Overview of Active Directory Domain Services Preparation
Topic Last Modified: 2012-10-15
To prepare Active Directory Domain Services (AD DS) for your Microsoft Lync Server 2010 deployment, you must perform three steps in a specific sequence.
The following table describes the steps required to prepare AD DS for Lync Server 2010.
Active Directory Preparation Steps
Step | Description | Where run | |
---|---|---|---|
1. |
Extends the Active Directory schema by adding new classes and attributes that are used by Lync Server. Run once for each forest in your deployment where Lync Server will be deployed. |
Against the schema master in the root domain of each forest where Lync Server will be deployed. Note You do not need to run this step in the root domain if you have permissions on the schema master, but you must be a member of the Schema Admins group in the root domain and a member of the Enterprise Admins group on the schema master. In a resource forest topology, run this step only in the resource forest, not in any user forests. In a central forest topology, run this step only in the central forest, not in any user forests. |
|
2. |
Creates global settings and universal groups that are used by Lync Server. Run once for each forest in your deployment where Lync Server will be deployed. |
In the root domain of each forest where Lync Server will be deployed. To run this step, you must be a member of the Enterprise Admins group. Note In a resource forest topology, run this step only in the resource forest, not in any user forests. In a central forest topology, run this step only in the central forest, not in any user forests. |
|
3. |
Adds permissions on objects to be used by members of universal groups. Run once per user domain or server domain. Note If you are migrating from Microsoft Office Communications Server 2007 R2 to Lync Server 2010, the Deployment Wizard may indicate that domain preparation is already complete. You do not need to run domain preparation again. Permissions were not changed from Office Communications Server 2007 R2 to Lync Server 2010. |
On a member server in each domain where Lync Server will be deployed. To run this step, you must be a member of the Domain Admins group. |
Changes in Lync Server 2010
In Lync Server 2010, much of the configuration information is stored in the Central Management store instead of in AD DS as in previous versions. However, Lync Server 2010 still stores the following in AD DS:
Schema extensions:
User object extensions
Extensions for Office Communications Server 2007 and Office Communications Server 2007 R2 classes to maintain backward compatibility with supported previous versions
Data (stored in Lync Server extended schema and in existing schema classes):
User SIP Uniform Resource Identifier (URI) and other user settings
Contact objects for applications such as Response Group and Conferencing Attendant
A pointer to the Central Management store
Kerberos Authentication Account (an optional computer object)
For Lync Server 2010, you run the same Active Directory preparation steps that you did for Office Communications Server 2007 R2. However, for Lync Server 2010, you use new deployment tools to run the steps. For details, see Preparing Active Directory Domain Services.
In Lync Server 2010, you no longer delegate setup and administration in the way you did in previous versions of Office Communications Server. Instead, you can grant setup permissions to the RTCUniversalServerAdmins universal group so that members of that group can install and activate Lync Server 2010 on a local server (after the server has been added to the topology, published, and enabled). The delegated users must be local administrators on the computer where they are installing and activating Lync Server 2010, but they do not need to be members of the Domain Admins group. You can also grant permissions for objects in specified organizational units (OUs) so that members of the universal groups created during forest preparation can access those objects without being members of the Domain Admins group.
For new deployments of Lync Server 2010, global settings must be stored in the Configuration container. If your organization is upgrading from an earlier version of Office Communications Server and you still have global settings in the System container, the System container is still supported.
Note
For Office Communications Server 2007 deployments, we recommend that you move global settings to the Configuration container before migrating to Lync Server 2010. If you decide to move the global settings, you must move them before you run schema preparation for Lync Server 2010. For details, see "Migrating Global Settings Container" at https://go.microsoft.com/fwlink/p/?LinkId=185227. The option to migrate global settings from the System container to the Configuration container is not available for Office Communications Server 2007 R2 deployments.
See Also
Concepts
Running Schema Preparation
Active Directory Domain Services Reference
Other Resources