Decommissioning Skype/Lync on-premises


This blog post is follow up on the Configuring Skype/Lync hybrid. It was also written by Daniel Seleri, a FastTrack Engineer based in Las Colinas, TX.
After you transitioned all your users from Skype/Lync on-premises, you will probably want to decommission your local infrastructure. That's what this post is about.

Before you move forward

Make sure you do not have anything that depends on the local Skype/Lync infrastructure, such as:

  • Users using local infrastructure
  • Users with populated Skype/Lync attributes
  • Conference rooms using local infrastructure
  • Integration with on-premises PBX

 
You will also need a computer with Skype for Business Online, Windows PowerShell Module installed.
 

Checking pre-requisites

  1. Create a list of users that still hosted on your On-premises environment.
    Get-CsUser | Where-Object {$_.RegistrarPool -ne $Null} | select DisplayName,RegistrarPool
     
    Note: If this command returns any users, please complete the migration before proceeding.

     
  2. Create a list of users that already moved to the cloud, but still having on-premises attributes populated.
    Get-CsUser | Where-Object {$_.RegistrarPool -eq $Null} | select DisplayName,HostingProvider
     
    Note: Save that list, you may need later in this document.

 

Changing your DNS Records

External DNS

  1. Open your web browser, access http://portal.office.com and log on using a Global Admin credential.
  2. Click on Settings\Domains.
  3. Click on your custom domain.
  4. Click on "Check DNS".
     

     
  5. Take note on all DNS records related to Skype for business on-line.
     

     
  6. Delete the following records on your external DNS server:
     

    Record name Type
    isweb A
    dialin A
    meet A
    lyncweb A
    _xmpp-server SRV

     

  7. Modify or create the following records on your external DNS Server:
     

    Record Type Port TTL Destination
    sip CNAME N/A N/A sipdir.online.lync.com
    lyncdiscover CNAME N/A N/A webdir.online.lync.com
    _sipfederationtls._tcp SRV 5061 3600 sipfed.online.lync.com
    _sip._tls SRV 443 3600 sipdir.online.lync.com

     

Internal DNS

If your company uses separate DNS servers for internal and external networks resolving names of your custom domain in Office 365 (split DNS), you will need to change internal records too. If you do not have a split DNS, scenario you can skip these steps.
 

  1. Delete the following records on your internal DNS server:
     

    Record name Type
    isweb A
    lyncdiscoverinternal A
    dialin A
    meet A
    lyncweb A
    _xmpp-server SRV

     

  2. Modify or create the following records on your internal DNS Server:
     

    Record Type Port TTL Destination
    sip CNAME N/A N/A sipdir.online.lync.com
    lyncdiscover CNAME N/A N/A webdir.online.lync.com
    _sipfederationtls._tcp SRV 5061 3600 sipfed.online.lync.com
    _sip._tls SRV 443 3600 sipdir.online.lync.com

     

Validating your DNS records (optional)

After changing all required DNS records, you can connect to O365 portal and check if your records are correct.

  1. Open your web browser, access http://portal.office.com and log on using a Global Admin credential.
  2. Click on Settings\Domains.
  3. Click on your custom domain.
  4. Click on "Check DNS".
     
    Note: If all the records are correct, you should see a message like the one bellow:
     

 

Disabling SharedSipAddressSpace in the cloud

Before proceeding with the steps below, you can shut down your servers to make sure no unplanned service still using your Skype/Lync on-premises.

  1. Connect to Skype for Business Online using PowerShell using your tenant Global Admin account.
     
    Import-Module LyncOnlineConnector
    $cred=Get-Credential
    $session = New-CsOnlineSession -Credential $cred -verbose
    Import-PSSession $session -AllowClobber -Verbose
     
  2. Disable the "SharedSipAddressSpace".
     
    Set-CsTenantFederationConfiguration -SharedSipAddressSpace $False
     

 

Federation

Configure federation on Skype for Business Online

Before decommissioning your on-premises environment, make sure your on-line federations configuration is already done.

  1. Open your web browser and access http://portal.office.com and log on using a Global Admin credential.
  2. Open the Skype for Business admin center.
     

     
  3. Click on organization.
  4. Click on external communications.
  5. Select the configuration for your company.
  6. Add domains to the list if necessary.
  7. Click the save button.
     

     
  8. Inform your federated partners to remove the Edge server information on the federated domain on their Lync/Skype on-premises servers.

 

Provision public IM federation (optional)

If you want to enable federation with Skype consumer (public instant messaging), follow que procedure bellow:

  1. Open the Microsoft Lync Server and Skype Connectivity Provisioning portal and click the Sign In button.
  2. Logon using the Microsoft Account related to your contract.
     

     
  3. Select your contract type
  4. Read the terms and, if you agree with them, click on "by checking this box..."
  5. Inform your contract number and click on Remove service
  6. After 24 hours, validate the line Being discontinued has changed from 1 to 0
    Note: Wait for 24 hours before moving with the remaining steps.
     

     
  7. Open your web browser
  8. Access http://portal.office.com and log on using a Global Admin credential.
  9. Open the Skype for Business admin center.
  10. Click on organization.
  11. Click on external communications.
  12. On External communication uncheck "Let people use skype...".
  13. Click the save button.
  14. Wait for 5 minutes and check the "Let people use skype..." box again.
  15. Click the save button.
     
    Note: Wait for 4 hours to validate the configuration.
     

 

Deleting Lync attributes and shared configuration

  1. On front End Server, open the PowerShell console of Skype for business
  2. With the list of users that you have generated previously, choose a test user (preferentially non-production user) and run disable the attributes related to Lync.
    Get-CsUser -Identity User01@contoso.com| Disable-CsUser -Verbose
     
    Note: Wait for the replication and validate all on-line attributes/functionalities.
     

     
  3. Now select some pilot users and repeat the test.
     
    Note: Wait for the replication and validate all on-line attributes / functionalities. After the validation, you can remove the attributes for in batches or all users at once.
  4. Now remove shared configuration and hosting provider:
    Set-CsAccessEdgeConfiguration -AllowOutsideUsers $False -AllowFederatedUsers $False
    Remove-CsHostingProvider -Identity "Skype for Business online"
     
    Note: If your environment had/has Exchange Hybrid, remove the hosting provider for it as well:
     
    Remove-CsHostingProvider -Identity "Exchange Online"
     

     

Removing Topology/Servers

  1. Log on in your Front End Server and open the Topology Builder.
     

     
  2. Click on Action, point Topology.
  3. Then click on Remove Deployment...
     

     
  4. Click on Next.
     

     
  5. Click on Finish.
     

     
  6. Click Action, point Topology, and click Publish.
     

     
  7. Click on Next.
     

     
  8. Review results and click on Finish.
     

     
    Note: Wait the replication to Central Management Store, servers and services
     
  9. Now open the Lync PowerShell and list existent Conference Directories:
    Get-CsConferenceDirectory
     

     
  10. Remove all Directory Conference:
    Get-CsConferenceDirectory | Remove-CsConferenceDirectory
    Publish-CsTopology -FinalizeUninstall
     

     
  11. Remove the Configuration Store Location from Active Directory
    Remove-CsConfigurationStoreLocation
     

     
  12. Unprep domain and forest:
    Disable-CsAdDomain -Domain contoso.com -GlobalSettingsDomainController Server902.contoso.com -Force
    Disable-CsAdForest -Force -GroupDomain contoso.com
     
    Note: Red information needs to be replaced by your internal domain and FQDN of your domain controller.
     

     
Comments (0)

Skip to main content