The Complete Home Lync Lab: Part 3 – Installing Lync 2013 Monitoring and Lync Edge Server

Hello Readers

As continuing on Part 2, we are now going to look at Installing Lync 2013 Monitoring and Lync Edge Server before than moving on to Part 4 – Installing KEMP VLM for Reserve Proxy. As always there are a couple of pre-requisites we need to complete before inserting the media into the Server.

If you are not installing Lync 2013 Pre-requisites this way you are doing it wrong. My fellow colleague from The UC Architects Pat Richard has created the one of the best scripts that can be in any Lync Specialist tool kit.

Download .\Set-Cs2013Features from http://www.ehloworld.com/1697 and place on the Edge Server as we will need this file later in this post.

The first part of this article we are going to look at installing Lync Monitoring.

Log on to your Lync Front End Server and launch Lync Topology Builder.

image

Navigate –> Lync Server –> Your Site –> Lync Server 2013 –> Standard Edition Front End Servers –> Your Server

image

Right Click –> Edit Properties –> Scroll Down to Monitoring

image

Tick Monitoring –> Press New –> Enter your SQL Server FQDN –> Specify your instance –> Untick This SQL instance is in mirroring relation (As stated in Part 1 you should already have a SQL Server with an instance available) –> Press OK

image

Press OK –> Press Action –> Press Topology –> Press Publish

image

Press Next

image

Press Next –> This should complete successfully –> Press Finish

image

Launch Lync Deployment Wizard

image

Press Yes –> Click Deploy Monitoring Reports

image

Press Next

image

Press Specify a User Account and Password that has rights to the instance –> Press Next

image

Press Specify User Group (I will be using the default group) –> Press Next

image

Press Finish

image

Launch the Lync Server Control Panel

image

Login with an account that is apart of the CSAdministrator

image

Click View Monitoring reports –> Click your SQL Server FQDN

image

You should now see the below window 🙂 Successful deployment of Lync Monitoring

image

Now we are going to move on to install Lync Edge Server. Log into your Lync Edge Server

There is a couple of things we need to do first one ensure you have two network connections

  1. 1 NIC to LAN (10.10.10.12/24)
  2. 1 NIC to DMZ (172.16.1.12/24)

The Edge Server must not be domain joined.

Next think you will need to do is go to Computer Name/Domain Changes –> Press More

image

Specify Primary DNS Suffix on this computer –> Press OK –> Press OK –> Press OK –> Press Close –> Press Restart Now

image

Once your Server has restarted launch Pat Richard Script.

Select Option 3 to install Lync Front End Server.

image

And following the on screen prompts, its couldn’t be any simpler. You will need an internet connection into this machine as its downloads three components to C:\_Install or you can manually place the files but doing this will not ensure you have got the latest versions.

Files can be found here http://1drv.ms/1mcSJsr – Update as of 03/07/14

Now insert your Lync Media and Run Setup.exe

image

Click Yes –> Click Yes

image

Click Install

image

Tick “I accept the terms” –> Press OK –> Once installation is complete you will be welcomed by the below window

image

We now need to go back to the Lync Front End Server and open topology builder

image

Tick Download Topology –> Press Ok

image

Save the tbxml into your choose location –> Press Save

image

Navigate Lync Server –> Your Site Name –> Lync Server 2013 –> Right Click Edge Pool –> Press New Edge Pool

image

Press Next –> Select Single Computer Pool –> Enter your Edge Name –> Press Next

image

Tick Enable federation (port 5061) –> Press Next

image

Tick Enable IPv4 on internal interface –> Enable IPv4 on external interface –> Tick External IP address this Edge pool is translated by NAT –> Press Next

image

You will now need to enter FQDNs for;

  • Access Edge
  • Web Conferencing
  • AV Edge

I will be using;

  • sip.lyncme.co.uk (Good practice to use SIP.domain.com)
  • wc.lyncme.co.uk (Common practice)
  • av.lyncme.co.uk (Common practice)

Press Next

image

Enter Internal IP for Server –> Press Next

image

Enter External IP Address(s) for Edge Services. I have used 3 IP Address from home network  –> Press Next

image

Enter IP Public Address –> Press Next

I will be using 192.168.0.140

Press Next –> Press Finish

Press Action –> Press Topology –> Press Publish

image

Press Next –> Press Finish

image

We now need to launch Lync Management Shell to export the CsConfiguration for the Edge Server.

As you can see from below I have exported the file as .zip. This is important. Now move the .zip to the Edge Server.

image

We now need to go back to the Edge Server and add additonal IP Address to the DMZ NIC for Access Edge, Web Conf and AV Edge.

Go to the Properties of the Internet Protocal Version 4 (TCP/IPv4) Properties –> Advanced –> Add the IP Address for

  • Access Edge
  • Web Conf
  • AV Edge

image

Note: This is step not completed the Lync Services wont start

We now need to go back to the Lync Deployment Wizard, Click Install or Update Lync Server System

image

Under Step 1: Install Local Configuration Store, Click Run

image

Specify the .zip file to Import as shown below –> Press Next

image

Press Finish once complete

image

Under Step 2: Setup or Remove Lync Server Components, Click Run

image

Press Next –> Press Finish

Under Step 3: Request, Install or Assign Certificates, Click Run

image

Press Request for Edge Internal

image

Press Next –> Tick Prepare the request now –> Press Next

image

Press Browse –> Type Name for File –> Press Open

image

Press Next

image

Press Next –> Type Friendly Name –> Press Next

image

Enter Organization –> Enter Organization Unit –> Press Next

image

Specify Country/Region –> Enter State –> Enter City –> Press Next

image

Press Next –> Press Next –> Press Next –> Press Next

image

Press Next –> Press Finish

image

As you can the request file has been created on my Desktop.

We now need to open Internet Explorer and go to the Web Certificate Request for your domain

Type http://caserver.domain.local/certsrv –> Enter Domain Administrator Username and Password –> Press OK

image

Press Request a Certificate

image

Press Advance Certificate Request

image

Press Submit a Certificate request by using a base 64-encoded CMC

image

Now open your Certificate Request with Notepad –> Copy Request –> Paste into Saved Request –> Select Web Server Certificate Template –> Press Submit

image

Press Download Certificate Chain

image

Save to a location on your Edge Server with a name you can easily identify –> Press Save

image

Open Certificate Chain –> Export both Certificates to your Edge Server

image

Right Click your Root Certificate –> Press Install Certificate

image

Tick Local Machine –> Press Next

image

Tick Place all certificate in the following store –> Select Trusted Root Certificate Authorities –-> Press OK –> Press Next –> Press Finish –> Press OK

image

Now going back to the Certificate Wizard –> Press Import Certificate

image

Press Browse –> Select the certificate you exported –> Press Next –> Press Next

image

Press Finish

image

Press Assign –> Press Next

image

Select the Edge Internal Certificate –> Press Next –> Press Next

image

Press Finish

image

Select Edge External –> Press Request

Press Next –> Tick Prepare the request now –> Press Next

image

Press Browse –> Type Name for File –> Press Open

image

Press Next –> Type Friendly Name –> Mark sure the Tick for Mark this certificates private key as exportable is ticked –> Press Next

image

Enter Organization –> Enter Organization Unit –> Press Next

image

Specify Country/Region –> Enter State –> Enter City –> Press Next

image

Press Next –> Press Next –> Press Next –> Press Next

image

Press Next –> Press Next –> Press Next

I am going to add in 2 additional SAN Names

  • lyncdiscover.lyncme.co.uk
  • web.lyncme.co.uk

Lync Discover is just a good habit to have and web is because it will be required for Reserve Proxy as if you remember in part 2 I specified the External URL as web.lyncme.co.uk

image

Press Next once you have added SAN Names

image

Press Next –> Press Next –> Press Finish

image

As you can the request file has been created in my chosen location.

We now need to open Internet Explorer and go to the Public Web Certificate Request for your domain

Type http://publicca.domain.local/certsrv or http://10.10.10.50/certsrv

Press Request a Certificate

image

Press Advance Certificate Request

image

Press Submit a Certificate request by using a base 64-encoded CMC

image

Now open your Certificate Request with Notepad –> Copy Request –> Paste into Saved Request –> Select Web Server Certificate Template –> Press Submit

image

Your request is now pending on the Public CA Server. We now need to issue that certificate from PublicCa Server.

image

Login into PublicCa Server –> Open Certificate Authority

Navigate –> Pending Requests –> Right Click Request –> All Tasks –> Issue

image

Go back to the Edge Server and open

http://publicca.domain.local/certsrv or http://10.10.10.50/certsrv

Press View the status of pending certificate request

image

Press Saved-Request Certificate

image

Press Download Certificate Chain

image

Save to a location on your Edge Server with a name you can easily identify –> Press Save

image

Open Certificate Chain –> Export both Certificates to your Edge Server

image

When exporting ensure you specify Base-64 encoded X.509 (.cer)

image

Right Click your Root Certificate –> Press Install Certificate

image

Tick Local Machine –> Press Next

image

Tick Place all certificate in the following store –> Select Trusted Root Certificate Authorities –-> Press OK –> Press Next –> Press Finish –> Press OK

image

Now going back to the Certificate Wizard –> Press Import Certificate

image

Press Browse –> Select the certificate you exported –> Press Next –> Press Next

image

Press Finish

image

Press Assign –> Press Next

image

Select the Edge External Certificate –> Press Next –> Press Next

image

Press Finish

Once complete press Close

Under Step 4: Start Services, Click Run

image

If you open Services you should see all the Services up and running

image

If everything is configured correctly you should see the below from Lync Front End and running command Get-CsManagementStoreReplicationStatus

image

If Edge shows False then check if you can ping the Edge Server by FQDN, ensure port 4443 is open from Lync End to Edge Server

 

This concludes this post

Regards

Andrew Price

3 thoughts on “The Complete Home Lync Lab: Part 3 – Installing Lync 2013 Monitoring and Lync Edge Server

  1. Pingback: The Complete Home Lync Lab: Part 1 Overview of Lab and Microsoft Exchange 2013 Server Setup | LegendaryTechy Blog

  2. Pingback: The Complete Home Lync Lab: Part 4 – Installing KEMP VLM for Reserve Proxy | LegendaryTechy Blog

  3. Pingback: Renewing Certificates for Lync / Skype for Business Server – Gareth's Blog

Leave a Reply

Your email address will not be published. Required fields are marked *