In earlier blog posts I’ve written how to install Exchange 2013 and in another series of blog posts I’ve written how to install Lync Server 2013, including connectivity with a SIP trunk provider using a Lync 2013 mediation server.
The last and most exciting part (and least used I’m afraid) is to connect the two platforms into the Exchange 2013 Unified Messaging server role. If a call cannot be answered it’s rerouted into the Exchange server’s UM role where a voicemail can be recorded. This voicemail is then delivered into the user’s mailbox.
The situation will become something like this (I’ve removed the HTTPS proxying lines between the CAS and the Mailbox server). There’s a connection between the SIP trunk provider and the Mediation server for enterprise voice. When a user does not answer the call it gets routed from the Lync Front-End server to one of the Client Access Servers which contain the UM Call Router service. The CAS server determines the mailbox server that hosts the active copy of the user’s mailbox database and redirects the SIP traffic to the UM service that’s part of this mailbox server:
To configure the Unified Messaging service follow these steps:
Install the UM specific language packs for your country.
These can be downloaded from the Microsoft web site: http://www.microsoft.com/en-us/download/details.aspx?id=35368
Communication between the Lync mediation server and the Mailbox server is encrypted and the certificate is also used for server authentication. All CAS servers and Mailbox servers need a certificate for this purpose! It is possible to use the self-signed certificate for this (export the Mailbox server’s self-signed cert into the Mediation server and vice versa) but I would recommend using a normal UC certificate from the internal Active Directory Certificate Authority (CA). This should be available anyway in a decent Lync deployment so a UC certificate for the mailbox server should not be an issue.
Requesting the certificate for the Mailbox server can best be performed using the Exchange Management Shell (for some reason I could use EAC to request a certificate for the CAS server but not for the Mailbox server). Don’t forget to enable the new certificate for the UM service. In the Exchange Management Shell requesting a certificates for a mailbox server would take the following commands:
$Data = New-ExchangeCertificate -GenerateRequest -SubjectName "c=NL, o=Exchange Labs, cn=2012E15BE02.exchangelabs.local" -DomainName 2012E15BE02.exchangelabs.local -PrivateKeyExportable $true Set-Content -path "C:\Docs\BE02.req" -Value $Data
When the certificate is returned from the CA you can import and enable it using the following command:
Import-ExchangeCertificate –Server 2012E15BE02 -FileData ([Byte]$(Get-Content -Path "c:\docs\newcert.cer" -Encoding byte -ReadCount 0)) | Enable-ExchangeCertificate -Server 2012E15BE02 -Services UM
When the certificate is installed and enabled, the UM service has to be set to TLS startup mode using the following command in Exchange Management Shell:
Get-UMService | Set-UMService -UMStartupMode TLS
The last step is to restart the UM service on the mailbox service on both mailbox servers.
Create a dial-plan in Exchange Server 2013.
Login to the Exchange Admin Center (EAC), select Unified Messaging in the left menu and select UM Dial Plans in the top level menu. Click the + sign to create a new UM Dial Plan.
Give the new Dial Plan a name, enter the Extension Length (defaults at 5 characters), for Lync Server select SIP URI for the Dial Plan Type, for VoIP security mode select Secured and for the Region Code enter the digits for your country (i.e. “1” for US, “31” Netherlands, “44” for UK etc.).
Instead of using the EAC it is also possible to use the Exchange Management Shell to do this, just use the following command:
New-UMDialPlan –Name ExchangeLabs –UriType SipName –NumberOfDigitsInExtension 3 –VoIPSecurity Secured –CountryOrRegionCode 31 –AccessTelephoneNumber +31527522105
Create UM IP gateway.
The UM IP Gateway is responsible for traffic between the Lync Mediation Server and the UM server. This UM IP Gateway is not created manually right now but it is created by a (Microsoft supplied) script later in the process.
UM Mailbox Policies
When a Dial Plan is created for the UM server a default UM Mailbox Policy for this Dial Plan is created as well. The name for this Policy is derived from the Dial Plan, so in our environment the name will be ExchangeLabs Dial Plan Default Policy. In the UM Dial Plans, just double-click the Dial Plan we created earlier and the UM Mailbox policy will be shown in the Dial Plan properties.
When you double click the UM Mailbox Policy you can edit the policy and change properties like the time of the welcome message, what’s allowed and what not, PIN policies etc.
If you want to configure Outlook Voice Access (OVA) , sometimes also referred to as Subscriber Access, click on the Configure button. Select Outlook Voice Access in the left hand menu and enter the telephone number you want to use to access OVA. This must be in the E.164 notation.
To assign the new dial plan to the UM services, both on the Client Access Server (UM Call Router) as well as on the Mailbox server. In an Exchange Management Shell windows enter the following commands:
Set-UMCallRouterSettings -DialPlans "Exchangelabs Dial Plan" –Server 2012E15FE04 Get-UMService | Set-UMService -DialPlans "Exchangelabs Dial Plan"
Restart the UM Call Router (Restart-Service MsExchangeUMCR) on the Client Access Servers and restart the UM Service (Restart-Service MsExchangeUM) on the Mailbox servers.
You can also change the language of the UM configuration here. Just below the Outlook Voice Access select Settings. Scroll down and in the Audio Language dropdown box select the language you want. Of course you need to install the appropriate language packs as outlined in the first step.
Configure Lync Server
To configure the UM Service to be used with Lync Server 2013 Microsoft has a script that will create and configure all necessary components. This scripts is located in the scripts directory C:\Program Files\Microsoft\Exchange Server\V15\Scripts.
In the Exchange Management Shell enter the following commands
CD $ExScripts .\ExchUCUtil.ps1
This script performs the following:
- Grants Lync Server permission to read Exchange UM Active Directory components, specifically, the SIP URI dial plan that was created in the first step;
- Creates a UM IP gateway for each Lync Server pool that hosts users who will be enabled for Enterprise Voice;
- Create an Exchange UM hunt group for each UM IP gateway. The hunt group pilot identifier will be the name of the dial plan associated with the corresponding UM IP gateway. The hunt group must specify the UM SIP dial plan used with the UM IP gateway.
When the script has run you’ll see a new UM IP Gateway appear in the EAC. Since this script not only creates the UM IP Gateway but also sets the necessary permissions the UM IP Gateway was not created manually in the first step.
The next step is to run the OcsUmUtil.exe utility which creates the contact objects for Outlook Voice Access and for the auto attendants. This tool can be found in C:\Program Files\Common Files\Microsoft Lync Server 2013\Support.
Start the OcsUmUtil tool and select Load Data.
This will read all dial plan information from the Active Directory. Click Add to create and configure the contact object in Active Directory.
You can specify the location in Active Directory of the contact, the name and the SIP address of the contact. Select the Lync front-end pool and enter the phone number used by this contact.
Click OK to continue. The Lync and UM infrastructure is now finished and you can UM enable a mailbox.
Enable UM for a mailbox
To enable a mailbox for UM select the recipient and open its properties. In the left hand menu select Mailbox Features and in the right hand part select Enable under Phone and Voice Features.
In the Enable UM Mailbox window that pops up select the UM Mailbox Policy you want to assign to the Mailbox using the Browse button. In the following pop-up enter an extension number for the mailbox and type a PIN code. It is also possible to auto generate a PIN code which will be mailed to the mailbox.
Click Finish and Save to store all information in Active Directory. Configuring the UM service in Exchange Server 2013 is now finished and we can continue testing with the Lync client.
Lync client testing
The easiest way to test your new UM servers is to call yourself on your Lync client. In the taskbar a small pop-up appears with incoming call information. Click on Redirect and select Voicemail.
The incoming call should now be redirected to your voicemail and if you leave a message it will show up in your mailbox as an MP3 file within minutes.
To test Subscriber Access you can use a normal telephone line and dial the number you entered when configuring Subscriber Access. In the Lync client select the dial pad and click on the small recording icon next to where it says Voice Mail and select Call Voice Mail. This will also call into the Subscriber Access.
A special thanks to Johan Veldhuis for a nice afternoon playing in the lab and helping me troubleshoot all my Lync (and UM) issues.