Solved

Making LCS and OCS talk to each other

Posted on 2009-07-02
3
900 Views
Last Modified: 2013-11-29
Hi

In our Single Domain, Single Forest environment spread over three countries and running over MPLS WAN links, one of our offices has deployed LCS 2005 and the other one recently deployes OCS 2007 R2.

The AD shcema was prepared in such a that both the LCS & OCS remained functional.
How can we make the user's of both, talk to / communicate with each other? In the near term, we want all the users be shifted over to OCS though but that needs a bit of planning for internal PKI and placement of servers in the their own pools, but till then, I was wondering if there is a temporary solution???
0
Comment
Question by:fahim
  • 2
3 Comments
 
LVL 12

Expert Comment

by:gaanthony
ID: 24769384
LCS 2005 SP1 requires all the released updates for it to be applied for OCS 2007 R2 interoperability along with the OC 2005 client being updated with the latest release.
LCS 2005 SP1 requires updates KB 911996, 921543, 950614
OC 2005 requires update KB 949280.
You mention PKI so I have to assume you have no internal Certificate Authority deployed at the moment.  Did you use certficates from a Third Party CA or are you using TCP instead of TLS for Communicator client connectivity to both LCS and OCS.
The only way that LCS and OCS servers with talk to each other is via Mutual TLS which means you need certificates on both the Pools for interoperability.
See the following link for the support migraiton path. http://technet.microsoft.com/en-us/library/dd425356(office.13).aspx
Let me know if you have any more questions.  Setting up a internal certificate authority is pretty simple.  All you need is a Windows Server 2003 or 2008 Enterprise Edition server that you configure IIS and Certificate Authority roles on it.  Note: Can't be collocated with OCS/LCS.
0
 

Author Comment

by:fahim
ID: 24775954
Thanks for the response Anthony.

What we are using for OCS currently is Third Party CA generated elsewhere but the problem is revocation, new certificates generation for adding servers is not in our control. The consultant who installed OCS has some sort of CA running on his laptop through which he generated the certs for server and clients connecting to OCS 2007. A shortcut mechanism I'd say.

I'll check if all the updates you have mentioned are in place. But, what's required to be done on LCS and OCS thereafter? I have a server cert on OCS while LCS uses TCP.

Also, thank's for mentioning tha setting up internal Cert Auth. is simple. We have native Windows 2003 R2 environment running on single domain, single forest mechanism althought spread over three countries, communicating on MPLS VPN dedicated links. I have posted a separate cuestion in this regards here:
http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_24539295.html

Pls contribute your thoughts. I would appreciate them most.
Thannks.
0
 
LVL 12

Accepted Solution

by:
gaanthony earned 500 total points
ID: 24776152
You will need to configure TLS (Server Cert) on LCS preferrably requesting a certificate from the same CA that the one for OCS was generated from so that LCS and OCS servers will trust each other's certificate.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question