This document summarizes the features in Oracle Communications Unified Communications Suite 7 Update 3 that are new or have been enhanced since Oracle Communications Suite Unified Communications Suite 7 Update 2 for the following components:
Oracle Communications Unified Communications Suite Products and Components Version 7 Update 3
|Oracle Communications Messaging Server||7 Update 4 (Patch 27)|
|Oracle Communications Instant Messaging Server||9 (Patch 1)|
|Convergence||2 (Patch 5)|
|Oracle Communications Calendar Server||7 Update 3 (Patch 9)|
|Delegated Administrator for Oracle Communications Unified Communications Suite||7 (Patch 6)|
|Connector for Microsoft Outlook for Oracle Communications Unified Communications Suite||8|
|Indexing and Search Service for Oracle Communications Unified Communications Suite||1 Update 4 (Patch 15)|
|Messaging Server HA Agent (MS_SCHA)||7|
|Instant Messaging HA Agent (IM_SCHA)||7.3|
|Dssetup for Oracle Communications Unified Communications Suite (comm_dssetup)||6.4 (Patch 24)|
Check Communications Suite Component Patches for current patches that have shipped since the initial Communications Suite 7 Update 3 release.
This document contains the following sections:
- New Features in Messaging Server 7 Update 4
- New Features in Convergence 2 Patch 5
- New Features in Convergence 2 Patch 6
- New Features in Calendar Server 7 Update 3
- New Features in Indexing and Search Service 1 Update 4
- New Features in Instant Messaging 9
- New Features in Delegated Administrator 7
- New Features in Connector for Outlook 8
- New Features in DSsetup 6.4 Patch 24
To look up numeric error codes related to SSL/TLS, see: http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslerr.html. For more information, see: Certificate Based Authentication for Messaging Server.
This remaining changes to Messaging Server 7 Update 4 are bug fixes only.
Convergence 2 Patch 5 includes the following changes and new features:
Convergence supports Google Chrome browsers, beginning with Convergence 2 Patch 5.
The Convergence cal.autoprovision configuration parameter is now off by default, beginning with Convergence 2 Patch 5.
Convergence treats any entered search string as a 'starts with' search in the Corporate Address Book. For example, if a user enters foo, results beginning with foo are listed.
In addition, adding the asterisk * in a search string (for example, *foo) allows you to do a wildcard search for a "contains search" or "substring-any" search.
Convergence 2 Patch 6 includes the following changes and new features:
Convergence 2 Patch 6 provides support for standard 9-inch or 10-inch tablets.
Convergence 2 Patch 6 supports Safari on iPad iOS starting with 6.0.1 and Chrome on Android Jellybean starting with 4.1.1.
Calendar Server 7 Update 3 includes the following changes and new features:
- Authenticating Against a Directory External to the Calendar Server Environment
- Booking Window for Calendars
- Changes to the davadmin Command
- Enable and Disable Account Autocreation
- LDAP Pools
- New Configuration Parameters
- New Languages
- New populate-davuniqueid Utility
- New Schema Objects
- Non-active Calendar Accounts Are No Longer Searched or Fetched
- Remote Document Store Authentication
Calendar Server 7 Update 3 enables authentication against a separate, LDAP directory external to the Calendar server environment. Such a configuration is useful in hosted environments for delegating one administrative aspect to a provider (managing the Calendar Server front- and back-end hosts and LDAP directory with non-sensitive data), while maintaining control over the LDAP user passwords in the internal, corporate network. In this setup, Calendar Server would use the external directory for authentication.
For more conceptual information on Calendar Server and external authentication, see Calendar Server and Directory Server Integration. To configure Calendar Server for authentication against an external Directory Server, see Configuring External Authentication.
Calendar Server 7 Update 3 supports the use of a system-wide minimum booking window for calendars through the use of the new davcore.scheduling.minbookingwindow configuration parameter. This new parameter compliments the existing maximum booking window support (davcore.scheduling.maxbookingwindow) parameter. In addition, starting in Calendar 7 Update 3, you can set account-level minimum and maximum booking window properties through the davadmin account command or clients that use the WCAP set_accountprops command. The minimum and maximum booking window values define a window of time relative to current time, between which Calendar Server allows the account to be scheduled. Calendar Server enforces the booking window by returning a busy response to the free/busy check done by the scheduling agent if the requested time is outside the booking window. In addition to setting the booking window, you should also set the account's scheduling flag to "decline on conflict" for the window to take effect. The booking window setting also affects calendars configured to auto accept invitations. In the case where auto decline is also configured, it takes precedence over auto accept.
To configure both the minimum and maximum booking windows for accounts, you can use either the davadmin command or the set_accountprops.wcap interface. In absence of an account property, Calendar Server defaults to using the corresponding system-wide booking window configuration.
Upfront Free/busy Check for Control of Doublebooking and Booking Window During Scheduling
A scheduling attempt requested for an account that has its attendance flag set to "decline on conflict" (the attendance flag is set either by a CommSuite:set_accountprops.wcap command or davadmin account command), triggers Calendar Server to perform a special free/busy check. This check happens as part of the scheduling process for both CalDAV and WCAP clients. Because scheduling is an asynchronous process, the event organizers are made aware of an error only after they have made the booking. However, for clients that use the WCAP protocol, the same check is performed upfront. This enables the organizer to get an immediate error if the event request results in a conflict for the calendar.
(Bug: 12310347, SR: 1-742597505)
In Calendar Server 7 Update 3, the davadmin command has been updated with the following changes:
- The passfile option has been updated to accommodate setting a password on the remote document store and corresponding password entry in Calendar server front end that needs to communicate with the document store.
- A new command, davadmin ldappool, has been added to support LDAP pools, which are used in configuring external Directory Server authentication.
- The davadmin account list command now displays a list of all users in the database and their details.
For more information, see CommSuite:Calendar Server 7 Command-Line Utilities.
Calendar Server 7 Update 3 provides the capability to enable or disable, on a system-wide basis, the calendar account autocreation, either on login or invite. For more information, see the davcore.autocreate.enableautocreate parameter in Calendar Server 7 Configuration Parameters.
Starting with Calendar Server 7 Update 3, you can create LDAP pools for use in authenticating against an external directory. For more information, see the davadmin ldappool command and also Configuring External Authentication.
Calendar Server 7 Update 3 introduces the following configuration parameters:
- davcore.autocreate.rescalcomponents: Assigns the default autocreation setting for supported calendar components for a new resource calendar
- davcore.scheduling.allowownerdoublebooking: If set, owners of resource calendars can double book even if the resource account prevents doublebooking
- davcore.scheduling.minbookingwindow: Specifies the start of a booking window, in days, from the time of scheduling, from which a calendar can be booked in advance
For more information, see Calendar Server 7 Configuration Parameters.
Calendar Server 7 Update 3 also includes the service.host parameter for the document store ashttpd.properties file.
For Calendar Server 7 Update 3, the product configuration program and all notifications that are sent by the server have been localized into the following additional languages: German, Spanish, Korean, Simplified Chinese, and Traditional Chinese.
Calendar Server 7 Update 3 introduces a new LDAP attribute named davUniqueId. This attribute replaces the problematic nsUniqueId attribute, whose value is lost when an LDAP entry is deleted and then recreated. (See Changing User uuid for more information about the issues with the nsUniqueId attribute.)
To set the value of the davUniqueId attribute to the current value of the nsUniqueId attribute for existing LDAP entries, use the new populate-davuniqueid utility.
For more information, see Calendar Server Unique Identifier.
The following LDAP schema objects are added to Calendar Server 7 Update 3 to support authentication against an external Directory Server:
- externalAuthPreUrlTemplate: This attribute is used for authentication by using external Directory Servers. Its value is an LDAP URL that defines how users must be searched for in the external Directory Server against which authentication is performed.
- externalAuthPostUrlTemplate: This attribute is used for finding the internal Directory Server entry for a user who authenticated by using external Directory Servers. Its value is an LDAP URL that must be used to map the external Directory Server authenticated user to a user in the internal Directory.
The following LDAP schema attribute is also added:
- davUniqueId: This attribute can be used to define a unique ID for any davEntity user, group, and resource object, much like the operational attribute nsUniqueId. It is recommended that davUniqueId be used as the value of the davcore.uriinfo.permanentuniqueid configuration parameter.
These new elements are required by Calendar Server 7 Update 3. Schema changes are applied to Directory Server when you run the comm_dssetup script. When upgrading to Calendar Server 7 Update 3, you need to first apply the comm_dssetup 6.4 patch (at least 6.4-24.02) and run the updated comm_dssetup script against your Directory Server instances. See Upgrading Calendar Server for more information.
Starting with Calendar Server 7 Update 3, if a calendar account's LDAP icsStatus attribute is populated and is not set to active, the account is not searched nor are any results fetched for that account when running Calendar Server davadmin or WCAP commands. That is, Calendar Server returns search results only for active accounts and does not return unusable data such as inactive calendars.
Calendar Server 7 Update 3 provides enhanced security for remote document stores. A remote document store now requires password authentication for the connection between the Calendar Server and the remote document store server. The password needs to be known by both the document store client (which runs in the Calendar Server itself) and the remote document store server (which runs on the remote host where the store is located). The password is stored in a password file (called a wallet) on each of the hosts.
For information on configuring the remote store password, see To Configure Remote Document Store Authentication.
Indexing and Search Service 1 Update 4 includes the following changes and new features:
(Bugs: 13517733, 13257862, SR: 3-5561340981)
This feature checks every ISS account against Messaging Server accounts at regular intervals to detect differences, for example, from a reconstructed folder or lost event notifications, that ISS can then automatically correct.
Two items control this periodic check:
- Periodic auto-sync: A periodic scan to check that all active ISS accounts are in sync.
- Periodic auto-bootstrap: A scan for accounts unknown to ISS and adding these accounts to a list to be automatically bootstrapped. It is the bootstrap action that is periodic, not the error scanning. The scanning for accounts that need to be bootstrapped occurs continuously as new events arrive and errors are detected. ISS adds the unknown accounts to the auto-bootstrap "to-do" list whenever trigger conditions are met. The periodic nature of the auto-bootstrap prevents too many accounts from being bootstrapped simultaneously, should many errors show up at once. This process enables the workload to be spread out among the Messaging Server and ISS hosts, instead of trying to correct every such error immediately.
For more information, see Administering Periodic Automatic Synchronization for Indexing and Search Service Accounts.
This feature fixes an issue where ISS becomes out-of-sync when a folder has been reconstructed on Messaging Server. When the reconstruct command runs, it may cause the UID validity value and/or UIDs assigned to emails in a folder to change, but does not trigger event notifications to notify ISS of the change. ISS now detects the UID validity mismatch while processing events and re-bootstraps the folder to get it back in sync.
This feature is designed for the implementation of highly available (HA) ISS nodes, however the service itself is useful even when you do not use HA (which is why it is included in this release). The watcher service provides local host monitoring of ISS services and alerts you, with log file messages and email warnings, when it detects a service outage. Once alerted, you can take the appropriate corrective action, such as restarting a service. The services that are monitored are dependent on the type of ISS installation on which the watcher is running. The iss.cluster.install parameter in the jiss.conf configuration file defines the ISS installation type:
For more information, see Administering the ISS Watcher Service.
Additionally, one of the HA improvements is to enable the cluster search service to run on the back-end nodes, making exposing NFS to the web tier unnecessary. For more information, see Configuring Indexing and Search Service for clusterv2.
The following performance improvements for this release are targeted at both general memory and time reductions, and to speed up specific styles of search queries:
- Search service: Email folder manager optimization reduces the number of indexReaders opened during search
- jmqconsumer process: Candidate file write optimization reduces the IO overhead during event processing of candidate file writing
- Index service: folderflag optimization reduces the average size of flag records for folders containing a large number of emails
Starting with this release of Indexing and Search Service, Java 7 is recommended, as Java 6 is entering end of life. If you generated your ISS indexes while on Java 6, once you upgrade to Java 7, you should regenerate the indexes. See Upgrading Indexing and Search Service for more information.
Instant Messaging 9 Patch 1 includes the following changes and new features:
- Group Messaging
- Offline Messaging
- Default Password Changed
- Manually Configuring httpbind
- Protecting Deployed Instant Messaging Components
- New Configuration Parameter
You can configure Instant Messaging so that end users can send a message to an LDAP group, which can be either dynamic or static.
- LDAP dynamic group: Membership, rather than being maintained explicitly in a list, is determined by search criteria using an LDAP URL. Dynamic groups use the groupOfURLs object class and the memberURL attribute to define LDAP URLs with the criteria (search base, scope, and filter) to be used for determining members of the group.
- LDAP static group: A static group is one whose entry contains a membership list of explicit DNs. You can define a static group by using the groupOfUniqueNames object class and by explicitly specifying the member DNs using the member attribute.
To enable end users to view dynamic and static LDAP groups in search results and add them to their instant messaging client contact list, you need to include groupOfUrls objects in search results.
For more information about Group Messaging, see Managing Instant Messaging's LDAP Access Configuration.
When the offline chat message delivery feature is enabled on the Instant Messaging Server, regular instant messages (chat messages) that are sent to offline users are not discarded. They are available on the Instant Messaging Server, and delivered to the user when the user comes online. This feature can be enabled at deployment level or at domain level using the whitelisting facility. This feature can be disabled using the blacklisting facility.
However, Instant Messaging alerts are managed differently. The feature is enabled or disabled at the user level. Similar to offline chat messages, the Instant Messaging Server stores the alerts for the offline recipient, and delivers them when the user logs in next time. This is, if the user has configured to receive offline alerts during the next login.
If you install Calendar Server with Instant Messaging, you can configure your deployment such that you receive Instant Messaging alerts about your calendar todos and events, as pop-up messages. As long as you are logged in to Instant Messaging (you are online), you receive Calendar Server HTML pop-up reminders on your desktop. If you are offline, you receive the alerts the next time you login, if you have configured to receive offline alerts during the next login.
For more information about Offline Messaging, see Managing Instant Messaging Messages for Offline Users.
Starting with Instant Messaging 9 Patch 1, the default value for password configuration properties is random.
Starting in Instant Messaging Server 9 Patch 1, you can manually configure httpbind connections to "follow through" by using this command:
Starting with version 9 Patch 1, Instant Messaging deployments are more secure. In previous versions of Instant Messaging, the server listened to connections on the port defined by the iim_server.port parameter (the default value is port 5269) in various situations. These situations include a peer in a server pool, components such as external gateways, cal-agent, sms-agent, httpbind, and so on. In Instant Messaging 9 Patch 1, the server now listens to this port only when at least one of these options is configured.
The gwdomain-id.multihosting parameter in the httpbind.conf file, if set to true, allows a packet destined to a domain, which is not pre-configured in httpbind.conf, to be sent to Instant Messaging Server. You use this parameter for a hosted domain setup. The default value for this parameter is true. For more information, see Gateway Domain ID Key Parameters for httpbind.
Instant Messaging 9 Patch 2 includes the following changes and new features:
Instant Messaging Server 9 Patch 2 provides the following new configuration properties:
- iim_server.sasl.usemechanism.DIGEST-MD5: Enables the DIGEST-MD5 authentication mechanism
- iim_ldap.plaintextpasswords: Specifies if the passwords in LDAP are stored in clear text
- iim_server.filter.enable: Specifies if the file filter providers should be enabled or disabled
- iim_server.filters: Specifies the list of file filter providers
Starting with version 9 Patch 2, Instant Messaging Server supports the DIGEST-MD5 SASL authentication method for password-based authentication. DIGEST-MD5 is a challenge/response authentication mechanism defined in RFC 2831.
Prerequisite: To use the DIGEST-MD5 authentication mechanism, the passwords in LDAP should be in plain text.
- Use the imconfutil command to set the iim_server.sasl.usemechanism.DIGEST-MD5 to true and to set the iim_ldap.plaintextpasswords property to true.
- Restart Instant Messaging Server.
Starting with version 9 Patch 2, Instant Messaging Server supports the use of GlassFish Server 3 as the web container.
A ByteStreamFilter is a server plugin module that can be used to control, alter or discard all byte stream data going through the server. Starting with Instant Messaging Server 9 Patch 2, these filters can be specified and enabled by using the new configuration properties, iim_server.filter.enable and iim_server.filters.
This version of Delegated Administrator 7 (Patch 6) in Communications Suite 7 Update 3 includes bug fixes only.
Delegated Administrator 7 Patch 7 includes the following changes and new features:
Starting with Delegated Administrator 7 Patch 7, you can enable LDAP over SSL (LDAPS) for Delegated Administrator communications with Directory Server. This applies only to Direct LDAP mode. For more information, see Configuring Delegated Administrator for LDAPS.
Delegated Administrator 7 Patch 7 includes the following new configuration parameter (applies to Direct LDAP mode only):
- ldaphost-usessl: When set to true, this parameter enables LDAP over SSL (LDAPS) for Delegated Administrator communications with Directory Server.
Delegated Administrator 7 Patch 7 includes the following new option to the config-commda initial configuration command:
- -relaxugcheck: Bypasses the LDAP check on if the default organization RDN is the same as the User/Group suffix. This check was performed to work around an issue in Access Manager mode. However, if your existing directory structure is such that the default organization RDN is the same as the User/Group suffix, and you plan to use Direct LDAP mode, then you would use this option to bypass the restriction.
Microsoft Connector for Outlook 8 includes the following changes and new features:
- Support for Microsoft Outlook 2010 (32-bit)
- Connector for Microsoft Outlook Profile Conversion and Upgrade Support
This version of Connector for Outlook provides support for Microsoft Outlook 2010.
In Connector for Microsoft Outlook 7.3 and earlier versions, you had to create a new profile to modify or upgrade user profiles linked to Connector for Microsoft Outlook 7.1 and later versions.
A new hidden configuration parameter, ModifySun71PlusProfile, located in the setupfilename.ini file, enables or disables the conversion of Connector for Microsoft Outlook 7.1 (and later versions) user profiles. To not modify the Connector for Microsoft Outlook 7.1 (or later version) user profile, set the ModifySun71PlusProfile parameter equal to 0. To modify the user profile with the configured values, set the ModifySun71PlusProfile parameter equal to 1
The ModifySun71PlusProfile=0/1 parameter is not enabled if the Create new user profile without conversion/upgrade option is chosen in the user profile settings of the Connector for Microsoft Outlook configuration program.
In this release of DSsetup new attributes and object classes have been added for use by Calendar Server 7 Update 3. See New Schema Objects for more information. Also, the nabStatus, nabDomainAcl, nabDomainNames, and nabStore objects have been assigned for future use with Network Address Book.
In addition, Dssetup no longer automatically removes 71sun-am.ldif if Access Manager schema is found in 99user.ldif.