locked
Edge server machine on workgroup or Domain ? RRS feed

  • Question

  • Hi friends,
                   Can anyone tell me OCS EDGE machine should be on workgroup or in domain of OCS Server ?

    also I have total 4 network connection....
    (single box set up and It's a vertual machine)

    3 are configure for Access edge ,a/v and webconf ... what should be the configurations for this ...
    and another is internal ...!!!


    Then which is my external and internal IP ???? for installing edge.
    Thursday, February 26, 2009 5:57 AM

All replies

  • Edge server should NOT be a domain member.
    As you may know, VMs are not a supported implementation.
    Your NIC configuration will work. The best solution is to have public IPs for the external facing NICs. The A/V is the only one that requires a public IP. Yes, in R2 that requirement goes away for a consolidated edge, but I still recommend the public IP.
    What other configuration are you looking for?
    Jim Raymond - DynTek
    Thursday, February 26, 2009 6:05 AM
  • Hi James ,
     THanks for ur help ...

    there are 4 Connections ...plz see the conf ...

    Internal :         10.76.143.164   with DNS of office domain(10.70.80.x)
    AccessEdge :   10.76.1.181      (No DNS ,no other entries.Only IP and subnet mask given) - I give the imaginary address.
    A/v :                10.76.1.182      (same like access edge)
    webconf :        10.76.1.183     (same as above)

    pool : testpool.VJ.dev
    domain :VJ.dev

    then while installing edge server

    what is
    FQDN for the internal interface
    FQDN for AccessEdge,webconf and A/V
    FQDN of next hop server

    Internal sip domain - VJ.dev (I guess,not sure)

    Also , plz tell me if there are any requirements

    Please reply me ASAP....
    Thanks in advance
    Thursday, February 26, 2009 6:41 AM
  • Are you using RTM or R2? If RTM, you can't use that IP for the A/V edge. If R2, you are OK, but not in a recommended state. Here is a link to a technet reference on deplooyment. The first link has the port requirements for R2 and the second, a step by step guide...
    http://technet.microsoft.com/en-us/library/dd441361(office.13).aspx
    http://technet.microsoft.com/en-us/library/dd441282(office.13).aspx

    The internal FQDN is the manual DNS entry for your Edge server (i.e.: edge.vj.dev)
    The external is the CN for your certificate on your Access and Web roles, the public server names associated with your DIP domain. (i.e.: im.domain.tld)
    next hop is the pool FQDN internally (or director if used)

    Take a look at the technet library...great info!


    Jim Raymond - DynTek
    Thursday, February 26, 2009 7:05 AM
  • HI all ,Thanks James


    One more ...

    How many DNS records are needed and where to create ...

    while validation giving me Warning:


     Enhanced Federation Domain Allow List Partner: None Found
    Thursday, February 26, 2009 9:30 AM
  • You will get that error if you have Enhanced Federation enabled and no Enhanced Federation partners. Enhanced can also be thought of as dynamic. If someone wants to reach you via their OCS, they use your SIP address to find you and it just works due to Enhanced Federation.

    Here is the quote from Technet...

    Microsoft Office Communications Server 2007 R2
    Configure DNS

    You must configure specific Domain Name System (DNS) settings on each external and internal interface of each Edge Server. In general, this includes configuring DNS records to point to appropriate servers in the internal network and configuring DNS records as appropriate for each Edge Server. For details about the recommended DNS settings, see DNS Requirements for External Access.

    If you are using the two-firewall topology, with your perimeter network separated from your internal network by an internal firewall, you have two recommended options for how to configure the DNS A records that the Edge Servers use to communicate with internal servers. You can set up a DNS Server in the perimeter network, or edit the hosts file on each Edge Server. (For security reasons, it is not recommended that you have Edge Servers access a DNS Server located in the internal network.)


    Jim Raymond - DynTek
    Friday, February 27, 2009 4:49 AM

  •  Hi Jim,

     Thanks for ur help...

     

    I have already gone through this references...

    but I didn't get it ..

    Also I don't have firewalls (external and internal).

     

    Where to create the dns entries ...on ocs server(as it is my AD,OCS server,SQl server...single box setup)...

    or the edge servers (which are on single machine ..all 3 edge servers..it's again a single box setup.)

     

    NOw can u please tell me ... How many DNS entries...which entries to create and where ?

     I know I am bothering u alot, but there is no other way :)

     Thanks !

     

     

     

     

    Friday, February 27, 2009 5:11 AM