I have recently met many with the same questions on Groove and thought here to share my answers. If you woudl like to know more technical information about Groove, recommend starting with my TechNet article, J

 

Get into the Groove: Solutions for Secure and Dynamic Collaboration

 

to get a technical overview, followed by reviewing the content at

 

Groove Advisor and Groove Tech Center

 

Groove Advisor is closely monitored by Microsoft Groove product group and many seasoned Groove veterans. It is  a great resource to find out more on Groove.

 

 

 

When deploying Groove Server on site, does one need to deploy both Groove Server Manager and Groove Server Realy?

 

For a Groove Server Relay to be associated with a Groove Server Manager (which is the root CA of a Groove Domain) and serve Groove accoutns issued by this Groove Server Manager, one will need to, from the Realy, request a certificate from the Groove Server Manager as required by Groove PKI. Operationally this can be done from Groove Server Manager console when setting up a Relay Set, or Groove Server Realy configuration applet. Either way, one will need to have an admin access to an intended Groove Server Relay. Not to mention, it is my undersatnding for an on-site Groove server deployment, Microsoft Product Support and Services supports only when both Groove Server Manager and Groove Server Relay are deployed.

 

Does a Groove Server keep all workspaces for all clients?

 

Not at all.  All Groove workspace content are replicated and stored at the client side. For instance, if three are 10 members in a workspace, there are total 10 copies of the content and each member has a copy of the workspace encrypted and stored locally. Groove can and will automatically sync workspace content for a member when a client-to-client or a client-to-relay connection is established. Groove Server Realy holds message queues for assigned users to temporarily store Groove messages (deltas, IM, etc.) when applicable, i.e. a client-to-client connection is not establishable, while a client-to-relay conneciton is. And these temporarily stored messages are permanently deleted once consumed by an intended recipient when connecting to the Relay. Groove Server Manager, on the other hand, provides a web interface for administering a Groove domain and stores only account configuration data in an associated SQL backend.

 

How can a Groove user  back up all files in all workspaces?

 

While highlighting a workspace in Groove Launchbar, right-click and  Save As, and Archive. This will save the content of a workspace by default at Groove Workspace Archives in a user’s Domument folder.To know more about Groove’s backup options, please review this whitepaper.

 

Should a Groove Server Relay be accessible from Internet? Which ports does it use?

 

Yes. Groove Realy Server is to provide a rendezvous point such that a sender and an intended recipient can exchange messages (here all Groove data are considered as messages) without the need to be on line at the same time, or within the same (IT) organizational boundary.

 

A Groove client can establish a connection with a Groove Server Relay (which never initiates a connection to client) via the following ports, in order of preference,

·         2492, if open, with SSTP (Simple Symmertric Transmission Protocol) (See 917165)

·         443, if open with connection to proxy is allowed, with SSTP (Notice Groove uses SSTPon 443  and  not SSL as described by 917165)

·         80 with HTTP

 

So, at least opening port 80 is necessary.Notice port 80 is also iused by a client to contact Groove Server Manager, when applicable.For more information, review Groove Security Architecture and Planning and Architecture for Office Groove Server 2007.

 

Putting A Groove Relay with no interface to Internet means that the Realy will relay traffic in only Intranet, in such case IPsec and domain/server isolation can take care of the network/connection security while AD and NTFS can manage access control, SharePoint in this scenario is the right and best solution for all intranet only collaboration.