Hi,
(assuming we are talking domain-added Windows PCs here)
normally, you wouldn't have to do anything to ensure SSO in Lync. This requires the following prerequisites:
1. your SIP domain as set in Lync is your email domain --> email.com in your example
2. your Lync users have SIP IDs from that SIP domain (e.g. because you have added them to Lync with the "use email address" option)
3. Lync Discovery is correctly configured for that SIP domain
If all of the above is true and you are logged on with your domain user, upon starting Lync client for the first time it will pull your info from AD (msRTCSIP-PrimaryUserAddress) and no further authentication is necessary.
As long as your lab setup still stands, you can try to debug this before tearing it down and rolling out into production.
If, however, you have non-domain clients, then, well, I think you're stuck with either changing the UPN or the SIP Domain/address, whichever suits you better.
Evgenij Smirnov
msg services ag, Berlin ->
http://www.msg-services.de
my personal blog (mostly German) ->
http://it-pro-berlin.de
Windows Server User Group, Berlin ->
http://www.winsvr-berlin.de
Mark Minasi Technical Forum, reloaded ->
http://newforum.minasi.com
In theory, there is no difference between theory and practice. In practice, there is.