The Complete Home Lync Lab: Part 1 Overview of Lab and Microsoft Exchange 2013 Server Setup

Hello Readers,

As you may know my background with Microsoft Lync has come from supporting a customers environment with no prior experience. In the early days it was very hard to play with Lync as it was in an active production environment, so I ended up buying a new home machine with 32gb of RAM so I could play with Lync without the fear of breaking the customers environment. I wanted to give back to the community for all the Lync newbies on how to setup a complete Lync Lab “without” a Public Certificate.

The key word there is “without

Remember this series is designed for a Lab, parts of this series can be used in Production but make sure it suits your environment.

Series List

Part 1 – Overview of Lab and Microsoft Exchange 2013 Server Setup

Part 2 – Installing Lync Standard Server 2013 and activating users for Lync

Part 3 – Installing Lync 2013 Monitoring and Lync Edge Server

Part 4 – Installing KEMP VLM for Reserve Proxy

Part 5 – Install System Center Operations Manager 2012 R2

Part 6 – Proactive Monitoring of Microsoft Lync 2013

Part 6a – Installing and Configuring the Lync 2013 Watcher Node

Part 7 – Configuring Archiving with Microsoft Exchange 2013

Part 8 – Installing WAC for Lync Server 2013 – Internal Only

Part 8a – Configure WAC for Lync Server 2013 – External Access

How do I plan on doing this?

This Lab is going to be constructed with the following;

Server Name Role IP Address
DC01 Primary Domain Controller with Certificate Authority 10.10.10.1
EX01 Exchange 2013 10.10.10.10
FE01 Lync 2013 Standard Edtion Front End 10.10.10.11
DB01 SQL 2012 Standard Edition 10.10.10.5
EG01 Lync 2013 Edge Server 10.10.10.12 (LAN)
172.16.1.12 (DMZ)
PBX PBX Box 10.10.10.13
SC01 System Center Operation Manager 10.10.10.14
WA01 Web App Server 10.10.10.15
Public CA Public CA Authority 10.10.10.50
KEMP VLM Reserve Proxy 10.10.10.60 (LAN)
172.16.1.60 (DMZ)

Please note: All Servers are running Windows 2012 R2

So in this post I will presume the following;

Server Role Notes
1 Domain Controller ADUC, CA You should already have this within your lab
1 SQL Server SQL with 1 Instance You should already have this within your lab
1 Public CA Server CA You should already have this within your lab

Please note: Public CA must, must not be domain joined!!

My Domain name for this Lab will be lyncme.local

So I will now start with installing Exchange and as always there are Pre-requisites we need to complete before putting the Exchange Media into the Server. First we are going to install all the required Windows Features. You can copy and paste the below into Windows Powershell on the Server and run.

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

image

Once all Windows Features have been installed download the following and install.

Install Unified Communications Managed API (UCMA) 4.0

http://www.microsoft.com/en-us/download/details.aspx?id=30349

Now you will need Download the latest Cumulative Update for Exchange 2013 (Current CU5 at the time of writing), then extract it to a directory, then run setup.exe

I will be ticking Dont check for update right now as this lab machine doesnt have access to the internet –> Press Next

image

Press Next –> Tick “I accept the terms in the licence agreement” –> Press Next

image

Tick “Use recommended settings” –> Press Next

image

Tick Mailbox Role –> Tick Client Access Role –> Press Next

image

Press Next –> Enter Organisation Name –> Press Next

image

Press Next

image

Press Install

image

The install will now take a while to complete

Once Complete Tick Launch Exchange Administration Center –> Press Finish

image

The Admin Center will now open, Login with the Account you have used to install Exchange.

image

Once you have logged in Click on the Server Tab from the Left Hand Menu. If you have a Product Key for Exchange this is where you would enter the key. If you havent and this is only evaluation of Exchange you are installing we can just continue.

image

Now Click Mail Flow –> Accepted Domains -> Plus Sign

image

  • Enter Name: lyncme.co.uk (Can be anything)
  • Accepted Domain: lyncme.co.uk (Your public name space you will be using)
  • Tick Authoritative Domain

Press Save

Now press the Pen Button to edit the domain you have create. Tick Make this the default domain

Press Save

image

Press Email Address Policies –> Press Edit

image

Press Email Address Format –> Press Plus Sign –-> Select you Public Name Space –-> Tick what format you want –-> Tick Make this format for the reply email address

image

Press Save

Press Save

image

Press Apply

Press Yes

Press Close

You will now need to configure the Send Connector. Press Send Connectors –> Plus Sign –> Give the Connector a name (I will use Send) –> Tick Internet –> Press Next

image

Leave as Defaults –> Press Next

image

Press Plus Sign

image

Enter ( * ) under Fill Qualified Domain Name (FQDN) and Press Save

image

Press Next –> Press Plus Sign –> Highlight your Exchange Server –> Press Add –> Press OK –> Press Finish

image

Press Servers –> Press Certificate

image

Tick Create a request for certificate from a certificate authority –> Press Next

image

Enter Friendly Name for your Certificate

image

Press Next

image

Press Browse –> Highlight your Exchange Server –> Press OK –> Press Next

image

You will now need to edit the browse fields

image

Press Edit

  • Outlook Web App (when accessed from the Internet) –> I will be using Add mail.lyncme.co.uk
  • Exchange Web Service (when accessed from the Internet) –> Add mail.lyncme.co.uk
  • Exchange Active Sync (when accessed from the Internet) –> Add mail.lyncme.co.uk
  • Autodiscover (when accessed from the Internet) –> Remove the private fqdn in my case autodiscover.lyncme.local
  • Outlook Anywhere (when accessed from the Internet) –> Add mail.lyncme.co.uk

Press Next

image

Remove all names apart from

  • Your Public Name (mail.lyncme.co.uk) Make sure this is set as you Common Name. To check this the name will be highlighted in bold
  • Your Autodiscover Record (Autodiscover.lyncme.co.uk)
  • Your Exchange Server (ex01.lyncme.local)

Press Next

image

Enter all required information and Press Next

image

Enter a UNC Path you save your Certificate Request. Press Finish

We now need to access our Public Certificate Authority via Internet Browser type http://yourserver/certsrv

image

Please Note: My public certificate server has a DNS A Record for name public-ca

Press Request a Certificate

Press Advanced Certificate Request

Press Submit a Certificate..

Open the Request you created from the ECP (Exchange Control Panel) with Notepad and Copy + Paste information into Saved Request

image

Press Submit

You should now see the below window

image

Now connect to your Public Certificate Server and Open Certificate Authority –> Click on Pending Requests –> Right Click –> All Tasks –> Issue

image

Now got back to http://yourserver/certsrv and Press View the status of a pending certificate request

image

Click on your Request

image

Click Download Certificate Chain and save to location on your Exchange Server

image

Go to your location you have saved the .p7b file and open it

image

Right Click each Certificate and Export back to the saved location.

  • lyncme-public-ca-ca (Is the Trusted Root Certificate)
  • mail.lyncme.co.uk (Is the certificate for Exchange Server)

We now need to install the Trusted Root Certificate on the Exchange Server. Open the Certificate

Press Install Certificate

image

Tick Local Machine and Press Next

image

Tick Place all certificate in the following –> Press Browse –> Click Trusted Root Certification Authorities –> Press OK –> Press Next

image

Press Finish

We now need to go back to Certificates on the Exchange Control Panel

Click on your Certificate Request and Press Complete

image

Enter the path to your Certificate and Press OK

image

You will notice the following error

image

This is expected as we have used a Fake Public Certificate. Press Edit –> Click Services

  • Tick SMTP
  • Tick IMAP
  • Tick POP
  • Tick IIS

Press Save

image

Press Yes to replace SMTP Certificate

You will know have a working internal Exchange Server 🙂 you can test this by sending emails between Mailboxes as shown below

image

Watch out for Part 2 – Installing Lync Standard Server 2013 and activating users for Lync coming soon.

Regards

Andrew Price

13 thoughts on “The Complete Home Lync Lab: Part 1 Overview of Lab and Microsoft Exchange 2013 Server Setup”

  1. This is the best article I have found ever but I have one confusion. How did you install public CA? Can you please tell me the steps.

  2. Hi Zeeshan

    The public CA server is just a standalone Certificate Authority Server not domain joined but sits on your local subnet. You need to create certificate request and enter request into http://localhost/certsrv .. You will need to export the full chain and import root cert into trusted authorities then import cert into exchange.

    Really simple and affective for labs with no true public cert and only testing internally.

    Andy

Leave a Reply

Your email address will not be published. Required fields are marked *