Understanding Office Communicator Web Access 2007 R2

This section provides basic information about how to enable Office Communicator Web Access 2007 R2. An introduction to the basic topology requirements is provided along with some overview information.

Enabling Office Communicator Web Access 2007 R2

Office Communicator Web Access is a Web-based version of the Office Communicator client and provides a great way to enable alternate operating systems and nondomain workstations without an installation process. Communicator Web Access provides internal and remote access to the Office Communications Server infrastructure by enabling IM, presence, ad hoc application sharing capabilities, and more. However, file transfer, A/V conferencing, and whiteboard sessions are not available with Communicator Web Access. The Web browsers that are supported by Office Communicator Web Access are shown in Table 7-1.

Table 7-1. Supported Browsers for Office Communicator Web Access 2007 R2

OPERATING SYSTEM

BROWSER

AUTHENTICATION MECHANISM

Windows 2000 Service Pack4 (SP4)

Microsoft Internet Explorer 6 SP1

NTLM

Kerberos

Forms-based

Custom

Windows XP SP2

Internet Explorer 6 SP2

Windows Internet Explorer 7

NTLM

Kerberos

Forms-based

Custom

 

Mozilla Firefox 2.0 and later

Forms-based

Custom

Windows Vista

Internet Explorer 7

NTLM

Kerberos

Forms-based

Custom

 

Mozilla Firefox 2.0.0.3 and later

Forms-based

Custom

Mac OS × 10.4.9

Apple Safari 2.0.4

Mozilla Firefox 2.0 and later

Forms-based

Custom

Communicator Web Access 2007 R2 has several new enhancements that are not present in Communicator Web Access 2007, including the following:

  • Automatic discovery of local servers in the Microsoft Management Console (MMC)

  • Richer Communicator Web Access user interface

  • Custom authentication, such as single sign-on and two-factor authentication support

  • Incoming Voice over Internet Protocol (VoIP) call routing and management

  • Web conference attendance

  • Ad hoc application sharing

  • Distribution group access

A Communicator Web Access topology can provide support for Web-based access internally and remotely by using load-balanced Web servers to host Communicator Web Access, as shown in Figure 7-9. Communicator Web Access can be deployed in several different topologies, including the following:

  • A single Communicator Web Access server for both internal and external users

  • Load-balanced Communications Web Access servers for both internal and external users

  • Separate Communicator Web Access servers for internal and external users

  • Separate Communicator Web Access server arrays for internal and external users

Communicator Web Access topology

Figure 7-9. Communicator Web Access topology

The following topologies are not supported for deploying Communicator Web Access:

  • Communicator Web Access should not be deployed in the perimeter network.

  • Communicator Web Access should not be installed on a domain controller.

Remote access logons that use Communicator Web Access go through the following process when logging on to the topology, as shown in Figure 7-9:

  1. The remote user on the public Internet uses her Web browser to connect to the Office Communicator Web Access URL (for example, https://im.litwareinc.com). This request securely connects through the reverse proxy in the edge network, which routes the connection to the load balancer for the external Communicator Web Access Web farm.

  2. The Web browser verifies that the server certificate on the external interface of the reverse proxy comes from a trusted CA, and it validates that the Subject Name (SN) or Subject Alternate Name (SAN) field is represented in the certificate (for example, im.litwareinc.com).

  3. Communicator Web Access authenticates the user, validates the SIP URI, and ensures the user is allowed to log on using remote access. Communicator Web Access can use integrated Windows authentication or forms-based authentication to authenticate the user. Internal users can use Kerberos or NTLM. External users and browsers that do not support Integrated Windows can use NTLM.

    Note

    Forms-based authentication passes the password in clear text, so it should always be used with HTTPS to encrypt the communications channel. This is important for internal users and should be required for external users.

  4. The mutual transport layer security (MTLS) server certificate configured for Communicator Web Access is used to authenticate and encrypt connections between the Communicator Web Access server and the Office Communications Server 2007 R2 server. This connection will be used to transport the user’s SIP-based communications to and from the rest of the Office Communications Server infrastructure.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.188.180.254