Solved

OCS 2007 R2, multiple Domains

Posted on 2009-07-09
7
1,252 Views
Last Modified: 2013-11-29
I have an OCS 2007 R2 implementation running in testing that we are about to move into production. The issue that I have is we have setup the users to SIP with their email addresses. Those with domaina.com work perfect, but those with domainb.com say server is un-available.

I added the SIP domain to the OCS Manager but still no luck. What do I have to do to get it to work? I am using the internal certificate server from my AD versus a 3rd party cert.

Thank You.
0
Comment
Question by:amedexitt
  • 4
  • 3
7 Comments
 
LVL 6

Expert Comment

by:adamg12345
ID: 24816438
Are you using automatic configuration for the Clients?

Adam
0
 

Author Comment

by:amedexitt
ID: 24818143
I believe automatic config is setup. I have a slight workaround which is to change their sip login to the domaina with username@domaina.com but its a bit of a pain to do it that way.
0
 
LVL 6

Expert Comment

by:adamg12345
ID: 24818262
If you use manual configuration and point the clients direct to the OCS Server, does that work for domainb users?

Adam
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:amedexitt
ID: 24822927
adamg12345, I think manual will work, but this is about 60 of 350 employees and I'd like to avoid having to do that for them due to the headache of managing that.
0
 
LVL 6

Accepted Solution

by:
adamg12345 earned 500 total points
ID: 24822987
If it works manually then it is either down to DNS or Certificates.

You need to create the SRV records for both domains, the A records that these points to must be the same domain.

so SRV for Domain A must point to ocs.domaina.com
SRV for Domain B must point to ocs.domainb.com

Then in turn the FQDN of the A record must be in the SAN list of the FrontEnd Cert.

I hope that makes sense.

Adam
0
 

Author Comment

by:amedexitt
ID: 24826091
I decided to standardize and have everyone login with their SAM login acct@domaina.com, because theres 4 or 5 different domains and otherwise will be a mess to setup.
0
 
LVL 6

Expert Comment

by:adamg12345
ID: 24826163
Ok, just one thing that is worth noting is that if you are going to Federate, it is often easier to have the SIP Address matche the email address, plus exposing the account name is never ideal.

Adam
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now