Configuring On-premises Lync Server 2010 Integration with Exchange Online
Topic Last Modified: 2012-10-18
Customers who are using on-premises Microsoft Lync Server 2010 deployments with cumulative update for Lync Server 2010: August 2011 or cumulative update for Lync Server 2010: November 2011 installed can now configure interoperability with Microsoft Outlook Web App in Microsoft Exchange Online. Interoperability features include single sign on and instant messaging (IM) and presence integration with the Outlook Web App interface. To enable this integration, you must configure the Edge Server in your on-premises Lync Server 2010 deployment by completing the following tasks:
Configure a shared SIP address space
Configure a hosting provider on the Edge Server
Create a DNS SRV Record for Integration with Hosted Exchange
Verify replication of the updated Central Management store
To integrate on-premises Lync Server 2010 with Exchange Online, you must configure a shared SIP address space (also called a split domain). The same SIP domain address space is supported by both Lync Server and the Exchange Online service.
Using the Lync Server Management Shell, configure the Edge Server for federation by running the Set-CsAccessEdgeConfiguration cmdlet using the parameters displayed in the following example:
Set-CsAccessEdgeConfiguration -AllowFederatedUsers $True
- AllowFederatedUsers parameter specifies whether internal users are allowed to communicate with users from federated domains. This property also determines whether internal users can communicate with users in a shared SIP address space scenario with Lync Server and Exchange Online.
For details about using the Lync Server Management Shell, see Lync Server Management Shell.
Using the Lync Server Management Shell, configure a hosting provider on the Edge Server by running the New-CsHostingProvider cmdlet, using the parameters in the following example:
New-CsHostingProvider -Identity "Exchange Online" -Enabled $True -EnabledSharedAddressSpace $True -HostsOCSUsers $False -ProxyFqdn "exap.um.outlook.com" -IsLocal $False -VerificationLevel UseSourceVerification
- Identity specifies a unique string value identifier for the hosting provider that you are creating, for example, “Exchange Online.” Values that contain spaces must be in double quotes.
- Enabled indicates whether the network connection between your domain and the hosting provider is enabled. This must be set to True.
- EnabledSharedAddressSpace indicates whether the hosting provider will be used in a shared SIP address space scenario. This must be set to True.
- HostsOCSUsers indicates whether the hosting provider is used to host Office Communications Server or Lync Server. This must be set to False.
- ProxyFQDN specifies the fully qualified domain name (FQDN) for the proxy server used by the hosting provider. For Exchange Online, the FQDN is exap.um.outlook.com.
- IsLocal indicates whether the proxy server used by the hosting provider is contained within your Lync Server topology. This must be set to False.
- VerificationLevel Indicates the verification level allowed for messages sent to and from the hosted provider. Specify UseSourceVerification, which relies on the verification level included in messages sent from the hosting provider. If this level is not specified, then the message will be rejected as being unverifiable.
You need to configure a Domain Name System (DNS) SRV record for the Lync Server 2010 Edge Server to route to a hosted Exchange service such as Microsoft Exchange Online.To create an external DNS SRV record for the hosted Exchange service
Log on to the external DNS server as a member of the DnsAdmins group.
Click Start, click Administrative Tools, and then click DNS.
In the console tree for your SIP domain, expand Forward Lookup Zones, and select the SIP domain in which Lync Server 2010 will be installed.
Important: You must create the DNS SRV record in the SIP domain in which Lync Server is or will be installed. When you create the SRV record, the FQDN used for the Host offering this service field must be the external FQDN of the Edge pool. For example, if the external FQDN of your Edge pool is edge01.contoso.net, enter that value. This must also be in the same domain as the DNS Hosts (A) record.
Right-click the selected domain, and then click Other New Records.
In Resource Record Type, click Service Location (SRV), and then click Create Record.
In New Resource Record, click Service, and then type _sipfederationtls.
Click Protocol, and then type _tcp.
Click Port Number, and then type 5061.
Click Host offering this service, and then type the fully qualified domain name (FQDN) of the Lync Server Edge Server pool that provides access to your Lync Server system for trusted external clients.
Note: The domain must also be set up as an authoritative, accepted domain in your Exchange Online settings. For details, see Create Accepted Domains at http://go.microsoft.com/fwlink/p/?LinkId=229762.
Click OK, and then click Done.
Log on to a client computer in the domain.
Click Start, and then click Run.
At the command prompt, run the following command:
nslookup <FQDN Lync Edge Pool>
Verify that you receive a reply that resolves to the appropriate IP address for the FQDN.
The changes you made using the cmdlets in the preceding sections are automatically applied to the Edge Server, and generally take less than a minute to replicate. You can validate replication status, and then confirm that the changes were applied to your Edge Server by using the following cmdlets.
To verify replication updates, on a server internal in your Lync Server 2010 deployment, run the following cmdlet:
To confirm the changes were applied, on the Edge Server, run the following cmdlet: