Lync and Exchange Web Services (EWS) and different DNS Domains- Exchange crawling e.g. for presence

Source: http://lyncuc.blogspot.fi/2013/01/lync-and-exchange-web-services-ews-and.html

there is always confusion in how Lync is crawling Exchange Web Services (EWS).
Generally it is necessary to understand how DNS must be implemented:
Just remember,
identify if you have DNS Split configuration, different internal and
external DNS names and what are your SMTP and SIP Domains.
There are configuration necessary, similar to Mutli-Tenent setups.

Very often you find in Lync/ Exchange deployments an issue, where the Lync configuration show up with empty:
EWS Internal URL
EWS External URL
and
EWS Information = EWS not deployed

Therefor
Exchange Web Service are not connected and several Lync Integration
Features are not in use, e.g. Presence Information based on your Outlook
Calendar.

Exchange Setup first:

You need PER SMTP Domain 2 DNS Record.
autodiscover.domain.name CNAME exchangeserver(CAS)
_autodiscover._tcp.domain.name SRV 0 0 443 exchangeserver(CAS)

NOTE:
As it’s never really proper discussed:
Autodiscover will never use the
internalURL and externalURL. in Exchange 2007/2010 you are able defining
those parameters, in Exchange 2013 they are even documented in TechNet,
but they simply don’t exist anymore. You’ll receive an error if you
specify the URLs.

The correct discovery process is like:

  • internal, Autodiscover will be queried via SCP within the Active Directory
  • external, Autodiscover is identified by DNS entry.

Additionally you need to check:

Autodiscovery Virtual Directory:
Setup the internal and external URL, including HTTPS and Basic Authentication
Set-AutodiscoverVirtualDirectory
-Identity ‘autodiscover (default Web site)’ -ExternalURL
‘https://ews.domain.name/autodiscover/autodiscover.xml’ -InternalURL
‘https://ews.domain.name/autodiscover/autodiscover.xml’
-BasicAuthentication $true

Note:
The AutodiscoverVirtualDirectoy URL are supposed for Microsoft’s optional use only.
Therefore it is not necessary and not Best-Practise defining them!
If you set the
URL’s, it will NOT HAVE AN IMPACT. Meaning, if they are defined or not,
it will not change the Autodiscover behavior, since they are NOT USED
within Exchange.
What is IMPORTANT, is the Authenitcation, you must set it the BasicAuthentication, so the SSL configuration will take part. 
It would be enough is you configure simply:
Set-AutodiscoverVirtualDirectory
-Identity ‘autodiscover (default Web site)’
-BasicAuthentication $true
But:
If you define them, you have a reminder what is configured, more like a comment

Web Services Virtual Directory:
Setup the internal and external URL, including HTTPSand Basic Authentication
Set-WebServicesVirtualDirectory
-Identity “SERVER01EWS(default Web site)” -ExternalUrl
https://ews.domain.name/EWS/exchange.asmx -InternalUrl
https://ews.domain.name/EWS/exchange.asmx -BasicAuthentication $true


The EWS Services are responsible for the Lync integration, especially for Calender Information and The Conversation Histroy.
Therefore this is the most essential configuration.

Lync Setup last:

First the good new, there is nothing
which we have to consider for Lync Server. The Feature is a Client
Integration Feature, therefor we have nothing to configure.
There is only one exception, this is the CWA integration for Exchange OWA.
During setup and integration of CWA
features, truly the EWS configuration must meet the requirements
identically with the Lync Client Configuration.

One last thing necessary to consider and plan proper are the Certificates:
Since all communication is based on HTTPS and TLS, which includes the encryption. Certificates are used for trans-coding.
What is now complicated is the DNS Setup, SMTP/SIP Domains and the SAN Names in this involved certificates.

Lync in this case is straight forward, you simply have to include all SIP Domains in your SAN.
But however Exchange now requires another possible way:

  • make sure you have configured the CAS Server Certificates including all SAN Names for all SMTP and SIP domains
  • make us of IIS based redirection
    web pages. If you chose this configuration, it is possible minimizing
    the required SAN configuration.

But still in both configurations, you need to consider your DNS Zone setup.
If possible, I personally prefer DNS
Splitting, for internal and external resolving. This makes your
deployment more supportable.

Note:

if you consult a customer and you are
propose DNS Spliting, make sure you fully validate other Web base
services, which depends on DNS names too!!

How Lync discover the EWS service via autodiscover:

As illustrated,
it is essential for best user experiences have the Lync SIP Domain the
Exchange EMail Domain identically. Lync is using the smtpdomain for the
autodiscovery process. This is especially important if you are not
inside your corporate network (LAN). Here Lync is able to use SCP.

http://<smtpdomain>/autodiscover/autodiscover.xml

https://<smtpdomain>/autodiscover/autodiscover.xml

http://autodiscover.<smtpdomain>/autodiscover/autodiscover.xml

https://autodiscover.<smtpdomain>/autodiscover/autodiscover.xml

_autodiscover._tcp.<smtpdomain>

The feature depending on EWS are:

  • Unified Contact Store

  • High-Resolution Photos
  • Meeting tab
  • Contact Information
  • Presence based on Calendar Information
  • Conversation History
  • Missed Conversations
  • Missed Calls
  • Voice Mail Playback
 

One more remaks:
If you didn’t deploy EWS correctly from the very beginning, you might encounter other Client issues.
therefore it is recommended you delete the following file:

%userprofile%AppDataLocalMicrosoftOutlook*autodiscover.xml
Author: Harri Jaakkonen

Leave a Reply

Your email address will not be published. Required fields are marked *