First, the foundation of communication between Exchange and Lync 2013 is based on the new Office Web App OAuth calls for server-to-server
communication. As part of the installation of Lync 2013 you had to install SSL certificates to start the services, however for Exchange youll want to
make sure youre not using the self-signed certificates. An internal CA is fine (were using this in our test environment), third party is even better, but
the self-signed will not be able to communicate because its missing the necessary subject names.
First lets get the autodiscover service URI:
get-clientaccessserver | fl fqdn, autodiscoverserviceinternaluri
Fqdn
: VL-EXG-01.company.local
AutoDiscoverServiceInternalUri : https://autodiscover.company.local/Autodiscover/Autodiscover.xml
Also lets take on the Lync side and get the pool FQDN:
PS C:\Users\administrator.COMPANY> Get-Cspool | where-object {$_.services like *UserServer*} | fl site, fqdn
Site : Site:ConnectUC
Fqdn : lyncpool.company.local
Since were using internally signed certificates, well want to try accessing these URLs from both the Lync and Exchange servers, and ensure we can
open them via IE without any certificate warnings.
7/13/2015 Update Ive implemented the FREE Kemp virtual LoadMaster for my Lync 2013 May 2015 update and Exchange 2013
CU9 servers, but it doesnt change the process that much. Make sure you have a valid local certificate thats trusted & everything should work OK.
When we enable Lync IM for Exchange, we only want to target the FRONT END servers.
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InstantMessagingEnabled $true -InstantMessagingType OCS
-InstantMessagingCertificateThumbprint 5FB91CB7AB7677EF45B5C809CF8CB9CFDB31D0A1 InstantMessagingServerName
lyncpool.company.local
Get-OwaMailboxPolicy | Set-OwaMailboxPolicy -InstantMessagingEnabled $true InstantMessagingType OCS
Next, lets change the OWA web.config information. Use Notepad to open the following files
7/13/2015 Update -Youll need to reconfigure the web.config with each Cumulative Updates you run!
Notepad C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa\web.config
Under <appSettings> add 2 lines, substituting your Exchange certificate thumbprint (which we already obtained) and the Lync pool name:
<add key=IMCertificateThumbprint value=5FB91CB7AB7677EF45B5C809CF8CB9CFDB31D0A1 />
<add key=IMServerName value=lyncpool.company.local />
server hosting the OWA session. And even when I logged into OWA using the server FQDN (that wasnt a Subject Name in my Certificate and threw
a certificate error) IM still worked.
Im going to keep an eye on this to see if maybe the New-CsPartnerApplication alone facilitates connectivity to Exchange.
7/13/2015 Update If IM still doesnt work, use the commands above to remove them!!
Next we create our trusted application pool/application. Well want to use the individual server names themselves (and make sure we have the
corresponding SSL certificate in the web.config with a subject name matching the server FQDN).
New-CsTrustedApplicationPool -Identity vl-exg-01.company.local -Registrar lyncpool.company.local -Site ConnectUC -RequiresReplication
$False
New-CsTrustedApplication -ApplicationId OutlookWebAccess -TrustedApplicationPoolFqdn vl-exg-01.company.local -Port 5199
Enable-CSTopology
Next, we can enable our User accounts in Lync
If all went successfully, lets log into OWA and click to Sign in to IM
And success!