Ever since I was introduced to PowerShell in Exchange 2007 where certain things like Public Folder management could only be done in PowerShell rather than a GUI (which would later follow in SP1) I have been hooked. PowerShell "one liners" are all about speed and efficiency. The GUI is largely a thing of the past now. In both Lync and Exchange there are still many things that cannot be done in the GUI which means PowerShell is your only option. In Exchange Server 2013, the GUI is now a Web Page. And we all know how slow a web page can be.
In this post I will walk you through the steps of integrating Lync Server 2013 with Exchange Server 2013 Unified Messaging. For those that don't know what Unified Messaging (UM) is, here is a link to the Technet description. In Exchange 2007 and 2010, UM was a separate role. In 2013 it is part of the Client Access Server role. I'll leave you to deploy Exchange and make sure it is fit for UM.
As I mentioned above, I am a fan of PowerShell so I have tried to as much as I can just using PowerShell. Here goes.
Step 1 - Certificates
Generate a new Self Signed cert, import and enable for UM and UMCallRouter services. On your Exchange UM server open Exchange Server Management Shell as Administrator
New-ExchangeCertificate -FriendlyName 'LyncUM' -PrivateKeyExportable $true -KeySize '2048' -SubjectName 'C=UK, O=Company, CN=ExchUM01.domain.local' -DomainName 'ExchUM01.domain.localk' -Services 'UM,UMCallRouter' -Server 'ExchUM01.domain.local'These next commands Export the certificate to a file on the Exchange Server
$cert = (Get-ExchangeCertificate | Where {$_.Services -ilike "*UM*"})And this one copies the certificate file to one of your Front End servers. Repeat as necessary for all Front End Servers.
Export-Certificate -Cert $cert -FilePath c:\UMCert.p7b -Type p7b
Copy-Item C:\UMCert.p7b -Destination \\FrontEnd01.domain.local\C$\UMCert.p7b -ForceThis command will Import the certificate on your Front End server in the Trusted Root Certificate Authorities. On your Lync server(s), Open Lync Server Management Shell as Administrator
Import-Certificate -CertStoreLocation Cert:\LocalMachine\Root -FilePath "C:\UMCert.p7b"Back to Exchange.
Step 2 - Exchange UM configuration
First we need to create a New UM Dial Plan.
New-UMDialPlan -Name ‘Lync_UM_Dial_Plan’ -NumberOfDigitsInExtension ’4' -URIType ‘SipName’ -VoIPSecurity ‘Secured’ -CountryOrRegionCode ’44' -AccessTelephoneNumbers +9090Now Set dialing restrictions
Set-UMDialPlan "Lync_UM_Dial_Plan" -ConfiguredInCountryOrRegionGroups "Anywhere,*,*,*" -AllowedInCountryOrRegionGroups "Anywhere" -ConfiguredInternationalGroups "Anywhere,*,*,*" -AllowedInternationalGroups "Anywhere"Now Configure the UM Server
Set-UMService -Identity ‘ExchUM01.domain.local' -DialPlans ‘Lync_UM_Dial_Plan’ -UMStartupMode TLS
Set-UMCallRouterSettings -DialPlans 'Lync_UM_Dial_Plan' -UMStartupMode TLSNow Start UM Services
Start-Service "MSexchangeUM*" -verbose
OutputNow create a New UM Attendant
VERBOSE: Performing the operation "Start-Service" on target "Microsoft Exchange Unified Messaging (MSExchangeUM)".
VERBOSE: Performing the operation "Start-Service" on target "Microsoft Exchange Unified Messaging Call Router (MSExchangeUMCR)".
New-UMAutoAttendant -Name ‘AutoAttendant’ -UMDialPlan ‘Lync_UM_Dial_Plan’ -Status ‘Enabled’ -SpeechEnabled $true -PilotIdentifierList ‘+9091'And a new UM Mailbox Policy
New-UMMailboxPolicy -Name UMMailboxPolicy -UMDialPlan "Lync_UM_Dial_Plan" | Set-UMMailboxPolicy -AllowCommonPatterns $true -MinPINLength 4
Now we need to run the Exchange UC Util configuration script. This script gives permissions to the Lync Server on the Exchange UM objects and creates a new UM IP gateway pointing to the Lync pool.
Run Exchange UC Configuration Script - C:\Program Files\Microsoft\Exchange Server\v15\Scripts>.\ExchUCUtil.ps1 - Twice!Once you have run it a second time the dial plan you created and the Lync pool FQDN are present in the output.
Now back to the Lync server.
Step 3. Configure Lync for UM
First we need to add a Normalization Rule for UM Subscriber Access in Lync. Open Lync Server Management Shell as Administrator
New-CsVoiceNormalizationRule -Name 'Exchange UM' -Parent "LyncSiteName" -Description "Exchange UM Normalization" -Pattern '^(909\d{1})$' -Translation '+$1' -IsInternalExtension: $TRUE | Out-NullNow we must create Lync contacts for UM, for the subscriber access number and auto attendants (if you have any). This is a GUI unfortunately. But it is the only one.
Run Lync UM Configuration Tool - C:\Program Files\Common Files\Microsoft Lync Server 2013\Support\OcsUmUtil.exe
- Click Load Data and the Active Directory forest name should populate the Exchange UM Dial Plan Forest field.
- Click Add to create the Subscriber Access contact first. Select the desired Organizational Unit and Name. The defaults can be used for the remainder of the settings.
- Click Add again to create another contact and select Auto-Attendant as the Contact Type. Select the desired Organizational Unit and Name. The defaults can be used for the remainder of the settings as well.
Close the Exchange UM integration Utility and force an address book update in a Lync client to verify the new Exchange contacts. Open Lync Server Management Shell as Administrator
Update-CsAddressBookStep 4 - Create Test users
Create two test users in AD, Mail, UM and Lync enable them, enable for Enterprise Voice and assign line URIs.
First Create and Mail enable the Users
$password = Read-Host "Enter password" -AsSecureString (Enter the password when prompted)
New-Mailbox -UserPrincipalName test.user1@domain.com -Alias test.user1 -Database "Mailbox Database 1" -Name test.user1 -OrganizationalUnit Users -Password $password -FirstName Test -LastName User1 -DisplayName "Test User1" -ResetPasswordOnNextLogon $false
New-Mailbox -UserPrincipalName test.user2@domain.com -Alias test.user2 -Database "Mailbox Database 1" -Name test.user2 -OrganizationalUnit Users -Password $password -FirstName Test -LastName User2 -DisplayName "Test User2" -ResetPasswordOnNextLogon $falseNow Lync enable the users. Lync Server Management Shell As Administrator
Enable-CsUser -Identity "Test User1" -RegistrarPool "FrontEnd01.domain.com" -SipAddress "sip:test.user1@domain.com" | Set-CsUser -EnterpriseVoiceEnabled $True -lineURI "TEL:+44123549092;ext=9092"And finally, UM enable the Users. Exchange Server Management Shell as Administrator
Enable-CsUser -Identity "Test User2" -RegistrarPool "FrontEnd01.domain.com" -SipAddress "sip:test.user2@domain.com" | Set-CsUser -EnterpriseVoiceEnabled $True -lineURI "TEL:+44123459093;ext=9093"
Enable-UMMailbox -Identity test.user1@domain.com -UMMailboxPolicy UMMailboxPolicy -Extensions 9092Step 5 - Test UM
Enable-UMMailbox -Identity test.user2@domain.com -UMMailboxPolicy UMMailboxPolicy -Extensions 9093
Test Access to Voicemail
$cred = get-credential "domain\test.user1" - (Enter Password when prompted)Test that a user can leave a voicemail for another user
Test-CsExUMConnectivity -TargetFqdn FrontEnd01.Domain.local -UserSipAddress "sip:test.user1@domain.com" -UserCredential $cred
Result: Should say Success
$cred = get-credential "domain\test.user2" - (Enter Password when prompted)And that's it. You have successfully integrated Lync 2013 with Exchange Server 2013 UM. Hope this was useful.
Test-CsExUMVoicemail -TargetFqdn FrontEnd01.Domain.local -ReceiverSipAddress "sip:test.user2@domain.com" -sendersipaddress "sip:test.user1@domain.com" -SenderCredential $cred
Result: Should say Success
Stay tuned for part three of this series. Configuring OAuth between Lync 2013 and Exchange 2013.