Planning, Deploying, and Administering Office Communications Server2007R2, Extensible Messaging and Presence Protocol (XMPP) Gateway

Published: September 2009

The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication.

This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.

Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.

Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, email address, logo, person, place or event is intended or should be inferred.

® 2009 Microsoft Corporation. All rights reserved.

Microsoft, Windows, Windows Server, Active Directory, and Visual C++ are trademarks of the Microsoft group of companies.

All other trademarks are property of their respective owners.

Deploying XMPP Gateway13

Contents

Introduction 4

How to Use This Document 4

Terms and Concepts 5

Planning for XMPP Gateway 6

Topology Overview 6

Supportability 9

Capacity Planning 10

User Experience 10

Prerequisites for Installation 11

Infrastructure Requirements 11

System Requirements 12

Deploying XMPP Gateway 13

Installing XMPP Gateway 14

Configuring Gateway IP 23

Configuring DNS Entries 24

Configuring Edge Server 27

Configuring XMPP Server 29

Achieving High Availability 29

Administering XMPP Gateway 30

Using the XMPP Gateway Snap-in 30

Start, Stop, or Restart the XMPP Gateway Service 31

SIP Configuration 31

XMPP Configuration 35

Security Settings 41

Configuring Additional Settings 45

Troubleshooting 48

References 49

Introduction

Office Communications Server 2007 R2, Extensible Messaging and Presence Protocol (XMPP) Gateway enables users to share presence information and communicate via instant messaging (IM) between Office Communications Server and XMPP-based providers and servers, such as Google Talk and Jabber. After XMPP Gateway is deployed in an Office Communications Server environment, users hosted on Office Communications Server can do the following:

·  Add or delete users of an XMPP environment as contacts.

·  Communicate with users of an XMPP environment through one-on-one IM conversations.

·  For details about XMPP Gateway, see http://go.microsoft.com/fwlink/?LinkID=141529.

How to Use This Document

This document describes how to plan, install, configure and manage XMPP Gateway. It contains the following sections:

·  Introduction (this section) provides information about how to use this document and a glossary of the term and concepts used in the document.

·  Planning for XMPP Gateway provides the topology overview, supportability, capacity planning, and user experience information for XMPP Gateway.

·  Prerequisites for Installation provides the infrastructure and system prerequisites for installing XMPP Gateway.

·  Deploying XMPP Gateway provides a step-by-step guide to installing XMPP Gateway, configuring Domain Name System (DNS) entries for gateway, and configuring Edge Server and XMPP servers. This section also discusses high availability.

·  Administering XMPP Gateway describes configuration settings available on XMPP Gateway.

·  References provides links to additional information about the topics covered in this document.

Terms and Concepts

Access Edge Service. An Office Communications Server 2007 service in the perimeter network that validates incoming Session Initiation Protocol (SIP) traffic then forwards the IM traffic between internal and external users.

contoso.com. A fictitious company Contoso, Ltd, which supports SIP domains of ocs.contoso.com, ocs.contoso.com and XMPP domain of xmpp.contoso.com.

Edge Server. An Office Communications Server role that resides in the perimeter network and provides connectivity for external users and public IM connections.

External user. A user connecting from outside the corporate firewall. External users include anonymous users, federated users, and remote users.

fabrikam.com. The domain name of a fictitious company, Fabrikam, Inc., which supports XMPP domain of fabrikam.com.

Federated user. An external user who possesses valid credentials with a federated partner and who, therefore, is treated as authenticated by Office Communications Server.

FQDN. Fully qualified domain name.

Front End Server. An Office Communications Server 2007 server in the internal network that hosts the IM Conferencing service, Address Book service, and Telephony Conferencing service to support registration, presence, IM, and conferencing. This server role is available on a Standard Edition server. In an Enterprise pool, it can be collocated with the Web Conferencing Server and A/V Conferencing Server, or can be deployed on a separate server.

GUI. Graphical user interface.

litwareinc.com. The domain name of a fictitious company, Litware, Inc., which supports XMPP domain of litwareinc.com.

MMC. Microsoft Management Console.

SASL. Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols.

SIP. Session Initiation Protocol, a signaling protocol.

SIP domain. The domain portion of a user’s SIP Uniform Resource Identifier (URI) used by Office Communications Server to direct communications. For example, if Bob’s SIP URI is , contoso.com is the SIP domain.

XMPP. Extensible Messaging and Presence Protocol.

XMPP domain. The domain portion of a user’s XMPP URI used by XMPP Server to direct communications. For example, if John’s XMPP URI is , fabrikam.com is the XMPP/allowed domain.

Planning for XMPP Gateway

This section includes the following topics:

·  Topology Overview

·  Supportability

·  Capacity Planning

·  User Experience

Topology Overview

This section provides sample deployments of XMPP Gateway used in Office Communications Server topologies to allow federation with Jabber Extensible Communications Platform (Jabber XCP) or Google Talk Servers.

The following deployment scenarios are covered under this topic:

·  On premise deployment with Jabber addresses IM communications between Jabber and Office Communications Server users in an organization.

·  Federation between two organizations addresses IM communications between Jabber users who are present in one organization with Office Communications Server users who are present in a different organization.

·  Public federation with Hosted Network addresses federation over a public IM network.

Important

Typically, XMPP Gateway can be in the Active Directory® Domain Services (ADDS) or it can be a stand-alone server. We recommend that it be a stand-alone server. Here, we are assuming that XMPP Gateway, Office Communications Server and the Edge Server will always be in one domain.

On-Premises Deployment with Jabber

This deployment addresses the communication of Office Communications Server users with Jabber users. For this topology, Office Communications Server, Edge Server, and XMPP Gateway can be in one subdomain and XMPP Server can be in another subdomain.

Note

For details about the network layout, see the Configuring DNS Entries section.

On premises federation with Jabber

Federation between Two Organizations

This deployment addresses communication between Office Communications Server users who are present in one domain and communicating with Jabber users installed in another domain across the Internet cloud. For this topology, you can deploy Office Communications Server, Edge Server, and XMPP Gateway in one organization, and the XMPP Server in another organization.

Note

For details about the network layout, see the Configuring DNS Entries section.

Federation between two organizations

Public Federation with Hosted Network

This deployment addresses the federation of the Office Communications Server Enterprise Edition users with the hosted users across the public Internet cloud. For this topology, XMPP Gateway should be deployed in the public network (that is, the FQDN of XMPP Gateway should be resolved publicly).

Note

For details about required network configuration, see the Configuring DNS Entries section.

Public federation with hosted network

Supportability

You need to deploy XMPP Gateway on a dedicated computer.

Components

XMPP Gateway consists of the following components:

·  XMPP Gateway Snap-in, which allows configuration and management of XMPP Gateway.

·  XMPP Gateway Service, which is the actual translator between SIP and XMPP.

Supported Servers

·  Microsoft Office Communications Server 2007 R2

·  Microsoft Office Communications Server 2007

·  Jabber XCP Server version 5.4

·  Google Talk

Note

Although Office Communications Server 2007 R2 supports virtualization for some server roles and features, virtualization of XMPP Gateway is not supported.

Supported Clients

·  Microsoft Office Communicator 2007 R2

·  Microsoft Office Communicator 2007

·  Microsoft Office Communicator 2005

·  Jabber MomentIM Client version 5.2.1

·  Google Talk

Capacity Planning

XMPP Gateway was performance tested according to the following usage models:

Simultaneous users / 10,000 / 2,000
Office Communications Server users / 5,000 / 1,000
Office Communications Server user’s average number of contacts / 10 / 25
XMPP users / 5,000 / 1,000
XMPP user’s average number of contacts / 10 / 25

XMPP Gateway performance will vary, depending on usage variables.

User Experience

After you deploy XMPP Gateway, Office Communications Server users and XMPP users can do the following:

·  Add and Delete each other as contacts.

·  Publish presence and subscribe for each other presence.

·  Engage in one-to-one conversations.

Add and Delete Contacts

Office Communications Server users can add or delete XMPP users from their contact list and vice versa. After a user is successfully added to the contact list, his/her presence is visible.

Publish Presence and Subscribe to Presence

Office Communications Server users can publish their presence status to XMPP users and vice versa. The mappings between the presence states are listed in the following tables.

Mapping of Office Communications Server User Presence State to XMPP User

XMPP user / Office Communications Server user
Available / Available
Free To Chat / Available
Away / Away
Extended Away / Away
Do Not Disturb / Busy
Unavailable / Offline

Mapping of XMPP User Presence State to Office Communications Server User

Office Communications Server user / XMPP user
Available / Available
Busy / Do Not Disturb
Do Not Disturb / Do Not Disturb
Be Right Back / Away
Away / Away
Offline / Unavailable
One-to-One Conversations

An Office Communications Server user can start and participate in an IM conversation with an XMPP user and vice versa.

Prerequisites for Installation

This section describes the infrastructure and system requirements for installing XMPP Gateway.

Infrastructure Requirements

The following need to be deployed or available in the network:

·  Office Communications Server 2007 or Office Communications Server 2007 R2 Standard Edition server or Enterprise pool with the Front End service running

·  Office Communications Server 2007 or Office Communications Server 2007 R2 Edge Server with the Access Edge service running

·  XMPP Server (Jabber/Google Talk)

·  Load Balancer (optional)

Collocation of XMPP Gateway with any other server role is not supported.

Office Communications Server must be configured to support federation and public IM as follows:

·  Support for federation and public IM must be configured at the global (forest) level. For details, see “Enabling Federation and Public IM Connectivity and Configuring Routing of Inbound and Outbound SIP Traffic” in the Administering Office Communications Server 2007 R2 documentation at http://go.microsoft.com/fwlink/?LinkId=156057.

·  The individual accounts of Office Communications users who need to communicate with users of an XMPP-based IM and presence provider must be configured to support public IM connectivity. For more details, see “Configuring Federation, Remote User Access, and Public IM Connectivity for Individual Users” in the Administering Office Communications Server 2007 R2 documentation at http://go.microsoft.com/fwlink/?LinkId=150673.

XMPP listens on the following ports, which may require firewall configuration:

·  5061: SIP connection

·  5269: XMPP connection

Note

When the Windows Server® 2008 is used for XMPP Gateway, Windows Server Firewall should be disabled for the ports 5061 and 5269.

Note

No other application should be using 5061 port on the computer that runs XMPP Gateway.

System Requirements

System requirements for installing XMPP Gateway include the hardware and software requirements for the computer on which XMPP Gateway is to be installed.

Hardware Prerequisites

The following table lists the hardware required on the computer that runs XMPP Gateway.

Hardware Requirements

System component / Minimum requirement /
CPU / Dual processor, quad-core 2.0 gigahertz (GHz) +
4-way processor, dual-core 2.0 GHz +
Disk / 2x 72 GB, 15K or 10K RPM, RAID 0 (striped) or equivalent
Memory / 4 gigabyte(GB) of RAM
Install Space / 15 MB
Cache / 2 MB L2 per core
Network / 1x gigabit network adapter
Bandwidth Requirements / 128 kbps if deployed on Internet
Software Prerequisites

The following table lists the software required on the computer that runs XMPP Gateway.

Software Requirements

Software component / Minimum requirement /
.NET Framework / 3.5
Operating System / The Windows Server 2003 Standard x64 Edition operating system with Service Pack 2 or Windows Server 2003 Enterprise x64 Edition with Service Pack 2
The 64-bit editions of Windows Server 2008
Microsoft Management Console / 3.0
Microsoft Visual C ++® 2005 Redistributable or Visual C++ 2008 Redistributable
Unified Communications Managed API (UCMA)

Deploying XMPP Gateway

This section includes the following:

·  Installing XMPP Gateway

·  Configuring Gateway IP