Skype for Business Server 2015 utilises other applications and server products and must be able to communicate securely and seamlessly with them.
Take for example the Unified Contact Store and Exchange 2013. If you want to configure Skype for Business Server to use Exchange 2013 to store contact data, you will need to have the Exchange Server and Skype for Business Server talking to each other securely.
A secure standardised method for this communication with Exchange and also with SharePoint, can be utilised. Skype for Business Server 2015, Exchange 2013 and SharePoint Server all support the OAuth (Open Authorization) protocol for server-to-server authentication and authorization. With OAuth, a standard authorization protocol used by a number of major websites, user credentials and passwords are not passed from one computer to another. Instead, authentication and authorization is based on the exchange of security tokens; these tokens grant access to a specific set of resources for a specific amount of time.
There are three server-to-server authentication scenarios that are supported by Skype for Business Server 2015:
- An on-premises installation of Skype for Business Server 2015 and an on-premises installation of Exchange 2013 and/or SharePoint Server
- A pair of Office 365 components (for example, between Microsoft Exchange Server and Skype for Business Server 2015, or between Skype for Business Server 2015 and SharePoint).
- A cross-premises environment (that is, server-to-server authentication between an on-premises server and an Office 365 component).
If you do not need to communicate between any of these servers, you do not need to configure this. Also, if you already have configured server-to-server authentication for Lync Server 2013 and other applications, there’s no need to re-do it for Skype for Business Server 2015.