《WalkthroughMicrosoftLyncServer(RC)StandardEditionServerwithExternalAccess.doc》由会员分享,可在线阅读,更多相关《WalkthroughMicrosoftLyncServer(RC)StandardEditionServerwithExternalAccess.doc(34页珍藏版)》请在三一办公上搜索。
1、Walkthrough: Microsoft Lync Server 2010 Standard Edition Server with External AccessPublished: September 2010This document is provided “as-is”. Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of usin
2、g it. Some examples depicted herein are provided for illustration only and are fictitious. No real association or connection is intended or should be inferred. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this do
3、cument for your internal, reference purposes. This document is confidential and proprietary to Microsoft. It is disclosed and can be used only pursuant to a non-disclosure agreement. Copyright 2010 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, ActiveSync, ActiveX, Excel, F
4、orefront, Groove, Hyper-V, Internet Explorer, Lync, MSDN, MSN, OneNote, Outlook, PowerPoint, RoundTable, SharePoint, Silverlight, SQL Server, Visio, Visual C+, Windows, Windows Media, Windows PowerShell, Windows Server, and Windows Vista are trademarks of the Microsoft group of companies. All other
5、trademarks are property of their respective owners.ContentsWalkthrough: Lync Server 2010 Standard Edition Server with External Access1Walkthrough: Introduction1Step 1: Prerequisites1Walkthrough: Prerequisites2Walkthrough: Deploy Topology2Step 2: Prepare Environment4Walkthrough: Prepare IIS5Walkthrou
6、gh: Install Active Directory Administrative Tools5Walkthrough: Install SQL Server Native Client6Walkthrough: Prepare DNS6Walkthrough: Prepare File Shares7Walkthrough: Enable Remote Administration8Walkthrough: Run Lync Server 2010 Setup8Walkthrough: Prepare Active Directory Domain Services8Walkthroug
7、h: Update Security Group Membership10Step 3: Create a Topology Using the Planning Tool10Walkthrough: Install the Planning Tool10Walkthrough: Create a Topology11Walkthrough: Export Sample Data12Walkthrough: View Site Topology12Walkthrough: Modify Edge Network Diagram12Walkthrough: Review Edge Admin R
8、eport13Walkthrough: Save and Export toTopology Builder13Step 4: Modify the Topology Using Topology Builder13Walkthrough: Installing Topology Builder14Walkthrough: Edit Topology14Walkthrough: Edit Edge pools15Walkthrough: Configure Administration URL16Walkthrough: Review and Save Topology16Step 5: Pu
9、blish Topology17Walkthrough: Prepare first Standard Edition Server17Walkthrough: Publish Topology17Walkthrough: Open To-Do List17Step 6: Deploy Lync Server 2010 Standard Edition18Walkthrough: Install the Local Configuration Store18Walkthrough: Install Components18Walkthrough: Configure Certificates1
10、8Walkthrough: Start Services19Step 7: Deploy a Director19Walkthrough: Install the Local Configuration Store20Walkthrough: Install Components20Walkthrough: Configure Certificates20Walkthrough: Start Services21Step 8: Validate Internal Server Deployment21Walkthrough: Confirm Services Started22Walkthro
11、ugh: Create and Enable Users22Walkthrough: Install Lync23Walkthrough: Test Server Configuration23Step 9: Prepare for External Access Deployment23Walkthrough: External Server and Client Computers24Walkthrough: Verify DNS Records for Edge Support24Walkthrough: Configure the DNS Suffix for Edge Servers
12、24Walkthrough: Request Certificate Chain from the Internal Enterprise CA25Walkthrough: Configure Network Interfaces for Edge Servers25Walkthrough: Export Your Topology25Step 10: Deploy Edge Servers26Walkthrough: Install Edge Servers26Walkthrough: Setup Certificates for the Internal Edge Interface26W
13、alkthrough: Setup Certificates for the External Edge Interface28Walkthrough: Start Edge Servers30Walkthrough: Lync Server 2010 Standard Edition Server with External AccessThis documentation describes how to deploy Lync Server 2010 in a fresh environment with no existing Lync Server deployment. It al
14、so includes the required server roles for external user access. The deployment of Microsoft Lync Server 2010communications software includes preparing Active Directory Domain Services (AD DS), deploying the Standard Edition server, other core Lync Server 2010 internal components, and then deploying
15、any additional server roles and features that your organization may require, such as external user access, which includes an Edge Server, a reverse-proxy server, and a Director. Walkthrough: IntroductionStep 1: PrerequisitesStep 2: Prepare EnvironmentStep 3: Create a Topology Using the Planning Tool
16、Step 4: Modify the Topology Using Topology BuilderStep 5: Publish TopologyStep 6: Deploy Lync Server 2010 Standard EditionStep 7: Deploy a DirectorStep 8: Validate Internal Server DeploymentStep 9: Prepare for External Access DeploymentStep 10: Deploy Edge ServersWalkthrough: IntroductionThis docume
17、nt describes the steps necessary to deploy Microsoft Lync Server 2010 in a lab environment in a single forest, single domain topology. The deployment of Lync Server 2010 also includes a consolidated Edge Server for external user access, a reverse-proxy server, and client machines for testing.Note: T
18、he deployment of the reverse-proxy server will be covered in this document at a later date. For installation information, see Forefront TMG Deployment.Step 1: PrerequisitesBefore you deploy and operate Microsoft Lync Server 2010communications software, you must first apply the software prerequisites
19、, understand the deployment topology you will be building and the overall deployment process. The deployment topology for this walkthrough includes an internal deployment of Lync Server 2010, and the supporting server roles for external user access. The Lync Server Deployment Wizard prepares Active
20、Directory Domain Services, configures a local copy of Microsoft SQL Server database software, configures firewalls, and installs and starts the core services.Walkthrough: PrerequisitesWalkthrough: Deploy TopologyWalkthrough: PrerequisitesBefore you deploy Lync Server 2010, ensure that your environme
21、nt meets the following requirements:The 64-bit edition of the Windows Server 2008 R2 operating system installed on all server roles.Windows 7 operating system installed on client computers.NET 3.5 SP1 installed on all servers.The Microsoft Silverlight browser plug-in installed on Standard Edition Se
22、rver and Director.Active Directory Administrative tools feature installed on Standard Edition Server and Director. Installing this feature now prevents a reboot to the servers during deployment. See Walkthrough: Install Active Directory Administrative Tools for details.All clients and servers are up
23、 to date with patches from Windows Update.Domain controller is running Windows Server 2008 R2 configured as a domain controller, DNS server, and certification authority (CA).Standard Edition Server is running Windows Server 2008 R2 on which you will install Lync Server 2010.Director is running Windo
24、ws Server 2008 R2 on which you will install the Lync Server 2010 Director role.Edge Server is running Windows Server 2008 R2 on which you will install the Lync Server 2010 Edge Server role.Proxy Server is running Windows Server 2008 R2 on which you will install the Microsoft Forefront Threat Managem
25、ent Gateway (TMG) 2010 software. Note: The deployment of the reverse-proxy server will be covered in this document at a later date. For installation information, see Forefront TMG DeploymentThree client machines are running the Windows 7 operating system to test features and external user access.Thi
26、s walkthrough uses the default computer administrator account. Once the machines are domain joined, the default domainadministrator account is also used.Walkthrough: Deploy TopologyThis walkthrough describes a deployment of Microsoft Lync Server 2010 for organizations with fewer than 5000 users who
27、intend to deploy a single Standard Edition server with external user access. In this deployment, the Standard Edition server supports IM, presence, A/V conferencing and Web conferencing. The Edge Server, Director and reverse-proxy server provide remote user access, federation, and conferencing with
28、anonymous users. To follow along with this lab, configure your physical or virtual machines to match the table below. Caution: It is highly recommended that all of the physical or virtual computers represented in the topology are online before starting this lab. Specifically, before you can publish
29、a topology successfully, the Standard Edition Server and the Director must have computer account entries in Active Directory Domain Services prior to publishing.Deploy Topology1.Set up server as a domain controller, DNS server, and certification authority (CA).2.Join the Standard Edition Server and
30、the Director as member servers in the domain.3.Join two of the client machines to the domain.4.Log on to clients and servers as domain members (ie, contosoadministrator), and not as the local machine administrator (ie, lab-seadministrator).5.Configure the third client machine, the Edge server, and t
31、he reverse-proxy server as members of a Workgroup.6.Configure the Edge server with two network cards, with one interface connected to the internal network and the other connected to the Workgroup.7.Configure the reverse-proxy server with two network cards, with one interface connected to the interna
32、l network and the other connected to the Workgroup.RoleFQDNIP AddressDomain Controllerlab-192.168.100.1Standard Edition Serverlab-192.168.100.2Directorlab-192.168.100.3Reverse Proxy ServerWorkgrouplab-proxy192.168.100.410.10.10.1Edge ServerWorkgrouplab-edge192.168.100.510.10.10.210.10.10.310.10.10.4
33、Client1192.168.100.6Client2192.168.100.7Client3Workgroupclient310.10.10.5Step 2: Prepare EnvironmentPrior to deployment, you must ensure you meet all the software requirements that define the deployment reference topology. Once the software requirements are met, Active Directory preparation is the n
34、ext critical step that must be completed prior to deployment of Microsoft Lync Server 2010communications software. Walkthrough: Prepare IISWalkthrough: Install Active Directory Administrative ToolsWalkthrough: Install SQL Server Native ClientWalkthrough: Prepare DNSWalkthrough: Prepare File SharesWa
35、lkthrough: Enable Remote AdministrationWalkthrough: Run Lync Server 2010 SetupWalkthrough: Prepare Active DirectoryWalkthrough: Update Security Group MembershipWalkthrough: Prepare IISInternet Information Services (IIS) must be configured on the Standard Edition Server and the Director with the foll
36、owing role services installed:IIS RequirementsRole HeadingRole ServiceCommon HTTP Features installedStatic ContentCommon HTTP Features installedDefault DocumentCommon HTTP Features installedHTTP ErrorsCommon HTTP Features installedHTTP RedirectionApplication DevelopmentASP.NETApplication Development
37、.NET ExtensibilityApplication DevelopmentInternet Server API (ISAPI) ExtensionsApplication DevelopmentISAPI FiltersHealth and DiagnosticsHTTP LoggingHealth and DiagnosticsLogging ToolsHealth and DiagnosticsTracingSecurityWindows authenticationSecurityClient Certificate Mapping AuthenticationSecurity
38、Request FilteringPerformanceStatic Content CompressionManagement ToolsIIS Management Console Management ToolsIIS Management Scripts and ToolsWalkthrough: Install Active Directory Administrative ToolsInstall the Active Directory Administrative tools on the Standard Edition Server and the Director.Ins
39、tall Active Directory Administrative Tools1.Open Server Manager and select Features.2.Click Add Features. 3.Expand the node Remote Server Administration Tools.4.Expand the node Role Administration Tools.5.Select AD DS and AD LDS Tools and then click Next to install this feature.6.Restart the server
40、to finish the installation process.Walkthrough: Install SQL Server Native ClientInstall the SQL Server native client on the Standard Edition server and the Director.Install SQL Server Native client1.From the installation media, navigate to SERVERSQLNCLI.EXE and install the SQL Server native client p
41、rogram.Walkthrough: Prepare DNSCreate the following DNS entries to match the topology shown earlier in this walkthrough. The procedure for creating DNS A and DNS SRV records are shown below the table.DescriptionFQDNIP AddressDial-In URL192.168.100.2Meeting URL192.168.100.2Administration URL192.168.1
42、00.2DNS SRV record_sipinternaltlsPort Number: 5061Protocol: _tcpHost FQDN: lab-Proxy Server Internal Interfacelab-192.168.100.4Edge Server Internal Interfacelab-192.168.100.5Web services external URL192.168.100.4192.168.100.4Configure a DNS SRV record1.On the DNS server, click Start, click Administr
43、ative Tools, and then click DNS.2.In the console tree for your SIP domain, expand Forward Lookup Zones, and then right-click the SIP domain in which Lync Server 2010 will be installed.3.Click Other New Records.4.In Select a resource record type, click Service Location (SRV), and then click Create Re
44、cord.5.Click Service, and then type _sipinternaltls.6.Click Protocol, and then type _tcp.7.Click Port Number, and then type 5061.8.Click Host offering this service, and then type the FQDN of the Standard Edition Server (lab-).9.Click OK, and then click Done.Create a DNS A record1.On the DNS server,
45、click Start, click Control Panel, click Administrative Tools, and then click DNS.2.In the console tree for your domain, expand Forward Lookup Zones, and then right-click the domain in which your Lync Server will be installed.3.Click New Host (A).4.Click Name (uses parent domain name if blank), and t
46、hen type the name of the Standard Edition Server. 5.Click IP Address, and then type the IP address of the Standard Edition Server.6.Click Add Host, and then click OK.7.To create an additional A record, repeat steps 4 and 5.8.When you are finished creating all the A records that you need, click Done.Walkthrough: Prepare File SharesOn the Standard Edition server, create a file share named share. Configure the administrator account to have full rights. Configure everyone else to have read only privileges. Walkthrough: Enable Rem
