Microsoft Unified Communications

Tuesday, February 17, 2009

ExchUCUtil.ps1

Connecting Office Communications Server 2007 to Exchange Unified Messaging gives a lot of people some trouble. There are plenty of Blog entries out there about the connection Script ExchUCUtil.ps1 but none that seem to explain what this script is doing. Recently at a customer site I ran into a problem where the ExchUCUtil.ps1 and get-Ucpool.ps1 did not work correctly. Hopefully this information will help give an understanding so trouble shooting will be easier.

The script performs the following tasks:
Creates a UM IP gateway for each Communications Server 2007 Enterprise Pool.

Creates a hunt group for each gateway. (The pilot identifier of each hunt group specifies the UM dial plan used by the Enterprise Pool that is associated with the gateway.)
Grants Communications Server permission to read Exchange UM objects in Active Directory.

Location of the ExchUCUtil.ps1 and Get-Ucpool.ps1

C:\Program Files\Microsoft\Exchange Server\Scripts

The ExchUCUtil Script Creates Gateways for Each Communications Server 2007 Enterprise Pool that it finds in AD. It uses the Get-Ucpools.ps1 Script to find those pools.

In the FindUCObject function there is the following code

$globalCatalog = $entry.psbase.Properties["rootDomainNamingContext"].Value;
$entry.psbase.Path = "GC://" + $globalCatalog
write-host Using Global Catalog: $entry.psbase.Path
Write-host
Line number 2 is where the script tries to set up and define your root Global Catalog Server
If your Script is having problems you can comment out line number 2 by using the Hash sign (#)
Once you have commented out that line you can directly specify your GC like the example below.
$globalCatalog = $entry.psbase.Properties["rootDomainNamingContext"].Value;
#$entry.psbase.Path = "GC://" + $globalCatalog
$entry.psbase.Path = "GC://MYGCin.Domain.com"
write-host Using Global Catalog: $entry.psbase.Path

Write-host

This will direct the script exactly at the main GC of your forest.

Once the Script has found the correct GC it starts the hunt for the UC Pools that are in the environment by looking for objectCategory=msRTCSIP-Pools. This will return the pool names back to the Get-UCPools Script and it will put the pools in a hash table using the DnsHostName as the key.

After the collection happens in the Get-UCpools.ps1 script the EchUCUtil.ps1 script starts to parse through the data stored in memory by the Get-UCpools Script. It will identify all the pools in the environment and will have them by fully Qualified Domain Name. The example is OCSPool1.Domain.com. The ExchUCUtil script will create new gateways and Hunt groups per OCS Pool. It will take the name of the pool and set it as the gateway name and apply the FQDN of the pool to the address field of the gateway. The Exchange Power Shell command to create a new IP gateway is run a default hunt group is automatically created. This hunt group will be removed by the script and it will create one with the name of the dial plan as the pilot identifier and the name of the hunt group.

After the creation of the Dial plans Gateway and hunt group the script sets the following permission to the Exchange Organization container, UM DialPlan and AutoAttendant Containers

Permissions for group Domain.com\RTCUniversalServerAdmins

ObjectName	AccessRights
----------	------------
<Exchange Container Name>	ListChildren
UM DialPlan Container	ListChildren, ReadProperty
UM AutoAttendant Container	ListChildren, ReadProperty

Permissions for group Domain.com\RTCComponentUniversalServices

ObjectName	AccessRights
----------	------------
<Exchange Container Name>	ListChildren
UM DialPlan Container	ListChildren, ReadProperty
UM AutoAttendant Container	ListChildren, ReadProperty

If the script won't run at all you might have a larger issue. However it is possible to create the Gateway and Hunt Group by hand through the Exchange Management interface. Once they have been created a quick dive into ADSI edit setting the appropriate permission on the containers will leave the environment in the same state as if the Script had run from the Power Shell.

~Cheers!~

Microsoft Exchange Unified Messaging Architecture Considerations

The question that comes up more often than not with customers is how if possible can I make a remote site survivable for voice mail? There are some things that need to be considered before a decision like this is made. What does survivable mean in terms of the budget, resources and administration? Before we go down that road we need to talk about the functionality differences the user experience.

There are 3 major architecture considerations for unified messaging with OCS or a Gateway. Centralized,
Distributed UM Server Deployment, Distributed UM and Mailbox Deployment and each have unique affects on the user's experience. The problem with the last two options is the introduction of MAPI across a WAN. The exchange servers talk to each other using MAIP for certain requests. The Unified Messaging Server uses MAPI to get mailbox information and greeting information out of the user's mailbox.

When the Unified Messaging server uses MAIP protocol to retrieve user content the caller experience becomes degraded. If the round trip time from the Unified Messaging server to the Mailbox server is greater than or equal to 100 milliseconds the user's personal greeting will never be played. This is because the Unified Messaging server times out when trying to generate a temporary copy of the greeting stored file in the user's mailbox. Once the Unified Messaging server times out it attempts to play a copy of the users recorded name stored in the local sites DC. If that times out the Unified Messaging server will attempt to speak the user's name.

Centralized Architecture

The centralized architecture eliminates the possibility of having a bad users experience because of the latency on the WAN with MAPI. This solution does not support remote site survivability. If the WAN goes down the user will either hear fast bust tone from the OCS applications or dead air from the gateway. This solution relies on the WAN being up and the usage of SIP, RTP/SIP between the remote site and the Unified Messaging server in the data center. The centralized model eliminates the need for Unified Messaging servers and Mailbox servers in the remote sites. This also creates a centralized location for administration for both servers and application.

With the centralized deployment all users will get their personal greeting and Out of Office messages played to the callers. The further in milliseconds a user is away from the unified messaging server, the longer it takes for the ringing to stop and the auto attendant or subscriber access to answer. Once the subscriber access or auto attendant answers everything is local and the menu response times are very fast.

Distributed UM Server Deployment

The distributed Unified Messaging server Deployment at first glance looks good to most customers. The problem with this type of configurations is the introductions of MAPI across the WAN. In this configuration the site becomes survivable in the fact that all calls will be answered in some form by the server. However if the distance from the Unified Messaging server is greater than or equal to 100 Milliseconds the user's personal greeting will never be played. Also in this Configuration subscriber access and auto attendant directory transfer becomes increasingly slow. As the network latency increases so does the delay to log into a local subscriber access number. This is evident by the auditable hour glass sound Unified Messaging plays during the authentication process. To put this into perspective a users trying to long into outlook voice access across a T1 at 100 Millisecond delay, no jitter or packet loss, will have a 9.5 – 10 second wait until they hear their first voice mail.

This option is a common misconception for customers because architecturally it makes sense, however functionally it is worst out of the three. No network is perfect especially across the WAN and if personal greetings for users are a business requirement then this option is not for you.

Distributed UM and Mailbox Deployment

This option requires that all the Microsoft Exchange server roles are deployed in each location. This option is polar opposite from the centralized model which many customers are moving towards. The distributed architecture becomes a consideration if the business requirement of remote site survivability and low delay are mandatory. With this configuration there is still the possibility of a MAIP across the WAN scenario. If a caller contacts a local auto attendant and performs a directory-look-up to a user that is in another site, the system will attempt to play the personal greeting using the MAPI protocol across the WAN. This will time out and the personal greeting will never be played. Out of the three options this is the most expensive and administratively intense. There can be large mailbox storage, CAS, HUB and Mailbox redundancy requirements. Additionally to the servers an internet presence for the remote locations may be required to allow users to access their mailboxes through Outlook Web Access. This last option tends to be the best fit for Global regional data centers. This scenario would still employ the remote sites to SIP across the WAN for voice mail however users look up could allow MAPI across the WAN for voice mail transfer

Sunday, June 29, 2008

Ports Required by Office Communications Server

Ports Required by Office Communications Server

The following table summarizes the ports and protocols used by Office Communications Server servers and clients.

Component (Server role or client)	Port	Protocol	Notes
Front End Servers	5060/5061	TCP MTLS	Used by Standard Edition Servers and Enterprise pools for all internal SIP communications between servers and between servers and Office Communicator
Front End Servers	443	HTTPS	Communication from front-end servers to the Web farm FQDNs (the URLs used by Web Components)
Front End Servers	444	HTTPS	Communication between the focus (Office Communications Server component that manages conference state) and the conferencing servers
Front End Servers	135	DCOM and RPC	Used when a load balancer is deployed, port 135 is used by the Front End Servers for WMI operations and moving users (a remote DCOM-based database operation)
Web Components	443	TCP	HTTPS traffic to the pool URLs
Web Conferencing Server	443	TLS	HTTPS communications to Web Components Servers
Web Conferencing Server	444	TLS	HTTPS between the Web Conferencing Server and the Front End Server
Web Conferencing Server	8057	TLS	Used to listen to direct PSOM connections from Live Meeting client
A/V Conferencing Server	5063	TCP	Used for incoming SIP listening requests
A/V Conferencing Server	49152 – 65535 media port range	UDP	Port range used for media requests sent.
Reverse Proxy	443	TCP	Used for SIP/TLS communications from external users on both the internal and external firewalls for external user access
Access Edge Server	5061	TCP	Used for SIP/MTLS communication for remote user access or federation.
Access Edge Server	443	TCP	Used for SIP/TLS communication for remote user access
Web Conferencing Edge Server	8057	TCP	Used to listen for PSOM/MTLS communications from the Web Conferencing Server on the internal interface of the Web Conferencing Edge Server
Web Conferencing Edge Server	443	TCP	Used for inbound communications for access of remote, anonymous and federated users to access internal Web conferences
A/V Edge Server	443	TCP	Used for STUN/TCP inbound and outbound media communications to allow external users to access media and A/V sessions
A/V Edge Server	5062	TCP	Used for SIP/MTLS authentication of A/V users. Communications flow outbound through the internal firewall.
A/V Edge Server	3478	UDP	Used for STUN/UDP inbound and outbound media communications
A/V Edge Server	50,000-59,999	RTP/TCP	Used for inbound and outbound media transfer through the external firewall.
Office Communicator	5060	TCP (SIP)	Used by Office Communicator for SIP communications internally
Office Communicator	5061	TCP (SIP)	Used by Office Communicator for SIP communications internally and for SIP/MTLS authentication of A/V users. Communications flow outbound through the internal firewall
Office Communicator	443	TCP (HTTP)	Used by Communicator clients connecting from outside the intranet for SIP communications
Office Communicator	1024-65535	UDP/TCP	Port range used for inbound and outbound media transfer through the external firewall.
Office Communicator	6891-6901	TCP	Port ranged used by Office Communicator for file transfer.
Live Meeting 2007 client	443	TCP	Used by Live Meeting 2007 clients connecting from outside the intranet for: SIP traffic sent to the Access Edge Server PSOM traffic sent to the Web Conferencing Edge Server
Live Meeting 2007 client	8057	TCP	Used for outgoing PSOM traffic sent to the Web Conferencing Server
Live Meeting 2007 client	5061	TCP	Used for SIP/TLS communication between Live Meeting and the Front End Servers or the Access Edge Server and for SIP/MTLS authentication of A/V users. Communications flow outbound through the internal firewall
Live Meeting 2007 client	1024-65535	UDP/TCP	Port range used for inbound and outbound media transfer through the external firewall
Live Meeting 2007 client	6891-6901	TCP	Port ranged used by Live Meeting for file transfer

Pasted from <http://technet.microsoft.com/en-us/library/bb870402.aspx>

Thursday, February 28, 2008

Configuring Distribution Groups Outlook Voice Access

Forward voicemail to a Distribution Group using the Outlook Voice Access - TechNet Forums http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=1943597&SiteID=17

C:\Program Files\Microsoft\Exchange Server\Bin>galgrammargenerator -l -x SpeechGrammarFilterList.xml -o GrammarLog3.txt

On the exchange server call distributionlist.cfg
This file has to be updated with the distribution groups that are in the AD.
There is a kicker
The distribution groups only get into this file if they are
Main Enabled Universal Distribution Groups
They also only get into this file if you run the following command:
C:\Program Files\Microsoft\Exchange Server\Bingalgrammargenerator -l -x speechgrammarfilterlist.xml –logfile1.txt(this creates a log file to see what was put in the List)
The other kicker
the Distribution Groups should be something a Human Can say IE Say ETC-MSFT-SME (the words not the letters)
so groups that do not contain normal speak-able words will most likely be impossible to ask for.

If you want to use this feature in your company you may need to readjust your distro lists to something we can say and not spell.

Thursday, February 21, 2008

Hybrid Gateway

The Audiocodes M1K hybrid has a quark with it.

The M1k gateway does not come with any Trunk Cards in it or any FXS or FXO cards in it.

When you get a Card to put in to the gateway there is a sticker on it that says " do not install this card until the gateway has been upgraded to the supporting firmware" now there is no way to see the firmware on the gateway until you turn it on.

Symptoms: the Gateway will not hold its network connection the Link light on the 2 network ports will not stay linked. You will not be able to connect to the web page on the default IP address 10.1.10.10

Solution: Plug in the Trunk card into the gateway and it will fix the network interface problem and release the gateway from its recycling and seeking of cards

Wednesday, January 30, 2008

Communicator Requires Restart after Install

After installation of the Communicator Client requires a restart of the workstation which will not complete the install

It will constantly say to restart

The Resolution is a hot fix from Microsoft

Informational Link

http://support.microsoft.com/default.aspx/kb/943062/

Hot fix information and Download

http://support.microsoft.com/kb/941441/

Sunday, January 27, 2008

Ini File for Audiocodes M1k

This is a Great file to upload into the Gateway to make a standard starting point for all installations. The Things in Bold and highlighted should be changed once the ini is uploaded into the gateway. They should be changed to information about your own environment

To use this file copy and paste the below code into notepad and save the file as an ini
It is always best to upload the file first and then modify it in the gateway.

Ini File Download
SysLog App Download

[SIPgw]
;------------------------------------
; General parameters
;------------------------------------
;To support M1K LAN port redundancy
MIIREDUNDANCYENABLE = 1
ExtBootPReqEnable = 1
;------------------------------------
; Channel parameters
;------------------------------------
; Is Silence Compression enabled (0 - no, 1 - yes) [default 0]
SCE = 0
; Is Echo Canceling enabled (0 - no, 1 - yes) [default 1]
ECE = 1
; [default 0] 0-2 (T38ProtectionMode = 0)
FaxRelayRedundancyDepth = 2
; Redundancy of T.38 control packets[default=1]
FaxRelayEnhancedRedundancyDepth = 2
; Voice gain control.Parameter range is -31 to +31 db. [default = 0 dB] VoiceVolume = 1
; [default 70] 0-150 msec Dynamic Jitter Buffer Minimum Delay.
DjBufMinDelay = 70
;------------------------------------
; DTMF parameters
;------------------------------------
; Use rfc2833 DTMF relay
RXDTMFOPTION = 3
TXDTMFOPTION = 4
RFC2833PayloadType = 101
; 0-1, When The DTMF is being detected (push Button or Release) [default = 1 = release]
MGCPDTMFDetectionPoint = 0
;------------------------------------
; Logger information
;------------------------------------
; When Syslog is enabled, the port must be 514 [Default = 1]
EnableSyslog = 0
; The IP address of the LogServer (when LogOutputType is SYSLOG)
;SysLogServerIP = 10.1.1.89
GWDebugLevel=5
DisableRS232 = 1
;------------------------------------
; Trunk Group Configuration Table
;------------------------------------
[MODULE 0]
TRUNKGROUP_1 = 0-3/1-24,1100
;Select next available channel for Trunk Group ID=1
TrunkGroupSettings = 1,1
;------------------------------------
; TrunkGroup Routing Table
;------------------------------------
PSTNPrefix = *,1
;------------------------------------
; Prefix Routing Table
;------------------------------------
Prefix = 123,10.2.10.1
Prefix = 4321,10.2.10.1
;------------------------------------
; Board Parameters
;------------------------------------
; Set to 0 when working with 10 Base-T hubs. (Default = 4, Auto-negotiation). EthernetPhyConfiguration = 4
; The Progress Tones filename.
CallProgressTonesFileName = 'M2K_usa_tones.dat'
SaveConfiguration = 1
;------------------------------------
; E1 / T1/ ISDN / CAS Parameters
;------------------------------------
; Sets the PSTN protocol to be used for this trunk.
ProtocolType = 10
; Selects the DS1 framing method
; 0 = Extended super frame with CRC6 (default)
; 1 = Super frame D4, F12 (12-Frame multiframe)
; A = F4 (4-Frame multiframe)
; C = Extended super frame without CRC6
FramingMethod = 0
;Use u-law for T1
PCMLawSelect = 3
; Selects the ISDN termination side. (NOT applicable for CAS protocols) (Default = 0).
TerminationSide = 0
; Selects the source of the clock (internal or recovered clock from E1/T1 line) (Default = 0)
ClockMaster = 0
TDMBusClockSource = 4
TDMBusLocalReference = 0
; Selects the line code method to be used for this trunk. (Default = 0). LineCode = 0
;------------------------------------
; Sip Parameters
;------------------------------------
; Applicable to FXO and CAS Mediant 2000. 1 = The Media Gateway disconnects calls when the busy/reorder tone is detected [default].
DisconnectOnBusyTone = 1
;For T1 CAS protocols, play reorder tone before disconnecting
TimeForReorderTone = 5
; The coder used.
CoderName = g711Alaw64k,20
CoderName = g7231,30
; If Proxy Server is used ?
IsProxyUsed = 0
; Proxy-server IP (if used)
ProxyIp = 10.2.1.2
;To enable the T.38 SIP fax relay
IsFaxUsed = 1
; Cnonce parameter for authentication
Cnonce = 0a123bcf
; Password parameter for authentication
Password = 787899
; When using a registering method, set 1. When not, set 0. Default = 0. IsRegisterNeeded = 0
EnableHold = 1
EnableTransfer=1
EnableForward = 1
; 0 = Don't use Early Media, 1 = Enable Early Media. If enabled, the IPmedia server will send 183 Session Progress response (instead of 180 ringing), allowing media session to be established prior to the call being answered.
EnableEarlyMedia = 1
; Registration expired timeout (sec). The value will be used in "Expires = " header. Typically, a value of 3600 will be used, for registration for one hour. The Media Gateway will resume registration before the timeout expires.
RegistrationTime = 3600
; Proxy server host name (if used). Only works if IsProxyUsed = 1. If it doesn't exist in the INI file, the a Proxy IP is used.
ProxyName = audiocodes.com
; Media Gateway host name (if used). Only works if IsProxyUsed = 1. If it doesn't exist in the INI file, the the board IP is used.
SipGatewayName = audiocodes.com
; The IP address of the primary DNS server, in IPv4 format: 'xxx.xxx.xxx.xxx' DNSPriServerIP = 10.2.1.2
; The IP address of the secondary DNS server, in IPv4 format: 'xxx.xxx.xxx.xxx' ;DNSSecServerIP = 10.2.1.3