we told you about Zextras Team - a solution that allows you to add the functionality of corporate text and video chats to the Zimbra Collaboration Suite Open-Source Edition, as well as the ability to conduct video conferences with a large number of participants, without the need for third-party services and without transferring any data to the side. This use case is ideal for companies that have a well-defined security perimeter in the form of an internal network and can ensure their information security by protecting this perimeter. However, the internal network of the enterprise is not always something simple and understandable. Often in one large network there are a huge number of different subnets, many of which, if we are talking about geographically remote branches and offices, are connected via VPN. The complex structure of the internal network can interfere with the correct operation of video chats and video conferences in the Zextras Team, and now we will tell you about what can be done to ensure that everything works correctly and without failures.
Installing Zextras Team is as simple as possible. After installing Zextras Suite Pro, it is enough to activate the zimlet com_zextras_Team from the administrator console, after which the corresponding functionality will appear for all Zimbra OSE users in the enterprise. After that, the system administrator can restrict the functionality of the Zextras Team both for different user groups and for individual accounts. This is done using the following commands:
- zxsuite config teamChatEnabled false
- zxsuite config historyEnabled false
- zxsuite config videoChatEnabled
The first command allows you to disable a number of features related to text chat for various groups or individual users. The second command allows you to disable the saving of chat history. This action can be performed for all users, for users of a specific server, as well as for various groups or individual users. The third command allows you to disable features related to video chats. This feature can be disabled globally, on an individual server, as well as for a group of users or for a specific account.
After all the necessary restrictions have been introduced, the administrator can only make sure that the video communication in the enterprise works properly. Since the Zextras Team is based on peer-to-peer WebRTC technology, two things are critical for its operation: ease of establishing a connection and sufficient channel bandwidth. And if the administrator does not have to worry about the channel width and signal quality in the internal network, then the complex network architecture can prevent the establishment of a connection between employees of the enterprise.
In order to avoid problems when establishing a connection between clients, the developers of the Zextras Team included support for TURN servers in the solution, which help establish a connection between users in any, even the most extensive internal networks. In order to do this, it is necessary to add a node with TURN on board that is visible to other domains to the internal network of the enterprise.
For the purposes of this example, suppose the corresponding host on the corporate network is called turn.company.ru. We need to ensure that when trying to create a video chat, the Zextras Team accesses the TURN server with the user's authentication data and, if everything is fine, establishes a connection like a WebSocket and allows users to communicate normally with each other.
In order to connect the TURN server to the Zextras Team, we will enter a console command of the form zxsuite Team iceServer add turn:turn.company.ru:3478?transport=udp credential password username admin cos default. In the case of this command, we added a new TURN server to the Zextras Team list, indicating its network address and administrator account information, and also allocated it for use by the default user group. By the same principle, you can add several TURN servers at once so that users from different groups use different servers to connect.
In addition to adding new TURN servers, you can remove them from the list of added ones using the command zxsuite Team iceServer remove turn.company.ru, as well as view the list of added servers using the command zxsuite Team iceServer get. Note that it is not required to create the same users on the TURN server as in Zimbra OSE. For comfortable work on the TURN server, you only need an administrator account.
Thus, after adding a TURN server to the local network and a little setup, the connection between Zextras Team users will be established fairly quickly regardless of the network structure, and the width of the internal network channel should provide a consistently good image both during private video chats and during videoconferencing.
For all questions related to Zextras Suite, you can contact the Representative of Zextras Ekaterina Triandafilidi by e-mail [email protected]
Source: habr.com