Thursday, May 29, 2008
WebMessenger has added support for Nokia handsets to its messaging middleware platform, which enables a wider range of corporate phones to be used with Microsoft Office Communications Server (OCS) for mobile presence and messaging functions.
Read more at http://www.itweek.co.uk/itweek/news/2217568/webmessenger-extends-microsoft (by Daniel Robinson, IT Week, 27 May 2008)
- Open Microsoft Office Communicaton Server 2007 console
- Expand Forest - <Domain name>
- Expand Standard Edition Servers
- Expand <OCS Pool Name>
- Right click on <Domain name>,click on Properties and then clickon Web Conferencing Properties
- In General tab, fill out with your organization name as shown in the figure below
We can also modify the URL's that go with the invitation. To do that click on Meeting invitations and change the internal and external URLs.
Let's try our new configuration, if you have the Live Meeting add-on installed, create a new Live Meeting and you will see your company name and your URLs in the invitation.
- Open Microsoft Office Communications Server 2007
- Expand Forest
- Expand Standard Edition Servers
- Right click on server name and click on Application Properties and then on Intelligent IM Filter
- Check Enable URL Filtering and now we have some options to define such as: If we want to block all hyperlinks that contains extentions defined in the File Transfer Filter tab, if we enable local intranet URLs.
In our post we are going to allow IM that contain hyperlinks but we will add a banner into each message and at the botton and instead of a link the user will receive a plain text. We are also able to chose some prefixes that the IIMF filter will be blocking.
Let's do a test, the user administrator as shown in figure bellow will send a link for another user.
The user that receive the IM will receive the link with a friendly warning about the link and the link will receive a caracther "_" in front of the http://. It means if the user really wants to access that website, he have to copy the content and open it in a web browser.
Tuesday, May 27, 2008
One Server for Both Internal and External Users In order to deploy all users on a single computer, you must run IIS 6.0 in application isolation mode. For details about application isolation modes in IIS 6.0, see “Application Isolation Modes” at http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=appmodes.
- Two virtual servers cannot both share the same IP address and also listen on the same port; therefore, you must differentiate the virtual servers on your computer either by IP address or by port number. If both virtual servers use the same IP address, you will need to differentiate them by port number. Many proxy servers accept SSL traffic only on port 443, so you may need to manually configure the external virtual server to use port 443.
- You must configure your firewall or reverse proxy to map to the appropriate port for each virtual server.
- Although application isolation reduces security risk, it is still possible for the server to be compromised, which could affect both external and internal users. In contrast, using a separate external server would limit the impact of an attack on the external server to remote users only.
The following software must be installed on the computer on which you will be installing Communicator Web Access:·
- Windows Server 2003 R2 SP2 or Windows Server 2003 with SP1 or later·
- Windows Installer 3 (included in Windows Server 2003 SP1 or later)·
- IIS 6.0· .
- NET Framework 2.0, including ASP.NET 2.0
ASP.NET is automatically registered with IIS if the .NET Framework 2.0 is installed after IIS 6.0 is installed. If you install the .NET Framework first, you must manually register ASP.NET. For details, seehttp://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=kb325093.
In addition, the following QFEs must be installed:·
- Microsoft Knowledge Base article 913297, “FIX: Error message when you try to run a Web application that was built by using the .NET Framework 2.0: ‘Overwhelming changes have occurred’,” at http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=kb913297. ·
- Microsoft Knowledge Base article 917283, “MS06-033: A vulnerability in ASP.NET could allow information disclosure,” at http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=kb917283.·
- Microsoft Knowledge Base article 922770, “MS06-056: Vulnerability in ASP.NET 2.0 could allow for information disclosure,” at http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=kb922770.
- An MTLS connection will succeed only if the subject name for the MTLS certificate is the FQDN (fully qualified domain name) of the Communicator Web Access server
- SSL certificate. An SSL certificate is required on all Communicator Web Access servers and on any load balancer that is associated with an array of Communicator Web Access servers. The SSL (Secure Sockets Layer) certificate is used by clients that are connecting to the Communicator Web Access server. Each virtual server that is configured with HTTPS (HTTP with SSL) must have an SSL certificate. The CA that issues the SSL certificate for Communicator Web Access does not have to be the same one that issues the Office Communications Server 2007 SSL certificates or the MTLS certificates.
MTLS and HTTPS Certificate Configuration Requirements
Template Duplicated Web Server
EKU Server Authentication (126.96.36.199.188.8.131.52.1)
Private Key Enabled for Export
Key Usage Digital Signature, Key Encipherment (a0)
- The subject of the Communicator Web Access certificate, which can be configured in the Communicator Web Access Manager, is always the FQDN of the Communicator Web Access server computer
- The subject name of the SSL certificate corresponds to the FQDN of either the server or the load balancer if one is presentOn a reverse proxy that is deployed in the perimeter network, the subject name of the SSL certificate corresponds to the FQDN of the reverse proxy
Single Communicator Web Access virtual server on a computer named computer1.contoso.comNo Web publishing, No load balancing==>The server has an SSL certificate whose subject name is the FQDN of the server, in this case, computer1.contoso.com
For remote users and for users of supported browsers that cannot use integrated Windows authentication, the forms-based authentication window will appear.
- · Optimizing IIS 6.0 scalability. IIS 6.0, running on the Microsoft Windows Server® 2003 operating system, includes a new architecture and new features to improve scalability on your Communicator Web Access server. For detailed information about optimizing IIS 6.0, see “Improving Scalability by Optimizing IIS 6.0 Queues” at http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=IIS6queue, “Improving Scalability by Optimizing IIS 6.0 Caches” at http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=IIS6cache, and “Additional Resources for IIS 6.0 Scalability” at http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=IIS6AddResScal.·
- Adjusting the IIS 6.0 user limit. By default, IIS 6.0 has a limit of 8,000 connections. This setting is configurable in the following registry key:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\ParametersTo increase the limit, create a DWORD entry named "MaxConnections" in this location and set an appropriate limit, allowing for a reasonable tolerance for peak periods. For example, if you want to allow 10,000 connections, you would probably set the value at double this number (20,000). For guidance, see the Microsoft Knowledge Base article “Http.sys registry settings for IIS” at http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=kb820129.
This is the link to the web : http://mediaproducts.gartner.com/reprints/nortel/150273.html
Sunday, May 25, 2008
>If 32-bit version of SQL Server is running, enable Lock Pages in Memory (http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=LockPage) and enable AWE (http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=AWEon).
>These settings are not necessary if SQL server is 64 bit.
>Add a SQL Server trace flag for T4618 (http://r.office.microsoft.com/r/rlidOCS?clid=1033&p1=kbT4618)
1) Open SQL Server Configuration Manager
2) Select SQL Server instance, right-click, and then click Properties.
3) In the Advanced tab, click Startup Parameters.
4) Append ;-T4618 to the end of the Startup Parameters list and click OK.
5) Restart SQL Server.
Typically, this delta file is based on the previous day. If the client is offline for a day or more, it determines which delta files it must download to get up to date. If the client is offline for more than 30 days, it attempts to download the full data file.
Storing this information in a local database reduces the time taken to synchronize information on the client computer with the latest information stored in Active Directory, thereby significantly improving the GAL search process. The location of this database is : Documents and Settings\\Local Settings\Application Data\Microsoft\Communicator.In the event of a download failure because of network connectivity or other issues, the client retries in time intervals that double on each failure (1 minute, 2 minutes, 4 minutes, and so on, up to a maximum of 64 minutes).
Any data that was downloaded before the failure is discarded, and the retry begins again at the beginning. If the failure persists for more than 24 hours, a warning is displayed, and an application event is added to the Event Log.
When the client logs in, it determines if it has been more than 24 hours since the last download. If so, then the current download occurs immediately. Otherwise, download is scheduled at 00:00 UTC (Universal Coordinated Time, also known as GMT).
-- Save my instant message conversations in the Outlook Conversation History folder
-- Save my call logs in the outlook Conversation History folderare being published to the backend database, rtc.PublishedStaticInstance as binary, by the client.
<permissions> <personalinformationmanager>outlook</personalinformationmanager> <autoretrieveooffromoutlook>false</autoretrieveooffromoutlook> <publishcalendarpresence>false</publishcalendarpresence> <imautoarchiving>false</imautoarchiving> <calllogautoarchiving>false</calllogautoarchiving> <publishmeetingsubjectandlocation>false</publishmeetingsubjectandlocation> </permissions> </otheroptions> </publication> </publications> </publish>
Thursday, May 22, 2008
There are some solutions from others Microsoft team proposed which using backup and recovery method on the OCS 2007 server. Can it be automated? This has makes me to investigate more in my current lab. I've trying to create a auto service failover to DR server when the production server is down. I'll continue more after my lab test.
I've browse around, M Senthil Kumar blog has a discussion on backup OCS 2007 configuration guide. (http://blogs.msdn.com/mskumar/archive/2008/02/11/backing-up-ocs-2007-global-config.aspx)