Saturday, 18 May 2013

Publishing Microsoft Lync 2010 using Microsoft UAG 2010

I've been working with Microsoft UAG since it's been available.  I had a head start as I was using and deploying IAG and Whale previously, which were the two predecessors to UAG.

I've published a few different applications, but a majority of the solutions will include Microsoft Exchange (whether it's OWA, full Outlook and/or ActiveSync), RDP connections (usually for administrators to access servers or to Terminal Servers), and some sort of Intranet or SharePoint site.  Some of the rarer occasions I've been asked to give terminal access to AS/400 solutions, publish VMware View, deliver the Neocoretech VDI solution using HTML 5 clients on iPads, etc, etc.

So when I was asked to deploy Lync 2010, I was pretty confident it would be straightforward.  I did some research to ensure I was following best practise, but ended up using a few documents to achieve a fully working solution.  Please note I wasn't doing this blind as I had deployed Lync in our office, but could make it work with UAG without real certificates (as is highlighted in the following instructions)

I was deploying an SSL-VPN portal as well as creating a Lync connection for the computers, which meant I modified some of the configurations given.

The first document I used was this one:
http://social.technet.microsoft.com/wiki/contents/articles/14000.publish-lync-2010-with-forefront-unified-access-gateway-2010-uag.aspx

Ensure you have all the domain names for the various Lync components, but I used a different document for this.

As ever, I was deploying a Celestix WSA solution, which was straightforward.  I followed Georg Thomas' instructions, but did not follow the section on the "Additional Trunk Configuration" as this would impact my SSL-VPN portal.  I did create the registry key as described, but also follow Erez Ben Ari's blog here with the additional registry key: http://blogs.technet.com/b/edgeaccessblog/archive/2012/06/15/lync-publishing-on-uag.aspx

I would typically use wildcard certificates, but as these do not work with Lync on UAG, we has to use a SAN (Subject Alternate Name) certificate.  As I have never done this before, I followed these comprehensive instructions: http://technet.microsoft.com/en-us/library/gg429704.aspx  The request of the certificate from the provider is the same as a "normal" or wildcard certificate, as is the installation.

Thanks the well written documents abover, the publishing of Lync 2010 was straightforward.

No comments:

Post a Comment