By: Jeff Schertz
Posted:
February 7, 2010 at 11:10 AM There are a few scenarios where you may want to use Outlook to access an Exchange Online mailbox but cannot use the Microsoft Online Services Sign-In client. This could be due to installation or operating requirements of the client (some OS versions are unsupported) or maybe users don’t have the required permissions to install software but can at least modify Outlook profiles. Take note that this is a completely unsupported approach and might not even work on some platforms. The intent is for
... [more]
By: Jeff Schertz
Posted:
January 29, 2010 at 8:00 AMWhen setting up a new BPOS site for clients the first conversation I make sure to have is about their on-premise Active Directory solution. Most companies already have a domain even if they are currently using Notes or Groupwise for a messaging solution, I haven’t seen a fully native Novell operation where no Windows domain authentication is in place in quite a long time. But often in the midst of messaging migrations there is also some type of Active Directory transition planned or in progres
... [more]
By: Jeff Schertz
Posted:
January 8, 2010 at 8:15 AM
When planning a migration up to Exchange Online, or even when working with a current customer that has already noticed this, there is one important distinction to be aware of regarding how Contact Objects are handled in the BPOS-Shared realm. Whether or not Directory Synchronization is (or will be) used with an on-premise Active Directory domain is also important.
Created in the Cloud
First off, an administrator can simply create a contact directly in the Exchange Online environment using t
... [more]
By: Jeff Schertz
Posted:
January 7, 2010 at 4:38 PM(Okay, before I get hate mail for two iPhone related blog articles in a row let us get back to business). One of the more common questions I get when migrating clients up to Exchange Online is where can they view mailbox size information for all of the users online. This is typically more often asked during Exchange on-premise migrations where administrators are used to being able to retrieve that information from the Exchange Command Shell. Unfortunately the Microsoft Online Services Administr
... [more]
By: Jeff Schertz
Posted:
January 7, 2010 at 4:18 PMSo, I just ran into this issue and thought it would be worth documenting. During countless pilot migrations of users from various mail platforms to the Exchange Online portion of BPOS I’m surprised I’m just seeing this for the first time. The Scenario Where this appears is with a standard end-user scenario of a single Microsoft Outlook profile configured for POP or IMAP access to some hosted mailbox. Also iTunes is installed on the same computer and the iPhone is configured to synchronize Cont
... [more]
By: Jeff Schertz
Posted:
January 5, 2010 at 4:26 PM Although the new Voice Mail Preview feature in Exchange 2010 has (rightfully) grabbed most of the spotlight in terms of neat new features in the product, there is another change in 2010 that is equally as important to anyone who is using an iPhone with Exchange ActiveSync. Previously when my corporate mailbox was on an Exchange 2007 mailbox server I was not able to hear Unified Messaging Voice Mail messages directly on my phone, not at least without dialing into Outlook Voice Access to retrieve
... [more]
By: Jeff Schertz
Posted:
November 10, 2009 at 11:22 AMThis week Microsoft has begun the process to migrate all the current discussion forums for Unified Communications-related topics into a single category. As with any migration there is both an upside and a downside to these changes. Most importantly, going forward it will be much easier for users to locate the correct forum in which to pose a question on a specific OCS-related problem they are experiencing as there are not many different categories across multiple sites with similar topics to c
... [more]
By: Jeff Schertz
Posted:
September 24, 2009 at 8:26 AMDuring the deployment of an OCS Communicator Web Access Server there is a setting that is not covered in much detail in the documentation: the Communication Server Listening Port. No default or suggested value is given, as shown by this screenshot of the virtual server creation wizard: This port is used by the Communicator Web Access Server to listen for inbound communications from other OCS servers. When an additional Virtual Web Server is added to the same host, as is common when both Int
... [more]
By: Jeff Schertz
Posted:
September 22, 2009 at 4:39 PMThere are a pair of related Office Communications Server 2007 topics I wanted to expand on from previous blog articles that I’m still seeing come up quite often in both day-to-day projects and in the Microsoft discussion forums. One of them is centered around adding and supporting additional SIP domains. And because the two most common topics in OCS-related issues are Certificates and the Edge Server, it makes sense that deploying certificates on an Edge Server might just be the other topic.
... [more]
By: Jeff Schertz
Posted:
September 17, 2009 at 9:18 AM
The typical OCS deployment these days is using Windows Server 2008 instead of Server 2003 for the host OS now since R2 and Server 2008 have been out for some time, so a certain issue has begun to pop up in some deployments. Basically, if an R2 Edge server is deployed on Server 2008 and three separate NICs are used for the three external Edge roles then some routing problems can typically be seen. Previously on Server 2003 this was not a problem, but something has appeared to change in the be
... [more]
By: Jeff Schertz
Posted:
August 28, 2009 at 4:19 PMMicrosoft has just released a new white paper on using certificates with Office Communications Server. Although entitled “OCS 2007 R2 Deploying Certificates” it actually covers both 2007 and 2007 R2 versions of OCS. This is a very comprehensive document (just short of 100 pages) that covers everything from basic requirements down to specific scenarios like sample LCSCMD commands for requesting certificates for a reverse proxy. A number of the common problems and misunderstood areas have been a
... [more]
By: Jeff Schertz
Posted:
August 25, 2009 at 2:14 PMThese are some pretty basic notes, but worth calling out for the benefit of users new to the OCS Deployment Wizard. Troubleshooting deployment issues is pretty common and the logs are the best place to start from. During the various setup wizards in OCS each step typically concludes with a window reporting either successful or failed results. It’s recommended to review each log even if the wizard completes successfully as there could be one or more warnings worth looking into. Some warnings c
... [more]
By: Jeff Schertz
Posted:
August 19, 2009 at 7:35 AMAlthough I find it best practice to deploy two separate certificates on an OCS R2 Communicator Web Access server, there are times when using a single certificate for both server-based MTLS and client-based SSL communications are the best approach, mainly cost if an internal CA is unavailable and all certificates are being purchased. The problem is that getting a single certificate to work for both roles will typically fail if you follow the current guidelines. The official OCS R2 documentation
... [more]
By: Jeff Schertz
Posted:
August 13, 2009 at 11:04 AMIn a recent deployment OCS 2007 R2 Enterprise Edition was deployed to a physical server running Windows Server 2008 that began to exhibit problems immediately after the first reboot. Basically the server failed to respond to network traffic and was unreachable via RDP or other previously listening services after restarting. Upon connecting to the console locally the server had apparently dropped off the network, as indicated by the system tray Network icon displaying as disabled. After checki
... [more]
By: Jeff Schertz
Posted:
August 5, 2009 at 10:17 AMTypically in a basic deployment there are times when Windows workstations and servers which are not members of the internal Active Directory domain need to communicate with OCS servers. This could be attempting to sign-in to Office Communicator installed on a test workstation on the internal corporate network, as well as a perimeter-network server (like ISA or and OCS Edge server) attempting an MTLS connection to an internal OCS server. This also applies to external workstations trying to sign
... [more]
By: Jeff Schertz
Posted:
August 4, 2009 at 1:04 PMTypically when restarting services in Windows most people use the Services snap-in or the net start/stop commands, but the OCS Management console offers a simple way to stop and start services in a pre-defined order. I investigated the behavior of this to learn what the preferred order or service dependencies may be (if at all) within OCS. Unlike Exchange Server, where a number of services are dependant on others on the local system, none of the core OCS services are dependant on other c
... [more]
By: Jeff Schertz
Posted:
July 2, 2009 at 11:02 AM
Byron Spurlock has a blog article that briefly talks about the different topologies for Edge servers in R2 but I wanted to go into a little more detail and highlight a few seemingly small, but important changes introduced in R2 that sort of flew in under the radar as all the other neat features in R2 took center-stage.
Pre-R2 Topologies
Firstly, anyone versed in OCS should know that when deploying an Edge Server you could select what roles you wanted to install, with a few limitations. The f
... [more]
By: Jeff Schertz
Posted:
June 25, 2009 at 1:51 PMIn keeping with this month’s apparent theme of troubleshooting Live Meeting and Audio Conferencing problems for external users, I ran into yet another weird one. This time we have a pretty basic Office Communications Server 2007 R2 deployment with Enterprise Voice using a NET VX1200 media gateway with Cisco Call Manager 4.1. All OCS features are deployed and working with best practices followed for nearly every piece of the puzzle; no cutting any corners. The latest round of OCS patches have
... [more]
By: Jeff Schertz
Posted:
June 22, 2009 at 8:11 AMJust a quick note regarding an error I recently ran across. A client was experiencing problems with Dial-In Conferencing after a recent deployment and during troubleshooting the issues I ran across this pair of errors in the Front-End server’s OCS event log: OCS Audio-Video Conferencing ServerEvent ID 32018“The Audio-Video Conferencing Server encountered an error when requesting credentials from the A/V Edge Authentication Service.” OCS Protocol StackEvent ID 14502”A significant number of con
... [more]
By: Jeff Schertz
Posted:
June 3, 2009 at 3:44 PM One of the biggest cost-saving benefits of Office Communications Server 2007 has been the integrated Web Conferencing features, a.k.a. Live Meeting. Many companies currently pay for off-site host conferencing services like Microsoft's own hosted Live Meeting, or WebEx just to name a few. In the same way that R2’s Dial-In Conferencing can reduce costs by eliminating the need for a hosted phone bridge service, all versions of OCS can offer the same cost-cutting advantages by bringing Live Meet
... [more]
By: Jeff Schertz
Posted:
May 29, 2009 at 8:53 AMWhether troubleshooting a problem or performing regular maintenance it is sometimes necessary to reset the passwords on the service accounts used by OCS. Best Practice Microsoft’s recommendation is to configure each service account to never have their passwords expire, but some organizations may have policies limiting or completely banning that type of approach. In most cases it is best practice to retroactively disable password expiration on each Active Directory User Account used by OCS, as
... [more]
By: Jeff Schertz
Posted:
April 29, 2009 at 12:25 AMWhen deploying the Response Group service in Office Communications Server 2007 R2 and the Front-End services are hosted on a Windows 2008 Server there is an annoying little ‘glitch’ that rears it’s head during initial configuration. Basically, it doesn’t work. It apparently is not a problem with Server 2003 as I’ve not run across it before and some searching online turned up the same responses. It seems to affect Server 2008 due to the slightly different behavior of IIS 7.0. Once Agents , Age
... [more]
By: Jeff Schertz
Posted:
April 24, 2009 at 8:50 AMThe newly formed Unified Communications Virtual User Group (UCVUG) will be hosting it’s first meeting next month and we’ve already gotten over 100 participants registered. Hence the name, it will be a virtual Live Meeting This open online community is neither affiliated with Microsoft or PointBridge and was started by Office Communications Server MVP Dustin Hannifin with help from some of the other MVPs. The initial meeting will include presentations by myself covering the new features in OCS 2
... [more]
By: Jeff Schertz
Posted:
April 21, 2009 at 10:04 AMMicrosoft has just officially launched Office Communications Online functionality into the North American Business Productivity Online Suite - Shared (BPOS-S) offering. If you’ve already been using the Exchange, SharePoint, and Live Meeting services, then OCS is a welcome addition as now IM communication and Presence information is tied into the client application suite (Outlook, Office Communicator, Live Meeting). OC Online Features Since this is the initial offering of OCS in the hosted onlin
... [more]
By: Jeff Schertz
Posted:
April 12, 2009 at 8:00 AMJust a quick note worth mentioning: Microsoft has just released the downloadable version of the OCS 2007 R2 Product Documentation in the Complied Help Module (.chm) format. Anyone with a previous TAP/RDP version of the file from Connect should replace their with this updated copy as there are many new sections (the overall file size has nearly doubled) and appears to now match the online documentation. You can download the Communications_Server_2007_R2_Documentation.chm file here: http://www.mi
... [more]
By: Jeff Schertz
Posted:
March 25, 2009 at 12:50 AMHere’s a quick tip with a few ways to locate and identify wheter an installation of the Office Communicator client on a workstation originally came from an Evaluation, Volume License, or MSDN version. To determine which flavor of the client software is installed on the computer, locate the Product ID in the Help > About window in Office Communicator. The second grouping of digits will indicate the type based on one of three values shown below. (A full list of Microsoft Product IDs can be fo
... [more]
By: Jeff Schertz
Posted:
March 11, 2009 at 2:36 PM
I’ve been slacking on the OCS-related blog material recently, and that’s mainly due to the projects I’ve been working on, one of which is currently wrapping up. My main focus since October has been a couple of migration projects from customer’s previously running Lotus Notes into the shared BPOS cloud.
For a little background information on the BPOS offerings, basically with the help of a simple sign-in application running on a desktop a user can have full Outlook, Live Meeting, and SharePoi
... [more]
By: Jeff Schertz
Posted:
March 1, 2009 at 11:57 PMIn following the approach started with the Edge Server Planning Tool Microsoft has recently released a complete Planning Tool for Microsoft OCS 2007 R2. The tool walks the user through a set of Yes/No questions asking which features or roles of OCS are desired, followed by how many sites comprise the network environment, how many users per site, etc. Here’s a brief layout of the tool with some sample responses: Audio and Video Conferencing Web Conferencing Communicator Web Access Enterpri
... [more]
By: Jeff Schertz
Posted:
February 27, 2009 at 8:09 AMSo I admit it, I ‘Google’ stuff. I’ve used it for years as my default search engine; I love the maps component especially. It’s quick, well put together, and pretty bug free. It’s probably the only piece of mobile software I used regularly on my Windows Mobile phone (Blackjack II, meaning no GPS) so the more recent version with cellular-based location identification is a neat touch. I mainly use it for traffic data as my car has a DVD-based navigation system. Yet since being involved with t
... [more]
By: Jeff Schertz
Posted:
February 27, 2009 at 8:06 AMSo I’ve spent a good portion of time I didn’t have in the first place messing around with trying to get a stable laptop. For two years I was using a Dell D820 with Vista and after getting SP1 to resolve most of the major annoyances it was a pretty solid machine. Save for the flaky Bluetooth which usually kicked my mouse off after a day or two and would promptly blue-screen soon after. So after getting a replacement E6500 I started to setup and customize my applications. I immediately noticed
... [more]
By: Jeff Schertz
Posted:
February 19, 2009 at 12:37 AMSo this blog is sort of a follow-up to Matt McGillen’s original article on the same subject. During a recent OCS deployment I was configuring a Mediation Server against a IP-PBX system that is to be tested for eventual certification. In doing so I made sure to configure all aspects of OCS to strict best practice recommendations, including this specific one from the OCS 2007 Enterprise Voice Planning and Deployment Guide Configure Dual Interface Cards for Mediation Server To help ensure the p
... [more]
By: Jeff Schertz
Posted:
February 11, 2009 at 10:36 AMThere have been a few minor changes to the Administration Tools for OCS in R2. Firstly, the original release of OCS would automatically install the associated OCS Management console snap-in on each server role, but in R2 the management tools must now be installed manually. (One caveat is that the Group Chat Server Configuration Tool is automatically installed on a Group Chat Server.) The primary way to do this is simply run the R2 Deployment Wizard and choose the Administrative Tools task on t
... [more]
By: Jeff Schertz
Posted:
January 29, 2009 at 8:42 AMJust a quick note here from Microsoft about the upcoming public launch of OCS R2: (There’s a link on the site right now that will conveniently add a calendar item and reminder to Outlook. ) The virtual event experience will be available at www.OCSR2LAUNCH.com on Tuesday February 3rd 2009. The event will open with a LIVE keynote hosted by Stephen Elop, President Microsoft Business Division, with customer stories and product demonstrations on February 3rd 2009, 09:30 -10:30 AM Pacific Time. Plea
... [more]
By: Jeff Schertz
Posted:
January 28, 2009 at 11:44 PMLive Meeting 2007 has the ability to record meetings, capturing audio, video, and other shared content for archival and later viewing. When in a meeting the presenter can behind recording content and select where they want to save the output to. The main disadvantage with the recorded content has been the portability (or lack thereof) of the captured content. Live Meeting will save the recording across literally hundreds of files scattered through multiple folders. The Live Meeting Record
... [more]
By: Jeff Schertz
Posted:
January 28, 2009 at 11:42 PMThere are are couple issues related to System Center Mobile Device Manager 2008 that I’ve addresses in a recent deployment I’ve been meaning to blog about, but was waiting on a couple responses back from Microsoft for confirmation. One is related to the externally-published Enrollment Server certificate and the other issue tackles the problem of using a Windows 2008 Certificate Authority. Enrollment Server Certificate The SCMDM deployment documentation states that all certificates should be depl
... [more]
By: Jeff Schertz
Posted:
December 18, 2008 at 8:46 AMDuring a recent deployment of SCMDM I ran into a little snag while publishing the internal IIS web site on the Enrollment Server. Because my client was using an ISA Server 2006 Array I needed to get the exact same certificate on both array nodes in order to configure the Listener correctly. If you follow the technical article Configuring External and Internal Firewalls in Mobile Device Manager then the requested certificate will not be configured to allow exporting the private key. And because
... [more]
By: Jeff Schertz
Posted:
December 17, 2008 at 8:59 AMI feel a little silly just finding out this little tip recently as I can’t count how many times I’ve had to manually re-join a Windows workstation or member server to a domain in my life. This is a pretty common procedure as various issues can sometimes cause problems with the secure channel communications between workstations and domain controllers in an Active Directory domain. Rejoining the domain reestablishes the trusted partnership and in most cases resolves the issue. The tried-and-true
... [more]
By: Jeff Schertz
Posted:
December 10, 2008 at 8:11 AMAnyone who’s attempted to troubleshoot Address Book problems in OCS before has probably at least tried to open up the GalContacts.db file on a workstation running Office Communicator. Unfortunately it’s in some alien language with human strings dispersed among countless delimiters: This makes troubleshooting Address Book normalization operations kind of a pain. But luckily there is a registry setting available that can be configured on the client’s HKCU or HKLM key which will create a comma
... [more]
By: Jeff Schertz
Posted:
December 6, 2008 at 6:51 AMBy now most everyone should be aware that AOL made a certificate configuration change earlier this week that affected PIC communications between OCS users and AOL instant messaging users. Here is the first released blog describing the fix: Office Communicator clients cannot communicate with contacts homed on AOL Well, I just found out that Yahoo will be performing emergency maintenance between 4:30PM and 4:30AM EST. The release I read didn’t specify if this was starting yesterday (Friday) or
... [more]
By: Jeff Schertz
Posted:
November 17, 2008 at 1:50 PMThe TechNet documentation for SCMDM 2008 contains detailed steps for deploying each role, but the server prerequisites are a bitter scattered across the documentation and you really have to read through the entire document to understand how it all comes together. Although I highly recommend reading through all of the documentation, I’ve decided to put together a detailed list covering the installation of each component as is a certain order that should be used. Assuming that most first-time ins
... [more]
By: Jeff Schertz
Posted:
November 17, 2008 at 1:49 PMDmitry Polzin has created a Vista Sidebar Gadget for Office Communicator that helps better manage multiple conversation windows. You can download it from the Windows Live Gallery here:http://gallery.live.com/liveItemDetail.aspx?li=2701d34d-ec6a-48ec-9ce2-a3932345f3a8 As with any gadgets the window can be either docked in the sidebar or dragged out into the desktop . The gadget’s title bar shows your current presence with the total number of active conversations (e.g. 6). You can also Minimize
... [more]
By: Jeff Schertz
Posted:
October 14, 2008 at 3:11 PMOne of the biggest complaints I’ve seen with OCS was the large number of servers required when deploying all the components, even in consolidated scenarios. And although with new features come yet even more server roles, one change was made that actually helps reduce server footprint in smaller deployments. Monitoring Server With OCS 2007 to recording and reporting on Call Detail Records required that an Archiving Server also be used as those two components were wrapped up in the same role. An
... [more]
By: Jeff Schertz
Posted:
October 14, 2008 at 11:54 AMYes, you read this correctly: In a single-server Edge deployment a private IP address is now supported on the A/V Edge Role. It is still recommended to use a public IP address and is still not supported for scaled Edge deployments, but through some magical alignment of the stars (or more likely some work by the product team) this requirement has changed for the better. As minor as the point seems to be in the documentation, there must be at least 2 posts every week in the TechNet forums asking
... [more]
By: Jeff Schertz
Posted:
October 14, 2008 at 9:33 AMJamie Stark, an OCS Product Manager at Microsoft, is blogging this week from VoiceCon in Amsterdam as he and his team officially announce and release details of the upcoming Office Communications Server 2007 R2 release. You can find his updates here: http://nomorephones.spaces.live.com/default.aspx The scheduled keynote should have just wrapped up within the hour, so I’d expect to an update on there sometime later today. I’ve been biting my tongue for some time regarding all of the R2 enhanceme
... [more]
By: Jeff Schertz
Posted:
October 9, 2008 at 2:29 PMI little used portion of the OCS installation wizard is the ability to delegate some access rights to specific user accounts so that remote or junior administrators can deploy OCS components on server in a environment without actually needed to have full administrative rights. Launch the OCS 2007 Deployment Wizard and (depending on if it's Standard or Enterprise Edition) select the Deploy Standard Edition Server or either of the Deploy Pools options. Select Prepare Active Directory and Step 7 w
... [more]
By: Jeff Schertz
Posted:
October 5, 2008 at 8:08 AMAt the moment I have a few too many OCS-specific telephony devices on my desk: a Polycom CX700 handset (aka the Tanjay), an LG-Nortel IP8540 handset (aka the Catalina), an LG-Nortel IP8502 Bluetooth headset, a couple generic USB headsets, and the latest edition: the Polycom Communicator CX100 speakerphone. On any given day I'm either working from my home office in the suburbs, my corporate office downtown, any number of possible client sites with a range of wired and wireless access for consulta
... [more]
By: Jeff Schertz
Posted:
September 15, 2008 at 6:10 PMMy home lab server is starting to get so many virtual servers to hold all the products I've been testing that I decided to deploy Windows Server Update Services 3.0 in order to help manage all the updates, as well as to learn yet another product. The setup and configuration was pretty straight forward, but after configuring group policies and double and triple checking them, I was only getting a couple servers to appear under the All Computers in the Update Services management console. I follow
... [more]
By: Jeff Schertz
Posted:
September 2, 2008 at 6:49 AM
Microsoft has just released a really neat tool that threatens to make obsolete all of my OCS Edge-related blog material :) Seriously, as complicated as it can be to design and configure an Edge deployment when reading through the deployment guides, the Perimeter Network white paper, blog articles, and any other resources this tool can help clear up things ten-fold. I think just the existence of this tool goes on to underscore just how complicated an Edge design and deployment can be when so
... [more]
By: Jeff Schertz
Posted:
August 19, 2008 at 4:37 PMIn a previous blog entry I covered how to use object filtering with the Microsoft Notes Connector. There was a reason I ran into that situation in the first place which was planning a migration from Notes to Exchange using the Notes Connector, but with a catch: I had already created new accounts in the target forest for the users in the migration scope. These accounts needed to be pre-deployed before any directory synchronization was configured so that employees in the newly acquired company c
... [more]
By: Jeff Schertz
Posted:
August 14, 2008 at 4:16 PMI finally had a chance to test drive the beta version of the upcoming Forefront Security release specifically for Office Communications Server 2007 (FSOCS). I deployed this in my lab, co-locating it on an existing Standard Edition server in an internal network segment. To download the public beta release: Forefront Security for Office Communications Server 2007 Betahttp://www.microsoft.com/downloads/details.aspx?familyid=d128fd1a-42a2-47cb-9de8-e4ea8ba2382d&displaylang=en Before installing
... [more]
By: Jeff Schertz
Posted:
August 13, 2008 at 3:47 PM
In the past I've heard at least a few discussions regarding administrators looking for a way to disable instant message functionality in Office Communications Server 2007. Some may want to block IM from certain workstations, while others may be looking to deploy OCS as a Presence-only application. Or possibly even as a contact management solution for a Remote Call Control deployment, but actually want to prevent IM conversations for work-performance or compliance-related matters.
Either way
... [more]
By: Jeff Schertz
Posted:
August 12, 2008 at 9:05 AM
A question that comes up almost weekly in the TechNet discussion forums is: "Can I use only one network card in my Edge server?"
Background
A definitive answer has always been difficult to nail down as my testing, other user's experiences, different Microsoft documents, and some other sources all seem to slightly contradict each other. Let's start with the documentation; the OCS 2007 Supportability Guide states the following:
“Edge server roles can be collocated, but each s
... [more]
By: Jeff Schertz
Posted:
July 11, 2008 at 9:06 AMThe other day I received an email from a coworker which was protected by Information Rights Management and I realized I could not open it using my Windows Mobile device. We are running Rights Management Server internally and with my laptop on Vista, the IRM components are built-in and all integrated seamlessly. The first time I had to open an IRM-protected message or document at work I was prompted to add and configure an account in Outlook in order to access the protected content. Since then
... [more]
By: Jeff Schertz
Posted:
July 8, 2008 at 5:19 PM
The most common reasons I have seen for uninstalling Office Communications Server 2007 from an environment are typically to remove a pre-release beta version or test deployment, or to start from scratch after a botched deployment. In either scenario it's often desired to completely remove all aspects of OCS and start fresh. This approach is often started by simply uninstalling the OCS components from the Front-End server, and doing so will generate this alert:
If 'Yes' is chosen and all
... [more]
By: Jeff Schertz
Posted:
July 3, 2008 at 9:27 AMRecently I've seen this topic popping up more often in the TechNet forums and decided to try it myself. I ran through the install in a fresh lab with Windows 2008 Active Directory (2003 Forest functional level and 2008 Domain functional level) and a single Windows 2003 SP2 Member Server. I had read some posts where people were running into problems performing the initial Schema/Forest/Domain prep steps, and they seemed to fall into two categories: executing the setup on the wrong computer or so
... [more]
By: Jeff Schertz
Posted:
June 25, 2008 at 1:09 PMI've run across a couple situations where enabling users for OCS via the Management Console proved to be a bit cumbersome, typically when wanting to only select a certain subset of accounts among a list of thousands. So I set off to figure out how to easily perform the same action by manipulating the AD object attributes directly with scripts and freeware tools. The first step was to observe exactly what changes were applied to an account when enabled via the console. I took a snapshot of the p
... [more]
By: Jeff Schertz
Posted:
May 22, 2008 at 12:04 AM
Although I might be one of just a few currently working on the bleeding-edge technology of synchronizing Lotus Domino/Notes directories with Microsoft Active Directory via Exchange 2003, I figure I'd share this little tidbit of information. According to Microsoft Product Support this is not documented anywhere in TechNet and I had to open a ticket just to find this information out.
After successfully establishing Directory Synchronization with a Notes 6.5 directory, the default behavior of t
... [more]
By: Jeff Schertz
Posted:
May 20, 2008 at 3:16 PM
I recently needed to create few thousand mail-enabled users in Active Directory for a project in which the original plan was to use a third-party mail migration product to later mailbox-enable and then migrate data in from another directory. But as plans changed I found that we were going to need to manually convert a good number of these objects into mailbox-enabled accounts. At the time I thought, "No problem, I'll just filter out the specific users and select the Exchange Task to Cre
... [more]
By: Jeff Schertz
Posted:
April 25, 2008 at 3:42 PM
(This post is a more in-depth follow-up to my original blog entry on the subject: Enabling Custom Phone Number Normalization with the Address Book Service.)
I recently took a short hiatus from the OCS TechNet discussion forums while concentrating on an Exchange project for the past few months. While catching up on threads, I've noticed that there is still quite a lot of confusion regarding both how OCS handles phone numbers in the directories and how to understand the normalization rules. T
... [more]
By: Jeff Schertz
Posted:
April 25, 2008 at 3:39 PMOn a recent project I ran into a unique problem regarding replication of public folder information in an Exchange 2003 organization. The problem was recently discovered after the migration of an acquisition into the existing organization when users noticed that Free/Busy information for mailboxes was not displaying between mailboxes in the existing offices and the new office. After an exhaustive search and a few dead-ends I was able to finally resolve the issue, but the lack of information I f
... [more]
By: Jeff Schertz
Posted:
March 12, 2008 at 1:26 PMIn a recent migration project I needed to move nearly 2TB of mailbox data between Exchange 2003 servers in the same organization, to the tune of 100-200GB per day. The first couple days went fine, with excellent performance, but as more mailboxes were moved to the target server and mail delivery processes and user connections increased, move-performance began to degrade to the point that mailbox moves started to spit out generic MAPI errors and failed. After a quick check of the application log
... [more]
By: Jeff Schertz
Posted:
March 12, 2008 at 1:02 PMThere are a handful of tools and scripted solutions floating around for resolving SIDs to user accounts and the reverse, but here's a handy way to do this by simply using Active Directory Users and Computers. The first time you perform this for a domain it will be necessary to identify the RID and GUID portions of the domain's SID, so that you can create an LDAP Query, and then any future lookups will only require some quick match to convert the GUID portion into a format suitable for searching
... [more]
By: Jeff Schertz
Posted:
February 26, 2008 at 2:09 PMI've been running a release candidate version (build 6001) of Vista Service Pack 1 for a few weeks now and by far the biggest advantages have been 'performance' related. What's funny is there were a slew of performance-related pre-SP1 hotfixes released for Vista in the past year, none of which had resolved any of my specific issues. The 'performance' bump I'm seeing is more perceived, as Microsoft has finally fixed some glitches which were causing Vista to hang-out and wait for something to mo
... [more]
By: Jeff Schertz
Posted:
January 30, 2008 at 2:08 PMJust a quick blog entry here; it seems like every time I need to send another external party the link to download the LM2007 installation, I can never find it. Yes, the link itself is in the invitation email (although somewhat difficult to find) but those aren't always handy when trying to create an impromptu conference with external IM attendees who are not already running OCS and/or LM 2007 themselves. So here is the link to the download page: http://office.microsoft.com/en-us/help/HA10173383
... [more]
By: Jeff Schertz
Posted:
December 22, 2007 at 9:38 AM
When configuring OCS user settings in bulk there are a limited numbers of options one can change when using the Office Communications Server 2007 Management Console. A range of user accounts can be selected and some options can be enabled/disabled like: Enhanced Presence, Federation, External access, PIC, and archival behavior. You can also set EV and meeting policies, but unfortunately cannot control any of the Telephony user settings.
When migrating users and simultaneously deploying new s
... [more]
By: Jeff Schertz
Posted:
November 28, 2007 at 10:57 PM
Although deploying Office Communications Server 2007 for use internally is quite straight-forward, things begin to get complicated when adding in the components used for external client connectivity. The most misunderstood portions of deployment seem to be the correct configuration of the reverse proxy, and the networking configuration of the Edge Server itself.
OCS Edge Server Configuration
The Edge Server Deployment guide covers a variety of support topologies but the Consolidated Ed
... [more]
By: Jeff Schertz
Posted:
November 18, 2007 at 11:27 AM
Here's something I've run across a couple times while helping clients configure Exchange 2007, as well getting it wrong the first time I set it up in my test lab. If you are trying unsuccessfully to use the new Managed Folder Mailbox Policy feature in Exchange 2007 to move items from default folders into a new Managed Custom Folder there are a couple important steps worth verifying.
As an example I performed the following steps:
Created a new Managed Custom Folder named System Clean
... [more]
By: Jeff Schertz
Posted:
November 17, 2007 at 12:11 AMThe current Office Communications Server 2007 documentation doesn't go into very much detail regarding the configuration and behavior of Phone Normalization in the Address Book Service. I won't be going into any details regarding customization of normalization rules and how they operate, as the purpose of this blog entry is just to understand how to enable this feature and how to force OCS to load the changes.
I have found some details in the LCS 2005 Address Book Service Planning and Deplo
... [more]
By: Jeff Schertz
Posted:
November 9, 2007 at 10:31 AM
I recently ran into a deployment problem for a customer where we attempted to use just two network interfaces for a single Edge Server configuration. If you follow the deployment documentation for the Office Communications Server 2007 Edge server, you'll see that they require the Edge server to have up to four separate network interface ports, one for internal and one for each of the three Edge Server Roles. From a network bandwidth standpoint in a high-usage scenario this many interfaces
... [more]
By: Jeff Schertz
Posted:
November 7, 2007 at 9:19 PM
Between the OCS 2007 Deployment documentation, official Resource Kit, and blog/forum posts I've seen some discrepancies regarding the exact names (and order) of lookups performed by an Office Communicator 2.0 client when attempting to connect to an Office Communications Server when utilizing Automatic Configuration. Specifically I've seen reference to the automatic fall-back of looking for A records starting with sip, or instead with sipinternal, and sipexternal. Well, I discovered that it's
... [more]
By: Jeff Schertz
Posted:
October 27, 2007 at 4:25 PM
…is not a good idea. In a production deployment a second server should be built using the desired server name, and then all OCS users moved over to it. Or a temporary staging server can be stood up in order to rebuild the original server. Either way, simply renaming an Office Communications Standard Server 2007 can be painful.
Shortly after deploying a standard server in my lab I noticed during server configuration that I had fat-fingered the server's hostname and was not to happy abo
... [more]
By: Jeff Schertz
Posted:
October 21, 2007 at 9:46 PM
In a future blog entry I plan to walk through many of the steps needed to setup a virtualized test environment running on a single, uni-homed host. Throughout the process I've used a combination of online articles and blogs with input from colleagues to try and find the simplest hardware configuration which would allow me to deploy many different Microsoft products in an environment which closely mimics a typical enterprise.
While I'm still working on that documentation, one specific
... [more]
By: Jeff Schertz
Posted:
October 4, 2007 at 10:59 AM
Since upgrading from Windows XP to Vista Business at the start of this year I have learned to live with a few behavioral annoyances by either adapting the way I previously performed a specific task or digging up a workaround/fix. Alas, there are still two specific issues that continue to drive me up a wall, day after day. The first of which was documented by Mark Russinovich in his blog entry entitled The Case of the Delayed Windows Vista File Open Dialogs and has me eagerly awaiting the
... [more]
By: Jeff Schertz
Posted:
September 6, 2007 at 6:01 PM
After completing multiple cross-organization migration projects with differing co-existence periods, I've found myself having to go back to the books for a refresher course on intra-forest migrations. Among the many differences on how to approach and implement a migration intra-forest versus inter-forest, one of the most important is how Active Directory objects are migrated between domains.
When working with separate forests there will typically be duplicate instances of all objects consider
... [more]
By: Jeff Schertz
Posted:
July 31, 2007 at 8:58 PM
...or so it seems, judging by the excessive noise coming from my laptop's fan recently. My Dell Latitude D820 is only a little over six months old, but in the past few weeks it has been running noticeably hotter, regardless of CPU load. Within 5-10 minutes of a cold-boot the measured CPU temperature would steadily climb to over 70°C, which was followed by the system fan stepping up to it's maximum speed in a fruitless effort to displace heat. This abnormal amount of heat was radiating
... [more]
By: Jeff Schertz
Posted:
February 21, 2007 at 12:21 AM
Background
Relatively new to Windows Server (starting with 2003 SP1) is a feature called Access-based Enumeration (ABE) which recursively hides files and folders in a share from user accounts that are not granted any permissions to those objects. Simply put, if a user doesn't have at least Read access to it, they can't even see it. If you've ever worked in a Novell NetWare environment you have probably seen this in action, as users will only see the data they have permissions to acc
... [more]
By: Aaron Steele
Posted:
July 14, 2006 at 2:35 PM
In case you've noticed that the sIDHistory attribute isn't very user friendly when viewing it with ADSI Edit, here's a way to reverse-engineer the value to compare it with how we are normally used to seeing it displayed:
Find the SID for the source domain user or group by using the getsid.exe command:
Command Usage:
getsid \\<source_dc> “<Source User/Group Name>” \\<target_dc> “<Target User/Group Name>”
Example:
getsid \\DA_PDC “Developers” \\CORPCU1DC00
... [more]
By: Aaron Steele
Posted:
June 12, 2006 at 2:34 PM
I just spent entirely too much time searching for a resolution to an issue that, although quite simple to resolve, didn't seem to be that obvious to me.
When using the command csvde.exe to import data into Active Directory (i.e creating 1600 new user accounts in an environment with thousands of existing accounts) it might be a good idea to log any errors reported during the process :) Which, I've found, is easier said then done.
The command usage states there is a switch for logging:
CSV
... [more]
By: Aaron Steele
Posted:
April 22, 2006 at 2:34 PMMost of us are typically connecting to one or many different client networks from various locations throughout the day, while others (present company included) may be logged into the same VPN tunnel day after day after day.
The default behavior when using a built-in Windows XP Virtual Private Network connection (as well as on some third-party clients, depending on configuration) is to set the default gateway to the VPN connection. This effectively routes all remote traffic over the tunnel, w
... [more]
|
|
|
|
 |
|
|
 Senior ConsultantJeff Schertz is a senior consultant for PointBridge, focused on unified communications. He has over 10 years of experience in the IT industry ranging from family-owned businesses to global product dev... [more]
|
|
|
|
|
|
|