Skip to main content
Sign In |
  Help (new window)
MMCUG Logo

MMCUG Blogs

Go Search
Home
MMCUG Blogs
Events
Event Registration
Directions
Sponsors
Links
LinkedIn
Search
  

> MMCUG Blogs > Categories

2/1/2009

MSFT_SIPAddressBookSetting Error in OCS

 

Have you ever been faced with this error?

Unable to retrieve the WMI setting of MSFT_SIPLogSetting from pool backend '<SQLserver\named_instance>', (Error code: 0x800407D0).

This error can result from what I've seen as two different activities that you may be performing –

  • Deactivating the address book service from a pool
  • Adding a new second pool to an instance of an existing SQL server

If you do receive this error, check the backend SQL server to see if the following three services are running or not.

  • SQL Server Agent
  • SQL Server Browser
  • WMI Performance Adapter

If these three services are set to a start state of Manual, change them to Automatic and then start them manually. Then, try your original operation again such as deactivating the address book service or adding a new pool with a new instance.

This error can easily occur during the process of adding a new Director Enterprise array. Before you add the new director pool servers, you must determine the SQL backend server and database you will associate with the new pool. You must create the new instance first, and then you create the new pool and add the new director front end servers to the new pool. It's during this process you may encounter this error. You may also get the error when you attempt to deactivate the address book service from the director servers. Director servers do not have a specific installation method that is unique to the role – you simply install new front end servers (in my example, I'm assuming the addition of a new enterprise array of directors). Once the director servers are installed, you then deactivate the front end roles you don't' want the director servers running, such as the address book service.

In this example, the error could appear when an attempt is made to deactivate the address book service using WBEMTest. When the binding query command is issued of:

Select * from MSFT_SipAddressBookSetting where BackEnd="SQL database instance"

And then when you click Apply, the error could occur here in this step.

 

A little information on these three services is below:

SQL Server Agent - SQL Server Agent is a Microsoft Windows service that executes scheduled administrative tasks, which are called jobs. SQL Server Agent uses SQL Server to store job information. Jobs contain one or more job steps. Each step contains its own task, for example, backing up a database. SQL Server Agent can run a job on a schedule, in response to a specific event, or on demand. For the default instance of SQL Server, the SQL Server service is named SQLSERVERAGENT. For named instances, the SQL Server Agent service is named SQLAgent$instancename. By default, this service is set to Disabled.

SQL Server Browser – SQL Server Browser runs as a Windows service on the server. SQL Server Browser listens for incoming requests for SQL Server resources and provides information about SQL Server instances that are installed on the computer. SQL Server Browser contributes to three actions:

  • Browsing a list of available servers
  • Connecting to the correct server instance
  • Connecting to Dedicated Administrator Connection (DAC) endpoints

By default, this service is set to Disabled.

WMI Performance Adapter - Provides performance library information from Windows Management Instrumentation (WMI).

Notes: This WMI Performance Adapter service runs only when Performance Data Helper is activated.

Mark Myers
Senior Consultant
Project Leadership Associates

 

Posted at 8:38 PM by Mark Myers | Category: Office Communications Server | Permalink | Email this Post | Comments (0)

1/1/2009

Blackberry Enterprise Server Communication with Communicator Web Access and Office Communications Server 2007

This blog article will discuss the steps you may find yourself having to perform to get a BES server to connect correctly to an OCS CWA server. As you may know, Blackberry telephony devices have been able to support a mobile Office Communicator for a while now – so IM and presence can be used on a Blackberry phone. (Get the bits here: http://na.blackberry.com/eng/services/server/exchange/ocs2007.jsp)

Windows Mobile devices have been using Communicator Mobile for quite some time. WinMobile clients use the Access Edge OCS server to communicate to the OCS pool, but Blackberry phones cannot use the Edge server infrastructure – they must connect via the RIM servers to the company BES server, which in turn looks to the CWA server to make the connection to the pool (or standard OCS server.) This article discusses the tasks and knowledge you may have to go through to successfully accomplish this.

Article Assumptions:

This article assumes several things –

  • The OCS front end server is called OCS01
  • The OCS CWA server is called OCSCWA. The CWA virtual server has been installed with both forms based authentication and Windows authentication during the install – this is shown below:

Figure 1 - Virtual Server Authentication

  • The BES server is called BES01
  • The CWA server has already had its virtual servers created on it via the OCS CWA wizard. The CWA server is working fine, and to prove it you should be successful at hitting this CWA web site by using both HTTP and HTTPS from a web browser. All certificates are properly placed on the CWA servers' web site for 443.
  • All certificates are placed properly for the front end server – or pool servers.
  • The BBIM Collaboration service has been successfully installed on the BES server. Configuration within the BBIM service will point to the CWA server and will use port 443. It is also assumed the name the BBIM service uses matches the name on the SSL certificate bound to the virtual server being used by the BES server.

As an example, the screen below shows a lab BES server with the Collaboration service configured to point to the CWA URL of: OCSCWA.Child.Contoso.Com over port 443 and using protocol HTTPS.

Figure 2 - BBIM Collaboration Service Configuration

Because documentation is a little weak in the area of BES and CWA configuration, you may not be aware of a text file you will want to modify on the BES server. The file – krb5.conf – is a text file located here:

C:\BlackBerry Enterprise Server\BBIM\Servers\BES01\config

You will want to modify the file in the following way – the # remark lines indicate to change the COMPANY.COM line to read the domain name to match the domain name the CWA server belongs to. In my example below, it's CHILD.CONTOSO.COM. Make sure you enter the text in all capital letters, as shown. Also, you will be required to provide in the text file the name of an Active Directory domain controller for the BES server to use. In my example, my server is called ADDC01. The default port used is 88.

It is important to note that RIM doesn't support – to my knowledge – a way to provide more than one KDC server or domain controller. So, in my example, if the DC called ADDC01 fails, the krb5.conf file has no other server to reference and the BES to CWA process will likely fail. RIM doesn't support adding two, three or more KDC servers to the text file.

Make sure you leave the { and } characters as they are on the lines they are on. Notice the ending } character is on a line by itself.

One other note, it has been shown that if the kdc = line containing your DCs name can contain either the host name or the FQDN. If you have problems with getting the BES server to connect successfully to the CWA server, you may want to replace the host name of the DC with the FQDN of the DC. In my example, my file contains the host name only of ADDC01, but if I wanted to I could enter the FQDN of ADDC01.CHILD.CONTOSO.COM. Note these are entered in all capital letters.

Figure 3 - krb5.conf File

Save and close the editor and restart the BBIM service which will use the realm and kdc server you specified in the krb5.conf file.

Verbose Logging Support

If you want to increase the logging during troubleshooting time, you will find a text file called rimpublic.property also in the same directory path as the krb5.conf file. To enable verbose logging, add the last two lines as shown below in my screen.

Figure 4 - rimpublic.property File

The last two lines to add are the following:

Logging.file.log.level=5

BBIM.logging.verbose=true

Save and close the editor and restart the BBIM service which will enable verbose logging.

The BBIM log files are stored in the following path by default: C:\Blackberry Enterprise Server\Logs\

The log files are contained in folders representing each day as shown in the example below.

Figure 5 - BES Log Files

Inside the folder of the day of interest, you will find several log files. The one specific to the BBIM collaboration service is named with the BES servers name, the BES service and the date of the log with an incremental to indicate the log of that day. For example, these are BBIM log files for 12/17/08:

BES01_BBIM_01_20081217_0001.txt

BES01_BBIM_01_20081217_0002.txt

BES01_BBIM_01_20081217_0003.txt

The BES01 is my BES servers name, the BBIM is the service, the 01_20081217 is the date of the logs, and the last four characters represent the specific log of 12/17.

Logon Syntax

The syntax used on the Blackberry phone devices can vary, but I've found different success using different syntax and I don't know why. The following examples will assist. Of course, the SIP URI for the user must be entered correctly. If you don't know this, check the OCS front end server OCS MMC for the user's SIP. You can also determine the SIP URI for the user by running Active Directory Users and Computers from the console of the OCS front end server as well.

SIP URI: mark_myers@contoso.com

AD User name: _myersm@child.contoso.com

or

SIP URI: mark_myers@contoso.com

AD User name: child.contoso.com\_myersm

or

SIP URI: mark_myers@contoso.com

AD User name: global\_myersm

I hope this article presents information to assist in getting your CWA server and your BES server to communicate properly.

Mark Myers
Senior Consultant
Project Leadership Associates

 

Posted at 3:45 PM by Mark Myers | Category: Office Communications Server | Permalink | Email this Post | Comments (0)

12/17/2008

Audio Problems when Running Microsoft Office Communicator 2007 on Windows Server 2008

This blog is aimed at the techies who plan to run Microsoft Office Communicator (MOC) 2007 on Windows Server 2008. Don't confuse this with running the backend Office Communications Server (OCS) 2007 infrastructure on Window Server 2008. Many of us in the Information Technology field have setup our laptops with Server 2008 to get familiar with it. This issue has been encountered by everyone I know that has been OCS Enterprise Voice Enabled, and tries to make a Communicator to Communicator call or PSTN (Public Switched Telephone Network) call that has installed MOC 2007 on their test machines. The call starts out normally, but the following error is displayed when the call is answered on a PSTN call:

 

This error message is misleading; it points you in the direction of the audio setup in the MOC 2007 client. Moreover, when the far end answers, they can hear you, but you can't hear them. The audio is one way. The problem lies within the fact that almost no features are enabled in a Windows Server 2008 installation. Take the following actions to remedy the situation:

 

 

  1. Open Server Manager, the Select Add Features.

 

 

  1. Next Select – Quality Windows Audio Video Experience.

 

 

  1. The Normal installation Wizard information will appear, you will be asked to restart the server.

 

 

  1. Open Server Manager to verify installation.
  2. Now make another call using the MOC 2007 client and all should be well.

Robert Ziolkowski
Voice Consultant
Project Leadership Associates

Posted at 11:57 PM by Robert Ziolkowski | Category: Office Communications Server | Permalink | Email this Post | Comments (0)
Capturing Tanjay Phone Normalization Rules Via Ocslogger utility

Just how the OCS Tanjay devices (LG- Nortel 8540, PolyCom CX700) reference their Normalization Rules as part of their Location Profile became a topic of frustration for me while troubleshooting a normalization issue on a Tanjay device. The answer was not clear even to the Microsoft Support personnel who helped resolve the issue. The answer is that the normalization rules are downloaded on the Tanjay devices via SIP 2.0 during the login process. The best way to verify what normalization is taking place is to use the OCSlogger utility. Below is the best way to examine the Location Profile Normalization Rules that are downloaded as part of the login process on a Tanjay device.

  1. Open the Management console. Capture the normalization rules via the OCS Logger utility. Note – to capture SIP information ,the OCSlogger utility must be run from the Front End Server. Sip information will NOT be a tracing option if run from other servers. Select the Front End Server – Right Click – and Click New Debug Session.
  2. Select S4 and SIPstack, make sure all flags are checked under SiPStack. Then click the Start Logging button.
  3. Next Logon to the Tanjay Device and take note of its IP address.
  1. Once you have logged into the Tanjay device – Click Stop Logging in the OCS logger utility.

  1. Click View Log Files

  1. Under View Log File – Click View

     

 

  1. A text file with the trace will appear.

  1. Click Analyze Log Files and then click Analyze

  1. Once the Snooper output appears – type in the SIP URI that was used to login to the Tanjay plus NORM. Then verify the IP address of the Tanjay device, scroll down the output and you will see the normalization rules the device is currently using. This should match what you have defined in you Location Profiles.

     

Robert Ziolkowski
Voice Consultant
Project Leadership Associates

Posted at 11:37 PM by Robert Ziolkowski | Category: Office Communications Server | Permalink | Email this Post | Comments (0)
Microsoft Office Communication Server 2007 Voice Quality Issues - ECHO

Troubleshooting intermittent echo issues can be a very daunting task with Microsoft Office Communication Server (OCS) 2007. An Enterprise Voice deployment has several pieces, sometimes involving multiple vendors. Troubleshooting any voice issues can seem overwhelming at first, until you have done it several times. Based on my experience with several customers, below is my best advice to those experiencing and trying to troubleshoot these issues or any issue regarding voice quality. We experienced this issue specifically with a customer using several different devices and a Dialogic 4000 Gateway.

Start with trying to narrow down the problem –

  • Do the echo problems happen only on Voice calls to the PSTN (Public Switched Telephone Network)?
  • Do the echo problems happen on Communicator to Communicator calls?
  • Do the echo problems happen on both Communicator to Communicator calls and calls to the PSTN?
  • Do the echo problems happen on all devices or only some (e.g. LG-Nortel 8501, 8502, 8540 devices or Bluetooth headsets) and not others?

Make Test Calls after Enterprise Voice has been enabled, checking for Echo and Delay -

  • Make Calls to a company that you know has a digital circuit for Voice (T1 or ISDN PRI)
  • Make calls to a known POTS line (Plain Old Telephone Service) – VERY IMPORTANT – Most Echo issue will be prevalent with this type of connection

Verify firmware is at the latest version –

  • If using Tanjay (LG-Nortel IP 8540 and Polycom CX700 IP Phone) devices make sure latest firmware is installed via the OCS 2007 Update Server.
  • If using Catalina (LG-Nortel 8501 and CX200) USB devices, make sure the serial number is later than 2007 Nov – there were voice issue with previous lots.

Verify your SIP Gateways firmware –

  • Make sure you are running the latest firmware and SIP stacks on your gateways.

Run OCS BPA (Best Practice Analyzer) –

  • Make sure all OCS servers have the latest Hotfixes and updates applied.

Keeps logs of calls that users complain has echo on them –

  • Create and distribute a voice issues form in word to track the issues
  • Track Time/Date of call
  • Track type of call – PSTN , Communicator to Communicator Call
  • Track flow of call – Incoming/outgoing
  • Track the number Dialed or Caller ID of the Calls
  • Track origin of problem – who hears echo, outside/inside party.
  • Do the voice issues happen Internally (Campus only) and Externally (via Edge Server)
  • Type of Connection – LAN, DSL , Cable etc…
  • Do problems only happen on Local/Long Distance Calls

Install QOE Server (Quality of Experience Server) –

  • A great tool for testing LAN/WAN voice Quality and obtaining MOSS scores
  • Check Moss Scores referencing scores for logs on problematic calls
  • Also able to Verify firmware versions for All Voice devices to help with Trouble shooting possible firmware issues

If using a Dialogic 4000 Hybrid gateway – obtain MLOG utility from Dialogic support – do the following if the problem can be reproduced:

  1. Save and extract the attached zip file, preferably to something like "c:\temp"
  2. Rename the extracted file "mlog.ex_" to "mlog.exe"
  3. Open a command prompt and change directory to c:\temp
    Start the trace with the following command:
    mlog -w40000 -l2200 -*ffffffff -$ffffffff
    (Please leave the command prompt window open until all tests are complete)
    Note: There is a small 'L' in '-l2200' and not '1' !!! 
  4. Reproduce the problem
  5. Stop the mlog trace with the 'q' command in the command prompt window.
  6. Save the mlog output by running "mlog -rlog" in the command window, which will generate a "log.txt" file in the same folder as mlog.
  7. Send the mlog file to Dialogic support for Analysis.

 

Try Adjusting the Echo Cancellation setting on the SIP gateway. The following is an example of the setting on a Dialogic 4000 Series gateway:

Lastly these files may need to be replaced on a Dialogic 4000 series gateway. Dialogic support will send the updated files:

  1. Backup the files in \windows\system32\drivers\disdn (rename them)
  2. Copy these new files
  3. Reboot the gateway

 

Rob Ziolkowski
Voice Consultant
Project Leadership Associates 

Posted at 11:22 PM by Robert Ziolkowski | Category: Office Communications Server | Permalink | Email this Post | Comments (0)

11/29/2008

Proactive Certificate Expiration Procedure for OCS

Since we've been enjoying Office Communications Server 2007 for nearly a year now, we need to be proactive on how to detect and correct servers with certificates that are about to expire. If clients have sophisticated monitoring systems such as System Center Operations Manager or similar tools, spotting certificates that are about to expire will be easy. But, if these expensive tools aren't available, I have a free solution that has been around for years. More about the tool later.

Certificate Events

First, certificates for OCS come in two flavors – publicly minted and internally minted. The internal kind likely came from the clients' internal Enterprise CA running on Windows Server 2003 or Server 2008. They have more control over these because the certs are private and the client has easier control over them. For example, the client can mint certs for 2, 3 or however many years they want without cost. The publicly-minted certs will cost more the longer the certs are to remain viable. Often, our clients think to buy public certs with just a one-year time period. If this is the case, we've got some certificate renewing to do.

Finding certs that have already expired isn't that hard to do – just wait for the phone to ring from users not able to connect to the OCS pool servers or CWA servers. This, obviously, is too late. There is evidence Windows Servers leave when a certificate is about to expire, and when a cert has expired.

Application log events triggered for certificate states are presented below.

Table 1 - Event IDs for Certificate State

Event ID

Cause

14393

Certificate has expired

14399

Certificate has expired

14341

Certificate has expired

14398

Certificate expiration soon

14342

Certificate expiration soon

 

The events will be Warnings for the events identifying the certificate about to expire and Errors for events that the certificates have expired.

The certs that are about to expire will need to be renewed. This is a good time to review the public certs vendors' policy, as each one can be slightly different. For example, most VeriSign SSL certificates can be renewed by using the VeriSign Certificate Center. Managed PKI customers can also renew certs easily by using a telephone hot line. With VeriSign, you can renew certs up to 90 days prior to the expiration of the certificate.

For internal MTLS certs on OCS servers like the CWA servers, you can use the IIS Administration tool to go through the process of requesting a renewal of an existing certificate, as shown below. This process will use your internal Enterprise CA server. Find the web site containing the certificate you want to renew, and choose the Directory Security tap from the Properties menu. Then, select the Server Certificate… button and choose the top option to Renew the current certificate. Complete the wizard.

Figure 1 - IIS Web Site Certificate Wizard

For private MTLS certs on OCS servers you can use the IIS Administration tool to renew the expiring certificate; but for public TLS certs that you used the Certificate Wizard within the OCS MMC to originally request the CSR, you will have to generate a new certificate to replace the expiring one, or use the vendors method of renewing the cert. There isn't an option to renew an existing certificate from within the OCS MMC; again, for public certs, use the renewal method instituted by the vendor.

Discovery of Certificate State

Microsoft has created a free tool, included with the Server 2000 and Server 2003 resource kits, called EventComb. This GUI tool allows you to run the application pointing to your OCS servers.

Run the tool from any server or workstation. In the empty Select to Search/Right Click to Add box, right click your mouse and you will be presented with a menu, shown in figure 2 below.

Figure 2 - Adding Individual Servers to Check

Here, I've selected four OCS servers – I did this by choosing the menu Add Single Server – and then preceded to type in each of the OCS servers I wanted the tool to run against. Note the other options EventComb has, such as Get DCs in Domain, etc.

Next, you'll want to open the Options menu and select Capture Event ID Statistics. This will perform a quick analysis on how many events were found of each type and total them for you. Without this option, you won't know easily how many of each event was found.

Figure 3 - Capture Event ID Statistics Option

Next, you'll want to add the event IDs you are interested in. The Event IDs box allows you to input up to 10 different event IDs – separated by a single space. In the figure below, I'm interested in finding all the events from the four selected servers for events shown in the Event IDs box. Make sure you select the check box next to Application at least. In this example, I've selected the System and Application check boxes.

Lastly, check the Event Type check boxes of Error and Warning.

Click the Search button to start the tool. It will search for the events on all the selected servers and will create a text log file in the C:\temp directory by default, showing the results.

Figure 4 - Completed EventComb Options

If you perform this check against Edge OCS servers, be aware they won't be domain members. You can still leave the Domain box text alone and still run the test as long as the DNS zone responsible for the domain can resolve the server names to IP addresses. In my example above, the domain is Contoso.com.

By using EventComb to do proactive event log checks against your OCS servers, you shouldn't be caught by surprise on expiring certificates.

Mark Myers
Senior Consultant
Project Leadership Associates

Posted at 2:47 PM by Mark Myers | Category: Office Communications Server | Permalink | Email this Post | Comments (0)

Copyright © MMCUG - Midwest Messaging and Collaboration User Group 2008 Terms and conditions