Establish Accounts on Office Communications Server
This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.
Use Microsoft Active Directory directory service, the ApplicationProvisioner sample application, and the Certificate Wizard to create the accounts and objects required for debugging Microsoft Unified Communications Managed API2.0 communications workflow applications.
On the domain containing Microsoft Office Communications Server, add an account for the user who will debug workflow applications. This user must be enabled to use Office Communications Server. For more information, see Create and Enable Users for Office Communications Server.
Application provisioning refers to creating the Active Directory objects that the application requires.
A trusted service object enables services to trust an application. This object needs to be created only once for each application computer. The typical properties in this object include the FQDN of the computer, and the listening port. The trusted service object might also store the instance ID that is used to compute a GRUU associated with the application.
A contact object contains the contact URI (firstname.lastname@example.org), display name, phone URI, and the Office Communications Server server FQDN.
To create these Active Directory objects, consider using the ApplicationProvisioner sample application in the UCMA v2.0 Core SDK\Sample Applications\Collaboration\ApplicationProvisioner directory. Once the objects are created, it is necessary to identify them in the application code by updating property values. For information on using the ApplicationProvisioner sample application, see the topic Using ApplicationProvisioner in the help file UCMACore2.0.chm. For information about updating application code, see Walkthrough: Hello World.
Use certificates to authenticate the connection between the Office Communications Server computer and the application computer. A Unified Communications Managed API application may use Transmission Control Protocol (TCP) or Mutual Transport Layer Security (MTLS). Using MTLS requires a certificate to authenticate inbound and outbound connections with Office Communications Server. For information about certificate management see Related Links (Advanced Certificate Enrollment and Management).
In Office Communications Server, use the Certificate Wizard to create certificates on the Standard Edition Server or Front End Server of an Enterprise pool. For more information, in Managing Front End Servers see “Configuring Certificates for Servers.”
Create the following two certificates for the application computer and ensure the account used for the application has read access to the certificate store and the private key:
Create a certificate for the application computer that Office Communications Server trusts, and then import that certificate to the application host computer. This certificate must be installed in the Console Root\Certificates(Local Computer)\Personal\Certificates folder.
Create a root certificate and install this certificate in the Console Root\Certificates(Local Computer)\Trusted Root Certification Authorities\Certificates folder.