Monday, July 23, 2012

Lync 2013 – XMPP Federation


Within Lync 2013, XMPP is first class service i.e. now we have native support – no gateway is required. This not only eases the deployment and manageability, but also provides scalability and high availability.

  1. Get-CsXmppAllowedPartner (Returns information about XMPP partners authorized to communicate with your organization)

  2. Set-CsXmppAllowedPartner (Modifies an existing XMPP allowed partner)

  3. Get-CsXmppGatewaySettings (Returns information about the XMPP gateway configuration settings in use in the organization)

  4. Set-CsXmppGatewaySettings (Modifies the XMPP gateway configuration settings in use in the organization)

TOPOLOGY

XMPP support is defined in the topology on Site level:

 
…where the edge server used for federation route in the topology will be enabled automatically for XMPP support:


 To enable support for XMPP federation,  the Edge Federation must be enabled. To verify your setting, use Get-CsAccessEdgeConfiguration and examine “AllowFederatedUsers” parameter. If “False”, use: Set-CsAccessEdgeConfiguration -AllowFederatedUsers $true to enable federation.

***It is important to note that the above command will enable federation for all partners, not only XMPP – something the Administrator must consider before proceed further.

DNS


To enable support for XMPP Federation, a new SRV record for every supported SIP domain must be created in the Public DNS. For example:

SRV record for _xmpp-server._tcp.domain.com to resolve to the Access Edge FQDN of the Edge server and port must be set to 5269.

FIREWALL


The firewall must be configured to allow inbound and outbound connections for the Access edge IP address on TCP port 5269.

Additional steps


Next step is to configure XMPP allowed partner. This can be done via eitherControl Panel and Lync management Shell. To set Google Talk as XMPP partner:

New-CsXmppAllowedPartner gmail.com -TlsNegotiation NotSupported -SaslNegotiation NotSupported -EnableKeepAlive $false -SupportDialbackNegotiation $true


Alternatively via CSCP:


After replication, test the new XMPP setup - presence and IM capabilities:


15 comments:

Jason said...

Does Lync Online 2013 on Office 365 work with Google Talk as well?

Drago said...

I personalty do not think XMPP federation will be available in Office 365. Skype probably will be included in PIC pack any time soon, but XMPP - I don't think so.

Chris W., PlanetMagpie said...

Nice work here Drago! Being a Google Talk fan myself, I was pleasantly surprised to find that the XMPP Federation setup was this simple. Thanks for including the DNS records too. We linked to your post on our Lync Insider blog this week.

Clayton Williams said...

Thanks, Drago. I have it working with Google Chat with no issues. Changed the Google User privacy type in my Lync Client to collegue and I can see status etc.

Harald Steindl said...

Thanks for the post.
but why do you have to disable TLS?

Anonymous said...

Hey, I need some help connecting my Cisco SPA122 to a lync server. Do you think you can help me? Thank you in advance.
bruno.teixeira@stfk.no

Manivasagam Sivaraman said...

Basically 2013 Lync removes the requirement of '_sipfederationtls' SRV record on XMPP Domain's DNS Server right ?

TMark86 said...

I followed your guide and had a couple of issues with my SRV record which I believe I corrected but now I am getting a new error on my Lync Edge server. I can "send" IMs from Lync, they don't say that there are any issues but they never get sent out. I also cannot connect back from Google Talk to Lync.

In the event viewer on the edge server I am getting LS XMPP Translating Gateway Event ID 39013 and 39014 which say
"The XMPP Translating Gateway Proxy failed to send a stanza to a remote server.

Remote domain: gmail.com
Detail: MS diagnostic code: 32019"

I have been trying to troubleshoot the issue for a few hours and felt like it might be helpful to ask. If anyone has any input that would be very much appreciated.

Thanks, TMark86

Mohammed Hamada said...

@Tmark,
On Edge server open the Service Console and make sure this service is running.

Lync Server XMPP Translating Gateway Proxy

Anonymous said...

For reinforcement:
xmpp.contoso.com should be in the SAN Edge certificate if you configure your SRV _xmpp-server._tcp.contoso.com = xmpp.contoso.com. The Technet can be misleading. In a consolidated edge also providing XMPP federation remember to set your SRV _xmpp-server._tcp.contoso.com = sip.contoso.com (Access edge FQDN)

It is built this way to allow additional Edge pool specifically for XMPP. Also be sure to check your "Site federation route assignment". Topology will not populate this automagically during installation.

Devon Dn said...

Hello thanks for the post,

I need add register srv _xmpp._tcp.dominio.com in the SAN of EDGE server? its necessary?

i have register _xmpp._tcp.dominio.com in mys DNS internals and my DNS externals redirected to my sip.domain.com from Edge Server .. but no in my Certificate public for Edge Server..

Thanks.

Jason G said...

Does the native XMPP support audio and video?

Tim Lillis said...

Heads up if you have your domain in google apps it enables google talk by default and will block xmpp from lync. Turn it off and life is good for lync users.

Anonymous said...

Hi Drago!Valuable article.I have done as you mentioned and able to add and see gtalk user in my lync 2013 contact list but its showing offline always.While trying to send msg through lync its showing "This message was not delivered to mcarahul22@gmail.com because the service is not available:hi
". Appreciate if you could help me.

Anonymous said...

Thanks for the article Drago. I just had major issues trying to get the XMPP to work to gmail. There are many doc's out there on how to set it up, but none except the Lync Poster mention that XMPP/MTLS:23456 has to be opened between the edge(s) and the FE pool.

For secure organizations this will come up.