In a previous blog article, we walked through the steps to deploy an Office 365 Lync Hybrid solution with Shared SIP Address Space. We also created some Lync users hosted on-prem and some hosted on-line. However, since no Exchange on-prem servers were deployed, all user mailboxes can only be hosted on the Office365 E3 plan. This post is the first of a two-part series where we continue to build on the hybrid environment and walk through how to configure Exchange Online to work with Lync Hybrid and how to properly provision user mailboxes that can provide email services to Lync users. Lets recap on the architecture again as shown in the diagram:
In my lab setup I have Exchange 2013 CU1 server with Mailbox and CAS role installed. Exchange UM is enabled and integrated with Lync Server 2013 CU1. As Exchange 2013 does not have an Edge Transport role, the lab environment uses Exchange 2010 as the Edge Transport server. Below is the simplified diagram of the setup (firewalls and reverse proxy omitted).
Everything was working fine until Lync Phone Edition (LPE) devices and VVX Lync-compatible phones were no longer able to access the Exchange Voicemail subscriber access and auto-attendant like they used to. A quick test using the Lync client also had issues accessing the Voicemail and a snooper trace showed multiple following MS-Diagnostic errors:
"ms-diagnostics: 15007;reason="Exchange Unified Messaging server did not respond to request"
"ms-diagnostics: 1038;reason="Failed to connect to a peer"
"ms-diagnostics: 15030;reason="Failed to route to Exchange Server"
However, Exchange calendar integration continues to work on the LPE and VVX phones. This suggested that UM integration was failing because of an recent attempt to update the Exchange 2013 server to CU2. That update failed during prerequisite checks with an error message saying that there were one or more Exchange 2010 servers in the organization that has not yet been updated to SP3. However the Exchange 2010 Edge transport server was already running SP3 so it was unclear why this message appeared. To resolve this issue, I performed the following steps:
1. Remove the Edge Subscription on the Exchange 2013 server using the cmdlet
Remove-EdgeSubscription - identity <edgeservername>
Publishing Exchange 2013 Web Services (EWS) to clients on the external network is essential for Lync 2013 Unified Contact Store (UCS) and Lync 2013 Mobile clients to work properly. Without EWS available to clients on external networks, Lync 2013 Mobile clients will be unable to get Lync contacts when UCS has been enabled for users, since these contacts are now stored in Exchange. Lync 2013 Mobile clients will also not be able to retrieve calendaring information to join Lync online meetings. In order to enable these functions for the full Lync mobile experience, EWS must be published. This article provides configuration details for publishing Exchange 2013 EWS using Forefront TMG2010. Note that TMG2010 is no longer available for purchase but Forefront Unified Access Gateway (UAG) with Service Pack 3 (SP3) is still available and can be used for publishing Exchange 2013.
To begin use the "Publish Exchange Web Client Access" in the TMG 2010 Task pane to start the wizard. Give the rule a name and in the Select Services screen choose "Exchange Server 2010" and click on "Outlook Anywhere".
Next we can either choose to publish a single Exchange CAS server, which is the case in this lab, or if an array of CAS servers are deployed then the publishing type should be set to a server farm. Then we select to use SSL for the connection from TMG to CAS:
This article walks through the process of buying and setting up GoDaddy's SSL certificates for use on either your Lync Edge server or your Reverse Proxy. In this article, I am using a SSL cert for my Exchange virtual directories that will be published using the reverse proxy Forefront TMG 2010. This is also the same reverse proxy being used to publish the Lync web services. Although there are many types of SSL certs available, for Lync or Exchange environments, the "Multiple Domains UCC" SSL cert from GoDaddy can be purchaesd and used as shown below:
Once purchased, you can login to the account and launch the SSL certificate setup as shown below:
With the release of Exchange 2013 CU1, we can finally deploy the Unified Contact Store (UCS) into an existing Exchange2010 SP3 environment. This is because Exchange2013 is required for UCS and the GTM version of Exchange2013 did not support coexistence with previous versions of Exchange. To recap, UCS enables users to store all contact information in Exchange 2013 so that the information is available globally across Lync, Exchange, Outlook, and Outlook Web Access. Without UCS, Lync2013 clients cannot change or upload their photos. Below is the UCS architecture diagram for reference:
Deploying Exchange2013 CU1 itself is beyond the scope of this article and the steps are provided in Technet. For existing Exchange2010 environments as in the case of this lab setup, upgrading to Exchange2010 SP3 is required which also performs the prepare AD schema, thereby eliminating the need to run setup.exe /PrepareSchema using Exchange2013. After deploying Exchange2013 we also need to run the post-install steps as described in here. Most notably would be the need to assign a CA issued certificate for the CAS role as Exchange2013, like it's predecessors, by default uses a self-signed cert which Lync2013 will not recognize. Once the prerequisites are done, enabling unified contact store in Lync Server 2013 does not require any topology settings. All that's needed is that the Unified contact store policy is enabled (default is enabled), user's mailboxes have been migrated to Exchange2013, and user log in with using the Lync 2013 rich client at least once.
The Polycom CX600 is a Lync Phone Edition (LPE) device that is optimzed for Lync2010 and Lync2013 environments. As briefly mentioned in the KB Article for the January2013 CU for LPE devices, this new firmware update actually allows the phones to support Lync Online and Office365. This article descibes how to configure the CX600 for use in Office365 Plan E4 in a lab environment. For Lync On-Premise scenarios, fellow MVP Jeff Schertz has written excellent blogs on how to configure these phones for Lync available here.
Since the phones require users to be enabled for Enterprise Voice, only Office365 Plan E4 or Lync Online Plan 3 can be used with the Lync Phones as only these plans include the Enterprise Voice" feature equivalent in Lync On-Premise, which is refered to as "Lync-to-Phone" in Lync Online. In US and Canada, the "Lync-to-Phone" PSTN connectivity is provided by service provider JahJah and this service is not currently available anywhere else in the world. For Office365 users outside US and Canada, PSTN connectivity can still be achieved by deploying an On-Premise Lync environment with PSTN connection via a qualified gateway while still using Lync and Exchange Online in the cloud. These are refered to as Hybrid Lync Server deployments. Details on how to configure phones for these hybrid scenarios will be covered in a future article. In this article we will not configure any PSTN connectivity.
Getting Started: Configuring Exchange Online for UM
To allow the CX600 phones to retrieve VoiceMail and Call Logs, the Exchange Online service must be configured for Unified Messaging UM). To get started, navigate to the Exchange Admin Center and select Unified Messaging on the left tab. Then Click on the "+" button to add a new UM Dial Plan as shown below:
On the new UM Dial Plan window, we enter a desriptive name for the dial plan followed by the Extension length which would be the number of digits in the full E.164 number excluding the "+". For eg if the country code is 65 followed by another 8 digits, then extension length would be 10 digits. Next select the "SIP URI" Dial plan type and select the desired audio language. Sample screen shot is shown below: