locked
federated contact group expansion RRS feed

  • Question

  • Hello

    I am running OCS 2007 R2 Enterprise, I am also publishing the group expansion url to the internet. We are currently federating with another organization (ORG-B, we are ORG-A for example) Can contacts from ORG-B search for a group that is in ORG-A by the groups email address then add the group to the communicator client as a contact, then expand the group and see all the members?

    Does the group expansion url require authentication, in other words in order to expand groups do users need to be authenticated first?

     

    Thanks


    Bulls on Parade
    Thursday, August 5, 2010 4:11 AM

Answers

  • Hi,

    It will work all you have to do is federation for both ends.

     

    Regards.

    Shafaquat Ali.


    M.C.I.T.P Exchange 2007/2010, M.C.I.T.P Windows Server 2008, M.C.T.S OCS Server 2007 R2, Phone: +923008210320
    • Marked as answer by Ben-Shun Zhu Thursday, August 12, 2010 9:51 AM
    Thursday, August 5, 2010 4:46 AM
  • As a bit of background, the DLX is not hosted on the Edge but through the proxy for your external users, but you seem to understand that already.

    For federated users, they need to have an explicit contact or SIP URI information to add a federated member. In the recommended configuration, the DLX is a resource of the domain that hosts it.  A user must authenticate to be able to access that information because it is being published through the proxy from the FE. The FE is going to require domain credentials (in the case of an external, NTLM) which the federated object won't/shouldn't be able to provide.


    Best regards,
    • Marked as answer by Ben-Shun Zhu Thursday, August 12, 2010 9:51 AM
    Friday, August 6, 2010 1:51 AM

All replies

  • Hi,

    It will work all you have to do is federation for both ends.

     

    Regards.

    Shafaquat Ali.


    M.C.I.T.P Exchange 2007/2010, M.C.I.T.P Windows Server 2008, M.C.T.S OCS Server 2007 R2, Phone: +923008210320
    • Marked as answer by Ben-Shun Zhu Thursday, August 12, 2010 9:51 AM
    Thursday, August 5, 2010 4:46 AM
  • As a bit of background, the DLX is not hosted on the Edge but through the proxy for your external users, but you seem to understand that already.

    For federated users, they need to have an explicit contact or SIP URI information to add a federated member. In the recommended configuration, the DLX is a resource of the domain that hosts it.  A user must authenticate to be able to access that information because it is being published through the proxy from the FE. The FE is going to require domain credentials (in the case of an external, NTLM) which the federated object won't/shouldn't be able to provide.


    Best regards,
    • Marked as answer by Ben-Shun Zhu Thursday, August 12, 2010 9:51 AM
    Friday, August 6, 2010 1:51 AM
  • Thanks for the information Ben. What is "the DLX" we are not going to use a proxy server, we will be publishing the url's straight from the FE server. It sounds like inorder to expand a group, the user needs to be authenticated? if this is correct, it doest appear that a federated contact can expand a group because they dont have the necessary credentials?

    does it make a difference if the two organizations are both running OCS 2007 R2 and using the communicator client? it seems like it comes down to a lack of AD credentials? 


    Bulls on Parade
    Friday, August 6, 2010 2:24 AM
  • Correct.

    Same as if the two organizations are both runing OCS 2007 R2.


    Best regards,
    Friday, August 6, 2010 2:58 AM