One of the best improvements in my mind for Lync 2013 is the integration of the XMPP gateway into the product. If your organization does a lot of business with smaller organizations that use Google Talk, Jabber, etc, this is one of the biggest reasons why you’ll want an on-premise deployment, as Office 365 does not support XMPP federation.
Lync 2010 had you deploy the OCS 2007 XMPP gateway, and unfortunately with it’s limitation you only only federate one SIP domain per connector. So if you were a large organization with 10 SIP domains who all needed to talk to, say, Google Talk, you needed 10 different installations of this gateway.
To federate you need external access, so you need an Edge server. To PIC (public internet connectivity) federate, you also need a publically-trusted certificate on your Edge External connection. But there is a silver lining: if you only desire to federate with Google Talk, you can use a certificate from an internal CA. If you deploy your Edge using a single IP, you can use a single URL and a single SSL certificate (in environments with a single SIP domain).
To deploy the XMPP services, first we need to modify the topology.
Right-click your Lync site in the Topology Builder, select Edit Properties. You will see that the XMPP option is greyed out.
So we need to go to the property of our Edge pool and enable.
Now you can enable the option, and select the Edge pool.
Now, publish the toplology.
On the Edge, open the Deployment Wizard. Under Install or Update Lync Server System, click Run Again under Setup or Remote Lync Server Components. This forces the install of the XMPP proxy.
Now we have a Lync Server XMPP service:
But if we try to start the service immediately, it will fail – because we have a certificate requirement:
In the Deployment Wizard, under Request, Install, or Assign Certificates click Run Again.
And now the service can start:
On the Edge server, let’s double-check to make sure the port is listening
Netstat –ano | findstr 5269
Next, in the Control Panel if you haven’t already under Federation and External Access section, turn on the settings under External Access Policy & Access Edge Configuration.
Next, create the XMPP federation partner. The easiest and quickest way to do this is with Powershell:
New-CsXmppAllowedPartner gmail.com -TlsNegotiation NotSupported -SaslNegotiation NotSupported -EnableKeepAlive $false -SupportDialbackNegotiation $true
Then to configure your DNS for XMPP federation, you need to add the following:
SRV record to external DNS:_xmpp-server._tcp.<domain name>
The SRV record will resolve to the access edge FQDN of the Edge server, with a
port value of 5269
I use GoDaddy for my DNS; here is what mine looks like:
Now you’re ready to begin communication to the Google Talk system. There is a word of warning however on communication between the two: Google is cracking down on spam IMs and locking down their network. Unless someone on the Google Talk side adds you to their contacts list, you can’t communicate with them. Inside of Lync 2013 they have a similar feature:
There is an interesting post on Google Talk implementing a whitelist for people talking to their system
A workaround is posted:
“What you need to do for now is email the Gmail user you want to have add you to their contact list in Gmail chat and IM/P will work then.”
Added to the buddy list in Google Talk
Send a message then on Lync you’ll see