Sunday, June 29, 2008

Designing Your Perimeter Network for Office Communications Server 2007 White Paper

Brief Description

This paper answers questions about Microsoft® Office Communications Server 2007 with specific regard to its integration into the perimeter network (also known as DMZ, demilitarized zone, or screened subnet).

Quick Details

File Name:


Date Published:


Download Size:
1.7 MB


The first section, “Commonly Asked Questions,” answers key design questions from customers about the initial stages of product deployment.
The second section, “Architecture and Networking Best Practices,” explores ways to prepare for the edge servers in the perimeter network, taking into consideration issues of physical deployment, ways to ensure a publicly routable IP address, firewall configuration, and load-balancing concerns.

Friday, June 27, 2008

WPF Presence Screen saver

Based on the WPF Custom Screen Saver Art article by Erik Klimczak on coding4fun, a colleague of mine, Michiel van Oudheusden decided to extend this screen saver to show real presence.

Full article here...

Wednesday, June 25, 2008 Appliances Part III Appliances

Welcome back. Two weeks ago I started blogging about StartReady: an interesting new Microsoft partner that specializes on building Microsoft Based Appliances, including an OCS Appliance. In a couple of episodes I’m going to share some of the technical things these guys are doing. In the first episode I discussed the more general overview of their architecture and choices they made. The second episode was all about the unattended installation and configuration of OCS.

In this episode I have an interview with two specialists from StartReady, Erik and Arjan. Erik is responsible for the remote management architecture and Arjan focuses on the virtualization technology that is used on the appliances.

First of all I have to say that your remote management architecture looks very impressive. It probably was a complex part of the overall design. Erik can you walk me through the architecture and tell us something about the issues you encountered?

StartReady Remote Operations Manager Overview (2)You are right – Remote Management is a key part of our appliances. Without it, it doesn’t comply to the definition of an appliance. So, let’s start at the customers site. In the upper right corner of the picture, you see the installed appliance. This machine should be managed remotely by the Value Added Reseller (VAR). To make this possible we automatically deploy and configure System Center Essentials (SCE) during an appliance deployment. One part of the SCE configuration consists of configuring a Management Group. All the other installed virtual machines on the appliance, e.g. Edge Role and Mediation Role are added to this Management Group. Only the machines in this Management Group are managed. Now, the SCE server has two important functions. First, it functions as a Update Server (through WSUS) for all the machines in the Management Group. Second, SCE functions as a gateway to the StartReady System Center Operations Manager environment. This makes it possible to receive information (events) and to remotely manage the appliance.

So with the locally installed WSUS server you have full control of the updates that are pushed to the appliances?

Yes, that’s correct. The WSUS server on the appliance is pointed to the StartReady WSUS upstream server. So, what we do when Microsoft releases an update or patch, is testing it in our own datacenter, before releasing it to the customers appliance. SCE receives the updates, and replicates them to the Management Group. This way we can guarantee the highest service level. By default we release our updates at night. The VAR then can determine when to restart the appliances. The VAR knows when the service windows are available and restarts can be scheduled. By working with this staged deployment every customer can have its specific SLA.

Let´s focus on some more details regarding remote management. In the picture you can see several arrows. Port 5723 has to be opened for outbound communication on the customers firewall. This connects the SCE Server to the OpsMgr GateWay at StartReady. Normally, in an Active Directory based environment, SCE and the OpsMgr Server would authenticate each other using Kerberos, but that´s not possible in this scenario. The servers are not in the same domain and therefore we need the OpsMgr GateWay. Authentication is being done using certificates. These certificates are provisioned by our Certificate Authority (CA) Server hosted at StartReady.

So the SCE server communicates through the OpsMgr GateWay server with OpsMgr. The actual processing of the data that is transferred is done on the OpsMgr server. So, on this server we have all the management packs installed, such as for SQL Server, OCS, etc.. SCE on the appliance has no management packs installed, except for the system management packs. The health state of the appliance is determined on the OpsMgr Server. The Management Packs are responsible for this.

StartReady Remote Management Customer Health Status (2) In order to provide the VAR with remote access to our OpsMgr environment, we also host a terminal server and a terminal server gateway. Via https over port 443 the VAR opens a RDP session through our terminal server gateway to a terminal server. On this terminal server all the necessary tools are available to manage the appliances that the VAR maintains. One of the tools is the Ops Manager Console. In the console the VAR can see only his own customers. The Ops Manager Console is the starting point for all management. For example, there is a general health status overview for all the appliances. So a VAR can see in a split second how the customers environment is doing.

Can you tell something about the Remote Web Workplace as shown in your remote management architecture?

The Remote Web Workplace is something Microsoft introduced in Small Business Server 2003. It is now more broadly used.
StartReady Remote Web Workplace for VAR (2) First the VAR logs on to a webpage through port 443. This is all done from a terminal server session at the StartReady environment. After logging on, the VAR can choose a server on the appliance and start a RDP session over port 4125. For example, he now can access the OCS server. Something to realize is that only the machines on the Appliance are available to connect to. All other servers in the customers environment are not. And that is a good thing.

I agree with you! But for the management of the appliance, the customer needs to open just three different ports on his firewall?

Yes, and to reduce possible risk even more, the customer will only grant access to the machine from just one specific location (StartReady) and all communication is encrypted by using certificates. Further, the OpsMgr server and the SCE server authenticate mutually by using certificates. It is not possible to open a remote desktop session to an appliance directly, as we do not publish the RDP protocol to the internet from the customer firewall. At last, before the VAR can manage a server, he has to authenticate himself several times using different accounts and passwords.
We see that some customers are reluctant in opening up their environment, but with this story, until now, we have convinced them all.

Interesting. I too feel that quality of service and high SLA´s require professional management. You are the ones that know the appliance best, so a customer has many advantages in letting you do it. In more general, I see that this transformation from in-house management to outsourced management is taking place. And furthermore, the way you do it is based on the Best Practice by Microsoft.
Back to technology: what were the issues you encountered?

First of all, out of the box SCE is not suited to be installed unattended. So, we had difficulties to automatically configure SCE on the appliance. However, during development Service Pack 1 of SCE arrived. It solved a few issues we had with the installation and especially the configuration. Our latest issue was the connection of SCE to our OpsMgr production environment. In our test environment everything was working fine, but we couldn’t get it to work in production. We saw packages being dropped on our ISA server for no particular reason. To make a long, and I mean LOOONG story short it was a bug in the Hyper-V RC0 and an upgrade to RC1 fixed it.

Ok. Arjan, your turn. Can you tell me why you have chosen to use Hyper-V and therewith something that’s still in development? Isn’t that a big risk?

Well, first of all, StartReady is founded by two Microsoft guys. They knew Microsoft’s roadmap in virtualization and were keen on jumping in on a moment that others were not yet. They were convinced that the technology would bring them what was necessary to deliver a good product. They believed it would bring them competitive advantage – and it looks like they were right. So we started using Virtual Server 2005, mainly because Hyper-V wasn’t released officially by Microsoft yet. After about two months StartReady got the opportunity to join the Hyper-V Rapid Deployment Program (RDP). This program supports StartReady in different ways. First, it allows us to use Hyper-V in production with our customers because there’s support from Microsoft – other partners cannot give that guarantee. Secondly, a Microsoft consultant supports us in the development process. This really gave us a head start and made the decision to migrate to the Hyper-V much easier.

Did you encounter any specific issues with Hyper-V?

Of course – it is still in beta and making software is hard. But next to that, we use it differently than most partners do. This resulted in behavior that sometimes was hard to reproduce. One of the latest issues was already mentioned by Erik. But I can add a few more. In the beginning we ran into performance issues. After deploying an appliance the performance of the virtual machines would drop very rapidly and unexpectedly. We found that changing the TCP-IP offload setting in the registry fixed this. By default this setting is disabled but after enabling it, we got great network performance in the virtual machines.

Another issue we had is that making a sysprep image of a Windows Server 2008 server with Hyper-V installed is not supported. First, we worked around it by using a bcdedit command. With this command (bcdedit /set hypervisorlaunchtype auto ) you force hypervisor to launch automatically after the mini-setup of a sysprepped image. This method works, but is not a documented feature by Microsoft. Although this worked, we currently deploy the host OS of the appliance with an unattended installation which includes Hyper-V. We made this design change for more flexibility options: it reduces complexity at the time we produce more appliance versions. This change in architecture is the result of us working together with Microsoft. We now have what we call an ‘imaging factory’ for our appliances. It is a fully automatic unattended installation of the host image of an appliance. An important part of our competitive edge.

Erik and Arjan, thanks for your time and your clear answers.

In the next episode I will have an interview with Menno who is responsible for the Web interface and the web services build on Windows Workflow Foundation.

For more information check out their website on

Monday, June 23, 2008

New UC newsletter released – July 2008

Each month a UC newsletter is released. From now on the UC newsletters are shared through Windows Live Skydrive.

Download the latest UC newsletter here (PDF).

Highlights this month:

  • newest UC appliance released by StartReady
  • UC appliance part II
  • VoIP or not to be VOIP CTO of Interoute speaking!
  • Silverlight Beta 2 released
  • Bunch of new UC download (OCS, LM,MOC)
  • etc etc.

Already have an subscription on this newsletter? Assign someone else? SUBSCRIBE

Office Communicator 2007 Document: Microsoft Office Communicator 2007 Group Policies 1.2

Quick Details

File Name:


Date Published:


Download Size:
149 KB


This document provides an Office Excel spreadsheet that describes Office Communicator 2007 Group Policies. Administrators can use Office Communicator 2007 Group Policies to provide the appropriate registry settings for users when deploying Office Communicator 2007.


Sunday, June 22, 2008

WPF Custom Screen Saver Art

Section: funny ;-)

thumCreating custom wallpaper is easy. But what about custom screen savers? This post will detail how to build a custom saver using Windows Presentation Framework (WPF). The posted code also provides some insight on how to create interesting particle effects using WPF’s animation engine, and how to implement multiple monitor support in .Net.

More information see: here

Friday, June 20, 2008

A great post from Michael Dunn on Integrating Speech Server with Office Communications Serve

While Speech Server is apart of Office Communications Server, the two do not rely on each and actually do not integrate with each other out of the box. However that doesn't mean it can not be done.

There are two main scenarios which I am always asked about are:

1.) Communicator Calls to Speech Server
2.) Transferring Speech Server calls to Communicator

Calling Speech Server from Communicator

The first thing you need to do is setup a static route in OCS to Speech Server. Here you will need to assign a sub domain, something like This tells OCS to route all calls where the domain contains to Speech Server.

Next in the Speech Server administrator console you will need to add the OCS Front End Server as a Trusted SIP Peer on non default ports, such as 5068 for TCP and  5069 for TLS. This is required as OCS doesn't handle the 302 Redirect Messages that Speech Server uses, by assigning non default ports we "turn off" these SIP messages. You will also need to enable Mutual TLS. More

VoIP or not to VoIP, is that the question?


When we first conceived of Interoute One and its integration with Microsoft Office the vision was of the compelling combination of the world’s largest online business end point community (Outlook) and Europe’s largest SIP delivery platform (200 of the worlds biggest carriers connected). In simple terms, unlike many attempts previously, here was an opportunity to turn the world of corporate communications on its head. Corporate communications that eliminated all the middle men, CAPEX and bewilderingly complex (expensive) decisions about the direction they should take.

No sooner had we had the thought then the incumbent operators and equipment vendors went into overdrive on their messaging dismissing VOIP saying it’s really the same as standard Voice; productivity and OPEX gains yes, but at a fairly hefty price. Customers are told its a choice between either reliable black phones, phone numbers, auto attendant and voicemail or a version of Skype with cheap plastic headsets hanging out of PCs, nightmare!

The problem with corporate VOIP stems from its presentation, it’s always presented as a choice and a fairly risky one. This is flat wrong. The vendors say it’s a choice, because that's how they make money, selling kit. The more pragmatic will testify that its far less dramatic, in fact the first steps are positively banal in their investment but they hit the cost base instantly achieving goal one, cheap phone calls.

What am I talking about? The objective of many with VOIP is to lower the cost of calls and increase productivity in one hit. The problem is no single vendor has the solution to all of this in anything like a sensible form. To the traditional world of corporate communication, that has revolved around the PBX and minutes termination, this cross vendor quasi DIY approach is particularly unpalatable.

Interoute One introduces a simple and effective solution to this dilemma. Interoute presents an approach to VOIP migration which involves minimal disruption and additional cost overhead. This allows you to discover what works with your organisation without the risk. Unfortunately for technologists we have to work with people and you will be surprised how they react to new forms of communication.

The approach is simple in its execution. First get all your interoffice termination zero rated by connecting your communication end points (phones, pbx’s etc) to Interoute one. We don't insist on direct connectivity, we also don't insist on it being IP (as we do the conversion for you) so what ever makes geographic, cost and resource sense is fine. If it’s a PBX, your connectivity is no more than adding a trunk group to you PBX and everyday activity. If it’s your Microsoft office communicator server you can sign up online in the time it takes to drink your coffee. Or if it’s an Avaya, Nortel or Cisco IP telephony platform then a simple SIP trunk, none of this nonsense about buying an MPLS network to make it work. Any combination of the above is also just a series of connections some simpler than others.

What happens next is up to you. The absolutely brilliant thing about Microsoft communicator is you’re signing up a domain at a time, instead of a PBX trunk at a time. 100,000s of people getting free calls, presence, free roaming and secure calls to the largest federated community in the world the PSTN. Fast simple and cheap. Following this method you keep what you have always had, get cheap phone calls, simple routing, cost flexibility and get to try the whole mixed media communications offering for free. You will be surprised by the results, I was. We have 60% of all our calls via soft phone (OC), why? It’s the address book. People are brilliantly lazy they use the simplest and easiest solution, that’s why the mobile is so popular. The integration of communicator with active directory means, its up to date, centrally controlled and always the same no matter where you are.

The alternative to doing it this way? Plug your office communicator server into your PBX. Before you say so what's wrong with that, try it. If you think a PBX at a time is faster than an entire active directory sign up you are a genius as you've just harnessed quantum transport, so skip telecoms pick up your noble prize and live off the lecture earnings. Don't be shy Microsoft get off the fence and own up to the reality that corporate communications isn't all about keeping the PBX happy. Oh did I mention Mobile........?

Matthew Finnie, CTO, Interoute


Thursday, June 19, 2008

Microsoft Unified Communications Client API SDK

NEW: Download
Brief Description

Microsoft Unified Communications Client API SDK provides a powerful and flexible API for building client applications for Office Communications Server 2007.

Quick Details

File Name:


Knowledge Base (KB) Articles:

Date Published:


Download Size:
13.1 MB


This SDK was originally released on October 8, 2007. For a complete list of fixes and changes in this version, please see KB article 950559.
The Microsoft Unified Communications Client API SDK allows application developers to integrate Office Communications Server 2007 enhanced VoIP, Video, Instant Messaging, Conferencing, Telephony, Contact Management and Presence into their applications.

Wednesday, June 18, 2008 Appliances Part II Appliances

Last week I started blogging about an interesting new Microsoft partner I met on an Unified Communications seminar in the Netherlands. In a couple of episodes I’m going to share some of the interesting things these guys are doing.
Their main focus is building Information Worker (IW) based Appliances. Currently they produce both a Search and an OCS Appliance. I didn’t thought it was possible but I (they) will show that it is. In this episode I have an interview with Paul-Christiaan Diks who is responsible for the overall architecture and specialized in the unattended deployment and configuration of OCS.

Be aware that this is the second episode, so please read the first also to start on the right track.

How do you prepare the virtual machines before they can be started and what happens during this period in time?

Appliance Overview v0 2

We have chosen to use just one virtual machine template, a base installation of the OS. With this template we have the advantage that we are flexible in what kind of software we want to install on the OS. The disadvantage of this is that it takes a little bit more time to complete the installation of each virtual machine. We use Windows Workflow as our over-all process manager, so one of the actions is mounting the virtual disk on to the host OS. It then copies the relevant software like the specific customer configuration file (see last episode for more info on the customer configuration file) and the installation scripts. Also the sysprep.inf is modified with specific information like IP-addresses. After all this preparation, the virtual machine is started and the so called mini-setup (setup of a sysprep-ed machine) starts. Each virtual machine (we have 4 different virtual machines for the OCS appliance) is predefined and has the OCS or SCE CD and the Windows Server 2003 CD available to it.

What kind of technologies do you use for the installation and configuration of OCS?

After completing the previous step, we end up with virtual machines that have their own specific scripts on board. The technology we use for the scripts is Windows PowerShell and they automatically start running when the OS is started. We use one “main script” to kick of specific processes like installing OCS or configuring Active Directory. This “main script” also reports status information back to the customer user interface.

Is it possible to configure OCS with PowerShell?

Yes it is, that’s done by using WMI. WMI itself is great, although we had a learning curve to go through. For example, passing strings or numeric value´s as data types is something you have to be very precise in – during development we had some issues with this subject… Furthermore, we used the Powershell scripts from the OCS resource kit. These contain very useful examples and it saved us a lot of research time. The guys from the development teams did a great job in assembling this kit. For example, there is a script for configuring a “default route” in OCS. That is an example of something we were able to use without much editing. Great.

How did you work with software that could not be provisioned via WMI or Windows PowerShell?

In some rare cases we had to use a “click simulation”. But because we completely standardized our hardware and software platform, we can use these technologies without having to deal with the ordinary problems like ‘where is my button?’. It is interesting though to see that some Microsoft product adhere completely to our preferred method of interfacing and others, like SCE, seem to be build by a complete other company. With SCE, WMI is for most configuration aspects completely absent.

What kind of OCS edition do you install on the appliance?

By default we install the Standard edition of OCS on the appliance. This edition provides access to a maximum of 5000 users, without having to build a topology. We have not stress tested our appliance for these kinds of numbers but for now we are very confident to support up to a 1000 users. And for StartReady this is currently enough because we focus on the (upper) midmarket. And the beauty of virtualization is that we can scale out very easily and create a more enterprise focused appliance, when the opportunity comes along.

Can you describe some technical difficulties you experienced during development?

One of the first problems we encountered was the process of setting the virtual disk online. We need this to inject our specific files and information before the virtual machine is started. This is done by the .NET framework and a standard Microsoft tool, diskpart.exe. The strange thing was that it sometimes worked and sometimes didn’t. It seemed to be completely random, so it took a while to solve this problem. After a while we found that diskpart requires an Interactive Session, which we sometimes used for debugging and therefore caused the unstable behavior. We now always use this Interactive Session while starting the machine. So by default our administrative account is logged on to the appliance. We disable the attached keyboard and mouse, to extra secure the appliance. We need this workaround just to get diskpart.exe working, but we still do think there’s a better solution, so if anyone has a suggestion please let us know.

Another problem was the configuration of the internal and external IP addresses needed for the edge server. The edge needs to work with multiple virtual network cards. Addressing those cards correctly was the challenge. Because the server is patched before installation, mixing this up results in a non-working appliance. Of course, we wanted this process to be fully automatic and that wasn’t easy. I will spare you the details but we solved this challenge as follows: in the configuration of the virtual machine template we give the external and internal network adapters specific, preconfigured MAC-addresses. During the installation we can check whether this MAC-address is the correct one (internal/external) and take action if necessary. If you do not check this, you will randomly address your network adapters and that’s not a good thing.

I know from experience that every customers has a unique IT-environment. How is it possible that you can integrate you appliance in all these different environments?

Well, up front we have three simple prerequisites. The customer has to have an active directory installed, DHCP has to be configured and we need an internet connection. During the installation and configuration process we use several checks to adjust to the customers IT-environment. For example, we check if the customer has a Certificate Store installed. If not, we introduce one. Another check is done on the Active Directory. We look for the version that is used (Windows Server 2003 of 2008) and on what functional level they are on. If this level has the wrong value, we adjust it. So, we have to take all the customer variables into account and be prepared to fix this during the automatic deployment. Without exaggeration, we work with up to a dozen of those checks to tackle the most common infrastructure diversities.

Paul-Christiaan, thanks for your time and the elaborate answers you gave.

In the next episode I will have an interview with Erik Post and Arjan Hendriks who respectively are responsible for remote management and virtualization.

For more information check out their website on

Tuesday, June 17, 2008

Mission accomplished!

This morning I upgraded my MCSE 2003 to Windows Server Technology Specialist.

TS: Upgrading from Windows Server 2003 MCSE to Windows Server 2008, Technology Specialist (70-649), 1000 points!

So my current certifications are:

MCSE2003, MCTS OCS, Windows Vista, MOSS, WSS and  Windows Server 2008 Applications Infrastructure, Windows Server 2008 Network Infrastructure and Windows Server 2008 Active Directory.




The upcoming week I will study on MCITP Server and Enterprise Administrator. Later on I will upgrade to Microsoft Certified Master on Windows Server 2008.

NB: hopefully today I will publish the next interview with StartReady about UC appliances. Purely focusing on Hyper-V and System Center Essentials. Stay tuned!

Sunday, June 15, 2008

Microsoft Solution for Hosted Messaging and Collaboration 4.5

Brief Description

HMC 4.5
Hosted Messaging and Collaboration 4.5 offers Office Communicator Server and enhanced messaging services and


Quick Details


Date Published:


Download Size:
4.0 MB - 82.1 MB*


HMC 4.5 brings together powerful Microsoft enterprise products such as
Microsoft Exchange Server, Microsoft Windows SharePoint Services, and
now gives you Microsoft Office Communications Server 2007, which
manages all real-time communications such as instant messaging (IM)
and audio and video conferencing.

Other new features and enhancements:
• Exchange Server 2007 SP1: Web-based OABs and resource mailboxes
• Windows SharePoint Services: multi-tenant People Picker functionality
• Provisioning capabilities have been expanded: Microsoft Provisioning System (MPS) cross data store integration procedures and Individual Information Worker (IIW) tenant model

Thursday, June 12, 2008

(.adm) file for Live Meeting 2007 client and the Conferencing Add-in for Outlook

Article ID :948741

Last Review: June 4, 2008

Revision :1.0

Administrators can use policy settings in the .adm file to help set the client registry keys. In this scenario, administrators deploy the Windows-based Live Meeting 2007 client or the Conferencing Add-in for Outlook. Users will not have to test the connection, and they will not have to update their settings in the user interface (UI).

More information see: here


  • Live Meeting 2007 client update package: June 4, 2008 >> download it here (version 8.0.6362.70)


  • Update for the Live Meeting Conferencing Add-in for Outlook: June 4, 2008 >> download it here (version 8.0.6362.70)

Original source: LCSKid

Wednesday, June 11, 2008

Forefront Security Resource Center Online!


To help you optimize the time you have to conduct an evaluation of Forefront Security for Office Communications Server, we’ve put together this convenient page of beta resources. More information see

Web Forums

Find a Web forum that addresses your questions on Forefront Security for Office Communications Server. Here

Forefront Server Security Blog

Check out the latest blog entry. Here

Key Resources

Use these key resources to learn more about Forefront Security for Office Communications Server.


Tune in to gain the tools and information you need to most effectively leverage your new software.

Featured Webcast

Great Place to Work - Roland Hameeteman

Language: Dutch

Interview with Roland Hameeteman about the new way of work and his vision about a Human Software Organization. Link for more information

Forefront Security for Office Communications Server 2007 Beta released!

Microsoft Forefront Security for Office Communications Server
Quick Details

File Name:


Date Published:


Download Size:2
33.1 MB

Download and register first. Enjoy!

Tuesday, June 10, 2008 Appliances

Last week I met an interesting new Microsoft partner at an Unified Communications seminar in the Netherlands. In a couple of episodes I would like to share some interesting things these guys are doing. They build Information Worker (IW) based Appliances. This is something totally new to me. And check this out, one of the appliances is all about Office Communications Server 2007. I didn´t thought it was doable but I (they) will show that it is. In this episode I will interview the CTO of, Jeroen van Vliet.

Can you first tell me a little bit about your company and what you are doing? is founded by two ex-Microsoft employees in the Netherlands. We are an innovative supplier of IT-appliances based on Microsoft technology. We believe in user-friendly and managed IT solutions, fitting the world and the times we live in. What we think makes a StartReady appliance unique is the investment we made in a flawless installation of these complex infrastructural Microsoft products. Next to the divers customer environments we have to work with, we are still able to install for instance OCS in less than 2 hours. And that including the integration with AD and Exchange, and the deployment of OCS Standard, Edge and Mediation. Just plug it in and you’re ready to roll. All these factors deliver an IT solution that is cheaper in purchase and maintenance than ordinary IT implementations.

In order to reach this, we created a list of “must have” characteristics for a appliance:

1. Easy deployment. With minimal configuration, we have the goal to install our appliances in less than 2 hours.

2. Remote Management. The appliance can be managed without requiring direct access to the appliance.

3. Integrated interface for a single function. There is a single “fixed function” interface that integrates the software and hardware deployment and management.

4. Appliance recovery and restore. An appliance can be easily restored to factory image or last known good.

5. Reduced cost of management. The OS should be hardened to the single-purpose of the appliance, and require infrequent patching.

These are challenging goals, how does you´re technical architecture supports these goals?

Appliance Technical Architecture (2)

One of the first things we did was creating an architecture to serve both a more complex and a somewhat simpler IW appliance. The complex architecture is based on Microsoft Office Communications Server 2007 and the simpler is based on Search Server Express 2008. By doing so we could very well distinguish the more generic and more specific architecture design decisions, see figure.

The host OS is based on Windows Server 2008 with the Hyper-V. One consideration we had was to install only Server Core. But for deployment purposes Windows Workflow Foundation and the .NET framework were needed. So a minimal install of the OS with only the Hyper-V and the Web Server role enabled is required. The Application layer is positioned above the OS and is for collecting the configuration information.

The Scripting layer is a generic layer used to deploy and configure the specific virtual machine images. We install and configure Microsoft’s System Center Essentials to make the appliance manageable. In our datacenter we host Remote Operations Manager (ROM) to connect to SCE remotely. We are the master hoster. On top of the generic architecture is the specific architecture of each appliance, Search and Unified Communications.

That´s interesting stuff, how does the overall process look like when a customer hooks up a appliance?

Installation Web Interface Sample (2)

As mentioned above the Application layer is responsible for collecting the information required to install and configure the appliance. One of the first steps in this process is the validation of the license key the customer receives when purchasing the appliance. We sell several appliance versions and by the license key we can differentiate them. The appliance validates the key through a web service hosted at

After validating, the appliance knows exactly which customer it is hence which appliance he/she bought. Knowing all this the Application layer can collect the specific information needed for this appliance. When finished collecting the information the customer finally receives an overview of all the data and can push the finish button. And then you can sit back and watch how your IW appliance gets deployed and integrated into your network!

What happens exactly after the customer hits the finish button from a technical point of view?

Deployment Architecture (2)

That’s going to be a long answer. Lets highlight a few things and talk in more detail in later episodes.

When the customer hits the finish button two things happen. First the complete customer configuration is stored at The configuration is stored via what we call the Remote Configuration Services. In this way we are able to quickly recover the appliance if needed. Secondly the workflow is kicked off. The workflow is responsible for the complete deployment, progress reports and error logging. The workflow engine gives us lots of advantages.

For example the customer can close the web interface and open it again at a later time and still see the current progress. Once the preparation of the first virtual machine is finished it is started. The scripts inside the virtual machine take care of the unattended installation and configuration. After finishing the first virtual machine the second is kicked off and so on until the last virtual machine has finished. We end with the SCE virtual machine which is automatically connected to our datacenter via a secure gateway.

At the end of the installation the web interface shows the last page and depending on the appliance we present some specific information to the customer. For example at the end of the Search Appliance installation we present the customer links to the management interface for Search Server and the search page itself. For OCS we prepare the automatic deployment of Communicator and the Live Meeting Client. And then the appliance is StartReady!

In the next episode I will have an interview with Paul-Christiaan Diks who is responsible for the overall architecture and we will talk about the unattended installation of Office Communications Server 2007.

For more information check out their website on StartReady English

Sunday, June 8, 2008

Microsoft Unified Communications Client API SDK update

New download available.

Brief Description

Microsoft Unified Communications Client API SDK provides a powerful and flexible API for building client applications for Office Communications Server 2007.

Quick Details

File Name:


Knowledge Base (KB) Articles:

Date Published:


Download Size:
13.1 MB


This SDK was originally released on October 8, 2007. For a complete list of fixes and changes in this version,

The Microsoft Unified Communications Client API SDK allows application developers to integrate Office Communications Server 2007 enhanced VoIP, Video, Instant Messaging, Conferencing, Telephony, Contact Management and Presence into their applications.

Update replacement information
This update replaces the earlier release version of the Unified Communications Client API SDK that was dated October 8, 2007.
For more information about updates that are related to Communications Server 2007, click the following article numbers to view the articles in the Microsoft Knowledge Base:

949260 ( Description of the Communications Server 2007 update package: March 2008

948738 ( Description of the update for the Conferencing Add-in for Outlook: April 11, 2008

946764 ( Description of the Windows-based Live Meeting 2007 client update package: April 11, 2008

946164 ( Description of the update for Communicator 2007: April 2, 2008

Note These updates do not require an API change.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 ( Description of the standard terminology that is used to describe Microsoft software updates

Friday, June 6, 2008

CWA Client with Silverlight 2 beta 2

I have been able to download Microsoft® Silverlight™ 2 Software Development Kit Beta 2 Documentation. And took a look at something what was really important for me in building a communicator web access with Silverlight 2.

The first thing I looked at was the support for Headers in the HttpWebResponse Class. And too bad it still isn't in there :-(. more

Wednesday, June 4, 2008

CWA Client with Silverlight 2 beta 1 Update

Silverlight 2 Beta 2 is nearly here (out at the end of this week).

As soon as I get my hands on the Silverlight 2 Beta 2. I will try and update my application. And will post my findings to see if things have changed for the better. More

Subscriptions using UCMA part 5: Enhanced Presence

This one is the real interesting, one how can subscribe to enhanced presence. See also Subscriptions in UCMA part 3: Presence

The sample code here shows how to subscribe to one user. Actually this is a batch subscribe and is easy extensible for multiple users.

This one is much more complex then subscribing to presence using PIDF. The real thing here is enhanced presence. You can subscribe to multiple categories.

more see the new Unified Communications Development weblog.

Subscriptions in UCMA part 4: Presence (PIDF)

New UC development articles!

In this part I'll show you how to implement subscriptions using PIDF. See also Subscriptions in UCMA part 3: Presence.

First we need as with all subscriptions the ISipSubscriptionProcessor.

    more see the new Unified Communications Development weblog.

    Subscriptions in UCMA part 3: Presence

    New UC development articles!

    This is the most interesting kind of subscription. There are actually 3 kinds of presence subscriptions with different kind of document formats:

    • PIDF(Content-Type: application:pidf+xml)
    • MSRTC(Content-Type: text/xml+mrstc.pidf)
    • Enhanced presence(Content-Type: application/msrtc-event-categories+xml)

    more see the new Unified Communications Development weblog.

    Office Communications Server 2007 R2

    A lot of people like to talk about Office Communications Server 2007 R2. Currently I haven’t any information about the features which are included right in the box of OCS2007R2. Looking at the weblog of Rasmus we see some new features that will come in the upcoming version (R2). The information he provide is second hand information and not confirmed by Microsoft. Underneath a short overview:

    • one number calling source: Rasmus “It has been introduced in the original Unified Communications wave in the fall of 2007, but in the R2 build, it should be here. What to expect is not to say, but as I understand it will be a more simplified process of calling UC enabled users. I expect there to be more logic in OCS to how one person can be contacted”
    • LiveMeeting dial-in source: Rasmus: “is another requested feature, which should allow users to have a choice of using the LiveMeeting client audio or dialing direct to the meeting to get Audio access.
      We will see more presence information in more applications”

    • application sharing in CWA source: Rasmus: “The Communicator Web Access will be upgraded to allow application sharing the within the web application (however this is done…..)”

    • attendant console source: Rasmus: “We are also looking at an “attendant console” which will be some kind of switchboard for forwarding calls and so on. This is a feature often used by a front desk or service desk, and will give them the joy of presence information and VoIP”
    • telephony queue system source: Rasmus: “Also a telephony queue system should be included, and will give people dialing in to the system, access to a touchtone menu to have their calls forwarded to the right department/person and so on”

    The upcoming OCS2009 version is really cool but in my opinion still under NDA. But for me in particular, as weblog owner we will publish additional articles on OCS2009 as we have privileges to do that. From now on wait for the upcoming OCS2007R2! Stay tuned and please make sure you communicate unified and simplified.