Bhargav Shukla OFCB271 Agenda Integration Architecture Configuration Demos Integration Architecture Integration Overview SHAREPOINT EXCHANGE LYNC OFFICE WEB APPS Server to Server Authentication ID: 578277
Download Presentation The PPT/PDF document "Integrating Exchange 2013 with Lync and ..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1Slide2
Integrating Exchange 2013 with Lync and SharePoint
Bhargav Shukla
OFC-B271Slide3
Agenda
Integration Architecture
Configuration
DemosSlide4
Integration ArchitectureSlide5
Integration Overview
SHAREPOINT
EXCHANGE
LYNC
OFFICE
WEB APPS
Server
to Server AuthenticationSite MailboxesHigh Resolution PhotosTask SynchronizationUnified Contact StorePresenceMeeting RecordingsVoice MailSlide6
OAuth foundation
Open standard for authorization
Distinct from OATH
OATH is reference architecture
OAuth is a standard
OAuth 2.0 Framework - RFC 6749
MS-XOAUTH - OAuth
2.0 Authorization Protocol ExtensionsExtends the OAuth 2.0 Authentication Protocol and the JSON Web Token (JWT) to enable server-to-server authenticationSlide7
MS-XOAUTH – OAuth 2.0
Server-to-Server authentication
New feature of Exchange/Lync/SharePoint 2013
Allows a server to request resources on behalf of user
Server-to-Server Trust
MS-XOAUTH Protocol Documentation - http
://msdn.microsoft.com/en-us/library/hh745374(v=exchg.80)Slide8
OAuth authentication
Seamlessly and securely authenticate
Self-issue S2S tokens
Explicit trust is established by creating partner application
Each application uses unique OAuth certificate
Each application has well-known
AuthMetadataUrl
Exchange 2013 - https://<serverfqdn>/autodiscover/metadata/json/1Lync Server 2013 - https://<serverfqdn>/metadata/json/1SharePoint 2013 - https://<serverfqdn>/_layouts/15/metadata/json/1Slide9
Example workflow
eDiscovery User sends a query
SharePoint Server generates an access token
SharePoint Server sends the access token to the Exchange server.
Exchange server validates the access token and sends the query results
SharePoint Server sends the query results to the eDiscovery UserSlide10
ConfigurationSlide11
Pre-requisites
Exchange 2013
Autodiscover
setup
Proper RBAC roles
Outlook 2013 Professional PLUS (Site
Mailboxes support)Lync 2013OAuth CertificateConfiguration on the Lync ServersSharePoint 2013Install Exchange Web Services Managed API in all WFEs (Web Frontend Servers)Service Applications created and services instances startedSlide12
Configure Exchange 2013
Trust SharePoint 2013 server
cd c:\'Program Files'\Microsoft\'Exchange Server'\V15\Scripts
.\Configure-EnterprisePartnerApplication.ps1 -
AuthMetadataUrl
https
://<SharePoint
HostName>/_layouts/15/metadata/json/1 -ApplicationType SharePointAdd users to Discovery Management role groupTrust Lync 2013 server"c:\Program Files\Microsoft\Exchange Server\V15\Scripts.\Configure-EnterprisePartnerApplication.ps1" -AuthMetadataUrl "https://<Lync HostName>/metadata/json/1" -ApplicationType LyncSlide13
Configure Exchange 2013
Configure OWA IM integration
Get-
OwaVirtualDirectory
| Set-
OwaVirtualDirectory
-
InstantMessagingEnabled $True -InstantMessagingType OCSEdit OWA web.config file to include IM configuration<add key="IMCertificateThumbprint" value="EA5A332496CC05DA69B75B66111C0F78A110D22d"/> <add key="IMServerName" value=“Lync pool FQDN"/>Set-OwaMailboxPolicy -Identity "Default" -InstantMessagingEnabled $True -InstantMessagingType "OCS"Slide14
Configure Lync 2013
Configure Exchange
autodiscover
url
Set-
CsOAuthConfiguration
-Identity global -ExchangeAutodiscoverUrl "< Exchange autodiscoverurl>/autodiscover/autodiscover.svc”Configure Exchange as partner applicationNew-CsPartnerApplication -Identity Exchange -ApplicationTrustLevel Full -MetadataUrl "https://< Exchange autodiscoverurl>/autodiscover/metadata/json/1"Slide15
Configure Lync 2013
Enable Exchange archiving
Set-
CsArchivingConfiguration
-Identity "global" -
EnableArchiving
<ImOnly or ImAndWebConf> -EnableExchangeArchiving $TrueEnable archiving of communicationsSet-CsArchivingPolicy -Identity "global" -ArchiveInternal $True -ArchiveExternal $TrueTrust SharePoint 2013 serverCreate PowerShell script as described in TechNet article: http://technet.microsoft.com/en-US/library/jj204975.aspxAlter metadata urls to match SharePoint and Exchange metadata urlsSlide16
Configure Lync 2013
Configure voicemail integration
Introduction of UM Call Router on Exchange 2013 makes process simpler
The process still wont’ fit this slide…
Follow steps outlined in
TechNet article:
http://technet.microsoft.com/en-us/library/jj687983.aspxConfigure OWA integrationNew-CsTrustedApplicationPool -Identity <Exchange OWA FQDN -Registrar <Lync pool FQDN> -Site <Lync site name> -RequiresReplication $FalseNew-CsTrustedApplication -ApplicationId OutlookWebApp -TrustedApplicationPoolFqdn <Exchange OWA FQDN> -Port 5199Enable-CsTopologySlide17
Configure SharePoint
Trust Exchange 2013 server
New-
SPTrustedSecurityTokenIssuer
–
MetadataEndpoint
"https
://<Exchange hostname>/autodiscover/metadata/json/1" –Name "<Exchange FriendlyName>“Trust Lync 2013 serverNew-SPTrustedSecurityTokenIssuer –MetadataEndpoint "https://<Lync HostName>/metadata/json/1" –IsTrustBroker –Name "<Lync FriendlyName>“Slide18
Configure SharePoint
Configure permissions
$exchange=Get-
SPTrustedSecurityTokenIssuer
$app=Get-
SPAppPrincipal
-Site http
://<SP HostName> -NameIdentifier $exchange.NameId$site=Get-SPSite http://<SP HostName>Set-SPAppPrincipalPermission –AppPrincipal $app –Site $site.RootWeb –Scope sitesubscription –Right fullcontrol –EnableAppOnlyPolicyConfigure Site Mailbox permissionsRun Set-SiteMailboxConfig.ps1 and Check-SiteMailboxConfig.ps1Scripts are provided at: http://technet.microsoft.com/library/jj552524(office.15).aspxSlide19
Integration FeaturesSlide20
Site Mailboxes
Brings Exchange
emails and SharePoint
documents together
Site Mailboxes are surfaced in Outlook 2013
Easy access to emails and documents
Same set of content can be accessed from SharePoint
Content is kept where it belongsSlide21
Site Mailboxes architectureSlide22
Demo
Site MailboxesSlide23
eDiscovery
Search
Exchange mailbox content using Federated search
API
Use
the same query syntax across both
applications
Export content returned in an eDiscovery search, including export of Exchange 2013 content to a PST fileSlide24
SharePoint eDiscovery CenterSlide25
Demo
eDiscoverySlide26
High Resolution Photos
User can update photo in Outlook, SharePoint or Lync
Exchange
administrators can upload photos from Shell
High Resolution photo is stored in Exchange mailbox
Exchange
2013 resizes photo automatically
48x48 for AD thumbnailPhoto attribute96x96 for OWA, Outlook 2013, Lync 2013, Lync Web App648x648 for Lync 2013 and Lync Web AppSlide27
High Resolution PhotosSlide28
Demo
High Resolution PhotosSlide29
Exchange t
ask synchronization
My tasks view on “My” site updated with tasks from Exchange server
Exchange Sync Timer job synchronizes tasks with Exchange 2013 server
Users must opt-inSlide30
Demo
Exchange Task SynchronizationSlide31
Unified Contact Store
Enables
users to maintain a single contacts
list
Contacts
available in multiple applications, including
Lync, Outlook,
and OWAWhen enabled, contacts are not stored in Lync Server 2013Stored in Exchange and retrieved using EWS, not SIPEnabled by defaultSlide32
Unified Contact StoreSlide33
Demo
Unified Contact StoreSlide34
Presence
User logs into Lync 2013.
User logs into
Exchange
2013 mailbox
Outlook calls Lync installed on the same computer
to
retrieve presence informationUser connects to SharePoint MySite.Internet Explorer calls Lync installed on the same computer as browser to retrieve presence informationSlide35
Presence in OWA
User logs into Outlook Web App.
Exchange CAS
queries
Lync Server for
presence
informationSlide36
Demo
PresenceSlide37
Voicemail
Lync uses Exchange as voicemail system
Exchange stores voicemail in user’s mailbox
Exchange transcribes voicemail
User receives email with attachment and
transacribed
text
User can call into Exchange auto attendant DIDUser can check voicemail from Lync clientSlide38
VoicemailSlide39
Demo
VoicemailSlide40
Key Takeaways
OAuth
2.0 is used for server-to-server authorization
Server-to-server
trust doesn’t provide full control to data
Exchange
, Lync and SharePoint 2013 provides tighter integration
Seamless experiences boost user productivitySlide41Slide42
Resources
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
msdn
Resources for Developers
http://microsoft.com/msdn
TechNet
Resources for IT Professionals
http://microsoft.com/technet
Sessions on Demand
http://channel9.msdn.com/Events/TechEdSlide43
Complete an evaluation
and
enter to win!Slide44
Evaluate this session
Scan this
QR
code
to evaluate
this
session.Slide45
©
2014
Microsoft Corporation. All rights reserved. Microsoft, Windows,
and
other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.