Firewall Requirements for Integrating OCS and OWA

If you follow my directions for integrating Office Communications Server 2007 R2 with Exchange Server 2010 OWA, and you also have either a host firewall on your CAS servers or a firewall between the OCS frontend pool and your CAS servers, you may find yourself with only half the intended functionality. You’ll be able to send IMs just fine from OWA clients, but, if you try to receive an IM in OWA, the user on the far side will get an error like this: The following message was not delivered to <user>. More details (ID:504) This message was not delivered … Continue reading Firewall Requirements for Integrating OCS and OWA

TechEd Next Week

I’ll be hanging out in New Orleans at TechE all next week. I’m scheduled to be on one of the Forefront Identity and Access stands Monday and Tuesday most of the day answering Active Directory questions, however I’ll probably be around most of the week there. Come say hello if you’re in town.

Access Denied Error in Exchange Control Panel

If you’ve got a user who gets an Access Denied error similiar to the one below when they click on Options in Outlook Web Access (OWA), they may not have the MyBaseOptions role. Typically this happens because the user has lost their Role Assignment Policy. You can check this with the following PowerShell command, substituting the name of the mailbox you want to check: Get-Mailbox bdesmond | fl *role* If you don’t get results similiar to the following (e.g. the result is blank), you need to assign the policy to the user. RoleAssignmentPolicy : Default Role Assignment Policy To assign … Continue reading Access Denied Error in Exchange Control Panel

Troubleshooting BlackBerry Enterprise Server Integration

I thought I’d compile a list of issues that I’ve seen and fixed with regard to BlackBerry Enterprise Server (BES) integration with Exchange and Active Directory. Most of these issues don’t seem to be really well documented on Google but BES will break in strange ways when it hits them. I specifically have seen half-duplex calendaring (e.g. users get their appointments on the device but can’t make updates) with a bunch of these. Exchange 2010 Address Book Service (DoMT) max connections set to default. This one is documented in BES’ Exchange 2010 guide. You need to tweak MaxSessionsPerUser in the … Continue reading Troubleshooting BlackBerry Enterprise Server Integration

OCS Mac Messenger Certificate Trust Errors with DigiCert

If you’re getting an error from Mac Messenger about the digital certificate file being invalid when trying to sign-in to OCS, you may need to tweak the root config on your OCS servers. The good news is the fine folks over at DigiCert have compiled some simple steps that outline how to do this. You’ll need to reboot after you do them. Warning: The steps outlined above will immediately render the OCS services inoperable and will require a reboot to straighten things out. DO NOT do this during production hours! filler

Speaking at TEC 2010 Los Angeles

I’ve got three sessions this year at TEC. TEC is by far the best IT conference I’ve attended (and I’ve been to many). You’ve even still got five days to convince your boss and get a discount on the registration fee! My sessions this year are: Inside Kerberos – I’ve got plans to talk about the mechanics of the key Kerberos message sequences that you’ll run in to with Active Directory. Kerberos is one of those things you rarely have to configure in AD as it “just works”, but, when it doesn’t it really helps to understand what’s going on. … Continue reading Speaking at TEC 2010 Los Angeles

Exposing Organization Level Message Tracking in Exchange 2010 OWA

If your end users are using Exchange Server 2010 OWA, one of the things they can now do is track their messages from the Exchange Control Panel and see largely the same data an administrator sees. What isn’t enabled by default is the ability to delegate this on an organization wide basis via the Exchange Control Panel. There is a duplicate of this interface which lets a user search the entire organization’s message tracking logs. In order to access this, you need to do a couple of things: Create an Active Directory security group to delegate the rights to in … Continue reading Exposing Organization Level Message Tracking in Exchange 2010 OWA

How to Integrate Office Communications Server 2007 R2 with Exchange 2010

One of the new features of Outlook Web App (OWA) in Exchange 2010 is the ability for OWA to act as an IM client if you have Office Communications Server (OCS) in your environment. Once configured, you’ll be able to see and manage your buddy list, manage presence, as well as participate in IM conversations while logged in to OWA. Configuring this integration requires a number of steps on each of your Exchange 2010 Client Access Servers (CAS’). Many of the changes discussed in this blog post will cause brief service interruptions so it is highly recommended that you perform … Continue reading How to Integrate Office Communications Server 2007 R2 with Exchange 2010

Converting HyperV Snapshots to Dumps

Microsoft has had a tool internally for a while that would convert a saved state or snapshot of a HyperV virtual machine into a dump that you could open with the Windows debugging tools. This is really pretty handy sometimes when troubleshooting. The good news is this tool is now publically available here.