Recently we released the 3.5.6907.31 version of the OCPE firmware. It’s available here http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=565595be-6cf3-4a61-a1e4-12555749ca64 in English, Dutch, French, German, Italian, Japanese, Korean, Portuguese (Brazil) and Spanish.
We have recently released an update to OC 2007 R2 (3.5.6907.22). The fix is available here http://support.microsoft.com/kb/971083/
We have made the documentation to OCS 2007 R2 available both as a Compiled Help Module (CHM) file and as individual documents - http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=e9f86f96-aa09-4dca-9088-f64b4f01c703
We have made the R2 release notes available http://www.microsoft.com/downloads/details.aspx?FamilyID=60a6d84a-29c5-472b-bb3e-6caa39b745ed&DisplayLang=en. Included is Microsoft Office Communicator 2007 R2 Phone Edition Release Notes containing valuable information about various issues you might run into when upgrading devices.
Rick Varvel has published a very detailed and comprehensive guide on how to configure Remote Access for OCS 2007 R1 and R2. Well worth reading.
Please take a look at it here http://blogs.technet.com/rickva/archive/2009/04/09/ocs-2007-r1-r2-remote-access-configuration-guide.aspx
This is an update to my my previous post on migration http://blogs.technet.com/jenstr/archive/2007/11/27/migrating-from-lcs-2005-sp1-to-ocs-2007-which-client-can-you-use-when.aspx. I’ve only updated the table. For the full details please refer to the previous post.
| Row | Client connects with | User homed on | Enabled for Enhanced Presence | Enhanced Presence Mode set | Connection works? |
| 1 | OC 2005 | LCS 2005 SP1 | N/A | N/A | Yes |
| 2 | OC 2007
OC 2007 R2 | LCS 2005 SP1 | N/A | N/A | No |
| 3 | OC 2005 | OCS 2007
OCS 2007 R2 | No | No | Yes |
| 4 | OC 2007 | OCS 2007
OCS 2007 R2 | No | No | No |
| 5 | OC 2005 | OCS 2007
OCS 2007 R2 | Yes | No | Yes |
| 6 | OC 2007 | OCS 2007
OCS 2007 R2 | Yes | Yes (sets it on first successful connection) | Yes |
| 7 | OC 2005 | OCS 2007
OCS 2007 R2 | Yes | Yes | No |
| 8 | OC 2007 R2 | OCS 2007 | Yes | Yes | No |
Some key points to note:
- OC 2007 R2 can only connect to OCS 2007 R2
- Users homed on OCS 2007 R2 can chose between OC 2007 and OC 2007 R2
It’s Saturday and we are busy in the lab. This is a tough day – first the 3rd written exam and then the Qualification Lab!
It has been a good week with topics like Edge, Load Balancer, Architecture Case Study, Operations & Troubleshooting, Tools and Application Integration.
Adrian hosted a Meet the OCS Master reception and had invited component PM’s, UC Marketing, UA (the folks who write our product documentation) and MS Learning. There was a good turn out and the OCG Corporate VP Gurdeep Singh Pall was also kind enough to stop by to meet the OCS Masters.
The Microsoft Certified Master team has started their own blog at http://blogs.technet.com/themasterblog/default.aspx. There are some good blog entries on what it is like to go through a master rotation. Worth reading.
Adrian and his team from MS Learning have done an excellent job with the alpha rotation. As always with an alpha there are some things, which can be changed to improve future rotations, but I believe that all of the participants feel they have had a great time.
I would like to thank the PM’s from OCG and Exchange, who have helped us review the material, answered numerous questions and in some cases stopped by the rotation and helped out. A special Thank You also goes to my colleagues Sasa, Jérôme, Tom and John who helped a lot with review of the material and answering questions.
This will be the final report from the OCS Master alpha rotation. It has been 3 hard weeks, but also very rewarding. After having been through it I’m glad I was able to participate. However I’m looking forward to go back to my wife and sons and continue my real life :-)
So this is Saturday afternoon and we are all still plucking away in the lab. Yes, the first sentence is the same as my previous post on OCS Master, since we are continuing the work in the lab. This week has been a bit less stress full than last week, since we have only been doing 11 hour days.
The week has focused on voice related topics such as Direct SIP/Dual Forking, advanced voice design, audio and video media stack deep dives, dial-in conferencing, devices, Exchange Unified Messaging integration, Response Groups, Attendant and Outside Voice.
We have had an excellent dial plan configuration lab, where we had to configure normalization rules, policies and routing inside our virtual company within the branch and the headquarter, between the branch and the headquarter and between the different companies. In addition we had to implement emergency number dialing for our branch and headquarter. All the 24 different pods were calling the same operator, so luckily no one were really in need of emergency services.
The afternoon is coming to an end and we can soon enjoy a day outside of the class room. Of course it won’t completely be a day off, since we’ll have to study for the second written exam Monday morning :-)
So this is Saturday afternoon and we are all still plucking away in the lab. It has been quite a challenging experience until now, but also very rewarding. 12 hour+ days with a mixture of presentations, discussions and lab work.
Most of the participants in this alpha rotation have also developed the content and are delivering it during the rotation. We have had excellent presentations packed with a lot of good and detailed information. Even better have been the great discussions going on among a very talented and experienced team of people. All of us have different specialties and it has been great to tap into some of the very deep knowledge the other participants have. Since this is a alpha we have also been lucky enough to have different component PM’s, developers and testers from the Office Communications Group (OCG) stopping by and helping us out with answers to questions and feedback to the material.
The lab is awesome. Each participant has a pod. Each pod has 2 Vista laptops with web cams and headset, 1 Office Communicator Phone Edition powered device, 1 3rd-party IP Phone and their own Windows 2008 Hyper-V server running 26 virtual servers with a OCS 2007 R2 environment with ISA, Edge, Directory, EE pool, Archiving, Monitoring, CWA, Group Chat, MOM, IP-PBX, 5 Mediation Servers and 5 Windows XP clients.
The networking in the lab simulates a corporate network, the Internet and a telephony network. The 24 different pods are each configured as its own company in its own town in its own country and all have a branch in Redmond. All the countries are connected using a simulated PSTN and all OCS environments can federated to each other.
The first week has covered networking for voice/video, IM/presence, Group Chat, Reach, Mobility, Conferencing and Management & Integration. We have been busy taking notes, asking questions, discussing and doing labs with setting up functionality, looking at traces to understanding how the protocols are used etc.
The afternoon is coming to an end and we can soon enjoy a day outside of the class room. Of course it won’t completely be a day off, since we’ll have to study for the first written exam Monday morning :-)
You might experience that your Office Communicator Phone Edition powered devices are not updating to new firmware versions hosted on a OCS 2007 R2 enterprise edition pool running on Windows 2008.
The cause could be that the device is not able to access the firmware, because it is getting HTTP error 500.19 (0x80070005 – ERROR_ACCESS_DENIED) back from IIS, when trying to download the new firmware.
To understand if that indeed is your problem check the the IIS logfile (default location c:\inetpub\logs\LogFiles\W3SVC1). If you have the problem you’ll see lines like this:
GET /DeviceUpdateFiles_Int/UCPhone/Polycom/CX700/A/ENU/3.5.6907.0/CPE/cpe.nbt - 80 - <browser UA string> 500 19 5 78
If you try to access the URL through Internet Explorer running on the Windows 2008 server using a URL like the following http://ocsr2.contoso.com/DeviceUpdateFiles_Int/UCPhone/Polycom/CX700/A/ENU/3.5.6907.0/CPE/cpe.nbt you’ll get a similar screenshot to the one below:
I don’t know all the technical details as to why this happens, but it is related to the way IIS accesses the file on the share used to host the firmware.
To solve the issue you need to change the Connect as value in Basic Settings for the _int vdir from Pass-through authentication (see below)
to connect using the RTCGuestAccessUser account specified when you added the server to the EE pool (see below).
It will then be the same configuration used for the _ext vdir.
One of the projects I’ve been working on this autumn has been the OCS Master program. My role has been to act as the interface between the component teams in the OCG Product Group – the folks developing OCS, OC, Live Meeting, Attendant, OCPE etc - and the team developing the content for the program. It has been very interesting and the content developed is impressive.
If you are serious about Microsoft and Unified Communications OCS Master is clearly something to look hard at. More info about the program can be found in Adrian’s post here Microsoft Certified Master (MCM) Program for Office Communications Server 2007.
In our documentation we tell you to use the DHCP option 119 when you deploy Office Communicator Phone Edition (OCPE) powered devices. But why do you need it? It has to do with how the device can find a domain controller (DC) to talk to.
You can sign in to a OCPE powered device in two different ways. Either using NetBIOS style (<domain>\<user>) or using User Principal Name (UPN) style (<user>@<domain>).
When you use NetBIOS style the device needs to use the <domain> name to find a DC. If WINS is configured for use by the device (via DHCP) it will use that. However if WINS is not configured, and the device is on another subnet than the DC, it needs to use DNS to find it.
The way it looks for a DC is using the DC locator SRV records in DNS (_ldap._tcp.dc._msdcs.<DNS domain>). When it looks up these records it uses domain information received using DHCP (option 15 and option 119). So let's assume that we have the situation:
- The device receives the DNS domain fabrikam.dk in DHCP option 15 (DomainName)
- The device receives the DNS domains fabrikam.dk and dk in DHCP option 119 (DomainSearch)
- The DC is located in fabrikam.dk and can be found by locating the SRV record _ldap._tcp.dc._msdcs.fabrikam.dk
- The user signs in with Fabrikam\Jens
The device will try to locate the DC using this sequence:
- _ldap._tcp.dc._msdcs.fabrikam - takes the NetBIOS name directly - fails
- _ldap._tcp.dc._msdcs.fabrikam.fabrikam.dk - adds the DomainName value - fails
- _ldap._tcp.dc._msdcs.fabrikam.fabrikam.dk - adds first element in DomainSearch - fails
- _ldap._tcp.dc._msdcs.fabrikam.dk - adds second element in DomainSearch - success
So if dk was not added to DHCP option 119 the device would have been unable to locate a DC and hence the user couldn’t sign in and the device would have be unable to download certificates.
The conclusion is therefore: You need to configure the DNS Suffix list such that the device can construct the correct DNS domain based on the NetBIOS name used.
An alternative approach is to instruct users to sign in using UPN style, i.e. jens@fabrikam.dk, and in this way the user provides the correct DNS domain directly at sign in.
If you have configured the NetBIOS name to be completely different to the AD DNS domain name, i.e. NetBIOS fabrikam and AD DNS domain is contoso.net, it is not possible to use the DNS Suffix list to create the mapping. In such a scenario the best approach is to instruct the users to use UPN style login. Alternatively use WINS.
We have released a new update for Office Communicator 2007 Phone Edition powered devices - http://support.microsoft.com/?kbid=952693. The image version is now 1.0.522.101.
You might get the above error message when you try to call your voice mail hosted on Exchange 2007 SP1 UM from your Office Communicator Phone Edition (OCPE) powered device. The likely cause of the issue is a mismatch between the VoIPSecurity setting of your SIP URI UM dial plan and the Security - Encryption level setting on the A/V Conferencing properties on your OCS 2007 pool.
The OCPE device use the Security - Encryption level setting to determine, if media should be encrypted or not. The default setting is Require encryption and OCPE will then send media using SRTP. If the UM dial plan VoIPSecurity parameter is set to SIPSecured Exchange 2007 SP1 UM will not accept the SRTP based media and you get the error message above on OCPE. Changing your UM dial plan to have the VoIPSecurity parameter set to Secured will fix the issue. This is the recommended setting, since this ensures that media is sent in a secure way.
More information can be found here http://technet.microsoft.com/en-us/library/bb676409.aspx and here http://technet.microsoft.com/en-us/library/bb124092(EXCHG.80).aspx.
