The CR service is an active - active Lync / SfB application which is responsible for recording voice/chat mails and should be installed on all TM machines.

Installation

  1. Run the  CR.Setup.msi
  2. On the  Luware-TM-CR Configuration Settings   screen of the setup make sure you fill the
    1. Instance Name
    2. Port number
    3. SfB Server Version
    4. Configure Certificate Security

  3. For security reason TM provides possibility to use certificate-based encryption and verification during the components communication. To configure certificate based authentication, select ‘Configure Certificate Security’ check box and press ‘Next’ button to open a page with server certificate settings.

    Example of filled Luware-TM-CR Configuration Settings screen

    If ‘Configure Certificate Security’ check box was set to true, configure the server certificate settings as the next step. The client settings specify which settin gs CR will use while connecting to PS. The server settings are used to validate another services when they try to connect to CR.

    Example of filled Luware-TM-CR Server Certificate Settings screen
SettingsDescriptionValue
ModeTransfer security modes offered by WCF to ensure a secured communication between a client and a server.None : This mode ensures that no security is applied while communication between server and client.

Transport:   As the name suggests, it is concerned with security of communication between a client and a service over a network protocol. It guarantees the confidentiality and integrity of messages at transport level since transport security secures the entire communication channel.


Validation ModeThe mode that specifies how incoming certificate is validated and how trust is determined  .None:  In this mode no validation is perfomed.

ChainTrust: :  In this mode WCF simply validates the certificate against the issuer of a certificate known as a root authority (the expiration time is checked too).

PeerTrust:  In this mode WCF simply checks if the incoming certificate is installed in the  Trusted People  folder in the certificate store (the expiration time is checked too).

PeerOrChainTrust:  Mixed mode.

Is DedicatedThe flag that defins which certificate is used for encryption.False: Encryption is done with default certificate. It means that certificate with the hostname of the machinefrom the Personal Store is used on server side.

True : Encryption is done with a dedicated certificate. It means there is  possibility to configure identifier (thumbprint) of the certificate.

ThumbprintThe thumbprint is a hash value computed over the complete certificate, which includes all its fields, including the signature.



→  See Prepare Certificate Thumbprint

Note: The system reports all errors related to  connection or certificate issues to a log file ‘C:\Program Files\Luware AG\TM-ICH\log \connectionIssues.log’.

  • Open  Services  and start the installed service.
  • Check that the service is successfully started without any errors in Event Viewer or in the log file
    'c:\Program Files\Luware AG\TM-CR\log\regularLog.txt'

Configuration


Support for Exchange Web Service (EWS) APIs for Exchange Online is being phased out by Microsoft1 in favor of OAuth 2.0 (via O365 credentials). TeamManager features already use Graph API and can be reconfigured. Check in your configuration that "O365" settings are used instead of "Exchange".

(tick) AREAS TO CHECK: Mailboxes, Calendars, Voicemail, Topology Settings. Note that "Mail Manager" as an exception will not get further Graph support.

1 https://techcommunity.microsoft.com/t5/exchange-team-blog/upcoming-api-deprecations-in-exchange-web-services-for-exchange/ba-p/2813925

In the Luware-TM-Configurator application:

  1. Open TM Configurator -> Topology -> Components (Server)

  2. Add CR component as it is shown in the example (select the CR Server Type, System Instance, Activity Order and fill the service’s Settings according to the table below):


    Key in TM Configurator

    Description

     

    ApplicationURN

    Identifies the registered Lync / SfB Application. To get the required value

    1. run Get-CsTrustedApplication command in Lync / SfB Server Management Shell

    2. search for the right component by application port number or name

    3. copy ApplicationId

    Example :urn:application:tm-conversationRecording

    ApplicationUserAgent

    The value specified here will be used in the SIP Message to identify the application. The name can be chosen freely.

    SipUris

    The configured SIP URIs of the Application Endpoints which will participate in conversations for recording. To get the required value

    1. run Get-CsTrustedApplicationEndpoint command in Lync / SfB Server Management Shell

    2. search for the right component by application

    3. copy SIP URIs

    They will be divided by semicolon ‘;’

    Example : sip:tm-recording1@luware.com;sip:tm-recording2@luware.com