• Article

Step 1 Configure MIIS

Microsoft Office Communications Server 2007 and Microsoft Office Communications Server 2007 R2 will reach end of support on January 9, 2018. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

After you have deployed Office Communications Server 2007, modify the configuration of the Microsoft Identity Integration Server (MIIS) that is responsible for synchronizing user objects as contacts across all forests.

Configure Identity Integration Server in the following manner:

  • If Microsoft Exchange Server 2003 is not deployed in a cross-forest topology, deploy and configure the Office Communications Server Sync tool (Lcssync). Lcssync is included with the Microsoft Office Communications Server 2007 Resource Kit. The remainder of this section focuses on using Communications Server Sync.

  • If Microsoft Exchange Server 2003 is deployed in a cross-forest topology, use the GAL (global address list) sync tool with the Office Communications Server Sync logic. Exchange Server uses GAL sync to synchronize contact information in the GAL between forests. In this situation, an update to the GAL sync tool is required because MIIS does not support the coexistence of two different synchronization agents.

  • If Microsoft Exchange Server 2007 is deployed in a cross-forest topology, until a solution from MIIS is available, you must manually synchronize the required attributes or use a custom application. For more information about the attributes that must be synchronized in this scenario, see Appendix A: Attribute Synchronization in Cross Forests later in this document.

The Office Communications Server Sync tool configures the management agent of each forest except the central one in order to synchronize its user and group information with MIIS. MIIS generates a metaverse object that represents each user or group and it then synchronizes each user or group object as a contact in the central forest. Since all Communications Server users and groups are synchronized as contacts (including the users or groups object SID) in every other forest, users can still communicate with each other across forest boundaries after MIIS is reconfigured and users can still take advantage of distribution group expansion across forests. Figure 2 illustrates how MIIS was reconfigured in the Contoso environment.

Figure 2 Configuring the MIIS Server

35d18cac-0f7a-4122-b14f-6b3ca72eee8b

As Figure 2 illustrates, the MIIS server is configured to do the following:

  • Import the user objects and group objects from two user forests as MIIS metaverse objects.

  • Export the metaverse objects to the central forest as contact objects.

To install and configure the Office Communications Server Sync tool, Lcssync, perform the following steps (each step is explained in detail in the subsequent sections):

  1. Ensure that .NET 2.0 Framework is installed on the server running MIIS.

  2. Install the Office Communications Server Sync (Lcssync) tool from the Microsoft Office Communications Server 2007 Resource Kit.

  3. Extend the metaverse schema in MIIS.

  4. Configure extensions in MIIS.

  5. Configure object deletion rules in MIIS.

  6. Create the management agent for the central forest.

  7. Create the management agent for all user forests.

  8. Import, synchronize, and then provision Office Communications Server objects.

Install the .NET 2.0 Framework on the MIIS Server

The Office Communications Server Sync tool, Lcssync, requires .NET Framework 2.0.

You can install the .NET Framework Version 2.0 from the Microsoft Web site at https://www.microsoft.com/downloads/details.aspx?FamilyID=9655156b-356b-4a2c-857c-e62f50ae9a55&displaylang=en.

Deploying Office Communications Server Sync Tool

Before you configure the Office Communications Server Sync tool, you must install the required files on your Microsoft Identity Integration Server (MIIS) server. The files required for the Office Communications Server Sync tool are included in the Lcssync directory of the Microsoft Office Communications Server 2007 Resource Kit.

To deploy the Office Communications Server Sync Tool

  1. On the MIIS computer, in the Microsoft Office Communications Server 2007 Resource Kit, go to the Lscssync directory.

  2. Copy all the files in this directory to the following directory on the MIIS Server: %drive%:\Program Files\Microsoft Identity Integration Server\Extensions.

  3. In Active Directory Domain Services, create an organization unit, or verify that a target organizational unit for your contact objects exists on Office Communications Server in the central forest.

  4. Go to the \Microsoft Identity Integration Server\Extensions folder, and then open Lcscfg.xml.

  5. Use the following format to modify the <target-ou> tag to include the target organization unit of the central forest:

    <rules-extension-properties>
<lcssync-mas>
<lcsma name="Lcs Central Forest">
<target-ou>OU=contacts,DC=yourdomain,DC=com</target-ou>
</lcsma>
</lcssync-mas>
</rules-extension-properties><target-ou>path to contact organizational unit</target OU>

    For example:

    <target-ou>OU=contactsDC=contosoDC=com</target OU>

  6. If necessary, you can modify Logging.xml to change the file name and logging level. The example below shows the default values in the xml:

    <logging>
 <use-single-log>false</use-single-log>
      <file-name>lcssync.log</file-name>
      <logging-level>1</logging-level>
</logging>

Extending the Metaverse Schema in MIIS

After you have installed the Office Communications Server Sync tool on the Microsoft Identity Integration Server (MIIS) server, extend the metaverse schema so the Office Communications Server attributes can be synchronized.

To extend the metaverse schema

  1. On the MIIS computer, start Identity Manager: Click Start, point to All Programs, point to Microsoft Identity Integration Server, and then click Identity Manager.

  2. Click Metaverse Designer.

  3. On the Actions menu, click Import Metaverse Schema.

  4. Select %drive letter%:\Program Files\Microsoft Identity Integration Server\Extensions\Lcsmvschema.xml.

  5. When the schema import operation is completed, click OK.

Configuring Extensions for the Office Communications Server Sync Tool

After you have extended the metaverse schema, configure the extensions for the Office Communications Server Sync tool. The way that you configure the extensions determines how synchronization is handled for Office Communications Server objects that are synchronized by Microsoft Identity Integration Server (MIIS).

To configure extensions for the Office Communications Server Sync Tool

  1. On the MIIS computer, start Identity Manager: Click Start, point to All Programs, point to Microsoft Identity Integration Server, and then click Identity Manager.

  2. On the Tools menu, click Options.

  3. Select the Enable metaverse rules extension check box.

  4. Click Browse.

  5. Under Files, select Lcssync.dll.

    Figure 3 Configure Extensions

    aa58525c-65cb-40fe-8223-b334aeb9cae7

  6. Select the Enable Provisioning Rules Extension check box, and then click OK.

Configuring the Object Deletion Rule in MIIS

After you have configured extensions for the Office Communications Server Sync tool, configure the rule that determines what Microsoft Identity Integration Server (MIIS) will do when a user object is deleted in a forest and how it will synchronize the deletion with the central forest. If a user object is deleted in a user forest, the corresponding contact object that is used by Office Communications Server in the central forest must also be deleted. Configuring the object deletion rule ensures that MIIS and Office Communications Server handle this situation correctly.

To configure the Object Deletion Rule

  1. On the MIIS computer, start Identity Manager: Click Start, point to All Programs, point to Microsoft Identity Integration Server, and then click Identity Manager.

  2. Click Metaverse Designer. The Identity Manager window appears as shown in Figure 4.

    Figure 4 Configure Object Deletion Rule in Metaverse Designer

    da123c80-3ed4-47f4-a329-41253cf2ab0d

  3. Under Object types, right-click person.

  4. In the adjacent Actions pane, click Configure Object Deletion Rule.

  5. In the Configure Object Deletion Rule dialog box, which is shown in Figure 5, click Rules Extension, and then click OK.

Figure 5 Configure Object Deletion Rule

5ae3f625-b6af-4617-a69b-1c2f9e0926f4

Creating the Management Agent for the Central Forest

After you have configured the Office Communications Server Sync tool, create a management agent for the Office Communications Server Sync tool in the central forest.

To create a management agent for the Office Communications Server Sync tool in the central forest

  1. On the Microsoft Identity Integration Server (MIIS) computer, start Identity Manager: Click Start, point to All Programs, point to Microsoft Identity Integration Server, and then click Identity Manager.

  2. Click Management Agents.

  3. On the Actions menu, click Import Management Agent.

  4. Select %drive letter%:\Program Files\Microsoft Identity Integration Server\Extensions\Lcscentralforestma.xml, and then click Open. The Create Management Agent dialog box appears.

    Figure 6 Create Management Agent

    f83ae688-03d2-4aad-9408-e8a9e89eb298

  5. In the Name box, type a name for the management agent. This name must be identical to the name that is specified in the <lcsma name => tag in Lcscfg.xml.

  6. Click Next.

  7. Enter the user name and password of a member of the DomainAdmins group on Office Communications Server in the central forest.

  8. Click Next.

    Figure 7 Partition Matching

    56affae5-b123-4b33-aa3e-f693981dd6d2

  9. In Partition Matching, under Updates Partitions, select the partition that needs to be updated, and in Existing Partitions, select the partition that contains the distinguished name of your central forest.

  10. Click Match.

  11. In Existing Partitions, select each unmatched partition and then click Deselect.

  12. Click OK.

  13. In Select directory partitions, clear the check boxes for all domains except for the domain that has the target organizational unit that you specified in Lcscfg.xml when you deployed the Office Communications Server Sync tool.

  14. Click Containers.

  15. In Select Containers, select the OU container where contacts will be stored, and then click OK.

  16. Click Next.

  17. On the Select Objects page, accept the default values, and then click Next.

  18. On the Select Attributes page, accept the default values, and then click Next.

  19. On the Configure Connector Filter page, accept the default values, and then click Next.

  20. On the Configure Join and Projection Rules page, accept the default values, and then click Next.

  21. On the Configure Attribute Flow page, accept the default values, and then click Next.

  22. On the Configure Deprovisioning page, accept the default values, and then click Next.

  23. On the Configure Extensions page, verify that Lcssync.dll is selected, and then click Finish.

Creating a Management Agent for the User Forests

After you have created the management agent in the central forest, create a management agent for all user forests.

To create a management agent for the Office Communications Server Sync tool in all user forests

  1. On the Microsoft Identity Integration Server (MIIS) computer, start Identity Manager: Click Start, point to All Programs, point to Microsoft Identity Integration Server, and then click Identity Manager.

  2. Click Management Agents.

  3. On the Actions menu, click Import Management Agent.

  4. Select %drive letter%:\Program Files\Microsoft Identity Integration Server\Extensions\Lcsuserforestma.xml, and then click Open.

  5. In the Name box, type a unique name for the management agent.

  6. Click Next.

  7. Enter the user name and password of a member of the DomainAdmins group on Office Communications Server in the user forest.

  8. Click Next.

  9. In Partitions Matching, under Update Partitions, select the partition that needs to be updated, and then in Existing Partitions select the partition that contains the distinguished name of your user forest.

  10. Click Match.

  11. In Existing Partitions, select each unmatched partition, and then click Deselect.

  12. Click OK.

  13. Click Next.

  14. In Select directory partitions, clear the check boxes for all domains except the first domain where the organization unit where the Users and Groups objects in this forest exist. MIIS synchronizes these user objects and group objects as contacts in the central forest.

  15. Click Containers.

  16. In Select Containers, select the OU container that contains users and groups that need to be synchronized to the central forest, and then click OK.

  17. Repeat steps 14 through 16 for each domain that contains users and groups that will use Office Communications Server servers in the central forest.

  18. Click Next.

  19. On the Select Objects page, accept the default values, and then click Next.

  20. On the Select Attributes page, accept the default values, and then click Next.

  21. On the Configure Connector Filter page, accept the default values, and then click Next.

  22. On the Configure Join and Projection Rules page, accept the default values, and then click Next.

  23. On the Configure Attribute Flow page, accept the default values, and then click Next.

  24. On the Configure Deprovisioning page, accept the default values, and then click Next.

  25. On the Configure Extensions page, verify that Lcssync.dll is selected, and then click Finish.

Importing, Synchronizing, and Provisioning Office Communications Server Objects

After you have created management agents for all forests in your environment, synchronize user and contact information. During this initial synchronization, import Active Directory data for each forest into the connector space, synchronize this data in the metaverse, and then export this data from the metaverse to the central forest.

Import Active Directory Objects for each Forest into the Connector Space

For each forest, import data stored in its Active Directory into the forests Connector Space. Perform this step on the central forest and all user forests in your environment.

To import Active Directory data into the Connector Space from the central forest

  1. On the Microsoft Identity Integration Server (MIIS) computer, start Identity Manager: Click Start, point to All Programs, point to Microsoft Identity Integration Server, and then click Identity Manager.

  2. Click Management Agents.

  3. Right-click the management agent for the central forest, and then click Run.

  4. Click Full Import, and then click OK.

To import Active Directory data into the Connector Space from each user forest

  1. On the MIIS computer, start Identity Manager: Click Start, point to All Programs, point to Microsoft Identity Integration Server, and then click Identity Manager.

  2. Click Management Agents.

  3. Right-click the management agent for your first user forest, and then click Run.

  4. Click Full Import, and then click OK.

  5. Repeat steps 1 through 4 for each user forest in your environment.

Synchronize the Metaverse

After you have imported Active Directory data from the central forest and each user forest in your environment, synchronize the metaverse with the data in each forest.

Note

You must synchronize the metaverse with data from the central forest before you synchronize with the user forests.

To synchronize the metaverse for central forest information

  1. On the Microsoft Identity Integration Server (MIIS) computer, start Identity Manager: Click Start, point to All Programs, point to Microsoft Identity Integration Server, and then click Identity Manager.

  2. Click Management Agents.

  3. Right-click the management agent for the-central forest, and then click Run.

  4. Click Full Sync, and then click OK.

To synchronize the metaverse for your user forests

  1. On the MIIS computer, start Identity Manager: Click Start, point to All Programs, point to Microsoft Identity Integration Server, and then click Identity Manager.

  2. Click Management Agents.

  3. Right-click the management agent for your first user forest, and then click Run.

  4. Click Full Sync, and then click OK.

  5. Repeat steps 1 through 4 for each user forest in your environment.

Provision the Central Forest

After synchronizing the information imported from all user forests, you export all the information from the metaverse to the central forest. This process is known as provisioning.

To provision the central forest

  1. On the Microsoft Identity Integration Server (MIIS) computer, start Identity Manager: Click Start, point to All Programs, point to Microsoft Identity Integration Server, and then click Identity Manager.

  2. Click Management Agents.

  3. Right-click the management agent for the central forest, and then click Run.

  4. Click Export, and then click OK.

After you provision the central forest, you should verify that contact objects have been created for each user object in the user forests. You must then enable these contacts for Office Communications Server 2007.