIA-SQL1, use SQL Server Management Studio to create a recurring Database Maintenance plan to check database Integrity and create a full database back up of the following databases: 2. lcslog lcscdr qoemetrics reportserver reportservertempdb
Execute the plan and verify that it completed successfully.
Results: After this exercise, you should have used SQL Server Management Studio to create one-time backup of databases on various servers and also create a recurring database maintenance plan.
12-35
Exercise 2: Using Lync Server 2010 Tools to Back Up Lync Server 2010
Scenario
In this exercise, you will use the Topology Builder, Lync Server Control Panel and Lync Server Management Shell to export various configuration settings of Lync Server 2010, such as the RGS settings, EV Settings, and the topology. You will also use the DBIMPEXP to backup user data. The main tasks for this exercise are as follows: 1. 2. 3. 4. 5. Back up the topology. Back up the Lync Server 2010 configuration. Back up the Response Group configuration settings. Back up the Enterprise Voice configuration settings. Back up user data.
Task 1: Back up the topology.

1. 2. 3. On MIA-LS1, use the Lync Server 2010 Topology Builder to save the current topology for backup. On MIA-LS1, use the Lync Server Management Shell to export the current topology for backup. Use Windows Explorer, to verify that the data was backed up.
Task 2: Back up the Lync Server 2010 configuration.

1. On MIA-LS1, use the Lync Server Management Shell to export the Lync Server 2010 Configuration as a ZIP file.
Task 3: Back up the Response Group configuration settings.

1. On MIA-LS1, use the Lync Server Management Shell to import the RGS Import and Export configurations located in C:\Program Files\Microsoft Lync Server 2010\ResKit\RgsImportExport.ps1 On MIA-LS1, use the Lync Server Management Shell to export the Response Group Configuration. Use Windows Explorer, to verify that the data was backed up.
2. 3.
Task 4: Back up the Enterprise Voice configuration settings.

1. 2. On MIA-LS1, use the Lync Server Control Panel to export the current Enterprise Voice configuration. Use Windows Explorer, to verify that the data was backed up.
Task 5: Back up user data.

1. On the clients, in Lync 2010, create several contact groups and add various users to each group. Do this for a couple of different users,ensure thatyou do this for Andreas on MIA-CL1 and for Tzipi on RED-CL2. On MIA-LS1, use the DBIMPEXP tool to create a backup of the current user data. Use Windows Explorer, to verify that the data was backed up.
2. 3.
Results: After this exercise, you should have used the Lync Server Management Shell, the Lync Server Control Panel and other tools to create backups of Lync Server 2010 configurations and settings.
12-36
Exercise 3: Restoring Lync Server 2010 Configuration Settings

Scenario
In this exercise, you will use some of the above tools to restore your environment. The main tasks for this exercise are as follows: 1. 2. 3. Restore the Response Group configuration settings. Restore the Enterprise Voice configuration settings. Restore user data.
Task 1: Restore the Response Group configuration settings.

1. 2. 3. 4. 5. On MIA-LS1, use the Lync Server Control Panel to delete the current Response Group queues and groups. Use Lync 2010 on the clients to confirm the response groups are not working as previously configured. On MIA-LS1, use the Lync Server Management Shell to import the Response Group Configuration. Use the Lync Server Control Panel to confirm the queues and groups are restored. Use Lync 2010 on the clients to confirm the restored response groups are working correctly.
Note: You may need to wait a minute or two before trying these validation steps for the configuration to be restored, and sign out and back in to Lync 2010.
Task 2: Restore the Enterprise Voice configuration settings.

1. 2. 3. 4. 5. On MIA-LS1, use the Lync Server Control Panel to delete the current Enterprise Voice configuration by deleting the Dial Plans and Routes. Use Lync 2010 on the clients to confirm enterprise voice is not working as previously configured. On MIA-LS1, use the Lync Server Control Panel to import the enterprise voice configuration settings. Use the Lync Server Control Panel to confirm the dial plans and routes are restored. Use Lync 2010 on the clients to confirm enterprise voice is working correctly.
Note: You may have to wait a couple of minutes, or sign out and back into Lync 2010.
Task 3: Restore user data.

1. 2. 3. 4. 5. On the clients, in Lync 2010, delete the groups and contact lists you previously created. On MIA-LS1, use the DBIMPEXP tool to restore the backup of the current user data for Andreas only. On MIA-CL1, logged in as Andreas, in Lync 2010, verify the groups and contact lists are restored On MIA-LS1, use the DBIMPEXP tool to restore the backup of the current user data for all of the Miami and Redmond users. On the clients, in Lync 2010, verify that the groups and contact lists are restored for the Miami and Redmond users.
12-37
Results: After this exercise, you should have used the Lync Server 2010 administrative tools to restore the data that was previously backed up.
12-38
Review Questions
1. 2. 3. 4. In an Enterprise deployment, what is the maximum number of Front End servers that you can deploy in a pool to provide for high availability? What types of information are stored in the Back End server databases? DNS load balancing is used to balance SIP and media traffic. Which of the server role pools support the use of DNS load balancing? Do Front End server pools require hardware load balancing if DNS load balancing is used?
Call Admission Control
13-1
Module 13
Contents:
Lesson 1: Overview of Call Admission Control Lesson 2: Implementing Call Admission Control Lab: Implementing Call Admission Control 13-3 13-12 13-22
13-2
Module Overview
This module discusses Call Admission Control (CAC) in Microsoft Lync Server 2010 and describes the various components of the feature. It explains how you can deploy and use CAC bandwidth management to help you prioritize and control allocation of network resources to real-time communications sessions. After completing this module, you will be able to: Describe CAC features and functionality. Configure and implement CAC.
13-3
Lesson 1
Overview of Call Admission Control
This lesson discusses how the CAC feature can be used to control and prioritize allocation of network bandwidth resources for real-time communications sessions supported by the Lync Server 2010 deployment. After completing this lesson, you will be able to: Describe CAC. Plan for creating CAC policies. Discuss CAC applicability scenarios.
13-4
What Is CAC?
In Lync Server 2010, the Call Admission Control (CAC) feature determines if there is sufficient widearea network (WAN) bandwidth available to allow real-time communications sessions, such as voice or video calls, to be established. The available bandwidth within the local area network (LAN) environments of an enterprise network is usually not a limiting factor for real-time IP-based communications such as telephony, video, and application sharing. However, network bandwidth over WAN links between sites or regions can become congested, resulting in a poor quality of experience (QoE) for end users. For real-time traffic, it is better to deny calls in congested conditions than to allow connections with poor quality. If CAC determines that a new voice or video session exceeds the bandwidth limit that you have configured for the WAN link policy, the session is either blocked or, in the case of phone calls, one of the following actions may also be taken: Reroute the call over the Internet. Reroute the call through the Public Switched Telephone Network (PSTN) or gateway. Redirect the call to voice mail.
Note: Calls that are directed to voice mail will not be denied because of bandwidth constraints. CAC controls only the voice, audio, and video real-time traffic through WAN links in the Lync Server 2010 deployment. It does not control any data traffic on the network.
13-5
Planning for CAC Policies
Planning for CAC requires gathering detailed information about your enterprise network topology and WAN capabilities. You will typically work with the network administrators in your organization to gather the required information and coordinate your CAC bandwidth-limit policies. The five high-level steps for gathering the necessary information needed to define your bandwidth policies and CAC deployment include: 1. 2. 3. 4. 5. Identify the network regions (hubs and backbones) within your enterprise network. Identify the network sites (offices or locations) within each network region. Determine the network route between every pair of network regions. Determine the bandwidth limits for each WAN link. Identify the IP subnets that are assigned to each network site.
As the Lync Server 2010 administrator, you will configure and deploy the CAC policies that are enforced by the Bandwidth Policy Service installed with every Lync Server 2010 Front End pool. The following diagram illustrates an example CAC topology. Reference this topology diagram as you identify the components that you need to identify in the five planning steps described in the following sections.
13-6
Step 1: Identify Network Regions

A network region logically represents a network hub and the collection of sites associated with that network area. A hub is usually a major site in your network topology. The hub typically provides the regional backbone for WAN interconnectivity through which sites in that network region must communicate. These regional hubs typically interconnect with one another to provide the enterprise-level backbone and the paths for interregional communication. In the example topology, there are three network regionsNorth America, EuropeMiddle EastAfrica (EMEA), and Asia-Pacific (APAC). A network region for CAC purposes includes a collection of network sites. CAC requires each network region to have a Lync Server 2010 central site. The example topology shows three network regions, each with a Lync Server 2010 central site that manages CAC decisions. Communications within a network region will continue to operate even if other central sites become unavailable. Note: Even if a central site and network site have the same name, the central site is an element of the Lync Server 2010 topology. The network site is a part of the overall network infrastructure in which the Lync Server 2010 topology resides.
Step 2: Identify Network Sites

A network site represents a location where your organization has offices, a set of buildings, or a campus. When planning for CAC, you must prepare an inventory of all your organizations offices that are on the enterprise network. Network site definitions are used for CAC, Enhanced 9-1-1 (E9-1-1), and media bypass deployments. To configure CAC, you must associate each network site with a network region. You must then create bandwidth-allocating policies to apply to bandwidth-constrained WAN connections (links) between the site and the region hub site. If you have already created the network site for other Lync Server 2010 features, you may modify an existing network site definition and apply additional feature-specific settings. In the example topology, the North America region consists of the network sites New York, Chicago, Detroit, Portland, Reno, and Albuquerque. The sites in the example topology that are not bandwidthconstrained to their regional hub are New York, Detroit, and Chicago.
13-7
The sites in our example topology that are bandwidth-constrained to their regional hub are Portland, Reno, and Albuquerque.
Step 3: Determine Inter-Regions

Network links represent the physical WAN connections between directly connected sites or regions for routing purposes. There are two inter-regional network links in our example: North AmericaEMEA AMEAAPAC
There are five network links between sites and their network region: PortlandNorth America RenoNorth America AlbuquerqueNorth America CologneEMEA ManilaAPAC.
There is one network link directly between two sites, RenoAlbuquerque
Step 4: Determine Bandwidth Limits

You need to work with your network operations team to determine how much bandwidth is available for real-time audio and video traffic across the WAN links in your topology. Bandwidth policies are typically only applied to WAN links that need to have real-time communications constrained to maintain the quality of those sessions currently running. CAC bandwidth policies profiles define how much bandwidth may be placed on the network by Lync Server 2010 for real-time audio and video modalities. CAC bandwidth policies can define any or all of the following: Maximum total bandwidth allowed for audio Maximum total bandwidth allowed for video Maximum bandwidth allowed for a single audio call (session) Maximum bandwidth allowed for a single video call (session)
Note: All CAC bandwidth values represent the maximum unidirectional bandwidth limits. For more information on optimizing bandwidth use, see the Lync Server 2010 Help file topic, Planning for Enterprise Voice, Call Admission Control, Bandwidth Utilization by Codecs and Scenario.
Step 5: Identify IP Subnets at Each Network Site

You must identify all IP subnets assigned within your enterprise network and associate them with a network site. Work with your network administrator to collect this information. Every subnet in your network must be associated with a network site, even if the network site is not bandwidth-constrained. CAC uses subnet information to determine the network site where an endpoint is located. When the locations of both parties in the session are known, CAC can determine if there is sufficient bandwidth allocation available to establish the call.
13-8
Note: If you deploy Audio/Video Edge servers, the public IP addresses of each Edge server must be associated with the network site where it is located. Each public IP address of the Edge server must be added to your network configuration settings as a single IP address subnet with a subnet mask of 32. For more information about planning and documenting your network topology for CAC, including how to estimate bandwidth requirements, see the Lync Server 2010 Help file topic, Gathering the Required Information for Call Admission Control.
13-9
CAC Applicability Scenarios
CAC has the flexibility to check various network topology elements including PSTN gateways and Private Branch Exchanges (PBXs), Multiprotocol Label Switching (MPLS) networks, and Session Initiation Protocol (SIP) trunks.
CAC for PSTN Gateway or Third-Party PBX with Media Termination Point
CAC can be deployed on the link between the Mediation servers gateway interface and the third-party PSTN gateway or PBX with media termination point (MTP). In the latter case, the IP address of the PBX with MTP is configured on the Mediation server as the next hop, and CAC is applied between the Mediation server and the PBX/MTP. For each session, two CAC checks are performed:
13-10
Between the Lync client application and the Mediation server Between the Mediation server and the PSTN gateway
CAC for Third-Party PBX without MTP

If there is no MTP on the third-party PBX for an outgoing session request, the Mediation server does not know where media will terminate in the PBX boundary. In this case, the media flows directly between the Mediation server and the third-party endpoint device. If a Lync 2010 client user at Network Site 1 places a call to a user through the PBX, the Mediation server is able to perform CAC checks only on the proxy leg (between the Lync 2010 client application and Mediation Server). After the session is established, however, the Mediation server facilitates accounting for the bandwidth utilized on the trunk. For calls that originate from the third-party endpoint, the information about that endpoint device is available at the time of session request, and a CAC check can be performed on both sides of the Mediation server.
CAC for MPLS Networks
This figure shows a simple network using an MPLS cloud for network links between sites. Sites are connected by a full-mesh cloud and can communicate directly with any other site on the cloud. Each site is provisioned with network bandwidth for its WAN link that connects it to the MPLS cloud. To implement CAC in an MPLS network, the MPLS cloud is defined as if it is a region and each site is configured with a link to the cloud or region and a bandwidth policy appropriate for the capacity of the link.
CAC for SIP Trunks

To deploy CAC on a SIP trunk, you create a network site to represent the Internet telephony service provider (ITSP). To apply bandwidth policy values on the SIP trunk, you create an inter-site policy between the network site in your enterprise and the network site that you create to represent the ITSP.
13-11
The following figure shows an example CAC deployment on a SIP trunk.
13-12
Lesson 2
Implementing Call Admission Control
This lesson discusses the processes required for performing the three steps to configure CAC. After completing this lesson, you will be able to: Configure network regions and sites. Associate subnets with sites. Configure network region links and routes. Enable CAC.
13-13
Configuring Network Regions and Sites
Configuring Network Regions

Network regions are the network hubs used in the configuration of CAC, E9-1-1, and media bypass. If you have already created network regions for other Lync Server 2010 features, you do not need to create new network regions; you may modify an existing network region definition to apply additional featurespecific settings. To create a network region: Open the Lync Server 2010 Management Shell and run the New-CsNetworkRegion cmdlet. For example, to create the US West region, run the following cmdlet.
New-CsNetworkRegion -Identity <Region-Name-String> -CentralSite<Central-Site-NameString> -Description "Network Region Description"
Repeat this step to define each network region in your deployment.
To modify a network region, use the Set-CsNetworkRegion cmdlet.
Configuring Network Sites for CAC

The following procedure shows how to create and configure a network site that is WAN bandwidthconstrained and therefore requires CAC bandwidth policies to limit real-time audio or video traffic flow. To create a network site: Open the Lync Server 2010 Management Shell and run the New-CsNetworkSite cmdlet. For example, to create the Redmond site in the example network, run the following:
New-CsNetworkSite -NetworkSiteID Redmond -Description "Corporate headquarters"NetworkRegionID US-East
Repeat this step to create any additional sites.
13-14
To modify a network site, use the Set-CsNetworkSite cmdlet.
13-15
Associating Subnets with Network Sites
CAC does not have any special requirements for associating subnets with network sites.
Associating a Subnet with a Network Site

To associate a subnet with a network site, open the Lync Server 2010 Management Shell and run the New-CsNetworkSubnet cmdlet.
New-CsNetworkSubnet -SubnetID<String> -MaskBits<Int32> -NetworkSiteID<String>
For example, to create an association between the subnet 172.11.12.0 and the network site Chicago, run the following cmdlet.
New-CsNetworkSubnet -SubnetID 172.11.12.0 - MaskBits 24-NetworkSiteID Chicago
Repeat this step for all subnets in your topology.
Associating Subnets with Network Sites Importing a CSV File

If you have a large number of subnets, use a comma-separated values (CSV) file to associate the subnets with sites. The CSV file must have the four columnsIPAddress, mask, description, NetworkSiteID. 1. Create a CSV file that includes all of the subnets. For example, create a file named subnet.csv with the following content.
IPAddress, mask, 172.11.12.0, 24, 172.11.13.0, 24, 172.11.14.0, 25, 172.11.15.0, 31, description, NetworkSiteID "NA:Subnet in Portland", Portland "NA:Subnet in Reno", Reno "EMEA:Subnet in Warsaw", Warsaw "EMEA:Subnet in Paris", Paris
13-16
2.
Open the Lync Server Management Shell and run the following cmdlet to import subnet.csv and store its contents in the Lync Server 2010 management store.
import-csv subnet.csv | foreach {New-CSNCSSubnet $_.IPAddress -MaskBits $_.mask Description $_.description -NetworkSiteID $_.NetworkSiteID}
13-17
Configuring Network Region Links and Routes
Network regions within an enterprise are connected through physical WAN links. Network region links set the bandwidth limitations on WAN connections. Region links define the network links over which data traverse to get from one region to another.
Configuring Network Region Links

A CAC network region link defines the physical WAN link between two directly connected regions and sets the bandwidth limitations on audio and video traffic over that link. Therefore, you first need to create bandwidth policy profiles and then you can define your network region links to apply the appropriate bandwidth policy to those region links.
Creating Bandwidth Policy Profiles

Bandwidth policies are defined as a collection of bandwidth policy profiles. These profiles can then be applied to multiple network links by reference to the profile name. You can create bandwidth policy profiles by using the Lync Server 2010 Management Shell and running the New-CsNetworkBandwidthPolicyProfile cmdlet. The following are policy profile examples for 5megabit (Mb), 10-Mb, and 25-Mb links.
New-CsNetworkBandwidthPolicyProfile -Identity 5Mb_Link -Description "BW profile for 5Mb links" -AudioBWLimit 2000 -AudioBWSessionLimit 200 -VideoBWLimit 1400 VideoBWSessionLimit 700
13-18
To modify an existing policy profile, use the Set-CsNetworkBandwidthPolicyProfile cmdlet. Note: The minimum Audio Session Limit value is 40 kilobits per second (kbps). The minimum Video Session Limit value is 100 kbps.
Bandwidth Policy Service Logs

The Bandwidth Policy Service generates two log files in CSV format. Both of these log files can assist you in fine tuning your CAC policies based on utilization. Link utilization log file. The link utilization log file contains a snapshot of the WAN link bandwidth utilization in the network. Check failures log file. The check failures log file contains information logged when bandwidth requests are denied.
Creating Network Region Links

You create network region links and apply an appropriate bandwidth policy profile by using the Lync Server Management Shell and running the New-CsNetworkRegionLink cmdlet, as shown in the following example.
New-CsNetworkRegionLink -NetworkRegionLinkID NA-EMEA-LINK -NetworkRegionID1 NorthAmerica -NetworkRegionID2 EMEA -BWPolicyProfileID 50Mb_Link
New-CsNetworkRegionLink -NetworkRegionLinkID EMEA-APAC-LINK -NetworkRegionID1 EMEA NetworkRegionID2 APAC -BWPolicyProfileID 25Mb_Link
Configuring Region Links

A network region link defines the network link path between any two network regions. Each pair of network regions requires a network inter-region route definition. This enables every network region in the deployment to access every other region. If the region pair is directly connected by a WAN link, a single network link is configured to define the route between the pair. If the region pair is not directly connected by a WAN link, multiple network links must be configured to define each network link in the route between the pair.
Creating Network Inter-Region Routes

You create network inter-region routes by using the Lync Server Management Shell and running the New-CsNetworkInterRegionRoute cmdlet, as shown in the following example.
New-CsNetworkInterRegionRoute -Identity NorthAmerica_EMEA_Route -NetworkRegionID1 NorthAmerica -NetworkRegionID2 EMEA -NetworkRegionLinkIDs "NA-EMEA-LINK"
New-CsNetworkInterRegionRoute -Identity NorthAmerica_APAC_Route -NetworkRegionID1 NorthAmerica -NetworkRegionID2 APAC -NetworkRegionLinkIDs "NA-EMEA-LINK, EMEA-APAC-LINK"
13-19
Note: The North America/APAC network inter-region route defined above requires two network region links because there is no direct network region link between them.
New-CsNetworkInterRegionRoute -Identity EMEA_APAC_Route -NetworkRegionID1 EMEA NetworkRegionID2 APAC -NetworkRegionLinkIDs "EMEA-APAC-LINK"
13-20
Enabling CAC
After you have configured your network settings for CAC, you must enable CAC for your bandwidth policies to take effect. You can enable CAC by using either the Lync Server Management Shell or Lync Server Control Panel.
Enable (or disable) CAC Using the Lync Server Management Shell
1. 2. Open the Lync Server Management Shell. Run the Set-CsNetworkConfiguration cmdlet to enable CAC, as shown in the following example.
Set-CsNetworkConfiguration -EnableBandwidthPolicyCheck 1
To disable CAC in your network, run the followingcmdlet.

Set-CsNetworkConfiguration -EnableBandwidthPolicyCheck 0
For more information on enabling CAC, search the Lync Server 2010 Help file for the following cmdlets: Get-CsNetworkConfiguration Set-CsNetworkConfiguration Remove-CsNetworkConfiguration
Enable CAC Using Lync Server Control Panel

1. 2. 3. 4. 5. Open Lync Server Control Panel. In the left navigation bar, click Network Configuration. Click the Global navigation button. Click Global in the list, and then on the Edit menu, click Show Details. On the Edit Global Settings page, select the Enable call admission control check box.
13-21
Note: If you want to disable CAC in your deployment, clear this check box. 6. Click Commit.
13-22
Lab: Implementing Call Admission Control
Fabrikam IT has received complaints regarding poor call quality and the inability to make or receive some calls. The networking group of Fabrikam is planning on implementing QoS to assist with the bandwidth management at the network level and wants to ensure that voice calls have priority over data sharing and video calls within Lync Server 2010 deployment. Using the Call Admission Control feature of Lync Server 2010, configure the CAC topology and policies to manage bandwidth allocation for real-time communications within the limits established by the network administration group. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

13-23
5.
6.
7.
8.
9.
13-24
b.
13-25
40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start. Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
13-26
13-27
Exercise 1: Configuring CAC Components

Scenario
In this exercise, you will use Topology Builder, Lync Server Control Panel, and Lync Server Management Shell to configure Call Admission Control. The main tasks for this exercise are as follows: 1. 2. 3. 4. 5. 6. 7. Create regions. Create network bandwidth profiles. Create network sites. Create subnets. Create a region link. Create inter-site policies. Create a region route.
Important: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server, and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Create regions.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create a North_America Region. Value North_America North America Region Miami
Field Name Description Central Site 2.
On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create an EMEA Region. Value EMEA EMEA Region Rome
Field Name Description Central Site
13-28
Task 2: Create network bandwidth profiles.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following network bandwidth profile. Value 5MB_Link Link for 5mb WAN Connection 2000 160 1400 700
Field Name Description Audio limit Audio session limit Video limit Video session limit 2.
On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following network bandwidth profile. Value 20MB_Link Link for 20mb WAN Connection 8000 160 4800 700
On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following network bandwidth profile. Value 50MB_Link Link for 50mb WAN Connection 20000 160 14000 700
Field Name Description Audio limit Audio session limit Video limit Video session limit
13-29
Task 3: Create network sites.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following Miami network site. Value Miami Network Site for Miami Data Center North_America 20MB_Link
Field Name Description Region Bandwidth policy 2.
On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following Redmond network site. Value Redmond Network Site for Redmond Branch Office North_America 5MB_Link
Field Name Description Region Bandwidth policy 3.
On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following Rome network site. Value Rome Network Site for Rome Data Center EMEA 20MB_Link
Field Name Description Region Bandwidth policy
Task 4: Create subnets.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following Miami Subnet. Value 10.0.10.0 24 Miami Miami Network
Field Subnet ID Mask Network site ID Description
13-30
2.
On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following Redmond Subnet. Value 10.0.20.0 24 Redmond Redmond Network
Field Subnet ID Mask Network site ID Description 3.
On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following Rome Subnet. Value 10.0.30.0 24 Rome Rome Network
Task 5: Create a region link.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following Region Link. Value NorthAmerica_EMEA North_America EMEA 50MB_Link
Field Name Network region #1 Network region #2 Bandwidth policy
Task 6: Create inter-site policies.

1. On MIA-LS1, use the Lync Server Management Shell only to create the following inter-site policy. Value MiamiToRedmond 20MB_Link Miami Redmond Field Identity BWPolicyProfileID NetworkSiteID1 NetworkSiteID2
13-31
Task 7: Create a region route.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create the following Region Link. Value NorthAmerica_EMEA_Route North_America EMEA NorthAmerica_EMEA
Field Name Network region #1 Network region #2 Network region links
Results: After this exercise, you should have created the necessary components for configuring Call Admission Control. This included creating regions, network bandwidth policies, network sites, subnets, region links, and region routes.
13-32
Exercise 2: Verifying Bandwidth Policy Application

Scenario
In this exercise, you will verify that the CAC topology elements and policies have been deployed and enabled and the policies are working as expected. The main tasks for this exercise are as follows: 1. 2. 3. 4. 5. 6. Enable Call Admission Control. Log on to client computers. Enable server logging. Start the Network Bandwidth Monitoring tool. Initiate a call from Rome to Miami. Review the logs and Bandwidth Policy Service Monitor tool. Note: If no data is showing in the logs or the monitoring tools during this exercise, restart the Lync Server Bandwidth Policy Service (Authentication) and Lync Server Bandwidth Policy Service (Core) services on MIA-LS1 and ROM-LS2. Also, in Network Configuration, on the Global tab, disable and re-enable Call Admission Control on the Edit Global Setting Global page and retry the tasks.
Task 1: Enable Call Admission Control.

1. On MIA-LS1, use Lync Server Control Panel or Lync Server Management Shell to enable Call Admission Control.
Task 2: Log on to client computers.

1. 2. 3. 4. 5. 6. 7. 8. 9. Log on to MIA-CL1 as Andreas. At a command prompt, type gpupdate /force, and then press Enter. Start and log on to Lync as Andreas. Log on to RED-CL2 as Tzipi. At a command prompt, type gpupdate /force, and then press Enter. Start and log on to Lync as Tzipi. Log on to ROM-CL3 as Marcel. At a command prompt, type gpupdate /force, and then press Enter. Start and log on to Lync as Marcel.
Task 3: Enable server logging.

1. 2. 3. 4. 5. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Logging Tool. In the Lync Server 2010 Logging Tool, in the Components window, select the PDP check box. Under Level, click All. Under Flags, click All Flags, and then click Start Logging. Repeat these steps on ROM-LS2 to enable logging in Rome.
13-33
Task 4: Start the Network Bandwidth Monitoring tool.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, double-click the ResKit folder shortcut on the desktop. In the window that opens, double-click Resource Kit Tools folder, and then double-click Bandwidth Policy Service Monitor. In the Bandwidth Policy Service Monitor tool, along the left side, expand mia-ls1.fabrikam.com, and then click mia-ls1.fabrikam.com (1:1-1). Click the Topology Info tab, and notice that the links shown match those you created earlier. Leave the tool open and monitor the values listed as you make the call in the next task. On ROM-LS2, double-click the ResKit folder shortcut on the desktop. In the window that opens, double-click Resource Kit Tools folder, and then double-click Bandwidth Policy Service Monitor. In the Bandwidth Policy Service Monitor tool, along the left side, expand rom-ls2.fabrikam.com, and then click rom-ls2.fabrikam.com (2:1-1). Click the Topology Info tab, and notice that the links shown match those you created earlier.
10. Leave the tool open and monitor the values listed as you make the call in the next task.
Task 5: Initiate a call From Rome to Miami.

1. 2. On ROM-CL3, make a call from Marcel to Andreas on MIA-CL1. Have Andreas answer the call and maintain active audio between the two clients while you check the results in the next task.
Task 6: Review the logs and Bandwidth Policy Service Monitor tool.
1. 2. 3. 4. On MIA-LS1, in the Lync Server 2010 Logging Tool, click Stop Logging, and then click View Log Files. In the View Log Files window, verify that PDP is the only selected component, and then click View. In the OCSLogger log that opens in Notepad, click Edit, and then click Find. Perform separate searches for: requested bw current bw returned bw
This shows the Bandwidth Policies being applied such as: 5. 6. 7. 8. Requested bandwidth Current bandwidth Returned bandwidth
On ROM-LS2, in the Lync Server 2010 Logging Tool, click Stop Logging, and then click View Log Files. In the View Log Files window, verify that PDP is the only selected component, and then click View. In the OCSLogger log that opens in Notepad, click Edit and then click Find. Perform separate searches for: requested bw
13-34
current bw returned bw
This shows the Bandwidth Policies being applied such as: 9. Requested bandwidth Current bandwidth Returned bandwidth
On MIA-LS1, in the Bandwidth Policy Service Monitor Tool, click Update Now in the upper-right corner, and watch the value listed under AudioBWUsed change as the call is negotiated, established and disconnected.
10. On ROM-LS2, in the Bandwidth Policy Service Monitor Tool, click Update Now in the upper-right corner, and watch the value listed under AudioBWUsed change as the call is negotiated, established and disconnected. 11. End all calls. Results: After this exercise, you should have enabled Call Admission Control. Then, you should have enabled logging in Miami and Rome and used the Lync 2010 clients to generate CAC traffic. Finally, you will have reviewed the captured traffic to see the application of bandwidth policies.
13-35
Review Questions
1. 2. 3. 4. What is the purpose of CAC, and why is it important? What are the five high-level steps required to define bandwidth policies for an organization? What are the minimum audio and video session limits? Can you disable CAC?
13-36
Deploying and Configuring Enhanced 9-1-1
14-1
Module 14
Contents:
Lesson 1: Overview of E9-1-1 Lesson 2: Deploying and Configuring E9-1-1 Lab: Configuring the Lync Server 2010 Location Information Service for E9-1-1 Calling 14-24 14-3 14-12
14-2
Module Overview
The Location Information Server (LIS) builds on Enhanced 9-1-1 (E9-1-1) technology to provide location information to users of a network. E9-1-1 is an emergency notification feature that associates the calling partys telephone number with a civic or street address. Using the location information, the Public Safety Answering Point (PSAP) can immediately dispatch emergency services to the caller in distress. This module introduces LIS for E9-1-1 and describes how to configure and deploy it for use with or without E9-1-1.
Objectives
After completing this module, you will be able to: Explain the function, features, components, and requirements of E9-1-1. Deploy and configure E9-1-1.
14-3
Lesson 1
Overview of E9-1-1
This lesson introduces the E9-1-1emergency notification feature in Lync Server 2010. After completing this lesson, you will be able to: Describe the components and requirements of E9-1-1. Explain how to configure Lync Server 2010 to include location information. Describe location policies. Explain the applicability of E 9-1-1. Describe the features of LIS.
14-4
Components and Requirements of E9-1-1
The following four components are required for E9-1-1 service: A universal number, such as 911, or any number chosen by the administrator Call routing to an emergency response center Public Safety Answering Point (PSAP) Caller identification Caller location
Note: The use of a multi-line telephone system (MLTS) may be subject to U.S. (that is, state and/or federal) and foreign MLTS laws that require the MLTS to provide a callers telephone number, extension, and/or physical location to applicable emergency services when a caller makes a call to emergency services (for example, when dialing an emergency access number such as 911 or 999).In this release, Lync Server 2010 can be configured to provide a callers physical location to an emergency services provider. Compliance with MLTS laws is the sole responsibility of the purchaser of Microsoft Lync Server 2010, Microsoft Lync 2010, and Microsoft Lync 2010 Phone Edition devices.
14-5
Configuring Lync Server 2010 to Include Location Information
To support E9-1-1, Lync Server 2010 must be configured to include location information with each emergency call originating from an E9-1-1 enabled Lync Server 2010 client. When a user places an emergency call, Lync Server 2010 routes the call along with location and callback information through the Mediation server to an Emergency Services Service Provider. The Emergency Services Service Provider then routes the call to the correct PSAP based on the location information contained within the call.
Acquiring a Location and Routing Calls

In a Lync Server 2010 E9-1-1 deployment, the client actively acquires its own location. After registration, the client includes all of the network connectivity information that it knows about itself in a location request to the LIS. The LIS then uses this information to query the published locations for a location. If there is a match, the LIS returns a location to the client. If there is not a match, the user may be prompted to enter a location manually (depending on location policy settings). The location is then included as part of an emergency call, and is used by the Emergency Services Service Provider to route the call to the correct PSAP. This approach can be broken up into two separate processes: Acquiring a location Routing an emergency call to the Emergency Services Service Provider
Acquiring a Location
The following steps describe how the client acquires a location: 1. 2. 3. 4. The administrator populates the Location database with the network wiremap. The administrator validates addresses with the Emergency Services Service Provider. The client sends a location request, containing network elements, to the LIS. The LIS queries the published locations for a location and, if a match is found, returns the information to the client.
14-6
5.
The client checks the local cache for a location and if this fails, the user may be prompted for a location depending on policies.
Routing an Emergency Call to the Emergency Services Service Provider

The following diagram represents the routing process when an emergency call is placed from a compatible Lync 2010 client to the PSAP.
1. 2.
A SIP Invite is routed to Lync Server 2010 containing the location and the callback number. Lync Server 2010 matches the emergency header, and routes the call, based on the PSTN Usage value defined in the location policy, through the Mediation server to the Emergency Services Service Provider by using a SIP trunk. The Emergency Services Service Provider routes the emergency call to the correct PSAP based on the location associated with the call. If configured, a predetermined user is sent an instant message (IM) notification. If configured, and supported by the Emergency Services Service Provider, a predetermined user is conferenced into the call. If necessary, the PSAP uses the callback number to contact the client directly.
3. 4. 5. 6.
When the client includes a validated address with the emergency call, the provider immediately directs the call to the PSAP. If the included address was manually entered by the user, the provider first verifies the accuracy of the location with the caller before routing the emergency call to the PSAP. Lync Server 2010 uses a location policy to enable Lync 2010 clients for E9-1-1 during client registration. A location policy contains the settings that define how E9-1-1 will be implemented.
14-7
Location Policies
Each location policy contains the information described in the table. Location policy Emergency Services Enabled Description Setting to Yes enables the client for E9-1-1. The client will acquire a location on registration and will include the location information as part of an emergency call. Only used when Emergence Services Enabled is set to Yes. Setting to No means that the user is not prompted for a location. Setting to Yes means that the user is prompted for a location, but can dismiss the prompt. Setting to Disclaimer means that the user is prompted for a location, and cannot dismiss the prompt until a location is entered. In both cases the user can continue to use the client. The dial string that signifies that a call is an emergency call. The Emergency Dial String causes the client to include location and callback information with the call. A semicolon-separated list of dial strings to be translated into the specified Emergency Dial String. This is useful for alternate emergency numbers or localization. (For example, if 112 were dialed in North America, it could be configured as a string mask, which would automatically call 911 instead.) A string containing the routing path that determines which SIP trunk an emergency call will be routed through. Specifies the SIP URIs of the security personnel to receive an IM notification when an emergency call is placed.
Location Required
Emergency Dial String
Emergency Dial String Masks
PSTN Usage Notification URI
14-8
Location policy Conference URI Conference Mode
Description Specifies the telephone number of the security personnel that should be conferenced in when an emergency call is placed. Specifies if the emergency contact will be conferenced into the emergency call using one-way or two-way communication.
Note: The disclaimer text will not appear if a user manually entered a location before being enabled for E9-1-1, and updates to the disclaimer text will not be viewed by users who have already viewed the disclaimer.
14-9
Applicable E9-1-1 Scenarios
This section describes four typical scenarios for E9-1-1.
Scenario 1
Scenario 1 includes the following elements: A Miami user in a Miami office using a wireless device. The company is user-enabled for E9-1-1. The wiremap includes a Service Set Identifier (SSID), and civic addresses have been validated. 911 is entered into Lync 2010. The users current location is used to send the location information to the appropriate emergency operator.
Scenario 2
Scenario 2 includes the following elements: A Rome user in a Miami office using a wireless device. The company is user-enabled for E9-1-1. The wiremap includes an SSID, and civic addresses have been validated. 112 is entered into Lync 2010. The users current location is used to send the location information to the appropriate emergency operator.
Scenario 3
Scenario 3 includes the following elements: A Miami user at a local caf. The company is user-enabled for E9-1-1. The wiremap does not include information for civic addresses.
14-10
The client manually enters the location as required by the policy. 911 is entered into Lync 2010. The location is sent to an Emergency Services Service Provider who manually validates the location so that the appropriate emergency operator can be dispatched.
Scenario 4
Scenario 4 includes the following elements: The company does not provide E9-1-1 service. The LIS wiremap has been completed by IT. Users logging into Lync 2010 at a known location are provided with a recommended location. Users logging into an unknown location are prompted to complete the location information. All Lync 2010 users by default can see the users location for an additional value-add.
14-11
Features of E9-1-1
When enabled, E9-1-1 provides the following features:

Location feature. Lync Server 2010 can detect a users location when traveling between work and home so that E9-1-1 services can find the user more easily in case of an emergency. Contact feature. Lync Server 2010 can be used to let contacts see where a user is located, such as whether they are in the building or on the road. Policy feature. Two policies are available to administrators: Enable E9-1-1 without enforcing location Enable E9-1-1 with the requirement that users accept a disclaimer that their physical location will not be provided to emergency responders should they choose not to provide the location.
Notification feature. All E9-1-1related notifications are customizable according to an organizations legal policy. Geographic location data feature. Geographic location data is determined in one of two ways: A location can be manually entered. The enterprise LIS provides the location data to Lync Server 2010. In addition, the current time zone is retrieved from the Microsoft Windows operating system on the computer.
14-12
Lesson 2
Deploying and Configuring E9-1-1
This lesson describes the steps for deploying and configuring LIS for E9-1-1. After completing this lesson, you will be able to: Configure an E9-1-1 voice route. Create location policies. Configure site information for E9-1-1. Configure the Location databases. Configure advanced E9-1-1.
14-13
Step 1: Configuring an E9-1-1 Voice Route
To deploy E9-1-1, you must first configure an emergency call voice route. You can define more than one route if, for example, your deployment includes a primary and secondary SIP trunk.
To configure an E9-1-1 voice route:

1. 2. Open the Lync Server Management Shell. Run the following cmdlet to create a new PSTN usage record. This must be the same name that is used for the PSTN setting in the location policy. Note: While your deployment will have multiple phone usage records, the following example uses Emergency Usage.
Set-CsPstnUsage -Usage @{add='EmergencyUsage'}
3.
Run the following cmdlet to create a new voice route using the PSTN usage record created in the previous step. The number pattern must be the same number pattern that is used in the Emergency Dial String setting in the location policy and must be unique. A + sign is needed because Lync Server 2010 adds + to emergency calls. Co1-pstngateway-1 is the SIP trunk service ID for the Emergency Services Service Provider. The following example names the voice route EmergencyRoute.
New-CsVoiceRoute -Name "EmergencyRoute" -NumberPattern "^\+911$" PstnUsages@{add="EmergencyUsage"} -PstnGatewayList @{add="co1-pstngateway-1"}
4.
Optionally, we recommend that the following cmdletis run to create a local route for calls that are not handled by the Emergency Services Service Providers SIP trunk. This route is used if the connection to the Emergency Services Service Provider is not available.
14-14
The following example assumes that the user has Local usage in their voice policy and that a local PSTN route co1-pstngateway-2 is configured.
New-CsVoiceRoute -Name "LocalEmergencyRoute" -NumberPattern "^\+911$" PstnUsages@{add="Local"} -PstnGatewayList @{add="co1-pstngateway-2"}
14-15
Step 2: Creating Location Policies
Lync Server 2010 uses a location policy to enable Lync Server 2010 clients for E9-1-1 during client registration. A location policy contains the settings that define how E9-1-1 is implemented. You can edit the global location policy and create new tagged location policies. A client obtains a global policy when not located within a subnet with an associated location policy, or when the client has not been directly assigned a location policy. Tagged policies are assigned to subnets or users.
Cmdlets
Cmdlets in this procedure use a location policy defined using the following values. Element EnhancedEmergencyServicesEnabled LocationRequired UseLocationForE911Only PstnUsage EmergencyDialString EmergencyDialMask NotificationUri ConferenceUri ConferenceMode Value True Yes False EmergencyUsage 911 112 sip:security@litware.com sip:+14255550123@litware.com twoway
14-16
Creating Location Policies
To create location policies:

1. 2. Open the Lync Server Management Shell. Optionally, run the following cmdlet to edit the global location policy.
Set-CsLocationPolicy Identity Global EnhancedEmergencyServicesEnabled $true LocationRequired yes PstnUsage emergencyUsage EmergencyDialString 911 ConferenceMode twoway ConferenceUri "sip:+14255550123@litware.com" EmergencyDialMask 112 NotificationUri "sip:security@litware.com" UseLocationForE911Only $true
3.
Run the following cmdlet to create a tagged location policy.

New-CsLocationPolicy -Identity Tag:Redmond EnhancedEmergencyServicesEnabled $true LocationRequired "yes" -UseLocationForE911Only $false -PstnUsage "EmergencyUsage" EmergencyDialString "911" -EmergencyDialMask "112" -NotificationUri "sip:security@litware.com" -ConferenceUri "sip:+14255550123@litware.com" ConferenceMode "twoway"
4.
Run the following cmdlet to apply the tagged location policy created in step 3 to a user policy.
(Get-CsUser | where { $_.Name -match UserName }) | Grant-CsLocationPolicy PolicyName Redmond
Note: CsLocationPolicy will fail if the setting for PstnUsage is not already in the Global list of PstnUsages.
14-17
Step 3: Configuring Site Information for E9-1-1
To define a location policy for subnets, a location policy must first be applied to a network site, and then the subnets are added to the network site. Note: If you create network sites for another Voice feature and you want to configure E9-1-1 using the same sites, you can modify the sites to be used for E9-1-1.
Adding a Location Policy to a Network Site

The following examples show how add a the Redmond location policy defined in Create Location Policies to an existing network site, and how to create a new network site which uses the Redmond location policy.
To assign a location policy to an existing network site:

1. 2. Open the Lync Server Management Shell. Run the following cmdlets to modify an existing network site. Assign the Redmond tagged Location Policy to an existing network site named ns2.
Set-CsNetworkSite -Identity "ns2" -NetworkRegionID "nr1" -LocationPolicy "Redmond"
To assign a location policy to a new network site:

1. 2. Open the Lync Server Management Shell. Run the following cmdlets to create a new network site. Create a new network site in the network region and assign the Redmond tagged Location Policy.
New-CsNetworkSite -Identity "ns1" -NetworkRegionID "nr1" -LocationPolicy "Redmond"
14-18
Associating a Subnet with a Network Site

Every managed subnet in your network must be associated with a specific network site. This is because subnet information is used to determine the network site on which an endpoint is located while a new session is being attempted. When the location of each party in a session is known, advanced Enterprise Voice features can apply that information to determine how to handle the call setup or routing. Important: All configured public IP addresses of the Audio/Video Edge servers in your deployment must be added to your network configuration settings. These IP addresses are added as subnets with a mask of 32. The associated network site should correspond to the appropriate configured network site. For example, the public IP address corresponding to the A/V Edge server in central site Chicago would have NetworkSiteID Chicago.
To associate a subnet with a network site by using the Lync Server Management Shell:
1. 2. Open the Lync Server Management Shell. Run the New-CsNetworkSubnet cmdlet to associate a subnet with a network site.
New-CsNetworkSubnet -SubnetID<String> -MaskBits<Int32> -NetworkSiteID<String>
For example:
New-CsNetworkSubnet -SubnetID 172.11.12.13 - MaskBits 20 -NetworkSiteID Chicago
In this example, you created an association between the subnet 172.11.12.13 and the network site Chicago. 3. Repeat step 2 for all subnets in your topology.
To associate a subnet with a network site by using the Lync Server Control Panel:
1. 2. 3. 4. 5. 6. 7. Open the Lync Server Control Panel. In the left navigation bar, click Network Configuration. Click the Subnet navigation button. Click New. On the New Subnet page, click Subnet ID, and then type the first address in the IP address range defined by the subnet you want to associate with a network site. Click Mask, and then type the bitmask to apply to the subnet. Click Network site ID, and then select the site ID of the site to which you are adding this subnet. Note: If you have not yet created network sites, this list will be empty. See Create or Modify a Network Site for the procedure. You can also retrieve site IDs for your deployment by running the Get-CsNetworkSite cmdlet. For more information, see the RTCCmdlets.chm or inline Help for the Lync Server Management Shell. 8. 9. Optionally, click Description, and then type additional information to describe this subnet. Click Commit.
10. Repeat these steps to add other subnets to a network site.
14-19
Step 4: Configuring the Location Databases
To automatically locate clients within a network, you first need to populate the Location database with a network wire map, which maps network elements to civic addresses. You can use subnets, wireless access points, switches, and ports to define the wire map.
Populating the Location Database

You can add addresses to the Location database individually, or in bulk by using a comma-separated value (CSV) file containing the column formats described in the following table. Network element Required columns <BSSID>,<Description>,<Location>,<CompanyName>,<HouseNumber>,<HouseN umberSuffix>,<PreDirectional>, <StreetName>,<StreetSuffix>,<PostDirectional>,<City>,<State>, <PostalCode>,<Country> <Subnet>,<Description>,<Location>,<CompanyName>,<HouseNumber>,<House NumberSuffix>,<PreDirectional> <StreetName>,<StreetSuffix>,<PostDirectional>,<City>,<State>, <PostalCode>,<Country> <ChassisID>,<PortID>,<Location>,<CompanyName>,<HouseNumber>, <HouseNumberSuffix> <PreDirectional>,<StreetName>,<StreetSuffix>,<PostDirectional>,<City>,<State>, <PostalCode>,<Country> <ChassisID>,<Description>,<Location>,<CompanyName>, <HouseNumber>,<HouseNumberSuffix>,<PreDirectional>, <StreetName>,<StreetSuffix>,<PostDirectional>,<City>,<State>, <PostalCode>,<Country>
Wireless access point
Subnet
Port
Switch
14-20
Note: If you do not populate the Location database, and Location Required in the location policy is set to Yes or Disclaimer, the client will always prompt the user to enter a location manually.
Adding Network Elements to the Location Database
To add network elements to the Location database:

1. Run the following cmdlet to add a subnet location to the Location database:
Set-CsLisSubnet -Subnet 157.56.66.0 -Description "Subnet 1" Location Location1 CompanyName Litware HouseNumber 1234 HouseNumberSuffix PreDirectional StreetName 163rd StreetSuffix Ave PostDirectional NE City Redmond State WA PostalCode 99123 Country US
Alternately, you can run the following cmdlets to bulk update subnet locations using a file named subnets.csv.
$g = Import-Csv subnets.csv $g | Set-CsLisSubnet
2.
Run the following cmdlet to add wireless locations to the Location database.
Set-CsLisWirelessAccessPoint -BSSID 0A-23-CD-16-AA-2E -Description "Wireless1" Location Location2 CompanyName Litware HouseNumber2345 HouseNumberSuffix PreDirectional StreetName 163rd StreetSuffix Ave PostDirectional NE City Bellevue State WA PostalCode 99234 Country US
Alternately, you can run the following cmdlets to bulk update wireless locations using a .csv file named waps.csv.
$g = Import-Csv waps.csv $g | Set-CsLisWirelessAccessPoint
3.
Run the following cmdlet to add switch locations to the Location database.
Set-CsLisSwitch-ChassisID 0B-23-CD-16-AA-BB -Description "Switch1" Location Location1 CompanyName Litware HouseNumber 1234 HouseNumberSuffix PreDirectional StreetName 163rd StreetSuffix Ave PostDirectional NE City Redmond State WA PostalCode 99123 Country US
Alternately, you can run the following cmdlets to bulk update switch locations using a .csv file named switches.csv.
$g = Import-Csv switches.csv $g | Set-CsLisSwitch
4.
Run the following cmdlet to add port locations to the Location database.
Set-CsLisPort -ChassisID 0C-23-CD-16-AA-CC -PortID 0A-abcd -Description "Port1" Location Location2 CompanyName Litware HouseNumber 2345 HouseNumberSuffix PreDirectional StreetName 163rd StreetSuffix Ave PostDirectional NE City Bellevue State WA PostalCode 99234 Country US
PortIDSubType defaults to LocallyAssigned. You can also set it to InterfaceAlias and InterfaceName.
14-21
Alternately, you can run the following cmdlets to bulk update port locations using a csv file named ports.csv.
$g = Import-Csv ports.csv $g | Set-CsLisPort
Validating Addresses
Before publishing the Location database, you must validate new locations against the Master Street Address Guide (MSAG) maintained by the Emergency Services Service Provider. Important: Failure to validate addresses leaves the LIS wiremap in an invalidated state and the location information is treated as if it were manually entered by the user.
To validate an address located in the Location database:

1. 2. Open the Lync Server Management Shell. Run the following cmdlets to configure the Emergency Services Service Provider connection.
$pwd = Read-Host AsSecureString<password> Set-CsLisServiceProvider -ServiceProviderName Provider1 -ValidationServiceUrl<URL provided by provider> -CertFileName<location of certificate provided by provider> Password $pwd
3.
Run the following cmdlet to validate the addresses in the Location database.
Get-CsLisCivicAddress | Test-CsLisCivicAddress UpdateValidationStatus
You can also use the Test-CsLisCivicAddress cmdlet to validate individual addresses.
Publishing the Location Database

The new locations added to the Location database will not be made available to the client until they have been published. Note: If any change is made to the LIS database, Publish-csLisConfiguration must be manually run again.
To publish the Location database:

1. 2. Open the Lync Server Management Shell. Run the following cmdlet to publish the Location database.
Publish-csLisConfiguration
14-22
Step 5: Configuring Advanced E9-1-1
Microsoft Lync Server 2010 communications software includes the following features that you can use to customize your E9-1-1 deployment: A web service interface to connect the LIS to a supported Simple Network Management Protocol (SNMP) application A web service interface to connect to a Secondary Location Source (SLS) database
Configuring an SNMP Application

Lync Server 2010 communications software includes a standard web service interface that you can use to connect the LIS to SNMP applications that match Media Access Control (MAC) addresses with port and switch information. If an SNMP application is installed and the LIS fails to find a match in the Location database, the LIS will automatically query the application using the MAC address provided by the client. The LIS will then use the port and switch information returned by the SNMP application to re-query the Location database.
To configure the SNMP application URL:

1. 2. Open the Lync Server Management Shell. Run the following cmdlet to configure the URL for the SNMP application.
Set-CsWebServiceConfiguration MACResolverUrl <SNMP application url>
Configuring a Secondary Location Information Service

Lync Server 2010 provides a web service interface that you can use to point the LIS to a supported SLS database. The web service interface connecting to the SLS database must conform to LISWeb Services Description Language (WSDL). If both a Location database and Secondary Location database are configured, the LIS will first query the Location database, and if no match is found, will then proxy the
14-23
Location Request from the client to the SLS database. If the location exists in the SLS, the LIS then proxies the location back to the client
To configure a Secondary Location database:

1. 2. Open the Lync Server Management Shell. Run the following cmdlet to configure the URL for the location of the Secondary Location database.
Set-CsWebServiceConfiguration SecondaryLocationSourceURL <web service url>
14-24
Lab: Configuring the Lync Server 2010 Location Information Service for E9-1-1 Calling
With Lync Server 2010 deployed to all users and locations, including remote and traveling users, the discussion of emergency calls has arisen. The use of the Location Information Service for E9-1-1 is provided in Lync Server 2010 but must be configured using the Lync Server Control Panel and Lync Server Management Shell. Important: It is recommended that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

This lab requires the virtual machines running from the previous lab and depends on the completion of Lab 5 through 13.The virtual machines are configured to automatically logon as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password Pa$$w0rd
14-25
5.
6.
7.
8.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-ROM-CL3.2is not running: a. b. Right-click 10533A-ROM-CL3.2 and click Start. Right-click 10533A-ROM-CL3.2 and click Connect.
9.
14-26
b.
14-27
40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start. Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2 and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
14-28
14-29
Exercise 1: Creating Emergency Routes and PSTN Usages

Scenario
Lync Server recognizes configured emergency numbers without the need to define normalization. In general, any number specified as an emergency number is appended with a + and routed accordingly. In this exercise, you will create two PSTN Usages for U.S. and Italy emergency calls, and then create two emergency call routes. The main tasks for this exercise are as follows: 1. 2. Create emergency usages for the U.S. and Italy. Create emergency routes for the U.S. and Italy.
Task 1: Create emergency usages for the U.S. and Italy.

1. 2. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create a PSTN Usage for the US called US Emergency Call. Use the Lync Server Management Shell or Lync Server Control Panel to create a PSTN Usage for Rome called Italy Emergency Call.
Task 2: Create emergency routes for the U.S. and Italy.

1. On MIA-LS1, use the Lync Server Management Shell or Lync Server Control Panel to create a Route for the US using the following information. Value US Emergency Route ^((\+911)|(\+118)) US Emergency Call Italy Emergency Call Pstngateway:1.1.1.1 1
Step Name Number pattern PSTN Usages PSTN Gateway List Priority 2.
Use the Lync Server Management Shell or Lync Server Control Panel to create a route for Rome by using the following information. Value Italy Emergency Route ^((\+118)|(\+911)) Italy Emergency Call US Emergency Call
Step Name Number pattern PSTN Usages
14-30
Step PSTN Gateway List Priority
Value Pstngateway:1.1.1.3 1
Results: After this exercise, you should have created the necessary routes and PSTN Usages for emergency calling for both the US and Italy.
14-31
Exercise 2: Defining LIS Locations

Scenario
In this exercise, you will configure the Location Information Server feature by configuring subnets within the LIS wire map for Miami, Redmond and Rome and then configuring LIS site policies. Subnet 10.0.10.0 will correspond with this civic address in Miami: Fabrikam Corporate Campus 1234 Maple Drive Miami, FL 33136 US Subnet 10.0.20.0 will correspond with this civic address in Redmond: Fabrikam 1 Microsoft Way Redmond, WA 98052 US Subnet 10.0.30.0 will correspond with this civic address in Rome: Fabrikam Viale Avignone 10 Rome 00144 IT The main tasks for this exercise are as follows: 1. 2. 3. 4. Create subnets in the location database. Create LIS site policies. Configure the LIS site policies. Enable the LIS feature.
Task 1: Create subnets in the location database.

1. On MIA-LS1, use the Lync Server Management Shell to create a subnet for the Miami civic address. Value 10.0.10.0 Miami Data Center Miami Subnet Fabrikam 1234 Maple Street Miami FL 33136 US Step Subnet Description Location Company Name House Number Street Name Street Suffix City State Postal Code Country
14-32
2.
Use the Lync Server Management Shell to create a subnet for the Redmond civic address. Value 10.0.20.0 Redmond Branch Office Redmond Subnet Fabrikam 1 Microsoft Way Redmond WA 98052 US
Step Subnet Description Location Company Name House Number Street Name Street Suffix City State Postal Code Country 3.
Use the Lync Server Management Shell to create a subnet for the Rome civic address. Value 10.0.30.0 Rome Data Center Rome Subnet Fabrikam Viale Avignone 10 Rome 00144 IT
Step Subnet Description Location Company Name Street Name Street Suffix City Postal Code Country
Task 2: Create LIS site policies.

1. 2. 3. On MIA-LS1, use the Lync Server Management Shell to create a site location policy for Miami. Use the Lync Server Management Shell to create a site location policy for Redmond. Use the Lync Server Management Shell to create a site location policy for Rome.
Task 3: Configure the LIS site policies.

1. On MIA-LS1, use the Lync Server Management Shell to edit the site location policy for Miami according to the following table.
14-33
Field Identity Description EnhancedEmergencyServicesEnabled LocationRequired UseLocationForE911Only EmergencyDialString EmergencyDialMask NotificationURI ConferenceURI ConferenceMode 2.
Value Site:Miami Miami Data Center Location Policy True Yes False 911 118 Marcel@Fabrikam.com +390655554001 twoway
Use the Lync Server Management Shell to edit the site location policy for Redmond according to the following table: Field Identity Description EnhancedEmergencyServicesEnabled LocationRequired UseLocationForE911Only EmergencyDialString EmergencyDialMask NotificationURI ConferenceURI ConferenceMode Value Site:Redmond Redmond Branch Office Location Policy True Yes False 911 118 Andreas@Fabrikam.com +13055552100 twoway
3.
Use the Lync Server Management Shell to edit the site location policy for Rome according to the following table. Field Identity Description EnhancedEmergencyServiceEnabled LocationRequired Value Site:Rome Rome Data Center Location Policy True Yes
14-34
Field UseLocationForE911Only EmergencyDialString EmergencyDialMask NotificationURI ConferenceURI ConferenceMode
Value False 118 911 Tzipi@Fabrikam.com +14255553002 twoway
Task 4: Enable the LIS feature.

1. On MIA-LS1, use the Lync Server Management Shell to enable the LIS feature.
Results: After this exercise, you should have created the three subnets for each of the civic addresses, created three LIS sites and configured the policies for each. Finally, you enabled the LIS service.
14-35
Exercise 3: Experiencing LIS Features

Scenario
In this exercise, you will experience the Location Information Server feature by calling emergency numbers from the two data centers and the branch office. You will see in Lync 2010 a suggested location being provided based off of the client subnet. An IM with the location information will be sent to a manager when the emergency call is made, and a conference bridge would be established between the manager, the emergency operator, and the original caller in a non-virtualized environment. When logged in to Lync 2010 using a Remote Desktop Protocol (RDP) session, the location field is not selectable or editable, and is not shown to Contacts. To work around this for this lab, you will log onto Lync 2010 in a RDP connection, and then minimize that connection. Then you will connect to the VM using a Hyper-V connection, and then set the location. To experience emergency dialing, you will then return to the RDP connection to make the calls. The main tasks for this exercise are as follows: 1. 2. Sign in to Lync 2010 and set locations. Experience emergency dialing.
Task 1: Sign into Lync 2010 and set locations.

1. 2. 3. 4. 5. 6. 7. 8. 9. On the Remote Desktop Connection to MIA-CL1, sign out of and in to Lync as Andreas. On the desktop, double-click the Start PBX Emulator shortcut to open the PBX Emulator. Close the Remote Desktop Connection to MIA-CL1. Connect to MIA-CL1 using a Hyper-V connection, and then sign in as Andreas. In Lync, notice the Set Your Location option and the suggested location, the Miami civic address. Click the Set Your Location drop-down menu, and then click Set Location. On the Edit Location page, in the Location name box, type Miami Data Center, and then click OK. On RED-CL2, sign out of and in to Lync as Tzipi. Close the Remote Desktop Connection to RED-CL2.
10. Connect to RED-CL2 using a Hyper-V connection, and then sign in as Tzipi. 11. In Lync, notice the Set Your Location and the suggested location, the Redmond civic address. 12. Click the Set Your Location drop-down menu, and then click Set Location. 13. On the Edit Location page, in the Location name box, type Redmond Branch Office, and then click OK. 14. On ROM-CL3, sign out of and in to Lync as Marcel. 15. Close the Remote Desktop Connection to ROM-CL3, 16. Connect to ROM-CL3 using a Hyper-V connection, and then sign in as Marcel. 17. In Lync, notice the Set Your Location and the suggested location, the Rome civic address. 18. Click the Set Your Location drop-down menu, and then click Set Location. 19. On the Edit Location page, in the Location name box, type Rome Data Center, and then click OK.
14-36
Task 2: Experience emergency dialing.

1. 2. 3. 4. 5. 6. 7. 8. 9. Reconnect the Remote Desktop Connection to MIA-CL1 as Andreas. Reconnect the Remote Desktop Connection to ROM-CL3 as Marcel. Reconnect the Remote Desktop Connection to RED-CL2 as Tzipi. On MIA-CL1, in Lync, dial 911. Notice the bridge setup with Marcel, the location information provided to Marcel, and the call connects to the PBX Emulator. Disconnect the call. Dial 118 and watch as it converts to 911 and has the same behavior. Disconnect the call. On Red-CL2, in Lync, dial 911.
10. Notice the bridge setup with Andreas, the location information provided to Andreas, and the call connects to the PBX Emulator. 11. Disconnect the call. 12. On ROM-CL3, in Lync, dial 118. 13. Notice the bridge setup with Tzipi, the location information provided to Tzipi, and the call connects to the PBX Emulator. 14. Disconnect the call. 15. Dial 911 and watch as it converts to 118 and has the same behavior. 16. Disconnect the call. Results: After this exercise, you should have experienced enhanced emergency dialing at the three locations, by first setting location of a user at each location. Then experience enhanced emergency calling.
Important: After this lab, it is recommended that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, rightclick and then click Snapshot.
14-37
Review Questions
1. 2. 3. What is the enhancement that E9-1-1 provides for network users? Are there sometimes laws governing the appropriate use of multi-line telephone systems (MLTS) that you must be aware of when implementing E9-1-1 in Lync Server 2010? If you want to require a user to input their location information, should you set the Emergency Services Enabled setting to Yes?
14-38
Voice Resiliency Features of Lync Server 2010
15-1
Module 15
Contents:
Lesson 1: Voice Resiliency in Lync Server 2010 Lesson 2: Features Available During Various Outage Scenarios Lab: Implementing Voice Resiliency in Lync Server 2010 15-3 15-14 15-21
15-2
Module Overview
Voice resiliency is the ability of Microsoft Lync Server 2010 to provide continuous Enterprise Voice service so that users can continue making and receiving calls, even if the central site or the wide area network (WAN) link from a branch to its central site becomes unavailable. The goal of this module is to cover the voice resiliency features of Lync Server 2010. Multiple failure scenarios are explored, such as central site failover, branch site failover, and WAN failover. After completing this module, you will be able to: Explain voice resiliency in Lync Server 2010. Explain the features available during various outage scenarios.
15-3
Lesson 1
Voice Resiliency in Lync Server 2010
Enterprise organizations often have multiple sites that may be spread across the globe or within the same city. Maintaining the ability to conduct critical business tasks when a central site is out of service is essential for any Enterprise Voice resiliency solution. This lesson will introduce voice resiliency in Lync Server 2010, describe how it is provided, and enable you to configure it for your enterprise communications system. After completing this lesson, you will be able to: Understand voice resiliency. Explain voice resiliency components and dependencies. Describe Survivable Branch Appliances (SBAs) and Survivable Branch Servers. List applicable voice-resiliency scenarios. Configure voice resiliency.
15-4
Overview of Voice Resiliency in Lync Server 2010
Planning for voice resiliency requires a basic understanding of the central role played by the Lync Server 2010 Registrar in enabling voice failover. The Lync Server 2010 Registrar is a new server role that enables client registration and authentication and provides routing services. It resides along with other components on a Standard Edition server, Enterprise Front End server, Director, Survivable Branch Appliance (SBA), or Survivable Branch Server.
Primary Registrar Pool

A Registrar pool consists of Registrar services running on the Lync Server 2010 pool and residing at the same site. The pool must be load-balanced. DNS load balancing is recommended, but hardware load balancing is acceptable. Each user who is enabled for Enterprise Voice is assigned to a particular Registrar pool, which becomes that users primary Registrar pool. At a given site, hundreds or thousands of users may share a single primary Registrar pool.
Backup Registrar
To assure voice resiliency in the event of a central site failure, the primary Registrar pool must have a single designated backup Registrar pool located at another site. The backup can be configured by using Topology Builder resiliency settings. Assuming a resilient WAN link between the two sites, users whose primary Registrar pool is no longer available are automatically directed to the backup Registrar pool providing logon, routing, and voice services. Note: A backup Registrar cannot be chained. If A backs up B and B backs up C, and B and C fail, users in C will not be able to connect to A (but both A and B will work fine).
15-5
Voice Resiliency Components and Dependencies
Lync Server 2010 voice resiliency components and requirements include: Domain Name System (DNS) Dynamic Host Configuration Protocol (DHCP) Microsoft Exchange Unified Messaging (UM) Microsoft Exchange Server and Exchange Web Services
DNS
A client discovers the Lync Server 2010registrar pool through a DNS Service Location (SRV) record. After the client connects to the pool, it is directed by the load balancer to one of the Front End servers in the pool. That Front End server, in turn, redirects the client to their preferred Registrar in the pool. Client Discovery and Registration Process The following steps describe the client discovery and registration process: 1. A client discovers Lync Server 2010 through DNS SRV records. In Lync Server 2010, DNS SRV records can be configured to return more than one fully qualified domain name (FQDN) to the DNS SRV query. For example, if enterprise Contoso has three central sites (North America, Europe, and Asia-Pacific) and a Director pool at each central site, DNS SRV records can point to the Director pool FQDNs in each of the three locations. As long as the Director pool in one of the locations is available, the client can connect to the first-hop Lync Server 2010. Note: Using a Director pool is optional. A Front End pool can be used instead. 2. The Director pool informs the client about the users primary Registrar pool and backup Registrar pool.
15-6
3.
The client attempts to connect to the users primary Registrar pool first. If the primary Registrar pool is available, the client accepts the registration. If the primary Registrar pool is unavailable, the client attempts to connect to the backup Registrar pool. If the backup Registrar pool is available and has determined that the users primary Registrar pool is unavailable (by detecting a lack of heartbeat for a specified failover interval), the backup Registrar pool accepts the users registration. After the backup Registrar detects that the primary Registrar is again available for a pre-specified length (to prevent excessive swapping), the backup Registrar pool will redirect failover clients to their primary pool.
DHCP
If a branch site does not have a DNS server, there are two alternative ways to enable discovery of the SBA or Survivable Branch Server: Configure DHCP option 120 on the branch sites DHCP server to point to the FQDN of the SBA or Survivable Branch Server. Enable the SBA or Survivable Branch Server to respond to DHCP 120 queries.
Exchange Unified Messaging

The Exchange Unified Messaging (UM) routing component handles rerouting between Lync Server 2010 and Exchange UM, including the routing of voice mail over the public switched telephone network (PSTN) if Exchange UM servers are unavailable. Exchange UM is usually installed only at a central site and not at branch sites. A caller should be able to deposit a voice mail message, even if the WAN link between branch site and central site is unavailable. To enable voice mail survivability for branch site users, you and your Exchange Server administrator should configure the following: Configure Exchange UM Auto Attendant (AA) to accept messages only. This configuration disables all other generic functionality, such as transfer to a user or transfer to an operator, and limits the AA to only accepting messages. Alternatively, the Exchange administrator can use a generic AA or an AA customized to route the call to an operator. Apply the Exchange UM AA phone number in the voice mail rerouting settings for the SBA or Survivable Branch Server. Use the Exchange UM subscriber access phone number as the subscriber access number in the voice mail rerouting settings for the SBA or Survivable Branch Server. Configure Exchange UM so that only one dial plan is associated with all branch users who need access to voice mail during a WAN outage. Important: To ensure prompt rerouting of voice mail during a WAN outage, DNS records must be cached at the branch site. If the branch router supports DNS caching, enable it for DNS caching. Or, you can deploy a DNS server at the branch. This can be a stand-alone server or a version of the SBA that supports DNS capabilities.
Exchange Server and Exchange Web Services

To enable Exchange Server 2010 Service Pack 1(SP1) Outlook Web Access and instant messaging (IM) integration with Lync Server 2010, you must add the Exchange Server 2010 SP1 Client Access server to the Lync Server 2010 topology as a trusted application server. Depending on how your Exchange Server 2010 SP1 server roles are configured, there may be additional configuration requirements:
15-7
If your Client Access server is not collocated on the same server that is running Exchange Server 2010 SP1 UM, in addition to creating a trusted application pool you must create a trusted application, by using the following cmdlet in the Lync Server Management Shell:
New-CsTrustedApplication
The trusted application must be assigned a port number on which the application will run. The port must be unique within the trusted application pool. In other words, no other applications that use this port can be defined in the specified pool. This port will not be used, but it must be assigned. If your Client Access server is collocated on the same server that is running Exchange Server 2010 SP1 UM, and the UM server is servicing a Session Initiation Protocol (SIP) dial plan that is integrated with Lync Server 2010, you only need to create a trusted application pool; it is not necessary to create a trusted application.
For overall resiliency, it is recommended that if you are deploying Exchange, you build a robust Exchange environment that includes a Client Access server array and multiple Exchange UM servers.
15-8
Survivable Branch Appliance and Survivable Branch Server
In Lync Server 2010, you define sites on your network that contain Lync Server 2010 components. Each site is either a central site or a branch site. Each branch site contains a Survivable Branch Appliance (SBA) or a Survivable Branch Server, plus a PSTN gateway and/or SIP trunk that is not part of the SBA, and optionally a Mediation server.
What Is a Survivable Branch Appliance?

The Survivable Branch Appliance is an industry-standard server or network blade with a Lync Server 2010 Registrar and Mediation server running on Microsoft Windows Server 2008 R2. The SBA also contains an integrated PSTN gateway.
What Is a Survivable Branch Server?

The Survivable Branch Server is a Microsoft Windows Server meeting specified hardware requirements that has Lync Server 2010 Registrar and Mediation server software installed on it. It must connect to either a PSTN gateway or a SIP trunk to a telephone service provider.
Preparing Branch Site Resiliency

You can establish branch site resiliency for users by setting their primary Registrar pool as the SBA or Survivable Branch Server. You should also do the following: Create a separate user-level VoIP policy for users in a branch site. This policy should include a primary route that uses the SBA or branch server gateway and one or more backup routes that use a PSTN gateway at the central site. In this way, regardless of where a user is registered, either on the branch office Registrar or the backup Registrar pool at the central site, the users VoIP policy is always in effect. Create a failover route on the gateway. Or, work with your Direct Inward Dialing (DID) provider to redirect incoming calls to the backup Registrar pool at the central site. From there, the calls will be routed over the WAN link to branch users. This ensures that inbound calls to branch site users will reach those users when the branch gateway or the Microsoft Windows component of the SBA site is unavailable.
15-9
Create a user-level dial plan and assign it to branch site users. Ensure that you create normalization rules that match the number format used in the msRTCSIP-line attribute for outbound Lync 2010 calls at the central site. If the Line URI contains non-DID numbers for example, <E.164>;ext=<extension> ensure that you create normalization rules that match these strings as well.
15-10
Applicable Voice Resiliency Scenarios
There are obvious advantages to providing branch site resiliency to your organization, namely that if you lose the connection to the central site, branch site users will continue to have Enterprise Voice service and voice mail. You have three options for how you set up branch site resiliency: using an SBA, a Survivable Branch Server, or a branch as a central site.
Survivable Branch Appliance

If you host between 25 and 1,000 users at your branch site, and if the return on investment does not support a full deployment of Lync Server 2010 (or where local administrative support is unavailable), you should use an SBA at your branches.
Survivable Branch Server

If you host between 1,000 and 5,000 users at your branch site, lack a resilient WAN connection, and have trained Lync Server 2010 administrators available, you should use a Survivable Branch Server.
Branch as a Central Site

If you require presence and conferencing features in addition to voice features for up to 5,000 users at a branch, and you have trained Lync Server 2010 administrators available at the branch, you should set up your branch sites as a central site by deploying a Standard Edition server at the branch. This scenario provides a continuous PSTN connection in the event of a WAN failure, as well as resilient presence and conferencing. Additionally, if you have a branch site that requires complete independence regardless of WAN connectivity to the central site, you also want to configure the branch as a central site.
15-11
Configuring Voice Resiliency
Increasingly, enterprises have multiple sites spread across the globe. Maintaining emergency services, access to a Help desk, and the ability to conduct critical business tasks when a central site is out of service is essential for any Enterprise Voice resiliency solution.
Resiliency at a Central Site

When a central site becomes unavailable, the following conditions must be met: Voice failover must be provided. Users who normally register with the Front End pool at the central site must be able to register with an alternative Front End pool. This can be done by creating multiple DNS SRV records, each of which resolves to a Director pool or Front End pool in each of your central sites. You can adjust the priority and weights of the SRV records so that users who are served by that central site get the corresponding Director and Front End pool ahead of those in other SRV records. Calls to and from users located at other sites must be rerouted to the PSTN.
To assure voice resiliency in the event of a central site failure, the primary Registrar pool must have a single designated backup Registrar pool located at another site. The backup can be configured by using Topology Builder resiliency settings. Assuming a resilient WAN link between the two sites, users whose primary Registrar pool is no longer available are automatically directed to the backup Registrar pool.
Configuring Resiliency Using an SBA

After Lync Server 2010 has been deployed at the central site, a WAN connection to the branch site is in place, and branch site users are enabled for Enterprise Voice, you can provision Active Directory Domain Services (AD DS) for installation of the SBA at the central site, and install the SBA at the branch.
15-12
To configure voice resiliency at the central site:

1. 2. 3. 4. 5. 6. Add an installation technician at the branch site to the RTCUniversalSBATechnicians group. Create a domain user account (or enterprise identity) for the technician who will install and activate the SBA at the branch site. Create a computer account (with the applicable FQDN) for the SBA in AD DS. In Topology Builder, create a branch site under a central site. In Topology Builder, add the SBA to the branch site. In Topology Builder, publish the new topology. Note: It is recommended that you deploy a DHCP server at each branch site to enable clients to obtain IP addresses. Alternately, you must enable Lync Server 2010 DHCP on the SBA or Survivable Branch Server by using the following Lync Server Management Shell cmdlet: New-CsRegistrarConfiguration Identity service:<BRANCH Registrar ID>enableddhcp $true
To configure voice resiliency at the branch site:

1. 2. 3. 4. 5. Connect the SBA to an Ethernet port and PSTN port. Start the SBA. Join the SBA to the domain, using the domain user account created for the SBA at the central site. Set the FQDN and IP address to match the FQDN created in the computer account. Configure the SBA using the original equipment manufacturer (OEM) user interface. Test PSTN connectivity.
Configuring Resiliency Using a Survivable Branch Server

In Topology Builder, create a branch site under a central site, add the Survivable Branch Server to that site, publish the changes, and then run the Lync Server Deployment Wizard on the computer where you want to install the role.
Configuring a Branch Failover Route

To configure a failover route, you specify a gateway that is located at a different site from the gateway specified in the primary route. The following example shows how you would define a failover voice route for a primary gateway (DallasGW1). The following tables illustrate how to set the user voice policy and voice routing configuration. User policy Default calling policy Redmond Dallas Calling Policy Phone usage Local GlobalPSTNHopoff RedmondLocal DallasUsers GlobalPSTNHopoff
15-13
Route name Redmond local route Dallas local route
Number pattern ^\+1(425|206|253)(\d{7})$
Phone usage Local RedmondLocal
Gateway Red-GW1 Red-GW2 Dallas-GW1
^\+1(972|214|469)(\d{7})$ Local
Universal route
^\+?(\d*)$
Red-GW1 GlobalPSTNHandoff Red-GW2 Dallas-GW1 DallasUsers Dallas-GW1
Dallas users route
^\+?(\d*)$
In the previous example, a phone usage of GlobalPSTNHopoff is added after the DallasUsers phone usage in the Dallas Calling Policy. This enables calls with the Dallas Calling policy to use routes that are configured for the GlobalPSTNHopoff phone usage if a route for the DallasUsers phone usage is unavailable.
15-14
Lesson 2
Features Available During Outages
This lesson covers the Lync Server 2010 features that are available to users during WAN and pool outage scenarios for both central and branch office sites. After completing this lesson, you will be able to: Describe site voice resiliency with pool outages. Describe branch voice resiliency with pool outages. Describe branch voice resiliency with WAN outages. Describe branch voice resiliency with SBA outages.
15-15
Site Voice Resiliency with Pool Outages
In the event of a primary Registrar pool outage, the following voice features are provided by the backup Registrar pool: Outbound PSTN calls Inbound PSTN calls, if the telephony service provider supports the ability to fail over to a backup site Enterprise calls between users at both the same site and between two different sites Basic call handling, including call hold, retrieval, and transfer Two-party IM and sharing audio and video (A/V) between two users at the same site Call forwarding, simultaneous ringing of endpoints, call delegation, and team call services, but only if both parties to call delegation, or all team members, are configured at the same site Existing phones and clients continue to work Call Detail Recording (CDR) Authentication and authorization
Special Configurations
Depending on how they are configured, the following voice features may or may not work when a primary central site is out of service: Voice mail deposit and retrieval. If you want to make Exchange UM available when the primary central site is out of service, you must do one of the following: Change DNS records so that the Exchange UM servers at the central site point to backup Exchange UM servers at another site. Configure each users Exchange UM dial plan to include UM servers at both the central site and the backup site, but designate the backup UM servers as disabled. If the primary site becomes
15-16
unavailable, the Exchange administrator has to mark the UM servers at the backup site as enabled. Conferencing of all types. A user who has failed over to a backup site can join a conference that is created or hosted by an organizer whose pool is available but cannot create or host a conference on his or her own primary pool. Similarly, others users cannot join conferences that are hosted on the affected users primary pool.
Unavailable Features
The following voice features are unavailable for users registered at a primary central site when it is out of service: Conference Auto Attendant Multi-party communications hosted by the user Presence and DNS-based routing Updating call forwarding settings Response Group Service and Call Park Provisioning new phones and clients
15-17
Branch Voice Resiliency with Pool Outages
If your voice resiliency solution includes a full-scale Lync Server 2010 deployment at the branch site, the following features will be available during a pool outage: IM, web, and A/V conferencing. Presence and Direct Inward Dialing (DID)based routing. Updating call forwarding settings. Response Group Service and Call Park. Provisioning new phones and clients, but only if Active Directory Domain Services (AD DS) is present at the branch site. Enhanced 9-1-1 (E9-1-1). If you deploy E9-1-1 and the SIP trunk at the central site is not available because the WAN link is down, the SBA will route E9-1-1 calls to the local branch gateway. To enable this feature, branch-site users voice policies should route calls to the local gateway in the event of WAN failure.
15-18
Branch Voice Resiliency with WAN Outages
If you have Enterprise Voice users at branch sites that do not have a resilient WAN link to a central site, the SBA that you deploy at the branch site provides voice mail survivability for branch users during a WAN outage. When the WAN link is unavailable, the SBA does the following: Reroutes unanswered calls over the PSTN to the Exchange UM server in the central site. Provides the ability for a user to retrieve voice mail messages over the PSTN. Queues missed-call notifications, and then uploads them to the Exchange UM server when the WAN link is restored.
With branch site resiliency, if a branch sites WAN connection to a central site fails, or if the central site is unreachable, the following voice features should continue to be available: Inbound and outbound PSTN calls Enterprise calls between users at both the same site and between two different sites Basic call handling, including call hold, retrieval, and transfer Two-party IM Call forwarding, simultaneous ringing of endpoints, boss-administrator and team call services (but only if boss and administrator, or all team members, are configured at the same site) Call Detail Records PSTN dial-in conferencing with the Conferencing Auto Attendant Voice mail capabilities, if you configure voice mail rerouting settings. User authentication and authorization
15-19
Branch Voice Resiliency with SBA Outages
When configuring users for voice resiliency at a branch site, you should create a separate user-level VoIP policy. This policy should identify the primary route as either the SBA or Survivable Branch Server gateway, and one or more backup routes that use a PSTN gateway at the central site. When configured this way, in the event of an outage, the users VoIP policy remains in effect, regardless of whether the user is registered on the branch office Registrar or the backup Registrar pool at the central site. Important: When you create a branch office backup route, you should add two PSTN phone usage records to the branch office user policy and assign separate routes to each one. The first, or primary, route directs calls to the gateway associated with the SBA or branch server. The second, or backup, route directs calls to the gateway at the central site. In directing calls, the SBA or branch server will attempt all routes assigned to the first PSTN usage record before attempting the second usage record. To ensure that inbound calls to branch site users will reach those users when the branch gateway or the Windows component of the SBA site is unavailable, create a failover route on the gateway (or work with your DID provider) to redirect incoming calls to the backup Registrar pool at the central site. From there, the calls will be routed over the WAN link to branch users. Note: To account for the consumption of central site resources by any branch site users that rely on the central site for presence, conferencing, or failover, we recommend that you consider each branch site user as though the user were a user registered with the central site. There are currently no limits on the number of branch site users, including users registered with an SBA.
15-20
Create User-Level Dial Plans

It is also recommended that you create a user-level dial plan and assign it to branch site users. When preparing dial plans for branch site users, ensure that you include normalization rules that match the number format used in the msRTCSIP-line attribute. Normalization rules must match the number format entered in the msRTCSIP-line attribute for outbound Lync 2010 calls between branch site users and central site users to be rerouted correctly over the PSTN when the WAN link is unavailable. If the Line URI contains non-DID numbers - for example, <E.164>;ext=<extension> - ensure that you create normalization rules that match these strings as well.
15-21
Lab: Implementing Voice Resiliency in Lync Server 2010
Fabrikam Management has setup a second pool for their European location and wants to configure both pools as backup registrars to each other and the Redmond pool as a backup registrar for the Branch Office. You will configure the required backup registrars and test various outage scenarios. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

This lab requires the virtual machines running from the previous labs and depends on the completion of Labs 5 through 14. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
15-22
5.
6.
7.
8.
9.
15-23
b.
15-24
40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start. Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
15-25
15-26
Exercise 1: Configuring Central Site Resiliency

Scenario
In this exercise, you will configure the Miami pool to be the backup Registrar pool for Rome, and the Rome pool to be the backup Registrar pool for Miami. You will also verify the configured backup Registrar pool for Redmond is the Miami pool and then publish the topology. Then you will simulate a pool outage at the Rome site and verify Lync Server 2010 site resiliency. Due to virtualization it may take a while for the clients to failover or failback. Because of the limitations of the virtualized environment, not all available options can be tested. The main tasks for this exercise are as follows: 1. 2. 3. Configure backup registrar pools. Simulate a pool outage at the Rome site. Test and verify central site resiliency in Rome. Important: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server, and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Configure backup registrar pools.

1. 2. 3. 4. 5. 6. 7. On MIA-LS1, use the Topology Builder to configure rom-ls2.fabrikam.com as the Associated backup Registrar pool for mia-ls1.fabrikam.com. Enable a 30 second Failure detection interval and a 60 second Failback interval. Use the Topology Builder to configure mia-ls1.fabrikam.com as the Associated backup Registrar pool for rom-ls2.fabrikam.com. Enable a 30 second Failure detection interval and a 60 second Failback interval. Verify mia-ls1.fabrikam.com is configured as the Associated backup Registrar pool for redsbs1.fabrikam.com. Change the Failure detection interval to 30 seconds and a Failback interval to 60 seconds. Publish the topology.
Task 2: Simulate a pool outage at the Rome site.

1. On ROM-LS2, use the Services management console to stop the Lync Server Front-End service.
Task 3: Test and verify central site resiliency in Rome.

1. 2. 3. On MIA-CL1, if necessary, double-click the PBX Emulator shortcut on the desktop to start the emulator. On ROM-CL3, verify the behavior of Lync 2010 for Marcel. Verify the functionality of the Lync 2010 client as it fails over to the Miami Registrar pool. Outbound PSTN Calling, for example, dial 0055556789. Enterprise calls between users at both the same site and between two different sites, for example, dial 2002 to call Andreas.
15-27
4. 5. 6.
Basic call handling, including call hold, retrieval, and transfer, for example, dial 2002 to call Andreas and have her put Marcel on hold. Two-party instant messaging, for example, start an IM session with Andreas. Authentication and authorization, this is shown by Marcel being able to log on to Lync 2010. Voice mail deposit, for example, call Andreas and leave her a voice mail.
On MIA-CL1 and RED-CL2, verify full functionality. On ROM-LS2, in Services, start the Lync Server Front-End service. Verify full functionality on all three clients. Results: After this exercise, you should have configured backup Registrar pools for both the Miami and Rome locations. You then tested and verified the behavior of the clients when there is a Pool outage or failure.
15-28
Exercise 2: Testing and Verifying Branch Office Voice Resiliency with a WAN Outage
Scenario
In this exercise, you will simulate a WAN link by disabling the RED Network interface on the MIA-RAS1 VM. Then you will test and verify the behavior of the Survivable Branch Server. When a WAN link failure occurs, branch office users are still able to make and receive calls by using this new feature of Lync Server 2010. Due to virtualization it may take a while for the clients to failover or failback. Because of the limitations of the virtualized environment, not all available options will be able to be tested. The main tasks for this exercise are as follows: 1. 2. Simulate a WAN outage. Test and verify branch office voice resiliency in Redmond.
Task 1: Simulate a WAN outage.

1. On MIA-RAS1, in Network Connections, disable the RED Network interface
Task 2: Test and verify branch office voice resiliency in Redmond.

Note: Because of virtualization, it may take several minutes for the clients to failover and failback. 1. 2. 3. On RED-CL2, verify the behavior of Lync 2010 for Tzipi. If you get a MAPI connection prompt, click Close. Verify the client is in limited functionality mode and available voice functionalities. 4. 5. Outbound PSTN calls, for example, dial 4255551212 (if this call does not go through, restart the Lync Server Mediation service on RED-SBS1). PSTN dial-in conferencing with Conferencing Auto-Attendant (as a PSTN call), for example, dial 2345 and watch as it gets routed to the PBX Emulator. Exchange UM Auto Attendant and Subscriber Access calling (as a PSTN call), for example, dial 2000 or 2999 and watch as it gets routed to the PBX Emulator. User authentication and authorization, this is shown by Tzipi being able to log on to Lync 2010.
Enable the RED Network interface and verify full functionality in Redmond. Verify full functionality on all three clients. Results: After this exercise, you should have configured the SBS associated backup Registrar for the Redmond branch office. Then you should have simulated a WAN outage and verified the voice resiliency features at the branch office.
15-29
Exercise 3: Testing and Verifying Branch Office Voice Resiliency with a Pool Outage
Scenario
In this exercise, you will test and verify the Enterprise Voice resiliency features of Lync Server 2010 at a branch office during a pool outage or failure. Due to virtualization it may take a while for the clients to failover or failback. Because of the limitations of the virtualized environment, not all available options will be able to be tested. The main tasks for this exercise are as follows: 1. 2. Simulate a Pool outage at the central site. Test and verify branch office voice resiliency in Redmond.
Task 1: Simulate a Pool outage at the central site.

1. On MIA-LS1, use the Services management console to stop the Lync Server 2010 Front End Service.

1. 2. On RED-CL2, verify the behavior of Lync 2010 for Tzipi. Verify the client is in limited functionality mode and voice functionality. 3. 4. Outbound PSTN calls, for example, dial 4255551212 (if this call does not go through, restart the Lync Server Mediation service on RED-SBS1). Enterprise calls between users at both the same site and between two different sites, for example, dial 4001 to call Marcel. Rome PSTN dial-in conferencing with Conferencing Auto Attendant, for example, dial 4567. Exchange UM Auto Attendant and Subscriber Access calling, for example, dial 2000 or 2999. User authentication and authorization, this is shown by Tzipi being able to log on to Lync 2010.
On MIA-LS1, in Services, start the Lync Server 2010 Front End service. Verify full functionality on all three clients. Results: After this exercise, you should have simulated a central site pool failure or outage and then tested and verified the voice resiliency features at the branch office.
15-30
Exercise 4: Testing and Verifying Branch Office Voice Resiliency with SBS Outage
Scenario
In this exercise, you will test and verify the Enterprise Voice resiliency features of Lync Server 2010 at a branch office during a Survivable Branch Server outage or failure. Due to virtualization it may take a while for the clients to failover or failback. Because of the limitations of the virtualized environment, not all available options will be able to be tested. The main tasks for this exercise are as follows: 1. 2. Simulate a Survivable Branch Server outage in Redmond. Test and verify branch office voice resiliency in Redmond.
Task 1: Simulate a Survivable Branch Server outage in Redmond.

1. On RED-SBS1, use the Services management console to stop all of the Lync Server 2010 services.

1. 2. 3. 4. 5. On RED-CL2, verify the behavior of Lync 2010 for Tzipi. Verify the client has full functionality. Verify the clients on MIA-CL1 and ROM-CL3 have full functionality. On RED-SBS1, in Services, start the Lync Server services. Verify full functionality on all three clients. Results: After this exercise, you should have simulated a Survivable Branch Server failure or outage and then tested and verified the voice resiliency features at the branch office.
Important: After this lab, it is recommended that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, right-click and then click Snapshot.
15-31
Review Questions
1. 2. 3. What is the key server role involved in voice resiliency? If a branch site does not have a DNS server, what are the two alternative ways to enable discovery of the SBA or Survivable Branch Server? If a user is registered at a primary central site, will the user still be able to establish multi-party conferences when the central site is unavailable?
15-32
Lab 2: Preparing the Environment and Deploying a Lync Server 2010 Pool
L2-1
Module 2: Deploying Lync Server 2010
Lab Scenario
You are the Network Administrator for Fabrikam, Inc. and have been tasked with deploying Lync Server 2010. You will prepare your Microsoft Active Directory for Microsoft Lync Server 2010, configure a topology by using the Topology Builder, publish it, and then deploy one Enterprise Edition Front End server.

For Labs 2, 3 and 4, each student should have their own set of virtual machines and will perform all of the steps by themselves. The set of virtual machines include: 10533A-MIA-DC1.1 10533A-MIA-SQL1.1 10533A-MIA-LS1.1 10533A-MIA-CL1.1
For this lab, use the Hyper-V Manager to start and connect to the 10533A-MIA-DC1.1 virtual machine and wait for it to completely start up. Start and connect to the rest of the virtual machines (10533A-MIA-SQL1.1, 10533AMIA-LS1.1, and 10533A-MIA-Cl1.1) before beginning labs. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machine: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd
To begin this lab, you must connect to the appropriate virtual machines by using the following steps: 1. 2. 3. 4. 5. 6. 7. 8. 9. On the host computer, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, right-click 10533A-MIA-DC1.1 and click Start. Right-click 10533A-MIA-DC1.1 and click Connect. In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing. In the Virtual Machines list, right-click 10533A-MIA-SQL1.1 and click Start. Right-click 10533A-MIA-SQL1.1 and click Connect. In the Virtual Machines list, right-click 10533A-MIA-LS1.1 and click Start. Right-click 10533A-MIA-LS1.1 and click Connect. In the Virtual Machines list, right-click 10533A-MIA-CL1.1 and click Start.
10. Right-click 10533A-MIA-CL1.1 and click Connect. 11. When 10533A-MIA-CL1.1 has booted up completely, close the Virtual Machine Connection window. 12. On the host, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 13. In the Remote Desktop Connection window, click Options. 14. Click the Local Resources tab, and then under Remote audio, click Settings.
L2-2
15. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 16. Under Remote audio recording, click Record from this computer, and then click OK. 17. Click the General tab. 18. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 19. In the User name box, type Fabrikam\Andreas, and then click Connect. 20. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Connect. 21. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 22. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Important: All connections to MIA-CL1 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed. NOTE: If the virtual machines are reporting that they need to be activated, run slmgr.vbs rearm from a command prompt and then reboot the server.
L2-3
Exercise 1: Preparing for Lync Server 2010

Scenario
In the first exercise, you will prepare Active Directory for Lync Server 2010 and add the Administrator in the CSAdministrator group. The main tasks for this exercise are as follows: 1. 2. Prepare Active Directory for Lync Server 2010. Add an administrator to the CSAdministrator group. Important: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server, and Lync Server 2010 services. If any are not started, right-click each and then click Start.
Task 1: Prepare Active Directory for Lync Server 2010.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in Windows Explorer, open C:\LabFiles\LS2010\Setup\AMD64 and double-click Setup.exe. On the Installation Location page, leave the default location, and then click Install. On the End User License Agreement page, select the I accept the terms in the license agreement check box, and then click OK. On the Deployment Wizard, click Prepare Active Directory. On the Prepare Active Directory for Lync Server page, next to Step 1: Prepare Schema, click Run. On the Prepare Schema page, click Next. Wait as the wizard executes the commands to prepare the schema. When the Task Status shows as Completed, click Finish. On the Prepare Active Directory for Lync Server page, near Step 3: Prepare Current Forest, click Run.
10. On the Prepare Forest page, click Next. 11. On the Universal Group Location page, verify that Local Domain is selected, and then click Next. 12. Wait as the wizard executes the commands to prepare the forest. 13. When the Task Status shows as Completed, click Finish. 14. On the Prepare Active Directory for Lync Server page, next to Step 5: Prepare Current Domain, click Run. 15. On the Prepare Domain page, click Next. 16. Wait as the wizard executes the commands to prepare the domain. 17. When the Task Status shows as Completed, click Finish. 18. On the Deployment Wizard, click Exit.
L2-4
Task 2: Add an administrator to the CSAdministrator group.

1. 2. 3. 4. 5. 6. 7. On MIA-DC1, click Start, click Administrative Tools, and then click Active Directory Users and Computers. In the Active Directory Users and Computers administrative snap-in, in the navigation pane, expand Fabrikam.com, and then click the Users container. In the Results pane, right-click the CSAdministrator group, and then click Properties. On the CSAdministrator Properties page, click the Members tab, and then click Add. On the Select Users, Contacts, Computers, Service Accounts, or Groups page, in the Enter the object names to select box, type Administrator, and then click OK. On the CSAdministrator Properties page, click OK. Log off of MIA-LS1 and then log back on as Fabrikam\Administrator with the password of Pa$$w0rd.
Results: After completing this exercise, you should have prepared Active Directory for an installation of Lync Server 2010.
L2-5
Exercise 2: Configuring a Lync Server 2010 Topology

Scenario
In this exercise, you will install and use the Topology Builder to build the Lync Server 2010 topology and configure the administrative URLs. The main tasks for this exercise are as follows: 1. 2. Deploy and run Topology Builder. Configure the Administrative Access URL.
Task 1: Deploy and run the Topology Builder.

1. 2. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Deployment Wizard. In the Deployment Wizard, click Install Topology Builder.
Note: There is no further user interaction needed to finish the install. 3. 4. 5. 6. 7. 8. 9. Click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Topology Builder. On the Welcome to Topology Builder page, click New Topology, and then click OK. In the Save New Topology As window, navigate to the desktop and save the topology as Lab2.tbxml. On the Define the primary domain page, in the Primary SIP Domain box, type fabrikam.com, and then click Next twice. On the Define the first site page, in the Name box, type Miami, and then click Next. On the Specify site details page, in the City box, type Miami. In the State/Province box, type Florida.
10. In the Country/Region Code box, type +1, and then click Next. 11. On the New topology was successfully defined page, verify that Open the New Front End Wizard when this wizard closes is selected, and then click Finish. 12. On the Define New Front End Pool wizard, on the Define the New Front End pool page, click Next. 13. On the Define the Front End pool FQDN page, in the Pool FQDN box, type pool.fabrikam.com. Verify that Enterprise Edition Front End Pool is selected, and then click Next. 14. On the Define the computers in this Pool page, in the Computer FQDN box, type MIALS1.fabrikam.com, click Add, and then click Next. 15. On the Select Features page, select only the Conferencing, which includes audio, video and application sharing check box, and then click Next. 16. On the Select collocated server roles page, select only the Collocate A/V Conferencing service checkbox, and then click Next. 17. On the Associate server roles with this Front End pool page, clear all check boxes, and then click Next. 18. On the Define the SQL store page, click Define a new SQL store, and then in the SQL Server FQDN box, type MIA-SQL1.fabrikam.com.
L2-6
19. Click Default Instance, and then click Next. 20. On the Define the file share page, click Define a new file share, and then in the File Server FQDN box, type MIA-SQL1.fabrikam.com. 21. In the File Share box, type fileshare, and then click Next. 22. On the Specify the Web Services URL page, leave the default URLs, and then click Finish.
Task 2: Configure the Administrative Access URL.

1. 2. On MIA-LS1, in the Topology Builder, in the Navigation pane, right-click Lync Server 2010, and then click Edit Properties. On the Edit Properties page, under Simple URLs, in the Administrative access URL box, type https://admin.fabrikam.com, and then click OK.
Results: After completing this exercise, you should have created and edited a publishable topology.
L2-7
Exercise 3: Publishing the Topology

Scenario
In this exercise, you will publish the topology and understand the changes made during this process, such as creating the CMS database, setting configuration store location, and creating the necessary databases. The main task for this exercise is to publish the topology.
Task 1: Publish the topology.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Topology Builder, right-click Lync Server 2010, and then click Publish Topology. On the Publish the topology page, review the actions that will be performed, and then click Next. On the Create databases page, verify that MIA-SQL1.fabrikam.com is selected, and then click Next. On the Select Central Management Server page, verify that the front end pool drop-down displays pool.fabrikam.com Miami, and then click Next. On the Publishing wizard complete page, verify that all steps show as Success. Under Next steps, click the link to open the to-do list. Review the NextSteps.txt file that opens and the instructions to run local setup on each server in the list, and then close Notepad. On the Publishing wizard complete page, click Finish. Close the Lync Server 2010 Topology Builder.
Results: After completing this exercise, you should have a published topology.
L2-8
Exercise 4: Configuring Domain Name Server (DNS)

Scenario
In this exercise, you will use the DNS MMC to create appropriate A and SRV records on MIA-DC1 that are required for automatic client logon. The main task for this exercise is to create the necessary DNS records for Lync Server 2010.
Task 1: Create the necessary DNS Records for Lync Server 2010.
1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-DC1, click Start, click Administrative Tools, and then click DNS. In the DNS Manager, expand MIA-DC1, expand Forward Lookup Zones, and then click Fabrikam.com. Right-click Fabrikam.com, and then click New Host (A or AAAA). In the New Host window, in the Name box, type pool. In the IP Address box, type 10.0.10.12, and then click Add Host. At the DNS prompt, click OK. In the New Host window, in the Name box, type dialin. In the IP Address box, type 10.0.10.12, and then click Add Host. At the DNS prompt, click OK.
10. In the New Host window, in the Name box, type meet. 11. In the IP Address box, type 10.0.10.12, and then click Add Host. 12. At the DNS prompt, click OK. 13. In the New Host window, in the Name box, type admin, 14. In the IP Address box, type 10.0.10.12 and then click Add Host. 15. At the DNS prompt, click OK, and then click Done. 16. Right-click Fabrikam.com, and then click Other New Records. 17. In Select a resource record type window, click Service Location (SRV), and then click Create Record. 18. In the Service box, type _sipinternaltls. 19. In the Protocol box, type _tcp. 20. Leave the Priority and Weight entries as their defaults. 21. In the Port Number box, type 5061. 22. In the Host offering this service text box, type pool.fabrikam.com, and then click OK. 23. Click Done. 24. Right-click Fabrikam.com, and then click Other New Records.
L2-9
25. In Select a resource record type window, click Service Location (SRV), and then click Create Record. 26. In the Service box, type _sip. 27. In the Protocol box, type _tls. 28. Leave the Priority and Weight entries as their defaults. 29. In the Port Number box, type 5061. 30. In the Host offering this service text box, type pool.fabrikam.com, and then click OK. 31. Click Done and close DNS Manager.
L2-10
Exercise 5: Deploying the Front End Server Role

Scenario
In this exercise, you will walk through the four steps in the deployment wizard to complete the setup of a Lync Server 2010 Front End server. You will install a Local Configuration Store, set up components, request and configure certificates, and then start the Lync Services. The main tasks for this exercise are as follows: 1. 2. 3. 4. Install the Local Configuration Store. Set up components. Request and assign certificates. Start Lync Server Services.
Task 1: Install the Local Configuration Store.

1. 2. 3. 4. 5. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Deployment Wizard. On the Lync Server 2010 - Deployment Wizard page, click Install or Update Lync Server System. On the Lync Server 2010 - Deployment Wizard page, next to Step 1: Install Local Configuration Store, click Run. On the Configure Local Replica of Central Management Store page, verify that Retrieve directly from the Central Management Store is selected, and then click Next. On the Executing Commands page, when the Task Status shows as Completed, click Finish.
Task 2: Set up components.

1. 2. 3. On MIA-LS1, on the Lync Server 2010 - Deployment Wizard page, next to Step 2: Setup or Remove Lync Server Components, click Run. On the Setup Lync Server components page, click Next. On the Executing Commands page, when the Task status shows as Completed, click Finish.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, on the Lync Server 2010 - Deployment Wizard page, next to Step 3: Request, Install or Assign Certificates, click Run. In the Certificate Wizard window, click Request. On the Certificate Request page, click Next. On the Delayed or Immediate Requests page, verify that Send the request immediately to an online certification authority is selected, and then click Next. On the Choose a Certification Authority (CA) page, verify that MIA-DC1,Fabrikam.com\FabrikamCA is listed, and then click Next. On the Certification Authority Account page, leave the box clear, and then click Next. On the Specify Alternate Certificate Template page, leave the box clear, and then click Next. On the Name and Security Settings page, in the Friendly Name box, type MIA-LS1 Lync Server Certificate, and then click Next. On the Organization Information page, in the Organization box, type Fabrikam.
L2-11
10. In the Organizational Unit box, type IT, and then click Next. 11. On the Geographical Information page, in the Country/Region drop-down list, click United States. 12. In the State/Province box, type Florida. 13. In the City/Locality box, type Miami, and then click Next. 14. On the Subject Name/Subject Alternate Names page, review the Subject Name and Subject Alternate Names automatically populated, and then click Next. 15. On the SIP Domain setting on Subject Alternate Names (SANs) page, select the Fabrikam.com check box, and then click Next. 16. On the Configure Additional Subject Alternate Names page, leave the fields blank, and then click Next. 17. On the Certificate Request Summary page, click Next. 18. On the Executing Commands page, when the Task Status shows as Completed, click Next. 19. On the Online Certificate Request Status page, verify that the Assign this certificate to Lync Server certificate usages check box is selected, and then click Finish. 20. On the Certificate Assignment page, click Next. 21. On the Certificate Assignment Summary page, click Next. 22. On the Executing Commands page, when the Task Status shows as Completed, click Finish. 23. On the Certificate Wizard, click the down arrow next to Default Certificate to expand the Certificate Type. 24. Verify that Server Default, Web Services Internal, and Web Services External all show as Assigned, and then click Close.
Task 4: Start Lync Server Services.

1. 2. 3. 4. On MIA-LS1, on the Lync Server 2010 - Deployment Wizard page, next to Step 4: Start Services, click Run. On the Start Services page, click Next. On the Executing Commands page, when the Task Status shows as Completed, click Finish. On the Lync Server 2010 Deployment Wizard page, click Exit.
Results: After this exercise, you should have a configured Lync Server 2010 deployment. Important: After this lab, we recommend that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, right-click and then click Snapshot.
L2-12
Lab 3: Configuring Users and Rights in Lync Server 2010
L3-1
Module 3: Configuring Users and Rights in Lync Server 2010

Lab Scenario
You have successfully deployed Microsoft Lync Server 2010 at Fabrikam. You will now provision users and delegate administrative rights.

This lab requires the virtual machines from the previous lab and depends on Lab 2 being completed. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machine: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd
In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing. In the Virtual Machines list, if the virtual machine 10533A-MIA-SQL1.1 is not started: a. b. Right-click 10533A-MIA-SQL1.1 and click Start. Right-click 10533A-MIA-SQL1.1 and click Connect.
5.
6.
7. 8. 9.
10. Click the Local Resources tab, and then under Remote audio, click Settings. 11. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 12. Under Remote audio recording, click Record from this computer, and then click OK. 13. Click the General tab. 14. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com.
L3-2
15. In the User name field, type Fabrikam\Andreas, and then click Connect. 16. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Connect. 17. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 18. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services that are set to Automatic start have started. If not, right-click the service and click Start.
L3-3
Exercise 1: Using the Lync Server Control Panel

Scenario
In this exercise, you will use the Lync Server Control Panel to provision and administer users for Lync Server 2010. The main tasks for this exercise are as follows: 1. 2. Enable users. Validate the configuration. IMPORTANT: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Microsoft Exchange, Microsoft SQL Server, and Lync Server 2010 services. If any are not started, right-click each, and then click Start. To do so, click Start, click Administrative Tools and then click Services. In the Services console, verify all services that are set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Enable users.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, open Internet Explorer. In Internet Explorer, click Tools, and then click Internet options. In Internet options, click the Security tab. On the Security tab, click Local intranet, and then click Sites. On the Local intranet window, clear the Automatically detect intranet network check box, and then click Advanced. On the next Local intranet window, in the Add this website to the zone box, type *.fabrikam.com, click Add, and then click Close. Click OK twice to return to Internet Explorer. In Internet Explorer, in the address box, type https://admin.fabrikam.com, and then press Enter. In the Lync Server Control Panel, click Users.
10. Click Enable users. 11. On the New Lync Server User page, click Add. 12. On the Select from Active Directory page, click Find. 13. Press and hold the Ctrl key, select the following users, and then click OK. Andreas Herbinger Anna Lidman Conor Cunningham Ebru Ersan Patricia Doyle Paul West
14. On the New Lync Server User page, in the Assign users to a pool drop-down menu, click pool.fabrikam.com. 15. Under Generate users SIP URI, click Use the following format <SAMAccountName>@.
L3-4
16. In the drop-down menu, click Fabrikam.com. 17. In the Telephony drop-down list, verify that PC-to-PC Only is selected. 18. Leave the rest of defaults, and then click Enable.

1. 2. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Management Shell. In the Lync Server Management Shell, type the following, and then press Enter.
Update-CsUserDatabase Force
3.
In the Lync Server Management Shell, type the following, and then press Enter.
Update-CsAddressBook Force
Note: These two commands are not necessary in a real-world deployment. They are run now to allow the subsequent steps to operate successfully. 4. 5. 6. 7. 8. 9. On the host, click Start, and then in the Run box, type MMC, and then click OK. In the MMC console, click File, and then click Add/Remove Snap-in. Select Certificates, and then click Add. Click Computer account, click Next, and then click Finish. Click OK. Expand Certificates, expand Trusted Root Certification Authorities, right-click Certificates, click All Tasks, and then click Import.
10. On the Certificate Import wizard, click Next. 11. In the File to Import page, click Browse. 12. Navigate to\\MIA-DC1\Certenroll, click MIA-DC1.Fabrikam.com_FabrikamCA.crt, and then click Open. 13. If prompted, connect by using the Fabrikam\Administrator credentials. 14. Finish the wizard with the rest of the defaults. 15. In the Certificate Import Wizard window, click OK. 16. Close the MMC without saving changes. 17. On the host, open Windows Explorer and navigate to \\MIA-LS1.Fabrikam.com\C$\LabFiles\, and then double-click LyncSetupEval.exe. 18. If prompted, connect by using the Fabrikam\Administrator credentials. 19. On the Open File - Security Warning prompt, click Run. 20. On the Install Microsoft Lync 2010 page, clear the Help improve the quality and reliability check box, and then click Install. 21. On the Microsoft Update page, click I do not want to use Microsoft Update, and then click OK. 22. When installation has completed successfully, clear the Start Lync check box, and then click Close.
L3-5
23. On the host, click Start, click All Programs, click Microsoft Lync, and then click Microsoft Lync 2010. 24. In Lync, in the Sign-in address and User name boxes, type Conor@Fabrikam.com, and then log on with the password, Pa$$w0rd. 25. If you get the Microsoft Lync 2010 start here page, click the X in the upper-right corner to close the tutorial. 26. If you get a Microsoft Silverlight Out-of-Browser Launcher window, close the window. 27. If you get a Web Browser warning, click OK. 28. If you get an Internet Explorer prompt, click Close. 29. On the Remote Desktop Connection to MIA-CL1, click Start, click All Programs, click Microsoft Lync, and then click Microsoft Lync 2010. 30. Verify that Lync logs on by using Andreas credentials. 31. If necessary, in Lync, in the Sign-in address and User name boxes, type Andreas@Fabrikam.com, and then log on with the password, Pa$$w0rd. 32. On the host, in Lync, in the Find a contact box, type Andreas. 33. Notice that the name is resolved to Andreas and her presence shows as Online. Note: You may have to wait a moment for Address book synchronization, or enter the full SIP URI, such as andreas@fabrikam.com. 34. Click the Add to Contacts menu, and then click All Contacts. 35. Repeat these steps to add Marcel as a contact in Conors Lync. 36. Repeat these steps to add Conor and Marcel as a contact in Andreas Lync. 37. Conduct various IM sessions between the two clients. Results: After completing this exercise, you should have enabled existing Active Directory users by using the Lync Server Control Panel. Then, you should have installed Lync Server 2010 on the host and verified Lync Server 2010 connectivity and functionality.
L3-6
Exercise 2: Using the Lync Server Management Shell

Scenario
In this exercise, you will use the Lync Server Management Shell to provision users for Lync Server 2010 based on their Active Directory group membership. The main tasks for this exercise are as follows: 1. 2. 3. Validate group membership. Enable users for Lync Server 2010. Validate the configuration.
Task 1: Validate group membership.

1. 2. 3. 4. On MIA-DC1, to launch Active Directory Users and Computers, click Start, click Administrative Tools, and then click Active Directory Users and Computers. Expand Fabrikam.com, and then click Executives. Review the Executives group membership. View the members of the Executives OU, notably view Marcel.
Task 2: Enable users for Lync Server 2010.

1. 2. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Management Shell. In the Lync Server Management Shell, type the following command, and then press Enter.
$rootDN = ([adsi]"").distinguishedName
3.
$sipDomain = fabrikam.com
4.
$csPool = 'pool.fabrikam.com'
5.
$group = [adsi]("LDAP://cn=Executives, ou=Executives,"+$rootDN)
6.
$users = $group.member
7.
foreach ($user in $users){Enable-CsUser -Identity $user -RegistrarPool $csPool -SipAddressType SAMAccountName -SipDomain $sipDomain;}
Note: You may have to use trial and error to determine where spaces might be needed or not needed in the above commands.
L3-7
Note: The $sipDomain, $csPool, $group, and $users are all variables in the commands.

1. 2. 3. 4. On MIA-CL1, log on as Fabrikam\marcel with the password of Pa$$w0rd by using a Remote Desktop Connection and by using the same steps at the beginning of this lab. If necessary, click Start, click All Programs, click Microsoft Lync, and then click Microsoft Lync 2010. Verify that Lync logs on by using Marcels credentials. Conduct an IM session with Conor.
Results: After completing this exercise, you should have provisioned users based on an Active Directory attribute, in this case, group membership, by using the Lync Server Management Shell.
L3-8
Exercise 3: Configuring Role-Based Access Control

Scenario
In this exercise, you will grant administrative rights to users and verify that those rights have been applied in accordance with RBAC. The main tasks for this exercise are as follows: 1. 2. 3. Validate user rights. Grant rights to specific users. Validate that RBAC has been applied.
Task 1: Validate user rights.

1. 2. 3. On MIA-CL1, click Start, and then click Internet Explorer. In Internet Explorer, in the address box, type https://admin.fabrikam.com, and then press Enter. At the connection prompt, sign in by using the Fabrikam\Andreas credentials and the password, Pa$$w0rd. 4. Validate that access is denied.
5.
Close Internet Explorer.
Task 2: Grant right to specific users.

1. 2. 3. 4. 5. On MIA-DC1, click Start, click Administrative Tools, and then click Active Directory Users and Computers. In the Active Directory Users and Computers administrative snap-in, in the navigation pane, expand Fabrikam.com, and then click the Users container. In the Results pane, right-click the CSAdministrator group, and then click Properties. On the CSAdministrator Properties page, click the Members tab, and then click Add. On the Select Users, Contacts, Computers, Service Accounts, or Groups page, in the Enter the object names to select box, type Andreas, and then click OK.
L3-9
6. 7.
Back on the CSAdministrator Properties page, click OK. Repeat these steps to add Conor to the CSHelpDesk group.
Task 3: Validate that RBAC has been applied.

1. 2. 3. 4. 5. 6. 7. Validate access is granted and options available in the Lync Server Control Panel. On MIA-CL1, log on to https://admin.fabrikam.com as Andreas and verify access. On MIA-LS1, open Internet Explorer and navigate to https://admin.fabrikam.com; it will automatically sign in as Fabrikam\Administrator. In the upper-right corner, click Sign out. On the Sign out page, click Sign in as a different user. At the Windows Security prompt, in the User name box, type Conor, in the Password box, type Pa$$w0rd, and then click OK. Navigate around and notice what is and what is not available to the CSHelpDesk members as compared to the CSAdministrator group.
Results: After completing this exercise, you should understand RBAC and how basic Active Directory group membership modifies rights within Lync Server 2010.
Important: After this lab, we recommend that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, rightclick, and then click Snapshot.
L3-10
Lab 4: Client and Device Management
L4-1
Module 4: Client and Device Deployment and Management

Lab Scenario
With users configured for Microsoft Lync Server 2010, you have been tasked with deploying devices and clients. The management and security team at Fabrikam Inc. have developed client and device requirements that match company policies. You will create and assign client and device policies at the global, site, and user levels by using the available Lync Server tools to enforce the defined company policies with granular control.

This lab requires the virtual machines running from the previous lab and depends on the completion of Labs 2 and 3. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machine: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd To begin this lab, you must connect to the appropriate virtual machines by using the following steps: 1. 2. On the host computer, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, if the virtual machine 10533A-MIA-DC1.1 is not started: a. b. 3. 4. Right-click 10533A-MIA-DC1.1 and click Start. Right-click 10533A-MIA-DC1.1 and click Connect.
In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing. In the Virtual Machines list, if the virtual machine 10533A-MIA-SQL1.1 is not started: a. b. Right-click 10533A-MIA-SQL1.1 and click Start. Right-click 10533A-MIA-SQL1.1 and click Connect.
5.
6.
7. 8. 9.
10. Click the Local Resources tab, and then under Remote audio, click Settings. 11. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 12. Under Remote audio recording, click Record from this computer, and then click OK. 13. Click the General tab.
L4-2
14. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 15. In the User name box, type Fabrikam\Andreas, and then click Connect. 16. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Connect. 17. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 18. In the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Tip: The longer commands in this lab are already typed up in PS1 files located in C:\LabFiles on MIA-LS1. Not all commands are included.
L4-3
Exercise 1: Creating and Assigning Client Policies

Scenario
In this exercise, you will use Windows PowerShell to create client policies and then use Lync Server Control Panel to assign the policies to selected users. The main tasks for this exercise are as follows: 1. 2. Create client policies by using a PowerShell script. Verify client policy application to users. Important: On all virtual machines, verify whether all of the services set to start automatically have started. Most notably, check the Microsoft Exchange, Microsoft SQL Server, and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Create client policies by using a PowerShell script.

1. 2. 3. Sign out of Lync on the host and MIA-CL1. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Management Shell. In the Lync Server Management Shell, type the following command, and then press Enter.
Set-CsClientPolicy Global -AttendantSafeTransfer: $True BlockConversationFromFederatedContacts: $True -DisableEmoticons: $True EnableHotdesking: $True -HotdeskingTimeout "00:00:30" -IMWarning "Warning: All communications within Fabrikam may be logged and viewed at any time and for any reason. Use of the Fabrikam Instant Messaging Service is a privilege. Abuse of the system may result in loss of said privilege." -Verbose
4.
New-CsClientPolicy site:Miami -Verbose
5.
Set-CsClientPolicy site:Miami -Description "Miami Default Client Policy" EnableClientMusicOnHold: $True -EnableFullScreenVideo: $True -EnableVOIPCallDefault: $True -EnableExchangeContactSync: $True -IMWarning "Warning: All communications within Fabrikam may be logged and viewed at any time and for any reason. Use of the Fabrikam Instant Messaging Service is a privilege. Abuse of the system may result in loss of said privilege." -Verbose
6.
New-CsClientPolicy tag:Executive -Verbose
7.
Set-CsClientPolicy tag:Executive -Description "Fabrikam Executive Client Policy" EnableAppearOffline: $True -EnableClientMusicOnHold: $True -EnableFullScreenVideo: $True -EnableVOIPCallDefault: $True -EnableExchangeContactSync: $True -Verbose
8.
L4-4
Get-CsClientPolicy
Note: This command is not included in the ps1 file. 9. In the Lync Server Management Shell, type the following command, and then press Enter.
$rootDN = ([adsi]"").distinguishedName $sipDomain = 'fabrikam.com' $csPool = 'pool.fabrikam.com' $group = [adsi]("LDAP://cn=Executives, ou=Executives,"+$rootDN) $users = $group.member foreach ($user in $users) { Grant-CsClientPolicy -Identity $user -PolicyName tag:Executive }
Task 2: Verify client policy application to users.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Control Panel. In the Lync Server Control Panel, click Users. In Users, click Find. Double-click Marcel Truempy and verify that his Client policy is set as Executive. Repeat for Conor Cunningham and notice that his should show as Automatic because we didnt explicitly set one for him, he will get the Site policy. On MIA-LS1, review the output showing the Client policies and settings. Notice the IMWarning for the Site:Miami Client policy and for Global. Log on to MIA-CL1 as Marcel with the password, Pa$$w0rd. On the Host, sign in to Lync 2010 as Conor with the password, Pa$$w0rd.
10. Notice that there is an option to appear offline for Marcel, but not Conor. 11. Start an IM session from Marcel to Conor, and notice the IM Warning for only Conor. 12. Start an IM session from Conor to Marcel, and notice the IM Warning for only Conor still. Results: After completing this exercise, you should be able to describe how to create client policies in Lync 2010, how to apply them, and then see the effects of the client policies.
L4-5
Exercise 2: Creating and Assigning Device Policies

Scenario
In this exercise, you will use the Lync Server Management Shell to edit the global and create site device polices. The device policies include PIN and logging requirements, and application of the policies will be simulated. You will also configure the settings for a common area phone. The main tasks for this exercise are as follows: 1. 2. Create and edit device policies by using a PowerShell script. Verify device policy creation.
Task 1: Create and edit device policies by using a PowerShell script.

1. On MIA-LS1, in the Lync Server Management Shell, type the following command, and then press Enter.
New-CsDeviceUpdateConfiguration site:Miami -Verbose
2.
Set-CsDeviceUpdateConfiguration site:Miami -LogCleanUpInterval "7.00:00:00" -Verbose
3.
Set-CsUCPhoneConfiguration Global -EnforcePhoneLock: $True -CalendarPollInterval "00:30:00" -PhoneLockTimeout "00:05:00" -MinPhonePinLength 8 -LoggingLevel: Off Verbose
4.
New-CsUCPhoneConfiguration site:Miami -Verbose
5.
Set-CsUCPhoneConfiguration site:Miami -EnforcePhoneLock: $True -CalendarPollInterval "00:03:00" -PhoneLockTimeout "01:00:00" -MinPhonePinLength 8 -LoggingLevel: Low Verbos
6.
New-CsCommonAreaPhone -LineUri "tel:+14255551000" -SipAddress "sip:MiamiLobby@fabrikam.com" -Description "Lobby Phone in Miami" -DisplayName "Miami Lobby Phone" -DisplayNumber "(425) 555-1000" -OU "cn=Users,dc=fabrikam,dc=com" RegistrarPool "pool.fabrikam.com"
Task 2: Verify device policy creation.

1. 2. 3. 4. On MIA-LS1, in the Lync Server Control Panel, click Clients, and then click the Device Log Configuration tab. View the created Device Log Configuration policies and then compare the new site policy to the global policy. Click the Device Configuration tab. View the created Device Configuration policies, and then compare the new Site policy to that of the Global policy.
L4-6
5.
Get-CsCommonAreaPhone | FL
Note: This command is not included in the ps1 file. 6. Notice the new Lobby Phone in Miami and its configured settings.
Results: After completing this exercise, you should have created device policies and edited the Global policies by using a PowerShell script. This script also configured a new common area phone.
L4-7
Exercise 3: Configuring a Device Update

Scenario
In this exercise, you will use the Lync Server Management Shell to import a Device Update .cab file. After the file has been imported, you will create a Test Device policy prior to approving the update. The main tasks for this exercise are as follows: 1. 2. 3. Import a Device Update .cab file. Create a Test Device policy. Approve the device updates.
Task 1: Import a Device Update .cab file.

1. 2. 3. 4. 5. On MIA-LS1, in C:\LabFiles, double-click UCUpdates.exe. On the End-User License Agreement page, accept the terms, and then click Next. On the Specify file path page, click Browse, navigate to C:\, and then click Next. On the Successfully extracted page, click Finish. In the Lync Server Management Shell, type the following command from the C:\LabFiles directory, and then press Enter.
Import-CsDeviceUpdate -Identity webserver:pool.fabrikam.com -FileName "c:\ucupdates.cab"
6. 7. 8.
In the Lync Server Control Panel, click Clients. Click the Device Update tab. Notice the newest .cab files waiting to be approved. If they do not appear, click Refresh.
Task 2: Create a Test Device policy.

1. 2. 3. 4. 5. 6. In the Lync Server Control Panel, click the Test Device tab. On the Test Device tab, click New, and then click Site test device. On the Select a Site window, click Miami, and then click OK. On the New Test Device-Miami page, in the Device name box, type Test Tanjay. Under Identifier type, click Serial number. In the Unique identifier box, type 1111111111 (this is ten ones), and then click Commit.
L4-8
Task 3: Approve the device updates.

1. 2. 3. 4. In the Lync Server Control Panel, click Clients. Click the Device Update tab. On the Device Update tab, click the Edit drop-down menu, and then click Select All. On the Device Update tab, click the Action drop-down menu, and then click Approve.
Results: After completing this exercise, you should have learned how to install a new device update file, how to load it into Lync Server, how to test it on a specific device, and then how to approve it for all devices. Important: After this lab, we recommend that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, right-click, and then click Snapshot.
Lab 5: Deploying External User Access
L5-1
Module 5: External User Access

Lab Scenario
You are the Network Administrator for Fabrikam, Inc. and have been tasked with installing the Microsoft Lync 2010 Edge server into your existing infrastructure to provide remote access to external users for web conferencing, A/V, audio conferencing, and presence. Your Edge deployment must also provide access to public IM services for your internal users. In this lab, you will: 1. 2. 3. 4. 5. Reconfigure the current Lync Server 2010 Lab topology to include an Edge server and related components by using the Topology Builder. Export the Lync Server configuration to the Edge server. Deploy the Edge server role. Configure the External Access policy and Access Edge configuration. Test and verify external user access to the services offered.
Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.
L5-2

For Labs 5 through 15, a new set of virtual machines will be used and they are split between the two Hyper-V hosts in the pod. They include: 10533A-MIA-DC1.2 10533A-MIA-SQL1.2 10533A-MIA-ED1.2 10533A-ROM-LS2.2
L5-3
10533A-ROM-CL3.2 10533A-INT-CL4.2 10533A-MIA-LS1.2 10533A-MIA-AM1.2 10533A-RED-SBS1.2 10533A-MIA-CL1.2 10533A-RED-CL2.2 10533A-MIA-RAS1.2
Before you start any virtual machines, verify that the set 1 virtual machines are completely shut down and off. For this lab, use the Hyper-V Manager to start and connect to the 10533A-MIA-DC1.2 virtual machine on Host1 and wait for it to completely start up. Next, start 10533A-MIA-RAS1.2 on the Host2 and wait for it to completely start up. When both of these machines have completely started, start the rest of the set 2 virtual machines on both Host1 and Host2. Host1: 10533A-MIA-SQL1.2 10533A-MIA-ED1.2 10533A-ROM-LS2.2 10533A-ROM-CL3.2 10533A-INT-CL4.2
Host2: 10533A-MIA-LS1.2 10533A-MIA-AM1.2 10533A-RED-SBS1.2 10533A-MIA-CL1.2 10533A-RED-CL2.2
The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
To begin this lab, you must connect to the appropriate virtual machines by using the following steps: 1. 2. 3. On Host1, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, right-click 10533A-MIA-DC1.2 and click Start. Right-click 10533A-MIA-DC1.2 and click Connect.
L5-4
4. 5. 6. 7. 8. 9.
In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing. On Host2, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, right-click 10533A-MIA-RAS1.2 and click Start. Right-click 10533A-MIA-RAS1.2 and click Connect. In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing. On Host1, in the Virtual Machines list, right-click 10533A-MIA-SQL1.2 and click Start.
10. Right-click 10533A-MIA-SQL1.2 and click Connect. 11. On Host1, in the Virtual Machines list, right-click 10533A-ROM-LS2.2 and click Start. 12. Right-click 10533A-ROM-LS2.2 and click Connect. 13. On Host1, in the Virtual Machines list, right-click 10533A-MIA-ED1.2 and click Start. 14. Right-click 10533A-MIA-ED1.2 and click Connect. 15. On Host1, in the Virtual Machines list, right-click 10533A-ROM-CL3.2 and click Start. 16. Right-click 10533A-ROM-CL3.2 and click Connect. 17. On Host1, in the Virtual Machines list, right-click 10533A-INT-CL4.2 and click Start. 18. Right-click 10533A-INT-CL4.2 and click Connect. 19. On Host2, in the Virtual Machines list, right-click 10533A-MIA-LS1.2 and click Start. 20. Right-click 10533A-MIA-LS1.2 and click Connect. 21. On Host2, in the Virtual Machines list, right-click 10533A-MIA-AM1.2 and click Start. 22. Right-click 10533A-MIA-AM1.2 and click Connect. 23. On Host2, in the Virtual Machines list, right-click 10533A-RED-SBS1.2 and click Start. 24. Right-click 10533A-RED-SBS1.2 and click Connect. 25. On Host2, in the Virtual Machines list, right-click 10533A-MIA-CL1.2 and click Start. 26. Right-click 10533A-MIA-CL1.2 and click Connect. 27. On Host2, in the Virtual Machines list, right-click 10533A-RED-CL2.2 and click Start. 28. Right-click 10533A-RED-CL2.2 and click Connect. 29. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 30. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 31. In the Remote Desktop Connection window, click Options. 32. Click the Local Resources tab, and then under Remote audio, click Settings. 33. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 34. Under Remote audio recording, click Record from this computer, and then click OK. 35. Click the General tab. 36. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 37. In the User name box, type Fabrikam\Andreas, and then click Connect. 38. On the Remote Desktop Connection page, click Connect.
L5-5
39. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 40. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 41. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 42. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 43. In the Remote Desktop Connection window, click Options. 44. Click the Local Resources tab, and then under Remote audio, click Settings. 45. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 46. Under Remote audio recording, click Record from this computer, and then click OK. 47. Click the General tab. 48. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 49. In the User name box, type Fabrikam\Tzipi, and then click Connect. 50. On the Remote Desktop Connection page, click Connect. 51. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 52. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 53. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 54. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 55. In the Remote Desktop Connection window, click Options. 56. Click the Local Resources tab, and then under Remote audio, click Settings. 57. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 58. Under Remote audio recording, click Record from this computer, and then click OK. 59. Click the General tab. 60. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 61. In the User name box, type Fabrikam\Marcel, and then click Connect. 62. On the Remote Desktop Connection page, click Connect. 63. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 64. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 65. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 66. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 67. In the Remote Desktop Connection window, click Options. 68. Click the Local Resources tab, and then under Remote audio, click Settings. 69. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 70. Under Remote audio recording, click Record from this computer, and then click OK. 71. Click the General tab.
L5-6
72. Under Logon settings, in the Computer box, type int-cl4. 73. In the User name box, type INT-CL4\Administrator, and then click Connect. 74. On the Remote Desktop Connection page, click Connect. 75. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 76. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2, and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
Note: If the virtual machines are reporting that they need to be activated, run slmgr.vbs rearm from a command prompt, and then reboot the server.
L5-7
Exercise 1: Configuring the Topology for External Access

Scenario
Define a new Edge server topology to allow remote access for your users and federated partners for conferencing, A/V, and SIP, as well as provide public IM connectivity. Using Topology Builder, download the current virtual Lync Server deployment, add the Edge server, and define the services. Then publish the new topology into the central management store. Export the new topology, so that it can be used to configure and install the Edge server. The main tasks for this exercise are as follows: 1. 2. Add the new Edge server to the existing topology. Export the new topology.
Task 1: Add the new Edge server to the existing topology.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Topology Builder. On the Welcome to Topology Builder page, select Download Topology from existing deployment and then click OK. On the Save Topology As window, navigate to the desktop and save the topology as Lab5.tbxml. In the Topology Builder, expand Lync Server 2010, expand Miami, and then click Edge Pools. Right-click Edge Pools, and then click New Edge Pool. On the Define the New Edge Pool page, click Next. On the Define the Edge pool FQDN page, in the Pool FQDN box, type mia-ed1.fabrikam.com. Click Single computer pool, and then click Next. On the Select features page, read the list of features, click Enable federation (port 5061), and then click Next.
10. On the External FQDNs page, in the SIP Access box, type sip.fabrikam.com and leave the port as 443. 11. In the Web Conferencing box, type webconf.fabrikam.com and leave the port as 443. 12. In the Audio/Video box, type avconf.fabrikam.com, leave the port as 443, and then click Next. 13. On the Define the internal IP address page, in the Internal IP address box, type 10.0.10.14, and then click Next. 14. On the Define the external IP address page, in the SIP Access box, type 172.16.10.100. 15. In the Web Conferencing box, type 172.16.10.101. 16. In the A/V Conferencing box, type 172.16.10.102, and then click Next. 17. On the Define the next hop page, in the Next hop pool drop-down list, click mia-ls1.fabrikam.com Miami, and then click Next.
L5-8
18. On the Associate Front End pools page, select the mia-ls1.fabrikam.com, red-sbs1.fabrikam.com, and rom-ls2.fabrikam.com check boxes, and then click Finish. 19. In the Topology Builder, right-click Miami, and then click Edit Properties. 20. Under Site federation route assignment, click Enable. 21. In the drop-down list, click mia-ed1.fabrikam.com Miami Edge, and then click OK. 22. In the Topology Builder, right-click Lync Server 2010, and then click Publish Topology. 23. On the Publish the topology page, click Next. 24. On the Publishing wizard complete page, verify that all steps show as Success, and then click Finish.
Task 2: Export the new topology.

Export-CsConfiguration FileName C:\Config.zip
3. 4.
On mia-ed1, open Windows Explorer and navigate to \\mia-ls1\c$. Copy \\mia-ls1\c$\Config.zip to C:\LabFiles.
Results: After completing this exercise, you should have defined a new Edge Pool, defined internal and external FQDNs and IP addresses, and then published the topology. You should have also exported the configuration for Edge Server role deployment.
L5-9
Exercise 2: Deploying Edge Server and Configuring Remote Access

Scenario
Using the Lync Server Deployment Wizard, define and install the Edge server roles. Configure certificates and start the Edge services. The Lync Server 2010 setup files are located on the Edge server in C:\LabFiles\LS2010. The main tasks for this exercise are as follows: 1. 2. 3. 4. Install the Edge server role. Request and assign certificates. Start the Lync Server Edge services. Create the necessary Edge DNS records.
Task 1: Install the Edge server role.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-ED1, right-click Start, and then click Open Windows Explorer. Navigate to C:\LabFiles\LS2010\Setup\amd64, and then double-click Setup.exe. Wait a few moments for setup to start. On the Installation Location page, leave the default location and click Install. On the License Agreement page, select the I accept the terms in the license agreement check box, and then click OK. On the Lync Server 2010 - Deployment Wizard page, click Install or Update Lync Server System. On the Lync Server 2010 - Deployment Wizard page, next to Step 1: Install Local Configuration Store, click Run. On the Configure Local Replica of Central Management Store page, verify that Import from a file is selected, and then click Browse. Navigate to C:\LabFiles, select Config.zip, click Open, and then click Next.
10. On the Executing Commands page, when the Task Status shows as Completed, click Finish. 11. On the Lync Server 2010 - Deployment Wizard page, next to Step 2: Setup or Remove Lync Server Components, click Run. 12. On the Setup Lync Server components page, click Next. 13. On the Executing Commands page, when the Task Status shows as Completed, click Finish.

Note: For the Lab environment and the virtual topology, you will use private certificates from the internal CA, requesting them real time during Lync Server setup. The internal CA is MIADC1.Fabrikam.com\FabrikamCA. If your certificate request fails or is denied, restart the Active Directory Certificate Services on MIA-DC1 and retry the request steps in this section. 1. 2. 3. On MIA-ED1, on the Lync Server 2010 - Deployment Wizard page, next to Step 3: Request, Install or Assign Certificates, click Run. In the Certificate Wizard window, verify that Edge Internal is selected, and then click Request. On the Certificate Request page, click Next.
L5-10
4. 5. 6. 7. 8. 9.
On the Delayed or Immediate Requests page, verify that Send the request immediately to an online certification authority is selected, and then click Next. On the Choose a Certification Authority (CA) page, in the Specify another certification authority box, type MIA-DC1.Fabrikam.com\FabrikamCA, and then click Next. On the Certification Authority Account page, clear the Specify alternate credentials for the certification authority check box, and then click Next. On the Specify Alternate Certificate Template page, leave the check box clear, and then click Next. On the Name and Security Settings page, in the Friendly Name box, type MIA-ED1 Internal Cert, verify that the Bit Length is 2048, and then click Next. On the Organization Information page, in the Organization box, type Fabrikam Corporation.
10. In the Organizational Unit box, type IT, and then click Next. 11. On the Geographical Information page, in the Country/Region drop-down list, click United States. 12. In the State/Province box, type Florida. 13. In the City/Locality box, type Miami, and then click Next. 14. On the Subject Name/Subject Alternate Names page, review the Subject Name that is automatically populated, and then click Next. 15. On the Configure Additional Subject Alternate Names page, leave the fields blank and then click Next. 16. On the Certificate Request Summary page, click Next. 17. On the Executing Commands page, when the Task Status shows as Completed, click Next. 18. On the Online Certificate Request Status page, verify that the Assign this certificate to Lync Server certificate usages check box is selected, and then click Finish. 19. The Certificate Assignment wizard will open automatically. 20. On the Certificate Assignment page, click Next. 21. On the Certificate Assignment Summary page, click Next. 22. On the Executing Commands page, when the Task Status shows as Completed, click Finish. 23. Back on the Certificate Wizard, under Certificate, click External Edge certificate (public internet), and then click Request. 24. On the Certificate Request page, click Next. 25. On the Delayed or Immediate Requests page, verify that Send the request immediately to an online certification authority is selected, and then click Next. 26. On the Choose a Certification Authority (CA) page, verify that MIA-DC1.Fabrikam.com\FabrikamCA is listed, and then click Next. 27. On the Certification Authority Account page, clear the Specify alternate credentials for the certification authority check box, and then click Next. 28. On the Specify Alternate Certificate Template page, leave the check box clear, and then click Next. 29. On the Name and Security Settings page, in the Friendly Name box, type MIA-ED1 External Cert, verify that the Bit Length is 2048, and then click Next. 30. On the Organization Information page, in the Organization box, type Fabrikam Corporation. 31. In the Organizational Unit box, type IT, and then click Next.
L5-11
32. On the Geographical Information page, in the Country/Region drop-down list, click United States. 33. In the State/Province box, type Florida. 34. In the City/Locality box, type Miami, and then click Next. 35. On the Subject Name/Subject Alternate Names page, review the Subject Name and Subject Alternate Names automatically populated, and then click Next. 36. On the SIP Domain setting on Subject Alternate Names (SANs) page, select the Fabrikam.com check box, and then click Next. 37. On the Configure Additional Subject Alternate Names page, leave the fields blank and click Next. 38. On the Certificate Request Summary page, click Next. 39. On the Executing Commands page, when the Task Status shows as Completed, click Next. 40. On the Online Certificate Request Status page, verify that the Assign this certificate to Lync Server certificate usages check box is selected, and then click Finish. 41. The Certificate Assignment wizard will open automatically. 42. On the Certificate Assignment page, click Next. 43. On the Certificate Assignment Summary page, click Next. 44. On the Executing Commands page, when the Task Status shows as Completed, click Finish. 45. Back on the Certificate Wizard, click the down arrow next to External Edge certificate (public Internet), verify that Sip Access Edge external, Web Conferencing Edge external, and A/V Edge external show a Status of Assigned, and then click Close.
Task 3: Start the Lync Server Edge services.

1. 2. 3. 4. On MIA-ED1, on the Lync Server 2010 Deployment Wizard page, next to Step 4: Start Services, click Run. On the Start Services page, click Next. Wait a few minutes for the services to start. On the Executing Commands page, when the Task Status shows as Completed, click Finish.
Task 4: Create the necessary Edge DNS records.

You now need to create the necessary DNS records for external user access. The MIA-RAS1 virtual machine is acting as the public DNS server for this environment and is where you will create the records. 1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-RAS1, click Start, click Administrative Tools, and then click DNS. In the DNS Manager, expand MIA-RAS1, expand Forward Lookup Zones, and then click Fabrikam.com. Right-click Fabrikam.com, and then click New Host (A or AAAA). In the New Host window, in the Name box, type sip. In the IP address box, type 172.16.10.100, and then click Add Host. At the DNS prompt, click OK. In the New Host window, in the Name box, type webconf. In the IP address box, type 172.16.10.101, and then click Add Host. At the DNS prompt, click OK.
L5-12
10. In the New Host window, in the Name box, type avconf. 11. In the IP address box, type 172.16.10.102, and then click Add Host. 12. At the DNS prompt, click OK, and then click Done. 13. Right-click Fabrikam.com, and then click Other New Records. 14. In Select a resource record type, click Service Location (SRV), and then click Create Record. 15. In the Service box, type _sipexternaltls. 16. In the Protocol box, type _tcp. 17. Leave the Priority and Weight entries as their defaults. 18. In the Port Number box, type 443. 19. In the Host offering this service box, type sip.fabrikam.com, and then click OK. 20. Click Done. 21. Right-click Fabrikam.com, and then click Other New Records. 22. In Select a resource record type window, click Service Location (SRV), and then click Create Record. 23. In the Service box, type _sipfederationtls. 24. In the Protocol box, type _tcp. 25. Leave the Priority and Weight entries as their defaults. 26. In the Port Number box, type 5061. 27. In the Host offering this service box, type sip.fabrikam.com, and then click OK. 28. Click Done. 29. Right-click Fabrikam.com, and then click Other New Records. 30. In Select a resource record type window, click Service Location (SRV), and then click Create Record. 31. In the Service box, type _sip. 32. In the Protocol box, type _tls. 33. Leave the Priority and Weight entries as their defaults. 34. In the Port Number box, type 443. 35. In the Host offering this service box, type sip.fabrikam.com, and then click OK. 36. Click Done and close DNS Manager. Results: After completing this exercise, you should have gone through the process of moving an exported local configuration store to an Edge server, and then deploying the Edge server role. You will have also created the necessary public DNS records.
L5-13
Exercise 3: Testing and Verifying External User Access

Scenario
You will now test and verify external user access by using Microsoft Lync 2010 on the external client virtual machine. You will also verify that remote access is available for IM, presence, web, and A/V conferencing. The main tasks for this exercise are as follows: 1. 2. Grant rights to external user access. Test external user access.
Task 1: Grant rights to external user access.

1. 2. 3. 4. 5. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Control Panel. On the Select URL prompt, click https://mia-ls1.fabrikam.com/Cscp, and then click OK. In the Lync Server Control Panel, in the navigation pane, click External User Access. On the External Access Policy, double-click Global. On the Edit External Access Policy - Global page, select the Enable communications with federated users, Enable communications with remote users, and Enable communications with public users check boxes, and then click Commit. Click the Access Edge Configuration tab. Double-click Global. On the Edit Access Edge Configuration page, select the Enable federation, Enable partner domain discovery, Enable remote user access, and Enable anonymous user access to conferences check boxes, and then click Commit.
6. 7. 8.
Task 2: Test external user access.

1. 2. 3. 4. On MIA-CL1, ensure you are logged on to Microsoft Lync as Andreas@Fabrikam.com. On RED-CL2, ensure you are logged on to Microsoft Lync as Tzipi@Fabrikam.com. On ROM-CL3, ensure you are logged on to Microsoft Lync as Marcel@Fabrikam.com. On INT-CL4, log on to the VM as INT-CL4\Administrator.
Note: The local administrator profile is setup for Ebru Ersan. 5. 6. 7. 8. 9. On INT-CL4, the external client, click Start, click All Programs, click Microsoft Lync, and then click Microsoft Lync 2010. Log on to Microsoft Lync as Ebru@Fabrikam.com, Fabrikam\Ebru with the password of Pa$$w0rd. On the Microsoft Lync 2010 start here page, click the X in the upper-right corner to close the tutorial. In Lync, initiate an IM conversation to Andreas. On the other clients, add the other users as contacts as well.
10. Verify that you can see each others presence and can initiate IM conversations in both directions. 11. In the IM conversation between Ebru and Andreas, add Tzipi to the conversation to test web conferencing and determine what features are available, such as:
L5-14
Desktop sharing Application sharing Adding audio
Note: This environment does not have an HTTP Reverse Proxy, so not all features will be available. Results: After completing this exercise, you should have tested and verified your Edge server deployment by logging on to Lync from an external client and testing IM and Presence, as well as web and A/V conferencing.
Lab 6: Configuring Basic Enterprise Voice Functionality
L6-1
Module 6: Configuring Basic Enterprise Voice Functionality

Lab Scenario
During this lab, you will perform several tasks related to configuring Microsoft Lync Server 2010 Enterprise Voice. You will use the Topology Builder to add the necessary PSTN Endpoints and then publish the new topology. Then you will begin Lync Server Enterprise Voice deployment by creating three Dial Plans and a series of Normalization Rules for the two sites and the branch site. In this lab you will: 1. 2. 3. 4. Edit the topology to include the PSTN gateways. Publish the new topology. Create Dial Plans for Miami, Redmond, and Rome. Create Normalization Rules for the three dial plans.
As the administrator for Fabrikam, you want to deploy Enterprise Voice at the Miami, Rome, and Redmond sites. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

This lab requires the virtual machines running from the previous lab and depends on the completion of Lab 5. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
To begin this lab, you must connect to the appropriate virtual machines by using the following steps: 1. 2. On Host1, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, if the virtual machine 10533A-MIA-DC1.2 is not running: a. b. c. Right-click 10533A-MIA-DC1.2 and click Start. Right-click 10533A-MIA-DC1.2 and click Connect. In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing.
L6-2
3. 4.
5.
6.
7.
8.
9.
L6-3
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings. 19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 23. In the User name box, type Fabrikam\Andreas. and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect.
L6-4
49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box and then click Yes. Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2, and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
L6-5
L6-6
Exercise 1: Configuring the Topology for Enterprise Voice

Scenario
In this exercise, you will configure PSTN gateways for Miami, Rome, and Redmond. They will all point to the PSTN emulator running on MIA-CL1. The steps involved are: 1. 2. 3. Create new PSTN gateways for Miami, Rome, and Redmond. Configure the PSTN IP Addresses of the Front End Servers. Publish the new topology.
Important: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Create new PSTN gateways for Miami, Rome, and Redmond.
1. 2. 3. 4. 5. 6. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Topology Builder. On the Topology Builder page, click Download topology from existing deployment, and then click OK. In the Save Topology As window, save the file on the Desktop as Fabrikam with EV.tbxml, and then click Save. In the Topology Builder, expand Miami, and then click PSTN Gateways. Right-click PSTN Gateways, and then click New IP/PSTN Gateway. On the Define New IP/PSTN Gateway page, use the following information to create the gateway, and then click OK. Value 1.1.1.1 5060 TCP
Wizard Step Gateway FQDN or IP Address Listening port for IP/PSTN gateway SIP Transport Protocol 7. 8. 9.
On MIA-LS1, in the Topology Builder, expand Rome, and then click PSTN Gateways. Right-click PSTN Gateways, and then click New IP/PSTN Gateway. On the Define New IP/PSTN Gateway page, use the following information to create the gateway, and then click OK. Value 1.1.1.3 5060 TCP
Wizard Step Gateway FQDN or IP Address Listening port for IP/PSTN gateway SIP Transport Protocol
10. On MIA-LS1, in the Topology Builder, under Miami, expand Branch sites, expand Redmond, and then click PSTN Gateways.
L6-7
11. Right-click PSTN Gateways, and then click New IP/PSTN Gateway. 12. On the Define New IP/PSTN Gateway page, use the following information to create the gateway and then click OK. Wizard Step Gateway FQDN or IP Address Listening port for IP/PSTN gateway SIP Transport Protocol Value 1.1.1.2 5060 TCP
Task 2: Configure the PSTN IP addresses for the Front End Servers.
1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Topology Builder, under Miami, expand Standard Edition Front End Servers. Right-click MIA-LS1.Fabrikam.com, and then click Edit Properties. On the Edit Properties page, under General, click Limit service usage to selected IP addresses. In the Primary IP address box, type 10.0.10.12. In the PSTN IP address box, type 1.1.1.12. Scroll-down to Mediation Server, and if not already selected, select the Enable TCP port check box. Next to Listening ports, in the TCP box, type 5060. In the lower box, select the 1.1.1.1 gateway, click Add, and then click OK. In the Topology Builder, under Rome, expand Standard Edition Front End Servers.
10. Right-click ROM-LS2.Fabrikam.com, and then click Edit Properties. 11. On the Edit Properties page, under General, click Limit service usage to selected IP addresses. 12. In the Primary IP address box, type 10.0.30.12. 13. In the PSTN IP address box, type 1.1.3.12. 14. Scroll-down to Mediation Server and if not already checked, select the Enable TCP port check box. 15. Next to Listening ports, in the TCP box, type 5060. 16. In the lower box, select the 1.1.1.3 gateway, click Add, and then click OK. 17. In the Topology Builder, under Miami, expand Branch Sites, expand Redmond, and then expand Survivable Branch Appliances. 18. Right-click RED-SBS1.Fabrikam.com, and then click Edit Properties. 19. On the Edit Properties page, under the General section, click Limit service usage to selected IP addresses. 20. In the Primary IP address box, type 10.0.20.12. 21. In the PSTN IP address box, type 1.1.2.12. 22. Scroll-down to Mediation Server, and if not already selected, select the Enable TCP port check box. 23. Next to Listening ports, in the TCP box, type 5060. 24. In the lower box, select the 1.1.1.2 gateway, click Add, and then click OK.
L6-8
Task 3: Publish the new topology.

1. 2. 3. On MIA-LS1, in the Topology Builder, right-click Lync Server 2010, and then click Publish Topology. On the Publish the Topology page, click Next. On the Publishing wizard complete page, verify that all of the steps show as Success, and then click Finish.
Results: After completing this exercise, you should have configured the topology for Enterprise Voice by configuring PSTN Gateways and limiting service usages to specific IP addresses on all of the front end servers, and then publishing the new topology.
L6-9
Exercise 2: Configuring Lync Server 2010 Enterprise Voice

In this exercise, you will configure Lync Server 2010 Enterprise Voice Dial Plans and Normalization Rules. The steps involved are:
1. 2. 3. 4. Create dial plans for Miami, Rome, and Redmond. Create normalization rules for the Miami location. Create normalization rules for the Rome location. Create normalization rules for the Redmond location.
Task 1: Create dial plans for Miami, Rome, and Redmond.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Control Panel. On the Select URL prompt, select https://mia-ls1.fabrikam.com/Cscp and then click OK. In the Lync Server Control Panel, click Voice Routing. On the Dial Plan tab, click New, and then click Site dial plan. On the Select a Site page, click Miami, and then click OK. In the Simple Name box, type Miami.Fabrikam.com, and then click OK. On the Dial Plan tab, click New, and then click Site dial plan. On the Select a Site page, click Redmond, and then click OK. In the Simple Name box, type Redmond.Fabrikam.com, and then click OK.
10. On the Dial Plan tab, click New, and then click Site dial plan. 11. On the Select a Site page, click Rome, and then click OK. 12. In the Simple Name box, type Rome.Fabrikam.com, and then click OK.
Task 2: Create normalization rules for the Miami location.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, on the Dial Plan tab, double-click Miami. Under Associated Normalization Rules, click the Prefix All rule, and then click Remove. Under Associated Normalization Rules, click New. On the New Normalization Rule page, in the Name box, type Fabrikam US Operator. In the Starting Digits box, type 0. In the Length drop-down list, click Exactly. In the Length box, type or select 1. In the Digits to remove box, type or select 1. In the Digits to add box, type +13055552009.
10. In the Dialed number to test box, type 0, and then click Go. 11. Verify that +13055552009 appears in next to Normalized number: 12. Click OK to close the New Normalization Rule page. 13. Repeat steps 3-12 to create the following additional rules. Use the up and down arrows to make sure they are in the order shown in the table.
L6-10
Miami
Name Fabrikam US Operator Fabrikam Italy Operator Miami 4 Digit Internal Redmond 4 Digit Internal Rome 4 Digit Internal Miami 7 Digit Starting Digits 0 Length Exactly 1 Digits to Remove Digits to Add 1 +13055552009 Test 0 to +13055552009 9 Exactly 1 1 +390655554005 9 to +390655554005 2 Exactly 4 0 +1305555 2001 to +13055552001 3 Exactly 4 0 +1425555 3001 to +14255553001 4 Exactly 4 0 +39065555 4001 to +390655554001 Exactly 7 0 +1305 5552001 to +13055552001 US 10 Digit Exactly 10 0 +1 3055552001 to +13055552001 US 11 Digit Long Distance US International 1 Exactly 11 0 + 13055552001 to +13055552001 011 At Least 5 3 + 011390655554001 to +390655554001 14. When finished, click OK on the Edit Dial Plan Miami page.
Task 3: Create normalization rules for the Rome location.

1. 2. 3. 4. On MIA-LS1, in the Lync Server Control Panel, on the Dial Plan tab, double-click Rome. Under Associated Normalization Rules, click the Prefix All rule, and then click Remove. Under Associated Normalization Rules, click Select. In the Select Normalization Rules window, press and hold the Ctrl key, select Fabrikam US Operator, Fabrikam Italy Operator, Miami 4 Digit Internal, Redmond 4 Digit Internal, and Rome 4 Digit Internal, and then click OK. Under Associated Normalization Rules, click New. On the New Normalization Rule page, in the Name box, type Rome Local and National. In the Starting digits box, type 0[1-9]. In the Length drop-down list, click At least. In the Length box, type or select 8.
5. 6. 7. 8. 9.
L6-11
10. In the Digits to remove box, type or select 2. 11. In the Digits to add box, type + 12. In the Dialed number to test box, type 0554395001, and then click Go. 13. Verify that +54395001 appears in next to Normalized number: 14. Click OK to close the New Normalization Rule page. 15. Repeat steps 4-14 to create the Rome International rule for Rome. Use the up and down arrows to make sure they are in the order shown in the table below.
Rome
Name Fabrikam US Operator Fabrikam Italy Operator Miami 4 Digit Internal Redmond 4 Digit Internal Rome 4 Digit Internal Starting Digits 0 Length Exactly 1 Digits to Remove Digits to Add 1 +13055552009 Test 0 to +13055552009 9 Exactly 1 1 +390655554005 9 to +390655554005 2 Exactly 4 0 +1305555 2001 to +13055552001
Exactly 4
+1425555
3001 to +14255553001
Exactly 4
+39065555
4001 to +390655554001
Rome Local and 0[1-9] National Rome International 00
At Least 8
0554395001 +54395001
At Least 4
0013055552001 to +13055552001
16. When finished, click OK on the Edit Dial Plan Rome page.
Task 4: Create normalization rules for the Redmond location.

1. 2. 3. 4. On MIA-LS1, in the Lync Server Control Panel, on the Dial Plan tab, double-click Redmond. Under Associated Normalization Rules, click the Prefix All rule, and then click Remove. Under Associated Normalization Rules, click Select. On the Select Normalization Rules window, press and hold the Ctrl key, select Fabrikam US Operator, Fabrikam Italy Operator, Miami 4 Digit Internal, Redmond 4 Digit Internal, Rome 4 Digit Internal, US 10 Digit, US 11 Digit Long Distance, and US International, and then click OK. Under Associated Normalization Rules, click New. In the New Normalization Rule page, in the Name box, type Redmond 7 Digit Local.
5. 6.
L6-12
7. 8. 9.
In the Length drop-down list, click Exactly. In the Length box, type or select 7. In the Digits to remove box, type or select 0.
10. In the Digits to add box, type +1425. 11. In the Dialed number to test box, type 5553001, and then click Go. 12. Verify that +14255553001 appears in next to Normalized number: 13. Click OK to close the New Normalization Rule page. 14. Use the up and down arrows to make sure they are in the order shown in the table.
Redmond
Name Fabrikam US Operator Fabrikam Italy Operator Miami 4 Digit Internal Redmond 4 Digit Internal Rome 4 Digit Internal Redmond 7 Digit Local US 10 Digit Starting Digits Length 0 Exactly 1 Digits to Remove Digits to Add 1 +13055552009 Test 0 to +13055552009 9 Exactly 1 1 +390655554005 9 to +390655554005 2 Exactly 4 0 +1305555 2001 to +13055552001
Exactly 4
+1425555
3001 to +14255553001
Exactly 4
+39065555
4001 to +390655554001
Exactly 7
+1425
5553001 to +14255553001
Exactly 10
+1
4255553001 to +14255553001
US 11 Digit Long Distance US International
Exactly 11
14255553001 to +14255553001
011
At Least 5
011390655554001 to +390655554001
15. When finished, click OK on the Edit Dial Plan Redmond page. 16. Click the Commit drop-down menu, and then click Commit All. 17. In the Uncommitted Voice Configuration Settings window, click Commit. 18. Close the Successfully published voice routing configuration message window.
L6-13
Results: After completing this exercise, you should have created new user dial plans for Miami, Redmond and Rome, as well as normalization rules for each dial plan.
Important: After this lab we recommend that you take a snapshot of all running virtual machines before starting the next lab. To do so, in Hyper-V Manager, highlight all running virtual machines, rightclick and then click Snapshot.
L6-14
Lab 7: Implementing Enterprise Voice
L7-1
Module 7: Extending Enterprise Voice Functionality

Lab Scenario
Building on the current voice implementation of Microsoft Lync Server 2010, the management has decided to configure and enable additional Enterprise Voice features to the company. In this lab, you will configure the policies, PSTN usages, routes, and trunk options, create and configure a call park orbit, and configure the unassigned number feature. After configuring the voice features, you will test and verify their setup. IMPORTANT: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

This lab requires the virtual machines running from the previous lab and depends on the completion of Lab 5 and 6. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
5.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-MIA-SQL1.2 is not running: a. Right-click 10533A-MIA-SQL1.2 and click Start.
L7-2
b. 6.
7.
8.
9.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings. 19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com.
L7-3
23. In the User name box, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it.
L7-4
56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
L7-5
L7-6
Exercise 1: Configuring Voice Policies and PSTN Usages

In this exercise, you will create various voice policies and PSTN usages for each site. You will create two user voice policies for each site, one that allows long international calls and one that allows long distance calls. You will then create a site voice policy that is more restricted and will only allow local calls. The steps involved are: 1. 2. 3. Create the Miami voice policies and PSTN usages. Create the Redmond voice policies and PSTN usages. Create the Rome voice policies and PSTN usages.
IMPORTANT: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, Microsoft SQL Server and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Create the Miami voice policies and PSTN usages.

1. 2. 3. 4. 5. 6. 7. On MIA-LS1, in Lync Server Control Panel, click Voice Routing, and then click the Voice Policy tab. Click New, and then click User policy. In the Name box, type Miami International. Select the Enable malicious call tracing check box. Under Associated PSTN Usages, click New. On the New PSTN Usage Record page, in the Name box, type Miami Local, and then click OK. Repeat steps 5 and 6 to create two more PSTN usages with the same settings by using the following names: 8. 9. Miami Long Distance Miami International
On the New Voice Policy page, click OK. Click New, and then click User policy.
10. In the Name box, type Miami Long Distance. 11. Select the Enable malicious call tracing check box. 12. Under Associated PSTN Usages, click Select. 13. On the Select PSTN Usage Record page, press and hold the Ctrl key, select the following PSTN usages, and then click OK: Miami Local Miami Long Distance
14. On the New Voice Policy page, click OK. 15. Click New, and then click Site policy. 16. On the Select a site page, select Miami, and then click OK. 17. Select the Enable malicious call tracing check box.
L7-7
18. Under Associated PSTN Usages, click Select. 19. On the Select PSTN Usage Record page, click Miami Local, and then click OK. 20. On the New Voice Policy - Miami page, click OK.
Task 2: Create the Redmond voice policies and PSTN usages.

1. 2. 3. 4. 5. 6. On MIA-LS1, in the Lync Server Control Panel, click New, and then click User policy. In the Name box, type Redmond International. Select the Enable malicious call tracing check box. Under Associated PSTN Usages, click New. On the New PSTN Usage Record page, in the Name box, type Redmond Local, and then click OK. Repeat steps 4 and 5 to create two more PSTN usages with the same settings by using the following names: 7. 8. 9. Redmond Long Distance Redmond International
On the New Voice Policy page, click OK. Click New, and then click User policy. In the Name box, type Redmond Long Distance.
10. Select the Enable malicious call tracing check box. 11. Under Associated PSTN Usages, click Select. 12. On the Select PSTN Usage Record page, press and hold the Ctrl key, select the following PSTN usages, and then click OK: Redmond Local Redmond Long Distance
13. On the New Voice Policy page, click OK. 14. Click New, and then click Site policy. 15. On the Select a site page, click Redmond, and then click OK. 16. Select the Enable malicious call tracing check box. 17. Under Associated PSTN Usages, click Select. 18. On the Select PSTN Usage Record page, click Redmond Local, and then click OK. 19. On the New Voice Policy - Redmond page, click OK.
Task 3: Create the Rome voice policies and PSTN usages.

1. 2. 3. 4. 5. 6. On MIA-LS1, in the Lync Server Control Panel, click New, and then click User policy. In the Name box, type Rome International. Select the Enable malicious call tracing check box. Under Associated PSTN Usages, click New. On the New PSTN Usage Record page, in the Name box, type Rome Local, and then click OK. Repeat steps 4 and 5 to create two more PSTN usages with the same settings by using the following names:
L7-8
7. 8. 9.
Rome Long Distance Rome International
Back on the New Voice Policy page, click OK. Click New, and then click User policy. In the Name box, type Rome Long Distance.
10. Select the Enable malicious call tracing check box. 11. Under Associated PSTN Usages, click Select. 12. On the Select PSTN Usage Record page, press and hold the Ctrl key, select the following PSTN usages, and then click OK: Rome Local Rome Long Distance
13. Back on the New Voice Policy page, click OK. 14. Click New, and then click Site policy. 15. On the Select a site page, click Rome, and then click OK. 16. Select the Enable malicious call tracing check box. 17. Under Associated PSTN Usages, click Select. 18. On the Select PSTN Usage Record page, click Rome Local, and then click OK twice. 19. Click the Commit drop-down menu, and then click Commit All. 20. In the Uncommitted Voice Configuration Settings window, click Commit. 21. At the Lync Server Control Panel prompt, click Close. Results: After completing this exercise, you should have created the voice policies and PSTN usages for each site. This included two user voice policies and one site voice policy for each.
L7-9
Exercise 2: Configuring Routes and Site Trunks

Scenario
In the two data sites and the branch office, each must route their local calls to their local PSTN gateway, and to reduce calling costs to the other sites when a call is identified as local to that site. In this exercise, you will create various routes, including least-cost routes, for the three sites, and you will also create trunk configurations for each site. The main tasks for this exercise are as follows: 1. 2. 3. 4. 5. 6. Create routes for the Miami site. Create routes for the Redmond site. Create routes for the Rome site. Create a trunk configuration for the Miami site. Create a trunk configuration for the Redmond site. Create a trunk configuration for the Rome site.
Task 1: Create routes for the Miami site.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in Lync Server Control Panel, click Voice Routing, and then click the Route tab. Click New. On the New Voice Route page, in the Name box, type Miami Local. In the Starting digits for numbers that you want to allow: box, type +1305, and then click Add. 1. The Match this Pattern field should then display ^\+1305. Next to the Associated gateways box, click the Add button. In the Select Gateway window, click PstnGateway:1.1.1.1, and then click OK. Next to the Associated gateways box, click the Add button. In the Select Gateway window, click PstnGateway:1.1.1.2, and then click OK. On the Associated PSTN usages table toolbar, click Select.
10. In the Select PSTN Usage Record window, press and hold the Ctrl key, click Miami Local and Redmond Local, and then click OK. 11. On the New Voice Route page, click OK. 12. Use the following table to create the rest of the Miami routes.
Miami Routes
Route Name Starting Digits Match Pattern Associated Gateways PstnGateway:1.1.1.1 Miami Local +1305 ^\+1305 PstnGateway:1.1.1.2 PstnGateway:1.1.1.1 Miami National Miami +1 + ^\+1 ^\+(?!(1)) PstnGateway:1.1.1.2 PstnGateway:1.1.1.1 Miami Long Distance Miami International Associated PSTN Usage Miami Local Redmond Local
L7-10
Route Name International
Starting Digits Exceptions: +1
Match Pattern
Associated Gateways PstnGateway:1.1.1.2 PstnGateway:1.1.1.3
Associated PSTN Usage
Redmond Local Miami Local
US to Rome LCR
+3906
^\+3906
PstnGateway:1.1.1.1 PstnGateway:1.1.1.3
US to Italy LCR
+390
^\+390
PstnGateway:1.1.1.1
Rome Long Distance
13. When creating the routes, if an exception is needed to be created, in the Build a Pattern to Match section, click Exceptions. 14. In the Prefix Edit window, enter the value in the Exceptions area, and then click OK.
Task 2: Create routes for the Redmond site.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, in the Route tab, click New. On the New Voice Route page, in the Name box, type Redmond Local. In the Starting digits for numbers that you want to allow: box, type +1425, and then click Add. The Match this Pattern field should then display ^\+1425. Next to the Associated gateways box, click the Add button. In the Select Gateway window, click PstnGateway:1.1.1.2, and then click OK. Next to the Associated gateways box, click the Add button. In the Select Gateway window, click PstnGateway:1.1.1.1, and then click OK. On the Associated PSTN usages table toolbar, click Select. In the Select PSTN Usage Record window, press and hold the Ctrl key, click Miami Local and Redmond Local, and then click OK.
10. On the New Voice Route page, click OK. 11. Use the following table to create the rest of the Redmond routes.
Redmond Routes
Route Name Redmond Local Starting Digits +1425 Match Pattern ^\+1425 Associated Gateways PstnGateway:1.1.1.2 PstnGateway:1.1.1.1 Redmond National Redmond International +1 ^\+1 PstnGateway:1.1.1.2 PstnGateway:1.1.1.1 + Exceptions: +1 ^\+(?!(1)) PstnGateway:1.1.1.2 PstnGateway:1.1.1.1 Redmond International Associated PSTN Usage Redmond Local Miami Local Redmond Long Distance
12. When creating the routes, if an exception is needed to be created, in the Build a Pattern to Match section, click Exceptions.
L7-11
13. In the Prefix Edit window, enter the value in the Exceptions area, and then click OK.
Task 3: Create routes for the Rome site.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, on the Route tab, click New. On the New Voice Route page, in the Name box, type Rome Local. In the Starting digits for numbers that you want to allow: box, type +3906, and then click Add. The Match this Pattern field should then display ^\+3906. Next to the Associated gateways box, click the Add button. In the Select Gateway window, click PstnGateway:1.1.1.3, and then click OK. Next to the Associated gateways box, click the Add button. In the Select Gateway window, click PstnGateway:1.1.1.1, and then click OK. On the Associated PSTN usages table toolbar, click Select. In the Select PSTN Usage Record window, click Rome Local, and then click OK.
10. On the New Voice Route page, click OK. 11. Use the following table to create the rest of the Rome routes.
Rome Routes
Route Name Starting Digits Rome Local Match Pattern ^\+3906 Associated Gateways PstnGateway:1.1.1.3 PstnGateway:1.1.1.1 Rome National +390 ^\+390 PstnGateway:1.1.1.3 PstnGateway:1.1.1.1 Rome + International Exceptions: +390 Rome to Redmond LCR Rome to Miami LCR Rome to US LCR +1425 ^\+(?!(390)) PstnGateway:1.1.1.3 PstnGateway:1.1.1.1 ^\+1425 PstnGateway:1.1.1.2 PstnGateway:1.1.1.1 +1305 ^\+1305 PstnGateway:1.1.1.1 PstnGateway:1.1.1.2 +1 ^\+1 PstnGateway:1.1.1.1 PstnGateway:1.1.1.2 12. When creating the routes, if an exception is needed to be created, in the Build a Pattern to Match section, click Exceptions. 13. In the Prefix Edit window, enter the value in the Exceptions area, and then click OK. 14. Click the Commit drop-down menu, and then click Commit All. Rome Long Distance Rome Local Rome Local Rome International Rome Long Distance Associated PSTN Usage Rome Local
+3906
L7-12
15. In the Uncommitted Voice Configuration Settings window, click Commit. 16. At the Lync Server Control Panel prompt, click Close.
Task 4: Create a trunk configuration for the Miami site.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, click the Trunk Configuration tab. Click the New drop-down menu, and then click Site Trunk. In the Select a site window, click Miami, and then click OK. In the Encryption support level drop-down menu, click Optional. Clear the Enable refer support check box. On the Associated Translation Rules toolbar, click New. On the New Translation Rule page, in the Name box, type US PSTN. In the Starting digits box, type +1. In the Length drop-down list, set the length to Exactly and 12.
10. In the Digits to remove box, set the value to 1. 11. Leave the Digits to add box blank. 12. Verify that the Pattern to match field reads ^\+(1\d{10})$. 13. Verify that the Translation rule field reads $1, and then click OK. 14. Use the following table to create one more translation rule.
Miami
Name US PSTN Rome PSTN Starting Digits +1 +39 Length Exactly 12 Exactly 13 Digits to Remove 1 1 Match Pattern ^\+(1\d{10})$ ^\+(39\d{10})$
15. On the New Trunk Configuration Miami page, click OK.
Task 5: Create a trunk configuration for the Redmond site.

1. 2. 3. 4. 5. 6. 7. 8. On MIA-LS1, in the Lync Server Control Panel, click the Trunk Configuration tab. Click the New drop-down menu, and then click Site Trunk. In the Select a site window, click Redmond, and then click OK. In the Encryption support level drop-down menu, click Optional. Clear the Enable refer support check box. On the Associated Translation Rules toolbar, click Select. On the Select Translation Rules page, press Ctrl, click US PSTN and Rome PSTN, and then click OK. On the New Trunk Configuration Redmond page, click OK.
Task 6: Create a trunk configuration for the Rome site.

1. 2. On MIA-LS1, in the Lync Server Control Panel, click the Trunk Configuration tab. Click the New drop-down menu, and then click Site Trunk.
L7-13
3. 4. 5. 6. 7. 8. 9.
In the Select a site window, click Rome, and then click OK. In the Encryption support level drop-down menu, click Optional. Clear the Enable refer support check box. On the Associated Translation Rules toolbar, click Select. On the Select Translation Rules page, press Ctrl, click the first US PSTN and Rome PSTN, and then click OK. On the New Trunk Configuration Rome page, click OK. Click the Commit drop-down menu, and then click Commit All.
10. In the Uncommitted Voice Configuration Settings window, click Commit. 11. At the Lync Server Control Panel prompt, click Close. Results: After completing this exercise, you should have created trunk configurations for each site and two translation rules for each.
L7-14
Exercise 3: Configuring Call Park

Scenario
In this exercise, you will configure Call Park. You will first configure a Call Park Orbit that starts at *500 and ends at *599 for Miami, and *600 and *699 for Rome. Then, you will enable Call Park on the various voice policies. The main tasks for this exercise are as follows: 1. 2. 3. Configure a Call Park Orbit for Miami. Configure a Call Park Orbit for Rome. Configure Music on Hold and enable Call Park.
Task 1: Configure a Call Park Orbit for Miami.

1. On MIA-LS1, in the Lync Server Management Shell, type the following command, and then press Enter:
New-CSCallParkOrbit Identity Miami Orbit CallParkService mia-ls1.Fabrikam.com NumberRangeStart *500 NumberRangeEnd *599 Verbose
Task 2: Configure a Call Park Orbit for Rome.

New-CSCallParkOrbit Identity Rome Orbit CallParkService rom-ls2.Fabrikam.com NumberRangeStart *600 NumberRangeEnd *699 Verbose
Task 3: Configure Music on Hold and enable Call Park.

Set-CsCpsConfiguration EnableMusicOnHold $True Verbose
2.
In the Lync Server Management Shell, type the following command, and then press Enter:
Get-CsVoicePolicy | Set-CsVoicePolicy EnableCallPark $True -Verbose
Results: After completing this exercise, you should have created two call park orbits, enabled music on hold, and enabled Call Park for all of the voice policies.
L7-15
Exercise 4: Configuring the Unassigned Numbers Feature

Scenario
In this exercise, you will configure the unassigned numbers feature of Lync Server 2010. You will create three announcements, one for Miami and Rome, and another for the executive number range that transfers the call to the operator. You will then configure unassigned numbers for the three sites, including one that is specific to the executive number range. The main tasks for this exercise are as follows: 1. 2. 3. 4. Configure the Announcement service for Miami and Rome. Create an Unassigned Number range for Miami. Create an Unassigned Number range for Redmond. Create an Unassigned Number range for Rome.
Task 1: Configure the Announcement service for Miami and Rome.

New-CSAnnouncement Name English Unassigned Number Announcement TextToSpeechPrompt The number you have called is currently out of service. Check the number and try your call again. Language en-US Identity service:ApplicationServer:mials1.fabrikam.com Verbose
2.
New-CSAnnouncement Name Italian Unassigned Number Announcement TextToSpeechPrompt Il numero chiamato e attualmente fuori servizio. Controllare il numero e provare di nuovo la chiamata. Language it-IT Identity service:ApplicationServer:romls2.fabrikam.com Verbose
3.
New-CSAnnouncement Name Executive Unassigned Number Announcement TextToSpeechPrompt This persons phone number has changed. You will now be transferred to the operator. Language en-US Identity service:ApplicationServer:mia-ls1.fabrikam.com TargetURI sip:+13055552009@fabrikam.com;user=phone Verbose
Task 2: Create an Unassigned Number range for Miami.

1. 2. 3. 4. 5. 6. 7. 8. On MIA-LS1, in the Lync Server Control Panel, click Voice Features. Click the Unassigned Number tab, and then click New. On the New Unassigned Number Range page, in the Name box, type Miami Internal Numbers. In the first Number range box, type tel:+13055552000. In the second Number range box, type tel:+13055552099. Leave Announcement selected in the Announcement service drop-down list. Next to FQDN of destination server, click Select. In the Select an Announcement Service window, click ApplicationServer:mia-ls1.fabrikam.com, and then click OK.
L7-16
9.
Under Announcement, click English Unassigned Number Announcement from the drop-down list, and then click OK.
10. On the Unassigned Number tab, click New. 11. On the New Unassigned Number Range page, in the Name box, type Executive Numbers. 12. In the first Number range box, type tel:+13055552100. 13. In the second Number range box, type tel:+13055552199. 14. Leave Announcement selected in the Announcement service drop-down list. 15. Next to FQDN of destination server, click Select. 16. In the Select an Announcement Service window, click ApplicationServer:mia-ls1.fabrikam.com, and then click OK. 17. Under Announcement, click Executive Unassigned Number Announcement from the drop-down list, and then click OK.
Task 3: Create an Unassigned Number range for Redmond.

1. 2. 3. 4. 5. 6. 7. 8. On MIA-LS1, in the Lync Server Control Panel, on the Unassigned Number tab, click New. On the New Unassigned Number Range page, in the Name box, type Redmond Internal Numbers. In the first Number range box, type tel:+14255553000. In the second Number range box, type tel:+14255553099. Leave Announcement selected in the Announcement service drop-down list. Next to FQDN of destination server, click Select. In the Select an Announcement Service window, click ApplicationServer:mia-ls1.fabrikam.com, and then click OK. Under Announcement, click English Unassigned Number Announcement from the drop-down list, and then click OK.
Task 4: Create an Unassigned Number range for Rome.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, on the Unassigned Number tab, click New. On the New Unassigned Number Range page, in the Name box, type Rome Internal Numbers. In the first Number range box, type tel:+390655554000. In the second Number range box, type tel:+390655554099. Leave Announcement selected in the Announcement service drop-down list. Next to FQDN of destination server, click Select. In the Select an Announcement Service window, click ApplicationServer:rom-ls2.fabrikam.com, and then click OK. Under Announcement, click Italian Unassigned Number Announcement from the drop-down list, and then click OK. On the Unassigned Number tab, click Commit All. Results: After completing this exercise, you should have configured the unassigned numbers feature of Lync Server 2010, which includes various announcements and unassigned number ranges.
L7-17
Exercise 5: Configuring Users for Enterprise Voice

Scenario
In this exercise, you will configure users for Enterprise Voice. You will enable them for Enterprise Voice, and then configure a line URI and voice policy. The main tasks for this exercise are as follows: 1. 2. 3. Configure users in Miami for Enterprise Voice. Configure users in Redmond for Enterprise Voice. Configure users in Rome for Enterprise Voice.
Task 1: Configure users in Miami for Enterprise Voice.

1. 2. 3. 4. 5. 6. On Mia-LS1, in the Lync Server Control Panel, in the navigation pane, click Users, and then click Find. Double-click Scott MacDonald. On the Edit Lync Server User Scott MacDonald page, in the Telephony drop-down menu, click Enterprise Voice. In the Line URI box, type tel:+13055552100. In the Voice policy drop-list menu, click Miami International, and then click Commit. Repeat these steps for the rest of the users in the following table. Telephony Enterprise Voice Enterprise Voice Line URI tel:+13055552100 tel:+13055552002 tel:+13055552003 tel:+13055552004 tel:+13055552005 tel:+13055552008 tel:+13055552009 Voice Policy Miami International Miami Long Distance Miami Long Distance Miami International Miami International Miami International Miami International
User Scott MacDonald Andreas Herbinger
Conor Cunningham Enterprise Voice Anna Lidman Ebru Ersan Patricia Doyle Paul West Enterprise Voice Enterprise Voice Enterprise Voice Enterprise Voice
Task 2: Configure users in Redmond for Enterprise Voice.

1. 2. 3. 4. 5. On Mia-LS1, in the Lync Server Control Panel, in Users, double-click Jason Carlson. On the Edit Lync Server User Jason Carlson page, in the Telephony drop-down menu, click Enterprise Voice. In the Line URI box, type tel:+14255553001. In the Voice policy drop-list menu, click Redmond International, and then click Commit. Repeat these steps for the rest of the users in the following table. Telephony Enterprise Voice Line URI tel:+14255553001 Voice Policy Redmond International
User Jason Carlson
L7-18
User Tzipi Butnaru Franz Kohl Shu Ito
Telephony Enterprise Voice Enterprise Voice Enterprise Voice
Line URI tel:+14255553002 tel:+14255553003 tel:+14255553004
Voice Policy Redmond Long Distance Redmond Long Distance Redmond International
Task 3: Configure users in Rome for Enterprise Voice.

1. 2. 3. 4. 5. On Mia-LS1, in the Lync Server Control Panel, in Users, double-click Marcel Truempy. On the Edit Lync Server User Marcel Truempy page, in the Telephony drop-down menu, click Enterprise Voice. In the Line URI box, type tel:+390655554001. In the Voice policy drop-list menu, click Rome International, and then click Commit. Repeat these steps for the rest of the users in the following table. Telephony Enterprise Voice Enterprise Voice Enterprise Voice Enterprise Voice Enterprise Voice Line URI tel:+390655554001 tel:+390655554002 tel:+390655554003 tel:+390655554005 tel:+390655554009 Voice Policy Rome International Rome Long Distance Rome Long Distance Rome International Rome Long Distance
User Marcel Truempy Luca Dellamore Shane DeSeranno Nuno Farinha Axel Delgado
Results: After completing this exercise, you should have configured various users for Enterprise Voice in the three sites. You should have also configured a line URI and assigned a voice policy.
L7-19
Exercise 6: Testing and Verifying Enterprise Voice Functionality

Scenario
In this exercise, you will test the Enterprise Voice topology you just configured. You will make a series of calls that demonstrate the behavior of number normalization, PSTN routing, application of policies, Call Park features, etc. The PBX Emulator is installed on MIA-CL1 and will need to be started. When a call is successfully routed to the PBX Emulator, you will see the dialed number and other call information scroll through the command window on MIACL1, and the caller will hear the Windows log off .WAV file played repeatedly. The main tasks for this exercise are as follows: 1. 2. 3. Sign in to Lync 2010 and test number normalization. Test Lync 2010 calling and outbound PSTN calling. Test Call Park and Unassigned Numbers.
Task 1: Sign in to Lync 2010 and test number normalization.

1. 2. 3. On Mia-CL1, double-click the Start PBX Emulator shortcut on the desktop. A Command window will open and remain open. Sign in to Lync as Tzipi and test phone number normalization for Redmond users. In Lync, click the Phone tab, and dial the following numbers: 4. 5. 6. 0 should normalize to +1 (305) 555-2009 9 should normalize to +390655554005 2002 should normalize to +1 (305) 555-2002 3002 should normalize to +1 (425) 555-3002 4002 should normalize to +390655554002 5551212 should normalize to +1 (425) 555-1212 2065551212 should normalize to +1 (206) 555-1212 12065551212 should normalize to +1 (206) 555-1212 011390655551212 should normalize to +390655551212
On Mia-CL1, log off as Tzipi and log back on as Andreas. Sign in to Lync as Andreas and test phone number normalization for Miami users. In Lync, click the Phone tab, and dial the following numbers: 0 should normalize to +1 (305) 555-2009 9 should normalize to +390655554005 2002 should normalize to +1 (305) 555-2002 3002 should normalize to +1 (425) 555-3002 4002 should normalize to +390655554002 5551212 should normalize to +1 (305) 555-1212 2065551212 should normalize to +1 (206) 555-1212 12065551212 should normalize to +1 (206) 555-1212
L7-20
7. 8. 9.
011390655551212 should normalize to +390655551212
On Rom-CL3, log on as Marcel. Sign in to Lync as Marcel and test phone number normalization for Rome users. In Lync, click the Phone tab, and dial the following numbers: 0 should normalize to +1 (305) 555-2009 9 should normalize to +390655554005 2002 should normalize to +1 (305) 555-2002 3002 should normalize to +1 (425) 555-3002 4002 should normalize to +390655554002 0055551212 should normalize to +55551212 0012065551212 should normalize to +1 (206) 555-1212
Task 2: Test Lync calling and outbound PSTN calling.

1. 2. 3. 4. 5. 6. 7. 8. 9. On Mia-CL1 logged on as Andreas, call Marcel on Rom-CL3. In Lync, dial 4001 or add Marcel as a contact. Click the Call drop-down list, and then click Lync Call. On Rom-CL3 logged on as Marcel, answer the call to verify Lync calling between sites. Connect the call and then disconnect. On Rom-CL3, call Andreas. In Lync, dial 2002 or add Andreas as a contact, and then click Call. On Rom-CL3, call 0055551212 and verify that it is routed to the PBX emulator. In Lync, dial 0055551212, and then click Call. Wait to hear the Windows audio file that shows the call being successfully routed to the PBX emulator.
10. On MIA-CL1, call 2065551212 and verify that it is routed to the PBX emulator. 11. In Lync, dial 2065551212, and then click Call. 12. Wait to hear the Windows audio file that shows the call being successfully routed to the PBX emulator. NOTE: If the call does not go through, restart the Lync Server Mediation service on MIA-LS1 and retry.
Task 3: Test Call Park and Unassigned Numbers.

1. 2. 3. 4. 5. On Mia-CL1 logged on as Andreas, call Marcel on Rom-CL3. In Lync, dial 4001, and then click Call. On Rom-CL3 logged on as Marcel, answer the call, and then park the call. Click the new call toast to connect the call. In the lower-right corner, click the Transfer call to another person or device drop-down list, and then click Parking Lot.
L7-21
6. 7.
Notice that the call is placed on hold, Andreas can hear the on hold music and Marcel can see the parked call number. On MIA-CL1, test the Miami, Redmond, Rome, and Executive unassigned number announcements. In Lync, dial 2040, and then when the number is normalized, click Call. Notice that the call is routed to the Announcement service and that the English Unassigned Number Announcement is played. End the call. In Lync, dial 3040, and then when the number is normalized, click Call. Notice that the call is routed to the Announcement service and that the English Unassigned Number Announcement is played. End the call. On RED-CL2, log on to Lync as Fabrikam\Paul with the password of Pa$$w0rd.
8.
9.
10. On MIA-CL1, in Lync, dial 2105, and then when the number is normalized, click Call. Notice that the call is routed to the Announcement service and that the Executive Unassigned Number Announcement is played and then the call is forwarded to the Operator (Paul on RED-CL2). End the call. 11. In Lync, in the Find a contact or dial a number box, type 011390655554080, and then when the number is normalized, click Call. Notice that the call is routed to the Announcement service and that the Rome Unassigned Number Announcement is played. End the call and close any Lync 2010 windows. Results: After completing this exercise, you should have tested the Enterprise Voice configuration you have configured over the last two labs. You should have verified number normalization, policy application, call routing internally and outbound to the PSTN. You also tested the new Call Park and Unassigned Number features by parking calls and calling unassigned numbers and hearing the configured announcements.
L7-22
Lab 8: Integrating Exchange Server 2010 SP1 Unified Messaging Integration with Lync Server 2010
L8-1
Module 8: Microsoft Exchange Server 2010 SP1 Unified Messaging Integration
Lab Scenario
During this lab, you will perform several tasks related to configuring Microsoft Lync Server 2010 and Exchange Server 2010 SP1 Unified Messaging integration. The Unified Messaging component of Exchange Server 2010 SP1 is designed to be the voice mail solution for Lync Server 2010. Anyone can dial a Lync 2010 user and leave a voice mail message, which will then be delivered to the recipients Microsoft Office Outlook Inbox. In this lab you will: 1. 2. 3. 4. 5. Create and edit a UM dial plan. Associate the Exchange Server with the new dial plan. Create and configure a UM auto attendant. Run the EXCHUCUTIL.PS1 script. Use the OCSUmUtil.exe tool to configure integration.
As the administrator for Fabrikam, you want to integrate your current existing deployment of Lync Server 2010 with Microsoft Exchange Server 2010 SP1 Unified Messaging to further take advantage of the voice features of Lync Server 2010 and Exchange Server 2010 SP1. You have already installed and configured the Unified Messaging server role and will now make the necessary configuration changes. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

This lab requires the virtual machines running from the previous lab and depends on the completion of Labs 5 through 7. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
To begin this lab, you must connect to the appropriate virtual machines by using the following steps:
L8-2
1. 2.
On Host1, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, if the virtual machine 10533A-MIA-DC1.2 is not running: a. b. c. Right-click 10533A-MIA-DC1.2 and click Start. Right-click 10533A-MIA-DC1.2 and click Connect. In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing.
3. 4.
5.
6.
7.
8.
9.
13. On Host2, in the Virtual Machines list, if the virtual machine 10533A-MIA-CL1.2 is not running:
L8-3
a. b.
Right-click 10533A-MIA-CL1.2 and click Start. Right-click 10533A-MIA-CL1.2 and click Connect.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings. 19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 23. In the User name box, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings.
L8-4
43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
L8-5
L8-6
Exercise 1: Configuring Exchange Server SP1 2010 UM to work with Lync Server 2010 Enterprise Voice
Scenario
In this exercise, you will go through the steps of configuring Exchange Server 2010 SP1 Unified Messaging integration with Lync Server 2010. The steps involved are: 1. 2. 3. 4. Create a new Unified Messaging dial plan for Miami. Create a new Unified Messaging dial plan for Rome. Create new UM Auto Attendants. Run the EXCHUCUTIL.PS1 script.
First, you will configure Exchange Server 2010 SP1 Unified Messaging to work with Lync Server 2010. This includes creating and configuring dial plans for Miami and Rome, creating auto attendants for Miami and Rome, and then running the EXCHUCUTIL.PS1 script. Important: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server, and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Create a new Unified Messaging dial plan for Miami.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-DC1, click Start, click All Programs, click Microsoft Exchange Server 2010, and then click Microsoft Exchange Management Console. In the Exchange Management Console, expand Microsoft Exchange On-Premises (miadc1.fabrikam.com), expand Organization Configuration, and then click Unified Messaging. On the UM Dial Plans tab, in the Actions pane, click New UM Dial Plan. In the New UM Dial Plan wizard, on the New UM Dial Plan page, in the Name box, type Miami In the Number of digits in extension numbers box, type 4. In the URI Type list, select SIP URI. In the VoIP security list, select, Secured. In the Country/Region code box, type 1 and click Next. On the Set UM Servers page, click Add.
10. On the Select UM Server window, click MIA-DC1, click OK, and then click Next. 11. On the New UM Dial Plan page, click New. 12. On the Completion page, click Finish. 13. On the UM Dial Plans tab, right-click Miami, and then click Properties. 14. On the Miami Properties page, click the Subscriber Access tab. 15. In the Telephone number to associate box, type +13055552999, and then click Add. 16. Click the Dialing Rule Groups tab. 17. Under In-Country/Region Rule Groups, click Add. 18. On the Dialing Rule Entry page, in the Name box, type All Calls.
L8-7
19. In the Number mask and Dialed number boxes, type * (asterisk character). 20. In the Comment box, type Allow all calls, and then click OK twice. 21. Click the UM Mailbox Policies tab. 22. Right-click Miami Default Policy, and then click Properties. 23. On the Miami Default Policy Properties page, click the Dialing Restrictions tab. 24. Under Select allowed in-country/region rule groups from dial plan, click Add. 25. On the Select Allowed In-Country/Region Groups page, click All Calls, and then click OK twice.
Task 2: Create a new Unified Messaging dial plan for Rome.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-DC1, in the Exchange Management Console, on the UM Dial Plans tab, in the Actions pane, click New UM Dial Plan again. In the New UM Dial Plan wizard, on the New UM Dial Plan page, in the Name box, type Rome. In the Number of digits in extension numbers box, type 4. In the URI Type list, select SIP URI. In the VoIP security list, select, Secured. In the Country/Region code box, type 39, and then click Next. On the Set UM Servers page, click Add. On the Select UM Server window, click MIA-DC1, click OK, and then click Next. On the New UM Dial Plan page, click New.
10. On the Completion page, click Finish. 11. On the UM Dial Plans tab, right-click Rome, and then click Properties. 12. On the Rome Properties page, click the Subscriber Access tab. 13. In the Telephone number to associate box, type +390655554999, and then click Add. 14. Click the Dialing Rule Groups tab. 15. Under In-Country/Region Rule Groups, click Add. 16. On the Dialing Rule Entry page, in the Name box, type All Calls. 17. In the Number mask and Dialed number box, type * (asterisk character). 18. In the Comment box, type Allow all calls, and then click OK twice. 19. Click the UM Mailbox Policies tab. 20. Right-click Rome Default Policy, and then click Properties. 21. On the Rome Default Policy Properties page, click the Dialing Restrictions tab. 22. Under Select allowed in-country/region rule groups from dial plan, click Add. 23. On the Select Allowed In-Country/Region Groups page, click All Calls, and then click OK twice.
Task 3: Create new UM Auto Attendants.

1. 2. On MIA-DC1, in the Exchange Management Console, in the Actions pane, click New UM Auto Attendant. On the New UM Auto Attendant page, in the Name box, type Miami_AA
L8-8
3. 4. 5. 6. 7. 8. 9.
Under Select associated dial plan, click Browse. On the Select Dial Plan page, click Miami, and then click OK. In the Pilot identifier list box, type +13055552000, and then click Add. Select the Create auto attendant as enabled and Create auto attendant as speech-enabled check boxes, and then click New. On the Completion page, click Finish. In the Actions pane, click New UM Auto Attendant. On the New UM Auto Attendant page, in the Name box, type Rome_AA.
10. Under Select associated dial plan, click Browse. 11. On the Select Dial Plan page, click Rome, and then click OK. 12. In the Pilot identifier list box, type +390655554000, and then click Add. 13. Select the Create auto attendant as enabled and Create auto attendant as speech-enabled check boxes, and then click New. 14. On the Completion page, click Finish.
Task 4: Run the ExchUcUtil.ps1 script.

1. 2. On MIA-DC1, click Start, click All Programs, click Microsoft Exchange Server 2010, and then click Microsoft Exchange Management Shell. In the Exchange Management Shell, type the following command and then press Enter:
cd c:\Program Files\Microsoft\Exchange Server\V14\Scripts
3.
In the Exchange Management Shell, type the following, and then press Enter:
.\ExchUCUtil.ps1
Results: After completing this exercise, you should have created new UM Dial Plans and UM Auto Attendants for Miami and Rome, and then run the ExchUcUtil.ps1 script.
L8-9
Exercise 2: Configuring Lync Server 2010 to Work with Exchange Server 2010 SP1 Unified Messaging
Scenario
In this exercise, you will configure Lync Server 2010 integration with Exchange Server 2010 SP1 Unified Messaging. The steps involved are: 1. 2. Use the Exchange Integration tool to configure Lync Server 2010. Configure inbound normalization rules on the global dial plan.
You will first run the OcsUMUtil.exe tool to create contact objects in Lync Server 2010, restart the Exchange UM service, and then configure inbound normalization rules.
Task 1: Use the Exchange Integration tool to configure Lync Server 2010.
1. 2. 3. 4. 5. 6. On MIA-LS1, click Start, click All Programs, click Accessories, and then click Command Prompt. At the command prompt, type cd c:\Program Files\Common Files\Microsoft Lync Server 2010\Support, and then press Enter. At the command prompt, type OcsUMUtil.exe, and then press Enter. Wait for the tool to load. In the Exchange UM Integration Utility, click Load Data. Under SIP Dial Plans, click Miami.Fabrikam.com. Notice that there is an error stating that there is no corresponding contact object in OCS. Note: The tool predates the official naming of Lync and still says OCS. The same goes for Rome.Fabrikam.com. Close the Exchange UM Integration Utility. At the command prompt, type OcsUMUtil /domain:fabrikam.com, and then press Enter.
7. 8. 9.
10. Wait for the tool to finish. 11. Type OcsUMUtil.exe, and then press Enter again. 12. Wait for the tool to load. 13. In the Exchange UM Integration Utility, click Load Data. 14. Under SIP Dial Plans, click the dial plans listed and notice that the errors are gone. 15. On MIA-DC1, in Exchange Management Shell, type the following, and then press Enter.
Restart-Service MSExchangeUM
Task 2: Configure inbound normalization on the global dial plan.

1. 2. 3. 4. 5. 6. On MIA-LS1, in the Lync Server Control Panel, in the navigation pane, click Voice Routing. On the Dial Plan tab, in the content area, double-click Global. On the Associated Normalization Rules toolbar, click New. On the New Normalization Rule page, in the Name box, type Auto Attendant. In the Starting digits box, type 3055552000. In the Length: menu, select Exactly and use the arrows to select 10.
L8-10
7. 8. 9.
Verify that the Digits to remove: spinner is set at 0. In the Digits to add: box, type 1 to make the value +1. Scroll-down to Dialed number to test box, type 3055552000, and then click Go. The number should normalize to +13055552000.
10. Click OK twice. 11. On the Dial Plan tab, in the content area, double-click Global. 12. On the Associated Normalization Rules toolbar, click New. 13. On the New Normalization Rule page, in the Name box, type Subscriber Access Number 14. In the Starting digits box, type 3055552999. 15. In the Length: menu, select Exactly and use the arrows to select 10. 16. Verify that the Digits to remove: spinner is set at 0. 17. In the Digits to add: box, type 1 to make the value +1. 18. Scroll-down to Dialed number to test box, type 3055552999, and then click Go. 19. The number should normalize to +13055552999. 20. Click OK. 21. Under Associated Normalization Rules, click the Prefix All rule, click Remove, and then click OK. 22. Click the Commit and then click Commit All. 23. In the Uncommitted Voice Configuration Settings window, click Commit. 24. At the Lync Server Control Panel prompt, click Close. Results: After completing this exercise, you should have used the Exchange Integration tool to create the contact objects in Lync Server 2010.
L8-11
Exercise 3: Testing and Verifying Integration

Scenario
Test and verify the integration between Exchange Server SP1 UM and Lync Server 2010. To do this, you need to perform the following tasks. 1. 2. 3. Enable users for Exchange UM. Log on to Lync 2010 and configure voice mail. Use Lync 2010, Outlook, and OWA to leave and retrieve voice mail.
Task 1: Enable users for Exchange Unified Messaging.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-DC1, in the Exchange Management Console, expand Recipient Configuration and then click Mailbox. In the Results pane, click Scott MacDonald, and then in the actions pane, click Enable Unified Messaging. On the Enable Unified Messaging wizard, on the Introduction page, below Unified Messaging Mailbox Policy, click Browse. On the Select UM Mailbox Policy page, click Miami Default Policy, and then click OK. Under PIN Settings, select Manually specify PIN, and then in the PIN box, type 305425 and click Next. On the Extension Configuration page, click Manually-entered mailbox extension, and then in the box, type 2100. Click Manually-entered SIP resource identifier, in the box, type scott@fabrikam.com, and then click Next. On the Enable Unified Messaging page, click Enable. On the Completion page, click Finish.
10. Repeat these steps to enable the following users for Exchange Unified Messaging.
User Scott MacDonald
UM Mailbox Policy Miami Default Policy
PIN 305425 305425 305425 305425 305425 305425 305425 305425
Mailbox Extension 2100 2002 2003 2004 2005 2008 2009 3001
Alias scott@fabrikam.com andreas@fabrikam.com conor@fabrikam.com anna@fabrikam.com ebru@fabrikam.com patricia@fabrikam.com paul@fabrikam.com jason@fabrikam.com
Andreas Herbinger Miami Default Policy Conor Cunningham Anna Lidman Ebru Ersan Patricia Doyle Paul West Jason Carlson Miami Default Policy Miami Default Policy Miami Default Policy Miami Default Policy Miami Default Policy Miami Default Policy
L8-12
User Tzipi Butnaru Franz Kohl Shu Ito Marcel Truempy Luca Dellamore Shane DeSeranno Axel Delgado Nuno Farinha
UM Mailbox Policy Miami Default Policy Miami Default Policy Miami Default Policy Rome Default Policy Rome Default Policy Rome Default Policy Rome Default Policy Rome Default Policy
PIN 305425 305425 305425 305425 305425 305425 305425 305425
Mailbox Extension 3002 3003 3004 4001 4002 4003 4009 4005
Alias tzipi@fabrikam.com franz@fabrikam.com shu@fabrikam.com marcel@fabrikam.com luca@fabrikam.com shane@fabrikam.com axel@fabrikam.com nuno@fabrikam.com
Task 2: Log on to Lync 2010 and configure voice mail.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-CL1 logged on as Andreas, log on to Lync 2010 as Andreas. In Lync 2010, click the Phone tab. Click the Display voice mail options menu, and then click Call Voice Mail. Listen to the voice mail prompts. In Lync 2010, call the Exchange Auto Attendant and change Andreas greeting. Follow the voice prompts to setup up Andreas greetings and other voice box settings. In Lync 2010, on the Phones tab, click the Display voice mail options drop-down list, and then click Call Voice Mail. Follow the voice prompts to listen to Andreas voice mail, email, personal options, etc. On ROM-CL3, logged on as Marcel, log on to Lync 2010 and change Marcels voice mail box greeting.
10. Use the same procedures as above to listen to his e-mail, calendar, personal settings, etc.. Note: If the Voice Mail options or menus are not showing in Lync, log out of Lync and log back on to have the configurations applied.
Task 3: Use Lync 2010, Outlook, and OWA to leave and retrieve voice mail.
1. 2. 3. 4. 5. 6. On ROM-CL3, in Lync, next to Andreas name, click the Call drop-down list, and then click Voice Mail. Listen to the greeting you configured for Andreas and then leave her a short (10-15 seconds) voice message and include a phone number in the voice message. On MIA-CL1, logged on as Andreas, open Outlook and wait as the voice mail is sent to Andreas Outlook inbox. In Outlook, notice the new voice mail message and then double-click the voice mail from Marcel Truempy message. In the message body, notice that UM has transcribed the voice message and has also recognized the phone number in the voice message. Click Play to hear the voice mail.
L8-13
7. 8. 9.
Log on to https://mail.fabrikam.com/owa as Fabrikam\Andreas. Notice the Voice Mail from Marcel Truempy message. In the Preview tab, click Play to listen to the voice mail from Marcel. Results: After completing this exercise, you should have tested and verified the Exchange Server 2010 SP1 UM and Lync Server 2010 integration by using Lync 2010 to configure Marcel and Andreas voice mail and then leaving messages. You then viewed the voice mail messages by using Outlook and OWA.
L8-14
Lab 9: Configuring the Lync Server 2010 Response Group Service
L9-1
Module 9: Implementing Response Groups

Scenario
Fabrikam has continued to grow, increasing the demand placed on the receptionist and reducing efficiency while increasing time to answer incoming calls. Management has decided to implement multiple Microsoft Lync Server 2010 Response Groups to handle the increased call volume and route calls to the correct departments without ringing the receptionist when possible. In this lab you will deploy the Response Group Service, including agent groups, queues, and workflows. You will also configure the Agent Anonymization feature. The planning committee has come up with the following diagram mapping out the details of the preferred Response Group configuration:
Fabrikam US Response Group +1-800-555-2222
Fabrikam Italy Response Group +39-06-5555-4444
Press 1 for US Sales Serial
Press 2 for US Accounting Parallel Anonymized
Press 0 for US Operator Attendant Anonymized
Press 1 for Italy Sales Serial
Press 2 for Italy Accounting Parallel Anonymized
Press 0 for Italy Operator Attendant Anonymized
Tzipi
Marcel
Andreas
Paul West
Andreas
Marcel
Tzipi
Nuno
Andreas
Time Out to: Vijays V-mail
Time Out to: Pauls V-mail
Marcel
Time Out to: Vijays V-mail
Time Out to: Nunos V-mail
Time Out to: Scotts V-mail
Time Out to: Marcels V-mail

This lab requires the virtual machines running from the previous lab and depends on the completion of Lab 5 through 8. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd
L9-2
INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
5.
6.
7.
8.
9.
11. On Host2, in the Virtual Machines list, if the virtual machine 10533A-MIA-AM1.2 is not running: a. Right-click 10533A-MIA-AM1.2 and click Start.
L9-3
b.
Right-click 10533A-MIA-AM1.2 and click Connect.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings. 19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 23. In the User name box, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes.
L9-4
39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
L9-5
L9-6
Exercise 1: Configuring Agent Groups and Queues

Scenario
In this exercise, you will create Agent Groups and Queues for both the U.S. and Italy offices. You will create three for the U.S., one for Sales, Accounting and Operator. You will create three for Italy as well. You will use the users that are logged on to the various clients we have, and those configured as the operator. The main tasks for this exercise are as follows: 1. 2. 3. 4. Configure U.S. groups. Configure Italy groups. Configure U.S. queues. Configure Italy queues.
IMPORTANT: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Configure U.S. groups.

1. 2. 3. 4. 5. 6. 7. 8. 9. Sign out of Lync 2010 on MIA-CL1, RED-CL2, and ROM-CL3. On MIA-LS1, in the Lync Server Control Panel, click Response Groups, and then click the Group tab. Click New. In the Select a Service window, click ApplicationServer:mia-ls1.fabrikam.com, and then click OK. On the New Group page, in the Name box, type U.S. Sales Group. In the Participation policy drop-down list, click Informal. In the Routing method drop-down list, click Serial. On the Agents toolbar, click Select. On the Select Agents window, click Find.
10. In the search results, press and hold the Ctrl key, highlight Tzipi Butnaru and Andreas Herbinger, and then click OK. 11. Use the Up and Down arrows to have Tzipi Butnaru be the first in the list, and then click Commit. 12. Repeat the above steps to create the U.S. Accounting Group by using the following information. Field Service Name Participation policy Routing method Agents Value ApplicationServer:mia-ls1.fabrikam.com U.S. Accounting Group Informal Parallel Marcel Truempy
L9-7
Field
Value Andreas Herbinger
13. Repeat the above steps to create the U.S. Operator Group by using the following information. Field Service Name Participation policy Routing method Agents Value ApplicationServer:mia-ls1.fabrikam.com U.S. Operator Group Informal Attendant Paul West
Task 2: Configure Italy groups.

1. Repeat the above steps to create the Italy Sales Group by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Italy Sales Group Informal Serial Andreas Herbinger Marcel Truempy 2. Repeat the above steps to create the Italy Accounting Group by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Italy Accounting Group Informal Parallel Marcel Truempy Tzipi Butnaru 3. Repeat the above steps to create the Italy Operator Group by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Field Service Name Participation policy Routing method Agents
Field Service
L9-8
Field Name Participation policy Routing method Agents
Value Italy Operator Group Informal Attendant Nuno Farinha
Task 3: Configure U.S. queues.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, click the Queue tab, and then click New. In the Select a Service window, click ApplicationServer:mia-ls1.fabrikam.com, and then click OK. In the Name box, type U.S. Operator Queue. On the Groups toolbar, click Select. In the Select Groups window, click U.S. Operator Group, and then click OK. Select the Enable queue time-out check box. In the Call action drop-down list, click Forward to voice mail. In the SIP address box, type sip:paul@fabrikam.com Select the Enable queue overflow check box.
10. Set the Maximum number of calls to 5. 11. In the Call action drop-down list, click Forward to voice mail. 12. In the SIP address box, type sip:paul@fabrikam.com, and then click Commit. 13. Repeat the above steps to create the U.S. Sales Queue by using the following information. Field Service Name Groups Enable queue time-out Call action SIP address Enable queue overflow Maximum number of calls Forward the call Call action SIP address Value ApplicationServer:mia-ls1.fabrikam.com U.S. Sales Queue U.S. Sales Group checked Forward to another queue U.S. Operator Queue checked 5 Newest call Forward to voice mail sip:scott@fabrikam.com
14. Repeat the above steps to create the U.S. Accounting Queue by using the following information.
L9-9
Field Service Name Groups Enable queue time-out Call action SIP address Enable queue overflow Maximum number of calls Forward the call Call action SIP address
Value ApplicationServer:mia-ls1.fabrikam.com U.S. Accounting Queue U.S. Accounting Group checked Forward to another queue U.S. Operator Queue checked 5 Newest call Forward to voice mail sip:vijay@fabrikam.com
Task 4: Configure Italy queues.

1. Repeat the above steps to create the Italy Operator Queue by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Italy Operator Queue Italy Operator Group checked Forward to SIP address sip:nuno@fabrikam.com checked 5 Newest call Forward to voice mail sip:nuno@fabrikam.com Field Service Name Groups Enable queue time-out Call action SIP address Enable queue overflow Maximum number of calls Forward the call Call action SIP address 2.
Repeat the above steps to create the Italy Sales Queue by using the following information. Value ApplicationServer:rom-ls2.fabrikam.com Italy Sales Queue
Field Service Name
L9-10
Field Groups Enable queue time-out Call action SIP address Enable queue overflow Maximum number of calls Forward the call Call action SIP address
Value Italy Sales Group checked Forward to another queue Italy Operator Queue checked 5 Newest call Forward to voice mail sip:marcel@fabrikam.com
3. Repeat the above steps to create the Italy Accounting Queue by using the following information. Field Service Name Groups Enable queue time-out Call action SIP address Enable queue overflow Maximum number of calls Forward the call Call action SIP address Value ApplicationServer:rom-ls2.fabrikam.com Italy Accounting Queue Italy Accounting Group checked Forward to another queue Italy Operator Queue checked 5 Newest call Forward to voice mail sip:vijay@fabrikam.com
Results: After completing this exercise, you should have created three U.S. queues and groups and three Italy queues and groups.
L9-11
Exercise 2: Configuring Workflows

Scenario
In this exercise, you will create and configure basic hunt groups that will be used in workflows created later, and configure Agent Anonymization. The main tasks for this exercise are as follows: 1. 2. Configure a one-level interactive workflow for the U.S. Configure a one-level interactive workflow for the Italy.
Task 1: Configure a one-level interactive workflow for the U.S.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, click the Workflow tab, and then click Create or edit a workflow. In the Select a Service window, click ApplicationServer:mia-ls1.fabrikam.com, and then click OK. Wait for the Response Group Configuration Tool page to open. On the Response Group Configuration Tool page, next to Interactive, click Create. On the Interactive Response Group page, under Step 1, in the SIP box, type USIVR@Fabrikam.com. In the Display Name box, type Fabrikam U.S. In the TEL: box, type +13055552222. In the Display Number box, type +1 (305) 555-2222. In the Description box, type The Fabrikam U.S. response group workflow.
10. Select the Enable agent anonymity check box. 11. Under Step 2, in the Select a Language drop-down list, click English (United States)(en-US). 12. Under Step 3, select the Play a welcome message. Choose the message format. check box. 13. In the Use text-to-speech box, type Thank you for calling the Fabrikam U.S. office. 14. Under Step 4, in the Your time zone drop-down list, click (UTC-04:00) Atlantic Time (Canada). 15. Clear the Sun and Sat check boxes. 16. For whatever day of the week it is you are performing this lab, set the Open time to 00:00 and set the Close time to 23:59. Note: The above open and close times are to avoid hitting the after-hours message unexpectedly, depending on your current time and time zone. 17. For the rest of the days of the week, change the Open time to 08:00. 18. For the rest of the days of the week, change the Close time to 17:00. 19. Select the Play a message when the response group is outside of business hours check box. 20. In the Use text-to-speech box, type The Fabrikam U.S. office is currently closed. Please call back during normal business hours or leave a message. 21. Select the Forward to voice mail check box, and then in the SIP box, type paul@fabrikam.com.
L9-12
22. Under Step 7, in the Use text-to-speech box, type To speak to sales, press one or say sales. To speak to accounting, press two or say accounting. To speak to the operator, press zero or say operator. 23. Under Response 1, in the Enter a voice response box, type sales, and then in the Digit drop-down list, click 1. 24. Click Send to a queue, and then in the Select a queue drop-down list, click U.S. Sales Queue. 25. Under Response 2, in the Enter a voice response box, type accounting, and then in the Digit dropdown list, click 2. 26. Click Send to a queue, and then in the Select a queue drop-down list, click U.S. Accounting Queue. 27. Next to Response 3, select the check box. 28. In the Enter a voice response box, type operator, and then in the Digit drop-down list, click 0. 29. Click Send to a queue, and then in the Select a queue drop-down list, click U.S. Operator Queue. 30. Scroll to the bottom of the page and click Deploy. 31. Close Internet Explorer.
Task 2: Configure a one-level interactive workflow for Italy.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, on the Workflow tab, click Create or edit a workflow. In the Select a Service window, click ApplicationServer:rom-ls2.fabrikam.com, and then click OK. Wait for the Response Group Configuration Tool page to open (You have to restart the Response Group Configuration Tool). On the Response Group Configuration Tool page, next to Interactive, click Create. On the Interactive Response Group page, under Step 1, in the SIP box, type ItalyIVR@Fabrikam.com. In the Display Name box, type Fabrikam Italy. In the TEL: box, type +390655554444. In the Display Number box, type +39-06-5555-4444. In the Description box, type The Fabrikam Italy response group workflow.
10. Select the Enable agent anonymity check box. 11. Under Step 2, in the Select a Language drop-down list, click italiano (italia) (it-IT). 12. Under Step 3, select the Play a welcome message. Choose the message format. check box. 13. Click the Select a recording radio dial, and then click the a recording link. 14. In the Response Group Configuration Tool pop-up window, click Browse. 15. In the Choose File to Upload window, navigate to C:\LabFiles\Recordings. 16. Click ItalyIVRStep3.wav, and then click Open. 17. In the Response Group Configuration Tool pop-up window, click Upload. 18. Under Step 4, in the Your time zone drop-down list, click (UTC+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna. 19. Clear the Sun and Sat check boxes.
L9-13
20. For whatever day of the week it is you are performing this lab, set the Open time to 00:00 and set the Close time to 23:59. Note: The above open and close times are to avoid hitting the after-hours message unexpectedly, depending on your current time and time-zone. 21. For the rest of the days of the week, change the Open time to 08:00. 22. For the rest of the days of the week, change the Close time to 17:00. 23. Select the Play a message when the response group is outside of business hours check box. 24. Click the Select a recording radio dial, and then click the a recording link. 25. In the Response Group Configuration Tool pop-up window, click Browse. 26. In the Choose File to Upload window, navigate to C:\LabFiles\Recordings. 27. Click ItalyIVRStep4.wav, and then click Open. 28. In the Response Group Configuration Tool pop-up window, click Upload. 29. Select the Forward to voice mail check box, and then in the SIP box, type nuno@fabrikam.com. 30. Under Step 7, click the Select a recording radio dial, and then click the a recording link. 31. In the Response Group Configuration Tool pop-up window, click Browse. 32. In the Choose File to Upload window, navigate to C:\LabFiles\Recordings. 33. Click ItalyIVRStep7.wav, and then click Open. 34. In the Response Group Configuration Tool pop-up window, click Upload. 35. Under Response 1, in the Enter a voice response box, type vendite and then in the Digit dropdown list, click 1. 36. Click Send to a queue, and then in the Select a queue drop-down list, click Italy Sales Queue. 37. Under Response 2, in the Enter a voice response box, type contabilita, and then in the Digit dropdown list, click 2. 38. Click Send to a queue, and then in the Select a queue drop-down list, click Italy Accounting Queue. 39. Next to Response 3, select the check box. 40. In the Enter a voice response box, type operatore, and then in the Digit drop-down list, click 0. 41. Click Send to a queue, and then in the Select a queue drop-down list, click Italy Operator Queue. 42. Scroll to the bottom of the page and click Deploy. 43. Close Internet Explorer. Results: After completing this exercise, you should have created two one-level interactive workflows, both with three possible responses.
L9-14
Exercise 3: Verifying the Response Group Service Behavior

Scenario
In this exercise, you will log on to various workflows and observe the behavior of the various workflows with different configurations and settings. The main tasks for this exercise are as follows: 1. 2. Verify the U.S. workflow behavior. Verify the Italy workflow behavior.
Task 1: Verify the U.S. workflow behavior.

1. 2. 3. 4. Log on to Lync 2010 on MIA-CL1 as Andreas, on RED-CL2 as Tzipi, and on ROM-CL3 as Marcel. On ROM-CL3, dial the U.S. workflow number, 0013055552222, and then say Sales, or dial 1. Do not answer the call. Verify that Tzipi is called first, click Decline, then the call rolls over to Andreas, and then to Pauls voice mail box. Disconnect the call without leaving a voice mail. Note: If the call is not routed to the agents, restart the Lync Server Response Group service on MIALS1 and ROM-LS2. 5. 6. 7. 8. 9. Repeat the call and then have Tzipi answer the call. Verify agent anonymization. Disconnect the call. On RED-CL2, dial the U.S. workflow number, 13055552222, and then say Accounting, or dial 2. Do not answer the call. Verify that Marcel and Andreas are called at the same time, and then it rolls over to Pauls voice mail box. Disconnect the call without leaving a voice mail.
10. Repeat the call and then have Marcel answer the call. Verify agent anonymization. 11. Disconnect the call. 12. Log on to Lync 2010 on MIA-CL1 as Paul. 13. On RED-CL2, dial the U.S. workflow number, 13055552222, and then say Operator, or dial 0. 14. Do not answer the call. Verify that the call goes to Paul and then rolls over to his voice mail. 15. Disconnect the call without leaving a voice mail. 16. Repeat the call and then answer the call. Verify agent anonymization. 17. Disconnect the call.
Task 2: Verify the Italy workflow behavior.

1. 2. 3. 4. 5. Log on to Lync 2010 on MIA-CL1 as Andreas. On MIA-CL1, dial the Italy workflow number, 011390655554444, and then say contibilita (accounting), or dial 2. Do not answer the call. Verify that Marcel and Tzipi are called at the same time, and then it rolls over to Nunos voice mail box. Disconnect the call without leaving a voice mail. Repeat the call and then have Marcel answer the call. Verify agent anonymization.
L9-15
6. 7. 8. 9.
Disconnect the call. On RED-CL2, dial the Italy workflow number 011390655554444, and then say vendite (sales), or dial 1. Do not answer the call. Verify that Andreas is called first, click Decline, then the call rolls over to Marcel and then it rolls over to Nunos voice mail box. Disconnect the call without leaving a voice mail.
10. Repeat the call and then have Andreas answer the call. Verify agent anonymization. 11. Disconnect the call. 12. Log on to Lync 2010 on ROM-CL3 as Nuno. 13. On RED-CL2, dial the Italy workflow number, 011390655554444, and then say Operatore (operator), or dial 0. 14. Do not answer the call. Verify the call goes to Nuno and then rolls over to his voice mail box. 15. Disconnect the call without leaving a voice mail. 16. Repeat the call and then answer the call. Verify agent anonymization. 17. Disconnect the call. Results: After completing this exercise, you should have verified the behavior of the Response Group configuration by making a series of phone calls to both workflows.
L9-16
Lab 10: Conferencing Configuration and Deployment
L10-1
Module 10: Conferencing in Lync Server 2010

During this lab, you will configure the various components of Microsoft Lync Server 2010 conferencing. First, you will configure dial-in conferencing, designating a dial-in conferencing number for Miami and Rome. Then you will configure conferencing policies by editing the global policy to be more restricted, create conferencing policies for both sites, and create specific polices for users. Lastly, you will test and verify dial-in conferencing and the conferencing policies you just created. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks so that both students gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

This lab requires the virtual machines running from the previous lab and depends on the completion of Lab 5 through 9. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines, unless otherwise instructed: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
5.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-MIA-SQL1.2 is not running:
L10-2
a. b. 6.
Right-click 10533A-MIA-SQL1.2 and click Start. Right-click 10533A-MIA-SQL1.2 and click Connect.
7.
8.
9.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings. 19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer, and then click OK. 21. Click the General tab.
L10-3
22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 23. In the User name box, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options.
L10-4
54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all VMs. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services that are set to Automatic start have started. If not, right-click the service and click Start.
L10-5
L10-6
Exercise 1: Configuring Dial-in Conferencing

Scenario
In this exercise, you will configure dial-in conferencing for Fabrikam by configuring Dial-In conferencing numbers for Miami and Rome. You will also use Lync Server Management Shell to test the dial-in access number. The main tasks for this exercise are as follows: 1. 2. 3. 4. Configure regions for the dial plans. Create the dial-in access number for the U.S. region. Create the dial-in access number for the Italy region. Test the dial-in access numbers.
IMPORTANT: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Configure regions for the dial plans.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Control Panel. In the Select URL window, click https://mia-ls1.fabrikam.com/Cscp, and then click OK. In the Lync Server Control Panel, click Voice Routing. On the Dial Plan tab, double-click the Global dial plan. On the Edit Dial Plan - Global page, in the Dial-in conferencing region box, type US Region, and then click OK. Repeat the above steps to configure US Region as the Dial-in conferencing region for the Miami and Redmond dial plans. Repeat the above steps to configure Italy Region as the Dial-in conferencing region for the Rome dial plan. Click the Commit menu, and then click Commit all. On the Uncommitted Voice Configuration Settings page, click Commit.
10. At the Microsoft Lync Server 2010 Control Panel prompt, click Close.
Task 2: Create the dial-in access number for the U.S. region.
1. 2. 3. 4. 5. 6. 7. On MIA-LS1, in the Lync Server Control Panel, click Conferencing, and then click the Dial-in Access Number tab. Click New. On the New Dial-in Access Number page, in the Display number box, type +1 (305) 555-2345. In the Display name box, type US Dial-in Conferencing Number. In the Line URI box, type tel:+13055552345. In the SIP URI box, type sip:USCAA, and then click fabrikam.com in the drop-down list. In the Pool drop-down list, click mia-ls1.fabrikam.com.
L10-7
8. 9.
In the Primary language drop-down list, click English (United States). Next to Secondary languages, click Add.
10. In the Select Languages window, click italiano (Italia), and then click OK. 11. Under Associated Regions, click Add. 12. In the Select Regions window, click US Region, and then click OK. 13. On the New Dial-in Access Number page, click Commit.
Task 3: Create the dial-in access number for the Italy region.
1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, on the Dial-in Access Number tab, click New. On the New Dial-in Access Number page, in the Display number box, type +39-06-5555-4567. In the Display name box, type Italy Dial-in Conferencing Number. In the Line URI box, type tel:+390655554567. In the SIP URI box, type sip:ItalyCAA, and then click fabrikam.com in the drop-down list. In the Pool drop-down list, click rom-ls2.fabrikam.com. In the Primary language drop-down list, click italiano (Italia). Next to Secondary languages, click Add. In the Select Languages window, click English (United States), and then click OK.
10. Under Associated Regions, click Add. 11. In the Select Regions window, click Italy Region, and then click OK. 12. On the New Dial-in Access Number page, click Commit.
Task 4: Test the dial-in access numbers.

$cred = Get-Credential
3. 4. 5.
At the Windows PowerShell Credential Request window, in the User name box, type Andreas@Fabrikam.com. In the Password box, type Pa$$w0rd, and then click OK. In the Lync Server Management Shell, type the following command, and then press Enter.
Test-CsDialInConferencing UserSipAddress sip:andreas@fabrikam.com UserCredential $cred TargetFqdn mia-ls1.fabrikam.com
L10-8
6.
Test-CsDialInConferencing UserSipAddress sip:andreas@fabrikam.com UserCredential $cred TargetFqdn rom-ls2.fabrikam.com
7.
Verify that both results show as Success. Note: If these commands fail, restart the Front-End services on MIA-LS1 and ROM-LS2 and then retry the commands. Results: After completing this exercise, you should have configured dial-in conferencing, first by configuring Regions for the dial plans, and then configuring a U.S. and Italy dial-in access number. Then you used the Lync Server 2010 Management Shell to test the conferencing numbers.
L10-9
Exercise 2: Configuring Conferencing Policies

Scenario
In this exercise, you will edit the global conferencing policy. You will then create site policies for two locations. The global policy will determine the default conferencing settings for the organization. The site policies will be specific for each location, while the user policies will be for super users and executives. The main tasks for this exercise are as follows: 1. 2. 3. Edit the global conferencing policy. Create the site conferencing policies. Create a user conferencing policy.
Task 1: Edit the global conferencing policy.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, click Conferencing, and then click the Conferencing Policy tab. Double-click Global. On the Edit Conferencing Policy - Global page, in the Maximum meeting size box, type 10. Clear the Allow participants to invite anonymous users check box. Clear the Enable PSTN dial-in conferencing check box. In the Maximum video resolution allowed for conferencing drop-down list, click 352*288(CIF). In the Data collaboration drop-down list, click None. Clear the Allow participants to take control check box. In the Participant policy drop-down list, click Enable application sharing.
10. Clear the Enable peer-to-peer file transfer check box. 11. Click Commit to save the changes.
Task 2: Create the site conferencing policies.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, in the Lync Server Control Panel, on the Conferencing Policy tab, click New, and then click Site policy. In the Select a Site window, click Miami, and then click OK. On the New Conferencing Policy - Miami page, in the Maximum meeting size box, type 100. In the Recording drop-down list, click Enable recording. Verify the Enable PSTN dial-in conferencing check box is selected Leave the rest as defaults. Click Commit to save the changes. Click New, and then click Site policy. In the Select a Site window, click Rome, and then click OK.
10. On the New Conferencing Policy - Rome page, in the Maximum meeting size box, type 100. 11. In the Recording drop-down list, click None. 12. Verify the Enable PSTN dial-in conferencing check box is selected
L10-10
13. Leave the rest as defaults. 14. Click Commit to save the changes.
Task 3: Create a user conferencing policy.

1. 2. 3. 4. 5. 6. 7. 8. On MIA-LS1, in the Lync Server Control Panel, on the Conferencing Policy tab, click New, and then click User policy. On the New Conferencing Policy page, in the Name box, type Unrestricted Conferencing Policy. In the Description box, type Fabrikams unrestricted conferencing policy. In the Recording drop-down list, click Enable Recording. Select the Allow federated and anonymous participants to record check box. Select the Allow anonymous participants to dial out check box. Select the Allow federated and anonymous participants to take control check box. Select the Enable peer-to-peer recording check box, and then click Commit. Results: After completing this exercise, you should have edited the Global conferencing policy, created two site policies and one unrestricted user policy.
L10-11
Exercise 3: Experiencing Lync Server 2010 Conferencing

Scenario
In this exercise, you will test the dial-in conferencing user experience, as well as seeing the various conferencing policies being applied and their resulting restrictions. Test the remaining modalities including multi-party, IM, audio, and application sharing (including file transfer). You will then assign the user conferencing policy to Andreas and Tzipi and view it being applied. Note: If you have problems opening Outlook on any of the clients, use the Mail (32 bit) MMC in Control Panel to delete the current profile, and then recreate the profile. The main tasks for this exercise are as follows: 1. 2. 3. Experience dial-in conferencing. Test and verify conferencing. Assign conferencing policies to users and verify application.
Task 1: Experience dial-in conferencing.

1. 2. 3. 4. 5. 6. 7. Sign out of Lync 2010 and close Outlook on all virtual machine clients. Sign in to Lync 2010 on MIA-CL1 as Andreas, and then open Outlook. Sign in to Lync 2010 on RED-CL2 as Tzipi, and then open Outlook. Sign in to Lync 2010 on ROM-CL3 as Marcel, and then open Outlook. On MIA-CL1, in Lync 2010, click the Phone tab, and then click PIN. On the Dial-in Conferencing Settings and PIN Management page, click Sign In. In the Dial-in Conferencing Settings and PIN Management page, click Sign In again and enter Andreas credentials. sNote: If you are note prompted for credentials or get an error, click Sign in with a different account, and then enter Andreas credentials. On the Set Your PIN page, in the New PIN and Confirm PIN boxes, type 305425, and then click OK. On the Dial-in Conferencing Settings and PIN Management page, under Assigned Conference Information, make a note of Andreas assigned Conference ID and Meeting URL.
8. 9.
10. Notice the features of Dial-in Conferencing, such as DTMF controls, entrance and exit announcements, and the option for different languages. 11. On all three clients, call the US dial-in access number and enter Andreas Conference ID to start an ad-hoc dial-in conference. Repeat these steps for the Rome dial-in access number.
Task 2: Test and verify conferencing.

1. 2. 3. 4. 5. 6. On MIA-CL1, in Andreas Outlook Calendar, click New Online Meeting. Click Meeting options, view the various default settings, and then click Cancel. Invite Tzipi and Marcel, fill out a subject and send the invite. In the meeting invite, notice the meeting join information provided and other information, such as Conference ID. Attend the meeting on all three clients. If you get a Meeting Audio prompt, select Use Lync (integrated audio and video), select the Dont show this again check box and then click OK.
L10-12
7.
Test the following features of Conferencing: Application Sharing o o o On MIA-CL1, in the conference window, click the Share tab, and then select Program. On the Share Programs window, click Inbox Andreas@Fabrikam.com Microsoft Outlook, and then click Share. At the Lync prompt, select the Do not show this message again check box, and then click OK.
Requesting and giving control o o o o In the share window, click Give Control, and then click Automatically Accept Control Requests. On the Lync prompt, click OK. On ROM-CL3, click Request Control. On MIA-CL1, click Stop Sharing.
Desktop Sharing o On MIA-CL1, in the conference window, click the Share tab, and then click Desktop.
Requesting and giving control o o o o In the share window, click Give Control, and then click Automatically Accept Control Requests. On the Lync prompt, click OK. On ROM-CL3, click Request Control. On MIA-CL1, click Stop Sharing.
Data collaboration o o On MIA-CL1, in the conference window, click the Share tab, and then select PowerPoint Presentation. On the Share PowerPoint window, navigate to C:\Program Files (x86)\Microsoft Office\Templates\1033, click Training.potx, and then click Open.
Annotations o o On MIA-CL1 and ROM-CL3, in the conference window, use the toolbar at the bottom of the stage to edit the PowerPoint slides. On MIA-CL1, click Stop Sharing.
Whiteboards o o o On MIA-CL1, in the conference window, click the Share tab, and then click New Whiteboard. On MIA-CL1 and ROM-CL3, notice that you can write on the whiteboard. On MIA-CL1, click Stop Sharing
Polls o o On MIA-CL1, in the conference window, click the Share tab, and then click New Poll. On the Create a Poll window, type a Pool name and Question, type in some Choices, and then click OK.
L10-13
Once the poll shows, click Stop Sharing.
Recording o o o o o o o o On MIA-CL1, in the conference window, click the More Options menu, and then click Start Recording. On ROM-CL3, notice the prompt that Recording has started. Have a conversation and send some IM messages. On MIA-CL1, click Stop Recording in the bottom-right corner. On the Stop Recording window, notice the default settings, and then click OK. When you see the Your Lync Recording is available prompt on the system tray, click the prompt to open the Microsoft Lync Recording Manager. On the Microsoft Lync Recording Manager window, click the recording, and then click Play. If you get any messages about Media Players first run, click the defaults. Notice that the meeting gets played, close the window, and then close the Microsoft Lync Recording Manager.
Audio o o o On MIA-CL1, in the conference window, click Call. On ROM-CL3, in the conference window, click Accept call. Close the conference.
8. 9.
On ROM-CL3, in Marcels Outlook Calendar, start a New Online Meeting. Invite Andreas and have all both join the meeting.
10. If you get a Meeting Audio prompt, select Use Lync (integrated audio and video), select the Dont show this again check box and then click OK. 11. Notice the Rome sites conferencing policy is being applied and what features are available. Dial-In Conferencing is available in the invite. Recording of the meeting is not allowed.
Task 3: Assign conferencing policies to users.

1. 2. 3. 4. 5. 6. 7. On MIA-LS1, in the Lync Server Control Panel, click Users, and then click Find. In the search results page, press and hold the Ctrl key, highlight Andreas Herbinger and Tzipi, click the Action menu, and then click Assign policies. In the Assign Policies window, in the Conferencing policy drop-down list, click Unrestricted Conferencing Policy, and then click OK. Close Lync 2010 and Outlook on MIA-CL1 and then sign back in as Andreas. Close Lync 2010 and Outlook on RED-CL2 and then sign back in as Tzipi. On RED-CL2, in Tzipis Outlook Calendar, start a New Online Meeting. Invite Andreas and Marcel and have all three join the meeting
L10-14
8.
Notice the unrestricted user conferencing policy is being applied and all of the features are available, such as. Dial-In Conferencing is available in the invite. Recording of the meeting is allowed. Sharing of desktop and applications.
Results: After completing this exercise, you should have tested and verified the dial-in conferencing access numbers you earlier configured, tested and verified application of conferencing policies, and reviewed the features of Lync Server 2010 conferencing.
Lab 11: Configuring and Using Archiving and Monitoring in Lync Server 2010
L11-1
Module 11: Monitoring and Archiving
Fabrikam management, in consultation with the legal department, has decided to deploy the Monitoring and Archiving server roles for quality control and compliance reasons. The roles have already been deployed and now have to be configured. Fabrikam management also wants to configure Microsoft SQL Server Reporting and deploy Microsoft Lync Server 2010 Monitoring reports. They would like to enable archiving for the organization by default, but also have a private archiving policy that does not archive any sessions that can be applied for specific users. They would also like to retain archived IM and web conferencing sessions in Miami for 60 days, in Redmond for 7 days, and to not archive at all in Rome. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

To begin this lab, you must connect to the appropriate virtual machines using the following steps. 1. 2. On Host1, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, if the virtual machine 10533A-MIA-DC1.2 is not running: a. b. c. 3. 4. Right-click 10533A-MIA-DC1.2 and click Start. Right-click 10533A-MIA-DC1.2 and click Connect. In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing.
On Host2, click Start, click Administrative Tools, and then click Hyper-V Manager. In the Virtual Machines list, if the virtual machine 10533A-MIA-RAS1.2 is not running: a. b. Right-click 10533A-MIA-RAS1.2 and click Start. Right-click 10533A-MIA-RAS1.2 and click Connect.
L11-2
c. 5.
In the Virtual Machine Connection window, wait until the virtual machine has booted up completely before continuing.
6.
7.
8.
9.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings.
L11-3
19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com 23. In the User name box, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes.
L11-4
51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
L11-5
L11-6
Exercise 1: Configuring the Archiving Server Role

Scenario
In this exercise, you will configure the Archiving Server role for Fabrikam. This will include configuring the global archiving policy and creating a user archiving policy. You will also create site archiving configurations for each of the three sites. The main tasks for this exercise are as follows: 1. 2. 3. 4. Configure Archiving policy settings. Edit and create site archiving configurations. Generate traffic to be archived. View archived data by using SQL Server Management Studio.
Task 1: Configure Archiving policy settings.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Control Panel. On the Select URL window, click https://mia-ls1.fabrikam.com/Cscp, and then click OK. In the Lync Server Control Panel, click Monitoring and Archiving, and then click the Archiving Policy tab. Double-click Global. On the Edit Archiving Policy - Global page, select the Archive internal communications and Archive external communications check boxes, and then click Commit. On the Archiving Policy tab, click New, and then click User policy. On the New Archiving Policy page, in the Name box, type Fabrikam Private Archiving Policy. Verify that the Archive internal communications and Archive external communications check boxes are not selected, and then click Commit. In the Lync Server Control Panel, click Users, and then click Find.
10. Double-click Tzipi Butnaru. 11. On the Edit Lync Server User - Tzipi Butnaru page, in the Archiving policy drop-down list, click Fabrikam Private Archiving Policy, and then click Commit.
Task 2: Edit and create site archiving configurations.

1. 2. 3. On MIA-LS1, in the Lync Server Control Panel, click Monitoring and Archiving, and then click the Archiving Configuration tab. Double-click Global. In the Edit Archiving Setting Global page, in the Archiving setting drop-down list, click Archive IM and web conferencing sessions.
L11-7
4. 5. 6. 7. 8. 9.
Select the Block instant messaging (IM) or web conferencing sessions if archiving fails check box, and then click Commit. On the Archiving Configuration tab, click New. On the Select a Site page, click Miami, and then click OK. On the New Archiving Setting - Miami page, in the Archiving setting drop-down list, click Archive IM and web conferencing sessions. Select the Enable purging of archiving data check box. In the Purge exported archiving data and stored archiving data after maximum duration box, type or select 60, and then click Commit.
10. On the Archiving Configuration tab, click New. 11. On the Select a Site page, click Redmond, and then click OK. 12. On the New Archiving Setting - Redmond page, in the Archiving setting drop-down list, click Archive IM and web conferencing sessions. 13. Select the Enable purging of archiving data check box. 14. In the Purge exported archiving data and stored archiving data after maximum duration box, type or select 7, and then click Commit. 15. On the Archiving Configuration tab, click New. 16. On the Select a Site page, click Rome, and then click OK. 17. On the New Archiving Setting - Rome page, in the Archiving setting drop-down list, verify that Disable archiving is selected, and then click Commit.
Task 3: Generate traffic to be archived.

1. 2. 3. 4. Sign out of Lync 2010 on MIA-CL1 and RED-CL2. Log off of ROM-CL3 as Marcel, and log back on as Anna. On MIA-CL1, sign in to Lync 2010 as Andreas, on RED-CL2 and sign in to Lync 2010 as Tzipi and on ROM-CL3, sign in to Lync 2010 as Anna. Create multiple IM and web conferencing sessions between the three clients. Ensure that you have a web conference between Anna and Andreas only and that you upload content to the conference.
Note: There is a profile on ROM-CL3 for Fabrikam\Anna and a profile on RED-CL2 for Fabrikam\Conor. 5. 6. 7. Log off of ROM-CL3 as Anna, and log back on as Marcel, and then sign in to Lync 2010 as Marcel. Log off of RED-CL2 as Tzipi, and log back on as Conor, and then sign in to Lync 2010 as Conor. Have more IM and web conferencing sessions between the three clients.
Task 4: View archived data by using SQL Server Management Studio.

1. 2. 3. On MIA-SQL1, click Start, click All Programs, click Microsoft SQL Server 2008, and then click SQL Server Management Studio. At the Connect to Server prompt, in the Server name drop-down list, click (local), and then click Connect. In Microsoft SQL Server Management Studio, click New Query.
L11-8
4.
In the SQLQuery1.sql window, type the following: USE LcsLog GO SELECT * FROM Messages
5. 6.
Click Execute. In the query results, scroll over to the Body column and view the results. You should be able to see the messages from the conversations you just had.
7. 8. 9.
On MIA-LS1, right-click Start, and then click Open Windows Explorer. In Windows Explorer, navigate to C:\FileShare\1-ArchivingServer-1\DataConf. Inside this folder will be a subfolder with a hashed name. Open that subfolder and then open the folder inside that to view the archived data. The files shared during the generated traffic in the previous task should all be in this folder.
Results: After completing this exercise, you should have configured archiving settings, including polices and configurations for Fabrikam. Following this, you should have generated some IM and web conferencing traffic to be archived. Lastly, you will have reviewed different ways of viewing the archived data.
L11-9
Exercise 2: Configuring the Monitoring Server Role and the Lync Server Monitoring Reports
Scenario
In this exercise, you will configure the Monitoring server role that has already been installed. You will first verify the Monitoring policy for CDR and QoE has been enabled by default and that all services are running. You will then configure SQL Server Reporting Services and deploy monitoring server reports. The main tasks for this exercise are as follows: 1. 2. 3. Verify the Monitoring server configuration. Configure SQL Server Reporting Services. Deploy the Lync Server Monitoring Reports.
Task 1: Verify the Monitoring server configuration.

1. 2. 3. On MIA-LS1, in the Lync Server Control Panel, click Monitoring and Archiving. On the Call Detail Recording tab, double-click Global. On the Edit Call Detail Recording Setting - Global page, verify the Enable monitoring of call detail recordings and Enable purging of call detail recordings check boxes are selected and then click Cancel. Click the Quality of Experience Data tab, and then double-click Global. On the Edit Quality of Experience Setting - Global page, verify Enable monitoring of Quality of Experience (QoE) data and Enable purging of Quality of Experience (QoE) data check boxes are selected and then click Cancel. On MIA-AM1, click Start, click Administrative Tools, and then click Services. In Services, right-click any Lync Server service that is not started, and then click Start.
4. 5.
6. 7.
Task 2: Configure SQL Server Reporting Services.

1. 2. On MIA-SQL1, click Start, click All Programs, click Microsoft SQL Server 2008, click Configuration Tools, and then click Reporting Services Configuration Manager. On the Reporting Services Configuration Connection page, verify that the Server Name shows as MIA-SQL1, and then in the Report Server Instance drop-down list, click MSSQLSERVER and click Connect. In the Reporting Services Configuration Manager, under Connect, along the left side, click Web Service URL. On the Web Service URL page, in the SSL Certificate drop-down list, click MIASQL1.Fabrikam.com, and then at the end of the page, click Apply. Wait as the certificate is applied. Notice the URLs listed on the page, and then click Exit to close Reporting Services Configuration Manager.
3. 4. 5. 6.
Task 3: Deploy the Lync Server Monitoring Reports.

1. 2. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Deployment Wizard. In the Deployment Wizard, click Deploy Monitoring Server Reports on the right side of the page.
L11-10
3. 4. 5. 6. 7.
On the Specify Monitoring Server page, review the settings, and then click Next. On the Specify Credentials page, in the User name box, type Fabrikam\administrator. In the Password box, type Pa$$w0rd, and then click Next. On the Specify Read-Only Group page, in the User group box, type RTCUniversalReadOnlyAdmins, and then click Next. On the Executing Commands page, when the status shows as Completed, click Finish. This command will take 3-4 minutes to complete.
Results: After completing this exercise, you should have verified that the Monitoring CDR and QoE features are already enabled. Then, you should have configured a certificate for the SQL Server Reporting Services and deployed the Lync Server Monitoring Reports.
L11-11
Exercise 3: Exploring the Lync Server Monitoring Reports

Scenario
In this exercise, you will connect to the SQL Reporting Service URL and view various reports. You will view reports from a number of reporting groups to gain awareness about the amount of detail that is collected by the Monitoring server. You will export a report to different formats and also view the Dashboard. You have the option to create a custom report by adjusting the reporting options on any existing report. The main tasks for this exercise are as follows: 1. 2. Connect to Lync Server Monitoring Reports and review the Dashboard. Review various CDR and QoE reports.
Task 1: Connect to Lync Server Monitoring Reports and review the Dashboard.
1. 2. 3. 4. 5. On MIA-LS1, in Lync Server Control Panel, click Home. Under Top Actions, expand View Monitoring Server reports, and then click 1MonitoringServer-1. Connect to the Monitoring Server Reports URL and review the Dashboard. Wait for Internet Explorer to open the Monitoring Server Reports page. On the Monitoring Server Reports page, in the upper-right corner, click Dashboard.
Note: If you get an error connecting to the Dashboard, perform the following steps: 1. On MIA-SQL1, open SQL Server Management Studio and connect to the default instance. 2. Change the Database from Master to LcsCDR. 3. Click New Query. 4. In the Query window, type dbo.RtcGenerateSummaryTables, and then click Execute. The command is case sensitive. 5. Repeat these steps, changing the database from LcsCDR to QOEMetrics.
6.
View the collected data on the Dashboard. System usage data Per-user call diagnostics data Call diagnostics data Media quality diagnostics data
7.
In the Monitoring Server Dashboard, in the upper-right corner, click Monthly View, and then review.
Task 2: Review various CDR and QoE reports.

1. 2. On MIA-LS1, in the Monitoring Server Dashboard, in the upper-right corner, click Reports. On the Monitoring Server Reports page, review each report listed under System Usage Reports and review the collected data.
L11-12
3. 4. 5. 6. 7. 8. 9.
On the Monitoring Server Reports page, review each report listed under Call Diagnostic Reports (Per User) and review the collected data. On the Monitoring Server Reports page, review each report listed under Call Diagnostic Reports and review the collected data. On the Monitoring Server Reports page, review each report listed under Media Quality Diagnostic Reports and review the collected data. In one of the reports, at the top of the page, in the Export drop-list select a format, such as Word, and the click the Export button. In the File Download dialog box, click Save. Save the document to the desktop, and then move the file to one of the clients. On the client, open the document with Microsoft Word 2010.
10. Create a custom report by editing the report parameters at the top of the page. 11. On the same report that was open before, change one of the features, such as the Pool, or users, or date start or stop time. Results: After completing this exercise, you should have reviewed the collected CDR and QoE data displayed on the Dashboard. You should have also reviewed several reports from each of the four categories of reports, including manipulating the data displayed and understanding how to export the reports to different formats.
Lab 12: Preparing for and Recovering from a Disaster
L12-1
Module 12: High Availability and Disaster Recovery in Lync Server 2010

All Fabrikam voice communication has been migrated to the Microsoft Lync Server 2010 environment and company policy requires a Disaster Recovery plan for all critical systems. The Fabrikam Infrastructure Architect has designed a solution; you must use this design and perform the necessary steps in order to provide the ability to recover in the event of a disaster. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

5.
L12-2
a. b. 6.
7.
8.
9.
L12-3
L12-4
54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
L12-5
L12-6
Exercise 1: Using System and Application Tools to Back Up Lync Server 2010
Scenario
In this exercise, you will use the SQL Management Studio to back up critical Lync Server 2010 system databases. The main tasks for this exercise are as follows: 1. 2. 3. 4. Take a snapshot of all running virtual machines. Back up Lync Server 2010 Archiving and Monitoring databases. Back up the Lync Server 2010 Central Management Store. Create a SQL Server database maintenance plan.
Important: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, Microsoft SQL Server and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services that are set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Take a snapshot of all running virtual machines.

1. 2. On both hosts, in Hyper-V Manager, press and hold the Ctrl button, click all of the virtual machines with the state of Running, and then click Snapshot. When the snapshots have been successfully created, rename the newly created snapshot by appending Before Lab 12 to the end of the snapshot name. Do this for all of the set 2 virtual machines. You will take this snapshot in case any of the restore procedures in this Lab do not perform as directed.
3.
Task 2: Back up Lync Server 2010 Archiving and Monitoring databases.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-SQL1, click Start, click All Programs, click Microsoft SQL Server 2008, and then click SQL Server Management Studio. In the Connect to Server window, in the Server name list, select (local), and then click Connect. In SQL Server Management Studio, expand Databases. Right-click LcsCDR, click Tasks and then click Back Up. In the Back Up Database LcsCDR window, in the Backup type list, verify that Full is selected. Under Destination, click Remove, and then click Add. In the Select Backup Destination window, in the File name box, type c:\LabFiles\LcsCDR.bak, and then click OK. Back on the Back Up Database LcsCDR page, verify that the Destination area window shows C:\LabFiles\LcsCDR.bak and then click OK. On the Microsoft SQL Server Management Studio prompt, click OK.
10. Repeat these steps for the following databases: LcsLog QoEMetrics ReportServer
L12-7
ReportServerTempDB
Task 3: Back up the Lync Server 2010 Central Management Store.

1. 2. 3. 4. 5. 6. On MIA- SQL1, in SQL Server Management Studio, click File, and then click Connect Object Explorer. In the Connect to Server window, in the Server name list, select <Browse for more> In the Browse for Servers window, click the Network Servers tab. Expand Database Engine, click MIA-LS1\RTC, and then click OK. In the Connect to Server window, click Connect. Use the steps in the previous task to perform full backups of the following databases: cpsdyn xds lis rtc rtcab rtcab1 rtcdyn rgsconfig rgsdyn
Task 4: Create a SQL Server database maintenance plan.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-SQL1, in SQL Server Management Studio, click File, and then click Connect Object Explorer. At the Connect to server window, in the Server name box, type MIA-SQL1, and then click Connect. In SQL Server Management Studio, under MIA-SQL1, expand Management. Right-click Maintenance Plans and then click Maintenance Plan Wizard. On the Maintenance Plan Wizard, click Next. On the Select Plan Properties page, in the Name box, type Fabrikam Weekly Plan, and then click Change. On the Job Schedule Properties Fabrikam Weekly Plan page, in the Schedule type list, verify that Recurring is selected and that Enabled is selected. Under Frequency, in the Occurs list, verify that Weekly is selected. Verify that Sunday is selected.
10. Under Daily frequency, verify that Occurs once at is set to 12:00:00 AM, and then click OK. 11. On the Select Plan Properties page, click Next. 12. On the Select Maintenance Tasks page, select the Check Database Integrity and Back Up Database (Full) check boxes, and then click Next. 13. On the Select Maintenance Task Order page, click Next.
L12-8
14. On the Define Database Check Integrity Task page, in the Databases drop-down list, verify that These databases is selected, select the check boxes for the following databases, and then click OK: LcsLog LcsCDR QoEMetrics ReportServer ReportServerTempDB
15. On the Define Database Check Integrity Task page, click Next. 16. On the Define Back Up Database (Full) Task page, in the Databases down list, verify that These databases is selected and then select the check boxes for the following databases and then click OK: LcsLog LcsCDR QoEMetrics ReportServer ReportServerTempDB
17. Verify the Create a sub-directory for each database check box is unchecked. 18. In the Folder box, type C:\LabFiles 19. Select the Verify backup integrity check box, and then click Next. 20. On the Select Report Options page, click Next. 21. On the Complete the Wizard page, click Finish. 22. On the Maintenance Plan Wizard Progress page, once all of the Actions status show as Success, click Close. 23. In SQL Server Management Studio, expand Maintenance Plans. 24. Right-click Fabrikam Weekly Plan and then click Execute. 25. On the Execute Maintenance Plan page, once the Action status show as Success, click Close. 26. Open Windows Explorer and verify that new bak files have been created in C:\LabFiles for each database. Results: After completing this exercise, you should have used SQL Server Management Studio to create one-time backup of databases on various servers and also create a recurring database maintenance plan.
L12-9
Exercise 2: Using Lync Server 2010 Tools to Back Up Lync Server 2010
Scenario
In this exercise, you will use the Topology Builder, Lync Server Control Panel, and Lync Server Management Shell to export various configuration settings of Lync Server 2010, such as the RGS settings, EV Settings, and the topology. You will also use the DBIMPEXP to back up user data. The main tasks for this exercise are as follows: 1. 2. 3. 4. 5. Back up the topology. Back up the Lync Server 2010 configuration. Back up Response Group configuration settings. Back up Enterprise Voice configuration settings. Back up user data.
Task 1: Back up the topology.

1. 2. 3. 4. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Topology Builder. At the Topology Builder window, click Download Topology from existing deployment and then click OK. At the Save Topology As page, navigate to C:\LabFiles and save the topology as FabrikamBackup.tbxml, and then click Save. Use Windows Explorer to verify that the tbxml file has been created.
Task 2: Back up the Lync Server 2010 configuration.

Export-CsConfiguration FileName C:\LabFiles\FabrikamBackup.zip
3.
Use Windows Explorer, to verify the data was backed up.
Task 3: Back up the Response Group configuration settings.

CD C:\Program Files\Microsoft Lync Server 2010\ResKit\
2.
At the Lync Server Management Shell, type the following command, and then press Enter.
Import-Module .\RGSImportExport.ps1
3.
On MIA-LS1, in the Lync Server Management Shell, type the following command, and then press Enter.
Export-CsRgsConfiguration 1-ApplicationServer-1 FileName C:\LabFiles\FabrikamRgsBackup.zip
4.
Use Windows Explorer to verify that the data was backed up.
L12-10
Task 4: Back up the Enterprise Voice configuration settings.

1. 2. 3. 4. 5. 6. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Control Panel. On the Select URL prompt, select https://mia-ls1.fabrikam.com/Cscp, and then click OK. In the Lync Server Control Panel, click Voice Routing. On the Dial Plan tab, click Action and then click Export configuration. On the Save As window, navigate to C:\LabFiles and save the file as FabrikamVoiceConfigBackup.vcfg. Use Windows Explorer, to verify that the data was backed up.
Task 5: Back up user data.

1. 2. 3. 4. 5. 6. On MIA-CL1, in Lync logged on as Andreas, right-click Frequent Contacts, and then click Create New Group. Name the new group Rome Contacts. Right-click Marcel Truempy, click Copy Contact To, and then click Rome Contacts. Add other users to this group. Create other groups using the same steps for Andreas on MIA-CL1 and for Tzipi on RED-CL2. On MIA-LS1, in the Lync Server Management Shell, type the following command, and then press Enter.
Cd C:\Program Files\Common Files\Microsoft Lync Server 2010\Support
7.
.\DBImpExp.exe /hrxmlfile:C:\LabFiles\FabrikamUserDataBackup.xml /sqlserver:mials1.Fabrikam.com\rtc
8.
Use Windows Explorer to verify the data was backed up.
Results: After completing this exercise, you should have used the Lync Server 2010 Management Shell, the Lync Server Control Panel and other tools to create backups of Lync Server configurations and settings.
L12-11
Exercise 3: Restoring Lync Server 2010 Configuration Settings

Scenario
In this exercise, you will use some of the above tools to restore your environment. The main tasks for this exercise are as follows: 1. 2. 3. Restore the Response Group configuration settings. Restore the Enterprise Voice configuration settings. Restore user data.
Task 1: Restore the Response Group configuration settings.

1. 2. 3. 4. 5. 6. 7. 8. On MIA-LS1, in Lync Server Control Panel, click Response Groups and then click the Queue tab. Press and hold the Ctrl key, and then click all of the Miami Queues you created earlier, click Edit and then click Delete. At the Microsoft Lync Server 2010 Control Panel prompt, click OK. Click the Group tab. Hold CTRL down, and then click all of the Miami Groups you created earlier, click Edit, and then click Delete. At the Microsoft Lync Server 2010 Control Panel prompt, click OK. On MIA-CL1, in Lync 2010, dial 13055552222 and notice that the call is not connected. On MIA-LS1, in the Lync Server Management Shell, type the following command, and then press Enter.
Import-CsRgsConfiguration 1-ApplicationServer-1 FileName C:\LabFiles\FabrikamRgsBackup.zip
9.
Use the Lync Server Control Panel to confirm the queues and groups are restored.
10. On MIA-CL1, in Lync 2010, dial 13055552222 and select 1 for Sales. Notice the call now makes it to Tzipi. 11. Disconnect the call.
Note: You may need to wait a minute or two before trying these validation steps for the configuration to be restored, and sign out and back in to Lync 2010.
Task 2: Restore the Enterprise Voice configuration settings.

1. 2. 3. 4. 5. 6. 7. On MIA-LS1, in Lync Server Control Panel, click Voice Routing. On the Dial Plan tab, press and hold the Ctrl key and click each of the dial plans. Click the Edit menu and then click Delete. Click the Route tab, press and hold the Ctrl key and click each of the routes. Click the Edit drop-down menu, and then click Delete. Click the Commit drop-down menu, click Commit All. On the Uncommitted Voice Configuration Settings page, click Commit.
L12-12
8. 9.
On the Microsoft Lync Server 2010 Control Panel page, click Close. On MIA-CL1, sign out of and in to Lync 2010 as Andreas.
10. In Lync 2010, dial 2001 and notice it is not normalized. Try to dial the number and notice the call does not make it through. 11. On MIA-LS1, in Lync Server Control Panel, click the Dial Plan tab. 12. Click the Action drop-down menu, and then click Import configuration. 13. On the Open page, navigate to C:\LabFiles, and then double-click FabrikamVoiceConfigBackup.vcfg. 14. Click the Commit drop-down menu and then click Commit All. 15. On the Uncommitted Voice Configuration Settings page, click Commit. 16. On the Microsoft Lync Server 2010 Control Panel page, click Close. 17. In Lync Server Control Panel, click Voice Routing, and then click the Dial Plan tab and the Route tab to verify that the settings are restored. 18. On MIA-CL1, sign out of and in to Lync 2010 as Andreas. 19. In Lync 2010, dial 2001 again and notice the call is normalized again. Dial the number and notice it goes through.
Note: you may have to wait a couple of minutes, or sign out and back in to Lync 2010.
Task 3: Restore user data.

1. 2. 3. 4. 5. 6. On MIA-CL1, in Lync 2010, right-click Rome Contacts and then click Delete Group. At the Lync 2010 prompt, click OK. Right-click any other contacts and then click Remove from Contacts List. At the Lync prompt, click Yes. Sign out of Lync 2010. On RED-CL2, in Lync 2010, signed in as Tzipi, remove the groups and contacts you added earlier. On MIA-LS1, in the Lync Server Management Shell, type the following command, and then press Enter.
Cd C:\Program Files\Common Files\Microsoft Lync Server 2010\Support
7.
.\DBImpExp.exe /import /hrxmlfile:C:\LabFiles\FabrikamUserDataBackup.xml /restype:user /user:Andreas@fabrikam.com
Note: This command is case sensitive. 8. 9. On MIA-CL1, logged in as Andreas, in Lync 2010, verify that the groups and contact lists are restored. You may need to log out and back in to Lync 2010 for them to appear. On MIA-LS1, in the Lync Server Management Shell, type the following command and then press Enter:
L12-13
.\DBImpExp.exe /import /hrxmlfile:C:\LabFiles\FabrikamUserDataBackup.xml /restype:all
10. On the clients, in Lync 2010, repeat the steps to verify that the groups and contact lists are restored for the Miami and Redmond users now Results: After completing this exercise, you should have used the Lync Server administrative tools to restore the data that was previously backed up.
L12-14
Lab 13: Implementing Call Admission Control
L13-1
Module 13: Call Admission Control

Lab Scenario
Fabrikam IT has received complaints regarding poor call quality and the inability to make/receive some calls. The networking group of Fabrikam is planning on implementing QoS to assist with the bandwidth management at the network level and wants to ensure voice calls have priority over data sharing and video calls within Microsoft Lync Server 2010 deployment. Using the Call Admission Control (CAC) feature of Lync Server 2010, configure the CAC topology and policies to manage bandwidth allocation for bandwidth for real-time communications within the limits established by the network administration group. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

5.
L13-2
a. b. 6.
7.
8.
9.
L13-3
L13-4
54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
L13-5
L13-6
Exercise 1: Configuring CAC Components

Scenario
In this exercise, you will use Topology Builder, Lync Server Control Panel, and Lync Server Management Shell to configure Call Admission Control. The main tasks for this exercise are as follows: 1. 2. 3. 4. 5. 6. 7. Create regions. Create network bandwidth profiles. Create network sites. Create subnets. Create a region link. Create inter-site policies. Create a region route.
Task 1: Create regions.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Control Panel. On the Select URL prompt, select https://mia-ls1.fabrikam.com/Cscp, and then click OK. In the Lync Server Control Panel, click Network Configuration, and then click the Region tab. On the Region tab, click New. On the New Region page, in the Name box, type North_America. In the Central site drop-down list, click Miami. In the Description box, type North America Region, and then click Commit. On MIA-LS1, on the Region tab, click New. On the New Region page, in the Name box, type EMEA.
10. In the Central site drop-down list, click Rome. 11. In the Description box, type EMEA Region, and then click Commit.
Task 2: Create network bandwidth profiles.

1. 2. 3. 4. 5. On MIA-LS1, in the Lync Server Control Panel, click the Policy Profile tab, and then click New. In the Name box, type 5MB_Link. In the Audio limit box, type 2000. In the Audio session limit box, type 160. In the Video limit box, type 1400.
L13-7
6. 7. 8.
In the Video session limit box, type 700. In the Description box, type Link for 5mb WAN Connection, and then click Commit. On MIA-LS1, repeat the earlier steps to create the following Policy Profile. Value: 20MB_Link Link for 20mb WAN Connection 8000 160 4800 700
On MIA-LS1, repeat the earlier steps to create the following Policy Profile. Value 50MB_Link Link for 50mb WAN Connection 20000 160 14000 700
Field Name Description Audio limit Audio session limit Video limit Video session limit
Task 3: Create network sites.

1. 2. 3. 4. 5. 6. On MIA-LS1, in the Lync Server Control Panel, click the Site tab, and then click New. On the New Site page, in the Name box, type Miami. In the Region field, in the Region drop-down list, click North_America. In the Bandwidth policy drop-down list, click 20MB_Link. In the Description box, type Network Site for Miami Data Center, and then click Commit. On MIA-LS1, repeat the earlier steps to create the Redmond network site by using the following information. Value Redmond Network Site for Redmond Branch Office North_America 5MB_Link
L13-8
7.
On MIA-LS1, repeat the earlier steps to create the Rome network site by using the following information. Value Rome Network Site for Rome Data Center EMEA 20MB_Link
Task 4: Create subnets.

1. 2. 3. 4. 5. 6. On MIA-LS1, in the Lync Server Control Panel, click the Subnet tab, and then click New. On the New Subnet page, in the Subnet ID box, type 10.0.10.0. In the Mask box, type 24. In the Network site ID drop-down list, click Miami. In the Description box, type Miami Network, and then click Commit. On MIA-LS1, repeat the earlier steps to create the Redmond subnet by using the following information. Value 10.0.20.0 24 Redmond Redmond Network
Field Subnet ID Mask Network site ID Description 7.
On MIA-LS1, repeat the earlier steps to create the Rome subnet by using the following information. Value 10.0.30.0 24 Rome Rome Network
Task 5: Create a region link.

1. 2. 3. 4. 5. On MIA-LS1, in the Lync Server Control Panel, click the Region Link tab, and then click New. On the New Region Link page, in the Name box, type NorthAmerica_EMEA. In the Network region #1 drop-down list, click North_America. In the Network region #2 drop-down list, click EMEA. In the Bandwidth policy drop-down list, click 50MB_Link, and then click Commit.
L13-9
Task 6: Create inter-site policies.

New-CsNetworkInterSitePolicy Identity MiamiToRedmond BWPolicyProfileID 20MB_Link NetworkSiteID1 Miami NetworkSiteID2 Redmond
Task 7: Create a region route.

1. 2. 3. 4. 5. 6. 7. On MIA-LS1, in the Lync Server Control Panel, click the Region Route tab, and then click New. On the New Region Route page, in the Name box, type NorthAmerica_EMEA_Route. In the Network region #1 drop-down list, click North_America. In the Network region #2 drop-down list, click EMEA. Next to Network region links, click Add. On the Region Link page, click NorthAmerica_EMEA, and then click OK. Back on the New Region Route page, click Commit.
Results: After completing this exercise, you should have created the necessary components for configuring Call Admission Control. This included creating regions, network bandwidth policies, network sites, subnets, region links, and region routes.
L13-10
Exercise 2: Verifying Bandwidth Policy Application

Scenario
In this exercise, you will verify that the CAC topology elements and policies have been deployed and enabled and the policies are working as expected. The main tasks for this exercise are as follows: 1. 2. 3. 4. 5. 6. Enable Call Admission Control. Log on to client computers. Enable server logging. Start the Network Bandwidth Monitoring tool. Initiate a call from Rome to Miami. Review logs and Bandwidth Policy Service Monitor tool.
Note: If no data is showing in the logs or the monitoring tools during this exercise, restart the Lync Server Bandwidth Policy Service (Authentication) and Lync Server Bandwidth Policy Service (Core) services on MIA-LS1 and ROM-LS2. Also, in Network Configuration on the Global tab, disable and re-enable Call Admission Control on the Edit Global Setting Global page and retry the tasks.
Task 1: Enable Call Admission Control.

1. 2. 3. On MIA-LS1, in Lync Server Control Panel, click the Global tab. Click Global, click the Edit menu, and then click Show details. On the Edit Global Setting Global page, select the Enable call admission control check box, and then click Commit.
Task 2: Log on to client computers.

1. 2. 3. 4. 5. 6. 7. 8. 9. Log on to MIA-CL1 as Andreas. At a command prompt, type gpupdate /force, and then press Enter. Start and log on to Lync as Andreas. Log on to RED-CL2 as Tzipi. At a command prompt, type gpupdate /force, and then press Enter. Start and log on to Lync as Tzipi. Log on to ROM-CL3 as Marcel. At a command prompt, type gpupdate /force, and then press Enter. Start and log on to Lync as Marcel.
Task 3: Enable server logging.

1. 2. 3. 4. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Logging Tool. In the Lync Server 2010 Logging Tool, in the Components window, select the PDP check box. Under Level, select All. Under Flags, select All Flags, and then click Start Logging.
L13-11
5.
Repeat these steps on ROM-LS2 to enable logging in Rome.
Task 4: Start the Network Bandwidth Monitoring tool.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, double-click the ResKit folder shortcut on the desktop. In the ResKit folder that opens in Windows Explorer, double-click Resource Kit Tools folder, and then double-click Bandwidth Policy Service Monitor. In the Bandwidth Policy Service Monitor tool, along the left side, expand mia-ls1.fabrikam.com, and then click mia-ls1.fabrikam.com (1:1-1). Click the Topology Info tab, and notice that the links shown match those you created earlier. Leave the tool open and monitor the values listed as you make the call in the next task. On ROM-LS2, double-click the ResKit folder shortcut on the desktop. In the ResKit folder that opens in Windows Explorer, double-click Resource Kit Tools folder, and then double-click Bandwidth Policy Service Monitor. In the Bandwidth Policy Service Monitor tool, along the left side, expand rom-ls2.fabrikam.com, and then click rom-ls2.fabrikam.com (2:1-1). Click the Topology Info tab, and notice that the links shown match those you created earlier.
10. Leave the tool open and monitor the values listed as you make the call in the next task.
Task 5: Initiate a call from Rome to Miami.

1. 2. On ROM-CL3, make a call from Marcel to Andreas on MIA-CL1. Have Andreas answer the call and maintain active audio between the two clients while you check the results in the next task.
Task 6: Review the logs and Bandwidth Policy Service Monitor tool.
1. 2. 3. 4. On MIA-LS1, in the Lync Server 2010 Logging Tool, click Stop Logging, and then click View Log Files. In the View Log Files window, verify that PDP is the only selected component, click View. In the OCSLogger log that opens in Notepad, click Edit, and then click Find. Perform separate searches for: requested bw current bw returned bw
This shows the Bandwidth Policies being applied such as: Requested bandwidth Current bandwidth Returned bandwidth
Note: If no data is displayed in the logs or the monitoring tools during this exercise, restart the Lync Server Bandwidth Policy Service (Authentication) and Lync Server Bandwidth Policy Service (Core) services on MIA-LS1 and ROM-LS2. Also, in Network Configuration, on the
L13-12
Global tab, disable and re-enable Call Admission Control on the Edit Global Setting Global page and retry the tasks. 5. 6. 7. 8. On ROM-LS2, in the Lync Server 2010 Logging Tool, click Stop Logging, and then click View Log Files. In the View Log Files window, verify that PDP is the only selected component, click View. In the OCSLogger log that opens in Notepad, click Edit, and then click Find. Perform separate searches for: requested bw current bw returned bw
This shows the Bandwidth Policies being applied such as: 9. Requested bandwidth Current bandwidth Returned bandwidth
On MIA-LS1, in the Bandwidth Policy Service Monitor tool, click Update Now in the upper-right corner, and watch the value listed under AudioBWUsed change as the call is negotiated and established and disconnected.
10. On ROM-LS2, in the Bandwidth Policy Service Monitor tool, click Update Now in the upper-right corner, and watch the value listed under AudioBWUsed change as the call is negotiated and established and disconnected. 11. End all calls. Results: After completing this exercise, you should have enabled Call Admission Control. Then you enabled logging in Miami and Rome and then used the Lync clients to generate CAC traffic. Finally, you will have reviewed the captured traffic to see the application of bandwidth policies.
Lab 14: Configuring the Lync Server 2010 Location Information Service for E9-1-1 Calling
L14-1
Module 14: Deploying and Configuring Enhanced 9-1-1
With Microsoft Lync Server 2010 deployed to all users and locations, including remote and travelling users, the discussion of emergency calls has arisen. The use of the Location Information Service for E911 is provided in Lync Server 2010 but must be configured using the Lync Server Control Panel and Lync Server Management Shell. Important: We recommend that the steps in this and every lab be split between the two students in your pod. It is left up to the students to determine when to share tasks in order for both students to gain an understanding of the concepts of each lab. If you need help, please inform the instructor. Please note that if you both try to do tasks at the same time, you may overwrite each others work and possibly lose data.

5.
L14-2
6.
7.
8.
9.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings. 19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com. 23. In the User name box, type Fabrikam\Andreas, and then click Connect.
L14-3
24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 56. Under Remote audio recording, click Record from this computer, and then click OK.
L14-4
57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
L14-5
L14-6
Exercise 1: Creating Emergency Routes and PSTN Usages

Scenario
Lync Server recognizes configured emergency numbers without the need to define normalization. In general, any number specified as an emergency number is appended with a + and routed accordingly. In this exercise, you will create two PSTN Usages for U.S. and Italy emergency calls, and then create two emergency call routes. The main tasks for this exercise are as follows: 1. 2. Create emergency usages for the U.S. and Italy. Create emergency routes for the U.S. and Italy.
Important: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, Microsoft SQL Server and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Create emergency usages for the U.S. and Italy.

1. 2. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010 and then click Lync Server Management Shell. In the Lync Server Management Shell, type the following command, and then press Enter.
Set-CsPSTNUsage Usage @{add=US Emergency Call} -Verbose
3.
On MIA-LS1, in the Lync Server Management Shell, type the following command, and then press Enter.
Set-CsPSTNUsage Usage @{add=Italy Emergency Call} -Verbose
Task 2: Create emergency routes for the U.S. and Italy.

New-CsVoiceRoute -Name "US Emergency Route" -NumberPattern "^((\+911)|(\+118))" PstnUsages @{add="US Emergency Call", Italy Emergency Call} -PstnGatewayList @{add="Pstngateway:1.1.1.1"} Priority 1 Verbose
2.
New-CsVoiceRoute -Name "Italy Emergency Route" -NumberPattern "^((\+118)|(\+911))" PstnUsages @{add="Italy Emergency Call", US Emergency Call} -PstnGatewayList @{add="Pstngateway:1.1.1.3"} Priority 1 Verbose
Results: After completing this exercise, you should have created the necessary routes and PSTN Usages for emergency calling for both the US and Italy.
L14-7
Exercise 2: Defining LIS Locations

Scenario
In this exercise, you will configure the Location Information Server feature by configuring subnets within the LIS wire map for Miami, Redmond, and Rome and then configuring LIS site policies. Subnet 10.0.10.0 will correspond with this civic address in Miami: Fabrikam Corporate Campus 1234 Maple Drive Miami, FL 33136 US
Subnet 10.0.20.0 will correspond with this civic address in Redmond: Fabrikam 1 Microsoft Way Redmond, WA 98052 US
Subnet 10.0.30.0 will correspond with this civic address in Rome: Fabrikam Viale Avignone 10 Rome 00144 IT
The main tasks for this exercise are as follows: 1. 2. 3. 4. Create subnets in the Location database. Create LIS site policies. Configure the LIS site policies. Enable the LIS feature.
Task 1: Create subnets in the Location database.

Set-csLisSubnet -Subnet 10.0.10.0 -Description "Miami Data Center" Location "Miami Subnet" CompanyName Fabrikam HouseNumber 1234 HouseNumberSuffix PreDirectional "" StreetName Maple StreetSuffix Street PostDirectional "" City Miami State FL PostalCode 33136 Country US -Verbose
2.
Set-csLisSubnet -Subnet 10.0.20.0 -Description "Redmond Branch Office" Location "Redmond Subnet" CompanyName Fabrikam HouseNumber 1 HouseNumberSuffix PreDirectional "" StreetName Microsoft StreetSuffix Way PostDirectional "" City Redmond State WA PostalCode 98052 Country US -Verbose
3.
Set-csLisSubnet -Subnet 10.0.30.0 -Description "Rome Data Center" Location "Rome Subnet" CompanyName Fabrikam HouseNumber "" HouseNumberSuffix "" PreDirectional "" StreetName "Viale Avignone" StreetSuffix 10 PostDirectional "" City Rome State "" PostalCode 00144 Country IT Verbose
L14-8
Task 2: Create LIS site policies.

New-CsLocationPolicy Identity site:Miami
2.
New-CsLocationPolicy Identity site:Redmond
3.
New-CsLocationPolicy Identity site:Rome
Task 3: Configure the LIS site policies.

Set-CsLocationPolicy -Identity site:Miami -Description "Miami Data Center Location Policy" -EnhancedEmergencyServicesEnabled $true -LocationRequired "Yes" UseLocationForE911Only $false -PstnUsage "US Emergency Call" -EmergencyDialString 911 -EmergencyDialMask 118 -NotificationUri "sip:marcel@fabrikam.com" -ConferenceUri "sip:+390655554001" -ConferenceMode "twoway" Verbose
2.
Set-CsLocationPolicy -Identity site:Redmond -Description "Redmond Branch Office Location Policy" -EnhancedEmergencyServicesEnabled $true -LocationRequired "Yes" UseLocationForE911Only $false -PstnUsage "US Emergency Call" -EmergencyDialString 911 -EmergencyDialMask 118 -NotificationUri "sip:andreas@fabrikam.com" -ConferenceUri "sip:+13055552100" -ConferenceMode "twoway" -Verbose
3.
Set-CsLocationPolicy -Identity site:Rome -Description "Rome Data Center Location Policy" -EnhancedEmergencyServicesEnabled $true -LocationRequired "Yes" UseLocationForE911Only $false -PstnUsage "Italy Emergency Call" -EmergencyDialString 118 -EmergencyDialMask 911 -NotificationUri "sip:tzipi@fabrikam.com" -ConferenceUri "sip:+14255553002" -ConferenceMode "twoway" -Verbose
Task 4: Enable the LIS feature.

Publish-CsLisConfiguration -Verbose
Results: After completing this exercise, you should have created the three subnets for each of the civic addresses, created three LIS sites and configured the policies for each. Finally, you enabled the LIS service.
L14-9
Exercise 3: Experiencing LIS Features

Scenario
In this exercise, you will experience the Location Information Server feature by calling emergency numbers from the two data centers and the branch office. You will see in Lync a suggested location being provided based off of the client subnet. An IM with the location information will be sent to a manager when the emergency call is made, and a conference bridge would be established between the manager, the emergency operator, and the original caller in a non-virtualized environment. When logged in to Lync 2010 using a Remote Desktop Protocol (RDP) session, the location field is not selectable or editable, and is not shown to Contacts. To work around this for the lab, you will log into Lync 2010 in an RDP connection, and minimize that connection. Then you will connect to the VM using a Hyper-V connection, and then set the location. To experience emergency dialing, you will return to the RDP connection to make the calls. The main tasks for this exercise are as follows: 1. 2. Sign in to Lync 2010 and set locations. Experience emergency dialing.
Task 1: Sign in to Lync 2010 and set locations.

1. 2. 3. 4. 5. 6. 7. 8. 9. On the Remote Desktop Connection to MIA-CL1, sign out of and in to Lync 2010 as Andreas. On the desktop, double-click the Start PBX Emulator shortcut to open the PBX Emulator. Close the Remote Desktop Connection to MIA-CL1. Connect to MIA-CL1 using a Hyper-V connection, and then sign in as Andreas. In Lync 2010, notice the Set Your Location option and the suggested location, the Miami civic address. Click the Set Your Location drop-down menu, and then click Set Location. On the Edit Location page, in the Location name box, type Miami Data Center, and then click OK. On RED-CL2, sign out of and in to Lync as Tzipi. Close the Remote Desktop Connection to RED-CL2.
10. Connect to RED-CL2 by using a Hyper-V connection, and then sign in as Tzipi. 11. In Lync 2010, notice the Set Your Location and the suggested location, the Redmond civic address. 12. Click the Set Your Location drop-down menu, and then click Set Location. 13. On the Edit Location page, in the Location name box, type Redmond Branch Office, and then click OK. 14. On ROM-CL3, sign out of and in to Lync 2010 as Marcel. 15. Close the Remote Desktop Connection to ROM-CL3, 16. Connect to ROM-CL3 using a Hyper-V connection, and then sign in as Marcel. 17. In Lync 2010, notice the Set Your Location and the suggested location, the Rome civic address. 18. Click the Set Your Location drop-down menu, and then click Set Location. 19. On the Edit Location page, in the Location name box, type Rome Data Center, and then click OK.
L14-10
Task 2: Experience emergency dialing.

1. 2. 3. 4. 5. 6. 7. 8. 9. Reconnect the Remote Desktop Connection to MIA-CL1 as Andreas. Reconnect the Remote Desktop Connection to ROM-CL3 as Marcel. Reconnect the Remote Desktop Connection to RED-CL2 as Tzipi. On MIA-CL1, in Lync 2010, dial 911. Notice the bridge setup with Marcel, the location information provided to Marcel, and the call connects to the PBX Emulator. Disconnect the call. Dial 118 and watch as it converts to 911 and has the same behavior. Disconnect the call. On Red-CL2, in Lync 2010, dial 911.
10. Notice the bridge setup with Andreas, the location information provided to Andreas, and the call connects to the PBX Emulator. 11. Disconnect the call. 12. On ROM-CL3, in Lync 2010, dial 118. 13. Notice the bridge setup with Tzipi, the location information provided to Tzipi, and the call connects to the PBX Emulator. 14. Disconnect the call. 15. Dial 911 and watch as it converts to 118 and has the same behavior. 16. Disconnect the call. Results: After completing this exercise, you should have experienced enhanced emergency dialing at the three locations, by first setting location of a user at each location. Then experience enhanced emergency calling.
Lab 15: Implementing Voice Resiliency in Lync Server 2010
L15-1
Module 15: Voice Resiliency Features of Lync Server 2010

Fabrikam Management has setup a second pool for their European location and wants to configure both pools as backup registrars to each other and the Redmond pool as a backup registrar for the Branch Office. You will configure the required backup registrars and test various outage scenarios.

This lab requires the virtual machines running from the previous labs and depends on the completion of Labs 5 through 14. The virtual machines are configured to automatically log on as Fabrikam\Administrator with the password, Pa$$w0rd, except for the following virtual machines: MIA-CL1 as Fabrikam\Andreas, with the password, Pa$$w0rd RED-CL2 as Fabrikam\Tzipi, with the password, Pa$$w0rd ROM-CL3 as Fabrikam\Marcel, with the password, Pa$$w0rd INT-CL4 as INT-CL4\Administrator, with the password, Pa$$w0rd MIA-ED1 as MIA-ED1\Administrator, with the password, Pa$$w0rd MIA-RAS1 as MIA-RAS1\Administrator, with the password, Pa$$w0rd
5.
On Host1, in the Virtual Machines list, if the virtual machine 10533A-MIA-SQL1.2 is not running: a. Right-click 10533A-MIA-SQL1.2 and click Start.
L15-2
b. 6.
7.
8.
9.
15. When 10533A-MIA-CL1.2 has booted up completely, close the Virtual Machine Connection window. 16. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 17. In the Remote Desktop Connection window, click Options. 18. Click the Local Resources tab, and then under Remote audio, click Settings. 19. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 20. Under Remote audio recording, click Record from this computer, and then click OK. 21. Click the General tab. 22. Under Logon settings, in the Computer box, type mia-cl1.fabrikam.com.
L15-3
23. In the User name box, type Fabrikam\Andreas, and then click Connect. 24. On the Remote Desktop Connection page, click Connect. 25. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 26. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 27. On Host2, when 10533A-RED-CL2.2 has booted up completely, close the Virtual Machine Connection window. 28. On Host2, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 29. In the Remote Desktop Connection window, click Options. 30. Click the Local Resources tab, and then under Remote audio, click Settings. 31. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 32. Under Remote audio recording, click Record from this computer, and then click OK. 33. Click the General tab. 34. Under Logon settings, in the Computer box, type red-cl2.fabrikam.com. 35. In the User name box, type Fabrikam\Tzipi, and then click Connect. 36. On the Remote Desktop Connection page, click Connect. 37. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 38. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 39. On Host1, when 10533A-ROM-CL3.2 has booted up completely, close the Virtual Machine Connection window. 40. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 41. In the Remote Desktop Connection window, click Options. 42. Click the Local Resources tab, and then under Remote audio, click Settings. 43. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it. 44. Under Remote audio recording, click Record from this computer, and then click OK. 45. Click the General tab. 46. Under Logon settings, in the Computer box, type rom-cl3.fabrikam.com. 47. In the User name box, type Fabrikam\Marcel, and then click Connect. 48. On the Remote Desktop Connection page, click Connect. 49. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 50. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. 51. On Host1, when 10533A-INT-CL4.2 has booted up completely, close the Virtual Machine Connection window. 52. On Host1, click Start, click All Programs, click Accessories, and then click Remote Desktop Connection. 53. In the Remote Desktop Connection window, click Options. 54. Click the Local Resources tab, and then under Remote audio, click Settings. 55. Under Remote audio playback, verify that Play on this computer is selected. If it is not, select it.
L15-4
56. Under Remote audio recording, click Record from this computer, and then click OK. 57. Click the General tab. 58. Under Logon settings, in the Computer box, type int-cl4. 59. In the User name box, type INT-CL4\Administrator, and then click Connect. 60. On the Remote Desktop Connection page, click Connect. 61. On the Windows Security window, in the Password box, type Pa$$w0rd, and then click OK. 62. On the Remote Desktop Connection window, select the Dont ask me again for connections to this computer check box, and then click Yes. Verify that all services set to Automatic have started on all virtual machines. Most notably, check the Microsoft Exchange, Lync Server 2010, and Microsoft SQL Server services. To do so, complete the following steps: 1. 2. 3. On each virtual machine, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start. Important: All connections to MIA-CL1.2, RED-CL2.2, ROM-CL3.2, and INT-CL4.2 will require using a Remote Desktop Connection with remote audio playback and remote audio recording enabled, unless otherwise specifically instructed.
L15-5
L15-6
Exercise 1: Configuring Central Site Resiliency

Scenario
In this exercise, you will configure the Miami pool to be the backup Registrar pool for Rome, and the Rome pool to be the backup Registrar pool for Miami. You will also verify the configured backup Registrar pool for Redmond is the Miami pool and then publish the topology. Then you will simulate a pool outage at the Rome site and verify Lync Server 2010 site resiliency. Due to virtualization it may take a while for the clients to failover or failback. Because of the limitations of the virtualized environment, not all available options can be tested. The main tasks for this exercise are as follows: 1. 2. 3. Configure backup registrar pools. Simulate a pool outage at the Rome site. Test and verify central site resiliency in Rome.
Important: On all virtual machines, verify that all of the services set to start automatically have started. Most notably, check the Exchange, SQL Server and Lync Server 2010 services. To do so, click Start, click Administrative Tools, and then click Services. In the Services console, verify that all services set to Automatic start have started. If not, right-click the service and click Start.
Task 1: Configure backup registrar pools.

1. 2. 3. 4. 5. 6. 7. 8. 9. On MIA-LS1, click Start, click All Programs, click Microsoft Lync Server 2010, and then click Lync Server Topology Builder. On the Topology Builder page, select Download Topology from existing deployment, and then click OK. At the Save Topology As prompt, navigate to the Desktop and save the topology as Lab15Exer1.tbxml. In the Lync Server 2010, Topology Builder, expand Miami, expand Standard Edition Front End Servers, right-click mia-ls1.fabrikam.com, and then click Edit Properties. On the Edit Properties page, under Resiliency, in the Associated backup Registrar pool list, click rom-ls2.fabrikam.com Rome. Select the Enable Failover and Failback check box. In the Failure detection interval box, type 30. In the Failback interval box, type 60, and then click OK. In the Lync Server 2010, Topology Builder, expand Rome, expand Standard Edition Front End Servers, right-click rom-ls2.fabrikam.com, and then click Edit Properties.
10. On the Edit Properties page, under Resiliency, in the Associated backup Registrar pool list, click mia-ls1.fabrikam.com Miami. 11. Select the Enable Failover and Failback check box. 12. In the Failure detection interval box, type 30. 13. In the Failback interval box, type 60, and then click OK.
L15-7
14. Under Miami, expand Branch sites, expand Redmond, expand Survivable Branch Appliances, right-click red-sbs1.fabrikam.com, and then click Edit Properties. 15. Under Resiliency, in the Associated User service and backup Registrar pool list, verify that mials1.fabrikam.com Miami is selected. 16. In the Failure detection interval box, type 30. 17. In the Failback interval box, type 60, and then click OK. 18. In the Lync Server 2010, Topology Builder, in the navigation pane, right-click Lync Server 2010, and then click Publish Topology. 19. On the Publish the topology page, click Next. 20. On the Publishing wizard complete page, verify all steps show as success, and then click Finish.
Task 2: Simulate a pool outage at the Rome site.

1. 2. 3. On ROM-LS2, click Start, click Administrative Tools, and then click Services. In Services, right-click Lync Server Front-End, and then click Stop. Leave the Services console open.
Task 3: Test and verify central site resiliency in Rome.

Note: Due to virtualization, it may take several minutes for the clients to failover and failback. 1. 2. On MIA-CL1, if necessary, double-click the PBX Emulator shortcut on the desktop to start the emulator. On ROM-CL3, verify the behavior of Lync 2010 for Marcel, as it fails over to the Miami Registrar pool and goes into limited functionality mode. 3. 4. 5. Outbound PSTN Calling, for example, dial 0055556789. Enterprise calls between users at both the same site and between two different sites, for example, dial 2002 to call Andreas. Basic call handling, including call hold, retrieval, and transfer, for example, dial 2002 to call Andreas and have her put Marcel on hold. Two-party instant messaging, for example, start an IM session with Andreas. Authentication and authorization, this is shown by Marcel being able to log on to Lync 2010. Voice mail deposit, for example, call Andreas and leave her a voice mail.
On MIA-CL1 and RED-CL2, verify full functionality. On ROM-LS2, in Services, right-click Lync Server Front-End, and then click Start. Verify full functionality on all three clients. Results: After completing this exercise, you should have configured backup Registrar pools for both the Miami and Rome locations. You then tested and verified the behavior of the clients when there is a Pool outage or failure.
L15-8
Exercise 2: Testing and Verifying Branch Office Voice Resiliency with a WAN Outage
Scenario
In this exercise, you will simulate a wide area network (WAN) link by disabling the RED Network interface on the MIA-RAS1 VM. Then you will test and verify the behavior of the Survivable Branch Server. When a WAN link failure occurs, branch office users are still able to make and receive calls by using this new feature of Lync Server 2010. Due to virtualization it may take a while for the clients to failover or failback. Because of the limitations of the virtualized environment, not all available options will be able to be tested. The main tasks for this exercise are as follows: 1. 2. Simulate a WAN outage. Test and verify branch office voice resiliency in Redmond.
Task 1: Simulate a WAN outage.

1. 2. 3. On MIA-RAS1, click Start and then in the Search program and files box, type IP, and then press Enter. In Network Connections, right-click the RED Network interface, and then click Disable. Leave Network Connections open.

Note: Due to virtualization, it may take several minutes for the clients to failover and failback. 1. 2. On RED-CL2, if you get a MAPI connection prompt, click Close. Verify the behavior of Lync 2010 for Tzipi.as the client goes into limited functionality mode and the available voice functionalities. 3. 4. Outbound PSTN calls, for example, dial 4255551212 (if this call does not go through, restart the Lync Server Mediation service on RED-SBS1). PSTN dial-in conferencing with Conferencing Auto-Attendant (as a PSTN call), for example, dial 2345 and watch as it gets routed to the PBX Emulator. Exchange UM Auto Attendant and Subscriber Access calling (as a PSTN call), for example, dial 2000 or 2999 and watch as it gets routed to the PBX Emulator. User authentication and authorization, this is shown by Tzipi being able to log on to Lync 2010.
On MIA-RAS1, in Network Connections, right-click the RED Network interface, and then click Enable. Verify full functionality on all three clients. Results: After completing this exercise, you should have configured the SBS associated backup Registrar for the Redmond branch office. Then you should have simulated a WAN outage and verified the voice resiliency features at the branch office.
L15-9
Exercise 3: Testing and Verifying Branch Office Voice Resiliency with Pool Outage
Scenario
In this exercise, you will test and verify the Enterprise Voice resiliency features of Lync Server 2010 at a branch office during a pool outage or failure. Due to virtualization it may take a while for the clients to failover or failback. Because of the limitations of the virtualized environment, not all available options will be able to be tested. The main tasks for this exercise are as follows: 1. 2. Simulate a pool outage at the central site. Test and verify branch office voice resiliency in Redmond.
Task 1: Simulate a pool outage at the central site.

1. 2. 3. On MIA-LS1, click Start, click Administrative Tools, and then click Services. In Services, right-click Lync Server Front-End, and then click Stop. Leave the Services console open.

Note: Due to virtualization, it may take several minutes for the clients to failover and failback. 1. On RED-CL2, verify the behavior of Lync 2010 for Tzipi as the client goes into limited functionality mode and the available voice functionality. 2. 3. Outbound PSTN calls, for example, dial 4255551212 (if this call does not go through, restart the Lync Server Mediation service on RED-SBS1). Enterprise calls between users at both the same site and between two different sites, for example, dial 4001 to call Marcel. Rome PSTN dial-in conferencing with Conferencing Auto-Attendant, for example, dial 4567. Exchange UM Auto Attendant and Subscriber Access calling , for example, dial 2000 or 2999. User authentication and authorization, this is shown by Tzipi being able to log on to Lync 2010.
On MIA-LS1, in Services, right-click Lync Server Front-End and then click Start. Verify full functionality on all three clients. Results: After completing this exercise, you should have simulated a central site pool failure or outage and then tested and verified the voice resiliency features at the branch office.
L15-10
Exercise 4: Testing and Verifying Branch Office Voice Resiliency with SBS Outage
Scenario
In this exercise, you will test and verify the Enterprise Voice resiliency features of Lync Server 2010 at a branch office during a Survivable Branch Server outage or failure. Due to virtualization it may take a while for the clients to failover or failback. Because of the limitations of the virtualized environment, not all available options will be able to be tested. The main tasks for this exercise are as follows: 1. 2. Simulate a Survivable Branch Server outage in Redmond. Test and verify branch office voice resiliency in Redmond.
Task 1: Simulate a Survivable Branch Server outage in Redmond.

1. 2. 3. 4. 5. On RED-SBS1, click Start, click Administrative Tools, and then click Services. Right-click Lync Server Front-End, and then click Stop. Right-click Lync Server Mediation, and then click Stop. Right-click Lync Server Replica Replicator Agent, and then click Stop. Leave the Services console open.

Note: Due to virtualization, it may take several minutes for the clients to failover and failback. 1. 2. 3. 4. 5. 6. On RED-CL2, verify Lync 2010 for Tzipi gets logged off and then back on and retains full functionality. Verify that the clients on MIA-CL1 and ROM-CL3 have full functionality. On RED-SBS1, in Services, right-click Lync Server Front-End, and then click Start. Right-click Lync Server Mediation, and then click Start. Right-click Lync Server Replica Replicator Agent, and then click Start. Verify full functionality on all three clients. Results: After completing this exercise, you should have simulated a Survivable Branch Server failure or outage and then tested and verified the voice resiliency features at the branch office.

Microsoft Lync Configuration Trainer Handbook

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Microsoft Lync Configuration Trainer Handbook

Enviado por

Direitos autorais:

Formatos disponíveis

MCT USE ONLY.

STUDENT USE PROHIBITED

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Product Number: 10533A Part Number: X17-52341 Released: 5/2011

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Kelly McMahon Content Developer

Anne Bockman Hansen Content Developer

Thom Foreman Subject Matter Expert

Brian Ricks Subject Matter Expert

Mark Stafford Technical Reviewer

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Module 2: Deploying Microsoft Lync Server 2010

Module 3: Configuring Users and Rights in Microsoft Lync Server 2010

Module 4: Client and Device Deployment and Management

Module 5: External User Access

Module 6: Configuring Basic Enterprise Voice Functionality

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Module 7: Extending Enterprise Voice Functionality

Module 8: Microsoft Exchange Server 2010 SP1 Unified Messaging Integration

Module 9: Implementing Response Groups

Module 10: Conferencing in Lync Server 2010

Module 11: Monitoring and Archiving

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

Module 13: Call Admission Control

Module 14: Deploying and Configuring Enhanced 9-1-1

Module 15: Voice Resiliency Features of Lync Server 2010

Lab Answer Keys

Deploying, Configuring, and Administering Microsoft Lync Server 2010

MCT USE ONLY. STUDENT USE PROHIBITED

About This Course

MCT USE ONLY. STUDENT USE PROHIBITED

About This Course

About This Course

MCT USE ONLY. STUDENT USE PROHIBITED

About This Course

MCT USE ONLY. STUDENT USE PROHIBITED

About This Course

MCT USE ONLY. STUDENT USE PROHIBITED

About This Course

MCT USE ONLY. STUDENT USE PROHIBITED

Virtual Machine Environment

Virtual Machine Configuration

About This Course

MCT USE ONLY. STUDENT USE PROHIBITED

Role RRAS server and External DNS Miami