Tuesday, February 17, 2009

ExchUCUtil.ps1

Connecting Office Communications Server 2007 to Exchange Unified Messaging gives a lot of people some trouble. There are plenty of Blog entries out there about the connection Script ExchUCUtil.ps1 but none that seem to explain what this script is doing. Recently at a customer site I ran into a problem where the ExchUCUtil.ps1 and get-Ucpool.ps1 did not work correctly. Hopefully this information will help give an understanding so trouble shooting will be easier.

The script performs the following tasks:
Creates a UM IP gateway for each Communications Server 2007 Enterprise Pool.

  • Creates a hunt group for each gateway. (The pilot identifier of each hunt group specifies the UM dial plan used by the Enterprise Pool that is associated with the gateway.)
  • Grants Communications Server permission to read Exchange UM objects in Active Directory.

Location of the ExchUCUtil.ps1 and Get-Ucpool.ps1

C:\Program Files\Microsoft\Exchange Server\Scripts

The ExchUCUtil Script Creates Gateways for Each Communications Server 2007 Enterprise Pool that it finds in AD. It uses the Get-Ucpools.ps1 Script to find those pools.

In the FindUCObject function there is the following code

  1. $globalCatalog = $entry.psbase.Properties["rootDomainNamingContext"].Value;
  2. $entry.psbase.Path = "GC://" + $globalCatalog
  3. write-host Using Global Catalog: $entry.psbase.Path
  4. Write-host

    Line number 2 is where the script tries to set up and define your root Global Catalog Server
    If your Script is having problems you can comment out line number 2 by using the Hash sign (#)
    Once you have commented out that line you can directly specify your GC like the example below.

  5. $globalCatalog = $entry.psbase.Properties["rootDomainNamingContext"].Value;
  6. #$entry.psbase.Path = "GC://" + $globalCatalog
  7. $entry.psbase.Path = "GC://MYGCin.Domain.com"
  8. write-host Using Global Catalog: $entry.psbase.Path
  9. Write-host

    This will direct the script exactly at the main GC of your forest.

    Once the Script has found the correct GC it starts the hunt for the UC Pools that are in the environment by looking for objectCategory=msRTCSIP-Pools. This will return the pool names back to the Get-UCPools Script and it will put the pools in a hash table using the DnsHostName as the key.

    After the collection happens in the Get-UCpools.ps1 script the EchUCUtil.ps1 script starts to parse through the data stored in memory by the Get-UCpools Script. It will identify all the pools in the environment and will have them by fully Qualified Domain Name. The example is OCSPool1.Domain.com. The ExchUCUtil script will create new gateways and Hunt groups per OCS Pool. It will take the name of the pool and set it as the gateway name and apply the FQDN of the pool to the address field of the gateway. The Exchange Power Shell command to create a new IP gateway is run a default hunt group is automatically created. This hunt group will be removed by the script and it will create one with the name of the dial plan as the pilot identifier and the name of the hunt group.

    After the creation of the Dial plans Gateway and hunt group the script sets the following permission to the Exchange Organization container, UM DialPlan and AutoAttendant Containers

    Permissions for group Domain.com\RTCUniversalServerAdmins


ObjectName

AccessRights

----------

------------

<Exchange Container Name>

ListChildren

UM DialPlan Container

ListChildren, ReadProperty

UM AutoAttendant Container

ListChildren, ReadProperty



Permissions for group Domain.com\RTCComponentUniversalServices


ObjectName

AccessRights

----------

------------

<Exchange Container Name>

ListChildren

UM DialPlan Container

ListChildren, ReadProperty

UM AutoAttendant Container

ListChildren, ReadProperty


If the script won't run at all you might have a larger issue. However it is possible to create the Gateway and Hunt Group by hand through the Exchange Management interface. Once they have been created a quick dive into ADSI edit setting the appropriate permission on the containers will leave the environment in the same state as if the Script had run from the Power Shell.


~Cheers!~

No comments: