none
Lync Edge Server Deployment... domain join? RRS feed

  • Question

  • Please bare with me: I'm new to the IT world...

    In every blogs / guides that I've gone through, FQDN of edge servers is lyncedge.domain.com... Edge servers seem to be joined to the domain... I thought Edge isn't supposed to be joined to the domain... Could anyone explain?

    How can the Edge server not be joined to the domain but still have an FQDN of edge.<ad-domain>??


    me

    Monday, February 27, 2012 5:46 PM

Answers

  • Hi,

    As a server in the perimeter network, Edge server would get more security risk for internet. For internal network securiry, we don't join the edge server as a domain server and edge internal inteface don't use default getway and internal DNS. But we can add the IP address and internal lync server FQDN to the edge server host file. Edge server resolves the FQDN of internal lync servers with local host file.

    The internal lync servers access Edge server with internal DNS. Configure the DNS suffix for Edge Server first, then add A record of edge server FQDN in the internal DNS. About configure the DNS suffix for Edge servers, please read this article:

    http://technet.microsoft.com/en-us/library/gg398488.aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, February 29, 2012 5:10 AM
    Moderator
  • On your non-domain edge servers you want to go into control panel > system > then under the computer name, domain, and workgroup settings sections you will see the computername and the full name wont have your internal domain there. Click change setting, then under Computer Name click change, the MORE > under Primary DNS suffix of this computer add the suffix of your internal domain. Ok Ok Ok. It should ask you to reboot.

    I remember running through these steps BEFORE i added the edges to the topology and installed the services.  Also dont forget to add a entry to your internal DNS for edgeserver.internal.domain.


    BBB

    • Proposed as answer by indubious Monday, February 27, 2012 10:13 PM
    • Marked as answer by Sean_XiaoModerator Monday, March 5, 2012 2:16 AM
    Monday, February 27, 2012 6:58 PM
  • Lync Edge server must not be in domain!
    you can make dns suffix for fqdn,
    also you must write some record in host file to resolve each internal servers,
    and also you want to add routes , if you dont add routes than you will not have file transfer, av beetween internal and external users.
    Sunday, March 4, 2012 12:05 PM

All replies

  • On your non-domain edge servers you want to go into control panel > system > then under the computer name, domain, and workgroup settings sections you will see the computername and the full name wont have your internal domain there. Click change setting, then under Computer Name click change, the MORE > under Primary DNS suffix of this computer add the suffix of your internal domain. Ok Ok Ok. It should ask you to reboot.

    I remember running through these steps BEFORE i added the edges to the topology and installed the services.  Also dont forget to add a entry to your internal DNS for edgeserver.internal.domain.


    BBB

    • Proposed as answer by indubious Monday, February 27, 2012 10:13 PM
    • Marked as answer by Sean_XiaoModerator Monday, March 5, 2012 2:16 AM
    Monday, February 27, 2012 6:58 PM
  • Thanks indubious for the reply.

    If I may ask another question, as far as I'm aware, I'll need to remove the default gateway setting from the internal facing NIC on the edge server. If this is so, how does the Edge server communicate with other Lync Servers?


    me

    Monday, February 27, 2012 8:38 PM
  • Create a static route from your internal interface to your internal subnets.

    http://ucken.blogspot.com/2012/01/lync-edge-server-static-routes.html


    BBB

    Monday, February 27, 2012 10:13 PM
  • Hi,

    As a server in the perimeter network, Edge server would get more security risk for internet. For internal network securiry, we don't join the edge server as a domain server and edge internal inteface don't use default getway and internal DNS. But we can add the IP address and internal lync server FQDN to the edge server host file. Edge server resolves the FQDN of internal lync servers with local host file.

    The internal lync servers access Edge server with internal DNS. Configure the DNS suffix for Edge Server first, then add A record of edge server FQDN in the internal DNS. About configure the DNS suffix for Edge servers, please read this article:

    http://technet.microsoft.com/en-us/library/gg398488.aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, February 29, 2012 5:10 AM
    Moderator
  • Lync Edge server must not be in domain!
    you can make dns suffix for fqdn,
    also you must write some record in host file to resolve each internal servers,
    and also you want to add routes , if you dont add routes than you will not have file transfer, av beetween internal and external users.
    Sunday, March 4, 2012 12:05 PM
  • do you have any document that says that and or why I understand the security risk but I thought It also causes dns problems
    Friday, June 1, 2018 7:55 PM