This content is part of the Essential Guide: Three Microsoft collaboration tools all Exchange admins should know
Manage Learn to apply best practices and optimize your operations.

How to modify OWA 2013 to support Microsoft Lync

Properly modifying OWA 2013 is necessary to allow users Lync functionality such as instant messaging and presence. We offer the necessary steps here.

If you plan on using Lync 2013 and Exchange 2013 with unified messaging on your network, consider modifying OWA 2013 to support Lync. It adds instant messaging capabilities to OWA, as well as presence information to the OWA interface. This tip explains the initial steps necessary to make those capabilities work.

Before getting started, it's important to understand that the procedure requires that the Unified Communications Managed API 4.0 Runtime be installed on your back-end Exchange servers. If you don't already have it set up, you can download the API from Microsoft.

Create a trusted application pool

The instructions in this tip assume that you've deployed unified messaging (UM) in your Exchange Server organization. That said, the way you've deployed the UM components will have an effect on the procedure you'll use to integrate Outlook Web App 2013 with Lync.

Typically, organizations that have already deployed UM run the Microsoft Exchange Unified Messaging Service and the Microsoft Exchange Unified Messaging Call Router Service on the same server. If your UM deployment is set up thusly, you needn't create an application pool. In fact, doing so will break OWA. Therefore, if your UM components are installed on a common server, ignore the instructions in this section and skip to the next section.

If you've deployed the Microsoft Exchange Unified Messaging Service and Microsoft Exchange Unified Messaging Call Router Service on different servers, the first thing to do is create a Lync Server trusted application pool that defines OWA 2013 as a trusted application. To do so, open the Lync Server Management Shell and enter the following command:

New-CsTrustedApplicationPool -Identity <the FQDN of your OWA deployment> -Registrar <the FQDN of your OWA deployment> -Site <the SiteID defined by Lync Server> -RequiresReplication $False

There are two important things you must know about this command. First, the FQDN of your OWA deployment must match the FQDN specified in your SSL certificate's Subject Name or Subject Alternative Name field. Second, the site name isn't necessarily the name you're used to seeing within Lync. To determine the site name, run the following command:

Get-CsSite | Select-Object SiteID

If there are multiple sites defined, and you're having trouble differentiating between them, append a comma and DisplayName to the end of the Get-CsSite | Select-Object SiteID command.

The next step is to define an application identity and port number for OWA 2013. There are three pieces of information you must provide when issuing this command:

  • The application ID -- The application ID can be any text string, as long as it doesn't use spaces or invalid characters.
  • The Trusted Application Pool -- This is the FQDN of the application pool you created earlier. It should be the same value as the one you used for the Identity switch in the above command.
  • The port number -- The port number should be 5199. Open this port on your firewall.

Now that you have the required information, use the following command to define the application identity and port number:

New-CsTrustedApplication -ApplicationID <your application ID> -TrustedApplicationPoolFqdn <your trusted application pool> -Port 5199

The last step necessary to update the Lync Server topology is to enter the following cmdlet:


Configure Outlook Web App 2013 for Lync integration

The steps outlined in this section should be performed regardless of whether or not the Microsoft Exchange Unified Messaging Service and the Microsoft Exchange Unified Messaging Call Router Service run on the same server.

The first thing Microsoft recommends doing is enabling instant messaging on your client access server (CAS) if it isn't already. The required command is as follows:

Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InstantMessagingEnabled $True -InstantMessagingType OCS

The next step involves adding a couple lines of code to your back-end CAS servers. Before you do however, you'll need a couple of pieces of information:

  • The FQDN of your trusted application pool -- This is the same value specified by the ApplicationID switch in the New-CsTrustedApplication cmdlet you ran earlier.
  • The thumbprint of your Exchange server's IMCertificate. To retrieve this value, run the Get-ExchangeCertificate cmdlet.

Now navigate to your back-end CAS servers and open the C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\OWA\Web.config file. Next, add the following two lines of code to the file's <AppSettings> section:

<add key="IMCertificateThumbprint" value="<your certificate thumbprint>"/>

<add key="IMServerName" value="<FQDN of your application pool>"/>

You must now recycle the application pool. To do so, open a command prompt window (not a PowerShell window) and enter the following commands:

CD \
CD Windows\System32\Inetsrv
Appcmd.exe recycle apppool /"MSExchangeOWAAppPool"

The last step is to enable instant messaging in your OWA mailbox policy. The command you'll need requires you to provide the policy name. If you do not have any custom policies, the policy name is Default. The command you must use is as follows:

Set-OwaMailboxPolicy -Identity "<policy name>" -InstantMessagingEnabled $True -InstantMessagingType "OCS"

About the author
Brien Posey is a ten-time Microsoft MVP with two decades of IT experience. Before becoming a freelance technical writer, Brien worked as a chief information officer at a national chain of hospitals and health care facilities. He has also served as a network administrator for some of the nation's largest insurance companies and for the Department of Defense at Fort Knox.

Dig Deeper on Exchange Server setup and troubleshooting

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

why should always update password or change updating password?