Topic Last Modified: 2011-01-28
You must create Microsoft Lync Server 2010, Group Chat service accounts in Active Directory Domain Services (AD DS). These service accounts require Local Admin rights and permissions on the computer where Lync Server 2010, Group Chat is installed. This includes the following:
- An account for the Lookup service. The Lookup service account
must be enabled for Microsoft Lync Server 2010. For the smoothest
operation, you should use the name “OCSChat” when choosing a SIP
Uniform Resource Identifier (URI) for the Lookup service. If you
choose another name, you may need to make some modifications to the
client. For details about modifying the client, see Deploying Lync 2010
If you are installing Group Chat Server on multiple servers, all Lookup services that are deployed in the same Group Chat Server pool share a single account.
- An account for the Channel service. Each Channel service
requires a unique service account.
- An account for the Web service.
- An account for the Compliance service.
- An account for managing Group Chat Server. This account acts as
the first Group Chat Server administrator. Installation of Group
Chat Server requires the same administrator rights and permissions
as installation of Lync Server 2010, so the user installing it must
be a member of the RTCUniversalServerAdmins group or Domain Admins
After you create these accounts, you need to add the Channel service account, Lookup service account, and Compliance service account to the db_owners group of the Group Chat database(s). The Lookup service account needs to be SIP enabled. Use the procedure in this topic to create and enable the Active Directory accounts for installing and running Group Chat Server.
To create service accounts in AD DS
On a computer that has Lync Server administrative tools and Active Directory Users and Computers installed, open Active Directory Users and Computers.
In the console tree, right-click the organizational unit (OU) in which you want to add a user account.
Point to New, and then click User.
In the First name box, type the user's first name.
In the Last name box, type the user's last name.
In the User logon name box, type the user name, click the UPN suffix in the list, and then click Next.
In the Password and Confirm password boxes, type the user's password, and then select the appropriate password options.
Important: When you create these accounts, make sure you are aware of any domain password expiration policies that might impact services after deployment.
Repeat this procedure until you have created all required Group Chat Server accounts.
Provision the Lookup Server and Group Chat Server administrator accounts for Lync Server.
Log on to the Group Chat Server as a member of the Administrators group.
Add the service accounts that you created to the Local Admins user group.