Questions on SEFAutil deployment in Lync 2013

Similar Messages

• Lync 2013 client deployment via SCCM 2012 forcing restart

  All, 
  I am attempting to deploy the Lync 2013 x86 client via SCCM 2012 to 158 machines running the Office 2010 suite. My package runs, and the installs complete but they are forcing a restart after the install even though I have gone in to everything that I can
  think of to tell the install not to force a restart. I am a newb in the ways of SCCM so I have been self teaching, and I may have missed something. 
  I have gone into the config.xml and changed the value SETUP_REBOOT to NEVER. 
  In the program properties I have RUN set as HIDDEN, and AFTER RUNNING set to NO ACTION REQUIRED. 
  Is there something that I am missing to stop the users machine from restarting after the install completes?

  Great, unfortunately it will be because files (usually shared DLLs) are in use as Office is opened, despite it being an older version. 
  Agree it's not optimal, I usually just tell clients that they will need to reboot, or that it will push out overnight (when I schedule it) and their computer will restart, so make sure they save everything.
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer"
  Georg Thomas | Lync MVP
  Blog www.lynced.com.au | Twitter
  @georgathomas
  Lync Edge Port Check (Beta)

• Lync 2013 - EWS not deployed external

  Greetings!
  Is there a way how to track the reason why Lync2013 client connecting over EDGE has status of EWS not deployed?
  Lync 2013 Standard FE
  Lync 2013 Edge
  TMG
  Exchange 2010
  Have followed this instructions:
  http://www.b4z.co.uk/lync-2013-ews-with-forefront-tmg-2010-issues.html/comment-page-1
  On the TMG rules: Outlook web access, Outlook anywhere, I have deleted /autodiscover/* and /ews/* path and created a new rule,
  which is connecting to a public addresses: autodiscover.company.com and owa.company.com, and on firewall rule under authentication tab selected: No delegation but client may authenticate directly.
  Created also a new listener which has: No authenticaton.
  PROBLEMS:
  Before doing that we had a problem that Lync2013 client connecting outside LAN got a pop-up credentials and no matter what you have typed, it didn't accept it.
  Now credentials pop-up is not appearing anymore, but the status of EWS is not deployed.
  And we are also having another problem because we had deleted EWS and AUTODISCOVER on Outlook Web access firewall rule and on Outlook anywhere, now Outlook clients
  connecting outside LAN without VPN are unable to get OOF working.
  Any hints?
  bostjanc

  Hi Lisa!
  Thank you for your reply.
  Output of the command: Get-AutodiscoverVirtualDirectory -Server FQDN | fl name,InternalURL,ExternalURL
  Name        : Autodiscover (Default Web Site)
  InternalUrl :
  https://owa2010.company.com/autodiscover/autodiscover.xml
  ExternalUrl :
  https://owa2010.company.com/autodiscover/autodiscover.xml
  Domain username is: [email protected]
  SIP address is: [email protected]
  Output of the command Get-WebServicesVirtualDirectory -Server FQDN | fl name,InternalURL,ExternalURL
  Name        : EWS (Default Web Site)
  InternalUrl : https://owa2010.company.com/EWS/exchange.asmx
  ExternalUrl : https://owa2010.company.com/EWS/exchange.asmx
  A record for autodiscover.company.com is created in EXTERNAL DNS and is pointing to a newly created Firewall rule on TMG, which has /autodiscover/* and /ews/* paths,
  no authentication (it passes the authentication to Exchange 2010).
  There is no SRV record in External DNS if that is important?
  Lync2010 client connecting external is also having EWS shown as not deployed.
  QUESTION:
  QUESTION1:
  I have a question regarding your statement: "Make sure you have configured the CAS Server Certificates including all SAN Names for all SMTP and SIP domains."
  On TMG side I have two rules for LYNC and I want to clarify something about the certificates.
  1 rule is for MEET NOW links and MOBILITY. This rule has /* path, no authentication and it leads to lyncFE ip address. This rule is for Lync reverse proxy which is
  visible on external DNS as lyncproxy2010.company.com. Rule is using certificate with this SAN names:
  DNS Name=lyncproxy2010.company.com
  DNS Name=meet.company.com
  DNS Name=lyncdiscover.company.com
  DNS Name=autodiscover.company.com
  DNS Name=dialin.domain.local
  2nd rule on TMG is newly created Firewall rule
  for solving EWS problem for Lync 2013. It has /autodiscover/* and /ews/* paths,no authentication (it passes the authentication to Exchange 2010).
  This rule is pointing to public address: autodiscover.company.com and to public address owa2010.company.com. Rule is using the sam certificate as we use it in other firewall rules for Outlook web access, Outlook anywhere and ActiveSync. Certificate has this
  SAN names:
  DNS Name=owa2010.company.com
  DNS Name=exchange.company.local
  DNS Name=exchange.company.com
  DNS Name=exchange
  DNS Name=autodiscover.company.local
  DNS Name=autodiscover.company.com
  Ok, my newly rule does not have lyncproxy2010.company.com should it have? It also does
  not have lyncdiscover.company.com should it have?
  QUESTION2:
  Is EWS internal/external url
  case sensitive?
  QUESTION3:
  With creating a newly rule for LYNC where ews and autodiscover are not authenticated on TMG side I have also removed path's /EWS/* and /AUTODISCOVER/* on rules for Outlook anywhere on TMG. Now we have problem that free/busy status ain't working
  external in Outlook clients.
  Soo, fixing pop-up credentials for Lync 2013 is partly solved, because credential window ain't appearing anymore, but EWS is still shown as not deployed, on the other side we have "created" another problem with OOF Outlook external. Any hints?
  with best regards,
  bostjanc

• Lync 2013 x64 silent client deployment via SCCM 2012 SP1

  Greetings everyone!
  I ran into a problem with Lync 2013 x64 silent deployment.
  I need to provide every workstation with Lync 2013 client, so i decided to use deployment via SCCM 2012 sp1.
  I created 2 msp files with OCT, one based on x86 Office 2013 Proplus, and other based on x64 Office 2013 Proplus.
  Added them as applications to sccm software library.
  Deployment of Lync 2013 x86 application was a success with over than 80% compliance. 
  But all Lync 2013 x64 automatic installations finish with different errors.
  I created special device collection for workstations with office 2010 x64 and 2013 x64, because i can't install other architecture products once it has x64 product installed.
  My membership query-rules for this collection:
  Office 2013 x64
  select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_INSTALLED_SOFTWARE on SMS_G_System_INSTALLED_SOFTWARE.ResourceId
  = SMS_R_System.ResourceId where UPPER(SMS_G_System_INSTALLED_SOFTWARE.SoftwareCode) = "{90150000-0011-0000-1000-0000000FF1CE}"
  Office 2010 x64
  select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_INSTALLED_SOFTWARE on SMS_G_System_INSTALLED_SOFTWARE.ResourceId
  = SMS_R_System.ResourceId where UPPER(SMS_G_System_INSTALLED_SOFTWARE.SoftwareCode) = "{90140000-0011-0000-1000-0000000FF1CE}"
  My application deployment type points to setup.exe in office 2013 x64 installation folder, where i created msp file in updates folder via OCT and edited config.xml file in proplus.ww folder.
  So my installation program looks like this setup.exe /adminfile updates\1lync.msp /config proplus.ww\config.xml
  The same configuration works with Lync 2013 x86 deployment, except other setup folders.
  When i try running installation program setup.exe with /adminfile and /config parameters locally, it installs successfully without errors or warnings.
  I'm trying to find out problem source, does anyone have ideas what I am doing wrong?
  Also i'm trying to reduce office 2013 installation folder size, what subfolders are necessary for Office 2013 proplus installation (still installing only lync with common files and tools)? Because now 3.5 GB package is quite hard to distribute to sccm secondary
  sites with deployment point.
  Thanks in advance.

  Hi,
  Here are some tips and tricks for your reference.
  Tips and Tricks: Deploying Lync 2013 client using SCCM 2012 | Lync 2013 Client Customization for SCCM 2012 Deployment Package
  http://zahirshahblog.com/2014/01/08/tips-and-tricks-deploying-lync-2013-client-using-sccm-2012-lync-2013-client-customization-for-sccm-2012-deployment-package/
  Note: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Decommissioning 1st OCS 2007 R2 FE after deploying Lync 2013

  Hello,
  We have done a successful deployment of Lync 2013 that interoperates with OCS 2007 R2. Now we want to start decommissioning OCS 2007 R2 step by step. We have four OCS pools on different sites and I want to decommission the first OCS. 2007
  r2 FE. I´ve tried to follow the deactivation order suggested by different bloggers and MS site:
  http://www.ucprofessional.com/2011/04/decommisioning-ocs-2007-r2-after.html
  http://technet.microsoft.com/en-us/library/dd572548%28v=office.13%29.aspx
  However when I want to deactivate any service like Application Host or A\V Conferencing Server I receive the next message,
  even if I have domain\enterprise admin rights as well as RTCUniversalServerAdmins membership :
  Remove Active Directory Object CN=UC AppServer Services
  Failure
  [0x80070005] Access is denied.
  Remove Active Directory Object CN=LS AV MCU
  Failure
  [0x80070005] Access is denied.
  We have a parent root domain, and this FE is joined to one of its child domains. I still have other three pools but I don´t want to touch these other three until I can decomm this first FE and its pool. I don´t have any users in this.
  How could I deactivate these services on this first FE server and have my AD clean? what might be happening that the deactivation process doesn´t do its job?
  Thank you for any feedback.
  MC

  Is the account you used to deactivate OCS 2007 R2 Servers in root domain or child domain?
  Your problem is more of a permission issue.
  Try to use an account created in root domain to deactivate OCS 2007 R2 servers.
  Lisa Zheng
  TechNet Community Support

• Deploy Lync 2013 Via SCCM 2012

  Dear,
  I wants to deploy Microsoft Lync 2013 via SCCM 2012, I have created a new deployment package based on MSI file to install Microsoft Lync 2013 for company machines, during the installation package will install for clients computer perfectly but instead of
  install automatically to users, every time message coming user should do it manually for example user should accept the terms of the agreement, kindly I need a way to solve this issue, I need Lync 2013 automatically install without users doing anything, please
  see attached snapshot.

  Make sure that you are using the right command line using your newly created MSP
  ex: setup.exe /adminfile "Lync_Updated.msp"
  As proposed, update your DP so that your MSP gets distributed.
  You can also follow this guide if you're still experiencing difficulties.
  http://systemcentersynergy.com/lync-2013-silent-or-unattended-install/
  Benoit Lecours | Blog: System Center Dudes

• Lync 2013 domain discovery not working, but Lync 2010 works flawlessly

  We are using Lync 2013 and Lync 2010 in our company. Upon installation Lync 2010 can connect absolutely fine with for example [email protected], but when we use Lync 2013 we receive a DNS error saying it cannot resolve the domain when using the same
  method. I have to manually enter the internal and external servers on each deployment of Lync 2013 to sipdir.online.lync.com:443 in order for successfully login to Lync 2013. We are upgrading all users to Lync 2013 and I want to avoid having to do this
  on every deployment. This has always been an issue and not something that recently became an issue.
  I have double checked my CNAME and SRV from my host provider and everything is as it should be. Contacting MS support they made me change my preferred DNS to 8.8.8.8 on the network adapter for the PC, but that breaks everything you connect to internally and
  is not a solution to this issue.
  Any ideas?

  Hi,
  The forum you posted is for Lync Server On Premise only. The issue is more related to Lync online, you can also post a question on Office365 forum for assistance. Thank you for your understanding.
  http://community.office365.com/en-us/f/166.aspx
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Lync 2013 Multitenant - Sign-in not working

  Hello,
  I am working on deploying the Lync 2013 Multitenant hosting pack in a staging environment for testing with the eventual goal of putting this into a production environment. So far I am working with a single front-end server routed through an F5 load balancer
  using their iApp application template for Lync 2013. We are attempting to work with a very simple deployment that we scale out as additional features/capacity is needed.
  The issue I'm having is during the sign-in process. I have provisioned a tenant and a user within that tenant and I am able to use the Get-CsTenant and Get-CsUser commands to view the tenant and user. I have also established the following DNS entries for
  the tenant.
  A record: lync.<hosting domain> - Pointed to the public IP address for the Lync application through our F5.
  A record: lyncpool01.<hosting domain> - Pointed to the public IP address for the Lync application through our F5.
  SRV record: _sip._tls.<tenant domain> (priority 0, weight 0, port 443) - Pointed to lync.<hosting domain>
  SRV record: _sipfederationtls._tcp.<tenant domain> (priority 0, weight 0, port 5061) - Pointed to lync.<hosting domain>
  When I attempt to sign in to my test user externally using the Lync 2013 desktop client, I do get a certificate warning on the client that lync.<hosting domain> (cert is lyncpool01.<hosting domain>) is attempting to handle the request, but when
  I accept the cert, the client waits for about 30 seconds and then gives the error "Lync couldn't find a Lync Server for <tenant domain>. There might be an issue with the Domain Name System (DNS) configuration for your domain. Please contact your
  support team.". I can't figure out where this is falling apart or what name the Lync client is attempting to reach, and enabling event logging for Lync has revealed no helpful information.
  Is there any assistance you can give?

  Hi,
  Agree with PaulB_NZ.
  As Lync 2013 Multitenant only have external and federation users, you need to deploy Edge Server in the DMZ zone to support external and federation access.
  What's more, if you want to use Lync mobile clients you also need to deploy a Reverse Proxy in the DMZ zone.
  More details:
  https://technet.microsoft.com/en-us/library/gg398069.aspx?f=255&MSPPError=-2147217396
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Lync 2013 Edge Server

  I have a few questions on setting up a Lync 2013 Edge Server.  Let me give a little background into what is going on.  My comapny currently still has the old Communicator server(1 user left to migrate to Lync!) and a Lync 2013 that is all setup
  and functional.  Our current Lync environment is only internal, since we do not have a Edge Server setup.  That is what I am task to work on now.  I have read alot of guides on how to build this server, where it needs to be placed in the DMZ,
  and what is needed for it. 
  First question - Is there a hardware spec needed for this server?
  Second question - I read that 3 public ip are needed.   What are they needed for?  So I can explain to our network guys why I need this.
  Third question - Does it matter if the Edge server is on the domain or not?  I read it shouldnt be.  I dont think it will be an issue either way for me, but its easier to manage if on the domain.
  Fourth question - Should I finish my Communicator server decom before worrying about the Edge server? 
  Final question - is there a guide on how to get rid of the Communicator Server Connections to our Lync Server?
  Thanks in advance.

  First question - Is there a hardware spec needed for this server?
  Second question - I read that 3 public ip are needed.   What are they needed for?  So I can explain to our network guys why I need this.
  Third question - Does it matter if the Edge server is on the domain or not?  I read it shouldnt be.  I dont think it will be an issue either way for me, but its easier to manage if on the domain.
  Fourth question - Should I finish my Communicator server decom before worrying about the Edge server? 
  Final question - is there a guide on how to get rid of the Communicator Server Connections to our Lync Server?
  First question- HW spec  https://technet.microsoft.com/en-us/library/gg398835.aspx
  For your reference, my edge servers happen to have 40 GB ram and 2x'E5-2690 2.9GHz' ... they don't have to be physical ... can be virtual however.
  Second - 3 IP's are recommended ... it makes it easier because you can use standard ports as opposed to straying from 443 etc. ... and it makes troubleshooting easier.  All three of the edge services include a 443 requirement - and, with SSL you can't
  just share that socket on a single IP - so, lucky service gets 443.  Also, you can segregate the traffic and see exactly what is happening.  If you only had 1 IP - many scenarios in Lync would not work (e.g., I'm at a hotel and yoru AV port is not
  allowed through the firewall). 
  Here is a wonderful reference - https://blogs.perficient.com/microsoft/2012/12/lync-scaled-consolidated-edge-public-ip-addresses/
  Third - it is recommened that it is NOT domain joined - however, it's ok that it is.  Mine IS domain joined because I have a domain in my DMZ and it assists with management (etc.) and may be required for yoru security.  Your call.  IMO, if
  you have a domain , join it.  Why not?
  RE: OCS - there is a migration path from OCS 2007 R2 to Lync 2013 as per https://technet.microsoft.com/en-us/library/gg425764.aspx   and several documents on the Internet that show the process for those who need to do so.   It's not trivial.
  Another interesting link:  http://blogs.technet.com/b/saleesh_nv/archive/2014/04/24/lync-2013-tri-co-existance.aspx

• Lync 2013 Edge Certificates

  We are planning to deploy 2 lync 2013 edge servers with F5 HLB. Can we deploy internal Certificates on LYNC 2013 Edge servers ( SIP, WebConf, and AV) and deploy external wild card certificate (Public CA) on F5 external interface, so the external users
  can be validated on F5 with public certificate and F5 can trust Edge servers in DMZ?
  Is this solution works or do we need only public certificates on Edge servers?
  Tek-Nerd

  Hi Tek-Nerd,
  Agree with others.
  I’m afraid that if you use wild card certificate on F5, the external users might not be able to access the Lync Server.
  From
  https://technet.microsoft.com/en-us/library/gg398692.aspx
  “Microsoft Lync Server 2013 uses certificates to mutually authenticate other servers and to encrypt data from server
  to server and server to client. Certificates require name matching of the domain name system (DNS) records associated with the servers and the subject name (SN) and subject alternative name (SAN) on the certificate. To successfully map servers, DNS records
  and certificate entries, you must carefully plan your intended server fully qualified domain names as registered in DNS and the SN and SAN entries on the certificate.”
  Best regards,
  Eric
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Lync 2013 as PSTN gateway for CUCM

  Hello,
  this is an oddity and not really an advertised feature with Lync, but:
  we have a really small footprint of CUCM devices, mostly VTC units that would like to be able to call out to PSTN using Lync infrastracture. We have a fully featured deployment of Lync 2013 used company wide 2000+ users.
  We created a SIP trunk between CUCM & Lync mediation server, we defined New IP/PSTN Gateway in topology and published it, configured SIP trunk, profiles, etc in CUCM. The purpose of this is to only dial outbound from the CUCM devices, the CUCM devices
  do not have to be reached from outside or by Lync users.
  We are able to place calls from a VTC endpoint registered to CUCM via Lync SIP trunk to all Lync users, but we are unable to dial out to PSTN.
  Most configuration refer to configuring Lync to use CUCM for PSTN connectivity not viceversa. Is there any documentation on achieving this?
  Call flow would be like this.
  VTC Endpoint > CUCM ----SIP Trunk----> Lync mediation > PSTN
  We already have PSTN access built in Lync, we just need to bridge between the CUCM direct SIP trunk and PSTN.
  Thank you.

  Hi,
  To enable inter-trunk routing, associate and configure PSTN usage records to this trunk configuration. The PSTN usages associated to this trunk configuration will be applied for all incoming calls through the trunk that is not originating from a Lync endpoint.
  More details:
  https://technet.microsoft.com/en-us/library/gg425831.aspx
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Lync 2013 client is deployed but user accounts are not migrated from OCS to Lync 2013 Server - how to open Lync meetings automatically in the Lync Web Plug-in

  We have in our enterprise the following scenario:
  1 - Lync 2013 client is installed
  2 - User accounts are not migrated to Lync 2013 Server, users are using Office Communicator as their main tool
  3 - Users receive Lync 2013 meeting requests but when try to access them, Lync 2013 client launches and shows error. Users will need to open the browser and paste the URL to the address bar but this still open
  4 - We cannot use the workaround of adding "?SL=1" to the Lync 2013 meeting URL as the user base is large and manual workaround is not accepted
  5 - Question: is there any automated way, via egistry key or GPO setting, so that users temporarily (until their accounts are migrated to Lync 2013 server) can bypass Lync 2013 client completely and automatically open all Lync 2013 meetings
  on the browser, using Lync Web Plug-in?

  Thanks for the response,
  First, I should have mentioned clearly that users have Office Communicator 2007 client and Lync 2013 client installed in their machines. Their accounts are not migrated yet to Lync 2013 server.
  Second, we are using IE9 and IE10. The issue is that users CAN join Lync 2013 meetings with their browsers but have to paste the URL manually to browser and add "?SL=1" otherwise, if they just click at the "Join Online Meeting" or "Join
  Lync Meeting" URL it launches Lync 2013 client which shows error because is not configured yet, as they are using OCS client and migrating slowly to Lync 2013 server.
  Is there a Group Policy setting or a registry key from Microsoft that can be turned on to these users machines and make will all Lync meeting requests to be opened in IE browser instead of Lync 2013 client. We need a way to ignore
  Lync 2013 client until user accounts are migrated to Lync 2013 Server. Manually typing URLs is not an option in a big organization, can't explain thousands of users of different levels what to do.
  We are regretting the decision not to separate Lync 2013 from Office 2013 package we deployed recently. If Lync 2013 is uninstalled then all Lync meeting requests are opened in browser without an issue.

• Lync 2013 edge-no reverse proxy question

  I deployed lync 2013 edge server and no reverse proxy yet.I am trying to connect from my windows 7 machine with no luck and I can see a top reset on the firewall,my question is is reverse proxy required for the normal client to connect and do basic IM?
  Plz confirm.thx

  *****Update**********
  now when i am trying to test connevity using microsoft connecvitry analyer i am getting error realted to the external certifictare stating that " certificate couldn't be validated because SSL negotiation
  wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation." with UC troubleshotter i am getting the same.any idea?
  PS certificate is from Digi
  cert and i have checked the installation with thier tool and all was green
  regards
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with
  the certificate installation.

• OU For Lync 2013 Central Forest deployment when using GAL Sync

  Hello,
  We are attempting to set up Lync 2013 in a Central Forest configuration. We have a 2 way forest trust in place. The primary forest being A.com, the secondary forest being B.com. Exchange 2010 is deployed in both forests. Lync 2013 is deployed in forest A.com.
  We currently have FIM 2010 installed, using GAL Sync between both forests. For GAL Sync, we have an OU in Forest A.com active directory called GALSync. There are currently contacts in that OU that correspond with the user accounts in forest b.com. Here's
  my question:
  When configuring FIM MA's for Lync 2013 Central Forest deployment, can I point the LCSCFG.xml file to the SAME GALSync OU we use for  GAL Sync? Will it see the contacts already exist and just update with the necessary attributes needed to provision
  the forest B.com users for Lync? Do I need to create a separate OU for the Lync MA to use? Or, am I going about this in the wrong way?
  Any help you can provide will be greatly appreciated.
  Thank you

  Thanks for the reply Anthony
  Almost right. The only difference is that the remote users will get the autodiscover url and the ews url from their local domain and dns.
  Here is how it is setup:
  Shared public namespace           
  mycompany.com (email address and sip address use this in both domains)
  Central Forest (mycompany.com)
  Lync 2013
  Exchange 2013
  Autodiscover url              
  autosdiscover.mycompany.com/autodiscover/autodiscover.xml             
  192.168.10.10
  EWS Url                               
  https://mail.mycompany.com/EWS/Exchange.asmx                      
  192.168.10.11
  Remote Forest (Fabrikam.com)
  Lync 2010
  Exchange 2010
  Autodiscover url              
  autosdiscover.mycompany/autodiscover/autodiscover.xml       
  192.168.11.23
  EWS Url                               
  https://mail.mycompany.com/EWS/Exchange.asmx                      
  192.168.11.24
  User in Fabrikam login locally with their Fabrikam credentials. They have a Lync enabled contact in mycompany. There is a 2 way trust in place. They login to mycompany Lync fine.
  When they do the autodiscover DNS lookup, they return the same autodiscover and EWS url, but they point to the local Exchange 2010 since their mailbox and user account still resides there and that is the system that the Fabrikam account has access to.
  Autodiscover works fine for Outlook.
  I will take a look at Fiddler

• OCS to Lync 2013, move all users over before client deployed?

  Hello, quick question hoping someone can answer...
  We've deployed Lync 2013 and are migrating about 2000 users from OCS across many branch offices, going branch-by-branch.
  Is there any downside to moving ALL 2000 users over to the Lync pool before they have the Lync client deployed to their site? They would still be using Communicator until their site receives the Lync install. I know Communicator works when connecting to
  the Lync pool so I'm guessing this should be OK.
  The problem we're seeing during this transition phase is when an employee travels to a site that's had Lync client deployed but the employee is still on the Communicator pool because their primary site hasn't been upgraded yet, and are thus unable to sign-in
  to Lync.

  I would agree with Anthony, 
  The basic features works with the Communicator clients but when it comes to conferencing users will face a lot of problems, also  a problem as been identified during such scenario is when users homed on the lync pool and signing in using the OC client
  experience a weird behavior when their contact lists disappear, then it appears again when logging using a lync client. 
  as a resume.
  If you are obliged to use the OC client please make sure that it is patched with the latest updated released. 
  as a best practice move to Lync client as soon as possible.
  Regards,
  Charbel Hanna
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread