Where are the OCS 2007 Settings Stored in AD?

I find myself having to look this up ever-so-often, so I thought I would document it once and for all.

OCS stores key information in AD (everything from Global Settings, Location Profiles, Phone Routes, Policies, Pool Information, Trusted MCU’s and Trusted Services).

By default, in OCS 2007, the settings are stored in the root domain System Container. This equates to a distinguished name (DN) of the format:

     > CN=RTC Service,CN=Microsoft,CN=System,DC=domain,DC=com

If you are using one of many LDAP tools (like ADSIEdit.msc ), prefix the DN with the FQDN of the Domain or a Domain Controller.

     > E.g. LDAP://{Domain or DC FQDN}/CN=RTC Service,CN=Microsoft,CN=System,DC=domain,DC=com

If your domain includes several sub-domains, be sure to construct the DN such that there is a DC element for each sub-domain. For example, if your domain is “sub1.sub2.sub3.com”, the DN of the OCS settings in AD will be:

     > CN=RTC Service,CN=Microsoft,CN=System,DC=sub1,DC=sub2,DC=sub3,DC=com

By default, in OCS 2007 R2, the settings are stored in the Configuration container (partition):

     > CN=RTC Service,CN=Services,CN=Configuration,DC=domain,DC=com

As a side note, if you are migrating to OCS 2007 R2 from R1, seriously consider migrating the OCS global settings to the Configuration Partition beforehand (during the R2 AD preparation). Settings in the Configuration Partition are replicated to all domains in the forest (unlike the System Partition) and if you have any child domains and low bandwidth connections, you could experience problems keeping the settings in the System Partition. You cannot migrate these settings once the AD prep steps are completed for R2. See the OCS R2 Deployment Documentation for more information, or this excellent blog post on Aaron Tiensivu’s blog.

A good reference for all the OCS 2007 Active Directory Attributes is available here: http://technet.microsoft.com/en-us/library/bb803613.aspx

Programmatically Determining Where the OCS information is Stored in AD

If you have scripts that are dependent on the AD location of the OCS configuration information, you can query the msRTCSIP-Service object class, first on the Root Domain System container, and then the Configuration container if the Root Domain System container is empty. Here is a sample PowerShell script from the OCS resource kit that does it:

#runs against default AD server
 $searcher= New-Object directoryServices.DirectorySearcher([adsi](’LDAP://’+([adsi]‘LDAP://RootDse’).RootDomainNamingContext  ))
 $searcher.filter=”(objectclass=msRTCSIP-Service)”
 [string]$global:OCSADContainer=$searcher.FindOne().path
 
 if ($OCSADContainer -eq ”) 
 {
     $searcher= New-Object directoryServices.DirectorySearcher([adsi](’LDAP://’+([adsi]‘LDAP://RootDse’).configurationNamingContext))
     $searcher.filter=”(objectclass=msRTCSIP-Service)”
     [string]$global:OCSADContainer=$searcher.FindOne().path
 }
 
 $OCSADContainer

Share and Enjoy:
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • LinkedIn
  • MySpace
  • Reddit
  • Technorati

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>