• Article

Configure Groove Server 2010 Relay

 

Applies to: Groove Server 2010

Topic Last Modified: 2010-01-27

This article describes how to configure Groove Server 2010 Relay.

In this article:

  • Before you begin

  • Configure Groove Server 2010 Relay

Before you begin

Before you start this procedure, address the following prerequisites:

  • Install Groove Server Relay as described in Install Groove Server 2010 Relay.

  • To facilitate access to the Groove Server Relay administrative Web pages, create a local or Windows domain-joined admin group on the Relay server and add trusted users to the group before configuring the Secure Socket Layer (SSL) settings described in the following procedure.

Configure Groove Server 2010 Relay

The Groove Server 2010 Relay post-installation wizard presents a series of configuration steps required for Groove Server Relay operation. Configuration tasks consist of the following:

  • Identifying the Groove Server Relay computer and generating the certificate key files that help secure SharePoint Workspace client and Relay communications.

  • Generating the Simple Object Access Protocol (SOAP) certificate key files that help secure Groove Server Manager and Relay communications.

  • Configuring SSL certificates that help secure the Relay administrative Web pages.

  • Configuring client authentication settings.

You can review and change these settings from the Groove Relay Control Panel item. For more information about these settings and the Groove Relay Control Panel item, see Operations for Groove Server 2010 Relay.

To configure Groove Server Relay from the post-installation wizard

  1. Address the requirements in Before you begin.

  2. From the Server page, identify the Groove Server Relay computer and generate the Relay server private and public certificate key files that are required for SharePoint Workspace client interaction with this Relay server as follows:

    1. Accept the default Relay Server Name entry or another fully qualified DNS name for the Relay server.

    2. Accept the default Private Key File Name and Certificate File Name entries, or change them if necessary. As good practice, preface the certificate names with the Relay server common name.

      The private key certificate file contains the Relay server SSTP private key that is used to identify the Relay server to SharePoint Workspace clients that are assigned to it. The public certificate file contains the corresponding SSTP public key that helps secure SharePoint Workspace messages and content that SharePoint Workspace clients send to Groove Server Relay.

      Warning

      Do not generate any new Groove Server Relay private key and private key certificate files after initial key and file creation. Doing so will permanently prevent existing SharePoint Workspace clients from accessing the Relay server.

    3. Click the Generate Files button, and then enter a private key passphrase when the Define Passphrase prompt appears.

    4. Click Next.

  3. From the SOAP page, generate the SOAP key files that are required for communications between Groove Server Manager and Groove Server Relay as follows:

    1. Accept the default SOAP Interface Name entry or enter another DNS name. This name must be resolvable by Groove Server Manager which will use the name to send user provisioning messages to Groove Server Relay.

    2. Accept the default Private Key File Name and Certificate File Name entries, or change them if necessary, and then click the Generate Files button to create the files. As good practice, precede the certificate names with the Relay server common name.

      The private key certificate file contains the Relay server’s SOAP private key that is used to help secure the Groove Server Relay system and identify it to the associated Groove Server Manager. The public certificate file contains the corresponding SOAP public key that is used by the associated Groove Server Manager to contact Groove Server Relay.

      Warning

      Do not generate any new Groove Server Relay SOAP key and ID files after initial key and file creation. Doing so will permanently prevent existing SharePoint Workspace clients from accessing the Relay server.

    3. Click the Export Id button to export the Relay ID file for installation on the Groove Server Manager IIS server.

    4. Ensure that Enable SOAP Access for Remote Management is selected to allow the associated Groove Server Manager to send provisioning messages to this Relay server.

    5. Click Next.

  4. From the Admin Interface page, configure Secure Socket Layer (SSL) protection to help secure to the Groove Server Relay administrative Web pages as follows:

    1. Accept the default Relay Server Administrative Interface URL entry, or change it if necessary.

    2. In the SSL Security field, accept the default Relay server host name for the SSL certificate, or change it if necessary, using the Relay server fully qualified DNS name.

    3. Click the Generate Certificate button.

      Note

      Whenever you change the administrative interface settings from the Relay Server control panel item, you will need to regenerate certificates from the Admin Interface page, as instructed in the individual procedures for changing Server, SOAP, Security, and Tuning settings in Operations for Groove Server 2010 Relay.

    4. In the Administrative User/Group field, click the Select User/Group button and specify a trusted domain-based user or group who will have access to the administrative Web site. This is recommended over the default which grants access to the local Administrator group.

  5. Click Next.

  6. From the Security page, ensure that the option Require Pre-authentication for Registration (via Groove Manager) is selected to pre-authenticate SharePoint Workspace users via Groove Server Manager, and then click Next.

  7. From the Tuning page, review the settings but do not change them at this time, and then click Next.

    Warning

    See the information in Operations for Groove Server 2010 Relay and become familiar with Relay operation in a production environment before considering an adjustment to Relay tuning options. Avoid changing the setting for Enable Delayed Log Writes, especially without adequate understanding of its implications on your system.

  8. From the Help page, determine how you want to display Help articles about Groove Server Relay, and then click Finish.

For more information about these settings, configurable from the Groove Relay Control Panel item, see Operations for Groove Server 2010 Relay.

When you have configured Groove Server Relay settings, start the Groove Relay service and test your installation as described in Start and test Groove Server Relay. You will also need to register each Relay installation with Groove Server Manager, as described in Registering Relay servers with Groove Server Manager.