:: infotechGuyz.com ::
> For the IT community by the IT community

• BlackBerry Server (BES)
• Excel Macro/VBA
• Exchange 2007
• Exchange 2010
• Lync 2010
• Scripting/Command-line
• SQL Server 2008
• SQL Server 2012
• Team Foundation Server
• VMware
• Windows 7
• Windows 8
• Windows Server 2008
• Windows Server 2012

Preparing Your Infrastructure for Lync 2010

This article will go over how to prepare your infrastructure for Lync 2010 deployment. Hardware requirements, Network requirements, AD requirements, HA requirements, SSL certificate requirements are all covered in this article.

 

 

Hardware Requirements
As with Exchange 2010, Lync 2010 requires everything to be 64-bit. There will not be a 32-bit version of Lync 2010. Below are the recommended specifications for all Lync 2010 roles on user pool of 80,000 with eight front end pool members.

Hardware component	Recommended
CPU	One of the following: 64-bit dual processor, quad-core, 2.0 GHz or higher 64-bit 4-way processor, dual-core, 2.0 GHz or higher Intel Itanium processors are not supported for Lync Server 2010 server roles.
Memory	16 GB
Disk	Local storage with at least 72 GB free disk space on a 10,000 RPM disk drive
Network	1 network adapter required (2 recommended), each 1 Gbps or higher

 

 

Below is the recommended for SQL Server running Lync 2010 database.

Hardware Component	Recommended
CPU	One of the following: 64-bit dual processor, quad-core, 2.0 GHz or higher 64-bit 4-way processor, dual-core, 2.0 GHz or higher
Memory	32 GB recommended for Back End Server (with or without collocated Archiving and Monitoring databases), 16 GB recommended for Archiving and Monitoring database (not collocated with the Back End Server).
Disk	Local storage with at least 72 GB free disk space on a 10,000 RPM disk drive
Network	1 network adapter required (2 recommended), each 1 Gbps or higher

 

 

OS Requirement
All version of Windows Server 2008 R2 is supported.
All version of Windows Server 2008 SP2 is supported.

Lync Server 2010 is not supported on the following operating systems:

• Windows Server 2008 R2 or Windows Server 2008 Server core
• Windows Web Server 2008 R2 or Windows Web Server°2008
• Windows Server 2008 R2 HPC Edition or Windows Server 2008 HPC Edition

 

Network Requirements
The NIC of each server in the Lync Server 2010 environment must support at least 1Gbps. It is preferred that all Lync 2010 servers resides in same layer 2 VLAN. The size of the LAN is dependent on the size of the topology: 

• In Standard Edition topologies, servers should be in a network that supports 1 Gbps Ethernet or equivalent.
• In Front End pool topologies, most servers should be in a network that supports more than 1 Gbps, especially when supporting audio/video (A/V) conferencing and application sharing.

For public switched telephone network (PSTN) integration, you can integrate by using either T1/E1 lines or SIP trunking.

 

AD Requirements
Lync 2010 stores the following objects in AD:

• User object extensions
• Extensions for Office Communications Server 2007 and Office Communications Server 2007 R2 classes to maintain backward compatibility with previous supported versions Sdf
• User SIP URI and other user settings
• Contact objects for applications (for example, the Response Group application and the Conferencing Attendant application)
• Data published for backward compatibility
• A service connection point (SCP) for the CMS
• A service connection point (SCP) for the CMS
• Kerberos Authentication Account (an optional computer object)

 

Forest and Domain Functional Level
Windows Server 2003 native mode is minimum requirement for Lync 2010 deployment. Also supported domain functional levels include: Windows Server 2008 R2, Windows Server 2008. Windows Server 2003 mixed mode is not supported. Also please note that single DNS zone names such as “mycompany” is not support but “mycompany.com” is supported.

 

HA Requirements
There are two load balancing options for HA deployments. DNS load balancing and hardware load balancing solutions such as F5 LTM.You can use DNS for load balancing SIP traffic but you must use hardware load balancers for client-to-server HTTPS traffic. HTTPS traffic from clients go over ports 443 and 80 which can be load balanced on F5 or other hardware load balancer.

 

DNS Configuration for Lync 2010 Client Auto Discovery
Lync 2010 allows you to configure your end users to use auto discovery to sign in to appropriate front end pool. This is done by creating a SRV record in your DNS zone. To enable auto discovery for your clients, you must create an internal DNS SRV record that points to the DNS name of the Front End pool.

_sipinternaltls._tcp.<domain> - for internal TLS connections

Example: _sipinternaltls._tcp.mycompany.net

 

Certificate Requirements
Lync 2010 requires certificates on most of the roles that allows secure communication. Lync 2010 always includes a wizard to generate CSR for certificates. Note that SAN certs are supported and recommended.

Certificate	Subject Name/Common Name	Subject Alternative Name	Example	Comments
Default	FQDN of the pool	FQDN of the pool and FQDN of the server.  If you have multiple SIP domains and have enabled automatic client configuration, the certificate wizard detects and adds each supported SIP domain FQDNs. If this pool is the auto-logon server for clients and strict DNS matching is required in group policy, you also need entries for sip.sipdomain (for each SIP domain you have).	SN=eepool.company.com; SAN=eepool.company.com; SAN=ee01.company.com If this pool is the auto-logon server for clients and strict DNS matching is required in group policy, you also need SAN=sip.company.com; SAN=sip.extcompany.com	The wizard detects any SIP domains you specified during setup and automatically adds them to the Subject Alternative Name.
Web Internal	FQDN of the server	Each of the following: Internal web FQDN (which is the same as the FQDN of the server) Meet simple URLs Dial-in simple URL Admin simple URL Or, a wildcard entry for the simple URLs	SN=ee01.mycompany.com; SAN=ee01.mycompany.com; SAN=meet.mycompany.com; SAN=meet.extmycompany.com; SAN=dialin.mycompany.com; SAN=admin.mycompany.com Using a wildcard certificate: SN=ee01.mycompany.com; SAN=ee01.mycompany.com; SAN=*.mycompany.com	Internal web FQDN cannot be overwritten in Topology Builder. If you have multiple Meet simple URLs, you must include all of them as Subject Alternative Names. Wildcard entries are supported for the simple URL entries.
Web external	FQDN of the server	Each of the following: External web FQDN Dial-in simple URL Admin simple URL Or, a wildcard entry for the simple URLs	SN=ee01.mycompany.com; SAN=webcon01.mycompany.com; SAN=meet.mycompany.com; SAN=meet.extmycompany.com; SAN=dialin.mycompany.com Using a wildcard certificate: SN=ee01.mycompany.com; SAN=webcon01.mycompany.com; SAN=*.mycompany.com	If you have multiple Meet simple URLs, you must include all of them as Subject Alternative Names. Wildcard entries are supported for the simple URL entries.