Step 1: Configuring the Identity Life Cycle Manager Server for Lync Server 2010
Topic Last Modified: 2012-10-18
After you have deployed Lync Server 2010, modify the configuration of the identity life cycle manager server that is responsible for synchronizing user objects as contacts across all forests.
If Microsoft Exchange Server is not deployed in a cross-forest topology, deploy and configure the Lync Server Sync tool (Lcssync). Lcssync is included with the Lync Server 2010 Resource Kit. The remainder of this section focuses on using Lync Server Sync.
If Microsoft Exchange Server is deployed in a cross-forest topology, use the global address list (GAL) sync tool with the Lync Server Sync logic. Exchange Server uses GAL sync to synchronize contact information in the GAL between forests. In this situation, an update to the GAL sync tool is required because the identity life cycle manager server does not support the coexistence of two different synchronization agents.
The Lync Server Sync tool configures the management agent of each forest except the central one in order to synchronize its user and group information with the identity life cycle manager server. The identity life cycle manager server generates a metaverse object that represents each user or group and it then synchronizes each user or group object as a contact in the central forest. Because all Lync Server users and groups are synchronized as contacts (including the users or groups object security identifier (SID)) in every other forest, users can still communicate with each other across forest boundaries after the identity life cycle manager server is reconfigured, and users can still take advantage of distribution group expansion across forests.
Configure Forefront Identity Manager in the following manner:
For configuring Lync Server in a multiple-forest environment, make the primary supported synchronization software Forefront Identity Manager 2010.
If you use Microsoft Identity Lifecycle Manager 2007 FP1 or Microsoft Identity Integration Server 2003 SP2, extend the default "Persons" object metaverse schema by creating the attribute photo. To alter the synchronization rule, follow these steps:
Start Identity Manager.
From the toolbar, click Metaverse Designer.
From the object type list, click Person.
From Actions pane, click Add Attribute.
In the Add attribute to object type dialog box, click New Attribute.
In the attribute name box, enter photo.
From the Attribute type list, click Binary (non-Indexable), and then click OK.
Click OK again to finalize creating the attribute.
Verify that the photo attribute is added to the attribute list.
The identity life cycle manager server is configured to do the following:
Import the user objects and group objects from two user forests as identity life cycle manager server metaverse objects.
Export the metaverse objects to the central forest as contact objects.
To install and configure the Lync Server Sync tool, Lcssync, perform the following steps (each step is explained in detail in the subsequent sections).
Microsoft Identity Integration Server 2003 SP2 uses the sync tool, Lcssync, which requires Microsoft .NET Framework 2.0.|
You can download ".NET Framework 2.0 Redistributable" from the Microsoft Download Center at
- Install the Lync Server Sync Tool.
- Extend the Metaverse Schema in the Identity Life Cycle Manager.
- Configure Extensions for the Lync Server Sync Tool.
- Configure the Object Deletion Rule in the Identity Life Cycle Manager.
- Create a Management Agent for the Lync Server Sync Tool in the Central Forest.
- Create a Management Agent for the Lync Server Sync Tool in all User Forests.
- Importing, Synchronizing, and Provisioning Lync Server Objects.