Posts in Category "Administration"

Connect 9.0.2 Patch Is Now Available

Posted on January 8, 2013 by Jim Johnson | Comments (0)

The 9.0.2 Patch for Licensed deployments is now live and can be downloaded from: http://helpx.adobe.com/adobe-connect/kb/connect-90-patches.html

Releases notes are here: http://helpx.adobe.com/adobe-connect/kb/connect-902-release-notes.html

 

Adobe Connect Service Cyclers

Posted on November 9, 2012 by Jim Johnson | Comments (0)

Periodically, licensed (on-premise) deployments of Adobe Connect Pro will have to have the services stopped or cycled during periods of modification, customization, troubleshooting, or potentially on a scheduled basis.
For convenience, you can copy the appropriate code below into a new file and save at a batch (.bat) file. Running this batch file will stop all the services in the correct order and then restart them in the appropriate order either all at once (automatically) or after a keystroke (prompted) by the user.

For a scheduled periodic cycling of the services, you can setup a scheduled task in Windows (on the Connect server) to run this batch file or have it controlled by a centralized enterprise scheduler like Tidal. Of course if setting up a scheduled task, you’d need to select the one without the forced keystroke.

First, take everything in between the lines (from @ECHO OFF through @ECHO OFF) and save as a .bat file to the Connect server.

Then you can run it manually or point a scheduled task to it.

I have posted a few different options below…see the descriptions then the code below them.  These are applicable to Adobe Connect Pro 8.x and 9.x.  There are additional services with 9.x (i.e. Adobe Connect CQ-Author service, Adobe Connect CQ-Publish service) as well as the Flash Media Gateway (FMG) and Adobe Connect Presence Server services that are in both C8 and C9 that may or may be needed.  You can add these services to the batch files if applicable.

1.) Below is a cycler that just stops and starts all the applicable services (FMS,FMSAdmin,ConnectPro, and the CPTelephonyService). It is up to you and your deployment, whether you need the CPTelephonyService or not.  This version will do it all automatically and won’t force you to perform a keystroke to start once the services are stopped. This version is good for a scheduled task to point to. Again, you may remove the FMSAdmin and/or CPTelephonyService services if you wish, as they are not always needed.  I also added a ping in the middle so it adds more time before restarting the services (in case there is a delay in stopping the FMS service, which sometimes happens).

———————————snip below here and save to a .bat file—————————-

@ECHO OFF
REM ----------------CONNECT SERVICE AUTOMATIC CYCLING ----------------
REM
REM This batch file stops and starts the Adobe Connect and Flash Media Server Services
REM

REM
REM -----------------------------------------------------------------------
@ECHO ON

net stop ConnectPro
net stop CPTelephonyService
net stop FMSAdmin
net stop FMS
ping 1.1.1.1 -n 1 -w 20000>nul
net start FMS
net start FMSAdmin
net start ConnectPro
net start CPTelephonyService

@ECHO OFF

———————————snip above this and save to a .bat file——————————

2.) Below is a cycler that stops the services (same as above) but requires a keystroke to start up the services again. This is handy if you are doing work on the server or troubleshooting and you want to quickly stop the services but not restart them until you are ready.

 

———————————snip below here and save to a .bat file—————————-

@ECHO OFF
REM ----------------CONNECT SERVICE AUTOMATIC CYCLING WITH KEYSTROKE---------------- 
REM
REM This batch file stops and starts the Adobe Connect and Flash Media Server Services
REM
REM
REM -----------------------------------------------------------------------
@ECHO ON
net stop ConnectPro
net stop CPTelephonyService
net stop FMSAdmin
net stop FMS /y
@ECHO OFF
@ECHO Press a key to START services
PAUSE
@ECHO ON
net start FMS
net start FMSAdmin
net start ConnectPro
net start CPTelephonyService
@ECHO OFF

———————————snip above this and save to a .bat file——————————

3.) Below is a cycler that stops the services on an Edge server and clears the cache before restarting.

MAKE SURE YOU CHECK THE EDGE SERVER DIRECTORY STRUCTURE ON YOUR MACHINE BEFORE USING THIS. YOU’LL HAVE TO CHANGE THE LOCATION TO MATCH YOUR OWN.

Additional Notes:

The Edge server will need a maintenance script to clear old cache and keep them fresh; run the following .bat file as a scheduled task on each Connect Edge server; feel free to edit this file to reduce or prolong the ping-induced delays. The key is to allow enough time between each command for services to stop and start. Different servers respond differently, some requiring more time and some less time. By stopping the services, it unlocks the cache for thorough deletion:

 

———————————snip below here and save to a .bat file—————————-

@ECHO OFF
REM ------CONNECT SERVICE AUTOMATIC CYCLING---------------
REM 
REM This batch file stops and starts Connect Edge Services and Clears the Cache
REM
REM ------------------------------------------------------------
@ECHO ON
net stop fmsadmin
ping 1.1.1.1 -n 1 -w 10000>nul
net stop fms
ping 1.1.1.1 -n 1 -w 200000>nul
del /Q /S c:\breeze\edgeserver\win32\cache\http\*.*
ping 1.1.1.1 -n 1 -w 10000>nul
net start fms
ping 1.1.1.1 -n 1 -w 10000>nul
net start fmsadmin
@ECHO OFF

———————————snip above this and save to a .bat file——————————

Using mode=xml to Debug or Obtain Additional Information in ACP

Posted on September 24, 2012 by Jim Johnson | Comments (0)

Introduction:

While navigating and performing tasks in the Adobe Connect Manager (all server versions), it is sometimes useful to further identify properties of the account, the item(s) you are viewing, the server you are currently connected to, the session, and any error messages you may be encountering.  Using an additional URL query string in the browser’s address bar, you can display additional XML data in the bottom of each browser page you visit in your active Adobe Connect Manager session.

Using mode=xml

A typical URL to an Adobe Connect login page would look like this (using Adobe Hosted as an example):

http://my.adobeconnect.com/

If you wish to also get the XML data displayed at the bottom of the page, you can append ‘?mode=xml‘ to the URL above and hit enter or go on your browser to navigate to that page.

(so the url would now be: http://my.connectURL.com?mode=xml)

The current page and each page after this (during this browser session) will have the XML data displayed in a nice debugging window in the bottom of the page (scroll all the way down after navigating to the page, to view).  You will notice now the ‘mode=xml’ will be present in each subsequent URL in the address bar during your session in the Adobe Connect Manager.  It will automatically get added to each query after this, in that session.

If you are already logged into Adobe Connect and are browsing around in the Adobe Connect Manager and wish to add the XML data at the bottom of an existing page, you can add ‘&mode=xml‘ (not the ‘&’ in place of the ‘?’) to the end of the URL you are currently on (and hit refresh in the browser to resend the query and obtain the debugging window at the bottom of the browser session).  This is because you would already have a ‘?’ present in the query string in the URL.  Everything parameter added after that initial query will have the ‘&’ preceding it.

So a an example would be if you were actively viewing the Home page in your Adobe Connect account at:

http://my.connectURL.com/admin/home/homepage?account-id=XXXXXXX&principal-id=XXXXX&showNotif=true

You would then add ‘&mode=xml‘ to the end so it would now appear as this:

http://my.connectURL.com/admin/home/homepage?account-id=XXXXXXX&principal-id=XXXXX&showNotif=true&mode=xml

Results

Some useful information returned from this XML output is:

  • status code: This will generally have an ‘ok’ value unless an error is encountered.
  • cookie: This is your current session value
  • host: This is the Adobe Connect URL (domain)
  • local host: This is the actual server name you are connected to
  • version: The Adobe Connect Server version
  • account-id: The account ID (only applicable to Hosted accounts as a Licensed/On Premise account is always = ’7′)
  • user information (user-id, name, login of the user currently connect to the Adobe Connect session)

…along with many other parameters and data for the current page/account you are connected to and viewing.

Use Cases

Debugging

  • When doing this, one thing you’ll recognize is that in Internet Explorer, Firefox, Chrome, Opera, and Safari (all the browsers I’ve tested) you will get the server name (Local Host value) in the Tab’s description of the page you are viewing.  This is very helpful in quickly testing (for example) an Adobe Connect cluster.  You may want to make sure all servers in the cluster are accepting requests for the web application piece of Adobe Connect.  You can append the ?mode=xml parameter to the URL, hit refresh on the browser, and see the actual server that is handling that request to the web application.  You can keep hitting refresh and see what servers you are on in subsequent requests.
  • While using an Adobe Connect cluster (whether it is a Licensed/On Premise deployment or an Adobe Connect Hosted account), you may want to see what local host you are on when making a request, so you can go back and look at server logs (or notify Adobe support with specific information regarding what server you were connected to).  For Licensed/On-Premise installations, it is very useful because if you run into an error or problem with a specific function of the Adobe Connect web application, you can identify what server you are on and that will help you pinpoint exactly what server in the cluster handled the request.  You can then go straight to that server to review the applicable server logs.
  • You can also obtain a little more information to an existing/visible error message that may be appearing in the UI.  Sometimes you may have a situation where you get a ‘Request Not Processed’ or other non-descript error message in the browser.  To get more information on what could be happening, you can get some additional logging by looking at the response and status in the XML results that get printed in that XML debugging window by adding the mode=xml parameter to the URL.

 

 

Using the Built-in Bulk Import Utility in ACP to Provision Audio Profiles

Posted on September 21, 2012 by Jim Johnson | Comments (0)

In order to create a user base programmatically in Adobe Connect and also provision audio profiles at the same time, we have an Audio Profile Import Utility built to run in Adobe Air here.  However, you can actually use the built-in Import functionality in the Administrators>Users and Groups area of Adobe Connect to do the exact same thing.  This is a ‘backdoor’ way of creating profiles.

 

Introduction: 

The bulk upload feature in Adobe Connect (Administration  > Users and Groups > Import) provides the functionality to create telephony profiles for a number of Connect users at the same time. This makes it extremely easy for a Connect administrator to provision telephony profiles for a large number of users via an already existing list (in CSV format).  This can be new users or existing users.

At present Connect provides a user-interface (My Profile-> My Audio Profile-> New Profile) where a user can create his telephony profile. But with this UI option only one user profile can be created at a time and this option would take a lot of effort if the administrator wants to create telephony profiles for many users. In this case, the build-in bulk import feature would be very useful.

 

Feature Spec/Work-Flow:

i.        In this feature, we are just extending the existing “import users” functionality. So the same CSV file which was being used for creating new users (via import users functionality), would be used to contain telephony profile information.

ii.       Administrator creates a CSV text file which contains information about new user and the associated telephony profile.  Administrator can choose either the adaptor-id or provider-id as parameter for creating telephony profile.  Code first tries to get provider-id field and if provider-id is not present in CSV header then code looks for adaptor-id field. We are supporting adaptor-id input option because getting adaptor-id would be convenient for Administrator (also adaptor-id would be less error-prone than provider-id). CSV file should look like as follow:

(CSV Format i: Using telephony adaptor-id as csv input)

first-name, last-name, login, email, password, adaptor-id, profile-name, telephony-field-1, telephony-field-2, telephony-field-3

Mulder,  Fox,  fox@company.com, fox@company.com, breeze, avaya-adaptor, Avaya-profile1, x-tel-avaya-conference-number=6001, x-tel-avaya-moderator-code=7777, x-tel-avaya-participant-code=777

Scully, Dana, dana@company.com, dana@company.com, breeze, avaya-adaptor, Avaya-profile2, x-tel-avaya-conference-number=6000, x-tel-avaya-moderator-code=9090, x-tel-avaya-participant-code=909

Skinner,  Walter,  walter@company.com, walter@company.com, breeze, avaya-adaptor, Avaya-profile2, x-tel-avaya-conference-number=6000, x-tel-avaya-moderator-code=1234, x-tel-avaya-participant-code=123

OR

(CSV Format ii: Using telephony provider-id as csv input)

first-name, last-name, login, email, password, provider-id, profile-name, telephony-field-1, telephony-field-2, telephony-field-3

Mulder,  Fox,  fox@company.com, fox@company.com, breeze, 11035, Avaya-profile1, x-tel-avaya-conference-number=6001, x-tel-avaya-moderator-code=7777, x-tel-avaya-participant-code=777

First line is the header which specifies different fields required for user-entry (new telephony fields are written in green). After the header-line, user information can be written in new lines. Number of fields in header and values in user’s entry should be exactly same.

In user’s entry telephony-field and value should be separated by “=” delimiter.

iii.          Number of telephony fields could be different for different adaptors, so one CSV file should have entries specific to only one adaptor. Above example contains Avaya adaptor specific fields( like “x-tel-avaya-conference-number”), similarly Premiere Adaptor can have different telephony fields. There is no restriction on number of telephony fields.

Note- How to get telephony profile information?:

Administrator can get the adaptor-id and provider-id using the “telephony-provider-list” api. Alternatively adaptor-id can be taken directly from telephony-setting.xml.

 Telephony fields of an adaptor can be found using “telephony-provider-field-list” api. Choose field-ids for those telephony-fields which are displayed in UI of (My Profile-> My Audio Profile-> New Profile).

iv.         Once CSV file is prepared, administrator can go to Administration->Users and Groups->Import. Select the import type as “Create New Users”.  Browse CSV file and click upload button. (Look at the snapshot attached in the bottom).

v.         After upload, Connect creates new users with telephony profiles.

vi.         We can also create new telephony profile for existing users. But we are not going to provide any extra radio button as such “Create profile for existing Users”. To create profiles for existing users, you use the fourth Import option, which is ‘Add Existing Users to a Group’.  This will allow you to take a csv of existing users, and create telephony profiles for them in bulk.  You need to add them to an existing group you would have already created (‘Imported Users’ for example).

vii.         Multiple Telephony Profile creation for a user: If we want to create multiple telephony profiles (of same adaptor) for a user, just provide same user’s entry in multiple lines with different telephony profile information.

viii.         As per error handling in the existing Connect code, if more than 10 errors are found in the CSV file then we stop the operation and don’t process next line. User gets an error message saying “The import operation exceeded the maximum number of errors and was aborted. All valid entries prior to the abort have been commited to the system. Invalid lines were found in the CSV import file. List of 10 invalid entries:…” . As we don’t process any entry after 10th error, we don’t know whether there would be some more error in the file. Once user corrects first 10 errors and uploads file again, we would show him next errors in files.

 

Technical Spec:

i.     We would use the existing code which is being used to create new users from CSV file.

ii     CSV file would be uploaded using “csv-import” api (PrincipalManager.java).

iii    Following fields are considered as telephony fields (which would be sent in telephony-profile-update api):

-        provider-id/adaptor-id

-        profile-name,

-        Fields with prefix: “telephony-field-“

iv.   If CSV file contains provider-id field then code directly uses it for calling telephony api. If provider-id is not given then code looks for adaptor-id and fetches provider-id for given adaptor-id.

v.     After parsing an entry (line), “principal-update” api would be called to create a new user. If user doesn’t exist then new user would be created else principal id of the existing user would be used for further operation.

vi.    Once we get the principal-id of new user, we would call “telephony-profile-update” api (TelephonyManager.java) with telephony map created in step iii.

vii.   After this telephony-profile-update api would create a profile for the user.

viii.  Error Handling: If any errors occur while parsing CSV file or calling any internal api, we add this entry(line) in an error-array. If the size of this array reaches max error limit of 10 then we stop the operation and don’t parse further entries.  Administrator would get the error message with a list of 10 invalid entries.

 

Assumptions/Limitations:

i.     One CSV file upload would require profile creation for only one Adaptor. To create profile for different adaptor, separate CSV file should be uploaded.

ii.    Existing telephony profile can’t be edited using this feature. Only new telephony profiles can be created.

iii.   As we are using “=” character as delimiter to identify telephony-filed name and value, the delimiter (=) shouldn’t be part of the telephony field’s name or value.

 

Troubleshooting:

i.      Make sure the number of fields in header and in the user-entry are exactly same.

ii.     Profile-name should be unique for a user. Make sure the user doesn’t have any existing telephony profile with same profile-name.

iii.    In user entry, telephony-field and value should be separated by single “=” delimiter.

iv.     No blank line in CSV file.

 

Screenshot below:

Applicable for Adobe Connect 7.5.x, 8.x and 9.x.

Adobe Connect SIP and NAT issues

Posted on August 30, 2012 by Mohit . | Comments (0)

PROBLEM:-  I have configured the SIP settings with a new SIP provider but the call is not getting established when dialing onto the audio conference bridge, Audio conference bridge provider claims that they have received your call.

REASON:- Your Adobe connect server/ Flash Media Gateway(FMG) is deployed behind NAT and its domain /IP is not routable on internet, When you dial into the audio bridge through SIP , SIP header carries the local/internal IP address of FMG/Connect server and remote SIP provider does not have any idea how to reach to the local/internal IP address.

SOLUTION :- There are two ways to fix this

1. Adding Global Address tag in sip.xml file.

Add/Replace the below tag on sip.xml file on profileID sipGateway

<globalAddress>your-connect-domain</globalAddress>

your-connect-domain could be a domain name , IP address which should be routable on internet.

Example

<Profile>
<profileID>sipGateway</profileID>
<globalAddress>your-connect-domain</globalAddress>
<userName>101</userName>
<password>101</password>
<displayName>sipGateway</displayName>
<registrarAddress>10.10.10.10</registrarAddress>
<doRegister>true</doRegister>
<defaulthost>10.10.10.10</defaulthost>
<hostPort>0</hostPort>
<context>sipGatewayContext</context>
<supportedCodecs>
<codecID>G711u</codecID>
<codecID>speex</codecID>
</supportedCodecs>
</Profile>

 

2. Deploy FMG on another server/box having a public domain/ IP access.

 

Generating the new SSL certificates for my Adobe Connect server.

Posted on August 30, 2012 by Mohit . | Comments (0)

ISSUE -: I want to purchase/deploy SSL certificates for my connect server.

SOLUTION -: This document is valid for software/hardware SSL configuration with Adobe connect server.

1. Download Openssl from here openssl

2. Follow the steps 2,3 and 4 from kbdoc http://blogs.adobe.com/connectsupport/generating-self-signed-certificates-for-adobe-connect/

3. Open command prompt and execute the command

cd C:\openssl\bin

openssl req -new -nodes -keyout myserver.key -out server.csr -newkey rsa:2048

This creates a two files on C:\openssl\bin

The file myserver.key contains a private key; do not disclose this file to anyone.

The file server.csr is Certificate Signing Request (CSR).

You will now be asked to enter details to be entered into your CSR.
What you are about to enter is what is called a Distinguished Name or a DN.

For some fields there will be a default value, If you enter ‘.’, the field will be left blank.

—–
Country Name (2 letter code) [US]: US
State or Province Name (full name) []: Texas
Locality Name (eg, city) []: Houston
Organization Name (eg, company) []: Your Company
Organizational Unit Name (eg, section) []: Your Department
Common Name (eg, YOUR name) []: my.connect.server.com
Email Address []:

Please enter the following ‘extra’ attributes to be sent with your certificate request

A challenge password []:
An optional company name []:
—–

Use the name of the connect server domain name as Common Name (CN).

The fields optional company name and challenge password can be left blank

Your CSR would now have been created on C:\openssl\bin . Open the server.csr in a text editor and copy and paste the contents into the trusted Certificates Issuing Authority (CIA) ( like verisign , thawte) enrollment form where you are requesting the SSL certificates to be generated.

Once the SSL certificates has been published via CIA  you can use it as SSL certificate file along with the key file myserver.key generated on step 3

Adobe Connect Stunnel prompting for passphrase when server/services restarts

Posted on August 30, 2012 by Mohit . | Comments (0)

PROBLEM -: Whenever the connect server is restarted , I cannot open the login page/meeting room stuck on connecting bar.

I have migrated/installed the SSL configuration to stunnel , When i start stunnel service , it prompts for passphrase

SOLUTION -: It looks like the key file has the passphrase and it needs to be removed.

1. Make sure that the S-Tunnel executable has been installed as a windows service and is set to automatic.

You can install the stunnel as windows service as per the steps below

Open command prompt and change the current prompt to stunnel directory as - cd C:\Breeze\x.x.x.x\stunnel

stunnel.exe -install

2. If you have a passphrase on your SSL certificates , Remove it using openssl command

You can download openssl from here openssl

To install openssl , follow the steps 2,3 and 4 from kbdoc http://blogs.adobe.com/connectsupport/generating-self-signed-certificates-for-adobe-connect/

3. Open Command Prompt and execute the command

cd C:\openssl\bin

openssl rsa -in certificate.key.current -out server.key.new

4 . The above command looks for certificate.key ( exsisting SSL key file) , removes the passphrase and generates the new key file server.key.new

5. Copy the server.key.new file , rename it according to the existing key file name convention under stunnel folder.

6. Restart the stunnel service to verify that the key file does not prompts for passphrase.

 

Generating Self signed certificates for Adobe Connect

Posted on August 30, 2012 by Mohit . | Comments (2)

PROBLEM -: I want to generate self signed certificates for our internal testing purpose. I need to apply SSL certificates on my connect server

SOLUTION :-

Please note that Adobe does not supports self signed certificates on production enviroment.

This is for internal testing purpose.

1. Download OpenSSL , You can download it from here openssl

2.Extract it on C:\

3. Windows 7/vista users might have to gain/allow the administrative rights prompt to extract/copy the files on C:\ , Alternate is to copy the openssl.zip file on any other location , unzip it and copy the extracted openssl folder on C:\

4. Make sure that the openssl.exe is located on C:\openssl\bin folder

5. Open command prompt and execute the command

cd C:\openssl\bin

openssl.exe req -x509 -nodes -days 365 -newkey rsa:2048 -keyout meeting-domain.com.key -out meeting-domain.com.crt

Provide the following information while generating the certificate files

Country Name

State/Province Name

Locality Name

Organization Name

Organization Unit Name

Common Name 

EMail Address

 

I have attached a screenshot for reference , Make sure that you provide the exact domain name of your connect server on common name information as highlighted in screenshot as well as in above step

 

When the process is completed , This would generate two files on C:\openssl\bin named as -:

meeting-domain.com.crt      –> Certificate file.

meeting-domain.com.key    –> Key file.

 

These two files (Certificate and key file)  are self signed SSL certificates and can be used to secure either the meeting connection or application server having the domain name my.connect.server.domain.com  as per the screenshot or as per the common name provided by you.

You can follow the SSL KB Doc to configure the SSL certificate/key file on your Adobe connect server

 

Adobe Connect SMTP timeout

Posted on August 30, 2012 by Mohit . | Comments (0)

PROBLEM -: E-mail sending completely stops and fails with the following  lines on debug.log :

[07-24 10:30:36] sche (INFO) Scheduler Sending Email
[07-24 10:30:36] sche (ERROR) Scheduler Aborting email action 56620 because SMTP is not configured.
[07-24 10:30:36] sche (INFO) Scheduler Sending Email
[07-24 10:30:36] sche (ERROR) Scheduler Aborting email action 66955 because SMTP is not configured

As a wokaround to  fix the issues you simply log into the server console , go into the section, and click save again to have emails start working again but after somedays the issue resurfaces

SOLUTION -:

1. Check the custom.ini file has the following parameter -:

SMTP_HOST=your-smtp-server-domain

Replace your-smtp-server-domain with the domain name/IP of your smtp server.

2. Add the following additional lines on custom.ini

SMTP_CONN_TIMEOUT=110000
SMTP_IO_TIMEOUT=110000

3. Restart the connect services to apply the changes

Conference IVR does not accepts the conference codes.

Posted on August 30, 2012 by Mohit . | Comments (1)

PROBLEM -: I have enabled Universal voice feature on my Adobe connect server , when i dial into the audio conference bridge (using test dial-in steps), pass the audio conference code , the IVR prompt doesnt realize the conference codes and prompts to re-enter the conference code.

When i dial the same conference bridge using my base phone/mobile and pass the audio conference code , IVR accepts it.

SOLUTION -: Try to replace the SIP gateway/provider/vendor with another vendor which supports DTMF mode RFC 2833.

When you pass the conference code Adobe connect FMG (Flash Media Gateway) sends out DTMF tones to the the remote SIP gateway.

Adobe connect supports only RFC 2833 standard mode of DTMF communication. It seems that the remote SIP provider is not supporting this mode and the conference code send out as DTMF tones by FMG to the audio conference bridge is failing due to non supportive DTMF media (RFC 2833 standards) by the SIP gateway/provider.