Lync 2010 People & Skill Search with SharePoint 2010 and TMG

For a combined Lync & SharePoint event we recently implemented People Search and Skill Search from the Lync client.

This is relatively easily internally – the excellent blog post by Tim Harrington is all you need to know; no need to repeat the steps here.

However, getting this to work externally via Threat Management Gateway required some additional configuration:

  • The Skill Search URL http://<server>/_vti_bin/search.asmx should NOT use TMG for authentication
  • The People Search URL http://<server>/SearchCenter/Pages/PeopleResults.aspx SHOULD use TMG for authentication

This does not mean that the Skill Search web service is exposed, merely that authentication is handled by SharePoint.

See my previous post for details about reverse proxy setup and Alternate Access Mappings; in summary:

  • http://sharepoint internal URL
  • external URL setup as default public URL in SharePoint; nearly all traffic uses TMG for authentication; Internet zone in Alternate Access Mappings
  • https://domain.local/ internal URL which TMG translates links to; same Internet zone in the Alternate Access Mappings

If it was for a production site it could have been worthwhile implementing Kerberos constrained delegation but I’ll leave that minefield for another day.

Comments welcome!

4 thoughts on “Lync 2010 People & Skill Search with SharePoint 2010 and TMG

  1. I’ve been suffering this problem with my organisation’s Lync & SharePoint 2010 for ages. Thanks so much for explaining what to do, I wish I’d found your post sooner!

Leave a Reply

Your email address will not be published. Required fields are marked *