Tuesday, December 20, 2011

Lync 2010 Deployment

Step by Step: Lync Server 2010 Deployment.

This article aims at providing step by step approach to install a Lync Server 2010 Standard Edition.

Let's first ensure that the environment is ready to welcome the Lync Server.

Operating System support for Lync Server 2010.
All server roles of Lync Server 2010 require one of the following operating systems:
  • The 64-bit edition of Windows Server 2008 R2 (Standard, Enterprise or Datacenter).
  • The 64-bit edition of Windows Server 2008 SP2 (Standard, Enterprise, or Datacenter).
Components required on Lync Server machine

Commands to install all pre-requisites... (On Windows Server 2008 R2)

PS C:\> Import-Module ServerManager
PS C:\> Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Static-Content,Web-Default-Doc,Web-Http-Errors,Web-Http-Redirect,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Http-Logging,Web-Log-Libraries,Web-Http-Tracing,Web-Windows-Auth,Web-Client-Auth,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Console,Web-Scripting-Tools –Restart
Above command will install all the features required and reboot the machine.
Now go to the setup folder of Lync Server 2010, and double click setup.exe.

It'll check the availability of Microsoft Visual C++ 2008 redistributable on the system. If its not installed, it'll give you option to install the application. Click "Yes" to install it.
Next step would be to choose the installation location.

By default, it'll select above location. After selecting the right installation location, click on "Install".

Accept the license agreement and click "ok".

Topology Builder (TB): It is must to install Topology Builder (TB) before you can deploy a Lync Server. Topology Builder helps you to define sites and servers in the setup. 
Define a topology (xml file gets created).
Topology Builder validates the topology.
Publish the topology after successful validation.
Publishing it puts it into the Communications Server central management store (which is created if it does not already exist). 
Click "Install Topology Builder" to install the TB. After installation of TB, it'll look like following in the deployment wizard.

Preparing Active Directory
To prepare Active Directory Domain Services (AD DS) for your Microsoft Lync Server 2010 deployment, you must perform three steps in a specific sequence:
  • Prep Schema
  • Forest Prep
  • Domain Prep
Permission required for these three operations.

Action Permission
Schema Prep Member of Schema Admins group for the forest root domain and Administrator rights on the schema master
Forest Prep Member of EnterpriseAdmins or DomainAdmins group for the forest root domain
Domain  Prep Member of EnterpriseAdmins or DomainAdmins group for the specified domain
On deploy wizard main screen, click "Prepare Active Directory" and "Run" the schema prep.

On the Schema Prep wizard, click "Next" and "Finish". This will extend the Active Directory schema for the use of Microsoft Lync Server 2010. You need to be an enterprise admin to perform this operation.
In this case location of schema prep log was
Location: C:\Users\administrator.LYNCDOM\AppData\Local\Temp\2\Install-CSAdServerSchema-[2010_10_06][13_15_13].html
Figure out the location of schema prep log in your setup.. :)
If you already have an OCS setup then verify the process has completed successfully by checking the rangeUpper (1100) and rangeLower (14) values of the ms-RTC-SIP-SchemaVersion Schema object with adsiedit.msc.
It's time for forest prep after you are done with schema prep.

From Active Directory Preparation wizard, "Run" the prepare forest operation (Above picture). Click "Finish" when the forest prep is done (below picture).

Log Location: C:\Users\administrator.LYNCDOM\AppData\Local\Temp\2\Enable-CSAdForest-d96954e1-1d86-40c1-942f-54f5ec5052ab.xml
To check the status of forest prep, run the following command in powershell.
PS C:\> Get-CsAdForest
After forest prep is successful, run domain prep for all the concerned domains in Active Directory.

Log Location for domain prep action: C:\Users\administrator.LYNCDOM\AppData\Local\Temp\2\Enable-CSAdDomain-[2010_10_06][14_41_28].html
To check the status of Domain Prep, run the following command.
PS C:\> Get-CsAdDomain
Prepare the Microsoft Lync Server
Process to prepare the Lync Server does three things primarily.
1)      Checks following components for availability. If anyone them missing, it also installs that component.
2)      Creates firewall exception for SQL instance.
3)      Creates firewall exception for SQL browser.


After this wizard completes, you should see following components installed on the server.

Before moving further the domain Administrator account used throughout this process should be added as a member to the domain security groups CsAdministrator and RTCUniversalServerAdmins.
This user account should then logoff and back on to the Windows Server where Lync is being installed to update the associated security token.
Create a share for Lync Server:
It will be used during Lync Server 2010 installation. Everyone should have “Read & Execute” permission. Administrators should have “Full Control”.
Share name for this purpose in this article is “LyncFolder”.
Defining topology with the help of Topology Builder
Open the TB from start menu.

Provide a name to the topology. For example, “NewYork.tbxml".

Back at the main Topology Builder window select Edit Properties on the Lync Server 2010 (RC) root-level object.  Highlight the Simple URLs section and enter the desired Administrative Access URL. (Note the additional for Phone Access URLs and Meeting URLs are already configured.)
Also highlight the Central Management Server section and select the new Front-End server from the drop-down menu if it is not already selected.

By now local SQL instance will have two databases Lis and XDS. Also, the shared folder is configured properly.
DNS Records:
Create following three hostnames
All three hostnames should point to the IP Address of the standard edition server (enterprise edition pool IP if its enterprise edition deployment).
Installation of Microsoft Lync Server 2010 binaries

 Run “setup or remove Lync Server components”.

After rebooting the server, run “setup or remove Lync Server components” again. This will install the rest of the compnents on the machine.
Certificate For Lync Server
You can either user certificates from the internal Certification Authority (CA), or you can get the certificates from the public CA. Since this certificate will be used only for the internal purpose, it makes sense to get the certificate from internal CA.

Provide “Organization Information” detail and click “Next”.
Provide “Geographical Information” and click “Next”.

You may get this error during certificate request/assign.
Error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. (Exception from HRESULT: 0x800B0109)
Install the Root CA cert chain on the server and run the wizard again to resolve the problem.

After you have successfully configured certificates on the Lync Server, now it’s time to start the services.

Click next on “Start Services” wizard.

Reboot the server. And, that’s all as far as installation of Lync Server 2010 is concerned.
And yes, last but not the least... don't forget to create the corresponding SRV record to enable auto configuration at the clients end.