Lync and Exchange Web Service Integration When Using Different Domain [Updated March 2017]

If you are have Microsoft Exchange and Microsoft Lync, then you may find this post interesting. It is about the Lync integration with Exchange Web Services EWS.

Company A:

  • AD Domain : CONTOSO.COM
  • Exchange with SMTP domain : CONTOSO.COM
  • Lync with SIP domain : CONTOSO.COM
  • Split DNS configuration.

Company A acquired a small company and they migrate them fully to their domain. Nevertheless, a couple of people wanted to have as their primary SMTP address for business need.

Now people with as their primary SMTP address, are experiencing strange and broken behavior between their Lync 2013 client, and Exchange web services. People with as their primary SMTP address, still using CONTOSO\username logons, and CONTOSO.COM as their SIP domain.



Adding TrustModelData Registry Key with value ( to the machines with Lync 2013 client that are experiencing the problem.

The registry key can be applied on a machine level or user level (See the TechNet article):

  • “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Office\15.0\Lync\TrustModelData” “HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Office\15.0\Lync\TrustModelData”

There is a group policy to configure this also in the admx/adml files for Office 2013 .  This group policy setting called (Trusted Domain List) and it is mentioned here in this TechNet Article.

Lync Mobile not showing mobile numbers for contacts

I have posted before here about a strange behaviour for Lync Mobile client not showing mobile numbers for contacts, and the reason was a design decision from Microsoft to protect privacy.

The only way to show the mobile number for contacts from the Lync Client is to add people to your contact list and change the privacy setting to (Workgroup).

Microsoft has just released a commulative update (August 2014) that when applied to your Lync servers, will eventually solve this issue and will allow Lync Mobile clients to show all mobile numbers for any person on your corporate network.

Here is the link for this update 


By Ammar Hasayen Posted in Lync Tagged

Lync Common Area Phones Simplified


The Need

When reading about Lync documentation, i passed by couple of articles about common area phones, but i did not find my self  in need for such feature.

Today, i got a request like this ” we have a new small office with multiple people who does not have any Active Directory users. All what they do is some warehousing and logistics, but they need to be able to call the company internal extensions using some sort of low end VOIP phones”

Since these people does not have a corporate AD users accounts, then i cannot just enable their AD accounts for Lync. The solution is simply Common Area Phones.

With common area phones, Lync will create a contact object that has the following properties:

  • Identity  : which is the name of the common area phone, example would be “Lobby 1”
  • RegistrarPool : the Lync pool to register, example would be “”
  • Enabled
  • SipAddress : automatically generated by Lync, you do not have to specify it and it will not be used or shown anywhere.
  • ClientPolicy
  • PinPolicy
  • VoicePolicy : you can assign voice policy to limit that phone to do international calls for example.
  • VoiceRoutingPolicy
  • MobilityPolicy
  • PersistentChatPolicy
  • ConferencingPolicy
  • LineURI : the SIP address for that phone.
  • DisplayNumber
  • DisplayName
  • Description
  • ExUmEnabled

The end experience is that when you want to log on to one of those Lync Phone Edition devices, you will be prompted for two things only:

  • Extension
  • PIN


Supposing that you have configured your Lync Server for Phone Edition Devices already.  If you did not , check out this article.

I start by creating an OU in Active Directory called “Common Area Phones” to host the common area phone contact objects.

Then i shoot this command:

New-CsCommonAreaPhone -LineUri “tel:+5011234” -RegistrarPool “” -OU “OU=Common Area Phones,dc=contoso,dc=com” -DisplayName “Lobby Room 1”

Set-CsClientPin –Identity “Lobby Room 1” -Pin 123123


Then i move on and create a separate Lync PIN Policy:

New-CsPINPolicy -Identity CommonAreaPIN -Description “Common Area Phone Authentication PIN Policy” -MinPasswordLength 4 -AllowCommonPatterns $TRUE

Now i can assign it to the common area phone:

Grant-CsPINPolicy -PolicyName CommonAreaPIN -Identity “Lobby Room 1”


Some people creates separate CsClientPolicy to enable HotDesking and then assign it to the common area phone. In my case i did not need it but here is how to do it :

New-CsClientPolicy -Identity CommonAreaClient -EnableHotdesking $True -HotdeskingTimeout 00:10:00

and now we can assign it here:

Grant-CsClientPolicy -PolicyName CommonAreaClient -Identity “Lobby Room 1”


If you have already Voice Policies in place, you can assign them to the common area phones as per the following:

Grant-CsVoicePolicy -PolicyName “Voice Policy – Internal calls only” -Identity “Lobby Room 1”


If you have already a conferencing policy in place, you can assign it like this:

Grant-CsConferencingPolicy -PolicyName  “Conference Policy – 1”  -Identity “Lobby Room 1”


Finally, you can assign a dial plan to the common area phone like this:

Get-CsCommonAreaPhone  “Lobby Room 1″| Grant-CsDialPlan -PolicyName “My Dial Plan 1”


To get the properties of common area phones:




  • try to dial numbers using the + sign then the number to dial first to make sure your setup is fine. If you want to dial numbers with different dialing patterns and without the “+”, then you have to create a dial plan on the csadmin portal and use the (Grant-CsDialPlan) command as shown above.
  • I have read in a blog that If the link between the common area phone and the registrar pool is down, then the common area phone will do retries for 30 minutes only. If the links come back after an hour, you have to unplug and plug the common area phone to force it to connect to the registrar pool. The blog post i read claims that disabling Hotdesking will solve this issue.
  • Common area phones notes:
    • Cannot join response group
    • No calender
    • No forwarding menu options.
    • No device locking policies will apply to it.
    • By defailt it is set to ring for 20 seconds, after which it disconnect the call.
    • If you really wanted voice mail, you can use sefautil tool to do that and this allows you to change the default rung time (up to 60 seconds)




By Ammar Hasayen Posted in Lync Tagged

Lync 2013 Group Call Pickup via SefaUtil

So with the Commutative update for Lync 2013, now you have the Group Call Pickup feature as an EV feature. Many people are asking for this since long time.

I know many companies waiting for such feature to replace their older VOIP solution.

Bad thing that configuring this feature requires installing the Lync Resource Kit , and using a utility called SEFAUTIL.exe which is included in the Lync 2013 Resource Kit. And then using some command lines to configure it.

If you browse the internet, you will see amazing people explaining the whole setup and even creating GUI scripts to make it easy to configure Group Call Pickup instead of diving through command lines.

This post is about showing the commands that worked for me when configuring SEFAUTIL. I had difficult times figuring out the right parameters, but then i found my way.

How SEFAUTIL can be deployed?

So SEFAUTIL is a stand alone tool and not member of the native Lync 2013 administrative tool, although it is part of the Lync 2013 resource kit. So how can Lync 2013 system trust and give away information to this SEFAUTIL?

Solution is simple…. Configure a Lync Trusted Application Pool (container that represents the machines that initiate the SEFAUTIL commands), then configure something called Trusted Application inside that Pool with name = SEFAUTIL.

Commands are easy… so let us go through them… Just pickup any Lync pool that you have, standard or enterprise… Suppose you have Lync 2013 Pool that contains 2 Lync front ends ( and ( and they are member of a pool called (

Pickup one of those servers, say, go there and install the Lync 2013 Resource Kit, open Lync PowerShell cmd using Administrative rights, and type :

New-CsTrustedApplicationPool -Identity -Registrar -Site UK

The -Site parameter that i assigned as UK is the Pool Lync site. You can figure out what is your Lync site for your Pool by typing Get-csPool.

Then :

New-CsTrustedApplication –ApplicationId sefautil –TrustedApplicationPoolFqdn  –Port 7489

Do not be confused about the port 7489 , just type the command as above 🙂

Finally type :


Note: if you have one standard pool at your side, then using the FDQN of your Lync Server instead.

Now, we are half the way there. Now from SRV1 server, open CMD as admin and type :

SEFAUtil.exe  /

From there you can follow TechNet Documentation 🙂

TechNet Resource:

By Ammar Hasayen Posted in Lync Tagged

Lync 2013 consumes and eats memory and hangs

Hi everyone,

I have been working on a problem where Lync 2013 client will consume almost all RAM resources and causing the whole machine to hang.


You open your machine normally and suddenly Lync 2013 client start to consume all memory and hang the whole machine. This happens even with Lync 2013 client fully patched and with the latest O.S like Windows 8 and Windows 8.1 with all windows updates.

Reason and solution

After deep investigation, and asking people when this started to happen on their machines, they reported a similar story about receiving a Lync meeting on their outlook calender.

So i went to a user affected, and looked for meetings he received that day, i shift delete them from outlook, i then go to C:\Users\username\AppData\Local\Microsoft\Office\15.0\Lync and i deleted the whole content just to flush any cached configuration. Then i started Lync and everything is working fine.

It took me lots of time and a ticket to Microsoft without any luck… Finally i figured it by my own.

 How to verify this fix will work?

To verify that the issue is all about Lync connectivity to Exchange when it tries to pull availability info, just try to make Exchange web services unreachable by that machine, you can do this for example by doing one of the below :

  • Simply play with the machine Hosts file located in c:\windows\system32\drivers\etc , and put imaginary DNS binding for your Exchange web services
  • Disconnect the user mailbox for a moment, try if Lync is starting fine or not.

In both cases, you got to delete the local Lync profile located here C:\Users\username\AppData\Local\Microsoft\Office\15.0\Lync , wait couple of minutes and then open Lync

By Ammar Hasayen Posted in Lync Tagged

Lync 2013 Mobile contact card not showing mobile number

Quick Update [written on 18 August 2014], after installing Lync August 2014 Commutative Update, Microsoft decided to always show the mobile number of all people from Lync Mobile Client :  

Hi, for those using Lync 2013 on their mobiles and wondering why the contact card is not showing the mobile number, here is the trick.

By default, All your Lync contacts are marked as (Colleagues) relationship. You can view this by right clicking any contact on your (Lync 2013 desktop ) contact list and click “Change Privacy Relationship”.

Lync 2013 mobile, will show mobile number for your contacts if and only if you both mark your self as (Work group) privacy relation ship.


I have in my contact list a contact named John. When i use my Lync 2013 mobile, i can only see his work number and not his mobile number.

To solve this, i went to my desktop Lync 2013 client, i right clicked his name in my contact list > Change Privacy Relationship > Work group

I then called John and asked him to add me to his contact list and set the privacy relationship to (workgroup).

Now, when i sign in to my mobile lync 2013 client, i can see his mobile number in the Lync mobile contact list.

Note: I guess this is due to protect privacy issues, and i didn’t find any way to change this behavior so that everyone by default can see other’s mobile numbers from Lync 2013 mobile



By Ammar Hasayen Posted in Lync Tagged