Answered by:
Confiusing about DNS configuration

Question
-
I am a newbie on Office communication server 2007
I do some Lab in a single cpmouter in a LAN
1. Install Office communication server in this computer whithout install any edge server. and I am also install CA service and DNS in this computer.
this is computer is a domain controler, and
the domain name is ocslab.fw.nu,
the full computer name is : virtualpc.ocslab.fw.nu
sip domain is
cslab.fw.nu
certificate information:
Issued to: virtualpc.ocslab.fw.nu
Issued by: Virtual PC Enterprise Root CA
here fw.nu is a free dns name, and I set virtualpc.ocslab.fw.nu and ocslab.fw.nu domain name to the wan ip address of router and forwarding tcp port 5061 to this computer so that virutalpc.ocslab.fw nu and ocslab.fw.nu can be accessed by remote user via tcp port 5061.
and then I use communicator 2007 try to connect to office communication server from outside network, the client also install the certificate.the sign in address is user@ocslab.fw.nu , However it failes to automatically sign in, The following is communicator event log
Communicator was unable to locate the login server. No DNS SRV records exist for domain ocslab.fw.nu, so Communicator was unable to login.
Because I can not add any SRV records in free dns, so the question is how is it possibile let remote user auto sign in.
Thursday, September 13, 2007 5:49 AM
Answers
-
Hi,
For external users, you should really have an OCS Edge server for them to be able to connect. But, if you don't worry about security, then you can do it as you've laid out.
You also then need external DNS server with an SRV record for _sipinternal_tls.ocslab.fw.nu that points to an A record of your Edge Server's Access Edge interface (or in your case the servername): virtualpc.ocslab.fw.nu
But really, i would set up an edge server to make this work properly.
Regards,
Matt
Thursday, September 13, 2007 4:21 PM -
If you want to go all the way perhaps the OCS deployment guides are good reading material. You can download them as a package.
To quote the OCS Standard Edition Deployment Guide:
During DNS lookup, SRV records are queried in the following order:
1. _sipinternaltls._tcp.domain - for internal TLS connections
2. _sipinternal._tcp.domain - for internal TCP connections (performed only if TCP is allowed)
3. _sip._tls.domain - for external TLS connections
4. _sip._tcp.domain - for external TCP connections
Thursday, September 13, 2007 4:58 PM
All replies
-
Hi,
Try manual configuring the Communicator Client:
In the client go to tools -> options -> personal ->manual configuration
Choose "connect using TLS", use your external server name, and make sure you allow SSL through your firewall.
Regards, Steven
Thursday, September 13, 2007 1:26 PM -
Thanks for your reply,
I test manual configuration, the communicator can sign in to server.
I feel confused about the wods from Microsoft documents
"DNS Records Required for Automatic Client Sign-In. "
I am not sure which kind of DNS server should be configured, internal or external?
Thursday, September 13, 2007 3:12 PM -
external in your scenario
Thursday, September 13, 2007 3:27 PM -
Hi,
For external users, you should really have an OCS Edge server for them to be able to connect. But, if you don't worry about security, then you can do it as you've laid out.
You also then need external DNS server with an SRV record for _sipinternal_tls.ocslab.fw.nu that points to an A record of your Edge Server's Access Edge interface (or in your case the servername): virtualpc.ocslab.fw.nu
But really, i would set up an edge server to make this work properly.
Regards,
Matt
Thursday, September 13, 2007 4:21 PM -
If you want to go all the way perhaps the OCS deployment guides are good reading material. You can download them as a package.
To quote the OCS Standard Edition Deployment Guide:
During DNS lookup, SRV records are queried in the following order:
1. _sipinternaltls._tcp.domain - for internal TLS connections
2. _sipinternal._tcp.domain - for internal TCP connections (performed only if TCP is allowed)
3. _sip._tls.domain - for external TLS connections
4. _sip._tcp.domain - for external TCP connections
Thursday, September 13, 2007 4:58 PM