The First Step after installation of the Access Edge and activating the server is to configure the server. Run the Configuration Wizard and enable the server for federation.
Before I start setting up Federation with Public IM it is important to note that both the External Edge of the Access Edge and Web Conferencing Edge need to have public certs. This is not needed for the A/V Edge Server. It is recommended to use a separate IP address for each role even if both services are collocated.
For the scaled single-site edge topology, it's recommended that each server role use a separate VIP address on the external load balancer. A separate certificate matching the FQDN of each VIP address used by each Access Edge and Web Conferencing Edge server role must be installed on that server. For example, the Web Conferencing Edge Servers must have a certificate that matches the VIP address used by the Web Conferencing Edge Servers on the external load balancer.
The Provider addresses are:
Yahoo - lcsap.msg.yahoo.com
AOL - sip.oscar.aol.com
Live - federation.messenger.msn.com
For the public certificate it is important to have both client and server authorization. This is because the AOL SIP Proxy requires both, the MSN and Yahoo can be done with a web certificate. I would plan for all three and use the client/server authorization.
After the certs are installed you need to setup federation on the Access Edge Server. You can setup with three different levels:
1. Automatic discovery - traffic is based at a trust level - this is the default.
2. Discovery with Allow List - discovery but trust level can be higher for Allowed List parties
3. Do not allow discovery and base access on the allow list.
To enable federation:
1. Log on to the Access Edge Server as a member of the Administrators group or a group with equivalent user rights.
2. Open Computer Management. Click Start, click All Programs, click Administrative Tools, and then click Computer Management.
3. In the console tree, expand Services and Applications, right-click Microsoft Office Communications Server 2007, and then click Properties.
4. On the Access Methods tab, select the Allow discovery of federated partners check box.
Adding Federated Partners:
3. On the Allow tab, click Add.
4. In the Add Federated Partner dialog box, do the following:
· In the Federated partner domain name box, type the domain of each federated partner domain.
· In the Federated partner Access Edge Server box, optionally type the FQDN of each Access Edge Server that you want to add to your Allow list. Remember if you configure the FQDN of a partner’s Access Edge Server and the FQDN changes, you must manually update your configuration for this partner.
· Click OK.
After that make sure you setup your Global settings to ensure that anonymous participants can join meetings.
After this is done you can setup users and enable them for federation and Public IM. To do this you can configure the users with the wizard and select both federation and federation with Public IM.
Keep in mind users that have the domain in their Live ID already will be notified that they have a domain name that belongs to the University. This is an example of the form letter.
Q&A on PIC:
The First Step after installation of the Access Edge and activating the server is to configure the server
Where do I get the application to apply for Federating with MSN?
See our other blog post: