Home > Lync 2010 > ADDING ADDITIONAL SIP DOMAINS TO ALREADY DEPLOYED LYNC ENVIRONMENT

ADDING ADDITIONAL SIP DOMAINS TO ALREADY DEPLOYED LYNC ENVIRONMENT

 

In this article we will demonstrate in steps how to add additional SIP domain in the already existing Lync deployment.

 

The steps in brief

1. Add the new SIP domain(s) to the Topology.

2. Create DNS records for the new simple URLs, both internal and external.

3. Request new certificates with adding the new domain(s) name(s).

 

Steps to add the new SIP domain(s) to the Topology

Open the Lync Server Topology Builder. 

Select download the topology from the existing deployment. 

image

After the topology builder has opened, Right click on the topology and click edit properties.

image

Click on add new domain to add the new sip domain.

image

Then click on publish topology.

image

 

Create DNS records for the new simple URLs, both internal and external

Port

Service Protocol

Type

Entry

Server

 

CNAME

lyncdiscover.Test.com

Add it to your public DNS entry

 

A

sip.Test.com

Point it to your FE server pool-(Internal+External) DNS

 

A

meet.Test.com

Point it to your FE server pool-(Internal+External) DNS

5061

_sipfederationtls

SRV

sip.Test.com

Should be created on your public DNS

443

_sip

 

sip.Test.com

Should be created on your public DNS

5061

_sipinternaltls

SRV

sipinternaltls._tcp.Test.com

Should be created on your internal DNS

 

Request new certificates with adding the new domain(s) name(s).

· Open Lync server deployment wizard.

· Select Install or Update Lync Server System.

image

· Select Step 3 Request, Install or assign Certificates.

image

For internal certificate keep select the following option.

image

Then press Request and Next.

image

If you don’t have the option to connect directly to your internal CA, you should choose the second option as the below.

image

Choose the path you will save the certificate request in and the CSR name.

image

Choose the following option if you have a certificate template, in our scenario bypass this option.

image

Type the same friendly name as the below.

image

At the end of this wizard you will need to select the new sip domain in my example it was Test.com and your old domains to the SIP domain setting on subject Alternative Names (SANs) section, then adding all your additional subject alternative names.

image

PS. “after upgraded the certificate you need to run the following command { Stop-CsWindowsService} on your Lync server management shell”

image

Now after you generated the new certificate request through your internal CA, you just need to install it on your FE servers, to do that you have two options here.

Option #1

image

Option #2

From start menu type mmc, file, Add/Remove Snap in, certificate, computer account and finish.

And import the new certificate to personal as the below.

image

The final step in this wizard is to assign the new certificate to Lync services as the below screen.

image

Don’t forget to start Lync service by the following command

{ Start-CsWindowsService}.

 

Important P.S. “you need to export the same certificate with private key if you have more than FE servers in order to add it to all your FE servers and this done by the following steps.”

image

image

image

Till now you can

enable new sip domain users and access Lync with the new sip domain from you internal network.

To access from External you just need to update your public certificate with your new SIP domain and it’s (SANs).

You can download this article in PDF format from my Gallery on the Microsoft TechNet website.

Don’t forget to Rating ***** SmileThumbs up 

 

 

 

 

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: