<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2526 " id="quads-ad2526" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>
<h2>This article is a completion of Part 1, <a href="https://www.moh10ly.com/skype-for-business-im-integration-with-exchange-2016-owa-part-1/" target="_blank" rel="noopener noreferrer">Click here to go to Part 1</a></h2>
<h2>Configuration Steps – Part 2<br /></h2>
<p>7. On Exchange: Enable OWA VD Instant Messaging<br />8. On Exchange: Enable Messaging on OWA Policy<br />9. On Exchange: Create Enterprise Application for Skype Pool.<br />10. On Exchange: Create new SettingOverride for Skype for Business.<br /> 11- Generate a new Certificate for Exchange IM <br /> 12. Assign the newly imported certificate to IIS Exchange Back End site <br /> 13. On Exchange: Restart the WebAppPool<br /> 14. Log out and sign back in to OWA to Check<br /> 15. Troubleshooting methods</p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2529 " id="quads-ad2529" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2523 " id="quads-ad2523" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2525 " id="quads-ad2525" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<p></p>
<ol></ol>
<h2>7- On Exchange Server: Enable OWA VD Instant Messaging</h2>
<p>Part of enabling IM integration between Exchange and SfB is to enable OWA Virtual Directory to allow this. The below cmdlet does the job for you on all your Exchange Servers</p>
<p>From Exchange, Launch Exchange Management and run the following cmdlet</p>
<p>Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InstantMessagingEnabled $true -InstantMessagingType Ocs</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/clip_image0016_thumb.png"><img width="854" height="76" title="clip_image001[6]_thumb" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="clip_image001[6]_thumb" src="https://www.moh10ly.com/wp-content/uploads/2020/06/clip_image0016_thumb_thumb.png" border="0"></a> 

<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2524 " id="quads-ad2524" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>
 
</p>
<h2>8- On Exchange: Enable Messaging on OWA Policy</h2>
<p>Run the following to enable Messaging for Owa Policy </p>
<p>Get-OwaMailboxPolicy | Set-OwaMailboxPolicy -InstantMessagingEnabled $true -InstantMessagingType Ocs</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/clip_image0016_thumb1.png"><img width="854" height="76" title="clip_image001[6]_thumb[1]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="clip_image001[6]_thumb[1]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/clip_image0016_thumb1_thumb.png" border="0"></a></p>
<h2>9- On Exchange: Create Enterprise Application for Skype Pool.</h2>
<ol></ol>
<p>From Exchange Management shell Run the following cmdlet</p>
<p>Cd $exscripts </p>
<p>.\Configure-EnterprisePartnerApplication.ps1 -AuthMetadataUrl &#8220;<a href="https://sbg-pool01.domain.com/metadata/json/1">https://sbg-pool01.domain.com/metadata/json/1</a>&#8221; -ApplicationType Lync</p>
<p>The AuthMetadataUrl is going to be your local Skype for Business Pool URL. This URL should work in your Exchange server without any Certificate error. Meaning that the certificate assigned to your Skype for Business pool should already be imported to Exchange Servers to trust this URL.</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb14.png"><img width="862" height="258" title="image_thumb[14]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[14]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb14_thumb.png" border="0"></a></p>
<ol></ol>
<p>If your previous configuration is correct then you should see the “The Configuration has Succeeded” Message.</p>
<ol></ol>
<h2>10- On Exchange: Create new SettingOverride for Skype for Business.</h2>
<p><strong>Notes:</strong></p>
<ul>
<li>
<p>To configure the same settings on all Exchange 2016 and Exchange 2019 servers in the Active Directory forest, don&#8217;t use the <em>Server</em> parameter.</p>
</li>
</ul>
<p>New-SettingOverride -Name &#8220;<;UniqueOverrideName>;&#8221; -Component OwaServer -Section IMSettings -Parameters @(&#8220;IMServerName=<;Skype server/pool ; name>;&#8221;,&#8221;IMCertificateThumbprint=<;Certificate Thumbprint>;&#8221;) -Reason &#8220;<;DescriptiveReason>;&#8221; [-Server <;ServerName>;]</p>
<p>The Thumbprint you use here will define if whether IM will work or not as this what secures the communication between Exchange and Skype. If you use the wrong certificate your Integration will fail and users wont be able to login to IM through OWA. </p>
<h2>11- Generate a new Certificate for Exchange IM </h2>
<p>IMPORTANT NOTE:</p>
<p><strong>In order for IM in OWA to work the certificate you will generate must have its common name set as mail.domain.com to match the configuration. </strong></p>
<p>Using Digicert tool on Exchange Server I will generate the CSR of the new certificate </p>
<h2>Click on Create CSR</h2>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb15.png"><img width="755" height="350" title="image_thumb[15]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[15]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb15_thumb.png" border="0"></a></p>
<p>Choose SSL certificate type and make sure you choose Mail.domain.com as CN</p>
<p>In the SANs type all of the involved servers (Skype for Business Frontends, Mailbox servers in FQDN and in Hostnames as in the screenshot below). and click on Generate</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb16.png"><img width="527" height="466" title="image_thumb[16]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[16]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb16_thumb.png" border="0"></a></p>
<ul>
<li>Go to your CA Server’s CertSRV URL and copy the CSR code there to generate the new certificate. </li>
<li>Import the new certificate to the current server, then export it in PFX format and import it to all the Exchange Servers you’re planning to use.</li>
</ul>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb18.png"><img width="590" height="528" title="image_thumb[18]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[18]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb18_thumb.png" border="0"></a></p>
<ul>
<li>After importing the certificate I will verify that I can see the private key </li>
</ul>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb19.png"><img width="351" height="476" title="image_thumb[19]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[19]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb19_thumb.png" border="0"></a></p>
<p>Click on the Details and copy the Thumbprint or from MMC right click the certificate >; Properties give it a friendly name e.g. (IM) and then from Exchange Management shell you can copy the Thumbprint directly.</p>
<p>Get-ExchangeCertificate | select thumbprint,friendlyName</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb20.png"><img width="614" height="78" title="image_thumb[20]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[20]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb20_thumb.png" border="0"></a></p>
<p>Now use the previous script to create the setting Override for OwaServer. </p>
<p>Things you can change are in bold “Name, IM Servername Value, and the Thumbprint value”. </p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2530 " id="quads-ad2530" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<p>New-SettingOverride -Name &#8220;<strong>IM Override</strong>&#8221; -Component OwaServer -Section IMSettings -Parameters @(&#8220;IMServerName=<strong>SBG-Pool01.domain.com</strong>&#8220;,&#8221;IMCertificateThumbprint= <strong>28E4B1BA0F2FCB1535AF199F02A64EFC78367F2D</strong>&#8220;) -Reason &#8220;Configure IM&#8221;</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb21.png"><img width="846" height="472" title="image_thumb[21]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[21]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb21_thumb.png" border="0"></a></p>
<p>If you enter the server parameter to use a single server you can change that by using. Note that you must not use FQDN but rather only the server’s hostname.</p>
<p>Get-SettingOverride | Set-SettingOverride -Server sbg-mx01,sbg-mx02</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb22.png"><img width="845" height="275" title="image_thumb[22]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[22]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb22_thumb.png" border="0"></a></p>
<p>This should generate an event ID 112 on Exchange servers involved in the deployment.</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/clip_image0019_thumb.png"><img width="1028" height="281" title="clip_image001[9]_thumb" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="clip_image001[9]_thumb" src="https://www.moh10ly.com/wp-content/uploads/2020/06/clip_image0019_thumb_thumb.png" border="0"></a></p>
<ol></ol>
<h2>12. Assign the newly imported certificate to IIS Exchange Back End site </h2>
<p>Once the certificate is in the server store, You will be able to easily find in from IIS and bind it to the Exchange Back End site. </p>
<p>This is the most crucial step to get IM to work in OWA. Don’t worry about breaking up Exchange Sites or Powershell. If you have added Exchange Servers Hostnames and FQDNs in this certificate then you should be good. </p>
<ul>
<li>Now Launch IIS </li>
<li>Click on Exchange Back End </li>
<li>Select Binding </li>
<li>Click on the 444 port and edit</li>
<li>Select the newly generated certificate that has the mail.domain.com as CN. (This certificate must also have all Exchange Servers hostnames and FQDNs set as SANs)</li>
</ul>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb23.png"><img width="1028" height="488" title="image_thumb[23]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[23]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb23_thumb.png" border="0"></a></p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb24.png"><img width="380" height="483" title="image_thumb[24]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[24]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb24_thumb.png" border="0"></a></p>
<p>Make sure you change the backend cert to the new on all the involved Exchange Servers.</p>
<h2>13. On Exchange: Restart the WebAppPool</h2>
<p>Restart-WebAppPool MSExchangeOWAAppPool</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb25.png"><img width="473" height="45" title="image_thumb[25]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[25]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb25_thumb.png" border="0"></a></p>
<ol></ol>
<h2>14. Log out and sign back in to OWA to Check</h2>
<p>Log out of OWA and back in and check if you are able to Login to IM . It should normally sign you in automatically but in case of an error then you should see it.</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb29.png"><img width="297" height="314" title="image_thumb[29]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[29]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb29_thumb.png" border="0"></a></p>
<p>In case of an error you should see the following.</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb27.png"><img width="412" height="354" title="image_thumb[27]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[27]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb27_thumb.png" border="0"></a></p>
<p></p>
<p>If it works then you should see the presence </p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb28.png"><img width="376" height="504" title="image_thumb[28]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[28]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb28_thumb.png" border="0"></a></p>
<p></p>
<h2>15. Troubleshooting Methods</h2>
<p>If you follow the above steps correctly then it should work especially when applying the right certificate for your Exchange Back End IIS part however if you face an error then you should do the following steps to troubleshoot the error</p>
<ul>
<li>Set the Eventlog for Instant Messaging on Exchange from Low to High</li>
</ul>
<p>Set-EventLogLevel -Identity &#8220;sbg-mx01\MSExchange OWA\InstantMessage&#8221; -Level High</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb30.png"><img width="792" height="38" title="image_thumb[30]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[30]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb30_thumb.png" border="0"></a></p>
<ul>
<li>Look in the following path for errors</li>
</ul>
<p>C:\Program Files\Microsoft\Exchange Server\V15\Logging\OWA\InstantMessaging</p>
<ul>
<li>Check the Healthset of the OWA Instant Messaging.</li>
</ul>
<p>Get-ServerHealth -HealthSet OWA.Protocol.Dep -Server sbg-mx01 | Format-Table Name, AlertValue –Auto</p>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb31.png"><img width="858" height="96" title="image_thumb[31]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[31]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb31_thumb.png" border="0"></a></p>
<p>Get-MonitoringItemIdentity -Server sbg-mx01 -Identity OWA.Protocol.Dep | Format-Table Identity,ItemType,Name -Auto</p>
<ol></ol>
<p><a href="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb32.png"><img width="860" height="490" title="image_thumb[32]" style="margin: 0px; border: 0px currentcolor; border-image: none; display: inline; background-image: none;" alt="image_thumb[32]" src="https://www.moh10ly.com/wp-content/uploads/2020/06/image_thumb32_thumb.png" border="0"></a></p>
<p></p>
<p>Ref</p>
<p><a href="https://docs.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/configure-im-integration-with-owa?view=exchserver-2019">https://docs.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/configure-im-integration-with-owa?view=exchserver-2019</a></p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2531 " id="quads-ad2531" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<p><a href="https://docs.microsoft.com/en-us/exchange/high-availability/managed-availability/health-sets?view=exchserver-2019">https://docs.microsoft.com/en-us/exchange/high-availability/managed-availability/health-sets?view=exchserver-2019</a></p>

<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2522 " id="quads-ad2522" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>


Reset and manage your Active Directory users' Passwords Active Directory is one of the most…
Finding Exchange Database hidden mailboxes. Story:Maybe you have been in this situation before, trying to…
If you're using a Proxy server in your firewall or in your network and have…
Story:I got some clients that have reported some of their users being locked out and…
Delegate Permissions This is a code that I have wrote recently to check if an…
Story: I got a request from a client who constantly gets CVs and have to…
View Comments
I followed these instructions exactly and it is still not working. I am getting the following errors in the logs:
2021-07-01T18:01:20.615Z,71,5,,,,0,DEBUG:InstantMessageNotifier.KeepAlive. User: sip:user@domain.com,
2021-07-01T18:01:20.615Z,71,5,,,,0,"DEBUG:InstantMessageOCSProvider.ChangeUserPresenceAfterInactivity. Context: User=user@domain.com, Sip address=sip:user@domain.com, Lyncserver=SFB.domain.local",
2021-07-01T18:01:20.615Z,71,1,,,,0,ERROR:InstantMessageOCSProvider.ChangeUserPresenceAfterInactivity. SelfDataSession not established.,