Archive for the ‘Hosting & SaaS’ Category

External DNS and Certificates Planning for Lync 2010 as Hosting Service

Tuesday, December 4th, 2012

Microsoft released Lync Multi-Tenant Pack for hosting providers to offer Lync as a hosting service. Even before this pack, many companies were already offering Lync and OCS as hosting services to SMBs. The deployment guide for Multi-Tenant pack states to add few SAN entries for each new domain. If you try to login without adding SAN entry for the domain, login fails! This means that with every new customer, you will have to update your certificates, pay for any new SAN entries and then reassign the certificates. This does not seem to be a good idea in terms of cost and ease of provisioning a new tenant.

So, to help out those who are planning to offer Lync as a hosting service or those who already are, I suggest planning DNS and certificates as following:

Meet URL configuration:

For every hosted domain you will need meet URLs. These URLs are used to schedule online meetings. I would recommend first reading this article: Planning for Simple URL. For a hosting company, Option 3 mentioned in this article is best choice. Format for meet URL as per Option is:

https://lync.contoso.com/contosoSIPdomain/Meet

https://lync.contoso.com/fabrikamSIPdomain/Meet

Where lync.contoso.com is Provider’s domain and contosoSIPdomain and fabrikamSIPdomain are hosted domains. Following this format will minimize DNS and certificate requirements.

DNS for Hosted Domain:

External DNS and Certificates Planning for Lync 2010 as Hosting ServiceIf you have followed Option 3 for meet URL, you now only need three DNS records for every hosted organization. Frist one for client auto configuration; an SRV record _sip._tls.<hosteddomain> pointing to sip.<providerdomain>. Second, for federation; an SRV record _sipfederationtls._tcp.<hosteddomain> pointing to sip.<providerdomain>. Third one is for Lync Mobile Clients: ‘A’ record lyncdiscover.<hosteddomain> pointing to MCX Server.

Using such planning, there will be no need to update and reapply certificates. However, clients will display a pop up window while logging in, informing that you are being redirected to another server:

At this point user should check the box ‘Always trust this server’ (after seeing the certificate details and making sure that this is indeed service provider’s server).

Apart from being cost effective and easy, another advantage is that, if you expand the Certificate Details, your hosted organizations will not be exposed!

Related Posts:

Microsoft Exchange 2010 SP2 Now Supported in MachPanel

Thursday, December 29th, 2011

While the competition is busy proclaiming victory MachSol announced to be the first automation provider in the world delivering support for Microsoft Exchange 2010 SP2. MachPanel is the industry leading control panel for shared and enterprise hosting that fully supports Microsoft Exchange, SharePoint, CRM 2011, Lync and Hyper-V.

Early this year Microsoft advised Hosting Service Providers to migrate to /hosting mode. In October this year Microsoft announced /hosting mode was a dead end. Many of the HSP’s are anxiously waiting to migrate to on-premises mode and offer new features available in SP2. With the unmatched release of MachPanel our valuable customers will obtain the competitive edge and ability to grow business rapidly.

We offer dedicated in-house gold certified professionals who can assist you in migrating your infrastructure and speed up your time to market substantially. If you already have customers on /hosting mode we can assist you in seamlessly migrating to on-premises (multi-tenant) including SP2 release.

Related Posts: