Develop Enterprise Communication with Live Communications Server 2005

1
Develop Enterprise Communication with Live
Communications Server 2005
2
Prerequisite Knowledge

• Active Directory
• DNS
• PKI
• SQL

Level 300
3
Agenda

• Overview of Live Communications Server 2005
• Differences in versions and editions
• Server Roles
• Preparing Active Directory
• Deploying and Managing Server
• Active Directory Topology
• Telephony Topology
• Remote Access Topology
• Federation Topology
• Remote Call Control Topology
• Archiving Topology

4
Live Communications Server 2005 Real-Time
Collaboration Capabilities
Integration
Connect People

• SharePoint Portal
• Microsoft Office Programs
• Telephony
• Windows Active Directory
• Exchange Server

• Connect with other businesses
• Public IM networks
• Remote Users
• Find Subject Experts

Reduce Cost

• Enable real-time decision making
• Reduce email storage
• Reduction in VPN/RAS
• Reduction in phone use

Keep Data Safe

• Encryption and authentication
• Meet regulatory commitments
• Logging and Reporting

5
Overview

• Enterprise Instant Messaging
• Uses SIP (Session Initiation Protocol)
• Uses TLS (Transport Layer Security)
• Both SMB and Enterprise Solutions
• LCS 2005 Standard Edition
• LCS 2005 Enterprise Edition
• Integrated with the Office System
• Office 2003
• SharePoint
• Live Meeting
• Integrated with Active Directory

6
Live Communications Server 2005
7
Differences in Version
8
LCS 2003

• IM and presence Standard Edition
• Standards protocols (SIP and SIMPLE)
• Controlled SIP namespace
• Encryption
• Centralized management
• Integration with Active Directory
• Integration with Microsoft Office 2003
• Archiving logging of messages
• Customizable client using XML

9
LCS 2005

• Enterprise Edition
• High availability
• Remote user access
• Direct Federation
• Clearing house
• Active Directory topology support
• Resource forest
• Central forest
• Multi-tree forest

10
LCS 2005 SP1

• Enhanced Federation
• PIC public IM connectivity
• Remote call control
• Address Book Service

11
Differences in Editions
12
Standard vs Enterprise Edition

• Multiple computer configuration
• SQL server
• No single point of failure
• Max 125,000 active users per pool
• High availability
• SQL clustering

• Single computer configuration
• MSDE
• Single point of failure
• Max 15,000 active users

13
Server Roles

• Standard Edition Server
• Director
• Enterprise Pool
• Hardware Load Balancer
• Front-End Servers
• SQL Back-End Server
• Access Proxy
• Branch Proxy
• Archiving Service

14
Standard Edition Server

• Single computer installation
• Supports up to 15k active users
• Users data stored in MSDE
• Acts as a Director when no users are homed on it
• Director proxies external SIP connections to the
  users server or pool

15
Enterprise pool

• Multiple computer installation
• Supports up to 125k active users
• Requires hardware load balancer
• Users data stored in SQL
• Provides fault tolerance through redundant
  front-end servers
• Supports clustering of SQL back-end server

16
Access Proxy
Internet

• Deployed in the network perimeter
• Hardened against security attacks
• Terminates TLS and MTLS connections
• Controls Federation and Remote Access settings

Firewall
Load balancer
Load balancer
Firewall
Corporate Network
17
A Example of LCS2005 Topology
18
Preparing Active Directory

• Extending the Schema
• Running Forest Prep
• Running Domain Prep
• Running Domain Add Prep

19
Schema Extensions

• Schema extension
• 7 new classes
• 22 new attributes
• Causes Windows 2000 Global Catalogs (GC) to
  rebuild

20
Schema Extensions

• Objects
• User
• Contact

• Attributes
• msRTCSIP-PrimaryUserAddress
• msRTCSIP-UserEnabled
• msRTCSIP-TargetHomeServer
• msRTCSIP-OriginatorSID
• msRTCSIP-PrimaryHomeServer
• msRTCSIP-FederationEnabled (LCS2005)
• msRTCSIP-InternetAccessEnabled (LCS2005)
• msRTCSIP-ArchivingEnabled (LCS2005)
• msRTCSIP-OptionFlags (SP1)
• msRTCSIP-Line (SP1)
• msRTCSIP-LineServer (SP1)
• msRTCSIP-UserExtension

21
Schema Extensions

• Objects
• Computer

• Attributes
• msRTCSIP-EnterpriseServerSettings
• msRTCSIP-EnterpriseServices
• msRTCSIP-PoolAddress (LCS2005)
• msRTCSIP-ServerData

22
Schema Extensions

• Objects
• Pool

• Attributes
• msRTCSIP-PoolDisplayName (LCS2005)
• msRTCSIP-BackEndServer (LCS2005)
• msRTCSIP-PoolType (LCS2005)
• msRTCSIP-PoolVersion (SP1)
• dnsHostName (LCS2005)
• msRTCSIP-PoolData
• msRTCSIP-PoolService (LCS2005)
• msRTCSIP-FrontEndServers (LCS2005)

23
Forest Prep

• Run once per forest
• Run on the root domain
• Creates global settings

24
Domain Prep

• Run on every domain hosting LCS
• Creates new domain groups
• RTCDomainServerAdmins
• RTCDomainUserAdmins
• RTCHSDomainServices
• Sets permissions for
• these accounts at the
• root domain

25
DomainAdd Prep

• Cross domain administration
• Child domain access to Enterprise Objects
• Hosting users from other domains
• Run on
• Root domain
• User only domains
• Gives permissions to the following groups
• RTCDomainServerAdmins to home users
• RTCHSDomainServices to read user attributes

26
Asking to Extend Schema
27
Piloting Live CommunicationsServer
Corporate Forest
28
Permissions

• RTCDomainUserAdmins
• Global Security Group
• Must be a member to administer users across
  domains
• RTCDomainServerAdmins
• Global Security Group
• Used to administer servers across domains
• RTCHSDomainServices
• Global Security Group
• Must be a member to install and activate servers

29
demonstration
Deploying and Managing Live Communications Server
2005
30
Management Capabilities
Active Directory
MMC / WMI

• Integration by extending AD
• Performs authentication
• Performs authorization

• Active Directory Users and Computer snap-in
• Admin Tools
• Performance monitoring
• Wizard based tasks
• WMI interface for scripting

MOM

• Enable real-time monitoring
• Management pack available

SQL

• Highly available
• Meet regulatory commitments
• Logging and Reporting

31
Live Communications Server 2005Administration
Resource View
Server and Server Pool Management
List of Technical Documentation
Task pane
32
Live Communications Server 2005Administration
Performance View
33
Active Directory Topology

• Single Forest
• Multiple Domains
• Multi-Tree Forest
• Multiple Forests
• Resource Forest
• Central Forest

34
Resource Forest
Disabled users
Resource Forest
35
Central Forest
MIIS
contacts
Central Forest
36
Telephony Topology
37
SIP to PSTN
SIP
MTLS
PSTN
Static route
SIP Proxy
PBX
SIP/PSTN gateway
38
Remote Access Topology
39
Remote User
Firewall port 443 or 5061
DMZ
Pool
Director
TLS
MTLS
MTLS
(NTLM challenge)
Access Proxy
AD
40
Federation Topology

• Direct
• Enhanced
• Public Instant Messaging Connectivity
• Clearing house

41
Direct Federation
Access Proxy
Access Proxy
Pool
Pool
MTLS
MTLS
MTLS
AD
AD
DNS
Enterprise A
Enterprise B
42
Enhanced Federation
Go from this in LCS 2005to this with SP1!
43
Enhanced Federation
Supplier
DNS
Contoso
MTLS
Bob
Joe

• Is Supplier.com in the block list? NO
• Look-up SIPFederationTLS._TCP.supplier.com
• Verify that AP name matches domain name
• Establish MTLS connection and verify certificate
  SN

44
Public Instant Messaging ConnectivityWith MSN,
AOL, Yahoo
Enterprise A

LCS 2005
SIP Proxy

• A top customer-requested scenario
• Brings together corporate IM and public IM
• No 3rd party gateways/software required
• One desktop client

45
Clearing house
Contoso
Clearing house
46
Summary

• Considerations before deploying
• Active Directory infrastructure
• Geographic distribution of users
• Network bandwidth between geographies
• Feature requirements
• Up-time