We recently implemented the full Microsoft Unified Communication (UC) solution at Modality Systems to provide Voice and Unified Messaging (UM) capabilities for our employees.  

At present, our production email system is a Hosted Exchange 2003 service run by a 3^rd party hosting company, and we needed to integrate our internal Exchange 2007 UM deployment with our hosted Exchange service.

The solution we developed to solve this problem also broadly applies to organisations who are running a pilot or proof-of-concept Exchange 2007 UM systems (running in a separate AD forest) and want to forward the voice mail and missed call notifications to their user’s production mailboxes.

It sounds like it should be straightforward enough, until you dive into the details.  We realised that we effectively needed to forward email between two independent messaging systems that were hosting identical SMTP address spaces.

There are number of advantages to deploying the pilot using the same SMTP address space as the production system

• The display of Office Communicator presence information in Outlook, SharePoint and other applications requires the user’s SIP address and SMTP address to match (there are exceptions to this rule, but using workarounds complicates the configuration).  
• The Exchange UM mailbox SMTP address needs to match the user’s SIP address in order to integrate the OCS 2007 Voice system with the Exchange UM system (specifically, the user’s OCS SIP URI must match their EUM proxy address)
• A production pilot will be more successful if it integrates with the user’s daily experience seamlessly.  Giving user’s multiple addresses and multiple accounts will almost  guarantee that the user will not use the pilot system effectively.

Here is a summary of how this was achieved. 

1. Configure the pilot OCS 2007 system to integrate with the pilot Exchange 2007 system for Voice Mail and Unified Messaging.  Details of how to do this can be found here.
2. On the pilot Ex2007 system, we set up our @modalitysystems.com domain as an Internal Relay Domain
3. Next we created a Send Connector using the Address Space of modalitysystems.com and a Smart Host pointing to the FQDN of our production email system.   Important:  Do not just edit the existing connector as you will need a “*” address space connector to send all your other email out through.   (This now meant that anything sent to an address of *@modalitysystems.com that didn’t exist in the pilot Exchange 2007 Global Address List would now be sent out externally to the production system for delivery.)
4. Next, we created Contact Objects within the pilot environment a gave them new “UM” addresses. We used the format of username.um@modalitysystems.com, but you can use whatever format you want as long as the user portion is different from the actual GAL address.
5. Next the new Contacts were set up as forwarders on each corresponding Exchange 2007 account.
6. Finally, we needed to add the new “UM” SMTP addresses as secondary addresses for each of our users in the production email system. 

Now, UM email received by pilot mailboxes would be automatically forwarded to our user’s production mailboxes.  This provides a limited version of the UM offering, giving you the basic voice mail & missed call service into our production Exchange 2003 accounts.  

These are the limitations of this approach:

• This solution only provides a way to receive voice mail and missed call notifications.  The other features of Ex2007 UM such as calendar integration and “play-on-phone” will not be available since the UM system is integrating with the non-production mailbox.
• A clean-up process of the pilot mailboxes may be required since users will not typically connect to these mailboxes.  Voice Mail messages can pile up over time with no way for the user to delete them unless you give them access to this mailbox via, e.g., OWA.  The Managed Folders feature in Exchange can be used to automate this process. 

We’ve been using this for a couple of months now and it provides a great interim solution until we migrate from hosted email to our own internal Exchange system.

-Nick Seagrave, Modality Systems

We’re very happy to announce that Modality Systems has fulfilled the qualifications necessary to achieve the Voice specialisation within the Microsoft Partner Program’s Unified Communications Competency.

Earning the Unified Communications Competency Voice specialisation required the completion of a rigorous technical readiness program that included specific staffing requirements and an internal deployment of the complete Microsoft Unified Communications offering.

Companies who achieve the Unified Communications Competency Voice specialisation are qualified by Microsoft to deploy Microsoft unified communications technologies such as Microsoft Exchange Unified Messaging and Microsoft Office Communications Server 2007.

Thanks to John, Mike and Nick for the hard work required to make this happen.

Also, special thanks to our Microsoft Voice Partner team: Katherine, Tom, Tom, and Ian!

View our full press release here: http://www.microsoft.com/presspass/presskits/uc/docs/modality.doc

-James Rodd, Modality Systems

I have a habit of tearing out interesting articles from newspapers.  I rip them out, fold them, and stuff them into the breast pocket of my suit.

This has the interesting side effect of letting interesting nuggets of information surface when I least expect it.  Today I found an fragment of an article that I tore out ages ago, and it could not have appeared at a better time as I was contemplating how to tackle a rather large engagement that we’ve started. 

I have no idea what the source of this is other than it’s from a British newspaper sometime between 2006 and 2007.

There are two dangers in consultation. On the one hand, it can simply be lip service, or window dressing, at one extreme; and at the other extreme it can be the experts almost abandoning their responsibilities, saying to people - "What do you want? We will then build it ." If experts are worth anything, they know about pre-risk experience, about how things have been done differently elsewhere. They can look after the longer term and, to my mind, "longer term" sums up the nature but also the problems and the opportunities [in this type of work].

Sunand Prasad

President of the Royal Institute of British Architects

Why do people hire consultants?  I think there are two main reasons:

First, if you’re having a lot of pain, you may want to hire someone to take the pain away.  By and large, this reason applies to contract consulting (we need 1,000 pages of documentation in order to meet a regulatory requirement - let’s hire some unsuspecting consultant to do it.), or to outsourcing companies (We’re still running Windows98 in the accounting department - anyone want to migrate our users data to our new systems?  Anyone?)

The second reason is exemplified Mr. Prasad’s quote.  Consultants tend to focus in a particular area and then do lots of projects in that area.   We’ve not done something once, but dozens or even hundreds of times.  The experience and insight developed from these activities means that we can build risk-mitigation into the design and into the system.   It also means that we understand how things have been done elsewhere.  We constantly refine our approach, picking up best practices and lessons learned.  We build flexibility into the system when possible so that it can be changed or amended later.

The equally smart, but novice designer will spend too much time trying to figure out what to do, essentially because there is a fear that an action taken now could cause an un-retractable problem in the future.  They will spend too much time and still not get it quite right.  

When used correctly, consultants can save companies immeasurable amounts of time and resources by eliminating future problems before they happen.

This also requires a responsible consultant.  One who is aware of her practice as craftsmanship.  Once who does not give lip service or who does not go in too far over their head in doing "whatever the client wants."    

-John Lamb, Modality Systems

There are two kinds of people in this world:  Those who have tried to install and configure the "Microsoft Office Communicator, Phone Edition Software Update Service" (aka, the Tanjay Update Server)… and those who haven’t.

If you have, you’re probably smirking because you know what I’m talking about.  If you haven’t yet, I might suggest you let sleeping monsters lie. 

Though if you’re a brave knight and want to test your luck, help is available.  I’ve been working with Microsoft and we’re documenting solutions to the most common problems. 

TomL (LCSKid) has posted our work over on his blog : http://blogs.technet.com/toml/archive/2008/06/02/update-server-problems-with-configupdateserver-vbs.aspx

Thomas Lee (from Global Knowledge) also has an excellent post on his blog that covers the infrastructure requirements.  http://cacorner.blogspot.com/2008/05/getting-tanjay-working.html

If you have any questions or issues not covered in these blog posts, please post a comment or email me.  We’re tracking the problems and will post updates with solutions.  Thanks!

-John Lamb, Modality Systems

We’ve just been through the exercise that every IT consultant / engineer / analyst goes through at some point:  The reverse engineering of permissions applied on active directory objects. 

Hopefully this post will spare you the tedious task.

In this particular case, we needed to give a non-Domain Administrator the ability to install and activate an OCS 2007 server. 

The OCS installation wizard (setup.exe) and command-line configuration tool (LCSCmd.exe) both give you a simple way to delegate installation & activation of OCS Servers.  The challenge however, was that our client wanted to know “what, exactly” was being delegated.   It’s a fair question.  What would be the point of having a Domain Admin delegate permissions to a user, if the user received 90% of the privileges of the Domain Admin as a result of the delegation? 

Presumably, the OCS delegation wizard only delegates the minimum permissions required to do the job.  That is what we set out to prove.

OCS Installer Group Required

First, you must pre-create an AD security group that will receive the delegated permissions.  Let’s call this “OCSInstallersGroup” for the purposes of the example.

Any user who will perform installation and activation of OCS servers will become a member of this group.   The delegation wizard delegates permissions to this group, not to an individual user.

OCS Service Accounts Required

Before running the delegation wizard (or LCSCmd) you will also need to know the names of the OCS SIP Service and OCS Component Service accounts.  These are AD user accounts that are being used to run the various OCS Server services.  If this will be the first OCS Server in the domain, you will need to pre-create these user accounts. 

• OCS SIP Service Account (default: RTCService)
• OCS Component Service Account (default: RTCComponentService)

Delegation Wizard Inputs

The delegation wizard must be run by a user who is a member of the Domain Admins group in the domain where we are installing the OCS Servers.

The wizard requires 5 input variables:

1. TrusteeGroup:  The name of the OCS Installer Group, e.g., OCSInstallersGroup
2. TrusteeDomain:  The domain where the group exists, e.g., europe.yourcompany.com
3. SIPServiceAccount:   The name of the OCS SIP Service account, e.g, RTCService
4. ComponentServiceAccount:  The name of the OCS Component Service Account, e.g., RTCComponentService
5. ComputerOU:  The DN of the OU where the OCS Servers are located, e.g., OU=OCS2007,OU=Servers,DC=europe,DC=yourcompany,DC=com

Delegation Wizard Outputs

The wizard performs the following tasks:

1.  The TrusteeGroup is added to the Following Groups:

• RTCUniversalGlobalWriteGroup - Members have write access to RTC global settings
• RTCUniversalGlobalReadOnlyGroup - Members have read access to RTC global settings

(The OCS Global Settings are AD objects typically stored in the configuration partition at: CN=Global Settings,CN=RTC Service,CN=Services,CN=Configuration,DC=yourcompany,DC=com.   In some cases, the Global Settings may be stored in the Root Domain Partition instead.)

2.  The TrusteeGroup is granted Read and Write permissions* to the ComputerOU (the OU containing the OCS Servers).

3. The TrusteeGroup is granted Read/Write Service Principal Name (SPN) permissions* on the OCS SIP Service Account object

4.  The TrusteeGroup is granted Read/Write Service Principal Name (SPN) permissions* on the OCS Component Service Account object.

*  If you would like to see a list of the specific Access Control Entries (ACEs) that are applied in Steps 2 - 4, we’ve documented them here.

Analysis

Our findings were pretty much what we expected.  The person installing OCS needs to be able to create the Pool and Server objects in the Global Settings and they need to be able to register new Service Principal Names in AD (Use a utility like SetSPN.exe to see what these are).  

We were happy with this… and more importantly, our client was happy with this. 

John Lamb, Modality Systems

Technorati Tags: office communications server 2007, active directory, delegation of administration

At Modality Systems, we like to experiment with technology.  (Actually, that’s not exactly true - we like to abuse technology.   You don’t get good orange juice by being nice to an orange.)

One of the things that’s captured our fascination recently is the utter elegance and simplicity of the software and hardware coming out of Cupertino.  The "creative types" have known this secret for quite some time, but as a Enterprise-centric company, we’ve had our heads in the sand to some extent. 

James decided to buy an iPhone recently and we’ve all be wowed by the web browsing experience.  Outlook Web Access looks so good on this thing that he’s not entirely missing Active Sync yet.   With ActiveSync on the roadmap for the iPhone, it begs the question:  Will the iPhone become the de facto corporate communications device?  It’s not unthinkable.

For us, the important question is how this will integrate with your Unified Communications infrastructure.   There is no Communicator Mobile software for the iPhone, so the logical the logical question is how well web-based UC applications will work.

We started by running Communicator Web Access.  After you manage to get pop-up blocking disabled, it runs really well in the iPhone’s Safari browser.   The contact list doesn’t appear for some reason (though CWA works fine using Safari on a Mac or PC), but the search function works nicely and allows the user to look up a contact and send an IM.

We’ll continue to test the Microsoft UC stack on Apple products and report back our findings in a series of posts.

-John Lamb, Modality Systems

Two industry shows in the last 2 weeks, both asking the same question: “What is the killer application for Unified Communications?”  Having attended both, it is fair to say that the question was not answered.

There has, however, been lot’s of attempts to re-brand a lot of legacy technologies as Unified Communications.

I’ve made two observations: 

From one perspective, you can make the observation that “Presence” is the killer application for Unified Communications - Introducing pervasive presence information as a horizontal feature across a range of isolated applications provides immediate value; “Presence” becomes the enabler to improve technology disconnects and drive instant event-based communication.

The second observation is that trying to define a killer application for UC forms something of misleading question.  The application is really just “communications”, and it’s not really even an application but a platform.  It’s the unification of disconnected communications silos that is killer, much in the same way that the web provides a connected and contextual framework for vast amounts of data through hyperlinking.

The true value to your organisation comes from being able to build on and leverage this platform level presence into existing killer applications and business process.  Just imagine what can be achieved by embedding contextual and relevant presence information into existing processes; and then further by extending this presence into key customers and partners.

Technorati Tags: unified communications

On Friday 27-March, The Daily Telegraph had a 7 page pull out section all about Unified Communications… but not as we know it. 

It looks to be heavily influenced by Nortel, but has comment from Cisco, Siemens, Alcatel and more.  I will leave you to read the full article if you wish, but the main thread is that all things PBX and the move towards Convergence is now called Unified Communications.  The cover story is about Gloucester Rugby Club deploying UC – which when you read closely, it appears the solution is simply an Avaya IP Telephony (IPT) system – and no more.   Not to dismiss the value of IPT and the great work of our friends who design and develop these systems, but a rose by any other name is still a rose.

Microsoft’s OCS and IBM’s Sametime software based solutions are only mentioned on page 7 under “Collaboration”.  The article goes on to say: “Unified Comms really come into its own when IPT is combined with a Collaboration platform like Microsoft OCS or IBM Sametime.”   That’s one way to say it.  Another way to say this is “IPT is just another phone system until you integrate it with information systems and desktop applications.”

A week a later, I attended two industry events in London.   The same theme of IPT as UC was pervasive. 

There is a big effort from PBX vendors here to make sure UC is the new name for IPT.

Special Thanks to Steven Westwell for his knowledge and experience with Windows and Office localisation.  His assistance was instrumental in discovering the information contained in this article.  Steven’s blog can be found here: http://stevenwestwell.wordpress.com/2008/02/21/ocs-localisation/

Generally speaking, the documentation for the Office Communications Server 2007 product suite is very good.  One of the areas that is lacking however is information required for large-scale client deployments.

We’re currently in the midst of an 80,000 user global roll-out of the Office Communicator 2007 and Live Meeting 2007 clients.  In the absence of comprehensive documentation on language localisation (or “localization”, depending on which side of the Atlantic Ocean you’re on), we’ve done some extensive testing.  Here’s what we’ve learned:

I.  First things first

There are 3 client components required for OCS 2007:

1. Office Communicator 2007 - supports IM and Presence, Audio/Video conferencing, Telephony Call-Control, Voice calls, and File Transfer.
2. Live Meeting 2007 - supports Web Conferencing, Audio/Video conferencing, Whiteboard, and other forms of data collaboration.  This client is also required if you plan to deploy the RoundTable device.
3. Outlook Add-In for Conference Scheduling - This enables a user to schedule conferences using the Outlook calendar. 

Office Communicator 2007 and Live Meeting 2007 behave differently with respect to language localization.

II.  Office Communicator 2007 - Language & Localisation Settings 

Office Communicator 2007 now supports the full set of 37 Microsoft Office languages:

To set the Office Communicator language manually, first install the Communicator 2007 Multi-Language User Interface (MUI) Pack, which is available for download here:  http://www.microsoft.com/downloads/details.aspx?familyid=86DE1E77-3406-475A-9271-24F507E20972&displaylang=en

Then, use the Options > General configuration page to select the language as shown in this screenshot. (Note that Communicator must restarted for the changes to take effect.)

Optionally, the Office Communicator 2007 language can be set programmatically, by modifying the following registry key:

HKCU\software\Microsoft\Communicator\Language : REG_DWORD : <language code>

If you are planning to set the OC 2007 language to be machine-specific (rather than user-specific) , such as during the OS build process, you could use the following registry key instead:

HKLM\Software\Microsoft\Communicator MUI\Default Language : REG_DWORD : <language code>

III.  Live Meeting 2007 Console - Language & Localisation Settings

In the current version of the software, there is no integration between language settings for OC 2007 and LM 2007.   According to a source at Microsoft, this will change for the next version of the Live Meeting client when the LM client is re-written “from the ground up”.

The Live Meeting 2007 Client (aka LM 2007 Console) supports the following 14 languages:

Note: There is no MUI Pack for LM 2007.  These 14 languages ship as part of the base LM 2007 installation executable.

Unfortunately, there is no way to manually set the LM 2007 client language.  If the Windows 2000, Windows XP, or Windows Vista operating system has a language pack installed, then the LM 2007 client will automatically detect the Operating System’s language and use that.  This is the language that is specified in Control Panel > Regional and Language Settings, as shown in the screenshot below:

For example, if you have the English, French, and Japanese OS language packs installed, you would select the regional option for the desired language.  If you only have a single language pack installed(for example, only Japanese), the LM 2007 console will use Japanese by default.

This means that you must have an OS Language Pack installed in order to change the LM 2007 language… and the LM 2007 client cannot be in a different from the OS language.

This also means that you could have Office Communicator set to a different language than LM.  The best practice for deployments would seem to be to automatically set OC to be the same language as the OS (rather than the same language as Office, if the OS and Office are in different languages) to ensure that OC and LM always end up being in the same language.

IV.    Outlook Add-In for Conferencing - Language & Localisation Settings

The Outlook Add-In for Conference Scheduling will automatically change to the default language that Office is configured to use.   We didn’t test all 37 of the supported Office languages to see if the add-in  supports all of them, but it did support the western and non-western languages that we tried.

V.  Previous Versions

For completeness, I’m including the languages supported by previous versions of the the clients, which is a subset of the languages supported in the current 2007 versions.

• Office Communicator 2005 supported the following 12 languages (in addition to English) via a MUI Pack:  Spanish, Korean, Japanese, Italian, German, French, Chinese - Traditional, Chinese - Simplified, Danish, Finnish, Portuguese (Brazil), Swedish
• The Office Live Meeting 2005 client supported the following 7 languages (no MUI Pack required): French, German, Spanish, English, Korean, Japanese, Chinese - Simplified
• The Office Live Meeting 2003 client supported only English. 

-John Lamb, Modality Systems

Technorati Tags: Office Communicator, Live Meeting, Software Localization