Microsoft Lync Server 2013
Multitenant Hosting Pack
Deployment Guide
Microsoft Lync Server 2013 Multitenant Hosting Pack
Published:June2013
Document Version:1.2, 06/14/13
Changes in this version:
Updated section 7.5 to remove the following:
“In addition, create one external DNS record for the FQDN of the Front End pool for
each external IP address of the Front End Servers.”
Abstract:The Microsoft Lync® Server 2013 Multitenant HostingPackfeatures include integration
with Microsoft Exchange Server, Microsoft Outlook, and other communication technologies. The
Lync Server2013 Multitenant Hosting Pack enables customers to manage geographically
dispersed offices and mobile users in a way that reduces travel expenses, while maintaining
highly collaborative team environments. This document describes the Lync Server 2013
Multitenant Hosting Pack, and includes information about how to deploy and configure it.

This document is provided “as-is”. Information and views expressed in this document, including
URL and other Internet Web site references, may change without notice.
Some examples depicted herein are provided for illustration only and are fictitious. No real
association or connection is intended or should be inferred.
This document does not provide you with any legal rights to any intellectual property in any
Microsoft product. You may copy and use this document for your internal, reference purposes.
Copyright © 2012 Microsoft Corporation. All rights reserved.

Contents
1 Overview of the Microsoft Lync Server 2013 Multitenant Hosting Pack ................................. 1
1.1 Understanding the Lync Server 2013 Multitenant Hosting Pack....................................... 1
1.2 How to get the Lync Server 2013 Multitenant Hosting Pack Software ............................. 2
1.3 What’s Available in the Lync Server 2013 Multitenant Hosting Pack................................ 2
1.3.1 Comparing versions of the Lync Server Multitenant Hosting Pack............................. 2
1.4 Known Issues ................................................................................................................... 12
2 Determining Your Infrastructure Requirements .................................................................... 12
2.1 Hardware Requirements.................................................................................................. 13
2.1.1 Hardware Requirements for Servers Running Lync Server 2013 .............................. 13
2.1.2 Hardware Requirements for Back End Servers and Other Database Servers ........... 13
2.2 Integration with Exchange Server.................................................................................... 14
2.3 Network Infrastructure Requirements ............................................................................ 15
2.4 Domain Name System (DNS) Requirements.................................................................... 15
2.5 Active Directory Domain Services Requirements............................................................ 16
2.6 Load Balancing Requirements ......................................................................................... 16
2.7 Port and Protocol Requirements ..................................................................................... 16
2.8 Certificate Requirements................................................................................................. 16
2.9 Software Requirements................................................................................................... 16
2.10 Reverse Proxy Configuration........................................................................................ 16
3 Understanding the Lync Server 2013 Multitenant Hosting Pack ........................................... 17
3.1 About Lync Server Multitenant Hosting Pack User Types ............................................... 17
3.2 Lync Server Multitenant Hosting Pack Server Roles........................................................ 17
3.3 Lync Server 2013 Control Panel....................................................................................... 18
4 Planning for the Lync Server Multitenant Hosting Pack......................................................... 18
4.1 Example Topology............................................................................................................ 18
4.1.1 About the Example Topology .................................................................................... 18

4.2 Flexible Systems Scaling................................................................................................... 20
4.3 Role-specific Load Balancing and Fault Tolerance........................................................... 20
5 Migrating from the Lync Server 2010 Multitenant Hosting Pack........................................... 21
5.1 Migration Prerequisites ................................................................................................... 21
5.2 Performing the Migration................................................................................................ 22
5.3 Migrating Tenants............................................................................................................ 23
5.3.1 Known Limitations..................................................................................................... 24
5.3.2 Prerequisities............................................................................................................. 24
5.3.2.1 PoolMapping.csv ............................................................................................... 24
5.3.2.2 Migrate-TenantOrgV2.ps1................................................................................. 24
6 Deploying a New Lync Server 2013 Multitenant Hosting Pack Deployment.......................... 30
6.1 Deploying the Topology................................................................................................... 31
6.2 Change the Name and Domain of the Server Running Lync Server ................................ 32
6.3 Installation Media............................................................................................................ 32
6.4 Install the Lync Server 2013 Multitenant Hosting Pack................................................... 33
7 Define the Topology ............................................................................................................... 34
7.1 Create a Front End Pool................................................................................................... 35
7.2 Configure Front End Servers............................................................................................ 35
7.3 Update the SQL Server Databases................................................................................... 36
7.4 Add Server Roles.............................................................................................................. 36
7.5 Deploy Edge Servers ........................................................................................................ 36
7.6 Define the Edge Topology................................................................................................ 37
7.7 Monitoring....................................................................................................................... 37
8 Post-Installation Configuration............................................................................................... 37
8.1 Install Additional Components ........................................................................................ 37
8.2 Modify Lync Server Management Shell........................................................................... 38

8.3 Update Active Directory for Hosted Management Services............................................ 38
8.4 Global Client Policies for Address Book Web Query........................................................ 38
8.5 Lync Server Dial Plans ...................................................................................................... 39
8.6 Integration with on-premises PBX or Call Center............................................................ 39
8.7 Changing the Root OU ..................................................................................................... 40
8.8 Configuring Mobility ........................................................................................................ 41
9 Provisioning Tenant Organizations......................................................................................... 41
9.1 Create and Secure the Organizational Units.................................................................... 41
9.2 Set TenantId and ObjectId ............................................................................................... 41
9.2.1 Set the DomainUrlMap Attribute.............................................................................. 43
9.3 Add UPN Suffix to Tenant OU .......................................................................................... 43
9.4 Create Tenant SIP Domain............................................................................................... 43
9.5 Configure Exchange Email................................................................................................ 44
9.6 Configure Exchange Unified Messaging........................................................................... 44
9.6.1 Create Tenant Exchange Dial Plan and Exchange UM Mailbox Policy ...................... 44
9.6.2 Assign Tenant Dial Plan to All Available Exchange UM Servers ................................ 45
9.6.3 Update Exchange UM/Lync Server Integration Configuration.................................. 45
9.6.4 Create Lync Server Contacts for Exchange UM Subscriber Access ........................... 46
10 Configuring Federation........................................................................................................ 48
10.1.1 Enabling a Tenant for Federation.......................................................................... 48
10.1.2 Getting Tenant Federation Settings ...................................................................... 48
10.2 Configure Tenant Federation Settings.......................................................................... 49
10.2.1 Configuring federation with an on-premises deployment in another organization
49
10.2.2 Configuring federation with other Hosting Pack deployments............................. 50
10.2.3 Configuring federation with a Lync Online tenant ................................................ 51

10.2.4 Configure Federation Between Lync Server On-Premises and Lync Server
Multitenant Hosting Pack.................................................................................................... 51
10.2.5 Adding Domains to the Tenant Block List.............................................................. 51
10.2.6 Clearing the Tenant Block List ............................................................................... 52
10.2.7 Clearing the Tenant Allow List............................................................................... 52
10.2.8 Resetting Tenant to Allow All Domains Except Those Listed on the Block List..... 52
11 Create Tenant DNS Records ................................................................................................ 52
11.1 Create Tenant Meeting Simple URLs............................................................................ 53
11.1.1 Import the Required Modules for Windows PowerShell ...................................... 53
11.1.2 Configure the Simple URL to Use the Back-end Database .................................... 54
11.1.3 Get Tenant Organization ID................................................................................... 54
11.1.4 Create the Simple URLs for a Tenant Organization............................................... 55
11.1.5 Set the Simple URL DNS Name.............................................................................. 55
12 Provisioning Tenant Users................................................................................................... 56
12.1 Enable Tenant Users for Exchange UM........................................................................ 56
12.2 Set User TenantID, GroupingID, and ObjectId.............................................................. 57
12.2.1 Known Issue........................................................................................................... 57
12.3 Configure the user Base Simple URL with the Tenant Organization’s Base URL.......... 59
12.4 Enable Tenants for Lync Server.................................................................................... 60
12.5 Set Address Book Policy for Tenant User ..................................................................... 60
12.6 Providing the Lync Server 2013 Interface for online meeting...................................... 60
13 Overview of the Audio Conferencing Provider ................................................................... 61
13.1 Integrating with Audio Conferencing Provider............................................................. 61
13.2 Provisioning with Audio Conferencing Provider........................................................... 62
13.3 Integration Workflows with Audio Conferencing Provider.......................................... 63
13.3.1 Create and Schedule a Web Conference............................................................... 63
13.3.2 Activate a Conference ........................................................................................... 63

13.3.3 Join Conference by Using Conferencing Dial-out.................................................. 64
13.3.4 Audio Bridging Sequence....................................................................................... 65
13.3.5 Use Audio Controls from Lync Server.................................................................... 65
13.4 Known Issues................................................................................................................ 66
14 Code Samples...................................................................................................................... 67
14.1 Prerequisites................................................................................................................. 67
14.2 Dependencies............................................................................................................... 67
14.3 Provision a Tenant Organization .................................................................................. 68
14.3.1 Create and Secure Organizational Unit................................................................. 68
14.3.2 Enable the Tenant Organization............................................................................ 68
14.3.3 Add an Additional SIP Domain to the Tenant Organization.................................. 70
14.3.4 Adding Domains to the Tenant Allow List for Federation..................................... 72
14.3.5 Adding Domains to the Tenant Block List for Federation ..................................... 74
14.3.6 Removing Domains from the Tenant Allow List for Federation............................ 75
14.3.7 Removing Domains from the Tenant Block List for Federation ............................ 76
14.3.8 Allowing all Domains for Tenant Federation......................................................... 77
14.3.9 Enabling a Tenant for Federation.......................................................................... 78
14.3.10 Enabling Federation between two Hosted Tenants.............................................. 79
14.4 Provision Tenant Users................................................................................................. 81

1
1 Overview of the Microsoft Lync Server 2013
Multitenant Hosting Pack
Microsoft® Lync® Server 2013 Multitenant Hosting Pack is a unified communications (UC) solution for
telecom and hosting providers. Unified communications is a way for telecom and hosting providers to
expand their service offering to their current customers.
The Lync Server 2013 Multitenant Hosting Pack features include integration with Microsoft Exchange
Server, Microsoft Outlook®, and other communication technologies. The Lync ServerMultitenant Hosting
Pack enables customers to manage geographically dispersed offices and mobile users in a way that
reduces travel expenses, while maintaining highly collaborative team environments. This increased
integration of communication channels translates to improved organizational flexibility that is often
difficult to find in larger enterprise organizations.
For more information and additional resources about Lync hosting, see “Partner Hosted Lync”
athttp://go.microsoft.com/fwlink/p/?LinkId=308942 and “Microsoft Lync Server Multitenant Pack for
Partner Hosting Resources”http://go.microsoft.com/fwlink/p/?LinkId=306561.
1.1 Understanding the Lync Server 2013 Multitenant Hosting Pack
This section describes how the Hosting Pack integrates with the core system infrastructure. To better
understand the overall system it helps to define unified communications, Lync Server, and the Lync
Server Multitenant Hosting Pack.
Unified communications (UC) is a system that integrates platforms for communications
including email, voice mail, telephony, instant messaging (IM), and voice and video
conferencing. UC solutions are installed on the client’s core systems, adding a UC layer to the
overall infrastructure. This UC layer adds integration and interconnects the communications
systems with the organization’s core system services.
Microsoft Lync Server2013 is a family of servers functioning as UC servers thatintegrate with all
the Microsoft line-of-business software. Lync Server adds these new communication possibilities
within the organization. A Lync Serverand Exchange Server layer provide system integration
between Exchange and other communication systems like IM, presence, voice and video calls,
desktop sharing, file transfer, and ad hoc conferences.
Microsoft Lync Server 2013 Multitenant Hosting Packis a special deployment configuration
scoped for hosting or telecom services providers. The solution enables service providers to host
multitenant Lync Serverinstances shared across multiple customer environments. In addition,
the Lync ServerMultitenant Hosting Pack solution includes an add-on layer that allows our
partners to build communication packages that use the Lync Server Multitenant Hosting Pack to
integrate with the core layer.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
2
1.2 How to get the Lync Server 2013 Multitenant Hosting Pack
Software
A license is required to use the software. To download and install the Lync Server 2013 Multitenant
Hosting Packsoftware, you need to log on to the Microsoft Volume Licensing Service Center at
http://go.microsoft.com/fwlink/?LinkId=238381.
1.3 What’s Available in the Lync Server 2013 Multitenant Hosting
Pack
The features that integrate with other components and applications include the following:
Presence A collection of attributes that provides an indication of a person's status, activity,
location, willingness to communicate, and contact information.
Instant messaging (IM) A form of real-time text-based communication.
Data and desktop sharing A feature that allows users to share files, use whiteboard, and
display their desktop to a meeting or to conversation participants.
Conferencing Two-way video and audio transmissions between users in multiple locations.
Unified Messaging This feature is available only in combination with Microsoft Exchange
Server. An application that consolidates a user's voice mail, fax, and email into one mailbox, so
that the user only needs to check a single location for messages, regardless of type. The email
server is the platform for all types of messages, making it unnecessary to maintain separate
voice mail and email infrastructures.
Private branch exchange (PBX) replacement UC integration with Voice over Internet Protocol
(VoIP) systems can replace traditional phone exchange systems.
Lync ServerMultitenant Hosting Pack partner feature set includes:
Appliances Hand and head set I/O devices.
Conferencing server gateway video Real-time IP video, voice, and data services.
Audio conferencingprovider Integration with hosted conferencing systems.
Short Message Service (SMS) Text messaging systems used by phones and mobile
communication systems.
1.3.1 Comparing versions of the Lync ServerMultitenant Hosting Pack
The following table compares the features available in the Lync Server Multitenant Hosting Pack2010
and 2013.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
3
Feature Comparison: Lync Server 2010 Multitenant Hosting Pack and Lync Server 2013 Multitenant Hosting Pack
Feature Lync Server
2010Hosting Pack
Lync Server 2013
Hosting Pack
Presence
1 to 1 and multi-party IM/Presence Yes Yes
Contacts list Yes Yes
Address Book Service Web Query service Yes Yes
Distribution List Expansion protocol (DLX) Yes Yes
Instant Messaging (IM)
Point-to-point IM Yes Yes
Multiparty/Group IM Yes Yes
Persistent Chat No No
PC to PC audio/video dial out calling Yes Yes
File transfer Yes Yes
Mobile VoIP to PC audio No Yes
Click to communicate from Office apps Yes Yes
Interactive contact card in Office 2010 and Office 2013 Yes Yes
Lync skill search in SharePoint Server (on-premises) Yes Yes
Lync skill search in SharePoint Online No No

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
4
Feature Lync Server
2010Hosting Pack
Lync Server 2013
Hosting Pack
Privacy mode No No
Client Support
Lync Client 2010 and Lync Client 2013 Yes Yes
Web app for joining scheduled meetings Yes Yes
Rich attendee client (joining meetings) Yes Yes
Mac attendee client Yes Yes
CWA (2007 R2) No No
OC 2007 R2 No No
Lync phone edition (Lync-based IP phones) No No
Support expected in a
future release
Lync Attendant client (receptionist rich client) No Yes
Lync Server 2010
version
Communicator Mobile (Windows Phone 6.x) No No
Lync Mobile No Yes
Lync desktop client Yes Yes
Mac Messenger Yes Yes
Attendee (meeting only) Yes Yes
Lync Mobile clients
(for Android, Windows Phone, iPhone)
Yes
(If provisioned)
Yes
(If provisioned)

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
5
Feature Lync Server
2010Hosting Pack
Lync Server 2013
Hosting Pack
Conferencing and Online Meetings
Meeting attendee capacity 250 250
Point-to-point audio/video Yes Yes
Video conferencing over IP Yes Yes
Audio conferencing over IP only Yes Yes
Meeting recording Yes Yes
Registration No No
Public Events page No No
Customer branding No No
Customer invitations No No
Managed Q&A No No
Virtual breakout rooms No No
Easy Assist No No
Desktop sharing Yes Yes
Application sharing Yes Yes
White boarding and annotation Yes Yes
Office document upload No No

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
6
Feature Lync Server
2010Hosting Pack
Lync Server 2013
Hosting Pack
PowerPoint upload Yes Yes
Polling Yes Yes
Unauthenticated in Web App (reach) Yes Yes
Unauthenticated attendee (rich client) Yes Yes
Scheduled conferences using Outlook plugin Yes Yes
Round table support Yes Yes
Lobby Yes Yes
Integration with select partners for PSTN audio conferencing
(ACP)
Yes Yes
Provisioning for approved ACP partners for Office 365
customers
No No
Scheduling an online meeting in OWA No Yes
Client side recording and playback Yes Yes
Cloud side recording and playback No No
Authenticated experience in Web app (reach) No No
Generate a link to a scheduled meeting via web page Yes Yes
PSTN audio conferencing in MCUs Yes
via audio conferencing
provider
Yes
via audio conferencing
provider
1:1 Chat Yes Yes

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
7
Feature Lync Server
2010Hosting Pack
Lync Server 2013
Hosting Pack
Backstage/Content Preview for Presenters Yes Yes
Mute / Unmute all attendees No Yes
Mute / Unmute individual attendees Yes Yes
In-meeting Attendee Permission Controls Yes Yes
Interoperability with on-premises video conferencing systems No Yes
via 3
rd
party
Multimedia, JPEG, Text Page, Web Page,
Screen snapshot (Desktop Annotation)
No Yes
PSTN dial-out from scheduled meetings Yes
via audio conferencing
provider
Yes
via audio conferencing
provider
Ad-hoc audio dial-out conferencing Yes
VoIP via SIP Trunk
Yes
VoIP via SIP Trunk
“Meet now” audio dial-out conferencing Yes
via audio conferencing
provider
Yes
via audio conferencing
provider
Scheduled audio dial-out conferencing Yes
via audio conferencing
provider
Yes
via audio conferencing
provider
Sharing
Point-to-point/multiparty data conference (white boarding) Yes Yes
Point-to-point/multiparty file share Yes Yes
Point-to-point/multiparty desktop and application sharing Yes Yes

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
8
Feature Lync Server
2010Hosting Pack
Lync Server 2013
Hosting Pack
Point-to-point/multiparty Microsoft PowerPoint® slide sharing Yes Yes
Polling Yes Yes
Integration
Microsoft Outlook integration for IM, presence, calendar
(with users on the same hosting partner)
Yes Yes
Microsoft SharePoint® integration for IM, presence
(with users on the same hosting partner)
Yes Yes
Public IM Connectivity and Federation
Inter-tenant federation Yes Yes
Federation with Extensible Messaging and Presence Protocol
(XMPP)
No No
IM/P/A/V Federation with Office Communications Server,
Lync Server, Lync Online
Yes Yes
IM/P/A/V with Windows Live Messenger / Skype No Yes
IM/P and voice with Skype No Yes
Public IM connectivity and presence
AOL®, Yahoo!®, Windows Live
No No
IBM Sametime federation No No
Calling features
Public switched telephone network (PSTN) calling via Lync
incoming and outgoing
Yes Yes

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
9
Feature Lync Server
2010Hosting Pack
Lync Server 2013
Hosting Pack
Ad-hoc PSTN dial-out for meetings No No
Call controls
hold, transfer, forward, simultaneous ring
Yes Yes
Voice policies Yes Yes
Access to Exchange Online voice mail No No
Team call No Yes
Delegation (boss-admin) for Voice No No
Call park No No
Outgoing DID manipulation No No
E-911 No No
Dial plans & Policies No No
IP desk phone support No Yes
Resilient Branch Office Appliance No No
Call Admissions Control (CAC) No No
Support for Analog devices (e.g. FAX) No No
Response groups No Yes
via 3
rd
party
Private Line (secondary DID for execs) No No
Direct connectivity with PBX via gateways Yes Yes

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
10
Feature Lync Server
2010Hosting Pack
Lync Server 2013
Hosting Pack
Direct SIP for audio with on-premises IP-PBXs No Yes
Direct SIP for signaling (presence updates) with on-premises IP-
PBX
No Yes
RCC (click-to-call) with on-premises PBX No No
Malicious call trace No No
Unassigned Number No No
Network QoS – DSCP No No
Media path optimization No No
Phone number management No No
CDR & billing reporting Yes Yes
Integration with call center solutions (Aspect) No Yes
Team call No YES
Delegation No Yes
Private line (secondary Direct Inward Dialing (DID)) No No
Call park No No
Outgoing DID manipulation No No
Voice features
Private dial plans No No

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
11
Feature Lync Server
2010Hosting Pack
Lync Server 2013
Hosting Pack
Hosted Exchange Unified Messaging (UM) for voice mail Yes Yes
ACP Integration with select carriers Yes Yes
'Voice integration with select carriers Yes Yes
Security and Archiving
IM & media encryption Yes Yes
IM filtering Yes Yes
Anti-malware scanning for meeting content and file transfers Yes Yes
IM archiving (server side) No Yes
SharePoint and Exchange Co-existence
Presence Integration with Exchange/SP on-premises Yes Yes
Presence integration with Exchange/SP online Yes Yes
On-premise UM integration with Exchange Online No No
UM integration with Exchange on-premises Yes Yes
Hybrid with Lync Online
Server/cloud co-existence (split domain) on user basis (some
users on-premises, some users online)
No No
Splitting workloads (eg. Voice on-premises, IM&P in the cloud) No No
Administration and Manageability

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
12
Feature Lync Server
2010Hosting Pack
Lync Server 2013
Hosting Pack
Windows PowerShell support Yes Yes
Lync Server Control Panel UI No No
Feature Configurability Per User Yes Yes
Attendee/User Reporting No No
Reporting (CDR, QoE) Yes Yes
Support for 3
rd
party applications
Client automation APIs (client side) Yes Yes
Server side APIs Yes Yes
Support
Tenant User support No No
IT Support Yes Yes
1.4 Known Issues
The Lync Update Installer requires write permissions to the folder in which it is run. If you start
the installation from a read-only folder, the installer will present a blank list of updates to apply,
and the installation will not complete successfully.
You should copy the installation files to a location that is not read-only, and run Setup from that
location.
2 Determining Your Infrastructure Requirements
All servers running Lync Server 2013 must meet certain minimum system requirements. System
requirements for Lync Server 2013 include the server hardware, the operating system to be installed on

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
13
each server, and related software requirements, such as Windows® updates and other software that
must be installed on the servers.
2.1 Hardware Requirements
Lync Server 2013 server roles and computers running Lync Server administrative tools require 64-bit
hardware.
The specific hardware used for a Lync Server 2013 deployment can vary depending on size and usage
requirements. This section describes the recommended hardware. Although these are
recommendations, not requirements, using hardware that does not meet these recommendations can
result in a significant impact on performance as well as other problems.
2.1.1 Hardware Requirements for Servers Running Lync Server 2013
The following table describes the recommended hardware for all servers where you plan to install Lync
Server 2013. These recommendations are based on a user pool of 80,000 users with eight Front End
Servers and one Back End Server.
Hardware Recommendations for Servers Running Lync Server 2013
Hardware component Recommended
CPU One of the following:
64-bit dual processor, quad-core, 2.0 GHz or higher
64-bit 4-way processor, dual-core, 2.0 GHz or higher
Intel Itanium processors are not supported for Lync Server 2013 server roles.
Memory 16 GB
Disk Local storage with at least 72 GB free disk space on a 10,000 RPM disk drive
Network 1 network adapter required (2 recommended), each 1 Gbps or higher
These recommendations are based on a maximum of 39,000 external users per Front End pool (which
follows the user model of 80,000 users per Front End pool, with 30% of users connecting externally and
1.5 multiple points of presence (MPOP).
2.1.2 Hardware Requirements for Back End Servers and Other Database
Servers
The requirements for the Back End Server and other database servers are similar to those of servers
running Lync Server 2013, except that Back End Servers require additional memory. The following table
describes the recommended hardware for a Back End Server or other database servers, based on an

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
14
80,000 user pool with eight Front End Servers and one Back End Server containing all databases required
for your Lync Server deployment.
Hardware Recommendations for Back End Servers and Other Database Servers
Hardware component Recommended
CPU One of the following:
64-bit dual processor, quad-core, 2.0 GHz or higher
64-bit 4-way processor, dual-core, 2.0 GHz or higher
Intel Itanium processors are not supported for Lync Server 2013 server roles.
Memory 32 GB recommended for Back End Server (with or without collocated Archiving
and Monitoring databases), 16 GB recommended for Archiving and Monitoring
database (not collocated with the Back End Server).
Disk Local storage with at least 72 GB free disk space on a 10,000 RPM disk drive
Network 1 network adapter required (2 recommended), each 1 Gbps or higher
2.2 Integration with Exchange Server
The Lync Server 2013 Multitenant Hosting Packsupports integration with Exchange Server 2010 SP3 or
latest Service Pack and Exchange 2013. You can configure integration with both hosted Exchange and
Exchange Server on-premises. This includes support for Exchange Unified Messaging (UM) for: presence,
IM, workload, conferencing, and VoIP servers and services.
To configure integration with hosted within the same hosting pack deployment cloud, follow the same
process for a Lync Server 2013 on-premises deployment. For more information, see “Integrating
Microsoft Lync Server 2013 and Microsoft Exchange Server 2013” at http://technet.microsoft.com/en-
us/library/jj688098.aspx.
For more information about configuring integration with Exchange Unified Messaging, see the following
topics:
“Deploying On-Premises Exchange UM to Provide Lync Server 2013 Voice Mail” at
http://technet.microsoft.com/en-us/library/gg398768(v=ocs.15).aspx.
“Providing Lync Server 2013 Users Voice Mail on Hosted Exchange UM” at
http://technet.microsoft.com/en-us/library/gg425807(v=ocs.15).aspx.
To integrate the hosting pack with Exchange on-premises, you need to establish a MPLS or VPN
connection to the on-premises network, and then establish an Active Directory trust relationship
between the on-premises Active Directory and you’re the Active Directory of the hosting provider where
the hosting pack is deployed.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
15
You can also deploy the Lync Server Multitenant Hosting Pack into a multi-tenant Exchange Server 2010
forest as long as the Exchange Server 2010 deployment is in a supported state following the guidance
described here: http://technet.microsoft.com/en-us/exchange/hh563895.aspx.
2.3 Network Infrastructure Requirements
The requirements for your network infrastructure will vary greatly depending on your deployment, the
number of tenant users you need to support, and the features used by those tenants. For general
information about network infrastructure requirements for Lync Server 2013, see “Network
Infrastructure Requirements” athttp://go.microsoft.com/fwlink/?linkid=204603.
Specific requirements for deploying the Lync Server Multitenant Hosting Pack, or requirements that
differ from those for Lync Server 2013 Enterprise Edition, are noted in the sections for the associated
deployment task.
It is important to understand the bandwidth implications for hosting providers and customers when
enabling a new tenant for your service. Bandwidth requirements vary greatly depending on the number
of users and which services are used by tenant users. As a hosting provider, you will need to plan the
network requirements with tenant customers by utilizing the same principles used in any other Lync
Server deployment.
In Lync Server Multitenant Hosting Pack, tenants are treated like branches where users are hosted at the
Central Site. The Lync bandwidth calculator should be used to get an idea of what the bandwidth
requirements required for tenants as branches that connect to the Central Site for Lync services.
The following Lync traffic will need to be supported on the hosting provider and tenant:
Signaling
Audio/Video Conferencing
PSTN calls
Tenant peer-to-peer calls will occur within the tenant network. Any conferencing traffic will be via the
hoster and tenant networks.
It’s still recommended that tenants configure port based Quality of Service (QoS) on the internal
network if multiple locations will be on the hosted platform. Although some traffic will be traversing
through the internet, the peer to peer client communication can be maintained in higher QoS policies on
the tenant’s internal network by configuring static ports for different modalities for client connections.
For more information, see Network Bandwidth Requirements for Media Traffic at
http://technet.microsoft.com/en-us/library/jj688118(v=ocs.15).aspx.
2.4 Domain Name System (DNS) Requirements
To support client automatic configuration for all hosted domains, you must work with your hosted
customers to ensure that the required DNS records are created for each hosted domain. To facilitate
initial testing, this documentation assumes that hosting providers will follow the standard guidance to
configure a single supported SIP domain during initial deployment. That SIP domain is both publicly
registered and used as the Active Directory® Domain Services domain for all servers running Lync Server
2013. It will be used for initial testing. The “Provisioning Tenant Organizations” section later in this
document covers adding DNS records, updating certificates, and other related steps.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
16
2.5 Active Directory Domain Services Requirements
Deploy a pair of redundant Active Directory servers according to Exchange Server 2013 guidance. For
details, see “Planning Active Directory” in the TechNet Library at
http://go.microsoft.com/fwlink/?LinkId=230823.
The Lync Server 2013 Multitenant Hosting Pack supports a Single forest Active Directory environment
with User or Resource forests. For details about Active Directory and Lync Server 2013, see “Active
Directory Domain Services Requirements, Support, and Topologies” in the TechNet Library at
http://technet.microsoft.com/en-us/library/gg398760.aspx.
2.6 Load Balancing Requirements
We recommend that you use hardware load balancing for all supported roles. For details about
hardware load balancing in Lync Server, see “Load Balancing Requirements” in the TechNet Library
athttp://go.microsoft.com/fwlink/?LinkId=235820, and “Components Required for External User Access”
in the TechNet Library athttp://go.microsoft.com/fwlink/?LinkId=235821.
2.7 Port and Protocol Requirements
For details about port and protocol requirements for communications between Lync Server, see “Ports
and Protocols for Internal Servers” in the TechNet Library athttp://technet.microsoft.com/en-
us/library/gg398833.aspx. Specific information about port and protocol requirements that differ from
Lync Server 2013 Enterprise are called out in the associated section of this document.
2.8 Certificate Requirements
For Lync Server 2013 certificate requirements, see “Certificate Infrastructure Requirements” in the
TechNet Library athttp://technet.microsoft.com/en-us/library/gg398094.aspx.
Additional or specific certificate requirements are called out in the associated sections of this document.
2.9 Software Requirements
For web conferencing, the Lync Server 2013 Multitenant Hosting Pack also requires Office Web Apps and
the Office Web Apps Server (formerly known as WAC Server) to handle PowerPoint presentations. For
details, see Configuring Integration with Office Web Apps Server and Lync Server 2013 at
http://technet.microsoft.com/en-us/library/jj204792(OCS.15).aspx.
2.10Reverse Proxy Configuration
For information about using Reverse Proxies with the Lync Server 2013 Multitenant Hosting Pack, see
the following articles:
Configuring Reverse Proxy Access to Microsoft Lync Using F5 BIG-IP Local Traffic Manager at
http://blogs.technet.com/b/nexthop/archive/2013/02/22/configuring-reverse-proxy-access-to-
microsoft-lync-using-f5-big-ip-local-traffic-manager.aspx.
Using IIS ARR as a Reverse Proxy for Lync Server 2013 at
http://blogs.technet.com/b/nexthop/archive/2013/02/19/using-iis-arr-as-a-reverse-proxy-for-
lync-server-2013.aspx.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
17
3 Understanding the Lync Server 2013 Multitenant
Hosting Pack
The Lync Server Multitenant Hosting Pack solution is an infrastructure layer that enables connection
between various technology solutions. Dependencies for the solution include Microsoft Exchange
Server, Exchange UM and Active Directory. Additionally the Lync Server Multitenant Hosting Pack can
also communicate with VoIP devices.
The logical infrastructure for Lync Server Multitenant Hosting Pack includes zones for edge systems,
proxy systems, data center systems, and VoIP. The server roles are focused within the edge system
roles, proxy roles for Exchange, data center roles for Active Directory, Lync Server Multitenant Hosting
Pack, and Exchange.
3.1 About Lync Server Multitenant Hosting Pack User Types
It is important to understand the different types of users to understand why server roles used in a Lync
Server Multitenant Hosting Pack deployment differ from those used in an enterprise deployment of Lync
Server 2013.
In a typical enterprise deployment of Lync Server 2013, there are the following types of users:
Internal users These users access Lync Server services from inside the corporate network.
External users These users have Lync Server user accounts and access Lync Server from outside
the corporate network.
Federated users These users have accounts with federated partners and access Lync Server
from outside the corporate network.
In a Lync Server Multitenant Hosting Pack deployment, there are the following types of users:
External users Also known as tenant users in this guide, these users have Lync Server user
accounts associated with a specific tenant, and access Lync Server from outside the host’s
network.
Federated users These users have accounts with federated partners and access Lync Server
from outside the host’s network.
3.2 Lync Server Multitenant Hosting Pack Server Roles
Edge Servers act as the first point of contact for requests coming from clients, federated traffic, and
media in a hosted deployment.
In a Lync Server Multitenant Hosting Pack deployment, incoming requests from tenant users go through
a proxy on the Edge Serversand are redirected to the appropriate Front End pool.
For the reference architectures included in this guide, all other server roles are the same as the roles for
Lync Server 2013. For details, see “Server Roles” in the TechNet Library at
http://go.microsoft.com/fwlink/?LinkId=230824.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
18
3.3 Lync Server 2013 Control Panel
Some enhancements included in the Lync Server Multitenant Hosting Pack are not compatible with the
Lync Server Control Panel. For example, enabled users are not displayed in the User section of the Lync
Server Control Panel.
You should use the Lync Server Control Panel only in read-only mode. You should make all changes to
the topology, server configuration, or user configuration by using cmdletsin the Lync Server
Management Shell. For details, see “Lync Server Management Shell” in the TechNet Library
athttp://go.microsoft.com/fwlink/?LinkId=213040.
Important There are no restrictions on the use of the Topology Builder tool. You can use Topology Builder as you
would normally with a Lync Server 2013Enterprise Edition deployment.
4 Planning for the Lync Server Multitenant Hosting
Pack
This section provides information to assist you in planning and preparing for deploying the Lync Server
Multitenant Hosting Pack.
4.1 Example Topology
The topology described in this section illustratesthe basic architectures necessary to support 20,000
tenant users with heavy business uses with approximately 75% concurrency and PSTN access. It is not
meant to describe an actual deployment, but rather as a starting point for planning a deployment. It
providesa high-level understanding of the architecture and scalability of the product
You should use the topology provided as a starting point in the planning process. Keep in mind that
you’ll need to customize the topology to meet the needs of your organization’s expected usage profiles,
service level agreements, and cost control requirements.
Scaling estimates are based on testing done by Microsoft using Lync Server 2013 Enterprise Edition. For
details, see the following:
“Running Lync Server on Virtual Servers” in the TechNet Library
athttp://technet.microsoft.com/en-us/library/gg399035(v=ocs.15).aspx.
“Capacity Planning Using the User Models” in the TechNet Library at
http://technet.microsoft.com/en-us/library/gg615015(v=ocs.15).aspx.
“Estimating Voice Usage and Traffic” in the TechNet Library at http://technet.microsoft.com/en-
us/library/gg398439(v=ocs.15).aspx.
4.1.1 About the Example Topology
The example topologyis designed to support up to 20,000 tenant users that have PSTN access and
A/V/PSTN, and that primarily use MAPI (that is, Outlook Anywhere) at approximately 75% concurrency.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
19
Server allocation provides basic redundancy for each server role with the exception of Monitoring and
Archiving, which do not support fault-tolerance.
Other assumptions about this architecture include the following:
Concurrency of use for the Exchange UM service will be <0.5%.
On average, only one in ten users is expected to be in a call at any given time. For details about
estimating voice usage and traffic, see “Estimating Voice Usage and Traffic” in the TechNet
Library at http://technet.microsoft.com/en-us/library/gg398439(v=ocs.15).aspx. Depending on
the percentage of calls using media bypass (including PC-to-PC calls), you may need fewer or
additional Mediation Servers in your environment.
The following figure illustrates the example topology.
Topologyarchitecture
The following table provides details about the number and types of servers in the Topology, including
the processor and memory requirements for each. Operating System support includes the 64-bit
versions of the following:
Windows Server 2008 R2 with Service Pack 1 (SP1) Standard (required) or latest service pack
(recommended)

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
20
Windows Server 2008 R2 with SP1 Enterprise (required) or latest service pack (recommended)
Windows Server 2008 R2 with SP1 Datacenter (required) or latest service pack (recommended)
Windows Server 2012 Standard
Windows Server 2012 Datacenter
Servers in theTopology
Server role # of servers CPU cores RAM
Edge Server pool 2 4 16 GB
Front End pool 8 4 16 GB
Mediation Server 8 4 16 GB
Back End Server 2 4 32 GB
Monitoring/Archiving database 2 4 32 GB
4.2 Flexible Systems Scaling
It is possible to configure multiple Lync Server Multitenant Hosting Packserver roles on a single physical
or virtual server, but it is not recommended for any roles other than Monitoring and Archiving server
roles. For best performance and scalability, you should use one role per server. For example, as demand
for web conferencing services increases, you can increase the number of Front EndServers without
affecting other areas in the collaboration environment.
4.3 Role-specific Load Balancing and Fault Tolerance
Different server roles support different techniques and architectures for load balancing and fault
tolerance. Most Lync Server roles are designed to use DNS load balancing, a new feature in Lync Server
2013 implemented at the application level in both clients and servers. When used in a Lync Server
Multitenant Hosting Pack deployment, the requesting application retrieves a list of the IP addresses of
all available Front End Servers in a given pool and tries to connect with one after another until a
connection succeeds. In contrast, most SIP trunk providers need to be told in advance the IP addresses
of all Mediation Servers and will distribute incoming calls to those servers in a round-robin fashion. To
learn more about DNS load balancing for Lync Server 2013, see “DNS Load Balancing” in the TechNet
Library at http://technet.microsoft.com/en-us/library/gg398634(v=ocs.15).aspx.
Note: The hosting pack supports distributed load balancing, but for optimal performance in large scale
deployments, hardware load balancing is recommended.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
21
The following table lists the load balancing technology per server role that service providers can use as a
guideline for deployment in a production environment to implement high availability and fault
tolerance.
Load Balancing Per Server Role
Server role Load balancing technology
Edge Server Hardware load balancers
Front End Server Hardware load balancers
External Web Services Integrated reverse proxy and load balancer or hardware load balancers
Mediation Server outbound to PSTN Hardware load balancers
Mediation Server inbound from PSTN SIP Trunk Configuration
5 Migrating from the Lync Server 2010 Multitenant
Hosting Pack
If you are migrating from the Lync Server 2010 Multitenant Hosting Pack, follow the instruction in this
section. If you are not migrating, skip this section and proceed to the next.
The process for migrating includes deploying a Lync Server 2013 Multitenant Hosting Pack Front End
pool, and then configuring co-existence to add that pool to your Lync Server 2010 Multitenant Hosting
Pack topology.
5.1 Migration Prerequisites
You will need to perform the following tasks before starting the migration process:
1. Deploy a new SQL instance.
2. Deploy an Office Web Apps server.
See “Configuring Lync Server 2013 to Work with Office Web Apps Server” at
http://technet.microsoft.com/en-us/library/jj204944(v=ocs.15).
3. Create a new File share.
See Configure File Storage athttp://technet.microsoft.com/en-us/library/jj205150(v=ocs.15).

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
22
4. Run the Microsoft Lync Server 2010 Best Practices Analyzer and confirm that there are no
critical issues for the Lync Server 2010 Multitenant Hosting Pack.
Caution Use onlythe LyncServerUpdateInstaller.exe provided with the Lync Server 2013 Multitenant Hosting
Pack. Do not use Microsoft Update to install the any Lync Server 2013updates.
5.2 Performing the Migration
 Prepare Active Directory for coexistence
1. On the server that will be the Front End server, run Setup.exe for the Lync Server 2013
Multitenant Hosting Pack.
2. Select Install Administrative Tools.
3. Install CsServices.msi from the ..Setupamd64setup folder on the installation media. The file is
also copied to the following location when you install the Hosting Pack:
c:programdatamicrosoftLync serverdeploymentcache5.0.8308setup folder
4. Open the Lync Server Management Shell, and run the following two cmdlets. You may need to
run "import-module LyncOnline" before running the cmdlets.
o Install-CsAdServerSchema
o Install-CsAdServiceSchema
5. In the Deployment Wizard, select "Prepare Active Directory"
(this should now be showing as partially complete)
6. Complete Step (3) Prepare Current Forest.
7. Complete Step (5) Prepare Current Domain.
 Define the topology
1. On the Lync Server 2013 Multitenant Hosting Pack Front End server, open Topology Builder and
select Download Topology from existing deployment,and then choose a location to save the
topology.
2. In Topology Builder expand Lync Server 2013, then right-click Enterprise Edition Front End
pools, select New Front End Pool, and then complete the wizard.
3. Publish the topology.
 Update the Lync Server 2013 Multitenant Hosting Pack Front End server
1. On the Lync Server 2013 Multitenant Hosting Pack Front End server, run setup.exe and complete
the following:

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
23
o Install or Update Lync Server System - complete steps 1-4
o Check that all Lync services start in Administrative Tools > Services.
2. Install the Lync Server 2013 backward compatibility tools from ..amd64setupOCSWMIBC.msi
on the installation media.
3. Create the DNS A record for the Lync Server 2013 Front End pool on a DNS server.
4. Enable Remote User Access on the Lync Server 2010 Multitenant Hosting Pack Edge Pool.
Note Users homed on the new Lync Server 2013 Multitenant Hosting Pack Front End Pool will not be able to
login via the Lync Server 2010 Multitenant Hosting Pack Director/Front End pool.
5. Publish the Lync Server 2013 Multitenant Hosting Pack Front End pool external web services URL
on the reverse proxy.
 Validate co-existence
1. Provision a new tenant and user on the Lync Server 2013 Multitenant Hosting Pack Front End
pool.
2. Configure a Lync client to use the Lync Server 2010 Multitenant Hosting Pack Access Edge
address on port 443 and verify sign-in.
3. Add a federated contact that is homed on the Lync Server 2010 Multitenant Hosting Pack pool,
and verify IM and Presence works in both directions.
4. Perform a "Meet Now" with the Lync Server 2013 Multitenant Hosting Pack user, and then add
the Lync Server 2010 Multitenant Hosting Pack federated contact, an external federated
contact, and a web participant. Test all modalities (AV, Whiteboard, PPT upload, etc.)
5.3 Migrating Tenants
The script included in this section will migrateone tenant at a time, including the tenant users that are
spread across multiple Lync Server 2010 Multitenant Hosting Pack pools.
 To use the migration script
1. Configure Tenant OU base location in Migrate-TenantOrgV2.ps1 (line 46)
$TenantOrgBaseLocationStr ="OU=LHP Tenants,DC=uc-
world,DC=co,DC=uk"
2. Configure PoolMapping.csv with source and destination pools
3. Run the script with the following syntax:

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
24
Migrate-TenantOrgV2.ps1 –TenantOrg <Tenant OU Name> -MappingFile
<PoolMapping.csv> –MoveConferenceData <$True | $False> -ForceMove
<$True | $False>
Note When you run the script, you may receive a warning “Failed to find content folder for user sip:<user SIP
address>.” This message is generated when attempting to move a user with the Move-CsUsercmdlet and the user
has no stored meeting content. If no meeting content folder is found for the user, this message is displayed. If you
know that the user has no meeting content to move, you can safely ignore this warning.
5.3.1 Known Limitations
The following are known limitations of the script provided:
On the Tenant OU, the msRTCIP-DomainUrlMap requires populating to meet Lync Server 2013
Multitenant Hosting Pack requirements
On the Tenant users, the msRTCSIP-ObjectId needs populating to meet Lync Server 2013
Multitenant Hosting Pack requirements
5.3.2 Prerequisities
The script requires the following:
PoolMapping.csv – the PoolMapping.csv file should include the Lync Server 2010 Multitenant
Hosting Pack Front End pools and the corresponding target Lync Server 2013 Multitenant
Hosting Pack pool that the users will be migrated to.
JDB-HelperCmds.dll – this file is required for the script to run.
The method of supplying this file or code to compile is TBD
Migrate-TenantOrgV2.ps1 – a script that migrates tenants
5.3.2.1 PoolMapping.csv
Create a .csv file in the following format, replacing the pool names with the pool names for your
deployment.
SrcPool,DstPool
V1FEPOOL.contoso.com,V2FEPool.fabrikam.com
5.3.2.2 Migrate-TenantOrgV2.ps1
#<#
#.Synopsis
#
#.Description
#
#.Parameter TenantOrg

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
25
#
#.Parameter MappingFile
#
#.Parameter MoveConferenceData
#
#.Parameter ForceMove
#
#.Example
#
#.Version
#
##>
param ( [parameter(Mandatory=$true)] [string] $TenantOrg,
[parameter(Mandatory=$true)] [string] $MappingFile,
[parameter(Mandatory=$true)] [Bool] $MoveConferenceData,
[parameter(Mandatory=$true)] [Bool] $ForceMove
)
# Import-module
import-module ActiveDirectory
import-module Lync
import-module LyncOnline
Import-Module .JDB-HelperCmds.dll
#variables
$FailedMoves = 0
$SuccesfulMoves = 0
$FailedMoveUserList = New-Object System.Collections.ArrayList
$Today = get-date -uformat "%y-%m-%d-%H-%M-%S"
$LogFileName= "c:lyncprojectMigrate-TenantOrg-"+$Today+".log"
$starttime = get-date
write-richlog -strLogText "### Starting Migrate-TenantOrg ###" -
strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational
write-richlog -strLogText "Parameters: " -strFileName $LogFileName -
strSubSystem "Main" -intIdentLevel 1 -logMode File -logLevel
Informational
write-richlog -strLogText " Param - Mapping file : $($MappingFile)
" -strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
26
write-richlog -strLogText " Param - Move conference data :
$($MoveConferenceData) " -strFileName $LogFileName -strSubSystem
"Main" -intIdentLevel 1 -logMode File -logLevel Informational
write-richlog -strLogText " Param - Force Move : $($ForceMove) " -
strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational
$TenantOrgBaseLocationStr ="OU=LHP Tenants,DC=uc-world,DC=co,DC=uk"
$TenantOrgOUStr = "OU=$($TenantOrg),$($TenantOrgBaseLocationStr)"
#Get list of user in Tenant Org
$TenantOrgUserList = Get-CsUser -OU $TenantOrgOUStr
write-richlog -strLogText "A total of $($TenantOrgUserList.count)
users were found." -strFileName $LogFileName -strSubSystem "Main" -
intIdentLevel 1 -logMode File -logLevel Informational
write-richlog -strLogText "User list:" -strFileName $LogFileName -
strSubSystem "Main" -intIdentLevel 1 -logMode File -logLevel
Informational
foreach($user in $TenantOrgUserList)
{
write-richlog -strLogText " $($user.SipAddress)" -strFileName
$LogFileName -strSubSystem "Main" -intIdentLevel 2 -logMode File -
logLevel Informational
}
#build list of pools
$PoolList = New-Object System.Collections.ArrayList
write-richlog -strLogText "Building Pool list" -strFileName
$LogFileName -strSubSystem "Main" -intIdentLevel 1 -logMode File -
logLevel Informational
foreach($User in $TenantOrgUserList)
{
if($PoolList.Contains($user.RegistrarPool))
{
#list already includes pool
}
else
{
#pool is not in the list, adding

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
27
write-richlog -strLogText "Adding $($user.RegistrarPool) to
pool list." -strFileName $LogFileName -strSubSystem "Main" -
intIdentLevel 1 -logMode File -logLevel Informational
$rtn = $PoolList.add($user.RegistrarPool)
}
}
#build pool mapping hash table
write-richlog -strLogText "Importing pool mapping list" -strFileName
$LogFileName -strSubSystem "Main" -intIdentLevel 1 -logMode File -
logLevel Informational
$PoolMappingList = ((get-content -Path $MappingFile) -replace ",","=")
-join "`n" | ConvertFrom-StringData
write-richlog -strLogText "Pool mapping imported, the following
mapping will be used:" -strFileName $LogFileName -strSubSystem "Main"
-intIdentLevel 1 -logMode File -logLevel Informational
foreach($pool in $PoolList)
{
write-richlog -strLogText " $($Pool) is mapped to
$($poolMappingList.get_item($pool.Friendlyname))" -strFileName
$LogFileName -strSubSystem "Main" -intIdentLevel 2 -logMode File -
logLevel Informational
}
#foreach to move user to new pool
foreach($user in $TenantOrgUserList)
{
try
{
if($MoveConferenceData)
{
write-richlog -strLogText "Starting move of
$($User.SipAddress) including conference data from
$($user.RegistrarPool) to
$($PoolMappingList.get_Item($user.RegistrarPool.Friendlyname))" -
strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational
Move-CsUser -id $user.sipaddress -Target
$PoolMappingList.get_Item($user.RegistrarPool.Friendlyname) -
MoveConferenceData -Confirm:$False
}
else

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
28
{
write-richlog -strLogText "Starting move of
$($User.SipAddress) excluding conference data from
$($user.RegistrarPool) to
$($PoolMappingList.get_Item($user.RegistrarPool.Friendlyname))" -
strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational
Move-CsUser -id $user.sipaddress -Target
$PoolMappingList.get_Item($user.RegistrarPool.Friendlyname) -
Confirm:$False
}
write-richlog -strLogText "Move for $($User.SipAddress)
complete" -strFileName $LogFileName -strSubSystem "Main" -
intIdentLevel 1 -logMode File -logLevel Informational
$SuccesfulMoves++
}
catch
{
write-richlog -strLogText "Move for $($User.SipAddress)
failed" -strFileName $LogFileName -strSubSystem "Main" -intIdentLevel
1 -logMode File -logLevel Error
if($ForceMove)
{
try
{
write-richlog -strLogText "Attempting force move for
$($User.SipAddress)" -strFileName $LogFileName -strSubSystem "Main" -
intIdentLevel 1 -logMode File -logLevel Informational
if($MoveConferenceData)
{
write-richlog -strLogText "Force moving of
$($User.SipAddress) including conference data from
$($user.RegistrarPool) to
$($PoolMappingList.get_Item($user.RegistrarPool.Friendlyname))" -
strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational
Move-CsUser -id $user.sipaddress -Target
$PoolMappingList.get_Item($user.RegistrarPool.Friendlyname) -
MoveConferenceData -force -Confirm:$False
}
else
{

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
29
write-richlog -strLogText "Force moving of
$($User.SipAddress) excluding conference data from
$($user.RegistrarPool) to
$($PoolMappingList.get_Item($user.RegistrarPool.Friendlyname))" -
strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational
Move-CsUser -id $user.sipaddress -Target
$PoolMappingList.get_Item($user.RegistrarPool.Friendlyname) -Force -
Confirm:$False
}
}
catch
{
write-richlog -strLogText "Force move failed for
$($User.SipAddress)." -strFileName $LogFileName -strSubSystem "Main" -
intIdentLevel 1 -logMode File -logLevel Error
$FailedMoves++
$FailedMoveUserList.add($User.SipAddress)
}
}
else
{
write-richlog -strLogText "Force move will not be
attempted for $($User.SipAddress)" -strFileName $LogFileName -
strSubSystem "Main" -intIdentLevel 1 -logMode File -logLevel
Informational
$FailedMoves++
$FailedMoveUserList.add($User.SipAddress)
}
}
}
#report on move process
write-richlog -strLogText "#############POST RUN REPORT#############"
-strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational
write-richlog -strLogText " Tenant Org : $($TenantOrg)" -
strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
30
write-richlog -strLogText " Numberof user found :
$($TenantOrgUserList.count)" -strFileName $LogFileName -strSubSystem
"Main" -intIdentLevel 1 -logMode File -logLevel Informational
write-richlog -strLogText " Numberof successful moves :
$($SuccesfulMoves)" -strFileName $LogFileName -strSubSystem "Main" -
intIdentLevel 1 -logMode File -logLevel Informational
write-richlog -strLogText " Numberof failed moves :
$($FailedMoves)" -strFileName $LogFileName -strSubSystem "Main" -
intIdentLevel 1 -logMode File -logLevel Informational
if($FailedMoves -gt 0)
{
write-richlog -strLogText " Failed move list:" -strFileName
$LogFileName -strSubSystem "Main" -intIdentLevel 1 -logMode File -
logLevel Informational
foreach($user in $FailedMoveUserList)
{
write-richlog -strLogText " $($user)" -strFileName
$LogFileName -strSubSystem "Main" -intIdentLevel 1 -logMode File -
logLevel Informational
}
}
write-richlog -strLogText "#########################################"
-strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational
write-richlog -strLogText "### Ending Migrate-TenantOrg ###" -
strFileName $LogFileName -strSubSystem "Main" -intIdentLevel 1 -
logMode File -logLevel Informational
6 Deploying a New Lync Server 2013 Multitenant
Hosting Pack Deployment
The deployment of Lync Server 2013 Multitenant Hosting Pack is very similar to the deployment of Lync
Server 2013, Enterprise Edition. This document provides guidance only on which steps to complete, skip,
or modify to deploy the Lync Server Multitenant Hosting Pack successfully.
This section details where service providers must perform tasks other than the standard Lync Server
2013 tasks defined in “Deploying Lync Server 2013” in the TechNet Library at
http://technet.microsoft.com/library/gg412892(v=ocs.15).aspx. Unless otherwise directed, follow all the
steps in that guide. Any steps to be added, skipped, or modified are noted as appropriate in the
remainder of this guide, and include a link to the applicable procedure.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
31
6.1 Deploying the Topology
This section provides instructions on how to deploy Lync Server Multitenant Hosting Pack using the
example topology. This sample deployment is designed to support approximately 20,000 tenant users. It
includes guidance on how to integrate Lync Server with an existing Active Directory infrastructure, but
does not provide instructions on the initial deployment of that infrastructure. Note that the existing
infrastructure must not include any previous deployments of Lync Server 2013. It also includes a
summary of the process for creating private tenant organizations within Active Directory Instructions
about how to configure Exchange UM features to provide voicemail and other features for Lync Server
users are also included.
This documentation provides a staged approach to deploying a consolidated Lync Server Multitenant
Hosting Pack lab, starting with the minimum configuration required to get you up and running. The
initial Hosting Pack topology deployment described in this section includes the following environment
and components:
A single forest, single domain Active Directory structure
Two domain controllers with DNS and an Enterprise Root certification authority (CA)
An Edge pool consisting of two Edge Servers
An Enterprise Edition Front End pool consisting of two Front End Servers
A Mediation Server pool consisting of two Mediation Servers
A SQL Server-based Back End Server that also contains the Central Management store
A SQL Server-based Monitoring and Archiving back-end server database
A DFS file server hosting the Lync Server file store
A Lync Server Multitenant Hosting Pack deployment is different from a Lync Server 2013 Enterprise
Edition deployment in the following ways:
A different set of installation media is used. Hosting Pack installation media has been optimized
for hosts and is the only media supported for hosted, multitenant deployments.
No provision is made for “internal” users. All users are expected to connect over the Internet.
Procedures are provided to permit per-tenant Exchange Server dial plans without requiring
per-tenant Lync Server dial plans.
Other than the few procedural modifications required to accommodate the preceding, deployment
procedures are based on the following standard deployment process for Lync Server 2013 Enterprise
Edition:
Lync Server 2013: “Deployment” in the TechNet Library at http://technet.microsoft.com/en-
us/library/gg398664(v=ocs.15).aspx lists the standard procedures for deploying Lync Server
2013.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
32
6.2 Change the Name and Domain of the Server Running Lync Server
It can be difficult to change server names after you deploy the Lync Server Multitenant Hosting Pack.
You should make sure the server names for the following roles are the name you want to use before you
start your deployment:
Edge Server
Front End
Mediation Server
 To change the computer name and domain of a server
1. To open Server Manager, click Start, click Administrative Tools, clickServer Manager.
2. In Server Manager, click Change System Properties.
3. In the System Properties, click Change.
4. In Computer Name/Domain Changes, click More.
5. On the DNS Suffix and NetBIOS Computer Name dialog box, do the following:
a. In the Primary DNS suffix of this computer field, enter the name of the external domain to
be used by Lync Server (for example, <externaldomain>.com).
b. Clear the Change primary DNS suffix when domain membership changes checkbox.
6. Click OKon each dialog box until you close the System Properties dialog box.
7. Verify that both the public domain name and the private Active Directory name are in the DNS
suffix search order for the IP address.
8. Restart the server to apply the changes.
6.3 Installation Media
To download and install the Lync Server 2013 Multitenant Hosting Pack software, you need to log on to
the Microsoft Volume Licensing Service Center at http://go.microsoft.com/fwlink/?LinkId=238381.
After the Setup Wizard starts, the installation proceeds as described in the standard Lync Server 2013
Enterprise Edition Deployment documentation in the TechNet Library documentation, with any
exceptions to those steps noted in this document.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
33
6.4 Install the Lync Server 2013 Multitenant Hosting Pack
Use the Lync Server Multitenant Hosting Pack installation media for this procedure. To start the
installation, open Setup.exe in the amd64 folder on the Front End server.
The installation media also includes a tool for applying patches to the Lync Server software,
amd64LyncServerUpdateInstaller.exe.
To begin your deployment, follow the procedures in the topics listed in the following table. Include each
of the child topics within the sections listed.
Checklist for Installing the Lync Server 2013 Multitenant Hosting Pack
Completed Topic
Deploying Lync Server 2013 Enterprise Edition
http://technet.microsoft.com/library/gg412892(v=ocs.15)
Preparing the Infrastructure and Systems
http://technet.microsoft.com/en-us/library/gg398205(v=ocs.15).aspx
Set Up Hardware and the System Infrastructure
http://technet.microsoft.com/en-us/library/gg425852(v=ocs.15).aspx
System Requirements for Enterprise Edition Servers
http://technet.microsoft.com/en-us/library/gg398588(v=ocs.15).aspx
Install Operating Systems and Prerequisite Software on Servers
http://technet.microsoft.com/en-us/library/gg398588(v=ocs.15).aspx
Request Certificates in Advance (Optional)
http://technet.microsoft.com/en-us/library/gg412733(v=ocs.15).aspx
Configure IIS

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
34
Completed Topic
http://technet.microsoft.com/en-us/library/gg412918(v=ocs.15).aspx
Configure SQL Server for Lync Server 2013
http://technet.microsoft.com/en-us/library/gg425848(v=ocs.15).aspx
Configure DNS Records for a Front End Pool
http://technet.microsoft.com/en-us/library/gg398079(v=ocs.15).aspx
Defining and Configuring the Topology
http://technet.microsoft.com/en-us/library/gg398339(v=ocs.15).aspx
Install Lync Server Administrative Tools
http://technet.microsoft.com/en-us/library/gg398665(v=ocs.15).aspx
7 Define the Topology
When you perform the procedures for defining the topology, there are changes to two of the
procedures that you need to be aware of for a Lync Server Multitenant Hosting Pack deployment.
Note The Lync Server 2013Planning Tool is not supported for the Lync Server Multitenant Hosting Pack.
These changes apply to the procedures in “Defining and Configuring the Topology” in the TechNet
Library at http://technet.microsoft.com/en-us/library/gg398339(v=ocs.15).aspx:
When performing the steps in “Define and Configure a Topology in Topology Builder” at
http://technet.microsoft.com/en-us/library/gg398788(v=ocs.15).aspx, you will be prompted to
provide a location and file name for saving the topology. Choose New Topology and follow the
instructions.
You do not need to specify additional supported domains at this time. Adding tenant SIP
domains is covered later in the “Create Tenant SIP Domain”and in the “Provisioning Tenant
Organizations” sections in this document.
The Topology Builder does not allow you to configure a topology in which the Edge Servers are
bypassed. Because of this, you must make some configuration changes to your topology to enable
communications between servers running Lync Server 2013. You should perform the steps described in

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
35
the following sections of this document after you deploy Lync Serve 2013 and the Lync Server 2013
Multitenant Hosting Pack:
Error! Reference source not found. Describes how to set Front End Servers to capture needed
information about NAT traversal. (In enterprise deployments, this information is captured by the
Edge Servers.)
Create Tenant DNS Records Lists the service records that you need to create and includes notes
about port usage.
7.1 Create a Front End Pool
When performing the steps in “Define and Configure a Front End Pool” in the TechNet Library at
http://technet.microsoft.com/en-us/library/gg398538(v=ocs.15).aspx, create a new Enterprise Edition
Front End pool. Continue to follow the steps provided, applying the modifications as described in the
following list:
1. When defining the computers in this pool, use the fully qualified domain names (FQDNs) of the
computers that will be in the Front End pool. These servers are FE0101 and FE0102 in the
architecture, where the first two digits represent the pool number (in this case there is just one),
and the second two digits represent the server within the pool (in this case “01” and “02”).
2. On the Select features page, select all features.
3. On the Select collocated server roles page, leave all options unselected.
4. On the Associate server roles with this Front End pool page, leave all options unselected. You
will update the topology when these server roles are deployed in later steps.
5. On the Define the SQL store page, define a new SQL database, specifying the FQDN and
(optionally) named instance you created earlier according to Configure SQL Server for Lync
Server 2013.
6. Complete all remaining steps in “Define and Configure a Front End Pool” in the TechNet Library
at http://technet.microsoft.com/en-us/library/gg398538(v=ocs.15).aspx.
7. After you define and configure your topology, proceed with all steps listed in“Finalizing and
Implementing the Topology Design” in the TechNet Library athttp://technet.microsoft.com/en-
us/library/gg398178(v=ocs.15).aspx.
7.2 Configure Front End Servers
You can complete most of procedures involved in “Setting Up Front End Servers and Front End Pools” in
the TechNet Library at http://technet.microsoft.com/en-us/library/gg398827(v=ocs.15).aspxwith the
following exceptions:

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
36
The “Bootstrap local machine” process assumes that a great number of language packs are
installed and will raise errors for any not installed. It is safe to ignore these errors for any
languages that you don’t intend to use.
7.3 Update the SQL Server Databases
After you configure your Front End servers, you will need to update the SQL Server databases so that
they are compatible with the updates applied with the Lync Server Update tool.
 To update the SQL Server databases
1. On all Front End servers, open the Lync Server ManagementShell and run the following cmdlet
to stop Lync Server services:
Stop-csWindowsService
2. On one of the Front End servers, run the following cmdlet to update the databases:
Install-CsDatabase -Update -ConfiguredDatabases –SqlServerFqdn
<SQL ServerFQDN>
3. On all Front End servers, run the following cmdlet to restart Lync Server services:
Start-csWindowsService
7.4 Add Server Roles
Except where noted in this section, you can follow the standard procedures for “Adding Server Roles” in
the TechNet Library at http://technet.microsoft.com/en-us/library/gg412794(v=ocs.15).aspx. You need
to deploy the following additional server roles:
Edge Servers Instructions for service providers are provided in the “Deploy Edge Servers”
section later in this document.
Enterprise Voice (Mediation Servers)
Dial-in Conferencing For an overview, see the “Overview of the Audio Conferencing Provider”
later in this document.
Monitoring
Archiving
Response Group
Note Do not add the Call Park application because it is not supported in the Lync Server Multitenant Hosting Pack.
7.5 Deploy Edge Servers
The guidance in this section and in the “Provisioning Tenant Organizations and Tenants” section later in
this document describes how to implement these configurations. Follow the standard guidance in

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
37
“Deploying External User Access” in the TechNet Library at http://technet.microsoft.com/en-
us/library/gg398918(v=ocs.15).aspxunless otherwise directed as follows:
When you follow the steps in “Configure DNS for Edge Support” in the TechNet Library at
http://technet.microsoft.com/en-us/library/gg398756(v=ocs.15).aspx, you must configure the
DNS records for the initial test SIP domain. Configure the SRV record to point to the Edge Server
pool.
When you perform the steps in “Configure the DNS Suffix for Edge Servers” in the TechNet
Library at http://technet.microsoft.com/en-us/library/gg398756(v=ocs.15).aspx, set the DNS
suffix to the value to the name of the external domain used by the Lync Server deployment.
7.6 Define the Edge Topology
To be consistent with instructions provided in “Defining Your Edge Topology” in the TechNet Library at
http://technet.microsoft.com/en-us/library/gg398591(v=ocs.15).aspx, this document assumes that
you’re using DNS load balancing. If you choose to use hardware load balancing for the Edge Server pool,
see the task for for doing so later in the same topic.
Also, this deployment guide assumes that the external Edge interfaces are not configured to use NAT. If
you choose to use NAT for this purpose, you will need to develop your own procedures for doing so.
Complete the steps to “Define the Topology for a DNS Load Balanced Edge Pool” in the TechNet Library
at http://technet.microsoft.com/en-us/library/gg398591(v=ocs.15).aspx.
7.7 Monitoring
For details about Monitoring, see “Deploying Monitoring” in the TechNet Library
athttp://technet.microsoft.com/en-us/library/gg398199(v=ocs.15).aspx.
8 Post-Installation Configuration
You must complete the tasks in this section after you complete the installation.
8.1 Install Additional Components
You need to install a few more components on all Front End Servers, Edge Servers, Mediation Servers,
Monitoring Server, and Archiving Servers before you can complete the post-installation configuration
process.
Run the following Windows Installer scripts from an elevated command prompt on every instance of
these servers before proceeding:
SetupCSServices.msi

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
38
8.2 Modify Lync Server Management Shell
The Lync Server Multitenant Hosting Pack includes an additional Windows PowerShell® module
(included in the CSServices.msi file) that provides cmdlets used in the management of tenants and other
aspects of the hosted solution. Modification of the Lync Server Management Shell is done automatically
during setup of the hosting pack.
After you run setup, run the following cmdleteach time you open the Lync Server Management Shell:
Import-Module LyncOnline
Note This step is not necessary if you are running Windows Server 2012.
8.3 Update Active Directory for Hosted Management Services
The Lync Server 2013 Hosting Pack includes tools to update the Active Directory schema and create a
root organizational unit for Lync resellers and tenants. To use them, open the Lync Server Management
Shell with elevated permissions (open as administrator) on a server that has Active Directory tools
installed, and run the following cmdlets:
Install-CsAdServiceSchema
Enable-CsAdForest
Enable-CsAdDomain
(Get-CsTopology -AsXml).ToString() > C:Topology.xml
Publish-CsTopology -FileName "C:Topology.xml"
Enable-CsTopology
Enable-CsServiceTopology
The first command extends the Active Directory schema to include information required by the Lync
Server 2013 Hosting Pack. The second command prepares the Active Directory forests for operation of
the Lync Server 2013 Hosting Pack. The third command prepares the Active Directory domain for the
Lync Server 2013 Hosting Pack. The remaining commands re-publish and enable the topology.
Part of the Active Directory domain preparation is the creation of the root tenant OU, “OCS Tenants”.
Tenants can be created either directly in this directory, or in one or more levels of nested reseller OUs.
8.4 Global Client Policies for Address Book Web Query
The Lync Server 2013 Hosting Pack is designed to allow clients to use only the Address Book Web Query
service, and not the Address Book Service that can be used in Lync Server 2013 Enterprise Edition. The

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
39
following cmdlet demonstrates how to configure the Address Book server for all users by setting the
global client policy to allow only the Address Book Web Query service:
Set-CsClientPolicy –Identity global -AddressBookAvailability
WebSearchOnly
This command sets the AddressBookAvailability parameter to WebSearchOnly. Keep in mind that if
client policies are set at the site or user level, these policies must also have the AddressBookAvailability
parameter set to WebSearchOnly. For example, if there is a client policy for users on the Redmond site,
you must set the AddressBookAvailability property of that policy:
Set-CsClientPolicy –Identity site:Redmond –AddressBookAvailability
WebSearchOnly
8.5 Lync Server Dial Plans
Dial plans in Lync Server are distinct from dial plans in Exchange UM. Dial plans, which were called
location profiles in Microsoft Office Communications Server 2007, do not route calls to Exchange by
matching the name of the Lync Server dial plan to the name of the Exchange dial plan. Instead, calls are
routed in part by matching the Lync Server user’s SIP address with their SIP unified messaging extension.
As a result, Lync Server administrators can create one or more Lync Server dial plans based on
geography, tolling or other considerations and employ them without regard to the tenant to which a
user belongs.
To create a new Lync Server dial plan, run a command similar to the following from the Lync Server
Management Shell:
New-CsDialPlan –Identity Site:Seattle –SimpleName SeattleDialPlan
When you create a dial plan, a default normalization rule is associated with that dial plan. You should
modify that normalization rule to apply to the dial plan. Here is an example of modifying a normalization
rule for the SeattleDialPlanwe just created:
New-CsVoiceNormalizationRule – Identity „Site:Seattle/SeattlePrefix‟ –
Pattern „^9(d*){1,5}$‟ –Translation „+1206$1‟
The preceding dial plan was created at the user scope, which means it must be assigned directly to the
user or users to whom it will apply. To assign a dial plan to a user, use the Grant-CsDialPlancmdlet:
Grant-CsDialPlan –Identity john@contoso.com –PolicyName
"SeattleDialPlan"
8.6 Integration with on-premises PBX or Call Center
For more information about integrating the hosting pack with an on-premises PBX, see “Direct SIP
Deployment Options” at http://technet.microsoft.com/en-us/library/gg398672(v=ocs.15).aspx.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
40
If the IP PBX is not qualified for Lync Server you can use a Sessions Border Controller (SBC). For more
information, see Components and Topologies for SIP Trunking at http://technet.microsoft.com/en-
us/library/gg398720(v=ocs.15).aspx.
8.7 Changing the Root OU
You can change the root organizational unit (OU) when installing the Lync Server 2013 Multitenant
Hosting Pack in an Active Directory environment that already has an organizational unit for tenants, or
when you want to change the root tenant OU for any reason. This procedure describes how to use
ldp.exe to change the otherWellKnownObjects attribute to point to the root tenant OU.
 To change the root OU for a tenant
1. Run ldp.exe.
2. In the Connection menu, click Connect.
3. In the Connection menu, click Bind.
4. In the View menu, click Tree and select the configuration partition from drop-down menu, then
click OK.
Note: The configuration partition option is the one that begins with “CN=Configuration”.
5. Right-click the root node, select Modify, and then do the following:
a. In the Edit Entry box, enter “otherWellKnownObjects” for Attribute and
“B:32:DE8197E3283B2C439A62F871E529F7DD:<DN of root tenant OU here>” for
Values.
b. In the Operation box, select Replace and then click Enter.
c. Click Run.
6. On the Connection menu, click Exit to close ldp.exe.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
41
8.8 Configuring Mobility
Mobility support for your Lync Server 2013 Multitenant Hosting Pack deployment is configured the same
as for a Lync Server 2013 on-premises deployment.
In order to enable mobility for your deployment, you must request and be provisioned for an FQDN
access proxy, which enables Push notification. Push notifications are required for Windows mobile
devices, and work on Android and iPhone devices.
To request provisioning, you will need to send a request, including the FQDN of your Access Proxy, to
hostlync@microsoft.com.
For more information about configuring mobility, see the following topics in the TechNet library:
Planning for Mobility at http://technet.microsoft.com/en-us/library/hh689981(v=ocs.15).aspx
Deploying Mobility at http://technet.microsoft.com/en-us/library/hh690055(v=ocs.15).aspx
Autodiscover Service Requirements at http://technet.microsoft.com/en-
us/library/hh690012(v=ocs.15).aspx
9 Provisioning Tenant Organizations
After you deploy the Lync Server 2013 Hosting Pack, including the Edge Server, Front End Server, Back
End Server, and Mediation Server, you can provision tenant organizations. Before you can provision
individual users, you must create tenant organizations in Active Directory, Lync Server, and Exchange
Server by following the steps in this section.
9.1 Create and Secure the Organizational Units
By default, the Lync Server 2013 Hosting Pack is configured so that tenant OUs are created under the
root organizational unit called “OCS Tenants”. Many hosting providers will want to represent reseller
organizations as subordinate OUs (sub-OUs), each with sub-OUs representing tenants. You should use
Active Directory permissions or other suitable mechanisms to ensure that management tools have
adequate access to the tenant OU, and that other tenants do not have inappropriate access.
9.2 Set TenantId and ObjectId
Lync Server 2013 Hosting Pack uses the Active Directory attributesmsRTCSIP-TenantIdand msRTCSIP-
ObjectIdto associate tenant OUs with individual users, so you must copy the tenant OUs to those
attributes. You can use Windows PowerShell commands from the Active Directory module to create this
association. To use the Active Directory cmdlets you must either import the Active Directory module
into your Windows PowerShell or Lync Server Management Shell window, or you must run the
commands from the Active Directory Module for Windows PowerShell window. The Active Directory
module is installed by default on your domain controller. To import the Active Directory module, run the
following command at the Windows PowerShell prompt:
Import-Module ActiveDirectory

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
42
Alternatively, to open the Active Directory Module for Windows PowerShell window, on the Start menu,
clickAdministrative Tools, and then click Active Directory Module for Windows PowerShell.
The following commands will copy the tenant OU, based on the globally-unique identifier (GUID) of the
OU, into the msRTCSIP-TenantIdand msRTCSIP-ObjectIdattributes.
$OU = "OU=fabrikam,OU=OCS Tenants,DC=litwareinc,DC=com"
$OUObject = Get-ADOrganizationalUnit -Identity $OU
$GUID = $OUObject.ObjectGUID
The first line in the preceding commands sets a variable to the full LDAP path of the OU we want to set.
The second line calls the Get-ADOrganizationalUnitcmdlet to retrieve that OU, storing it the variable
$OUObject. The third line retrieves the GUID, stored in the ObjectGUID property, of the OU and stores it
in another variable ($GUID). Next we need to set the msRTCSIP-TenantId and msRTCSIP-ObjectId
properties.
$OUObject |Set-ADOrganizationalUnit -Replace @{'msRTCSIP-
TenantId'=$GUID}
$OUObject |Set-ADOrganizationalUnit -Replace @{'msRTCSIP-
ObjectId'=$GUID}
In these two lines we pipe the OU object that is stored in our $OUObject variable to the Set-
ADOrganizationalUnitcmdlet. Set-CsADOrganizationalUnit has a number of parameters that allow you
to directly set Active Directory properties, such as Server, City, and PostalCode. For the less-commonly
used properties, such as msRTCSIP-TenantId, we use the Replace parameter, passing it the name of the
property we want to set and the value we want to set it to. Using the Replace parameter will replace any
value or values currently stored in that property with the value you specify.
Finally, we retrieve all the users in the specified OU and set the msRTCSIP-GroupingId and msRTCSIP-
TenantId properties to the GUID of the OU:
Get-ADUser -LDAPFilter "(ObjectClass=user)" -SearchBase $OU -
Properties msRTCSIP-GroupingID,msRTCSIP-PrimaryUserAddress,comment
|Set-ADUser -Replace @{'msRTCSIP-GroupingID'=$GUID}
Get-ADUser -LDAPFilter "(ObjectClass=user)" -SearchBase $OU -
Properties msRTCSIP-GroupingID,msRTCSip-TenantID,msRTCSIP-
PrimaryUserAddress,comment |Set-ADUser -Replace @{'msRTCSip-
TenantID'=$GUID}
The first thing we do in each of these commands is to retrieve all the users in the OU. We do that by
calling the Get-ADUsercmdlet and passing values for the LDAPFilter and SearchBase parameters. The
LDAPFilter value specifies that we want to retrieve all users who actually are users, meaning their
ObjectClass property has a value of user. The SearchBase property is set to the FQDN of the OU (which

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
43
we stored previously in the $OU variable). Notice that we also supply values for the Properties
parameter. This isn’t necessary, but it will speed up your query by limiting the amount of data about
each user that is returned. This is especially useful if you’re running these commands over a remote
session.
After we’ve retrieved all the users in the specified OU, we pipe that information to the Set-
ADUsercmdlet, which will modify the settings for each of those users. We again use the Replace
parameter, this time replacing the value in the msRTCSIP-GroupingId property with the GUID of the OU.
Finally, we do the exact same thing, but this time replacing the value of the msRTCSIP-TenantId property
with the GUID.
9.2.1 Set the DomainUrlMap Attribute
You will also need to configure the msRTCSIP-DomainUrlMap attribute in the following format:
<TenantSipDomain#<HosterBaseMeetingUrl>/<TenantSipDomain>. You can set the value by using
ADSIEdit or other tool.
9.3 Add UPN Suffix to Tenant OU
To enable users in the tenant OU to have user principal names (UPNs) that match their email and SIP
addresses, the domain must be added as a permitted UPN suffix to the tenant OU. Use ADSIEdit or other
tool to add the domain to the OU’s uPNSuffixes property.
9.4 Create Tenant SIP Domain
To provide customized behaviors for a tenant-specific SIP domain (referred to in this document as
tenantSIP domain), Lync Server needs to be aware of the domain.
If a domain is added to your deployment, it will be added to the list of supported domains in Topology
Builder. However, meeting URLs are not automatically added, which will result in an error in Topology
Builder. After a domain is added to your deployment, you will need to manually edit the topology file to
allow users to be configured with any supported SIP domain.
 To manually edit the topology file for your deployment
1. Run the following cmdlet to retrieve your topology file, replacing the path with the correct path
for your environment.
(Get-CsTopology -AsXml).ToString() > C:Topology.xml
2. Edit the topology.xml file using Notepad, and find the InternalDomainsAllowAllDomains="false"
section. Change the value for the section from "false"to "true".
The value is case-sensitive.
3. Run the following cmdlet to publish the updated topology.
Publish-CsTopology -FileName "C:Topology.xml"
Next, use ADSIEdit or other tool to add the domain to the msRTCSIP-Domains attribute of the tenant
OU. Afterward, you should see the domain listed when querying the properties of the tenant:

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
44
Get-CsTenant | Format-Table -AutoSize Id,Domains
Id Domains
-- -------
OU=fabrikam.com,OU=OCS Tenants,DC=fabrikam,DC=com {fabrikam.com}
OU=fabrikam.net,OU=OCS Tenants,DC=fabrikam,DC=net {fabrikam.net}
9.5 Configure Exchange Email
Use tools and procedures of your choice to configure the tenant OU with email, including one or more
SMTP domains and private address lists.
9.6 Configure Exchange Unified Messaging
To configure Exchange UM, you need to perform steps on servers running Exchange and Lync Server.
For more information about configuring Exchange UM, see the following topics:
Planning for Exchange Unified Messaging Integration at http://technet.microsoft.com/en-
us/library/gg399031(v=ocs.15).aspx
Deployment Process for Integrating On-Premises Unified Messaging and Lync Server 2013 at
http://technet.microsoft.com/en-us/library/gg425737(v=ocs.15).aspx.
Deploying On-Premises Exchange UM to Provide Lync Server 2013 Voice Mail at
http://technet.microsoft.com/en-us/library/gg398768(v=ocs.15).aspx
Providing Lync Server 2013 Users Voice Mail on Hosted Exchange UM at
http://technet.microsoft.com/en-us/library/gg425807(v=ocs.15).aspx
9.6.1 Create Tenant Exchange Dial Plan and Exchange UM Mailbox Policy
To enable users for Exchange UM, they must be assigned a dial plan and Exchange UM mailbox policy. In
order for each tenant organization to have its own dial-by-name directory and other forms of privacy,
each tenant must be assigned to a different dial plan. A tenant dial plan and associated Exchange UM
mailbox policy can be created using the following Exchange 2013 Management Shell command:
New-UMDialplan -Name "<TenantDialPlanName>" -UriType SipName -
NumberofDigitsInExtension <TenantExtensionDigits> -VoIPSecurity
Secured -CountryorRegionCode 1 -GenerateUMMailboxPolicy$true -
AccessTelephoneNumbers <TenantAccessTelephoneNumber>
This example uses variables as placeholders that you should replace with real values when provisioning
a tenant:
TenantDialPlanName A unique name for the dial plan. It is advantageous for troubleshooting
purposes to have the TenantDialPlanName reflect the name of the tenant and reseller.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
45
TenantExtensionDigits The number of digits to be used in Exchange UM extensions. Note that
to simplify management, full 10-digit phone numbers were used when developing this
documentation.
TenantAccessTelephoneNumber This is the E.164 telephone number or numbers that users
will call to retrieve their voicemail and otherwise interact with Outlook Voice Access.
Here’s an example of what this command might look like:
New-UMDialplan -Name "FabrikamDP" -UriType SipName -
NumberofDigitsInExtension 10 -VoIPSecurity Secured -
CountryorRegionCode 1 -GenerateUMMailboxPolicy $true -
AccessTelephoneNumbers "+12065551234"
The UriType specifies the URI type that will be sent and received with SIP messages. Possible values are
SipName, E164, and TelExtn. The VoIPSecurity parameter can have a value of Secured, SIPSecured, or
Unsecured. GenerateUMMailboxPolicy is True by default, which indicates that we want to create
anExchange UM mailbox when the dial plan is created.
9.6.2 Assign Tenant Dial Plan to All Available Exchange UM Servers
After creating the Exchange UM dial plan you must associate it with anExchange UM server. To do this,
user a command such as the following from the Exchange Management Console:
Set-UmServer –Identity UMServer1 –DialPlans Fabrikam1
9.6.3 Update Exchange UM/Lync Server Integration Configuration
Microsoft provides the script exchucutil.ps1, located in the scripts subfolder of the Exchange installation
folder on Exchange UM servers, to automate the following tasks:
Create anExchangeUM IP gateway representing each Front End pool. This allows calls to be
routed between the Exchange and Lync Server platforms.
Create an ExchangeUM hunt groups for each dial plan. This links the configuration of each dial
plan to the Exchange UM IP gateway by creating hunt groups including each of the
TenantAccessTelephoneNumbers.
Grant Lync Server permission to read ExchangeUM Active Directory objects.
During testing, this script was run repeatedly without damaging existing dial plans or other Exchange
UM configurations. For additional safety and efficiency, hosts may want to develop modified versions of
exchucutil.ps1 that perform only the functions specific to a new tenant.

Microsoft Lync Server 2013 Multitenant Hosting Pack Deployment Guide
46
9.6.4 Create Lync Server Contacts for Exchange UM Subscriber Access
For Lync Server to route calls to and from Exchange Server, it needs to configure contact objects
representing Exchange UM objects. To configure these contacts, use the Exchange UM Integration
Utility.
1. On a Front End Server, open a command prompt as an administrator:click Start, click
Accessories, right-click Command Prompt, and then click Run as Administrator.
2. Type the following command and then press Enter:
cd %CommonProgramFiles%Microsoft Lync Server 2013Support
3. To run the Exchange UM Integration Utility, type the following command and then press Enter:
OcsUmUtil.exe
4. Click Load Data. You should see all of the Exchange Server dial plans listed in the left column,
“SIP Dial Plans,” but with no contacts listed for the most-recently added dial plan.
5. Click Add, and then fill in the required information as follows:
o Dial Plan This should be auto-populated with the correct information.
o Organizational Unit For the purpose of developing this documentation, all Lync Server
contacts related to Exchange UM were stored in a root-level OU named “Lync UM
Contacts.”
o Name The name of the dial plan should appear automatically.
o SIP Address This should take the form of sip:<PhoneContext of the dial plan, as reported
by the Exchange Management Shell cmdlet get-umdialplan>@<TenantSipDomain>(for
example, sip:exumcontact@fabrikam.com).
o Server or pool Select your Front End pool, not your Director pool.
o Phone Number This should be one of the E.164 phone numbers contained in the
AccessTelephoneNumbers property, as reported by the Exchange Management Shell
cmdletGet-UMDialPlan.
o Contact Type Subscriber Access.
6. Click OK. After you have created the contact, you will still see a red exclamation point and the
following error message: