整合 Microsoft Lync Server 2013 和 Microsoft Exchange Server 2013 的必要條件Prerequisites for integrating Microsoft Lync Server 2013 and Microsoft Exchange Server 2013

 

主題上次修改日期: 2014-04-22Topic Last Modified: 2014-04-22

您必須先確定已完成所有必要步驟,才能整合 Microsoft Lync Server 2013 和 Microsoft Exchange Server 2013。Before you can integrate Microsoft Lync Server 2013 and Microsoft Exchange Server 2013 you must ensure that all the prerequisite steps have been completed. 如您所料,在 Exchange 2013 和 Lync Server 2013 完整安裝及執行之前,不會發生整合。As you might expect, integration cannot take place until both Exchange 2013 and Lync Server 2013 are fully installed and up and running. 如需安裝 Exchange 的詳細資訊,請參閱 Exchange 2013 規劃和部署檔,網址為 https://go.microsoft.com/fwlink/p/?LinkId=268539For details about installing Exchange, see the Exchange 2013 Planning and Deployment documentation at https://go.microsoft.com/fwlink/p/?LinkId=268539. 如需安裝 Lync Server 2013 的詳細資訊,請參閱規劃和部署檔,網址為 https://go.microsoft.com/fwlink/p/?LinkId=254806For details about installing Lync Server 2013, see the planning and deployment documentation at https://go.microsoft.com/fwlink/p/?LinkId=254806.

在執行伺服器並執行後,您必須將伺服器對伺服器驗證憑證指派給 Lync Server 2013 和 Exchange 2013;這些憑證可讓 Lync Server 和 Exchange 交換資訊,並彼此通訊。After the servers are up and running you must assign server-to-server authentication certificates to both Lync Server 2013 and Exchange 2013; these certificates allow Lync Server and Exchange to exchange information and to communicate with one another. 當您安裝 Exchange 2013 時,會為您建立具有名稱為 Microsoft Exchange Server 驗證憑證的自我簽署憑證。When you install Exchange 2013, a self-signed certificate with the name Microsoft Exchange Server Auth Certificate is created for you. 此憑證可以在本機電腦憑證存放區中找到,以供 Exchange 2013 上的伺服器對伺服器驗證使用。This certificate, which can be found in the local computer certificate store, should be used for server-to-server authentication on Exchange 2013. 如需在 Exchange 2013 中指派憑證的詳細資訊,請參閱的「設定郵件流程和用戶端存取」 https://go.microsoft.com/fwlink/p/?LinkId=268540For details about assigning certificates in Exchange 2013, see "Configure Mail Flow and Client Access" at https://go.microsoft.com/fwlink/p/?LinkId=268540.

對於 Lync Server 2013,您可以使用現有的 Lync Server 憑證作為伺服器對伺服器驗證憑證;例如,您的預設憑證也可以當做 OAuthTokenIssuer 憑證使用。For Lync Server 2013 you can use an existing Lync Server certificate as your server-to-server authentication certificate; for example, your default certificate can also be used as the OAuthTokenIssuer certificate. Lync Server 2013 可讓您使用任何網頁伺服器憑證作為伺服器對伺服器驗證的憑證,但前提是:Lync Server 2013 allows you to use any Web server certificate as the certificate for server-to-server authentication provided that:

  • 憑證包含 [主旨] 欄位中的 SIP 網功能變數名稱稱。The certificate includes the name of your SIP domain in the Subject field.

  • 在所有前端伺服器上,相同的憑證會設定為 OAuthTokenIssuer 憑證。The same certificate is configured as the OAuthTokenIssuer certificate on all of your Front End Servers.

  • 憑證的長度至少為2048位。The certificate has a length of at least 2048 bits.

如需 Microsoft Lync Server 2013 之伺服器對伺服器驗證憑證的詳細資訊,請參閱 將伺服器對伺服器驗證憑證指派給 Microsoft Lync server 2013For details about server-to-server authentication certificates for Microsoft Lync Server 2013, see Assigning a server-to-server authentication certificate to Microsoft Lync Server 2013.

在指派憑證之後,您必須在 Exchange 2013 上設定自動探索服務。After the certificates have been assigned you must then configure the autodiscover service on Exchange 2013. 在 Exchange 2013 中,自動探索服務會設定使用者設定檔,並在使用者登入系統時,提供 Exchange 服務的存取權。In Exchange 2013, the autodiscover service configures user profiles and provides access to Exchange services when users log on to the system. 使用者會以他們的電子郵件地址和密碼呈現自動探索服務。反過來,服務也會為使用者提供下列資訊:Users present the autodiscover service with their email address and password; in turn, the services provide the user with information such as:

  • Exchange 2013 的內部及外部連線的連線資訊。Connection information for both internal and external connectivity to Exchange 2013.

  • 使用者的信箱伺服器位置。The location of the user’s Mailbox server.

  • URLs Outlook 功能(例如空閒/忙碌資訊、整合通訊與離線通訊錄)。URLs for Outlook features such as free/busy information, Unified Messaging, and the offline address book.

  • Outlook Anywhere 伺服器設定。Outlook Anywhere server settings.

您必須先設定自動探索服務,才能整合 Lync Server 2013 和 Exchange 2013。The autodiscover service must be configured before you can integrate Lync Server 2013 and Exchange 2013. 您可以從 Exchange 管理命令介面執行下列命令,並檢查 AutoDiscoverServiceInternalUri 屬性的值,以確認是否已設定自動探索服務:You can verify whether or not the autodiscover service has been configured by running the following command from the Exchange Management Shell and checking the value of the AutoDiscoverServiceInternalUri property:

Get-ClientAccessServer | Select-Object Name, AutoDiscoverServiceInternalUri | Format-List

如果此值為空白,您必須將 URI 指派給自動探索服務。If this value is blank, you must assign a URI to the autodiscover service. 通常此 URI 如下所示:Typically this URI will look similar to this:

https://autodiscover.litwareinc.com/autodiscover/autodiscover.xml

您可以執行類似如下的命令來指派自動探索 URI:You can assign the autodiscover URI by running a command similar to this:

Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri "https://autodiscover.litwareinc.com/autodiscover/autodiscover.xml"

如需自動探索服務的詳細資訊,請參閱中的「瞭解自動探索服務」 https://go.microsoft.com/fwlink/p/?LinkId=268542For details about the autodiscover service, see "Understanding the Autodiscover Service" at https://go.microsoft.com/fwlink/p/?LinkId=268542.

設定自動探索服務之後,您必須修改 Lync Server OAuth 的設定);這可確保 Lync Server 知道哪裡可以找到自動探索服務。After the autodiscover service has been configured you must then modify the Lync Server OAuth configuration settings; this ensures that Lync Server knows where to find the autodiscover service. 若要在 Lync Server 2013 中修改 OAuth 設定設定,請在 Lync Server 管理命令介面內執行下列命令。To modify the OAuth configuration settings in Lync Server 2013, run the following command from within the Lync Server Management Shell. 當您執行此命令時,請確定您指定的是在 Exchange 伺服器上執行之自動探索服務的 URI,而且您使用 自動探索。 svc 指向服務位置,而不是 autodiscover.xml (指向服務位置) 所使用的 XML 檔案:When running this command, be sure that you specify the URI to the autodiscover service running on your Exchange server, and that you use autodiscover.svc to point to the service location instead of autodiscover.xml (which points to the XML file used by the service):

Set-CsOAuthConfiguration -Identity global -ExchangeAutodiscoverUrl "https://autodiscover.litwareinc.com/autodiscover/autodiscover.svc"

注意

以上命令中的 Identity 參數是選用的;這是因為 Lync Server 只允許您擁有單一、全域的 OAuth 配置設定集合。The Identity parameter in the preceding command is optional; that's because Lync Server only allows you to have a single, global collection of OAuth configuration settings. 除此之外,也表示您可以使用這個稍微簡單的命令來設定自動探索 URL:Among other things, that means that you can configure the autodiscover URL by using this slightly-simpler command:
Set-CsOAuthConfiguration – ExchangeAutodiscoverUrl " https://autodiscover.litwareinc.com/autodiscover/autodiscover.svc "Set-CsOAuthConfiguration–ExchangeAutodiscoverUrl "https://autodiscover.litwareinc.com/autodiscover/autodiscover.svc"
如果您不熟悉此技術,OAuth 是許多主要網站所使用的標準授權通訊協定。If you are unfamiliar with the technology, OAuth is a standard authorization protocol used by a number of major websites. 使用 OAuth 時,使用者認證和密碼不會從一部電腦傳遞到另一部電腦。With OAuth, user credentials and passwords are not passed from one computer to another. 驗證及授權是基於安全性權杖的交換,這些權杖會授與一段特定時間內一組特定資源的存取權。Instead, authentication and authorization is based on the exchange of security tokens; these tokens grant access to a specific set of resources for a specific amount of time.

除了設定自動探索服務之外,您還必須為指向 Exchange 伺服器的服務建立 DNS 記錄。In addition to configuring the autodiscover service, you must also create a DNS record for the service that points to your Exchange server. 例如,如果您的自動探索服務位於 autodiscover.litwareinc.com,您將需要為 autodiscover.litwareinc.com 建立 DNS 記錄,以便解析為 Exchange server (的完整功能變數名稱,例如,atl-exchange-001.litwareinc.com) 。For example, if your autodiscover service is located at autodiscover.litwareinc.com you will need to create a DNS record for autodiscover.litwareinc.com that resolves to the fully qualified domain name of your Exchange server (for example, atl-exchange-001.litwareinc.com).