Hybrid is becoming a huge buzzword. Hybrid Cloud. Hybrid everything! And each is 'hybrid' in a different context.
Today, I want to discuss implementing Hybrid in a Skype for Business environment.In addition to seeking guidance on configuring your hybrid deployment with the content from this blog post, be sure to also download a FREE copy of my Hybrid Handbook eBook on the TechNet Gallery:. It will provide guidance on various Skype for Business 'Hybrid' topics.What exactly does Skype for Business Hybrid mean? Well, simply put, Hybrid within your Skype for Business deployment is when you have an On-Prem Skype for Business Server 2015 (or Lync Server 2013) deployment, AND Skype for Business Online (Office 365), and you want to connect the two environments. This way you can have some users in your On-Prem environment and others in your Online environment, while they are all part of the same SIP domain, and communicate freely as if they were all in the same physical deployment.Why Skype for Business Hybrid?. Flexibility.
Installing, configuring & provisioning a Skype for Business trusted application server Posted on September 9, 2015 by wimvanhouts Two weeks ago I encountered something strange: when looking for an article on how to install a Skype for Business (SfB) trusted application server, I couldn’t find a step-by-step instruction.
In today's work environment, users are scattered geographically, and also have varying functionality needs. While some can operate fully within the available feature set of Skype for Business Online, others may need more enterprise-level features that are only found in On-Prem, such as advanced Enterprise Voice functionality. Cost Savings. By having some Skype for Business users remain cloud-based, you save significantly on licensing costs compared to those users that are on-prem.
![Skype For Business Add Sip Domain Step By Step Skype For Business Add Sip Domain Step By Step](/uploads/1/2/5/5/125511054/886009728.png)
Leaner On-Prem Environment. This is kind of tied in with the previous two comments, but the more users you have in Office 365, the less beefy your on-Prem deployment has to be. This goes beyond Skype for Business, as well.
If those Office 365 users are also using Exchange Online, or SharePoint Online, those On-Prem deployments can also likely be scaled down over time. The On-Prem lab environment was built in the Rackspace public cloud, which was very easy to deploy and manage ( Disclaimer: for those that don't know, I am a Rackspace employee). It consists of the following servers:. 1 Active Directory Domain Controller. 1 Azure AD Connect Server for Directory Synchronization. 1 Active Directory Federation Services Server.
1 AD FS Web Proxy. 1 Skype for Business Server 2015 Standard Edition Front End. 1 Skype for Business Server 2015 Edge Server.
1 Reverse Proxy (IIS w/ ARR). Directory Synchronization. A mechanism for directory synchronization between your on-prem Active Directory and Azure AD instance is required.
This does not have to be Azure AD Connect, but I would highly recommend it. Also, if SSO is required, you will need to have AD FS with the AD FS Web Proxy configured. As mentioned above, this is already in place in our lab environment. On-Prem Topology. In order to set this up, you cannot have a mix-and-match topology. For a Skype for Business Server 2015 deployment, all servers must be running Skype for Business Server 2015. Likewise, if you have a Lync Server 2013 deployment, all servers must be running Lync Server 2013.
Federation Requirements. The Federation configuration that is in place in your on-prem deployment must be mirrored in your Online environment.
For example, if you have Open Federation set up on-Prem, but lock down federation to only certain domains Online, you will have to change one or the other to match the other exactly. DNS. The SRV records for your SIP domain, both sipfederationtls.tcp and sip.tls, need to be configured to point to the on-prem Reverse Proxy, NOT the Office 365 addresses.
Other Considerations. There are also various requirements for ports and protocols that need to be allowed through your firewall. In addition, there are a few more things that you need to consider, but are not necessarily requirements, regarding user accounts and data, and policies and features. Read up on each of these pieces in detail here:.
Back in the Skype for Business Management Shell, run the following cmdlet: New-CsHostingProvider -Identity SkypeforBusinessOnline -ProxyFqdn -'sipfed.online.lync.com' -Enabled $true -EnabledSharedAddressSpace $true -HostsOCSUsers $true -VerificationLevel UseSourceVerification -IsLocal $false -AutodiscoverUrl The -EnabledSharedAddressSpace is important because this tells the on-prem deployment that we will be sharing the SIP domain that is in use with an Online tenant.