[This is pre-release documentation and subject to change in future releases. This topic's current status is: Milestone-Ready]

Topic Last Modified: 2010-07-18

This section explains the DNS records required for automatic client sign-in. When you deploy your Standard Edition servers or Enterprise pools, you can configure your clients to use automatic discovery to sign in to the appropriate Standard Edition server or Enterprise pool. If you plan to require your clients to connect manually to Microsoft Communications Server 2010, you can skip this topic.

To support automatic client sign-in, you must:

To enable automatic configuration for your clients, you must create an internal DNS SRV record that maps one of the following records to the fully qualified domain name (FQDN) of the Enterprise pool or Standard Edition server that distributes sign-in requests from Communicator clients:

You only need to create a single SRV record for the Enterprise pool or Standard Edition server or that will distribute sign-in requests.

Important:
Only a single Enterprise pool or Standard Edition server can be designated to distribute sign-in requests. Create only one SRV record for the designated server or pool. Do not create this SRV record for additional internal servers or pools.

The following table shows some example records required for the fictitious company Contoso, which supports SIP domains of contoso.com and retail.contoso.com.

Example of DNS Records Required for Automatic Client Sign-in with Multiple SIP Domains

FQDN of Enterprise pool used to distribute sign-in requests SIP domain DNS SRV record

pool1.contoso.com

contoso.com

An SRV record for _sipinternaltls._tcp.contoso.com domain over port 5061 that maps to pool1.contoso.com

pool1.contoso.com

retail.contoso.com

An SRV record for _sipinternaltls._tcp.retail.contoso.com domain over port 5061 that maps to pool1.contoso.com

Note:
By default, queries for DNS records adhere to strict domain name matching between the domain in the user name and the SRV record. If you prefer that client DNS queries use suffix matching instead, you can configure the DisableStrictDNSNaming Group Policy. For details, see Planning for Clients and Devices in Communications Server 2010 (Beta Refresh).

Example of the Certificates and DNS Records Required for Automatic Client Sign-In

This example uses the examples in the preceding table. The Contoso organization supports the SIP domains of contoso.com and retail.contoso.com, and all its users have a SIP URI in one of the following forms:

  • <user>@retail.contoso.com

  • <user>@contoso.com

Example of Required DNS Records

If the administrator at Contoso configures pool1.contoso.com as the pool that will distribute its sign-in requests, the following DNS records are required:

  • SRV record for _sipinternaltls._tcp.contoso.com domain over port 5061 that maps to pool1.contoso.com

  • SRV record for _sipinternaltls._tcp. retail.contoso.com domain over port 5061 that maps to pool1.contoso.com

Example of Required Certificates

In addition, the certificate that is assigned to the Front End Servers in the pool1.contoso.com Enterprise pool must include the following in its Subject Alternate Name (SAN):

  • sip.contoso.com

  • sip.retail.contoso.com