Thursday, May 29, 2008

WebMessenger extends Microsoft OCS to Nokia users

WebMessenger will support Nokia handsets on its middleware platform.

WebMessenger has added support for Nokia handsets to its messaging middleware platform, which enables a wider range of corporate phones to be used with Microsoft Office Communications Server (OCS) for mobile presence and messaging functions.

Read more at (by Daniel Robinson, IT Week, 27 May 2008)

Changing Live Meeting invation information in OCS 2007

The information of the company name and URLs that comes with the live meeting invitation in OCS 2007 can be change. Let's see how to change the default settings, as follows:
  1. Open Microsoft Office Communicaton Server 2007 console
  2. Expand Forest - <Domain name>
  3. Expand Standard Edition Servers
  4. Expand <OCS Pool Name>
  5. Right click on <Domain name>,click on Properties and then clickon Web Conferencing Properties
  6. In General tab, fill out with your organization name as shown in the figure below

We can also modify the URL's that go with the invitation. To do that click on Meeting invitations and change the internal and external URLs.

Let's try our new configuration, if you have the Live Meeting add-on installed, create a new Live Meeting and you will see your company name and your URLs in the invitation.

IIMF on OCS 2007

In OCS 2007 we have the IIMF (Intelligent IM Filter) built-in into the product. In this post we are going to enable the IIMF feature to filter URL in a OCS 2007 Standard Edition, as it follows:
  1. Open Microsoft Office Communications Server 2007
  2. Expand Forest
  3. Expand Standard Edition Servers
  4. Right click on server name and click on Application Properties and then on Intelligent IM Filter

  1. Check Enable URL Filtering and now we have some options to define such as: If we want to block all hyperlinks that contains extentions defined in the File Transfer Filter tab, if we enable local intranet URLs.

In our post we are going to allow IM that contain hyperlinks but we will add a banner into each message and at the botton and instead of a link the user will receive a plain text. We are also able to chose some prefixes that the IIMF filter will be blocking.

Let's do a test, the user administrator as shown in figure bellow will send a link for another user.

The user that receive the IM will receive the link with a friendly warning about the link and the link will receive a caracther "_" in front of the http://. It means if the user really wants to access that website, he have to copy the content and open it in a web browser.

Tuesday, May 27, 2008

Notes for Communicator Web Access

One Server for Both Internal and External Users In order to deploy all users on a single computer, you must run IIS 6.0 in application isolation mode. For details about application isolation modes in IIS 6.0, see “Application Isolation Modes” at

  • Two virtual servers cannot both share the same IP address and also listen on the same port; therefore, you must differentiate the virtual servers on your computer either by IP address or by port number. If both virtual servers use the same IP address, you will need to differentiate them by port number. Many proxy servers accept SSL traffic only on port 443, so you may need to manually configure the external virtual server to use port 443.
  • You must configure your firewall or reverse proxy to map to the appropriate port for each virtual server.
  • Although application isolation reduces security risk, it is still possible for the server to be compromised, which could affect both external and internal users. In contrast, using a separate external server would limit the impact of an attack on the external server to remote users only.

Required Software

The following software must be installed on the computer on which you will be installing Communicator Web Access:·

  • Windows Server 2003 R2 SP2 or Windows Server 2003 with SP1 or later·
  • Windows Installer 3 (included in Windows Server 2003 SP1 or later)·
  • IIS 6.0· .
  • NET Framework 2.0, including ASP.NET 2.0


ASP.NET is automatically registered with IIS if the .NET Framework 2.0 is installed after IIS 6.0 is installed. If you install the .NET Framework first, you must manually register ASP.NET. For details, see

In addition, the following QFEs must be installed:·


  • An MTLS connection will succeed only if the subject name for the MTLS certificate is the FQDN (fully qualified domain name) of the Communicator Web Access server
  • SSL certificate. An SSL certificate is required on all Communicator Web Access servers and on any load balancer that is associated with an array of Communicator Web Access servers. The SSL (Secure Sockets Layer) certificate is used by clients that are connecting to the Communicator Web Access server. Each virtual server that is configured with HTTPS (HTTP with SSL) must have an SSL certificate. The CA that issues the SSL certificate for Communicator Web Access does not have to be the same one that issues the Office Communications Server 2007 SSL certificates or the MTLS certificates.

MTLS and HTTPS Certificate Configuration Requirements

Certificate field
ValueVersion 3
Template Duplicated Web Server
EKU Server Authentication (
Private Key Enabled for Export
Key Usage Digital Signature, Key Encipherment (a0)

  • The subject of the Communicator Web Access certificate, which can be configured in the Communicator Web Access Manager, is always the FQDN of the Communicator Web Access server computer
  • The subject name of the SSL certificate corresponds to the FQDN of either the server or the load balancer if one is presentOn a reverse proxy that is deployed in the perimeter network, the subject name of the SSL certificate corresponds to the FQDN of the reverse proxy


Single Communicator Web Access virtual server on a computer named computer1.contoso.comNo Web publishing, No load balancing==>The server has an SSL certificate whose subject name is the FQDN of the server, in this case,


For remote users and for users of supported browsers that cannot use integrated Windows authentication, the forms-based authentication window will appear.

  • · Optimizing IIS 6.0 scalability. IIS 6.0, running on the Microsoft Windows Server® 2003 operating system, includes a new architecture and new features to improve scalability on your Communicator Web Access server. For detailed information about optimizing IIS 6.0, see “Improving Scalability by Optimizing IIS 6.0 Queues” at, “Improving Scalability by Optimizing IIS 6.0 Caches” at, and “Additional Resources for IIS 6.0 Scalability” at
  • Adjusting the IIS 6.0 user limit. By default, IIS 6.0 has a limit of 8,000 connections. This setting is configurable in the following registry key:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\ParametersTo increase the limit, create a DWORD entry named "MaxConnections" in this location and set an appropriate limit, allowing for a reasonable tolerance for peak periods. For example, if you want to allow 10,000 connections, you would probably set the value at double this number (20,000). For guidance, see the Microsoft Knowledge Base article “Http.sys registry settings for IIS” at

Magic Quadrant for Unified Communications 2007

Here is the magic Q for Unified Communication 2007. This report is generated by Bern Elliot (Gartner) dated 20 August 2007.

This is the link to the web :

Sunday, May 25, 2008

Guide on OCS Database tuning (SQL)

For Midrange (8 GB of memory) and High End (12 GB+ of memory)

>If 32-bit version of SQL Server is running, enable Lock Pages in Memory ( and enable AWE (

>These settings are not necessary if SQL server is 64 bit.

>Add a SQL Server trace flag for T4618 (

1) Open SQL Server Configuration Manager
2) Select SQL Server instance, right-click, and then click Properties.
3) In the Advanced tab, click Startup Parameters.
4) Append ;-T4618 to the end of the Startup Parameters list and click OK.
5) Restart SQL Server.

Communicator Address book download (Galcontacts.db)

Client "Address Book" File Download Process . If a client is accessing the URL for the first time, upon successful connection, the client attempts to download the current full data file. On subsequent days, the client attempts to download a delta file based on the last full synchronization date.

Typically, this delta file is based on the previous day. If the client is offline for a day or more, it determines which delta files it must download to get up to date. If the client is offline for more than 30 days, it attempts to download the full data file.

Storing this information in a local database reduces the time taken to synchronize information on the client computer with the latest information stored in Active Directory, thereby significantly improving the GAL search process. The location of this database is : Documents and Settings\\Local Settings\Application Data\Microsoft\Communicator.In the event of a download failure because of network connectivity or other issues, the client retries in time intervals that double on each failure (1 minute, 2 minutes, 4 minutes, and so on, up to a maximum of 64 minutes).

Any data that was downloaded before the failure is discarded, and the retry begins again at the beginning. If the failure persists for more than 24 hours, a warning is displayed, and an application event is added to the Event Log.

When the client logs in, it determines if it has been more than 24 hours since the last download. If so, then the current download occurs immediately. Otherwise, download is scheduled at 00:00 UTC (Universal Coordinated Time, also known as GMT).

Tracing in Office Communicator

Tracing can be enabled on Communicator by group policy or manually on the client. Enabling event logging will write communicator events into applications event logs. Protocol level logging files can be found at ..\User\Tracing in XP or Vista. These files can be read by notepad but I recommend using snooper which is in OCS resource kit.

Conversation History Settings

The settings in "Personal Information Manager" such as

-- Save my instant message conversations in the Outlook Conversation History folder

-- Save my call logs in the outlook Conversation History folderare being published to the backend database, rtc.PublishedStaticInstance as binary, by the client.

<permissions> <personalinformationmanager>outlook</personalinformationmanager> <autoretrieveooffromoutlook>false</autoretrieveooffromoutlook> <publishcalendarpresence>false</publishcalendarpresence> <imautoarchiving>false</imautoarchiving> <calllogautoarchiving>false</calllogautoarchiving> <publishmeetingsubjectandlocation>false</publishmeetingsubjectandlocation> </permissions> </otheroptions> </publication> </publications> </publish>

Using Hardware Load Balancer for OCS 2007 Front-end Server

To increase the scalability and higher redundancy for OCS Front-end server, we have to use hardware load balancer. Below is some of the support hardware offerings from F5, Cisco, Foundry, Nortel, and WebMux.

Thursday, May 22, 2008

Disaster Recover for OCS 2007

As we making OCS 2007 as the main call manager, high avaiability and scalability would one of be the main components we (IT person) to consider. Scalability in OCS 2007 would be easy as Microsoft has addressed this metter. The second point which other players in the IP Telephony industry is questioning Microsoft is; can OCS 2007 have the disaster recovery solution?

There are some solutions from others Microsoft team proposed which using backup and recovery method on the OCS 2007 server. Can it be automated? This has makes me to investigate more in my current lab. I've trying to create a auto service failover to DR server when the production server is down. I'll continue more after my lab test.

I've browse around, M Senthil Kumar blog has a discussion on backup OCS 2007 configuration guide. (