Use a Friendly FQDN when You Configure Communications Server 2007 R2 and Outlook Web App Integration
Outlook Web App now supports the use of SIP client integration with Office Communications Server. This provides a great feature set for users, but there are some things you must do when integrating with Communications Server to make it all work.
Author: Okan Gurer
Publication date: May 2010
Product version: Microsoft Office Communications Server 2007 R2, Office Communicator 2007 R2
Microsoft Exchange Server 2010 offers a new enhancement to its Client Access server role called Outlook Web App. The new Outlook Web App feature is very similar to Microsoft Office Outlook Web Access. Besides the name change, Outlook Web App offers a new feature that enhances the remote user’s capabilities for inter-client communications. Outlook Web App now supports the use of SIP client integration with Office Communications Server. Outlook Web App clients can share instant messaging (IM) with enhanced presence with other Outlook Web App clients and with Communications Server clients, such as Communicator and Communicator Web Access. This feature is a great convenience for remote users. However, there are issues that occur when using the suggested deployment steps that will keep the Outlook Web App client from becoming a SIP-enabled client. This article explains the cause of these issues and how to work around them to achieve a fully SIP-enabled Outlook Web App client.
The following links provide step-by-step instructions for configuring Communications Server 2007 R2 and Outlook Web App integration. These steps enable the Outlook Web App client to be a SIP client with enhanced presence features.
Exchange Server 2010: Understanding Client Access
Communications Server 2007 R2: Administering Web Service Provider
After you have configured Communications Server 2007 R2 and Outlook Web App integration, you will want to simplify the FQDN for the Outlook Web App client. Exchange 2010 Client Access server has several deployment paths that allow the use of multiple Exchange 2010 Client Access server Outlook Web App servers to be accessed through one DNS namespace, for example, mail.contoso.com. Simplifying the FQDN for Outlook Web App client access enhances the Outlook Web App user experience. The following sections offer an external example and an internal example of the different uses of the single DNS namespace with Outlook Web App.
For more information, see Understanding Client Access Server Namespaces.
On the Exchange 2010 Client Access server, each Outlook Web App configuration has an InternalURL and ExternalURL option. Each of these URL options allow the configuration of a proxy that supports Internet access using a single DNS namespace as an ExternalURL, for example https://www.contoso.com/OWA to map to a InternalURL, for example, https://computername/OWA. This allows all external requests for Outlook Web App using a single DNS namespace to be mapped to many Exchange 2010 Client Access server that are enabled for Outlook Web App.
For more information, see Understanding Proxying and Redirection.
Outlook Web App can also be deployed only for internal access and on a single server. In this scenario, to ensure easy user access to Outlook Web App for your users, you may want to use a secure https connection that supports a user friendly URL, for example, https://owa.contoso.com/OWA. The Internet Information Services (IIS) default Web site on the Exchange 2010 Client Access server will allow you to configure a redirection for a URL, such as http://computername/OWA to https://owa.contoso.com/OWA.
For more information, see Simplify the Outlook Web App URL.
This section explains another integration issue and offers some troubleshooting tips. The Web Trust Tool is designed to locate the FQDN of each Exchange 2010 Client Access server that is Outlook Web App enabled. It is not designed to locate the FQDN that matches the user friendly single DNS namespace. So, the Web Trust Tool will always write the FQDN of the Exchange 2010 Client Access server to the trusted services list that is in the real-time communications (RTC) service container in Active Directory. This causes the trust relationship between the Communications Server pool and the Exchange 2010 Client Access server that is running Outlook Web App to remain non-existent. When an Outlook Web App client signs in by using the URL https://owa.contoso.com and requires the fulfillment of a SIP request, the Communications Server pool will check its Active Directory hosted trusted services list for the msRTCSIP-TrustedServiceType attribute that has the value
OWA and that has the msRTCSIP-TrustedServerFQDN entry that has a value of
owa.contoso.com, but the pool will not be able to locate the correct msRTCSIP-TrustedServerFQDN entry. This is because the Web Trust Tool can add only the Exchange 2010 Client Access server’s FQDN to the Communications Server global trusted service list.
To verify this, use the Active Directory Service Interfaces (ADSI) Edit tool (adsiedit.msc) to locate the following:
CN=Trusted Services,CN=RTC Service,CN=Services,CN=Configuration,DC=<domain>,DC=<com>Object Class : msRTCSIP-TrustedService
Browse the list of trusted services for the msRTCSIP-TrustedServiceType attribute that has the value of
OWA. The msRTCSIP-TrustedServerFQDN will match the Exchange 2010 Client Access server FQDN as shown in Figure 1.
Figure 1. The msRTCSIP-TrustedService class object
This section explains two methods for configuring a SIP-Enabled Outlook Web App.Method One: Update the Active Directory forest
Use adsiedit.msc to access the trusted services list that is in the real-time communications (RTC) service container in Active Directory. Locate the msRTCSIP-TrustedService entry. Open the properties of the msRTCSIP-TrustedService entry in the adsiedit.msc tool and find the value of the msRTCSIP-TrustedServerFQDN attribute.
Replace the default entry, for example, exchcasserver.contoso.com, with the FQDN that matches the DNS namespace for the Exchange 2010 Client Access server Outlook Web App URL, for example, owa.contoso.com.
On the Exchange Client Access server, open a command prompt, and then type c:\>iisreset.
Test the Outlook Web App clients by closing them completely and then signing in.
Note: Windows Server 2008 hosts adsiedit.msc as a default from its Administrative Tools menu. Windows Server 2003 SP2 requires that you download and install the Windows Server 2003 SP2 Support Tools for the installation of adsiedit.msc.
On the Communications Server 2007 R2 server, use the administrative tools to locate the pool properties.
Click the Host Authorization tab.
Use the FQDN that represents the non-standard Outlook Web App URL or the Exchange 2010 Client Access server Outlook Web App DNS namespace to create a new host authorization entry as shown in Figure 2.
Figure 2. Front end properties
Re-start the Communications Server 2007 R2 front-end services.
Open a command prompt on the Exchange 2010 Client Access server, and then type c:\>iisreset.
Test the Outlook Web App clients by closing them completely and then signing in.
Figure 3 shows the Outlook Web App client on an Exchange 2010 server that has not been integrated with Office Communications Server 2007 R2 IM functionality.
Figure 3. Outlook Web App not integrated with Communications Server
Figures 4 and 5 show the Outlook Web App client on an Exchange 2010 server that has been integrated with Office Communications Server 2007 R2 IM functionality.
Figure 4. Outlook Web App integrated with Communications Server
Figure 5. Schedule and IM features when Outlook Web App is integrated with Communications Server
Enabling SIP for the Outlook Web App client gives this client a rich set of features. Having the ability to chat on IM while using your browser to read your e-mail is a great convenience that userswill enjoy. Most Exchange 2010 Outlook Web App environment s should be configured with a single DNS namespace for convenient user access. The current design of the Microsoft Web Trust Tool does not allow for the use of the needed single DNS namespace. By using the steps described in this article, the Outlook Web App client, when integrated with Communications Server, can use IM with enhanced presence using a single Outlook Web App DNS namespace.
Visit the Communications Server main page at http://go.microsoft.com/fwlink/?LinkId=132607.
View the complete Communications Server documentation library at http://go.microsoft.com/fwlink/?LinkId=132106.
Download the Communications Server content as Word documents at http://go.microsoft.com/fwlink/?LinkId=133609.
Download the Communications Server documentation as a compiled help file at http://go.microsoft.com/fwlink/?LinkId=160355. (Scroll down to the Additional Information section and download OCSDocumentation.chm.)
Read weekly articles for Communications Server IT professionals on NextHop at http://go.microsoft.com/fwlink/?LinkId=181907.
Read NextHop articles in the Technical Library at http://go.microsoft.com/fwlink/?LinkId=185344.
Subscribe to NextHop feeds on the OPML List for NextHop page at http://go.microsoft.com/fwlink/?LinkId=185345.
Read weekly articles for Communications Server developers on UCode at http://go.microsoft.com/fwlink/?LinkId=177892.
Follow tweets from the Communications Server team at http://go.microsoft.com/fwlink/?LinkId=167909.