| Executive Summary: |
Microsoft Groove Server 2007 includes features and components that support online collaboration, including the ability to share and update workspace tools and documents client-to-client in real time, access to and synchronization of Microsoft Office SharePoint Server 2007 files, communications through IM and discussion forums, and the capacity to reach team members outside the organization and behind firewalls. Server backup and relay services are available when team members go offline, and you can bring all the necessary components inhouse to manage Groove Server 2007 yourself or have Microsoft host Groove Server for you.
| New Office and SharePoint Community! |
Want to connect with other IT pros who are interested in Microsoft Office applications? Go to Windows IT Pro’s new Office and SharePoint site, www.officesharepointpro.com (formerly MSD2D.com).
Individuals in business environments are finding they need tools that provide capabilities beyond email to let them collaborate efficiently with associates, customers, and business partners. Microsoft Office Groove Server 2007 is one such tool available to Windows users. Groove 2007 is unique among other Microsoft collaboration products, such as Microsoft Office Communications Server 2007 and Microsoft Office SharePoint Server 2007, because it supports both presence and non-presence collaboration. Groove lets you access a predefined, customized workspace that includes discussion forums, IM with Microsoft Office Communicator 2007 or 2005 file collaboration, synchronization with SharePoint, and international language support. Let’s look at the different components and protocols of Groove 2007 and ways you can implement it for your users, focusing on inhouse Groove servers that administrators can install and maintain. I’ll also explain some of the technical requirements and configuration considerations of Groove 2007 and help you determine whether your environment is best suited to having onsite Groove servers or using Microsoft’s managed Groove service.
As Paul Robichaux explains in his introduction to Groove 2007 (see “Groove 2007,” June 2007, InstantDoc ID 95793), the product is a workgroup collaboration tool that lets you create a virtual office and perform tasks such as sharing files, managing meetings and projects, and tracking data and processes, although team members might be in different places. Groove 2007 includes both client and server components. The client tool lets teams create workspaces that go where they go, placing all team members and the tools they need in one virtual location. A user creates a workspace, as Figure 1 shows, then invites team members to join the space.
When a Groove workspace is created and other members accept the invitation to join, the entire workspace and all data associated with it are stored on each member’s system. The admin doesn’t need to worry about encrypting data on the network side because the client encrypts the data. However, the Groove server keeps each team member’s data (as well as the workspace, tools, and other elements) in sync even if they work for a different organization or work remotely. If a member of the group is away for a while, then reconnects to the Groove Server Relay component (more about this and other Groove components shortly), the client retrieves the updates to the team member’s workspace and files. The Groove server also solves the problem of data conflict (i.e., when two members of a team edit the same information in the workspace at the same time).
Groove Server Components
Three main components comprise Groove Server 2007: Groove Server Manager, Groove Server Relay, and Groove Server Data Bridge. Together they allow you to build, manage, and optimize your Groove environment.
Groove Manager. The Manager component contains the Web-based interface used to manage all user accounts, policy settings, reports, and other aspects of Groove Server deployment. It integrates with Active Directory (AD) or any other LDAP solution, so that when you add members to your Groove workspace, they’re automatically synchronized with AD (and vice versa). You can control which tools are available to specific users and set security levels. Typically, an administrator can’t view the data passed between workspace members. In Groove, communications between users are encrypted. However, if you want to audit workspaces, you can do so by using Groove Manager’s integrated Audit Service, an optional feature that collects workspace events into an audit log and decrypts and stores them in a Microsoft SQL Server database.
Groove Relay. The Relay component supports “anywhere” communications among Groove 2007 clients. For example, Relay acts as a proxy to enable communication with users behind a firewall and supports communication with users in differing subnets. The Relay component also supports offline users by temporarily storing all changes made in the workspace. When a client is back online and reconnects to the Groove server, the client syncs by retrieving workspace changes from Relay. You can design your Groove environment to assign specific servers with Relay to certain users (based upon location and network bandwidth). The benefit of this capability becomes obvious if you’re working with users who extensively use Groove to collaborate because you can place certain Relay servers physically closer to those users. You can also structure multiple servers with Relay per user to allow for failover when you design your deployments.
Groove Data Bridge. This optional component provides for a bidirectional connection path between data sources such as customer relationship management (CRM) systems, enterprise resource planning (ERP) systems, or other forms of enterprise data from back-end data stores (such as Microsoft Office SharePoint Server 2007 or SQL Server databases) and clients’ Groove workspaces. Essentially, Data Bridge extends the functionality of Groove by letting Groove users access data in enterprise applications.
Through Data Bridge, a Groove identity, GDB, is created (which appears to users as another user invited to workspaces and seen in the member list). The GDB identity runs a synchronization application with back-end databases so that users can access that information through the Groove workspace connected to the GDB identity. The identity performs these functions through Web services calls from external programs to perform the connection tasks.
Groove clients use particular protocols to access Groove servers. You need to know these protocols and the underlying ports that must be made available through your network to configure Groove to work on your network. The Groove 2007 Planning and Deployment Guide (tinyurl.com/378vqn) lists all the different protocols used within a Groove infrastructure. As Figure 2 shows, two of the more important protocols are these:
- Simple Symmetric Transmission Protocol (SSTP): This is the key protocol for communication between Groove clients or a client and a server. SSTP uses TCP port 2492 by default. If the client attempts to communicate with a system and that port is blocked, a relay server can use port 443, or SSTP can be encapsulated within HTTP through port 80 (keeping in mind that doing so will slow the process because of the overhead involved in encapsulation).
- Simple Object Access Protocol (SOAP) over HTTP: SOAP requests over HTTP are made by clients to Groove Manager to access the administrator site. The Manager will also use SOAP to communicate with Groove Relay.
For example, Groove Manager allows SOAP requests from clients (and the Data Bridge component) inbound through port 80. Groove Manager communicates with the Groove Relay component through outbound ports 8009. Manager might also use SMTP through port 25 to send emails to clients or LDAP protocol port 389 for communicating with an LDAP directory (or AD, which is an LDAP directory).
Groove Relay would logically require inbound ports 80, 443, and 2492 because clients could send messages through any of these ports and protocols. The Relay component should also be configured to allow inbound 8009 for Groove Manager contact and inbound 8010 for the administration site. Additionally, you should configure port 2492 for outbound connections to handle a technique to distribute larger files between clients called fanning, which uses Groove Relay to ensure greater bandwidth connectivity.
The fanning (or fanout) process attempts to provide more efficient replication from client to server, especially in scenarios where bandwidth is low between the client and server. When a user posts a large file (e.g., 5MB) to the workspace, the client will consider the file size, connection speed, and number of people within the workspace who will eventually receive a copy of this file. The client will then determine whether the file should be sent peer-to-peer or through a fanout. In the case of a fanout, the file will be sent to the Relay server and the clients will all receive their files when they come online and sync with the Relay server.
Groove Data Bridge is the easiest component to configure protocols for. Data Bridge requires only SOAP over port 80 to connect with Groove Manager and SOAP over 9080 to receive XML calls from external applications.
Groove Server Prerequisites
If you want to deploy Groove Server inhouse, you’ll need to be prepared for the product’s rather steep hardware and memory requirements. To take full advantage of Groove 2007 features, you’ll need a server with a 64-bit processor (supporting either the AMD64 or Intel EM64T instruction set) running Windows Server 2003 SP1 x64 Edition. (A 32-bit version of Groove Server 2007 is available.) Depending on the Groove Server components you install, additional requirements will vary.
Groove Manager requires Microsoft SQL Server 2000 or later. Microsoft IIS will also need to be installed (for your administration site), and you’ll need to enable Microsoft .NET Framework 2.0 with ASP.NET within IIS. IIS and SQL Server require 2GB of RAM for Manager installation and about 150GB of disk space.
If you’re running Groove Relay, you’ll need a minimum of 4GB of RAM (Microsoft recommends 8GB). Hard-drive space should be 250GB to 350GB, configured with RAID5 or RAID10. Basically, the more clients that connect, the more RAM and hard-disk space you’ll need. And if you’re using Groove Data Bridge, you’ll need 3GB of RAM with plenty of hard-disk space.
A common question people ask before deploying Groove Server is “which component do I install first?” The misconception is that you should install Manager first, but Microsoft recommends that you start by installing the Relay components, then installing the Manager component. Configure Groove Relay within your perimeter network infrastructure before deploying Manager. If you plan to install Manager components with the Audit Service feature enabled, you must first install one Groove Manager component without Audit Service, then install another Groove Manager component with Audit Service enabled.
If you need back-end connectivity to external applications, you can then install a Data Bridge. The biggest pain in the configuration process will come from linking your Data Bridge to the back-end system, such as a SQL Server or SharePoint server. (For tips on working with a Groove Data Bridge, check out postings from the Groove Advisor at blogs.technet.com/groove.)
Once your Groove Server infrastructure is in place, you then install the Groove clients. The current version of Groove doesn’t work with AD. Therefore, you’ll need to manually set up user profiles on the client and associate them with the profiles on the Groove server. I’m hopeful that Microsoft will remedy this significant drawback in the next release as well as let you use Group Policy to better control Groove clients.
Groove Server 2007 has many benefits for companies of all sizes. With national and international partnerships and online collaboration commonplace, being able to put together teams in multiple time zones can increase productivity and reduce the time required to complete projects. Groove’s client synchronization and its ability to store and retrieve workspaces put it in the forefront of tools necessary for a mobile workforce.