SfB On-Prem and SfB Online Hybrid Setup Quick Guide

Hi All,

this is a Quick Guide to Skype for Business On-Prem and Online Hybrid Setup.
It is based on this TechNet article:

I assume your SfB On-Prem deployment is fully functional.

  1. First of all, you need to be sure to have these Internal DNS Records for every SIP Domain of your SfB On-Prem deployment



    0 0 443 sip.



    0 0 5061 sip.

  2. Plus to point #1, you have to add this/these record(s) to your Internal DNS
    More info here: Plan hybrid connectivity DNS settings
    Prevent this issue: Online users can’t present content in on-premises hosted meetings in a Skype for Business hybrid deployment

    DNS A record(s) for Edge Web Conferencing Service FQDN, e.g. webconf.contoso.com resolving to Web Conferencing Edge external IP(s) or External DMZ IP(s) depending on your Firewall Internal corporate network connected users’ computers Enable online users to present or view content in on-premises hosted meetings. Content includes PowerPoint files, whiteboards, polls, and shared notes.
  3. Connect to SfB Online via PowerShell (TechNet reference https://technet.microsoft.com/en-us/library/dn362795.aspx)
  4. Run this command to check the Tenant configuration (save output for documentation purpose)
  5. Run this command to enable Hybrid configuration on your Tenant
    Set-CsTenantFederationConfiguration -SharedSipAddressSpace $True
  6. Run this command on your On-Prem Front-End to check EDGE configuration, important settings are underlined
    Identity                               : Global
    AllowAnonymousUsers                    : True
    AllowFederatedUsers                    : True
    AllowOutsideUsers                      : True
    BeClearingHouse                        : False
    EnablePartnerDiscovery                 : True
    DiscoveredPartnerVerificationLevel     : UseSourceVerification
    EnableArchivingDisclaimer              : True
    EnableUserReplicator                   : False
    KeepCrlsUpToDateForPeers               : True
    MarkSourceVerifiableOnOutgoingMessages : True
    OutgoingTlsCountForFederatedPartners   : 4
    DnsSrvCacheRecordCount                 : 131072
    DiscoveredPartnerStandardRate          : 20
    EnableDiscoveredPartnerContactsLimit   : True
    MaxContactsPerDiscoveredPartner        : 1000
    DiscoveredPartnerReportPeriodMinutes   : 60
    MaxAcceptedCertificatesStored          : 1000
    MaxRejectedCertificatesStored          : 500
    CertificatesDeletedPercentage          : 20
    SkypeSearchUrl                         : https://skypegraph.skype.com/search/v1.0
    RoutingMethod                          : UseDnsSrvRouting

    If settings are not as above, run this command to set it correctly

    Set-CSAccessEdgeConfiguration -AllowOutsideUsers $true -AllowFederatedUsers $true -UseDnsSrvRouting -EnablePartnerDiscovery $true
  7. Run this command on your On-Prem Front-End to check existing Hosting Providers,

    find the one with ProxyFqdn = sipfed.online.lync.com

    Identity : Skype for Business Online
    Name : Skype for Business Online
    ProxyFqdn : sipfed.online.lync.com
    VerificationLevel : UseSourceVerification
    Enabled : True
    EnabledSharedAddressSpace : True
    HostsOCSUsers : True
    IsLocal : False
    AutodiscoverUrl : https://webdir.online.lync.com/Autodiscover/AutodiscoverService.svc/root
  8. If some settings are different from above, remove the existing Hosting Provider and run this command to create the correct one
    New-CSHostingProvider -Identity "Skype for Business Online" -ProxyFqdn "sipfed.online.lync.com" -Enabled $true -EnabledSharedAddressSpace $true -HostsOCSUsers $true -VerificationLevel UseSourceVerification -IsLocal $false -AutodiscoverUrl https://webdir.online.lync.com/Autodiscover/AutodiscoverService.svc/root

Now your hybrid configuration should work (if not, double check previous steps)

As always, I hope to help some of you.


One thought on “SfB On-Prem and SfB Online Hybrid Setup Quick Guide

Add yours

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: