How often have you sent an email to a business partner that ended up being a 25-email conversation thread… which at some point started discussing what you’re going to do over the weekend? If you have Microsoft Lync deployed and that partner had Lync, you can setup a Lync federation partnership and eliminate those long email conversation threads by simply having an IM session with your coworker. Not only have you become more productive by saving time from writing that email about your plans, but you might also keep your Exchange admin happy as well. After all, email is not a chat session.
Using Lync is a great tool to communicate internally, but it can also be used to communicate with your external partners or businesses just as easy using Lync Federation. This article will discuss what you need to do to get federated with an external Lync deployment.
Lync Federation with another external Lync deployment, typically a business partner/customer, allows the users of the federated partnership to access IM and Presence (person to person only), and it creates federated contacts within the Lync client. Perhaps you want to limit the federation to only a subset of users. This can be accomplished via Lync External Access Polices assigned by users.
There are several types of Lync Federation: Discovered Partner Domain, Allowed Partner Domain, Allowed Partner Server, and Hosting Provider and Public IM.
The partner’s Lync Edge server is discovered by looking the SRV record using DNS. The Firewall would need to allow all inbound traffic on port 5061 through without restriction. This type of federation allows users to connect to any potential business partner without contacting the Lync Admin to setup the federation. This open form of federation requires such that the A record and certificate for the federated access edge server needs to match the SIP domain. There is also a limit of 20 SIP messages received per second by this type of partnership.
This type of federation requires the Lync Administrator to setup the federation as it requires you know your partner’s SIP domain and add it to the list of Federated Domains Lync control panel. Like the Discovered Partner Federation, the A record and certificate for the federated access edge server needs to match the SIP domain, but there are no limitations as far as SIP messages.
This type of federation is manually added and does not require A records and certificates to match the partners access edge server. Instaed, it uses the Partner’s FQDN of the access edge server and the domain name.
This type is used for federating with hosting providers such as Office 365, Skype, and AOL.
This allows federation with deployments using eXtensible Messaging and Presence Protocol (which will not be shown in this article).
Prior to setting up the federation you will need to ensure that your Lync deployment is setup properly.
In the Lync Control Panel, navigate to External access Policy page and enable users to communicate with federated users.
After you have configured for federation on your Edge servers, you’ll be ready to start federating with business partners. Determine what type of federation you will be using for that partner and then define the DNS records required for that particular type of federation.
Discovered Partner Domain (Open Enhanced Federation): If you want to use this type of federation, you will need to enable the feature using the Access Edge Configuration settings.
Lync Edge server will locate the business partner using the partner’s SRV record using DNS if it’s published. <_sipfederationtls._tcp.<external domain name>
Allowed Partner Domain (Enhanced Federation): In the Federated Domain tab add the business partner’s domain name.
Allowed Partner Server (Direct Federation): In the Federated Domain tab, add the business partner’s Access Edge server FQDN and the partner’s domain. Both must be entered.
Hosting Provider and Public IM: To federate with a business partner using Office 365, fill in the provider name and Access edge FQDN. You will also need to choose to allow communication with this provider. Once these settings are added in the hosting provider tab you will still need to add the business partner’s domain info in the Federated Domains list tab.
Once all settings are added for the business partner and you’ve exchanged your details with them, then you can begin testing the Lync Federation.