Lync Server 2010 Central/Branch Site and PBX Questions

I am planning a deployment on Lync 2010 and have questions. We have a corporate office that houses ALL servers, and roughly 100 employees.  We also have 2 other offices connected to the Corporate office via MPLS (each remote office has a 20MG metro and the Corporate office has a 40MG metro).  The remote servers DO NOT have any servers locally, and currently connect back to corporate for everything (including internet access).  The remote locations have roughly 20 employees each.

When creating my topology running the planning tool & topology builder, do I create a central site AND branch sites?  I do not want to install a Survivable branch appliance or server at they remote locations.
The features we want to use mainly are Chat, Presence, Video Conferencing, External User Access, and External services like Yahoo, MSN, etc.  We do not want to connect our existing PBX to the Lync system, at all.  What roles can I, and must I exclude since we will not be utilizing the PBX (Phones) at all?
If I do NOT install an Archiving Server will the users still be able to see any chat history and if so how much?  I am assuming the Archive Server holds ALL conversations forever (or a predetermined amount of time).

Sorry for all the questions, but I am deploying in a week and have a lot of planning to do prior!!  THANK YOU!!

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

1.  You'll only need to create a single site.  I am running Lync for Chat, Presence, Web Conferencing, and Remote Access across a 25-site, 850-user network all from a single site/front end server and a single edge server.

2.  The bare minimum features are Chat, Presence, Web Conferencing, and Lync-to-Lync audio/video.  All other roles can be excluded or included as needed.

3.  Users have the ability to save their Conversation History in Outlook via settings on the Lync client.  I believe the default setting is to save conversations.  A Conversation History folder will be added to the users' e-mail folder and the Conversation History tab in Lync will directly access the Outlook folder.  If the setting is off the conversations are not saved.  The advantage of the Archiving Server is that all conversations are saved and searchable from a central location.  But if you have no legal compliance concerns you shouldn't need it.

Good luck on your Lync project!


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
BSModlinAuthor Commented:
Man, all that info was VERY helpful.... I have one last question regarding SSL certs....  I will be purchasing the necessary cert(s) from GoDaddy.  My question is since I am going to be allowing external access via an Edge Server do I need 2 certs, one for the Lync Server and one for the Edge server?  If so, what subject alt. names need to be included for both servers?


Which servers require what alt. names?

You will need three certs, actually...  

1. The internal cert for the Lync Front End (or Standard) server itself.
Subject: <Pool FQDN>
SANs: <_sipinternaltls SRV record FQDN>, <Pool FQDN>, <Front End Server FQDN>, <dialin FQDN>, <meet FQDN>, <admin FQDN>, <web services FQDN>

2. The internal cert for the Lync Edge server that secures the connection to the Lync Front End.
Subject: <Edge Pool/Server FQDN>

3. The external cert for the Lync Edge server that secures the external connections.
Subject: <External _sip._tls SRV record FQDN>
SANs: <External _sip._tls SRV record FQDN>, <conf FQDN>

The Lync setup wizard does a good job of walking you through generating the certificate requests.  You just need to make sure all the SANs match your implementation.

IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

BSModlinAuthor Commented:
I am a bit confused.... I am not using multiple front end or Edge servers...  Why would I need to purchase 2 certs for one edge server?
The connection between the Edge server and the Front End server must also be secured.  That is why the Edge server needs 2 certs.  This cert is only used between the two servers, so there is no need for 3rd-party signing.  I recommend using the domain CA for this cert.

Honestly, I went with domain-signed certs for all purposes to avoid the costs of the 3rd-party certs.  It's a minor inconvenience for the users to have to verify that they want to continue to the site, and it doesn't affect the Lync client behavior at all.

BSModlinAuthor Commented:
And will the Edge Server wizard help me create requests for both certs?
Yes, it will.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server Apps

From novice to tech pro — start learning today.