We've setup Lync 2010 Enterprise in our organisation and have successfully enabled a couple of thousand users.
This is working successfully internally, externally and through Lync Mobile.
However, we've only enabled users who are using the main company domain for SMTP and SIP addresses aaaaa_group.com (so all nice and easy so far!)
In other words, user A has a primary SMTP and SIP address of UserA@aaaaa_group.com
However, due to numerous mergers and acquisitions over the years, we have quite a lot of users who have other primary SMTP addresses e.g. bbbbb_co.uk, ccccc_company.com, ddddd_ltd.co.uk, de.ccccc_company.com etc etc
There must be in excess of 40 to 50
of these other domains in use as primary SMTP addresses.
(Nearly all
these users have secondary SMTP addresses of aaaaa_group.com).
I have been told to approach this from a best practices point of view and give all users a SIP address that matches their primary SMTP address and calculate how much it will cost to buy certificates to cover enabling every user for Lync on all these domains.
I know from reading that wilcard certificates are considered to be a bad thing generally with Lync, especially if using Lync Mobility as the phone Lync clients don't accept them.
Wilcard certificates aside, what are the names that will I need to add to my SAN certificates? Presumably sip.domain.com, access.domain.com, meet.domain.com, dialin.domain.com, edge.domain.com, autodiscover.domain.com, lyncdiscover.domain.com
The potential cost of all these names is frankly getting pretty scary considering we currently use Verisign for all our cert requirements, and they charge like a wounded bull. However, I still need to report back with a cost of doing this, no matter what it is.
Any thoughts/comments would be very welcome. :-)