OCS 2007 R2

Microsoft Corp. debuted Microsoft Office Communications Server 2007 Release 2 (R2), an update to the award-winning Microsoft Office Communications Server 2007. Customers will be able to purchase the release, currently in private beta testing, beginning in February 2009.

Office Communications Server 2007 R2 delivers important new functionality that extends software-powered voice, particularly for remote and mobile workers; provides on-premise audioconferencing to help reduce operational costs; and introduces new developer advances, including the ability to build communications-enabled business processes. These enhancements will improve business communications through a unified infrastructure and user experience.

Key new features of Office Communications Server 2007 R2 include the following:

Next-Generation Collaboration

•	Dial-in audioconferencing. Office Communications Server 2007 R2 enables businesses to eliminate costly audioconferencing services with an on-premise audioconferencing bridge that is managed by IT as part of the overall communications infrastructure.
•	Desktop sharing. This feature enables users to seamlessly share their desktop, initiate audio communications and collaborate with others outside the organization on PC, Macintosh or Linux platforms through a Web-based interface.
•	Persistent group chat. This enables geographically dispersed teams to collaborate with each other by participating in topic-based discussions that persist over time. This application provides users with a list of all available chat rooms and topics, periodically archives discussions in an XML file format that meets compliance regulations, provides tools to search the entire history of discussion on a given topic, and offers filters and alerts to notify someone of new posts or topics on a particular topic.

Enhanced Voice and Mobility

•	Attendant console and delegation. This allows receptionists, team secretaries and others to manage calls and conferences on behalf of other users, set up workflows to route calls, and manage higher volumes of incoming communications through a software-based interface.
•	Session Initiation Protocol trunking. This feature enables businesses to reduce costs by setting up a direct VoIP connection between an Internet telephony service provider and Office Communicator 2007 without requiring on-premise gateways.
•	Response group.A workflow design application manages incoming calls based on user-configured rules (e.g., round-robin, longest idle, simultaneous), providing a simple-to-use basic engine for call treatment, routing and queuing.
•	Mobility and single-number reach. This extends Microsoft Office Communicator Mobile functionality to Nokia S40, Motorola RAZR, Blackberry and Windows Mobile platforms, allowing users to communicate using presence, IM and voice as an extension of their PBX from a unified client.*

New Developer Tools for Business Applications

•	APIs and Visual Studio integration. This improves the efficiency of everyday business processes by enabling businesses to build communications-enabled applications and embed communications into business applications. Press release link

OCS 2007 Management Pack for Operations Manager 2007

The Microsoft Office Communications Server 2007 Management Pack for SCOM 2007 monitors the health of computers running Office Communications Server 2007 on Windows Server 2003 and alerts IT administrators about critical health conditions that indicate degraded performance.

The long awaited release of the OCS 2007 Management Pack for System Center Operations Manager (SCOM) 2007 has been completed:

http://www.microsoft.com/downloads/details.aspx?FamilyId=A1832431-54B7-4070-9B10-14EFB231FF0C&displaylang=en&displaylang=en

Sip Call Transfer

Call Transfer

One useful feature of IP telephony is the fact that users can easily transfer their calls to someone else.

Imagine for example that you are talking to a friend who’s asking you about your notes of a particular class or lecture. You don’t have them but you know that another friend of yours does. It would be nice if you could simply forward the call to that new person so that your two friends could arrange the transfer by themselves.

We would like to implement that kind of functionality in SIP Communicator using the SIP protocol. With SIP (and with most other protocols for that matter) one can transfer a call in two different ways. You could either blindly forward the call to a number without knowing whether someone would actually answer, or you could first establish the connection, ask the corresponding person whether they are interested in taking the call and only then execute the transfer.

These two types of transfer are often referred to as attended and unattended (or blind) transfer. They involve the exchange of a number of specific messages.

Here’s how one could perform a blind transfer with SIP:

The following image shows the messages exchanged during an attended call transfer.

The mechanisms for transferring calls are described in detail in RFC 3515 and RFC 3891.

References:
The Session Initiation Protocol (SIP) Refer Method
http://tools.ietf.org/html/rfc3515

The Session Initiation Protocol (SIP) “Replaces” Header
http://tools.ietf.org/html/rfc3891

Other SIP Communicator student projects
http://www.sip-communicator.org/students

The official SIP Communicator website
http://www.sip-communicator.org

The SIP Communicator developer website on Java.net
http://sip-communicator.dev.java.net/index-jn.html

Call Voice Mail problem Polycom CX700

"The Requested type of content encryption is not supported"
in Italian " Il tipo di crittografia del contenuto richiesto non è supportato."

You might get the above error message when you try to call your voice mail hosted on Exchange 2007 SP1 UM from your Office Communicator Phone Edition (OCPE) powered device (like polycom CX700). The likely cause of the issue is a mismatch between the VoIPSecurity setting of your SIP URI UM dial plan and the Security - Encryption level setting on the A/V Conferencing properties on your OCS 2007 pool.

The OCPE device use the Security - Encryption level setting to determine, if media should be encrypted or not. The default setting is Require encryption and OCPE will then send media using SRTP. If the UM dial plan VoIPSecurity parameter is set to SIPSecured Exchange 2007 SP1 UM will not accept the SRTP based media and you get the error message above on OCPE. Changing your UM dial plan to have the VoIPSecurity parameter set to Secured will fix the issue. This is the recommended setting, since this ensures that media is sent in a secure way.

More information can be found here:

http://technet.microsoft.com/en-us/library/bb676409.aspx

http://technet.microsoft.com/en-us/library/bb124092(EXCHG.80).aspx.

Configure Exchange 2007 UM to work with Enterprise Voice in OCS 2007

There are several steps that you must complete to configure Exchange 2007 Unified Messaging to work with Enterprise Voice in Communications Server 2007. You must do the following:

1. Create one or more Exchange 2007 Unified Messaging Session Initiation Protocol (SIP) URI dial plans that each map to a corresponding Communications Server 2007 location profile. An Enterprise Voice location profile must be created for each Exchange UM dial plan. The location profile name has to match the fully qualified domain name (FQDN) of the UM dial plans. The Unified Messaging dial plan FQDN is used as the name of its corresponding location profile. Use the Get-UMDialPlan cmdlet to obtain the FQDN of a SIP URI dial plan, and then create its corresponding location profile. For more information about how to create a SIP URI dial plan, see How to Create a Unified Messaging SIP URI Dial Plan.
   
2. Install a certificate on the Unified Messaging servers that is valid and signed by a certification authority, and then restart the Microsoft Exchange Unified Messaging service on each Unified Messaging server.
   
3. To encrypt the VoIP traffic, configure the SIP URI dial plan as SIP secured or Secured. For more information about how to configure the security settings on a UM dial plan, see How to Configure Security on a Unified Messaging Dial Plan. For more information about VoIP security and configuring MTLS, see Understanding Unified Messaging VoIP Security.
   Although a Unified Messaging dial plan can be configured as SIP Secured or Secured, we recommend that you configure the dial plan as Secured to enable Microsoft Office Communicator Phone Edition devices to work correctly. This is recommended because of the default encryption level settings that are configured in Communications Server 2007. An Office Communicator Phone Edition device will only work if the encryption settings are configured as they are in the following table. This table shows the relationship between the encryption settings for both Communications Server 2007 and Unified Messaging dial plans.
   

   Encryption settings for Office Communicator Phone Edition

   Communications Server 2007	Unified Messaging dial plan
   Encryption Required (default)	Secured
   Encryption Optional	SIP Secured/Secured
   No Encryption	SIP Secured

4. Add the servers that are running the Unified Messaging server role to the SIP dial plan. To enable the server to answer incoming calls, you must add the Unified Messaging server to a dial plan. For more information about how to add a Unified Messaging server to a dial plan, see How to Add a Unified Messaging Server to a Dial Plan.
   
5. Create a SIP address for the users who will be using Enterprise Voice. For more information about how to create a SIP address for a UM-enabled user, see How to Add, Remove, or Modify a SIP Address for a UM-Enabled User.
   

   Users who are associated with a SIP URI dial plan cannot receive incoming faxes. This is because incoming voice and fax calls are routed through a Mediation Server and faxing is not supported when you are using a Mediation Server.

6. Open the Exchange Management Shell and run the exchucutil.ps1 script that is located in the \Exchange Server\Script folder. The exchucutil.ps1 script does the following:
   
   • Grants Office Communications Server permission to read Exchange UM Active Directory objects, specifically, the SIP URI dial plan objects that were created in the previous task. For more information about how to configure permissions on Active Directory objects, see How to Use ADSI Edit to Apply Permissions.
     
   • Creates a UM IP gateway object in Active Directory for each Communications Server pool or for each server that is running Communications Server 2007 Standard Edition that hosts users who are enabled for Enterprise Voice. For more information about how to create a UM IP gateway, see How to Create a New Unified Messaging IP Gateway.
     
   • Creates an Exchange UM hunt group for each gateway. The hunt group pilot identifier will be the name of the dial plan that is associated with the corresponding gateway. The hunt group must specify the Exchange 2007 Unified Messaging SIP dial plan that is used with the UM IP gateway. For more information about how to create a Unified Messaging hunt group, see How to Create a New Unified Messaging Hunt Group.
   
   

How to Configure Security on a Unified Messaging Dial Plan

PowerGUI for OCS

Nice & usefull graphical user interface and script editor for Windows PowerShell!

The OCS 2007 PowerPack provides access to major OCS 2007 Global, User, and Server objects and settings. This includes Users, Edge and Federation, Servers and Global settings. Some objects add links and actions to view further information and to provision and help administer OCS.

This PowerPack was partially based on the OCS Powershell Scripts found in the companion CD of the "Office Communication 2007 Resource Kit" book (http://www.microsoft.com/mspress/books/10482.aspx).

Powerpack Feature Highlights:
- View and Provision OCS settings on users:
- View all AD details for OCS users
- Use canned filters to quickly view which users are enabled or disabled for key OCS functionality.
- Enable/Disable key OCS functionality (e.g. Public IM)
- Remotely View key Edge settings (from an OCS Administrative Tool or Front-End computer), including:
- Internal and External Edge server settings
- Federated Partners and Federated Public IM Network Settings
- Easily access and view all OCS Global Settings in one location, including Pools, Enterprise Voice and Meeting Settings and Policies, Location Profiles, Normalization Rules, Archive and CDR, and Federation.
- On any local OCS machine:
- View and Control OCS Services
- View OCS specific Event Log Errors and Warnings
- Provision Address Book settings that not available in the OCS Administrative console

See attached documentation (Documentation.txt) for basic usage instructions.

Note: Edge functionality may not work remotely because of a WMI cross-domain security issue.

Functionality likely coming in V2:
- Server Role Definition and Awareness (use can specify what hostnames to use for certain roles)
- Alternate Credentials
- Certificates Information and Actions
- More Phone Route Information
- More Diagnostics

Download powerpack link | Download PowerGUI

MMC Snap-in OCS 2007 proxy

One of the more obnoxious pieces of OCS is the fact that there isn’t a dedicated MMC snap-in for the Proxy Servers, but instead you have to open the entire Computer Management console. The method below will let you create a simple MMC that only opens the OCS Proxy server parts.

1. Go to Start | Run, type in mmc and press OK.
2. Go to File | Add/Remove Snap-In and press Add.
3. Choose Computer Management and press Add, Finish, Close and OK.
4. Expand Computer Management | Services and Applications, right-click on Microsoft Office Communications Server 2007 and choose New window from here.
5. Now you should have a window with the root as your OCS controls. Click on File | Options.
6. Click the Change Icon button and then browse to C:\Program Files\Common Files\Microsoft Office Communications Server 2007\RTCMMCR2.dll and press OK.
7. You should now have a few options for icons.
   
8. You can also rename the console to something friendlier, like Office Communications Server 2007.
   
9. Click on File | Save As… and save your custom MMC
10. You should be all set now. Opening the Office Communications Server 2007 shortcut will now open a usable snap-in.

Analyzing VoIP with Wireshark

When working in the IP telephony world it is crucial to know how to use a network analyzer, in order to understand how the traffic is circulating over the network. This article presents some interesting Wireshark features related to voice over IP protocols.

Introduction

Wireshark (aka Ethereal) is a tool to have in his toolbox whenever working with application using the network; it is simple, efficient and running either on Microsoft Windows or Linux, moreover it is free. Even if you will find on some commercial products very powerful features, Wireshark has some good plugging targeting the VoIP space (aside many others). This article is more focusing on SIP and RTP protocols which represents most of nowadays voice over IP implementation.

How to capture frames

Prior analysing the network frames crossing the network it is required to capture these ones. Analysis could be done either in real time when Wireshark is running on the probe itself, but it is also possible to capture the frames, store these in a file and perform the analysis afterwards.
More important is where to locate the probe in order to gather the appropriate frames containing voice related protocols. Since the SIP protocol is really distributed by nature, gathering voice traffic is a challenge but there are solutions.

In order to collect voice frames we can either use Wireshark directly or use the application tcpdump, available on most Unixes and working directly from the command line.

With the chosen tool, two approaches are proposed:

• using a mirror port on a switch: this solution requires to use network switches with a port mirroring feature. Generally available on advanced enterprise products, some low end devices are not supporting it. The feature is sometime called port mirroring or SPAN port but the way it works is the same: we configure the switch to copy all frames going in and out a specific port towards a dedicated port where the analyzer is connected. If the voice traffic is separated from the data traffic onto a specific VLan, it is sometimes possible to copy all traffic going through the Vlan towards the copy port. The port we will copy is where the SIP proxy is connected, but we can also copy an IP phone port if we know more precisely what to look at.
• using directly the proxy server: this second solution is about capturing traffic on the unix server hosting the proxy. For sure this requires running the tcpdump command directly from this server, which is not always possible. In the case of Asterisk, we are mainly using Linux as a hosting system and Linux does support tcpdump in most distribution, we will install it directly from the package if not yet present.

Capture with tcpdump

When using Asterisk, we can take advantage of two main points:

• the operating system is mainly Linux, so we can use tcpdump
• Asterisk is acting as a “back-to-back UA”, that is to say it stays by default in the middle of any session (phone call), even if this is not following the SIP distributed model, we will leverage on it; see also “Asterisk and voice transport”.

When doing a capture directly from the Asterisk server, we will have the full voice session, including signalling (SIP part) and the voice transport (RTP part).

tcpdump is a line command, it doesn’t require any graphical interface to run and is very light, we could use it without putting to much stress on our voice gateway and altering the quality¹. As always with Unix, the command requires parameters and tcpdump proposes a lot of options. Here is a list of the useful ones in our case:

• -p : doesn’t start in promiscuous mode, only frames from or to the Asterisk node will be captured,
• -n : no name resolution, otherwise we will have a lot of DNS queries which is not useful at that stage, we could do name resolution afterwards if needed,
• -s 0 : we get the full frame, not only the first bytes. When working only at the protocol level it is enough to get only the start of each frames, in our case we are requiring the content of the SIP and RTP frames. 0 means getting the whole frame,
• -w output file : all the captured frames will be stored in the file. That way we will be able, afterwards, to analyze the frames from the file. If using ‘-’ as the name of the file, the output is send to the standard output, we will use this afterwards.

In addition, we could specify to tcpdump a filter which will lower the number of frames we got in the capture. We can for example get only UDP frames and filter IP addresses in order to focus only on a specific host.

Local capture

In order to perform the capture directly on the Asterisk host we should be connected to it. This can be achieve either directly on the console or through a remote terminal, I do like ssh like many admins since it is simple and secured.

With the following command

tcpdump -w trace.cap -p -n -s 0 "udp”

, we will gather all UDP frames in transit on our server, the capture will be stopped by pressing CRTL-c. The file trace.cap will be stored for later analysis. If storage space is low on the Asterisk server, we can compress the trace with a very good ratio, using gzip.

Remote capture

Since you could manage many Asterisk servers, it could be easier to start a capture from your desktop by using the remote command facility provided by ssh. The ssh command on the desktop is required, already installed on Mac OS X and on Linux, you can install the Cygwin version on Microsoft Windows, you will have exactly the same command.

The proposed command is:

ssh root@asterisk 'tcpdump -w - -p -n -s 0 udp' > capture-asterisk.cap

The capture will occur on the server named asterisk using the tcpdump command, the frames will not be stored on the server itself but redirected to the desktop machine through the ssh tunnel². The file will be named capture-asterisk.cap and stored in the current directory. Using such method, you can start a capture on multiple Asterisk servers without having to connect on these and transfer the capture file afterwards, furthermore, no storage issue.

Analyze

One we have a trace file we can now use the Wireshark tool to dive in it.

Wireshark is using a rich GUI and presents all the frames in the capture ^{50MB files the memory is highly stressed">3}. On the upper window part you have the frame list, below the content of the selected frame either in decoded format either in raw. For sure Ethernet and IP protocols are decoded, what interest us today are SIP, IAX2 and RTP protocols since dedicated to voice over IP.

From the file explorer, we can open the file trace and analyze it, by default frames are ordered by arrival time, you can change this sort criteria if required.

Filtering

Depending on the filter used during capture, we can have noisy frames in it. The filtering feature of Wireshark allows to focus only on specific frames, it is activated through the ‘Filter’ field on the upper part of the window. The filter language is specific but easy to learn, for example if only SIP frames are needed you enter the ‘sip’ filter, if you are interested in IAX, the filter is ‘iax2’. One tip: when the filter background field is green the syntax is ok, when orange it is not yet good.

If you need more complex filtering rules, you can directly select the field from the decode window. Each protocol fields can be selected and added to the current filter through a right click and the “Apply as filter / … and Selected” menu.

SIP analysis

When looking at all the frames we have in a capture, it could be difficult to find quickly what we are looking for. Hopefully, Wireshark is bundled with some SIP tools, these are accessible through the “Statistics / VoIP calls” menu.

In the window you will see all the voice over IP calls present in the capture file. If the capture is performed directly with Wireshark, this list will evolve in real time.

From the list, it is possible to show a specific conversation graphically. This view is really helpful to follow the conversation since all frames can be selected and inspected in the main window. It is also possible to analyze the content of the voice conversation since transported in the RTP files.

The “Player” feature decodes the RTP frames associated with the selected conversation. The graph is showing the shape of the voice flow for both ways. This tool is interesting when focusing on voice quality, if a user is complaining when talking with a specific phone, it is possible to listen to the conversation afterwards.

RTP analysis

The RTP⁴ protocol is not dedicated to voice over IP traffics. But this protocol is used aside H.323 and SIP signalling, Wireshark proposes a specific module to analyze the RTP flows. The feature is available through the “Statistics / RTP / Stream Analysis” menu.

The analysis window proposes information about the terminals engaged in the conversation, the used codec and some statistics about the flow. You can focus for example on jitter and packet loss in order to explain why the voice quality wasn’t good enough. From this module, it is also possible to extract the content of the RTP frames and rebuild a voice sound file. This one will be saved in WAV format and you can listen it with any sound tool available⁵.

Conclusion

IP telephony, like any application heavily using the network, should be analyzed whenever a problem occurs. In order to be reactive, my advice is to train yourself when everything is working fine and you have spare time to train. This will allow you to know the tools but also when looking at nothing special it is very common to find issue on the network. Finally, don’t be afraid by protocols, even if they are complex, their proper understanding will be a great advantage when facing a real issue on your system.

---

1. be careful if your system is low on resources since tcpdump works at a very low level and could impact real time performances in that case [↩]
2. one could put in place ssh keys in order to automated the login part [↩]
3. be careful to limit the capture file size, when playing with > 50MB files the memory is highly stressed [↩]
4. Real Time Protocol [↩]
5. if the codec used for encoding is supported by your player [↩]

Telefonare con OCS e SNOM

In questo video vengono evidenziate le feature dell'integrazione dei sistemi di telefonia.



Ulteriori informazioni al seguente link