there is always confusion in how Lync is crawling Exchange Web Services (EWS).
Generally it is necessary to understand how DNS must be implemented:
Just remember, identify if you have DNS Split Config, different internal and external DNS names and what are your SMTP and SIP Domains.
There are configuration necessary, similar to Mutli-Tenent setups.
Very often you find in Lync/ Exchange deployments an issue, where the Lync configuration show up with empty:
EWS Internal URL
EWS External URL
EWS Information = EWS not deployed
Therefor Exchange Web Service are not connected and several Lync Integration Features are not in use, e.g. Presence Information based on your Outlook Calendar.
Exchange Setup first:
You need PER SMTP Domain 2 DNS Record.
autodiscover.domain.name CNAME exchangeserver
_autodiscover._tcp.domain.name SRV 0 0 443 exchangeserver
As it's never really proper discussed:
Autodiscover will never use the internalURL and externalURL. in Exchange 2007/2010 you are able defining those parameters, in Exchange 2013 they are even documented in TechNet, but they simply don't exist anymore. You'll receive an error if you specify the URLs.
The correct process is like:
internal, Autodiscover will be queried via SCP.
external, Autodiscover is identified by DNS entrie.
Additionally you need to check:
Autodiscovery Virtual Directory:
Setup the internal and external URL, including HTTPS and Basic Authentication
Set-AutodiscoverVirtualDirectory -Identity 'autodiscover (default Web site)' -ExternalURL 'https://mail.domain.name/autodiscover/autodiscover.xml' -InternalURL 'https://mail.domain.name/autodiscover/autodiscover.xml' -BasicAuthentication $true
Web Services Virtual Directory:
Setup the internal and external URL, including HTTPS
Set-WebServicesVirtualDirectory -Identity "SERVER01\EWS(default Web site)"-BasicAuthentication $true -ExternalUrl https://www.domain.name/EWS/exchange.asmx -InternalUrl https://www.domain.name/EWS/exchange.asmx
Lync Setup last:
First the good new, there is nothing which we have to consider for Lync Server. The Feature is a Client Integration Feature, therefor we have nothing to configure.
There is only one exception, this is the CWA integration for Exchange OWA.
During setup and integration of CWA features, truly the EWS configuration must meet the requirements identically with the Lync Client Configuration.
One last thing necessary to consider and plan proper are the Certificates:
Since all communication is based on HTTPS and TLS, which includes the encryption. Certificates are used for transcoding.
What is now complicated is the DNS Setup, SMTP/SIP Domains and the SAN Names in this involved certificates.
Lync in this case is straight forward, you simply have to include all SIP Domains in your SAN.
But however Exchange now requires to possible way:
- make sure you have configured the CAS Server Certificates including all SAN Names for all SMTP and SIP domains
- make us of IIS based redirection web pages. If you chose this configuration, it is possible minimizing the required SAN configuration.
If possible, I personally prefer DNS Splitting, for internal and external resolving. This makes your deployment more supportable.
Author: Thomas Pött Managing Consultant Microsoft UC