locked
Edge FQDN RRS feed

  • Question

  • Hi,

    our internal lync pool is named pool.internaldomain.xx, our lync servers are placed in an dmz domain called dmz.yy. When defining my edge pool, what domain name should I use, the same as our internal pool or can I give it a name in the dmz.yy domain?

    so to summarize, does the lync internal servers, pools and, edge servers and edgepool have to have same domain name when building the topology?

    Regards,

    Uc

    Friday, October 7, 2011 1:19 PM

Answers

  • basically the edge Servers are deployed in DMZ which does not join to any domain (Deploy as a Workgroup). This is for the security reasons.

    If you want to deploy the Edge servers join with domain, then you should have them on dmz.yy doamin.

    All the All the LYNC Roles (FE/EE, Archiving/Monitoring, Mediation) should be deployed on the same domain. Edge can be deployed Standalone 

    Thamara.

    Friday, October 7, 2011 1:35 PM
  • hmm..ok I need to clarify. When you add an edge pool in the topology builder you have to specify a fqdn of the new pool. This fqdn should this be based on the internal lync domain or the dmz.yy domain.


    It doesn't matter, you can use whatever domain you like for the "Edge Pool" FQDN as long as that FQDN is resolvable by any "Internal" client. For the "Edge Server FQDN" however, you should use dmz.yy domain, if the edge server is member of the perimeter forest. Otherwise you won't be able to enable local replica on the edge server.
    • Marked as answer by Sharon.Shen Friday, October 14, 2011 7:02 AM
    Saturday, October 8, 2011 3:48 AM
  • Hi,there,

    You can leave the edge server located in DMZ network with standalone server,then add the DNS suffix of the DMZ domain or internal domain for Edge server and specify this FQDN in topology,just make sure the defined FQDN in topology builder is same as the edge internal FQDN and it can be resolvable on any internal domain clients(DNS involved).

    Regards,

    Sharon

    • Proposed as answer by Sharon.Shen Thursday, October 13, 2011 9:18 AM
    • Marked as answer by Sharon.Shen Friday, October 14, 2011 7:03 AM
    Monday, October 10, 2011 9:17 AM

All replies

  • basically the edge Servers are deployed in DMZ which does not join to any domain (Deploy as a Workgroup). This is for the security reasons.

    If you want to deploy the Edge servers join with domain, then you should have them on dmz.yy doamin.

    All the All the LYNC Roles (FE/EE, Archiving/Monitoring, Mediation) should be deployed on the same domain. Edge can be deployed Standalone 

    Thamara.

    Friday, October 7, 2011 1:35 PM
  • ok, so the edgepool domain that I define in topology builder does not need to match the domain of my internal pools?

     

    /Uc

    Friday, October 7, 2011 2:00 PM
  • no. leave it in a workgroup.
    Friday, October 7, 2011 2:17 PM
  • hmm..ok I need to clarify. When you add an edge pool in the topology builder you have to specify a fqdn of the new pool. This fqdn should this be based on the internal lync domain or the dmz.yy domain.

    Thanks,

    Uc

    Friday, October 7, 2011 4:37 PM
  • for this, use dmz.yy domain. Since you already has a DMZ domain, it doesn't matter even if you add the Edge to that domain.

    Thamara.

    • Proposed as answer by Adminiuga Saturday, October 8, 2011 3:43 AM
    Friday, October 7, 2011 4:44 PM
  • hmm..ok I need to clarify. When you add an edge pool in the topology builder you have to specify a fqdn of the new pool. This fqdn should this be based on the internal lync domain or the dmz.yy domain.


    It doesn't matter, you can use whatever domain you like for the "Edge Pool" FQDN as long as that FQDN is resolvable by any "Internal" client. For the "Edge Server FQDN" however, you should use dmz.yy domain, if the edge server is member of the perimeter forest. Otherwise you won't be able to enable local replica on the edge server.
    • Marked as answer by Sharon.Shen Friday, October 14, 2011 7:02 AM
    Saturday, October 8, 2011 3:48 AM
  • The recommended way is to enable the File store replica on the Edge is to export the CS-ConigurationData and import it to the Edge from Topology Builder.

    It's not necessary for Edge to be on a Domain. 

    Thamara.

    Saturday, October 8, 2011 4:01 AM
  • For security reasons, the edge servers are recommended to deployed as a standalone servers. Once you do that, you also need to add primary DNS suffix to the servers.

    Monday, October 10, 2011 8:38 AM
  • Hi,there,

    You can leave the edge server located in DMZ network with standalone server,then add the DNS suffix of the DMZ domain or internal domain for Edge server and specify this FQDN in topology,just make sure the defined FQDN in topology builder is same as the edge internal FQDN and it can be resolvable on any internal domain clients(DNS involved).

    Regards,

    Sharon

    • Proposed as answer by Sharon.Shen Thursday, October 13, 2011 9:18 AM
    • Marked as answer by Sharon.Shen Friday, October 14, 2011 7:03 AM
    Monday, October 10, 2011 9:17 AM