Several steps must be performed to fully configure the Unified Messaging integration between Lync 2013 and Exchange 2013. We will start by describing the prerequisites to achieve this integration.
The following prerequisites must be in place in order to configure the Unified Messaging integration:
server.domain.local
).Here are the steps to configure Unified Messaging integration.
The first step of the configuration should be to configure valid certificates on the Exchange server and assign the Unified Messaging Call Router and the Unified Messaging service to these certificates. In Exchange 2013, the Unified Messaging Call Router service is part of the Client Access role, and the Unified Messaging Service is part of the Mailbox role. They can both coexist on the same server if you have both the Exchange 2013 roles installed on this server. The Unified Messaging Call Router service will receive all the SIP requests from Lync 2013 and redirect them to the Unified Messaging Service.
Ideally, as I just mentioned in the previous section, you should request a certificate from an internal certification authority, for each of the Unified Messaging servers. It's cheaper and doesn't require the internal domain name to be Internet-routable. The certificate can be requested both via the Exchange Admin Centre and via the Exchange Management Shell.
To request a certificate via the Exchange 2013 EAC, proceed with the following steps:
The following screenshot illustrates a certificate request done via the EAC:
Once the certificate request is done, you should issue the certificate on your certification authority (internal or public) and then complete the request via the EAC by selecting the certificate request on the EAC and choosing the Complete certificate request option. You will then be prompted to enter the path for the certificate issued by your CA.
To use the Exchange Management Shell to create a new certificate, you need to run the following commands:
Command |
What does the command do? |
---|---|
$requestfile = New-ExchangeCertificate -GenerateRequest -SubjectName "c=US, o=Company, cn=UMserver.domain.local" -DomainName UMServer.domain.local -PrivateKeyExportable $true
|
Creates a request file variable with the certificate request command |
$requestfile | out-file c:certificaterequest.txt
|
Generates the certificate request and stores the file in the specified path |
The following screenshot demonstrates the commands referenced previously:
Once the certificate is requested and issued, you should complete the certificate request by importing it to the Exchange 2013 certificates computer store. The following command should be used to import the certificate via the Exchange Management Shell:
Command |
What does the command do? |
---|---|
Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path C:certificatesUMcertificate.crt -Encoding byte -ReadCount 0))
|
Imports the generated certificate to the Exchange 2013 UM Server |
For official guidance on how to request a new certificate on Exchange 2013, refer to http://technet.microsoft.com/en-us/library/bb125165(v=exchg.150).aspx.
After installing the new certificate on the Exchange 2013 UM Server and making it available for the usage of Exchange Server, you need to assign the UM services to this certificate. Again, this can be done both via the EAC or the Exchange Management Shell. The following command should be used to enable the certificate via the Exchange Management Shell:
Command |
What does the command do? |
---|---|
Enable-ExchangeCertificate 67DA55B9F5AB2A735E7CBD11A895F7757ACC07C4 -services "UM,UMCallRouter"
|
Enables the certificate with the referenced thumbprint for the Unified Messaging and Unified Messaging Call Router services |
Now, let's take a look at how you should prepare your Exchange UM services to both work in TLS mode and use the certificate you just created.
To set the UM services via the EAC to work in TLS mode, proceed with the following steps:
UM Service Set-UMService -Identity UMServer -UMStartupMode TLS UM Call Router Service Set-UMCallRouterSettings -Server UMServer.domain.local -UMStartupMode TLS
Besides configuring the Unified Messaging services to run in TLS mode, you also need to enable the certificate you just created to both these services. We showed you how to do this via the Exchange Management Shell. Now, let's look at the steps to do this via the EAC.
To enable the certificate via the EAC, perform the following steps:
Enable-ExchangeCertificate -Server UMServer.domain.local -Thumbprint <Certificate thumbprint> -Services UM, UMCallRouter
Get-exchangecertificate |fl
The next step will be to create a dial plan. This can be done, as usual, via the EAC or via the Exchange Management Shell. Once you configure the UM dial plan, you should also make sure that you configure the dialing restrictions both on the dial plan and on the UM mailbox policy.
To create a new UM dial plan via the EAC, proceed with the following steps:
The nonoptional values when creating the dial plan are as follows:
Once the dial plan is created, you should edit it, and it's fundamental that you add the following:
Finally, from within the UM dial plan properties, you should access the UM mailbox policy properties and also add the previously configured dialing rules on the Dialing Authorization section. Now, proceed with the following steps:
New-UMDialPlan -Name LyncDialPlan -VoIPSecurity Secured -NumberOfDigitsInExtension 5 -URIType SipName -CountryOrRegionCode 1
Set-UMDialPlan LyncDialPlan –accesstelephonenumbers <OVA Number> -ConfiguredInCountryOrRegionGroups "Anywhere,*,*,*" -AllowedInCountryOrRegionGroups "Anywhere" Set-UMDialPlan LyncDialPlan -ConfiguredInternationalGroups "Anywhere,*,*,*" -AllowedInternationalGroups "Anywhere"
Set-UMMailboxPolicy -Identity "<Policy Name>" -AllowedInCountryOrRegionGroups "Anywhere" -AllowedInternationalGroups "Anywhere"
The output can be seen in the following screenshot:
Set-UMService -Identity UMServer -DialPlans LyncDialPlan
If not created already, you should create a dial plan on Lync. The dial plan name does not need to match the Exchange UM dial plan, unless you are using Exchange 2007 SP1 or Exchange 2010 RTM.
For information on how to create a Lync dial plan, refer to the official post at http://technet.microsoft.com/en-us/library/gg398909.aspx.
In addition, it's recommended that you also create a normalization rule in Lync. The following command is an example of a Lync Management Shell cmdlet to create a Lync normalization rule:
New-CsVoiceNormalizationRule -Name 'Exchange UM' -Parent "Central" -Description "Exchange UM" -Pattern '^(250d{1})$' -Translation '+$1' -IsInternalExtension: $TRUE | Out-Null
The preceding command assumes that you have Exchange Unified Messaging access numbers with 4 digits and starting with 250 (for example, 2501).
After creating the dial plan, we need to run the Exchange Util configuration script. This script is fundamental to get the integration with Lync working, as it will give permissions to the Lync Server on the Exchange UM objects and create a new UM IP gateway pointing to the Lync pool. You can run the script as many times as you like, and you should make sure that at the bottom of the output of the script, the dial plan you created and the Lync pool FQDN are present.
To run the script, open the Exchange Management Shell and navigate to the scripts
directory under the Exchange install path. As an example, navigate to C:Program FilesMicrosoftExchange Serverv15scripts
.
Then, run the following command:
.ExchUCUtil.ps1
You can see the initial output of the script as follows:
Now, we need to create Lync contacts for UM for the subscriber access number and auto attendants, if you have any. To do this, navigate to C:Program FilesCommon FilesMicrosoft Lync Server 2013Support
.
Then, run the OcsUmUtil.exe
tool.
From within the tool, proceed with the following steps:
Once the preceding steps have been completed, close the tool. The following screenshot shows the options present in the tool:
You can check the contacts created by the tool via the Lync Management Shell by running the following command:
Get-CsExUmContact |fl
The output of the Shell can be seen in the following screenshot:
Finally, we need to restart the Lync 2013 Front End service.
Once this is done, the integration between Lync 2013 and Exchange 2013 at the Unified Messaging level is done!
Although the task of managing your Unified Messaging users is exclusive to Exchange Administrators, we decided to include a small section on the subject. We will show you how to enable a user for UM, change the user UM settings, or get a list of all the UM-enabled users and their main settings.
You can use both the Exchange Administrative Centre and the Exchange Management Shell to enable your Exchange users for UM.
To enable a user for UM via the EAC, perform the following steps:
Enable-UMMailbox -Identity [email protected] -UMMailboxPolicy UMMailboxPolicy -Extensions 1234
You can access the user's Unified Messaging details using the EAC or running the Exchange Management Shell cmdlet, Get-UMMailbox
. You can change these settings via the EAC by going to the same section where you went to enable the user and clicking on view settings, or you can do it using the Set-UMMailbox
cmdlet. A lot of settings can be changed on the user UM properties, such as the phone number. You can also enable or disable the Play on Phone feature or the subscriber access. Refer to the official link at http://technet.microsoft.com/en-us/library/bb124893(v=exchg.150).aspx for guidance on how to change the UM settings and a list of what settings can be changed.
In addition to giving you the recipes to configure the Unified Messaging integration between Lync 2013 and Exchange 2013, you can find information in the following sections on how to list Unified Messaging attributes, export this information, and test the Unified Messaging configuration, among others. Enjoy!
The Exchange Management Shell is a powerful tool that you can use to get information such as:
The preceding examples are just a few among many features that you can use the Exchange Management Shell to achieve.
Now, let's see how we can achieve this information by running an Exchange Management Shell cmdlet.
To list all the users with Unified Messaging enabled, run the following command:
get-mailbox |where-object {$_.UMEnabled -eq $true}
To list all users with unified messaging disabled, run the following command:
get-mailbox |where-object {$_.UMEnabled -eq $false}
To export this list into a CSV file, with the name, alias, and UMEnabled status, run the following command:
get-mailbox |where-object {$_.UMEnabled -eq $false} |Select-Object Name, Alias, UMEnabled |export-csv c: estumdisabledusers.csv -NoTypeInformation
To export a list of the display names, UM mailbox policy, and extensions of all your Unified Messaging users to CSV run the following command:
Get-UMMailbox |select-object DisplayName, UMMailboxPolicy, @{Name='Extensions';Expression={[string]::join(";",($_.Extensions))}} |Export-Csv c: estumusers2.csv -NoTypeInformation
To get a list of users using a specific UM mailbox policy, run the following command:
Get-UMMailbox |where-object {$_.UMMailboxPolicy -eq "Global Default Policy"}
To count the number of users using a specific mailbox policy, run the following command:
(Get-UMMailbox |where-object {$_.UMMailboxPolicy -eq "Global Default Policy"}).count
To test the UM connectivity, run the following cmdlet from the Lync Management Shell:
$credential = Get-Credential "domain.localsenderusername" Test-CsExUMVoiceMail -TargetFqdn "lyncpool.domain.com" -ReceiverSipAddress "sip:[email protected]" -SenderSipAddress "sip:[email protected]" -SenderCredential $credential
The output of the preceding PowerShell cmdlet should be Success. Then, check the receiver mailbox and see whether the test command sent a test voicemail to their inbox successfully.
For some other tips on the Exchange Unified Messaging configuration and specific scenarios such as multilanguage auto attendants, refer to the excellent blog article at http://msucblog.wordpress.com/2013/04/09/multilanguage-auto-attendant-with-ms-exchange-2010-um-and-lync/.
18.217.254.118