Publishing OCS 2007 External Address book through ISA 2006 or TMG


Publishing OCS 2007 External Address book through ISA 2006 or TMG
In principle the configuration below should work on both ISA and TMG
 
First use the web publishing wizard that comes with TMG 2010, I am not going to go through step by step as there are
plenty of articles on this. What I will do is post the settings that are changed for my reference.
 
1.
First you need to ensure the External and Internal URLs are configured correctly. To update the
External url check out this article.
 
 
I configured both my internal and external URL names to be the same
EG
Url Internal from server https://ocs.domain.com/abs/int/handler
Url External from server https://ocs.domain.com/abs/ext/handler
 
Now there is another attribute called GAL Status and this reflects the Internal URL.
I will come onto that a bit more after.
 
2.
Configure you certificate to use the correct SAN names.
                The pool name and individual server name
                These include the external published name you will use in my case ocs.domain.com
                The internal pool name you will use in my case again I used ocs.domain.com
                Also add the SIP record, in my case sip.domain.mobi I use this on external non-domain clients to auto connect over the web
                For all external web addresses make sure you have an external dns record.
 
To make configuration on my web listener easier I can figured a single certificate with all the required SAN addresses for exchange and OCS
 

DNS Name=exch01

DNS Name=exch01.domain.mobi – Exchange server – RPC-HTTP config

DNS Name= domain.mobi

DNS Name=autodiscover.domain.mobi

DNS Name=owa.domain.mobi

DNS Name=sip.domain.mobi – for externalClient     

DNS Name=ocspoolname.domain.mobi – Same

DNS Name=ocsservernames.domain.mobi

DNS Name=ocs external url address.domain.mobi –Internal will be configured as the same. I named my pool OCS to again makeconfiguration easier.

 
3. Once you have configured this certificate on the ocs pool and imported into the ISA / TMG server run the publishing rule for publishing websites.
          Once complete you should be able to browse to the url through IE and get a challenge / response
          i.e. https:// https://ocs.domain.com/abs/ext/handler/addressbookfilename.lsabs
            You will need to get the filename from the published directory on the server.
PS Make sure you assign the new certificate to IIS SSL on the ocs servers.


4. To help troubleshoot I am going to publish my test lab settings

 
Hope this helps.
 
 
 
The name of the published site, as you can see I have named my server the same.



Last you need to set the users to all users. This means the TMG will not be pre-authenticate





This is the external DNS name requested will be coming from.





Ok here is the catch, for my the only way I could get this to work was to publish the path /INT
As this is what the client wants to connect to.
Remember the GAL Status comment from earlier




The client authenticates directly to the published server.

Posted by Madferret at 17 Mar 2010, 10:23 AM
Categories: ISA 2006, TMG 2010
Tags: Publishing OCS 2007 External Address book through ISA 2006 or TMG
 

What did you think of this article?




Trackbacks
Trackback specific URL for this post
  • No trackbacks exist for this post.
Comments
  • No comments exist for this post.
Leave a comment

Submitted comments are subject to moderation before being displayed.

 Name

 Email (will not be published)

 Website

Your comment is 0 characters limited to 3000 characters.