This week I’m attending the Lync Hosting Pack (LHP) V2 summit in Washington DC. The Lync Hosting Pack is Microsoft’s solution for hosters to offer a fully multi-tenant Lync solution. The summit is a joint development between Microsoft and implement.com.
The solution is based on one Active Directory, but every customer has its own Organizational Unit, fully separated from other OU’s, thus preventing information leakage. LHPv2 itself is based on Lync Server 2013.
Compared to LHPv1 the solution is much better. The only servers right now that are exposed to the Internet are the Lync 2013 Edge Servers and the Reverse Proxy servers. In the hands-on part of the Summit IIS ARR is used for Reverse Proxy but in real life you might want to use a hardware load balancer for this. I know F5 has a reverse proxy solution for Lync and Kemp Technologies is working on it. All other Lync servers are on the internal (datacenter) network. The director server in LHPv1 was also used and connected directly to the Internet, but in LHPv2 the director server is only used in very large deployments where multiple front-end pools are used.
Segregation in Lync Server 2013 is based on certain properties in Active Directory which are set during provisioning of the organization (i.e. creating the OU) and when Lync enabling the users.
Provisioning is done using standard Powershell commands and working in the hands-on lab with this gives a tremendous amount of insight into the solution. Provisioning can be automated as well of course. Although it is possible to create a control panel yourself it is a lot of work, especially when you want to offer a self-service portal to your customers. A better solution (but that’s my personal opinion) is to work with a control panel vendor which does all the plumbing in the background. Can’t find any Lync specific info on this on the Microsoft site, but this is for multi-tenancy in Exchange which comes close.
During the hands-on lab a complete LHPv2 environment was built, complete with Exchange 2013 Unified Messaging for voicemail functionality. Although the summit was held in Washington DC the actual servers were in located in the MPSC (Microsoft Partner Solution Center) in Redmond, just like a real world datacenter solution 🙂 This worked pretty well, even the (SNOM 821) IP phones were working perfectly and the audio quality was very good.
The training was very well prepared (thanks Vladd, Todd, Jason and Steve) and had good technical content without too much Powerpoint, well done! If you ever get lucky to attend one of these trainings you won’t regret it.