People Communicate

Microsoft Unified Communications Blog

Lync 2010 Conferencing Ad Hoc Collaboration

Lync 2010 Address Book Normalization

The Address Book Normalization process of OCS is a barely-documented and often misunderstood process.  The objective of this blog article is to explain how this process works now in Lync Server 2010.

Overall the process is generally the same, but with a few minor changes that impact both how it is configured and how normalization functions.

Default Behavior

Firstly, just as in previous versions of the client any telephone numbers stored in Active Directory phone attributes directly in RFC3966 complaint formats (+E.164) will be displayed by the Lync Client.  The number will appear both on the contact call menu and the contact card details.  For example the pattern +13125557501 is populated on the following AD user account and appears in Lync.

Secondly, following the same basic principles of previous versions the Lync client will also not display any phone numbers on contacts which fail to normalize into a +E.164 pattern.  For example the pattern (312) 555-7505 is populated on the following AD user account and does not appear in Lync.

In order to display number formats in the second example Lync Server will need to be manually configured to properly normalize these numbers.  As a general best practice the format should be pretty uniform among all AD users and contacts but if they are not then multiple rules can be added to match and normalize various numbering formats.

Configuring Address Book Normalization

By default normalization is already enabled in Lync Server which can be verified by the viewing the Lync Server’s current Address Book configuration.

  • From the Lync Server Management Shell execute the cmdlet Get-CsAddressBookConfiguration and note that theUseNormalizationRules value should already be set to True.

    But this setting in and of itself does nothing yet as the normalization file needs to be configured first.  Just as with OCS the Address Book does not leverage any Enterprise Voice normalization patterns which may have been created to support EV calling.  Note that if the value is set to ‘False’ (Set-CsAddressBook –UseNormalizationRules $false) then even numbers already entered in +E.164 format will not appear in the Lync client.

  • Locate the Lync Server’s shared directory which was configured during the initial server deployment.  The file server FQDN and share name can be identified in the Topology Builder under File Stores

Browse to the share directory on the server and locate the ABFiles subdirectory.


Create a new text file named Company_Phone_Number_Normalization_Rules.txt in the ABFiles directory.  This normalization rules file must be stored in this location and not down a few directories where the actual address book files are stored as it was in OCS.

Edit the file with Notepad and enter the following example normalization and translation patterns.  This rule will apply to  the users configured with phone numbers in this standard 10-digit format: (312) 555-7500. (The first three lines are commented out and are not required in the text file.)

Up until this point anyone familiar with Office Communications Server should recognize that everything is about the same, other than the required location of the normalization text file.  An improvement in Lync Server’s address book normalization process is instantly noticeable when looking at the simplicity of the example pattern above.  In the past long, complicated regular expressions (regex) were required to filter-out any non-digit information which could be potentially stored in the telephone field.

But now Lync Server automatically ignores non-telephony related digits in the strings and only looks at the continuous 0-9 numerical digits (and also recognizes the + symbol).  So there is no longer a need to include regex code like [\s()\-\./]* in patterns to ignore spaces, parenthesis, dashes, etc.

  • Execute Update-CsAddressBook to import the new settings configured in the text file and apply them to numbers stored in the address book files.

  • After 5 minutes have elapsed force an address book update on the Lync client as described in this article.

At this point the contacts previously not displaying phone number information should now be working.

Lync 2010 Bandwidth Management (CAC)

In this post I will show you how to configure CAC or bandwidth management and describe how the user experience will be when making calls where no bandwidth is available.

Imagine the setup below. Two network segments ( and with a router between. Two sites in the topology – Copenhagen and Odense. One user, a Lync Server 2010 SE box and a PSTN Gateway on both segments and the user is signed in to the local SE box. Both users are UM enabled in a dial plan hosted on the Exchange 2010 SP1 server in Copenhagen.

I want to configure CAC to disable all audio and video between Copenhagen and Odense. In order to do that I use the PS script below:

# Bandwidth PolicyProfile
New-CsNetworkBandwidthPolicyProfile -Identity AllBlocked -AudioBWLimit 0 -AudioBWSessionLimit 200 -VideoBWLimit 0 -VideoBWSessionLimit 3000

# Network Regions
New-CsNetworkRegion -NetworkRegionID DK1 –CentralSite site:cph1 -Description “Copenhagen”
New-CsNetworkRegion -NetworkRegionID DK2 –CentralSite site:od1 -Description “Odense”

# Network Region Links
$a=New-CsNetworkRegionLink -NetworkRegionLinkID rl1 -NetworkRegionID1 DK1 -NetworkRegionID2 DK2 -BWPolicyProfileId AllBlocked

# Network InterRegion Routes
New-CsNetworkInterRegionRoute -InterNetworkRegionRouteID nr1 -NetworkRegionLinks $a.identity -NetworkRegionID1 DK1 -NetworkRegionID2 DK2

# Creates a new CsNetworkSite and assigns that the bandwidth policy we just created
New-CsNetworkSite -NetworkSiteID Cph -Description “Copenhagen” -NetworkRegionID DK1
New-CsNetworkSite -NetworkSiteID Od -Description “Odense” -NetworkRegionID DK2

# Create new CsNetworkSubnets
New-CsNetworkSubnet -SubnetID -MaskBits 24 -Description “Copenhagen” -NetworkSiteId Cph
New-CsNetworkSubnet -SubnetID -MaskBits 24 -Description “Odense” -NetworkSiteId Od

# Setup bandwidth management
Set-CsNetworkConfiguration –EnableBandwidthPolicyCheck $true

Let’s assume that the above configuration is in effect and that Alice and Bob would like to call each other. There is not enough bandwidth available to setup the call and the call experience of Alice and Bob is therefore controlled by two parameters (EnableBWPolicyOverride and AllowPSTNReRouting) in the voice policy, they have been granted. In the table below I’ve described what the call experience will be given different values for the two parameters.

Communicator 2010 – What’s New?

Step by Step: Lync Server 2010 Deployment

This article aims at providing step by step approach to install a Lync Server 2010 Standard Edition.

Let’s first ensure that the environment is ready to welcome the Lync Server.

Operating System support for Lync Server 2010

All server roles of Lync Server 2010 require one of the following operating systems:

  • The 64-bit edition of Windows Server 2008 R2 (Standard, Enterprise or Datacenter).
  • The 64-bit edition of Windows Server 2008 SP2 (Standard, Enterprise, or Datacenter).

Components required on Lync Server machine

Commands to install all pre-requisites… (On Windows Server 2008 R2)

PS C:\> Import-Module ServerManager

PS C:\> Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Static-Content,Web-Default-Doc,Web-Http-Errors,Web-Http-Redirect,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Http-Logging,Web-Log-Libraries,Web-Http-Tracing,Web-Windows-Auth,Web-Client-Auth,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Console,Web-Scripting-Tools –Restart

Above command will install all the features required and reboot the machine.

Now go to the setup folder of Lync Server 2010, and double click setup.exe.

It’ll check the availability of Microsoft Visual C++ 2008 redistributable on the system. If its not installed, it’ll give you option to install the application. Click “Yes” to install it.

Next step would be to choose the installation location.

By default, it’ll select above location. After selecting the right installation location, click on “Install“.

Accept the license agreement and click “ok“.

Topology Builder (TB):

It is must to install Topology Builder (TB) before you can deploy a Lync Server. Topology Builder helps you to define sites and servers in the setup.

Define a topology (xml file gets created).

Topology Builder validates the topology.

Publish the topology after successful validation.

Publishing it puts it into the Communications Server central management store (which is created if it does not already exist).

Click “Install Topology Builder” to install the TB. After installation of TB, it’ll look like following in the deployment wizard.

Preparing Active Directory

To prepare Active Directory Domain Services (AD DS) for your Microsoft Lync Server 2010 deployment, you must perform three steps in a specific sequence:

  • Prep Schema
  • Forest Prep
  • Domain Prep

Permission required for these three operations.

On deploy wizard main screen, click “Prepare Active Directory” and “Run” the schema prep.

On the Schema Prep wizard, click “Next” and “Finish“. This will extend the Active Directory schema for the use of Microsoft Lync Server 2010.

You need to be an enterprise admin to perform this operation.

In this case location of schema prep log was:


Figure out the location of schema prep log in your setup.. 🙂

If you already have an OCS setup then verify the process has completed successfully by checking the rangeUpper (1100) and rangeLower (14) values of the ms-RTC-SIP-SchemaVersion Schema object with adsiedit.msc.

It’s time for forest prep after you are done with schema prep.

From Active Directory Preparation wizard, “Run” the prepare forest operation (Above picture). Click “Finish” when the forest prep is done (below picture).

Log Location: C:\Users\administrator.LYNCDOM\AppData\Local\Temp\2\Enable-CSAdForest-d96954e1-1d86-40c1-942f-54f5ec5052ab.xml

To check the status of forest prep, run the following command in powershell.

PS C:\> Get-CsAdForest

After forest prep is successful, run domain prep for all the concerned domains in Active Directory.

Log Location for domain prep action: C:\Users\administrator.LYNCDOM\AppData\Local\Temp\2\Enable-CSAdDomain-[2010_10_06][14_41_28].html

To check the status of Domain Prep, run the following command.

PS C:\> Get-CsAdDomain

Prepare the Microsoft Lync Server

Process to prepare the Lync Server does three things primarily.

1) Checks following components for availability. If anyone them missing, it also installs that component.

2) Creates firewall exception for SQL instance.

3) Creates firewall exception for SQL browser.

After this wizard completes, you should see following components installed on the server.

Before moving further the domain Administrator account used throughout this process should be added as a member to the domain security groups CsAdministrator and RTCUniversalServerAdmins.

This user account should then logoff and back logon to the Windows Server where Lync is being installed to update the associated security token.

Create a share for Lync Server:

It will be used during Lync Server 2010 installation. Everyone should have “Read & Execute” permission.

Administrators should have “Full Control”.

Share name for this purpose in this article is “LyncFolder”.

Defining topology with the help of Topology Builder

Open the TB from start menu.

Provide a name to the topology. For example, “NewYork.tbxml”.

Back at the main Topology Builder window select Edit Properties on the Lync Server 2010 (RC) root-level object.  Highlight the Simple URLs section and enter the desired Administrative Access URL.

Note: the additional for Phone Access URLs and Meeting URLs are already configured.

Also highlight the Central Management Server section and select the new Front-End server from the drop-down menu if it is not already selected.

By now local SQL instance will have two databases LIS and XDS. Also, the shared folder is configured properly.

DNS Records:

Create following three hostnames

All three hostnames should point to the IP Address of the standard edition server (enterprise edition pool IP if its enterprise edition deployment).

Installation of Microsoft Lync Server 2010 binaries

Run “setup or remove Lync Server components”.

After rebooting the server, run “setup or remove Lync Server components” again. This will install the rest of the components on the machine.

Certificate for Lync Server

You can either user certificates from the internal Certification Authority (CA), or you can get the certificates from the public CA. Since this certificate will be used only for the internal purpose, it makes sense to get the certificate from internal CA.

Provide “Organization Information” detail and click “Next”.

Provide “Geographical Information” and click “Next”.

You may get this error during certificate request/assign.

Error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. (Exception from HRESULT: 0x800B0109)

Install the Root CA cert chain on the server and run the wizard again to resolve the problem.

After you have successfully configured certificates on the Lync Server, now it’s time to start the services.

Click next on “Start Services” wizard.

Reboot the server.

And, that’s all as far as installation of Lync Server 2010 is concerned.

Then last but not the least… don’t forget to create the corresponding SRV record to enable auto configuration at the clients end.

Install Lync Server 2010

Microsoft Lync 2010 – What’s Lync?

Lync Server 2010 Media Traffic Network Usage

When planning for media bandwidth usage per scenario, use the following tables, which describe the average amount of bandwidth used per media type.

Audio/Video Capacity Planning, Peer-to-Peer Sessions

Audio/Video Capacity Planning, Conferences

Audio Capacity Planning, PSTN

The network bandwidth numbers in these tables represent one-way traffic only and take silence suppression into account.

When you calculate the actual bandwidth usage for a certain scenario, it is important to understand the actual media flows, which are as follows:

In a two-party scenario:

  • Users send audio streams only while they speak.
  • Both participants receive audio streams.
  • If video is used, both users send and receive video streams during the entire call.

In a Conferencing scenario (that is, a call with more than two participants):

  • Users send audio streams only while they speak.
  • All participants receive audio streams.
  • If video is used, only two participants upload a video stream at a time (that is, the active speaker and the previous active speaker).
  • If video is used, all participants receive video streams.

Lync 2010 Voice Deployment User Experience Comparison

There are three primary deployment scenarios for Microsoft® Lync™ Server 2010 customers. The three options, which differ in the user capabilities provided and the required infrastructure, are:

· Replace PBX phones with Lync to improve communications and collaboration, and to reduce infrastructure costs. This is the preferred Lync deployment scenario as it allows customers to simplify their communications infrastructure and rely exclusively on Lync Server 2010 for voice, conferencing, instant messaging and presence.

· Enhance PBX phones with the option to use Lync to improve communications and collaboration. This scenario is useful for organizations that are not yet ready to remove their existing PBX systems, but who want to provide their users either with the option to use Lync for phone calls instead of their PBX phone, or with the option to control their PBX phone with the Lync desktop client. The former approach is useful for providing seamless communications for employees working at home and on the road, and as a transitional approach while PBX systems are amortized and decommissioned. The latter approach is useful for providing desktop “Click-to-call” capability with existing PBX phones.

· Add instant messaging, presence, and conferencing to existing phone capabilities. This scenario is useful for customers that want to add Lync capabilities other than enterprise voice.


1. Entries marked “*” in the “Enhance, using Lync as phone” column apply when the user uses the Lync soft-phone only, not the PBX phone. Using the soft-phone in this scenario is the Lync default.

2. Entries marked “+” in the “Enhance, using Lync to control PBX phone” column apply when the user uses the Lync soft-phone only, not the PBX phone. Using the soft-phone in this scenario requires that the user manually select “Lync call” in a drop-down menu each time a call is initiated.

As shown in the table above, with the Replace option, Lync is the only communications system used and provides the full set of unified communications capabilities to users inside and outside the office. With the Enhance option, users have both Lync and a PBX phone, and choose which phone to use at any given time. When Lync is chosen as the primary phone, as in the “Enhance, using Lync as phone” variant, users have the full set of unified communications capabilities inside and outside the office; when the PBX phone is chosen as the primary phone, as in the “Enhance using Lync to control the PBX phone” variant, users have a rich but reduced set of unified communications capabilities.


The Replace, Enhance, and Add options enable organizations to standardize on Lync as the only desktop software client for real time communications, but require different supporting infrastructure. In particular:

· The Replace option allows customers to eliminate separate PBX and conferencing systems and the associated user databases and management tools in favor of Lync Server, Active Directory, PowerShell, and Systems Center Operations Manager. This enables significant capital and operational cost savings, and takes advantage of existing skills in these areas.

· The Enhance and Add options require ongoing maintenance of existing PBX systems until those systems are retired. They also require the interconnection of the existing PBX systems with Lync Server, using Direct SIP or a third party gateway qualified via the Unified Communications Open Interoperability Program. This interconnection enables calls to be carried between Lync Server and the PBX systems.

The Enhance, using Lync to control the PBX phone additionally requires the deployment and maintenance of a connection to the PBX. This connection may require a PBX software upgrade and per user PBX software license fees, depending on the PBX manufacturer, and requires associated configuration and management.

The table below summarizes the key infrastructure differences for the deployment options.

As shown in the table above, the Replace option requires the minimum amount of infrastructure. This enables significant cost savings for organizations: for example, Sprint projects annual savings of over $9 million based on its replacement of nearly 500 PBX systems with Microsoft unified communications technology.

How to allow domain users to connect to Lync 2010 or OCS 2007 from Clients running on non-domain computers

I had a situation in our company where we have exceptional few users who got Domain credentials but they are working on Computers that are not joined to the domain.

However these computers run over the LAN or WAN, can communicate with the internal DNS and got the certificate chain of the CA imported to them and they use DOMAIN\UID and password credentials to login to mail , MOSS and everything is working fine.

When I installed the OCS 2007 R2 client on their machines and tried to login with the same behavior as mail using DOMAIN\UID, I was not able to log in and I received the below event log warning:

“Communicator was unable to authenticate because an authenticating authority was not reachable.”


The server may be asking for Kerberos authentication and Communicator is not able to find the Kerberos Domain Controller in order to generate credentials and authenticate.  The network administrator will need to change the configuration on the server to utilize only NTLM authentication before Communicator can login from this location properly, or connectivity will need to be made available to an authenticating authority”

Also as for testing I removed the OCS 2007 R2 client and installed the new Lync RC client on the same machine, I know it is not supported scenario but I was just testing it. Now the user was able to login but it disconnects after 10 seconds then reconnects again , it keep in this loop. I also found the same warning in the event log.

I know why this is happening and I know it would have been solved from the beginning if i forced the OCS to use NTLM only rather than Kerberos but this was not something i can force.

So in the end the Solution was this problem was simple:

Ensure that the users when singing in to communicator 2007 or Lync 2010 to include the “.local” in the domain.local\username part of the authentication and not DOMAIN\username.