Integrating Exchange 2013 OWA and Lync Server 2013

Integrating Exchange 2013 OWA and Lync Server 2013



Overview

In this article I will show the steps for integrating Exchange Server 2013 OWA  and  Lync Server 2013 to enable Instant Messaging and presence in Outlook Web Access.

I have a structure of five virtual machines, all servers are part of the same  Active Directory Domain Services and are installed with Windows Server 2012 RTM. In the figure below lists the names and functions of virtual machines.


Active Directory Domain was created with the DNS name home.intranet  and a sip domain home.com.br that is also a authoritative domain on Exchange. 

Three users: user01, user02 and user03 were created  and enabled in Exchange and Lync. 

Active Directory Domain Service


DNS zone home.intranet support secure updates, 

FQDN  IP  Role
Hm01.home.intranet 172.16.1.245
Domain Controller 
Hm02.home.intranet 172.16.1.246 Lync Server 
Hm03.home.intranet 172.16.1.247  Exchange Server 
Hm10.home.intranet 172.16.1.248  SharePoint Server  
Hm11.home.intranet 172.16.1.251 Office Web Apps 2013 




The DNS zone  home.com.br does not support dynamic updates, the following records were manually created:

Civil Registry  FQDN  IP 
Address Exchange AutoDiscover AutoDiscover.home.com.br 172.16.1.247
WebMail  mail.home.com.br 172.16.1.247
SIP Address
sip.home.com.br  172.16.1.246
URL Dial-In dialin.home.com.br  172.16.1.246 
URL Meeting  meet.home.com.br  172.16.1.246 
Console URL Silverlight  admin.home.com.br  172.16.1.246 
SRV  sip.home.com.br  Name:  _sipinternaltls
Port Number: 5061

Protocol: _tcp
Host FQDN: sip.home.com.br 
 



Configuring Exchange Server

Digital Certificate

All traffic between Exchange and Lync is encrypted using SSL. Therefore configuring the connection between the two servers depends on information in digital certificates installed on both servers. The self-signed certificate must be replace with a new certificate emitted for trusted certification authority.
 
The certificate installed on Exchange Server 2013 is configured with the following FQDNs



     

Creating a Connection in Outlook Web Access

To configure the connection between the servers you need to select a digital certificate for encrypting the traffic. In this scenario I will use the same certificate configured for OWA. I'll need Thumbprint  and Subject Name  of the certificate. Use the cmdlet to get this information 

Get-ExchangeCertificate


The Thumbprint will be used to identify which certificate will be used for the connection. The  Subject Name will be used to create the  Trusted Application in Lync Server, the name of the Trusted Application must be identical to the name of the Subject Name n the certificate from Exchange Server.

To enable instant messaging execute cmdlet

Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InstantMessagingEnable $True -InstantMessagingType OCS



Configure the access policy and enable the OWA IM function for all users
Get-OwaMailboxPolicy | Set-OwaMailboxPolicy -InstantMessagingEnabled $true –InstantMessagingType OCS


To finalize the configuration the file  web.config  must be changed. By default the file is located at   C: \Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa


Open the file with a text editor, locate the tag  <appSettings> and add the two lines in the configuration file
<add key="IMCertificateThumbprint" value="OWA Certificate Thumbprint "/>
<add key="IMServerName" value="Lync Server FQDN" />



Run the command to apply the changes in OWA
C:\Windows\System32\Inetsrv\Appcmd.exe recycle apppool /apppool.name:"MSExchangeOWAAppPool"

Setup Lync Server 


Trusted Application is an application based on  Microsoft Unified Communications Managed API  that is trusted by Lync Server.  To configure integration with OWA you must configure a trusted application between Exchange and Lync.



Creating a Trusted Application Pool

To create an application on Lync Server  first identify the site created at installation. Use the cmdlet  Get-CsSite

Get-CsSite


To create an application pool run the cmdlet 

New-CsTrustedApplicationPool -Identity <Certificate Subject Name of Client Access> -Registrar <FQDN do Pool Lync server> -Site <Lync Server SiteID> -RequiresReplication $False



Creating a Trusted Application for OWA 

To create the application that represents the OWA in Lync Server run the cmdlet 

New-CsTrustedApplication -ApplicationId OutlookWebAccess -TrustedApplicationPoolFqdn <Client Access Certificate Subject Name> -Port < available TCP port number>



Saving the Configuration

Run Enable-CsTopology to apply the changes in the topology of Lync Server



Accessing OWA

To verify that the settings were applied successfully access the Exchange 2013 OWA and verify that the presence has been activated and can be changed. 


To start a session just to click on the contact tab or email People 

 

 




Other Languages


 This article is also available in the following languages:

Brazilian Portuguese


This article was originally written by:
Fernando Lugão Veltem
blog:  http://flugaoveltem.blogspot.com  
twitter:  @ flugaoveltem
Leave a Comment
  • Please add 3 and 4 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Sort by: Published Date | Most Recent | Most Useful
Comments
  • Fernando Lugão Veltem edited Revision 9. Comment: article update

  • Ed Price - MSFT edited Revision 3. Comment: Removed gerund from title. Adding tags.

Page 1 of 1 (2 items)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • I am not having much luck with this. I set it up but I keep getting errors over on my MBX server in the logs.

    ERROR:InstantMessageOCSProvider.MakeEndpointMostActive. EndPoint is null.,

    ERROR:InstantMessageOCSProvider.ResetPresence. SelfDataSession not established.,

  • Perfect howto! :)

  • Ed Price - MSFT edited Revision 3. Comment: Removed gerund from title. Adding tags.

  • Not quite perfect. I followed all the steps and it's still not working.

  • Hello jackson,

    What's the error that are you finding?

  • works perfect. Thank you.

  • Hi,

    Thanks for this blog post!. Very easy to follow and it worked great!

  • Thanks Fernando :D

  • Fernando Lugão Veltem edited Revision 9. Comment: article update

  • Pyr3x did you ever resolve your issue? I am having the same problem. Instructions followed and event 112 seen on the exchange server when first user logs in to OWA but it doesnt log into Lync and I get the same "ERROR:InstantMessageOCSProvider.MakeEndpointMostActive. EndPoint is null" error in the log, any help would be greatly appreciated.

  • Is there any way on how to do the integration between Lync 2013 on premise and Exchange 2010 on Office 365 ?

    I have done this with Lync 2010 and O365 (Exchange 2010) but same commands are not working with Lync 2013 and Exchange online 2010.

  • Same issue as pyr3x and leoncripps

    Seeing Event 112 in the logs but then when trying to sign in getting:

    ERROR:InstantMessageOCSProvider.MakeEndpointMostActive. EndPoint is null.,

    ERROR:InstantMessageOCSProvider.ResetPresence. SelfDataSession not established.

    Anybody else with this?

  • Same issue as pyr3x and leoncripps

    Seeing Event 112 in the logs but then when trying to sign in getting:

    ERROR:InstantMessageOCSProvider.MakeEndpointMostActive. EndPoint is null.,

    ERROR:InstantMessageOCSProvider.ResetPresence. SelfDataSession not established.

    Anybody else with this?

Page 1 of 1 (13 items)