This article covers the Unified Messaging (UM) integration configuration between Lync Server 2010 Release Candidate and Exchange Server 2010 SP1. Although the process is basically the same as it was in Exchange 2007 and OCS 2007 R2 there are a few important changes. Also note these instructions were tested various times with both RC and RTM installations of Lync Server.
The lab environment used as examples was built using the same processes discussed in these three previous articles for Lync Server. A single consolidated Exchange 2010 SP1 server was also added with all roles (CAS, Hub, Mailbox, UM).
Overview
The following steps completed in this order in a greenfield deployment should yield a working UM environment in little time.- Deploy Exchange Server 2010 SP1 in same forest as a consolidated server with Unified Messaging role included.
- Replace the self-signed certificate with one from an internal Windows Enterprise Certificate Authority and reassign all Exchange roles to it.
- Create a new SIP Dial Plan in Exchange.
- Configure UM Dial Plan, Policy, and Auto Attendant settings.
- Enable Unified Messaging on at least one mailbox.
- Run the exchucutil.ps1 PowerShell script on the Exchange server.
- Configure Lync Server Dial Plan or verify existing configuration is sufficient.
- Run the ocsumutil.exe tool on the Lync server.
Configuration
These steps begin right where article 3 left off so if you are following along make sure to configure the Enterprise Voice setting in Lync Server as detailed in that article.1. Deploy Exchange Server
The deployment of Exchange Server 2010 SP1 is outside the scope of this article but there are many official and unofficial walkthroughs available online to help anyone unfamiliar with the Exchange Server deployment process. The best place to start would be the official Microsoft documentation. The host used in this lab is a separate, dedicated virtual guest running Windows Server 2008 R2 with 2GB of RAM assigned to it. No previous instance of Exchange had been installed so the deployment included creating a new Exchange Organization.Prior to deploying the Exchange Server make sure to install all of the prerequisite software for the UM role as documented in this checklist. Pay special attention to the Microsoft Speech Platform, UC Managed API 2.0, and UM Language Pack installations.
2. Generate New Certificate
This step is a common Exchange deployment task and official instructions can be found here. Note that the statement “you must use a public certificate if you are using Unified Messaging with Office Communications Server” is not entirely correct. This really should state that a ‘trusted certificate’ is required, as a private certificate issued by an internal Enterprise Windows CA can be used and will work fine if both the Lync and Exchange servers are members of the same domain. Also verify that the UM service is assigned to the new certificate once it is installed and the UM service was restarted.When collocating the UM role on a consolidated Exchange Server the easiest configuration is to use a single SAN certificate for all Exchanges services with the server’s FQDN set as the Subject Name (e.g. lab1exch.csmvp.net) with any other required names (e.g. mail.csmvp.net, autodiscover.csmvp.net) added to the Subject Alternative Names field.
3. Create Exchange UM Dial Plan
In this deployment the VoIP Security option Secured was used used so that both SIP signaling traffic and RTP media traffic will be transmitted between Lync and Exchange using encrypted TLS communications. Opting to use the SIP Secured setting would only protect the SIP traffic using TLS while all RTP traffic would be transmitted over TCP.Additionally a value of 4 was selected for the number of digits in extension numbers as the dial plan previously configured in the Lync server is based on the pattern 312-555-75xx, where the last four digits are treated as the user’s extension. Since normalization patterns were created to translate 75xx patterns into RFC 3966 patterns (+131255575xx) then we want the Exchange UM dial plan to automatically select the last 4 digits of the user’s Telephone Number field as their extension when they are later enabled for UM.
- Using the Exchange Management Console navigate to the UM Dial Plans tab under Organization Configuration > Unified Messaging. Create a new UM Dial Plan with any Name desired (e.g. DefaultUM), and any valid PIN length (e.g. 4). The URI Type must be set to SIP URI and the VOIP Security was set to Secured. As this lab is using a North American dialing plan the Country/Region Code was set to 1.
- An improvement in the Exchange Server 2010 process is seen next as the wizard will ask which UM server to associate the new dial plan with. Previously with Exchange Server 2007 this step had to be performed manually afterwards.
- Select the consolidated Exchange server running the UM role and then complete the wizard.
During the wizard completion the following error may appear as the default UM service startup mode is set to TCP and is not compatible with the VoIP Security option selected. This will also prevent the Unified Messaging service from starting on the Exchange server.
The VoIPSecurity type of dial plan(s) ‘DefaultUM’ does not match the UMStartupMode of Unified Messaging server ‘LAB1EXCH’. Please ensure that if the UMStartupMode of the Unified Messaging server is TCP, the dial plan has a VoIPSecurity type of Unsecured. If the UMStartupMode of the Unified Messaging server is TLS, the dial plan should have a VoIPSecurity type of either SIPSecured or Secured.
- To resolve this issue complete the wizard and then use the Exchange Management Console to navigate to the UM Settings tab on the UM server properties located under Server Configuration > Unified Messaging. Change the Startup Mode to TLS. (Dual could also have been selected but in this lab all communications will be using TLS so there is no reason to for the UM service to listen over TCP as well. This approach is also more secure in production deployments.)
- To apply this change the Microsoft Exchange Unified Messaging service must be restarted, although it should not even be running at this point so then it just needs to be started.
New-UMDialPlan -Name ‘DefaultUM’ -NumberOfDigitsInExtension ’4′ -URIType ‘SipName’ -VoIPSecurity ‘Secured’ -CountryOrRegionCode ’1′
Set-UMServer -Identity ‘LAB1EXCH’ -DialPlans ‘DefaultUM’ -UMStartupMode ‘TLS’
Start-Service MSExchangeUM
4. Configure UM Settings
This first step is optional but I typically prefer to tweak a couple settings before enabling users for UM, specifically the minimum PIN length as the default of 6 is annoyingly long for demo purposes, plus enabling common patterns allows me to set easy-to-remember PINs like ‘1234’ or ‘1111’.- From the PIN policies tab on the default UM Mailbox Policy set the Minimum PIN Length to 4 and enable Allow common patterns in PIN.
Next is the Exchange Subscriber Access and Auto Attendant configuration. As this lab is using 312-555-75xx in the Lync Dial Plan I selected 7556 and 7557 for the SA and AA telephone numbers.
- Enter the desired telephone number on the Subscriber Access tab of the newly created UM Dial Plan (e.g. +13125557556).
- Create a new UM Auto Attendant with any Name (e.g. AutoAttendant) (do not include any spaces) and enter the desired phone number in the Pilot Identifier List (e.g. +13125557557). Select the new UM Dial Plan as the associated dial plan and select both settings to enable and speech-enable the auto attendant.
- Alternatively the PowerShell cmdlet shown below can be used to create the new UM Auto Attendant with the setting described above.
New-UMAutoAttendant -Name ‘AutoAttendant’ -UMDialPlan ‘DefaultUM’ -Status ‘Enabled’ -SpeechEnabled $true -PilotIdentifierList ‘+13125557557′
5. Enable Mailboxes for UM
Select at least one mailbox using the Exchange Management Console and enable Unified Messaging on it. This account should already be enabled for Lync Server and Enterprise Voice.- Run the Enable Unified Messaging wizard on the mailbox and select the default policy. Retain the automatic settings but verify that the extension and SIP address shown match the desired settings for that user.
Once again, the Exchange Management Shell can be used to perform the same step, as shown by the following cmdlet.
Enable-UMMailbox –Identity ‘kristina’ -PinExpired $false -UMMailboxPolicy ‘DefaultUM Default Policy’ -Extensions ’7502′ -SIPResourceIdentifier ‘Kristina@csmvp.net’
- Verify that the EUM and SIP addresses are properly configured on the mailbox after the wizard completes.
6. Run Exchange UC Configuration Script
This script is basically unchanged in SP1 and performs the same actions: creating the UM IP Gateway and IP Hunt Group as well as granting permissions to Lync server to read specific UM-related objects in Active Directory.Make sure to allow for any outstanding AD replication to complete before running this script so that the newly created UM dial plan and any other changes are read by the script in their updated state. If run to soon sometimes the Dial Plans listed in the last line of the script output will display as “not found” even though the configuration would typically be functional at that point. If that happens it is safe to re-run the script multiple times at it will identify any successful previous changes and thus report that no new changes were applied in those cases.
- Using the Exchange Management Shell execute the exchucutil.ps1 script located in the Exchange Server’s Scripts directory, as shown in the path below.
[PS] C:\Program Files\Microsoft\Exchange Server\v14\Scripts>.\ExchUCUtil.ps1
Using Global Catalog: GC://DC=csmvp,DC=net
Configuring permissions for csmvp.net\RTCUniversalServerAdmins …
CSMVP Net: The appropriate permissions haven’t been granted for the Office Communications Servers and Administrators to be able to read the UM dial plan and auto attendants container objects in Active Directory. The correct permissions are being added to the container objects.
UM DialPlan Container: The appropriate permissions haven’t been granted for the Office Communications Servers and Administrators to be able to read the UM dial plan and auto attendants container objects in Active Directory. The correct permissions are being added to the container objects.
UM AutoAttendant Container: The appropriate permissions haven’t been granted for the Office Communications Servers and Administrators to be able to read the UM dial plan and auto attendants container objects in Active Directory. The correct permissions are being added to the container objects.
Configuring permissions for csmvp.net\RTCComponentUniversalServices …
CSMVP Net: The appropriate permissions haven’t been granted for the Office Communications Servers and Administrators to be able to read the UM dial plan and auto attendants container objects in Active Directory. The correct permissions are being added to the container objects.
UM DialPlan Container: The appropriate permissions haven’t been granted for the Office Communications Servers and Administrators to be able to read the UM dial plan and auto attendants container objects in Active Directory. The correct permissions are being added to the container objects.
UM AutoAttendant Container: The appropriate permissions haven’t been granted for the Office Communications Servers and Administrators to be able to read the UM dial plan and auto attendants container objects in Active Directory. The correct permissions are being added to the container objects.
Configuring UM IP Gateway objects…
Pool: lab1ls.csmvp.net
A UMIPGateway doesn’t exist in Active Directory for the Office Communications Server Pool. A new UM IP gateway is being created for the Pool.
IsBranchRegistrar: False
MessageWaitingIndicatorAllowed: True
OutcallsAllowed: True
WARNING: The command completed successfully but no settings of ’1:1′ have been modified.
Dial plans: DefaultUM
Permissions for group csmvp.net\RTCUniversalServerAdmins
ObjectName AccessRights Configured
———- ———— ———-
CSMVP Net ListChildren True
UM DialPlan Container ListChildren, ReadProperty True
UM AutoAttendant Container ListChildren, ReadProperty True
Permissions for group csmvp.net\RTCComponentUniversalServices
ObjectName AccessRights Configured
———- ———— ———-
CSMVP Net ListChildren True
UM DialPlan Container ListChildren, ReadProperty True
UM AutoAttendant Container ListChildren, ReadProperty True
PoolFqdn UMIPGateway DialPlans
——– ———– ———
lab1ls.csmvp.net 1:1 {DefaultUM}
7. Configure Lync Dial Plans
As mentioned earlier the Lync Server voice configuration is already complete. To validate which settings are required in Lync follow just the Enabling Enterprise Voice section of this previous article (the Deploying a Media Gateway section is not required for UM connectivity.)- To validate the configuration will support the extension dialing configured for the SA and AA UM objects use the Lync Server Control Panel to create a New Voice Test Routing Case. Enter the SA extension (e.g. 7556) and the Expected translation (e.g. +13125557556) and make sure the test passes.
8. Run Lync UM Configuration Tool
This utility is used to create the AD contact objects for Lync Server to resolve and locate the Exchange Subscriber Access and Auto Attendant services.In the past it was always required to configure the UM Dial Plan name to be the identical FQDN as what the OCS Location Profile was named. But now with SP1 on Exchange Server 2010 that is no longer required, as indicated by the informational text on the bottom of the next screenshot.
- Execute the OcsUmUtil.exe program located in the Lync Server’s Support directory, as shown in the path below.
C:\Program Files\Common Files\Microsoft Lync Server 2010\Support\OcsUmUtil.exe
- Click Load Data and the Active Directory forest name should populate the Exchange UM Dial Plan Forest field.
- Click Add to create the Subscriber Access contact first. Select the desired Organizational Unit and Name. The defaults can be used for the remainder of the settings.
- Click Add again to create another contact and select Auto-Attendant as the Contact Type. Select the desired Organizational Unit and Name. The defaults can be used for the remainder of the settings as well.
- Close the Exchange UM integration Utility and force an address book update in a Lync client to verify the new Exchange contacts. Depending on the AD forest configuration replication may need to complete before attempting the address book update process.
http://blog.schertz.name/2010/11/lync-and-exchange-um-integration/