Lync & OCS Migration Top 10

Here are my Top 10 quick frequently-needed facts when you are first considering a Lync 2010 migration from OCS 2007 R2 (or if you are considering co-existence).
1. Lync 2010 Servers Can Coexist with OCS 2007 R2 Servers (in an OCS 2007 R2 Deployment)
They can coexist in the same AD Forest and AD Domain, but not in the same OCS 2007 R2 Pool.
Lync Server 2010 can coexist with OCS 2007 servers also, but it CANNOT coexist in an OCS deployment with BOTH OCS 2007 and OCS 2007 R2 servers.  If you have a mixed OCS R1 and R2 environment, you need to finish your R2 upgrade first.
2. An Inside-Out Lync Deployment Approach is Generally Recommended
For example, in an existing OCS 2007 R2 deployment, the internal Lync server pilot pool would be deployed first, followed by the Lync Edge Server and Director, etc…
3. Side-by-Side is the Only Supported “Upgrade” Path
There is no ability to do an in-place upgrade of an existing OCS 2007 R2 server.
Users can be moved from the OCS 2007 R2 server /pool to the Lync 2010 server/pool with the management console.
4. Using the Lync 2010 Client against an OCS 2007 R2 Server is not Supported.
Using a legacy Communicator 2007 R2 client against a Lync 2010 server IS supported.
5. The Lync 2010 Client Cannot Run side-by-side with Communicator 2007 R2.
If you install the Lync client on a client with Communicator 2007 R2 installed, it silently removes Communicator 2007 R2.  It does keep registry settings such as those in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Communicator.
6. At this time Lync Server 2010 (and OCS 2007 R2) Databases are NOT supported on SQL 2008 R2.
See http://blogs.technet.com/b/toml/archive/2010/11/10/ocs-2007-r2-lync-server-2010-and-sql-server-versions.aspx for more information.
This TechNet article details the supported SQL Servers for the Lync monitoring server role: http://technet.microsoft.com/en-us/library/gg413054.aspx
7. The Lync Edge and Lync Director should be Deployed in Parallel
You should not mix Lync and OCS versions of the Edge and the Director role – they should be upgraded (or deployed in parallel) at the same time.
A OCS 2007 R2 Edge is supported with a Lync Server 2010 pool.
A Lync Server 2010 Edge is NOT fully supported against an OCS 2007 R2 Pool.
See Chapter 6 – Planning for External User Access.doc – of the Microsoft Lync Server 2010 Planning Guide for more information.
8. The Lync Edge and Lync Mediation server should be Deployed in Parallel
This is not documented well, but if you are using enterprise voice, you should not mix the Lync and OCS versions of the Edge and Mediation roles.
9. The Topology Builder or the Lync Management Shell can be used to Merge the OCS Topology into Lync
From the Topology Builder, use the Merge Topology Wizard in the right-hand Tasks Pane.
In the Lync Management Shell, use the Merge-CSLegacyTopology and the Import-CSLegacyConfiguration cmdlet’s.  See the Import-CsLegacyConferenceDirectory cmdlet if you have OCS 2007 R2 conferencing directories.
10. The Lync and OCS Administration Tools must be used with their Respective Server Version
With the exception that you can view a read-only copy of your OCS deployment in the Lync Topology.
See Lync and OCS Administration Tools (http://blog.insideocs.com/2010/12/10/lync-and-ocs-administration-tools/) for more information.
Lync 2010 Migration Resources
1. Microsoft TechNet Guide: Migration from Office Communications Server 2007 R2 to Lync Server 2010
2. Microsoft TechNet Guide: Migration from Office Communications Server 2007 to Lync Server 2010
3. Microsoft Video: Migrating from Office Communications Server 2007 to Lync Server 2010
4. Microsoft Lync Server 2010 Planning Guides: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2da9fa26-e032-4dcf-b487-da916ddc508f

Here are 10 frequently used factoids when you are contemplating a Lync 2010 migration from OCS 2007 R2 (or if you are considering co-existence):

1. Lync 2010 Servers Can Coexist with OCS 2007 R2 Servers (in an OCS 2007 R2 Deployment)

  • They can coexist in the same AD Forest and AD Domain, but not in the same OCS 2007 R2 Pool.
  • Lync Server 2010 can coexist with OCS 2007 servers also, but it CANNOT coexist in an OCS deployment with BOTH OCS 2007 and OCS 2007 R2 servers at the same time.  If you have a mixed OCS R1 and R2 environment, you need to finish the OCS R2 upgrade first.

2. An Inside-Out Lync Deployment Approach is Generally Recommended

  • For example, in an existing OCS 2007 R2 deployment, the internal Lync server pilot pool should be deployed first, followed by the Lync Edge Server and Director, etc…
  • A Lync pool can use an OCS 2007 R2 Edge

3. Side-by-Side is the Only Supported “Upgrade” Path

  • There is no ability to do an in-place upgrade of an existing OCS 2007 R2 server.
  • Users can be moved from the OCS 2007 R2 server /pool to the Lync 2010 server/pool with the Lync management tools (the Lync Control Panel or Lync Management Shell) after the OCS topology has been merged with your Lync topology (see #9 below).

4. Using the Lync 2010 Client against an OCS 2007 R2 Server is Not Supported.

  • Using a legacy Communicator 2007 R2 client against a Lync 2010 server IS supported.

5. The Lync 2010 Client Cannot Run side-by-side with Communicator 2007 R2.

  • If you install the Lync client on a client with Communicator 2007 R2 installed, it silently removes Communicator 2007 R2.  It does keep registry settings such as those in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Communicator.

6. There is a 32-bit and 64-bit Version of the new Lync Client

  • This is not entirely true. The “64-bit” version is actually just a 64-bit installer wrapping a 32-bit version.
  • The 64-bit installer version integrates with the 32-bit version of Microsoft Office.

7. The Lync Edge and Lync Director should be Deployed in Parallel

  • You should not mix Lync Server and OCS versions of the Edge and the Director role – they should be upgraded (or deployed in parallel) at the same time.
  • A OCS 2007 R2 Edge is supported with a Lync Server 2010 pool.
  • If your users are experiencing a “Presence Unknown” for federated and PIC contacts after you have recently configured your Lync pool to use the existing OCS 2007 R2 Edge, consider rebooting the OCS 2007 R2 Edge. See Quick Tip – External Contacts with Lync Coexistence for more information.
  • A Lync Server 2010 Edge is NOT fully supported against an OCS 2007 R2 Pool.
  • See Chapter 6 – Planning for External User Access.doc – of the Microsoft Lync Server 2010 Planning Guide for more information.

8. The Lync Edge and Lync Mediation server should be Deployed in Parallel

  • This is not well documented, but if you are using enterprise voice, you should not mix the Lync and OCS versions of the Edge and Mediation roles.

9. The Topology Builder or the Lync Management Shell can be used to Merge the OCS Topology into Lync

  • From the Topology Builder, use the Merge Topology Wizard in the right-hand Tasks Pane.
  • In the Lync Management Shell, use the Merge-CSLegacyTopology and the Import-CSLegacyConfiguration cmdlet’s.  See the Import-CsLegacyConferenceDirectory cmdlet if you have OCS 2007 R2 conferencing directories.

10. The Lync and OCS Administration Tools must be used with their Respective Server Version

11. OCS Meetings are Migrated to Lync Server 2010 (Bonus Tip #1)

  • See Migration Considerations for Meetings (Office Communications Server 2007 Migration) for more details.
  • One caveat is that any meeting content that the organizer uploaded is not moved over. You can manually move the content over.
  • A new Lync Server service called the Lync Server Web Conferencing Compatibility is used to listen on port 8058 for Persistent Shared Object Model (PSOM) connections from the Live Meeting client and previous versions of Communicator.

12. Backup Your OCS User Settings Before you Migrate the User Accounts to Lync (Bonus Tip #2)

Note: one of the original Top 10 used to be that Lync did not support SQL 2008 R2 for it’s databases.  As of April 2011, Lync is fully supported with SQL 2008 R2: http://blogs.technet.com/b/nexthop/archive/2011/04/20/lync-server-2010-support-for-sql-2008-r2.aspx.

Lync 2010 Migration Resources

InsideOCS - Migrating your OCS Federated Partner Settings to Lync

Microsoft TechNet  (excellent short video on the basics) - Migrating from Office Communications Server 2007 R2 to Lync Server 2010

Microsoft TechNet - Migration from Office Communications Server 2007 R2 to Lync Server 2010

Microsoft TechNet - Migration from Office Communications Server 2007 to Lync Server 2010

Microsoft Video: Migrating from Office Communications Server 2007 to Lync Server 2010

Microsoft Lync Server 2010 Planning Guides: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2da9fa26-e032-4dcf-b487-da916ddc508f

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

18 comments to Lync & OCS Migration Top 10

  • Yes, I wasn’t sure whether it was a separate AD and Lync deployment – sounds like it is.

    re: “Migrate”. As you stated there is no migrating between forests (no native method, or 3rd party solution that I am aware of). I meant that you could start fresh and re-provision your users – create new accounts for them in the Globaldomain. The obvious pain for the end users is that they would lose their contact lists. I often wondered whether you could use the DBImpExp resource kit tool to export the contacts, change the SIP addresses, and re-import into another forest, but I have never tried that. FYI, I have an older quick blog post on that “Importing and Exporting OCS User Contacts” (http://blog.insideocs.com/2009/07/06/importing-and-exporting-ocs-user-contacts/).

    (also, I have heard of a product called Lync Contact Manager – I am not sure if they do cross-forest contact list migration: http://www.egyptnetwork.com/ocscm.aspx.)

    Lync deployments do not cross forests, so you will not be able to import that 2007 R2 Edge into your Lync deployment (the one exception is the Resource / Central Forest model – see Deploying Lync Server 2010 in a Multiple Forest Environment: http://technet.microsoft.com/en-us/library/gg670909.aspx).

    Given that they are separate OCS/Lync deployments though, could you not just bring up the Lync Edge, run in parallel and federate them? Or is the issue they both service the same external DNS domain (e.g. corp.com)? If that is the case, another option you could explore is a company called NextPlane. The have a UC cloud federation service that can share a namespace – the routing decisions of what SIP request goes where is done on their server in the cloud. Caveat – I have no experience with their service, but I think it applies to your scenario (http://www.nextplane.net).

    Also, in my notes on cross-forest scenario’s there was a Lync forum thread which basically echo’ed what I said above: http://social.technet.microsoft.com/Forums/en-US/ocsplanningdeployment/thread/600423c3-41ce-4c45-a8b7-699eaa2a0f15/

    I hope that helps,
    Curtis

  • Tony

    Hi Curtis. Can you expand on the word migrate? Since we are talking separate forests, and I can’t add the legacy pool, there’s no user move tools etc, as well as no way that I see of allocating the existing edge to the new pool.

    As an update of where things stand for us, I’m now to the point where from a machine attached to NAdomain, I can logon to the pool in GLOBALdomain using a Lync 2010-enabled GLOBALdomain disabled user which is attached to it’s NAdomain counterpart. There are no server permissions or contacts lists transferred from the 2007 r2 pool. It’s purely like a new deployment. Is that what you meant?

    A clean start if you will is a possibility that we’ve been prepared we might have to face in terms of attributes/contact lists. The one thing I definitely would like though is to be able to use the existing 2007 R2 Edge server temporarily (to save extra certificates/PIC work). This would allow the hard (everyone at once) cut-over of users to the new domain. I would then concentrate on building my 2010 Edge server that we would cut over to when ready, much like a same-domain forest 2007->2010 migration.

    As I have no way to import the Edge server into topology builder, do you have any documentation that shows how I configure this manually from both the 2007 R2 Pool/Edge side and the Lync 2010 side? I’m also prepared that this can not be done, in which our only choice is to create a new Edge (w new PIC/certs) up front before migrating.

    Thanks in advance.

  • Hi Tony,

    Wow, that indeed qualifies as a doozie. You should post your issue to the appropriate Microsoft Lync Server Forum if you haven’t already because there is a broader range of technical field expertise.

    Here are my thoughts:

    The AD relationship of these domains is important. When you say ‘merge’, how exactly is the AD domain NAdomain.local merging into the new GLOBALdomain.corp? What is the relationship between these two domains? Are they in separate forests, is NAdomian.local a child domain, etc…? (FYI – I have never heard of the authentication method where there is a linked disabled user in one domain).

    To answer your question, the OCS pool shows up in the Lync topology by way of a manually merge. Specifically in the Lync Topology Builder you would use the Merge Topology Wizard in the right-hand Tasks Pane, or, use the Merge-CSLegacyTopology and the Import-CSLegacyConfiguration cmdlet’s.

    * However *, as far as I know, this merge process is used when OCS and Lync are in the same AD forest and the same OCS/Lync deployment (i.e. separate pools in the same AD forest). I am not sure that is the case with your situation, and I do not think it is supported across forests.

    Could you just migrate your OCS users to the new Lync deployment in GLOBALdomain.corp?

    Curtis

  • Tony

    Hi Curtis. I’ve got a doozie. I’ll try to keep it simple. My company has an OCS 2007 R2 pool. We are in N. America, and our domain is “NAdomain.local”. We have international branch sites which have had their own, totally separate domains. We have granted those domain’s users access to our OCS pool previously through our edge, via contact accounts created for them in our NAdomain AD. Now, we are all merging into one new super domain, “GLOBALdomain.corp”.

    We built a Lync 2010 Enterprise pool (FE+AV, Director, Archiving — Edge to be added) on GLOBALdomain. As it stands now, our testuser@GLOBALdomain.corp (an actual GLOBALdomain.corp account), can logon and use Lync just fine so the install is working properly.We are now ready to bring in my users from NAdomain. Here’s where things get messy, and I really haven’t found anyone having to deal with this exact situation, so I hope you might have the answers.

    The method chosen for authentication on GLOBALdomain for any existing NAdomain user is that each user has a linked disabled user created in GLOBALdomain, which is linked to their NAdomain user. The users will remain actually in the NAdomain.local domain for the next few years. I am about to run the 2010 schema prep on NAdomain. Once that’s completed, where things will stand is that the NAdomain OCS 2007 R2 pool is not at all in my 2010 “topology builder” design if I load existing, and being on a different domain than where the new pool sits, completely invisible to the Lync 2010 pool. I’m stuck on how to cleanly migrate users with their contact lists from this point. Do I need to make the OCS pool known to the Lync pool, or is there a way to cleanly export from the OCS 2007 R2 pool on NAdomain, and import to the Lync 2010 pool on GLOBALdomain? I’m very familiar with how to do things on same domain, but alas, I have to work with this situation. Any help is appreciated, and I know what you’re thinking… Yikes.

  • Jonas Mellquist

    This is good stuff Curtis – precise and to the point!

  • Hi Octavio,

    My understanding is that all OCS *servers* had to be upgraded to either R1 or R2 – you can’t have a mixed server environment before introducing Lync – but in terms of mixing R1 and R2 clients, I think this is mostly supported. Did you read somewhere that mixing the R1 and R2 clients were not supported in a mixed server environment?

    The general rule on the client-side is that previous client version have the most recent updates (hotfixes) installed.

    You should read the section “Client Interoperability” section in the Migrating from Office Communications Server 2007 R2 to Lync Server 2010 Guide (http://www.microsoft.com/download/en/details.aspx?id=9109).

    There is also a section on “Lync Server 2010 Interoperability with Previous Client Versions”. It details what functionality is supported with previous client versions and Lync. In a nutshell, IM and Presence and Video are supported. There is some limitations on the voice. There are some noteworthy points about the conferencing functionality in there too.

    Caveat – I have never mixed R1 and R2 clients in a mixed-server environment, but looking at that guide, I think you will be ok.

    You should re-post this question to the Microsoft Lync Server Forums (http://social.technet.microsoft.com/Forums/en-US/category/ocs) for more answers.

    Hope that helps,
    Curtis

  • Octavio

    Hello Curtis. I have read that prior to bringing up my Lync pool and first servers, that I need to have all OCS R2 servers and clients on the latest version/build. I have not however found any published notes about what is broken if say a certain users is running the OCS 2007 R1 client. I surmise that when I run the AD Schema prep for Lync, that something changes which breaks the possibility for an older R1 client to connect to our existing 2007 R2 front end as it does today. We have one group of users that we have had to keep using the R1 client of OCS. Its complicated, but due to their hardware setup. Do you happen to know exactly what breaks, or better yet if OCS 2007 R1 client should still connect and work properly with the R2 FE even when I add the Lync pool?

  • Hi Josh,

    You should be able to keep your existing ISA server. ISA 2006 SP1 (* Note the SP1 requirement *) is supported for Lync.

    The Director acts as a standalone server, not installed or collocated with the FE. It sits between the Edge and FE (on the internal network side). Unless you have a specific reason (and there are some), with the environment you quoted, if you are looking to simplify your deployment, you likely do not need one. This is a good article about why you would deploy a Director: http://blogs.technet.com/b/drrez/archive/2010/08/09/why-deploy-a-director.aspx.

    The value of a Director boils down to:
    1] Adding a layer of protection between the external world and the internal pool (for such things as a DoS attack).
    2] Offloading the external user authentication work.
    3] Offloading the FE from redirecting to a clients’ home pool in a multi-pool scenario.

    There is a lot of information in the guide you quoted but if you just focus on the section that is applicable to what you are trying to accomplish it is more digestible (e.g. if you are using a EE server, just read the table “Certificates for Front End Server in a Front End Pool”).

    The Microsoft Lync Server 2010 Documentation Help File is an excellent reference – I just use the index and search for what I need (http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=23888). For example, there is a section on “Request and Configure a Certificate for Your Reverse HTTP Proxy” which outlines the certificate requirements for your proxy.

    The Microsoft Lync Forums are well maintained by many experts who can respond to individual questions: http://social.technet.microsoft.com/Forums/en-US/category/ocs.

    For understanding the different TYPES of certificates, the best guide is the Office Communications Server 2007 and 2007 R2 Certificate Guide.doc (http://go.microsoft.com/fwlink/?linkid=179053).

    Note the New Subject Alternative Name (SAN) Entries Required for Lync (http://blog.insideocs.com/2010/11/02/microsoft-lync-server-certificates-whats-new-tips/)

    Lastly, if you are not overwhelmed yet :-) , there is a Lync Planning Tool and Planning Guides available:

    Microsoft Lync Server 2010, Planning Tool
    http://www.microsoft.com/download/en/details.aspx?id=19711

    Microsoft Lync Server 2010 Planning Guide
    http://www.microsoft.com/download/en/details.aspx?id=21646

    To be honest, I find the tool and guide more valuable for planning larger deployments.

    Hope that helps!
    Curtis

  • Josh Lynch

    Curtis,

    Thanks for the response. We’re just going to go public CA certs for everything.

    Our topology is
    1 ISA server 2006, w2k3 OS
    1 FE server 2003
    1 Edge server 2003.

    1. Can we keep the existing ISA server?
    also, If we add a new FE and Edge, where does the director role go?
    is it added to the FE?

    As far as certs go, the link : http://technet.microsoft.com/en-us/library/gg398094.aspx
    is confusing.
    We have a EE config.

    If the director goes on the FE, do we ignore the director’s table and just do 3 SAN UCC certs? Or do we need to do double the amount? Confused.
    I think on some certs we just got regular web certs. I believe we only had to purchase 2 UCC certs for the existing legacy setup.

    Is there a guide that simplifies this?

    Josh

  • Hi Josh.

    This is an involved question. As such I would ask it in the Microsoft OCS/Lync Server Forums in addition to here – it will get a wider audience of expertise.

    At a high level, if you can satisfy all the certificate requirements for your new 2010 (Lync) servers as laid out in the Office Communications Server 2007 and 2007 R2 Certificate Guide.doc guide and the Microsoft Technet Lync Server Certificate Infrastructure Requirements, you will be able to reuse those certificates.

    BTW, I assume you know the typical recommended course of action is a side-by-side upgrade whereby you install the Lync servers in a separate pool, migrate your users, and decommission the OCS 2007 R2 pool. With public certificate costs I understand why you want to reuse those existing certs though.

    One issue that may prevent you from re-using those certificates is that Lync requires the FQDN’s of the Simple URL’s be listed on the Subject Alternative Names (SANs) on the certificates used for the Internal and External Web Services. However, wildcards are supported for the Simply URL SANs, so if your certificate have *.example.com in the SAN, you should be ok.

    Could you use a private certificate (issued by a Windows Certificate Authority in your company) for the Lync Front-End and get your public CA to re-issue the public certificates for your Edge and other uses?

    I’ll give more thought to your situation.

    Curtis

  • Josh Lynch

    Thanks for the resources!

    We’ve had ocs 2007 r2 up prior to 2010’s release without much use. Now that we’re ready to upgrade to 2010 and take on some REAL users, we’d like to ditch 2007 r2 servers (2003 servers) and just to a fresh 2010 install. (mainly to not have to buy new third party certificates. We purchased 4 certificates for the original implementation.)

    How should we proceed? Should we decommission the existing servers (1 Frontend enterprise pool, and 1 edge)
    and then stand up a brand new pool (with the same name for the certs) same server names, etc.?

    Can I re-use the certs we purchased?

    Josh

  • Hi Richard, thanks for the clarification. You are correct, the *OCS* management console should not be used to move the users; I had meant to say management *tools* (not console – used to 4 years of saying ‘console’). As you say, the Lync Control Panel or Management Shell should be used after you have merged your OCS topology. I have updated Tip #3.

    Curtis

  • Richard

    “Users can be moved from the OCS 2007 R2 server /pool to the Lync 2010 server/pool with the management console.”

    I can argue with this. The Lync documentation recommends to migrate using the Lync version of the tools (and not with the OCS version of the tools, mgmt console assumes an OCS utility).

    “You cannot use the Active Directory Users and Computers snap-in or the Microsoft Office Communications Server 2007 R2 administrative tools to move users from your legacy environment to Lync Server 2010. You can move a pilot user to the new Microsoft Lync Server 2010 deployment using the following two methods: Microsoft Lync Server 2010 Control Panel and Lync Server Management Shell.”

    that is the word-by-word copy from the Lync ITpro documentation.

  • [...] This post was mentioned on Twitter by Microsoft Lync Team and others. Microsoft Lync Team said: RT @InsideOCS: Quick top 10 for starting a Lync & OCS Migration (http://blog.insideocs.com/2011/01/11/lync-ocs-migration-top-10/) #ucoms … [...]

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>