Mino – The UC Guy

Microsoft Unified Communications Blog

Archive for the ‘Good Articles take from Other Blogs’ Category

Single certificate for OCS/Exchange/ISA usage

Posted by Mino on July 7, 2009

Any Post starting with this disclaimer means that this post was not written by me however I have liked it and added to my blog. I am also including the link to the original or similar post to provide credit to the original author.

http://www.unifysquare.com/blog/post/Single-certificate-for-OCSExchange-firewall-usage.aspx

Internal certificates work wonders for your Active Directory Domain Services members. For Unified Communications, where OCS and Exchange are going to be using the same ISA 2006 server as the firewall, utilizing a Subject Alternative Name (SAN) certificate for your edge configuration and your ISA configuration can save you time, management hassles, and possibly provide cost savings as well. For internal servers, an internal PKI is just fine, but for the public interface of your system, you should most likely be looking at using a public-sourced key such as Go-Daddy, Thawte, DigiCert, etc. OCS Federation, remote users, and Public Instant Messaging Connectivity (PIC) demand public certificates.

The following table shows the SAN names needed on a certificate to support the base OCS and Exchange functions on ISA 2006 – and I imagine that this certificate construction will work just fine on many other firewalls as well. The table comes from my test domain; you should replace my test domain with your own domain name.

Obtain a public SAN (UCC) certificate from your favorite provider, import the certificate into your OCS Edge server and your ISA server computer account Trusted Root Certificate store and then you can use one certificate for all these uses. This approach leaves you with only the one certificate to manage and renew, or, if life treats you badly, move to a new server.

 

 

SAN Name

Usage

Notes

1

SIP.domain.com

OCS Edge Server

IM, Presence, Federation, PIC

2

webconf.domain.com

OCS Edge Server

Web Conferencing

3

AV.domain.com

OCS Edge Server

A/V

4

revproxy.domain.com

ISA Reverse Proxy

Web Components

5

CWA.domain.com

ISA Web Listener

Communicator Web Access

6

DOWNLOAD.CWA.domain.com

ISA Web Listener

CNAME for CWA desktop sharing

7

AS.CWA.domain.com

ISA Web Listener

CNAME for CWA desktop sharing

8

MAIL.domain.com

ISA publisher

Outlook Anywhere, OWA, POP, IMAP

9

AUTODISCOVER.domain.com

ISA Web Listener

Autodiscover for outlook and OCS.

Advertisements

Posted in A/V Edge Server, Certificates, Communicator Web Access, Consolidated Edge, Edge Server, Good Articles take from Other Blogs, OCS & Exchange07, OCS 2007 R2 | Tagged: , , , , , , , , , , , , , , , , , , | 10 Comments »

Address Book Download Issue (Vista Only)

Posted by Mino on July 6, 2009

This is a case I have faced right after the MVP award thing; it proves one thing to me.  You will always learn till the last minute of your life whether you are a Ranger or MVP or even one of the product team themselves. 

Ok here is the case; I have a Pilot on Isolated Environment where I have deployed 3 machines (AD+ CA+ Exchange, OCS Front End, OCS Mediation) And the users are on another production environment and they are planning to test the OC locally from their computers joined to the Production domain not the pilot one.

I have everything configured fine, hosts file edited correctly, Certificate Chain imported and Communicator is able to login correctly with no Problem. All of a Sudden all Vista machines are not able to download address book or to retrieve outlook free /busy information. However XP machines are working smoothly with no Problem

OK….then we think logic , what is common between Address Book and Exchange Free/ Busy?  Both are Web Services retrieved through HTTPS, so it has to be IE problem.

After some Googleing I found the solution on the UC No Evil blog as he describes details of troubleshooting steps he did and in the end it appeared to be the IE setting of Check for sever certificate revocation along with Disabling Windows Vista User Access Control

Below Are the Detailed Steps as described on the Blog:

  1. Make sure this symptom is the same on all of your Vista clients.
  2. Flush DNS by using ipconfig /flushdns on the client.
  3. Verify within IE that ‘Check for server certificate revocation* is disabled.  To do this go to IE > Advanced > Security section > Check for sever certificate revocation*.   Deselect the check box.
  4. Now  close Internet Explorer, close Communicator (Completely — sign-out and close application)
  5. Start Communicator| Sign in
  6. If you’re not presented with an error or the warning stating an issue accessing the Address Book, go to the %userprofile%\Local Settings\Application data\Microsoft\Communicator and verify that a GalContacts.db file exists.  If it does exist, GREAT! You’re done.   If not then continue with the rest of the procedure.
  7. Within IE add the Address Book URL that users will download the AB files.  IE > Internet Options > Security > Trusted Sites > Add the URL to trusted sites (ex.  https://ocsfrontend.company.com)
  8. Repeat steps 4-6
  9. If you still cannot download the address book try, move to step 10.
  10. Verify that User Access Control is off and then repeat steps 4-6.

Also some good technical details for the issue are available here on Microsoft Forums

Posted in Certificates, Common Errors, communicator client, Front End Server, Good Articles take from Other Blogs, Miscellaneous, OCS 2007 R2 | Tagged: , , , , , , , , , , , | 8 Comments »

How to Integrate Exchange UM Voicemail into Cisco IP Phones

Posted by Mino on March 27, 2009

I am working with a client who is using Cisco CUCM with Cisco Phones, along with Microsoft Exchange 2007 voice mail on the UM , but when you divert the phone to voicemail you are not prompted with the users voicemail prompt – you are prompted with the Subscriber access greeting of “ Welcome , you are connected to Microsoft exchange ,…etc )

Usually when you call someone and there is no answer then you are transferred to the Pilot number, the extension of the person you are calling is sent also in the request so that you would be directly transferred to the users voice mail not to the Welcome greeting.

This Problem Happens when Diverted Calls are not accepted because both sides cannot agree on DTMF handling , the MTP is important, because it deals with differences in how DTMF is signaled between the phones and gateways and the sip trunk

Just make sure the following on the Cisco SIP trunk:

  1. Accept Out-of-Dialog REFER
  2. Accept unsolicited Notification
  3. Accept Replaces Header
  4. Have the SIP trunk configured to use MTP, once I’d configured MTP and MRG/MGRL

The changes detailed below are based on a new installation of Call Manager 5. As this environment been created for the purpose of testing the integration between platforms, it contains only minimum configuration. The required Changes are with:

·         Media Termination Point (MTP)

·         Changes to security profile

Media Termination Point: The Cisco Call Manager installation builds the default media termination point.

Media Resource Group: Create a media resource group “MRG_CCM5” and add the media resource (MTP) to the group. Multicast is not required.

Media Resource Group List: Create a media resource group list “MRGL_CCM5” and add the media resource group “MRG_CCM5” to the list.

Device Pools: By default Cisco Call Manager creates the “default” device pool. Open the device pool “default” and select the new media resource group list “MRGL_CCM5”.

SIP Trunk Security Profiles: Copy the “Non Secure SIP Trunk Profile” to “E2K7 Non Secure SIP Trunk Profile” and enable “Accept Unsolicited Notifications”.

Partition Configuration: Create a Class of Control Partition “Local”.

Calling Search Space: Create a Class of Control Calling Search Space “CCS_Local” and add the Partition “Local” to the calling search space.

Trunk Configuration:

Trunk Configuration

General

Setting

Device Name

E2K7

Description

Exchange UM

Device Pool

Default

Call Classification

Use System Default

Media Resource Group List

<None>

Location

Hub_None

AAR Group

<None>

Packet Capture Mode

None

Packet Capture Duration

0

Media Termination Point Required

Enabled

Retry Video Calls as Audio

Disabled

Transmit UTF-8 for Calling Party Name

Disabled

Unattended Port

Disabled

MLPP Domain Information

<None>

   

Trunk Configuration
Call Routing Information

Setting

Inbound Calls

Significant Digits

All

Connected Line ID Presentation

Default

Connected Name Presentation

Default

Calling Search Space

CCS_Local

ARR Calling Search Space

<None>

Prefix DN

<Blank>

Redirecting Diversion Header Delivery

Disabled

Outbound Calls

Calling Party Selection

First Redirect Number

Connected Line ID Presentation

Default

Connected Name Presentation

Default

Caller ID DN

<Blank>

Caller Name

<Blank>

Redirecting Diversion Header Delivery

Enabled

Trunk Configuration

SIP Information

Setting

Destination Address

<IP Address of E2K7 Server>

Destination Address is an SRV

Disabled

Destination Port

5060

MTP Preferred Originating Codec

711alaw

Presence Group

Standard Presence Group

SIP Trunk Security Profile

E2K7 Non Secure SIP Trunk Profile

Rerouting Calling Search Space

<None>

Out-of-Dialog Refer Calling Search Space

<None>

SUBSCRIBE Calling Search Space

Default

SIP Profile

Standard SIP Profile

DTMF Signalling Method

No Preference

Posted in Cisco 4.x Integration, Cisco 5.x Integration, Cisco 6.x Integration, Cisco 7.x Integration, Good Articles take from Other Blogs, OCS & Exchange07, Unified Messaging | Tagged: , , , , , , , , | 8 Comments »

Jabra Dial 520

Posted by Mino on March 15, 2009

Any Post starting with this disclaimer means that this post was not written by me however I have liked it and added to my blog. I will also include the link to the original or Similar post to provide credit to the original author.

http://blogs.technet.com/jkruse/archive/2009/02/25/jabra-dial-520.aspx 

I’ve received a Demo unit of the JABRA Dial 520 under the UC Voice program and I have been showing it to our client to get their feedback.

Everyone is very happy with its cool look and the plug and play thing as you don’t need to configure anything once you plug it the communicator will automatically chose it as the default device. You will be able to call any number and click dial so it will open communicator client and place the call.

The voice quality is good but when you receive a call on your communicator client the JABRA 520 will just blink white light without telling you the number of the caller, quite disappointing to me 😦 

But as an overall I like it and will really love it if the screen shows me the number or the name of the caller

 jabra

 

jabra2

Posted in communicator client, Good Articles take from Other Blogs, OCS 2007 R2, Phone Edition | Tagged: , , , , , , | Leave a Comment »

Office Communicator Custom Presence States

Posted by Mino on February 28, 2009

Any Post starting with this disclaimer means that this post was not written by me however I liked it and added to my blog. I will also include the link to the original or Similar post to provide credit to the original author

http://blogs.technet.com/toml/archive/2007/11/30/oc-custom-presence-states.aspx 

Office Communicator 2007 offers a few user defined areas, the Note, your location and Custom Presence

Please note something important – there is no defined custom presence that includes the Yellow (away) status. The reason is that it is not supported as it was deemed to be a value that you wouldn’t set yourself but would be set based on your activity. I would agree with that for Away but Be Right Back I can set but it is what it is. What happens if you set one of the states to the Yellow (away) states – none of the custom presence items show.

Another item to note that can be a bit annoying – you can’t sign in with the custom presence, you have to sign in with a standard state and then change. My approach is to pick the state that matches what I will eventually select with my custom text.

Here is syntax for my presence.xml used for what you see and I also included a reg file. Please note that you can put the xml anywhere just update the reg file syntax for the correct path.

<customStates>
    <customState ID=”1″ availability=”online”>
        <activity LCID=”1033″>Out and about – use mobile</activity>
    </customState>
    <customState ID=”2″ availability=”Busy”>
        <activity LCID=”1033″>Down in the lab – use mobile</activity>
    </customState>
    <customState ID=”3″ availability=”busy”>
        <activity LCID=”1033″>Reviewing program documents</activity>
    </customState>
    <customState ID=”4″ availability=”do-not-disturb”>
        <activity LCID=”1033″>Executive Briefing with Customer</activity>
    </customState>
</customStates>

and here is the syntax of my presence.reg file

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Communicator]
@=””
“CustomStateURL”=file:///C:/Users/toml/Documents/presence.xml

image_4

Posted in communicator client, Good Articles take from Other Blogs | Tagged: , , , , | 3 Comments »