DNS Records and Office Communicator Automatic Client Sign-In

Office Communicator client signs into OCS in one of two ways:

1) The OCS server hostname is manually specified in Communicator, or,
2) "Automatic Sign-In" via a DNS query on the SIP domain (the domain portion of the user's SIP address) which returns the OCS server (or pool).

This is true for clients running both inside and outside your internal network ('outside' meaning outside the firewall, on the Internet).

The DNS records for automatic sign-in are always front-and-centre when trouble-shooting any Communicator sign-in issues, so I'll recap the format of the DNS SRV records most commonly needed:

1. _sipinternaltls._tcp.<sip domain> (Internal TLS)
   
2. _sipinternal._tcp.<sip domain> (Internal TCP)
   
3. _sip._tls.<sip domain> (External TLS)
   
4. _sip._tcp.<sip domain> (External TCP *)
   

From a DNS sign-in perspective, Communicator does not know or care whether it is on an internal or external network – it queries for the DNS SRV records in the order listed above, and will attempt a connection on the first match (the hostname specified by the SRV record).

* Although Communicator will search for the external TCP SRV record of the format "sip._tcp.<sip domain>" external connections must use TLS (on the Edge Access).

The DNS SRV record returns a hostname representing the OCS Enterprise Pool or Standard Server. A DNS A record lookup is then performed to get an IP address to connect to.

If no records DNS SRV records are found, Office Communicator performs an explicit DNS A record lookup up in the following order (until it gets a successful match):

1. sipinternal.<sip domain>
   
2. sip.<sip domain>
   
3. sipexternal.<sip domain>
   

Note: In the Communicator R2 client, it appears that the format "sip.<sip domain>" (#6 above) is tried before "sipinternal.<sip domain>", and #7 is not attempted at all.

InsideOCS has a free downloadable tool, the Automatic Sign-In Troubleshooting Tool, that will query for all of the automatic sign-in DNS records and show which ones exist, and which one will be used.

For more details all the automatic sign-in process and it's requirements, see:

• Automatic Office Communicator Sign-In (Part 1 – The Correct DNS Service Location (SRV) Record)
  
• Automatic Office Communicator Sign-In (Part 2 – ensuring the correct Subject Name on the Certificate)
  
• Automatic Office Communicator Sign-In (Part 3 – ensuring the client trusts the issuing Certificate Authority)
  

Note: the manual configuration of Office Communicator clients can be automated through the Microsoft Office Communicator Group Policy.

For additional information, see the following links:

• Microsoft OCS 2007 TechNet Library – Required DNS Records for Automatic Client Sign-In
  
• Microsoft OCS 2007 R2 TechNet Library – Office Communicator Sign-in and Discovery
  
• Microsoft TechNet Office Communications Server 2007 – 3.2 Configure DNS for Your Pool
  
• Microsoft TechNet Article on DNS Records for an OCS Pool and How to Create Them
  
• Jeff Schertz – OCS 2007 – DNS Lookups with OCS Automatic Configuration
  

Implementing App-V – Part IV: Sequencing Applications

January 18, 2010 at 3:50 am | In App-V | 18 Comments

Tags: App-V, application virtualization, Virtualization

 
 

Other posts in this series:

Implementing App-V – Part I: Introduction to Application Virtualization

Implementing App-V – Part II: Choosing and Preparing the Environment

Implementing App-V – Part III: Integrating Clients

Ok, we had a good look about the entire App-V platform so far: Explanation about application virtualization and the components involved in App-V (Post I); installation of the App-V Server including some troubleshooting tips (Post II); integrating App-V client components, testing the default application and some troubleshooting about this process as well (Post III).

Now it is time to sequence some real applications and deliver them to clients. As always, I'm going to start with an easy one, so you can see all the tricks involved to get the things working. But first, we must prepare the App-V Sequencer machine.

As we've seen in Post I, the main component involved in the sequencing process is the App-V Sequencer.

Sequencer Quick Checklist

• Use the same base operating system for both, Sequencer and Target (client) machines. Microsoft does not support using different type of OS between these two. Off the record: I've used many applications that worked perfectly when this requirement was not fulfilled.
  
• The Sequencer machine must have a second partition available. The common use for this one is to assign the Q:\ drive letter.
  
• Sequencer and Client machine must have the same Windows Installer version.
  
• In the Sequencer machine ensure that the directories %TMP%, %TEMP% (user temporal data) have sufficient space, since the application use this directory to store temporal sequencing data.
  
• Before sequencing an application you should close all other programs, including Antivirus.
  
• As a recommended best practice, use VirtualPC or any other type of virtual machine for the App-V Sequencer. Combine this using snapshots or differencing disks to always have available a fresh OS to deploy applications. 
  

For more information about the sequencing process and requirements, check the Sequencing Guide from Microsoft and also the Sequencing Best Practices.

App-V Sequencer Setup

Once you've checked all the requirements mentioned above, the installation process is quite simple and straight forward.

App-V Sequencer main window:

Sequencing Applications Step-by-Step

As I mentioned earlier my first pick will be a simple application, this will allow us to get familiarized with the sequencing process. I want to start showing the App-V compatibility with some non-Microsoft applications, I'll be using Mozilla Firefox.

1. In the App-V Sequencer program window select "New Package".

2. A new wizard will start, select the package name "Firefox".

3. In the next window you are ready to get started with the applications installation and capture, so you can start creating the installation folder in the
Q:\ drive.

Within this folder, the application will store all the program files and the sequencer will use them to package the application.

Note: You don't need to place the installer inside this folder.

4. Click on "Begin Monitoring" to start the installation process.

5. The capture process will start by selecting the folder in the Q:\ drive.

6. Once you've selected the folder, the virtual environment will start to load, wait for the "Monitoring started. Please begin installation" message appears.

7. Locate the installer and start the installation process.

8. In the installation process, the main step will be in the destination folder option that the program use to place the program files. Select the folder you've selected to be monitored. In my case: Q:\Firefox.

9. Once the installation is complete and you verified that the program was installed correctly, get back to the sequencer window and click on "Stop Monitoring" and click on "Next".

10. In the next window you can add some more files inside the package. This can help you if you are using customized applications, that need to load local files.

In my case I don't need any.

11. In the next window, the sequencing process detects the applications that compose Mozilla Firefox, in my case the Firefox standard app and the Firefox safe-mode.

You can add new ones, remove the detected and modify the components involved: File type associations and icons.

For every application shown here, we will need to make a small change. Click on each application in the right list, and select the "Edit" option. In the "OSD File Name" you will probably see a long name, like "Mozilla Firefox 1.9.1.3523.osd".

You need to change this one removing all the spaces in the name, like "Firefox.osd".

Change this in all applications involved and click on "Next".

12. The next step is optional, where you can launch the applications for a final check that they are working properly. Click on "Next".

13. Sequencing process is complete. Click on "Finish".

14. The package is ready for the final customization regarding the application deployment.

In the App-V Sequencer window, select the "Deployment" tab and change the Protocol option to "RTSP" (this will automatically change the Port to 554), and in the Hostname option select the name of the App-V Server, in my case "appv-server".

In the Operating System list, you can add all the baselines where this application can become available. And note also the option to generate an MSI package, that you can use it with the App-V Stand Alone mode (explained in Post I of this series) and/or System Center Configuration Manager (SCCM) integration with App-V.

15. Before saving the package, you can explore other options within the Sequencer, like the registry files that are modified by the application.

Once you are done, click on save this package locally.

With the project saved, you can check on the files created and verify that the OSD files were not created with names composed by blank spaces.

Adding the Package to the Server

Now that the package has been sequenced and created, it is time to add it to the server.

1. Copy the files created in the App-V Sequencer to the "content" folder in the App-V Server.

2. In the App-V Server, open the App-V console. Right click in Applications and select "Import Applications".

3. Select the SPRJ file for the Mozilla Firefox and click "Open".

4. In the General Information window, accept the default options and click on "Next".

5. In the "Published Shortcuts" select the shortcuts that the clients will have created.

6. In the "Access Permissions" select the group that will load this application. In my case, I'm using Domain Admins.

7. In the "Summary" window, click on "Finish".

And now you have the application ready in your App-V Server to be deployed.

Testing the Application

After completing the importing wizard, the application is ready to be deployed in the client machines.

Access the client machine, and if you want to avoid the process of log-off and log-on to test it, locate the App-V Client console (C:\Program Files\Microsoft Application Virtualization Client\SftCMC.msc), select "Publishing Server" and click on "Refresh Server".

The new icons will appear in the desktop or in the places you've selected.

Mozilla Firefox starting

Troubleshooting App-V Published Applications

The most common error about App-V applications I've experienced are regarding the firewall exceptions discussed in the Post III of this series. But, there's also another problem that appears related to the package it self.

If the package that you've created, the OSD file name uses spaces between, like "Mozilla Firefox 1.9.1.3523.osd":

Then most likely when you try to deploy this application, after importing it in the server, you'll get these errors:

"The package requested could not be found in the system data store or the files associated with this package could not be found on the server". "Error code: 4513CDC-1690150A-20000194"

To fix this, you'll need to regenerate the sequenced application as shown above, editing the application information and remove any blank spaces in the OSD file name.

More Resources

• Microsoft Application Virtualization 4.5 Resource Kit Tools
  
• [Case Study] Sequencing Applications for Deployment at Microsoft
  
• App-V Sequencing Guide
  

Other posts in this series:

Implementing App-V – Part I: Introduction to Application Virtualization

Implementing App-V – Part II: Choosing and Preparing the Environment

Implementing App-V – Part III: Integrating Clients

Understand Microsoft Volume Licensing and Activation Management Tool 2.0

Microsoft Volume Licensing Service Center (VLSC) User Guide

This user guide shows step-by-step instructions for how to register, view account details, download products and more from the Microsoft Volume Licensing Service Center (VLSC). It also includes screenshots, technical support information, and a glossary. Microsoft Volume Licensing Service Center (VLSC) User Guide.

Download Microsoft Volume Licensing Service Center (VLSC) User Guide [.pdf format]

Download Volume Activation Management Tool 2.0 (Beta)

Volume Activation Management Tool (VAMT) 2.0 (Beta) is a managed MMC plug-in with support for Office 2010 Beta. Administrators may use it to manage volume editions of Windows and Office 2010 Beta installed with a Key Management Service (KMS) client key or a Multiple Activation Key (MAK). A convenient command line interface (CLI) allows automated, scheduled VAMT tasks without UI interaction.

Download Volume Activation Management Tool 2.0 (Beta) [.msi format]

Manage Activation Using VAMT 2.0

VAMT can be an important tool to help you centrally manage and automate a range of activities related to Windows activation. Core benefits of VAMT include:

• The ability to protect product keys by retaining them only in the VAMT console, vs. including a key in an image or distributing it in plain text
  
• Perform activations without each system having to connect and activate with Microsoft activation services
  
• Inventory and monitor systems in the environment from an activation and licensing standpoint VAMT enables you to remotely activate managed systems. You can perform MAK, KMS host, KMS client, and retail activations. VAMT uses WMI to remotely manage activations and other related tasks on managed systems. VAMT also can assist with license compliance, letting you monitor license state for the systems under management
  

Download Manage Activation Using VAMT 2.0 White Paper here[.docx format]

Product Activation Using VAMT 2.0

This document explains how to perform the following activation-related tasks using VAMT 2.0: 1. Discover computers and installed products 2. Remotely install a product key on those products 3. Remotely complete typical product activations that you might use in your environment—online, proxy, and Key Management Service (KMS) client activation 4. Save the Computer Information List, and perform local reactivations using that list These tasks can be performed for Windows 7, Windows Vista, Windows Server 2008 R2, Windows Server 2008, Office 2010 client suites and applications, Visio 2010 and Project 2010 clients.

Download the Product Activation Using VAMT 2.0 [.docx format]

Manage Product Keys Using VAMT 2.0

VAMT helps adminsitrators to manage keys acquired through a Microsoft volume license agreement, subscription programs such as MSDN, TechNet or Microsoft Partner Network, or the retail channel. VAMT 2.0 enables management of the following product key types, for Windows 7, Windows Vista, Windows Server 2008 R2, Windows Server 2008, Office 2010 client suites and applications, Visio 2010 and Project 2010:

• Key Management Service (KMS) host keys (CSVLK)
  
• KMS client setup keys
  
• Multiple Activation Key keys (MAK)
  
• Retail keys
  

Download the Manage Product Keys Using VAMT 2.0 Guide [.docx format]

Reporting Activation Information Using VAMT 2.0

VAMT 2.0 can be used to track and report activation data for Windows operating systems activated using Key Management Service (KMS), Multiple Activation Keys (MAK), and retail keys. VAMT 2.0 supports Windows 7, Windows Vista, Windows Server 2008 R2 and Windows Server 2008, Office 2010 client suites and applications, Visio 2010 and Project 2010 clients. VAMT can provide information on license status, and whether installed software is genuine. This information also can help you with license compliance. VAMT can be used in addition to any tool you already may be using for the purpose of software asset management or license management.

Download the Reporting Activation Information Using VAMT 2.0 guide [.docx format]

Also read – New Volume Activation Management Tool (VAMT) to manage Multiple Activation Key(MAK)

Hyper-V: Disk2vhd Free Physical Disk Conversion tool

Well dual boot just went obsolete. At least installing to two different directories it did. Now you can achieve true isolation. Mark Rusinovich wizard extraordinaire and the Microsoft Sysinternals team launched a great new tool. Disk2VHD excerpted from the Sysinternals site:

 Download Disk2vhd (704 KB)

Introduction

Disk2vhd is a utility that creates VHD (Virtual Hard Disk - Microsoft's Virtual Machine disk format) versions of physical disks for use in Microsoft Virtual PC or Microsoft Hyper-V virtual machines (VMs). The difference between Disk2vhd and other physical-to-virtual tools is that you can run Disk2vhd on a system that's online. Disk2vhd uses Windows' Volume Snapshot capability, introduced in Windows XP, to create consistent point-in-time snapshots of the volumes you want to include in a conversion. You can even have Disk2vhd create the VHDs on local volumes, even ones being converted (though performance is better when the VHD is on a disk different than ones being converted).

The Disk2vhd user interface lists the volumes present on the system:

It will create one VHD for each disk on which selected volumes reside. It preserves the partitioning information of the disk, but only copies the data contents for volumes on the disk that are selected. This enables you to capture just system volumes and exclude data volumes, for example.

Note: Virtual PC supports a maximum virtual disk size of 127GB. If you create a VHD from a larger disk it will not be accessible from a Virtual PC VM.

To use VHDs produced by Disk2vhd, create a VM with the desired characteristics and add the VHDs to the VM's configuration as IDE disks. On first boot, a VM booting a captured copy of Windows will detect the VM's hardware and automatically install drivers, if present in the image. If the required drivers are not present, install them via the Virtual PC or Hyper-V integration components. You can also attach to VHDs using the Windows 7 or Windows Server 2008 R2 Disk Management or Diskpart utilities.

Note: do not attach to VHDs on the same system on which you created them if you plan on booting from them. If you do so, Windows will assign the VHD a new disk signature to avoid a collision with the signature of the VHD's source disk. Windows references disks in the boot configuration database (BCD) by disk signature, so when that happens Windows booted in a VM will fail to locate the boot disk.

Disk2vhd runs Windows XP SP2, Windows Server 2003 SP1, and higher, including x64 systems.

Thanks Dieter Rauscher for the heads up,

Jamil Rashdi

wasl