Lync Server Portal > Lync Server 2010 Articles In addition to the global, cloud-based Office 365 service that includes Lync Online, Microsoft provides the Microsoft Lync Server Multitenant Pack for Partner Hosting for companies offering hosted Lync services provided by Microsoft to their customers. The Lync Server Multitenant Hosting Pack features include integration with Microsoft Exchange Server, Microsoft Outlook, and other communication technologies, and enables customers to manage geographically dispersed offices and mobile users in a way that reduces travel expenses, while maintaining highly collaborative team environments. This is the resource page for the Lync Server Multitenant Hosting Pack. Check back for links to pertinent documentation.
Use the following links to navigate the Lync Server wiki:
Your feedback is welcome! To provide feedback, comment directly on a TechNet Wiki page or send to the Lync Server TechNet Wiki alias.
No updates as far as I can tell. Microsoft can't even federate with my tenants as their internal Lync paperwork used to federate with partners don't let you specify a "proxy" or "edge" server anymore (used to work on OCS days.) I've heard from a few msft folks that a new version of the multi-tenant pack will be released soon, This will solve a few issues such as push notifications and federation without certificates requirements. But of course, no public information available on it anywhere.
hi is there any update to the certificate question?
hi,
Any update?
Regards,
Alex
Hi Eddie,
Sorry for the delayed response. I am tracking down some information about this and will reply with an update shortly. Thanks to all the others that have posted responses on this issue!
Hi,
Just wondering if anyone has an answer for this?
Eddie
Hi Marcelo,
Thanks for the response.
We have overcome the problem with certificates for automatic sign in however cannot see a way around federation with Lync Online (all other multi-tenant environments or on-premise environments can add us as a hosting provider) and Mobile Push Notifications. Neither of these work unless you have a certificate that matches the domain.
If we follow the documentation, I still do not understand what the guidance is for the 101st tenant?
I completely agree with you regarding security and privacy.
To Alex and Eddie,
You won't need to get a certificate for each tenant, in my opinion this goes against privacy and security polices of the tenants anyways. It is possible to accomplish the automatic sign-on via DNS entries. In summary, each tenant will have to create SRVs and As records on their domain to reach the Directors and Edge servers of your MT Lync. The only side effect of that is the pop-up telling they are being redirected to a server. See section “8.9 Create Tenant DNS Records” of the deployment guide for details about the DND entries.
Thanks for the information in the above Article.
I believe however there are limitations on the scalability of any Lync Mulit-Tenant Environment.
As pointed out by rdubois, there is a requirement to have every tenant domain as a SAN in the access edge certificate, however we have only found certificate authorities that will allow up to a maximum of 100 SAN's in a certificate.
What is the guidance for the 101st tenant? Is there something I have missed in the documentation?
Hi Randall, thanks for the response. This solves the sign-in issue but It seems that a SAN entry is needed anyway for every customer for Lync Federation to work. Can you confirm?
Thanks
Hi Alex,
Here is a response to your question from the product team:
You would only need to add the DNS records for tenant domains to the Lync Edge server public certificate IF you want automatic client configurations to work. If you are ok with manual client configuration (as in a custom installer that sets the registry settings in Lync to already have your manual server address configured) then you would not need to add their records to your public UCC. That said however, if you do want automatic client configuration to work, then this would be a requirement and unfortunately there isn’t a work around.
Please let us know if you need more information.