Sunday, June 7, 2015

Configuring Lync Server 2013 with Exchange 2010 OWA

One of the questions I get asked most frequently about Lync Server 2013 is how to configure the integration with Exchange 2010 OWA so users can use the Outlook Web App for IM because most of the material out there on the web were written for Lync Server 2010 and Exchange Server 2010.  The short answer is that nothing has really changed so the instructions provided for Lync Server 2010 would actually work for Lync Server 2013 but since I’ve had to walk through a lot of people on the process, I thought I’d write a blog post to demonstrate it.

Step #1 – Download Microsoft Office Communications Server 2007 R2 Web Service Provider onto CAS Server or Servers

Begin by downloading the following bundle:

Microsoft Office Communications Server 2007 R2 Web Service Provider
https://www.microsoft.com/en-us/download/details.aspx?id=2310

clip_image002

The downloaded file should be named CWAOWASSPMain.msi with a size of 10,642KB:

clip_image002[5]

Step #2 – Download Patches (UcmaRedist.msp and CWAOWASSP.msp)

Next, download the following patch:

Unified Communications Managed API 2.0 Redist (64 Bit) Hotfix KB 2647091
http://www.microsoft.com/en-us/download/details.aspx?id=7557

clip_image002[7]

The downloaded file should be named UcmaRedist.msp with a size of 4,132KB:

clip_image002[9]

Download the following patch:

OCS 2007 R2 Web Service Provider Hotfix KB 981256
http://www.microsoft.com/en-us/download/details.aspx?id=797

clip_image002[11]

The downloaded file should be named CWAOWASSP.msp with a size of 136KB:

clip_image002[13]

Step #3 – Run CWAOWASSPMain.msi

Proceed by running the CWAOWASSPMain.msi file:

clip_image002[15]

clip_image002[17]

clip_image002[19]

clip_image002[21]

clip_image002[23]

Once completed, you will notice the following line item in the Programs and Features:

clip_image002[25]

Step #4 – Run CWAOWASSP.msi, dotnetfx35setup.exe, UcmaRedist.msi, and vcredist_x64x.exe installed by CWAOWASSPMain.msi

What the CWAOWASSPMain.msi file does is actually place 4 files into the folder specified during the wizard so continue by browsing to that folder:

clip_image002[27]

… then install the following:

vcredist_x64.exe

clip_image002[29]

clip_image002[33]clip_image002[35]

clip_image002[37]clip_image002[39]

Note the following item in the Programs and Features:

Microsoft Visual C++ 2008 Redistributable – x64 9.0.21022

clip_image002[41]

Depending on whether .NET 3.5 is already installed on the server, you may not need to install the following:

donetfx35setup.exe

clip_image002[43]

Next, install the following:

UcmaRedist.msi

clip_image002[45]

clip_image002[47]

Note that this is a silent install so you won’t see any prompts.

clip_image002[49]

Once completed, you should see the following line item in the Programs and Features:

Microsoft Office Communications Server 2007 R2, Microsoft Unified Communications Managed API 2.0 Core Redist 64-bit

clip_image002[51]

Finally, install the last msi:

CWAOWASSP.msi

Note that this is also a silent install:

clip_image002[53]

clip_image002[55]

If you forgot to run UCMARedist.msi first then you would receive the following message:

Microsoft Office Communicaions Server 2007 R2. Web Service Provider installation requires that Microsoft Unified Communications Managed API 2.0 Core Redist 64-bit is already installed. Either use Setup.exe for installation or run UCMARedist.msi included with the product to install the redistributable.

clip_image002[59]

The following line item will be displayed in the Programs and Features once the install has completed:

Microsoft Office Communications Server 2007 R2, Web Service Provider

clip_image002[57]

Step #5 – Patch the components install in Step #4

Proceed by navigating back to the packages downloaded in Step #2 and patch UcmaRedist.msi from 3.5.6907.0 to Microsoft Office Communciations Server 2007 R2, Microsoft Unified Communications Managed API 2.0 Core Redist 64-bit from 3.5.6907.0 to 3.5.6907.244:

clip_image002[61]

clip_image002[63]

clip_image002[65]

clip_image002[67]

Note the version change to 3.5.6907.244:

clip_image002[69]

Continue by patching CWAOWASSP.msp from 3.5.6907.57 to Microsoft Office Communications Server 2007 R2, Web Service Provider 3.5.6907.202:

clip_image002[71]

clip_image002[73]

clip_image002[75]

clip_image002[77]

Note the version change to 3.5.6907.202:

clip_image002[79]

Step #6 – Configuring the Exchange 2010 CAS Server

With the components installed onto your CAS server or servers, proceed by launching the Exchange Management Shell and identify the certificate that is currently assigned to the IIS server.  Run the following cmdlet to get the list of certificates currently used by the Exchange CAS server:

Get-ExchangeCertificate|fl Services,Thumbprint

image

Note that the Exchange CAS server used in this example actually has multiple certificates for different services but the one we are interested in is the one used for the IIS service:

image

Copy the Thumprint of the certificate to Notepad.

There will be environments when multiple OWA Virtual Directories are configured on the the Exchange Server so to check simply execute the Get-OWaVirtualDirectory cmdlet and verify that the only returned result is owa (Default Web site):

Get-OWAVirtualDirectory

image

Another cmdlet we can execute to display the virtual directory mapped to OWA is the following:

Get-OwaVirtualDirectory | Where-Object {$_.ExternalUrl -eq https://webmail.domain.com/owa}

image

Note that we only have one single OWA Virtual Directory in the example above so we won’t have to specifically target the virtual directory with the -identity switch but I like to be safe so I use the Where-Object {$_.ExternalUrl -eq https://webmail.domain.com/owa} anyways. Continue by executing the following to configure the InstantMessaging parameters of the virtual directory:

Get-OwaVirtualDirectory | Where-Object {$_.ExternalUrl -eq "https://webmail.domain.com/owa"} | Set-OwaVirtualDirectory -InstantMessagingType OCS -InstantMessagingEnabled:$true -InstantMessagingCertificateThumbprint A5202F5ED7E8DC2B294FE41EAF9FECC2DCFBB2E3 -InstantMessagingServerName <FQDNofLyncSTDserverOrPool>

Note that when you execute the following cmdlet, you will see the parameters assigned:

Get-OwaVirtualDirectory | Where-Object {$_.ExternalUrl -eq "https://webmail.domain.com/owa"} | FL Server,Instant*

image

Step #7 – Configure the Trusted Application Pool

Launch the Lync Server 2013 Topology Builder tool, navigate to Lync Server > Datacenter > Lync Server 2013 > Trusted application servers then right click on the node and create a New Trusted Application Pool…:

clip_image002[1]

The Exchange topology in this example contains 2 CAS servers so I’ll be using the Multiple computer pool option with the webmail URL as the pool FQDN matching the certificate name:

clip_image002[3]

Add the individual CAS server names into the Define the computers in this pool step:

clip_image002[5]clip_image002[7]

Associate the next hop server as the front end server:

image

image

Publish the topology:

image

clip_image002[9]

Next, verify that the changes are in place by launching the Lync Server Management Shell and executing the following cmdlet:

Get-CsTrustedApplicationPool

image

Execute the follow cmdlet to verify the computers defined in the pool:

Get-CsTrustedApplicationComputer

image

With the configuration settings verified, proceed by using the cmdlet New-CsTrustedApplication cmdlet to define a trusted application and associate it to the new trusted application pool.

A free port will need to be identified and then used to assign as the listening port on the Lync server.  Jeff Schertz’s Lync 2010 with Exchange 2010 integration (http://blog.schertz.name/2010/11/lync-and-exchange-im-integration/) provides an easy way to determine whether a port is free and that is to use the command:

netstat -a | findstr <port #>

We can use either 5059 as Jeff demonstrates or another one that is free.  For the purpose of this example, we’ll use 5059:

clip_image002[11]

With the port identified, execute the following cmdlet to create the new trusted application and associate the CAS array to it:

New-CsTrustedApplication -ApplicationId ExchangeOWA -TrustedApplicationPoolFqdn <casArrayFQDN> -Port 5059

image

Enable the topology with the following cmdlet:

Enable-CsTopology -v

clip_image002[13]

Once the publishing completes, you can review the logs to ensure there are no unexpected warnings or errors:

clip_image002[15]

That’s it.  You should be able to log into Outlook Web App and see your Lync presence at the top right hand corner and your contact list on the left hand pane.

2 comments:

Brian Rota said...

Hello
Do you have any tips for OWA integration when you introduce Exchange 2013 OWA?
2013 will take over webmail and proxy the users to 2010 until the mailboxes are moved.
Should I just add 2013 to the trusted application? Or should I create a legacy url for the 2010 servers and create a second trusted application.

Thank you.

Brian

Roberto Alvano said...

Hello,
Have you somewhere the source file for the webservice provider KB981256?
The link http://www.microsoft.com/en-us/download/details.aspx?id=797 that you provide does not work any more.
I tried to get it with Microsoft, but impossible.
It would be appreciated if I could download it from your source.

Roberto