Lync Server 2013 Deployment _ Front end adds a second Server&dns poll for high availability

This chapter describes how to add a Lync server to the Lync Server front End Pool

Lync Server front-end high-availability implementation method Three, in fact, the Microsoft Official website method only lists two, and many articles on the network emphasize the inability to use the Windows-based Network Load balancing for high-availability configuration

• DNS polling, which can be used to distribute network access traffic to Lync Server, which describes DNS polling for front-end high-availability

• Hardware load Balancing

• Windows Component Network Load Balancing, this feature is not indicated in the official website can be used, and many articles on the network that the Network Load balancing this component does not support the Lync Server front-end high availability, we will implement the front-end high availability through the Windows Component Network Load Balancing (next chapter to deploy)

The content is divided into the following points:

1. Certificate re-application

2. LyncFE02 published in Topology

3. LyncFE02 Installing the Lync Server System

4. DNS polling for High availability
   

= = Certificate Re-application

1) It is stated here that the second Lync Server does not need to request a separate certificate, including the edge does not require a separate application, only need to add the user name in the first Lync Server certificate, before the certificate request has not been added, so now need to re-apply for a certificate, but also to give you a warning, I ate a lot of losses to learn this step

Remember that only the first certificate re-request is required, and the second includes the domain name, which is only for SharePoint and Exchange Transport authentication

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/85/7B/wKioL1elRXizbAlKAADLW-haz3I329.png "title=" Qq20160804170524.png "alt=" Wkiol1elrxizbalkaadlw-haz3i329.png "/>

2) Export the certificate, import the certificate later in LyncFE02, add the certificate in the MMC, and then locate Pool.jacksi.win to export it

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/85/7B/wKioL1elRguzXlVFAAIofbQNqc4796.png "title=" Qq20160805111403.png "alt=" Wkiol1elrguzxlvfaaiofbqnqc4796.png "/>

Private key must be exported

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/85/7B/wKioL1elRjfg9nKrAACgkNDKttM986.png "style=" float: none; "title=" Qq20160805111419.png "alt=" Wkiol1elrjfg9nkraacgkndkttm986.png "/>

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/85/7C/wKiom1elRjfRObpkAAEU8yPP_cE231.png "style=" float: none; "title=" Qq20160805111441.png "alt=" Wkiom1elrjfrobpkaaeu8ypp_ce231.png "/>

Enter the private key password

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/85/7C/wKiom1elRjfTGLs9AACBL0P9aMo955.png "style=" float: none; "title=" Qq20160805111643.png "alt=" Wkiom1elrjftgls9aacbl0p9amo955.png "/>

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/85/7B/wKioL1elRjfDXEHeAAC-qPeTfr4320.png "style=" float: none; "title=" Qq20160805111728.png "alt=" Wkiol1elrjfdxeheaac-qpetfr4320.png "/>

= = Published in topology LyncFE02

1) Pool Right-click New server

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/85/7C/wKiom1elRs_CVXg2AAI39FyQISI275.png "style=" float: none; "title=" Qq20160805111913.png "alt=" Wkiom1elrs_cvxg2aai39fyqisi275.png "/>

2) This will restart the two servers in the front end pool after all the operations have been done

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/85/7B/wKioL1elRs-jD0kNAAIUH1urmog565.png "style=" float: none; "title=" Qq20160805111932.png "alt=" Wkiol1elrs-jd0knaaiuh1urmog565.png "/>

3) Enter the FQDN of the second server

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/85/7C/wKiom1elRtCTtKgIAAHXNbLTc7c278.png "style=" float: none; "title=" Qq20160805112004.png "alt=" Wkiom1elrtcttkgiaahxnbltc7c278.png "/>

4) You can see that two servers already exist in the pool

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/85/7B/wKioL1elRtChqoiwAAFQluWFSn4640.png "style=" float: none; "title=" Qq20160805112014.png "alt=" Wkiol1elrtchqoiwaafqluwfsn4640.png "/>

5) do not forget to publish the topology at this time, or the central management store does not have LyncFE02 information, LyncFE02 will not be able to continue to install

An error occurred while publishing the topology, first careful analysis, enabling the topology has been successful, indicating a small problem

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/85/7C/wKiom1elR3yRUAWEAADTot54jyA706.png "style=" float: none; "title=" Qq20160806092050.png "alt=" Wkiom1elr3yruaweaadtot54jya706.png "/>

6) in the upper right corner, click View Log, see Get-cswindowsservice failed, I tried in the Lyncpowershell command no error, may be a time-out caused by

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/85/7C/wKiom1elR3zxlHmoAAA8rsNDEl0675.png "title=" Qq20160806092042.png "style=" Float:none; "alt=" Wkiom1elr3zxlhmoaaa8rsndel0675.png "/>

7) After re-release, there are no errors, in the event of an error, to carefully review the error message OH

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/85/7B/wKioL1elR3yjS6kXAABeprNgaqY104.png "style=" float: none; "title=" Qq20160806092114.png "alt=" Wkiol1elr3yjs6kxaabeprngaqy104.png "/>

= =lyncfe02 Install Lync Server System

1) different from previous installation, do not need to prepare ad, do not need to install Administrative tools, install Lync Server System directly

The prerequisite is that the published topology contains LyncFE02 information

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/85/7B/wKioL1elSGfBUQdKAAHTqP0Y8lg230.png "title=" Qq20160805112521.png "alt=" Wkiol1elsgfbuqdkaahtqp0y8lg230.png "/>

2) The second certificate is global and does not need to be imported to import the first certificate

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/85/7C/wKiom1elSK-SqZiZAABz-VhAh7o718.png "style=" float: none; "title=" Qq20160806094245.png "alt=" Wkiom1elsk-sqzizaabz-vhah7o718.png "/>

3) Remember to put the previously exported certificate into the LYNCFE02 computer, you must enter the private key password

First put an error chart, the wrong message indicates that our private key password cannot be converted to string, I have a comma in the password

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/85/7C/wKiom1elSLCRqqjuAACbcWJ625I246.png "style=" float: none; "title=" Qq20160806095153.png "alt=" Wkiom1elslcrqqjuaacbcwj625i246.png "/>

4) make the password a little simpler, 123

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/85/7B/wKioL1elSfKj4RzVAABhk0s2OgM285.png "style=" float: none; "title=" Qq20160806095218.png "alt=" Wkiol1elsfkj4rzvaabhk0s2ogm285.png "/>

5) The certificate was imported successfully, but the final steps have not been completed

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/85/7C/wKiom1elSfKAg10AAADxQaeU50U677.png "style=" float: none; "title=" Qq20160806095226.png "alt=" Wkiom1elsfkag10aaadxqaeu50u677.png "/>

6) Assigning certificates

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/85/7B/wKioL1elSi2yrmK3AAB1K_tca8o364.png "style=" float: none; "title=" Qq20160806095238.png "alt=" Wkiol1elsi2yrmk3aab1k_tca8o364.png "/>

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/85/7C/wKiom1elSi2CnofDAABoEKxwkTE813.png "style=" float: none; "title=" Qq20160806095256.png "alt=" Wkiom1elsi2cnofdaaboekxwkte813.png "/>

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/85/7B/wKioL1elSi2iZiVRAADRXpOguIE886.png "style=" float: none; "title=" Qq20160806095309.png "alt=" Wkiol1elsi2izivraadrxpoguie886.png "/>

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/85/7B/wKioL1elSi2g0uGlAADo_qk0o_Q621.png "style=" float: none; "title=" Qq20160806095336.png "alt=" Wkiol1elsi2g0uglaado_qk0o_q621.png "/>

7) Check the service status after starting the service, the service has all started

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/85/7C/wKiom1elSnTAZ8YyAAFA9qKLWC0794.png "title=" Qq20160806102434.png "alt=" Wkiom1elsntaz8yyaafa9qklwc0794.png "/>

= =dns Polling for Lync Server high Availability

1) point all Pool, meet, admin, Dialin records to the IP addresses of LyncFE01 and LyncFE02

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/85/7C/wKiom1elTOegpQraAADCTQDclTc568.png "title=" Qq20160806103510.png "alt=" Wkiom1eltoegpqraaadctqdcltc568.png "/>

2) Confirm the DNS polling status, enabled by default, when a record points to two IP addresses, the effect of polling

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/85/7B/wKioL1elTUGgvvfcAADbAAS8eps181.png "title=" Qq20160806103630.png "alt=" Wkiol1eltuggvvfcaadbaas8eps181.png "/>

3) View U1 currently logged in to the server, login is LyncFE01

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/85/7C/wKiom1elTefxDYOqAABUMa-4oso920.png "title=" Qq20160806103859.png "alt=" Wkiom1eltefxdyoqaabuma-4oso920.png "/>

4) Now stop the LYNCFE01 service to see if it will switch.

The port is idle, re-looking for the server

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/85/7C/wKioL1elTq3CGoFrAAAYjC36bUM714.png "style=" float: none; "title=" Qq20160806104040.png "alt=" Wkiol1eltq3cgofraaayjc36bum714.png "/>

5) The DNS record was not refreshed before the pool record was pointed to LyncFE02, and can be ping to LyncFE02 after refresh

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/85/7C/wKioL1elTq7B4UjmAABIcLKshvw085.png "style=" float: none; "title=" Qq20160806104225.png "alt=" Wkiol1eltq7b4ujmaabiclkshvw085.png "/>

6) You can also log in normally.

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/85/7C/wKiom1elTzGzH1tlAABHD2wstDo791.png "style=" float: none; "title=" Qq20160806104438.png "alt=" Wkiom1eltzgzh1tlaabhd2wstdo791.png "/>

7) The server is automatically configured, that is, he will randomly look for the pool records specified two servers, LyncFE01 just after the service was shut down, the client will not be able to log on to Lync, the client is going to find the surviving LyncFE02 on the line login

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/85/7C/wKiom1elTzGjkfpYAAAvnezOYHM721.png "style=" float: none; "title=" Qq20160806104451.png "alt=" Wkiom1eltzgjkfpyaaavnezoyhm721.png "/>

8) Now the client to find LyncFE02 to log in, we will be 02 service shutdown, the client has switched to the LYNCFE01

I'll forget it. Switching time is also used for about 6 seconds, switching speed is unusually fast, after disconnecting will automatically login, do not need to re-enter the password

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/85/7C/wKioL1elUe-SPwGnAABRM4oYrZs617.png "title=" Qq20160806105638.png "alt=" Wkiol1elue-spwgnaabrm4oyrzs617.png "/>

9) U1 also has a login switch

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/85/7C/wKiom1elUnuy6IBVAABUyFSkPeQ754.png "title=" Qq20160806105822.png "alt=" Wkiom1elunuy6ibvaabuyfskpeq754.png "/>

DNS polling is implemented in a very simple way, and failover is fast

The following chapter describes the Windows Load Balancing component implementation front-end high availability

This article from "Sameold" blog, declined reprint!

Lync Server 2013 Deployment _ Front end adds a second Server&dns poll for high availability