Language LCID Hex. LCID Dec. Spanish 0C0A 3082

Figure 8-6 IBM Sametime Migration As mentioned in Chapter 2, LCS has entered the enterprise domain in which existing technologies such as IBM Sametime have dominated. This section demonstrates some of the tasks that are required for an enterprise customer who has decided to migrate from the IBM Sametime messaging environment to Microsoft Live Communications Server 2005. Within this scenario, we identify a customer who is currently using Microsoft Exchange as the enterprise e-mail solution and is decommissioning IBM Domino servers to migrate to Live Communications Server. The ability to migrate existing Sametime users as well as their respective Instant Messaging buddies/contacts is a critical requirement for this deployment. Requirements The following table outlines the requirements set forth by the customer within the provided scenario described in the overview of this section: Features Required Software IBM Sametime to LCS Migration Live Communications Server 2005 with Service Pack1 Enterprise or Standard Edition. Live Communications Server 2005 with Service Pack1 Resource Kit 185 Enterprise Implementation Lessons Learned

Note: If you are looking for good and high quality web space to host and run your jsp application check Lunarwebhost jsp web hosting services

Language LCID Hex. LCID Dec. Spanish 0C0A 3082

Language LCID Hex. LCID Dec. Spanish 0C0A 3082 Korean 0412 1042 Japanese 0411 1041 Italian 0410 1040 German 0407 1031 French 040C 1036 Chinese Traditional 0404 1028 Chinese Simplified 0804 2052 Before installing the MUI pack, install the Office Communicator 2005 Hotfix KB 903928, which is available by searching for the KB number provided via the microsoft.com/downloads website. To change the language of Communicator, sign out from Live Communications Server and close Communicator completely. If you close Communicator by using the Close button or by clicking File.Close, it is not really closed; the application is still running. Check for the Communicator icon in the notification area and exit Communicator from there. Open Windows Explorer and select Program Files.Microsoft Office Communicator. Rename the files lcc_help.chm, lclang.dll, and lcres.dll to something different. Then go to the MUI directory and search for your language, copy the three renamed files to the Microsoft Office Communicator directory, and restart Communicator. During our tests it took some time before the UI showed up after replacing the dlls. Figure 8-5 and Figure 8-6 illustrate the UI in Spanish and German, respectively. Figure 8-5 184 Chapter 8

Note: If you are looking for good and high quality web space to host and run your jsp application check Lunarwebhost jsp web hosting services

To help you get started, I have created

Especially in European countries, using VPN connections to access the corporate network is a popular option because of security considerations companies have. Thankfully, there is no need to configure Microsoft Office Communicator differently. If auto configuration is used, you merely add the necessary DNS host entries on your DNS servers and configure the Group Policy settings according to company policies. Using Direct Access As it s used here, the term direct access refers to situations in which you can directly access a certain function hosted on the corporate network-for example, from a published website to Outlook s RPC over HTTP, where the application is using standard ways to do its tasks. This is the same with Microsoft Office Communicator, using a default port such as 5061 or 443 to access the Microsoft Office Live Communications Server Access Proxy. Microsoft Office Communicator has two configuration options for finding its server: automatic configuration and manual configuration. More information related to DNS setup for automatic configuration of the Microsoft Office Communicator 2005 client can be found in Chapter 4. Additional Recommendations You should have one LCS Access Proxy for federation, and one LCS Access Proxy for remote user access. Even though it is possible to have the Microsoft Office Live Communications Server Access Proxy act as a remote access server and federation partner, it is not recommended. A best practice is to separate the two roles. You should use two different DNS names for the two IP addresses of the Access Proxy. If you plan to have remote user access and federation, divide those two roles between two Access Proxies, although it is possible to have these two roles on one server as well. International Deployments Currently, Microsoft Office Live Communications Server 2005 SP1 is available in nine different languages: Spanish, Korean, Japanese, Italian, German, French, Chinese Traditional, Chinese Simplified, and English. Trial versions of the different languages can be found and downloaded from microsoft.com/livecomm. From a purely managerial point of view, we strongly recommend you install Microsoft Office Live Communications Server 2005 SP1 in English, and retain the program in English. International clients can seamlessly connect to the English version of LCS. The full version of Microsoft Office Communicator is in English. With the installation of the MUI Pack (Multi User Interface), a user can switch between the languages, as shown in the following table: 183 Enterprise Implementation Lessons Learned

Note: If you are looking for good and high quality web space to host and run your jsp application check Lunarwebhost jsp web hosting services

To help you get started, I have created

Database Administrators When working with database administrators (DBAs) of enterprise organizations, in my experience the only request concerns security or ownership to determine who runs the create database operations. LCS setup is modularized enough to run this procedure separately, giving control to the DBA to execute this required step. For the DBA to run the LCS Create Pool procedure, the user who runs the Create Pool process from the setup CD must be a Local Administrator on the SQL Server itself and must also be a member of the RTCDomainServerAdmins group in Active Directory. The following table outlines the permissions required per LCS group, which are created during the Prep Domain process of the LCS setup: Active Directory Group RTC Database Role RTCConfig Database Role RTCDomainServerAdmins Public and Admin Public and Read/Write RTCDomainUser Admins Public and Read Only RTCDomainServices Public and Server Public and Read Only Provide this table to the DBA team before running the Create Pool step, which is also part of the LCS setup, and you will be able to smoothly install LCS. Remote Access Best Practices Most businesses require some form of remote access to resources at the main office. The criticality and type of remote access required likely varies for different organizations. Many methods are available for providing remote access to resources. Each method has its own advantages and disadvantages, and may or may not be suitable to a particular remote access scenario. Typically, organizations require implementing multiple remote access methods for different remote access scenarios existing in their environment. There are two ways in which an LCS user can access an LCS environment: by using a virtual private network (VPN) and by using direct remote access. Both of these solutions are covered in the following sections. Using a Virtual Private Network Virtual private network (VPN) is the most common scenario for accessing a corporate network nowadays. Accessing your applications and data by using a VPN tunnel is like being connected to a network when you re in the office. 182 Chapter 8

Note: If you are looking for good and high quality web space to host and run your jsp application check Lunarwebhost jsp web hosting services

To help you get started, I have created

To help you get started, I have created an LCS Architecture Guide and Design Guide template so that you can merely fill in the blanks. Both guides are available on my blog site at http://jschurman.mvps.org. If you are working with an organization in which the top-level DNS servers are running Unix, you need to supply the team with a set of instructions for creating the required DNS SRV records to support clients logging in with automatic configuration. The following table outlines which SRV records are required in your external-facing DNS servers running on Unix to allow Communicator 2005 to connect to the LCS environment: LCS Use Protocol Type Example of DNS SRV Record Client Application External TLS _SIP._TLS.COMPANY.COM Both Federation TLS _SIPFEDERATIONTLS._TCP.COMPANY.COM Communicator Usually within an enterprise environment, a mix of operating systems also resides on the desktop. With the recent popularity of Linux, many customers raise concerns that they cannot reach every desktop. Linux is out there and running as well as Apple OS X. To provide LCS access to the rebels in each enterprise, Microsoft Office Communicator 2005 Web Access (CWA) is the solution. CWA is a web-based and lightweight version of Communicator that is platform independent. The only requirement on the desktop is that a client has access to a web browser. IT Security Like the Capital One credit card commercials with David Spade, the automatic answer provided by any enterprise IT security administrator is no! When deploying LCS within an enterprise environment, it is important to supply the appropriate security administrators with all of the nuts and bolts of LCS from a client and server perspective. The most common concern of security administrators regarding LCS is related to the opening of ports that enable communication between LCS clients, and between clients and servers. The following table outlines the ports that are used by Communicator for specific features of the product: Service UDP Port Use TCP Port Use TLS Port Use LCS Client to Server 5060 5061 LCS Server to Server 5061 (MTLS) Audio/Video 5004-65535 Application Sharing, Whiteboard, T.120 Protocol 1503 Voice (PC to PC) 6901 6901 Remote Assistance 3389 File Transfer 6891-6900 181 Enterprise Implementation Lessons Learned

Note: If you are looking for good and high quality web space to host and run your jsp application check Lunarwebhost jsp web hosting services

Extending the Active Directory Schema Every LCS consultant

3. The Live Communications Server Global Properties window will open, as shown in Figure 8-3. Figure 8-3 4. In the Domains section, the default LCS domain is automatically listed. To support multiple domains or alternate SIP URIs, such as in the example used earlier for user@company2.com, you must enter the alias into this list. 5. To add additional aliases, click the Add button. The Add SIP Domain dialog will open. 6. Enter the alias and click the OK button (see Figure 8-4). Figure 8-4 7. The alias will be added to the SIP Domains list (refer to Figure 8-3). Click the OK button to finish. Deploying LCS in a Multi-Operating System Environment Deploying LCS within a 100 percent Windows Operating System environment simply rocks! Unfortunately, in every enterprise environment in which my colleagues and I have deployed LCS, there is a mix of Linux, Unix, Windows, and custom operating systems. Additionally, when DNS records need to be deployed, large organizations and military companies run Unix to manage DNS records. In these circumstances, engaging team members can be difficult, and documentation to connect all the moving pieces is scarce. Lessons learned here include identifying the complete network architecture that will support or interface with your LCS deployment. Make a list of every component and the details of each component to build the necessary team of individuals and resources to engage in the deployment process. If you don t, you will lose a lot of time. In addition, your customer may lack confidence in your inability to correctly scope your deployment. 180 Chapter 8

Note: If you are looking for good and high quality web space to host and run your jsp application check Lunarwebhost jsp web hosting services

Extending the Active Directory Schema Every LCS consultant

Extending the Active Directory Schema Every LCS consultant will tell you that at some point in their experience, the issue of extending a customer s Active Directory schema arose. It is my feeling and that of many of my peers that the hollering and screaming about having to extend the Active Directory schema reflects a history of schema extension deployment nightmares with Microsoft Exchange Server. After years of updating the schema, and the extended paranoia of customer network engineers, it was inevitable that the requirement for extending the schema again for LCS enablement would cause an eruption. What customers need to understand is the model of Active Directory. Active Directory is a database. As such, it has properties, values, keys, and so on. When a new service is released, or, in database design terms, a new table or field is to be applied, you have to update the database. Because this is the case with Active Directory and LCS in that you want to enable this new set of features, services, and functionality, you must update the schema. The problem that most consultants face in this area is dealing with the customer IT security teams, which in some cases are a completely different organization to work with than the deployment team. I have had experiences where the time frame to obtain approval to update the schema for LCS extended out to seven months. Fortunately, after reviewing every single itemized change, questioning every motive, spending hours in conference calls to discuss specific changes, and then finally deploying the LCS schema update using the command line, we were finished and ready for a manual deployment of LCS. Whew! Once you experience this frustration and navigate through it, you can devise ways to make your deployment smoother. Active Directory Multi-Forest Organizations LCS can be deployed on a forest even if it has multiple domains. Unfortunately, some enterprise organizations manage multiple companies or subsidiaries even though they are considered one company. In this case, the solution is to deploy multiple LCS environments and enable LCS federation between Active Directory forests. This is a major concern that many organizations face. In my experience, a political decision is made regarding the appropriate approach to reduce the amount of servers required to run a federated model. One solution that I have had success with is allowing the holding company or top-level organization to maintain a centrally deployed LCS environment. All subsidiaries will still be able to log in using their SMTP or e-mail alias as their sign-in account name. For example, if user@company.com logs into LCS using Communicator, and he or she is a domain user of the entity that is hosting the LCS service, there are no issues. When user@company2.com logs into the same environment, a specific property setting within the LCS management console must be set to allow company2 users to log in to the service. Note that client automatic configuration will not be available for user@company2.com The following steps are required to enable alternative SIP URIs to log in to an LCS forest: 1. Open the LCS Management console by choosing Start.All Programs.Administrative Tools, and then click on Live Communications Server 2005 (see Figure 8-1). The LCS Management console will open. 2. In the left task pane, right-click the LCS Forest node and click Properties (see Figure 8-2). 178 Chapter 8

Note: If you are looking for good and high quality web space to host and run your jsp application check Lunarwebhost jsp web hosting services

Figure 7-4 Figure 7-5 174 Chapter 7

Enterprise Implementation Lessons Learned The few, the proud, the elite. No, this is not the Marines we are talking about, but an organization of consultants consisting of Microsoft employees and non-Microsoft employees who have been in the trenches deploying Microsoft Unified Communications solutions and have scars to prove it. With any technology application, problems will be realized during the deployment of the application in a real-world environment. The purpose of this chapter, and the heart and meaning of this book, is to impart some of the common lessons learned while deploying Live Communications Server 2005 SP1 and Communicator 2005 in actual real-world network environments. This chapter includes some of the screamers and some of the not so bad, and we hope that the lessons described in this chapter will help you out if and when you encounter them. This chapter describes some commonly faced issues when deploying Live Communications Server 2005 SP1 within an enterprise, including concerns with Active Directory, enterprise Instant Messaging migration, remote access, international deployments, and implementing Live Communications Server 2005 SP1 for military or private sector use. It is hoped that after reading this chapter, you will be able to leverage the experience and knowledge it provides to thwart issues that may arise in your own deployments, or to use this information as a warning for risk mitigation within your projects. Active Directory Concerns When working with any enterprise organization in deploying LCS, major concerns arise regarding the modification of Active Directory. This section presents a few example scenarios that may arise during this engagement process.

Note: If you are looking for good and high quality web space to host and run your jsp application check Lunarwebhost jsp web hosting services

Figure 7-4 Figure 7-5 174 Chapter 7

For additional configuration of rules and alerts or a more detailed description of Microsoft Management Server, refer to the available MOM product documentation available on the Microsoft Operations Manager website: www.microsoft.com/mom. For a good starting point, leave the counters as provided by Microsoft. The Microsoft Product Group defined approximately 200 event rules and 30 performance rules. Furthermore, three public views can be used to provide everyone with a server status: . Logged-On End Points: This view is represented by one counter, which shows the number of users currently logged on to the service. . Machine Health: This view is represented by two counters, which provide processor data and paging data. The processor data indicates how much load the processor is handling, which can help MOM operators determine whether more users can be added to the server. The paging data indicates whether the server has sufficient RAM. . Connection Health: This view is represented by three counters: Flow-Controlled Connections, Queue Depth, and Average Holding Time for Incoming Messages. Flow-Controlled Connections is the number of client connections for which the server is restricting messages, which (if it ever exceeds zero) can indicate the need to reduce the number of users assigned to that server. Queue Depth indicates whether the server is queuing requests, which can cause delays in the service and can be an area of concern if the value is greater than zero for an extended period (in general, more than 30 seconds). Average Holding Time for Incoming Messages shows the average number of seconds that each incoming message spends in the server until it is handled, which can indicate delays in the clients and the need to reduce the number of users assigned to that server. The MOM Management Pack for Live Communications Server does not provide server statistics such as the number of text messages, audio messages, video messages, or short- and long-distance communications at a given time. To provide this information, you have to either add additional counters to MOM or run, for example, the Windows Performance Monitor on a server or use the Live Communications Server archive logs to collect and analyze performance and operation data from services. To disable or enable counters, open the Microsoft Operations Manager administration console, click on your management server, and select Management Packs.Rule Groups.Microsoft Office Live Communications Server 2005.Microsoft Office Live Communications Server 2005 Enterprise Edition or Standard Edition. You will see the different rule groups and corresponding child rule groups. Summary The purpose of this chapter was to show you how to manage a Live Communications Server 2005 environment. This included descriptions of all the MMC console options and entries, as well as an overview of the Microsoft Operations Manager possibilities. The next chapter offers guidance for deploying Live Communications Server 2005 SP1 and Communicator 2005 based on the cumulative real-world experiences of this book s authors. 175 Live Communications Server 2005 Configuration Management

Note: If you are looking for good and high quality web space to host and run your jsp application check Lunarwebhost jsp web hosting services