Thomas.Poett@TEAMS (MVP Teams and Cross-Tenant M&A/D Migration Expert Lead)

A new topic came along my way, even I personally work with windows server since NT 3.5, but in very tight configured network environments you might run into server DNS resolution issues. Principals regarding Lync Edge Server DNS resolution. It is recommended to resolve DNS queries on the Internet, which means via the external NIC. For internal DNS resolution, best practice is a dedicated hosts file, or make it possible to resolve intern DNS. Therefore a common practice is to simply let even external DNS names resolve by the internal DNS servers. NOTE: Make sure you have the put in the DNS Servers on the correct network interface! What and how Windows Server really works: A we know, each IP setting for every NIC allow us to specify a DNS Server entry. As I figured out and very important to know, DNS resolution will work ONLY on the network adapter, where DNS servers are configured. While we still keep in mind, if a hosts file is used, the hosts entries are loaded int...

LYNC REPLICATION NOT WORKING In a Lync Deployment, where we have installed Lync Edge Server, we see the Replication is not healthy. You will notice a red cross or in the Management Shell the Replication is not UpToDate: False. If actually have telnet to the Edge Servers Port 4443, you realize that the port is open and working. As well you can test access the service itself: https://<edgeserver.fqdn>/replicationwebservice Via this access, you also be able to validate the assigned internal Certificate and the Certificate Chain. If you encounter an error with trusted root certificate, you will end up adding it other Trusted Root Authorities. Afterwards, you will still encounter the red cross, or false up-to-date status. This is normal! The Replication itself is working fine, but your Connectivity to the Edge is limited. This mean we cannot query the service due to the SECURE CHANNEL limitation. Solution: Open REGEDIT navigate to: HKey_Local_Machine\SYSTEM\Curren...

Lync Certificate Planning and Assignments (Edge, Reverse Proxy, Director, Frontend, Mediation, WAC) Download the article as PDF: SlideShare Link (here) The following article is optimized for Lync 2013, but in general valid for Lync 2010 or OCS 2007 NOTE: First I need to highlight; Lync Server and Client make use of Certificates, therefor the technical principals of certificate deployments are necessary to understand. If on your Clients or Servers an Internet Explorer Setting with a Proxy Server is activated, make sure you have the correct design. The CRL (Certificate Revocation List) check is mostly HTTP based (in AD Environments also possible via FILE or LDAP), if you have setup an internal Proxy, which cannot redirect the request into your LAN, you will run into major issues!   I wrote another article in 2012 which maybe from interest for you too: Forefront TMG – Directors, Front End and Standard Edition for Lync GENERAL Lync Certificate Planni...