In my prior post I mentioned that the logging information was misleading and only handled MSN, not SIP.
I requested permission to provide the logging instructions for the MSN (personal) service. Please remember a few things - I don't use a Mac on a daily basis, just the client and only that for occasional testing. I also don't support the MSN (personal) service and as such I will NOT be able to assist you with these logs. I have been informed that while you can now have the instructions to create a log, you will likely still need assistance from those supporting the client.
Messenger Logs Messenger logs are helpful when you are having an issue with signing in to the MSN (personal) service, seeing contacts online presence and for several other reasons as well.
Enabling Messenger Logs: Quit Messenger
Go to /Applications/Utilities and launch the Terminal application
Type the following on one line exactly as you see below:
defaults write ~/Library/Preferences/Microsoft/com.microsoft.Messenger EnableConnectionLogging -bool true
Disabling Messenger Logs: Quit Messenger
Go to /Applications/Utilities and launch the Terminal application
Type the following on one line exactly as you see below:
defaults write ~/Library/Preferences/Microsoft/com.microsoft.Messenger EnableConnectionLogging -bool false
Locating Messenger Logs: Messenger logs are located in your ~/Documents folder and the file name is Microsoft Messenger.log
Deleting Messenger Logs: Quit Messenger
Move the log named Microsoft Messenger.log to the trash and empty it
Notes about Messenger Logs: Enabling logs saves a file containing personal information to ~/Documents. Anyone with access to this directory can open this file.
They are not automatically deleted
They will continue to grow in size if you don't delete them from time to time or disable logging
Deleting your log without disabling logging will create a new log on launch of Messenger
Deleting your com.microsoft.messenger.plist file (preference file) will clear out any settings for logging. You will have to re-enable the logging again if you want to get a Messenger log file
I hope that this information is valuable, I hope even more that you just don't need it!
TomL OCSKid
Microsoft Messenger for Mac 6.0.2, released Jan 30, 2007
http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/misc/messenger60_download.xml
I would like to let you know that the logging paragraph, included below, implies unfortunately that the logging is logging everything. Sadly this is not true and the logging will only work with the Personal (MSN) sessions. To be clear the Microsoft Messenger for Mac client is a multiple stack (2) client similar to Windows Messenger. This allows you to use one client UI to sign-in to multiple services. In this case you sign in to MSN (Personal) and LCS (SIP protocol Corporate tab).
So you were hopping to deploy this new client for your LCS deployment and resolve the lack of logging issue? Well thankfully one customer has said that to be true and I have worked with the Mac team to put in a tracking request that the next version include that. Most of us not running the client are ok with that, but for those deploying it, why do I have to wait? Well don't... send me in email (toml at microsoft dot com) your company name, your total number of LCS seats and how many of those are MAC clients. Be honest when you say what the impact is - can you deal with LCS server side logging, if not why not? Can you deploy LCS using TCP over port 5060 and install Wireshark on your Mac workstation? Annoyance sure, but any reason why you can't? I am not minimizing the problem or effort what I am doing it making sure I don't put in a request that would cause the team to over prioritize this request over another, remember decisions have to be made as time and money are not endless even for the Microsoft empire :)
Additionally, Messenger for Mac 6.0.2 includes logging. Log files can help troubleshoot various problems in Messenger such as connection problems, status failures, and other issues. Enabling logs saves a file containing personal information to ~/Documents. Anyone with access to this directory can open this file. By default, Messenger logging is turned off. For more information about how to enable logging for troubleshooting problems, contact support
Tom
I don't know if you are aware of the upcoming changes to Daylight Savings for the United States but changes are coming. I happen to carpool with 2 guys in Exchange and 1 is part of a corporate wide team working on DST, so I have begun hearing more and more about it. Please use the following as just 1 place to get started on reading if this is a new subject for you -
http://blogs.msdn.com/mthree/archive/tags/DST/default.aspx
I don't know that there is a magic bullet for this change so I would educate yourself on the products impacted, the type of geographic impact it could have for your business and to think through how you will handle the critical meetings you have. Have a back up plan and communicate with your team.
I hope that the information provided will allow you to be successful in this endeavor.
Tom
The information below comes from one of our support staff, handling certificate service issues.
Live Communication Server requires a certificate to enable TLS. To generate this certificate, find the scenario that best fits your situation.
Run the following commands to allow the Certificate Authority to issue Alternate Names.
1. certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
2. net stop certsvc
3. net start certsvc
1. Use the LCS Cert Utility:
Live Communications Server 2005 with Service Pack 1 Resource Kit <http://www.microsoft.com/downloads/details.aspx?familyid=D21C38E5-5D8F-44C7-BA17-2CC4F85D8B51&displaylang=en>
The LCS Cert Utility tool generates certificate online and offline certificate requests and import a certificate response issued by an offline CA (certification authority). It also allows users to delete certificates from the partner certificate store in Access Proxies.
2. If the customer has a 2003 Stand Alone CA:
a. Go to the Web Page of the CA: http://server/certsrv
b. Chose "Request certificate"
c. Choose "submit an advanced certificate request"
d. Choose "Create and submit a request to this CA"
e. Enter the Pool Name FQDN in the Name Field
f. Chose Other in the Certificate Request Type
g. Enter the OID 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2
h. Chose Microsoft RSA Schannel CSP
i. Check "Mark keys as exportable"
j. Check "Store certificate in the local computer certificate store"
k. Enter the following in Attributes:
l. SAN:DNS=FQDN OF THE LCS POOL&DNS=FQDN OF THE LCS SERVER
m. Enter a Friendly Name of LCS
n. Click "Submit"
3. If the customer has a 2003 Standard Edition, Enterprise CA:
a. Create a request.inf file on the LCS server as follows:
====================Snip=================
[NewRequest]
Subject = "CN=server.microsoft.com" ; must be the FQDN of LCS server
EncipherOnly = FALSE
Exportable = TRUE
KeyLength = 1024
KeySpec = 1
KeyUsage = 0xA0
MachineKeySet = True
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = CMC
[RequestAttributes]
CertificateTemplate = WebServer
SAN:DNS=FQDN OF THE LCS POOL&DNS=FQDN OF THE LCS SERVER
====================Snip=================
b. Issue the following commands:
i. certreq -new request.inf certnew.req
ii. certreq -submit certnew.req certnew.cer
iii. certreq -retrieve <RequestID> certnew.cer
iv. certreq -accept certnew.cer
c. Right click the certnew.cer file and select "Install Certificate".
d. Click Next twice and then click Finish.
4. If the customer has a 2003 Enterprise Edition, Enterprise CA:
a. Create a Duplicate of the Computer template.
b. Select the "Supply in request" option under the Subject Name tab
c. Select the "Allow private key to be exported" option under the Request Handling tab.
d. Publish the new template.
e. Request the certificate on the LCS server by going to the Web Page of the CA: http://server/certsrv
f. Chose request certificate
g. Choose "submit an advanced certificate request"
h. Choose "Create and submit a request to this CA"
i. Select the template you just created and published.
j. Enter the Pool Name FQDN in the Name Field
k. Check "Mark keys as exportable"
l. Check "Store certificate in the local computer certificate store"
m. Enter the following in Attributes:
n. SAN:DNS=FQDN OF THE LCS POOL&DNS=FQDN OF THE LCS SERVER
o. Enter a Friendly Name of LCS
p. Click "Submit"
5. If the customer has a 2000 Stand Alone or Enterprise CA:
The Windows 2000 CA policy module does not support building the Subject Alternative Name (SUBJECTALTNAME2) extension from the SAN request attribute. Both Certreq.exe and the built-in http://<servername>/certsrv request website add the Subject Alternate Name data as a request extension when the request is built and neither will work against a Windows 2000 CA. Submit a request that contains the SAN as part of the actual request, not as a request attribute.
The LCSCertUtil.exe tool from the LCS reskit (see step #1) will build the request in this way. If you generate the request file from LCSCertutil.exe, you can submit the request to a Windows 2000 CA using "certreq -submit" or the http://<servername>/certsrv request website.
To submit to the website:
a. Go to the Web Page of the CA: http://server/certsrv
b. Chose "Request a certificate"
c. Choose "Advanced request"
d. Choose ""Submit a certificate request using a base64 encoded PKCS#10 file or a renewal request using a base64 encoded PKCS#7 file."
e. Click on "Browse" and browse for the request file created by the LCSCertUtil.exe tool.
f. Click "Read!" to read the request file.
g. Click "Submit"
** If the customer is requesting the Certificate against a 3rd party CA, LCS requires that it MUST support the use Subject Alternative Names. Microsoft does not know if it does or does not support this functionality and the customer should contact the Certificate Vendor to verify this.
============================================================
1993 University of North Carolina at Charlotte graduate, planning to attend Miami of Ohio University for a masters in Recreational Sports. This is not as lame as it sounds, the plan was to be in a college setting handling intramural and club sport programs. My roommate finds out Microsoft is hiring through a temporary agency and my now wife (then girlfriend (fiance after employment)) says "You should get that number and call". I was accepted and 11 months later in 1994 I was hired full-time in our support group. I was hired when DOS 5.0, Windows 3.0 and Windows for Workgroups 3.1 were the dominant products. I was there for dblspace and drvspace and the Windows 95 launch. I moved to the messaging team to support Exchange 4.0 through 2000. I then moved to training full-time and delivered and wrote some of the Exchange 2003 material. I moved back to support just in time to ramp up on LCS 2003. I have supported 2005 and took on a beta role supporting Communicator Web Access and Communicator Mobile. I saw a little of the Office Communications Server 2007 beta and moved back to normal support for a few months.
Being in the group for as long as I was and making contacts with many people I was notified of an opportunity with the Product Group allowing me to remain in Charlotte. An opportunity I never thought would happen so I jumped. I did attend the OCS 2007 Summit but the process had already begun and Monday January 15, 2007 I will start my first stint as a Microsoft employee no longer in the support organization.
My role is still very much focused on the customer, now for the customers in our beta programs and specifically I will be working on a team that is responsible for getting customers deployed in production to provide us the necessary information we need about the ability to deploy, manage and use. Feedback in the form of actual bugs, design changes and suggestions will be coming in and these customers are the ones that will do more of the heavy work to hopefully make it easier on every other OCS 2007 customer in the world. One output of this team will be to make every other customer as successful as possible. This means readiness of all teams and roles handling customers, documentation, training, whatever it takes.
As we are working on a beta product I will let you know this - I will be creating material on my own deployment of this product and experiences in anticipation of the day I can post them for you. My guess is that when we have a PUBLIC beta this could happen. I need to hear from you how you want this information shared. Keep in mind that I have to help our internal folks first because it really stinks to take a call from a customer who knows more about a subject than you.
January 15, 2007 a new day.
TomL OCSKid
We have posted a FAQ for the Address Book Service to the UC Blog.
If you have further questions and clarifications on the topic feel free to comment my blog or the UC blog. This post was created based on internal discussions from the field and support which means it was driven by all the customer topology questions raised to us.
Happy New Year - I'm still working out how are your resolutions going?
Toml LCS Kid
Tuesday January 9th, 3 of us (Tom, Matt and Chad) will be presenting to the local Carolina IT Professionals Group for Live Communications Server. On the chance you are in the Charlotte, NC area please feel free to come by.
Supporting customers on technology and using technology are very different. With the changes in Unified Communications though that line is beginning to blur. I am thoroughly excited about what is in store for the 2007 product release in the area of conferencing and voice technologies (for those running Exchange 2000 Conferencing, you have waited a long time for this release).
Microsoft allows for access to all corporate resources while outside the corporate network. The latest approach to leverage is a part of the Longhorn Server beta and remote desktop connectivity - I can be at home and connect to a work computer through one of these servers, I never have to make a VPN connection to the corporate network. Working for companies like this where your location is not important I can install and use Communicator at home or bring a work laptop home. This means that I could leverage all the technology of Office Communicator (OC) and Live Communications Server or as I am fortunate to be on the latest technology - OC 2.0 and Office Communications Server 2007 beta.
But do I really want to be online with my work credentials at 8:00pm at night or 6:00 am in the morning? If I want to do work then this is terrific but when I am on personal time I communicate with different people or possibly my friends at work but in a personal approach. Specifically I am now trying to figure out how to communicate best with my family. The phone works well and we have a home line and 2 cell phones (mine is a work supplied phone), my folks are in a similar position as is my sister and my brother only has a cell phone. My sister and her husband are notorious for not answering the home phone and also not returning voice messages so we call cell phones when really important stuff comes up. But what about my mom and dad having an opportunity to have a video call with the grandkids? While the 4 almost 5 year old can have a conversation our 2.5 year isn't as capable, but if they could see Nan and Pop would they do better? Seeing you shake your head no to my question is a lot better than silence on a phone call.
So Allison and I use Live Messenger, sort of expected wouldn't you say? But the whole family doesn't, in fact some don't have an account with any particular cloud, so how do we go about this? Sure everyone can get a Live account, and with the beta they could even get a Yahoo account and we can IM, and voice. If you don't sign in then it doesn't help and these services tend to provide a LOT of stuff, too much for me personally so is there another option? My dad and I are going to test Skype, not because we don't think it will work but to get a feel for the experience and to see how much we get for free. I think we can achieve the desired result of a voice and video call from Skype to Skype for free.
I will provide an update as well as my experience in setting up and using as Unified Communications is Unified Communications whether business or personal. The world is in the midst of a change and while I like things the way they are and simple, I have to experiment and experience the change. In 2000 with Exchange Conferencing I was thinking about how cool all of this was and never did much with it, now so much has changed that my kids should look at me crazy when I talk about the time that phone calls had no video :)
TomL
Determining my posts -
The complexity of an issue and how much information can be shared to shed light on a subject. For example I have a customer issue with phone normalization. What looks like an easy post starts to be come complex with ABS and Communicator both being factors. With that customer issue I used their exact phone numbers to test and took a bunch of screen shots (OneNote) but now I realize I can't use their numbers so do I grey them out in the screen shot or do I do this all over again with other numbers? Oh and what is an invalid number for overseas?
The frequency of an issue or question will drive a post and lately most issues we get seem to be addressed. Phone normalization happens to be a current subject of confusion.
The future or beta products is an interesting area, how much can I say without crossing the bounds of revealing too much or will what I share be changed in a later build. I think with OCS 2007 beta3 I can begin to speak on somethings (if I receive permission) but other areas will have to be omitted or really vague, for example Voice and Hardware. Beta3 is the first build with voice functionality and the hardware is still not widely available.
Can I express it in words or do I need images or would a video be better? The main thing here is finding a location to host my content and for free :)
In a few weeks I will be creating 2 posts - one for the phone normalization as the customer issue was defined and one about a change in my role!
TomL LCSKid
The above error was reported by a customer from his Access Proxy. The first thought was locked down permissions on the server to the certificate store but that was not the case.
For this customer issue they were using a domain service account instead of the local service account. Specifically - the Access Proxy was running with LCService from the domain, changing this to the local LCservice (normally this is LCProxyService) and restarting the service the error went away.
This would not be a normal config for most customers but it wasn't documented anywhere until now.
Credit for this goes to Devank
Tom LCSKid
Mu Han has our most recent post on the UC blog regarding the Private Beta for OCS 2007. I was one of the 10 beta team members at the event this past week in Bellevue. Our job was to assist with proctoring of the labs and overall I believe they were successful. We had one multiparty video conferencing bug in the specific bits we were using and ran into a few problems with the lab that integrated with a few gateways for phone testing. We were not able to have the Friday labs with Exchange 2007 Unified Messaging due to the wind storms in the area. The Bellevue area was without power and so we had about 30-60 minutes from the UM team discussing the technology and then broke for the day.
I was fortunate enough to have an opportunity to chat with some folks while there on campus and see how their work life is going with the recent change to the new UC "Tanjay" phone on their desktop. If I am lucky I might get placed on that specific deployment. As we anticipate the Beta 3 version being released before end of year, it will be great to start playing with a more solid build with more features, namely voice, being included in the product.
If you are successful in finding my personal blog you might catch a glance to the challenges of no power and trying to return home.
I was invited to join our management team for a 2.5 day visit with the product group regarding the future of OCS 2007 and the current state of the business.
The reason to speak about OCS 2007 was to make sure that we (support) were hearing directly from the product group what was going to be coming our way in the future release and to be sure they could ask questions about the new technologies. Some items I can be sure to mention are those things we have stated publicly so that would include the support for ICE (STUN and TURN) for NAT traversal and the additional audio/video changes with conferencing and Roundtable and last but not least - telephony or voice with the new hardware. Kevin Johnson demonstrated this in the June event which you can find at http://www.microsoft.com/uc
Ok so everyone was sufficiently scared, worried, eyes wide open to the freight train bearing down on us, by the way did I mention our team also supports all the networking for the OS which means all the new Vista stuff - yikes. We then get to present to them about support, how are we structured, how a call gets routed from start to finish, how we analyze calls to get them resolved faster and how many calls and how much time it takes to solve them. We then provide a roll-up from the call-coding, an aside here - when we say we need a new case it is because we need to track how many calls we get on a particular subject and then how long they take to resolve and what the resolution is. With the call coding we can tell them what the top labor generators are and provide suggestions on ways to improve - new tools, a wizard, some manner of education or analyzer that gives a report on possible issues with the current config. My job is to present some of this but then to speak mostly on the subjective aspect of support. I will give the color commentary shall you say about the LCS support calls.
While things may not get resolved as quick as you want, I can tell you truthfully that if you want something changed we have the process to handle it and if you were to call and speak to me today, I would probably get you to request the desired change in OCS 2007 while they are still actively developing the product. Because before it ever reaches RTM, they will stop taking changes and then you will have to justify what you want with a lost revenue, or business sale or how much more productive (money) you would be with the feature. These guys are already thinking about the next 2 releases!
LCS Kid
This is just too good not to share with the folks reading this blog.
http://www.msdewey.com/
Some search items to try (and retry) include
janina gavankar (the actress that plays Ms. Dewey)
Matrix, What is the Matrix (enter it until you see the spoon scene)
SIP
Have Fun,
TomL
Sometimes you are reminded that you didn't document something you thought you did. Turns out that I wasn't even the one to write this up the first time but Gary did while he was on the team (since moved to ISA support).
As of October 11, 2005 all EASI* Passport domains are fully supported for the Public
IM Connectivity (PIC) Service. We also refer to these as Vanity domains in case you hear the term.
This means that Microsoft Office Communicator users can communicate with MSN users
using EASI Passport IDs through PIC. EASI ID allows MSN users to create an IM
address through Passport using the domain name of their choice.
For example a user’s EASI Passport ID could have been username@contoso.com
<mailto:username@contoso.com>. This is a great service for MSN users but this
caused problems once PIC enabled users tried to communicate with them through
Office Communicator.
With this change, the EASI Passport ID can be used with PIC by making a simple
change when adding a user to your Communicator contact list. A Communicator user
that wants to add the EASI Passport ID of username@contoso.com would simply add the
following address to their search field: username(contoso.com)@msn.com
This increased the effectiveness of the PIC service as you now no longer need
contacts with unsupported EASI Passport domains, to change their domains in order
to use the PIC Service.
EASI = e-mail name as sign-in name
Wow, what is the chance that my last two blog entries would be about the Mac client. Install location -
http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/misc/messenger60_download.xml
Here are some of the quick highlights -
· Universal application built to run on both PowerPC-based and Intel-based Macs.
· Yahoo Federation with Windows Live Messenger – You can now chat with Yahoo! Messenger contacts using the Mac Messenger Personal service.
· Spell check support in instant messages.
· Sharing what contacts are listening to in iTunes, along with Personal Status Message support.
· Custom animated emoticons support.
· Separate contact list windows for Personal and Corporate.
Other information about this release: http://blogs.msdn.com/macmojo/archive/2006/09/27/774149.aspx