Technology | danejeffrey.com

Archive for the ‘Technology’ Category

Replacing an OCS 2007 R2 Edge Server

Friday, May 6th, 2011

Quick brain dump really for replacing a physical OCS 2007 R2 Edge Server with another physical server. Note this method is effectively a swap out, i.e. the new server is named and numbered the same as the old server which was useful in my scenario as no firewall rules needed to be updated. This does mean of course that there is a brief outage during the old switcheroo.

First, identify and build up your new server with Windows Server 2003 x64 R2 with Service Pack 2. Install Windows Updates as per your company’s policy, but do not install KB974571 (MS-09-056) – although, there is a fix which is explained in the article if you absolutely have to install that update (see the ‘Resolution for these known issues’ section of the article). At this stage, name and number the new server differently to the existing server (also, at this stage you probably only need the inside interface online, though both NICs should be patched for production).

Next, on the existing server, export the certificates as a PFX package (cert + keys) so they can be imported on the new server. To export the certificates, open Computer Management -> Services and Applications -> Right-Click Office Communications Server 2007 R2 and choose Certificates. Hit Next > select Export a certificate to a .pfx file, select the first valid certificate (there should be at least two, one for the inside one for the outside), hit Next > provide a path and file name (leave the checkbox select to attempt to export the chain), hit Next > provide a password which you will later use to import the cert, hit Next > and complete the wizard. Repeat for the remaining valid certificate(s) – you will only need the certificates that are applied to each of the interface roles (Access, Web Conf, Internal, etc).

Also, use lcscmd.exe to export the existing server configuration so we can import on the new server. Run lcscmd similar to this (note the fqdn is the internal name of the server):

"%CommonProgramFiles%\Microsoft Office Communications Server 2007 R2\lcscmd" /config /action:export /level:machine /configfile:<path_to_xml_file> /fqdn:<fqdn_of_server>

Copy the exported XML config file and the .pfx cert files to the new server.

At this point you are ready to shut down the existing server, this is the old switcheroo. You could of course switch a couple of these steps around to keep the old server up a bit longer but the whole process from now takes only around 20 minutes…up to you. Also up to you but possibly a good idea, either change the IP address or disable the NICs of the existing server before shutting it down just to b safe.

Rename the new server to take the host name of the old server
Renumber the new server to take the inside and outside IP addresses of the old server
Launch OCS 2007 R2 setup on the new server, go to Deploy Other Server Roles -> Deploy Edge Server.
At Step 1, click Install and follow the wizard to install the application files.
Run Step 2, Activate Edge Server, this will ask for account information for the RTCProxyService account.
Run Step 3, Configure Edge Server, the wizard allows for the import of a config file, point the wizard to the XML file copied over prior to shutting down the old server. Each step of the wizard will display and allow you to update any of the imported settings if necessary.
Run Step 4, Configure Certificates for the Edge Server, the wizard allows for the import of .pfx files. Match up the internal certificate with the internal interface role and the external certificate(s) with the external roles.
Run Step 5, Start Services, if everything went well the services should come online.

You can run the validation process, Step 6, but since the Edge Server has just replaced another one, you should know pretty quickly if things are working or not (test federated contacts, public IM connectivity, external client connectivity, etc). You can also use Microsoft’s Remote Connectivity Analyzer

Popularity: 20% [?]

Tags: microsoft, ocs
Posted in OCS | No Comments »

Fuze Messenger For Blackberry – Mobile OCS Without RIM Enterprise Messenger

Monday, March 14th, 2011

If you have a Microsoft Office Communications Server (OCS) 2007 R2 environment and want to use the Blackberry Client for OCS, you need to install the OCS Communicator Web Access (CWA) R1 role. This is due to some changes made by Microsoft between R1 and R2 (removing UC AJAX), see here

Unfortunately, from a BES-integrated aspect, there isn’t much else and I believe RIM haven’t announced an updated version of the client and probably won’t as there will no doubt instead be a release pending for a Lync 2010 client instead. I believe the current version, 2.5.46, still only supports CWA R1 via BES.

As an alternative, I’ve recently tried Fuze Messenger which is an all-purpose messaging client, supporting AIM, MSN, ICQ, Google Talk, Yahoo but also supports OCS 2007 R2. The application must be downloaded via Blackberry App World which perhaps makes it a little more difficult for Administrators to control and manage. Current version at time of writing is 3.2 (0505)

Technically, the installation and setup was simple – the application doesn’t request it, but I needed to reboot my device to get it to successfully connect to OCS first time round. To use the app, you must first create a Fuze Messenger login. Once created, you then setup IM Networks.

From an OCS perspective, the client connects similar to the way a remote Communicator client would connect, via the Access Edge server. Therefore, the user needs to have the ‘Enable remote user access’ setting enabled under Other Settings in their Communications Server properties. Once logged in to Fuze and you’ve selected OCS as an IM Network, the settings required are just your OCS sign-in name (i.e. SIP address) and your OCS User Name and Password (domain credentials) – note that the User Name is in the format <domain>\\<username>. You then just choose whether you want to import your existing contact list and if so how, then hit Finish and you should be logged in and your contacts displayed if you chose to import them.

The IM experience using Fuze isn’t as good as what I expect the RIM client to be, however it is functional and the application does run nicely in the background alerting you to new IM conversations and has plenty of options for configuring how you want to be alerted and how you want messages to be displayed, etc.

Popularity: 89% [?]

Tags: blackberry, ocs
Posted in OCS | No Comments »

Windows NTFS Permissions To Allow Create File Access But Not Modify Files

Wednesday, February 23rd, 2011

Generally speaking, NTFS permissions for creating files and modifying data are one and the same, that is, Create files / write data are a single item in the Advanced Security Settings -> Permissions Entry dialog.

However, it is possible to grant create file access separately to write data access. This is done by granting the following permissions (assume the group to apply this to is called CreateOnlyGroup):

Name	Permission	Apply To
CreateOnlyGroup	Read & Execute	This folder, subfolders and files
CreateOnlyGroup	Create files / write data	This folder and subfolders
CREATER OWNER	Read & Execute	Files only

If you wanted to allow the CreateOnlyGroup to then be able to modify the files that they created but not ones that they didn’t, just change the CREATER OWNER permissions to allow that.

Popularity: 29% [?]

Tags: windows
Posted in Windows | No Comments »

Eclipse IDE – New Project, No Android Build Targets Available

Tuesday, January 25th, 2011

Installed the Andorid SDK on Windows as per guide at http://developer.android.com, all pretty straight forward. Decided to also use the Eclipse IDE for developing apps since it seems to be the recommended way of doing this (haven’t really done any Java development in the past).

Installed Eclipse 3.6 (Helios) and installed the ADT plugin for it, as detailed here.

Following that, tried to build a new project following the guide here.

Got to the New Project page but there were no Build Targets available in the list.

For me, the issue was that Eclipse didn’t know where the Android SDK was located, so it didn’t know what builds were available. To fix:
1. In Eclipse go to Window -> Preferences
2. Click on Android
3. Browse to the path of the SDK (for me, on Windows, this was default C:\Program Files\Android\android-sdk-windows)
4. Click Apply, then OK

The builds that have been added to the SDK will appear in the list. Go to File -> New -> Project again and this time the Build Targets list is there:

Popularity: 13% [?]

Tags: code
Posted in Code | 1 Comment »

VMware PowerCLI for Host and Guest CPU Details, Includes OS and Power State

Tuesday, January 25th, 2011

The following will get CPU (num of cores) counts from hosts and will also get vCPU counts from VM’s. It will also get the operating system of each VM, its power state and the average CPU for the past week. The end of each section also has a count of the number of objects (hosts and VMs) in the environment.

Connect-VIServer <Your_vCenter_Server>
# define start and finish days (1 week period)
$startdate=(get-date).addDays(-7)
$finishdate=(get-date).addDays(-1)
# initialise counters
$vmcount=0
$hostcount=0

ForEach ($esxhost in (Get-VMHost | Sort Name)){
	Write-Host $esxhost.Name","$esxhost.NumCPU
    $hostcount++
}
Write-Host "Total Hosts:" $hostcount

ForEach ($vm in (Get-VM | Sort Name)){
    If ($vm.PowerState -eq 'PoweredOn'){
        $vstats = (Get-Stat -entity $vm -stat cpu.usage.average -Start $startdate -Finish $finishdate | measure-object -property value -average)
        # round to two decimal places
        $vavg = [system.math]::round($vstats.average,2)
    }Else{
        $vavg = 0
    }
	Write-Host $vm.Name","$vm.Guest.OSFullName","$vm.PowerState","$vm.NumCPU","$vavg
    $vmcount++
}

Write-Host "Total VM's:" $vmcount

Popularity: 35% [?]

Tags: code, powershell, VMware
Posted in Code, VMware | 1 Comment »

Home | Blog | Gallery | Contact | Music | About |