11
Sessions OCS
UCO202 Les dix écueils à éviter pour réussir son déploiement OCS 2007 R2
Leonardo Wormull10/02/2010 13:00 – 14:00
22
OCS 2007 R2 INFRASTRUCTURE
PSTN
Public IM Clouds
Live Messenger
AOL
Yahoo
Federated Partners
EDGE SERVER
DMZ
UC ENDPOINTS
Active Directory
-SIP-PSOM-RTP/RTCP
Remote Access
OCS BACK-END
SQL SERVERARCHIVING SERVER
SQL SERVER
MEDIATION SERVER
Advanced Media GW
QOEMONITORING
SERVER
SQL SERVER
OCS POOL
OCS FRONT END SERVERS
CWA SERVER
IIS SERVER
FILES SHARE
FILE SERVER
UM SERVER
EXCHANGE 2007
33
The ten most frequent problem when deploying OCS 2007 R2
1-Prepare Schema, Forest and Domain2-Certificates and Certificates3-Sign-in in automatic mode not working (DNS/Cert issue)4-Users can’t sign-in (DNS/Cert issue)5-Users don’t get Address Book (UR/IIS issue)6-Communication A/V from external user to internal user not working (Edge Setup issue)7-Invite/Join a Live Meeting conference not working8-CWA 2007 R2 is reporting error (0-1-492) "Your computer clock is not set correctly" when installed on Windows Server 20089-Delegates unable to Schedule Live Meetings10-A/V quality issues (Network/Firewall issue)
44
1- Prepare Schema, Forest and Domain How to prepare schema for LCS\OCSLCScmd.exe /forest /action:Schemaprep
How to verify if schema is prepared for LCS\OCSLCScmd.exe /forest /action:checkschemaprepstate
How to prepare the forest for LCS\OCSLCScmd.exe /forest /action:ForestPrep
How to verify if the forest is prepared for LCS\OCSLCScmd.exe /forest /action:CheckForestPrepState
How to prepare the domain for LCS\OCSLCScmd.exe /domain:myDom.com /action:DomainPrep
How to verify if the domain is prepared for LCS\OCSLCScmd.exe /domain:myDom.com /action:CheckDomainPrepState
http://technet.microsoft.com/en-us/magazine/2009.03.commandline.aspx?pr=blog
55
1- Prepare Schema, Forest and Domain
66
1- Prepare Schema, Forest and Domain
C:\Program Files\Common Files\Microsoft Office Communications Server 2007 R2>lcscmd /forest /action:checkschemaprepstate
Microsoft Office Communications Server 2007 R2 Deployment Command ConsoleCopyright (c) Microsoft Corporation. All rights reserved.
Executing "Initialize Forest Object"Executing "Initialize Active Directory Connections"Executing "Check Schema Prep State"Check the log file "C:\Users\ADMINI~1.JTE\AppData\Local\Temp\Forest_checkschemaprepstate[2010_02_05][09_23_27].html" for details.Action completed successfully
Execution time = 1172 ms
77
2- Certificates
What Are the Requirements for Certificates and How Do I Get One?Office Communications Server 2007 R2 requires a public key infrastructure to support TLS and Mutual TLS(MTLS) connections. Office Communications Server uses certificates for the following purposes:
• TLS connections between client and server• MTLS connections between servers• Federation and public IM connectivity• Remote user access for instant messaging• External user access to A/V sessions and Web conferencing
88
2- Certificates (2)For Office Communications Server 2007 R2, the following common requirements apply:• All server certificates must support server authorization (Server EKU (Enhanced Key Usage )1.3.6.1.5.5.7.3.1).• All server certificates must contain a CRL Distribution Point (CDP).• If you are supporting public IM connectivity with AOL, AOL requires a certificate configured for both client and server authorization. The certificate assigned to the Access Edge Server external interface should support client authorization (Client EKU 1.3.6.1.5.5.7.3.2).• Auto-enrollment is supported for internal servers running Office Communications Servers, including an array of Standard Edition servers configured as Director.• Auto-enrollment is not supported for Office Communications Server edge servers.
99
2- Certificates (3)Note: Certificate Summary• The only certificates that require Subject Alternative Names (SANs) are the Access Edge external interface, the Director pool internal interface (if a Director is installed) and the Pool internal interface.• The Access Edge and Next Hop Pool certificates are shown with both server and client enhanced key usage (EKU) set but this is only required if you are using Public IM Connectivity (PIC).• Pre-pending “sip” to the domain name is recommended for entries in the certificate SAN but not for entries in the Edge server’s list of supported SIP domains listed on the Internal TAB under “Internal SIP domains supported by Office Communications Servers in your organization:”• Subject Alternative Name lists (SANs) for the Access Edge external interface, Director and Pool are only required if using the Office Communicator Automatic Configuration feature.• The SIP domain name is independent of the domain name hosting users and/or computers. For example, it’s common to place OCS servers in a sub domain (e.g. corp.contoso.net) but assign users a SIP URI of [email protected].• A best practice is to have your SIP domain name match your Exchange SMTP domain name.
1010
3-Sign-in in automatic mode not working (DNS/Cert issue)
Prerequisite for Automatic Sign-in - SRV records : _sipinternal._tcp._domain.com- SRV Record : _sipinternaltls._tcp.domain.com- A record for Poolname
The DNS SRV records _sipinternaltls._tcp. domain.com, _sipinternal._tcp.domain.com and/or _sip._tls. domain.com may need to be configured if automatic configuration is desired
1111
OC AUTOMATIC SIGN-IN:Troubleshooting Areas
EdgeServers
DMZData
Audio/VideoSIP
Front-End Server(s)
BackendSQL server
Internal Client
Network
Active Directory
DNS Server
Remote User
Public DNS Server
Internet
1212
OC AUTOMATIC SIGN-IN
4 - DNS Answer (A) Poolmocs.microsoft.com = 10.100.1.10
SIP URI : [email protected]
1 - DNS Query (SRV)_sipinternaltls._tcp.microsoft.com
2 - DNS Answer (SRV)_sipinternaltls._tcp.microsoft.com =Poolmocs.microsoft.com : 5061 TCP
3 - DNS Query (A)Poolmocs.microsoft.com
5 – TLS Handcheck Start (SYN,SYN-ACK,SYN)Client -> 10.100.1.10:5061 TCP6 – TLS CLIENT HELLO
7 – TLS SERVER HELLO – Encrypted Message / Certificate Request
8 – TLS CHANGE CYPHER SPEC – Encrypted Message/Certificate
9 – TLS – APPLICATION DATA / SIP - REGISTER
1
5
6
7
89
2
3
4
Server CertificateSN: FE1.microsoft.comSAN:FE1.microsoft.comSAN:poolmocs.microsoft.com
DNS SERVER
Microsoft.com _tcp. _sipinternaltls. (SRV) _sipinternal. (SRV)poolmocs.microsoft.com (A)
OCS FRONT END SERVERS
1313
4 - DNS Answer (A) Poolmocs.contoso.com = 10.100.1.10
OC AUTOMATIC SIGN-IN
Internal Client
Active DirectoryContoso.com
DNS Server
SIP URI : [email protected]
Microsoft.com _tcp. _sipinternaltls. _sipinternal.
Contoso.com poolmocs.contoso.com
1 - DNS Query (SRV)_sipinternaltls._tcp.microsoft.com
2 - DNS Answer (SRV)_sipinternaltls._tcp.microsoft.com =Poolmocs.contoso.com : 5061 TCP
3 - DNS Query (A)Poolmocs.contoso.com
5 – TLS Handcheck Start (SYN,SYN-ACK,SYN)Client -> 10.100.1.10:5061 TCP6 – TLS CLIENT HELLO
7 – TLS SERVER HELLO – Encrypted Message / Certificate Request
8 – TLS CHANGE CYPHER SPEC – Encrypted Message/Certificate
9 – TLS – APPLICATION DATA / SIP - REGISTER
1
2
5
6
7
89
3
4
Server CertificateSN: FE1.contoso.comSAN:FE1.contoso.comSAN:poolmocs.contoso.com
Why?
1414
Why?
- TLS security check match DNS SRV record answer with Domain name requested. - If not match TLS Hand check fail .
1515
4-Users can’t sign-in (DNS/Cert issue)
8 – TLS CHANGE CYPHER SPEC – Encrypted Message/Certificate
4 - DNS Answer (CNAME / A) Poolmocs.microsoft.com = Poolmocs.contoso.comPoolmocs.contoso.com = 10.100.1.10
Internal ClientSIP URI : [email protected]
1 - DNS Query (SRV)_sipinternaltls._tcp.microsoft.com
2 - DNS Answer (SRV)_sipinternaltls._tcp.microsoft.com =Poolmocs.microsoft.com : 5061 TCP
3 - DNS Query (CNAME / A)Poolmocs.microsoft.com
5 – TLS Handcheck Start (SYN,SYN-ACK,SYN)Client -> 10.100.1.10:5061 TCP6 – TLS CLIENT HELLO
7 – TLS SERVER HELLO – Encrypted Message / Certificate Request
9 – TLS – APPLICATION DATA / SIP - REGISTER
1
2
5
6
7
89
3
4
Server CertificateSN: FE1.microsoft.comSAN:FE1.microsoft.comSAN:poolmocs.microsoft.comSAN:poolmocs.contoso.com
OCS FRONT END SERVERS
DNS SERVER
Microsoft.com _tcp. _sipinternaltls. (SRV) _sipinternal. (SRV)Poolmocs.microsoft.com (CNAME)
Contoso.compoolmocs.contoso.com (A)
1616
5-Users don’t get Address Book (UR/IIS issue)
EDGE SERVER
DMZ
Active Directory
Remote Access
OCS POOL
OCS FRONT END SERVERS
UC ENDPOINTS
BACK-ENDSERVER
HTTPS : TCP/443
SIP: MTLS/5061
SIP: TLS/5061 - TCP/5060 SMB : TCP/445
FILE SHARE
SQL : TCP/1433
REVERSE PROXY
DOMAINCONTROLER
LDAP : TCP/389
1717
ADDRESS BOOK SERVICE: User Replicator
1- Every 60 sec by default User Replicator send an LDAP Dirsynch query based on cookie version- SearchRequest: BaseDN: DC=Microsoft,DC=com, SearchScope: WholeSubtree, SearchAlias: neverDerefAliases + BaseObject: DC=Microsoft,DC=com + Scope: WholeSubtree + Alias: neverDerefAliases + SizeLimit: 100 entries + TimeLimit: 75 seconds + TypesOnly: False + Filter: (&(|(objectClass=user)(objectClass=contact)(objectClass=group))(!(objectclass=computer))) + Attributes: ( objectClass )( distinguishedName )( objectGUID )( objectSid )( msRTCSIP-OriginatorSid )( isDeleted )( msRTCSIP-PrimaryUserAddress )( msRTCSIP-PrimaryHomeServer )( displayName )( mail )( msRTCSIP-UserEnabled )( telephoneNumber )…
2- AD Send back data to FE (set new cookie)
3- FE store data into Backend Database - User and Ressource ID are stored in RTC\
dbo.Ressource- New Dirsynch cookie to RTC\dbo.UrReplicationCookie
Front-End Server(s)
Active DirectoryMicrosoft.com
Back EndSQL Server
1
2
3
1818
ADDRESS BOOK SERVICE: User Replicator
ROOT\CIMV2
UserReplicator Settings :
instance of MSFT_SIPUserReplicatorSetting{
Backend = « BackEnd_FQDN";InstanceID = "{963099A5-0F69-4793-
9DA8-713F0F3CA5C3}";RegenerateCookiesNow = FALSE;ReplicationCycleInterval = 60;
};
Front-End Server(s)
Active DirectoryMicrosoft.com
Back EndSQL Server
1
2
3
1919
ADDRESS BOOK SERVICE:
1- ADDRESS BOOK files creation is done every 24 hours.-By default every night at 01:30 AM -ABS sevice initiate Address Book Files creation(SQL Queries).
2-Back End SQL send back data according « required attributes » table (RTC\dbo.AbAttribute)3-FE store data into .LSABS / .DABS files . (Full and Delta ones) on File Server (SMB)
Fxxxx.lsabs -> xxx= number of days since 01/01/2001.lsabs -> AB for Communicator clients.dsabs-> AB for UC DevicesEach day -> 1 Full + n Delta
2020
ADDRESS BOOK SERVICE: ABS settings
2121
ADDRESS BOOK SERVICE:ABS Settings
A
AB Settings :
ROOT\CIMV2instance of MSFT_SIPAddressBookSetting{
Backend = « Backend_FQDN";DaysToKeep = 30;ExternalURL =
"https://external_webcomp_FQDN/Abs/Ext/Handler";IgnoreGenericRules = FALSE;InstanceID = "{D265A402-BD08-4BCB-BEB3-CC7AFBD47C08}";InternalURL =
"https://internal_webcomp_FQDN/Abs/Int/Handler";MaxDeltaFileSizePercentage = 1250;OutputLocation = "\\\\FileServer_FQDN\\AB";PartitionOutputByOU = FALSE;RunTime = 130;SynchronizeNow = FALSE;SynchronizePollingIntervalSecs = 300;UseNormalizationRules = TRUE;
}; ABSERVER.EXE -REGENURABSERVER.EXE -SYNCNOW : launch UR replication and create ABS filesABSERVER.EXE -DUMPFILE <xxx.lsabs>
2222
1- SIP REGISTER2-SIP 200 - OK3-SUBSCRIBE(s)
Event: vnd-microsoft-provisioning-v24-SIP 200 – OK (s)
<absInternalServerUrl>https://mocspool.babylon.com/Abs/Int/Handler</absInternalServerUrl>
<absExternalServerUrl>https://webocs.babylon.com/Abs/Ext/Handler</absExternalServerUrl>
5- HTTPS GET https://mocspool.babylon.com/Abs/Int/Handler
6- SMB READ REQUEST \\fileserver\absfileshare\xxx.lsabs7- SMB READ RESPONSE
8-WebComp send back file to client over https
Front-End Server(s)
File Server
2
6
Internal Client
Web ComponentsIIS Server
1 3
4
5
7
8
ABS Data stored localy in : %userprofile%\Local settings\application data\microsoft\communicator\galcontact.db
ADDRESS BOOK SERVICE : Client Side
2323
ADDRESS BOOK SERVICE
Increased service requests since CU2 (build 9607.37)
New design introduced with http://support.microsoft.com/kb/972403/en-usNaming conventionF-xxxx.lsabs - Full Files
Full File creation date
C-xxxx-yyyy.lsabs -Compact Delta Files
Full File creation date Delta File creation date
xxxx: in days since Jan 1, 2001 calc: Date = 1.1.2001 + HEX2DEC(xxxx)
2424
6-Communication A/V from external user to internal user not working (Edge Setup issue)
Front-End Server(s)
Internal User
Internal NetworkExternal User
Edge Server(s)
PublicNetwork
2525
AV Edge Provisioning/Credentials
SIP Register
OuterFirewall
A/VEdge Inner
Firewall
OCS FEServer
ms-user-logon-data: RemoteUser<mrasUri>sip:av.tailspintoys.com</mrasUri>
200 OK
<location>internet</location>
SIP Service
<hostName>av.tailspintoys.com<udpPort>3478<tcpPort>443<username> 77qq8yXccBc2lwOmFy<password> Wnujl0eo00YkV/5dg=<duration>480
200 OK
Service
200OK
AccessEdge
A/V Auth
MTLS
External Client
2626
2 PARTY AUDIO CALL: EXTERNAL
InternalClient
200 OK 200 OK
RINGING RINGING
INVITE INVITE
ExternalFirewall
InternalFirewall
TRYING
External Client
AccessEdge
OCS FEServer
A/VEdge
TRYING
RTCP/SRTCP
RTP/SRTP
RTCP/SRTCP
RTP/SRTP
192.168.1.100:50008 UDP
192.168.1.100:50009 UDPRTAudio 26Kbit/s
192.168.1.22:59129 UDP
192.168.1.22:59785 UDPRTAudio 26Kbit/s
STUN BINDING REQUESTS
192.168.1.100:50009
192.168.1.100:50008NO BIND
RESPONSE
m=audio 50008 RTP/SAVP 114 111 112 115 116 4 8 0 97 101a=candidate:UDP 0.840 192.168.1.100 50008 a=candidate:UDP 0.840 192.168.1.100 50009 a=crypto:2 AES_CM_128_HMAC_SHA1_80 a=remote-candidate:EbG+8ZNb5MSDsF3Da=maxptime:200a=rtpmap:114 x-msrta/16000a=fmtp:114 bitrate=29000a=rtpmap:111 SIREN/16000a=fmtp:111 bitrate=16000a=rtpmap:112 G7221/16000a=fmtp:112 bitrate=24000a=rtpmap:115 x-msrta/8000a=fmtp:115 bitrate=11800a=rtpmap:116 AAL2-G726-32/8000a=rtpmap:4 G723/8000a=rtpmap:8 PCMA/8000a=rtpmap:0 PCMU/8000a=rtpmap:97 RED/8000a=rtpmap:101 telephone-event/8000a=fmtp:101 0-16a=encryption:required
m=audio 59785 RTP/SAVP 114 111 112 115 116 4 8 0 97 101a=candidate:UDP 0.490 192.168.1.22 59785 a=candidate:UDP 0.490 192.168.1.22 59129 a=crypto:2 AES_CM_128_HMAC_SHA1_80a=remote-candidate:t5hj4JqMUT5RnDEwQ2ktkCunomaa=maxptime:200a=rtcp:59129a=rtpmap:114 x-msrta/16000a=fmtp:114 bitrate=29000a=rtpmap:111 SIREN/16000a=fmtp:111 bitrate=16000a=rtpmap:112 G7221/16000a=fmtp:112 bitrate=24000a=rtpmap:115 x-msrta/8000a=fmtp:115 bitrate=11800a=rtpmap:116 AAL2-G726-32/8000a=rtpmap:4 G723/8000a=rtpmap:8 PCMA/8000a=rtpmap:0 PCMU/8000a=rtpmap:97 RED/8000a=rtpmap:101 telephone-event/8000a=fmtp:101 0-16a=encryption:required
2727
7-Invite/Join a Live Meeting conference not working
Front-End Server(s)
Network
Internal User Internal User
Web Conferencing
Server
2828
FRONT END (ACCESS SERVER)
WEB CONFERENCING (DATA MCU)
IM CONFERENCING (IM MCU)
A/V CONFERENCING (AV MCU)
BACK END DATABASE
FOCUS FACTORYFOCUS
MCU FACTORYSIP TLS/5061
PSOM SSL/8057
SIP TLS/5062SIP / RTP-RTCP
SQL
SQL
SQLC3P Over HTTP
CONFERENCING COMPONENTS
2929
Internal Client
FOCUS FACTORY
FOCUS
SERVICE
200 OK
to="sip:[email protected];gruu;opaque=app:conf:focusfactory" from="sip:[email protected]" requestId="33122144"><addConference><msci:conference-id>3A33C8AC9BEECD4DAFE3803381BEA739</msci:conference-id><msci:expiry-time>2008-09-27T04:00:46Z</msci:expiry-time><msci:admission-policy>openAuthenticated</msci:admission-policy><msci:conference-view><msci:entity-view entity="chat"/><msci:entity-view entity="audio-video"/><msci:entity-view entity="meeting"><msdata:app-viewing-behavior>enableWithFullSharing</msdata:app-viewing-behavior><msdata:conferencing-type>collaboration</msdata:conferencing-type>
requestId="33122144" C3PVersion="1" from="sip:[email protected];gruu;opaque=app:conf:focusfactory" to="sip:[email protected]" code="success"><addConference><conference-info xmlns="urn:ietf:params:xml:ns:conference-info" entity="sip:[email protected];gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739" state="partial" version="1"/></addConference></response>
FRONT END OCS
CREATE A CONFERENCE
3030
Internal Client
FOCUS FACTORY
FOCUS
TRYING
INVITE
to="sip:[email protected];gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739" from="sip:[email protected]" requestId="0"><addUser><conferenceKeys confEntity="sip:[email protected];gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739"/><ci:user xmlns:ci="urn:ietf:params:xml:ns:conference-info" entity="sip:[email protected]"><ci:roles><ci:entry>attendee</ci:entry></ci:roles><ci:endpoint entity="{6F488A99-D3C2-4414-8D69-80E1C75B2385}"
FRONT END OCS
SESSION PROGRESS
requestId="0" C3PVersion="1" from="sip:[email protected];gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739" to="sip:[email protected]" code="success"><addUser><conferenceKeys confEntity="sip:[email protected];gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739"/><ci:user entity="sip:[email protected]"><ci:roles><ci:entry>presenter</ci:entry></ci:roles></ci:user></addUser></response>
INVITE DIALOG CREATED
INFO
to="sip:[email protected];gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739"from="sip:[email protected]" requestId="3"><addUser mscp:mcuUri="sip:[email protected];gruu;opaque=app:conf:meeting:id:3A33C8AC9BEECD4DAFE3803381BEA739" <conferenceKeys confEntity="sip:[email protected];gruu;opaque=app:conf:focus:id:3A33C8AC9BEECD4DAFE3803381BEA739"/><ci:user entity="sip:[email protected]"><ci:display-text>Kevin Cook</ci:display-text><ci:roles><ci:entry>presenter</ci:entry></ci:roles><ci:endpoint entity="{CDF6EA5F-CD7B-4E30-9FD6-62A5C6A40ADA}" sip-instance=""<urn:uuid:BA8EE1B2-7EF3-5110-BCCE-D75F4C82294D>""><ci:joining-method>dialed-in</ci:joining-method>
INFO
JOIN A CONFERENCE
3131
A/VEdge
AVEdge Provisioning/CredentialsJoining a Conference (OC and Console)
nicSIP Invite
OuterFirewall
ENDPOINT
InnerFirewall
OCS FEServer
{MRAS Credentials}
200 O
K
CC
CP
: Add U
ser
<hostName>av.tailspintoys.com<udpPort>3478<tcpPort>443<username> 77qq8yXccBc2lwOmFy<password> Wnujl0eo00YkV/5dg=<duration>480
200 OK
Service
200OK
AccessEdge
A/VMCU
A/V Auth
MTLS
3232
8-CWA 2007 R2 is reporting error (0-1-492) "Your computer clock is not set correctly" when
installed on Windows Server 2008When trying to log using CWA get: “Cannot sign in because your computer clock is not set correctly or your account is invalid.(Error code: 0-1-492)”.
1- Resolution: the SPN of the CWA URL is missing, add the SPN to the CWAService Account. In Adsiedit. location CWAService Account, go to properties, find SPN and add to it CWA URL http:\\im.company.com reboot.
2- If you do a network trace you will see: KRB_ERROR - KDC_ERR_PREAUTH_REQUIRED (25)
3- You need to verify the account and the server with checkspn.vbsC:\Program Files\Microsoft Office Communications Server 2007 R2\ResKit>cscript checkspn.vbs /check /s:jte-fe.jte-leo.frMicrosoft (R) Windows Script Host Version 5.7Copyright (C) Microsoft Corporation. All rights reserved.
Entry (1): CN=RTCService,CN=Users,DC=jte-leo,DC=frSUCCESS: The sip/jte-fe.jte-leo.fr is correctly registered
3333
We have an article for this: http://support.microsoft.com/kb/968978/EN-US
1. Typically a client will be connecting using the FQDN (fully qualified domain name) of the web server. Since Kerberos is only attempted if the website is in Internet Explorer's Intranet security zone, the website will need to be added to that security zone either using a GPO or manually.2. a one-way trust (the resource Forest trusts the User forest) is required for this scenario. In future scenarios (e.g. if they introduce delegation) a two-way trust will be required.3- again check the seviceC:\Program Files\Microsoft Office Communications Server 2007 R2\ResKit>cscript checkspn.vbs /list /u:cwaserviceMicrosoft (R) Windows Script Host Version 5.7Copyright (C) Microsoft Corporation. All rights reserved.
LDAP://CN=cwaservice,CN=Users,DC=jte-leo,DC=frhttp/JTE-CWAhttp/JTE-CWA.jte-leo.fr
8-CWA 2007 R2 is reporting error (0-1-492)
3434
9-Delegates unable to Schedule Live Meetings
[ ( 50) 10:08:31:275 <RTL> ] [ PID: 0908 TID: 0304 ] Displaying error message "An error occurred while executing this command. If this error persists, please contact your Live Meeting administrator." for HRESULT 0x80070057 Err:0x80070057 -> (E_INVALIDARG) (kernel32.dll) One or more arguments are invalid
With the release of the July 2009 Cumulative update for Office Communications Server 2007 R2 and associated technologies, it is now possible to allow a non-Enterprise voice user to enable Conference Delegation (Boss/Admin Feature). Knowledge base article http://support.microsoft.com/kb/971845/
3535
Verify pre-requisite software:Office Communicator 2007 R2 version 3.5.6907.37 or laterhttp://support.microsoft.com/kb/969695 Office Live Meeting 2007 client/Outlook Add-in version 8.0.6362.140 or laterConfigure Required Registry EntryOn the “Boss” machine, enable the following registry key in only one of the two locations:Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Communicator]"EnableExchangeDelegateSyncUp"=dword:00000001Or [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Communicator]"EnableExchangeDelegateSyncUp"=dword:00000001
3636
10-A/V quality issues (Network/Firewall issue)
Help And How To: Voice and Video Call Quality2- Using DNAT with OCS 2007 http://support.microsoft.com/default.aspx?scid=kb;EN-US;946091
3737
The local parameters
3838
Useful LinksValidation and Troubleshooting Hints in Office Communications Server 2007 R2http://technet.microsoft.com/en-us/library/dd425329(office.13).aspxOffice Communications Server 2007 Solution Centerhttp://support.microsoft.com/ph/12605How-Tohttp://stage.xcarab.com/microsoft/rolodex/
3939
Useful Links
Updates Resource Center for Office Communications Server 2007 R2 and Clientshttp://technet.microsoft.com/en-us/office/ocs/ee695846.aspxRetrieve Installed Versions of Office Communicator and Office Live Meetinghttp://www.insideocs.com/Tools/ClientVersions.html
4040
Sessions OCS
UCO403OCS 2007 R2 Edge Server : fonctionnement et mise en oeuvre
Eric Scherlinger 10/02/2010 16:00 – 17:00