Integrating Exchange 2010 OWA and OCS R2

2017-12-07T13:42:58+00:00 February 18th, 2010|Exchange|

Exchange 2010 Outlook Web Access now offers integration with OCS R2 in much the same way as Office 2010 (for those of you that have used it), in that you can now see your OCS buddy list. Whilst this can be really useful in Outlook Web Access some of the steps to get this working can be a little tricky and need to be done in a particular order.

Quick note, each of the following steps will need to be completed on all Exchange 2010 CAS Servers in your organisation.

Firstly, download the Microsoft Office Communications Server 2007 R2 Web Service Provider:

http://www.microsoft.com/downloads/details.aspx?familyid=CA107AB1-63C8-4C6A-816D-17961393D2B8&displaylang=en

Secondly, if you are running your CAS Servers on Windows 2008 R2 you will need the ‘UcmaRedist.msp’ patch:

http://www.microsoft.com/downloads/details.aspx?FamilyID=B3B02475-150C-41FA-844A-C10A517040F4&displaylang=en

image

Run the CWAOWASSPMain.msi and install it (default location is C:Web Services Provider Installer).

Copy UcmaRedist.msp to the C:Web Services Provider Installer folder.

You will now need to install the files in that folder in the following order:

vcredist_x64.exe

UcmaRedist.msi

(run an elevated Command prompt (run as Admin))

Browse to C:Web Services Provider Installer folder and install the following:

CWAOWASSP.msi

UcmaRedist.msp

You can now confirm that the installation has completed correctly by browsing to and checking for the following registry key:

HKLMSystemCurrentControlSetServicesMS Exchange OWAInstantMessaging.

If the InstantMessaging key does not exist under MS Exchange OWA then ensure you ran the CWAOWASSP.msi from an elevated command prompt.

Hopefully by this point you will have installed a FQDN Certificate off your internal CA for your CAS Server(s), if not, you will need to. OCS works entirely on Certs and checks the FQDN of the Server(s) you add against the cert that it is operating with – basically, the self-signed certificated that Exchange installs with will not with OCS.

Once you have a cert from your internal CA that matches the FQDN of your Server you will need to launch Exchange Powershell and run the following command:

Get-ExchangeCertificate | fl

Details you will require:

Issuer  CN=Server Root CA, O=Company Limited etc.
SerialNumber 00FF4A82B8779966333CB2A177046F44C3
Services IIS (only needs IIS but can have others)

(Keep this screen open as you will need the information from the certificate registered for IIS in the next step.)

Now browse to C:Program FilesMicrosoftExchange ServerV14ClientAccessOWA and edit the ‘web.config’ file with notepad.

You will need to complete the following sections:

IMPoolName

IMCertificateIssuer

IMCertificateSerialNumber (this needs to in two octet sets as per below)

example:

image

Now you need to enable the CAS Server to use OCS for IM, to do this run the following from the Exchange Powershell:

Get-OwaVirtualDirectory | Set-OwaVirtualDirectory –InstantMessagingType OCS

Once the command has completed you will need to perform an ‘IISReset’

 

Now, connect to your OCS R2 Server and bring up the Front-End properties of the pool and select the Host Authorisation tab. Click Add.

image

Add the host name as the FQDN of the CAS Server(s) that are being configured for IM (this will be need to be the same as the FQDN certificate registered on the CAS servers for IIS). Tick the boxes for ‘Throttle as Server’ and ‘Treat as Authenticated’.

image

Once you have restart the OCS R2 Front-End Service it should all be working.

image