Exchange Instant Messaging over the Internet Jyoti Kulkarni

Exchange Instant Messaging over the Internet Jyoti Kulkarni
Exchange Instant Messaging
over the Internet
Jyoti Kulkarni
Exchange Instant Messaging
over the Internet
Jyoti Kulkarni
ii
Exchange Instant Messaging over the Internet
Copyright
The information contained in this document represents the current view of Microsoft Corporation
on the issues discussed as of the date of publication. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and
Microsoft cannot guarantee the accuracy of any information presented after the date of publication.
This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES,
EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS
DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the
rights under copyright, no part of this document may be reproduced, stored in or introduced into a
retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying,
recording, or otherwise), or for any purpose, without the express written permission of Microsoft
Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
Unless otherwise noted, the example companies, organizations, products, domain names, e-mail
addresses, logos, people, places and events depicted herein are fictitious, and no association with any
real company, organization, product, domain name, email address, logo, person, place or event is
intended or should be inferred.
 2003 Microsoft Corporation. All rights reserved.
Microsoft, Active Directory, MSN and Windows are either registered trademarks or trademarks of
Microsoft Corporation in the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their
respective owners.
Produced by: Exchange User Education
Writer: Jyoti Kulkarni
Technical Reviewers: Jeff Bachmeier, Shawn McGrath, and Michael Jimenez
Project Editor: Megan Bradley
Designer: Kristie Smith
Production: Sean Pohtilla
Published: February 2003
Table of Contents
Introduction.............................................................................................................1
Intended Audience .................................................................................................. 1
Background .............................................................................................................. 1
Chapter 1
Instant Messaging Service Architecture ............................................... 3
Server Types in an Instant Messaging Configuration................................................ 5
Instant Messaging Home Servers ......................................................................... 5
Instant Messaging Routers .................................................................................... 5
Instant Messaging Domains .........................................................................................6
Configuring for Internet or Intranet Capability.................................................... 6
Instant Messaging URL and Instant Messaging Address.................................. 6
Chapter 2
Planning....................................................................................................................9
Planning the Instant Messaging Network................................................................... 9
Software Requirements ......................................................................................... 9
Windows 2000 Server with IIS ...................................................................... 9
DNS Server on Local Domain...................................................................... 10
Security Permissions ........................................................................................... 10
Chapter 3
Installation.............................................................................................................11
Installing Exchange 2000 Server .............................................................................. 12
Creating an Instant Messaging Home Server.......................................................... 13
Creating an Instant Messaging Router..................................................................... 21
Setting the Connection Configuration for Instant Message Polling and Fixed Port
Callback Delivery.......................................................................................................... 28
Creating DNS Forward and Reverse Lookup Zones and DNS Resource Records29
Creating Host Records ................................................................................................ 33
Setting Administrative Permissions.......................................................................... 34
Setting or Changing a Password Policy.................................................................... 36
Allowing Users to Access Instant Messaging .......................................................... 37
Distributing the Client Software......................................................................... 41
Testing Instant Messaging Functionality .......................................................... 41
Setting Connection Configuration Options ....................................................... 42
iv
Exchange Instant Messaging over the Internet
Chapter 4
Instant Messaging Scenarios.....................................................................45
Scenario 1: Logging On to Instant Messaging ......................................................... 45
Scenario 2: Adding Contacts to the Contact List..................................................... 47
Scenario 3: Contact Logs On to Instant Messaging................................................ 48
Scenario 4: Users Communicate Using Instant Messaging................................... 50
Scenario 5: Contact Changes Presence Information ............................................. 51
Scenario 6: User’s Presence Information Changes to Idle .................................... 51
Scenario 7: User Logs Off Instant Messaging.......................................................... 52
Additional Resources..................................................................................... 53
i
Introduction
Microsoft® Exchange Instant Messaging Service enables a unique medium of interpersonal
communication. This service, provided with Exchange 2000, makes it possible for users to
communicate in an immediate, interactive environment that conveys “presence” (user’s
online status) information. Initially, the focus of this communication was text instant
messaging, but today the updated Microsoft Windows® Messaging and MSN® Messaging
clients give users the advantage of the back-end infrastructure support in Exchange 2000
for a more complete communications experience, including voice calls, video calls,
collaborative tools, and more.
Important This paper contains information about editing the registry. Before you edit the registry,
make sure you understand how to restore it if a problem occurs. For information about how to
restore the registry, view the “Restore the Registry” Help topic in Regedit.exe or Regedt32.exe.
Intended Audience
This technical paper is intended for experienced administrators of Exchange 2000 Instant
Messaging deployments. You need to have a working knowledge of administration and
security for Exchange 2000 Instant Messaging deployments. You must also have
knowledge of Registry Editor.
Background
This technical paper provides detailed information about Exchange 2000 Instant Messaging
message flow over the Internet and about the deployment of Instant Messaging in an
application service provider (ASP) environment. The following are examples of message
flow over the Internet:
• Logging on to Instant Messaging
• Checking presence information for another Instant Messaging user
• Communication between Instant Messaging users
2
Exchange Instant Messaging over the Internet
An application service provider (ASP) is a business that provides software to businesses or
to individuals over a network such as the Internet. For example, in this paper, Consolidated
Messenger is fictional ASP that provides Exchange 2000 services to A. Datum
Corporation, a fictional company that provides Exchange 2000 Instant Messaging
capabilities to its customers.
The functionality of an Instant Messaging network is provided by the interaction of various
entities, including Instant Messaging clients, Instant Messaging home servers, Instant
Messaging routers, Domain Name Service (DNS), Microsoft Active Directory® directory
service, proxies, and firewalls. You can customize Instant Messaging deployments for the
needs of an organization.
1
Instant Messaging Service
Architecture
Before discussing Instant Messaging in an ASP environment, it may be helpful to review
Instant Messaging architecture.
All Instant Messaging communication uses the RVP protocol, an extension of the
Distributed Authoring and Versioning (DAV) protocol and HTTP 1.1. RVP is designed for
transmitting notifications and messages across a loosely coupled (federated) constellation of
servers, and for providing notification in a secure, reliable, and scalable fashion. The RVP
protocol encompasses both client-server and server-server interactions.
With Instant Messaging architecture, companies can administer their own Exchange
Instant Messaging infrastructure. Within this infrastructure, businesses can limit their users
to instant messaging within the organization or can allow users to send instant messages to
other users across the Internet. An Instant Messaging configuration is characterized by the
following elements:
• The servers are configured as Instant Messaging home servers, Instant Messaging
routers, or a combination of both.
• One or more Instant Messaging domains exist within the configuration.
4
Exchange Instant Messaging over the Internet
The deployment can be designated as internet-capable, intranet-capable, or a combination
of both. Figure 1 shows an example of an Instant Messaging configuration with the
following components:
Note The Instant Messaging components are discussed in more detail later in this paper.
•
•
•
•
Instant Messaging clients
Instant Messaging domain
Instant Messaging home server
Instant Messaging router
Figure 1 Example of an Instant Messaging configuration
Instant Messaging Service Architecture
5
Server Types in an Instant Messaging Configuration
An Instant Messaging configuration contains two types of virtual servers:
• Instant Messaging home servers
• Instant Messaging routers
Instant Messaging Home Servers
Home servers are virtual servers that host Instant Messaging user accounts and
communicate directly with Exchange Instant Messaging clients to deliver instant messages
and presence information. When users are enabled for Instant Messaging, an Instant
Messaging home server is allocated. The users’ private Instant Messaging URL is
determined from the home server and the associated Instant Messaging router (if one
exists). The home server maintains the status of the Instant Messaging client. Home servers
also maintain a list of Instant Messaging users subscribed to presence information for
another user. Presence information enables one computer user to see whether another user
is currently logged on to a network, corporate LAN, or the Internet. Presence information
can be set by the user to indicate a particular status, such as “On The Phone” or “Out To
Lunch”, or it can be updated automatically after a period of computer inactivity.
Exchange 2000 provides support for presence information.
Instant Messaging Routers
Instant Messaging routers are virtual servers that receive incoming messages, locate the
recipient's home server, and then refer the Instant Messaging client to the home server.
Instant Messaging router servers use a unified namespace. You can simplify Instant
Messaging users' addresses by using DNS service location records (SRVs) to create a
unified namespace, so the Instant Messaging address is the same as the Simple Mail
Transfer Protocol (SMTP) address. Incoming Instant Messages typically come in through a
firewall or reverse proxy server and are forwarded to the Instant Messaging router. The
Instant Messaging router then looks in Active Directory to locate the home server of the
recipient and refers the Instant Messaging client to this home server. Only the Instant
Messaging router needs to be exposed to the Internet. If an Instant Messaging router is not
available, the home server is exposed to the Internet.
Note Instant Messaging routers do not host user accounts. Instead, Instant Messaging routers
proxy (route) messages to a home server or redirect the Instant Messaging client to the correct
home server and send messages to other servers on the network. It is recommended that large
companies that deploy Instant Messaging use several Instant Messaging routers.
6
Exchange Instant Messaging over the Internet
Instant Messaging Domains
An Instant Messaging domain is a Domain Name Service (DNS) name that identifies user
accounts. It is recommended that Instant Messaging domains be configured to have oneto-one correspondence with e-mail domains. For example, a user with the e-mail address
[email protected] is hosted in the Instant Messaging domain im.adatum.com. Instant
Messaging routers answer queries for an Instant Messaging domain. Because an Instant
Messaging router can only answer queries arriving at one Instant Messaging domain, at
least one Instant Messaging router should exist for each e-mail domain.
Configuring for Internet or Intranet Capability
To configure Instant Messaging Service to be only intranet-capable, place Instant
Messaging Service behind a firewall. If you want to configure Instant Messaging Service to
be Internet-capable, you must set the appropriate inbound and outbound Internet
connections through your firewall. Exchange Instant Messaging servers receive messages
through port 80.
Instant Messaging URL and Instant Messaging Address
Instant Messaging Service identifies users by their unique Instant Messaging URL. For
example, http://im.adatum.com/instmsg/aliases/JoBrown is the Instant Messaging URL
for the user, Jo Brown, on the Instant Messaging domain im.adatum.com. Figure 2 shows
the correlation between the Instant Messaging URL and Instant Messaging address.
Figure 2 Instant Messaging URL and Instant Messaging address
Instant Messaging addresses are used to provide users with more convenient format of
identification than URLs. For example, [email protected] The format of an Instant
Messaging address is the same as SMTP e-mail address. A user can have more than one
Instant Messaging address that refers to the same account, but the user always has one
unique Instant Messaging URL. With Instant Messaging, users can refer to each other by
their friendlier SMTP-style formatted Instant Messaging addresses. Internally, Instant
Instant Messaging Service Architecture
7
Messaging clients and servers convert Instant Messaging addresses into Instant Messaging
URLs. The domain of an Instant Messaging address is used to generate the Instant
Messaging domain of the URL. The Instant Messaging client performs a DNS SRV lookup
in the zone defined in the Instant Messaging address for an RVP record.
Note A DNS SRV record enables a service, such as Exchange Instant Messaging Service, to query
DNS for the host name for a particular service. An Exchange Instant Messaging client performs a
DNS SRV lookup for a server that supports the Instant Messaging protocol within the organization
that hosts a particular contact. DNS SRV records provide flexibility in the naming of the server.
Without this DNS SRV record, the server within the organization would need to be the same as
that of the user's domain within their SMTP address.
Thus, if an RVP record exists at adatum.com, and im.adatum.com is the host offering this
service, an Instant Messaging address of [email protected] is translated to an Instant
Messaging URL of http://im.adatum.com/instmsg/aliases/JoBrown.
2
Planning
This section describes the planning process for setting up Exchange Instant Messaging
over the Internet.
Planning the Instant Messaging Network
Exchange 2000 needs to be implemented to ensure proper deployment of Instant
Messaging. To fulfill the Exchange 2000 requirements, all Microsoft Windows 2000
domain controllers and global catalog servers must have Windows 2000 Service Pack 2
(SP2) or higher installed on them. Additionally, all Exchange 2000 Instant Messaging
servers must be member servers in the local Active Directory domain (for example,
Adatum.com) prior to the installation and configuration of Instant Messaging. Prior to
installing Instant Messaging, Adatum.com needs to ensure that all Instant Messaging
servers comply with software requirements described in the following section.
Software Requirements
This section describes the software requirements for Exchange Instant Messaging.
Windows 2000 Server with IIS
Microsoft Windows 2000 Server with Internet Information Services (IIS) version 5.0 must
be installed. It is important to note that the IIS 5.0 with SMTP and Network News
Transfer Protocol (NNTP) service must be installed prior to launching the Exchange 2000
Setup program. During the installation of Windows 2000, you need to add the NNTP
service manually. The SMTP service is a part of the default installation. NNTP is an
application protocol used in TCP/IP networks. It defines a client/server command set for
access to newsgroups. Newsgroup public folders are public folders that are accessible as
10 Exchange Instant Messaging over the Internet
USENET newsgroups. SMTP is a TCP/IP protocol for sending messages from one
computer to another on a network. This protocol is used on the Internet to route e-mail.
DNS Server on Local Domain
The minimum requirement is to have a DNS server that supports SRV installed on the
local domain. A DNS server that supports Dynamic DNS is recommended. With dynamic
update protocol, clients and servers can automatically register themselves in the database
without needing administrators to manually define records.
You can use name server (NS) resource records to assign authority to specified servers for
a DNS domain name. Windows 2000 extends the NS resource record concept to support
the dynamic update protocol by supplying Dynamic DNS, which enables clients with
dynamically assigned addresses to register directly with a server running the DNS Service
and update the DNS table dynamically. Dynamic DNS eliminates the need for other
Internet naming services, such as Windows Internet Name Service (WINS), in a
homogeneous environment. Your Dynamic DNS server must contain both a zone and a
reverse lookup record with dynamic updates enabled.
Note All Exchange servers require Network News Transfer Protocol (NNTP).
Note The target installation computer must register all network interfaces with the Dynamic DNS
server and corresponding zones with dynamic updates enabled.
Security Permissions
The following security permissions are required for Instant Messaging deployment:
• You must be a member of the Exchange Administrators security group to manage
global Instant Messaging settings, such as firewall topology, proxy server configuration,
and any Instant Messaging home servers and routers in your organization.
• You must be a member of the Domain Administrators security group to manage the
domains that host the users.
3
Installation
This section provides information for installing Instant Messaging Service in an ASP
environment. For this example, Consolidated Messaging is an ASP that provides hosting
services to A. Datum Corporation. A. Datum Corporation uses the hosting services of
Consolidated Messaging to provide Exchange 2000 Instant Messaging to its customers.
The following section describes how Consolidated Messaging configures Instant Messaging
Service for A. Datum Corporation.
Note This paper does not discuss Active Directory security configuration for hosting multiple
organizations. For more information about Active Directory, see the Windows 2000 Web site at
http://www.microsoft.com/windows2000/.
This section consists of discussions of the following procedures:
• Installing Exchange 2000 Server
• Creating an Instant Messaging home server
• Creating an Instant Messaging router
• Setting the connection configuration for Instant Messaging Polling and Fixed Port
callback delivery
• Creating DNS forward and reverse lookup zones and DNS resource records
• Creating host records
• Setting administrative permissions
• Setting or changing a password policy
• Allowing users to access Instant Messaging
• Distributing the client software
• Testing Instant Messaging functionality
• Setting connection configuration options
12 Exchange Instant Messaging over the Internet
Installing Exchange 2000 Server
To install Exchange 2000 Server, run the Microsoft Exchange 2000 Installation Wizard.
To run the Microsoft Exchange 2000 Installation Wizard
1. Log on to the Windows 2000 Server with IIS 5.0 installed.
2. Insert the Exchange 2000 Server compact disc. On the Microsoft Exchange 2000
Server page, click Exchange Server Setup.
3. On the Welcome page, click Next.
4. On the End-User License Agreement page, read the agreement. If you accept the
terms, click I agree, and then click Next.
5. On the Product Identification page, enter the 25-digit Product Key that is located on
a sticker on the back of the product compact disc, and then click Next.
6. On the Component Selection page, under Action, in Microsoft Exchange 2000,
click Custom (Figure 3).
7. Under Action, in Microsoft Exchange System Management Tools, click Install
(Figure 3).
Installation 13
8.
Under Action, in Microsoft Exchange Instant Messaging Service, click Install
(Figure 3).
Figure 3 The Component Selection page
9.
Click Next to verify the component selections, and then click Finish.
Creating an Instant Messaging Home Server
Instant Messaging home servers host Instant Messaging user accounts and communicate
directly with Instant Messaging clients to send and deliver instant messages and presence
information. Prior to creating the home server, you must complete the following
procedures.
1. Create a new folder for the IIS Web site.
2. Launch the Internet Information Services Snap-in and create a new Web site.
3. Create an Instant Messaging home server
To create a new folder for the IIS Web site
1. Click Start, point to Programs, point to Accessories, and then click
Windows Explorer.
14 Exchange Instant Messaging over the Internet
2.
Click My Computer, expand the folder on the hard disk where you set up the default
IIS location, and then right-click Inetpub.
3. Click New, and then click Folder. Type the folder name—for example, adatum.home,
to represent the home server of A. Datum Corporation (Figure 4). This step simplifies
the creation of IIS 5.0 Web sites in Internet Services Manager.
Figure 4 The Inetpub folder
To launch the Internet Information Services snap-in and create a new Web site
1. Click Start, point to Programs, point to Administrative Tools, and click Internet
Services Manager.
2. In the directory hierarchy of Internet Information Services, select the Instant
Messaging computer and click the Action button from the menu.
Installation 15
3.
Click New, and then click Web Site to launch the Web Site Creation Wizard
(Figure 5). Click Next.
Figure 5 The Welcome to the Web Site Creation Wizard page
4.
In the Web Site Description page, provide a description of the Web site to help
administrators identify the Web site. For example, imhomeserver1.
16 Exchange Instant Messaging over the Internet
5.
In the IP Address and Port Settings page, type the IP address and the host header
name that the Web site will use (Figure 6). The IP address and the host header name
should be unique to each Instant Messaging server. For example, the host header name
is home.adatum.com with an IP address of All Unassigned and TCP port is 80.
Figure 6 The IP Address and Port Settings page
Installation
6.
In the Web Site Home Directory page, click Browse to select the home directory
path for the new Web site (Figure 7). For this example, the path is
C:\inetpub\adatum.home.
Figure 7 The Web Site Home Directory page
Important Do not clear the Allow anonymous access to this Web site check box. Security
for this Web site is outlined later in this deployment process.
17
18 Exchange Instant Messaging over the Internet
7.
In the Web Site Access Permissions page, click Next to accept the default settings
Read and Run scripts (Figure 8).
Figure 8 The Web Site Access Permissions page
8.
In the You have Successfully completed the Web Site Creation Wizard page of
the Web Site Creation Wizard, click Finish to complete the creation of the new Web
site.
To create an Instant Messaging home server
1. Click Start, point to Programs, point to Microsoft Exchange, and then click System
Manager.
2. Expand Servers, expand the server in which you want to create the Instant Messaging
home server, and then expand Protocols.
3. Right-click Instant Messaging (RVP), point to New, and then click Instant
Messaging Virtual Server.
4. In the New Instant Messaging Virtual Server Wizard, click Next.
Installation 19
5.
In the Enter Display Name page, in the Display Name box, type a name to
represent the virtual server (this is the server name displayed in System Manager), and
then click Next (Figure 9). For this example, imhomeserver1.adatum.com.
Figure 9 The Enter Display Name page
6.
In the Choose IIS Web Site page, in the IIS Web Sites list, select the IIS Web site
you created earlier—for example, imhomeserver1, and then click Next (Figure 10).
Figure 10 The Choose IIS Web Site page
Important You must have one IIS virtual server for every Instant Messaging home server
you create. For more information, see the IIS online documentation.
20 Exchange Instant Messaging over the Internet
7.
In the Domain Name page, in the DNS Domain Name box, by default, the Domain
Name System (DNS) domain name matches the fully qualified domain name of the
computer (for this example, home.adatum.com). Click Next (Figure 11).
Figure 11 The Domain Name page
Note For the initial installation, accept the default entries in the DNS Domain Name and
Port boxes.
8.
In the Instant Messaging Home Server page, select the Allow this server to host
user accounts check box, and then click Next (Figure 12). If you do not select this
check box, the Instant Messaging home server is not created.
Figure 12 The Instant Messaging Home Server page
Installation
9.
21
Click Finish to complete the setup of the Instant Messaging home server.
Note If the DNS domain name used in the New Instant Messaging Virtual Server Wizard
is not resolvable by DNS (for example, if you created an IIS virtual server with a new
domain name), you need to create the necessary DNS resource records. You also need to
include a host address (A) record for the home server to ensure that the domain name is
resolvable by DNS. Host address (A) records map a DNS domain name to an IP address
used by a computer.
Creating an Instant Messaging Router
Create Instant Messaging routers for each of the organizations in A. Datum. An Instant
Messaging router either proxies (routes) a message to a home server or redirects the client
to the correct home server and sends messages to other servers on the network.
Important Before you create an Instant Messaging router, determine which Instant Messaging
domain services the Instant Messaging router. IIS host headers, such as im.adatum.com, should
be created on each Instant Messaging router so that the HTTP Web site can respond to the DNS
name.
Note With the exception of step 8 of the following procedure, the procedure for creating an
Instant Messaging router is the same as the procedure for creating an Instant Messaging home
server.
Prior to creating the Instant Messaging router, you must complete the following
procedures.
1. Create a new folder for the IIS Web site
2. Launch the Internet Information Services Snap-in and create a new Web site
3. Create an Instant Messaging router
To create a new folder for the IIS Web site
1. Click Start, point to Programs, point to Accessories, and then click
Windows Explorer.
2. Click My Computer, expand the folder on the hard disk where you set up the default
IIS location, and then right-click Inetpub.
22 Exchange Instant Messaging over the Internet
3.
Click New, and then click Folder. Type the folder name—for example, adatum.router,
to represent the router of A. Datum Corporation (Figure 13). This step simplifies the
creation of IIS 5.0 Web sites in Internet Services Manager.
Figure 13 The Inetpub folder
To launch the Internet Information Services snap-in and create a new Web site
1. Click Start, point to Programs, point to Administrative Tools, and click Internet
Services Manager.
2. In the directory hierarchy of Internet Information Services, select the Instant
Messaging computer, and click the Action button from the menu.
Installation 23
3.
Click New, and then click Web Site to launch the Web Site Creation Wizard
(Figure 14). Click Next.
Figure 14 The Welcome to the Web Site Creation Wizard page
4.
In the Web Site Description page, provide a description of the Web site to help
administrators identify the Web site. For example, imrouterserver1.
24 Exchange Instant Messaging over the Internet
5.
In the IP Address and Port Settings page, type the IP address and the host header
name that the Web site will use (Figure 15). The IP address and the host header name
should be unique to each Instant Messaging server. For example, the host header name
is im.adatum.com with an IP address of All Unassigned and the TCP port is 80.
Figure 15 The IP Address and Port Settings page
Installation 25
6.
In the Web Site Home Directory page, click Browse to select the home directory
path for the new Web site (Figure 16). For this example, the path is
C:\inetpub\adatum.router.
Figure 16 The Web Site Home Directory page
Important Do not clear the Allow anonymous access to this Web site check box. Security
for this Web site is outlined later in this deployment process.
26 Exchange Instant Messaging over the Internet
7.
In the Web Site Access Permissions page, click Next to accept the default settings,
Read and Run scripts (Figure 17).
Figure 17 The Web Site Access Permissions page
8.
In the You have Successfully completed the Web Site Creation Wizard page of
the Web Site Creation Wizard, click Finish to complete the creation of the new Web
site.
To create an Instant Messaging router
1. Click Start, point to Programs, point to Microsoft Exchange, and then click System
Manager.
2. In the directory hierarchy, expand Servers, expand the server in which you want to
create the Instant Messaging router, and then expand Protocols.
3. Right-click Instant Messaging (RVP), point to New, and then click Instant
Messaging Virtual Server.
4. In the New Instant Messaging Virtual Server Wizard, click Next.
5. In the Enter Display Name page, in the Display Name box, type a name to
represent the virtual server. (This is the server name displayed in System Manager.) For
example, imrouterserver1.adatum.com. Click Next.
Installation
6.
27
In the Choose IIS Web Site page, in the IIS Web Sites list, select the IIS Web site
you created earlier—for example, imrouterserver1, and then click Next (Figure 18).
Figure 18 The Choose IIS Web Site page
7.
In the Domain Name page, in the DNS Domain Name box, by default the DNS
domain name matches the fully qualified domain name of the computer (for example,
im.adatum.com). Click Next (Figure 19).
Figure 19 The Domain Name page
28 Exchange Instant Messaging over the Internet
8.
On the Instant Messaging Home Server page, clear the Allow this server to host
user accounts check box, and then click Next (Figure 20).
Figure 20 The Allow this server to host user accounts check box on the Instant
Messaging Home Server page
9.
Click Finish to complete the setup of the Instant Messaging router.
Note Ensure that you have the necessary DNS resource records for the Instant Messaging
router. If you have more than one Instant Messaging router, each router must have a host
address (A) record.
Note For a group of Instant Messaging routers that have the same Instant Messaging
domain name (the typical situation for large installations), use a DNS round robin (a
sequential, cyclical allocation of resources to more than one process or device) to
translate the same domain name to the different IP addresses of the routers. This option
is not available for home servers.
Setting the Connection Configuration for Instant Message
Polling and Fixed Port Callback Delivery
Instant Message Polling and Fixed Port callback delivery are new connection features
available in Microsoft Exchange 2000 Server Service Pack 1 (SP1) or higher. These features
facilitate connections between the Instant Messaging server and the Instant Messaging
client even if a firewall protects the Instant Messaging client or server.
In Instant Message Polling, the Instant Messaging client polls the Instant Messaging server
at regular intervals to check for pending messages. When a connection is established with
the Instant Messaging server, the messages are delivered.
In Fixed Port callback delivery, a single port or range of ports is designated for outbound
connections from the Instant Messaging server to the Instant Messaging client.
Installation 29
For more information about Instant Message Polling and Fixed Port callback delivery, see
the “Instant Message Polling and Fixed Port Callback Delivery” paper available at
http://www.microsoft.com/exchange/.
Creating DNS Forward and Reverse Lookup Zones and DNS
Resource Records
You must create Domain Name System (DNS) forward and reverse lookup zones for the
ASP environment to ensure that Instant Messaging communication occurs over DNS.
Note For proper DNS resolution to occur for the home and router servers of the organization,
either these servers must have a DNS entry to the external DNS for their public network interface
card (NIC), or the internal DNS of the Exchange domain must be able to route DNS requests to the
Internet, and the external DNS must be registered on the Internet.
To create a DNS forward lookup zone
1. Click Start, point to Programs, point to Administrative Tools, and then click DNS.
2. In DNS, right-click the server, and then click New Zone to launch New Zone
Wizard (Figure 21).
Figure 21 The Welcome to the New Zone Wizard page
3.
In the Welcome to the New Zone Wizard page, click Next.
30 Exchange Instant Messaging over the Internet
4.
In the Zone Type page, click Standard primary, and then click Next (Figure 22).
Figure 22
5.
The Zone Type page
In the Forward or Reverse Lookup Zone page, click Forward lookup zone, and
then click Next (Figure 23).
Figure 23 The Forward or Reverse Lookup Zone page
Installation 31
6.
In the Zone Name page, type the Zone Name for the DNS domain. For example,
adatum.com (Figure 24).
Figure 24 The Zone Name page
7.
On the Zone File page, click Next (Figure 25). On the next page, click Finish.
Figure 25 The Zone File page
Note If the reverse lookup zone is already present, you can skip the Create a DNS reverse
lookup zone procedure.
32 Exchange Instant Messaging over the Internet
To create a DNS reverse lookup zone
1. In DNS Manager, right-click the server, and then click New Zone.
2. In the Zone Type page, click Standard primary, and then click Next.
Note The Zone Name is derived from the IP network address.
3.
In the Forward or Reverse Lookup Zone page, click Reverse lookup zone, and
then click Next (Figure 26).
Figure 26 The Forward or Reverse Lookup Zone page
Installation 33
4.
In the Reverse Lookup Zone page, type the Network ID, and then click Next
(Figure 27).
Figure 27 The Reverse Lookup Zone page
5.
In the Zone File page, click Next, and then click Finish.
Note Reverse lookup zones may not be necessary in your network, but it is
recommended that one be present. If you do not configure a reverse lookup zone,
NSLookup, a tool that tests the DNS name resolution, fails when run on the DNS server.
NSLookup also supports reverse DNS lookups and can find a host name from an IP
address.
Creating Host Records
You need to create host records for each of the Instant Messaging servers you created. You
must create a host record for the Instant Messaging home server and Instant Messaging
router. For example, host address (A) records are created for home.adatum.com (home
server) and im.adatum.com (router). The following procedure describes how to create host
records for the Instant Messaging home server, home.adatum.com.
To create host records
1. Expand the Forward Lookup Zone, click the zone you want, right-click the forward
zone—for example, adatum.com, and then click New Host.
2. In the New Host page, type the host name of the DNS and the IP address. For
example, home.
34 Exchange Instant Messaging over the Internet
3.
Select the Create associated pointer (PTR) record check box, and then click Add
Host (Figure 28).
Figure 28 The New Host page
4.
In the The host record home.adatum.com was successfully created message box,
click OK (Figure 29). Then click Done.
Figure 29 The host record home.adatum.com was successfully created message box
Important You must create host records for the Instant Messaging router (not shown
here).
Setting Administrative Permissions
The Exchange Administration Delegation Wizard is a tool that simplifies delegating
permissions to Exchange administrators. When you start the Exchange Administration
Delegation Wizard, it prompts for users and groups to which you want to apply the
administrative permissions. You can delegate administrative permissions at the organization
level in System Manager or at an administrative group level. The scope of permissions you
set is determined by the place from which you launch the wizard. If you launch the wizard
from the organization level, the groups or users that you specify have administrative
permissions at the organizational level.
Installation 35
To set administrative permissions using the Exchange Administration Delegation
Wizard
1. On the Start menu, point to Programs, point to Microsoft Exchange, and then click
System Manager.
2. Right-click the organization or administrative group for which you want to delegate
administrative permissions, and then click Delegate Control.
3. In the Exchange Administration Delegation Wizard, click Next.
4. In Users or Groups, click Add to grant a new user or group administrative
permissions.
5. In the Delegate Control page, click Browse (Figure 30).
Figure 30 The Delegate Control page
6.
In the Look in list, select a group or user to whom you want to grant permissions. You
can view the list of groups and users in Active Directory or the list in a particular
domain. Alternately, in Name, you can type the name of the group or user to whom
you want to grant permissions. You must type one name at a time.
7. After you select a group or user in the Delegate Control page, in the Role list, select
one of the following types of administrative permissions for the group or user:
• Exchange Administrator Groups or users with this permission can fully
administer Exchange system information.
• Exchange Full Administrator Groups or users with this permission can fully
administer Exchange system information and modify permissions.
• Exchange View Only Administrator Groups or users with this permission can
view Exchange configuration information.
8. To remove a group or user, select the group or user, and then click Remove.
9. To assign the permissions, click Next, and then click Finish.
36 Exchange Instant Messaging over the Internet
Setting or Changing a Password Policy
Instant Messaging uses the same passwords as those used by Windows 2000 Server. You
can reset user passwords from Active Directory Users and Computers. For more
information, see Windows 2000 online documentation.
To set or change a password policy
1. Click Start, point to Programs, point to Administrative Tools, and then click Active
Directory Users and Computers.
2. In Active Directory Users and Computers, in the directory hierarchy, right-click the
object for which you want to set or change the password policy, and then click
Properties.
3. In the server properties page, click Group Policy.
4. On the Group Policy tab, under Group Policy Object Links, click Default Domain
Policy, and then click the Edit button (Figure 31).
Figure 31 The Edit button on the Group Policy tab in the server properties page
Installation 37
5.
In the Group Policy page:
a. On the Tree tab, in Computer Configuration, expand Windows Settings,
expand Security Settings, expand Account Policies, and then click Password
Policy (Figure 32).
Figure 32 The Group Policy and Security Policy Setting pages
b.
c.
Under Policy, right-click Store password using reversible encryption for all
users in the domain, and then click Security.
In the Security Policy Setting page, select the Define this policy setting check
box, click Enabled, and then click OK.
Tip To propagate this change immediately throughout the domain, open a command
prompt and type the following command:
secedit/refreshpolicy MACHINE_POLICY
Allowing Users to Access Instant Messaging
Important You must activate Instant Messaging for users. You must also activate Instant
Message Polling on all Instant Messaging servers.
To allow users to access Instant Messaging
1. Click Start, point to Programs, point to Administrative Tools, and then click Active
Directory Users and Computers.
38 Exchange Instant Messaging over the Internet
2.
In Active Directory Users and Computers, in the directory hierarchy, expand the
server you want, and then click Users. If you need to create a new user account,
perform the following steps.
a. Right-click Users, point to New, and then click User.
b. In New Object – User, type the user’s information in the appropriate boxes, and
then click Next.
c. Type the user’s password in the appropriate boxes, and then click Next.
d. This step (d) is optional but necessary if you want to create Exchange mailboxes
for users. Select the Create an Exchange mailbox check box, and then click
Next. (To authenticate users, Instant Messaging uses the same password as
Windows 2000 Server. An Exchange mailbox is not required to use Instant
Messaging.)
e. Verify that the user’s information is correct, and then click Finish.
Important If you require Internet validation and your users have been enabled to access
Instant Messaging, you can activate digest authentication. Digest authentication is
required for Instant Messaging to work across firewalls or proxy servers. After you set the
group policy, you must change the user’s password. The change in group policy cannot be
used until the user changes the password or the administrator resets the user's password.
Non-digest scenarios continue to function as before. To reset the user’s password, use
Active Directory Users and Computers. Resetting passwords is necessary only if you want
to deploy digest authentication. For more information, see Microsoft Windows 2000
online documentation.
3.
In the details pane, right-click the user you want, and then click Exchange Tasks to
start Exchange Task Wizard.
Installation 39
4.
In the Available Tasks page, under Select a task to perform, click Enable Instant
Messaging, and then click Next (Figure 33).
Figure 33 The Enable Instant Messaging option in the Available Tasks page
5. In the Enable Instant Messaging page, click Browse.
6. In Select Instant Messaging Server, on the General tab, under Server Name, click
the home server you want, for example imhomeserver1.adatum.com, and then click
OK (Figure 34).
Figure 34 The Server Name selection in the Select Instant Messaging Server page
40 Exchange Instant Messaging over the Internet
7.
In the Enable Instant Messaging page, in the Instant Messaging Domain Name
list, click the domain name you want, and then click Next (Figure 35).
Figure 35 The Enable Instant Messaging page
Note If you have already configured an SRV, you do not have to click the domain name
you want from the Instant Messaging Domain Name list. A DNS SRV resource record can
be used to map an e-mail domain to an Instant Messaging domain. When a user has a
valid e-mail address configured, Instant Messaging Service performs a DNS SRV lookup to
determine the Instant Messaging domain of the user.
8.
In the Completing the Exchange Task Wizard page, under Task summary, review
the user information, including the Instant Messaging user address, public URL, and
home server URL. The user needs the Instant Messaging user address to log on to
Instant Messaging Service. Then click Finish.
Note If you configured an SRV resource record before you enabled the user to access
Instant Messaging and if the user was already assigned a primary e-mail address with a
domain matching the DNS zone for the SRV resource record, the Instant Messaging
address for this user is the same as the primary SMTP address (for example, [email protected]_domain). If you did not configure an SRV resource record, the Instant Messaging
address for this user takes the following form: [email protected]_Messaging_Domain. For
example, [email protected]
Installation
41
Distributing the Client Software
As an administrator in your Exchange 2000 organization, you are responsible for
distributing the Instant Messaging client software to users and providing them with
instructions for logging on to Instant Messaging Service.
To distribute the client software
1. The Microsoft Exchange 2000 Server Instant Messaging client is no longer distributed
on CD. The latest version of the Exchange Instant Messaging client is available on the
Microsoft Exchange Web site at http://www.microsoft.com/exchange. To obtain
the latest version of the Exchange Instant Messaging client, go to the Exchange Web
site and select Downloads. On the Downloads page, click Instant Messaging
Services Client for Exchange 2000. The client is available for download in all of the
supported languages.
Important Versions earlier than Exchange 2000 Server SP1 do not support Instant
Message Polling. For Instant Message Polling support, you must upgrade to Instant
Messaging client provided with Exchange 2000 Server SP1 or higher.
2.
Copy the Mmssetup.exe file to a network location that is accessible to your users, such
as a server share or a Web page.
3. Instruct users to install the Instant Messaging client program by running
Mmssetup.exe from the shared location.
4. Provide each user with the following logon information:
• User Name: [email protected]_Domain (if an SRV record is used)
or [email protected]_Messaging_Domain (if an SRV record is not used), where Alias and
Instant_Messaging_Domain are the account name and Instant Messaging domain.
• NT Name: User name in the Windows 2000 domain
• Password: password
For more information about how to deploy software to multiple users, see:
• Microsoft Systems Management Server Resource Guide
• Microsoft Windows 2000 Server Resource Kit
Testing Instant Messaging Functionality
You need to supply your credentials to log on to Exchange Instant Messaging.
To test Instant Messaging functionality
1. In the Sign In box, type your full e-mail address, user name, and password.
42 Exchange Instant Messaging over the Internet
2.
To log on, click OK (Figure 36).
Figure 36 The Sign In page for Instant Messaging
3.
You are connected to Exchange Instant Messaging Service and see your Exchange
contact list, unless authentication fails.
Setting Connection Configuration Options
Using the Exchange Connection Configuration page, you can select the method of
notification you want to set for the Instant Messaging client. The user configures these
notifications.
Important If the client registry settings were previously configured on Instant Messaging client,
the following connection configuration settings override those client registry settings.
To configure notifications
1. Click Start, and then click Exchange Instant Messaging.
Installation 43
2.
On the Tools menu, click Options, click Accounts, and then click Advanced
(Figure 37). The Connection Configuration page is displayed.
Figure 37 Advanced button on the Accounts tab in the Options page
3.
In the Exchange Connection Configuration page, click Default, Polling, or Fixed
Port(s) (Figure 38).
Figure 38 The Connection Configuration page
44 Exchange Instant Messaging over the Internet
• Click Default to receive your contact’s online status and instant messages through
a random port.
• Click Polling to activate the Instant Message Polling feature. The How often
should polling occur (in minutes) text box has a default value of 10 minutes.
The maximum permissible time is 15 minutes. If you enter a value that is not valid
(values smaller than 1 or larger than 15), and then click OK, an error message
prompts you to enter a value between 1 and 15 minutes.
• Click Fixed Port(s) to activate the Fixed Port callback delivery feature. In the
Please specify the range of ports to be used text boxes, values can range from
1025 to 65535. If you enter a port range that is not valid (values smaller than 1025
or larger than 65535), and then click OK, an error message prompts you to enter a
value in the permissible range.
Note Although you can input value ranges from 1 to 65535 in the user interface for
the Fixed Port(s) option, the actual permissible range is 1025 to 65535. If you select
port ranges below 1025, the Instant Messaging server defaults to random port
selection.
4.
After you click Default, Polling, or Fixed Port(s) and enter valid values in the
appropriate text boxes, click OK. The registry is then updated with the new setting,
and you are returned to the Options page. The message box notification The
changes you made to your connection configuration won’t take effect until the
next time you sign in is displayed. The new settings take effect only after you log off
from and then log on to the Instant Messaging client. If you click Cancel, the registry
is not affected, and you are returned to the Options page.
Important The administrator must use Registry Editor to add the Instant Messaging value.
The registry values exist in the following directory:
\\HKEY_LOCAL_MACHINE\Software\Microsoft\Exchange\InstantMessaging. The server
registry settings must be configured first for Instant Message Polling and Fixed Port
callback delivery to function properly.
For more information about Registry Editor, see the Microsoft TechNet Web site at
http://www.microsoft.com/technet/. For more information about Instant Message Polling and
Fixed Port callback delivery, see the “Instant Message Polling and Fixed Port Callback
Delivery” paper available at http://www.microsoft.com/exchange/.
4
Instant Messaging Scenarios
This section describes the Instant Messaging flow scenarios between two Instant Messaging
users, Jo Brown and Kari Hensien. For this example, both Instant Messaging users have
im.adatum.com domain, and an RVP record has been defined in the DNS for adatum.com.
Jo Brown is homed on the Instant Messaging home server with DNS name
imhomeserver1, and Kari Hensien on imhomeserver2. The following scenarios are
discussed in detail:
• Logging on to Instant Messaging
• Adding contacts to the contact list
• Contact logs on to Instant Messaging
• Users communicate using Instant Messaging
• Contact changes presence information
• User’s presence information changes to idle
• User logs off the computer
Scenario 1: Logging On to Instant Messaging
This scenario discusses the Instant Messaging flow when an Instant Messaging user, Jo
Brown, logs on to Instant Messaging Service. The following flow chart (Figure 39)
describes the user logon process.
Note The flow chart in Figure 39 is an overview of the user logon process, and does not
document all the steps of the process. The section then discusses the logon process in detail.
1.
Instant Messaging user, Jo Brown, logs on to Instant Messaging Service with the
Instant Messaging address [email protected]
46 Exchange Instant Messaging over the Internet
2.
3.
4.
5.
6.
7.
8.
The Instant Messaging client performs a DNS SRV lookup for
_RVP._TCP.adatum.com to locate the Instant Messaging router im.adatum.com.
DNS SRV lookup generates the Instant Messaging URL of
http://im.adatum.com/instmsg/aliases/JoBrown.
The Instant Messaging client sends an HTTP SUBSCRIBE method to 80 at the IP
address. The Instant Messaging client sends connection requests to the Instant
Messaging server through port 80 and registers an IP address and callback port greater
than 1024. The Instant Messaging server contacts the Instant Messaging client on the
registered callback port. This contact is important for firewall implications, as this is
the port number on which the Instant Messaging home server communicates with the
Instant Messaging client.
A header called RVP-From-Principal indicates the Instant Messaging URL of the user,
Jo Brown, who is attempting to log on. For example, in the callback URL
http://10.10.1.98:1051, the numbers 10.10.1.98 indicate the IP address of Jo Brown’s
computer. The number 1051 is the registered callback port number.
The Instant Messaging client on the Instant Messaging router locates Active Directory
to determine the Instant Messaging home server for Jo Brown and retrieves the private
URL of
http://imhomeserver1/instmsg/aliases/local/im.adatum.com/instmsg/aliases/JoBro
wn. The Instant Messaging router returns the referral to Jo Brown’s Instant Messaging
home server. Then, the Instant Messaging client sends the message to the Instant
Messaging home server.
The Instant Messaging home server, imhomeserver1, sets the callback property on
http://imhomeserver1/instmsg/local/im.adatum.com/instmsg/aliases/JoBrown in
the host header. This private URL is used to send any notification requests to the
user’s Instant Messaging URL. These requests may be incoming instant messages or
incoming notifications of presence changes.
The instmsg ISAPI extension at im.adatum.com must authenticate the SUBSCRIBE
request by finding the user object in Active Directory that matches the client’s Instant
Messaging URL. For example,
http://imhomeserver1/instmsg/aliases/local/im.adatum.com/instmsg/aliases/JoBro
wn. If the server supports NTLM and digest authentication, NTLM authentication is
attempted first. If NTLM authentication fails, digest authentication is attempted.
Digest authentication is an Internet standard that allows clients to authenticate by using
a sequence of challenges and responses carried over HTTP. Digest authentication is
required for Instant Messaging users that are connecting through a firewall or proxy
servers. Digest authentication needs to be configured on every Web site and virtual
directory that hosts Instant Messaging. The Instant Messaging client retrieves the
Instant Messaging Scenarios
47
password from the user and sends the password to the server. The server verifies the
password.
Note A default domain policy must be set that allows user passwords to be stored in
Active Directory in a reversible encrypted form. This policy allows the Instant Messaging
server to retrieve and verify the user’s password.
9.
The Instant Messaging client issues PROPATCH, PROPFIND, and SUBSCRIPTION
requests, which are sent asynchronously to the Instant Messaging home server.
a. A PROPPATCH request is sent to set the presence information of the URL to
“Online”. This presence information is timed out in 20 minutes. If the Instant
Messaging client does not issue another PROPPATCH within 20 minutes, the
Instant Messaging home server sets the presence information to the default value
“Offline”.
b. The PROPFIND Request queries for Jo Brown’s online status to synchronize the
presence information.
c. The Instant Messaging client issues a SUBSCRIPTION request to find other users
that have subscribed to Jo Brown’s presence information. When the presence
information is set to “Online,” the Instant Messaging client issues an access
control list (ACL) request to retrieve its Allow/Block lists.
10. The Instant Messaging home server examines the list of Instant Messaging URLs that
are subscribed to the presence information of the user. The home server then
generates and sends a NOTIFY method indicating the change of presence information
from “Offline” to “Online” to each subscribed Instant Messaging URL.
11. The Instant Messaging client examines the list of contacts to whose presence
information the user is subscribed. The contacts list is located in the registry:
HKCU/Software/Microsoft/Exchange/Messaging /<IM URL>/Contacts.
Each contact has its Instant Messaging address stored as a value under this key. The
Instant Messaging client converts each Instant Messaging address into an Instant
Messaging URL and then sends a SUBSCRIBE request to the user’s URL.
Scenario 2: Adding Contacts to the Contact List
This scenario describes the Instant Messaging flow when the user adds contacts to the
contact list. In this example, Jo Brown adds Kari Hensien to the Instant Messaging contact
list.
1. Jo Brown adds Kari Hensien to the Instant Messaging contact list. To add a contact,
click the Instant Messaging window, click Open, click Tools, and then click Add a
Contact. In the Add a Contact Wizard, click: By e-mail address or sign-in name (if
this information is known. For example, if Jo Brown knows the contact information of
48 Exchange Instant Messaging over the Internet
Kari Hensien).
—Or—
Search for a contact to find the Kari Hensien’s e-mail address. Follow the directions
in the wizard. When searching, be sure Microsoft Exchange Instant Messaging
appears in the Search for this person at box. If not, select it from the drop-down
menu.
2. The Instant Messaging client performs a DNS SRV lookupto locate the user, Keri
Hensien’s, router im.adatum.com. An Instant Messaging URL of
http://im.adatum.com/instmsg/aliases/KariHensien is generated.
3. An HTTP SUBSCRIBE request is sent to port 80 to the URL http://im.adatum.com
/instmsg/aliases/Kari Hensien on the Instant Messaging router im.adatum.com. An
HTTP header called Notification-Type indicates that this is an update/propchange
subscription requesting notifications of presence information changes of the user, Kari
Hensien. The Instant Messaging router im.adatum.com searches Active Directory to
find the private Instant Messaging URL of Kari Hensien. The Instant Messaging server
either proxies or redirects the Instant Messaging client to the Instant Messaging home
server:
http://imhomeserver2/instmsg/local/im.adatum.com/instmsg/aliases/KariHensien.
4. The Instant Messaging home server sets a callback property on
http://im.adatum.com/instmsg/aliases/JoBrown.
5. The originating user’s Instant Messaging URL, http://im.adatum.com
/instmsg/aliases/JoBrown, is logged as a property on this node. This value times out
after 4 hours.
Scenario 3: Contact Logs On to Instant Messaging
1.
Instant Messaging user, Kari Hensien, logs on to Instant Messaging Service with the
Instant Messaging address: [email protected]
2. The Instant Messaging client performs a DNS SRV lookup for
_RVP._TCP.adatum.com to locate the Instant Messaging router im.adatum.com.
3. The Instant Messaging client performs a DNS SRV lookup for adatum.com in the
DNS zone. The DNS SRV lookup generates the Instant Messaging URL of
http://im.adatum.com /instmsg/aliases/KariHensien.
4. The Instant Messaging client sends an HTTP SUBSCRIBE method to port 80 at the
IP address. The Instant Messaging client sends connection requests to the Instant
Messaging server through port 80 and registers an IP address and callback port greater
than 1024. The Instant Messaging server contacts the Instant Messaging client on the
registered callback port. The registered callback port is important, because this is the
port number on which the Instant Messaging home server communicates with the
Instant Messaging Scenarios 49
Instant Messaging client, even if you are using a firewall. Outbound ports must be
opened on firewalls to send out messages.
5. A header called RVP-From-Principal indicates that the Instant Messaging URL of the
user, Kari Hensien, who is attempting to log on. For example, in the callback URL
http://10.10.1.98:1051, the numbers 10.10.1.98 indicate the IP address of Kari
Hensien’s computer. The number 1051 is the registered callback port number.
6. The Instant Messaging client on the Instant Messaging router locates Active Directory
to determine the Instant Messaging home server for Kari Hensien and retrieves the
private URL of
http://imhomeserver2/instmsg/aliases/local/im.adatum.com/instmsg/aliases/KariHe
nsien. The Instant Messaging router returns the referral to Kari Hensien ’s Instant
Messaging home server. Then, the Instant Messaging client sends the message to the
Instant Messaging home server.
7. The Instant Messaging home server, imhomeserver1, sets the callback property on
http://imhomeserver2/instmsg/local/im.adatum.com/instmsg/aliases/KariHensien
in the host header. This private URL is used to send any notification requests to the
user’s Instant Messaging URL. These requests may be incoming instant messages or
incoming notifications of presence changes.
8. The instmsg ISAPI extension at im.adatum.com must authenticate the SUBSCRIBE
request. Finding the user object in Active Directory that matches the client’s Instant
Messaging URL authenticates the request. For example,
http://imhomeserver2/instmsg/aliases/local/im.Adatum.com/instmsg/aliases/KariH
ensien. If the server supports NTLM and digest authentication, NTLM authentication
is attempted first. If NTLM authentication fails, digest authentication is attempted.
Digest authentication is an Internet standard that you can use to permit clients to
authenticate by using a sequence of challenges and responses carried over HTTP.
Digest authentication is required for Instant Messaging users that are connecting
through a firewall. Digest authentication needs to be configured on every Web site and
virtual directory that hosts Instant Messaging. The Instant Messaging client retrieves
the password from the user and sends the password to the server. The server verifies
the password.
Note A default domain policy must be set allowing user passwords to be stored in Active
Directory in a reversible encrypted form. This policy allows the Instant Messaging server to
retrieve and verify the user’s password.
9.
The Instant Messaging client issues PROPATCH, PROPFIND, and SUBSCRIPTION
requests, which are sent asynchronously to the Instant Messaging home server.
a. A PROPPATCH request is sent to set the presence information of its URL to
“Online”. This presence information is timed out in 20 minutes. If the Instant
Messaging client does not issue another PROPPATCH within 20 minutes, the
50 Exchange Instant Messaging over the Internet
Instant Messaging home server sets the presence information to the default value
“Offline”.
b. The PROPFIND Request queries for Kari Hensien ’s online status to synchronize
the presence information.
c. The Instant Messaging client issues a SUBSCRIPTION request to find other users
that have subscribed to Kari Hensien ’s presence information. When the presence
information is set to Online, the Instant Messaging client issues an ACL request to
retrieve its Allow/Block lists.
10. The Instant Messaging home server examines the list of Instant Messaging URLs
subscribed to the presence information of the user. The Instant Messaging home
server generates and sends a NOTIFY method indicating the change of presence
information from Offline to Online to each subscribed Instant Messaging URL.
11. The Instant Messaging client examines the list of contacts to whose presence
information the user is subscribed. The contacts list is located in the following location
in the registry: HKCU/Software/Microsoft/Exchange/Messaging /<IM
URL>/Contacts. Each contact has its Instant Messaging address stored as a value
under this key. The Instant Messaging client converts each Instant Messaging address
into an Instant Messaging URL and then sends a SUBSCRIBE request to the user’s
URL.
Scenario 4: Users Communicate Using Instant Messaging
This scenario discusses the Instant Messaging flow when the users, Jo Brown and Kari
Hensien, communicate using Instant Messaging.
1. Jo Brown types a message to Kari Hensien.
2. The Instant Messaging client sends a NOTIFY request to the private Instant
Messaging URL
http://imhomeserver2/instmsg/local/im.adatum.com/instmsg/KariHensien,
connecting through port 80.
3. The NOTIFY request contains a Multipurpose Internet Mail Extensions (MIME) body
with a type of text/x-msmsgscontrol, which indicates to Kari Hensien that Jo Brown
has initiated an Instant Messaging session.
4. The Instant Messaging Home Server receives the NOTIFY request at
http://imhomeserver2/instmsg/local/im.adatum.com/aliases/KariHensien through
port 80.
5. The Instant Messging home server then connects to the Instant Messging client by
using the port that was specified as the callback when the Instant Messaging client
initially registered. Then the home server sends the HTTP NOTIFY request to the
callback URL.
Instant Messaging Scenarios 51
6.
7.
The NOTIFY request contains a MIME body with a type of text/x-msmsgscontrol,
which indicates to Kari Hensien that Jo Brown is typing a message. Notifications are
sent periodically to indicate that the users are typing messages.
Several of these notify requests may be sent as Jo Brown types in a message. When the
Send button or ENTER key on the keyboard is pressed, a NOTIFY message is sent
with the MIME body containing the actual text of the message.
Scenario 5: Contact Changes Presence Information
This scenario discusses the Instant Messaging flow when users change their presence
information.
1. When Kari Hensien changes her presence information, the Instant Messaging client
issues a PROPPATCH request to change the online status property on
http://imhomeserver2/instmsg/local/im.adatum.com/instmsg/aliases/KariHensien
to “On The Phone”.
2. The home server, imhomeserver2, examines and sends a NOTIFY request to
subscribed Instant Messaging URLs. The Instant Messaging home server locates an
Instant Messaging URL of http://im.adatum.com /instmsg/aliases/JoBrown and
connects to the Instant Messaging router im.adatum.com through port 80.
3. The Instant Messaging router looks up Active Directory and refers the server to
http://imhomeserver1/instmsg/local/im.adatum.com/instmsg/aliases/JoBrown. The
Instant Messaging router then sends returns a referral to the Instant Messaging home
server. The home server, imhomeserver2, sends the message to the Instant Messaging
home server imhomeserver1.
4. The Instant Messaging home server, imhomeserver1, connects to the Instant
Messaging client by using the port that was specified in the callback and sends the
HTTP NOTIFY request to the callback URL.
5. The Instant Messaging client receives the NOTIFY requests and changes the status of
the contact to “On The Phone”.
Scenario 6: User’s Presence Information Changes to Idle
1.
2.
If the Instant Messaging client does not detect any keyboard or mouse activity within a
specified period of time (the default is 10 minutes, but this can be configured to a
different value), the Instant Messaging client issues a PROPPATCH request to change
the online status for the user’s Instant Messaging URL to Away.
On detection of any mouse or keyboard activity, the Instant Messaging client issues
another PROPATCH request to change the online status to Online.
52 Exchange Instant Messaging over the Internet
Scenario 7: User Logs Off Instant Messaging
1.
2.
The Instant Messaging client issues an UNSUBSCRIBE request to its Instant
Messaging home server to close the callback URL http://10.10.1.98:1051.
Instant Messaging client issues a UNSUBSCRIBE request to the subscribed contacts’
Instant home servers. The callback URL is then closed. For example, if Jo Brown log
off Instant Messaging, then the callback URL
http://im.adatum.com/instmsg/aliases/JoBrown is closed.
Additional Resources
• Microsoft Exchange 2000 Instant Messaging Setup at
http://www.microsoft.com/exchange
• “Instant Message Polling and Fixed Port Callback Delivery” at
http://www.microsoft.com/exchange
• Microsoft MSDN Web site at http://msdn.microsoft.com/
• Microsoft TechNet Web site at http://www.microsoft.com/technet/
For more information see: http://www.microsoft.com/exchange/
Did this paper help you? Please give us your feedback. On a scale of 1 (poor) to 5
(excellent), how would you rate this paper?
mailto:[email protected]?subject=Feedback: Exchange Instant Messaging over the Internet
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement