I had a partner ask the question of the differences between the 2 clients and I didn't know, so you can thank Henry for finding it.
From the link, look to the left navigation for these other items -
Getting Started
Overview
What's new for corporate accounts in Messenger for Mac 7
System requirements for Messenger for Mac 7
Upgrading and interoperability
Messenger for Mac 7 compared to Office Communicator 2007
Architecture and Planning
Messenger for Mac 7 topology
Security best practices
Installing and Configuring Messenger 7 on a Corporate Network
Installing Messenger for Mac 7
Connecting to Office Communications Server
Uninstalling Messenger for Mac 7
Post-Installation
Setting audio/video preferences
Deploying Messenger for Mac 7 preferences
Using Messenger for Mac 7 with Office 2008 for Mac
Technical Reference
Messenger for Mac 7 preferences
Disclosure - the content for this post comes from Jason on our escalation services team. He has provided permission to post.
March 30 - Forgive the delete and repeat posting but the images were on internal links. This should be resolved now.
Issue
Some Microsoft Office Communicator (MOC) clients are not able to establish a TLS connection to the Office Communications Server (OCS). Customer has noticed that the issue seems to occur more with one business group as compared to other business groups within the organization but has not been able to determine what is unique/different with the users or computers affected.
Data Collected
Network traces from a working and failing computer.
iDNA of Office Communicator during a failed connection attempt.
Network Trace Analysis
Network Trace filtered (tcp.port==5061)
Figure 1
- Frame 303: Client starts TCP 3-way handshake
- Frame 306: Client sends TLS "Client Hello" (for details see the TLS Technical Reference)
- Frame 311: Server responds with TLS "Server Hello"
- Frame 315: Client sends TLS "Cert, Client Key Exchange, Change Cipher Spec"
- Frame 316: Server responds with TLS "Change Cipher Spec, Encrypted Handshake"
- Frame 959: Server RESETS the connection due to a timeout (30 seconds)
What happens between frame 316 and frame 959? When a client is establishing a TLS session the client gets a copy of the server's certificate, validates it is issued from a trusted authority, and then the client verifies the certificate has not been revoked by downloading the Certificate Revocation List (CRL). If we looked at the certificate configured on the server, we could see the CRL was published at http://crl.verisign.com/pca3.crl.
Modifying the filter to include http traffic: tcp.port==5061 || http
Figure 2
Now we can see what was going on in the time between the last data sent by the server and the RESET sent by the server.
- Frame 407: Client sends http GET for http://crl.verisign.com/pca3.crl // attempt to download CRL
- Frame 408: Customer's proxy replies back with http 407 Proxy Auth required (advertising support for NTLM or basic auth)
- Frame 416: Client sends new GET request for CRL, this time including NTLM data.
- Frame 417: Proxy replies with expected 407 with the NTLM Challenge
The next thing we should see is the client sending a GET with a NTLM Challenge Response. The client never sends this packet. We need to determine why the client did not reply. We don't know if the client application did not receive data captured in frame 417. We know the data came across the NIC but from that we cannot prove the application received it. So I have two theories: 1. The client never saw the data in frame 417 and that is why he never answers or 2. The client received the data in frame 417 and for some reason did not like it.
iDNA Analysis
Generally speaking there are two sets of APIs used to communicate over the HTTP protocol: WinInet and WinHttp. In this case we don't know which one Office Communicator is using. One way you can guess which one a particular application is using is to list the modules loaded in the process. You can do this on a running system using "tasklist /m /fi "imagename eq communicator.exe" or using "lm" in a .run or .dump file. Since I have the iDNA (.run file) I listed the loaded modules (lm) and found the wininet.dll was loaded and winhttp was not. With this we can set a breakpoint on the wininet function that would go get content based on a URL. Quick search of the Platform SDK shows that InternetOpenURL does this. Setting a bp on this function and starting the run file (g).
First hit on breakpoint:
0:005> knL
# ChildEBP RetAddr
00 05c2f51c 0818420f wininet!InternetOpenUrlA
WARNING: Stack unwind information not available. Following frames may be wrong.
01 05c2f55c 0818266f eecrlrev+0x420f
02 05c2f6a0 0818231d eecrlrev+0x266f
03 05c2f6b8 08181a81 eecrlrev+0x231d
04 05c2f6d8 0818131e eecrlrev+0x1a81
05 05c2f738 081846ac eecrlrev+0x131e
06 05c2f840 77a96075 eecrlrev+0x46ac
07 05c2f940 77a95f31 crypt32!VerifyDefaultRevocation+0x1d0
08 05c2f9b0 77a96b04 crypt32!CertVerifyRevocation+0xb7 [frames removed]
0:005> x lpszUrl
05c2f528 lpszUrl = 0x05c2f58c http://crl.verisign.com/pca3.crl
Based on the call stack, we can see the call to CertVerifyRevocation led to the call to InernetOpenUrl. Dumping out the URL passed to the function, we validate it was the URL for the CRL.
From here I wanted to see us put the request on the wire. Set a breakpoint on ws2_32!send in order to see the data as it left the application.
When we hit the bp we can see the following in our outbound buffer.
0:005> x buf
05c2f100 buf = 0x00155420 "GET http://crl.verisign.com/pca3.crl HTTP/1.0..User-Agent: Entrust Certificate Revocation..Host: crl.verisign.com..Pragma: no-cache..Cookie: BCSI-CS0AEE9E8D=2..Proxy-Authorization: NTLM TlRMTVNTUAABAAAAB7IIogUABQAwAAAACAAIACgAAAAFASgKAAAAD1Q2Q0s5NDNZTUFQTEU=...."
We can see this is the buffer sent in the network trace, frame 416 (Figure 2)
Setting bp on the winsock receive fuction stepping to the point that the buffer is filled out.
Buffer address was @ 00170aa8
0:005> da 00170aa8
00170aa8 "HTTP/1.1 407 Proxy Authenticatio"
00170ac8 "n Required..Proxy-Authenticate: "
00170ae8 "NTLM TlRMTVNTUAACAAAABAAEADgAAAA"
00170b08 "Fgomi0cszMWNOhjgAAAAAAAAAAHoAegA"
00170b28 "8AAAABQLODgAAAA9GAEcAAgAEAEYARwA"
00170b48 "BABAAUwAzAFcAMAA0ADEANQA2AAQAFAB"
00170b68 "mAGcALgByAGIAYwAuAGMAbwBtAAMAJgB"
00170b88 "TADMAVwAwADQAMQA1ADYALgBmAGcALgB"
00170ba8 "yAGIAYwAuAGMAbwBtAAUAFABmAGcALgB"
00170bc8 "yAGIAYwAuAGMAbwBtAAAAAAA=..Cache"
00170be8 "-Control: no-cache..Pragma: no-c"
00170c08 "ache..Content-Type: text/html; c"
This aligns to frame 417 in figure 2
So at this point we know the client application (MOC) received the 407 proxy response with the NTLM challenge. From here we should expect the client to turn around and send the NTLM challenge response. We still have a bp on send and I added a bp for closesocket to catch anything going wrong if we don't send the response.
My CloseSocket bp hit.
0:005> k
ChildEBP RetAddr
05c2edc0 771bfb5a ws2_32!closesocket
05c2edf8 771ce87f wininet!ICSocket::Close+0x25
05c2ee08 771ce8d2 wininet!ICSocket::Disconnect+0x23
05c2ee24 771c5061 wininet!HTTP_REQUEST_HANDLE_OBJECT::ReleaseConnection+0x6d
05c2ee48 771c8c6c wininet!HTTP_REQUEST_HANDLE_OBJECT::CloseConnection+0x84
05c2f194 771c9d37 wininet!HTTP_REQUEST_HANDLE_OBJECT::ReadData_Fsm+0x5e8
05c2f1a0 771bcb14 wininet!CFsm_ReadData::RunSM+0x2e
05c2f1b8 771bcac2 wininet!CFsm::Run+0x39
05c2f1d0 771c9cb5 wininet!DoFsm+0x25
05c2f1e0 771e4050 wininet!HTTP_REQUEST_HANDLE_OBJECT::ReadData+0x38
05c2f20c 771bcc1d wininet!HTTP_REQUEST_HANDLE_OBJECT::HttpSendRequest_Start+0x134
05c2f220 771bcb14 wininet!CFsm_HttpSendRequest::RunSM+0x59
05c2f238 771bcac2 wininet!CFsm::Run+0x39
05c2f250 771bccc5 wininet!DoFsm+0x25
05c2f278 771c60be wininet!HttpWrapSendRequest+0x140
05c2f29c 771c5fc3 wininet!HttpSendRequestA+0x1d
05c2f3f4 771bcb14 wininet!ParseHttpUrl_Fsm+0x22f
05c2f40c 771bcac2 wininet!CFsm::Run+0x39
05c2f424 771c5d2a wininet!DoFsm+0x25
05c2f494 771c5b92 wininet!ParseUrlForHttp_Fsm+0x214
05c2f4a0 771bcb14 wininet!CFsm_ParseUrlForHttp::RunSM+0x2b
05c2f4b8 771bcac2 wininet!CFsm::Run+0x39
05c2f4d0 771c5a42 wininet!DoFsm+0x25
05c2f51c 0818420f wininet!InternetOpenUrlA+0x1d7
WARNING: Stack unwind information not available. Following frames may be wrong.
05c2f55c 0818266f eecrlrev+0x420f
05c2f6a0 0818231d eecrlrev+0x266f
05c2f6b8 08181a81 eecrlrev+0x231d
05c2f6d8 0818131e eecrlrev+0x1a81
05c2f738 081846ac eecrlrev+0x131e
05c2f840 77a96075 eecrlrev+0x46ac
05c2f940 77a95f31 crypt32!VerifyDefaultRevocation+0x1d0
05c2f9b0 77a96b04 crypt32!CertVerifyRevocation+0xb7
We see here the client closed the socket and if we step back to the wininet!HTTP_REQUEST_HANDLE_OBJECT::CloseConnection function we can see (code review) the disconnect reason was due to the client inability to support the server mandate for Keep-Alive.
Scenario Post-mortem
Figure 3
Resolution
Enable HTTP 1.1 and HTTP 1.1 through proxy under Internet Options > Advanced. Using HTTP 1.1. enables the client to support the http Keep-Alive options which is required to support NTLM Proxy Authentication.
So the fact that I am going to Interact 2008 (Interact '08) didn't really get you interested, maybe an invite from our Corporate VP of Unified Communications Group Gurdeep Singh Pall will. http://communicationsserverteam.com/archive/2008/03/14/124.aspx
TomL LCSKid
For those of you that had to put a lot of thought into the Make it Real customer scenario question during Voice Ignite, you will be glad to know that a tool now exists to help you with that initial estimate of servers required for a deployment.
http://www.microsoft.com/downloads/details.aspx?FamilyID=06793661-cd69-4490-bb4b-e97dd271209d&displaylang=en
I was fortunate enough to test this during the Voice Ignite in Florida but had to keep quite as it wasn't released yet. Stephanie graciously shared the stage with me during our internal technical event in Seattle this February.
The release of this tool causes me to rethink the deploy series I have failed to maintain. Look for that effort to be restarted, with a twist.
Tom
February 11 update: Friday Feb 8th I was requested to attend and co-present a troubleshooting session with Byron. I look forward to the opportunity to meet with you and listen to your successes and challenges driving the product to improvement as a result.
A new event being delivered this Spring, and for the partners reading this blog and trying to determine how to differentiate between this and Voice Ignite... Voice Ignite is deep technical training for partners. Interact is intended to be an event for UC Community Influencers.
INTERACT2008
Join Microsoft at INTERACT2008—an exclusive event for key community influencers in the unified communications space. This event provides a unique opportunity for you to develop deep technical knowledge on Microsoft's unified communications products, build powerful new connections with leading professionals in the industry and gain insights into the future of converging technologies.
This exclusive invitation-only event is aimed at technology professionals who are evaluating, deploying and supporting unified communications in enterprise organizations. INTERACT2008 will provide one-on-one interaction with the technology leaders and developers for Microsoft® Office Communications Server 2007 and Microsoft Office Communicator, Microsoft Exchange Server 2007 SP1, Microsoft RoundTableTM, Microsoft Office Live Meeting and Exchange Hosted Services.
This three-day event includes:
- More than 40 technical presentations including:
- Planning Voice Architecture and Deployment in OCS 2007
- Sourcing, Deploying and Managing Your UC Devices
- Microsoft Unified Communications for Developers: Building Communications into Your Applications
- Migration, Co-existence, and Deployment Strategies with Exchange Unified Messaging
- Automating Exchange Server 2007 Deployments Using PowerShell
- Additions to Exchange Hosted Services Directory Synchronization and Reporting Tools
- Hands-on labs to help you learn to deploy UC technologies end-to-end
- Chat sessions with INTERACT2008 presenters
- Birds of a feather sessions to connect on key unified communications topics
- Partner Expo hall to interact with and learn about third-party UC solutions
Don't miss this opportunity to get connected to a world of expert information and pioneering best practices, and to prepare for the future of unified communications.
Event Cost:
$795 Early Bird Special through February 29, 2008
$995 March 1 - April 6, 2008
Agenda-At-A-Glance
Monday, April 7
4:00 - 9:00 pm
Registration
6:00 - 9:00 pm
Welcome Event
Tuesday, April 8
7:00 - 5:00 pm
Registration
7:00 - 9:00 am
Breakfast
9:00 - 10:30 am
Keynote
10:30 - 5:00 pm
Expo Hall and Hands-on Lab
11:00 - 4:15 pm
Sessions
5:00 - 10:00 pm
Evening Party
Wednesday, April 9
7:00 - 9:00 am
Breakfast
9:00 - 10:15 am
Keynote
10:00 - 4:00 pm
Expo Hall and Hands-on Lab
10:00 - 7:00 pm
Pub World
10:30 - 6:00 pm
Sessions
6:00 - 9:00 pm
Birds of a Feather and Happy Hour
Thursday, April 10
7:00 - 9:00 am
Breakfast
9:00 - 10:15 am
Keynote
10:30 - 4:00 pm
Sessions
6:00 - 10:00 pm
Evening Party
Join us at INTERACT2008 and build your unified communications connections.
Sign up today and save $200 on the price of the conference!
To register and for more information on the event Click here.
Please enter the following source code when registering: <removed at request of program owner, use the Registration Desk link for obtaining the code>
I think given all that will come from our presentation on the topic that a series will likely result. The right place to start on this subject is the Migrating to Office Communications Server 2007 document. I would like to call out that the supported manner of administrating your clients is to use the same MMC version for the product and so what you see below is just my individual testing which you may find other items I have overlooked. I welcome your comments.
-----------------------------------
My colleague Mark asked me a question about modifying the allow/block list for users on Office Communications Server 2007. I knew the unfortunate answer before he finished typing - it was removed from the UI of the new MMC but was accessible via WMI. There were scripts in the software resource kit and at the time of this writing the newly released Resource Kit book states it has over 150 sample scripts, maybe there is one in there?
Mark's question could not have come at a better time because I am delivering a technical session with my teammate Steve on LCS/OCS Coexistence and Migration in the middle of February. I just happened to have my LCS deployment completely running and was starting the OCS configuration when I happened to create my 2007 user using the LCS 2005 SP1 mmc and so I went about the testing you find below.
The account Toml was created using the Live Communications Server 2005 Service Pack 1 MMC on the Domain Controller. Using this MMC allows me to home the user on the Office Communications Server 2007 server but not enable the enhanced presence value. A user in this state can sign-in with OC 2005 but not OC 2007. Using the LCS 2005 Sp1 MMC I was able to leverage the View/Edit functionality for the contact list. Specifically I blocked oc2005@contoso.com as it provides a very good visible experience.
A screen shot of my sign-in with Office Communicator 2005 with a find for the user oc2005@contoso.com
This proves that I can achieve my goal, or at least part of it. Will this behavior remain intact after enabling enhanced presence with the Office Communications Server MMC and use the Office Communicator 2007 client?
NOTE: remember that when a user has the enhanced presence bit enabled they can still log in with OC 2005, CWA 1.0 or CoMo 1.0 client UNTIL a newer OC 2007, CWA 2.0 or CoMo 2.0 client logs in. For lack of a better term the new client "sets" the account into enhanced presence state or mode where as before it was in a capable state.
So I have switched to enhanced presence and logged in with OC 2007 and my experience is as I expect it to be.
This is great for the customer who is going to migrate to OCS 2007 but what about the customer who will be in a long period of coexistence or who relies on this feature and not a scripting solution. So the next test is to see if I can still use the LCS 2005 SP1 mmc and populate the allow/block list after the user has logged in with OC 2007 with enhanced presence.
So at this point I reach a failure of some sort, I can not see additions or changes to the allow/block list. So I create a new user, testme@contoso.com and I populate the allow/block with 4 accounts blocked to be sure I can read more than 1. I can. Now I enable the user for enhanced presence and sign-out, add a fifth entry and sign-in. This works so now I have to test signing in with OC 2007 to confirm all 5 work as expected and then sign-out add a sixth block and sign-in again. FAILURE.
So we have a quick workaround that would work for customers who have yet to deploy the OC 2007 client and enhanced presence to their end users. Once you enable enhanced presence and deploy OC 2007 you have to come up with a new workaround. This means I need to do more work on the containers and I recall that when I was reviewing the Resource Kit there was mention of the containers (it was not the area I was requested to provide feedback on) so I will have to update this after the middle of February as the training mentioned will be in Seattle and that is when I get my copy of the book.
I was contacted by Ian Fischer with an interesting question regarding LCS 2003 and Vista.
I now need to support Vista clients and I have found out that Messenger 5.1 doesn't work on it. It crashes constantly. I run LCS 2003 and need a client to work on Vista. I heard OC 2007 works, but I tried and it didn't. Are there any tweaks to get it to work, or is there a workaround for Vista users who login to LCS 2003?
The plan is to eventually move to Office Communications Server 2007 but that won’t happen immediately and so an interim solution was needed. Windows Messenger 5.1 is not supported on Vista and Office Communicator 2005 will not connect to LCS 2003. What does a customer do?
The options are few but here is the list of ideas I had:
1. Communicator Web Access – requires OCS 2007 (or LCS 2005 SP1), the Vista workstations can use a browser and not a desktop client. Communicator Mobile would also be an option for any devices if needed.
2. Windows XP either as a host and Vista as virtual machine or Vista as host with XP in virtual machine. I would not say that it is the most elegant solution but it will work. The biggest issue I have found doing this in my labs is forgetting a VM is running and the client logged in and missing IM. I would not suspect this to be common for an end user as I am testing everything.
LCS 2005 Sp1 – for Ian this is not currently purchased so there are purchase and licensing implications of this step.
Microsoft® Office Communications Server 2007 Resource Kit
In-depth technical information and tools for administering Communications Server 2007—from those who know the technology best
Get the definitive reference for deploying, configuring, and supporting Office Communications Server 2007—with expert insights direct from the Microsoft Office Communications Server Team. This official Microsoft RESOURCE KIT delivers in-depth technical guidance on architecture, deployment, security, administration, performance tuning, and troubleshooting, along with essential information for working with VOIP and phone integration features. In addition, you get more than 150 timesaving scripts, tools, and other job aids for automating administration—plus an eBook—on CD.
http://www.microsoft.com/mspress/books/10482.aspx
AudioCodes has published the instructions for a demo setup along with the necessary ini file for use with the device. I use the AudioCodes MP-114 in my personal lab and will document its configuration in the next deploy series posting (planned for second week of Jan).
Please do note that this is not a currently supported gateway for an enterprise deployment of OCS 2007.
Update Jan 7, 2008: One of my peers has already begun testing the ini and shared the following with me, thanks Andrew.
I got it working in my home lab except for pstn calls. Prob seems to be this IP->tel routing rule which strips off 9 digits before handing off to PSTN:
- NUMBERMAPIP2TEL = +1,9,$$,$$,$$,$$,*,$$,*
In my case, replacing w/ these two rules worked so possibly a mistake in demo ini?
- ; Strip +1 and area code for local PSTN calls
- NUMBERMAPIP2TEL = +1925,5,$$,$$,$$,$$,*,$$,*
- ; strip + for long distance PSTN calls
- NUMBERMAPIP2TEL = +1,1,$$,$$,$$,$$,*,$$,*
Office Communicator 2007 offers a few user defined areas, the Note, your location and Custom Presence. I am focusing on the Custom Presence as a colleague (Liam) had a question that led us into this discussion. CustomState is discussed in the Microsoft Office Communicator 2007 Deployment Guide starting on page 20 and covers what I have here and also localization.
So here is an example of my custom presence settings -
Please note something important - there is no defined custom presence that includes the Yellow (away) status. The reason is that it is not supported as it was deemed to be a value that you wouldn't set yourself but would be set based on your activity. I would agree with that for Away but Be Right Back I can set but it is what it is. What happens if you set one of the states to the Yellow (away) states - none of the custom presence items show.
Another item to note that can be a bit annoying - you can't sign in with the custom presence, you have to sign in with a standard state and then change. My approach is to pick the state that matches what I will eventually select with my custom text.
Here is syntax for my presence.xml used for what you see and I also included a reg file. Please note that you can put the xml anywhere just update the reg file syntax for the correct path.
<customStates>
<customState ID="1" availability="online">
<activity LCID="1033">Out and about - use mobile</activity>
</customState>
<customState ID="2" availability="Busy">
<activity LCID="1033">Down in the lab - use mobile</activity>
</customState>
<customState ID="3" availability="busy">
<activity LCID="1033">Reviewing program documents</activity>
</customState>
<customState ID="4" availability="do-not-disturb">
<activity LCID="1033">Executive Briefing with Customer</activity>
</customState>
</customStates>
and here is the syntax of my presence.reg file
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Communicator]
@=""
"CustomStateURL"="file:///C:/Users/toml/Documents/presence.xml"
Remember - modifying the registry is done at your own risk and that my samples come with no support.
The result is that when someone is viewing my presence in communicator they will see the following -
As an aside you can see how I tend to operate with my contact list (I use the find dialog and Outlook vs. creating a huge contact list)
- Recent Contacts - I didn't use it for a long time until I realized it offered me the ability to redial phone calls
- Other Contacts - empty, used for short term contacts or testing
- OCS SWAT Team - the distribution group for the team effort I lead
- OCS BTS Engineers - the distribution group for the beta support team
- Public Internet - any Federated (customer/partner) and PIC (AOL/MSN/Yahoo!) and
- Friends - James, Phil, Jason, Dave and Joel all internal guys I eat lunch with and play way too much foosball with!
TomL OCSKid
I have continued playing with the deployment and have begun plugging in the AudioCodes MP114 VoIP Gateway and I realized I had not deployed Unified Messaging yet which has been typically deployed first for our customers participating in the Technology Adoption Program, TAP. I have access to training from an OCS Ignite session delivered for our partners that walks through this and I will be attending the OCS Voice Ignite training held in Orlando Florida December 10-14 but not everyone has access to the resources so I am going through some online training that is currently available on Microsoft Technet - Technet Virtual Lab: Configuring the Microsoft Exchange Server 2007 Unified Messaging Server.
I will also let you know that another reason for deploying Unified Messaging first is because it was released while OCS was beta and for a supported OCS 2007 Voice topology with UM we require SP1 which just so happens to have released this week and still the front page news for the Exchange site- http://www.microsoft.com/exchange/default.mspx
So the next post on the subject will include my feedback on configuring my actual topology (based on training materials I have access to).
<Edit after taking online lab>
The lab was a good run through of the setup for dial plans, gateway, auto attendant but as it is an online lab it did not allow for actual voice testing. So you will eventually need hardware to work with in order to really do this.
TomL OCSKid
Chris sent me email today about their user group and the use of LiveMeeting to broaden their reach. You can get details from their site - http://livemeetinguser.org/
The Live Meeting User Group is a collaboration forum primarily aimed for Live Meeting users, resellers, developers, and partners. The aim of the User Group is an occasional social evening in London or Reading, combined with an online outlet for collaboration and support with regular Live Meeting webcasts
I will be interested to see if they end up discussing the aspect of Office Communications Server 2007 on-premise meetings as well.
The project I have been working on this year with Office Communications Server 2007 was with our Technology Adoption Partners (TAP), and that includes both customers and partners. Jens Trier Rasmussen was one our Microsoft Consultants (MCS) involved to assist those customers and partners with the planning of their deployments. He possesses a lot of valuable information on the technology and will be a terrific resource to monitor. He already has 4 posts after starting this past weekend!
http://blogs.technet.com/jenstr/default.aspx
Cheers
TomL LCSKid
I added Chad's blog to my links but I want to be sure you are monitoring it because he is the only other person I know of handling support issues doing a blog for this technology. Here is the troubleshooting post http://blogs.technet.com/chlacy/archive/2007/11/01/troubleshooting-office-communicator-phone-experience-a-k-a-tanjay-update-server.aspx
While my topology is not complete to provide sample output I did get to the point of installing Microsoft Office Communications Server 2007 Quality of Experience Monitoring Server this week. This was not as easy as I had hoped for a few reasons - I am not a SQL admin, I simply need a database for my application to work and my SQL 2005 server was originally setup with 1 instance for OCS. This meant that I needed another instance and I had to install Report Services which would be my first time installing that service. The problems I ran into included originally installing SQL 2005 Standard and now using Enterprise media and I had upgraded my original database to SP1 and failed to do that to the new instance.
This just meant starting slowly and rebooting the virtual machine and deleting the undo disk! I installed a new SQL 2005 instance with everything but the documentation and then I upgraded the service pack. After this I ran the QMS setup and overall it went rather smooth for the install.
Items I would share -
- Install IIS first
- You can get the exact url that QMS prompts for when you are done setting up Reporting Services
- The certificate the QMS needed was one for just the netbios name. Admittedly I did not invest a lot of research here but when setup failed I tested the url in IE and the certificate error pointed to the fact that the url had the netbios name but the cert had the FQDN. I resolved this quickly getting a new certificate with the Subject Alternative Name populated. I think a new cert with just the netbios name would suffice but I didn't test.
- The certificate you get in the QMS installer is not assigned to IIS so you have to update both places to get this working. The fact that I had the certificate in 2 places is why I chose the SAN approach, I knew what IIS needed but wasn't 100% sure of what QMS required and my assumption is that as an OCS role it would need an FQDN like all other roles.
Ok so the product is installed without error which hopefully means that when the mediation server is configured, UM is configured and the gateway is setup, I should be able to place calls in the system and generate data. I have the mediation server deployed and configured and starting on UM now. I am stalled on UM as I have installed the Best Practice Analyzer and found some missing hotfixes already.
Ideally we should the deployment series mostly complete by December as I will be traveling to Orlando to participate in a voice training event for our partners. Book knowledge is one thing but hands on knowledge simply can't be beat.
Toml OCS Kid