• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 772
  • Last Modified:

Lync Server 2010 Central/Branch Site and PBX Questions

I am planning a deployment on Lync 2010 and have questions. We have a corporate office that houses ALL servers, and roughly 100 employees.  We also have 2 other offices connected to the Corporate office via MPLS (each remote office has a 20MG metro and the Corporate office has a 40MG metro).  The remote servers DO NOT have any servers locally, and currently connect back to corporate for everything (including internet access).  The remote locations have roughly 20 employees each.

When creating my topology running the planning tool & topology builder, do I create a central site AND branch sites?  I do not want to install a Survivable branch appliance or server at they remote locations.
The features we want to use mainly are Chat, Presence, Video Conferencing, External User Access, and External services like Yahoo, MSN, etc.  We do not want to connect our existing PBX to the Lync system, at all.  What roles can I, and must I exclude since we will not be utilizing the PBX (Phones) at all?
If I do NOT install an Archiving Server will the users still be able to see any chat history and if so how much?  I am assuming the Archive Server holds ALL conversations forever (or a predetermined amount of time).

Sorry for all the questions, but I am deploying in a week and have a lot of planning to do prior!!  THANK YOU!!

0
BSModlin
Asked:
BSModlin
  • 4
  • 3
1 Solution
 
jeiben812Commented:
1.  You'll only need to create a single site.  I am running Lync for Chat, Presence, Web Conferencing, and Remote Access across a 25-site, 850-user network all from a single site/front end server and a single edge server.

2.  The bare minimum features are Chat, Presence, Web Conferencing, and Lync-to-Lync audio/video.  All other roles can be excluded or included as needed.

3.  Users have the ability to save their Conversation History in Outlook via settings on the Lync client.  I believe the default setting is to save conversations.  A Conversation History folder will be added to the users' e-mail folder and the Conversation History tab in Lync will directly access the Outlook folder.  If the setting is off the conversations are not saved.  The advantage of the Archiving Server is that all conversations are saved and searchable from a central location.  But if you have no legal compliance concerns you shouldn't need it.

Good luck on your Lync project!

--Jeff
0
 
BSModlinAuthor Commented:
Man, all that info was VERY helpful.... I have one last question regarding SSL certs....  I will be purchasing the necessary cert(s) from GoDaddy.  My question is since I am going to be allowing external access via an Edge Server do I need 2 certs, one for the Lync Server and one for the Edge server?  If so, what subject alt. names need to be included for both servers?

Example:

dialin.xyz.com
meet.xyz.com
conf.xyz.com

Which servers require what alt. names?

0
 
jeiben812Commented:
You will need three certs, actually...  

1. The internal cert for the Lync Front End (or Standard) server itself.
Subject: <Pool FQDN>
SANs: <_sipinternaltls SRV record FQDN>, <Pool FQDN>, <Front End Server FQDN>, <dialin FQDN>, <meet FQDN>, <admin FQDN>, <web services FQDN>

2. The internal cert for the Lync Edge server that secures the connection to the Lync Front End.
Subject: <Edge Pool/Server FQDN>
No SANs

3. The external cert for the Lync Edge server that secures the external connections.
Subject: <External _sip._tls SRV record FQDN>
SANs: <External _sip._tls SRV record FQDN>, <conf FQDN>

The Lync setup wizard does a good job of walking you through generating the certificate requests.  You just need to make sure all the SANs match your implementation.

--Jeff
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
BSModlinAuthor Commented:
I am a bit confused.... I am not using multiple front end or Edge servers...  Why would I need to purchase 2 certs for one edge server?
0
 
jeiben812Commented:
The connection between the Edge server and the Front End server must also be secured.  That is why the Edge server needs 2 certs.  This cert is only used between the two servers, so there is no need for 3rd-party signing.  I recommend using the domain CA for this cert.

Honestly, I went with domain-signed certs for all purposes to avoid the costs of the 3rd-party certs.  It's a minor inconvenience for the users to have to verify that they want to continue to the site, and it doesn't affect the Lync client behavior at all.

--Jeff
0
 
BSModlinAuthor Commented:
And will the Edge Server wizard help me create requests for both certs?
0
 
jeiben812Commented:
Yes, it will.

--Jeff
0

Featured Post

Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now