Wednesday, June 6, 2012

Sametime 8.5.1 client - beware!!

Ok, so I consider it my duty to report that the ST client V8.5.1 has some issues.... Especially when you're implementing Audio/Video services and you want to limit those services to a small population of users....which is what we are trying to do currently.... So, the majority of users in our 100k environment have the 8.5.1 client. These users can actually only use AV services if they are on the VPN but regardless of that, they must register with the AV proxyRegistrar even if our policy dictates they don't even have AV services! This is because the 8.5.1 client tries to login to the proxyRegistrar server before it even looks at the policy.... Which means if you have 38k users logging in and only 40 of them have AV enabled through policy, then you have 38k proxy registrar logins (with the corresponding 38k LDAP hits)..... This situation is a big problem and is only really solved by upgrading the client to 8.5.2+, which is no trivial thing in a large environment. Recommendations to alleviate the problem: turn SIP security off so the PR registration doesn't have to do an additional authentication... It will still do a lookup on the user to make sure they exis but won't try and authenticate. There are some other recommendations to increase the LDAP cache which I can point you at if you contact me at