locked
Director deployment RRS feed

  • Question

  • Currently we have an internal pool called ocspool which hosts all internal OCS users and authenticates them. We are about to design the edge environment and I would like to know:

    1. Do we need to create a separate pool name for the directors?
    2. Is it okay to have the internal pool (ocspool) authenticate the users instead of the director pool?
    3. Is there any special DNS entries that need setup for the director?

    Thank You,
    Tuesday, July 21, 2009 6:46 PM

Answers

  • 1.  A Director is basically a Standard or Enterpirse pool with no users in it. 
    2.  Yes, a Director can be used to handle inbound external connections from an Edge server, connections from internal users, or both.
    3.  You'll typically need to change existing Automatic Configuration DNS/A records to point to the Director if you plan to have internal logons supported by the Director, otherwise, no.

    Take a look at the deployment docs for more details: http://technet.microsoft.com/en-us/library/dd425352(office.13).aspx


    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Tuesday, July 21, 2009 7:13 PM
    Moderator

All replies

  • 1.  A Director is basically a Standard or Enterpirse pool with no users in it. 
    2.  Yes, a Director can be used to handle inbound external connections from an Edge server, connections from internal users, or both.
    3.  You'll typically need to change existing Automatic Configuration DNS/A records to point to the Director if you plan to have internal logons supported by the Director, otherwise, no.

    Take a look at the deployment docs for more details: http://technet.microsoft.com/en-us/library/dd425352(office.13).aspx


    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Tuesday, July 21, 2009 7:13 PM
    Moderator
  • The director role is typically used in high volume scenarios and can also be used to provide a higher level of security in the environment.

    In a high traffic volume scenario it takes the login load off the front end servers of the internal pool because it is able to authenticate and then redirect users to that pool. Because of that same functionality it also provides greater security if there are login attacks being performed on the Edge server, the director intercepts all login requests and will not allow these to pass through to the internal production pool because of failed authentication.

    Randy Wintle | MCTS: UC Voice Specialization | WinXnet Inc
    Tuesday, July 21, 2009 11:31 PM