Problems adding phone numbers to a conference call

I’ve recently had some problems with an OCS 2007 R2 installation where the users were complaining that they couldn’t add external phone numbers to a conference call. Internal numbers and SIP contacts were working fine.

I did some tracing, and noticed that the service provider gateway returned a 404 Not found when answering to the SIP Invite of the phone number. I checked the number, and it seemed correct.

But the FROM: field of the INVITE was populated with the users SIP URI not the users TEL URI, which the service provider didn’t handle. Normally a call through the mediation server will use the TEL URI, but turns out that it doesn’t in this case. There is AFAIK no way to handle this in OCS 2007 R2. (There might be in Lync, but I’ll need to lab that. The conference call behaves the same way in Lync, but you have the option to substitute the dialed from number on the route.)

This means that the service provider needs to handle this and substitute all unknown URI’s in the FROM: field with some known number, ex. the Dial In conference number or the main number of the organization, unless the service provider wants to maintain a database of the users and their corresponding TEL URI.

It might also be a solution to put some kind of gateway between the PSTN and OCS that does the conversion.

Has anyone else seen this?

Address book issues

I had a weird problem with an 2007R2 installation last week. The addressbook had stopped working. I checked all the normal errors, certificates and IIS on the FE, but everything seemed to be just fine. The addressbook files were created, and I could download all files in the browser. Everything seemed to be normal, except that the clients were giving the error about not being able to download the addressbook.

After a bit of searching the internets, I came across this. Seems that there was some new functionality added to IE8 where it refuses the certificate if the CRL is unreachable.

The solution is either to fix the CRL, or to uncheck “Check for server certificate revocation” under advanced settings in >IE8.

Audio delay when answering call

I’ve been having some trouble lately with call setup on incoming calls. After the call has been answered, there has in some cases gone up to 8-9 seconds before you can hear the person on the other side. Obviously this is quite a pain…

When trying to google the problem you get a lot of posts telling you to disable Windows Firewall. This actually solves the problem so if you are content with just disabling a firewall without knowing why, you can stop reading now.

Seems that when you install the mediation server on a Windows Server 2008 the firewall fails to open the proper UDP port negotiated during the RFC 3690 Early media negotiation until Windows Firewall detects an outgoing UDP stream. This can be solved/worked around by adding an inbound rule in the firewall that allows all UDP ports.

Thanks to JeffNye for tipping me in the right direction!

Communicator Phone Edition – Update Issues

After following several guides to configuring the device update service in OCS 2007 R2, including Rui Silvas trilogy and Rick Varvels guide, I still couldn’t get the phones to update the software.

All logs were showing that it had worked, the Update service logs showing that the phone had found the right sw, and IIS logs showing me a 200 OK sent to all phones…

Troubleshooting finally led me to try downloading the CPE.nbt file manually from


which just gave me a blank page.

I tried comparing the IIS configuration to one I knew was working, and saw that I had a lot less IIS roles installed on the one that was not working.

When I installed this Front End server, i used the commands in this post to install the prereqs. Turns out that if you are going to use CPE, you will probably also need the “Static Content” role service in IIS to configure the correct MIME types on the fileextensions the update serrvice uses.

There exists default MIME types for both the .xml and the .cat extensions that is used by the updater. There is however no default for the .nbt extension.

If this role service is not installed, the updater does not work. You will have to add this feature, and then manually add the correct MIME types to the DeviceUpdateFiles_Int/ and DeviceUpdateFiles_Ext/ folders, which should be:

<mimeMap fileExtension=”.nbt” mimeType=”binary/octet-stream” />

<mimeMap fileExtension=”.cat” mimeType=”binary/octet-stream” />

(I have no idea as to why the bottom one is smaller than the other, but I cant get them equal size for some reason :S)

Hey presto! The phones update themselves like magic has happened!

Response group certificate error

Got a certificate error when i tried starting the response group service today.

The provided certificate is not valid.

There was a problem validating certificate: Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was ‘<poolname fqdn>’ but the remote endpoint provided DNS claim ‘<fqdn in a sip domain>’. If this is a legitimate remote endpoint, you can fix the problem by explicitly specifying DNS identity ‘<fqdn in a sip domain>’ as the Identity property of EndpointAddress when creating channel proxy.

Turns out that the last SAN in the certificate needs to be the same as the CN in the certificate, which should be your pool FQDN. The service will fail if it isnt.

Integrating OCS 2007 R2 in Exchange 2010 OWA

Today, I got to see the new OCS integration into Exchange 2010 OWA. Looks awesome! Hopefully well see even more functionality when OCS wave 14 comes!

heres how to implement it from Chris and Robin:

Office Communications Server 2007 R2 XMPP Gateway Has Been Released! :D

Configuring connectivity to Gmail:

Configuring connectivity to Jabber XCP 5.4