Friday 26 June 2009

OCS 2007 R2: The absolute importance of correct SSL certificate generation and configuration: Syncronizing the Address Book

Are you getting Address Book errors like this?

The likihood is that you have SSL Certificate configuration issues. Either with the generation of the Certificate, the configuration of the Certificate, or the validation checking of the Certificate.

Most internal deployments if an internal CA is available will use it, so if using this method here are the three steps to check:

1. Ensure you install the Certificate Chain when configuring your Certificate through the OCS 2007 R2 Deployment Wizard, this will be a PB7 file. Ensure you download it as DER format and note Base64 encoded, otherwise the Wizard will complain the Cert is corrupt.

2. Check that all clients can locate the .CRL URL of the Certificate presented to them so they can check it's validity:

You can check the URL in a browser window:

3. Ensure you have performed the manual step of configuring IIS7 to use the Certificate, the Address Book URL is reached over SSL only so IIS must support this method.

Once that is done you should be able to see the Address Book:

Oliver Moazzezi

MVP - Exchange Server

Thursday 25 June 2009

OCS 2007 R2: Validating Front End Server Configuration

Another confusing OCS 2007 R2 error for the untrained.

When testing the Front End Server configuration and asking the Wizard to test Automatic Logon you may find you get the following error:

Failed to send SIP request: No connection could be made because the target machine actively refused it

Confusing. What you will find though is the IP address it points to for the SIP port (5061) is a Domain Controller with DNS. This is your first clue.. And is also caused because we wanted to test auto logon configuration.

Follow this TechNet article to create the relevant SIPInternalTLS SRV record in ADDNS.

At this stage you will find it still doesn't work, and that's because the Test Users you selected must be enabled for OCS. This is performed in ADUC. You will also need to install the OCS Administrative Tools to have this functionality.

Once the Users are enabled via ADUC re-run the Test. You will now find the Test is a success:


Oliver Moazzezi

MVP - Exchange Server

Wednesday 24 June 2009

OCS 2007 R2: Descriptive Name: Office Communications Server Monitoring Agent Service Status: Error

Getting this error when installing OCS R2? The Log shows this also:

Failure [0xC3EC79E6] Service failed to start as requested.

This is due to not having the correct Services installed prior to OCS R2 rollout. It's a bug of the actual Product installation as it doesn't state it is needed, and you will find when you finally get to start the Services you are presented with this confusing and frustrating error.

The fix:

Install Windows Powershell if not already present on your Windows 2008 Server. Run the following commands:

ServerManagerCmd -i MSMQ-Services

ServerManagerCmd -i MSMQ-Server

You will find the first one should install the second as a pre-requisite.

Re-run the Start Services wizard in the OCS 2007 R2 Deployment Wizard, and voila! you now have a happy service state.

Here's a visual view of what you get and how to remedy:


Oliver Moazzezi

MVP - Exchange Server

Thursday 18 June 2009

HP announces 'Datacentre in a box'

Performance Optimized Datacentre - or POD for short.

The specs say that the 40-foot container can house up to 3,520 compute nodes (blade servers) - 5000 if you use the new SL servers - and 12,000 3.5-inch hard drives, or any combination, which HP claims to be the equivalent of a 4,000 sq ft data centre. Third-party blade servers can be used. PODs can be stacked two high.

Prepare to hand out over $1m for one of these bad boys.

Oliver Moazzezi

MVP - Exchange Server

Tuesday 16 June 2009

Some good Exchange 2010 BETA screenshots on

There's a nice article here on which takes a first look at Exchange 2010. The screenshots are worth a view if you haven't see Exchange 2010 in action – Voicemail, 2010 OWA, ECP (Exchange Control Panel), and the management UI are shown


Dan -

Friday 12 June 2009

Google Apps trying to get some Outlook love

If you didn't know already, Google are trying to muscle in on the lucrative enterprise e-mail business. Microsoft has the lion's share of this market with their Exchange Server platform, yet to the majority of enterprise users, Exchange Server is invisible - it's the client that makes the experience a pain or pleasure. Across the world, Microsoft Outlook is the client of choice.

This week Google announced support for Microsoft Outlook as a client interface for Gmail/Google-Apps but how will this help Google to catch-up with Microsoft?

Gmail is one of the better webmail clients, it works well in a browser, integrates with other Google applications, message views work (Gmail already has a good threaded conversation view doesn't it? Outlook 2010 is catching up here) and the feeling of a huge mailbox, delivered with some archiving, works well. It's popular with universities and students I hear. The trouble with the Gmail client is that this only really works well for an individual. What's lacking are features to meet the needs of more than an individual – organisations and enterprises, the target of the ongoing Google development efforts.

Last week Google unveiled Google Apps Sync for Microsoft Outlook. This is a synchronisation technology that supports Outlook as a client Gmail and/or Google Apps. It's touted as a change that gives enterprises the option to oust Microsoft Exchange Servers for Google Apps while keeping the all-important end-user experience in place. Sounds good? Maybe...

I don't believe that this takes the game to Microsoft at all. In reality this is little more that Google catching-up with other non-Microsoft mail vendors with a corporate alternative to Exchange Server – MailSite, Open-Xchange, Zimbra have all had MAPI connectors and sync capabilities emulating Outlook for several years now.

There is a problem here that any vendor is going to really struggle to overcome - Outlook is built to work with Exchange Server. The list of features that only work with Exchange (and active Directory) as the backend is long – Outlook Anywhere (IMAP4 is your alternative), Auto-discovery (Manual client or script-based setups are needed), and Google Gears isn't anything like cached-Exchange.

There is a published list of Google Apps Sync has a list of differences. It's a list of things that don't work and I counted 46 items; Public Folders, delegation of mailbox permission, delegate access to your calendar, non-mail items are not synchronised, Global Address List only shows the user name and their email address and none of the contact or organisation attributes, attachments in calendar items etc. etc.


Google have a brand advantage and they are winning the publicity battle at the moment, but there's a long way to go and much hard work ahead of them if they're to achieve real success in the Enterprise. Don't forget that Exchange 2010 will be here later this year with Office 2010 along soon after. The new 2010 Outlook Web Access is already blowing people away. Outlook 2010 FTW!

Dan -