Migrating from OCS 2007 R2 to Lync: Part I

Lync Server is more than just a name-change for OCS, it is a significant upgrade. How then do you make
that migration from and existing Microsoft Office Communications Server (OCS) 2007 environment to Lync? Johan explains,
from experience, all the necessary steps to the point that one can confidently say 'Gentlemen, start your engines!'

In my previous article, we had a look at a few of the new features of Microsoft Lync Server 2010. I also mentioned the installation process, and we will now, in this article, have a look at how to migrate from Microsoft Office Communications Server (OCS) 2007 R2 to Microsoft Lync Server 2010. Let’s first have a look at which of the possible migrations are actually supported by Microsoft.

Supported Migrations

As with all its other products, Microsoft provides support for migrations from previous versions. You can, it turns out, migrate both OCS 2007 and OCS 2007 R2 environments to Lync Server 2010. Earlier versions of the product, such as Live Communications Server (LCS) 2005 are not supported.

Current Environment

First, let’s describe our typical current environment.

1288-migrating_image_1.jpg

Figure 1. Overview of our current environment

In the diagram above you will find the servers currently implemented:

  • DC01, our domain controller which also contains the certificate authority role
  • OCS-FE, our OCS 2007 R2 Front-end Server
  • OCS-MED, our OCS 2007 R2 Mediation Server
  • OCS-EDG, our OCS 2007 R2 Edge Server

All servers are running Windows 2008 R2 and are located in our domain called CORP. Both the forest and domain functional levels are set to Windows 2008 R2.

The users in the domain are all enterprise voice-enabled and are allowed to connect from the internet. As well as this, federation with external companies and the Microsoft Live network is allowed.

In addition, both dial-in conferencing and two response groups are active.

The company is using a SIP trunk from a provider which is identified on both the OCS and Lync interoperability sites of Microsoft.

Requirements

Let’s now list all the requirements which must be met.

  • During the implementation of Lync Server 2010, the current environment must remain available for users;
  • The contact lists for all users must be migrated to Lync;
  • All other functionality such as federation, enterprise voice, dial-in conferencing and response groups must be migrated to Lync;

Now we know how our current environments looks like, and which requirements must be met, we are ready to start installing Lync.

Preparations

Before starting the complete process, we must create a backup of the following components:

  • Active Directory
  • OCS 2007 R2 Front-end Server
  • OCS 2007 R2 Edge Server

Because all our users have client applications based on OCS 2007 R2, we will need to perform some preparations on that side also.

The best practice is to upgrade the client side with the most recent cumulative update (CU) which can be found on this site. Beside the normal client apps, don’t forget the attendant client and phone clients.

Installing Lync Server 2010

I mentioned in my previous article that there are two methods of starting the implementation of Lync:

  • Using the planning tool
  • Using the setup

We will use the setup in this article, but before doing this we will need to install the prerequisites.

Install prerequisites

Because Windows 2008 R2 already contains .NET 3.5 SP1, you won’t need to download it but just install it. .NET and all other prerequisites can be installed using the following PowerShell command lines:

Import-Module ServerManager

Add-WindowsFeature AS-NET-Framework ,Web-Static-Content,Web-Default-Doc,Web-Http-Errors,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Http-Logging,Web-Log-Libraries,Web-Http-Tracing,Web-Windows-Auth,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Console,Web-Scripting-Tools,Web-Client-Auth

Optionally, you can install RSAT-ADDS which makes it possible to prepare the Active Directory using the Front End Server.

%systemroot%\system32\dism.exe /online /add-package /packagepath:%windir%\servicing\Packages\Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum /ignorecheck

As a final step before starting the setup, you should create a share. This share will be used by Lync to store the application server files, central management files and files related to web services. These include the files which must be replicated from the Central Management Store and vice-versa; custom prompts for response groups, meeting content and the address books.

Ensure that at least the user which will be used to create a configuration using the Topology Builder has full control on the share. As well as this, the user needs to be a member of the domain users group and the local administrator group. If the permissions are not set correctly, then the process of publishing the new configuration will fail.

Once these steps have been completed then it’s time to launch the setup.

When you start the setup process for the first time, it will check whether Visual C++ 2008 is installed. If not, then it will prompt you to install it. If it does so, then press yes to install the required software.

1288-migrating_image_2.jpg

Figure 2. Install Visual C++ 2008 Redistributable

Once the software is installed, you will be prompted to select a location for the installation files and the future Lync Server components. When the installation files have been copied, you will see an interface which is reminiscent of OCS 2007 R2. The next step we need to perform is to prepare the Active Directory.

Prepare Active Directory

Select the option Prepare Active Directory for Lync Server: This will bring you to a new page. This page contains all steps which must be completed in order to prepare Active Directory for Lync Server 2010.

1288-migrating_image_3_small.jpg

Figure 3. Prepare the Active Directory

Before running these steps, you will need to make sure you have a correct backup of your Active Directory in case something goes wrong. When this has been confirmed, we can start with the first step: Prepare Schema. This will extend the current Active Directory schema with those objects that are necessary for Microsoft Lync Server 2010.

Since we don’t have multiple domain controllers, we don’t have to check whether replication has occurred after the schema is prepared. So we can continue with Prepare Current Forest. During this process, several universal groups will be created in your Active Directory. This step is completed pretty fast compared to the schema preparation.

As a final step, we need to prepare the domain. This can be done by selecting the Prepare Current Domain option. During this process, several ACLs are configured on the necessary Active Directory objects. When this step has been completed we can continue with the next step: Prepare first Standard Edition Server.

Prepare first Standard Edition Server

Before you can publish a topology to the Central Management Store (CMS), you will first need to have one. To create the CMS, you will have to select the option Prepare first Standard Edition server. During this process, the SQL connectivity tools will be installed along with an SQL 2008 Express Edition instance. Additionally, the UCMA Redistributable will be installed. As final step of the preparation, a firewall exception is added to allow connections to the SQL server instance.

1288-migrating_image_4.jpg

Figure 4. Prepare first Standard Edition server

Now that our environment has been completely prepared, it’s time to define our new Lync Topology. To do this we will need to install the Topology Builder.

Install and use the Topology Builder

When the Install Topology Builder option is selected, a wizard will be started which guides you through the installation process. Follow the steps in the installation wizard in order to complete the installation.

When the Topology Builder has been installed, we can define our new Lync Topology.

To start designing your topology, choose the New Topology option, which will then prompt you to choose a location to store the topology file.

The first step in the wizard will ask for the SIP domain; this must be exactly the same domain as currently configured in our OCS 2007 R2 deployment. If these two are not the same, then the merging of the topologies will fail.

1288-migrating_image_5.jpg

Figure 5. Define the primary domain

Once the SIP domain and optional other SIP domains have been specified, you will need to create a site. Each deployment can contain multiple sites, but requires at least one site. Additional sites can be added later on. When the site, and additional information about the site, have been provided you will then have the option to launch the next wizard.

This wizard will guide you through the process of configuring the Front End Server. Using the first step you will have to specify the fully qualified domain name (FQDN) of the Front End Server or Front End Pool. This last one is only applicable when deploying an Enterprise Edition Front End Server. Because high-availability was not a requirement, we will create a Standard Edition Front End Server. So we will choose the option Standard Edition Server and specify the FQDN of our Front End Server. This is the local FQDN of the server which is lync-fe.corp.local in our case.

1288-migrating_image_6.jpg

Figure 6. Define the Front End pool FQDN

Next step is to specify which features will be enabled on the Front End Server. The features which you enable must be exactly the same as the features enabled in OCS 2007 R2. This due to the fact that if you have not selected them, you will be able to migrate the feature but it won’t work. In this case we will only enable the Conferencing, Dial-in and Enterprise Voice options.

Once the features have been selected, it’s time to enable the roles which need to be collocated on the Front End Server. Microsoft highly recommends that one should co-locate the Mediation Server during a migration. After the migration process you can decide to build a dedicated Mediation Server and remove the co-located one.

The next step is to associate additional servers such as Edge, Monitoring or Archiving Servers to the pool. Don’t select the Enable an Edge pool to be used by the media component of this Front End, this will be enabled later in this article. Because the Monitoring and Archiving Servers are not a requirement we don’t select them either.

Since we are installing a Standard Edition Front End Server, the next step can be skipped since you can’t store the CMS on a separate SQL Server.

You’ll remember the share which we described earlier on, which was created as prerequisite. In the next step we will need to specify the name of the share which was created, and the server on which it is located. Once this is done we will arrive at one of the final steps, provide the external base URL. This URL will be used for accessing the web services offered by the Front End Server. For easier transitioning later on, you can keep the same URL as used for OCS or decide to create a new one. Keep in mind that the last method does require some DNS changes and more reverse proxy changes then the first method.

As a last step you can configure a gateway which is used by the Mediation server. This gateway is used for outgoing calls to the PSTN. Don’t create one yet, but press finish instead.

Once you are satisfied with the topology, you can publish the topology by selecting the Publish Topology option in the actions menu.

Follow the steps in the wizard to publish your new topology. When you perform this action the first time, the CMS database will be created. Once it is created, the topology will be published and enabled.

Install Lync Server Components

When the topology has been published we can install the required Lync Server Components. This can be done by selecting the Install or Update Lync Server Components which will install the required software components for each role. Each server will determine which components will be installed by looking in the CMS. If you subsequently wish to make major changes by using the Topology Builder, then rerun this option to add or remove the components.

Before the components can be installed, we first need to install a local replica of the CMS. This can be done by selecting the option Install Local Configuration Store. This will install an additional SQL Express 2008 instance on the server. You will be prompted to select a source, in this case select the Retrieve Directly from Central Management Store option which will retrieve the data directly from the CMS.

1288-migrating_image_7.jpg

Figure 7. Install Local Configuration Store

Once the installation of the Local Configuration Store is completed, you can then install the server components. This can be done by selecting Setup or Remove Lync Server Components.

The setup will use the data from the CMS to decide which components to install, so you don’t have to select the components yourself. Once all the components are installed we’ve reached the next step: request and install the certificates.

This process can be started by selecting the option Request, Install or Assign Certificates. First we need to request a new certificate, so press the request button to start the wizard.

The first question you need to answer is whether you are creating an offline request or wish to submit the request directly. In most cases this will be the latter, since an internal certificate authority will be used. In our situation this is also the case, so we select Send the request immediately to an online certificate authority.

In the next step, make sure that you select the correct certificate authority and continue with the next step. The next two steps are optional and are not always required. These steps will let you:

  • Specify an alternate credentials to request the certificate
  • Specify an alternate certificate template

Now the two steps have been completed, it’s time to specify the friendly name which is used to easily identity the certificate. Besides this, it will give you the opportunity to make it possible to export the certificate including a private key.

The next two steps are both company-related settings and thus we will skip them in this article. Now we reached the most important steps: specify the names which need to be located on the certificate.

In most cases, all the correct names are pre-populated automatically using the data retrieved from the CMS, but be sure to check nonetheless whether all names are there, and add additional names later using the wizard.

After this step, you will need to select the SIP domain which must be listed on the certificate. Selecting this option will add a SAN entry sip.domain.com to the certificate, so in our case sip.corp.local.

1288-migrate_image_8.jpg

Figure 8. Provide Subject Name/Subject Alternate Names

Besides this, all the short URLs that are configured by default are automatically added as Subject Alternate Names (SAN).

As I mentioned earlier, it is possible to add additional SAN entries and this can be done in the next step. Normally you won’t have to add additional names but if you need to, you can do it in a few moments.

Before the actual request is submitted, you will receive a summary. Be sure to check all settings before submitting the request. Once the request has been submitted and the certificate has been installed, a new wizard will be automatically started.

This wizard will guide you through the process of assigning the certificate to the server. Just select the correct certificate and follow the steps of the wizard to assign the certificate.

Once all these steps have been completed, it’s time for the next step: Gentlemen start your engines!

Start the Lync Services

Now all components have been installed and the certificate is installed it’s time to start the services. This can be done by selecting the Start Services option from the setup. Follow the steps from the wizard and wait till the services are started.

If you want to make sure the services are really started you can use the Service Status (optional) option to check if all services are started.

Check Both Environments

Now the Lync deployment has been completed for now, it’s time to perform some checks before continuing.

The check starts with verifying that both the OCS and Lync services are running. This can be done by opening the services MMC or by opening the management consoles from both products.

Before you can use the Lync Control Panel don’t forget to add the user account to the Cs-Administrators group.

1288-migrate_image_9.jpg

As well as doing this, confirm that the users who are hosted on OCS can still use all the functionality of OCS.

This brings us to the end of the first part of this article about migrating from OCS 2007 R2 to Lync Server 2010. In the next part we will start with merging the topologies and connecting Lync to the internet using the OCS 2007 R2 Edge Server.

When this is finished we can perform a test migration and check if all functionality works correctly before migrating the other resources.