11

Sessions OCS

UCO202 Les dix écueils à éviter pour réussir son déploiement OCS 2007 R2

Leonardo Wormull10/02/2010 13:00 – 14:00

22

OCS 2007 R2 INFRASTRUCTURE

PSTN

Public IM Clouds

Live Messenger

AOL

Yahoo

Federated Partners

EDGE SERVER

DMZ

UC ENDPOINTS

Active Directory

-SIP-PSOM-RTP/RTCP

Remote Access

OCS BACK-END

SQL SERVERARCHIVING SERVER

SQL SERVER

MEDIATION SERVER

Advanced Media GW

QOEMONITORING

SERVER

SQL SERVER

OCS POOL

OCS FRONT END SERVERS

CWA SERVER

IIS SERVER

FILES SHARE

FILE SERVER

UM SERVER

EXCHANGE 2007

33

The ten most frequent problem when deploying OCS 2007 R2

1-Prepare Schema, Forest and Domain2-Certificates and Certificates3-Sign-in in automatic mode not working (DNS/Cert issue)4-Users can’t sign-in (DNS/Cert issue)5-Users don’t get Address Book (UR/IIS issue)6-Communication A/V from external user to internal user not working (Edge Setup issue)7-Invite/Join a Live Meeting conference not working8-CWA 2007 R2 is reporting error (0-1-492) "Your computer clock is not set correctly" when installed on Windows Server 20089-Delegates unable to Schedule Live Meetings10-A/V quality issues (Network/Firewall issue)

44

1- Prepare Schema, Forest and Domain How to prepare schema for LCS\OCSLCScmd.exe /forest /action:Schemaprep

How to verify if schema is prepared for LCS\OCSLCScmd.exe /forest /action:checkschemaprepstate

How to prepare the forest for LCS\OCSLCScmd.exe /forest /action:ForestPrep

How to verify if the forest is prepared for LCS\OCSLCScmd.exe /forest /action:CheckForestPrepState

How to prepare the domain for LCS\OCSLCScmd.exe /domain:myDom.com /action:DomainPrep

How to verify if the domain is prepared for LCS\OCSLCScmd.exe /domain:myDom.com /action:CheckDomainPrepState

http://technet.microsoft.com/en-us/magazine/2009.03.commandline.aspx?pr=blog

55

1- Prepare Schema, Forest and Domain

66

1- Prepare Schema, Forest and Domain

C:\Program Files\Common Files\Microsoft Office Communications Server 2007 R2>lcscmd /forest /action:checkschemaprepstate

Microsoft Office Communications Server 2007 R2 Deployment Command ConsoleCopyright (c) Microsoft Corporation. All rights reserved.

Executing "Initialize Forest Object"Executing "Initialize Active Directory Connections"Executing "Check Schema Prep State"Check the log file "C:\Users\ADMINI~1.JTE\AppData\Local\Temp\Forest_checkschemaprepstate[2010_02_05][09_23_27].html" for details.Action completed successfully

Execution time = 1172 ms

77

2- Certificates

What Are the Requirements for Certificates and How Do I Get One?Office Communications Server 2007 R2 requires a public key infrastructure to support TLS and Mutual TLS(MTLS) connections. Office Communications Server uses certificates for the following purposes:

• TLS connections between client and server• MTLS connections between servers• Federation and public IM connectivity• Remote user access for instant messaging• External user access to A/V sessions and Web conferencing

88

2- Certificates (2)For Office Communications Server 2007 R2, the following common requirements apply:• All server certificates must support server authorization (Server EKU (Enhanced Key Usage )1.3.6.1.5.5.7.3.1).• All server certificates must contain a CRL Distribution Point (CDP).• If you are supporting public IM connectivity with AOL, AOL requires a certificate configured for both client and server authorization. The certificate assigned to the Access Edge Server external interface should support client authorization (Client EKU 1.3.6.1.5.5.7.3.2).• Auto-enrollment is supported for internal servers running Office Communications Servers, including an array of Standard Edition servers configured as Director.• Auto-enrollment is not supported for Office Communications Server edge servers.

99

2- Certificates (3)Note: Certificate Summary• The only certificates that require Subject Alternative Names (SANs) are the Access Edge external interface, the Director pool internal interface (if a Director is installed) and the Pool internal interface.• The Access Edge and Next Hop Pool certificates are shown with both server and client enhanced key usage (EKU) set but this is only required if you are using Public IM Connectivity (PIC).• Pre-pending “sip” to the domain name is recommended for entries in the certificate SAN but not for entries in the Edge server’s list of supported SIP domains listed on the Internal TAB under “Internal SIP domains supported by Office Communications Servers in your organization:”• Subject Alternative Name lists (SANs) for the Access Edge external interface, Director and Pool are only required if using the Office Communicator Automatic Configuration feature.• The SIP domain name is independent of the domain name hosting users and/or computers. For example, it’s common to place OCS servers in a sub domain (e.g. corp.contoso.net) but assign users a SIP URI of userAlias@contoso.com.• A best practice is to have your SIP domain name match your Exchange SMTP domain name.

1010

3-Sign-in in automatic mode not working (DNS/Cert issue)

Prerequisite for Automatic Sign-in - SRV records : _sipinternal._tcp._domain.com- SRV Record : _sipinternaltls._tcp.domain.com- A record for Poolname

The DNS SRV records _sipinternaltls._tcp. domain.com, _sipinternal._tcp.domain.com and/or _sip._tls. domain.com may need to be configured if automatic configuration is desired

1111

OC AUTOMATIC SIGN-IN:Troubleshooting Areas

EdgeServers

DMZData

Audio/VideoSIP

Front-End Server(s)

BackendSQL server

Internal Client

Network

Active Directory

DNS Server

Remote User

Public DNS Server

Internet

1212

OC AUTOMATIC SIGN-IN

4 - DNS Answer (A) Poolmocs.microsoft.com = 10.100.1.10

SIP URI : leonarwo@microsoft.com

1 - DNS Query (SRV)_sipinternaltls._tcp.microsoft.com

2 - DNS Answer (SRV)_sipinternaltls._tcp.microsoft.com =Poolmocs.microsoft.com : 5061 TCP

3 - DNS Query (A)Poolmocs.microsoft.com

5 – TLS Handcheck Start (SYN,SYN-ACK,SYN)Client -> 10.100.1.10:5061 TCP6 – TLS CLIENT HELLO

7 – TLS SERVER HELLO – Encrypted Message / Certificate Request

8 – TLS CHANGE CYPHER SPEC – Encrypted Message/Certificate

9 – TLS – APPLICATION DATA / SIP - REGISTER

1

5

6

7

89

2

3

4

Server CertificateSN: FE1.microsoft.comSAN:FE1.microsoft.comSAN:poolmocs.microsoft.com

DNS SERVER

Microsoft.com _tcp. _sipinternaltls. (SRV) _sipinternal. (SRV)poolmocs.microsoft.com (A)

OCS FRONT END SERVERS

1313

4 - DNS Answer (A) Poolmocs.contoso.com = 10.100.1.10

OC AUTOMATIC SIGN-IN

Internal Client

Active DirectoryContoso.com

DNS Server

SIP URI : leonarwo@microsoft.com

Microsoft.com _tcp. _sipinternaltls. _sipinternal.

Contoso.com poolmocs.contoso.com

1 - DNS Query (SRV)_sipinternaltls._tcp.microsoft.com

2 - DNS Answer (SRV)_sipinternaltls._tcp.microsoft.com =Poolmocs.contoso.com : 5061 TCP

3 - DNS Query (A)Poolmocs.contoso.com

5 – TLS Handcheck Start (SYN,SYN-ACK,SYN)Client -> 10.100.1.10:5061 TCP6 – TLS CLIENT HELLO

7 – TLS SERVER HELLO – Encrypted Message / Certificate Request

8 – TLS CHANGE CYPHER SPEC – Encrypted Message/Certificate

9 – TLS – APPLICATION DATA / SIP - REGISTER

1

2

5

6

7

89

3

4

Server CertificateSN: FE1.contoso.comSAN:FE1.contoso.comSAN:poolmocs.contoso.com

Why?

1414

Why?

- TLS security check match DNS SRV record answer with Domain name requested. - If not match TLS Hand check fail .

1515

4-Users can’t sign-in (DNS/Cert issue)

8 – TLS CHANGE CYPHER SPEC – Encrypted Message/Certificate

4 - DNS Answer (CNAME / A) Poolmocs.microsoft.com = Poolmocs.contoso.comPoolmocs.contoso.com = 10.100.1.10

Internal ClientSIP URI : leonarwo@microsoft.com

1 - DNS Query (SRV)_sipinternaltls._tcp.microsoft.com

2 - DNS Answer (SRV)_sipinternaltls._tcp.microsoft.com =Poolmocs.microsoft.com : 5061 TCP

3 - DNS Query (CNAME / A)Poolmocs.microsoft.com

5 – TLS Handcheck Start (SYN,SYN-ACK,SYN)Client -> 10.100.1.10:5061 TCP6 – TLS CLIENT HELLO

7 – TLS SERVER HELLO – Encrypted Message / Certificate Request

9 – TLS – APPLICATION DATA / SIP - REGISTER

1

2

5

6

7

89

3

4

Server CertificateSN: FE1.microsoft.comSAN:FE1.microsoft.comSAN:poolmocs.microsoft.comSAN:poolmocs.contoso.com

OCS FRONT END SERVERS

DNS SERVER

Microsoft.com _tcp. _sipinternaltls. (SRV) _sipinternal. (SRV)Poolmocs.microsoft.com (CNAME)

Contoso.compoolmocs.contoso.com (A)

1616

5-Users don’t get Address Book (UR/IIS issue)

EDGE SERVER

DMZ

Active Directory

Remote Access

OCS POOL

OCS FRONT END SERVERS

UC ENDPOINTS

BACK-ENDSERVER

HTTPS : TCP/443

SIP: MTLS/5061

SIP: TLS/5061 - TCP/5060 SMB : TCP/445

FILE SHARE

SQL : TCP/1433

REVERSE PROXY

DOMAINCONTROLER

LDAP : TCP/389

1717

ADDRESS BOOK SERVICE: User Replicator

1- Every 60 sec by default User Replicator send an LDAP Dirsynch query based on cookie version- SearchRequest: BaseDN: DC=Microsoft,DC=com, SearchScope: WholeSubtree, SearchAlias: neverDerefAliases + BaseObject: DC=Microsoft,DC=com + Scope: WholeSubtree + Alias: neverDerefAliases + SizeLimit: 100 entries + TimeLimit: 75 seconds + TypesOnly: False + Filter: (&(|(objectClass=user)(objectClass=contact)(objectClass=group))(!(objectclass=computer))) + Attributes: ( objectClass )( distinguishedName )( objectGUID )( objectSid )( msRTCSIP-OriginatorSid )( isDeleted )( msRTCSIP-PrimaryUserAddress )( msRTCSIP-PrimaryHomeServer )( displayName )( mail )( msRTCSIP-UserEnabled )( telephoneNumber )…

2- AD Send back data to FE (set new cookie)

3- FE store data into Backend Database - User and Ressource ID are stored in RTC\

dbo.Ressource- New Dirsynch cookie to RTC\dbo.UrReplicationCookie

Front-End Server(s)

Active DirectoryMicrosoft.com

Back EndSQL Server

1

2

3

1818

ADDRESS BOOK SERVICE: User Replicator

ROOT\CIMV2

UserReplicator Settings :

instance of MSFT_SIPUserReplicatorSetting{

Backend = « BackEnd_FQDN";InstanceID = "{963099A5-0F69-4793-

9DA8-713F0F3CA5C3}";RegenerateCookiesNow = FALSE;ReplicationCycleInterval = 60;

};

Front-End Server(s)

Active DirectoryMicrosoft.com

Back EndSQL Server

1

2

3

1919

ADDRESS BOOK SERVICE:

1- ADDRESS BOOK files creation is done every 24 hours.-By default every night at 01:30 AM -ABS sevice initiate Address Book Files creation(SQL Queries).

2-Back End SQL send back data according « required attributes » table (RTC\dbo.AbAttribute)3-FE store data into .LSABS / .DABS files . (Full and Delta ones) on File Server (SMB)

Fxxxx.lsabs -> xxx= number of days since 01/01/2001.lsabs -> AB for Communicator clients.dsabs-> AB for UC DevicesEach day -> 1 Full + n Delta

2020

ADDRESS BOOK SERVICE: ABS settings

2121

ADDRESS BOOK SERVICE:ABS Settings

A

AB Settings :

ROOT\CIMV2instance of MSFT_SIPAddressBookSetting{

Backend = « Backend_FQDN";DaysToKeep = 30;ExternalURL =

"https://external_webcomp_FQDN/Abs/Ext/Handler";IgnoreGenericRules = FALSE;InstanceID = "{D265A402-BD08-4BCB-BEB3-CC7AFBD47C08}";InternalURL =

"https://internal_webcomp_FQDN/Abs/Int/Handler";MaxDeltaFileSizePercentage = 1250;OutputLocation = "\\\\FileServer_FQDN\\AB";PartitionOutputByOU = FALSE;RunTime = 130;SynchronizeNow = FALSE;SynchronizePollingIntervalSecs = 300;UseNormalizationRules = TRUE;

}; ABSERVER.EXE -REGENURABSERVER.EXE -SYNCNOW : launch UR replication and create ABS filesABSERVER.EXE -DUMPFILE <xxx.lsabs>

2222

1- SIP REGISTER2-SIP 200 - OK3-SUBSCRIBE(s)

Event: vnd-microsoft-provisioning-v24-SIP 200 – OK (s)

<absInternalServerUrl>https://mocspool.babylon.com/Abs/Int/Handler</absInternalServerUrl>

<absExternalServerUrl>https://webocs.babylon.com/Abs/Ext/Handler</absExternalServerUrl>

5- HTTPS GET https://mocspool.babylon.com/Abs/Int/Handler

6- SMB READ REQUEST \\fileserver\absfileshare\xxx.lsabs7- SMB READ RESPONSE

8-WebComp send back file to client over https

Front-End Server(s)

File Server

2

6

Internal Client

Web ComponentsIIS Server

1 3

4

5

7

8

ABS Data stored localy in : %userprofile%\Local settings\application data\microsoft\communicator\galcontact.db

ADDRESS BOOK SERVICE : Client Side

2323

ADDRESS BOOK SERVICE

Increased service requests since CU2 (build 9607.37)

New design introduced with http://support.microsoft.com/kb/972403/en-usNaming conventionF-xxxx.lsabs - Full Files

Full File creation date

C-xxxx-yyyy.lsabs -Compact Delta Files

Full File creation date Delta File creation date

xxxx: in days since Jan 1, 2001 calc: Date = 1.1.2001 + HEX2DEC(xxxx)

2424

6-Communication A/V from external user to internal user not working (Edge Setup issue)

Front-End Server(s)

Internal User

Internal NetworkExternal User

Edge Server(s)

PublicNetwork

2525

AV Edge Provisioning/Credentials

SIP Register

OuterFirewall

A/VEdge Inner

Firewall

OCS FEServer

ms-user-logon-data: RemoteUser<mrasUri>sip:av.tailspintoys.com</mrasUri>

200 OK

<location>internet</location>

SIP Service

<hostName>av.tailspintoys.com<udpPort>3478<tcpPort>443<username> 77qq8yXccBc2lwOmFy<password> Wnujl0eo00YkV/5dg=<duration>480

200 OK

Service

200OK

AccessEdge

A/V Auth

MTLS

External Client

2626

2 PARTY AUDIO CALL: EXTERNAL

InternalClient

200 OK 200 OK

RINGING RINGING

INVITE INVITE

ExternalFirewall

InternalFirewall

TRYING

External Client

AccessEdge

OCS FEServer

A/VEdge

TRYING

RTCP/SRTCP

RTP/SRTP

RTCP/SRTCP

RTP/SRTP

192.168.1.100:50008 UDP

192.168.1.100:50009 UDPRTAudio 26Kbit/s

192.168.1.22:59129 UDP

192.168.1.22:59785 UDPRTAudio 26Kbit/s

STUN BINDING REQUESTS

192.168.1.100:50009

192.168.1.100:50008NO BIND

RESPONSE

m=audio 50008 RTP/SAVP 114 111 112 115 116 4 8 0 97 101a=candidate:UDP 0.840 192.168.1.100 50008 a=candidate:UDP 0.840 192.168.1.100 50009 a=crypto:2 AES_CM_128_HMAC_SHA1_80 a=remote-candidate:EbG+8ZNb5MSDsF3Da=maxptime:200a=rtpmap:114 x-msrta/16000a=fmtp:114 bitrate=29000a=rtpmap:111 SIREN/16000a=fmtp:111 bitrate=16000a=rtpmap:112 G7221/16000a=fmtp:112 bitrate=24000a=rtpmap:115 x-msrta/8000a=fmtp:115 bitrate=11800a=rtpmap:116 AAL2-G726-32/8000a=rtpmap:4 G723/8000a=rtpmap:8 PCMA/8000a=rtpmap:0 PCMU/8000a=rtpmap:97 RED/8000a=rtpmap:101 telephone-event/8000a=fmtp:101 0-16a=encryption:required

m=audio 59785 RTP/SAVP 114 111 112 115 116 4 8 0 97 101a=candidate:UDP 0.490 192.168.1.22 59785 a=candidate:UDP 0.490 192.168.1.22 59129 a=crypto:2 AES_CM_128_HMAC_SHA1_80a=remote-candidate:t5hj4JqMUT5RnDEwQ2ktkCunomaa=maxptime:200a=rtcp:59129a=rtpmap:114 x-msrta/16000a=fmtp:114 bitrate=29000a=rtpmap:111 SIREN/16000a=fmtp:111 bitrate=16000a=rtpmap:112 G7221/16000a=fmtp:112 bitrate=24000a=rtpmap:115 x-msrta/8000a=fmtp:115 bitrate=11800a=rtpmap:116 AAL2-G726-32/8000a=rtpmap:4 G723/8000a=rtpmap:8 PCMA/8000a=rtpmap:0 PCMU/8000a=rtpmap:97 RED/8000a=rtpmap:101 telephone-event/8000a=fmtp:101 0-16a=encryption:required

2727

7-Invite/Join a Live Meeting conference not working

Front-End Server(s)

Network

Internal User Internal User

Web Conferencing

Server

2828

FRONT END (ACCESS SERVER)

WEB CONFERENCING (DATA MCU)

IM CONFERENCING (IM MCU)

A/V CONFERENCING (AV MCU)

BACK END DATABASE

FOCUS FACTORYFOCUS

MCU FACTORYSIP TLS/5061

PSOM SSL/8057

SIP TLS/5062SIP / RTP-RTCP

SQL

SQL

SQLC3P Over HTTP

CONFERENCING COMPONENTS

2929

Internal Client

FOCUS FACTORY

FOCUS

SERVICE

200 OK

to="sip:kevin@tailspintoys.com;gruu;opaque=app:conf:focusfactory" from="sip:kevin@tailspintoys.com" requestId="33122144"><addConference><msci:conference-id>3A33C8AC9BEECD4DAFE3803381BEA739</msci:conference-id><msci:expiry-time>2008-09-27T04:00:46Z</msci:expiry-time><msci:admission-policy>openAuthenticated</msci:admission-policy><msci:conference-view><msci:entity-view entity="chat"/><msci:entity-view entity="audio-video"/><msci:entity-view entity="meeting"><msdata:app-viewing-behavior>enableWithFullSharing</msdata:app-viewing-behavior><msdata:conferencing-type>collaboration</msdata:conferencing-type>

requestId="33122144" C3PVersion="1" from="sip:kevin@tailspintoys.com;gruu;opaque=app:conf:focusfactory" to="sip:kevin@tailspintoys.com" code="success"><addConference><conference-info xmlns="urn:ietf:params:xml:ns:conference-info" entity="sip:kevin@tailspintoys.com;gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739" state="partial" version="1"/></addConference></response>

FRONT END OCS

CREATE A CONFERENCE

3030

Internal Client

FOCUS FACTORY

FOCUS

TRYING

INVITE

to="sip:kevin@tailspintoys.com;gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739" from="sip:kevin@tailspintoys.com" requestId="0"><addUser><conferenceKeys confEntity="sip:kevin@tailspintoys.com;gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739"/><ci:user xmlns:ci="urn:ietf:params:xml:ns:conference-info" entity="sip:kevin@tailspintoys.com"><ci:roles><ci:entry>attendee</ci:entry></ci:roles><ci:endpoint entity="{6F488A99-D3C2-4414-8D69-80E1C75B2385}"

FRONT END OCS

SESSION PROGRESS

requestId="0" C3PVersion="1" from="sip:kevin@tailspintoys.com;gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739" to="sip:kevin@tailspintoys.com" code="success"><addUser><conferenceKeys confEntity="sip:kevin@tailspintoys.com;gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739"/><ci:user entity="sip:kevin@tailspintoys.com"><ci:roles><ci:entry>presenter</ci:entry></ci:roles></ci:user></addUser></response>

INVITE DIALOG CREATED

INFO

to="sip:kevin@tailspintoys.com;gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739"from="sip:kevin@tailspintoys.com" requestId="3"><addUser mscp:mcuUri="sip:kevin@tailspintoys.com;gruu;opaque=app:conf:meeting:id:3A33C8AC9BEECD4DAFE3803381BEA739" <conferenceKeys confEntity="sip:kevin@tailspintoys.com;gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739"/><ci:user entity="sip:kevin@tailspintoys.com"><ci:display-text>Kevin Cook</ci:display-text><ci:roles><ci:entry>presenter</ci:entry></ci:roles><ci:endpoint entity="{CDF6EA5F-CD7B-4E30-9FD6-62A5C6A40ADA}" sip-instance="&quot;&lt;urn:uuid:BA8EE1B2-7EF3-5110-BCCE-D75F4C82294D&gt;&quot;"><ci:joining-method>dialed-in</ci:joining-method>

INFO

JOIN A CONFERENCE

3131

A/VEdge

AVEdge Provisioning/CredentialsJoining a Conference (OC and Console)

nicSIP Invite

OuterFirewall

ENDPOINT

InnerFirewall

OCS FEServer

{MRAS Credentials}

200 O

K

CC

CP

: Add U

ser

<hostName>av.tailspintoys.com<udpPort>3478<tcpPort>443<username> 77qq8yXccBc2lwOmFy<password> Wnujl0eo00YkV/5dg=<duration>480

200 OK

Service

200OK

AccessEdge

A/VMCU

A/V Auth

MTLS

3232

8-CWA 2007 R2 is reporting error (0-1-492) "Your computer clock is not set correctly" when

installed on Windows Server 2008When trying to log using CWA get: “Cannot sign in because your computer clock is not set correctly or your account is invalid.(Error code: 0-1-492)”.

1- Resolution: the SPN of the CWA URL is missing, add the SPN to the CWAService Account. In Adsiedit. location CWAService Account, go to properties, find SPN and add to it CWA URL http:\\im.company.com reboot.

2- If you do a network trace you will see: KRB_ERROR - KDC_ERR_PREAUTH_REQUIRED (25)

3- You need to verify the account and the server with checkspn.vbsC:\Program Files\Microsoft Office Communications Server 2007 R2\ResKit>cscript checkspn.vbs /check /s:jte-fe.jte-leo.frMicrosoft (R) Windows Script Host Version 5.7Copyright (C) Microsoft Corporation. All rights reserved.

Entry (1): CN=RTCService,CN=Users,DC=jte-leo,DC=frSUCCESS: The sip/jte-fe.jte-leo.fr is correctly registered

3333

We have an article for this: http://support.microsoft.com/kb/968978/EN-US

1. Typically a client will be connecting using the FQDN (fully qualified domain name) of the web server. Since Kerberos is only attempted if the website is in Internet Explorer's Intranet security zone, the website will need to be added to that security zone either using a GPO or manually.2. a one-way trust (the resource Forest trusts the User forest) is required for this scenario. In future scenarios (e.g. if they introduce delegation) a two-way trust will be required.3- again check the seviceC:\Program Files\Microsoft Office Communications Server 2007 R2\ResKit>cscript checkspn.vbs /list /u:cwaserviceMicrosoft (R) Windows Script Host Version 5.7Copyright (C) Microsoft Corporation. All rights reserved.

LDAP://CN=cwaservice,CN=Users,DC=jte-leo,DC=frhttp/JTE-CWAhttp/JTE-CWA.jte-leo.fr

8-CWA 2007 R2 is reporting error (0-1-492)

3434

9-Delegates unable to Schedule Live Meetings

[ ( 50) 10:08:31:275 <RTL> ] [ PID: 0908 TID: 0304 ] Displaying error message "An error occurred while executing this command. If this error persists, please contact your Live Meeting administrator." for HRESULT 0x80070057 Err:0x80070057 -> (E_INVALIDARG) (kernel32.dll) One or more arguments are invalid

With the release of the July 2009 Cumulative update for Office Communications Server 2007 R2 and associated technologies, it is now possible to allow a non-Enterprise voice user to enable Conference Delegation (Boss/Admin Feature). Knowledge base article http://support.microsoft.com/kb/971845/

3535

Verify pre-requisite software:Office Communicator 2007 R2 version 3.5.6907.37 or laterhttp://support.microsoft.com/kb/969695 Office Live Meeting 2007 client/Outlook Add-in version 8.0.6362.140 or laterConfigure Required Registry EntryOn the “Boss” machine, enable the following registry key in only one of the two locations:Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Communicator]"EnableExchangeDelegateSyncUp"=dword:00000001Or [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Communicator]"EnableExchangeDelegateSyncUp"=dword:00000001

3636

10-A/V quality issues (Network/Firewall issue)

Help And How To: Voice and Video Call Quality2- Using DNAT with OCS 2007 http://support.microsoft.com/default.aspx?scid=kb;EN-US;946091

3737

The local parameters

3838

Useful LinksValidation and Troubleshooting Hints in Office Communications Server 2007 R2http://technet.microsoft.com/en-us/library/dd425329(office.13).aspxOffice Communications Server 2007 Solution Centerhttp://support.microsoft.com/ph/12605How-Tohttp://stage.xcarab.com/microsoft/rolodex/

3939

Useful Links

Updates Resource Center for Office Communications Server 2007 R2 and Clientshttp://technet.microsoft.com/en-us/office/ocs/ee695846.aspxRetrieve Installed Versions of Office Communicator and Office Live Meetinghttp://www.insideocs.com/Tools/ClientVersions.html

4040

Sessions OCS

UCO403OCS 2007 R2 Edge Server : fonctionnement et mise en oeuvre

Eric Scherlinger 10/02/2010 16:00 – 17:00