The default UDP/TCP port range used by the Office Communicator 2007 client is 1024-65535. The Real Time Media Communications stack in Office Communicator 2007 allocates the media port dynamically in this range.
To control the specific range of ports that need to be open on a firewall, a registry key setting is provided to force the media stack to reduce the range of port values that can be used for real time media communications. Microsoft provide these registry keys (http://technet.microsoft.com/en-us/library/bb964029.aspx) however, there is no ADM template provided to be able to control this via Group Policy.
See below for a custom ADM that has been created. Just copy these into a text editor and save them as an ADM file, then import in them into your GPO. Remember to adjust the values to suit the port range required in your environment.
User Policy
CLASS USER
CATEGORY “OCS R2″
KEYNAME Software\Microsoft\Shared\UcClient
POLICY ServerAddressInternal
PART ServerAddressInternal EDITTEXT
VALUENAME “ServerAddressInternal”
END PART
END POLICY
END CATEGORY
CATEGORY “OCS R2″
KEYNAME “Software\Microsoft\Live Meeting\Console\Version 8.0\Attendee”
POLICY AttendeePortRangeMin
EXPLAIN “Enabled = 48951″
VALUENAME “MediaPortRangeMin”
VALUEON NUMERIC “48951″
VALUEOFF NUMERIC “0″
END POLICY
POLICY AttendeePortRangeMax
EXPLAIN “Enabled = 49050″
VALUENAME “MediaPortRangeMax”
VALUEON NUMERIC “49050″
VALUEOFF NUMERIC “0″
END POLICY
END CATEGORY
CATEGORY “OCS R2″
KEYNAME “Software\Microsoft\Live Meeting\Console\Version 8.0\Presenter”
POLICY PresenterPortRangeMin
EXPLAIN “Enabled = 49051″
VALUENAME “MediaPortRangeMin”
VALUEON NUMERIC “49051″
VALUEOFF NUMERIC “0″
END POLICY
POLICY PresenterPortRangeMax
EXPLAIN “Enabled = 49150″
VALUENAME “MediaPortRangeMax”
VALUEON NUMERIC “49150″
VALUEOFF NUMERIC “0″
END POLICY
END CATEGORY
Computer Policy
CLASS MACHINE
CATEGORY “OCS R2″
KEYNAME “Software\Policies\Microsoft\Communicator\PortRange”
POLICY “Enabled”
VALUENAME “Enabled”
VALUEON NUMERIC 1
VALUEOFF NUMERIC 0
END POLICY
POLICY “MaxMediaPort”
EXPLAIN “Enabled = 48950″
VALUENAME “MaxMediaPort”
VALUEON NUMERIC ”48950″
VALUEOFF NUMERIC “0″
END POLICY
POLICY “MinMediaPort”
EXPLAIN “Enabled = 48851″
VALUENAME “MinMediaPort”
VALUEON NUMERIC ”48851″
VALUEOFF NUMERIC “0″
END POLICY
END CATEGORY
I would recommend ensuring that you follow the guidelines on the minimum number of ports as outlined by Microsoft in this document –> http://technet.microsoft.com/en-us/library/bb964029.aspx
——-
Update 27/10/2009
I noticed that there is a Technet post about this blog entry – http://social.microsoft.com/Forums/en-US/commmunicatorsetup/thread/4184b145-4f63-40bd-901a-26d90c35ab89. Jeff Schertz’s answer is correct – These registry keys and values do not exist by default since the normal behavior is for the client to assign dynamic ports in the entire 1024-65535 range. You need to manually create these keys and values.
Possibly related posts (auto generated):
Related Articles
No user responded in this post
Leave A Reply