Grand Slam Solutions Exchange, Lync and SharePoint On ...or OWA HTTPS/443 SIP/5061 Internal Exchange...
Transcript of Grand Slam Solutions Exchange, Lync and SharePoint On ...or OWA HTTPS/443 SIP/5061 Internal Exchange...
Grand Slam Solutions
Exchange, Lync and SharePoint
On-Premises and Office 365
Kamal Abburi
Premier Field Engineering
Blog: http://powertoe.wordpress.com/
Twitter: @toenuff
Tome Tanasovski PowerShell MVP
Blog: Too cool for one
Twitter: Too cool for one
Edwin Woo Windows Extremist
Blog: http://blog.reefsolutions.com
Twitter:@bserebin
Ben Serebin Exchange Junkie
Thanks to our Organizers!
Eric Fellen
Website: http://www.nyewin.org
Ken Reid
Website: http://www.nyewin.org
Jason Gallicchio SharePoint Enthusiast
Twitter: @jasongall
User Group Communities
• Meetings: First Wednesday of the month, 5:30 to 7:30 PM, Microsoft NYC Office
• Web: http://www.meetup.com/NYCSPUG/
•
NYC SharePoint User Group
Princeton Area SharePoint User Group
NYC PowerShell User Group
• Meetings: Fourth Wednesday of the month, 6:00 to 8:00 PM, Infragistics Building Cranberry NJ
• Web: www.princetonsug.com
• Meetings: Second Monday of the month, 6:00PM, Microsoft NYC Office
• Web: http://powershellgroup.org/nyc
• Meetings: Second Tuesday of the month, 5:45PM to 9PM, Microsoft NYC Office
• Web: www.nyexug.com
New York Exchange User Group (NYExUG)
• Meetings: First Thursday of the month, 6:00PM, Microsoft NYC Office
• Web: http://www.nyewin.org/
NY Enterprise Windows User Group (NYeWin)
Thanks to our Sponsors!
Event Sponsors
Thanks to our User Groups!
Event User Groups
NY Enterprise Windows User Group
1. Introduction
2. Integration Architecture
4. Configuration
8. Terminology and Components
16. Site Mailboxes, eDiscovery, Photos, My Tasks
32. Next steps
Welcome.
Exchange 2013,
SharePoint 2013
and Lync Server
2013 provide the
rich cross-product
functionality and
many features that
integrate with each
other.
3/22/2014 6
The new Office
Cloud Services Perpetual
Always up-to-date
Office + Cloud Services 2013 versions
Office on-premises
IntegrationSHAREPOINT EXCHANGE LYNC OFFICE WEB
APPS
Server to Server
Authentication
Site
Mailboxes
High Resolution
Photos
Task
Synchronization
Unified Contact
Store
Presence
Meeting
Recordings
Voice Mail
OAuth 2.0
Server-to-Server authentication is a new feature of
Exchange Server 2013, Lync Server 2013, and SharePoint
Server 2013 that allows a server to request resources of
another server on behalf of a user.
Server-to-Server Trust
OAuthAuthentication
10
Seamlessly and Securely authenticate to
each other.
Self-issue S2S tokens.
Trust is established by creating a partner
application configuration.
Microsoft Exchange Server Auth
Certificate.
AuthMetadataUrl.
SharePoint
Exchange
STS
STS Partner
App
Trust
S2S
Configuration
https://<server name>/autodiscover/metadata/json/1
https://<server name>/metadata/json/1
https://<web app name>/_layouts/15/metadata/json/1
Server JSON metadata endpoint
Example
12
eDiscovery User
sends a query
SharePoint Server
generates an
access token
SharePoint Server
sends the access
token to the
Exchange server.
Exchange server
validates the access
token and sends
the query results
SharePoint Server
sends the query
results to the
eDiscovery User
1
2
3
45
Integration
13
Prerequisites Exchange 2013
Autodiscover setup
Proper RBAC roles
Outlook 2013 Professional
PLUS (Site Mailboxes).
SharePoint 2013
Install Exchange Web
Services Managed API in all
WFEs (Web Frontend
Servers)
Service Applications have to
be created with the services
instances started
Lync 2013
Certificate
Configuration on the Lync
Servers
Configuration Configure the SharePoint
2013 server to trust the
Exchange Server 2013
server
Configure permissions on
the SharePoint 2013
server
Configure the Exchange
Server 2013 server to
trust the SharePoint 2013
server
New-SPTrustedSecurityTokenIssuer –MetadataEndpoint
"https://<HostName>/autodiscover/metadata/json/1" –
Name "<FriendlyName>"
$exchange=Get-SPTrustedSecurityTokenIssuer
$app=Get-SPAppPrincipal -Site http://<HostName> -
NameIdentifier $exchange.NameId $site=Get-SPSite
http://<HostName>
Set-SPAppPrincipalPermission –AppPrincipal $app –Site
$site.RootWeb –Scope sitesubscription –Right fullcontrol -
EnableAppOnlyPolicy
cd c:\'Program Files'\Microsoft\'Exchange
Server'\V15\Scripts
.\Configure-EnterprisePartnerApplication.ps1 -
AuthMetadataUrl
https://<HostName>/_layouts/15/metadata/json/1 -
ApplicationType SharePoint
Integration
Exchange and
Lync
16
In Exchange
Cd C:\Program Files\Microsoft\Exchange Server\V15\Scripts
Configure-EnterprisePartnerApplication.ps1 -AuthMetaDataUrl
https://lync.contoso.com/metadata/json/1 -ApplicationType Lync
In Lync
Set-CsOAuthConfiguration -Identity global -ExchangeAutodiscoverUrl
"https://autodiscover.litwareinc.com/autodiscover/autodiscover.svc
New-CsPartnerApplication -Identity Exchange -
ApplicationTrustLevel Full -MetadataUrl
https://autodiscover.litwareinc.com/autodiscover/metadata/json/1
How about in
Office 365 ?
17
Site Mailboxes
©2012 Microsoft Corporation. All rights reserved.
Site Mailbox Architecture
20
Demo Site Mailboxes
eDiscovery
21
SSA Proxy
Enterprise App Farm (2013)
Timer job
Status response
Status query/response
SharePoint Services Farm (2013)
Search Service Application (SSA) Service
eDiscovery response
Status query/response
EWS Proxy
eDiscovery response Query/action
Lync 2013
Exchange Web Service
Exchange 2013Windows File Shares
crawl/results
SSA Proxy
SharePoint Content Farm
(2013)
Server-to-Server
Trust/OAuth
Actions Table:HoldRelease HoldGetStatus
Timer job
Query for pending
actions/status response
Contoso content
Contoso site
Lync content archived in
Exchange
Query for
pending
actions/action
response/
status update
Exchange query
action/status request
Exchange
data/status
response
Exch
data/
status
Exch
action/
status
request
crawl/results
query
Discovery
response
Status
query/
response
Write
actions
Search index
Pending
action query/
response
SSA admin_db
Query/action/results
1
2
eDiscovery
Center (EDC)
3B
9
3B
10
6
12
13
8
5
6
11
3B
3A
eDiscovery query or action data
eDiscovery query response data
eDiscovery status query/response data
eDiscovery request for action status for
Exchange traffic
eDiscovery query or status response from
Exchange
Server-to-Server Trust/OAuth
Exchange data/
status response
Query/action
eDiscovery response
Status query/response
Exchange action/
status request
Legend
2
9
7
4
9
Server-to-Server
Trust/OAuth
23
Demo eDiscovery
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or
other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must
respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided
after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION
High-Resolution
User Photos
24
©2012 Microsoft Corporation. All rights reserved.
Exchange Client Access Server
Exchange Mailbox Server
Lync
Lync Server
My Site
Outlook client or OWA
SharePoint Server
Lync 2013 client maintains a hanging GetConnection with the Exchange server to get photo updates. (HTTPS Get request = 443)
Exchange 2013 pushes the photo to Active Directory(LDAP:389)
The photo is synced from AD DS to the Lync Address Book Service (ABS) so legacy clients can get the same photo. (LDAP:389)
User updates photo in either Outlook, SharePoint, or Lync. Once updated, the updated photo is used across all Office applications.
Http: 443
Http or https
SharePoint caches the user photo in the MySite database (Https:443)
Internal Exchange communication
Https:443 using external URLs set in Exchange
Hi- res User Photo
Legacy Lync client
26
Demo High Resolution Photos
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or
other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must
respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided
after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION
Exchange Task
Synchronization
27
©2012 Microsoft Corporation. All rights reserved. ©2012 Microsoft Corporation. All rights reserved.
Exchange Server 2013
Work Management Service application
Project Server 2013
SharePoint Server 2013
Project Web Access sites with tasks
Exchange Sync Timer Job
Search Index
Outlook 2013
User may view and edit tasks in Outlook
User Profile Service application
Search Service application
TasksMy Site
Other Sites
Users opt-in
Users may view tasks on My Tasks on their
My Site
Tasks
Tasks
29
Demo Exchange Task Synchronization
Unified Contact
Store
30
Exchange
2013 is the
contact store
for all Office
applications
Exchange Client Access Server
Exchange Mailbox Server
Lync 2013
Lync Server
HTTPS/443
SIP/5061 HTTPS/443
Outlook client or OWA
HTTPS/443
SIP/5061
Internal Exchange communication
1
4
2
3
6
In Lync 2013, enable
the unified contact
store policy
(default enabled).
Lync contacts for a user are migrated to Exchange 2013
automatically when the user logs in with Lync 2013.
Users can access and manage their Lync contacts from Lync
2013, Outlook 2013, or Outlook Web Access.
32
Demo Unified Contact Store
Presence
33
Lync Server as
the
authoritative
source of
presence
information
Exchange Client Access
Server
Exchange Mailbox Server
Lync 2013
Lync Server
HTTPS/443
Office 2013
SIP/TLS:5061
Internal Exchange communication
My Site SharePoint Server
HTTP or HTTPS
2A
3A
1
3B
2B
User logs into Lync 2013.
User logs into Exchange 2013 mailbox
Outlook calls Lync installed on the
same computer as Outlook to retrieve
presence information.
User connects to SharePoint MySite.
Internet Explorer calls Lync installed on
the same computer as browser to
retrieve presence information.
Outlook Web
App
35
Exchange Client Access
Server
Exchange Mailbox Server
Lync Server
HTTPS/443
Outlook Web App
Internal Exchange communication
SIP/MTLS:5061
1
2
User logs into Outlook Web App.
Exchange CAS queries Lync Server for presence
information.
36
Demo Presence
Voice Mail
37
Exchange UM
is the
voicemail
system for
Lync Server
38
Exchange Client Access
Server(Call Router)
Exchange Mailbox Server
(Unified Messaging)
Lync Server
Call initiated
Call ringing
Internal Exchange communication
Lync 2013caller A
callee Lync 2013
Lync Server
Call routing
Mediation Server IP gateway
caller B
1
2
3
4
4
5
3 2
PSTN
1
When a call is not answered by the callee on any of the callee’s active endpoints, Lync
Server routes the call to voicemail on Exchange UM (i.e. Exchange Mailbox Server)
39
Demo Voice Mail
Meeting
Recordings
40
41
Demo Meeting Recording
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or
other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must
respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided
after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or
other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must
respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided
after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION
Contact
Kamal Abburi
Premier Field Engineering
www.microsoft.com/microsoftservices