Integrate OWA 2010 and Lync IM

Last few days, I have configured Echange 2010 Outlook Web App (OWA) to integrate the Instant Messaging (IM) of Lync Server 2010.

The objective is to enable communication such as chat with Lync Client and OWA Instant Messaging.

You can also refer this link below:

I also want to demonstrate on how I configure.

On Your Exchange Client Access Server, do the following things below:

  1. Install the Unified Communication Managed API 2.0 Core Runtime (64 bit) in your Exchange Client Access Server (CAS). Click this URL link:
  2. On your Exchange Client Access Server, download the Microsoft Office Communication Server 2010 R2 Web Service Provider. click the link . Then, it run the file CWAOWASSPMain.msi and it will extract the files.
  3. Go to the folder that you’ve extracted the files and run CWAOWASSP.msi
  4. Download again the hotfix of OCS 2007 R2 Web Service Provider Hotfix KB961256 ( and install it in the CAS Server.
  5. Download and install the hotfix Unified Communication Managed API 2.0 Redist Hotfix KB 2647091 (
  6. Once you have done that, Open the Exchange Management Shell
  7. Run the command Get-ExchangeCertificate  |fl Services, Thumbprint . Copy the thumbprint
  8. Run Get-OWAVirtualDirectory. Please make sure the OWA is currently configured with certificate.
  9. Then run again Get-OWAVirtualDirectory and Set-OWAVirtualDirectory using pipeline. Make sure the thumbprint that you’ve copied is pasted on the command like below: 
  10. While no error is prompted, you type iisreset to restart the IIS service. 

On Your Lync Server, please do the following below:

  1. Open Up Lync Server Topology Builder on the lync server and choose to Download Topology from existing deployment. Then save the tbxml file.
  2. Expand the site, and go to Trusted Application Pool.
  3. Right-click and create New Trusted Application Pool. in the FQDN column, type your exchange FQDN and choose Single Computer Pool. click Next.
  4. Select the Next Hop Pool and site name of the Lync Server 
  5. Then, right click the Site and Publish the Topology.
  6. Open Lync Management Shell and run the command below. “New-CsTrustedApplication -ApplicationId OWAID -TrustedApplicationPoolFQDN -Port 5059”.
  7. Run this comman Enable-CsTopology

Verify the successful Configuration

To verify the successful Configuration that you have done above, simply open your Outlook Web App (OWA) and you will see IM integration as the screen shot below:

Troubleshoot the Problem

From my first configuration, I admit that the IM integration is not working well and the contact of IM in unavailable. So I run the Lync Server Logging Tool and monitor the log.

Here is what I found on SIP Stack.

I went through the Social TechNet Forum and search for the solution. I search through the similar problem and the solution is the SSL Certificate. Then I reissue the SSL certificate of OWA and assigned back to the OWA IIS and reconfigured the OWA using Powershell.

Finally the IM Integration works well.


Guide of Installing Director in Lync Server 2010 Standard Edition

Hi, I am back writing up about the installation of Director in Lync 2010. The presence of Director in either Enterprise or Standard edition make no differerence.

In my understanding, Director is much useful if you have more than 1 Pool especially administrator configure in enterprise edition. Director will try to point which pool that users sitted. In Standard Edition, with presence of Director is optional. In your design planning of Lync Topology, with the presence of Edge server, Director will be used as a middle men authentication before it forward you to the front-end pool. Meaning to say, it is located between your edge server and front-end lync Server.

Now, I will try to guide some installation and configuration for the Director. I suggest you to have a new server separately. Make sure you joined domain the director server.

Configure Director in your Front-End lync Server (

1. Create a New Director Pool. Type your director FQDN and choose single computer pool. click Next

2. Define File Share. I use previous define file share store like below. Then Click Next. On Specify Web External Service, just click Next.

3. After Finish, you need to publish the Topology by clicking Publish Topology.

On Your Director (in My example

1. You will need .NetF Framework 3.5. SP1 to install Lync Server 2010

2. Install Windows Features of Messaging Queue. Open up Windows Power Shell

type -> Import-Module ServerManager then, copy and paste this command below:

Add-WindowsFeature  MSMQ-Server,  MSMQ-Directory

3. Also, Install Windows Features of IIS. Type Import-Module ServerManager and Press Enter. Then copy and paste this command below:

Add-WindowsFeature Web-Server, Web-Scripting-Tools, Web-Windows-Auth, Web-Asp-Net, Web-Log-Libraries, Web-Http-Tracing, Web-Stat-Compression,Web-Default-Doc, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Http-Errors, Web-Http-Logging, Web-Net-Ext, Web-Client-Auth, Web-Filtering,Web-Mgmt-Console

4.  Run the Setup.exe from your Media CD. Let’s begin installation.

5. Install the Topology Builder.

6. Install the Front-End Lync 2010 where you need to run all the following below:

  •  Install Local Configuration Store
  •  Install Lync Component
  •  Install Certificate
  •  run the Services

* Please Note that the installation of director is straight forward.

Verify your Lync replication.

  1. Launch Lync Windows PowerShell
  2. type the command Get-CSManagementStoreReplicationStatus
if you see your director at UptoDate is False, try to restart the director server and run the command above.
If still persists, run Invoke-CSManagementStoreReplication

Unable to Modify Policy of Domain Admin Users in Lync Server 2010

Last few days and nights, I am working hard on the Lync Server with Edge and Director because Lync Server is new toy to me and manage to work it all.. I will share this to you all.

I have funny thing done last few hours. I was creating a new policy for External Access policy and applied to users in my lab environment. Then, some users are already applied to the External Access Policy but some are not. I noticed that the failure users are member of domain admin. Here is the image or screenshot of failure below:

Active Directory Operation failed on “” You cannot retry this operation: “Insufficient access rights to perform the operation 0002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF,ACCESS_RIGHT), data 0.”

You do not have the appropriate permissions to perform this operation in Active Directory. One Possible cause is that the Lyn Server Control Panel and Remote Windows PowerShell cannot modify users who belong to protected security groups (for example,

the Domain Admins groups). To manage users in the Domain Admin group, user the Lync Server Management Shell and log on using Domain Admins account. There are other possible causes. For details, see Lync Server 2010 Help.

Solution to this matter is to enable the “include inheritable permissions from this object’s parent”

Step 1:Open Active Directory for Users and Computers. Click On View Menu and select Advanced Features.

Step 2:          Click a User which are member of domain admin. for example, Administrator. Right-click and click Properties.

Step 3:          Go to Security Tab and click on Advanced button below:

Step 4:         On Permission Tab, on lower below, click on “Include Inheritable Permission to include from this object’s parent

Basic Deployment of Lync Server 2010 Enterprise Edition

Hi… I just want to share my article on how I do the deployment of Lync Server 2010 Enterprise Edition.

Just click on the URL link below:

Lync 2010 Enterprise Basic Deployment Guide

Chapter 1: Installation of Active Directory Domain Service and Certificate Service

Chapter 2: SQL Server 200 R2 Installation

Chapter 3: Installation of Lync Server 2010

Enjoy your Lync… Cheers