Grand Slam Solutions Exchange, Lync and SharePoint On ...or OWA HTTPS/443 SIP/5061 Internal Exchange...

Grand Slam Solutions

Exchange, Lync and SharePoint

On-Premises and Office 365

Kamal Abburi

Premier Field Engineering

[email protected]

mailto:[email protected]

Blog: http://powertoe.wordpress.com/

Twitter: @toenuff

Tome Tanasovski PowerShell MVP

Blog: Too cool for one

Twitter: Too cool for one

Edwin Woo Windows Extremist

Blog: http://blog.reefsolutions.com

Twitter:@bserebin

Ben Serebin Exchange Junkie

Thanks to our Organizers!

Eric Fellen

Website: http://www.nyewin.org

Ken Reid

Website: http://www.nyewin.org

Jason Gallicchio SharePoint Enthusiast

Twitter: @jasongall

http://powertoe.wordpress.com/

http://spoonfullofsharepoint.wordpress.com/

http://blog.reefsolutions.com/

http://www.nyewin.org/


User Group Communities

• Meetings: First Wednesday of the month, 5:30 to 7:30 PM, Microsoft NYC Office

• Web: http://www.meetup.com/NYCSPUG/

•

NYC SharePoint User Group

Princeton Area SharePoint User Group

NYC PowerShell User Group

• Meetings: Fourth Wednesday of the month, 6:00 to 8:00 PM, Infragistics Building Cranberry NJ

• Web: www.princetonsug.com

• Meetings: Second Monday of the month, 6:00PM, Microsoft NYC Office

• Web: http://powershellgroup.org/nyc

• Meetings: Second Tuesday of the month, 5:45PM to 9PM, Microsoft NYC Office

• Web: www.nyexug.com

New York Exchange User Group (NYExUG)

• Meetings: First Thursday of the month, 6:00PM, Microsoft NYC Office

• Web: http://www.nyewin.org/

NY Enterprise Windows User Group (NYeWin)

http://www.meetup.com/NYCSPUG/

http://www.princetonsug.com/

http://powershellgroup.org/nyc

http://www.nyexug.com/


Thanks to our Sponsors!

Event Sponsors

http://www.kemptechnologies.com/us/

http://www.kemptechnologies.com/us/

Thanks to our User Groups!

Event User Groups

NY Enterprise Windows User Group

1. Introduction

2. Integration Architecture

4. Configuration

8. Terminology and Components

16. Site Mailboxes, eDiscovery, Photos, My Tasks

32. Next steps

Welcome.

Exchange 2013,

SharePoint 2013

and Lync Server

2013 provide the

rich cross-product

functionality and

many features that

integrate with each

other.

3/22/2014 6

The new Office

Cloud Services Perpetual

Always up-to-date

Office + Cloud Services 2013 versions

Office on-premises

IntegrationSHAREPOINT EXCHANGE LYNC OFFICE WEB

APPS

Server to Server

Authentication

Site

Mailboxes

High Resolution

Photos

Task

Synchronization

Unified Contact

Store

Presence

Meeting

Recordings

Voice Mail

OAuth 2.0

Server-to-Server authentication is a new feature of

Exchange Server 2013, Lync Server 2013, and SharePoint

Server 2013 that allows a server to request resources of

another server on behalf of a user.

Server-to-Server Trust

OAuthAuthentication

10

Seamlessly and Securely authenticate to

each other.

Self-issue S2S tokens.

Trust is established by creating a partner

application configuration.

Microsoft Exchange Server Auth

Certificate.

AuthMetadataUrl.

SharePoint

Exchange

STS

STS Partner

App

Trust

S2S

Configuration

https://<server name>/autodiscover/metadata/json/1

https://<server name>/metadata/json/1

https://<web app name>/_layouts/15/metadata/json/1

Server JSON metadata endpoint

Example

12

eDiscovery User

sends a query

SharePoint Server

generates an

access token

SharePoint Server

sends the access

token to the

Exchange server.

Exchange server

validates the access

token and sends

the query results

SharePoint Server

sends the query

results to the

eDiscovery User

1

2

3

45

Integration

13

Prerequisites Exchange 2013

Autodiscover setup

Proper RBAC roles

Outlook 2013 Professional

PLUS (Site Mailboxes).

SharePoint 2013

Install Exchange Web

Services Managed API in all

WFEs (Web Frontend

Servers)

Service Applications have to

be created with the services

instances started

Lync 2013

Certificate

Configuration on the Lync

Servers

Configuration Configure the SharePoint

2013 server to trust the

Exchange Server 2013

server

Configure permissions on

the SharePoint 2013

server

Configure the Exchange

Server 2013 server to

trust the SharePoint 2013

server

New-SPTrustedSecurityTokenIssuer –MetadataEndpoint

"https://<HostName>/autodiscover/metadata/json/1" –

Name "<FriendlyName>"

$exchange=Get-SPTrustedSecurityTokenIssuer

$app=Get-SPAppPrincipal -Site http://<HostName> -

NameIdentifier $exchange.NameId $site=Get-SPSite

http://<HostName>

Set-SPAppPrincipalPermission –AppPrincipal $app –Site

$site.RootWeb –Scope sitesubscription –Right fullcontrol -

EnableAppOnlyPolicy

cd c:\'Program Files'\Microsoft\'Exchange

Server'\V15\Scripts

.\Configure-EnterprisePartnerApplication.ps1 -

AuthMetadataUrl

https://<HostName>/_layouts/15/metadata/json/1 -

ApplicationType SharePoint

Integration

Exchange and

Lync

16

In Exchange

Cd C:\Program Files\Microsoft\Exchange Server\V15\Scripts

Configure-EnterprisePartnerApplication.ps1 -AuthMetaDataUrl

https://lync.contoso.com/metadata/json/1 -ApplicationType Lync

In Lync

Set-CsOAuthConfiguration -Identity global -ExchangeAutodiscoverUrl

"https://autodiscover.litwareinc.com/autodiscover/autodiscover.svc

New-CsPartnerApplication -Identity Exchange -

ApplicationTrustLevel Full -MetadataUrl

https://autodiscover.litwareinc.com/autodiscover/metadata/json/1

How about in

Office 365 ?

17

Site Mailboxes

©2012 Microsoft Corporation. All rights reserved.

Site Mailbox Architecture

20

Demo Site Mailboxes

eDiscovery

21

SSA Proxy

Enterprise App Farm (2013)

Timer job

Status response

Status query/response

SharePoint Services Farm (2013)

Search Service Application (SSA) Service

eDiscovery response


EWS Proxy

eDiscovery response Query/action

Lync 2013

Exchange Web Service

Exchange 2013Windows File Shares

crawl/results

SSA Proxy

SharePoint Content Farm

(2013)

Server-to-Server

Trust/OAuth

Actions Table:HoldRelease HoldGetStatus

Timer job

Query for pending

actions/status response

Contoso content

Contoso site

Lync content archived in

Exchange

Query for

pending

actions/action

response/

status update

Exchange query

action/status request

Exchange

data/status

response

Exch

data/

status

Exch

action/

status

request

crawl/results

query

Discovery

response

Status

query/

response

Write

actions

Search index

Pending

action query/

response

SSA admin_db

Query/action/results

1

2

eDiscovery

Center (EDC)

3B

9

3B

10

6

12

13

8

5

6

11

3B

3A

eDiscovery query or action data

eDiscovery query response data

eDiscovery status query/response data

eDiscovery request for action status for

Exchange traffic

eDiscovery query or status response from

Exchange

Server-to-Server Trust/OAuth

Exchange data/

status response

Query/action

eDiscovery response


Exchange action/

status request

Legend

2

9

7

4

9

Server-to-Server

Trust/OAuth

23

Demo eDiscovery

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or

other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must

respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided

after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION

High-Resolution

User Photos

24

©2012 Microsoft Corporation. All rights reserved.

Exchange Client Access Server

Exchange Mailbox Server

Lync

Lync Server

My Site

Outlook client or OWA

SharePoint Server

Lync 2013 client maintains a hanging GetConnection with the Exchange server to get photo updates. (HTTPS Get request = 443)

Exchange 2013 pushes the photo to Active Directory(LDAP:389)

The photo is synced from AD DS to the Lync Address Book Service (ABS) so legacy clients can get the same photo. (LDAP:389)

User updates photo in either Outlook, SharePoint, or Lync. Once updated, the updated photo is used across all Office applications.

Http: 443

Http or https

SharePoint caches the user photo in the MySite database (Https:443)

Internal Exchange communication

Https:443 using external URLs set in Exchange

Hi- res User Photo

Legacy Lync client

26

Demo High Resolution Photos





Exchange Task

Synchronization

27

©2012 Microsoft Corporation. All rights reserved. ©2012 Microsoft Corporation. All rights reserved.

Exchange Server 2013

Work Management Service application

Project Server 2013

SharePoint Server 2013

Project Web Access sites with tasks

Exchange Sync Timer Job

Search Index

Outlook 2013

User may view and edit tasks in Outlook

User Profile Service application

Search Service application

TasksMy Site

Other Sites

Users opt-in

Users may view tasks on My Tasks on their

My Site

Tasks

Tasks

29

Demo Exchange Task Synchronization

Unified Contact

Store

30

Exchange

2013 is the

contact store

for all Office

applications

Exchange Client Access Server


Lync 2013

Lync Server

HTTPS/443

SIP/5061 HTTPS/443

Outlook client or OWA

HTTPS/443

SIP/5061


1

4

2

3

6

In Lync 2013, enable

the unified contact

store policy

(default enabled).

Lync contacts for a user are migrated to Exchange 2013

automatically when the user logs in with Lync 2013.

Users can access and manage their Lync contacts from Lync

2013, Outlook 2013, or Outlook Web Access.

32

Demo Unified Contact Store

Presence

33

Lync Server as

the

authoritative

source of

presence

information

Exchange Client Access

Server


Lync 2013

Lync Server

HTTPS/443

Office 2013

SIP/TLS:5061


My Site SharePoint Server

HTTP or HTTPS

2A

3A

1

3B

2B

User logs into Lync 2013.

User logs into Exchange 2013 mailbox

Outlook calls Lync installed on the

same computer as Outlook to retrieve

presence information.

User connects to SharePoint MySite.

Internet Explorer calls Lync installed on

the same computer as browser to

retrieve presence information.

Outlook Web

App

35


Server


Lync Server

HTTPS/443

Outlook Web App


SIP/MTLS:5061

1

2

User logs into Outlook Web App.

Exchange CAS queries Lync Server for presence

information.

36

Demo Presence

Voice Mail

37

Exchange UM

is the

voicemail

system for

Lync Server

38


Server(Call Router)


(Unified Messaging)

Lync Server

Call initiated

Call ringing


Lync 2013caller A

callee Lync 2013

Lync Server

Call routing

Mediation Server IP gateway

caller B

1

2

3

4

4

5

3 2

PSTN

1

When a call is not answered by the callee on any of the callee’s active endpoints, Lync

Server routes the call to voicemail on Exchange UM (i.e. Exchange Mailbox Server)

39

Demo Voice Mail

Meeting

Recordings

40

41

Demo Meeting Recording




after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or




Contact

Kamal Abburi

Premier Field Engineering

www.microsoft.com/microsoftservices

Grand Slam Solutions Exchange, Lync and SharePoint On ...or OWA HTTPS/443 SIP/5061 Internal Exchange...

Documents

Transcript of Grand Slam Solutions Exchange, Lync and SharePoint On ...or OWA HTTPS/443 SIP/5061 Internal Exchange...