Configure Office Web apps server for exchange,Skype for Business and sharepoint

In this article we will have a look at how to enable the Office Web Apps server functionality on Exchange, Lync2013, Skype for Business and share point

Before going further you need to know the below

What is the benefits of Office Web Apps Server ?
Will i loose anything if i go ahead without having OWApps Server?
Here is your answer!!

Office Web Apps Server is a new Office server that delivers browser-based version of Word, PowerPoint, Excel and One-note .
Office Web Apps Server is not only for PPT sharing in Lync Server.

You should install an OWA 2013 server. If you want to share PowerPoint Presentations in conferences.
This OWA server not only serves Lync or SFB.

OWA 2013 Server can be used by Lync 2013,SFB, SharePoint 2013 and Exchange 2013.
By doing this users can use a rich user interface to preview and modify the attachment online through OWA, Sharepoint intranet/internet sites and during the lync conferences.
The reason to use it is that Microsoft has outsourced the rendering of PowerPoints etc. to the Office 2013 Web Apps Server.

So you can watch PowerPoints in conferences from each common desktop web browser if you don’t have a Lync 2013 Client and MS office installed on your OS.

Without a Office Web Apps server, you could not share any Powerpoint with a Lync 2013 client.

You could only use desktopsharing to show the PPT, Word, excel which will be tedious.

So lets see how to enable OWA functionality on exchange,lync and sharepoint

I’m not going to explain how to install WAC server since there are more number of articles in the internet on the same.
So in this article we will have a look at how to enable this functionality on Exchange,Lync and SharePoint after you install the Office Web Apps farm in your environment.
Also we will have a look at the ports,firewalls and certificate requirements for the same.

For Exchange: 

Run the below commands

Set-OrganizationConfig –WACDiscoveryEndPoint http://<wac server>/hosting/discovery

Capture

You can run the below command after that and confirm that WACDiscoveryEndPoint value is populated

Get-OrganizationConfig | Format-List WACDiscoveryEndPoint

Then you need to run the below commands for the owa vdir to render documents via Office web app
Set-Owavirtualdirectory -WacViewingOnPublicComputersEnabled $True -WacViewingOnPrivateComputersEnabled $true –identity <OWA virtual directory identity>

Then run the below command to check if its enabled

Get-OwaVirtualDirectory “<OWA virtual directory identity” | Format-List Name,WacViewing*

You can use the below command to force the owa vdir to render via Office web app.
Set-Owavirtualdirectory -ForceWacViewingFirstOnPublicComputers $true -ForceWacViewingFirstOnPrivateComputers $true –identity <OWA virtual directory identity>

For Sharepoint :

Run the below commands
New-SPWOPIBinding -ServerName “office1.contoso.com”

$config = (get-spsecuritytokenserviceconfig)
$config.allowoauthoverhttp = $true
$config.update()

Set-SPWOPIZone –zone “external-https”

For Lync 2013/Skype for Business :

Just use the FQDN published under “InternalURL” when configuring Office Web Apps Server through the Topology Builder

321

No need to use the external FQDN which you have mentioned in the OWA’s server. It will work with the internal FQDN of the OWA’s server.

Once you publish this on the lync/sfb then you are done with this part.

Certificate requirements and DNS config :

DNS Config:

For Office Web Apps server  to work externally  External URL needs to be published and the request needs to be forwarded to the Internal server. So we need to perform the below things in-order to achieve that functionality.

Office web apps has 2 URL s. one internal and other external. The external one should have a DNS A record in public DNS just like Lync external web services and should be published over a reverse proxy. You need to  have a dedicated public IP for this as it use 443 and can’t use the one of Lync external web services.
Make sure the web Clients (usually web browsers) need to be able to make requests to the farm. These are normal HTTP/HTTPS requests on port 80 or 443 respectively.
Machines in the Office Web Apps farm initiate requests to  that particular service on the file host (e.g., SharePoint,Exchange). These requests are also HTTP/HTTPS on port 80 or 443. This is
how the Office Web Apps machines operate on the files they are rendering or editing.
At times file hosts occasionally need to request information directly from the Office Web Apps Server farm through the load balancer. These requests are also HTTP/HTTPS requests on port 80 or 443.

So there is no special config required for you on the firewall apart from port 80 and 443 traffic to the office web apps farm.
All the machines which are in the Office Web Apps Server farm will  communicate with each other via port 809. The reason behind this is because these machines are treated on a private network so  that no
other machines can join the farm or listen in on traffic they receive. So make sure you have the port 809 reachable b/w the owa servers and the firewall turned off in the windows machine of these web apps server.

Certificate Requirements :
Since the OWA’s server has 2 URL s. one internal and other external.
Have an internal certificate for internal communications.
Get a public certificate from public provider for your external published url.
Basically you need to put the public certificate on your reverse proxy server and leave your private certificate on the office web app server.
By doing this the external requests will be decrypted in the reverse proxy with the public certificate .

There is no need to place the public certificate on the OWAS server since for internal FQDN’s its doesn’t require a public key.

Hope this helps

Thanks

Sathish Veerapandian

MVP – Exchange Server 

Tagged:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: