First, install the roles and features required:
Add-WindowsFeature Web-Dyn-Compression,desktop-experience,RSAT-ADDS,Web-Server,Web-Scripting-Tools,Web-Windows-Auth,Web-Asp-Net,Web-Log-Libraries,Web-Http-Tracing,Web-Stat-Compression,Web-Default-Doc,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Http-Errors,Web-Http-Logging,Web-Net-Ext,Web-Client-Auth, Web-Filtering,Web-Mgmt-Console,Msmq-Server,Msmq-Directory
Install .Net 4.5 Framework
install Windows Identity Foundation 3.0 or higher
Windows Server 2012 and Windows Server 2012R2:
Make sure you have the Windows Server installation CD or source. It’s required to install ,Net 3.5 Framework.
Then, from an elevated PowerShell, run the following command:
Note: You don’t need to run “Import-Module ServerManager”, Windows 2012 loads the modules automatically
Add-WindowsFeature RSAT-ADDS, Web-Server, Web-Static-Content, Web-Default-Doc, Web-Http-Errors, Web-Asp-Net, Web-Net-Ext, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Http-Logging, Web-Log-Libraries, Web-Request-Monitor, Web-Http-Tracing, Web-Basic-Auth, Web-Windows-Auth, Web-Client-Auth, Web-Filtering, Web-Stat-Compression, Web-Dyn-Compression, NET-WCF-HTTP-Activation45, Web-Asp-Net45, Web-Mgmt-Tools, Web-Scripting-Tools, Web-Mgmt-Compat, Desktop-Experience, Windows-Identity-Foundation, Telnet-Client, BITS -SourceD:\sources\sxs
If your Windows Server 2012 installation source is not your D drive, change it to your desired location.
On Windows Server 2012R2 you should install Lync Server 2013 with at least CU3 (Download the latest here).
To avoid Event IDs 32402, 61045 on Lync 2013 Front End Servers (See KB2901554), run the following from an elevated command prompt:
Reg Add "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\Schannel" /V "EnableSessionTicket" /D 2 /T REG_DWORD /F
Now you’re all ready to install Lync Server 2013.
In this post we will see the installation of Lync Server 2013. We will be installing the Lync Server 2013 on the Front End Server (FE.exchtechexpert.com). Perform the below steps using the user account LyncAdmin.
Run the Setup.exe from the Lync Server 2013 installation DVD. Click Yes to install the Microsoft Visual C++ 2012 64 bit.
On the next screen Click Install to install the Lync Server 2013.
Click I accept the terms in the license agreement.
After the setup we see the Lync Server 2013 Deployment Wizard.
The first step that we will perform here is “Prepare Active Directory“. Click on Prepare Active Directory.
Step 1 – Prepare Schema: Extends the Active Directory schema by adding new classes and attributes that are used by Lync Server. Prepare Schema must be run once in a forest where Lync Server is deployed.
Run the Prepare Schema.
Click Finish to Complete the Prepare Schema Step
After Running the Schema verify the log if any error into.
Step 2 – Verify Replication Of Schema Partition: To manually verify that the schema partition has been replicated, Log on to Domain controller, Click Start, Administrative Tools, Open ADSI Edit. Right click ADSI Edit and click Connect to. Select a well known Naming Context as Schema.
Double click CN=ms-RTC-SIP-SchemaVersion and verify if value of the rangeUpper attribute is 1150 and the value of the rangeLower attribute is 3. If you don’t find the rangeUpper and rangeLower attributes or if their values are not as specified, then the schema is not modified or has not replicated.
Step 3 – Prepare Current Forest: This step creates global settings and universal groups that are used by Lync Server. This step must be run once in a forest where Lync server is deployed.
Run the Prepare Current Forest. Click Next.
Select Local Domain and click Next.
The Prepare Forest Step has been completed. Click Finish.
Step 4 – Verify Replication of Global Catalog: To confirm that the replication of the Global Catalog and the creation of objects during Forest Preparation have been successful, open Active Directory Users And Computers, under users you should find CSAdministrator Group along with 8 new groups with names that begin with CS. If you find these groups in the console then the Replication of Global Catalog is successful.
Step 5 – Prepare the Current Domain: This step adds permissions on objects to be used by members of universal groups. It should be run once per user domain or server domain.
Run the Prepare Current domain and click finish to close the wizard.
Step 6 – Verify Replication in the Domain: To verify the replication in the domain, click start, open Lync Server Management Shell
Step 7 – Add users to provide administrative access to Lync control panel: Access to Lync Control Panel is controlled by group membership in a universal group called CSAdministrator. We will add user account Lyncadmin and administrator to CSAdministrator Group.
Click on start, Click Administrative tools, Open Active Directory Users and Computers, Under Users look for group named CSAdministrator. Double click the group, select Member of and add Administrator and LyncAdmin to CSAdministrator group. Click Apply and OK.
At last in your Deployment Wizard window you must find the status as Complete with a green check mark for all the preparation steps. Do not exit the wizard, Click Back.
Now we will proceed with the second step. Click on Prepare first Standard Edition Server. This will prepare a single Standard Edition Server to host the Central Management Store.
During this step, in the background SQL Server 2008 Express Edition is installed, RTC Databasesare created and populated.
Click finish to complete the prepare single Standard edition server step.
After Preparing the Standard Edition Server, We will now install Administrative tools. This will install the Administrative Tools that will used in deploying Lync Server. Click on Install
The Administrative Tools have been Installed.
DNS Entries Requirement
This is a list of the required DNS records you need to create for Lync to work. I will be using my domain name but you should get the idea
Internal DNS A Records
|admin.Exchtechexpert.com||Front-end server OR Front-end Pool|
|meet.Exchtechexpert.com||Front-end server OR Front-end Pool|
|dialin.Exchtechexpert.com||Front-end server OR Front-end Pool|
|lyncwebint.Exchtechexpert.com||Front-end server OR Front-end Pool|
|sip.Exchtechexpert.com||Front-end server OR Front-end Pool|
||Front-end server OR Front-end Pool|
External DNS A Records
DNS SRV records
As of now we are going to create only three 3 URLs: Srv record, Meet, Dial-In, and Admin record.
Click Start, click Administrative Tools, launch DNS Manager. Right Click the domain and Select Other New Records.
verify SRV record by nslookup command in CMD
We have created 3 host records and 1 SRV record. This completes the DNS configuration for Lync Server.
we have now installed Lync Server 2013 Standard Edition of this series now we will take a look at Lync Control panel, enable Lync access to users.
The User Search Option as shown in the below image with its two option (Search or LDAP) is limited to searching for users that are already enabled for Lync not new users who are not enabled yet for Lync
To Search for Existing enabled users, you can use the Search button and enter the user name for the user you are looking for. If you would like to use the LDAP search then you need to search using LDAP Expression. If you tried to enter normal username in the LDAP search you will get an error “Active Directory Operation Failed. The Search filer is invalid”
So to use the LDAP search for existing users you need to enter LDAP expression. To get the LDAP expression for the user you can get it from AD ADSIEDIT by navigating to the user location or by running the below PowerShell command in Lync Server
“Get-Aduser -identity -username”
The Value of the distinguished name is the one that you need to enter in LDAP Search
So back to the first question, How to enable new users that joined the domain and are not yet enabled for Lync. To add/Enable new user you need to click on Enable Users in the User Search Menu (Lync Control Panel) then Click Add
Now you will get a new Search Window where you can search here for New users either using normal username (Search Check box) or using LDAP expression as explained earlier.
Now you can enable this new user and assign him to the correct pool