just wanted to share my deployment/usage/config of kerio offline connect on a terminal server environment.
After all, I had some things set up the wrong way (and had to recover some mails because of it).
Btw. this thing is written for ppl who actually know what a ts etc. is - nothing for newbies.
When you wanna use it, TRY it first before you roll out!
- Backup your mailserver and the user mails
- Turn on the archive function in kerio
- Backup your TS/RDS or at least snapshot it
2. Our Network Map (just the important parts, every server runs virtual per hyperv)
- Server 2012 as AD/DC with Kerio Connect
- 2x Server 2008 R2 as RDS/TS (no load balance/gateway, we just have two locations with different needs)
- Kerio is connected to our AD
- Kerio Connect 8.2.1
- Outlook 2010
3. Hardware suggestions
- Get an SSD (you don't need a raid) with enough storage for the user cache files
- User connects to a TS, GPO-Policy runs in Backround with loopback
- When the user connects, a Batch/CMD gets executed, see in the attachment of the post (under "Userconfig" not "Computerconfig"
5. What it does/how I configured it (some lines from the script, you have to change it to match your network)
If exist \\YOURSERVER\YOURDATASHARE\ANYPATHYOULIKE\%USERNAME%.TXT goto ENDE
Check if the user already executed the batch file in the past
REG DELETE "HKCU\Software\Kerio\Outlook Connector (Offline Edition)" /f
REG DELETE "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles" /f
REG ADD "HKCU\Software\Kerio\Outlook Connector (Offline Edition)" /v "Cache Root Path" /t REG_SZ /d "d:\keriocache\%username%" /f
Delete the REG Keys for kerio and all Profiles from outlook/windows (had some issues there with multiple profiles), then set the kerio cache folder in the registy per user name.
I pointed the cache files to a SSD without any kind of raid behind - if it dies > nothing to serious, kerio just needs to sync new.
I tried it before on our raid 10, but with 20 users the cache stressed the raid more then it should. When we changed to the SSD, all went better and it was a lot faster.
echo START %USERNAME% %datum% %time% >> \\YOURSERVER\YOURDATASHARE\ANYPATHYOULIKE\%USERNAME%.TXT
Set some variables, then write those to a txt files with the username in the folder checked first in the batch.
ECHO Configuring Outlook profile for Kerio Outlook Connector...
ECHO Please wait ...
SET _PROFILE_CREATOR=ProfileCreator.exe /profile=Kerio /host=YOURSERVER /port=443 /spa /rename /offline
Copied the kerio auto connect batch in to the file, changed it a bit here and there (removed two "pause")
echo OL-Start %USERNAME% %datum% %time% >> \\YOURSERVER\YOURDATASHARE\ANYPATHYOULIKE\%USERNAME%.TXT
ping -n 100 -w 3000 127.0.0.1 >NUL 2>&1
REG ADD "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Kerio\9375CFF0413111d3B88A00104B2A6676\00 000001 " /v "New Signature" /t REG_BINARY /d 73006300680075006500620065006c0031000000 /f
REG ADD "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Kerio\9375CFF0413111d3B88A00104B2A6676\00 000001 " /v "Reply-Forward Signature" /t REG_BINARY /d 73006300680075006500620065006c0032000000 /f
echo OL Fertig %USERNAME% %datum% %time% >> \\YOURSERVER\YOURDATASHARE\ANYPATHYOULIKE\%USERNAME%.TXT
The end of the file - here it starts outlook again, if that didn't work out before (had that case sometimes), writes the time to the txt file with the start and waits a bit with ping.
After that it writes the signature for outlook into the registry (if you deploy it for all users and wanna set it per default in the reg, here you go. We use outlook signature for that).
And then it writes the time into the txt again when finished.
Important - tell the users they need to wait until outlook opens when they connect to the server the first time!
Hope this helps you guys a bit
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of