Install and Configure Lync Server 2010—Step by Step

Microsoft Lync Server is the next generation unified communication server. In this article, I will design and deploy Lync Server 2010 on a test platform. You can follow through this article to make up your own Lync Server and modify your design according to your need.

Windows Server 2012 Step by Step

Step1: Prepare a Design Download Microsoft Lync Server 2010, Planning Tool and assess your need for Unified Communication in your company.


In this design, I have shown a full scale deployment of Lync Server. However, you can choose to deploy a standard version of Lync. Once you design Lync Server. you need to create a list of IP address, FQDN and Certificate or you might write project documents and Visio design, Sample as follows.

SIP Domain
Lync Pool
FQDN Internal IP Address External IP Address x x x x x

Necessary URLs and Ports

Name URL Port
Administrative Access 443
Meeting 443
Phone Dialin 443
Edge Access (internal) (External-SIP, Web, AV)

443DNS SRV Service record

SRV Service: _sipinternaltls

Protocol: _TCP





Important! All the CANME and HOST (A) records must be present at internal DNS server. For external client access you must host all CNAME and public IP through your ISP. Don’t worry about the IP addresses I mentioned here. On a practical project, it will be different for sure.

Windows Server 2012 Step by Step

SQL & File

Name FQDN Instances/Share
File Share

Other Servers

Domain Controller
Certificate Authority
Frontend TMG
Backend TMG
Reverse Proxy


Step2: Collect Prerequisites

Before you can actually deploy Lync Server 2010 you need to download following prerequisites, install and prepare environment.

  • Windows Server 2008 R2 x64 Lync Server Roles
  • Windows 7 installed on client computers.
  • .NET 3.5 SP1 installed on all servers.
  • Microsoft Silverlight browser plug-in installed on Standard Edition Server and Director
  • Active Directory Administrative tools feature installed on Standard Edition Server and Director
  • All clients and servers are up to date with patches from Windows Update.
  • Domain controller is running Windows Server 2008 R2 or Windows Server 2008 configured as a DC, DNS and CA
  • FF TMG 2010 is running on Windows Server 2008 R2
  • Service Account or Management user account as Domain Admin

A typical Installation of Lync Server involves completion of the following installation Wizard shown as 1, 2 and 3.


Step3: Understanding Lync Server Roles

Internal Users: Lync Server Standard can provide IM, A/V Conferencing, Web Conferencing

External Users: Edge Server, Director and reverse-proxy server provide remote user access, federation, and conferencing

Step4: DNS Creationyou must create all the DNS records, CNAME record, SRV Service Location. I am showing DNS SRV Record here but you can create an Alias records and Host A record yourself.  To create a DNS SRV record

  • On the DNS server, click Start Menu >click Control Panel>click Administrative Tools>click DNS
  • In the console tree for your SIP domain, expand Forward Lookup Zones>right-click the SIP domain in which your Lync Server will be installed> Click Other New Records.
  • In Select a resource record type>click Service Location (SRV)>click Create Record>Click Service and type _sipinternaltls.
  • Click Protocol and type _tcp.
  • Click Port Number, and type 5061
  • Click Host offering this service> type the FQDN of the pool
  • Click OK>Click Done.

Step5: Prepare Environment Prior to deployment, you must install all the servers as their required platform and join domain. On Lync Server, install following windows roles and features

  • IIS 7.0
  • Active Directory Admin Tools
  • SQL Server 2008 with Native Tools (Available in Lync ISO )
  • Windows PowerShell
  • Enable Remote Admin
  • Prepare File Share

On the Standard Edition server, create a file share named share. Configure the administrator account to have full rights. Configure everyone else to have read only privileges. On the Standard Edition server and Director, enable remote administration of the server. Allow Firewall Rules exception for SQL Server and remote administration. Open Command Prompt in Lync Server as an Administrator and Type as follows

netsh firewall set portopening protocol = TCP port = 1433 name = SQLPort mode = ENABLE scope = SUBNET profile = CURRENT


netsh advfirewall firewall add rule name = SQLPort dir = in protocol = tcp action = allow localport = 1433 remoteip = localsubnet profile = DOMAIN

To create an exception for SQL Server in Windows Firewall, follow these steps:

  • In Windows Firewall, click the Exceptions tab>click Add Program.
  • In the Add a Program window, click Browse.
  • Click the C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnsqlservr.exe executable program, click Open, and then click OK.

Open SQL Server Configuration Manager>Expand SQL Server Network Configuration>Select Protocols>Enable TCP/IP


Step6: Prepare Domain, Forest and Schema

Insert Lync Server DVD>Run Lync Server 2010 Setup



Click on Prepare Active Directory. Follow the screenshots. Run Prepare Schema, Prepare Domain, Prepare Forest.











Step7: Lync Server Privileged Access

Now Open Active Directory Users and Computer Console.  Add Users Account whoever installing Lync Server and will be administering Lync Server to the following Groups.

  • CSAdministrator
  • RTCUniversalServerAdmins


Step8: Create a Topology using Topology Builder


In this step, we’ll use the Planning Tool to define our initial topology. The Planning Tool populates the topology with some initial sample data that will be exported to Topology Builder. Once you import .xml file in Topology Builder, you can edit Topology according to desired IP, Port and URLs.



















To configure Admin Site, In Topology Builder, click Lync Server 2010 from the left hand pane>Click Edit Properties>Click Simple URLs. Under Administrative access URL: type Click OK to close the Edit Properties window.





Step9: Deploy Lync Server 2010 Standard Edition

Now that the topology has been published to the Central Management Store, you must install a local replica on the Standard Edition Server, followed by the Director. Additionally, you can install the core components and start the services.

On the Deployment Wizard page, click Install or Update Lync Server System. On the Lync Server 2010 page, Install Local Configuration Store, click Run. On the Local Server Configuration page, ensure that the Retrieve configuration automatically from the Central Management Store option is selected, and then click Next. When the Local Server Configuration installation is complete, click Finish.


Setup or Remove Lync Server Components, click Run. On the Setup Lync Server Components page, click Next to set up components as defined in the published topology. When Lync Server components setup completes, click Finish.



In the Lync Server Deployment Wizard, Request, Install or Assign Certificates, click Run.

On the Certificate Wizard page, click Request>click Next.

Immediate Requests page, accept the default Send the request immediately option, and then click Next>accept the default. On the Certification Authority Account page, click Next. On the Name and Security Settings page, for Friendly Name enter Lync Server, accept the remaining defaults, and then click Next.

On the Organization Information page, optionally provide organization information>click Next. On the Geographical Information page>provide State, Country, City, click Next>click Next. On the SIP Domain setting page, select the SIP Domain and then click Next>click Next. On the Certificate Request Summary page, click Next>click Next>click Finish. On the Certificate Assignment page, click Next>click Next>click Finish>click Close.


In the Lync Server Deployment Wizard, on the Lync Server 2010 page, click the Run button>Click Start Services. On the Start Services page, click Next to start the Lync Server services on the server. On the Executing Commands page, after all services have started successfully, click Finish.


In the Lync Server Deployment Wizard, Start Services>Click Run

Open Command Prompt>Type Services.msc hit Enter. Now check all the services related Lync Server are running.


Click on Start Menu>Click All Program>Click Lync Server 2010>Click Lync Server Control Panel



Click Users>Find Active Directory test users>Enable users for Lync Server.


Define SIP Domain, Log on format and Lync Pool. Click Enable.




Step10: Install Lync Client and Test Lync

Install Lync Client on any Windows7 SIP domain client. Click Start Menu>Click All Program>Click Microsoft Lync Client>Click Tools>Click Option as shown on the picture.


Click Manual Configuration>Type>Click Ok.


Type sign-in address as

Type users name as microsoftgurutest and password. Hit Sign-in. you are not logged on to Lync Client.



Relevant References:

Microsoft Lync Server 2010

Lync Server 2010 AD Guide

SQL Server 2008 SP1

Microsoft Lync Server 2010, Planning Tool

How to Configure Reverse proxy Using TMG 2010

Install and Configure TMG 2010

Exchange 2010 UM

Back to Back DMZ

About Raihan Al-Beruni

My Name is Raihan Al-Beruni. I am working as an Infrastructure Architect in Data Center Technologies in Perth, Western Australia. I have been working on Microsoft technologies for more than 15 years. Other than Microsoft technologies I also work on Citrix validated solution and VMware data center virtualization technologies. I have a Masters degree in E-Commerce. I am certified in Microsoft, VMware, ITIL and EMC. My core focus is on cloud technologies. In my blog I share my knowledge and experience to enrich information technology community as a whole. I hope my contribution through this blog will help someone who wants more information on data center technologies.
This entry was posted in Windows Server and tagged , , , , , , , , , , , . Bookmark the permalink.

12 Responses to Install and Configure Lync Server 2010—Step by Step

  1. Daniel says:

    Thank you for the great post Raihan.

    I have a question regarding Lync topology with 2 data centers.
    How they has to be configured using one domain name ex:
    the two datacenters are connected through DS3 link.
    the requirement is to provide both datacenters with all Lync functionalities.
    I couldn’t find any information about how this design has to be done.
    for example let’s say: – one domain “”- – – would be the first FE pool at site 1 and – – second site front end pool
    is this acceptable topology?
    If this is the correct topology how the FE server would replicate btw each other
    or – “two child domains” – – – would be the first FE pool at site 1 and – – second site front end pool
    In this scenario both sites maybe has to be federated or trusted or …?

    I am really confused about the whole idea

    Once the Lync would host one company how these Front end and back end servers would talk and synchronize btw each other?
    If you lose one of the FE Pools that host half of the users they couldn’t connect to the other pool as site resiliency solution or DR or … because they will not be present in other SQL database. (in case there is not sync available)

    I`ve seen topology with shared SQL between 2 geo separated FE Pools, but in my scenario is impossible because of the connection limitation.

    Ok I wrote too much🙂

    If you could help I will really appresiate


    • I am not sure how many users you have but regardless of geographic location a single FrondEnd Pool can handle up to10000 users in a single forest. I dont think it would an wise idea to make it a complex design. I have clients who got 8000 users and 49 locations working under single forest.
      To make it more resilience, you can have enterprise deployment such as clustered SQL, clustered server roles. that is a good idea.


  2. Pingback: Deploy Lync 2010 Director Server | Blog by Raihan Al-Beruni

  3. Sazol Chowdhury says:



  4. Pingback: How did this blog perform in the year of 2011 | Blog by Raihan Al-Beruni

  5. Mohammed JH says:

    Man have you got MaxACD configuration instruction? I want it detailed but unlike the the original MaxACD documentation.. it’s too long, boring and sometimes too much information that’s useless..

    I’m deploying Lync, MaxACD, DC servers and SIP gateway in order to have a call center. this is the first time I do this and I’m stuck in few things with MaxACD.

    Please let me know if you can help me with that!



  6. Dick Enhole says:

    How do you distibute rolls between multiple servers?? Do I have to install just like this on each server? If so how to you separate the director and back end roll from the front end server role? ( step by step would be appreciated )


  7. H Limbada says:


    Thanks for your write up. I’m not a professional, just someon that likes tech. I’ve setup a virtual environment based on your back to back firewall blog. I have setup Lync SE server along with Edge and another TMG in the perimeter. (Like this setup, except everything is on one server without archiving, monitoring or director)

    Just a few questions, how do I allow traffic

    from the front end tmg to lync edge?
    from front end tmg to perimeter tmg (reverse proxy)

    also the same for
    edge (through back end tmg) to Lync Front End?
    reverse proxy (through back end tmg) to Lync Front End?

    Thank you for your help.


  8. Scott says:

    Can I do the lync enterprise in a 2 phase deployment?
    Phase 1 would be the 2 front end servers a director and a A/V conferencing server (is this a separate server or or can that role be installed on one of the front end servers?
    Phase 2 would then be the edge server and the Proxy.

    We are thinking of using a Cisco HLB, do we use that for the the front end server or the edge, or is DNS LB recommeneded?


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s