Topic Last Modified: 2011-04-08
With Microsoft Office Communications Server 2007 R2, you were required to publish up to five websites using a reverse proxy server:
- Address book files
- Distribution group expansion
- Meeting content
- Phone Edition upgrade files
- Communicator Web Access
To publish all five websites with Office Communications Server 2007 R2, typically you were required to use two Reverse Proxy certificates:
- Subject Name = ExternalWebFarmFQDN (for example,
ocsrp.contoso.com)
- Subject Name = CWAExternalFQDN (for example,
cwa.contoso.com)
Microsoft Lync Server 2010 communications software supports publishing the same information and now supports external publishing of simple URLs for online meetings. Also, Communicator Web Access functionality still exists but has been renamed Microsoft Lync Web App and is now available as a service on a Standard Edition Front End Server or on each Front End Server in a Front End pool, rather than a dedicated physical server. The client is now referred to as the Lync Web App client instead of the Communicator Web Access client and supports reduced functionality (for example, there is no Contacts list or A/V capability).
Depending on how you configured Office Communications Server 2007 R2 reverse proxy publishing, the changes in Lync Server 2010 publishing requirements can increase the number of public certificates or subject alternative name entries required, as well as the number of domain name system (DNS) records. For example, if the simple URL format chosen is dialin. <SIP domain name> and meet.<SIP domain name> you require two DNS A records – one for dialin.<SIP domain name> and one for meet.<SIP domain name>. This is in addition to other DNS records required for the reverse proxy.
An optional format for simple URLs is the use of a common base domain entry, such as join.<SIP domain name>/dialin and join.<SIP domain name>/meet. The advantage to this simple URL format is that you need only one DNS A record for both the meet and dialin simple URLs. Additionally, you use only one wildcard SAN entry - *.<SIP domain name>.
Lync Server 2010 Reverse Proxy Certificate Requirements
Role/Subject name | Subject alternative name | Used to publish | Subject name syntax example | ||
---|---|---|---|---|---|
externalWebServicesFQDN |
N/A |
Address Book files Distribution Group Expansion Conference content Device update files |
lsrp.contoso.com
|
||
Simple URL/AdminFQDN |
N/A |
AdminFQDN is not published externally. It is only used internally. |
N/A |
||
Simple URL/DialinFQDN |
N/A |
Dial-in Conferencing information |
dialin.contoso.com |
||
Simple URL/MeetFQDN |
N/A |
Meeting URL |
meet.contoso.com |
||
Alternate Simple URL for Dialin |
Dial-in Conferencing information |
Join.contoso.com/dialin |
|||
Alternate Simple URL for Dialin |
Meeting URL |
Join.contoso.com/meet |
|||
Wildcard Entries for Simple URLs (optional) |
Meeting and Dial-in |
*.contoso.com |
Note: |
---|
|
Important: |
---|
If you create and publish dedicated simple URLs (for example, one for each role) and then set up a pool of Front End Servers based on that configuration, you cannot change to using a single simple URL for all roles (for example, join.contoso.com/meet), unless you run setup again on each Front End Server in the pool. The same requirement applies if converting from a single simple URL format to using dedicated simple URLs. |