Since I never had the time to document the process of the deployments I did earlier with OCS 2007 R2 on a Windows Server 2008 R2 server, I took last week while I was deploying a new OCS 2007 R2 Edge server as an opportunity to do a few screenshots to show what the install looks like. Note that the following does not go into details and only shows what needs to be done with an Edge server so if you’re deploying another role, please fill in the missing gaps with the official Microsoft KB article (http://support.microsoft.com/kb/982021).
As per the Micorosft KB: http://support.microsoft.com/kb/982021:
Step #1
Install.NET Framework 3.5.1 by using Roles wizard from Server Manager. You can do this by selecting the Windows-based application server role to make sure completeness. This is a manual step. You must have .NET Framework 3.5 SP1 on a Windows Server 2008 R2 operating system before you install a version of Office Communications Server 2007 R2 that only includes .NET Framework 3.5.
Step #2
Install the Desktop Experience Features by using Add Features wizard from Server Manager. This is required for Media format runtime. The name of the media format runtime package depends on the operating system and the Office Communications Server 2007 R2 setup that refers to the Windows Server 2008 or to the Windows Server 2003 Media format runtime installation package.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Note: I ran into an issue on my first attempt to install the desktop experience feature with the following error:
Attempt to install Desktop Experience failed. The specified package is not applicable (error value: 0x800F081E).
Attempt to install Ink Support failed. The specified package is not applicable (error value: 0x800F081E).
What annoyed me was that the install and uninstall process took upwards to 15 minutes to complete and I was only able to get it to install properly on the 4th try when I uninstalled both the Desktop Experience and Ink and Handwriting Services (I only uninstalled the former on the first 3 tries).
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Note: It was also noted on the Microsoft forums that while the Desktop Experience will work, it’s actually not required as you can just install the Window Media Format Runtime with a command.
Installing Desktop Experience will work, but it is not required. Windows Media Format Runtime is the real requirement. NOTE: the command for installing Windows Media Format Runtime changes with each release of Windows. I've highlighted the subtle change in the command so you can better see how the command has changed between these two releases of Windows Server...
For Windows Server 2008 the command is:
pkgmgr.exe /ip /m:"%windir%\servicing\Packages\Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~amd64~~6.0.6001.18000.mum"
For Windows Server 2008 R2 the command is:
pkgmgr.exe /ip /m:"%windir%\servicing\Packages\Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
Here’s another blog post I was able to find: http://it-proknowledge.blogspot.com/2009/09/ocs-2007-r2-on-windows-server-2008-r2.html
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Step #3
Install the Hotfix that is described in KB 975858 for Windows Server 2008 R2.
975858 (http://support.microsoft.com/kb/975858/ ) An application or service that calls the InitializeSecurityContext function together with the ISC_REQ_EXTENDED_ERROR flag may encounter a TLS/SSL negotiation failure on a computer that is running Windows Server 2008 R2 or Windows 7 operating system
Step #4
Install Office Communications Server 2007 R2 Server Roles
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Note: If you run into the error message:
Microsoft Office Communications Server 2007 R2, Microsoft Unified Communications Managed API 2.0 Core Redist 64-bit installation or uninstallation requires that VC++ 2008 Redistribute is already install.
Please see my previous blog post: http://terenceluk.blogspot.com/2010/11/problem-installing-ocs-2007-r2-on.html
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Step #5
For Office Communications Server 2007 R2, Standard Edition, or Enterprise Edition, or Edge Server role, when KB 974571 is installed, Activation of the Office Communications Server 2007 R2 server role fails. To fix this problem, follow these steps:
- Apply the OCSASNFix.exe file. To download the Ocsasnfix.exe file, visit the following Microsoft Web site:
Install the OCSASNFix.exe file (http://go.microsoft.com/fwlink/?LinkId=168248)
- Rerun Office Communications Server 2007 R2 Activation
I made the mistake of executing the hotfix by double clicking it so when I re-ran the hotfix in the command prompt to get the screenshot, it indicates the hotfix ha already been applied.
Step #6
Install updates for Office Communications Server 2007 R2 that are dated October 2009 (3.5.6907.56), or install later versions. To download the updates for Office Communications Server 2007 R2, visit the following Microsoft Web site:
Microsoft Office Communications Server 2007 R2 Hotfix KB 968802 (http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b3b02475-150c-41fa-844a-c10a517040f4)
Step #7
Install updates for Office Communications Server 2007 R2, Group Chat Server, Office Communications Server 2007 R2, Group Chat Admin Tool and Office Communications Server 2007 R2, Group Chat Client that are dated May 2010 (3.5.6907.200), or install later versions.
Note You will experience the issue that is described in Microsoft Knowledge Base article 982129 (http://support.microsoft.com/kb/982129) if you do not apply the the update that is mentioned in the previous step. To download the updates for Office Communications Server 2007 R2, Group Chat Server, visit the following Microsoft website:
Microsoft Office Communications Server 2007 R2 Group Chat Server Hotfix 980042 (http://support.microsoft.com/kb/980042)
To download the updates for Office Communications Server 2007 R2 Group Chat Administration Tool, visit the following Microsoft website:
Microsoft Office Communications Server 2007 R2 Group Chat Administration Tool Hotfix 982128 (http://support.microsoft.com/kb/982128)
To download the updates for Office Communications Server 2007 R2 Group Chat Client, visit the following Microsoft website:
Microsoft Office Communications Server 2007 R2 Group Chat Client Hotfix 980043 (http://support.microsoft.com/kb/980043)
Step #8
- The default security setting on Windows Server 2008 R2 operating system for NTLM SSP requires 128-bit encryption. Depending on the client operating system mix in the enterprise, you may have to reduce this setting on a Windows Server 2008 R2 operating system that is running Office Communications Server 2007 R2 as a down level operating system. The key is set to "No requirement."
- For any down level operating system, such as Windows XP or for Windows Vista, the default value is set to "No Minimum."
- For a Windows 7 operating system, the default value is set to "Requires 128-bit encryption."
For more information about the “Changes in NTLM Authentication” as it applies to Windows 2008 R2 and Windows 7 operating systems, please visit the following Microsoft Web site:
Learn more about the changes in NTLM Authentication (http://technet.microsoft.com/pl-pl/library/dd566199(WS.10).aspx)
If you want to change the NTLM setting, follow these steps:
- Start secpol.msc on a Windows Server 2008 R2 operating system server.
- Click to select Local Policies and then click Security Options node.
- Make sure that the following values of the policies are set to "No Minimum."
- Network Security: Minimum session security for NTLM SSP based (including secure RPC)
- Network Security: Minimum session security for NTLM SSP based (including secure RPC) servers
While searching on the internet to see if there were any other issues not mentioned in the KB, I managed to find a post from another blogger’s post (Aaron Tiensivu):
Hope this serves to show an idea of what installing OCS 2007 R2 Edge on a Windows Server 2008 R2 64-bit looks like.