WOW!!! My customers have been asking for this forever. In the past I had to point out that the best experience was for web access was with Internet Explorer. But the response I would get is that being in an academic environment I can’t dictate what students are using to browse with and therefore had customers with different experiences for Exchange based on which browser they were using. We have had great guidance on OWA light and the Exchange team did a great blog on it here.
In Exchange 2010 that is no longer a restriction. Firefox, IE, or Safari can be used with the same experience. I have a screenshot below of OWA with Firefox.
In OWA Exchange 2010 we include chat over IM, presence for all contacts, conversation views, inline player for Unified Messaging, transcription for Unified Messaging (Speech-To-Text). The Nickname cache is now shared across all Exchange experiences. And there’s more I esp. like the side by side calendars that are available in Exchange 2010.
Figure 1: View from Firefox
Figure 2: Side by Side Calendaring
This I have not been able to try yet but is very exciting. The ability to connect the SMS/texting world to email. With this configuration you can send and reply to text messages just as you would any regular email. It will be limited to 160 characters per text message. If longer then the user would receive additional text messages. Texting can also be used to setup alerting for voicemails and calendaring. I’ll talk about these features in another post.
I get asked this quite a bit from schools as they want the ability to place/receive voice calls on the Mac or Linux using OCS R2.
The answer is yes if you leverage the SmartSip technology from our partner Evangelyze.
You can make and receive voice calls natively on the Mac using a SIP softphone of your choice such as X-lite. This would also apply to any other platform such as Linux. The other value here is you can leverage your existing investment in any existing SIP phones on your campus and connect to OCS voice as well.
Here is a cool demo of Mac Messenger 7’s native capabilities with OCS (IM, peer to peer voice calls, video) along with a Mac OS native voice demo (using a free SIP softphone) connecting through SmartSip where the Mac user has been provisioned for OCS enterprise voice:
I was asked by a school to provide more detail around the new desktop sharing feature in OCS 2007 R2.
What is desktop sharing?
Desktop sharing is the ability to share your desktop from a PC directly from the Communicator client with other communicator users either with a PC communicator client or to users using Communicator Web Access.
This feature is an excellent addition for OCS R2 as you can now do even easier ad-hoc collaborations with up to 100 of your peers. I use this feature all the time now during my ad-hoc meetings. You can also give control to other participants (e.g. helpdesk), take back control, etc.
View from desktop sharing host (above)
View from someone joining a desktop session (above)
Communicator Web Access desktop sharing (above)
What is the desktop sharing architecture?
The Application Sharing Server role is installed as part of the Front End server architecture automatically.
What do I need to do to enable this?
•Available in Standard and Enterprise Edition by the Application Sharing Server role
•No client configuration is required for users to participate in a desktop sharing session with OC2007 R2
•Microsoft Office Communicator Web Access role for web access and anonymous access
•CWA Plug-in required to share the desktop
Inside of the OCS R2 administration console, select Global Properties, Meetings tab, locate Default Policy (under Policy Definition) and click Edit. Check “Enable Program and Desktop Sharing” and “Allow control of shared programs and desktop”
For anonymous desktop sharing use, select “Allow users to invite anonymous participants” within the OCS global properties
For anonymous desktop sharing use, select “Allow users to invite anonymous participants” within the OCS global properties
What protocols are used for desktop sharing?
•C3P (Centralized Conference Control Protocol). •Session Description Protocol (SDP) •RDP (Remote Desktop Protocol) •RTP (Real Time Protocol) •AV Edge Service –ICE (Internet Connectivity Establishment) –TURN (Traversal Using Relay NAT) •CWA –HTTPS: Desktop sharing requires a secure connection (HTTPS)
•C3P (Centralized Conference Control Protocol).
•Session Description Protocol (SDP)
•RDP (Remote Desktop Protocol)
•RTP (Real Time Protocol)
•AV Edge Service
–ICE (Internet Connectivity Establishment)
–TURN (Traversal Using Relay NAT)
–HTTPS: Desktop sharing requires a secure connection (HTTPS)
What type of sharing can I do with the browsers?
•From Windows browsers –Initiate –Take Control –View •Apple & Linux browsers –View –Take Control
•From Windows browsers
•Apple & Linux browsers
What browser versions are supported?
Can people outside of OCS join a desktop sharing session?
Yes, you can share your desktop anonymously with people outside of your school/campus via Communicator Web Access.
Within CWA properties, select the next hop pool FQDN for anonymous CWA users.
The external user will get an invite such as below via federated IM or email. The external user will select ‘No’ when visiting CWA login page asking if you have a user account.
This is an anonymous desktop sharing session via CWA with someone who does not have an account in OCS. (above)
This is a very nice tool as it will help layout your OCS R2 Edge environment:
You can enter all your IP information via the wizard and it provides a nice Edge summary at the end:
Along with Firewall rules:
and how to configure for OCS R2 within the console to make this all work:
You can download the R2 Edge Planning Tool here.
Grab your beta evaluation copy of Exchange 2010 here.
What is new in Exchange Server 2010?:
Flexible and reliable
· Remove the need to deploy complex and costly clustering and third-party data replication products for full-scale Exchange redundancy
SCC is a no longer an option and the concept of CCR and SCR get merged into a single availability solution.
· Automate mailbox database replication and failover with as few as two servers or across geographically dispersed datacenters
Granular database failover will be a nice feature since you no longer have to failover entire servers.
· Maintain availability and fast recovery with up to 16 Exchange-managed replicas of each mailbox database
Customers will like multiple replicated database copies since it will more than like steer them away from the need to backup.
· Limit user disruption during mailbox moves between e-mail servers, which allows you to perform migration and maintenance activities on your schedule, even during business hours
I was migrated to Exchange 2010 with my Outlook open and I was prompted to restart Outlook.
· Guard against lost e-mail due to Transport Server upgrades or failures, through new built-in redundancy capabilities designed to redirect mail flow intelligently, through another available route
Reduce helpdesk burden
· Allow users to update their contact information and track delivery receipt information for e-mail messages, for example, without IT assistance
· Offer an easy-to-use Web-based interface for common help desk tasks
· Utilize the new Exchange Roles-based Access Control model to empower specialist users to perform specific tasks – like giving compliance officers the ability to conduct multi-mailbox searches – without requiring administrative control
This is another common customer request I get for delegating specific Exchange roles such as compliance officer, helpdesk, or UM administrator without full Exchange admin rights.
· Offer users a premium Outlook experience across the desktop, Web, and mobile devices, including OWA support for browsers like Apple Safari and Mozilla Firefox
This is a very common request I get in Education obviously. I tested Firefox and Safari (PC) on our dogfood and both have excellent features like drag and drop which should bring it on par with the IE experience.
· Unify access to e-mail, voice mail, instant messaging, and text messages, which allows users to choose the best way to communicate no matter where they are.
This will be popular in higher-ed since you will be able to SMS text natively in Exchange to students, etc.
· Add native support for virtually every mobile device, including a premium experience with Windows Mobile, through Exchange ActiveSync
The new Outlook Mobile and Calendar with the upcoming Windows Mobile 6.5 is very nice. Lots of new features. For more on WM 6.5 go here.
· Share free/busy information with external business partners for fast and efficient scheduling, and choose the level of detail you wish to share
This is a common request in higher education to share with partners and other schools, etc.
Organize your email
· An enhanced conversation view that streamlines inbox navigation by organizing message threads automatically, based on the natural conversation flow between communicating parties
I love this conversation flow feature on my WM 6.5 phone and in my inbox! Cleans up inbox clutter and allows you to actually see a threaded flow with replies etc.
· MailTips that inform your users, before they click send, about message details that could lead to undeliverable or mis-sent e-mails, like accidentally sending confidential information to external recipients, reducing inbox clutter, extra steps, and help desk calls
This is a very nice feature since Outlook will tell you via a Mailtip what you are doing. For example, Outlook will pop up a mailtip and inform you the 30MB file cannot be sent since the attachment quota is 20MB.
· Text transcription of voice mail messages, allowing users to prioritize messages quickly, without having to play the audio file
So far, on the beta, the voicemail audio to text transcription works fairly well even with accents (Brian had a Minnesota accent). :)
· The power of a personalized auto attendant for voice mail
Another common request, you can have something like “Thanks for calling Mark, press 1 to call his mobile, press 2 to leave a message and press 0 to reach the receptionist, etc.
· Tools to create call answering and routing rules for individuals or groups of callers based on Caller ID and contact information, to ensure that every caller gets the experience your users intend
· Phone-based access to their whole inbox – including e-mail, calendar, and contacts – in nearly 30 languages with Outlook Voice Access
The new OVA is very nice thus far on dogfood. Cleaner navigation, better speech recognition, etc.
Archiving and compliance
· Move unwieldy Outlook Data Files (PSTs) from the PC back to Exchange for efficient control and legal discovery.
· Simplify the classification of e-mail with new centrally definable Retention Policies that can be applied to individual e-mail messages or folders
This will be a nice feature as you can expire emails you send for example.
· Conduct cross-mailbox searches through an easy-to-use Web-based interface, or through Roles-based access control, which allows your HR or compliance officers to execute targeted searches
Information protection and control
· Combine Exchange 2010 and Active Directory Rights Management Services (ADRMS) so that you and your users can apply Information Rights Management protection automatically to restrict access and use of information within a message – wherever it is sent.
· Allow partners and customers to read and reply to IRM-protected mail –even if they do not have Active Directory Rights Management Services (ADRMS) on premise
· Allow managers to review mail and either approve or block transmission
When will Exchange 2010 be available for purchase (generally available)?
A: In the second half of 2009.
For more specific Exchange Server 2010 documentation visit:
Exchange Server 2010 Technical Documentation Library
Download the VHD for Exchange Server 2010 Beta here for your virtual lab environments.
For more info visit the Exchange 2010 resource site here, or read the Exchange 2010 product team blog here.
One of my customers needed a way to scan outgoing mail by using the content filtering anti-spam agent. By default this agent does not work on trusted connections, therefore all emails sent from your Hub server to your Edge Transport server using the Internal Send Connector would not be scanned.
The solution was to have the hub server send anonymous emails to the Edge and this was accomplished by doing the following:
· Route inbound mail thru one set of dedicated edge transport servers with appropriate anti-spam/anti-phishing configuration
· Configure a second set of edge transport servers dedicated to outbound mail with appropriate anti-spam configuration (this is because Exchange 2007 doesn’t allow for separate configuration on a per-connector basis, and therefore, you cannot configure inbound to reject at one SCL and outbound at a different SCL)
· The trick is to get Exchange to score messages that are generated internally, which was a combination of the following:
The final step was to setup the hub server to send anonymous emails to the edge transport.
1. Create a New “Internet” Send Connector from the Hub Smart Hosting to your Edge Server--included all Hub Servers in the environment as the Bridgehead servers for this connector. By doing this you can bypass the Internal Connector and forcing the Hub to use this Send connector when talking to the Edge server.
However this is only possible if you force the Trusted Internal Send Connector to fail, and we will do this by next step.
2. Create a New Receive connector on the Edge server, only accepting connections from your Hub servers. This connector also only accepts anonymous connections, at the same time we disabled the “Exchange Authentication” and “Exchange Server” permissions on your default receive connector. This is how we force the Hub to use the other connector.
3. Finally assign the new receive connector on the Edge server the “relay” permission for Hub. This is done by using the following command.
Get-ReceiveConnector "Your Second Connector" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" –ExtendedRights
The above workaround was achieved by working with the customer and Premier support and using the below blog as a reference point.
This topic has come up twice in the same week. Quite a hot topic. We’ve talked about CCR and SCR in the past this topic will focus on options for site resiliency. This is where we have a primary and secondary center. The first item to understand is what type of recovery datacenter configuration do we have: cold, warm, or Hot. Also, what is the resource allocation at the recovery datacenter – are they dedicated or not dedicated to the site resilience solution. So what are the options for our datacenter.
Old Method of Site Recovery and Data Replication
Ship backups and restore
New Methods for Site Recovery and Data Replication
In this scenario we have a warm, dedicated CCR+SCR. Warm because it requires manual steps to bring the secondary site up. Dedicated because the servers are dedicated to the services in each site.
A variation on this is a Hot, non-dedicated CCR+SCR with /recoverCMS within a stretched AD Site. Here the site is stretched and we have CAS/HUB and GC that can service both sites. All routing can flow to/from either site and you have a scenario now where both sites are providing all traffic. This may not be the scenario you want if you are looking at a primary site performing most of the traffic flow.
This scenario is for a hot, non-dedicated stretched CCR with a stretched AD site. The site needs to be stretched in order to support the cluster. The HUB/CAS/DC are across both datacenters in this scenario so a HUB/CAS/DC in one datacenter can handle the load of both centers. There are many details to each of these scenarios one in this one is that the File Share Witness (FSW) for the CCR cluster is on the Hub Transport in that datacenter. If it’s a full datacenter loss then both CCR clusters can’t recover since the FSW isn’t available and either is the Active Node.
The final one I’ll cover today is the hot, non-dedicated CCR+SCR with/recover CMS across AD sites. In this scenario you may have noticed that the CAS3 and CAS4 boxes have been added to the scenario. These are only needed if you have CAS servers that don’t support SAN Certificates. If SAN certs are used you don’t need to drop in a server with the Cert into the new datacenter.
SAN Certs - http://technet.microsoft.com/en-us/library/bb851505.aspx
Site Resiliency - http://technet.microsoft.com/en-us/library/bb201662.aspx
Webcast on Site Resiliency - http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032381323&CountryCode=US
In order to understand bandwidth requirements for OCS it’s important to first model expected usage and right provisioning the network. You will also have to manage usage and grow in line with your business needs. Bottom line – Measure Well!!
OCS uses both RTAudio narrowband and wideband. Narrowband is used for UC <=> PSTN calls and wideband for all other calls. Wideband has a richer sound to the call and more user friendly with a higher sampling at 16kHz. The payload increases to a little over double but the real information that is needed is the full payload rate with IP+UDP+RTP+SRTP to find out how much bandwidth is needed. Also important in sizing is to understand that these are one-way numbers and that silent suppression saves on bandwidth. If you aren’t talking then the bits are less. As well as the dynamic changes of the packetization. If there is packet loss Forward Error Correction (FEC) is turned on to essentially double the packets. But for understanding the bandwidth the below chart will help us get some fairly accurate data.
2 party calls
For calls going to and from San Francisco from New York. We use the following datapoints
50% of the time User A talks (from SF) and 50% of the time User B talks (from NY). The stream is 50kpbs but since it’s only half the time the average bandwidth is 25kbps. We can then extrapolate this to more users.
Total BW SF to NY = N x 25kbps (N is concurrent Calls)
Total BW NY to SF = N x 25kbps
Beyond 2 party calls
If we look at the SF Office as the datacenter with the OCS Pool and the NY Office available via WAN link. We can examine bandwidth further with 750 users in SF and 250 users in NY.
First we need to know what the Peak call concurrency is. In the below example it’s 5%. This gives us 25 calls and .9 Answered:unanswered calls to give us 22.5 answered calls. We have .55Mbps of audio in each direction with Video BW of 1.37Mbps.
Conferencing is also modeled below. Conferencing is very different then 2 party calling in that all traffic is directed to the MCU, only one speaker is typically speaking, some may or may not include video conferencing.
These are busy hour peak bandwidth numbers. 2 party calls are symmetric but conferencing calls are asymmetric. Video BW is always greater than audio bandwidth.
Any model you choose is dependent on assumptions. Consider your intra-office calling patterns. How many calls, conferences do I have in between sites? Also do we have potential outliers – Superintendent wants an all hands audio/video conference. This will obviously skew our bandwidth model.
I have had quite a bit of interest in education with the new OCS R2 Group Chat Server functionality.
We are just starting to use this internally and people are really liking this great new way of collaboration and idea sharing vs. traditional email threads, etc. I am all for unclogging the inbox!
What is Group Chat Server?
Group Chat Server is a new server role in OCS 2007 R2 and is based upon our Parlano acquisition a few years ago.
The chat server essentially allows users and admins to create chat rooms that persistently maintain conversations within a room. This way chat room users can come and go yet still see the conversations being discussed while they were away.
Breakdown of features:
How could I use Group Chat Server in Education?
Many uses in Education here are a few ideas I have seen:
What HW do I need for a Group Chat server?
Minimum Requirement (same as SE)
Dual processor, quad-core 2.0 GHz +
8 GB RAM
2x 72 GB, 15K or 10K RPM, RAID 0 (striped) or equivalent
Can I run Group Chat Server collocated with other R2 roles?
No, GC server must be run as stand alone and cannot be collocated.
How does it scale?
You can scale Group Chat servers up to a maximum of two servers for redundancy.
From the performance data I could find, both GC servers can handle 40 messages a second, up to 1000 users per chat room, with 60,000 concurrent chat users. Results may vary based on HW, load, bandwidth, etc.
Update 10/2: a new QFE for Group Chat update is required to scale to 60,000 concurrent users. See here.
What are the Group Chat Server requirements?
A single Group Chat server requires three service accounts:
A SQL Server database for chat data
If compliance is required, the single-server topology must also include:
Windows Server 2003 SP2 / Windows Server 2008 Components:
There are two Group Chat client components. Group Chat Console and Group Chat Administrator Console.
Reboot is required
What ports do I need?
Group Chat Server
Used for secure file transfer with the Group Chat Web service.
Used for peer server synchronization/WCF ports for the Lookup Server.
Used for peer server synchronization/WCF ports for the Channel Server.
Used for listening port for the Channel service.
Used to communicate to internal servers using SIP/TLS.
Can I access Group Chat server from off campus without VPN?
Yes, via the Edge Access role. Additionally, federated OCS users can be allowed access to chat rooms.
More references for Group Chat Server:
Group Chat quick reference guide here.
Grab the Group Chat client deployment guide here.
Group Chat server deployment reference here.
Where are the bits for Group Chat Server?
They aren’t on the OCS R2 install DVD. There is a separate download:
Note: In order for Group Chat Server to work, OCS 2007 R2 to be in place first (see flow diagrams above). Grab a 180-day eval copy here.
Here are a few useful tools for your R2 deployment I found you can use:
R2 Capacity Planning/Stress tool (new):
The Office Communications Server 2007 R2 Capacity Planning Toolkit provides a set of tools and documentation to simplify capacity planning for Office Communications Server 2007 R2.
Grab the x64 R2 Capacity Planning tool here. Note: it only runs on x64 platform.
R2 Planning tool:
This tool is an excellent planning aid for laying out your OCS R2 topology at a high level. You can even export this to Visio.
Grab the R2 planning tool here.
R2 Edge planning tool
You can grab download the R2 Edge Planning Tool here.
R2 Resource Kit tools:
Some new R2 resource kit tools and scripts are available. This also comes with the excellent Office Communications Server 2007 R2 Resource Kit book. You can grab the book here.
Here are a few tools highlighted:
A helpful voice route helper tool helps with configuring dialing rules
An R2 deployment validation tool is useful:
Call detail record reporter:
Grab the R2 Reskit tools here.
OCS Best Practice Analyzer tool:
You should run this tool prior to installation of R2 to determine the overall health of your OCS deployment. This is an excellent tool as it checks many OCS settings and hotfixes. My understanding is it is in the process of being updated for R2.
Grab the BPA tool here.