Deployment Topology Options¶
PowerShell Proxy Server Domain Membership¶
PowerShell Proxy servers may be joined to an Active Directory domain. If you are using VOSS-4-UC to manage or extract data from any on-premises component, such as Skype for Business Server, on-premises Active Directory, or on-premises Exchange Server, then domain membership is required. In all other cases domain membership is optional.
Redundancy¶
You can deploy two or more PowerShell Proxy servers to provide redundancy. This configuration requires a load balancer (not provided by VOSS) between VOSS-4-UC and the PowerShell Proxy servers. If you choose this topology option, be aware of the following load balancer configuration requirements:
- The load balancer must forward incoming HTTP and HTTPS requests on TCP ports 5985 and 5986.
- The load balancer must be configured in “IP Affinity” mode, such that all incoming requests from a specific IP address are preferentially routed to the same PowerShell Proxy. This is done to maintain the integrity of HTTP sessions that can consist of multiple HTTP requests.
When VOSS-4-UC is deployed as a multi-node cluster and the load balancer is configured in “IP Affinity” mode, each Unified Node will have all its requests routed to the same PowerShell Proxy. A properly configured load balancer will distribute the overall load from all the Unified Nodes across the deployed PowerShell Proxy servers. When a PowerShell Proxy goes out of service the load balancer will route incoming traffic to the surviving servers, bypassing the failed one.
Outbound Internet Proxy¶
Some organizations require all traffic outbound to the public Internet - including traffic to Microsoft 365 tenants - to traverse an outbound Internet proxy server for audit logging and, optionally, authentication. This document describes the configuration in VOSS-4-UC and on the PowerShell Proxy server(s) that are required to support this topology option.
