Environmental Requirements (2007 R2 Beta)
[This is preliminary documentation and is subject to change. Blank topics are included as placeholders.]
Microsoft Office Communications Server topologies require some additional components in the organization’s infrastructure. This topic describes the supported configurations for these components and also identifies certain components that are not supported.
Active Directory Domain Services
Office Communications Server supports a single forest or multi-tree forest as described in Supported Active Directory Topologies. This section identifies the operating system and other requirements for Active Directory® Domain Services (AD DS).
Supported Domain Names
Office Communications Server should not be installed in a domain in which the last part of the FQDN begins with a numeral. For example, xxx.yyy.4zz and aaa.bbb.1ab are both invalid names, whereas 4xx.yyy.zzz and aaa.bbb.ab1 are both valid domain names.
The FQDN of any Office Communications Server, pool, array, or edge server can contain only ANSI alphanumeric characters, hyphens, and underscores. Unicode characters are not supported.
Tip
Note that underscores are permitted in FQDNs in Office Communications Server 2007 R2.
Office Communications Server and Office Communicator support only SIP URIs that conform to standard SIP grammar and that contain no escaped characters.
Supported Domain Controller Operating System
- Windows Server 2003 with Service Pack 1
- Windows Server 2003 R2
- Windows Server 2008
Tip
Global catalogs are recommended in each Office Communications Server domain to optimize performance of Communications Servers and to ensure inter-domain IM, presence and conferencing scenarios operate properly.
Forest and Domain Functional Level
All domains in which you deploy Office Communications Server must be raised to a domain functional level of at least Windows Server 2003. You cannot deploy Office Communications Server 2007 R2 in a Windows 2000 mixed or Windows 2000 native domain.
Note
To change your domain functional level, see Raising domain and forest functional levels at the Microsoft Web site: https://go.microsoft.com/fwlink/?LinkId=125762
For details about preparing Active Directory Domain Services for Office Communications Server, see Preparing Active Directory Domain Services for Office Communications Server 2007 R2.
DNS
Domain Name Service (DNS) is required by Office Communications Server and Communicator Web Access. DNS is used by Office Communications Server to do the following:
- Discover internal servers or pools for server-to-server communications
- Allow clients to discover the Enterprise pool or Standard Edition Server used for various SIP transactions
- Allow external servers and clients to connect to edge servers or the HTTP reverse proxy for instant messaging or conferencing
For details about DNS records used by Office Communications Server, see the following:
- For Enterprise Edition pools, see 3.2 Configure DNS for Your Pool
- For Edge Servers, see Step 3. Identify the Technical Requirements for Deploying External User Access
- For Communicator Web Access, see Step 3. Identify the Technical Requirements for Deploying Communicator Web Access
Certificate Infrastructure
Office Communications Server and Communicator Web Access require a public key infrastructure (PKI). Certificates that are issued from the following types of certification authorities (CAs) are supported, depending upon the requirement:
- Certificates issued from an internal CA
- Windows Server 2008 CA
- Windows Server 2003 SP1 Enterprise CA (recommended)
- Windows Server 2003 SP1 Standalone CA (supported, but not recommended)
- Certificates issued from a public CA
Mutual Transport Layer Security (MTLS) certificates must be issued by trusted CAs for both Communicator Web Access and Office Communications Server, but the issuing CA can be different for Communicator Web Access and Office Communications Server .
Note
Office Communications Server supports certificates with a length of up to 1024 bits.
Certificates for servers running Office Communications Server must be configured with an enhanced key usage (EKU) extension for server authentication.
A Web server certificate is required for the MSN® network of Internet services and for Yahoo!®. For AOL®, the certificate must also be configured for client authentication. For federation and public IM connectivity, a certificate that is issued by a public CA is required. Public IM connectivity requires an additional license.
For a list of public certificate authorities who have partnered with Microsoft to ensure that their certificates comply with specific requirements for Office Communications Server, see https://go.microsoft.com/fwlink/?LinkId=125763.
For specific certificate support and requirements, see the following documents:
- Planning for Communicator Web Access
- Planning for External User Access
- Planning for Monitoring Server
- Planning for Communicator Mobile
- Planning for Group Chat
- Planning for Communicator Mobile for Java
Reverse Proxies
A reverse proxy is required for edge server topologies in the perimeter network. For details, see Perimeter Network Topologies [R2].
Microsoft .NET Framework
Microsoft .NET Framework 3.5 is required for Office Communications Server 2007 R2. Setup prompts you to install this prerequisite, and automatically installs it if it is not already installed on the computer. If you choose not to install it, Office Communications Server will not run correctly.
The 64-bit .NET Framework must be used when a supported 64-bit operating system is installed.
Microsoft Visual C++ 2008 Redistributable
The Microsoft Visual C++ 2008 redistributable is required to run Office Communications Server 2007 R2. Setup prompts you to install this prerequisite, and automatically installs it if it is not already installed on the computer. If you choose not to install it, Setup terminates.
WMA Support for Conferencing Attendant and Conferencing Announcement Service
Conferencing Attendant and Conferencing Announcement Service use the WMA file format to play prompts, music, and announcements. The WMA file format requires additional components in order to run on Windows Server 2003 64-bit edition or on Windows Server 2008. One of the following components must be manually installed:
- For Windows Server 2003 64-bit edition, you must manually install the Windows Media Format 9.5 Software Development Kit (SDK) 64-bit edition. Download and install the SDK from https://go.microsoft.com/fwlink/?LinkId=125764.
- For Windows Server 2008, you must manually install Desktop Experience.
To manually install Desktop Experience:- Click Start and select Server Manager.
- Under Features Summary in the right pane, click Add Features.
- In the Add Features Wizard, select Desktop Experience, and then click Install.
Exchange UM
Exchange Unified Messaging (UM) is used by Enterprise Voice, Microsoft’s software-powered Voice-over-Internet protocol (VoIP) solution. Exchange UM combines voice messaging and e-mail messaging into a single messaging infrastructure. Office Communications Server Enterprise Voice leverages the UM infrastructure to provide call answering, subscriber access, call notification, and auto attendant services.
Supported Versions
Exchange 2007 Service Pack 1
Firewalls
Office Communications Server supports an internal firewall, an external firewall, or both an internal and an external firewall for Edge Servers. A configuration with both an internal and an external firewall is strongly recommended.
The internal firewall, the external firewall, or both can consist of multiple firewall computers behind a hardware load balancer.
The following firewalls have been tested and are supported:
- Microsoft Internet Security and Acceleration (ISA) Server 2004
- ISA Server 2006
The firewall requirements for correct functioning of Edge Servers are as follows:
- For single, non-scaled Edge Server deployments (single Edge Server in a location), the IP address of the external interface of the A/V Edge service may or may not be publicly routable (although it is recommended that it be publicly routable). In this scenario, the external firewall may function as a NAT (network address translation) for this IP address. .
- For scaled Edge Server deployments (multiple Edge Servers in a location), the IP address of the external interface of the A/V Edge service must be publicly routable. In this scenario, the external firewall must not function as a NAT for this IP address.
- The A/V Edge Server internal interface IP address must not have NAT applied to it. If an internal firewall is used, it cannot use NAT for the A/V Edge Server internal interface IP address.
- For collocated edge server roles, each server role must have a separate IP address, which can be on a separate physical network adapter or can be a single multihomed network adapter.
For details about default ports and required firewall settings, see Step 3. Identify the Technical Requirements for Deploying External User Access.
Load Balancing
Hardware load balancing is supported for the server roles specified in this section. Software-based network load balancing, including Windows Network Load Balancing, is not supported for any servers running Office Communications Server.
Load balancers must be configured for the ports that are used by any applications that run on the servers behind the load balancers.
Office Communications Server
The following Office Communications Server roles support hardware load balancing:
Enterprise Edition servers in a pool, consolidated configuration
Enterprise Edition servers in a pool, expanded configuration (Web Components Servers (running IIS) and Front-End Servers only)
Note
A single load balancer can be used for both, or the Web server and the Front-End Server can each have a separate hardware load balancer.
Conferencing servers, expanded configuration
Edge servers, depending on configuration. For details, see Perimeter Network Topologies [R2].
Directors
Communicator Web Access
Hardware load balancing is supported and required for the following configurations:
- Two or more Communicator Web Access servers that support the same types of users (internal only, external only, or both internal and external)
- Two or more reverse proxies
Networking Protocol Support
Only IPv4 addresses and networking protocols are supported in Office Communications Server. IPv6 protocols are not supported. Assigning both IPv6 addresses and IPv4 addresses is supported, but Office Communications Server will ignore the IPv6 addressing and protocols.
Encryption
Office Communications Server does not support the encryption of the %temp% folder.
Virtual Server
Virtualization of any type is not supported for Office Communications Server 2007 R2 beta release. Hyper-V is not supported. Limited support is planned for sometime after the beta release, although the timeframe has not been determined.