OCS 2007 R2 Deploying Dial-In Conferencing

Document Sample
OCS 2007 R2 Deploying Dial-In Conferencing Powered By Docstoc
					Microsoft Office Communications
Server 2007 R2

Deploying Dial-In Conferencing


Published: May 2009
Updated: July 2009




For the most up-to-date version of the Deploying Dial-In Conferencing documentation and the
complete set of the Microsoft® Office Communications Server 2007 R2 online documentation,
see the Office Communications Server TechNet Library at
http://go.microsoft.com/fwlink/?LinkID=132106.

Note:
   In order to find topics that are referenced by this document but not contained within it,
   search for the topic title in the TechNet library at
   http://go.microsoft.com/fwlink/?LinkID=132106.




                                                                                               1
Information in this document, including URL and other Internet Web site references, is subject to
change without notice. Unless otherwise noted, the companies, organizations, products, domain
names, e-mail addresses, logos, people, places, and events depicted in examples herein are
fictitious. No association with any real company, organization, product, domain name, e-mail
address, logo, person, place, or event is intended or should be inferred. Complying with all
applicable copyright laws is the responsibility of the user. Without limiting the rights under
copyright, no part of this document may be reproduced, stored in or introduced into a retrieval
system, or transmitted in any form or by any means (electronic, mechanical, photocopying,
recording, or otherwise), or for any purpose, without the express written permission of Microsoft
Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
© 2009 Microsoft Corporation. All rights reserved.
Microsoft, Active Directory, ActiveX, Excel, Hyper-V, Internet Explorer, MSN, MSDN, OneNote,
Outlook, PowerPoint, RoundTable, SharePoint, SQL Server, Visio, Visual Basic, Visual C++,
Visual J#, Visual Studio, Windows, Windows Live, Windows Media, Windows Mobile, Windows
NT, Windows PowerShell, Windows Server, and Windows Vista are trademarks of the Microsoft
group of companies.
All other trademarks are property of their respective owners.




                                                                                                  2
Contents
Deploying Dial-In Conferencing in Office Communications Server 2007 R2 .................................. 5

Deployment Processes for Dial-In Conferencing ............................................................................ 5
 Support Dial-in Conferencing without Enterprise Voice ............................................................... 5
 Support Dial-in Conferencing with Enterprise Voice .................................................................. 11

Configure a Global Policy to Support Dial-in Conferencing .......................................................... 15
 To configure support for dial-in conferencing in a meeting policy .............................................. 16

Configuring Conferencing Attendant ............................................................................................. 16
 Configure Access Numbers for Dial-in Conferencing ................................................................ 17
 Configure Regions for Dial-in Conferencing Access Numbers .................................................. 19
 Configure Dial-in Conferencing PIN Settings ............................................................................. 20

Configure Static Routes for Communicator Web Access Users ................................................... 21

Deploy the Conferencing Add-in for Microsoft Office Outlook ....................................................... 21

Welcome Users to Dial-in Conferencing ....................................................................................... 22

Deploy SIP Trunking ...................................................................................................................... 23

Appendix: Deploying Dial-In Conferencing .................................................................................... 23
 Dial-In Conferencing Support ..................................................................................................... 23
   Feature Components .............................................................................................................. 23
   Deployment Prerequisites ....................................................................................................... 24
     Office Communications Server ............................................................................................ 24
     Communicator Web Access ................................................................................................ 25
     Enterprise Voice .................................................................................................................. 25
     Conferencing Attendant ....................................................................................................... 26
     Optional Deployment Processes ......................................................................................... 26
   Port Requirements .................................................................................................................. 27
   Deployment Process ............................................................................................................... 28
 Accounts and Permissions Requirements ................................................................................. 33
   Administrative Credentials ...................................................................................................... 33
   Security Levels ........................................................................................................................ 41
     Exchange UM Security Levels ............................................................................................ 41
   Media Gateway Security ......................................................................................................... 42




                                                                                                                                            3
Deploying Dial-In Conferencing in Office
Communications Server 2007 R2
Dial-in conferencing enables anonymous users and enterprise users who want or need to use a
public switched telephone network (PSTN) phone to join the audio portion of an on-premises
conference. Dial-in conferencing relies on the unified communications application Conferencing
Attendant to provide users with a conference access phone number and reservation-less
meetings. By deploying the Conferencing Add-in for Microsoft Office Outlook, users can also
schedule conferences that include Conferencing Attendant access phone numbers.
Conferencing Attendant is designed to use components and features of Enterprise Voice by
default, but you can configure support for dial-in conferencing in your organization whether or not
you have deployed Enterprise Voice for Office Communications Server 2007 R2.
In This Document
   Deployment Processes for Dial-In Conferencing
   Configure a Global Policy to Support Dial-in Conferencing
   Configuring Conferencing Attendant
   Configure Static Routes for Communicator Web Access Users
   Deploy the Conferencing Add-in for Microsoft Office Outlook
   Welcome Users to Dial-in Conferencing
   Deploy SIP Trunking
   Appendix: Deploying Dial-In Conferencing



Deployment Processes for Dial-In
Conferencing
Conferencing Attendant is designed to use components and features of Enterprise Voice by
default, but you can configure support for dial-in conferencing in your organization whether or not
you have deployed Enterprise Voice for Office Communications Server 2007 R2.
If you have already deployed Enterprise Voice in your organization, see Support Dial-in
Conferencing with Enterprise Voice later in this topic.


Support Dial-in Conferencing without Enterprise
Voice
To support dial-in conferencing without Enterprise Voice, perform the following steps:


                                                                                                  5
Table 1. Dial-in conferencing deployment process if you have not deployed Enterprise
Voice

Phase             Steps                           Permissions                Documentation

Install and       All unified communications      Administrators group       In the Office
activate Office   applications and the            RTCUniversalServerAdmins   Communications
Communicatio      application server are          group                      Server 2007 R2
ns Server         installed by default.                                      deployment
                                                  Domain Admins group
2007 R2.             In an Enterprise Edition                              documentation for
                       deployment, activate                                  Enterprise Edition
                       the Conferencing                                      and Standard
                       Attendant and                                         Edition, see:
                       Conferencing                                             Configure Pool
                       Announcement Service                                       and
                       applications during the                                    Applications
                       pool configuration                                         (in an
                       process.                                                   Enterprise
                     In a Standard Edition                                      Edition
                       deployment, activate                                       deployment)
                       the Conferencing                                         Add Servers to
                       Attendant and                                              the Pool (in an
                       Conferencing                                               Enterprise
                       Announcement Service                                       Edition
                       applications during the                                    deployment)
                       server installation                                      Install
                       process.                                                   Standard
                                                                                  Edition Server
                                                                                  (in a Standard
                                                                                  Edition
                                                                                  deployment)

Install,          Install Communicator Web      Administrators group         In the Office
activate, and     Access server to host the     Domain Admins group          Communications
configure the     Dial-in Conferencing Web                                   Server 2007 R2
2007 R2           page for users to manage                                   deployment
version of        their personal identification                              documentation for
Microsoft         number (PIN) and                                           Communicator
Office            conference information. The                                Web Access, see:
Communicato       Dial-in Conferencing Web                                   Installing and
r Web Access      page is installed by default                               Activating
server.           when you install                                           Communicator
                  Communicator Web Access                                    Web Access
                  server. Publish
                                                                             Creating a
                  Communicator Web Access
                                                                                                  6
Phase            Steps                           Permissions                Documentation
                 URLs to make the Dial-in                                   Communicator
                 Conferencing Web page                                      Web Access
                 discoverable.                                              Virtual Server
                 1. Install Communicator                                    Publishing
                    Web Access.                                             Communicator
                 2. Activate Communicator                                   Web Access URLs
                    Web Access.
                 3. Create an internal
                    virtual server.
                 4. Publish Communicator
                    Web Access URLs

Optionally,      Enable access to the Dial-in Administrators group          Installing and
enable remote    Conferencing Web page        Domain Admins group           Activating
user access to   from outside your                                          Communicator
Communicato      organization’s firewall.                                   Web Access
r Web Access.    1. Create an external                                      Creating a
                    virtual server.                                         Communicator
                 2. Optionally, use a                                       Web Access
                    reverse proxy to publish                                Virtual Server
                    Communicator Web                                        Using a Reverse
                    Access for remote                                       Proxy to Enable
                    users.                                                  Remote User
                                                                            Access

Test the Dial-   Sign in to the Dial-in          Office Communications      Testing the Web
in               Conferencing Web page           Server 2007 R2 user        Site
Conferencing     using the URI
Web page.        https://<internalCWAserver
                 _FQDN>/dialin and, if
                 remote user access is
                 enabled,
                 https://<externalCWAserver
                 _FQDN>/dialin.

Create one or    Create location profiles with   RTCUniversalServerAdmins   In the Office
more location    normalization rules that will   group                      Communications
profiles, and    route Conferencing                                         Server 2007 R2
then assign      Attendant calls as well as                                 deployment
default          enable Conferencing                                        documentation for
location         Attendant to perform PIN-                                  Enterprise Voice,
profile.         based user authentication,                                 see:

                                                                                                7
Phase           Steps                            Permissions                Documentation
                and then assign a default                                       Step 2. Create
                location profile to each pool.                                    Location
                Location profile descriptions                                     Profiles
                are used to specify regions                                     Step 4. Assign
                for conference access                                             Location
                phone numbers.                                                    Profile to Pool

Optionally,     Specify minimum PIN              RTCUniversalServerAdmins   See
verify or       length, maximum retry            group                      Configure Dial-in
modify user     attempts, and PIN                                           Conferencing PIN
PIN             expiration.                                                 Settings in this
requirements.                                                               section of the
                                                                            documentation.

Configure a     Configure settings on the        RTCUniversalServerAdmins   Configure a Global
global policy   Meetings tab in Office           group                      Policy to Support
to support      Communications Server                                       Dial-in
dial-in         Global Properties to do the                                 Conferencing
conferencing.   following:
                   Specify if users can
                     invite anonymous
                     participants to any type
                     of conference or
                     meeting.
                   Create and assign a
                     global policy that
                     enables PSTN dial-in
                     conferencing support
                     and specifies if
                     anonymous participants
                     must enter a pass
                     code.

Deploy a        Deploy a Mediation Server        RTCUniversalServerAdmins   In the Enterprise
Mediation       to route calls to and from       group                      Voice deployment
Server.         the public switched                                         documentation,
                telephone network (PSTN).                                   see: Step 5.
                                                                            Deploy a Mediation
                                                                            Server

Deploy a        Deploy a media gateway to        RTCUniversalServerAdmins   See the
third-party     connect to the PSTN.             group (to configure the    documentation
basic media                                      Mediation Server)          provided by the

                                                                                                8
Phase             Steps                         Permissions                  Documentation
gateway           OR                            Administrator of the SIP     manufacturer of
OR                Configure the Mediation       trunking provider            your media
                  Server to connect to a                                     gateway, if you
Configure the
                  service provider offering                                  deploy a media
Mediation
                  PSTN origination and                                       gateway
Server to
perform SIP       termination, also known as                                 OR
trunking          “SIP trunking”.                                            Deploy SIP
                                                                             Trunking in this
                                                                             section, if you
                                                                             deploy SIP
                                                                             trunking
                                                                             And Configuring a
                                                                             Mediation Server
                                                                             in the Enterprise
                                                                             Voice deployment
                                                                             documentation, if
                                                                             you deploy SIP
                                                                             trunking.

Configure         Configure the media           Administrator on the media   See the
your              gateway with one or more      gateway                      documentation
organization’s    direct inward dial (DID)                                   provided by the
media             phone numbers to use as                                    manufacturer of
gateway to        conference access phone                                    your media
support dial-in   numbers.                                                   gateway.
conferencing.

Configure         Configure conference          RTCUniversalServerAdmins     See Configuring
Conferencing      access phone numbers and      group                        Conferencing
Attendant.        settings, including                                        Attendant in this
                  supported languages.                                       section of the
                                                                             documentation.

Enable dial-in    Deploy the Conferencing       Administrators group         Deploy the
conference        Add-in for Microsoft Office                                Conferencing Add-
scheduling.       Outlook to enable users to                                 in for Microsoft
                  schedule conferences with                                  Office Outlook
                  support for dial-in
                  conferencing.

Configure         Configure the Line URI        RTCUniversalUserAdmins       For instructions,
user account      setting of Telephony          group, to configure user     see Configuring
properties.       Options for user accounts     accounts                     Telephony for

                                                                                                 9
Phase            Steps                          Permissions                   Documentation
                 with a unique normalized       DomainAdmins group, to        Individual Users in
                 phone number. For              configure normalized phone    Administering
                 example,                       numbers in Active Directory   Office
                 tel:+14255550200.              Domain Services               Communications
                                                                              Server 2007 R2 in
                                                                              the Office
                                                                              Communications
                                                                              Server Operations
                                                                              documentation set.
                                                                              For background
                                                                              information, see
                                                                              Normalization rules
                                                                              in the Office
                                                                              Communications
                                                                              Server Planning
                                                                              and Architecture
                                                                              documentation.

Configure        Configure a static route for   Administrators group          In the Office
static routes.   each pool to route calls to    RTCUniversalServerAdmins      Communications
                 the Conferencing Attendant     group                         Server 2007 R2
                 to the Mediation Server to                                   deployment
                 enable Communicator Web                                      documentation for
                 Access users to join dial-in                                 Communicator
                 conferences using PSTN                                       Web Access, see:
                 dial-out.                                                    Configure Static
                                                                              Routes for
                                                                              Communicator
                                                                              Web Access Users
                                                                              Configuring Audio
                                                                              Conferencing for
                                                                              Communicator
                                                                              Web Access

Welcome          Customize the “Welcome to Administrators group               See
users to dial-   Dial-in Conferencing” e-mail                                 Welcome Users to
in               message included with the                                    Dial-in
conferencing.    Office Communications                                        Conferencing in
                 Server 2007 R2                                               this section of the
                 documentation, and then                                      documentation.
                 send the e-mail message to
                 users.

                                                                                               10
Support Dial-in Conferencing with Enterprise
Voice
If you have deployed Enterprise Voice in your organization to provide support for calls to the
public switched telephone network (PSTN), and you have enabled Enterprise Voice for users, you
do not need to complete as many additional steps to support dial-in conferencing. If you have
already deployed Enterprise Voice, to support dial-in conferencing you need only configure direct
inward dial (DID) numbers on your media gateway for Conferencing Attendant, activate
Conferencing Attendant, and then configure Conferencing Attendant settings. You can activate
Conferencing Attendant during the configuration of an Office Communications Server, Enterprise
pool, or during the deployment of a Standard Edition server. If you did not activate Conferencing
Attendant when you deployed Office Communications Server 2007 R2, you can activate
Conferencing Attendant later. For details, see Activate an Application.
To support dial-in conferencing if you have already deployed Enterprise Voice, perform the
following steps:

Table 2. Dial-in conferencing deployment process if you have deployed Enterprise Voice

Phase             Steps                           Permissions                Documentation

Install and       All unified communications      Administrators group       In the Office
activate Office   applications and the            RTCUniversalServerAdmins   Communications
Communicatio      application server are          group                      Server 2007 R2
ns Server         installed by default.                                      deployment
                                                  Domain Admins group
2007 R2.             In an Enterprise Edition                              documentation for
                       deployment, activate                                  Enterprise Edition
                       the Conferencing                                      and Standard
                       Attendant and                                         Edition, see:
                       Conferencing                                             Configure Pool
                       Announcement Service                                       and
                       applications during the                                    Applications
                       pool configuration                                         (in an
                       process.                                                   Enterprise
                     In a Standard Edition                                      Edition
                       deployment, activate                                       deployment)
                       the Conferencing                                         Add Servers to
                       Attendant and                                              the Pool (in an
                       Conferencing                                               Enterprise
                       Announcement Service                                       Edition
                       applications during the                                    deployment)
                       server installation                                      Install
                       process.                                                   Standard

                                                                                              11
Phase            Steps                         Permissions            Documentation
                                                                         Edition Server
                                                                         (in a Standard
                                                                         Edition
                                                                         deployment)

Install,         Install Communicator Web      Administrators group   In the Office
activate, and    Access server to host the     Domain Admins group    Communications
configure the    Dial-in Conferencing Web                             Server 2007 R2
2007 R2          page for users to manage                             deployment
version of       their personal identification                        documentation for
Microsoft        number (PIN) and                                     Communicator
Office           conference information. The                          Web Access, see:
Communicato      Dial-in Conferencing Web                             Installing and
r Web Access     page is installed by default                         Activating
server.          when you install                                     Communicator
                 Communicator Web Access                              Web Access
                 server. Publish
                                                                      Creating a
                 Communicator Web Access
                                                                      Communicator
                 URLs to make the Dial-in
                                                                      Web Access
                 Conferencing Web page
                                                                      Virtual Server
                 discoverable.
                                                                      Publishing
                 1. Install Communicator
                                                                      Communicator
                    Web Access.
                                                                      Web Access URLs
                 2. Activate Communicator
                    Web Access.
                 3. Create an internal
                    virtual server.
                 4. Publish Communicator
                    Web Access URLs

Optionally,      Enable access to the Dial-in Administrators group    Installing and
enable remote    Conferencing Web page        Domain Admins group     Activating
user access to   from outside your                                    Communicator
Communicato      organization’s firewall.                             Web Access
r Web Access.    1. Create an external                                Creating a
                    virtual server.                                   Communicator
                 2. Optionally, use a                                 Web Access
                    reverse proxy to publish                          Virtual Server
                    Communicator Web                                  Using a Reverse
                    Access for remote                                 Proxy to Enable
                    users.                                            Remote User


                                                                                        12
Phase             Steps                           Permissions                Documentation
                                                                             Access

Test the Dial-    Sign in to the Dial-in          Office Communications      Testing the Web
in                Conferencing Web page           Server 2007 R2 user        Site
Conferencing      using the URI
Web page.         https://<internalCWAserver
                  _FQDN>/dialin and, if
                  remote user access is
                  enabled,
                  https://<externalCWAserver
                  _FQDN>/dialin.

Verify location   Verify that location profiles   RTCUniversalServerAdmins   In the Enterprise
profile           include normalization rules     group                      Voice deployment
configuration     that will route Conferencing                               documentation,
and pool          Attendant calls as well as                                 see:
assignment.       enable Conferencing                                           Step 2. Create
                  Attendant to perform PIN-                                       Location
                  based user authentication,                                      Profiles
                  and that a default location
                                                                                Step 4. Assign
                  profile is assigned to each
                                                                                  Location
                  pool. Location profile
                                                                                  Profile to Pool
                  descriptions are used to
                  specify regions for
                  conference access phone
                  numbers.

Optionally,       Specify minimum PIN             RTCUniversalServerAdmins   See Configure
verify or         length, maximum retry           group                      Dial-in
modify user       attempts, and PIN                                          Conferencing PIN
PIN               expiration.                                                Settings in this
requirements.                                                                section of the
                                                                             documentation.

Configure a       Configure settings on the       RTCUniversalServerAdmins   See Configure a
global policy     Meetings tab in Office          group                      Global Policy to
to support        Communications Server                                      Support Dial-in
dial-in           Global Properties to do the                                Conferencing in
conferencing.     following:                                                 this section of the
                     Specify if users can                                  documentation.
                       invite anonymous
                       participants to any type
                       of conference or


                                                                                               13
Phase             Steps                         Permissions                   Documentation
                       meeting.
                     Create and assign a
                       global policy that
                       enables PSTN dial-in
                       conferencing support
                       and specifies if
                       anonymous participants
                       must enter a pass
                       code.

Configure         Configure the media           Administrator on the media    See the
your              gateway with one or more      gateway                       ocumentation
organization’s    direct inward dial (DID)                                    provided by the
media             phone numbers to use as                                     manufacturer of
gateway to        conference access phone                                     your media
support dial-in   numbers.                                                    gateway.
conferencing.

Configure         Configure conference          RTCUniversalServerAdmins      See Configuring
Conferencing      access phone numbers and      group                         Conferencing
Attendant.        settings, including                                         Attendant in this
                  supported languages.                                        section of the
                                                                              documentation.

Enable dial-in    Deploy the Conferencing       Administrators group          See Deploy the
conference        Add-in for Microsoft Office                                 Conferencing Add-
scheduling.       Outlook to enable users to                                  in for Microsoft
                  schedule conferences with                                   Office Outlook in
                  support for dial-in                                         this section of the
                  conferencing.                                               documentation.

Configure         Configure the Line URI        RTCUniversalUserAdmins        For instructions,
user account      setting of Telephony          group, to configure user      see Configuring
properties.       Options for user accounts     accounts                      Telephony for
                  with a unique normalized      DomainAdmins group, to        Individual Users in
                  phone number. For             configure normalized phone    Administering
                  example,                      numbers in Active Directory   Office
                  tel:+14255550200.             Domain Services               Communications
                                                                              Server 2007 R2 in
                                                                              the Office
                                                                              Communications
                                                                              Server Operations
                                                                              documentation.
                                                                              For background
                                                                                                  14
Phase            Steps                         Permissions                     Documentation
                                                                               information, see
                                                                               Normalization rules
                                                                               in the Office
                                                                               Communications
                                                                               Server Planning
                                                                               and Architecture
                                                                               documentation.

Welcome          Customize the “Welcome to Administrators group                See Welcome
users to dial-   Dial-in Conferencing” e-mail                                  Users to Dial-in
in               message included with the                                     Conferencing in
conferencing.    Office Communications                                         this section of the
                 Server 2007 R2                                                documentation.
                 documentation, and then
                 send the e-mail message to
                 users.




Configure a Global Policy to Support Dial-in
Conferencing
In Office Communications Server 2007 R2, the default meeting policy for the forest does not
specify support for dial-in conferencing. You must configure and apply a meeting policy that
specifies support for dial-in conferencing in order to enable the following scenarios:
   To provide users with the option of including a Conferencing Attendant conference access
     phone number in meeting or conference invitations.
   To add audio to an instant messaging conference that includes participants who are using the
     Communicator Web Access client and, therefore, have access to audio only by using a
     telephone.
   To add users without access to a unified communications client to an audio/video conference.

Note:
     When you configure meeting policies, ensure that the meeting size limit is large enough
     to account for dial-in conferencing users, including anonymous dial-in conferencing
     users, as meeting participants.




                                                                                                 15
To configure support for dial-in conferencing in a
meeting policy
Note:
     You can assign one meeting policy to all users or you can create multiple meeting
     policies and then assign them to users on an individual basis. To assign meeting policies
     to users on an individual basis, configure a policy as described in this topic, and then see
     Configuring the Meeting Policy for Individual Users in the Administering Office
     Communications Server 2007 R2 documentation.



     1. Log on to a computer that has Office Communications Server 2007 R2 administrative
        tools installed as a member of the RTCUniversalServerAdmins group and the
        DomainAdmins group.
     2. Click Start, click All Programs, click Administrative Tools, and then click Office
        Communications Server 2007 R2.
     3. In the console tree, right-click the forest node, click Properties, click Global Properties,
        and then click the Meetings tab.
     4. To configure a global meeting policy, do the following:
            To create a new policy, under Policy Settings, click Add.
            To modify an existing policy, under Policy Definition, click the name of the policy in
              the Global policy list, and then click Edit.
     5. In the dialog box, select the Enable IP audio check box, and then select the Enable
        PSTN conference dial-in check box.
     6. Optionally, to require anonymous participants to enter a conference pass code to join a
        dial-in conference, select the PSTN conference dial-in requires passcode check box.
     7. Click OK, click Apply, and then click OK again.




Configuring Conferencing Attendant
In this release, you can configure the following for Conferencing Attendant:
   Global Settings
   Pool Settings
   Media Files




                                                                                                    16
Global Settings
Global settings for Conferencing Attendant determine the conference call phone numbers
available to dial-in conferencing users and the location profiles used to route Conferencing
Attendant calls in the forest. Conferencing Attendant global settings include the following:
   Conference access phone numbers define how the phone numbers that users dial to
     access dial-in conferencing map to instances of Conferencing Attendant in the forest.
   Regions define how conference access phone numbers map to Enterprise Voice location
     profiles.

Pool Settings
At the pool level, you can configure PSTN conferencing settings for Conferencing Attendant.
PSTN conferencing settings specify PIN security and expiration settings for dial-in conferencing
users on each pool.

Media Files
Conferencing Attendant is installed with media files that are used to play a welcome message
and prompts to callers. Conferencing Attendant also includes media files that are used to play
music while conference participants are on hold.
Conferencing Attendant includes media files for fourteen different languages. By default, the
.wma media files are installed to %ProgramFiles%\Microsoft Office Communications Server 2007
R2\Application Host\Applications\Conferencing Attendant\Media\<language>, where <language>
is one of the fourteen supported languages. By default, the media files used to play music to
users on hold is installed to %ProgramFiles%\Microsoft Office Communications Server 2007
R2\Application Host\Applications\Conferencing Attendant\Media\music. The files in this folder are
played in a repeating loop.
We strongly recommend that you do not replace the default media files. For details, see Microsoft
Help and Support at http://go.microsoft.com/fwlink/?LinkId=137269.


Configure Access Numbers for Dial-in
Conferencing
To provide support for dial-in conferencing for on-premises audio/video or Web conferences,
Conferencing Attendant must be configured with access phone numbers.

Note:
     You cannot use a new access phone number for dial-in conferencing until Active
     Directory replication of that phone number is complete.

Configure access phone numbers
     1. Log on to the Office Communications Server where you want to run the Conferencing
        Attendant application as a member of the Administrators group, the Domain Admins
        group, and the RTCUniversalServerAdmins group.


                                                                                                 17
2. Click Start, point to All Programs, point to Administrative Tools, and then click Office
   Communications Server 2007 R2.
3. In the console tree, right-click the forest node.
4. Click Properties, and then click Conferencing Attendant Properties.
5. On the Access Phone Numbers tab, click Add.
6. On the Add Conferencing Attendant Number dialog box, specify the following:
       In Display number, type the conference call phone number that public switched
         telephone network (PSTN) phone users can dial to join a conference. (This number is
         displayed in meeting invitations and on the Dial-in Conferencing Web page.)
       In Display name, type a clear, meaningful description for the conference call phone
         number. This is the name that will be associated with the conference call phone
         number in Office Communicator search results.
       In Line URI, type the E.164 number of the conference call phone number in TEL URI
         format, including the + symbol before the number and excluding spaces. For
         example, tel:+14255550200.
       Optionally, in SIP URI, click the text box, type a unique SIP URI for this Conferencing
         Attendant access phone number. This SIP URI will be displayed in various locations
         including, but not limited to, call notification messages and in previous versions of
         Communicator clients.

         Note
The same SIP URI cannot be reused by another Conferencing Attendant access phone
number.
If you prefer, you can use the automatically generated SIP URI.
       In SIP URI, in the drop-down list box, click the domain of the Conferencing Attendant
         application that will support this conference call phone number.
7. Optionally, to use an existing contact object instead of creating a new Active Directory
   Domain Services contact object for the specified conference call phone number, click
   Advanced.

    Important:
         If you want to use an existing contact object, you must have Read/write
         permissions to the OU that contains the contact object. To specify this advanced
         setting, you must delegate permissions to the RTCUniversalServerAdmins group.
8. If necessary, delegate permissions to the RTCUniversalServerAdmins group by running
   the following command: Lcscmd.exe /domain
   /action:CreateLcsOUPermissions /OU:OU=<DN of the OU where the
   contact object resides> /ObjectType:AppContact where OU is the DN of the
   organizational unit containing the contact object to which you are granting administrative
   permissions, excluding the domain root portion of the DN. Otherwise, skip to the next
   step.

                                                                                              18
    9. In the Advanced Configuration dialog box, select the Specify an Active Directory
       Contact object check box, type the DN of the contact object you want to use, and then
       click OK.
    10. Under Serviced by pool, in the drop-down list box, click the pool that is running the
        instance of Conferencing Attendant that will support this conference call phone number.
    11. Under Language Settings, click the Primary language drop-down list box, and then
        click the language in which prompts will be played for this conference call phone number.
        (Supported languages are displayed alongside each access phone number in meeting
        invitations and on the Dial-in Conferencing Web page.)
    12. Optionally, to provide users with additional language options for this conference call
        phone number, click Add.
    13. In the Select Language dialog box, click the Available languages drop-down list box,
        click an additional language that you want to support for callers to this conference call
        phone number, and then click OK. (You can select up to four secondary languages for
        each access phone number.)
    14. When you are finished, click OK.



Configure Regions for Dial-in Conferencing
Access Numbers
Important:
    Before you can configure Conferencing Attendant regions as described in this topic, you
    must configure at least one conference access phone number and at least one location
    profile as described in Step 2. Create Location Profiles in the Deploying Enterprise Voice
    documentation.
Although you are not required to deploy Enterprise Voice to enable dial-in conferencing, you must
deploy and configure certain components and features of Enterprise Voice, such as location
profiles. When you configure a region for Conferencing Attendant, you specify which Enterprise
Voice location profile will route calls and be used to translate phone number extensions for user
authentication. A location profile specifies a set of phone number normalization rules to be
applied to numbers that are dialed from a specific location. The same phone number dialed from
different locations can, based on the respective location profiles, resolve to different E.164
numbers, as appropriate to each location. For details, see Configuring Conferencing Attendant.
The region displayed alongside each conference access number in the meeting options for
meeting invitations and on the Dial-in Conferencing Settings Web page will be derived from the
Display text value of the assigned location profile.

Configure regions
    1. Log on to the Office Communications Server where you want to run the Conferencing
       Attendant application as a member of the Administrators group, the Domain Admins


                                                                                                    19
       group, and the RTCUniversalServerAdmins group.
   2. Click Start, point to All Programs, point to Administrative Tools, and then click Office
      Communications Server 2007 R2.
   3. In the console tree, right-click the forest node.
   4. Click Properties, and then click Conferencing Attendant Properties.
   5. Click the Regions tab, and then click Add.
   6. In the Add Region dialog box, click the Location profile list, and then click the location
      profile that you want to use with Conferencing Attendant, and then click OK.
   7. Under Assigned access numbers, click Select.
   8. In the Select Region Access Numbers dialog box, under Available, click the
      conference call phone number that will be associated with the specified region and
      location profile, click > to add the number to the Configured list, and then click OK.
   9. When you are finished, click OK, and then click OK again.




Configure Dial-in Conferencing PIN Settings
To enable Office Communications Server 2007 R2 users with Active Directory Domain Services
(AD DS) credentials in your organization to join a dial-in conference as authenticated users,
configure personal identification number (PIN) settings for Conferencing Attendant.

Configure PIN settings
   1. Click Start, point to All Programs, point to Administrative Tools, and then click Office
      Communications Server 2007 R2.
   2. In the console tree, expand the forest node.
   3. Do one of the following:
          Expand Enterprise pools.
          Expand Standard Edition Servers.
   4. Right-click the name of the pool for which you want to configure user PIN settings, click
      Properties, and then click Front End Properties.
   5. Click the PSTN Conferencing tab, and then do the following:
          Click Min. personal PIN length (3-24), and then type the minimum number of
            numeric digits that user must specify when creating a PIN for dial-in conferencing.
          Click Total number of retries, and then type the maximum number of times that a
            user can enter the wrong PIN before dial-in conferencing is disabled for the user
            account.
   6. Select the Enable PIN expiration check box, click the PIN expires after (days) box, and
      then type the number of days that a PIN is valid.



                                                                                                  20
Configure Static Routes for Communicator
Web Access Users
In Office Communications Server 2007 R2, meeting invitations provide users with an option to
join a conference call using a Web browser. When a user chooses this option, the user joins the
conference using the Communicator Web Access client. Communicator Web Access enables
users to join the audio portion of the conference by connecting the user’s telephone to the public
switched telephone network (PSTN). This is known as PSTN dial-out. If a conference call
supports dial-in audio conferencing, Communicator Web Access initiates PSTN dial-out to the
dial-in conferencing access phone number to add the user to conference audio.
If you have deployed the Mediation Server and media gateway required to support calls to the
public switched telephone network (PSTN), and enabled Enterprise Voice for Communicator Web
Access users, no additional configuration is required to support audio conferencing for
Communicator Web Access users. However, if you have not deployed Enterprise Voice, you must
configure static routes to enable dial-in conferencing for Communicator Web Access users. For
procedures, see Configuring Audio Conferencing for Communicator Web Access.



Deploy the Conferencing Add-in for
Microsoft Office Outlook
The Conferencing Add-in for Microsoft Office Outlook can be used to do the following:
   Schedule a conference call.
   Schedule a Microsoft Office Live Meeting 2007 meeting or Microsoft Office Communicator
     conference in the same way that you schedule and invite attendees to other meetings, and
     define participants as attendees or presenters.
   Initiate a Meet Now meeting.
   Set meeting options, including support for dial-in conferencing.
If you have deployed Office Communications Server 2007 R2 and have configured dial-in
conferencing support, you can deploy the add-in to enable users to include dial-in conferencing
as a meeting option.
The Conferencing Add-in for Microsoft Office Outlook is available as a separate download:
ConfAddins_Setup.exe.

Deploying the Add-in
You can perform an IT-managed roll-out, or allow your end users to install the add-in individually.




                                                                                                  21
Welcome Users to Dial-in Conferencing
When you are ready for users to begin using dial-in conferencing, you can announce support for
dial-in conferencing by sending e-mail to your users using one of the e-mail templates included
with the Office Communications Server 2007 R2 documentation. For your convenience, the same
e-mail text is provided in text (.txt), Microsoft Office Word 97-2003 document (.doc), Word 2007
document (.docx), Word 97-2003 template (.dot), Word 2007 template (.dotx), and Microsoft
Office Outlook message (.msg) format.

Note:
    Ensure that you notify users that the Conferencing Add-in for Microsoft Office Outlook is
    a prerequisite to scheduling Web conferences.

To edit the e-mail template

Important:
    Before you use the e-mail template to announce support for dial-in conferencing to users,
    you must replace the placeholder text in the e-mail template with connection information
    specific to your organization.

    1. Do one of the following:
           Install documentation for Office Communications Server 2007 R2 by running the
             Microsoft Windows Installer file (.msi) UCDocumentation.msi.
           Download one or more of the dial-in conferencing e-mail templates from the Microsoft
             Download Center at http://go.microsoft.com/fwlink/?LinkId=151776.
    2. On the computer where you installed documentation for Office Communications Server
       2007 R2 using the Microsoft Windows Installer file (.msi) UCDocumentation.msi or where
       you downloaded the dial-in conferencing e-mail templates, use a text editor to open one
       of the files in the <drive>:\Program Files\Microsoft Office Communications Server
       2007 R2\Documentation\Dial-in Conferencing\Welcome E-mail Templates folder.
    3. In the file, under Set Your PIN, do the following:
           If you deployed Communicator Web Access to support unsecured HTTP
             connections, in place of https, type http.
           In place of the placeholder text <domainnameofyourCWAserver>, type the URL of
             your Communicator Web Access virtual server.

             Note:
                 Verify that the URL of the virtual server can be accessed by the users to
                 which you send this e-mail. For example, if you send this e-mail to users who
                 are outside the organization’s firewall, ensure that you type the URL of the
                 external virtual server as published when you deployed Communicator Web
                 Access.
    4. Replace the default conference access phone number with the phone number that public

                                                                                                 22
        switched telephone network (PSTN) phone users can dial to join conferences that are
        hosted on your organization’s on-premises servers.
     5. Make additional optional modifications, if necessary, and then save your changes.



Deploy SIP Trunking
If your organization does not already use a media gateway to provide connectivity to the public
switched telephone network (PSTN), you are not required to deploy a media gateway to support
PSTN dial-in conferencing. Instead, you can connect your organization’s voice network to a
service provider that offers PSTN origination and termination. This capability, which is known in
the telecommunications industry as SIP trunking, means that organizations do not need to deploy
IP-PSTN gateways, with or without Mediation Servers, in order to enjoy the benefits of PSTN
connectivity. SIP trunking offers your organization the option to route communications directly
over a virtual private network (VPN) without using the PSTN.
To deploy SIP trunking, you must complete the steps described in Step 5. Deploy a Mediation
Server in the Enterprise Voice deployment section, including Deploying SIP Trunking (Optional).
Also, see the documentation provided by your equipment manufacturer and your SIP trunking
service provider.
The SIP trunking provider must also configure the service at its end of the VPN to complete the
deployment.



Appendix: Deploying Dial-In Conferencing
To facilitate access to dial-in conferencing requirements documented in the Planning and
Architecture documentation, the following topic is replicated in this Appendix
In This Section
   Dial-In Conferencing Support
   Accounts and Permissions Requirements


Dial-In Conferencing Support
This topic describes the prerequisites and requirements for the deployment of dial-in conferencing
as well as the overall deployment process.


Feature Components
Dial-in conferencing is a feature of Office Communications Server 2007 R2 that requires no
components of its own. However, you must deploy the following components before you can
configure dial-in conferencing support:
   Office Communications Server 2007 R2 Enterprise Edition or Standard Edition
                                                                                                  23
   Application server, which is installed automatically when you deploy Office Communications
     Server 2007 R2
   Conferencing Attendant and Conferencing Announcement Service unified communications
     applications
   The 2007 R2 version of Office Communicator Web Access server
   Office Communications Server 2007 R2 Mediation Server
   A third-party media gateway
   Conferencing Add-in for Microsoft Office Outlook


Deployment Prerequisites
To provide support for dial-in conferencing in your organization, you must deploy and configure a
variety of different server roles, features, policies, and applications. Users on the public switched
telephone network (PSTN) will not be able to dial in to conferences until after the dial-in
conferencing deployment process has completed.

Note:
     The deployment and configuration process for Office Communications Server, the
     Communicator Web Access server, and the Mediation Server are mentioned in this topic
     to provide context, but the planning and deployment information for those servers are
     described in detail in other sections of this documentation set.


Office Communications Server
Dial-in conferencing requires that you deploy Office Communications Server internally, including
Conferencing Attendant and Conferencing Announcement Service unified communications
applications. Before you deploy an Office Communications Server Enterprise Edition pool or
Standard Edition server, ensure that your IT infrastructure, network, and systems meet the
infrastructure requirements described in Office Communications Server Infrastructure
Requirements.
You must install and activate the Conferencing Attendant and Conferencing Announcement
Service applications by doing the following:
   If you are deploying Conferencing Attendant and Conferencing Announcement Service in an
     Enterprise pool, create a pool, configure the pool, and then add a server to the pool as
     described in the Create the Pool, Configure Pool and Applications, and Add Servers to the
     Pool topics in the Deploying Office Communications Server 2007 R2 Enterprise Edition
     documentation.
   If you are deploying Conferencing Attendant and Conferencing Announcement Service on a
     Standard Edition server, install a server as described in Install Standard Edition Server in the
     Deploying Office Communications Server 2007 R2 Standard Edition documentation.
Any or all unified communications applications can be activated during the pool configuration or
server installation process. If you do not activate Conferencing Attendant and Conferencing


                                                                                                   24
Announcement Service during your initial deployment of Office Communications Server 2007 R2,
you can activate the applications later either by doing one of the following:
   In an Enterprise pool, rerun the Add Servers to the Pool task in the Deploying Office
     Communications Server 2007 R2 Enterprise Edition documentation.
   On a Standard Edition server, rerun the Configure Standard Edition Server task in the
     Deploying Office Communications Server 2007 R2 Standard Edition documentation.
   From the Office Communications Server 2007 R2 snap-in, run the Application Activation
     Wizard as described in Activate an Application in the Deploying Unified Communications
     Applications documentation.
The installation and activation process for all unified communications applications, including the
Conferencing Attendant and Conferencing Announcement Service applications required for dial-in
conferencing, are integrated into the Office Communications Server Front End Server installation
and pool configuration processes.


Communicator Web Access
After you deploy Office Communications Server, you must also deploy Communicator Web
Access. Before you deploy Communicator Web Access, ensure that your IT infrastructure,
network, and systems meet the infrastructure requirements described in Office Communications
Server Infrastructure Requirements.
The Dial-in Conferencing Settings Web page is hosted by Communicator Web Access and
installed on the Communicator Web Access server by default. The Dial-in Conferencing Settings
Web page enables users to view conference access phone numbers, view or modify their
assigned conference information, or create or modify their personal identification numbers (PINs).
You must deploy at least one internal virtual server and publish the URL for that server. You can
optionally also deploy an external virtual server and publish the external virtual server to provide
access to the Dial-in Conferencing Settings Web page outside your organization’s firewall. If you
deploy and publish an external virtual server, users who access the page by using a link in a
meeting invitation created by the Conferencing Add-in for Microsoft Office Outlook will see the
Dial-In Conferencing Settings Web page that is on the external virtual server by default.


Enterprise Voice
Conferencing Attendant is designed to use components and features of Enterprise Voice by
default, but you can configure support for dial-in conferencing in your organization whether or not
you have deployed Enterprise Voice for Office Communications Server 2007 R2. Before you
deploy any Enterprise Voice components or features, ensure that your IT infrastructure, network,
and systems meet the infrastructure requirements described in Enterprise Voice Deployment
Requirements.
At a minimum, dial-in conferencing requires that you perform the following Enterprise Voice
deployment tasks:
   Create one or more location profiles with normalization rules that will route Conferencing
     Attendant calls.

                                                                                                  25
   Configure a global policy to specify that dial-in conferencing support can be added to
     meetings and to specify whether anonymous users are allowed to participate in any type of
     conference.
   Deploy a Mediation Server to route calls to and from the PSTN.
   Deploy a third-party basic media gateway or configure the Mediation Server to perform SIP
     trunking.
If you are using a media gateway instead of SIP trunking, to support dial-in conferencing, you
must also configure the media gateway with one or more direct inward dial (DID) phone numbers
to use as conference access phone numbers. You must also configure user accounts with a
normalized phone number.
For details about configuring location profiles, see Step 2. Create Location Profiles in the
Deploying Enterprise Voice documentation.
For details about deploying a Mediation Server, see Step 5. Deploy a Mediation Server in the
Deploying Enterprise Voice documentation.
For details about deploying and configuring a media gateway, see the documentation provided by
the manufacturer of your media gateway.
For details about deploying SIP trunking, see Deploy SIP Trunking in the Deploying Dial-in
Conferencing documentation and Configuring a Mediation Server in the Deploying Enterprise
Voice documentation.


Conferencing Attendant
Although Conferencing Attendant is installed and activated when you deploy Office
Communications Server, you cannot configure most Conferencing Attendant settings until after
you deploy the certain components of Enterprise Voice. As a result, we recommend that you
configure all Conferencing Attendant settings after you deploy features of Enterprise Voice as
described earlier in this topic.
In Conferencing Attendant settings, you must configure at least one conference access phone
number, including settings for each phone number such as the display name, assigned pool,
supported languages, and the location profile to use, among others.
For details about configuring Conferencing Attendant, see Configuring Conferencing Attendant in
the Deploying Dial-In Conferencing documentation.


Optional Deployment Processes
After you complete the processes described earlier in this topic, dial-in conferencing support is
functionally deployed. You can complete the processes described in this section to provide
additional functionality to users of dial-in conferencing.

Conferencing Add-in for Microsoft Office Outlook
The Conferencing Add-in for Outlook enables users to schedule conferences with support for dial-
in conferencing. Without the add-in, users can either use dial-in conferencing ad hoc or they can


                                                                                                    26
manually create meeting invitations that contain the conference access numbers and their
personal dial-in conferencing information.
You can deploy the add-in to client computers at any time, but we recommend that you do not
deploy the add-in until you complete the deployment steps described earlier in this topic.

E-Mail Announcement
You can optionally complete the dial-in conferencing deployment process by announcing support
for dial-in conferencing to your users. For your convenience, you can customize the “Welcome to
Dial-in Conferencing” e-mail message included with the Office Communications Server 2007 R2
documentation.
You can send the e-mail announcement to users at any time, but we recommend that you do not
announce support for dial-in conferencing until you complete the deployment steps described
earlier in this topic.


Port Requirements
Unified communications application deployment is integrated with the Office Communications
Server 2007 R2 deployment process. As a result, the requirements to deploy the application
server and to install the applications are the same as those for configuring a pool and adding a
Front End Server or installing a Standard Edition server in Office Communications Server 2007
R2. However, the applications do use different default SIP listening ports. If you use a load
balancer, ensure that the load balancer is configured with the ports used by any applications that
will run in the pool.
The following is the default port allocation for the Conferencing Attendant and Conferencing
Announcement Service applications.

Table 1. Application Listening Ports

Application                                       Port

Conferencing Attendant                            5072

Conferencing Announcement Service                 5073


Note:
    All instances of the same application in a pool use the same SIP listening port.
For details about the permissions required to configure a pool, see the Configure Pool and
Applications topic in the Deploying Office Communications Server 2007 R2 Enterprise Edition
documentation.
For details about the permissions required to install and activate a Front End Server, see the Add
Servers to the Pool topic in the Deploying Office Communications Server 2007 R2 Enterprise
Edition documentation. For details about the permissions required to install and activate a
Standard Edition server, see the Install Standard Edition Server topic in the Deploying Office
Communications Server 2007 R2 Standard Edition documentation.

                                                                                                27
For details about server hardware and software requirements, client hardware and software
requirements, infrastructure requirements, and load balancer requirements required to deploy an
Office Communications Server Front End Server, see Office Communications Server
Infrastructure Requirements.


Deployment Process
In summary, to support dial-in conferencing, perform the following steps.

Table 2. Dial-in Conferencing Deployment Process

Phase             Steps                         Permissions                 Documentation

Install and       All unified                   Administrators group        In the Office
activate Office   communications                RTCUniversalServerAdmins    Communications
Communicati       applications and the          group                       Server 2007 R2
ons Server        application server are                                    deployment process:
                                                Domain Admins group
2007 R2.          installed by default.                                        Configure Pool
                     In an Enterprise                                          and Applications
                       Edition deployment,                                       in the Deploying
                       activate the                                              Office
                       Conferencing                                              Communications
                       Attendant and                                             Server 2007 R2
                       Conferencing                                              Enterprise Edition
                       Announcement                                              documentation
                       Service applications                                      (for an Enterprise
                       during the pool                                           Edition
                       configuration process.                                    deployment)
                     In a Standard Edition                                   Add Servers to
                       deployment, activate                                      the Pool in the
                       the Conferencing                                          Deploying Office
                       Attendant and                                             Communications
                       Conferencing                                              Server 2007 R2
                       Announcement                                              Enterprise Edition
                       Service applications                                      documentation
                       during the server                                         (for an Enterprise
                       installation process.                                     Edition
                                                                                 deployment)
                                                                               Install Standard
                                                                                 Edition Server in
                                                                                 the Deploying
                                                                                 Office
                                                                                 Communications
                                                                                 Server 2007 R2

                                                                                                 28
Phase           Steps                       Permissions            Documentation
                                                                      Standard Edition
                                                                      documentation
                                                                      (for a Standard
                                                                      Edition
                                                                      deployment)

Install,        Install Communicator        Administrators group   Installing and
activate, and   Web Access server to        Domain Admins group    Activating
configure the   host the Dial-in                                   Communicator Web
2007 R2         Conferencing Web page                              Access
version of      for users to manage their                          Creating a
Microsoft       PIN and conference                                 Communicator Web
Office          information. The Dial-in                           Access Virtual Server
Communicato     Conferencing Web page
                                                                   Publishing
r Web Access    is installed by default
                                                                   Communicator Web
server.         when you install the
                                                                   Access URLs
                Communicator Web
                Access server. Publish
                Communicator Web
                Access URLs to make the
                Dial-in Conferencing Web
                page discoverable.
                1. Install Communicator
                   Web Access.
                2. Activate
                   Communicator Web
                   Access.
                3. Create an internal
                   virtual server.
                4. Publish
                   Communicator Web
                   Access URLs.

Optionally,     Enable access to the Dial- Administrators group    Installing and
enable          in Conferencing Web        Domain Admins group     Activating
remote user     page from outside your                             Communicator Web
access to       organization’s firewall.                           Access
Communicato     1. Create an external                              Creating a
r Web              virtual server.                                 Communicator Web
Access.                                                            Access Virtual Server
                2. Optionally, use a
                   reverse proxy to                                Using a Reverse


                                                                                      29
Phase            Steps                        Permissions                Documentation
                      publish                                            Proxy to Enable
                      Communicator Web                                   Remote User Access
                      Access for remote
                      users.

Test the Dial-   Sign in to the Dial-in    Office Communications         Testing the Web Site
in               Conferencing Web page     Server 2007 R2 user           in the Deploying
Conferencing     using the URI                                           Communicator Web
Web page.        https://<internalCWAserve                               Access
                 r_FQDN>/dialin and, if                                  documentation
                 remote user access is
                 enabled,
                 https://<externalCWAserv
                 er_FQDN>/dialin.

Create one or    Create location profiles  RTCUniversalServerAdmins      In the Enterprise
more location    with normalization rules  group                         Voice deployment
profiles, and    that will route                                         process:
then assign      Conferencing Attendant                                     Step 2. Create
default          calls as well as enable                                      Location Profiles
location         Conferencing Attendant to
                                                                            Step 4. Assign
profiles.        perform PIN-based user
                                                                              Location Profile to
                 authentication, and then
                                                                              Pool
                 assign a default location
                 profile to each pool.                                        topics in the
                                                                              Deploying
                 Location profile
                                                                              Enterprise Voice
                 descriptions are used to
                 specify regions for                                          documentation
                 conference access phone
                 numbers.

Optionally,      Specify minimum PIN          RTCUniversalServerAdmins   Configure Dial-in
verify or        length, maximum retry        group                      Conferencing PIN
modify user      attempts, and PIN                                       Settings in the
PIN              expiration.                                             Deploying Dial-In
requirements.                                                            Conferencing
                                                                         documentation

Configure a      Configure settings on the    RTCUniversalServerAdmins   Configure a Global
global policy    Meetings tab in Office       group                      Policy to Support Dial-
to support       Communications Server                                   in Conferencing in the
dial-in          Global Properties to do                                 Deploying Dial-In
conferencing.    the following:                                          Conferencing
                    Specify whether users                              documentation

                                                                                              30
Phase             Steps                        Permissions                Documentation
                       can invite anonymous
                       participants to any
                       type of conference or
                       meeting.
                     Create and assign a
                       global policy that
                       enables PSTN dial-in
                       conferencing support.

Deploy a          Deploy a Mediation           RTCUniversalServerAdmins   Step 5. Deploy a
Mediation         Server to route calls to     group                      Mediation Server in
Server.           and from the PSTN.                                      the Deploying
                                                                          Enterprise Voice
                                                                          documentation

Deploy a          Deploy a media gateway       RTCUniversalServerAdmins   Documentation
third-party       to connect to the PSTN.      group (to configure the    provided by the
basic media       OR                           Mediation Server)          manufacturer of your
gateway.                                       Administrator of the SIP   media gateway, if you
                  Configure the Mediation
OR                                             trunking provider          deploy a media
                  Server to connect to a
                                                                          gateway
Configure the     service provider offering
Mediation         PSTN origination and                                    OR
Server to         termination, also known                                 Deploy SIP Trunking
perform SIP       as “SIP trunking”.                                      in the Deploying
trunking.                                                                 Enterprise Voice
                                                                          documentation, if you
                                                                          deploy SIP trunking
                                                                          Configuring a
                                                                          Mediation Server in
                                                                          the Deploying
                                                                          Enterprise Voice
                                                                          documentation, if you
                                                                          deploy SIP trunking

Configure         Configure the media      Administrator on the media     Documentation
your              gateway with one or more gateway                        provided by the
organization’s    DID phone numbers to                                    manufacturer of your
media             use as conference access                                media gateway
gateway to        phone numbers.
support dial-in
conferencing.



                                                                                                31
Phase            Steps                      Permissions                   Documentation

Configure        Configure conference       RTCUniversalServerAdmins      Configuring
Conferencing     access phone numbers       group                         Conferencing
Attendant.       and settings.                                            Attendant in the
                                                                          Deploying Dial-In
                                                                          Conferencing
                                                                          documentation

Enable dial-in   Deploy the Conferencing     Administrators group         Deploy the
conference       Add-in for Microsoft Office                              Conferencing Add-in
scheduling.      Outlook to enable users to                               for Microsoft Office
                 schedule conferences                                     Outlook in the
                 with support for dial-in                                 Deploying Dial-In
                 conferencing.                                            Conferencing
                                                                          documentation

Configure        Configure the Line URI     RTCUniversalUserAdmins        Configure Users in
user account     setting of Telephony       group, to configure user      the Deploying Office
properties.      Options for user           accounts                      Communications
                 accounts with a            DomainAdmins group, to        Server 2007 R2
                 normalized phone           configure normalized phone    Enterprise Edition
                 number.                    numbers in Active Directory   documentation or in
                                            Domain Services (AD DS)       the Deploying Office
                                                                          Communications
                                                                          Server 2007 R2
                                                                          Standard Edition
                                                                          documentation

Configure        Configure a static route   Administrators group          Configure Static
static routes.   for each pool to route     RTCUniversalServerAdmins      Routes for
                 calls to the Conferencing  group                         Communicator Web
                 Attendant to the Mediation                               Access Users in
                 Server to enable                                         Deploying Dial-In
                 Communicator Web                                         Conferencing in the
                 Access users to join dial-                               Deployment
                 in conferences using                                     documentation
                 PSTN dial-out.                                           Configuring Audio
                                                                          Conferencing for
                                                                          Communicator Web
                                                                          Access in the
                                                                          Deploying
                                                                          Communicator Web
                                                                          Access
                                                                          documentation

                                                                                              32
Phase            Steps                         Permissions                      Documentation

Welcome          Customize the “Welcome Administrators group                    Welcome Users to
users to dial-   to Dial-in Conferencing” e-                                    Dial-in Conferencing
in               mail message included                                          in the Deploying Dial-
conferencing.    with the Office                                                In Conferencing
                 Communications Server                                          documentation
                 2007 R2 documentation,
                 and then send the e-mail
                 message to users.




Accounts and Permissions Requirements
Security requirements for Office Communications Server 2007 R2 include the following:
   Administrative credentials
   Security levels
   Media gateway security


Administrative Credentials
The following table outlines the permissions required to deploy the various server roles.

Note:
     By default, membership in the Domain Admins group is required to deploy or activate a
     server that is joined to an Active Directory domain. If you do not want to grant this level of
     privilege to the group or users deploying Office Communications Server, you can use the
     setup delegation wizard to provide a specific group the subset of permissions required for
     this task.

Table 1. Administrative Credentials Required for Deployment Tasks

Procedure                                            Administrative credentials or roles required

Standard Edition

Install prerequisite software                        RTCUniversalServerAdmins group
                                                     Domain Admins group

Prepare Active Directory Domain Services             Member of Schema Admins group and
(AD DS)                                              Administrator rights on the schema master
                                                     Member of EnterpriseAdmins group for the
                                                     forest root domain
                                                     Member of EnterpriseAdmins or DomainAdmins
                                                     group

                                                                                                      33
Procedure                                       Administrative credentials or roles required

Prepare Windows for setup                       Administrators group

Create and verify DNS records                   DNS Admins group

Deploy and activate Standard Edition server     RTCUniversalServerAdmins group
and applications                                Domain Admins group

Configure Standard Edition server               RTCUniversalServerAdmins group

Configure certificates for Office               Administrators group
Communications Server                           RTCUniversalServerAdmins group

Start the services                              RTCUniversalServerAdmins group

Validate server configuration                   RTCUniversalServerAdmins group

Optionally, configure A/V and Web               RTCUniversalServerAdmins group
conferencing

Enterprise Edition, Consolidated Topology

Install prerequisite software                   RTCUniversalServerAdmins group
                                                Domain Admins group

Prepare AD DS                                   Member of the Schema Admins group and
                                                Administrator rights on the schema master
                                                Member of the EnterpriseAdmins group for the
                                                forest root domain
                                                Member of the EnterpriseAdmins or
                                                DomainAdmins group

Prepare Windows for setup                       Administrators group

Install SQL Server                              Local Administrator

Configure SQL Server for Office                 SQL Server administrator
Communications Server                           Local administrator

Optionally, configure a load balancer for the   Load balancer administrator
pool

Create and verify DNS records                   DNS Admins group

Create the pool                                 RTCUniversalServerAdmins group
                                                Domain Admins group

Configure the pool and applications             RTCUniversalServerAdmins group

Add servers to the pool                         Administrators group

                                                                                               34
Procedure                                       Administrative credentials or roles required
                                                RTCUniversalServerAdmins group
                                                Domain Admins group

Configure certificates for Office               Administrators group
Communications Server                           RTCUniversalServerAdmins group

Start the services                              RTCUniversalServerAdmins

Validate the server and pool configuration      RTCUniversalServerAdmins

Dial-in Conferencing

Install and activate Office Communications      Administrators group
Server 2007 R2                                  RTCUniversalServerAdmins group
                                                Domain Admins group

Activate Conferencing Attendant and             RTCUniversalServerAdmins group
Conferencing Announcement Service               Domain Admins group
applications

Install, activate, and configure the 2007 R2    Administrators group
version of Microsoft Office Communicator Web    Domain Admins group
Access server

Optionally, enable remote user access to        Administrators group
Communicator Web Access                         Domain Admins group

Test the Dial-in Conferencing Web page          Office Communications Server 2007 R2 user

Create one or more location profiles            RTCUniversalServerAdmins group

Configure a global policy to support dial-in    RTCUniversalServerAdmins group
conferencing

Deploy a Mediation Server                       RTCUniversalServerAdmins group

Deploy a third-party basic media gateway        RTCUniversalServerAdmins group (to configure
OR                                              Mediation Server)

Configure the Mediation Server to perform SIP   Administrator of the SIP trunking provider
trunking

Response Group Service

Install and activate Office Communications      Administrators group
Server 2007 R2                                  RTCUniversalServerAdmins group
                                                Domain Admins group

Activate the Response Group Service             RTCUniversalServerAdmins group

                                                                                               35
Procedure                                     Administrative credentials or roles required
application                                   Domain Admins group

Add agents, create agent groups, and create   RTCUniversalServerAdmins group
queues for the server pool

Create the workflows                          RTCUniversalServerAdmins group

Configure the Response Group tab              Domain Admins group

Archiving Server

Install prerequisite software                 Administrators group and Domain Admins
                                              group (to install Message Queuing with Active
                                              Directory integration enabled)

Install and activate Archiving Server         Administrators group
                                              Domain Admins or RTCUniversalServerAdmins
                                              group

Configure Archiving Server associations       Administrators group

Configure users for archiving                 RTCUniversalUserAdmins group

Start the archiving services                  RTCUniversalUserAdmins Group

Monitoring Server

Install prerequisite software                 Administrators group
                                              Domain Admins group (to install Message
                                              Queuing with Active Directory integration
                                              enabled)

Install and activate Monitoring Server        Administrators group
                                              Domain Admins or RTCUniversalServerAdmins
                                              group

Start the services                            Administrators group

Deploy Monitoring Server reports              Administrators group

Configure Monitoring Server associations      Administrators group

Communicator Web Access

Install and activate                          Domain Admins

Create virtual server                         Domain Admins, or
                                              RTCUniversalServerAdmins and local
                                              Administrators

Publish Communicator Web Access URLs          Domain Admins, or

                                                                                             36
Procedure                                       Administrative credentials or roles required
                                                RTCUniversalServerAdmins and local
                                                administrators

Manage Communicator Web Access settings         Domain Admins, or
                                                RTCUniversalServerAdmins and local
                                                administrators

Group Chat

Create SQL Server database                      Database administrator

Set up Group Chat accounts and permissions      Administrators group

Obtain certificates for Group Chat              Administrators group

Install Group Chat                              Administrators group

Configure Web site settings in IIS              Administrators group

Connect the Group Chat Administration Tool to   Administrators group
Group Chat                                      Channel service administrator

Configure Group Chat user access                Administrators group

Deploy archiving and compliance support         Database administrator
                                                Administrators group

Administrative Tools

Install Administrative Tools on a centralized     Administrators group
administrative console that is not running Office Domain Admins group
Communications Server

Configure user account settings                 RTCUniversalUserAdmins

Configure all other settings (other than user   RTCUniversalServerAdmins
account settings)

Edge Server

Set up the infrastructure for Edge Servers      Administrators group

Set up Edge Servers                             Administrators group
                                                Domain Admins or RTCUniversalServerAdmins
                                                group

Configure the environment                       Administrators group
                                                Domain Admins or RTCUniversalServerAdmins
                                                group



                                                                                               37
Procedure                                         Administrative credentials or roles required

Validate edge configuration                       Administrators group
                                                  Domain Admins or RTCUniversalServerAdmins
                                                  group

Communicator Mobile for Windows Mobile

Install prerequisites                             Administrator

Install Communicator Mobile for Windows           Administrator
Mobile

Install self-signed certificates                  Administrator

Configure the client                              Administrator

Test IM and presence                              Administrator

Communicator Mobile for Java

Verify that prerequisites and dependencies are    Administrator
met

Deploy the Communicator Mobile component          Administrator

Install Communicator Mobile for Java client       Administrator
software

Configure and use the client                      Administrator

Test IM and presence                              Administrator

Outside Voice Control

Install and activate Office Communications        Administrators group
Server 2007 R2                                    RTCUniversalServerAdmins group
                                                  Domain Admins group

Activate Outside Voice Control application        RTCUniversalServerAdmins group
                                                  Domain Admins group

Start the application                             RTCUniversalServerAdmins group

Test Outside Voice dialing on a supported         Office Communications Server 2007 R2 user
mobile client

Enterprise Voice with PBX Coexistence

Deploy Office Communications Server,                 Create Enterprise pool:
including Mediation Server that connects to the        RTCUniversalServerAdmins and Domain
PBX                                                    Admins or equivalent credentials


                                                                                                 38
Procedure                                   Administrative credentials or roles required
                                               Configure pool:
                                                 RTCUniversalServerAdmins
                                               Add server to pool:
                                                 RTCUniversalServerAdmins
                                               Configure certificate:
                                                 RTCUniversalServerAdmins
                                               Configure Web Components Server
                                                 certificate: Local Administrator credentials
                                               Validate server and pool functionality:
                                                 RTCUniversalServerAdmins

Deploy Office Communicator 2007             Administrator on the computer on which Office
                                            Communicator is being installed

Enable users for IM and presence            RTCUniversalUserAdmins group

Configure Communications Server for         RTCUniversalServerAdmins group
Enterprise Voice

Configure PBX to fork calls to Office       RTCUniversalServerAdmins (to get information
Communications Server                       from AD DS to convert an extension into the
                                            correct telephone URI)

Deploy media gateways (if required)         Media gateways are external systems their own
                                            authentication and authorization schemes. If
                                            the media gateway requires creation of trusted
                                            service entries, you must be at least a member
                                            of the RTCUniversalServerAdmins group.

Deploy RCC gateway (if required)            RCC gateways are external systems their own
                                            authentication and authorization schemes. You
                                            must be at least a member of the
                                            RTCUniversalServerAdmins group to create the
                                            required trusted service entries.

Enable users for Enterprise Voice and PBX   RTCUniversalUserAdmins group
integration

Enterprise Voice stand-alone (no PBX
coexistence)

Deploy Office Communications Server            Create enterprise pool:
                                                 RTCUniversalServerAdmins and Domain
                                                 Admins or equivalent credentials
                                               Configure pool:

                                                                                            39
Procedure                                    Administrative credentials or roles required
                                                  RTCUniversalServerAdmins
                                                Add server to pool:
                                                  RTCUniversalServerAdmins
                                                Configure certificate:
                                                  RTCUniversalServerAdmins
                                                Configure Web Components Server
                                                  certificate: Local Administrator credentials
                                                Validate server and pool functionality:
                                                  RTCUniversalServerAdmins

Deploy Office Communicator 2007              Administrator on the computer on which Office
                                             Communicator is being installed

Configure Office Communications Server for   RTCUniversalUserAdmins group
Enterprise Voice

Deploy Exchange Server 2007 Unified             For Office Communications Server:
Messaging and configure to integrate with         RTCUniversalServerAdmins group
Office Communications Server                    For Exchange Server: Exchange
                                                  Organization Administrators permissions
                                                  are sufficient when Office Communications
                                                  Server and Exchange Server are running in
                                                  the same forest.

                                                  Note:
                                                      The user account used to configure
                                                      Exchange Unified Messaging must
                                                      have READ access to Office
                                                      Communications Server pools in
                                                      AD DS and READ/WRITE access
                                                      on the Exchange configuration
                                                      containers (First Organization\UM
                                                      Dial Plan Container, UM IP
                                                      Gateway Container, UM Auto
                                                      Attendant Container, and so on).

Deploy media gateways                        Media gateways are external systems their own
                                             authentication and authorization schemes. If
                                             the media gateway requires creation of trusted
                                             service entries, you must be at least a member
                                             of the RTCUniversalServerAdmins group.

Enable users for Enterprise Voice            RTCUniversalUserAdmins group


                                                                                             40
Procedure                                         Administrative credentials or roles required

Device Update Service

Deployment                                        Device Update Service is automatically
                                                  installed on the Web Components Server.
                                                  There are no specific deployment permissions
                                                  needed outside those required to deploy
                                                  Standard Edition or Enterprise Edition.



Security Levels
The security levels required for deploying Office Communications Server 2007 R2 depend on the
components your organization plans to deploy.


Exchange UM Security Levels
An Exchange Unified Messaging (UM) dial plan supports three different security levels:
Unsecured, SIPSecured, and Secured. You configure security levels by means of the
VoipSecurity parameter of the UM dial plan. The following table shows appropriate dial plan
security levels depending on whether mutual TLS (MTLS) and/or Secure Real-Time Transport
Protocol (SRTP) are enabled or disabled.

Table 2. VoipSecurity Values for Various Combinations of Mutual TLS and SRTP

Security level                    Mutual TLS                       SRTP

Unsecured                         Disabled                         Disabled

SIPSecured                        Enabled (required)               Disabled

Secured                           Enabled (required)               Enabled (required)


When integrating Exchange UM with Communications Server 2007 R2, you need to select the
most appropriate dial plan security level for each voice profile. In making this selection, you
should consider the following:
   MTLS is required between Exchange UM and Office Communications Server. Therefore, the
     dial plan security level must not be set to Unsecured.
   When dial plan security is set to SIPSecured, SRTP is disabled. In this case, the Office
     Communicator 2007 R2 client encryption level must be set to either rejected or optional.
   When setting dial plan security to Secured, SRTP is enabled and is required by Exchange
     UM. In this case, the Office Communicator 2007 R2 client encryption level must be set to
     either optional or required.




                                                                                                  41
 Media Gateway Security
Media flowing both directions between the Mediation Server and Communications Server network
is encrypted using SRTP. Organizations that rely on IPsec for packet security are strongly
advised to create an exception on a small media port range if they are to deploy Enterprise Voice.
The security negotiations required by IPsec work for normal UDP or TCP connections, but they
can slow call setup to unacceptable levels.
Because a media gateway receives calls from the PSTN that can present a potential security
vulnerability, the following are recommended mitigation actions:
   Enable TLS on the link between the gateway and the Mediation Server. This will assure that
     signaling is encrypted end to end between the gateway and your internal users.
   Physically isolate the media gateway from the internal network by deploying the Mediation
     Server on a computer with two network adapters: the first accepting traffic only from the
     internal network, and the second accepting traffic from a media gateway. Each card is
     configured with a separate listening address so that there is always clear separation between
     trusted traffic originating in the Communications Server network and untrusted traffic from the
     PSTN.
     The internal edge of a Mediation Server should be configured to correspond to a unique static
     route that is described by an IP address and a port number. The default port is 5061.
     The external edge of a Mediation Server should be configured as the internal next-hop proxy
     for the media gateway. It should be identified by a unique combination of IP address and port
     number. The IP address should not be the same as that of the internal edge, but the default
     port is 5060.




                                                                                                 42

				
DOCUMENT INFO
Description: Micrsoft Office Communications Server 2007 R2 Documentation and Updates