:: infotechGuyz.com ::
> For the IT community by the IT community

ZHire Account Provisioning App
Automate AD / Exchange / Lync
accounts. Free Download

• BlackBerry Server (BES)
• Excel Macro/VBA
• Exchange 2007
• Exchange 2010
• Lync 2010
• Scripting/Command-line
• SQL Server 2008
• SQL Server 2012
• Team Foundation Server
• VMware
• Windows 7
• Windows 8
• Windows Server 2008
• Windows Server 8

Integrating Lync 2010 Voicemail and Exchange 2007 UM

If you have deployed or plan to deploy MSExchange in your organization, you can use Exchange Unified Messaging (UM) features to provide voice mail to Enterprise Voice users.

Configuring Unified Messaging on MS Exchange to Work with Lync 2010

Configuring Exchange Unified Messaging to work with Enterprise Voice consists of the following tasks:

• Configuring certificates on the server running MSExchange Unified Messaging
• Creating one or more UM SIP URI dial plans, along with their subscriber access phone numbers as needed, and then creating corresponding Lync Server dial plans
• Using the exchucutil.ps1 script to:
  • Create UM IP gateways.
  • Create UM hunt groups.
  • Grant Lync Server permission to read UM Active Directory Domain Services (AD DS) objects.
• Creating a UM auto-attendant object
• Creating a subscriber access object
• Creating a SIP URI for each user and associating users with a UM SIP URI dial plan

Requirements and Recommendations
Before you begin, the documentation in this section assumes that you have deployed the following Exchange roles: Hub Transport, Client Access, Mailbox, and Unified Messaging.

Also note the following:

• If Exchange UM is installed in multiple forests, the Exchange integration steps must be performed for each UM forest. In addition, each UM forest must be configured to trust the forest in which Lync Server is deployed, and the forest in which Lync Server is deployed must be configured to trust each UM forest.

• Integration steps are performed on both the server running Exchange Unified Messaging and the server running Lync Server. You should perform the Exchange Unified Messaging integration steps before you perform the Lync Server integration steps.

The following tools must be available on each server running Exchange UM:

• Exchange Management Shell
• The script exchucutil.ps1, which performs the following tasks:
  • Creates a UM IP gateway for each Lync Server.
  • Creates a hunt group for each gateway. The pilot identifier of each hunt group specifies the UM SIP URI dial plan used by the Front End pool or Standard Edition server that is associated with the gateway.
  • Grants Lync Server permission to read Exchange UM objects in Active Directory Domain Services (AD DS).

Configure Certificates on the Server Running MSExchange Unified Messaging
If you have deployed Exchange Unified Messaging (UM), as described in  Exchange Unified Messaging Integration in the Planning documentation, to provide Exchange UM features to Enterprise Voice users in your organization, use the following procedures to configure the certificate on the server running Exchange UM.

The Exchange must be configured with a server certificate in order to connect to Lync Server:

1. Download the CA certificate for the Exchange.
2. Install the CA certificate for the Exchange.
3. Verify that the CA is in the list of trusted root CAs of the Exchange.
4. Create a certificate request for the Exchange and install the certificate.
5. Assign the certificate for the Exchange.

 

Download the CA certificate:

1. On the server running Exchange UM, click Start, click Run, type http://<name of your Issuing CA Server>/certsrv, and then click OK.
2. Under Select a task, click Download a CA certificate, certificate chain, or CRL.
3. Under Download a CA Certificate, Certificate Chain, or CRL, select Encoding Method to Base 64 and click Download CA certificate.
4. In the File Download dialog box, click Save, and then save the file to the hard disk on the server. (The file will have either a .cer or a .p7b file extension, depending on the encoding that you selected in the previous step.)

 

Install the CA certificate:

1. On the server running Exchange UM, open MS Management Console (MMC) by clicking Start, clicking Run, typing mmc in the Open box, and then clicking OK.
2. On the File menu, click Add/Remove Snap-in, and then click Add.
3. In the Add Standalone Snap-ins box, click Certificates, and then click Add.
4. In the Certificate snap-in dialog box, click Computer account, and then click Next.
5. In the Select Computer dialog box, ensure that the Local computer: (the computer this console is running on) check box is selected, and then click Finish.
6. Click Close, and then click OK.
7. In the console tree, expand Certificates (Local Computer), expand Trusted Root Certification Authorities, and then click Certificates.
8. Right-click Certificates, click All Tasks, and click Import.
9. Click Next.
10. Click Browse to locate the file, and then click Next. (The file will have either a .cer or a .p7b file extension, depending on the encoding that you selected in step 3 of To download the CA certificate.
11. Click Place All Certificates in the following store.
12. Click Browse, and then select Trusted Root Certification Authorities.
13. Click Next to verify the settings, and then click Finish.

 

To verify that the CA is in the list of trusted root CAs:

1. On the server running Exchange UM, in MMC expand Certificates (Local Computer), expand Trusted Root Certification Authorities, and then click Certificates.
2. In the details pane, verify that your CA is on the list of trusted CAs.

To create a certificate request and install the certificate on Exchange 2007 (SP1):

1. On the server running Exchange UM, click Start, click Run, type http://<name of your Issuing CA Server>/certsrv, and then click OK.
2. Under Select a task, click Request a Certificate.
3. Under Request a Certificate, click Advanced certificate request.
4. Under Advanced Certificate Request, click Create and submit a request to this CA.
5. Under Advanced Certificate Request, select Web server or another server certificate template configured for server authentication.
6. Under Identifying Information for Offline Template, in the Name box, type the FQDN of the Exchange.
7. Under Key Options, click the Store certificate in the local computer certificate store check box.
8. Click the Submit button in the bottom of the webpage.
9. In the dialog box that opens asking for confirmation, click Yes.
10. On the Certificate Issued page, under Certificate Issued, click Install this certificate.
11. In the dialog box that opens asking for confirmation, click Yes.
12. Verify that the message "Your new certificate has been successfully installed" appears.

 

To assign the certificate on Exchange 2007 (SP1):

1. On the server running Exchange UM, open MMC.
2. In the console tree, expand Personal and then click Certificates.
3. In the details pane, verify that personal certificate is displayed.
4. Double-click the certificate to read its details and ensure it is valid.
   Note: It may take a few minutes before the certificate displays as valid.
5. Restart the MS Exchange Unified Messaging service.
   Note: The server running Exchange 2007 SP1 Unified Messaging automatically retrieves the correct certificate.
6. Open Event Viewer and look for Event ID 1112, which specifies what certificate the server running Exchange 2007 SP1 Unified Messaging has retrieved.

 

Configure Unified Messaging on MS Exchange
This topic describes how to configure Unified Messaging (UM) on a MSExchange for use with Enterprise Voice.

To configure a server running Exchange UM:

1. Create a UM Session Initiation Protocol (SIP) Uniform Resource Identifier (URI) dial plan for each of your Enterprise Voice location profiles. If you choose to use the EMC console, create a new dial plan with the security setting Secured (preferred).
   
   • If you use the Exchange Management Shell, type:

   new-umdialplan -name <dial plan name> -UriType "SipName" -VoipSecurity <SIPSecured|Unsecured|Secured> -NumberOfDigitsInExtension <number of digits> -AccessTelephoneNumbers <access number in E.164 format>
   

   Whether you select a security level of SIPSecured or Secured depends on whether secure real-time transport protocol (SRTP) is activated or deactivated for media encryption. For the  Lync 2010 integration with Exchange UM, this should correspond to the encryption level in the  Lync Server media configuration. The Lync Server media configuration can be viewed by running the Get-CsMediaConfigurationcmdlet. For details, see Get-CsMediaConfiguration in the Lync Server Management Shell documentation.

2. Run the following cmdlet to obtain the fully qualified domain name (FQDN) for each UM dial plan:
   1. (Get-UMDialPlan <dialplanname>).PhoneContext 
3. Record the dial plan name of each UM dial plan. Depending on your version of Exchange, you may need to use the FQDN of each dial plan name later as the name of each UM dial plan’s corresponding Lync Server dial plan so that the dial plan names match.
4. Add the dial plan to the server running Exchange UM as follows:
   • If you choose to use the EMC console, you can add the dial plan from the property sheet for the server. For specific instructions, see the Exchange product documentation.
   • If you use the Exchange Management Shell, run the following for each of your Exchange UM servers:

   $ums=get-umserver; 
   $dp=get-umdialplan -id <name of dial-plan created in step 1>; 
   $ums[0].DialPlans +=$dp.Identity; 
   set-umserver -instance $ums[0]

    

   When specifying a mailbox policy for each dial plan that you created in step 1, select either the default policy or one that you have created.

5. Navigate to <Exchange installation directory>\Scripts, and then if Exchange is deployed in a single forest, type:

   exchucutil.ps1

   Or, if Exchange is deployed in multiple forests, type:

   exchucutil.ps1 -Forest:"<forest FQDN>" 
   

   whereforest FQDN specifies the forest in which Lync Server is deployed.

   If you have one or more UM dial plans that are associated with multiple IP gateways, continue to step 6. If your dial plans are each associated with only a single IP gateway, skip step 6.

6. Using either the Exchange Management Shell or EMC console, disable outbound calling for all but one of the IP gateways associated with each of your dial plans.
   • If you use the Exchange Management Shell, disable each IP gateway by running the following command:

   Set-UMIPGateway <gatewayname> -OutcallsAllowed $false

   • If you use the EMC console, clear the Allow outgoing calls through this IP gateway check box.
7. Create a UM auto-attendant for each Lync Server dial plan.

New-umautoattendant -name <auto attendant name> -umdialplan < name of dial plan created in step 1> -PilotIdentifierList <auto attendant phone number in E.164 format> -SpeechEnabled $true -Status Enabled

The following step should be performed for each user after you have enabled Lync Server users for Enterprise Voice and know their SIP URIs. 

8. Associate Exchange UM users (each of whom should be configured with an Exchange mail box) with the UM dial plan and create a SIP URI for each user.

enable-ummailbox -id <user name> -ummailboxpolicy <name of the mailbox policy for the dial plan created in step 1> -Extensions <extension> -SIPResourceIdentifier "<user name>@<full domain name>" -PIN <user pin>