Group Chat Server Documentation Inconsistencies RRS feed

  • Question


    I hope I'm not the only one thinking that Group Chat installation is a major PITA. Creating accounts all over the place manually is all but inconvenient.

    What makes it worse is that there are inconcistencies that leave you wondering not only about the purpose of a step, but sometimes there are contradictory statements.

    For instance.. the user accounts. On the user setup page (http://technet.microsoft.com/en-us/library/dd425251(office.13).aspx) it says you need an account for the web service. However, I didn't find any reference to that account other than on that page.. so what is the purpose of the account?

    On the same page, it says

    "After you create these accounts, you need to add the Channel service account, Lookup service account, and Compliance service account to the db_owners group of the Group Chat database(s). The Lookup service account needs to be SIP enabled."

    Then it tells you to perform a 10 step procedure for all the accounts created. Step 9 being

    "Bulk provision the accounts for Office Communications Server."

    So.. do you configure one or every account for OCS?

    Other things I found confusing is the lack of compliance configuration instructions even though it's part of the server configuration wizard (http://technet.microsoft.com/en-us/library/dd425278(office.13).aspx)... there should at least be a link to the compliance setup instructions.

    Also, and this isn't only a problem for group chat but every role setup that requires you get certificates manually (unless those done with lcscmd.. those seem to work out just fine), the certificate setup: http://technet.microsoft.com/en-us/library/dd441364(office.13).aspx

    Unless you don't have an enterprise CA, there's no need to import the CA chain.. worth a mention if you ask me. However, then we have the infamous MTLS certificate. I'm sure those we set up CWA in R1 have a word or two to say about this.. the procedure in this guide simply doesn't work. Sure you get a cert and it's even MTLS capable.. but it's imported into the Personal Folder of the Local User.. not the local computer. And copying it into the Personal Folder of the Local computerwon't do.. the cert still won't be found by the installation wizard. I thought I was smart and exported the cert from the local user and imported it into local computer so the wizard completed, but then of course the service wouldn't start because the private key was around.. so I got another certificate from within MMC and that finally did the trick.

    Last but not least, when you finally have the server up and running (and wondering why the status tool says the web service isn't running) when you try to get into the help of the admin tool it takes you to a page that doesn't exist.

    Hopefully, some of these issues can be taken care off in order to make the installation less error prone for first time installers.


    @edit: I almost forgot... nowhere does it say that not only do you need IIS, but it has to be in IIS6 compatibility mode. If you have IIS7 (2k8 server), you get some weird error that I couldn't find anywhere on the web. Remembering that I had to install IIS6 compatibility before I then simply took a ____ into the fog and installed IS6 compatibility and that was just what was needed.

    Generally, the prerequisites are usually well explained for the other roles but for the group chat the requirements are a bit all over the place.. it would be good to have them in the first step all in one place so you know what to do do prepare a box and not having to install more and more stuff as you go through the guide.

    @edit2: I finally managed to get the web services working.. I checked the url and found it to be non responsive, tried with http and it told me I needed to use https. Thus, you have to configure the default website for https as well as the default http which is another missing piece of info.

    I'm also missing information about edge deployments. I have it up and running using a separate (manually configured) profile - I haven't managed to get file uploads working though then again, internal uploads are also blocked so it seems I have some more work to do (probably the file I tried to upload wasn't permitted due to some rules that I'm not aware of yet).

    Tuesday, February 10, 2009 2:05 PM

All replies

  • I dont have much to add other than to agree with you. The group chat setup documentation is mainly nonexistent. I didnt even find the article you posted and ended up calling Microsoft and the tech had some install instructions and walked me through the setup.

    I took what he told me and documented it here http://ocsgroupchatsetup.blogspot.com/ but the doc you posted is more or less the same.

    And after getting it all up and running Ive been pretty disappointed with it. Hopefully the next release is better.

    Friday, February 13, 2009 3:08 PM
  • The Group Chat Server deployment documentation can be found here: http://technet.microsoft.com/en-us/library/dd441340(office.13).aspx

    That documentation details the SQL configuration, account deployment, etc.  I agree the install process is defintely hard to understand, but the info is out there.

    Also, each user account needs to be created manually, and up front so that they can be configured for access to SQL.  The accounts are not automatically provisioned.
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Friday, February 13, 2009 4:06 PM
  • At the time Patrick installed, the documentation wasn't up yet. When I installed it was so hence my references to the things that I think are worthy of improvement.

    I don't know how the group chat came to be but could it be that it's an external tool which would explain how it is so separate from the rest and how the installer and configuration tool are totally different from any other OCS tool.

    Friday, February 13, 2009 9:25 PM
  • The Group Chat server components came from the Microsoft purchase of Parlano back in 2007: http://www.microsoft.com/Presspass/press/2007/aug07/08-29ParlanoPR.mspx
    The server components and client software are completely separate from the core OCS infrastructure.  I imagine over time we might see the two product integrated more tightly.

    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Friday, February 13, 2009 9:49 PM
  • Agreed, the install directions were not great.  I sent in some suggestions from the TAP process but I don't think they had time to update.  As for your web account user who needs to be RTCUnivAdmin, SQL users but no other reference.  See here:


    Basically, you need to make that user the account that will be doing the web browsing on your server.  Also make sure that account has read/write access to the directory that you specified in the installation of where the files are being stored.  This will let you successfully upload documents.  This one got me as well the first time around.

    This is very much a product that was purchased and then folded into the experience.  I've been told they had some internal builds where they have Group Chat built into MOC - but was told we should all be happy that they decided to leave it as a seperate client because it was really bad!


    p.s.  Yeah, the pre-reqs are a nightmare.  They actually contradict themselves in a few places.  In one area it specifically says you need "Windows Server 2003 and SQL Server 2005 or later".  This to me says you have to have 2003 instead of 2008.  But then later in the documentation it says "Windows Server 2003 or later and SQL Server 2005".  We guessed.  :-)

    Friday, February 13, 2009 9:53 PM
  • The Group Chat server follows the same Windows and SQL requirements as the rest of the OCS components: both Windows 2003 & 2008 and for SQL both 2005 and 2008.
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Friday, February 13, 2009 10:04 PM
  • The page you linked to says

    In the User Name and Password boxes, specify the credentials for an account that has read/write permissions on the file repository folder.

    It should say

    In the User Name and Password boxes, specify the credentials for the Web Service account you previously created.

    That's much clearer since it references the previous document that told you to create an account for this specific purpose, and told you what kind of permissions that account needs to have.

    I know, in hindsight it's semantics but if you're doing it the first time, you don't necessarily make the connection (fortunately my trial and error hit the spot right on).
    Friday, February 13, 2009 10:55 PM