Posts Tagged ‘xmpp’

Lync XMPP + Video – Demo

Lync XMPP + Video – Demo

Lync-Openfire XMPP Federation

1. Lync Topology Setup

 

On the Lync Server FE, run the Topology Builder and create a new Edge Pool.

 

a) First you enter the FQDN of the Edge Server’s Internal Interface:

1. Defining the Edge Pool - Internal NIC FQDN

 

b) On the next screen make sure you enable XMPP federation on the pool.

2. Defining the Edge Pool - XMPP Federation checked

 

c) Next you have to define the FQDN and ports of the Edge External Services. Depending on your selection in the previous screen, you will need to enter either 1 or 3 FQDNs.

3. Defining the Edge Pool - External NIC FQDN

 

d) Next you’ll define the Internal IPv4 Address of the Edge Server.

4. Defining the Edge Pool - Internal IPv4

 

e) The last part to define is the IPv4 address of the External Edge NIC.

5. Defining the Edge Pool - External IPv4

 

f) Finally, save and publish the topology.

 

 

2. Lync Control Panel

 

In the Lync Control Panel go to the “Federation and External Access” tab.

 

a) Under “External Access Policy“, edit the Global scope and make sure the following boxes are checked the click “Commit“:

> Enable communications with federated users

> Enable communications with XMPP federated users

> Enable communications with remote users

> Enable communications with public users

 

1. External Access Policy

 

b) Under “Access Edge Configuration” make sure the following boxes are checked and click “Commit“:

> Enable federation and public IM connectivity

> Enable partner domain discovery

> Enable remote user access

 

 

2. Access Edge Configuration

 

c) Under “XMPP Federated Partners” click “New” and enter the details below then click “Commit“:

> Primary Domain – The domain/FQDN of the XMPP partner

> Partner Type – Select “Federated

> TLS negotiation – Select “Not Supported

> SASL negotiation – Select “Not Supported

> Support server dial back negotiation – Select “True

 

3. XMPP Federated Partners

 

3. Lync Management Console

 

Now you need to export the configuration for the Edge Server to use.

 

a) Run the Lync Management Console and enter the command below:

1. Configuration Export

 

Now copy this export.zip to you Edge Server

 

 

4. Edge Server Setup

 

You must ensure you have two separate NICs on the Edge server, each with it’s own IP and FQDN (will require firewall settings).

You can install a new NIC either from the VM management (If it is a virtual machine) or from Windows Device Manager.

 

Make sure the XMPP server can ping this external interface, and that Edge can ping the XMPP server.

 

 

5. Installing the Edge Server

 

Run the standard Lync Deployment Wizard that comes with the Lync Server 2013 CD.

 

a) When the Wizard is run, select the option “Install or Update Lync Server System”

1. Install or Update Lync Server System

 

b) On the next screen select “Install Local Configuration Store” and then choose “Import from a file”. Click “Browse” and choose the file exported from Lync in step 3a).

2. Installing Local Configuration Store

 

c) Next to do is run the step “Set up Lync Server Components”. This will install the required components for the Edge Server.

3. Set up Lync Server Components

 

d) This step involves setting up the certificates. If you are not importing, you can request for each of the options (Internal and External).

Note that you can use and internal CA for Openfire federation, but it would need a certified CA for external Lync access.

4. Certificates

 

e) Once the certificates are set up, you can start the services from the deployment wizard.

Initially starting services from the Deployment Wizard is recommended as it will show any errors in the setup in the log (which can be accessed directly from the wizard).

Otherwise, run services.msc to view the services as shown below.

5. Edge Services

 

 

 

6. DNS Records

 

If all the services are running, you will need to set up the DNS records.

 

The main DNS record required (where the external NIC sits) is “_xmpp-server._tcp.<domain> 5269 <edge external NIC FQDN>“.

 

It may also be worth adding a service record for the XMPP server in you DNS where Lync sits.

 

a) To do this on Windows DNS Server:

> Create a new “Forward Lookup Zone” with the FQDN of the XMPP server

> Add an A record which points to the IP of the XMPP server (no need to add an FQDN, it will just use the same as the parent folder).

> Create the SRV record “_xmpp-server._tcp.<FQDN of xmpp server> 5269 <FQDN of xmpp server>

> E.g. _xmpp-server._tcp.openfire.domain.com 5269 openfire.domain.com

 

b) Secondly, the internal DNS need some new records within the local domain. These are below:

> Create the SRV record “_sipfederationtls._tcp.<internal domain> 5061 <FQDN of edge external interface>

> E.g. _sipfederationtls._tcp.test.local 5061 externaledge.test.com

> Create the SRV record “_sip._tls.<internal domain> 443 <FQDN of edge external interface>

> E.g. _sip._tls.test.local 443 externaledge.test.com 

 

 

7. Openfire Server

 

Now some changes need to be made to the Openfire server.

 

a) Go to “Server > Server Settings > Security Settings” and under “Server Connection Security” do the following, then click “Save Settings“:

> Check the radio button “Custom”

> For “Server Dialback“, check “Available

> For “TLS Method“, check “Not Available

> Check “Accept self-signed certificates. Server dialback over TLS is now available.

 

1. Security Settings

 

b) Under “Server > Server Settings > Server to Server” ensure:

> Under “Service Enabled“, “Enabled” is checked, with port “5269

> Under “Allowed to Connect“, “Anyone” is checked

 

2. Server to Server Settings

If either of these isn’t checked, check it and click “Save Settings

 

c) Next, you need to add the internal domain where lync is to the XMPP server’s hosts file, and point it to the edge server’s external IP address.

The reason is that the request from Lync comes from/goes to the user “lyncuser@internallync.test.local“, so the federation must be made with the domain internallync.test.local. Therefore the XMPP Server needs to know where this domain can be found.

 

d) If running a linux box, follow the steps below:

> Open a console to the linux machine and run the command in the next step
vi /etc/hosts

> Add the line “<external Edge NIC IP> <internal Lync user domain>

 

3. Hosts File

 

e) Finally, you may need to download a new openfire.jar with changes to the TCP Dialback protocol. This can be downloaded at the following location:

> http://www.globility.co.uk/downloads/openfire-3.8.2-gltd-0.0.1.jar

 

Note that this only works on Openfire 3.8.2.

 

 

8. Adding the contact

 

You are now ready to add the contact.

 

a) On the Lync server, select the add contact button then go to “Add a Contact Not in My Organisation > Other

1. Lync - How to add the contact

 

b) In the form, add the Openfire contact “openfireuser@openfireserver.domain.com

2. Lync - Add Contact Form

 

c) From the Openfire User’s XMPP Client, add the user “lyncuser@<internal lync domain>“.

3. Openfire - Adding the contact

 

On the Openfire Admin Console, you can check the server-to-server sessions and will see one created with the internal Lync domain.

 

 

References

 

https://www.orcsweb.com/blog/cory-granata/installing-lync-2013-edge-server/

http://ocsguy.com/2010/11/29/deploying-lync-for-xmpp/

 

OUR BLOG

on July 5, 2018

We have started using medium for our blogging. Please click here to see our latest posts.

on February 9, 2015

BaseX Blog Introduction This 'Blurt/Blog' details my experiences of a recent

on December 4, 2013

iCosts - The Legal Costs Calculator - Demo http://youtu.be/P5pSAZzKi08

on December 4, 2013

Lync XMPP + Video - Demo http://youtu.be/aWpaxFGDwXY

Contact Us

9th Floor Capital House
40-42 Weston Street
London
SE1 3QD

sales@gltd.net 0207 100 1499 Follow us Like us

Specialists in integrated and flexible communications

Copyright © 2013 Globility Limited. All rights reserved.