Documente Academic
Documente Profesional
Documente Cultură
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this
URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the
document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
Deployment Guide for Cisco Unified Presence Release 8.6
2012 Cisco Systems, Inc. All rights reserved.
CONTENTS
CHAPTER
1-1
1-4
Module Overview
IM Compliancy
Cisco Integrations
1-5
1-8
1-8
Third-Party Integrations
1-8
1-9
CHAPTER
CHAPTER
1-1
1-9
2-1
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified
Presence 3-1
User and Device Configuration on Cisco Unified Communications Manager
Configuring the Presence Service Parameter
3-1
3-3
How to Configure the SIP Trunk on Cisco Unified Communications Manager 3-3
Configuring the SIP Trunk Security Profile for Cisco Unified Presence 3-4
Configuring the SIP Trunk for Cisco Unified Presence 3-4
Verifying that the Required Services are Running on Cisco Unified Communications Manager
CHAPTER
3-6
4-1
4-1
Contents
4-8
4-10
4-10
CHAPTER
4-13
5-2
5-4
5-1
5-1
CHAPTER
4-7
6-1
6-1
4-4
Contents
6-2
6-2
6-3
6-23
6-28
Contents
6-34
6-35
6-38
6-42
6-47
How to Configure the Instant Messaging Settings on Cisco Unified Presence 6-51
Turning On or Off Instant Messaging for a Cisco Unified Presence Cluster 6-51
Turning On or Off Offline Instant Messaging 6-52
Allowing Clients to Log Instant Message History 6-53
Configuring the SIP Publish Trunk on Cisco Unified Presence
Configuring the Proxy Server Settings
6-54
CHAPTER
7-3
6-54
6-55
6-53
Contents
CHAPTER
8-1
8-1
8-2
How to Configure the Certificate Exchange Between Cisco Unified Presence and Cisco Unified
Communications Manager 8-3
Prerequisites for Configuring Security 8-3
Importing the Cisco Unified Communications Manager Certificate to Cisco Unified Presence 8-3
Restarting the SIP Proxy Service 8-4
Downloading the Certificate from Cisco Unified Presence 8-4
Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager 8-5
Contents
8-5
How to Configure the SIP Security Settings on Cisco Unified Presence 8-6
Configuring a TLS Peer Subject 8-6
Configuring a TLS Context 8-6
Configuring the SIP Proxy-to-Proxy Intracluster Protocol Type 8-7
How to Configure the XMPP Security Settings on Cisco Unified Presence
XMPP Security Modes 8-8
Configuring the XMPP Certificate Settings 8-9
Configuring FIPS 140-2 Mode 8-9
Overview of FIPS 140-2 8-9
Rebooting a Server in FIPS 140-2 Mode
Regeneration of Certificates 8-10
CHAPTER
8-8
8-10
9-1
9-2
Configuring a Secure Connection between Cisco Unified Presence and XMPP Clients
Turning On Cisco Unified Presence Services to Support XMPP Clients
CHAPTER
10
10-1
9-4
10-3
9-3
Contents
10-11
CHAPTER
11
11-1
11-1
11-1
CHAPTER
12
12-3
12-1
12-7
12-8
12-8
12-8
(Cisco Unified Personal Communicator Release 8.x) About Configuring XCP Services for Cisco Unified
Personal Communicator 12-9
(Cisco Unified Personal Communicator Release 8.x) Required XCP Services 12-9
(Cisco Unified Personal Communicator Release 8.x) Optional XCP Services 12-9
Contents
12-10
12-20
How to Configure Cisco Unified Personal Communicator on Cisco Unified Presence 12-21
Configuring the Proxy Listener and TFTP Addresses 12-21
(Cisco Unified Personal Communicator Release 8.x) Configuring Settings 12-22
(Cisco Unified Personal Communicator Release 7.1) Configuring the Service Parameters 12-24
(Cisco Unified Personal Communicator Release 7.1) Configuring a Secure Connection Between Cisco
Unified Presence and Cisco Unified Personal Communicator 12-25
About Configuring CTI Gateway Settings for Desk Phone Control on Cisco Unified Presence 12-26
Desk Phone Control and the CTI Connection Failures 12-26
(Cisco Unified Personal Communicator Release 7.x) Desk Phone Control and LDAP TelephoneNumber
Field 12-27
How to Configure CTI Gateway Settings for Desk Phone Control on Cisco Unified Presence
Configuring CTI Gateway Server Names and Addresses 12-28
Creating CTI Gateway Profiles 12-29
10
12-28
Contents
CHAPTER
13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal
Communicator 13-1
About Secure Voicemail Messaging 13-2
Secure Voicemail Messaging on Cisco Unity Connection
Secure Voicemail Messaging on Cisco Unity 13-2
Secure Voicemail Messaging Configuration 13-3
13-2
How to Configure Voicemail Servers for Cisco Unified Personal Communicator 13-4
Configuring Cisco Unity Connection Servers 13-4
Configuring Cisco Unity Servers 13-6
Configuring Voicemail Server Names and Addresses on Cisco Unified Presence 13-9
Configuring Mailstore Server Names and Addresses on Cisco Unified Presence 13-9
Creating Voicemail Profiles on Cisco Unified Presence 13-11
How to Configure Conferencing Servers for Cisco Unified Personal Communicator 13-12
About the Conferencing Servers for Cisco Unified Personal Communicator 13-13
(Cisco Unified Personal Communicator Release 7.1) Configuring Cisco Unified MeetingPlace Express
and Cisco Unified MeetingPlace Express VT Servers 13-13
Configuring Cisco Unified MeetingPlace Servers 13-16
(Cisco Unified Personal Communicator Release 8.x) Configuring the Cisco Unified MeetingPlace Web
Server 13-18
Adding Custom Cisco Unified MeetingPlace Template Files to a Cisco Unified MeetingPlace7.x Web
Server 13-18
(Cisco Unified Personal Communicator Release 8.5) Configuring Cisco Webex Servers 13-19
Configuring Single Sign-on for Cisco Webex and Cisco Unified MeetingPlace 13-19
Configuring Conferencing Server Names and Addresses on Cisco Unified Presence 13-19
Creating Conferencing Profiles on Cisco Unified Presence 13-21
(Cisco Unified Personal Communicator Release 8.x) Creating Audio Profiles on Cisco Unified
Presence 13-23
Configuring CCMCIP Profiles for Cisco Unified Personal Communicator Release 8.x
About Configuring Third-Party Clients on Cisco Unified Presence
13-24
13-26
11
Contents
(Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal Communicator as
a Desktop Agent 13-26
About Running Cisco Unified Personal Communicator as a Desktop Agent 13-26
Before You Start Cisco Unified Personal Communicator as a Desktop Agent 13-27
Starting Cisco Unified Personal Communicator as a Desktop Agent 13-28
Stopping Cisco Unified Personal Communicator as a Desktop Agent 13-28
(Cisco Unified Personal Communicator Release 8.5) Distributing HTML Files for Display in the
Cisco Unified Personal Communicator Window 13-29
About Migrating Users from Cisco Unified Personal Communicator Release 7.x to Cisco Unified Personal
Communicator Release 8.x 13-30
How to Update User Configuration After Deploying Cisco Unified Personal Communicator 13-30
Application Profiles 13-30
Changing Application Profiles for a Single User 13-31
Changing Application Profiles for Multiple Users 13-31
Configuring a New User for Full Cisco Unified Personal Communicator Functionality 13-32
CHAPTER
14
14-1
14-1
14-6
14-11
14-12
12
14-12
Contents
14-13
14-15
Troubleshooting 14-18
Cisco Unified Personal Communicator Fails to Start or Starts with a Black Background with No Visible
Controls 14-18
Limitations Creating Group Chats 14-19
Cannot Place or Receive Calls After a Secure Profile is Enabled 14-19
Error Connecting to the CSF Device 14-19
CHAPTER
15
15-1
15-1
15-2
How to Integrate the LDAP Directory with Cisco Unified Communications Manager 15-2
Secure Connection Between Cisco Unified Communications Manager and the LDAP Directory 15-3
Configuring the LDAP Synchronization for User Provisioning 15-3
Uploading LDAP Authentication Server Certificates 15-4
Configuring LDAP Authentication 15-5
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory 15-6
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator 15-6
Rules for a Displayed Contact Name 15-7
(Cisco Unified Personal Communicator Release 8.0) Fetch Contact Pictures from a Web Server 15-7
Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator 15-8
Configuring LDAP Server Names and Addresses for Cisco Unified Personal Communicator 15-10
Creating LDAP Profiles and Adding Cisco Unified Personal Communicator Users to the Profile 15-11
How to Integrate the LDAP Directory for Contact Searches on XMPP Clients 15-13
LDAP Account Lock Issue 15-14
Configuring LDAP Server Names and Addresses for XMPP Clients 15-14
Configuring the LDAP Search Settings for XMPP Clients 15-15
Turning On The Cisco UP XCP Directory Service 15-17
CHAPTER
16
16-1
16-4
Deployment Guide for Cisco Unified Presence Release 8.6
13
Contents
16-7
CHAPTER
17
17-1
17-2
Specifying How Cisco Unified Client Services Framework Integrates with Active Directory
Mapping Keys Required for Basic and Enhanced Directory Integration
17-3
17-4
17-5
17-7
14
Contents
CHAPTER
18
18-1
18-2
18-2
18-2
18-2
18-3
18-3
18-4
APPENDIX
19
19-1
APPENDIX
19-3
19-5
APPENDIX
19-1
A-1
B-1
A-1
B-1
B-3
B-4
Deployment Guide for Cisco Unified Presence Release 8.6
15
Contents
4 GB Active/Active Profile
4 GB Active/Standby Profile
B-4
B-5
B-6
APPENDIX
Glossary of Terms
C-1
16
CH A P T E R
Main Components
Figure 1-1 provides an overview of a Cisco Unified Presence deployment, including the main
components and interfaces between Cisco Unified Communications Manager and Cisco Unified
Presence. and between Cisco Unified Presence and third-party products.
1-1
Chapter 1
Figure 1-1
Cisco UC Client
CUMC
CUCM
End User Identity
Third - party
XMPP Client
Phone state
XMPP Federation
- IBM Sametime
- WebEx
- Googletalk
Device data
Licensing
Location Appliance
HTTP
SOAP
SIP Federation
- Microsoft OCS
XM
SI PP
P ,
,
PP AP
XM /SO
P
SI
Web Applications
SIP, AXL,
Data Sync
Compliance
XDB
Record Retention
Storage
Vendors
ODBC
External IM Archive
Federation
RCC
MS Exchange
Calendaring
207482
CUMA
SIP Interface
A SIP connection handles the presence information exchange between Cisco Unified Communications
Manager and Cisco Unified Presence. To enable the SIP connection on Cisco Unified Communications
Manager, you must configure a SIP trunk pointing to the Cisco Unified Presence server.
On Cisco Unified Presence, configuring Cisco Unified Communications Manager as a Presence Gateway
will allow Cisco Unified Presence to send SIP subscribe messages to Cisco Unified Communications
Manager over the SIP trunk.
Note
Cisco Unified Presence does not support clients (Cisco clients or third party) connecting to Cisco
Unified Presence using SIP/SIMPLE interface over TLS. Only a SIP connection over TCP is supported.
Related Topics
How to Configure the SIP Trunk on Cisco Unified Communications Manager, page 3-3
How to Configure the Presence Gateway on Cisco Unified Presence, page 6-38
1-2
Chapter 1
CTI Interface
The CTI (Computer Telephony Integration) interface handles all the CTI communication for users on the
Cisco Unified Presence server to control phones on Cisco Unified Communications Manager. The CTI
functionality allows users of the Cisco Unified Personal Communicator client to run the application in
desk phone control mode.
The CTI functionality is also used for the Cisco Unified Presence remote call control feature on the
Microsoft Office Communicator client. For information about configuring the remote call control
feature, see the Integration Note for Configuring Cisco Unified Presence with Microsoft OCS for MOC
Call Control.
To configure CTI functionality for Cisco Unified Presence users on Cisco Unified Communications
Manager, users must be associated with a CTI-enabled group, and the primary extension assigned to that
user must be enabled for CTI.
To configure Cisco Unified Personal Communicator desk phone control, you must configure a CTI
server and profile on Cisco Unified Presence, and assign any users that wish to use the application in
desk phone mode to that profile. However, note that all CTI communication occurs directly between
Cisco Unified Communications Manager and Cisco Unified Personal Communicator, and not through
the Cisco Unified Presence server.
Related Topics
User and Device Configuration on Cisco Unified Communications Manager, page 3-1
How to Configure CTI Gateway Settings for Desk Phone Control on Cisco Unified Presence,
page 12-28
Integration Note for Configuring Cisco Unified Presence with Microsoft OCS for MOC Call
Control:
http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_lis
t.html
AXL/SOAP Interface
The AXL/SOAP interface handles the database synchronization from Cisco Unified Communications
Manager and populates the Cisco Unified Presence database. To activate the database synchronization,
you must start the Sync Agent service on Cisco Unified Presence.
By default the Sync Agent load balances all users equally across all nodes within the Cisco Unified
Presence cluster. You also have the option to manually assign users to a particular node in the Cisco
Unified Presence cluster.
For guidelines on the recommended synchronization intervals when executing a database
synchronization with Cisco Unified Communications Manager, for single and dual-node Cisco Unified
Presence, see the Cisco Unified Presence SRND document.
Related Topics
1-3
Chapter 1
XMPP Standards
LDAP Interface
Cisco Unified Communications Manager obtains all user information via manual configuration or
synchronization directly over LDAP. Cisco Unified Presence then synchronizes all this user information
from Cisco Unified Communications Manager (using the AXL/SOAP interface).
Cisco Unified Presence provides LDAP authentication for users of the Cisco Unified Personal
Communicator client and Cisco Unified Presence user interface. If a Cisco Unified Personal
Communicator user logs into Cisco Unified Presence, and LDAP authentication is enabled on Cisco
Unified Communications Manager, Cisco Unified Presence goes directly to the LDAP directory for
Cisco Unified Personal Communicator user authentication. Once Cisco Unified Personal Communicator
is authenticated, Cisco Unified Presence forwards this information to Cisco Unified Personal
Communicator to continue the user login.
Cisco Unified Personal Communicator and third party XMPP clients use the LDAP directory to allow
users to search and add contacts.
Related Topic
XMPP Interface
An XMPP connection handles the presence information exchange and instant messaging operations for
XMPP-based clients. Cisco Unified Presence supports temporary (ad-hoc) and persistent chat rooms for
XMPP-based clients. An IM Gateway supports the IM interoperability between SIP-based and
XMPP-based clients in a Cisco Unified Presence deployment.
Related Topics
Integrating Third-Party XMPP Client Applications on Cisco Unified Presence, page 9-1
XMPP Standards
Cisco Unified Presence is compliant with the following XMPP standards:
RFC 3920 Extensible Messaging and Presence Protocol (XMPP): Core RFC 3921 Extensible
Messaging and Presence Protocol (XMPP): Instant Messaging and Presence
XEP-0004 Data Forms
XEP-0012 Last Activity
XEP-0013 Flexible Offline Message Retrieval
XEP-0016 Privacy Lists
XEP-0030 Service Discovery
XEP-0045 Multi-User Chat
XEP-0054 Vcard-temp
XEP-0055 Jabber Search
XEP-0060 Publish-Subscribe
1-4
Chapter 1
Module Overview
Module
Configuring the Licensing
for this Integration
Notes
1-5
Chapter 1
Module Overview
Module
Configuring Security
between Cisco Unified
Communications Manager
and Cisco Unified Presence
Integrating Third-Party
XMPP Client Applications
on Cisco Unified Presence
1-6
Notes
Chapter 1
Module
Configuring Cisco Unified
Personal Communicator
Notes
Additional Deployment
Information for
Cisco Unified Personal
Communicator
This is recommended
configuration.
1-7
Chapter 1
IM Compliancy
IM Compliancy
For information about configuring Instant Message (IM) compliancy on Cisco Unified Presence, refer
to the following documents:
Cisco Integrations
For information about integrating Cisco Unified Presence with Cisco Unified Mobility, see the Cisco
Unified Mobility server documentation.
Related Topic
Third-Party Integrations
This guide only details how to configure a basic Cisco Unified Presence deployment. For third-party
integrations, see the document references below.
Third Party Integration
1-8
Chapter 1
Related Topic
http://www.cisco.com/go/designzone
Cisco Unified Presence Compatibility Matrices and Port List:
http://www.cisco.com/en/US/products/ps6837/products_device_support_tables_list.html
Cisco Unified Presence Release Notes:
http://www.cisco.com/en/US/products/ps6837/prod_release_notes_list.html
Cisco Unified Communications Manager Documentation:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_support_series_home.html
Cisco Unified Personal Communicator Documentation:
http://www.cisco.com/en/US/products/ps6844/tsd_products_support_series_home.html
1-9
Chapter 1
Getting More Information
1-10
CH A P T E R
2-1
Chapter 2
Table 2-1
Configuration
License Requirement
Description
Related Topics
Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 12-15
Adjunct Licensing
From Cisco Unified Communications Manager Release 6.0(1), you can associate a secondary device
with a primary device and consume only one device license per device. This is also known as adjunct
licensing. On Cisco Unified Communications Manager, you can configure adjunct licensing manually
on the Phone Configuration window, using the AXL interface, or using the Bulk Administration Tool
(BAT). For releases prior to Cisco Unified Communications Manager Release 6.0(1), three device
licenses are consumed.
Adjunct licensing has these restrictions:
You cannot delete the primary phone unless you remove the associated secondary softphone devices.
The primary phone must be the device that consumes the most licenses. You cannot make the
softphone device the primary phone and associate a Cisco Unified IP Phone as the secondary device.
Secondary softphone devices are limited to Cisco IP Communicator, Cisco Unified Personal
Communicator, and Cisco Unified Mobile Communicator.
2-2
Chapter 2
Related Topics
Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 12-15
What To Do Next
Obtain a license file. For more information, see the Installation Guide for Cisco Unified Presence
Release 8.6.
2-3
Chapter 2
2-4
CH A P T E R
User and Device Configuration on Cisco Unified Communications Manager, page 3-1
How to Configure the SIP Trunk on Cisco Unified Communications Manager, page 3-3
Verifying that the Required Services are Running on Cisco Unified Communications Manager,
page 3-6
3-1
Chapter 3 Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence
User and Device Configuration on Cisco Unified Communications Manager
Task
Notes
Menu path
Cisco Unified Communications
Manager Administration > User
Management > Credential Policy
Default
Note
Note that because menu options and parameters may vary per Cisco Unified Communications Manager
releases, see the Cisco Unified Communications Manager documentation appropriate to your release.
Related Topics
How to Configure CTI Gateway Settings for Desk Phone Control on Cisco Unified Presence,
page 12-28
3-2
Chapter 3
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence
Configuring the Presence Service Parameter
You can only enable the Inter-Presence Group Subscription parameter when the subscription permission
for the default Standard Presence Group, or any new Presence Groups, is set to Use System Default. To
configure Presence Groups, select Cisco Unified Communications Manager Administration >
System > Presence Groups.
Procedure
Step 1
Select Cisco Unified Communications Manager Administration > System > Service Parameters.
Step 2
Select Cisco Unified Communications Manager server from the Server menu.
Step 3
Step 4
Select Allow Subscription for Default Inter-Presence Group Subscription in the Clusterwide Parameters
(System - Presence) section.
Step 5
Select Save.
Troubleshooting Tips
You no longer have to manually add Cisco Unified Presence as an Application Server on Cisco Unified
Communications Manager:
When you add or remove a node on the system topology management GUI, the node is automatically
added to or removed from the Application Server list on Cisco Unified Communications Manager.
When you configure the Cisco Unified Communications Manager publisher on Cisco Unified
Presence from Cisco Unified Presence Administration > System > CUCM Publisher, the Cisco
Unified Presence node is automatically added to the Application Server list on Cisco Unified
Communications Manager.
Related Topic
How to Configure the Cluster Topology on Cisco Unified Presence, page 6-3
What To Do Next
How to Configure the SIP Trunk on Cisco Unified Communications Manager, page 3-3
The port number that you configure for the SIP Trunk differs depending on the version of Cisco Unified
Presence that you are deploying:
For Cisco Unified Presence version 6.x, configure the port number 5070 for the SIP Trunk.
3-3
Chapter 3 Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence
How to Configure the SIP Trunk on Cisco Unified Communications Manager
For Cisco Unified Presence version 7.0(x) or higher, configure the port number 5060 for the SIP
Trunk.
Configuring the SIP Trunk Security Profile for Cisco Unified Presence, page 3-4
Configuring the SIP Trunk for Cisco Unified Presence, page 3-4
Configuring the SIP Trunk Security Profile for Cisco Unified Presence
Procedure
Step 1
Select Cisco Unified Communications Manager Administration > System > Security > SIP Trunk
Security Profile.
Step 2
Select Find.
Step 3
Step 4
Verify that the setting for Device Security Mode is Non Secure.
Step 5
Step 6
Step 7
Step 8
Select Save.
What To Do Next
Configuring the SIP Trunk for Cisco Unified Presence, page 3-4
Configure the SIP Trunk security profile on Cisco Unified Communications Manager.
3-4
Chapter 3
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence
How to Configure the SIP Trunk on Cisco Unified Communications Manager
Procedure
Step 1
Select Cisco Unified Communications Manager Administration > Device > Trunk.
Step 2
Step 3
Step 4
Step 5
Step 6
Select Next.
Step 7
Step 8
Step 9
In the SIP Information section at the bottom of the window, configure the following values:
Note
Step 10
a.
In the Destination Address field, enter the dotted IP address, or the FQDN (Fully Qualified Domain
Name), or the DNS SRV record for the Cisco Unified Presence server.
b.
Check the Destination Address is an SRV checkbox if you are configuring a multi-node deployment.
In this scenario, Cisco Unified Communications Manager performs a DNS SRV record query to
resolve the name _sip._tcp.cups01.lab. If you are configuring a single-node deployment, leave this
checkbox unchecked and Cisco Unified Communications Manager will perform a DNS A record
query to resolve the name cups01.lab.
In both scenarios, the Cisco Unified Communications Manager SIP trunk Destination Address must
resolve by DNS and match the SRV Cluster Name configured on the Cisco Unified Presence server.
For more information, see Configuring a Cluster-Wide Cisco Unified Presence Address, page 6-33.
c.
d.
Select Non Secure SIP Trunk Profile from the SIP Trunk Security Profile menu.
e.
Select Save.
Troubleshooting Tip
If you modify the DNS entry of the Publish SIP Trunk SRV record by changing the port number or IP
address, you must restart all devices that previously published to that address and ensure each device
points to the correct Cisco Unified Presence contact.
Related Topics
Configuring the SIP Trunk Security Profile for Cisco Unified Presence, page 3-4
Configuring the SIP Publish Trunk on Cisco Unified Presence, page 6-53
What To Do Next
How to Configure Cisco IP Phone Messenger on Cisco Unified Communications Manager, page 11-1
3-5
Chapter 3 Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence
Verifying that the Required Services are Running on Cisco Unified Communications Manager
or
About Configuring Cisco Unified Personal Communicator on Cisco Unified Communications Manager,
page 12-11
On Cisco Unified Communications Manager, select Cisco Unified Serviceability> Tools > Control
Center - Feature Services.
Step 2
Select a Cisco Unified Communications Manager server from the Server menu.
Step 3
Cisco CallManager
Cisco TFTP (if you are deploying Cisco Unified Personal Communicator softphone)
Cisco CTIManager (if you are deploying Cisco Unified Personal Communicator in desk phone
control mode)
Cisco AXL Web Service (for data synchronization between Cisco Unified Presence and
Cisco Unified Communications Manager)
Troubleshooting Tip
To turn on a service on Cisco Unified Communications Manager, select Cisco Unified Serviceability>
Tools > Service Activation.
3-6
CH A P T E R
Server-Side Failback for Cisco Unified Personal Communicator 7.x and 8.x Clients, page 4-4
Scalability Enhancements
The Cisco Unified Presence multi-node scalability feature supports the following:
45, 000 users per cluster with maximum of 15, 000 users per node in a full Unified Communication
mode deployment
4-1
Chapter 4
Administrable customer-defined limit on the maximum contacts per user (default unlimited).
Cisco Unified Presence continues to support intercluster deployments with the multi-node feature.
Cisco Jabber
IM-Only Deployment
Cisco Unified Presence supports an IM-only deployment. This type of deployment supports up to 25,
000 users per node and up to 75, 000 users in a Cisco Unified Presence cluster. An overview of the
configuration steps required to set up an IM-only Cisco Unified Presence deployment is provided in the
appendix of this guide.
Related Topic
Performance Recommendations
You can achieve optimum performance with the multi-node feature when:
The resources on all Cisco Unified Presence servers are equivalent in terms of memory, disk size,
and age. Mixing hardware classes results in servers that are under-powered, therefore resulting in
poor performance.
You configure a Balanced Mode deployment model. In this case, the total number of users is equally
divided across all nodes in all subclusters. Cisco Unified Presence defaults to Balanced Mode user
assignment to achieve optimum performance.
Related Topics
4-2
Chapter 4
Subclusters
The multi-node feature introduces the concept of a subcluster. A subcluster is a single Cisco Unified
Presence server, or a pair of Cisco Unified Presence servers, where each node has an independent
database and set of users operating with a shared availability database that is able to support common
users.
In a single-node deployment within a subcluster, there is no High Availability failover protection for
users assigned to the node. In a dual-node deployment within a subcluster, if you turn on High
Availability in the subcluster, users have failover protection; each node acts as a backup for the other
node allowing clients to fail over in case of outages of components or nodes. When you turn on High
Availability in a subcluster, all users in the subcluster have redundancy and full failover capabilities.
Related Topics
User Assignment
To allow users receive the availability and Instant Messaging (IM) services on Cisco Unified Presence,
you must assign users to nodes, and subclusters, in your Cisco Unified Presence deployment. You can
manually or automatically assign users in a Cisco Unified Presence deployment. You manage user
assignment using the User Assignment Mode parameter on the Sync Agent on Cisco Unified Presence.
If you select automatic user assignment, the Sync Agent assigns the users to all nodes in all subclusters
in an attempt to balance the user assignment evenly across all nodes. You can also configure the Sync
Agent to assign the total number of users to only the first (active) node of an subcluster.
If you select manual user assignment, you must manually assign your users to nodes, and subclusters,
using the System Topology interface in Cisco Unified Presence Administration.
4-3
Chapter 4
Related Topics
Server-Side Failback for Cisco Unified Personal Communicator 7.x and 8.x
Clients
Note
4-4
Figure 4-1
Cluster1
Cluster2
SubCluster1
C1Node1
C2Node1
C1Node2
C2Node2
SubCluster2
C1Node3
Intercluster connection
209582
Chapter 4
In the preceding figure, Cluster1 has three nodes, a publisher (C1Node1) and two subscribers (C1Node2
and C1Node3) and has an intercluster peer relationship with Cluster2, which contains a publisher
(C2Node1) and subscriber (C2Node2). Several different redirect scenarios are possible:
Note
1.
A Cisco Unified Personal Communicator user is assigned C1Node1 as a home node and attempts to
sign in to C1Node2. C1Node2 automatically redirects the Cisco Unified Personal Communicator
client to C1Node1. In this scenario, High Availability is disabled in Subcluster1. If High Availability
is enabled in Subcluster1, C1Node2 will process the login request. There is no redirect.
2.
A Cisco Unified Personal Communicator user is assigned C1Node3 as a home node and attempts to
sign in to C1Node1 or C1Node2. Regardless of whether High Availability is enabled in Subcluster1,
C1Node1 or C1Node2 redirects the Cisco Unified Personal Communicator client to C1Node3. High
Availability rules do not apply here because C1Node3 is part of Subcluster2.
3.
A Cisco Unified Personal Communicator user is assigned C2Node1 or C2Node2 as a home node and
attempts to sign in to C1Node1, C1Node2, or C1Node3. C1Node1, C1Node2, or C1Node3
automatically redirects the Cisco Unified Personal Communicator client its home node.
For more information about establishing intercluster peer relationships and syncing users, see
Configuring a Cisco Unified Presence Intercluster Deployment, page 16-1.
Related Topic
4-5
Chapter 4
Note
The High Availability deployment models described in this module are only applicable to Cisco Unified
Presence Release 8.5.x or later releases.
4-6
Chapter 4
Figure 4-2
Related Topics
How to Configure the Cluster Topology on Cisco Unified Presence, page 6-3
How To Configure High Availability Cisco Unified Presence Deployments, page 6-21
For the hardware user assignment guidelines for the multi-node feature, see the Cisco Unified
Presence compatibility matrices at this URL:
http://www.cisco.com/en/US/products/ps6837/products_device_support_tables_list.html
4-7
Chapter 4
Figure 4-3
Related Topics
How to Configure the Cluster Topology on Cisco Unified Presence, page 6-3
How To Configure High Availability Cisco Unified Presence Deployments, page 6-21
For the hardware user assignment guidelines for the multi-node feature, see the Cisco Unified
Presence compatibility matrices at this URL:
http://www.cisco.com/en/US/products/ps6837/products_device_support_tables_list.html
4-8
Chapter 4
Table 4-1
Scalability Option
Add a New Node to an Existing Subcluster
Deployment Mode
Balanced Non-Redundant High If you add a new node to an existing
Availability Deployment
subcluster, the new node can support the
same number of users as the existing node;
the subcluster can now support twice the
number of users. It also provides balanced
High Availability for the users on the
existing node and the new node in that
subcluster.
Note
Active/Standby Redundant
High Availability Deployment
Related Topics
4-9
Chapter 4
Warning
Minimize your hardware, for example, instead of using six MCS 7825 servers that support a total of
six thousand users, choose two MCS 7835 servers that can support a total of five thousand users.
Use similar hardware for all nodes in your deployment. If you must mix generations of similar
hardware, put the same generations of older hardware together in a subcluster and put fewer users
on this subcluster than on the more powerful subclusters. Note that we do not recommend this
deployment practice.
For multi-node deployments using mixed hardware (for example, UCS, MCS, or VMware), it is highly
recommended that the subscriber and publisher nodes in the same subcluster have similar database
size. If a significant difference in database size exists between the two nodes, you will receive an
error during installation of the subscriber node.
Note
The MCS 7845 with four 72GB drives can run the scalability feature, but this hardware with four
146GB drives is preferred.
4-10
Chapter 4
Note
If you have older-generation hardware, follow the disk drive upgrade recommendations above. You
must meet the minimal disk capacity on each server in the cluster in order to achieve scale.
Upgrading drives will allow you to use older hardware in a multi-node cluster. However, we recommend
that you use the latest hardware available for the multi-node feature because this hardware has more
powerful CPU, more memory and faster input/output processing.
Related Topic
For a list of the supported hardware for the multi-node feature, and hardware user assignment guidelines
for the multi-node feature, see the Cisco Unified Presence compatibility matrices at this URL:
http://www.cisco.com/en/US/products/ps6837/products_device_support_tables_list.html
Note
Each Cisco Unified Presence subcluster that you add to your Clustering over WAN deployment requires
an additional (dedicated) five megabits per second bandwidth.
4-11
Chapter 4
This model can provide geographical redundancy and remote failover, for example failover to a backup
Cisco Unified Presence node on a remote site. With this model, the Cisco Unified Presence server does
not need to be co-located with the Cisco Unified Communications Manager publisher server. The
Cisco Unified Personal Communicator client can be either local or remote to the Cisco Unified Presence
server.
This model also supports High Availability for the Cisco Unified Personal Communicator Release
clients, where the clients fail over to the remote peer Cisco Unified Presence node if the services or
hardware fails on the home Cisco Unified Presence node. When the failed node comes online again, the
clients automatically reconnect to the home Cisco Unified Presence node.
When you deploy Cisco Unified Presence over WAN with remote failover, note the following
restrictions:
This model only supports High Availability at the system level. Certain Cisco Unified Presence
components may still have a single point of failure. These components are the Cisco UP Sync Agent,
Cisco Intercluster Sync Agent, and Cisco Unified Presence Administration interface.
This model supports High Availability for the Cisco Unified Personal Communicator Release 7.x
and Cisco Unified Personal Communicator Releases 8.5 and 8.6.
Cisco Unified Presence also supports multiple subclusters in a Clustering over WAN deployment. For
information about scale for a Clustering over WAN deployment, see the Cisco Unified Presence SRND.
Related Topic
Local Failover
You can also deploy Cisco Unified Presence over WAN where one subcluster is located in one
geographic site, and a second subcluster is located in another geographic site. The subcluster can contain
a single node, or a dual node for High Availability between the local nodes. This model provides no
failover between geographic sites.
Note
Heart Beat Interval: This parameter specifies how often in seconds the Cisco UP Config Agent
sends a heartbeat message to the peer Cisco UP Config Agent in the same subcluster. The heartbeat
is used to determine network availability. The default value is 60 seconds.
Connect Timeout: This parameter specifies how long in seconds the Cisco UP Config Agent waits
to receive a response from a connection request to the peer Cisco UP Config Agent. The default
value is 30 seconds.
We recommend that you configure these parameters with the default values.
4-12
Chapter 4
For optimum performance, we recommend that you assign the majority of your users to the home
Cisco Unified Presence node. This deployment model decreases the volume of messages sent to the
remote Cisco Unified Presence server over WAN, however the failover time to the secondary node
depends on the number of users failing over.
If you wish to configure a High Availability deployment model over WAN, you can configure a
subcluster-wide DNS SRV address. In this case Cisco Unified Presence sends the initial PUBLISH
request message to the node specified by DNS SRV and the response message indicates the host
node for the user. Cisco Unified Presence then sends all subsequent PUBLISH messages for that user
to the host node. Before configuring this High Availability deployment model, you must consider if
you have sufficient bandwidth for the potential volume of messages that may be sent over the WAN.
Related Topics
Bandwidth Considerations
When you calculate the bandwidth requirements for your Clustering over WAN deployment, consider
the following:
In your bandwidth considerations, you must include the normal bandwidth consumption of a Cisco
Unified Communications Manager cluster. If you configure multiple nodes, Cisco Unified
Communications Manager uses a round-robin mechanism to load balance SIP/SIMPLE messages,
which consumes more bandwidth. To improve performance and decrease traffic, you could provision
a single dedicated Cisco Unified Communications Manager node for all SIP/SIMPLE messages sent
between Cisco Unified Presence and Cisco Unified Communications Manager.
In your bandwidth considerations, we also recommend that you consider the number of contacts in
the contact list for a Cisco Unified Personal Communicator user, and the size of user profiles on
Cisco Unified Presence. See the Cisco Unified Presence SRND for recommendations regarding the
size of a contact list when you deploy Cisco Unified Presence over WAN. Note also that the
maximum contact list size on Cisco Unified Presence is 200, so you need to factor this in to your
bandwidth considerations for systems with large numbers of users.
Related Topic
4-13
Chapter 4
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/uc7_0.html
4-14
CH A P T E R
Note
The purpose of this module is to provide the user with the recommended sequence of high-level tasks
for installing and configuring the multi-node feature.
This section is only applicable to Cisco Unified Presence Release 8.5.x or higher.
The Cisco UP Replication Watcher monitors IDS replication state on Cisco Unified Presence. Other
Cisco Unified Presence services are dependent on the Cisco UP Replication Watcher service. These
dependent services use the Cisco UP Replication Watcher service to delay startup until such time as IDS
replication is in a stable state.
On the subscriber nodes, the Cisco UP Replication Watcher service delays the startup of feature services
until IDS replication is successfully established. The Cisco UP Replication Watcher service only delays
the startup of feature services on the problem subscriber node in a cluster, it will not delay the startup of
feature services on all subscriber nodes due to one problem node. For example, if IDS replication is
successfully established on node1 and node2, but not on node3, the Cisco UP Replication Watcher
service allows feature services to start on node1 and node2, but delays feature service startup on node3.
The Cisco UP Replication Watcher service behaves differently on the publisher node. It only delays the
startup of feature services until a timeout expires. When the timeout expires, it allows all feature services
to start on the publisher node even if IDS replication is not successfully established.
The Cisco UP Replication Watcher service generates an alarm when it delays feature service startup on
a node. It then generates a notification when IDS replication is successfully established on that node.
5-1
Chapter 5
The Cisco UP Replication Watcher service impacts both a fresh multi-node installation, and a software
upgrade procedure. Both will only complete when the publisher and subscriber nodes are running the
same Cisco Unified Presence release, and IDS replication is successfully established on the subscriber
nodes.
To check the status of the IDS replication on a node either:
Use the Cisco Unified Reporting Tool (CURT). The Unified CUP Database Status report displays
a detailed status of the cluster.
Related Topics
Upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.5(x). For more information, see
the Upgrade Guide for Cisco Unified Presence Release 8.6.
Step 2
Step 3
Step 4
Note
From System troubleshooter page, verify that the Cisco UP Replication Watcher service is running
on all nodes.
5-2
Chapter 5
On the Network services screen in Cisco Unified Serviceability (on the subscriber node), verify that
all Cisco Unified Presence services are running.
Cisco Unified Presence assigns the node to the cluster, but the node will not receive traffic until you
assign users to it.
Step 5
Step 6
Related Topics
How To Configure High Availability Cisco Unified Presence Deployments, page 6-21
We strongly recommend that you perform any node movements that involve you unassigning or
moving a large numbers of users at off peak times. Such large operations can adversely impact
performance.
Procedure
Step 1
Create the new subcluster(s) in system topology management GUI (if required).
Step 2
Step 3
Step 4
Note
From System troubleshooter page, verify that the Cisco UP Replication Watcher service is running
on all nodes.
On the Network services screen in Cisco Unified Serviceability (on the subscriber node), verify that
all Cisco Unified Presence services are running.
Step 5
Step 6
Once all the nodes are online, assign users to the new nodes using the following user assignment options:
5-3
Chapter 5
Using the Find User Assignment feature, unassign selected users from each node, and use the User
Assignment Mode parameter to reassign new users to new subcluster(s) and nodes.
Using the Find User Assignment feature, manually move users to new nodes.
Unassign all users, and then reassign the users to the cluster using the appropriate User Assignment
Mode parameter setting for the whole cluster.
Troubleshooting Tip
You must turn off High Availability in a subcluster before you move or unassign a node in that subcluster.
Related Topics
How To Configure High Availability Cisco Unified Presence Deployments, page 6-21
If you need to add hardware to your multi-node deployment, the hardware must comply with the
multi-node hardware recommendations.
Procedure
Step 1
Use the Cisco Unified Presence Real-Time Monitoring Tool (RTMT) tool to monitor the CPU and
memory usage of each Cisco Unified Presence node in the cluster.
Step 2
5-4
Chapter 5
Deployment Model
Recommendation
No High Availability or Balanced Non-Redundant If the CPU reaches more than 70% capacity for a
High Availability
sustained period on any Cisco Unified Presence
node, we recommend that you add hardware
resources to your deployment.
Balanced Redundant High Availability
Related Topics
For information about the RTMT tool, see the Serviceability Configuration and Maintenance Guide
for Cisco Unified Presence.
If you need to add hardware to your multi-node deployment, the hardware must comply with the
multi-node hardware recommendations.
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Assign the new node to the subcluster, replacing the problematic node.
Step 7
Step 8
5-5
Chapter 5
Step 9
Troubleshooting Tip
You must turn off High Availability in a subcluster before you move or unassign a node in that subcluster.
Related Topics
5-6
CH A P T E R
How to Configure the Cluster Topology on Cisco Unified Presence, page 6-3
How To Configure High Availability Cisco Unified Presence Deployments, page 6-21
How to Configure the Cluster-Wide Routing Information on Cisco Unified Presence, page 6-28
How to Configure the Presence Gateway on Cisco Unified Presence, page 6-38
How To Configure the Authorization Policy on Cisco Unified Presence, page 6-39
How To Configure the Availability Settings on Cisco Unified Presence, page 6-47
How to Configure the Instant Messaging Settings on Cisco Unified Presence, page 6-51
Configuring the SIP Publish Trunk on Cisco Unified Presence, page 6-53
6-1
Chapter 6
On Cisco Unified Presence, select Cisco Unified Serviceability > Tools > Control Center - Network
Services.
Step 2
Select the server from the Server list box and select Go.
Step 3
Select the radio button next to the Cisco UP XCP Router service in the Cisco Unified Presence Services
section.
Step 4
Select Restart.
6-2
Chapter 6
Step 5
Related Topics
Caution
Perform the system topology configuration on the Cisco Unified Presence publisher node.
Before configuring the system topology, read the multi-node planning and deployment information
for best practice information about configuring this type of deployment.
Only use the system topology interface to configure your local Cisco Unified Presence cluster. See the
intercluster peer module for information about configuring intercluster peer relationships with remote
Cisco Unified Presence clusters.
Assign the nodes to a subcluster in Cisco Unified Presence, or allow the nodes to remain unassigned.
These states are interchangeable.
Assign Cisco Unified Presence users to the nodes, or allow the nodes to remain without any user
assignments.
6-3
Chapter 6
How to Configure the Cluster Topology on Cisco Unified Presence
Turn on or off High Availability on a subcluster. See the section about configuring High Availability
deployments later in this chapter.
Move a node from one subcluster to another if the node is assigned, has no users and highavailability is turned off in the subcluster.
Move a node from one subcluster to another if the node is assigned and has no users.
Configure real pingable nodes, or logical nodes which can be installed later and which remain
inaccessible until that time.
To move nodes with users assigned, perform one of the following actions:
Note
Unassign the users, move the node, and then reassign the users to the node. Note that when you
unassign the users, they will lose service.
Create a logical node and move the users to the logical node. Move the node, reassign the users to
the node, and remove the logical node.
Remove all users from a node before you unassign or move it.
Turn off High Availability in the subcluster before you unassign or move a node in that subcluster.
We strongly recommend that you perform any node movements that involve unassigning or moving
a large numbers of users at off peak times. Such large operations can adversely impact performance.
Related Topics
You must be able to resolve the hostname or the FQDN from the Cisco Unified Presence server, and
Cisco Unified Personal Communicator client computers.
If either Cisco Unified Presence server or the Cisco Unified Personal Communicator client
computer cannot resolve the hostname or the FQDN, configure the IP address for the node name
value.
To test the name resolution from the Cisco Unified Presence server, use the command
utils network ping <node_name>
To test the name resolution from the Cisco Unified Personal Communicator client computer, use the
command
ping <node_name>
If your network uses DNS that can map to IPv4 addresses, you can enter the Cisco Unified Presence
hostname. Otherwise, you must enter the full IPv4 address of the Cisco Unified Presence server.
6-4
Chapter 6
Related Topics
Changing the IP Address and Hostname for Cisco Unified Presence Release 8.0, 8.5, and 8.6
Note
If set to Balanced, Cisco Unified Presence divides all users equally across all nodes in all
subclusters. Use this user assignment mode for the Balanced Mode Non-Redundant High
Availability and the Balanced Mode Redundant High Availability deployment options.
If set to Active/Standby, Cisco Unified Presence assigns all users only to the first node of a
subcluster. If there is only a single node in the subcluster, Cisco Unified Presence uses this node for
assignment regardless of the location of the node within the subcluster.
If set to None, you must manually assign your users to nodes in system topology management GUI.
If all the hardware in your cluster is of the same generation and has the same capacity, set the User
Assignment Mode to Balanced.
If you have hardware of mixed generations and capacities in a node, set the User Assignment Mode
to None. Manually assign your users making sure that each server is not loaded beyond capacity.
Related Topics
Note
You can manually unassign, assign or reassign users. You can assign users to a single node, and you
can also distribute groups of users across the node, or nodes, in a cluster, or a given subcluster.
If you assign a user to one of the nodes in a subcluster, the other node in the subcluster can become
the backup (redundant) node for the user if you turn on High Availability for the subcluster. If you
do not configure a backup node in the subcluster, and you do not turn on High Availability for the
subcluster, the user does not have High Availability failover protection.
Users who are assigned may be reassigned, that is, moved to another subcluster, or to a specific
node. You can move users individually or in bulk.
Users can remain unassigned. Unassigned users do not receive availability information.
We recommend that you only reassign a user (assign a user that was previously unassigned) if the Cisco
UP Presence Engine is running on all nodes in your cluster, otherwise Cisco Unified Presence will not
reestablish the presence subscriptions to and from this user.
6-5
Chapter 6
How to Configure the Cluster Topology on Cisco Unified Presence
Unassigning or reassigning users results in termination of active sessions. In such instances, clients
must reconnect to the new location.
You can export users in bulk using the Bulk Administration Tool (BAT). You can also use BAT to
perform bulk user reassignment from one node to another.
Generally we recommend that you take the Cisco UP Presence Engine and Cisco UP SIP Proxy services
offline when performing bulk operations. Note that taking these services offline will adversely impact
performance.
Related Topics
User Redistribution
Note
If you turn on High Availability in a subcluster, be aware that Cisco Unified Presence does not
redistribute users to nodes that are in a failover states; the valid node states that support user
redistribution are Normal and Running in Backup Mode.
If you rebalance your users, you must reconfigure the upper and lower client re-login limit values
based on the HA login profile tables, see High Availability Client Login Profiles, page B-1.
After adding or removing nodes, you can redistribute users using the Rebalance Users parameter in
system topology management GUI. This parameter redistributes users based on the configured User
Assignment mode. These are examples of how you can use the Rebalance Users parameter with the User
Assignment mode to manage user assignment:
Scenario A: The customer has a subcluster with two nodes, and each node contains 5000 users. The
User Assignment mode is set to Balanced. The customer then adds a second subcluster with two
nodes, and sets the Rebalance Users parameter. Cisco Unified Presence distributes the users evenly
to the four nodes so that each node now has 2500 users.
Scenario B: The customer has a subcluster with two nodes, and each node contains 2500 users. The
User Assignment mode is set to Balanced. The customer wants to add a second subcluster with two
nodes, but also wants to change the User Assignment mode to Active/Standby. The customer
changes the mode to Active/Standby, whereby all 5000 users are redistributed to the first node in the
subcluster. The customer then adds a second subcluster with two nodes, and sets the Rebalance
Users parameter. Cisco Unified Presence evenly distributes the users across both first nodes in each
subcluster. Each first node now has 2500 users.
We strongly recommend that you perform any node movements that involve unassigning or moving a
large numbers of users at off peak times. Such large operations can adversely impact performance.
Related Topics
6-6
Chapter 6
Note
Select Cisco Unified Presence Administration > System > Cluster Topology.
Step 2
Step 3
Step 4
Select Save.
Troubleshooting Tip
To update a subcluster, or view the status of a subcluster, select the edit link on the subcluster.
Related Topics
What To Do Next
Note
6-7
Chapter 6
How to Configure the Cluster Topology on Cisco Unified Presence
Perform this procedure before you install any of the subsequent Cisco Unified Presence nodes. If
you assign a subsequent Cisco Unified Presence node to a subcluster prior to installing it, users in
remote clusters will not receive availability information. An availability outage will occur until the
node is installed.
Depending on how you plan to configure your node name, obtain the required value for your nodes
(for example hostname, dotted IP address, FQDN or DNS-SRV).
Restrictions
If you wish to change the default node name, there are certain node name restrictions. Read the node
name recommendations topic.
You can only move a node from one subcluster to another if the node is assigned and has no users.
You must turn off High Availability in a subcluster before you move or unassign a node in that
subcluster.
Procedure
Step 1
Select Cisco Unified Presence Administration > System > Cluster Topology.
Step 2
b.
c.
Select Save.
6-8
Chapter 6
Step 3
Action
Notes
Assign a node to a
subcluster
Troubleshooting Tips
To update a node, or view the status of a node, select the edit link on the node to view the Node
Detail screen. From the edit window, you can:
View the total users assigned to the node.
Verify the status of the node.
If you turn on High Availability in the subcluster, the critical services that Cisco Unified
Presence monitors on the node for failover are marked in the Monitored column.
If you turn on High Availability, you can also view the High Availability state of the node, and
Select Cisco Unified Presence Administration > Diagnostics > System Troubleshooter to verify
the status of your topology configuration.
Related Topics
6-9
Chapter 6
How to Configure the Cluster Topology on Cisco Unified Presence
What To Do Next
This topic is only applicable if you have chosen to manually assign your users.
In system topology management GUI, you can manually unassign, assign or reassign users. You can
assign users to a single node, and you can also distribute groups of users across the node, or nodes, in a
cluster, or a given subcluster.
Before You Begin
You may want to export users in bulk. Use the Bulk Administration Tool (BAT) to perform this
procedure.
Restriction
If you turn on High Availability in a subcluster, note that you can only assign or move users to nodes
in that subcluster that are not in a failover state. Valid node states are Normal and Running in Backup
Mode.
Procedure
Step 1
Step 2
Action
Assign users
Step 3
Use the Find User Assignment window to find and display users.
Step 4
Step 5
Check the users that you wish to assign, and select Assign Selected Users.
Using the list boxes in the Change Assignment frame, specify your user assignment:
to a named node
to nothing (unassigned)
6-10
Chapter 6
Step 6
Select Save.
Troubleshooting Tip
Select Cisco Unified Presence Administration > Diagnostics > System Troubleshooter to verify the
status of your topology configuration.
Related Topics
For information about exporting users in bulk using BAT, see the Online Help in Cisco Unified
Presence Administration.
Impact of Failover to Cisco Unified Presence Clients and Services, page 6-12
You must be running Cisco Unified Presence release 8.5 (x), or a later 8.x release. Any earlier Cisco
Unified Presence 8.0(x) releases do not support High Availability.
Cisco Unified Presence supports High Availability at a subcluster level. Both nodes in the subcluster
must be running the same version of Cisco Unified Presence 8.x software for High Availability to
work.
6-11
Chapter 6
A green tick beside the High Availability icon indicates that High Availability in the subcluster is
running normally. A red x beside the High Availability icon indicates that the subcluster is in a failed
state.
Cisco Unified Presence automatically detects failover in a subcluster by monitoring the heartbeat and
monitoring the critical services on the peer node. When Cisco Unified Presence detects failover, it
automatically moves all users to the backup node. From the Cisco Unified Presence Administration
interface, you can initiate a manual fallback to the primary node. Cisco Unified Presence Release 8.6(4)
and later supports automatic fallback to the primary node after failover.
Caution
Cisco Unified Presence Release 8.6(3) and earlier does not perform an automatic fallback to the primary
node after failover. You must manually perform the fallback from the Cluster Topology interface,
otherwise the users that were moved will remain on the backup node.
Note
Cisco Unified Presence performs an automatic fallback when the backup activated node fails due to a
critical service failure and the peer node is in the Failed Over state and supports the automatic recovery
fallback.
To monitor and troubleshoot the status of the High Availability functionality on a subcluster, view the
High Availability states that Cisco Unified Presence assigns to each node. See Table 6-1 and Table 6-2
for descriptions of these states and recommended actions if the subcluster is in a failed state. If a failover
occurs, on the node detail screen, Cisco Unified Presence marks the users that have failed over to the
backup node.
Related Topics
How To Configure High Availability Cisco Unified Presence Deployments, page 6-21
6-12
Chapter 6
If Cisco Unified Personal Communicator is operating in softphone mode (the user is on a voice call)
during failover, the voice call is not disconnected.
Peer Heartbeat - In a subcluster, each node sends heartbeat intervals to the other node to check if
the node is up and running. If a node detects a loss of heartbeat in the peer node, the node initiates
a failover. You can configure the heartbeat interval and the heartbeat timeout from the Service
Parameters page on Cisco Unified Presence Administration interface.
Monitor Critical Services - Each node monitors a list of critical services. If the node detects that
any critical service is not running for a configurable outage period (ninety seconds is the default
value), it instructs the peer node to initiate a failover. You can configure this critical service delay
from the Service Parameters page on Cisco Unified Presence Administration interface. These are the
list of critical services that the node monitors:
Cisco DB (internal IDS database)
Cisco UP Presence Engine (if you activate this service)
Cisco UP XCP Router
Cisco UP Message Archiver (if you integrate Cisco Unified Presence with a third-party
Federation, or you have an intercluster connection with a Cisco Unified Presence Release 7.x
cluster, and you activate this service)
Cisco UP XCP SIP Federation Connection Manager (if you configure SIP federation, enable
Partitioned Intradomain Federation, or you have an intercluster connection with a Cisco Unified
Presence Release 7.x cluster, and you activate this service)
Cisco UP Presence DatastoreCisco Unified Presence Release 8.6(4) or later only
Cisco UP Route Datastore (if you configure SIP federation, enable Partitioned Intradomain
Federation, or you have an intercluster connection with a Cisco Unified Presence Release 7.x
cluster, and you activate this service)Cisco Unified Presence Release 8.6(4) or later only
You can view the critical services that Cisco Unified Presence monitors for failover on the node details
screen on the Cluster Topology interface. The critical services that Cisco Unified Presence monitors are
marked in the Monitored column in the services list.
Note
Cisco Unified Presence only detects a failover if a critical service is not running for the duration of
the outage period. It does not detect a failover in the case where one or more critical services are not
running during the outage period, but not for the duration of the outage period, for example, a rolling
outage. In this case, Cisco Unified Presence generates alarms indicating that services are starting
and stopping, and you can perform a manual failover on Cisco Unified Presence.
If you manually stop a critical service, and the service is stopped for longer than the permitted
outage period, failover will occur.
6-13
Chapter 6
Prior to Cisco Unified Presence Release 8.6, if Cisco Unified Presence detects the situation where both
nodes in the subcluster think they own the same user, both nodes go into a failed state, and you need to
perform a manual recovery from the Cluster Topology interface. In Cisco Unified Presence Release 8.6,
manual recovery is not required. When the network issue is resolved, auto-recovery occurs without
administrator intervention.
If manual recovery is required for another reason, you may experience IDS replication delays.
To check the status of the IDS replication on a node either:
Use the Cisco Unified Reporting Tool (CURT). The Unified CUP Database Status report displays
a detailed status of the cluster.
Related Topics
Configuring the Advanced Service Parameters for the Server Recovery Manager, page 6-23
Automatic Fallback
Cisco Unified Presence Release 8.6(4) and later supports automatic fallback to the primary node after a
failover. Automatic fallback is the process of moving users back to the primary node after a failover
without manual intervention. You can enable automatic fallback with the Enable Automatic Fallback
service parameter on the Cisco Unified Presence Administration interface.
Automatic fallback occurs in the following scenarios:
A critical service on Node A failsA critical service (for example, the Presence Engine) fails on
Node A. Automatic failover occurs and all users are moved to Node B. Node A is in a state called
"Failed Over with Critical Services Not Running". When the critical service recovers, the node state
changes to "Failed Over. When this occurs Node B tracks the health of Node A for 30 minutes. If
no heartbeat is missed in this time frame and the state of each node remains unchanged, automatic
fallback occurs.
Node A is rebootedAutomatic failover occurs and all users are moved to Node B. When Node A
returns to a healthy state and remains in that state for 30 minutes automatic fallback occurs.
Node A loses communications with Node BAutomatic failover occurs and all users are moved to
Node B. When communications are re-established and remain unchanged for 30 minutes automatic
fallback occurs.
If failover occurs for a reason other than one of the three scenarios listed here, you must recover the node
manually. If you do not want to wait 30 minutes before the automatic fallback, you can perform a manual
fallback to the primary node.
Related Topics
Configuring the Advanced Service Parameters for the Server Recovery Manager, page 6-23
6-14
Chapter 6
Caution
Before you turn on High Availability in a subcluster, you must configure the SRM service parameters to
properly reflect your deployment, see High Availability Client Login Profiles, page B-1.
Related Topics
Configuring the Advanced Service Parameters for the Server Recovery Manager, page 6-23
Initiate a manual failover for a subcluster. When you initiate a manual failover, the Cisco UP Server
Recovery Manager stops the critical services on the failed node, and moves all users to the backup
node.
Initiate a manual fallback from the Cluster Topology interface, where the Cisco UP Server Recovery
Manager restarts critical services on the primary node and moves users back to the primary node.
Perform a manual recovery for a subcluster (when both nodes in the subcluster are in a failed state).
When you perform a manual recovery, Cisco Unified Presence restarts the Cisco UP Server
Recovery Manager service on both nodes in the subcluster.
Related Topics
6-15
Chapter 6
Note
These fields are only displayed on the Cluster Topology interface if you turn on High Availability in a
subcluster.
Table 6-1
State
Description
Initializing
Idle
Normal
This is a stable state. The Cisco Unified Presence node is acting as the
backup for its peer node. Users have moved to this (backup) node.
Taking Over
Failing Over
Failed Over
This is a stable state. The Cisco Unified Presence node has failed
over, but no critical services are down. In this state, you can manually
initiate a fallback to this node from the Cluster Topology interface.
6-16
Chapter 6
Note
These fields are only displayed on the Cluster Topology interface if you turn on High Availability in a
subcluster.
Table 6-1
State
Description
Falling Back
Taking Back
Unknown
State unknown.
Related Topic
Node 1
State
Normal
Node 2
Reason
Normal
State
Normal
Reason
Normal
Cause/Recommended Actions
High Availability is running on both nodes in the
subcluster.
Subcluster is running normally (it is in non failover
mode). The critical services on both nodes in the
subcluster are running.
Taking Over
Idle
Running in
Backup Mode
Falling Back
Idle
Initialization
Running in
Backup Mode
Idle
Initialization
Running in
Backup Mode
Initialization
On Admin
Request
6-17
Chapter 6
Table 6-2
Node 1
State
Idle
Node 2
Reason
On Admin
Request
State
Reason
Cause/Recommended Actions
Running in
Backup Mode
Initialization
Taking Over
Initialization
Falling Back
Falling Back
Failed Over
Initialization or
Critical
Services Down
Running in
Backup Mode
Critical Service
Down
reboot of node 1, or
The administrator starts critical service(s) on
Running in
Backup Mode
Critical Service
Down
Recommended Actions:
Running in
Backup Mode
Database Failure
6-18
1.
2.
3.
Reboot Node 1.
2.
Chapter 6
Table 6-2
Node 1
State
Node 2
Reason
State
Running in
Failed Mode
Reason
Start of Critical
Services Failed
Cause/Recommended Actions
Critical services fail to start while a node in subcluster
is taking back from the other node.
Recommended Actions: (on the node that is taking
back)
Running in
Failed Mode
Critical Service
Down
1.
2.
3.
Running in
Backup Mode
Peer Down
1.
2.
2.
Repair/Power up node1.
2.
6-19
Chapter 6
Table 6-2
Node 1
State
Node 2
Reason
State
Reason
Peer Reboot
Cause/Recommended Actions
Cisco Unified Presence performs an automatic
failover to node 2 due to possible hardware
failure/power down/restart /shutdown of Node 1.
Recommended Action:
Backup Mode
1.
Repair/Power up node 1.
2.
Cisco UP Server
Recovery Manager
Take Over Users
Failed
Cisco UP Server
Recovery Manager
Take Back Users
Failed
Running in Unknown
Failed Mode
Unknown
Running in
Failed Mode
Recommended Action:
Possible database error. Select Recovery on the
subcluster details screen. If that doesn't resolve the
issue, reboot the subcluster.
Recommended Action:
Possible database error. Select Recovery on the
subcluster details screen. If that doesn't resolve the
issue, reboot the subcluster.
Recommended Action:
Select Recovery on the subcluster details screen. If
that does not resolve the issue, reboot the subcluster.
Backup
Activated
Auto Recover
Database
Failure
Failover
Affected
Services
Auto Recovery
Database Failure.
Backup
Activated
Auto Recover
Database
Failure
Failover
Affected
Services
Auto Recover
Critical Service
Down
6-20
Chapter 6
Related Topics
Configuring the Advanced Service Parameters for the Server Recovery Manager, page 6-23
Before you turn on High Availability in a subcluster, you must configure the SRM service parameters to
properly reflect your deployment, see High Availability Client Login Profiles, page B-1.
You have to manually turn on High Availability in a subcluster; Cisco Unified Presence does not turn on
High Availability in a subcluster by default. You can turn on High Availability in a subcluster when:
both nodes are running Cisco Unified Presence Release 8.5 or higher.
You can either assign users to the nodes in the subcluster before or after you turn on High Availability
for the subcluster.
Before You Begin
Configure the subclusters and nodes in your network, and assign nodes to the subclusters.
Make sure critical services are running on both nodes in the subcluster before you turn on highavailability in a subcluster. If one or more critical services are not running on a node, when you turn
on High Availability, that node will failover to the backup node. When one or more critical services
are not running on one node in a subcluster, but all critical services are running on the second node,
the subcluster will go into a failed state after you turn on High Availability.
Restriction
You can only turn on High Availability in a subcluster when there are two nodes assigned to that
subcluster. The High Availability checkbox does not display when there are no nodes, or one node,
assigned to the subcluster.
6-21
Chapter 6
How To Configure High Availability Cisco Unified Presence Deployments
Procedure
Step 1
Step 2
Step 3
To turn off High Availability for the sublcluster, uncheck Enable High Availability.
Note
Step 4
Select Save.
Cisco Unified Presence displays the following information about High Availability for the subcluster
Field
Description
Monitored Node
Node State
Node Reason
Node Action
The action you can take to change the state of the node:
Troubleshooting Tips
When you turn on High Availability in a subcluster, Cisco Unified Presence restarts the Cisco UP
Service Recovery Manager service and it begins to monitor for failover detection. To verify this
service is running, select Cisco Unified Serviceability > Tools > Control Center - Network
Services.
You can turn off High Availability in a subcluster, so the two nodes in the subcluster act as
standalone nodes. You can only turn off High Availability when the nodes in the subcluster are not
in a transition state (Failing Over, Falling Back). If you turn off High Availability in a subcluster
when either node is in a failed over scenario (Failed Over, Failed), users that Cisco Unified Presence
fails over to the backup node are homed to the backup node. Cisco Unified Presence will not move
these users back to the primary node, they remain on the backup node.
6-22
Chapter 6
The System Troubleshooter indicates if there are any two node subclusters without High Availability
turned on. Select Cisco Unified Presence Administration > Diagnostics > System
Troubleshooter.
Step 2
Step 3
Step 4
Parameter
Description
Additional Information
Service Port
Enable Automatic
Fallback
6-23
Chapter 6
How To Configure High Availability Cisco Unified Presence Deployments
Parameter
Description
Additional Information
Initialization Keep
Alive (Heartbeat)
Timeout
Keep Alive
(Heartbeat) Timeout
N/A
Caution
6-24
Chapter 6
Parameter
Description
Additional Information
Client Re-Login
Lower Limit
Note
Client Re-Login
Upper Limit
Step 5
Note
Caution
Caution
Select Save.
Related Topic
The Cisco UP Server Recovery Manager then move all users to the backup node
Restriction
You can only initiate a failover for a node that is in Normal state.
6-25
Chapter 6
How To Configure High Availability Cisco Unified Presence Deployments
Make sure that these services are running on the Failing Over node:
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
When the failover operation is in progress, the primary node should be in the Failing Over state,
and the backup node should be in the Taking Over state. When the failover operation is complete,
check that the backup node is in the state Running in Backup Mode, and the primary node is in
Idle state. If the failover is unsuccessful, and the nodes are in a failed state, see Table 6-2 for a
recommended action.
Check that the users have failed over to the backup node:
On the subcluster details screen, check that all users are now assigned to the backup node, and
Related Topic
The Cisco UP Server Recovery Manager then moves all failed over users back to the primary node.
6-26
Chapter 6
Restriction
You can only initiate fallback for a node that is in Idle or Failed Over state.
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
When fallback operation is in progress, the primary node should be in the Taking Back state, and
the backup node should be in the Falling Back state.When the fallback operation is complete,
check that both nodes are in Normal state. If the fallback is unsuccessful, and the nodes are in a
failed state, see Table 6-2 for a recommended action.
Check that the users have fallen back to the primary node.
On the subcluster details screen, check that all users are now assigned to the primary node, and
Related Topic
You can only initiate a recovery for a subcluster if both nodes are in a failed state.
Procedure
Step 1
Step 2
Step 3
Step 4
See see Table 6-2 to verify the status of the subcluster after you perform the manual recovery.
6-27
Chapter 6 Configuring a Cisco Unified Presence Server for Deployment in the Network
How to Configure the Cluster-Wide Routing Information on Cisco Unified Presence
Troubleshooting Tips
Prior to Cisco Unified Presence Release 8.6, if Cisco Unified Presence detects the situation where both
nodes in the subcluster think that they own the same user, both nodes will go into a failed state, and you
will need to perform a manual recovery from the Cluster Topology interface. In Cisco Unified Presence
Release 8.6, manual recovery is not required. When the network issue is resolved, auto-recovery occurs
without administrator intervention.
If manual recovery is required for another reason, you may experience IDS replication delays. You can
check the status of the IDS replication on a node using this CLI command:
Utils dbreplication runtimestate
Related Topic
Configuring the Throttling Rate for Availability State Change Messages, page 6-34
Select Cisco Unified Presence Administration > System > Cluster Topology.
b.
6-28
Chapter 6
c.
a.
Select Cisco Unified Presence Administration > System > Service Parameters, and select the
Cisco UP SIP Proxy service.
b.
Configure the Federation Routing Cisco Unified Presence FQDN with the new domain.
c.
You will be prompted to confirm these configuration changes. Select OK for both prompts, and then
select Save.
Step 2
If you are using DNS, proceed with the remaining steps. If you are not using DNS, you have completed
the replacement of the default domain value.
Step 3
Step 4
Note
Manually regenerate all certificates on the local Cisco Unified Presence server.
When you regenerate the Tomcat certificate, you must restart Tomcat. You can restart Tomcat after you
regenerate all of the certificates on the local server. Use this CLI command to restart Tomcat: utils
service restart Cisco Tomcat
Note
It is highly recommended that you use a DNS deployment. In order to be considered valid, the domain
value must match the DNS domain name. Using a valid domain name ensures that the SRM initializes
correctly in a High Availability deployment.
Procedure
Step 1
Stop the Cisco UP SIP Proxy, Presence Engine and XCP Router services on Cisco Unified Presence on
all nodes in your cluster.
Step 2
On the publisher node, perform the following steps to configure the new domain value:
a.
Select Cisco Unified Presence Administration > System > Cluster Topology.
b.
c.
a.
Select Cisco Unified Presence Administration > System > Service Parameters, and select the
Cisco UP SIP Proxy service.
b.
Configure the Federation Routing Cisco Unified Presence FQDN with the new domain.
c.
You will be prompted to confirm these configuration changes. Select OK for both prompts, and then
select Save.
6-29
Chapter 6 Configuring a Cisco Unified Presence Server for Deployment in the Network
How to Configure the Cluster-Wide Routing Information on Cisco Unified Presence
Step 3
On all nodes in the cluster, use this CLI command to set the new domain:
set network domain <new_domain>
This CLI command invokes a reboot of the servers
Step 4
On all nodes in the cluster, manually start the Cisco UP Presence Engine and Cisco UP XCP Router
services after the reboot is complete (if required).
Step 5
Note
When you regenerate the Tomcat certificate, you must restart Tomcat. You can restart Tomcat after you
regenerate all of the certificates on the local server. Use this CLI command to restart Tomcat: utils
service restart Cisco Tomcat
Step 6
If you use DNS in your network, update the DNS configuration for the new domain. Update any host
records and any DNS SRV records that you require for the new domain
Step 7
Your deployment will incur the additional performance overhead while Cisco Unified Presence
establishes the XCP route fabric.
You do not need to restart the Cisco UP XCP Router on any node in your deployment when you add
a new node.
If you delete or remove a node, you must restart the Cisco UP XCP Router on all nodes in your
deployment.
6-30
Chapter 6
Related Topics
Note
If you deploy the Chat feature, Cisco Unified Presence uses the cluster ID value to define chat server
aliases. There are certain configuration scenarios that may require you to change the cluster ID value.
See the Group Chat module for details.
Related Topics
Caution
You must configure the routing communication type before you complete your cluster configuration and
start to accept user traffic into your Cisco Unified Presence deployment.
Before You Begin
If you want to use MDNS routing, confirm that MDNS is enabled in your network.
If you want to use router-to-router communication, and DNS is not available in your network, for
each node you must configure the IP address as the node name in the cluster topology. to edit the
node name, select Cisco Unified Presence Administration > System > Cluster Topology, and
click the edit link on a node. Perform this configuration after you install Cisco Unified Presence,
and before you restart the Cisco UP XCP Router on all nodes.
6-31
Chapter 6 Configuring a Cisco Unified Presence Server for Deployment in the Network
How to Configure the Cluster-Wide Routing Information on Cisco Unified Presence
Procedure
Step 1
Select Cisco Unified Presence Administration > System > Cluster Topology.
Step 2
Step 3
Step 4
Select Save.
Step 5
Restart the Cisco UP XCP Router service on all nodes in your deployment.
Related Topics
If you select MDNS routing, all nodes must have the same cluster ID to allow them to identify other
nodes in the multicast domain.
If you are deploying the Group Chat feature, Cisco Unified Presence uses the cluster ID value for
chat server alias mappings, and there are certain configuration scenarios that may require you to
change the cluster ID value. See the Group Chat module for details.
If you change the default Cluster ID value, you only need to make this change on the publisher node,
and the system replicates the new Cluster ID value to the other nodes in the cluster.
Procedure
Step 1
Select Cisco Unified Presence Administration > System > Cluster Topology.
Step 2
Step 3
Note
By default, Cisco Unified Presence assigns the cluster ID value StandaloneCluster to a cluster.
6-32
Chapter 6
Step 4
Select Save.
Troubleshooting Tip
Cisco Unified Presence Release 8.x does not permit the underscore character (_) in the Cluster ID value.
If you perform an upgrade to Cisco Unified Presence Release 8.x, make user the Cluster ID value does
not contain this character.
Related Topics
Note
When you configure a cluster-wide Cisco Unified Presence address, set the port of SRV to 5060.
Before You Begin
Select Cisco Unified Presence Administration > System > Service Parameters.
Step 2
Select the Cisco Unified Presence server from the Server menu.
Step 3
Step 4
Edit the SRV Cluster Name field in the General Proxy Parameters (Clusterwide) section.
By default this parameter is empty.
Step 5
Select Save.
Related Topic
Upload the licenses on Cisco Unified Presence. For more information, see the Upgrade Guide for Cisco
Unified Presence Release 8.6.
6-33
Chapter 6
Select Cisco Unified Presence Administration > System > Service Parameters.
Step 2
Select the Cisco Unified Presence server from the Server menu.
Step 3
Step 4
In the Clusterwide Parameters section, edit the Presence Change Throttle Rate parameter. This
parameter defines the number of presence updates per second.
Step 5
Select Save.
A dynamic route represents a path through the network that is automatically calculated according to
routing protocols and routing update messages.
A static route represents a fixed path that you explicitly configure through the network.
6-34
Chapter 6
Destination Pattern
74..7812345*
1.2.3.4:5060
74..7867890*
5.6.7.8.9:5060
74..7811993*
10.10.11.37:5060
With this template, Cisco Unified Presence will NOT enable these static route entries:
74..781* (The destination pattern digit length does not match the template)
Destination Pattern
471.34*
20.20.21.22
47155*
21.21.55.79
With this template, Cisco Unified Presence will NOT enable these static route entries:
Select Cisco Unified Presence Administration > System > Service Parameters.
Step 2
Step 3
Step 4
Define a route embed templates in the RouteEmbedTemplate field in the Routing Parameters
(Clusterwide) section. You can define up to five route embed templates.
6-35
Chapter 6
Step 5
Select Save.
What To Do Next
Select Cisco Unified Presence Administration > Routing > Static Routes.
Step 2
Step 3
Field
Description
Destination Pattern
6-36
Chapter 6
Field
Description
Next Hop
Specifies the domain name or IP address of the destination (next hop) and
can be either a Fully Qualified Domain Name (FQDN) or dotted IP
address.
Cisco Unified Presence supports DNS SRV-based call routing. To specify
DNS SRV as the next hop for a static route, set this parameter to the DNS
SRV name.
Specifies the port number of the destination (next hop). The default port
is 5060.
Cisco Unified Presence supports DNS SRV-based call routing. To specify
DNS SRV as the next hop for a static route, set the next hop port
parameter to 0.
Route Type
Specifies the route type: User or Domain. The default value is user.
For example, in the SIP URI "sip:19194762030@myhost.com" request,
the user part is '19194762030', and the host part is 'myhost.com'. If you
select User as the route type, Cisco Unified Presence uses the user-part
value '19194762030' for routing SIP traffic. If you select the Domain as
the route type, Cisco Unified Presence uses 'myhost.com' for routing SIP
traffic.
Protocol Type
Specifies the protocol type for this route, TCP, UDP, or TLS. The default
value is TCP.
Priority
Specifies the route priority level. Lower values indicate higher priority.
The default value is 1.
Value range: 1-65535
Weight
Specifies the route weight. Use this parameter only if two or more routes
have the same priority. Higher values indicate which route has the higher
priority.
Value range: 1-65535
Example: Consider these three routes with associated priorities and
weights:
1, 20
1, 10
2, 50
In this example, the static routes are listed in the correct order. The
priority route is based on the lowest value priority, that is 1. Given that
two routes share the same priority, the weight parameter with the highest
value decides the priority route. In this example, Cisco Unified Presence
directs SIP traffic to both routes configured with a priority value of 1, and
distributes the traffic according to weight; The route with a weight of 20
receives twice as much traffic as the route with a weight of 10. Note that
in this example, Cisco Unified Presence will only attempt to use the route
with priority 2, if it has tried both priority 1 routes and both failed.
Allow Less-Specific Route Specifies that the route can be less specific. The default setting is On.
6-37
Chapter 6
How to Configure the Presence Gateway on Cisco Unified Presence
Field
Description
In Service
Select Save.
Related Topics
a DNS SRV FQDN that resolves to the Cisco Unified Communications Manager subscriber nodes
Configure the Presence Gateway on the Cisco Unified Presence server with a DNS SRV FQDN of
the Cisco Unified Communications Manager subscriber nodes (equally weighted). This will enable
Cisco Unified Presence to share availability messages equally among all the servers used for
availability information exchange.
2.
On Cisco Unified Communications Manager, configure the SIP trunk for the Cisco Unified Presence
server with a DNS SRV FQDN of the Cisco Unified Presence publisher and subscriber.
If DNS SRV is not an option in your network, and you are using the IP address of the associated Cisco
Unified Communications Manager server, you cannot share presence messaging traffic equally across
multiple subscriber nodes because the IP address points to a single subscriber node.
6-38
Chapter 6
Related Topic
How to Configure the SIP Trunk on Cisco Unified Communications Manager, page 3-3
Depending on your configuration requirements, obtain the FQDN, DNS SRV FQDN, or the IP
address of the associated Cisco Unified Communications Manager server.
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Specify the FQDN, DNS SRV FQDN, or the IP address of the associated Cisco Unified Communications
Manager server in the Presence Gateway field.
Step 6
Select Save.
Related Topic
6-39
Chapter 6
How To Configure the Authorization Policy on Cisco Unified Presence
of a contact in the local enterprise if the contact is on the blocked list for the user. This is the default
authorization behavior for SIP-based clients on Cisco Unified Presence, and you cannot configure this
behavior.
In the XMPP network, it is standard behavior for the server to send all presence subscriptions to the
client, and the client prompts the user to authorize or reject the subscription. To allow enterprises to
deploy Cisco Unified Presence with a mix of SIP-based and XMPP-based clients (to align the
authorization policy for both client types), Cisco provides the following automatic authorization setting
on Cisco Unified Presence:
Caution
When you turn on automatic authorization, Cisco Unified Presence automatically authorizes all
presence subscription requests it receives from both XMPP-based clients and SIP-based in the local
enterprise. This is the default setting on Cisco Unified Presence.
When you turn off automatic authorization, Cisco Unified Presence only supports XMPP-based
clients. For XMPP-based clients, Cisco Unified Presence sends all presence subscriptions to the
client, and the client prompts the user to authorize or reject the presence subscription. SIP-based
clients will not operate correctly on Cisco Unified Presence when you turn off automatic
authorization.
If you turn off automatic authorization, SIP-based clients such as Cisco Unified Personal Communicator
Release 7.x are not supported. Only XMPP-based clients (Cisco Unified Personal Communicator
Release 8.0 and third-party XMPP clients) are supported when you turn off automatic authorization.
Related Topics
Integration Guide for Configuring Cisco Unified Presence for Interdomain Federation
6-40
Chapter 6
UserA wishes to subscribe the view the availability status of UserB. Automatic authorization is off
on Cisco Unified Presence, and UserB is not in the Allowed or Blocked list for the UserA.
Cisco Unified Presence sends the presence subscription request to the client application of UserB,
and the client application prompts userB to accept or reject the subscription.
UserB accepts the presence subscription request, and UserB is added to the contact list of UserA.
UserA is then automatically added to the contact list for UserB without being prompted to authorize
the presence subscription.
Cisco Unified Presence will automatically add UserA to the contact list of UserB even if the policy for
UserB (i) blocks the external domain, or (ii) the default policy for the user is block all, or (ii) ask me
is selected.
If you deploy interdomain federation between a local Cisco Unified Presence enterprise and a supported
external enterprise, Cisco Unified Presence does not apply the automatic authorization setting to
presence subscription requests received from external contacts, unless the user has applied a policy on
that external contact or domain. On receipt of a presence subscription request from an external contact,
Cisco Unified Presence will only send the subscription request to the client application if the user selects
ask me to be prompted to set their own Allow/Block policy for external contacts, and if the external
contact or domain is not in either the Allowed or Blocked list for the user. The client application prompts
the user to authorize or reject the subscription.
Note
Cisco Unified Presence uses common user policies for both availability and instant messages.
Related Topics
For information about the Cisco Unified Presence User Options interface, see the User Guide for
Cisco Unified Presence at this URL:
http://www.cisco.com/en/US/products/ps6837/products_user_guide_list.html
For information about the interdomain federation integration for Cisco Unified Presence, see the
Integration Guide for Configuring Cisco Unified Presence for Interdomain Federation at this URL:
http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_lis
t.html
Step 2
6-41
Chapter 6
Do This
Select Save.
Step 4
Related Topics
What To Do Next
Configuring the SIP Publish Trunk on Cisco Unified Presence, page 6-53
Parameter
Description
User ID
User Domain
6-42
Chapter 6
Parameter (continued)
Description
Contact ID
Contact Domain
Nickname
Group Name
The name of the group to which the contact list entry is to be added.
If a users contacts are not sorted into groups, the default group name will
be specified in the Group Name field.
Complete the following procedure to export user contact lists with BAT and download the export file.
Procedure
Step 1
Select Cisco Unified Presence Administration > Bulk Administration > Contact List > Export
Step 2
Use the selection criteria to find the users whose contact lists you want to export. See the Online Help
topic in the Cisco Unified Presence Administration interface for more information about finding and
selecting users.
Step 3
Select Next.
Step 4
In the File Name field, enter a name for the CSV file.
Step 5
Select Run Later to schedule a time to execute the Bulk Administration job. For more information
about scheduling jobs in BAT, see the Online Help in Cisco Unified Presence Administration.
Step 6
Select Submit. If you selected to run the job immediately, the job runs after you select Submit.
Step 7
To download the export file after the job has run, select Cisco Unified Presence Administration > Bulk
Administration > Upload/Download Files.
Step 8
Find and select the export file that you want to download.
Step 9
Related Topic
6-43
Chapter 6
Parameter
Description
User ID
The user ID of the Cisco Unified Presence user. It can have a maximum
132 characters.
Note
User Domain
Contact ID
The user ID of the contact list entry. It can have a maximum of 132
characters.
Note
Contact Domain
The Presence domain of the Cisco Unified Presence user. It can have a
maximum of 128 characters.
Note
The Presence domain of the contact list entry. The following restrictions
apply to the format of the domain name:
Contains only numbers, upper- and lowercase letters, and hyphens (-)
Note
Nickname
The nickname of the contact list entry. It can have a maximum of 255
characters.
Group Name
The name of the group to which the contact list entry is to be added. It can
have a maximum of 255 characters.
Note
Note
If you are moving users to another node or subcluster in a different cluster, you can use BAT to generate
the CSV file for selected users. See Bulk Export of User Contact Lists, page 6-42 for more information.
6-44
Chapter 6
Complete the following steps to import user contact lists into Cisco Unified Presence:
Before you import the user contact lists, you must complete the following:
Note
1.
2.
Ensure that the users are licensed and assigned to Cisco Unified Presence.
The default contact list import rate is based on the server hardware type. You can change the contact list
import rate by selecting Cisco Unified Presence Administrator > System > Service Parameters >
Cisco Bulk Provisioning Service. However, if you increase the default import rate, this will result in
higher CPU and memory usage on Cisco Unified Presence.
Note
You only need to check the maximum contact list size on those clusters that contain users for whom you
wish to import contacts. When you change Presence settings, the changes are applied to all nodes in the
cluster; therefore you only need to change these settings on the Cisco Unified Presence Publisher node
within the cluster.
What To Do Next
Select Cisco Unified Presence Administration > Bulk Administration > Upload/Download Files.
Step 2
6-45
Chapter 6
Step 3
Step 4
Step 5
Step 6
What To Do Next
Select Cisco Unified Presence Administration > Bulk Administration > Contact List > Update.
Step 2
From the File Name drop-down list, select the file to import.
Step 3
In the Job Description field, enter a description for this Bulk Administration job.
Step 4
Step 5
Select Run Later to schedule a time to execute the Bulk Administration job. For more information
about scheduling jobs in BAT, see the Online Help in Cisco Unified Presence Administration.
Select Submit. If you selected to run the job immediately, the job runs after you select Submit.
What To Do Next
The number of internal server errors that were encountered while trying to import the contacts.
The number of contacts that were not imported (ignored). The log file lists a reason for each ignored
contact at the end of the log file. The following are the reasons for not importing a contact:
Invalid formatinvalid row format, for example, a required field is missing or empty
Invalid contact domainthe contact domain is in an invalid format; see Table 6-4 for the valid
6-46
Chapter 6
Users contact list is over limitthe user has reached the maximum contact list size and no more
The number of contacts in the CSV file that were unprocessed due to an error that caused the BAT
job to finish early. This error rarely occurs.
Select Cisco Unified Presence Administration > Bulk Administration > Job Scheduler.
Step 2
Select Find and select the job ID of the contact list import job.
Step 3
Turning On or Off Availability Sharing for a Cisco Unified Presence Cluster, page 6-47
Configuring the Do Not Disturb Settings on Cisco Unified Presence, page 6-48
Configuring the Maximum Contact List Size Per User, page 6-50
Step 2
6-47
Chapter 6
How To Configure the Availability Settings on Cisco Unified Presence
Do This
Select Save.
Step 4
Troubleshooting Tips
When you turn off availability sharing, a user can view their own availability status on the client
application; the availability status for all other users are greyed out.
When you turn off availability sharing, when a user enters a chat room, their availability status
shows a status of Unknown with a green icon.
Cisco Unified Presence does not pass the administrator-level DND status to associated devices for
the user.
The administrator-level DND settings impact future calls and meetings, not those calls and meetings
in progress at the time that you configure the DND setting.
If you turn off availability sharing on Cisco Unified Presence, the DND settings only impact users when
they view their own availability.
6-48
Chapter 6
Procedure
Step 1
Step 2
If You Want...
Do This
Cisco Unified Presence to display an availability status of Check Use DND status when user is on
DND when users are on the phone. If you turn off (uncheck) the phone.
this setting, Cisco Unified Presence displays a status of
Busy when users are on the phone.
By default, this setting is turned off.
Cisco Unified Presence to display an availability status of Check Use DND status when user is in
DND when users are in a meeting. If you turn off (uncheck) a meeting.
this setting, Cisco Unified Presence displays a status of
Busy when users are in a meeting.
By default, this setting is turned off.
Step 3
Select Save.
Related Topic
This section only applies if you deploy Cisco Unified Personal Communicator Release 8.5 or higher with
Cisco Unified Presence.
These settings allow Cisco Unified Personal Communicator users to initiate temporary presence
subscriptions to users that are not on their contact list.
Procedure
Step 1
Step 2
Check Enable ad-hoc presence subscriptions to turn on temporary presence subscriptions for
Cisco Unified Personal Communicator Release users.
Step 3
Configure the maximum number of active temporary subscriptions that Cisco Unified Presence permits
at one time. If you configure a value of zero, Cisco Unified Presence permits an unlimited number of
active temporary subscriptions.
Step 4
Configure the time-to-live value (in seconds) for the temporary presence subscriptions.
When this time-to-live value expires, Cisco Unified Presence drops any temporary presence
subscriptions and no longer temporarily monitors the availability status for that user.
6-49
Chapter 6
How To Configure the Availability Settings on Cisco Unified Presence
Note
Step 5
If the time-to-live value expires while the user is still viewing an instant message from a temporary
presence subscription, the availability status that displays may not be current.
Select Save.
Troubleshooting Tip
You do not have to restart any services on Cisco Unified Presence for this setting, however Cisco Unified
Personal Communicator users will have to sign out, and sign back in, to retrieve the latest temporary
presence subscriptions settings on Cisco Unified Presence.
Note
Users who reach the maximum number of contacts are unable to add new contacts to their contact list,
nor can other users add them as a contact.
Procedure
Step 1
Step 2
Edit the value of the Maximum Contact List Size (per user) setting.
The default value is 200.
Step 3
Select Save.
Step 4
Troubleshooting Tips
If you upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.x, check that the contact
list size for users has not reached the maximum value. The System Troubleshooter in Cisco Unified
Presence Administration indicates if there are users who have reached the contact list limit.
If a user is close to the maximum contact list size, and the user adds a group of contacts that pushes
the contact list over the maximum number, Cisco Unified Presence does not add the surplus contacts.
For example, if the maximum contact list size on Cisco Unified Presence is 200. A user has 195
contacts and attempts to add 6 new contacts to the list, Cisco Unified Presence adds five contacts
and does not add the sixth contact.
Related Topics
6-50
Chapter 6
Performing intercluster upgrades. For more information, see the Upgrade Guide for Cisco Unified
Presence Release 8.6.
Step 2
Step 3
Select Save.
Step 4
Turning On or Off Instant Messaging for a Cisco Unified Presence Cluster, page 6-51
Caution
When you turn off instant message capabilities on Cisco Unified Presence, all group chat functionality
(adhoc and persistent chat) will not work on Cisco Unified Presence. We recommend that you do not turn
on the Cisco UP XCP Text Conference service or configure an external database for persistent chat on
Cisco Unified Presence.
Procedure
Step 1
Step 2
6-51
Chapter 6 Configuring a Cisco Unified Presence Server for Deployment in the Network
How to Configure the Instant Messaging Settings on Cisco Unified Presence
Do This
Turn on instant message capabilities for client applications in Check Enable instant messaging.
the Cisco Unified Presence cluster. If you turn on this setting,
local users of client applications can send and receive instant
messages.
Turn off instant message capabilities for client applications in Uncheck Enable instant messaging.
the Cisco Unified Presence cluster.
If you turn off this setting, local users of client applications
cannot send and receive instant messages.Users can only use
the instant messaging application for availability and phone
operations. If you turn off this setting, users do not receive
instant messages from outside the cluster.
Step 3
Select Save.
Step 4
Step 2
Do This
6-52
Chapter 6
Step 3
Select Save.
Step 2
Step 3
Do This
Select Save.
Step 2
Select a SIP Trunk from the CUCM SIP Publish Trunk drop-down list.
Step 3
Select Save.
6-53
Chapter 6
Select Cisco Unified Presence Administration > Presence > Routing > Settings.
Step 2
Step 3
Select Default SIP Proxy TCP Listener for the Preferred Proxy Server.
Step 4
Select Save.
What To Do Next
How to Configure Cisco IP Phone Messenger on Cisco Unified Presence, page 11-3, or
About Configuring Cisco Unified Personal Communicator on Cisco Unified Presence, page 12-20
Configure the topology for your deployment before starting the Sync Agent.
If you deploy the Cisco Unified Personal Communicator client with Cisco Unified Presence, and
you configure system-wide default application profiles (LDAP, CTI Gateway, Voicemail,
Conferencing profiles) for your users, configure and enable the default profiles before you activate
the Sync Agent.
Procedure
Step 1
Select Cisco Unified Presence Administration > System > Service Parameters.
Step 2
Select the Cisco Unified Presence server from the Server menu.
Step 3
Step 4
If set to Balanced, the Sync Agent synchronizes user information to Cisco Unified Presence, and
then assigns the users to each node in an attempt to balance the user assignment evenly across all
nodes.
If set to Active/Standby, the Sync Agent synchronizes user information to Cisco Unified Presence,
and assigns the total number of users to the first node of a subcluster only. If there is only a single
node in the subcluster, the Sync Agent uses this node for assignment regardless of the location of
the node within the subcluster.
6-54
Chapter 6
Step 5
If set to None, the Sync Agent synchronizes user information to Cisco Unified Presence but does
not assign any users. You must manually assign your users to nodes using the system topology
interface
Select Save.
Related Topics
How to Configure the Cluster Topology on Cisco Unified Presence, page 6-3
Configuring Basic Features for Cisco Unified Personal Communicator, page 12-1
Select Cisco Unified Presence Serviceability > Tools > Service Activation.
Step 2
Select the Cisco Unified Presence server from the Server menu.
Step 3
For a basic Cisco Unified Presence deployment, turn on the following services:
Step 4
Select Save.
Related Topics
6-55
Chapter 6
How to Turn On the Cisco Unified Presence Service
6-56
CH A P T E R
Initial Configuration of OpenSSO Enterprise Using the GUI Configurator, page 7-9
Importing the OpenAM Certificate into Cisco Unified Presence, page 7-13
Importing the OpenAM Certificate into Cisco Unified Presence, page 7-13
Introduction
Cisco Unified Presence Release 8.6(4) introduces support for single sign-on (SSO). SSO allows end
users to log into a Windows client machine on a Windows domain and use the following Cisco Unified
Presence applications without being required to sign in again:
7-1
Chapter 7
Configuration Steps
Step 1
Step 2
Note
Step 3
Note
Step 4
Step 5
7-2
Chapter 7
Step 7
Step 9
Enabling SSO on
Cisco Unified Presence Server,
page 7-17
Note
The SSO feature uses Active Directory and OpenAM in combination to provide SSO access to client
applications.
These third-party products must meet the following configuration requirements:
Active Directory must be deployed in a Windows domain-based network configuration, not just as
an LDAP server.
The OpenAM server must be accessible on the network to all client systems and the Active Directory
server.
The Active Directory (Domain Controller) server, Windows clients, Cisco Unified Presence, and
OpenAM must be in the same domain.
See the third-party product documentation for more information about those products.
7-3
Chapter 7
Installing Java
You must install Java as part of the Single-Sign On configuration taskflow. Keep in mind that the default
keystore password changeit used throughout this chapter can be replaced with a keystore password of
your choice; If you do replace this password, you will need to continue using the new password wherever
changeit is used in the remainder of this chapter.
Step 2
Step 3
Define JAVA_HOME, JRE_HOME environment variables in your user profile (.bash_profile). Here is
an example:
export JAVA_HOME=/usr/java/jdk1.6.0_20 (or whatever version is being used)
export JRE_HOME=/usr/java/jdk1.6.0_20/jre
Step 4
Create java keystore; java keystore is required for enabling SSL on Tomcat.
Step 5
Execute the following command on the terminal. The default keystore password is changeit:
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -validity
1825
Step 6
When prompted to enter first name and last name, enter the FQDN (hostname.domainname) of your
OpenAM server.
You will also be prompted to enter your organization unit name, organization name, city or locality, state
or province, and two-letter country code.
Step 7
When prompted for a Tomcat password, enter the default keystore password changeit.
Note
What To Do Next
7-4
Chapter 7
Step 2
Step 3
Create java keystore; java keystore is required for enabling SSL on Tomcat.
Step 4
Note
In this test setup, Java is installed under c:\Program Files\Java. Enter the right path of keytool.exe in your
setup when executing this command. The default keystore password is changeit.
Step 5
When prompted to enter the first name and last name, enter the FQDN (hostname.domainname) of your
OpenAM server.
You will also be prompted to enter your organization unit name, organization name, city or locality, state
or province, and two-letter country code.
Step 6
When prompted for a Tomcat password, enter the default keystore password changeit.
Note
What To Do Next
Installing Tomcat
Note
Step 2
7-5
Chapter 7
Step 3
Step 4
Open the server.xml file under /root/apache-tomcat-7.0.0/conf directory, Comment the 8080 connector
port. Enter the code as follows:
<!--<Connector port=8080 protocol=HTTP/1.1
connectionTimeout-20000
redirectPort-8443 /> -->
Step 5
Uncomment the 8443 connector port: Remove <!-- code at the beginning and --> at the end of the 8443
connector. Enter the code as follows:
<Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
maxThreads=150 scheme=https secure=true
clientAuth=false sslProtocol=TLS />
Step 6
Step 7
Step 8
What To Do Next
Note
Download the Tomcat service installer (32bit/64bit Windows Service Installer apache-tomcat-7.0.0.exe).
Step 2
Install the apache-tomcat-7.0.0.exe. In this example, Tomcat is installed under c:\Program Files\Apache
Software Foundation\Tomcat 7.0.
Step 3
Set the JAVA_HOME, JRE_HOME and JAVA_OPTS environment variables by creating a file called
setenv.bat under c:\Program Files\Apache Software Foundation\Tomcat 7.0\bin and set the above
variables.
Example:
set JAVA_HOME=c:\Program Files\Java\jdk1.6.0_20
set JRE_HOME=c:\Program Files\Java\jdk1.6.0_20\jre
set JAVA_OPT=%JAVA_OPTS% -xMS512m -xMX1024m
Step 4
Open the server.xml file under c:\Program Files\Apache Software Foundation\Tomcat 7.0\conf folder.
Step 5
7-6
Chapter 7
Step 6
Uncomment the 8443 connector port; Remove <!-- code at the beginning and --> at the end of the 8443
connector. In this 8443 connector, two more attributes have been added: keystoreFile (location of the
keystore file that was created in section 6.2; in this example, it was created under C:\keystore) and
keystoreType. Because we have keystore created with default password changeit, you do not need to set
keystorePass attribute. Enter the code as follows:
<Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
maxThreads=150 scheme=https secure=true
clientAuth=false sslProtocol=TLS
keystoreFile=c:\keystore
keystoreType=JKS/>
Step 7
Step 8
Start the Tomcat service from services.msc utility or from Administrative Tools > Services > Apache
Tomcat 7 > Start.
Step 9
What To Do Next
Step 2
From the Start menu, go to Programs > Administration Tools and select Active Directory Users and
Computers.
Step 3
Go to Users > New > Users and create a new user with the OpenSSO Enterprise hostname as the user ID.
Note
Step 4
The OpenSSO Enterprise hostname should not include the domain name.
Create a keytab file on the AD server using the following command from the command prompt; Content
that is italicized indicates values that you need to enter.
ktpass -princ HTTP/hostname.domainname@DCDOMAIN -pass password mapuser userName-out hostname.HTTP.keytab -ptype KRB5_NT_PRINCIPAL target DCDOMAIN
For example:
ktpass -princ HTTP/sso.cisco.com@CISCO.COM -pass cisco123 -mapuser sso
-out sso.HTTP.keytab -ptype KRB5_NT_PRINCIPAL - target CISCO.COM
7-7
Chapter 7
Note
After successful creation of the keytab file, copy the keytab file to a location on the OpenAM server; this
path will later be specified in OpenAM configuration.
Note
For OpenAM that is configured on Linux, you can create a directory under root and copy the above
keytab file. Example: /root/keytab/ examplehost.HTTP.keytab.
Note
For OpenAM that is configured on Windows, you can create a directory under C:\> and copy the above
keytab file. Example: c:/keytab/ examplehost.HTTP.keytab.
What To Do Next
Deploying OpenSSO Enterprise War on Apache Tomcat over Linux Platform, page 7-8
Deploying OpenSSO Enterprise War on Apache Tomcat over Windows Platform, page 7-9
Go to the ForgeRock site below and download the stable release OpenAM Release 9 / February 7,
2010(20100207):
http://www.forgerock.com/downloads.html
Step 2
Copy the openam_release9_20100207.zip to the OpenAM server to any location and unzip it.
Step 3
Step 4
After unzipping, copy the opensso.war file under opensso/deployable-war directory and paste it under
/root /apache-tomcat-7.0.0/webapps directory.
Step 5
Start the Tomcat service by executing startup.sh under /root/ apache-tomcat-7.0.0/bin directory.
What To Do Next
Initial Configuration of OpenSSO Enterprise Using the GUI Configurator, page 7-9
7-8
Chapter 7
Go to the ForgeRock site below and download the stable release OpenAM Release 9 / February 7,
2010(20100207):
http://www.forgerock.com/downloads.html
Step 2
Copy the openam_release9_20100207.zip to the OpenAM server to a specific location and unzip it.
Step 3
Select Administrative Tools > Services > Apache Tomcat 7 > Stop to stop the Tomcat service if it is
running on this OpenAM server.
Step 4
After unzipping, copy the opensso.war file under opensso/deployable-war directory and paste it under
c:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps folder.
Step 5
Select Administrative Tools > Services > Apache Tomcat 7 > Start to start the Tomcat service.
What To Do Next
Initial Configuration of OpenSSO Enterprise Using the GUI Configurator, page 7-9
7-9
Chapter 7
Step 2
Go to the Access Control tab and select the / (Top Level Realm).
Step 3
Step 4
Step 5
What To Do Next
Step 2
Step 3
Step 4
Step 5
Enter the Rule Name, for example, CUPUser. In the Resource Name field, enter the name of the
Resource URL as Web Application URL. For example, https://<CUP FQDN>:8443/*.
Step 6
Check the GET and POST check boxes and click Finish.
Step 7
Create another rule (example, CUPUser_1). In the Resource Name field, enter the name of the Resource
URL as Web Application URL. For example, https://<CUP FQDN>/*.
Step 8
Check the GET and POST check boxes and click Finish.
Step 9
Create another rule (example, CUPUser_QueryPatterns) for the requests involving query patterns (*?*)
in the Find and List windows of Cisco Unified PresenceUser application. In the Resource Name field,
enter https://<CUP FQDN>:8443/*?*.
Step 10
Check the GET and POST check boxes and click Finish.
Step 11
Create another rule (example, CUPUser_QueryPatterns_1) for the requests involving query patterns
(*?*) in the Find and List windows of Cisco Unified Presence User application. For example, in the
Resource Name field, enter https://<CUP FQDN>/*?*
Step 12
Check the GET and POST check boxes and click Finish.
Step 13
SSO support is provided for RTMT application as well. To achieve SSO for RTMT, along with the above
policy rules, create one more new rule. For example, RTMT_Query for requests involving RTMT query
patterns (*?*?*). In the Resource Name field, type https://<CUP FQDN>:8443/*?*?*.
Step 14
Check the GET and POST check boxes and click Finish.
Step 15
SSO support is provided for RTMT application as well. To achieve SSO for RTMT, along with the above
policy rules, create one more new rule. For example, RTMT_Query_1 for requests involving RTMT
query patterns (*?*?*). In the Resource Name field, type https://<CUP FQDN>/*?*?*.
Step 16
Check the GET and POST check boxes and click Finish.
Step 17
7-10
Chapter 7
Step 18
Step 19
Enter the subject name, for example CUPUser, and click Finish.
The new policy is created with defined Rules and Subjects.
Step 20
Step 21
Step 22
Step 23
Click Next.
Step 24
Step 25
Step 26
Click Finish.
What To Do Next
Copy the keytab files to the OpenAM server that you created in Provisioning Active Directory for SSO,
page 7-7.
Step 2
Step 3
Step 4
Step 5
Enter a name for the new login module instance (for example, CUPUser) and select Windows Desktop
SSO.
Step 6
Click OK.
Note
This module instance name will be used later when enabling SSO on the Cisco Unified Presence server.
Step 7
In the Module Instances window, select the name of the new login module (for example, CUPUser) and
provide the following information:
Return Principal with Domain NameFalse. Leave the Enabled check box unchecked.
7-11
Chapter 7
Step 8
Authentication Level22
Click Save.
The module instance is created and called CUPUser.
What To Do Next
Log in to OpenSSO Enterprise Console as a user with AgentAdmin privileges, such as amAdmin.
Step 2
Step 3
Select the name of the realm to which the agent will belong, such as the following: /(Top Level Realm).
Step 4
Step 5
Step 6
Step 7
Note
The Agent name will be used later when you enable SSO on Cisco Unified Presence. For example, enter
the name of the profile configured for this policy agent.
Note
Note
You will be asked for this password when you enable SSO on Cisco Unified Presence.
Server URL fieldEnter the OpenSSO Enterprise server URL. For example, https://<OpenAM
FQDN>:8443/opensso.
Agent URL fieldEnter the URL for the agent application. For example,
https://Cisco Unified Presence Server FQDN>:8443/agentapp.
agentapp will be used later in the example given for enabling SSO on Cisco Unified Presence
Step 8
Select Create.
A J2EE Agent with the name of CUPUser is created.
Step 9
Step 10
7-12
Chapter 7
Step 11
Step 12
Under Login Processing, enter the Login Form URIs for each web GUI application on
Cisco Unified Presence as follows:
From the OpenSSO Services tab, under Login URL, add OpenSSO Login URL as https://<OpenSSO
FQDN>:8443/opensso/UI/Login?module=<SSO_Module>.
Note
Step 13
SSO_Module should be the same value as the one created in Configuring SSO Module Instance,
page 7-11.
In the text area, remove all URLs other than the Login URL. Only the Login URL specified in the
previous step should be listed in the text area.
Troubleshooting Tip
If this link does not have the format described above, modify it accordingly and save the configuration.
The name of the module instance created in Configuring SSO Module Instance, page 7-11 can be
checked via Access Control > Top Level Realm > Authentication > Module Instances. Following this
check, log in to the Cisco Unified Presence server as admin user, type the CLI command utils
service restart Cisco Tomcat to restart the Cisco Tomcat service.
What To Do Next
Importing the OpenAM Certificate into Cisco Unified Presence, page 7-13
Note
For information about importing certificates, see Cisco Unified System Maintenance Guide for
Cisco Unified Presence.
Procedure
Step 1
Sign in to OpenAM (https://<OpenAM FQDN>:8443/opensso) from your Web browser (for example,
Mozilla Firefox).
Step 2
Select Tools > Page info > Security > View Certificate.
7-13
Chapter 7
Step 3
In the Certificate Viewer window, click the Details tab to access certificate information.
Step 4
Step 5
After getting OpenAM server certificate, sign into Cisco Unified OS Administration and choose
Security > Certificate Management.
Step 6
Step 7
From the Certificate Name drop-down list in the Upload Certificate dialog box, choose tomcat-trust.
Step 8
From the Upload File field, browse for the saved OpenAM certificate.
Step 9
Click Upload File to upload the certificate. The OpenAM certificate will be added to the Cisco Unified
Presence Tomcat-trust store.
What To Do Next
Step 2
Step 3
Step 4
Step 5
Select Tools > Internet Options > Security > Local Intranet and click Custom Level....
Step 6
Step 7
Click OK.
Step 8
Click Sites.
Step 9
Step 10
Click Advanced.
Step 11
Fill in the Add this web site to the zone: field with the FQDN of the OpenAM server in the following
format: https://OpenAM_FQDN.
Step 12
Click Add.
7-14
Chapter 7
Step 13
Click Close.
Step 14
Click OK.
Step 15
Step 16
Step 17
For Windows XP or Windows 2008Select Start > Run and type regedit.
For Windows Vista and Windows 7.0Select Start and type regedit. For Windows Vista, you then
need to click Continue.
Step 18
Step 19
Step 20
Base: hexadecimal
Note
The newly created DWORD will appear in the LSA directory list as follows:
Name: SuppressExtendedProtection
Type: REG_DWORD
Value: 0x00000002 (2)
Step 2
Scroll down to network.negotiate-auth.trusted-uris and set it to your domain (for example, corp.com).
Windows XPHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos
Windows Vista/Windows 7
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
7-15
Chapter 7
Status
Server Settings
Select Applications
Status
A warning message displays indicating that the change in SSO settings causes Tomcat restart.
The following error messages may display when you enable the SSO application:
Invalid Open Access Manager (OpenAM) server URLThis error message displays when you enter
an invalid OpenAM server URL.
Invalid profile credentialsThis error message displays when you enter a wrong profile name or
wrong profile password or both.
Security trust errorThis error message displays when the OpenAM certificate has not been
imported.
If you get any of the above error messages while enabling SSO, then the status changes to the above
error.
Server Settings
You can only edit the server settings when SSO is disabled for all applications.
Select Applications
Cisco Unified Presence AdministrationEnables SSO for Cisco Unified Presence Administration,
Cisco Unified Serviceability, and Cisco Unified Reporting
Cisco Unified Presence User OptionsEnables SSO for End User Options
Cisco Unified Operating System AdministrationEnables SSO for Cisco Unified Operating System
Administration and Disaster Recovery System
Enter the following URL of the Open Access Manager (OpenAM) server:
https://hostexample.corp.com:8443/opensso
Step 2
Enter the relative path where the policy agent should be deployed. The relative path must be
alphanumeric. See Configuring J2EE Agent Profile on OpenSSO Server, page 7-12.
Step 3
Enter the name of the profile that is configured for this policy agent. See Configuring J2EE Agent Profile
on OpenSSO Server, page 7-12.
Step 4
Enter the password of the profile name. See Configuring J2EE Agent Profile on OpenSSO Server,
page 7-12.
7-16
Chapter 7
Step 5
Enter the login Module instance name that is configured for Windows Desktop SSO. See Configuring
SSO Module Instance, page 7-11.
Step 6
Select Save.
Step 7
Note
For information about the commands that are associated with enabling and disabling SSO, see the
Command Line Interface Reference Guide for Cisco Unified Presence.
7-17
Chapter 7
Application
Comments
Standard RealtimeAndTraceCollection
Roles:
Standard CUReporting
Standard RealtimeAndTraceCollection*
Standard SERVICEABILITY
Administration*
7-18
Chapter 7
Stop the Tomcat running on OpenAM server by executing the following command under
/root/apachetomcat- 7.0.0/bin directory:
shutdown.sh
Step 2
ConfigurationDirectory is the directory created when the OpenSSO Enterprise instance is initially
configured using the Configurator. The default directory is opensso in the home directory of the user
running the Configurator.
If the Configurator is run by root, ConfigurationDirectory is created in the root home directory
(/root).
Step 3
Step 4
Start the Tomcat on OpenAM Server, by executing startup.sh under /root/ apache-tomcat-7.0.0/bin
directory.
Select Administrative Tools > Services > Apache Tomcat 7 > Stop to stop the Tomcat service if
running on the OpenAM server.
Step 2
Delete the opensso and .openssocfg folder from the user home directory.
Step 3
Step 4
Select Administrative Tools > Services > Apache Tomcat 7 > Start to start the Tomcat service.
7-19
Chapter 7
From the OpenAM server GUI, select Configuration > Global > Session > Dynamic attributes >
Maximum Idle Time.
Step 2
Then
Sign in to OpenAM (https://<OpenAM FQDN>:8443/opensso) from your Web browser (for example,
Mozilla Firefox).
Step 2
From the Access Control menu, choose Top Level Realm > Agents > J2EE.
7-20
Chapter 7
Step 3
7-21
Chapter 7
7-22
CH A P T E R
How to Configure the Certificate Exchange Between Cisco Unified Presence and Cisco Unified
Communications Manager, page 8-3
How to Configure the SIP Security Settings on Cisco Unified Presence, page 8-6
How to Configure the XMPP Security Settings on Cisco Unified Presence, page 8-8
Create a .txt file with the contents you want to display in the banner.
Step 2
Step 3
Step 4
Step 5
8-1
Chapter 8
Note
The .txt file must be uploaded to each Cisco Unified Presence node separately.
Client
Certificate
tomcat
Table 8-2
Service
Certificate
SIP Proxy
cup
cup-trust
Presence Engine
cup
cup-trust
SOAP
tomcat
directory-trust
AXL
tomcat
directory-trust
LDAP
tomcat
directory-trust
Microsoft Exchange
Notes
cup-trust
Microsoft OCS/LCS
Call Control
cup
cup-trust
SIP Federation
cup
cup-trust
XMPP Federation
Cup-xmpp-s2s
cup-xmpp-trust
Related Topics
(Cisco Unified Personal Communicator Release 8.x) Configuring Settings, page 12-22
How to Configure the XMPP Security Settings on Cisco Unified Presence, page 8-8
8-2
Chapter 8
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory,
page 15-6
Importing the Cisco Unified Communications Manager Certificate to Cisco Unified Presence,
page 8-3
Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager,
page 8-5
Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager,
page 8-5
certificate.
Related Topic
How to Configure the SIP Trunk on Cisco Unified Communications Manager, page 3-3
Select Cisco Unified Presence Administration > System > Security > Certificate Import Tool.
8-3
Step 2
Select CUP Service Trust from the Certificate Trust Store menu.
Step 3
Enter the IP address, hostname or FQDN of the Cisco Unified Communications Manager server.
Step 4
Enter a port number to communicate with the Cisco Unified Communications Manager server.
Step 5
Select Submit.
Troubleshooting Tip
After the Certificate Import Tool completes the import operation, it reports whether or not it successfully
connected to Cisco Unified Communications Manager, and whether or not it successfully downloaded
the certificate from Cisco Unified Communications Manager. If the Certificate Import Tool reports a
failure, see the Online Help for a recommended action. You can also manually import the certificate by
selecting Cisco Unified OS Administration > Security > Certificate Management.
What To Do Next
Import the Cisco Unified Communications Manager certificate to Cisco Unified Presence.
Procedure
Step 1
Select Cisco Unified Serviceability > Tools > Control Center - Feature Services on Cisco Unified
Presence,
Step 2
Step 3
Select Restart.
What To Do Next
Select Cisco Unified OS Administration > Security > Certificate Management on Cisco Unified
Presence.
Step 2
Select Find.
Step 3
Step 4
8-4
Chapter 8
Troubleshooting Tip
Ignore any errors that Cisco Unified Presence displays regarding access to the cup.csr file; The CA
(Certificate Authority) does not need to sign the certificate that you exchange with Cisco Unified
Communications Manager.
What To Do Next
Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager, page 8-5
Select Cisco Unified OS Administration > Security > Certificate Management on Cisco Unified
Communications Manager.
Step 2
Step 3
Step 4
Browse and select the certificate (.pem file) previously downloaded from Cisco Unified Presence.
Step 5
Related Topic
Upload the Cisco Unified Presence certificate to Cisco Unified Communications Manager.
Procedure.
Step 1
Select Cisco Unified Serviceability > Tools > Control Center - Feature Services. on Cisco Unified
Communications Manager.
Step 2
Step 3
Select Restart.
8-5
Chapter 8
Related Topic
Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager, page 8-5
What To Do Next
How to Configure the SIP Security Settings on Cisco Unified Presence, page 8-6
Select Cisco Unified Presence Administration > System > Security > TLS Peer Subjects.
Step 2
Step 3
Perform one of the following actions for the Peer Subject Name:
Step 4
Step 5
Select Save.
What To Do Next
8-6
Chapter 8
Procedure
Step 1
Select Cisco Unified Presence Administration > System > Security > TLS Context Configuration.
Step 2
Select Find.
Step 3
Select Default_Cisco_UPS_SIP_Proxy_Peer_Auth_TLS_Context.
Step 4
From the list of available TLS peer subjects, select the TLS peer subject that you configured.
Step 5
Step 6
Select Save.
Step 7
Select Cisco Unified Presence Serviceability > Tools > Service Activation.
Step 8
Troubleshooting Tip
You must restart the SIP proxy service before any changes that you make to the TLS context take effect.
Related Topics
Step 2
Select a protocol type from the SIP Intra-cluster Proxy-to-Proxy Transport Protocol menu.
Step 3
Select Save.
Troubleshooting Tip
You must restart the SIP proxy service before any changes that you make to the SIP proxy protocol take
effect.
Related Topic
8-7
Chapter 8
Secure Mode
Description
If you turn on this setting, Cisco Unified Presence establishes a secure TLS
connection between XMPP routers in the same cluster, or in different
clusters. Cisco Unified Presence automatically replicates the XMPP
certificate within the cluster, and across clusters, as an XMPP trust
certificate. An XMPP router will attempt to establish a TLS connection with
any other XMPP router that is in the same cluster, or a different cluster, and
is available to establish a TLS connection.
If you turn on this setting, Cisco Unified Presence establishes a secure TLS
connection between the Cisco Unified Presence servers and XMPP-based
API client applications.If you turn on this setting, upload the certificates or
signing certificates for the web client in the cup-xmpp-trust repository on
Cisco Unified Presence.
Troubleshooting Tips
If you update the XMPP security settings, perform one of these actions:
Restart the Cisco UP XCP Connection Manager if you edit Enable XMPP Client To CUP Service
Secure Mode. Select Cisco Unified Serviceability > Tools > Control Center - Feature Services
to restart this service.
Restart the Cisco UP XCP Router if you edit the Enable XMPP Router-to-Router Secure Mode.
Select Cisco Unified Serviceability > Tools > Control Center - Network Services to restart this
service.
8-8
Chapter 8
Restart the Cisco UP XCP Web Connection Manager if you edit Enable Web Client To CUP
Service Secure Mode. Select Cisco Unified Serviceability > Tools > Control Center Feature Services to restart this service.
Related Topics
Integrating Third-Party XMPP Client Applications on Cisco Unified Presence, page 9-1
Select Cisco Unified Presence Administration > System > Security > Settings.
Step 2
Enter a server-to-server domain name for this Cisco Unified Presence cluster, for example, cisco.com.
Step 3
Check Use Domain Name for XMPP Certificate Subject Common Name if you want the general
XMPP certificate to use the same Domain Name as the XMPP server-to-server certificate.
Step 4
Select Save.
Step 5
Restart the Cisco UP XCP Router service. Select Cisco Unified Serviceability > Tools > Control
Center - Network Services > Cisco UP XCP Router to restart this service.
Troubleshooting Tip
If you change the server-to-server domain name value, you must regenerate affected XMPP S2S
certificates before you restart the Cisco UP XCP Router service.
Related Topic
8-9
Chapter 8
In Cisco Unified Presence, you can perform the following FIPS-related tasks:
Note
By default, Cisco Unified Presence is in non-FIPS mode. The administrator must enable FIPS mode. See
the Command Line Reference Guide for Cisco Unified Presence for more information.
Caution
If any of these self-tests fail, Cisco Unified Presence halts. If the startup self-test fails because of a
transient error, restarting the Cisco Unified Presence server fixes the issue. However, if the start self-test
error persists, it indicates a critical problem in the FIPS module and the only option is to use a recovery
CD.
Regeneration of Certificates
After FIPS has been enabled, certificates may not be exchanged between intercluster peers. If this
situation arises, follow this procedure.
Procedure
Step 1
Step 2
Select the intercluster peer whose certificate is not present and choose the Force Manual Sync option.
Step 3
Select Cisco Unified Operating System Administration > Security > Certificate Management and
copy required certificates between intercluster peers.
Manual deletion of old intercluster peer certificates can also be performed from this page.
Note
Cisco recommends that you allow 10 minutes after importing intermediate or root Certificate Authority
certificates before importing signed certificates.
8-10
CH A P T E R
Configuring a Secure Connection between Cisco Unified Presence and XMPP Clients, page 9-3
Turning On Cisco Unified Presence Services to Support XMPP Clients, page 9-4
9-1
Chapter 9
Uploading a License File on Cisco Unified Communications Manager in the Installation Guide for
Cisco Unified Presence Release 8.6.
Assigning the Licensing Capabilities on Cisco Unified Communications Manager in the Installation
Guide for Cisco Unified Presence 8.6.
Configure the licensing requirements. Upload the user DLU, and then assign Cisco Unified Presence
capabilities for the user.
Configure the users and devices. Associate a device with each user, and associate each user with a
line appearance.
Related Topics
User and Device Configuration on Cisco Unified Communications Manager, page 3-1.
How to Integrate the LDAP Directory for Contact Searches on XMPP Clients, page 15-13
9-2
Chapter 9
Cisco Unified Presence Administration > System > Security > Settings
Step 2
Do This
Establish a secure TLS connection between Cisco Select Enable XMPP Client To CUP Service
Unified Presence and XMPP client applications in Secure Mode.
a cluster.
We recommend that you do not turn off this secure
mode unless the XMPP client application can
protect the client login credentials in non-secure
mode. If you do turn off the secure mode, verify
that you can secure the XMPP client-to-server
communication in some other way.
Establish a secure TLS connection between Cisco Select Enable Web Client To CUP Service
Unified Presence and XMPP-based API client
Secure Mode.
applications in a cluster.
If you turn on this setting, upload the certificates
or signing certificates for the web client in the
cup-xmpp-trust repository on Cisco Unified
Presence.
Step 3
Select Save.
Troubleshooting Tips
If you update the XMPP security settings, perform one of these actions:
Service Secure Mode. Select Cisco Unified Serviceability > Tools > Control Center Feature Services to restart this service
Restart the Cisco UP XCP Web Connection Manager if you edit Enable Web Client To CUP
Service Secure Mode. Select Cisco Unified Serviceability > Tools > Control Center Feature Services to restart this service
9-3
Chapter 9
Turning On Cisco Unified Presence Services to Support XMPP Clients
What To Do Next
Turning On Cisco Unified Presence Services to Support XMPP Clients, page 9-4
Related Topic
Perform this procedure on each node in your Cisco Unified Presence cluster.
Procedure
Step 1
Step 2
Select the Cisco Unified Presence server from the Server menu.
Step 3
Step 4
Cisco UP XCP Connection Manager - Turn on this service if you are integrating XMPP clients (such
as Cisco Unified Personal Communicator), or XMPP-based API clients, on Cisco Unified Presence
Cisco UP XCP Authentication Service - Turn on this service if you are integrating XMPP clients
(such as Cisco Unified Personal Communicator), or XMPP-based API clients, or XMPP-based API
clients, on Cisco Unified Presence.
Cisco UP XCP Web Connection Manager - Optionally, turn on this service if you are integrating
XMPP clients (such as Cisco Unified Personal Communicator), or XMPP-based API clients, on
Cisco Unified Presence.
Select Save.
Troubleshooting Tip
For XMPP clients to function correctly, make sure you turn on the Cisco UP XCP Router on all nodes
in your cluster.
Related Topics
Configuring a Secure Connection between Cisco Unified Presence and XMPP Clients, page 9-3
9-4
CH A P T E R
10
Important Notes About Cisco Unified Presence Service and Chat, page 10-3
About Chat
Chat
Point-to-point Instant Messaging (IM) supports real-time conversations between two users at a time.
Cisco Unified Presence exchanges messages directly between users, from the sender to the recipient.
Users must be online in their IM clients to exchange point-to-point IMs.
From Cisco Unified Presence Release 8.5(x) and later, you can disable both the chat and availability
functionality on Cisco Unified Presence.
Related Topics
Turning On or Off Instant Messaging for a Cisco Unified Presence Cluster, page 6-51
Turning On or Off Availability Sharing for a Cisco Unified Presence Cluster, page 6-47
10-1
Chapter 10
About Chat
IM Forking
When a user sends an IM to a contact who is signed in to multiple IM clients. Cisco Unified Presence
delivers the IM to each client. This functionality is called IM forking. Cisco Unified Presence continues
to fork IMs to each client, until the contact replies. Once the contact replies, Cisco Unified Presence only
delivers IMs to the client on which the contact replied.
Note
IM forking is not supported when using Cisco IP Phone Messenger (IPPM) with Cisco Unified
Personal Communicator Release 7.0.
From Cisco Unified Presence Release 8.5(x) and later, you can disable offline instant messaging on
Cisco Unified Presence.
Related Topic
Offline IM
Offline IM is the ability to send IMs to a contact when they are offline. When a user sends an IM to an
offline contact, Cisco Unified Presence stores the IM and delivers the IM when the offline contact signs
in to an IM client.
Broadcast IM
Broadcast IM is the ability to send an IM to multiple contacts at the same time, for example, a user wants
to send a notification to a large group of contacts. Note that not all IM clients support this feature.
create new rooms, and manage members and configurations of the rooms they create.
10-2
Chapter 10
determine the presence status of the members displayed within the room. The presence status
displayed in a room confirms the attendance of the member in a room but may not reflect their
overall presence status.
In addition, the Persistent Chat feature on Cisco Unified Presence allows users to:
store a transcript of the chat and make the message history available for searching.
Maximum
1500 rooms
16500 rooms
1000 occupants
100 messages
Note
File Transfer
Cisco Unified Presence Release 8.6(x) supports point to point file transfer between XMPP clients
compliant with XEP 096 (http://xmpp.org/extensions/xep-0096.html).
For more information, see Enabling File Transfer, page 10-4.
For SIP to XMPP IM, the following services must be running on Cisco Unified Presence:
10-3
Chapter 10
SIP clients cannot participate in chat rooms because this is an XMPP-specific feature.
Before You Begin
The IM gateway is turned on by default. We recommend that you leave it on. Only turn it off if you want
to actively prevent XMPP and SIP client communication.
Procedure
Step 1
Select Cisco Unified Presence Administration > System > Service Parameters.
Step 2
Step 3
Select Cisco UP SIP Proxy as the service on the Service Parameter Configuration window.
Step 4
Step 5
Set the Inactive Timeout interval (in seconds) of IM conversations maintained by the gateway. The
default setting is 600 seconds, which is appropriate to most environments.
Step 6
Specify the error message that you want users to see if the IM fails to deliver. Default error message:
Your IM could not be delivered.
Step 7
Select Save.
What To Do Next
10-4
Chapter 10
Note
File transfer between a local user and an intercluster peer contact is only possible if both clusters have
the feature enabled.
Procedure
Step 1
Select Cisco Unified Presence Administration > System > Service Parameters.
Step 2
Step 3
Select Cisco UP XCP Router as the service on the Service Parameter Configuration window.
Step 4
Step 5
Select Save.
Step 6
Restart the Cisco UP XCP Router Service on every node in the cluster. For more information, see
Restarting the Cisco UP XCP Router Service, page 6-2.
Note
Step 1
Select Cisco Unified Presence Administration > System > Service Parameters.
Step 2
From the Server drop-down list, select a Cisco Unified Presence server.
Step 3
Step 4
Enter a parameter value in the Maximum number of logon sessions per user in the XCP Session
Manager Configuration Parameters (Clusterwide) section.
Step 5
Select Save.
Step 6
Restart the Cisco UP XCP Router Service on every node in the cluster. For more information, see
Restarting the Cisco UP XCP Router Service, page 6-2.
10-5
Chapter 10
Restriction
SIP clients cannot participate in chat rooms because this is an XMPP-specific feature.
Before You Begin
To use persistent chat rooms, you must configure a unique external database instance per node.
If you use an external database for persistent chat logging, consider the size of your database.
Archiving all the messages in a chat room is optional, and will increase traffic on the node and
consume space on the external database disk. In large deployments, disk space could be quickly
consumed. Ensure that your database is large enough to handle the volume of information.
Before you configure the number of connections to the external database, consider the number of
IMs you are writing offline and the overall volume of traffic that results. The number of connections
that you configure will allow the system to scale. While the default settings on the UI suit most
installations, you may want to adapt the parameters for your specific deployment.
The heartbeat interval is typically used to keep connections open through firewalls. Do not set the
Database Connection Heartbeat Interval value to zero without contacting Cisco support.
Procedure
Step 1
Select Cisco Unified Presence Administration > Messaging > Group Chat and Persistent Chat.
Step 2
Step 3
Step 4
a.
Check Archive all room messages if you want to archive all the messages that are sent in the room.
This is a cluster-wide setting that applies to all persistent chat rooms.
b.
Enter the number of connections to the database that you to want to use for processing requests. This
is a cluster-wide setting that applies to all connections between chat nodes and associated databases.
c.
Enter the number of seconds after which the database connection should refresh. This is a
cluster-wide setting that applies to all connections between chat nodes and associated databases.
Select from the list of preconfigured external databases and assign the appropriate database to the chat
node.
Troubleshooting Tips
If you turn on the Archive all messages in a room setting, we recommend that you monitor the
performance of each external database used for persistent chat. You should anticipate an increased
load on the database server(s).
If you enable persistent chat rooms, but do not establish the correct connection with the external
database, the chat node will fail. Under these circumstances, you will lose the functionality of all
chat rooms - both temporary and persistent. If a chat node establishes a connection (even if other
chat nodes fail), it will still start.
Click the hyperlink if you need to edit the chat node details in the Cluster Topology Details window.
If you update any of the Persistent Chat settings, restart the Cisco UP XCP Text Conference
Manager. Select Cisco Unified Serviceability > Tools > Control Center - Feature Services to
restart this service.
Related Topics
10-6
Chapter 10
To configure an external database instance for offline message logging and retrieval, see the
Database Setup Guide for Cisco Unified Presence.
For more information about IM compliance using either Message Archiver or a third-party
compliance server, see the Instant Messaging Compliance Guide for Cisco Unified Presence.
What To Do Next
Note
This chat node alias, conference-3-mycup.cisco.com, for example, will form part of the unique ID for
each chat room created on that node, roomjid@conference-3-mycup.cisco.com
You can assign your aliases cluster-wide, in these ways:
System-generatedallows the system to automatically assign a unique alias to each chat node.You
do not have do to anything further to address your chat node if you enable the system-generated
aliases. The system will auto-generate one alias per chat node by default using the following naming
convention: conference-x-clusterid.domain, where:
conference - is a hardcoded keyword
x- is the unique integer value that denotes the node ID
Example: conference-3-mycup.cisco.com
Additional AliasesYou can associate more than one alias with each chat node on a per-node basis.
Multiple aliases per node allows users to create additional chat rooms using these aliases. This
applies whether you assign a system-generated alias or manage your aliases manually.
10-7
Chapter 10
Key Considerations
Changing chat node aliases can make the chat rooms in the database unaddressable and prevent your
users from finding existing chat rooms.
Note these results before you change the constituent parts of aliases or other node dependencies:
Cluster ID - This value is part of the fully qualified cluster name (FQCN). Changing the Cluster ID
(select System > Cluster Topology: Settings) causes the FQCN to incorporate the new value and
the system-managed alias to automatically change across the cluster. For manually-managed aliases,
it is the responsibility of the Administrator to manually update the alias list if the Cluster ID
changes.
Domain - This value is part of the FQCN. Changing the Domain (select System > Service
Parameters > Cisco UP Proxy) causes the FQCN to incorporate the new value and the
system-managed alias to automatically change across the cluster. For manually-managed aliases, it
is the responsibility of the Administrator to manually update the alias list if the Domain changes.
Connection between the chat node and external database - The chat node will not start if persistent
chat is enabled and you do not maintain the correct connection with the external database.
Deletion of a chat node - If you delete a node associated with an existing alias from the Cluster
Topology, chat rooms created using the old alias may not be addressable unless you take further
action.
We recommend that you do not change existing aliases without considering the wider implications of
your changes, namely:
Make sure that you maintain the address of old chat nodes in the database so that users can locate
existing chat rooms via the old alias, if required
If there is federation with external domains, you may need to publish the aliases in DNS to inform
the users in those domains that the aliases have changed and new addresses are available. This
depends on whether or not you want to advertise all aliases externally.
Related Topic
Review the topics about chat node aliases and key considerations.
Procedure
Step 1
Select Cisco Unified Presence Administration > Messaging > Group Chat and Persistent Chat.
Step 2
Check System Automatically Manages Primary Group Chat Server Aliases to enable the system to
automatically assign chat room aliases to nodes, using this alias naming convention:
conference-x-clusterid.domain.
10-8
Chapter 10
Step 3
The Number of messages in chat history displayed for new conference participants setting controls
the number of instant messages from the recent message history that Cisco Unified Presence pushes to
the client application of a user when that user joins a chat room. Increase this number if you want to
display more text message history to users.
Step 4
Select Messaging > Group Chat Server Alias Mapping to verify that the system-generated alias is
listed under Primary Group Chat Server Aliases.
Troubleshooting Tips
Even if you configure a system-generated alias for a chat node, you can associate more than one alias
with the node if required.
If you are federating with external domains, you may want to inform federated parties that the
aliases have changed and new aliases are available. To advertise all aliases externally, configure
DNS and publish the aliases as DNS records.
If users of clients applications create a chat room, they may potentially override the default number
of messages that display in a chat room.
Note that if you turn on the Archive all room messages option for persistent chat, Cisco Unified
Personal Communicator actively queries Cisco Unified Presence for all instant message history
regardless of the value you configure for the Number of messages in chat history displayed for
new chat participants setting.
If you update any of the system-generated alias configuration, perform one of these actions:
Restart the Cisco UP XCP Text Conference Manager. Select Cisco Unified Serviceability >
dynamically; You do not need to restart the Cisco UP XCP Text Conference Manager.
Related Topics
What To Do Next
Review the topics about chat node aliases and key considerations.
If you do not want to use a system-generated alias, you must turn off the default setting.
If you turn off a system-generated alias, the old alias (conference-x-clusterid.domain) reverts
to a standard, editable alias listed under Conference Server Aliases. This maintains the old alias
and the chat room addresses associated with that alias.
10-9
Chapter 10
Even if you configure a system-generated alias for a chat node, you can associate more than one
alias with the node if required. You can manually assign one (or more) aliases to chat nodes.
You can also edit aliases and delete any aliases that you no longer need.
Although it is not mandatory, we recommend that you always include the Domain when you assign
a new chat node alias to a node. Use this convention for additional aliases, newalias.domain. Select
System > Cluster Topology: Settings in Cisco Unified Presence Administration to see the Domain.
For manually-managed aliases, it is the responsibility of the Administrator to manually update the
alias list if the Cluster ID or Domain changes. System-generated aliases will incorporate the
changed values automatically.
Procedure
Step 1
Select Cisco Unified Presence Administration > Messaging > Group Chat and Persistent Chat.
Step 2
[If Required] Uncheck System Automatically Manages Primary Group Chat Server Aliases to turn
off the default system-generated alias.
Step 3
All the existing chat node aliases (including the disabled system-generated alias) are listed together
under Group Chat Server Aliases. To view the alias list, perform these actions:
Step 4
a.
b.
Click Find.
Action
a.
b.
c.
a.
b.
c.
a.
b.
Troubleshooting Tips
Every chat node alias must be unique. The system will prevent you from creating duplicate chat node
aliases across the cluster.
A chat node alias name cannot match the Cisco Unified Presence domain name.
Delete old aliases only if you no longer need to maintain the address of chat rooms via the old alias.
10-10
Chapter 10
If you are federating with external domains, you may want to inform federated parties that the
aliases have changed and new aliases are available. To advertise all aliases externally, configure
DNS and publish the aliases as DNS records.
If you update any of the chat node alias configuration, restart the Cisco UP XCP Text Conference
Manager.
Related Topics
What To Do Next
If persistent chat is enabled, an external database must be associated with the Text Conference Manager
service, and the database must be active and reachable or the Text Conference Manager will not start. If
the connection with the external database fails after the Text Conference Manager service has started,
the Text Conference Manager service will remain active and functional, however, messages will no
longer be persisted to database and new persistent rooms cannot be created until the connection recovers.
Procedure
Step 1
Step 2
Step 3
Select the Cisco UP XCP Text Conference Manager service to turn it on.
Step 4
Select Save.
Related Topics
10-11
Chapter 10
Sample Deployments
Sample Deployments
The tables below contain a sample range of deployment scenarios that administrators may want to
configure
10-12
Chapter 10
Scenario 1
Deployment Scenario:
Configuration Steps:
You do not want to include the Cluster ID in the chat node alias. Instead
of the system-generated alias conference-1-mycup.cisco.com, you want
to use the alias primary-conf-server.cisco.com.
1.
2.
Notes:
Deployment Scenario::
Scenario 2
Configuration Steps:
Notes:
1.
2.
When you change the domain, the fully qualified cluster name (FQCN)
automatically changes from conference-1-mycup.cisco.com to
conference-1-mycup.linksys.com. The old system-generated alias
conference-1-mycup.cisco.com reverts to a standard, editable alias listed
under Group Chat Server Aliases. This maintains the old alias and the
chat room addresses associated with that alias.
10-13
Chapter 10
Sample Deployments
Scenario 3
Deployment Scenario:
Configuration Steps:
You:
1.
2.
3.
4.
Notes:
When you change the Cluster ID, the fully qualified cluster name
(FQCN) automatically changes from conference-1-mycup.cisco.com
to conference-1-ireland.cisco.com. The old system-generated alias
conference-1-mycup.cisco.com reverts to a standard, editable alias
listed under Group Chat Server Aliases. This maintains the old alias
and the chat room addresses associated with that alias. Because (in
this example) the Administrator has no need to maintain the old alias
address, it is appropriate to delete it.
Deployment Scenario:
Scenario 4
only maintain chat room addressing via the old alias (does not
need to associate nodes with the new system-generated alias).
10-14
Chapter 10
Configuration Steps:
Notes:
1.
2.
3.
4.
5.
When you change the Cluster ID, the fully qualified cluster name
(FQCN) automatically changes from conference-1-mycup.cisco.com
to conference-1-ireland.cisco.com. When you turn off the new
system-generated alias, conference-1-ireland.cisco.com reverts to a
standard, editable alias listed under Group Chat Server Aliases.
Because (in this example) the Administrator has no need to maintain
the new alias address, it is appropriate to delete it. The old
system-generated alias conference-1-mycup.cisco.com reverts to a
standard, editable alias listed under Group Chat Server Aliases. This
maintains the old alias and the chat room addresses associated with
that alias.
10-15
Chapter 10
Sample Deployments
Scenario 5
Deployment Scenario:
Configuration Steps:
add a new node with a new node ID (node id: 7) to the System
Topology, for example, conference-7-mycup.cisco.com.
maintain the address of chat rooms that were created using the
old alias.
Option 1
1.
2.
Option 2
Notes:
1.
2.
When you add the new node to the System Topology, the system
automatically assigns this alias to the node:
conference-7-mycup.cisco.com.
Option 1
Option 2
10-16
CH A P T E R
11
How to Configure Cisco IP Phone Messenger on Cisco Unified Presence, page 11-3
Configured the Cisco Unified Communications Manager server for integration with
Cisco Unified Presence
Configured the Cisco Unified Presence server for deployment in the network.
Related Topics
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence,
page 3-1.
Configuring a Cisco Unified Presence Server for Deployment in the Network, page 6-1
Configuring a Phone Service for the Cisco IP Phone Messenger, page 11-2
11-1
Chapter 11
How to Configure Cisco IP Phone Messenger on Cisco Unified Communications Manager
Select Cisco Unified Communications Manager Administration > User Management > Application
User.
Step 2
Step 3
Step 4
Enter a password for this application user, and confirm the password.
Step 5
Select the devices that you want the application user to control.
Step 6
Select Save.
Related Topic
Configuring a Phone Service for the Cisco IP Phone Messenger, page 11-2
Configure Cisco IP Phone Messenger as an application user on Cisco Unified Communications Manager.
Procedure
Step 1
Select Cisco Unified Communications Manager Administration > Device > Device Settings > Phone
Services.
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Check Enable.
Step 9
Select Save.
11-2
Chapter 11
Related Topic
Configure a Phone Service for Cisco IP Phone Messenger on Cisco Unified Communications Manager.
Procedure
Step 1
Select Cisco Unified Communications Manager Administration > Device > Phone.
Step 2
Select Find.
Step 3
Step 4
Select Subscribe/Unsubscribe Services from the menu in the Related Links navigation box at the top
right of the window.
Step 5
Select Go.
Step 6
Select PhoneMessenger from the Select a Service menu in the Subscribed Cisco IP Phone Services
window.
Step 7
Select Next.
Step 8
Step 9
Step 10
Related Topic
How to Configure Cisco IP Phone Messenger on Cisco Unified Presence, page 11-3
Information to Provide to Users About the Meeting Notification Feature, page 11-5
11-3
Chapter 11
Obtain the application username and password that you configured for the Cisco IP Phone Messenger
on Cisco Unified Communications Manager.
Restriction
The Cisco IP Phone Messenger application username and password must match the configured
application username and password on Cisco Unified Communications Manager for the Cisco IP Phone
Messenger service to work properly.
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > IP Phone Messenger > Settings.
Step 2
Step 3
Enter the application username that you configured on Cisco Unified Communications Manager for the
Cisco IP Phone Messenger service.
Step 4
Enter the password that you configured on Cisco Unified Communications Manager for the Cisco IP
Phone Messenger service.
Step 5
Select Save.
Troubleshooting Tip
You can also use the System Dashboard to view enabled Cisco IP Phone Messenger users in
Cisco Unified Presence Administration. Select Diagnostics > System Dashboard.
Related Topics
Configuring Firewalls to Pass Cisco Unified Personal Communicator Traffic, page 12-8
11-4
Chapter 11
Note
Cisco Unified Presence does not support Cisco Unified MeetingPlace Express.
Before You Begin
Obtain the hostname or IP address for the Cisco Unified MeetingPlace server.
Procedure
Step 1
Select Application > IP Phone Messenger > Meeting Notification > Settings.
Step 2
Enter the host name or IP address for the Cisco Unified MeetingPlace server.
Step 3
Enter the port number for the Cisco Unified MeetingPlace server.
The default port numbers are 80 (SSL disabled) or 443 (SSL enabled).
Step 4
Check Use SSL if you want to use Secure Socket Layer (SSL) to communicate with the
Cisco Unified MeetingPlace server.
Step 5
(If SSL enabled) Enter the subject common name for the Cisco Unified MeetingPlace server.
Note
If you select to configure a secure connection between Cisco Unified Presence and
Cisco Unified MeetingPlace, you must configure certificate exchange between the two servers. You
must upload the Cisco Unified MeetingPlace server certificate to Cisco Unified Presence as a cup-trust
certificate. Once you have uploaded the certificate to Cisco Unified Presence, you must restart the SIP
proxy service.
Related Topics
Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager,
page 8-5
If you schedule a Cisco Unified MeetingPlace meeting, set the Location field on the Microsoft
Outlook meeting invite window to:
11-5
Chapter 11
If you schedule a meeting on another supported conferencing server, set the Location field on the
Microsoft Outlook meeting invite window to:
Dial: XXXXXXX ID: XXXX
For example, Dial: 4762000 ID: 2000 where 4762000 is the meeting bridge number and 2000 is the
meeting ID.
When the meeting alert message displays on your Cisco Unified IP Phone, you can join the scheduled
meeting by pressing Join.
If you schedule a Cisco Unified MeetingPlace meeting, you can set Cisco Unified MeetingPlace to call
your Cisco Unified IP Phone when the scheduled meeting is about to begin. On your Cisco Unified IP
Phone, press Todays meetings, select the meeting entry, and press Callback.
Note
You can turn off the Meeting Notification feature on your Cisco Unified IP Phone. Press Settings >
Meeting Notifications, and turn off Enable Meeting Notifications.
Related Topic
Not available
Yes
These response messages allow the phone user to respond to incoming phone messages quickly. In
addition, you can predefine a custom message, and control and change the order in which messages are
displayed on the phone.
You can configure up to a maximum of 10 predefined response messages.
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > IP Phone Messenger > Response
Messages.
Step 2
Step 3
Step 4
Select the up or down arrow adjacent to the message to change the order in which the messages display.
11-6
Chapter 11
Step 5
Select Save.
The Cisco IP Phone Messenger user receives broadcast messages in the Messages menu on their
phone. The sender of the message is cupsystemadmin.
If a user signs in to Cisco IP Phone Messenger and Cisco Unified Personal Communicator at the
same time, the user does not receive the broadcast message.
If a user signs in to Cisco IP Phone Messenger and an XMPP client at the same time, but not
Cisco Unified Personal Communicator, the user receives the broadcast message.
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > IP Phone Messenger > Status.
Step 2
Step 3
Step 4
Select the end users to whom you want to send a broadcast message.
Step 5
Select Broadcast.
Step 6
Perform one of the following actions when you are prompted to confirm that you want to send a
broadcast message:
Troubleshooting Tip
For the Broadcast feature to work on Cisco Unified Presence, you must turn on the Cisco UP XCP SIP
Federation Connection Manager service. In Cisco Unified Serviceability, select Tools > Service
Activation.
Select Cisco Unified Presence Administration > Application > IP Phone Messenger > Status.
Step 2
11-7
Chapter 11
Step 3
Step 4
Select Logout.
Step 5
Perform one of the following actions when you are prompted to confirm that you want to sign out the
users:
11-8
CH A P T E R
12
This chapter includes the information required to deploy Cisco Unified Personal Communicator. For
information specific to Cisco Jabber clients, such as Jabber for Windows, see the appropriate client
documentation below:
Cisco Jabberhttp://www.cisco.com/web/products/voice/jabber.html
Androidhttp://www.cisco.com/en/US/products/ps11678/index.html
BlackBerryhttp://www.cisco.com/en/US/products/ps11763/index.html
iPadhttp://www.cisco.com/en/US/products/ps12430/index.html
iPhonehttp://www.cisco.com/en/US/products/ps11596/index.html
Nokiahttp://www.cisco.com/en/US/products/ps11766/index.html
Web SDKhttp://www.cisco.com/en/US/products/ps11765/index.html
If you want to continue with information specific to Cisco Unified Personal Communicator, proceed
with the contents in this chapter;
Configuring Firewalls to Pass Cisco Unified Personal Communicator Traffic, page 12-8
Verifying That the Cisco UP XCP Router Service Is Running, page 12-8
(Cisco Unified Personal Communicator Release 8.x) About Configuring XCP Services for
Cisco Unified Personal Communicator, page 12-9
12-1
Chapter 12
About Configuring Cisco Unified Personal Communicator on Cisco Unified Presence, page 12-20
How to Configure Cisco Unified Personal Communicator on Cisco Unified Presence, page 12-21
About Configuring CTI Gateway Settings for Desk Phone Control on Cisco Unified Presence,
page 12-26
How to Configure CTI Gateway Settings for Desk Phone Control on Cisco Unified Presence,
page 12-28
12-2
Chapter 12
Availability status
information and
instant messaging
Advanced instant
messaging features,
such as group chat
and persistent chat
rooms
12-3
Chapter 12
To Deploy These
Features...
Place calls from a
computer
Transformation of Dialed
Numbers by Cisco Unified
Personal Communicator,
page 12-12
Extension Mobility
Configuration, page 12-13
(Cisco Unified
Personal Communicator
Release 7.1) Guidelines for
Configuring the Softphone
Device Name, page 12-14
(Cisco Unified
Personal Communicator
Release 7.x) Desk Phone
Control and LDAP
TelephoneNumber Field,
page 12-27
12-4
Chapter 12
To Deploy These
Features...
Video calls and
videoconferencing
Voicemail
Configuring Videoconferencing
Resources and Ad-Hoc Conferencing
on Cisco Unified Communications
Manager, page 12-31
12-5
Chapter 12
To Deploy These
Features...
Conference calls
Configuring
Cisco Unified MeetingPlace Servers,
page 13-16
Alternative server to
control signing in
Security features
High availability
features
Third-party client
applications
Audio quality
features
How to Configure
Conferencing Servers for
Cisco Unified Personal
Communicator, page 13-12
12-6
Chapter 12
To Deploy These
Features...
HTML content
display
Desktop agent
Note
Configured the Cisco Unified Communications Manager server for integration with Cisco Unified
Presence
Assigned all of your Cisco Unified Personal Communicator users to Cisco Unified Presence nodes
in the system topology
(Optional) Configured the Cisco Unity and Cisco Unified MeetingPlace or Cisco WebEx on Cisco
Unified Presence so that Cisco Unified Personal Communicator can use visual voicemail and
meeting features.
Before you deploy Cisco Unified Personal Communicator Release 8.x to the computers of your users,
ensure that there are no other applications installed on the computers of your users that depend on
Cisco Unified Client Services Framework. For a list of these applications, see the Release Notes for
Cisco Unified Personal Communicator at:
http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
Related Topics
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence,
page 3-1
Configuring a Cisco Unified Presence Server for Deployment in the Network, page 6-1
12-7
Chapter 12
Read information about the network ports used by Cisco Unified Personal Communicator in the Release
Notes for Cisco Unified Personal Communicator.
Procedure
Step 1
Identify whether users have a software firewall installed on their computers, or if there is a hardware
firewall in the network between Cisco Unified Presence and Cisco Unified Personal Communicator.
Step 2
Related Topic
Select Tools > Control Center - Network Services in Cisco Unified Serviceability in Cisco Unified
Presence.
Step 2
Step 3
Select Go.
Step 4
Locate the Cisco UP XCP Router service in the Cisco Unified Presence Services section.
Step 5
12-8
Chapter 12
Related Topic
(Cisco Unified Personal Communicator Release 8.x) Required XCP Services, page 12-9
(Cisco Unified Personal Communicator Release 8.x) Optional XCP Services, page 12-9
Note
Cisco UP XCP Text Conference Manager, for group chat and persistent chat rooms. If you have a
mixture of Cisco Unified Personal Communicator Release 8.x and Cisco Unified Personal
Communicator Release 7.x users, then the Cisco UP XCP Text Conference Manager service must
be running for them to communicate with one another.
Cisco UP XCP Web Connection Manager, to manage connections for web-based client applications,
that connect to Cisco Unified Presence using HTTP.
Cisco UP XCP SIP Federation Connection Manager, to support federation services with third-party
applications that use SIP.
Cisco UP XCP XMPP Federation Connection Manager, to support federation services with
third-party applications that use XMPP.
Cisco UP XCP Counter Aggregator, if you want system administrators to be able to view statistical
data on XMPP components.
Cisco UP XCP Message Archiver, for automatic archiving of all instant messages.
Cisco UP XCP Directory Service, if you want to enable third-party XMPP client applications to do
LDAP searches.
Read the documentation relating to any feature that you are implementing before you turn on the relevant
services. Additional configuration might be required.
12-9
Chapter 12
Related Topics
Turning On Cisco Unified Presence Services to Support XMPP Clients, page 9-4
(Cisco Unified Personal Communicator Release 8.x) Configuring Persistent Chat Rooms,
page 12-10
(Cisco Unified Personal Communicator Release 8.5) Disabling Chat, page 12-11
(Cisco Unified Personal Communicator Release 8.5) Configuring Chat History, page 12-11
How To Configure the Authorization Policy on Cisco Unified Presence, page 6-39
12-10
Chapter 12
Related Topics
Turning On or Off Instant Messaging for a Cisco Unified Presence Cluster, page 6-51
(Cisco Unified Personal Communicator Release 8.x) Guidelines for Configuring the Softphone
Device Name, page 12-14
(Cisco Unified Personal Communicator Release 7.1) Guidelines for Configuring the Softphone
Device Name, page 12-14
12-11
These rules define how Cisco Unified Personal Communicator can reformat the inbound call ID to be
used as a directory lookup key and how to transform a phone number retrieved from the LDAP directory
for outbound dialing.
When you are configuring application dial rules, note the following:
Cisco Unified Communications Manager Release 7.1 supports application dial rules that contain the
plus character in dialed numbers.
Cisco Unified Personal Communicator Release 7.1 does not remove the plus character from dialed
numbers.
Releases of Cisco Unified Personal Communicator earlier than Release 7.1 do remove the plus
character from dialed numbers.
Table 12-1 defines the application dialing rules and directory lookup rules, and provides examples and
the menu path for each.
Table 12-1
Rule
Definition
Configuration Example
Menu path
Application dial
rules
Directory lookup
rules
Related Topic
12-12
Chapter 12
Related Topics
For detailed conceptual and task-based information about dialing rules, see the Cisco Unified
Communications Manager Administration Guide:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
When you create the device user profile (Device > Device Settings > Device Profile), enable CTI
control, and ensure that the line is controllable by CTI.
When you add the Cisco Unified IP Phone to Cisco Unified Communications Manager (Device >
Phone), make sure that is controllable by CTI.
Related Topics
Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 12-15
12-13
No correlation to the username is required, but for convenience you might choose to include a username
in the device name. For example, you might use the device name CSFabaker.
jjackson
UPCJJACKSON
johnnie_jackson
UPCJOHNNIEJACKS
johnniejackson
UPCJOHNNIEJACKS
john.jackson
UPCJOHNJACKSON
You must create username that do not collide when converted, for example, the usernames
johnnie_jackson and johnniejackson convert to the same softphone device name and therefore are said
to collide.
Caution
If Cisco Unified Personal Communicator is unable to derive its softphone device name, it cannot
properly register and cannot function as expected. You might have to reconfigure a user to use a name
other than their normal username to avoid this problem.
Related Topic
Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 12-15
12-14
Chapter 12
Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 12-15
Read the Cisco Unified Personal Communicator licensing requirements module, including the
information about adjunct licensing.
Restrictions
The auto-registration features in Cisco Unified Communications Manager are not supported with
Cisco Unified Personal Communicator.
Procedure
Step 1
Select Cisco Unified Communications Manager Administration > Device > Phone.
Step 2
Step 3
(Cisco Unified Personal Communicator Release 8.x) Select Cisco Unified Client Services Framework
from the Phone Type menu.
(Cisco Unified Personal Communicator Release 7.1) Select Cisco Unified Personal Communicator
from the Phone Type menu.
Step 4
Select Next.
Step 5
b.
Enter a descriptive name for the phone in the Description field. For example, enter
Richardsoftphone.
12-15
c.
(Cisco Unified Personal Communicator Release 8.x) Select Default from the Device Pool list.
d.
(Cisco Unified Personal Communicator Release 8.x) Select Standard Client Services Framework
from the Phone Button Template list.
e.
f.
g.
Select the device name of the Cisco Unified IP Phone to associate with Cisco Unified Personal
Communicator from Primary Phone.
h.
(Cisco Unified Personal Communicator Release 8.x) Check Allow Control of Device from CTI to
enable CTI to control and monitor this device.
(Cisco Unified Personal Communicator Release 7.1) Uncheck Allow Control of Device from CTI.
i.
Field
Setting
Presence Group
Device Security
Profile
SIP Profile
Select Standard SIP Profile to specify the default SIP profile. SIP profiles
provide specific SIP information for the phone such as registration and
keep-alive timers, media ports, and Do Not Disturb control.
Digest User
Select the user ID. This is the same user ID as the one you selected for Owner
User ID.
Step 6
Select Save.
Step 7
Select the Add a New DN link in the Association Information section that displays on the left side of
the window.
Step 8
Enter the directory number and route partition for the Cisco Unified Personal Communicator.
b.
Enter the caller ID in Display (Internal Caller ID), in the Line 1 on Device Device-Name section.
c.
In the Multiple Call/Call Waiting section, specify the maximum number of calls that can be
presented to Cisco Unified Personal Communicator in the Maximum Number of Calls field.
d.
In the Multiple Call/Call Waiting section, specify the trigger after which an incoming call receives
a busy signal in the Busy Trigger field.
Note
Step 9
The Busy Trigger setting works with the Maximum Number of Calls setting. For example, if the
maximum number of calls is set to six and the busy trigger is set to six, the seventh incoming
call receives a busy signal.
Select Save.
Make sure that the status shown at the top of the window indicates a successful save and that the resulting
status is Ready.
12-16
Chapter 12
Troubleshooting Tips
The directory number that is configured for Cisco Unified Personal Communicator and the
Cisco Unified IP Phone must be identical. A directory number is configured with a partition, and
you assign a directory number to Cisco Unified Personal Communicator and the
Cisco Unified IP Phone. This configuration causes the Cisco Unified Personal Communicator to
share the line with the Cisco Unified IP Phone for this user.
Cisco Unified Communications Manager reminds you that changes to line or directory number
settings require a restart. However, a restart is required only when you edit lines on
Cisco Unified IP Phones that are running at the time of the modifications.
From Cisco Unified Communications Manager Release 6.x, make sure that an association exists
between the user and the line that is configured for that user so that the correct availability status in
Cisco Unified Personal Communicator is displayed. Select Device > Phone, and view the
association information for the device. Make sure that the user is associated with the line on the
Directory Number configuration window. Make sure that you associate the line and user for all the
phones used by the user for that directory number.
Related Topics
(Cisco Unified Personal Communicator Release 7.1) Guidelines for Configuring the Softphone
Device Name, page 12-14
What To Do Next
Select Cisco Unified Communications Manager Administration > System > LDAP > LDAP
Directory.
Step 2
Search for the LDAP directory in the Find and List LDAP Directories window.
Step 3
Step 4
Step 5
Select Cisco Unified Communications Manager Administration > Device > Phone.
Step 6
Search for the device for the user in the Find and List Phones window.
Step 7
Step 8
Select the directory number for the device in the Association Information section that displays on the
left side of the window.
12-17
Step 9
Step 10
Search for the user in the Find and List Users window.
Step 11
Step 12
What To Do Next
Select Cisco Unified Communications Manager Administration > User Management > End User.
Step 2
Search for the user in the Find and List Users window.
Step 3
Step 4
Step 5
Use the Find and List User Groups window to find and select the following user groups:
If the phone of the user is a Cisco Unified IP Phone 9900 or 8900 series model, select the following user
group also:
Standard CTI Allow Control of Phones supporting Connected Xfer and conf user group
If the phone of the user is a Cisco Unified IP Phone 6900 series model, select the following user group
also:
Step 6
Step 7
What To Do Next
Select Cisco Unified Communications Manager Administration > User Management > End User.
Step 2
Search for the user in the Find and List Users window.
Step 3
12-18
Chapter 12
Step 4
Step 5
Step 6
Step 7
Step 8
Select Back to User from the menu in the Related Links navigation box at the top right of the window.
Step 9
Select Go.
Step 10
Verify that the device is listed in the Device Information section on the End User Configuration window.
What To Do Next
Resetting a Device
Step 1
Select Cisco Unified Communications Manager Administration > Device > Phone.
Step 2
Search for the device for the user in the Find and List Phones window.
Step 3
Step 4
Select the directory number for the device in the Association Information section that displays on the
left side of the window.
Step 5
Specifying Which Softphone Device to Use for a User with Multiple Associated
Softphone Devices
If Cisco Unified Personal Communicator user has more than one associated softphone device in
Cisco Unified Communications Manager, you can specify which device to use on startup by excluding
all other devices. To do this, you must set the value of the following registry key value to be a
comma-separated list of device names, as follows:
Registry Key
Sample Value
ExcludedDevices
csfjohndoe,csfjanedoe
12-19
drive:\Documents and
drive:\Documents and
Settings\username\Application
Settings\username\Local
Settings\Application Data\Cisco\Unified Data\Cisco\Unified Personal
Communicator
Communications\Client Services
Framework\Config
Windows Vista
Release 7.1
drive:\Users\username\AppData\Local\
Cisco\Unified Personal Communicator
If the loading of the local file is successful, Cisco Unified Personal Communicator updates the Server
Health window with a warning notification (yellow indicator). If the file transfer fails and the file does
not exist, Cisco Unified Personal Communicator updates the Server Health window with a failure
notification and switches to Disabled mode.
The following Cisco Unified Communications Manager failover restrictions apply to Cisco Unified
Personal Communicator:
12-20
Chapter 12
Cisco Unified Personal Communicator fails over to a configured TFTP server when it tries to
download the configuration file. The application also tries to download the file from the backup
TFTP servers.
AutoUpdate and upgrades through TFTP are not supported for Cisco Unified Personal
Communicator software.
Related Topic
High Availability
High availability in a subcluster means that if a node in the subcluster fails, the Instant Message and
Availability services from that node can fail over to the second node in the subcluster. High Availability
is supported for the following releases of Cisco Unified Personal Communicator:
Cisco Unified Personal Communicator Release 7.x with Cisco Unified Presence Release 7.x
Cisco Unified Personal Communicator Release 8.5 with Cisco Unified Presence Release 8.5
Cisco Unified Personal Communicator Release 8.6 with Cisco Unified Presence Release 8.6
To configure high availability for Cisco Unified Personal Communicator clients, you configure high
availability on the Cisco Unified Presence server. For more information, refer to How To Configure High
Availability Cisco Unified Presence Deployments, page 6-21.
The impact of failover on Cisco Unified Personal Communicator is described in Impact of Failover to
Cisco Unified Presence Clients and Services, page 6-12.
Configuring the Proxy Listener and TFTP Addresses, page 12-21 (required)
(Cisco Unified Personal Communicator Release 8.x) Configuring Settings, page 12-22
(Cisco Unified Personal Communicator Release 7.1) Configuring the Service Parameters,
page 12-24 (required)
(Cisco Unified Personal Communicator Release 7.1) Configuring a Secure Connection Between
Cisco Unified Presence and Cisco Unified Personal Communicator, page 12-25
Restriction
We recommend that Cisco Unified Personal Communicator use TCP to communicate with the proxy
server. If you use UDP to communicate with the proxy server, availability information for contacts in the
Cisco Unified Personal Communicator contact list might not be available for large contact lists.
12-21
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Cisco Jabber > Settings.
Step 2
Select the Proxy Listener Default Cisco SIP Proxy TCP Listener.
Step 3
Assign the primary (required) and backup (optional) TFTP server addresses in the fields provided. You
can enter an IP address or an FQDN (Fully Qualified Domain Name).
Step 4
Select Save.
Troubleshooting Tip
You can see the TFTP server addresses in the Server Health window in Cisco Unified Personal
Communicator (Help > Show Server Health on Windows operating system and Help > Show System
Diagnostics on Mac OS).
Related Topic
(Cisco Unified Personal Communicator Release 7.1) Configuring the Service Parameters, page 12-24
Select Cisco Unified Presence Administration > Application > Cisco Jabber > Settings.
Step 2
12-22
Chapter 12
Field
Setting
If you must specify a value, specify the directory that contains the
security certificates as an absolute path. For example, C:\CSFcerts.
If you use a relative path, the path is relative to the CSF installation
directory C:\Program Files\Common Files\Cisco Systems\Client
Services Framework. If you do not specify a directory, CSF looks
for the certificates in the following directory and trusts any
certificates in that location:
Windows XP:
drive:\Documents and Settings\username\Local
Settings\Application Data\Cisco\Unified Communications\Client
Services Framework\certificates
Windows Vista/Windows 7:
drive:\Users\username\AppData\Local\Cisco\Unified
Communications\Client Services Framework\certificates
Default Setting: Not set
Credentials source for voicemail If user credentials for the voicemail service are shared with another
service
service, select the appropriate service from this list box. The user
credentials automatically synchronize from the service that you
select.
Default Setting: Not set
Troubleshooting Tip
If this value is set to Not set, users must use their client preference
settings to manually select a source for voicemail service
credentials.
Credentials source for web
conferencing service
If user credentials for the meeting service are shared with another
service, select the appropriate service from this list box. The user
credentials automatically synchronize from the service that you
select.
Default Setting: Not set
Troubleshooting Tip
If this value is set to Not set, users must use their client preference
settings to manually select a source for meeting service credentials.
12-23
Field
Setting
Check this check box to allow users to cut and paste in their instant
messages (IMs).
Most deployments have this option turned on. If you turn off this
option, the Cisco Unified Presence server flags and passes the
setting to the Cisco Unified Personal Communicator client, where
the behavior is enforced.
Default Setting: On
Check this check box if you want all video calls to start without
sending video from the camera. Instead, an icon is displayed that
indicates that video is not being sent from the camera. If users want
to send video from their camera, they must explicitly select to send
video from the camera.
This setting overrides the Start video calls with my video signal
muted setting that users can select in the Cisco Unified Personal
Communicator options.
If you turn this option off, video calls start according to the
Cisco Unified Personal Communicator options.
Default Setting: Off
Step 3
Select Save.
Related Topics
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator, page 15-6
(Cisco Unified Personal Communicator Release 8.0) How to Integrate the LDAP Directory for
Contact Searches on XMPP Clients, page 15-13
Select Cisco Unified Presence Administration > System > Service Parameters.
Step 2
Step 3
Select Cisco UP SIP Proxy as the service on the Service Parameter Configuration window.
Step 4
Set Use Transport in Record-Route Header to On in the SIP Parameters (Clusterwide) section.
This forces the Proxy to use the transport parameter in the record-route header.
12-24
Chapter 12
Step 5
Select Save.
Related Topic
(Cisco Unified Personal Communicator Release 7.1) Configuring a Secure Connection Between Cisco
Unified Presence and Cisco Unified Personal Communicator, page 12-25
Step 2
Step 3
Step 4
Step 5
Step 6
Upload the signing chain of the certificate one at a time as "tomcat-trust" on Cisco Unified Presence.
You will need to do this before you upload the signed certificate that you receive from your CA. If you
receive a Geotrust (Equifax) or Verisign certificate, you just need to upload the appropriate root
certificate.
Step 7
When the CA returns your signed certificate, select Cisco Unified OS Administration > Security >
Certificate Management > Upload Certificate to upload the signed certificate to Cisco Unified
Presence.
Step 8
Upload the signed certificate as tomcat. Make sure to save this certificate file. List the name of your
signing certificate as the Root Certificate.
Step 9
Restart the Tomcat service from the CLI using this command:
utils service restart Cisco Tomcat
The new certificate is not valid until you restart the Tomcat service .
12-25
Troubleshooting Tips
When you generate the CSR, we recommend that you backup your system using the Disaster
Recovery System on Cisco Unified Presence. If you do not backup your system, and you regenerate
the tomcat certificate, you will invalidate your signing chain and you will no longer be able to use
your signed certificate.
If you have an internal CA, in a signing chain, there will be at least a trusted root certificate. The
trusted root certificate may sign an intermediate certificate, or may sign your certificate directly. If
there is an intermediate certificate, then it will sign your certificate. The root and the intermediate
certificate make up the "signing chain". You need to upload each of the certificates in the chain to
Cisco Unified Presence. In each case, upload the certificate as "tomcat-trust".
Do not attempt to upload a PKCS#7 (concatenated certificate chain), sometimes called a p7b.
Related Topic
About Configuring CTI Gateway Settings for Desk Phone Control on Cisco Unified Presence,
page 12-26
The procedures in this topic are only applicable if you are configuring Cisco Unified Personal
Communicator for desk phone control.
Desk Phone Control and the CTI Connection Failures, page 12-26
(Cisco Unified Personal Communicator Release 7.x) Desk Phone Control and LDAP
TelephoneNumber Field, page 12-27
12-26
Chapter 12
Table 12-3
Scenario
CTI connection fails
and no calls are
present
The user has manual control of the desk phone for making and receiving
calls.
Existing calls are unaffected, but the user no longer has control through
Cisco Unified Personal Communicator and does not receive any updates
or changes in the call state. Any existing Cisco Unified Personal
Communicator session window closes.
The user has manual control of the physical phone for making and
receiving calls.
Related Topics
(Cisco Unified Personal Communicator Release 7.x) Desk Phone Control and
LDAP TelephoneNumber Field
You may need to index the telephoneNumber field on the LDAP server for desk phone control to work.
There are two possible scenarios that this applies to:
Desk phone control is not working, and the server health on Cisco Unified Personal Communicator
displays the status "Not Connected - Stopped".
The contact search on Cisco Unified Personal Communicator does not return the full results.
12-27
These issues could occur when you have a large Cisco Unified Personal Communicator user base, and
the LDAP server is slow to respond to queries from Cisco Unified Presence. To fix the issue, index the
telephoneNumber field on the LDAP server. Alternatively, if you use Windows Active Directory, change
the Global Catalog port to 3268 (instead of using the standard LDAP port 389).
Make sure that you have completed this configuration on Cisco Unified Communications Manager:
Configured the phone devices for CTI device control.
Added the Cisco Unified Personal Communicator users to a CTI-enabled user group.
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Cisco Jabber > CTI Gateway Server.
Step 2
Step 3
Step 4
Field
Setting
Name
Description
Hostname/IP Address
Port
Enter 2748.
Select Save.
12-28
Chapter 12
Troubleshooting Tip
You can see the CTI gateway information in the Server Health window in Cisco Unified Personal
Communicator (Help > Show Server Health on Windows operating system and Help > Show System
Diagnostics on Mac OS).
Related Topics
User and Device Configuration on Cisco Unified Communications Manager, page 3-1
Desk Phone Control and the CTI Connection Failures, page 12-26
What To Do Next
You must create the CTI gateway profile before you can add Cisco Unified Personal Communicator
licensed users to the application profile.
You must first specify CTI gateway server names and addresses in Application > Cisco Jabber >
CTI Gateway Server before you can select the servers as primary or backup servers in this
procedure.
Cisco Unified Presence dynamically creates a TCP-based CTI gateway profile based on the
hostname of Cisco Unified Communications Manager. Before using this profile, verify that Cisco
Unified Presence and Cisco Unified Personal Communicator clients can ping Cisco Unified
Communications Manager by the DNS name. If they cannot contact the server, you need to add the
IP address of Cisco Unified Communications Manager in Cisco Unified Presence Administration
(Application > Cisco Jabber > CTI Gateway Server). You do not need to delete the host profiles
that are created automatically.
If you previously configured Cisco Unified Communications Manager with an IP address through
the Cisco Unified Communications Manager Administration > System > Server menu, Cisco
Unified Presence dynamically creates a TCP-based CTI gateway profile based on that address. The
fields in Cisco Unified Presence Administration (Application > Cisco Jabber > CTI Gateway
Profile) are automatically populated, and you need only add users to the default CTI TCP profile
that is created (see Step 3).
Procedure
Step 1
Step 2
Step 3
12-29
Chapter 12
Field
Setting
Name
Description
Check so that any new users that are added to the system are
automatically placed into this default profile.
Users who are already synchronized to Cisco Unified Presence from
Cisco Unified Communications Manager are not added to the default
profile. However, after the default profile is created, any users
synchronized after that are added to the default profile.
Step 4
Step 5
Use the Find and List Users window to find and select users.
Step 6
Step 7
Related Topics
Desk Phone Control and the CTI Connection Failures, page 12-26
Configuring Users for Point-to-Point Video Calls and for Multipoint Videoconferencing, page 12-30
Configuring Bandwidth Capability for Cisco Unified Personal Communicator, page 12-33
(Cisco Unified Personal Communicator Release 8.x) How to Configure Cisco Unified IP Phones for
Video, page 12-34
(Cisco Unified Personal Communicator Release 7.1) For point-to-point video calls, configure users for
softphone use.
12-30
Chapter 12
Step 2
(For multipoint videoconferencing) If you want Cisco Unified Personal Communicator softphone users
to have merged conference calls (three or more parties) with audio and video support, you must first
configure videoconferencing resources.
Step 3
Distribute cameras that are supported for use with Cisco Unified Personal Communicator. For a list of
these cameras, see the Release Notes for Cisco Unified Personal Communicator:
http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
The camera driver installer is not provided with some models of Cisco VT Camera. In this case, you must
distribute the installer.
Related Topics
For details about supported cameras, video codecs, and audio codecs, see the Release Notes for
Cisco Unified Personal Communicator:
http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.html
Cisco VT Camera Quick Start Guide (for use with Windows-based computers)
http://www.cisco.com/en/US/products/sw/voicesw/ps5662/prod_installation_guides_list.html
What To Do Next
12-31
Chapter 12
Procedure
Step 1
Perform the following configuration on Cisco Unified MeetingPlace Application Server Administration
Center:
Task
Menu Path
Menu Path
(Optional) To enable any participant to add more participants to the conference, perform the following
steps:
a.
Select Cisco Unified CM Administration > System > Service Parameters in Cisco Unified
Communications Manager Administration.
b.
Select your Cisco Unified Communications Manager server from the Server drop-down list.
c.
d.
To enable any participant to add more participants the conference, set Advanced Ad Hoc Conference
Enabled to True in the Clusterwide Parameter (Feature - Conference) section.
e.
To specify a minimum number of video-capable participants for ad-hoc conferences, enter the
minimum number in the Minimum Video Capable Participants To Allocate Video Conference
field in the Clusterwide Parameters (Feature - Conference) section.
When an ad-hoc conference starts, the conference uses an audio bridge or a video bridge, depending
on the value in this setting. For example, if you set this setting to 2, a minimum of two participants
in the conference must have video-enabled devices. If this at least two participants do not have
video-enabled devices, then the conference becomes an audio-only conference. The participants
cannot change the conference to video after this happens.
12-32
Chapter 12
f.
Step 4
Select Save.
Associate the phone with the new media resource group list:
a.
b.
Under Search Options, search for the directory number of the phone, and when it is found, select the
device name.
c.
In the Phone Configuration window in the Device Information section, find the Media Resource
Group List, and select the media resource group list that you just configured.
d.
Select Enabled for Video Capabilities in the Product Specific Configuration Layout section.
e.
Select Save.
f.
Select Reset.
Related Topics
For details about the Cisco Unified Videoconferencing server installation, see the product
installation guide:
http://www.cisco.com/en/US/products/hw/video/ps1870/tsd_products_support_series_home.html
For detailed instructions about media resource configuration for Cisco Unified Videoconferencing,
use the Cisco Unified Communications Manager Administration online help or the Cisco Unified
Communications Manager Administration Guide:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
For details about supported Cisco Unified Videoconferencing releases, see the Release Notes for
Cisco Unified Personal Communicator:
http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
For detailed Cisco Unified MeetingPlace configuration instructions, see the Administration
Documentation for Cisco Unified MeetingPlace:
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html
For detailed Cisco Unified Communications Manager configuration instructions, use the
Cisco Unified Communications Manager Administration online help or the Cisco Unified
Communications Manager Administration Guide:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 12-15
Configuring Users for Point-to-Point Video Calls and for Multipoint Videoconferencing, page 12-30
12-33
Chapter 12
Audio Codec
For more information about region and device pool configuration in Cisco Unified
Communications Manager, see the Cisco Unified Communications Manager Administration online
help, or the Cisco Unified Communications Manager Administration Guide:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
Note
When you use your Cisco Unified IP Phone for phone calls, you can only use video on your computer if
the Cisco Unified IP Phone uses Skinny Client Control Protocol (SCCP).
To configure a Cisco Unified IP Phone for video, you must perform the following tasks:
(Cisco Unified Personal Communicator Release 8.x) Connecting a Cisco Unified IP Phone to the
Network and Your Computer, page 12-34
(Cisco Unified Personal Communicator Release 8.x) Enabling Video for a Cisco Unified IP Phone,
page 12-35
(Cisco Unified Personal Communicator Release 8.x) Connecting a Cisco Unified IP Phone to the
Network and Your Computer
Procedure
Step 1
Step 2
Connect the PC port on the Cisco Unified IP Phone to the controlling PC with an Ethernet cable.
What To Do Next
(Cisco Unified Personal Communicator Release 8.x) Enabling Video for a Cisco Unified IP Phone,
page 12-35
12-34
Chapter 12
(Cisco Unified Personal Communicator Release 8.x) Enabling Video for a Cisco Unified IP Phone
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Select Save.
When video is enabled on the phone, a video icon is displayed in the lower-right corner of the LCD
screen.
12-35
Chapter 12
How to Configure Video Calls and Videoconferencing
12-36
CH A P T E R
13
This chapter includes the information required to configure Cisco Unified Personal Communicator
features. For information specific to Cisco Jabber clients, such as Jabber for Windows, see the
appropriate client documentation below:
Cisco Jabberhttp://www.cisco.com/web/products/voice/jabber.html
Androidhttp://www.cisco.com/en/US/products/ps11678/index.html
BlackBerryhttp://www.cisco.com/en/US/products/ps11763/index.html
iPadhttp://www.cisco.com/en/US/products/ps12430/index.html
iPhonehttp://www.cisco.com/en/US/products/ps11596/index.html
Nokiahttp://www.cisco.com/en/US/products/ps11766/index.html
Web SDKhttp://www.cisco.com/en/US/products/ps11765/index.html
If you want to continue with information specific to Cisco Unified Personal Communicator, proceed
with the contents in this chapter:
How to Configure Voicemail Servers for Cisco Unified Personal Communicator, page 13-4
How to Configure Conferencing Servers for Cisco Unified Personal Communicator, page 13-12
(Cisco Unified Personal Communicator Release 8.x) Creating Audio Profiles on Cisco Unified
Presence, page 13-23
Configuring CCMCIP Profiles for Cisco Unified Personal Communicator Release 8.x, page 13-24
(Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal
Communicator as a Desktop Agent, page 13-26
(Cisco Unified Personal Communicator Release 8.5) Distributing HTML Files for Display in the
Cisco Unified Personal Communicator Window, page 13-29
13-1
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
About Migrating Users from Cisco Unified Personal Communicator Release 7.x to Cisco Unified
Personal Communicator Release 8.x, page 13-30
How to Update User Configuration After Deploying Cisco Unified Personal Communicator,
page 13-30
See the Cisco Unity Connection Security Guide at the following URL:
http://www.cisco.com/en/US/products/ps6509/prod_maintenance_guides_list.html
2.
3.
If the message is not encrypted, Cisco Unified Personal Communicator plays the message.
4.
13-2
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
About Secure Voicemail Messaging
a. Cisco Unified Personal Communicator extracts the encrypted session keys from the .wav file for
the message.
b. Cisco Unified Personal Communicator submits the keys to the Cisco Unity server.
c. The Cisco Unity server tries to decrypt the session keys. The server uses the private key
the key to decrypt the message, and plays the messages to the user.
Related Topics
See the Cisco Unity Security Guide with Microsoft Exchange at the following URL:
http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_maintenance_guides_list.htm
Note
Menu path
SOAP
IMAP
Cisco Unity requires SOAP configuration for secure messaging. Cisco Unity Connection does not
require SOAP configuration for secure messaging.
Related Topics
See the Cisco Unity security guide with Microsoft Exchange at the following URL:
http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_maintenance_guides_list.html
Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 13-9
Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 13-9
13-3
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Voicemail Servers for Cisco Unified Personal Communicator
Note
Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 13-9
Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 13-9
Before you perform the tasks described here, make sure that you fully integrate Cisco Unified Personal
Communicator with Cisco Unified Communications Manager and Cisco Unified Presence.
Integrate Cisco Unified Communications Manager and Cisco Unity Connection. Both servers must
be installed and running to configure voicemail ports.
Procedure
Step 1
Step 2
Step 3
Set up a new or existing class of service in Cisco Unity Connection Administration to enable Internet
Mail Access Protocol (IMAP) client access to voice messages.
a.
b.
c.
Select the display name of the applicable class of service in the Search Results table, in the Search
Class of Service window.
d.
Check Allow Users to Use Unified Client to Access Voice Mail, under Features.
e.
Check Allow Users to Access VoiceMail Using an IMAP Client, under Licensed Features. Then
select Allow Users to Access Message Bodies.
f.
Select Save.
If the users are existing Cisco Unity Connection users, add them to the Cisco Unified
Communications Manager database and to Cisco Unified Presence. Proceed to Step 4.
If the user is a new Cisco Unified Personal Communicator user, add the user to Cisco Unified
Communications Manager database, Cisco Unity Connection, and to Cisco Unified Presence.
Create a Connection user account on the Cisco Unity Connection server with a voice mailbox for each
Cisco Unified Personal Communicator user.
13-4
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Voicemail Servers for Cisco Unified Personal Communicator
Note
Step 4
Step 5
Step 6
The user ID in Cisco Unity Connection does not need to match the user ID in Cisco Unified Presence or
in Cisco Unified Personal Communicator. Cisco Unified Personal Communicator has an independent
voicemail ID, which is set in the application Preference window. However, you might find it useful to
have the same user IDs across your Cisco Unified Communications system.
(Optional) Enable secure messaging as follows:
a.
Expand Class of Service in the section on the left-hand side, and then select Class of Service.
b.
Select an option from Require Secure Messaging in the Message Options section to enable secure
messages.
(Optional) Specify how to handle unidentified caller message security for your users as follows:
a.
b.
Select Users.
c.
d.
e.
If one does not already exist, specify a web application password in Cisco Unity Connection for the
applicable user accounts.
Troubleshooting Tips
Users must enter their voicemail credentials, that is, their username and password, in the
Cisco Unified Personal Communicator application.
If the server can be contacted and the user credentials are correct, but voicemail messages are not
downloaded, do the following:
Check the configuration of port 7993.
Make sure that Cisco Unity Connection is listening on port 7993.
Check the firewall configuration. Use Telnet from a remote computer to the computer running
Cisco Unified Personal Communicator, and make sure that you can connect to the firewall.
Allow the Cisco Unified Client Services Framework executable file (cucsf.exe) to establish
IMAP network connections using TCP, TLS, and SSL at the appropriate server and port. For
information about the ports and protocols used by Cisco Unified Personal Communicator and
Cisco Unified Client Services Framework, see the Release Notes for Cisco Unified Personal
Communicator:
http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
Related Topics
For details about supported Cisco Unity Connection releases, see the Release Notes for
Cisco Unified Personal Communicator:
http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
For details about the voicemail configuration on Cisco Unified Communications Manager, see the
Cisco Unified Communications Manager Administration Guide:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
13-5
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Voicemail Servers for Cisco Unified Personal Communicator
For details about setting up the Connection user account and configuring a web application
password onCisco Unity Connection, see the Cisco Unity Connection User Moves, Adds, and
Changes Guide:
http://www.cisco.com/en/US/products/ps6509/prod_maintenance_guides_list.html
What To Do Next
Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 13-9
Integrate Cisco Unified Communications Manager and Cisco Unity. Both servers must be installed
and running to configure voicemail ports.
If you plan to use SSL to provide secure transmission with the mailstore server, you must set up
Cisco Unity to use SSL during the installation or upgrade (or at any time after the installation or
upgrade is complete). You must designate a server to act as your certificate authority, submit a
certificate request, issue the certificate, and install it on the Cisco Unity server.
Procedure
Step 1
Configure the Microsoft Exchange server to use the IMAP virtual server:
13-6
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Voicemail Servers for Cisco Unified Personal Communicator
Do This
a.
b.
c.
d.
e.
a.
b.
Step 2
Do This
a.
b.
c.
Select OK.
a.
b.
Note
c.
PlainTextLogin
For SSL: set-imapsettings -LoginType SecureLogin
Step 3
If the user is an existing Cisco Unity user, add the user to the Cisco Unified
Communications Manager database and to Cisco Unified Presence.
13-7
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Voicemail Servers for Cisco Unified Personal Communicator
If the user is a new user, add the user to the Cisco Unified Communications Manager database,
Cisco Unity (which adds the user to Exchange and to Active Directory), and to Cisco Unified
Presence.
Step 4
Create mailboxes for new and existing users. For details, see the documentation for your Exchange
server.
Step 5
Select Subscribers > Subscribers > Features to make the change on a subscriber template.
The change you make here is not applied to current subscriber accounts that were created by using
this template. The setting applies only to subscriber accounts that are created by using this template
after the change has been made.
b.
Select an option from the Message Security When Sending a Message list to enable secure messages.
For example, select Encrypt All Messages.
This setting specifies whether messages are encrypted when subscribers send messages to other
subscribers.
Step 6
c.
Select Save.
d.
b.
Specify whether messages from unidentified callers are encrypted. Select an option from the list.
c.
Select Save.
Troubleshooting Tip
Cisco Unified Personal Communicator users must enter their Cisco Unity credentials in the
Cisco Unified Personal Communicator Preferences window.
Related Topics
For details about the Cisco Unity server installation with Microsoft Exchange, see the following
URL:
http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html
For details about supported Cisco Unity releases, see the Release Notes for Cisco Unified Personal
Communicator at the following URL:
http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
For details about the voicemail configuration on Cisco Unified Communications Manager, see the
Cisco Unified Communications Manager Administration Guide at the following URL:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 13-9
What To Do Next
Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 13-9
13-8
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Voicemail Servers for Cisco Unified Personal Communicator
Obtain the hostname or IP address of the voicemail server. You might need to specify more than one
hostname to provide services for the number of users in your environment.
For Cisco Unity, you must also obtain the hostnames or IP addresses of the peer Microsoft Exchange
server or servers.
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Cisco Jabber > Voicemail Server.
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Select Save.
Related Topics
What To Do Next
Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 13-9
13-9
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Voicemail Servers for Cisco Unified Personal Communicator
The following table describes the protocols you can use for voicemail messages, and the security features
the protocols implement for voicemail messages:
Protocol
Description
SSL
TCP
TLS
Uses the STARTTLS verb of IMAP to encrypt usernames, passwords, and voicemail
messages.
If you upgrade from Cisco Unified Presence Release 6.0(x) to Release 7.0(x), Cisco Unified
Presence automatically imports the IMAP settings into the mailstore configuration window.
Restrictions
You must provision mailstore servers before you can add the servers to the voicemail profiles.
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Cisco Jabber > Mailstore.
Step 2
Step 3
Step 4
Step 5
Specify the IMAP port number configured for the server and the corresponding protocol to use when
Cisco Unified Personal Communicator contacts this server:
Server
Protocol
Port Number
SSL
993
TCP
143
TLS
143 or 7993
SSL
993
TCP
143
TLS
143
Cisco Unity
Step 6
Select Save.
Related Topic
Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 13-9
What To Do Next
13-10
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Voicemail Servers for Cisco Unified Personal Communicator
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Cisco Jabber > Voicemail Profile.
Step 2
Step 3
Step 4
Setting
Primary Mailstore
Backup Mailstore
Make this the default Voicemail (Optional) Check this option if you want new users to be
Profile for the system
automatically added to the default profile.
Users who are already synchronized to Cisco Unified Presence from
Cisco Unified Communications Manager are not added to the
default profile. However, any users who are synchronized after the
default profile is created are added to the default profile.
13-11
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
Step 5
(Cisco Unified Personal Communicator Release 8.x) Enter information into the fields:
Field
Setting
Inbox Folder
Enter the name of the folder on the mailstore server in which to store
new messages. Only change this value if the mailstore server uses a
different folder name from the default folder.
Default Folder: INBOX
Trash Folder
Enter the name of the folder on the mailstore server in which to store
deleted messages. Only change this value if the mailstore server
uses a different folder name from the default folder.
Default Folder: Deleted Items
Polling Interval
Enter the time (in seconds) that can elapse between polls of the
IMAP server for new voice messages, when IDLE is not supported
by the mailstore or when a connection failure occurs.
Default Value: 60
Permitted Values: 60900
Step 6
Step 7
Use the Find and List Users window to find and select users, and select Add Selected to add users to the
profile.
Step 8
Select Save.
Related Topics
Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 13-9
Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 13-9.
Before you perform the tasks described here, make sure you fully integrate Cisco Unified Personal
Communicator with Cisco Unified Communications Manager and Cisco Unified Presence.
13-12
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
About the Conferencing Servers for Cisco Unified Personal Communicator, page 13-13
(Cisco Unified Personal Communicator Release 8.x) Configuring the Cisco Unified MeetingPlace
Web Server, page 13-18
Adding Custom Cisco Unified MeetingPlace Template Files to a Cisco Unified MeetingPlace7.x
Web Server, page 13-18
(Cisco Unified Personal Communicator Release 8.5) Configuring Cisco Webex Servers, page 13-19
Configuring Conferencing Server Names and Addresses on Cisco Unified Presence, page 13-19)
All versions
7.1
8.x
8.0
7.1, 8.5
1. Can be used for conference calls with video if Cisco Unified Communications Manager is configured to use Cisco Unified
MeetingPlace Express VT.
2. Does not support web meetings.
You can use Cisco Unified Personal Communicator to join Cisco Unified MeetingPlace and
Cisco Webex scheduled meetings as follows:
Conferencing Server
All versions
Cisco Webex
8.5
13-13
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
Install a supported release of the web conferencing server (Cisco Unified MeetingPlace Express or
Cisco Unified MeetingPlace Express VT).
Integrate the web conferencing server with Cisco Unified Communications Manager.
Determine the number of Cisco Unified MeetingPlace Express (or Cisco Unified
MeetingPlace Express VT) user licenses that are needed to provide enough web ports for meetings
initiated through Cisco Unified Personal Communicator.
Procedure
Step 1
Integrate the web conference server with Cisco Unified Personal Communicator:
To Configure This Server
Do This
Cisco Unified
MeetingPlace Express adhoc
conferencing functionality
a.
adhocsystemsoftware
webconf
maxadhoc
b.
a.
systemsoftware
webconf
maxweb
This provides enough web ports for both the full web meetings that
are initiated from Cisco Unified MeetingPlace Express, and the
web meetings that are initiated from Cisco Unified Personal
Communicator.
b.
Step 2
If not already enabled, enable the Secure Sockets Layer (SSL) encryption technology on the web
conference server by obtaining and uploading the required certificates from a trusted certificate authority
(CA).
13-14
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
The certificate is required for secure communications between Cisco Unified Personal Communicator
and the web conference server. Without SSL, clear text passwords are sent from Cisco Unified Personal
Communicator to the web conferencing server and from the sign in browser to the web conferencing
server.
Step 3
Set up a user profile on the web conference server for each Cisco Unified Personal Communicator user
who might initiate web meetings from a Cisco Unified Personal Communicator conversation.
You do not need to create a user profile for Cisco Unified Personal Communicator users who attend
web meetings. They join the web meeting as guests, and a password is not needed.
Make sure to set the Method of Attending to Ill Call In for users who might initiate web meetings;
otherwise, the web conference system will try to contact the user who selected the Escalate to Web
Conference button in Cisco Unified Personal Communicator. Make sure to ask users not to change
this setting.
Step 4
Assist users with the Presenter Add-In installation so that desktops, documents, or computer applications
can be shared.
Step 5
Change the network configuration so that inbound calls from the public switched telephone network
(PSTN) to Cisco Unified Personal Communicator support RFC2833.
For inbound calls, Cisco Unified Personal Communicator requires RFC2833 support if these calls
require dual tone multifrequency (DTMF) digit collection. Inbound calls to the client will not be
answered with key press markup language (KPML) support.
A typical inbound call scenario is when the web conference server calls the user as a conference is
being set up. In this situation, if the inbound call from the PSTN supports RFC2833, the Cisco
Unified Personal Communicator user can join the meeting by using the session dial pad.
For outbound calls, Cisco Unified Personal Communicator supports both KPML and RFC2833 digit
collection.
Troubleshooting Tips
As an alternative to setting up a user profile on the web conference server, you can configure the
Administrative XML Layer Simple Object Access Protocol (AXL SOAP) authentication on
Cisco Unified Communications Manager to simplify the web conference user profile
administration. With this configuration, the Cisco Unified Personal Communicator meeting initiator
needs a Cisco Unified Communications Manager profile instead of a web conference user profile.
With AXL authentication, when the initiator requests a meeting for the first time through Cisco
Unified Personal Communicator, a web conference profile is automatically created for the initiator.
Cisco Unified Personal Communicator users must enter their Cisco Unified MeetingPlace Express
credentials in the Cisco Unified Personal Communicator Preferences window.
Related Topics
For details about Cisco Unified MeetingPlace Express or Cisco Unified MeetingPlace Express VT
the server installation, see the product installation guide:
http://www.cisco.com/en/US/products/ps6533/prod_installation_guides_list.html
For details about supported Cisco Unified MeetingPlace Express releases, and the supported and
unsupported meeting controls, see the release notes:
http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
For details on integrating the web conferencing server with Cisco Unified
Communications Manager, see the Cisco Unified Communications Manager documentation:
13-15
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
For details on the Presenter Add-In installation, see the product user guide:
http://www.cisco.com/en/US/products/ps6533/products_user_guide_list.html
For a description of the characteristics of a web conference that you add to a Cisco Unified Personal
Communicator conversation, see the user documentation at the following URL:
http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.html
What To Do Next
Configuring Conferencing Server Names and Addresses on Cisco Unified Presence, page 13-19
Install a supported release of the Cisco Unified MeetingPlace web conferencing server. For more
information about how to install and configure Cisco Unified MeetingPlace, see the Administration
Documentation for Cisco Unified MeetingPlace:
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html
Integrate the web conferencing server with Cisco Unified Communications Manager.
Determine the number of web and audio conferencing user licenses that provide enough web ports
for meetings initiated through Cisco Unified MeetingPlace and through Cisco Unified Personal
Communicator.
Procedure
Step 1
Step 2
If not already enabled, enable the Secure Sockets Layer (SSL) encryption technology on the web
conference server. You must obtain and upload the required certificates from a trusted certificate
authority (CA).
The certificate is required for secure communications between Cisco Unified Personal Communicator
and the web conference server. Without SSL, clear text passwords are sent from Cisco Unified Personal
Communicator to the web conferencing server and from the sign in browser to the web conferencing
server.
Step 3
MeetingPlace
13-16
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
Step 4
LDAP
Set up a user profile on the Cisco Unified MeetingPlace server for each Cisco Unified Personal
Communicator user who might initiate web meetings from a Cisco Unified Personal Communicator
conversation.
Troubleshooting Tips
Cisco Unified Personal Communicator users must enter their Cisco Unified MeetingPlace
credentials in the Cisco Unified Personal Communicator options or preferences window. Make sure
that you provide the password that is consistent with the configured authentication method. For
example, if you configured Cisco Unified MeetingPlace as the authentication method, provide the
user with the Cisco Unified MeetingPlace password. If you configured LDAP as the authentication
method, provide the user with the LDAP password.
You do not need to create Cisco Unified MeetingPlace user profiles for all Cisco Unified Personal
Communicator users. Cisco Unified Personal Communicator users who do not have
Cisco Unified MeetingPlace profiles can attend web conferences initiated by other Cisco Unified
Personal Communicator users as guests, and passwords are not needed. However, some
authentication methods, for example, HTTP Basic Authentication, do not allow Cisco Unified
Personal Communicator users to sign in to Cisco Unified MeetingPlace as guests.
If you configure multiple web servers with different authentication methods and mismatched
credentials, users might have problems when they try to sign in to web conferences.
Related Topics
For details about Cisco Unified MeetingPlace installation, see the product installation guide:
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html
For details about supported Cisco Unified MeetingPlace releases, see the Release Notes for
Cisco Unified Personal Communicator:
http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
For details about integrating the web conferencing server with Cisco Unified
Communications Manager, see the Cisco Unified Communications Manager documentation:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
For details about setting up SSL and configuring authentication methods, see the
Cisco Unified MeetingPlace configuration guide:
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_installation_and_configuration
_guides_list.html
What To Do Next
Configuring Conferencing Server Names and Addresses on Cisco Unified Presence, page 13-19
13-17
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
Install a supported release of the Cisco Unified MeetingPlace conferencing server. For more information
about how to install and configure Cisco Unified MeetingPlace, see the Administration Documentation
for Cisco Unified MeetingPlace:
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html
Procedure
Step 1
If required, enable a secure connection between Cisco Unified Personal Communicator and the
Cisco Unified MeetingPlace Application Server. You must obtain and upload the required certificates
from a trusted certificate authority (CA).
Step 2
Create a user profile on the Cisco Unified MeetingPlace Application Server for each Cisco Unified
Personal Communicator user who wants to use the web conferencing feature.
Step 3
Configure a conferencing server entry on Cisco Unified Presence. Use the IP address of the
Cisco Unified MeetingPlace Web Server as the conferencing server.
Step 4
Use the conferencing server to create a conferencing profile. Check Make this the default
Conferencing Profile for the system for the conferencing profile.
Step 5
Create a conferencing profile on Cisco Unified Presence, and assign the Cisco Unified Personal
Communicator web conferencing users to the conferencing profile.
What To Do Next
Configuring Conferencing Server Names and Addresses on Cisco Unified Presence, page 13-19
Related Topic
CSFGetProfileSuccess.tpl
CSFScheduleSuccess.tpl
You can get the above files from the Administration Toolkit. To access the Administration Toolkit,
navigate to Cisco Unified Personal Communicator from the Download Software page at the following
URL:
http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=278875240
13-18
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
You can copy these files to the correct location on the Cisco Unified MeetingPlace Web server. You do
not need to restart the server. The default location for these files is as follows:
C:\Program Files\Cisco Systems\MPWeb\Template
Configuring Single Sign-on for Cisco Webex and Cisco Unified MeetingPlace, page 13-19
Configuring Single Sign-on for Cisco Webex and Cisco Unified MeetingPlace
To deploy Cisco Unified Personal Communicator in an environment where users join Cisco Webex
meetings using their Cisco Unified MeetingPlace credentials, and the credentials are verified by
Cisco Unified MeetingPlace, you must set a registry key value as follows:
Registry Key
Value
WebConfSSOIdentityProvider
meetingplace
Obtain the hostname or IP address, and the port number, of the conferencing server.
If you are configuring a Cisco Webex Node for MCS server for conferencing and you are using
Release 7.0, you will need the Site ID and the Partner ID values assigned to your Cisco Webex site.
If you do not have these values, obtain them from your Cisco Webex administrator. These values are
optional if you are using Cisco Unified Personal Communicator Release 8.5.
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Cisco Jabber > Conferencing
Server.
Step 2
13-19
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
Step 3
Step 4
Enter an IP address or FQDN (Fully Qualified Domain Name) of the conferencing server.
Step 5
b.
between the server, Cisco Unified Personal Communicator, and the browser. Select this option
if your conferencing server does not have SSL enabled.
HTTPS: Selects Hypertext Transfer Protocol over SSL as the method for securely transferring
data between the server, Cisco Unified Personal Communicator, and the browser. Select this
option if your conferencing server has SSL enabled.
Note
Step 6
Step 7
Step 8
a.
Enter the Site ID number assigned to your Cisco Webex site. Cisco Webex provides you with an ID
number for your customer site when you deploy the Cisco Webex product. If you do not have a Site
ID number, contact your Cisco Webex administrator. The field is optional if you are using
Cisco Unified Personal Communicator Release 8.5.
b.
Enter the Partner ID (PID) value assigned to your Cisco Webex site. Cisco Webex provides you with
a PID when they enable the Cisco Webex Application Programming Interface (API) on your
Cisco Webex site. If you do not have a PID, contact your Cisco Webex administrator. The field is
optional if you are using Cisco Unified Personal Communicator Release 8.5.
Select Save.
Troubleshooting Tip
If you upgrade an existing Cisco Unified Presence server, the Server Type value may initially default to
Undefined. In this case, select one of the known types of conferencing server from the menu. If you
leave a conferencing server entry as Undefined, it may slow conferencing performance with
Cisco Unified Personal Communicator.
Related Topics
(Cisco Unified Personal Communicator Release 8.x) Configuring the Cisco Unified MeetingPlace
Web Server, page 13-18
(Cisco Unified Personal Communicator Release 8.5) Configuring Cisco Webex Servers, page 13-19
13-20
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
What To Do Next
Note
By contrast, a profile in Cisco Unified MeetingPlace or in Cisco Unified MeetingPlace Express defines
the privileges and preferences configured for a specific user in this application.
Before You Begin
You must create the conferencing profile before you can add Cisco Unified Personal Communicator
licensed users to the application profile.
You must first specify conferencing server names and addresses before you can select them in this
procedure.
Restrictions
Select Cisco Unified Presence Administration > Application > Cisco Jabber > Conferencing
Profile.
Step 2
Step 3
Step 4
Field
Setting
Select the conferencing server with which you want to associate this
conferencing profile. This drop-down list contains the conferencing
servers that you previously configured on the Conferencing Server
Configuration window. Change the primary conferencing server to
suit your network configuration.
13-21
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Configure Conferencing Servers for Cisco Unified Personal Communicator
Field
Setting
Step 5
Step 6
Use the Find and List Users window to find and select users, and select Add Selected to add users to the
profile.
Step 7
Select Save.
Related Topics
(Cisco Unified Personal Communicator Release 8.x) Configuring the Cisco Unified MeetingPlace
Web Server, page 13-18
Configuring Conferencing Server Names and Addresses on Cisco Unified Presence, page 13-19
What To Do Next
13-22
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
(Cisco Unified Personal Communicator Release 8.x) Creating Audio Profiles on Cisco Unified Presence
Select Cisco Unified Presence Administration > Application > Cisco Jabber > Audio Profile.
Step 2
Step 3
Step 4
Field
Setting
(Optional) Check this check box if you want voice activity detection
(VAD) to detect the presence or absence of human speech, and
facilitate speech processing in an audio session. Uncheck this check
box if you do not need VAD, or if it impedes the audio output.
Default Setting: On
13-23
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
Configuring CCMCIP Profiles for Cisco Unified Personal Communicator Release 8.x
Field
Setting
(Optional) Check this check box to remove echo from audio output
and improve the audio quality. Uncheck this check box if you do not
need echo cancellation, or if it impedes the audio output.
Default Setting: On
Select High Echo if you expect that the echo will be loud
relative to the voice of the participant.
Step 6
Use the Find and List Users window to find and select users, and select Add Selected to add users to the
profile.
Step 7
Select Save.
Select Cisco Unified Presence Administration > Application > Cisco Jabber > CCMCIP Profile.
Step 2
13-24
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
Configuring CCMCIP Profiles for Cisco Unified Personal Communicator Release 8.x
Step 3
Step 4
Field
Setting
Enter the address of the server for the CCMCIP service to use to
retrieve the list of associated devices when users sign in to a device
or phone.
Enter the address in one of the following forms:
IP address
Host name
FQDN
This value must match exactly the IP address, host name, or FQDN
of the CCMCIP server.
Backup CCMCIP Host
Enter the address of the backup server for the CCMCIP service to
use if the primary CCMCIP server fails.
Enter the address in one of the following forms:
IP address
Host name
FQDN
This value must match exactly the IP address, host name, or FQDN
of the backup CCMCIP server.
Server Certificate Verification
13-25
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
About Configuring Third-Party Clients on Cisco Unified Presence
Step 5
Step 6
Use the Find and List Users window to find and select users, and select Add Selected to add users to the
profile.
Step 7
Select Save.
About Running Cisco Unified Personal Communicator as a Desktop Agent, page 13-26
Before You Start Cisco Unified Personal Communicator as a Desktop Agent, page 13-27
Conversation history - any calls that you make are not listed in the call logs.
Call and chat features from applications such as Microsoft Outlook and Office are not available. You
can only modify your audio or call settings, such as the audio device or call forwarding options,
while running Cisco Unified Personal Communicator in normal mode. Any changes that you make
in normal mode are applied when you restart the application as a desktop agent.
13-26
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
(Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal Communicator as a Desktop
Before you can start Cisco Unified Personal Communicator as a desktop agent, you must first:
Related Topics
Before You Start Cisco Unified Personal Communicator as a Desktop Agent, page 13-27
Note
These registry keys are ignored when you are using Cisco Unified Personal Communicator in
normal mode.
Step 2
Step 3
Enter your credentials and check the Automatically sign in check box.
Step 4
Note
Cisco Unified Personal Communicator will not operate in agent desktop mode if you are using
your desk phone for phone calls. Do not check the Use my desk phone for audio check box.
Step 5
Verify that your audio and call settings meet your requirements, for example, selected audio device and
call forwarding options. These settings cannot be modified in desktop agent mode.
Step 6
Note
You must perform steps 2 to 6 each time your user credentials in Cisco Unified
Communications Manager change.
Related Topics
13-27
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
(Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal Communicator as a Desktop
Before You Start Cisco Unified Personal Communicator as a Desktop Agent, page 13-27
Note
This command also terminates any Cisco Unified Personal Communicator process that is running in
normal mode.
Related Topics
Before You Start Cisco Unified Personal Communicator as a Desktop Agent, page 13-27
13-28
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
(Cisco Unified Personal Communicator Release 8.5) Distributing HTML Files for Display in the Cisco Unified
Step 2
Step 3
Right-click on the CUPC key, and select New > Multi-String Value.
Step 4
Step 5
Step 6
In the Value data field, enter up to three lines in the following format:
Label, icon1.png, filename1.html, True
where
Label is the title for the HTML page that you want to appear in the Cisco Unified Personal
Communicator window. Keep the labels short as long labels will be truncated.
icon1.jpg is the location and filename of the icon that you want to use with the label for the HTML
page. The supported formats are PNG (recommended), JPG, GIF, and BMP. The recommended icon
size is 24x24 pixels. Any icons that are larger than this size are scaled to size.
filename1.html is the page that you want to display. This can be a local file or a link to an external
URL.
True can be true or false to indicate if the HTML page is automatically refreshed each time you click
on the icon. This value is optional and if not specified, a value of false is assumed.
For example:
Cisco, C:\images\icon1.png, http://www.cisco.com, true
Products, \\web\images\icon2.png, \\web\content\products.html, true
Pricing, \\web\images\icon3.png, \\web\content\pricing.html, false
Some particular notes about this feature are:
If the HTML content is not valid, the item is not displayed in the Cisco Unified Personal
Communicator main window.
13-29
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
About Migrating Users from Cisco Unified Personal Communicator Release 7.x to Cisco Unified Personal
If there are problems accessing the HTML content (for example, network connection issues) and you
specified True in the registry value to refresh the content every time you click on the icon, the page
is not displayed. If you specified False, not to refresh the content each time you click on the icon,
the previously-cached content is displayed.
Configuring a New User for Full Cisco Unified Personal Communicator Functionality, page 13-32
Application Profiles
This module describes how to change the following application profiles for a single user, or for multiple
users:
Voicemail Profile
Conferencing Profile
LDAP Profile
Application profiles enable you to partition your Cisco Unified Personal Communicator user base for
performance and scalability. You can change individual application profiles for each user.
Application profiles are not required; some Cisco Unified Personal Communicator users might not have
a voicemail or a conferencing profile. In this situation, the drop-down selection displays None.
13-30
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Update User Configuration After Deploying Cisco Unified Personal Communicator
Related Topics
Select Cisco Unified Presence Administration > Application > Cisco Jabber > User Settings.
Step 2
Select Find to populate the search results fields, or search for a user, and then select Find.
Step 3
Step 4
Specify the profiles to change for the user in the Application Profile Configuration section.
If you change a user application profile in this window (for example, change from LDAP Profile 1 to
LDAP Profile 2), the change is reflected in Cisco Unified Presence Administration > Application >
LDAP Profile window.
Step 5
Select Save.
The user must exit and restart Cisco Unified Personal Communicator for the changes to take effect.
Related Topic
Select Cisco Unified Presence Administration > Bulk Administration > Cisco Jabber/Microsoft
RCC > Export.
Step 2
Select Find in the Export Users Query window to obtain current profile information by finding all
users.
b.
c.
Specify the filename to be exported in the Export CUP Users Configuration window.
Step 3
Select Cisco Unified Presence Administration > Bulk Administration > Upload/Download Files.
Step 4
Step 5
a.
b.
c.
Add or remove profile names according to the instructions in the sample file.
Select Cisco Unified Presence Administration > Bulk Administration > Upload/Download Files.
a.
13-31
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Update User Configuration After Deploying Cisco Unified Personal Communicator
b.
c.
Select the target for which you want to use the file.
d.
e.
Check Overwrite File if it exists if you want to overwrite an existing file with the same name.
f.
Select Save.
Step 6
Select Cisco Unified Presence Administration > Bulk Administration > Cisco Jabber/Microsoft
RCC > Update.
Step 7
b.
Related Topic
Task
Cisco Unified Communications Manager
Configuration
13-32
Chapter 13
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Update User Configuration After Deploying Cisco Unified Personal Communicator
Task
Assign capabilities.
Configuring Videoconferencing
Resources and Ad-Hoc Conferencing on
Cisco Unified Communications Manager,
page 12-31
13-33
Chapter 13 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
How to Update User Configuration After Deploying Cisco Unified Personal Communicator
13-34
CH A P T E R
14
Installation and Configuration of Headsets and Other Audio Devices, page 14-12
Use of Third-Party Headsets with Cisco Unified Personal Communicator, page 14-12
Pre-Deployment Tasks
Removing Any Applications That Depend on Cisco Unified Client Services Framework, page 14-1
14-1
Chapter 14
Pre-Deployment Tasks
Tip
If you are performing a mass deployment of Cisco Unified Personal Communicator, you can use a
software deployment tool to silently uninstall Cisco Unified Video Advantage from client computers
prior to the installation.
Setting a Default Address for the Cisco Unified Presence Server, page 14-3
14-2
Chapter 14
Note
Cisco Unified Personal Communicator does not use the port mapped in the SRV record. Port 8443 is the
default port used.
The DNS SRV record on Cisco Unified Personal Communicator is populated automatically by Cisco Unified
Personal Communicator based on the service name and the domain name (connection specific suffix if not
Active Directory domain) used by the user upon login.
For example, if the user and Cisco Unified Presence server have the same domain name, <company>.com,
the Cisco Unified Presence server address is cupserver.company.com. The administrator defines the SRV
record as _cuplogin._tcp.company.com within the enterprise resolving to cupserver.company.com.
Cisco Unified Personal Communicator release 8.5(2) automatically populates the SRV record
_cuplogin._tcp.company.com to perform an SRV lookup. If the user logs into a domain different from the
Cisco Unified Presence domain, you must follow the steps in Location of Registry Key, page 14-4.
When using the DNS SRV feature, Cisco Unified Personal Communicator release 8.5(2) and later uses the
following logic:
Note
1.
At startup, Cisco Unified Personal Communicator looks up the Cisco Unified Presence server address
within its local cache. Note that the local cache only exists if the user logged into Cisco Unified Presence
successfully at least once.
2.
If the Cisco Unified Presence server address can not be retrieved from the local cache, the local registry
is checked. The registry may contain either a host address or a domain hint.
3.
If the local registry does not have an address, Cisco Unified Personal Communicator does a DNS SRV
query. If the DNS SRV query fails, a DNS A query is performed.
4.
After a successful login, Cisco Unified Personal Communicator ensures that the Cisco Unified Presence
server address is used for subsequent logins. If a users home server is different Cisco Unified Presence
server, the original Cisco Unified Presence server is capable of redirecting Cisco Unified Personal
Communicator to the usess home Cisco Unified Presence server. Successful login will result in
Cisco Unified Personal Communicator updating the local cache with the new server address so that
redirect only happens once.
Steps 2 through 4 above only apply to first-time logins and rare cases.
If a users domain (connection specific suffix if not Active Directory domain) is different from that
of the Cisco Unified Presence domain and if Cisco Unified Personal Communicator is required to
discover Cisco Unified Presence server address using DNS SRV lookup, a domain hint needs to be
entered. For example, a users domain is company.com, the Cisco Unified Presence servers domain is
cupdomain.company.com, and the Cisco Unified Presence server address is
cupserver.cupdomain.company.com. The administrator defines the SRV record
_cuplogin._tcp.cupdomain.company.com within the enterprise resolving to
cupserver.cupdomain.company.com. In this case, the registry key should contain
cupdomain.company.com to request that Cisco Unified Personal Communicator populate
_cuplogin._tcp.cupdomain.company.com and NOT _cuplogin._tcp.company.com.
14-3
Chapter 14
Pre-Deployment Tasks
2.
You want to use the auto discovery mechanism and deploy Cisco Unified Personal Communicator
release 8.5(2) with a plain Cisco Unified Presence server address within the cluster.
Caution
Cisco Unified Presence release 8.6(1) supports both intracluster and intercluster user login
redirect. The mechanism above does not support any form of load balancing. As a result, the
administrator is expected to plan Cisco Unified Personal Communicator rollout effectively with
the goal of not overwhelming a single server with login requests. Overwhelming a single
server with login requests may result in failure of critical services on Cisco Unified Presence.
To deploy this change to the computers in your Cisco Unified Personal Communicator system, you can
use a software management system. Supported software management systems include Active Directory
Group Policy, Altiris, and Microsoft System Management Server (SMS).
Note
If CUPServer information is present in both of these registry keys, the policies configuration data
takes precedence.
Cisco Unified Personal Communicator reads only HKEY_CURRENT_USER keys. Cisco Unified
Personal Communicator does not read HKEY_LOCAL_MACHINE keys.
14-4
Chapter 14
The Cisco Unified Personal Communicator application is provided in two separate installation formats
as follows:
This section describes the installation formats and the deployment options.
Executable File
Users can run the executable file on their own computers. The executable file includes the prerequisite
software for the application, as follows:
Cisco Unified Personal Communicator checks if the prerequisite software is installed on the computer
and if not, it automatically installs the prerequisites. To save time during the installation process, we
recommend that you install the prerequisite software in advance of installing Cisco Unified Personal
Communicator. All of the prerequisite software is available from the Microsoft website.
Note
If the minimum required version of .NET Framework is not installed on the computer, Cisco Unified
Personal Communicator runs the installer stub provided for that application. The installer stub
downloads the .NET Framework software from the Microsoft website. This action requires Internet
access and takes a considerable amount of time. We recommend that you install the required release of
Microsoft .NET Framework in advance of the Cisco Unified Personal Communicator installation to save
time and avoid any Internet access issues.
14-5
Chapter 14
Note
If you choose to install the MSI file, you must install the prerequisite software prior to installing
Cisco Unified Personal Communicator.
The prerequisite software that you must install prior to installing the Cisco Unified Personal
Communicator MSI file is:
Description
1
14-6
Chapter 14
Filename
Description
CiscoUnifiedPersonalCommunicatorSetupK9_XXX.msi
CiscoVTCameraDriverSetup.msi
uc-client-mac-latest.zip
Deployment Options
You can deploy the Cisco Unified Personal Communicator installation application in one of the
following ways:
Use Active Directory Group Policy. You can use group policy to deploy administrator configuration
settings.
Use a software management system, for example, Altiris Deployment Solution, Microsoft System
Center Configuration Manager (SCCM), and so on.
Use a self-extracting executable with a batch script. You can use the batch script to deploy
administrator configuration settings.
Standalone Installation
The administrator can install Cisco Unified Personal Communicator on each individual client computer
or users can install the application on their own computers. The administrator can use the options listed
in Automated Mass Deployment, page 14-7 to deploy the administrator configuration settings.
14-7
Chapter 14
Note
We strongly recommend that you use the executable file for standalone installations.
(Cisco Unified Personal Communicator Release 8.5 and Earlier) Deploying the Application in a
Mac OS Environment, page 14-8
Deploying the Application and the Camera Drivers in a Microsoft Windows Environment, page 14-8
Installing Security Certificates on Client Computers for Client Services Framework (CSF),
page 14-9
Enabling Availability Status for Microsoft Office 2010 Users, page 14-10
(Cisco Unified Personal Communicator Release 8.5 and Earlier) Deploying the
Application in a Mac OS Environment
Before You Begin
Put the disk image on an internal server so that users can download the image from that location.
Alternatively, you can burn the disk image on a CD for internal distribution.
Step 2
Ask users to complete the installation of Cisco Unified Personal Communicator by following the
instructions in the user documentation.
Related Topics
User documentation:
http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.htm
Installation and Configuration of Headsets and Other Audio Devices, page 14-12
What To Do Next
14-8
Chapter 14
Restriction
Cisco Unified Personal Communicator does not support the advertising or publishing deployment in
which users open an icon that the administrator places on their desktops to install the application.
Procedure
Step 1
Then...
Deploy the executable or MSI package Distribute the installer at an elevated privilege so that users
to a shared location (such as a web
can complete the installation (run the installer and follow the
server) where users can access it.
installation wizard)
Deploy either the executable or the
MSI package directly to the client
computer.
Step 2
(If required) Ask users to complete the installation of Cisco Unified Personal Communicator by
following the instructions in the user documentation.
Related Topics
User documentation:
http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.htm
What To Do Next
Installing Security Certificates on Client Computers for Client Services Framework (CSF), page 14-9
14-9
Chapter 14
Procedure
Step 1
Step 2
Step 3
Put the certificate file into the folder where you store your security certificates. The default location for
storing security certificates is as follows:
(Optional) To specify a custom location for storing security certificates, do the following:
a.
Select Cisco Unified Presence Administration > Application > Cisco Jabber > Settings.
b.
Use the CSF certificate directory field to specify the absolute path to the folder where the
certificates are stored.
(Optional) To specify the Server Certificate Verification parameter for a CCMCIP security profile, do
the following:
a.
Select Cisco Unified Presence Administration > Application > Cisco Jabber > CCMCIP Profile
(CUPC 8.0 and higher).
b.
c.
In the Server Certificate Verification field, select one of the following options:
Any Certificate
Self Signed or Keystore
Keystore Only
What To Do Next
Enabling Availability Status for Microsoft Office 2010 Users, page 14-10
Step 2
Step 3
Step 4
Add a new value to the proxyAddresses attribute in the format SIP:email-address, for example,
SIP:johndoe@cisco.com.
14-10
Chapter 14
Note
If Call Manager is not AD integrated, the proxyAddress LDAP attribute must be equal to sip uri on the
Cisco Unified Presence server.
Note
It is not possible to upgrade from Cisco Unified Personal Communicator Release 7.x to Cisco Unified
Personal Communicator Release 8.5.
Procedure
Step 1
Download the latest available Cisco Unified Personal Communicator software from the Software Center.
Step 2
For Windows, download the Cisco VT Camera drivers from the Software Center also.
Device drivers are not required for Cisco VT Camera III cameras.
Step 3
Step 4
(Optional) For Windows, ask users to uninstall the previous version of Cisco Unified Personal
Communicator from the Control Panel.
Step 5
b.
c.
d.
e.
Related Topics
User documentation:
http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.htm
14-11
Chapter 14
(Cisco Unified Personal Communicator Release 8.5 and Earlier) Deploying the Application in a
Mac OS Environment, page 14-8
Deploying the Application and the Camera Drivers in a Microsoft Windows Environment, page 14-8
User documentation:
http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.htm
Use of Third-Party Headsets with Cisco Unified Personal Communicator, page 14-12
14-12
Chapter 14
Finally, some analog headsets do not match the electrical characteristics for which some sound cards are
designed. The microphones on such headsets are frequently too sensitive, even when the input levels in
Cisco Unified Personal Communicator are reduced to their lowest values. The users of such headsets will
sound distorted to remote parties.
It is important to ask Cisco Unified Personal Communicator users whether a particular headset sounds
good to them. In addition, ask remote parties about the reception from this application when they use a
particular headset.
Related Topic
Installation and Configuration of Headsets and Other Audio Devices, page 14-12
Configuration
Behavior
Unanswered calls are diverted to the call forward no answer (CFNA) target. The
default setting for CFNA is voicemail in Cisco Unified Communications Manager.
If the CFNA target is not configured, incoming calls are rejected by Cisco Unified
Communications Manager, and the caller hears a busy tone.
(Shared line) If Cisco Unified Personal Communicator shares the line appearance with
other devices, the endpoints that are not set to DND are alerted to the incoming call,
and the caller hears the ringing tone. If all endpoints sharing the line appearance are
set to DND, incoming calls are forwarded to the CFNA target.
14-13
Chapter 14
Table 14-1
Configuration
Behavior
The DND behavior for Cisco Unified Personal Communicator is the same as the controlled
Cisco Unified IP Phone:
User cannot answer calls from either Cisco Unified Personal Communicator or from
the desk phone.
(Shared line) If Cisco Unified Personal Communicator shares the line appearance with
other devices, the endpoints that are not set to DND are alerted to the incoming call,
and the caller hears the ringing tone. If all endpoints sharing the line appearance are
set to DND, incoming calls are forwarded to the call forward busy (CFB) target.
The DND behavior for Cisco Unified Personal Communicator is the same as the controlled
Cisco Unified IP Phone:
User can answer incoming calls from Cisco Unified Personal Communicator or from
the desk phone. In both cases, Cisco Unified Personal Communicator displays a call
progress window with the connected call status.
Incoming calls display in both Cisco Unified Personal Communicator and the desk
phone communication histories.
Apart from Cisco Unified Personal Communicator, other devices might be associated with a particular
user. For example, devices such as IP Phone Messenger that are registered to Cisco Unified
Communications Manager might be associated with a particular user.
If the DND status is set on other devices, Cisco Unified Personal Communicator displays the DND
status. Similarly, Cisco Unified Presence passes the DND setting from Cisco Unified Personal
Communicator to other devices associated with this Cisco Unified Personal Communicator user.
Note
If the DND status is set from the Cisco Unified IP Phone (desk phone), Cisco Unified Presence does not
pass the DND status to other devices associated with the user, and the status of the user does not change
to the DND status on Cisco Unified Personal Communicator. Similarly if the DND status is set from the
Cisco Unified IP Phone (desk phone), the DND status clears from the phone, but does not clear on any
other devices.
Related Topics
For details about configuring the Cisco Unified IP Phone for DND, see the Cisco Unified
Communications Manager Features and Services Guide:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
14-14
Chapter 14
For details about which Cisco Unified IP Phone models support the DND feature, see the
administration guide for the specific phone model:
http://www.cisco.com/en/US/products/hw/phones/ps379/prod_maintenance_guides_list.html
Give to
Users If
You
Install
Provide This
Explanation
Yes
Yes
No
Sign-in information.
Yes
Username
Password
Yes
Yes
14-15
Chapter 14
Give to
Users
Who
Install
Provide This
Explanation
Yes
Provide users with information about which
Cisco Unified Personal Communicator features
are supported based on the integration with the
LDAP directory, voicemail servers, and web
conferencing servers. Inform users that they have
the ability to initiate web conferencing sessions
from a Cisco Unified Personal Communicator
conversation.
Give to
Users If
You
Install
Yes
14-16
Yes
Chapter 14
Provide This
Give to
Users
Who
Install
Explanation
Yes
User Options web page access Provide the URL
information
(https://server-address/ccmuser), user ID, and
password for accessing user options interface on
these servers:
Give to
Users If
You
Install
Yes
Yes
Yes
Yes
Yes
Yes
Related Topics
User documentation:
http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.htm
14-17
Chapter 14
Troubleshooting
Troubleshooting
Cisco Unified Personal Communicator Fails to Start or Starts with a Black Background with No
Visible Controls, page 14-18
Cannot Place or Receive Calls After a Secure Profile is Enabled, page 14-19
There can be a number of possible causes for this problem, as described in the following table:
Possible Cause
Description
This can occur if the sPositiveSign registry key is corrupt. To check if this is the
problem, search the client log files for the presence of one or more of the following
error messages:
Getting positive key - the user does not have the permissions required to read
from the registry keyRequested registry access is not allowed.
This can occur if you customize the Regional Options for the English (United States)
language to change the Decimal symbol or the List separator default settings. To
check if this is the problem, search the client log files for the presence of multiple
instances of the following error message:
2.
3.
4.
In the Standards and formats section, select a different language from the drop-down list. For
example, select English (Australia).
5.
Select Apply.
14-18
Chapter 14
6.
In the Standards and formats section, select English (United States) from the drop-down list.
7.
You may need to reboot your computer for the change to take effect.
Your selected default policy is to block all users, except those explicitly allowed.
Your policy does not include any exceptions for conference aliases.
The cucsf.exe process is running on the computer of the user, that is, Cisco Unified Personal
Communicator is running, but the user has not signed in.
Solution Ask the user to sign out of Cisco Unified Personal Communicator, then sign in again.
Trust List (CTL) files. The CTL file contains certificates for all of the servers in your
Cisco Unified Communications system with which Client Services Framework might need to
communicate securely.
When a device connects to a server in your Cisco Unified Communications system, the server is verified
against this list. Client Services Framework does not allow secure connections to servers that are not
explicitly listed in the CTL.
If a device is moved from one cluster to another or you upgrade to a new version of Cisco Unified
Communications Manager, you must update the CTL file for the device list of servers in the new cluster.
14-19
Chapter 14
Troubleshooting
Procedure
Step 1
Step 2
Step 3
Delete the contents of the appropriate folder as described in the following table:
Operating System
Folder
Windows XP
Windows Vista
Windows 7
<drive>:\Users\<username>\AppData\Roaming\Cisco\Unified
Communications\Client Services Framework\Security\sec
Delete the contents of the appropriate folder as described in the following table:
Operating System
Folder
Windows XP
Windows Vista
Windows 7
<drive>:\Users\<username>\AppData\Roaming\Cisco\Unified
Communications\Client Services Framework\Config
If a device is moved from one cluster to another, update the device settings for the user to point to the
new cluster. For example, update the references to the Cisco Unified Communications Manager IP Phone
(CCMCIP) server, Trivial File Transfer Protocol (TFTP) server, and Computer Telephony Integration
(CTI) servers.
14-20
CH A P T E R
15
How to Integrate the LDAP Directory with Cisco Unified Communications Manager, page 15-2
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator, page 15-6
How to Integrate the LDAP Directory for Contact Searches on XMPP Clients, page 15-13
Install and configure the LDAP server following the instructions in the product documentation.
OpenLDAP
For more information on the LDAP directory server support specifically for Cisco Unified
Communications Manager and Cisco Unified Personal Communicator, see the specific product
documentation below.
Related Topics
15-1
Chapter 15
LDAP Integrations
LDAP Integrations
You can configure a corporate LDAP directory in this integration to satisfy a number of different
requirements:
User provisioning: You can provision users automatically from the LDAP directory into the
Cisco Unified Communications Manager database. Cisco Unified Communications Manager
synchronizes with the LDAP directory content so you avoid having to add, remove, or modify user
information manually each time a change occurs in the LDAP directory.
User authentication: You can authenticate users using the LDAP directory credentials. Cisco
Unified Presence synchronizes all the user information from Cisco Unified Communications
Manager to provide authentication for users of the Cisco Unified Personal Communicator client and
Cisco Unified Presence user interface.
User lookup: You can enable LDAP directory lookups to allow Cisco Unified Personal
Communicator client users, or third-party XMPP clients, to search for and add contacts from the
LDAP directory.
As the scope of the LDAP integration is dependent on customer requirements and it can vary between
companies, there are a number of potential LDAP integration scenarios:
Note
1.
You integrate Cisco Unified Communications Manager and Cisco Unified Personal Communicator
with an LDAP directory. We strongly recommend this configuration.
2.
You integrate Cisco Unified Communications Manager with an LDAP directory, but you do not
integrate Cisco Unified Personal Communicator. We do not recommend this configuration because
it will impact Cisco Unified Personal Communicator functionality and you will experience
performance issues.
3.
You integrate Cisco Unified Personal Communicator with an LDAP directory, but you do not
integrate Cisco Unified Communications Manager. We do not recommend this configuration
because you will have to manually configure all your users on Cisco Unified Communications
Manager at initial installation, and each time a change is made on the LDAP directory.
When Cisco Unified Communications Manager is not integrated with LDAP, you must verify that the
username is exactly the same in Active Directory and Cisco Unified Communications Manager before
deploying Cisco Unified Presence. If the letter case does not match, the presence status will not work
properly in Cisco Unified Personal Communicator Release 7.x. Correct the username in Cisco Unified
Communications Manager to match Active Directory.
Related Topics
How to Integrate the LDAP Directory with Cisco Unified Communications Manager, page 15-2
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator, page 15-6
Secure Connection Between Cisco Unified Communications Manager and the LDAP Directory,
page 15-3
15-2
Chapter 15
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory,
page 15-6
Directory service
Tomcat service
See the Cisco Unified Communications Manager documentation for details on uploading a certificate to
Cisco Unified Communications Manager.
Related Topics
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory,
page 15-6
Make sure that you install the LDAP server before you attempt the LDAP-specific configuration on
Cisco Unified Communications Manager.
Restrictions
LDAP synchronization does not apply to application users on Cisco Unified Communications Manager.
You must manually provision application users in the Cisco Unified CM Administration interface.
15-3
Chapter 15
How to Integrate the LDAP Directory with Cisco Unified Communications Manager
Procedure
Step 1
Select Cisco Unified CM Administration > System > LDAP > LDAP System.
Step 2
Step 3
Step 4
Step 5
Select Cisco Unified CM Administration > System > LDAP > LDAP Directory
Step 6
Step 7
Synchronization schedule
Check Use SSL if you want to use Secure Socket Layer (SSL) to communicate with the LDAP directory.
Troubleshooting Tips
If you configure LDAP over SSL, upload the LDAP directory certificate onto Cisco Unified
Communications Manager.
See the LDAP directory content in the Cisco Unified Communications Manager SRND for
information about the account synchronization mechanism for specific LDAP products, and general
best practices for LDAP synchronization.
Related Topics
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory,
page 15-6
What To Do Next
15-4
Chapter 15
Step 2
Step 3
Step 4
Browse and select the LDAP server root certificate from your local computer.
Step 5
Step 6
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory, page 15-6
What To Do Next
LDAP authentication does not apply to the passwords of application users; Cisco Unified
Communications Manager authenticates application users in its internal database.
Procedure
Step 1
Select Cisco Unified CM Administration > System > LDAP > LDAP Authentication.
Step 2
Step 3
Step 4
Note
To use Secure Socket Layer (SSL) to communicate with the LDAP directory, check Use SSL.
Troubleshooting Tip
If you configure LDAP over SSL, upload the LDAP directory certificate to Cisco Unified
Communications Manager.
Related Topics
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory,
page 15-6
15-5
Chapter 15
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator
What To Do Next
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory, page 15-6
Note
Perform this procedure on all Cisco Unified Presence nodes in the cluster.
Before You Begin
Enable SSL for LDAP on Cisco Unified Communications Manager, and upload the LDAP directory
certificate to Cisco Unified Communications Manager.
Procedure
Step 1
Step 2
Step 3
On Cisco Unified Presence Release 7.x and earlier, select directory-trust from the Certificate Name
menu. On Cisco Unified Presence Release 8.0 and later, select tomcat-trust from the Certificate Name
menu.
Step 4
Browse and select the LDAP server certificate from your local computer.
Step 5
Step 6
Restart the Tomcat service from the CLI using this command:
utils service restart Cisco Tomcat
Related Topic
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory, page 15-6
What To Do Next
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator, page 15-6
15-6
Chapter 15
Before you perform this configuration, fully integrate the Cisco Unified Personal Communicator client
with Cisco Unified Communications Manager and Cisco Unified Presence.
(Cisco Unified Personal Communicator Release 8.0) Fetch Contact Pictures from a Web Server,
page 15-7
Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator, page 15-8
Configuring LDAP Server Names and Addresses for Cisco Unified Personal Communicator,
page 15-10
Creating LDAP Profiles and Adding Cisco Unified Personal Communicator Users to the Profile,
page 15-11
If the user edits a contact name in Cisco Unified Personal Communicator, display this name. This is
the Nickname LDAP attribute in Cisco Unified Presence.
If you configure an LDAP user field for DisplayName, display this name.
If you configure an LDAP user field for Nickname, display this name with the last name.
Otherwise, display the configured LDAP user fields for the first and last names in the Contact pane.
If there is a first name but no last name, display the first name. If there is a last name but no first
name, display the last name.
If you do not configure LDAP user fields for the FirstName and LastName, display the LDAP
UserID or the Cisco Unified Presence user ID in the Contact pane.
If a user adds a non-LDAP contact, the contact details in Cisco Unified Personal Communicator
allow the user to edit the Display As name, the first name, and the last name.
Related Topics
(Cisco Unified Personal Communicator Release 8.0) Fetch Contact Pictures from a Web Server,
page 15-7
Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator, page 15-8
http://mycompany.cisco.com/photo/std/%%uid%%.jpg
15-7
Chapter 15
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator
http://mycompany.cisco.com/photo/std/%%sAMAccountName%%.jpg
You must include the double percent symbols in this string, and they must enclose the name of the LDAP
attribute to substitute. Cisco Unified Personal Communicator removes the percent symbols and replaces
the parameter inside with the results of an LDAP query for the user whose photo it resolves.
For example, if a query result contains the attribute uid with a value of johndoe, then a template such
as http://mycompany.com/photos/%%uid%%.jpg creates the URL
http://mycompany.com/photos/johndoe.jpg. Cisco Unified Personal Communicator attempts to fetch the
photo.
This substitution technique works only if Cisco Unified Personal Communicator can use the results of
the query and can insert it into the template you specify above to construct a working URL that fetches
a JPG photo. If the web server that hosts the photos in a company requires a POST (for example, the
name of the user is not in the URL) or uses some other cookie name for the photo instead of the
username, this technique does not work.
Note
Cisco Unified Personal Communicator does not support authentication for this query; the photo
must be retrievable from the web server without credentials.
Related Topics
Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator, page 15-8
Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator
Note
The information about fetching a photo from Active Directory in this topic relates only to Cisco Unified
Personal Communicator Release 7.1.
You must configure the LDAP attribute map on Cisco Unified Presence where you enter LDAP attributes
for your environment and map them to the given Cisco Unified Personal Communicator attributes.
If you want to use LDAP to store your employee profile photos, you must either use a third-party
extension to upload the photo files to the LDAP server, or extend the LDAP directory server schema by
other means to create an attribute that the LDAP server can associate with an image. For Cisco Unified
Personal Communicator to display the profile photo, in the LDAP attribute map, you must map the
Cisco Unified Personal Communicator "Photo" value to the appropriate LDAP attribute. By default,
Cisco Unified Personal Communicator uses the jpegPhoto LDAP attribute to display the user photo,
which is present in the Windows 2003 and 2007 Active Directory schema. Note that Windows 2000
Active Directory uses the thumbnailPhoto attribute.
Before You Begin
Make sure that you install and set up the LDAP server before you configure the LDAP attribute map
on Cisco Unified Presence.
By default, Cisco Unified Personal Communicator uses the jpegPhoto LDAP attribute, which is
present in the Windows 2003 Active Directory schema. By contrast, the Windows 2000 Active
Directory uses the thumbnailPhoto attribute.
15-8
Chapter 15
Restrictions
The UPC UserID setting in the LDAP attribute map must match the Cisco Unified
Communications Manager user ID. This mapping allows a user to add a contact from LDAP to the
Contact list in Cisco Unified Personal Communicator. This field associates the LDAP user with the
associated user on Cisco Unified Communications Manager and Cisco Unified Presence.
You can map an LDAP field to only one Cisco Unified Personal Communicator field.
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Cisco Jabber > Settings
Step 2
Step 3
Step 4
If necessary, make modifications to the LDAP field to match your specific LDAP directory. The values
are common to all LDAP server hosts. Note the following LDAP directory product mappings:
Product
LastName Mapping
UserID Mapping
SN
sAMAccountName
SN
uid
Select Save.
Troubleshooting Tips
If you want to stop using the current attribute mappings and use the factory default settings, select
Restore Defaults.
You can see the LDAP attribute mappings in the Server Health window in Cisco Unified Personal
Communicator (Help > Show Server Health on Windows and Help > Show System Diagnostics
on Mac OS).
For information about faster LDAP searches, see the Troubleshooting Guide for Cisco Unified
Personal Communicator:
http://www.cisco.com/en/US/products/ps6844/prod_troubleshooting_guides_list.html
Related Topics
(Cisco Unified Personal Communicator Release 8.0) Fetch Contact Pictures from a Web Server,
page 15-7
What To Do Next
Configuring LDAP Server Names and Addresses for Cisco Unified Personal Communicator, page 15-10
15-9
Chapter 15
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator
Configuring LDAP Server Names and Addresses for Cisco Unified Personal
Communicator
Before You Begin
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Cisco Jabber > LDAP Server.
Step 2
Step 3
Step 4
Enter an IP address or an FQDN (Fully Qualified Domain Name) of the LDAP server.
Step 5
Specify the port number used by the LDAP server. The defaults are:
TCP389.
TLS636.
Check the LDAP directory documentation or the LDAP directory configuration for this information.
Step 6
Step 7
Select Save.
Troubleshooting Tips
If you integrate with Microsoft Active Directory and if the server is Global Catalog, configure the
following values:
Enter 3268 as the port number.
Select TCP as the protocol type.
The jpegPhoto attribute is not available in Microsoft Active Directory Global Catalog server, and it
is not indexed (http://msdn2.microsoft.com/en-us/library/ms676813.aspx). If your LDAP
configuration uses Global Catalog port 3268, Cisco Unified Personal Communicator cannot retrieve
the jpegPhoto. Instead, change the LDAP directory configuration to TCP and port 389.
Cisco Unified Personal Communicator retrieves the photo when you sign in again.
If you configure an application dial rule, create proper directory lookup dialing rules in
Cisco Unified Communications Manager to make sure that a picture displays both when you place
a call to a contact and in the contact details. When you add a contact in Cisco Unified Personal
Communicator, the directory lookup returns a 10-digit number (for example, 1234567890). If the
user places the call by dialing only four digits (for example, 7890), the picture does not display
because 7890 is not a match for 1234567890. Create the following rules to fix this problem:
Outbound rule to remove the area code. The picture displays in the contact details.
Inbound rule for directory lookup to prefix the area code (translate the 4-digit extension number
into the 10-digit DID number stored in AD). The picture displays when you place a call.
You can see LDAP server information in the server health window in Cisco Unified Personal
Communicator (Help > Show Server Health on Windows and Help > Show System Diagnostics
on Mac OS).
15-10
Chapter 15
Related Topic
Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator, page 15-8
What To Do Next
Creating LDAP Profiles and Adding Cisco Unified Personal Communicator Users to the Profile,
page 15-11
You must create the LDAP profile before you can add Cisco Unified Personal Communicator
licensed users to the profile.
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Cisco Jabber > LDAP Profile.
Step 2
Step 3
Field
Setting
Name
Description
Bind Distinguished
Name
15-11
Chapter 15
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator
Table 15-1
Field
Setting
Anonymous Bind
(Optional) Uncheck this option to use the user credentials to sign in to this LDAP
server.
For non-anonymous bind operations, Cisco Unified Personal Communicator
receives one set of credentials. If configured, these credentials must be valid on
the backup LDAP servers.
Note
Password
(Optional) Enter the LDAP bind password limited to 128 characters. This is the
password for the administrator-level account that you provided in the Bind
Distinguished Name string to allow users to access this LDAP server.
Confirm Password
Reenter the same password as the password you entered in the Password field.
(Optional) After configuring Cisco Unified Presence for authenticated bind with
the LDAP server, configure the LDAP server for anonymous permissions and
anonymous login so that all directory information (name, number, mail, fax,
home number, and so forth) is passed to the Cisco Unified Personal
Communicator client.
Search Context
(Optional) Enter the location where you configured all the LDAP users. This
location is a container or directory. The name is limited to 256 characters. Only
use a single OU/LDAP search context.
Note
The search base should include all users of Cisco Unified Personal
Communicator.
Recursive Search
Primary LDAP
Server and Backup
LDAP Server
15-12
Chapter 15
Table 15-1
Field
Setting
(Optional) Check to add any new users to the system into this default profile.
If you turn on this setting, Cisco Unified Presence adds any users that it
synchronizes from Cisco Unified Communications Manager to this default
profile. Cisco Unified Presence only adds users to this default profile after you
select the default profile (and you turn on the Sync Agent). Cisco Unified
Presence does not change any existing profile configuration. Therefore, we
recommend that you select and configure the default profile before you turn on
the Sync Agent.
Add Users to Profile Select the button to open the Find and List Users window.
Select Find to populate the search results fields. Alternatively, search for a
specific users and select Find.
To add users to this profile, select the users, and select Add Selected.
Step 4
Select Save.
Troubleshooting Tip
You can see the LDAP profile information in the server health window in Cisco Unified Personal
Communicator (Help > Show Server Health on Windows and Help > Show System Diagnostics on
Mac).
Related Topic
How to Update User Configuration After Deploying Cisco Unified Personal Communicator, page 13-30
Configuring LDAP Server Names and Addresses for XMPP Clients, page 15-14
Configuring the LDAP Search Settings for XMPP Clients, page 15-15
15-13
Chapter 15
How to Integrate the LDAP Directory for Contact Searches on XMPP Clients
Note
If you import a certificate chain (more than one certificate from the root node to the trusted node), import
all certificates in the chain except the leaf node. For example, if the CA signs the certificate for the LDAP
server, you just import the CA certificate, not the certificate for the LDAP server.
Before You Begin
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Third-Party Clients > Third-Party
LDAP Servers.
Step 2
Step 3
Step 4
Step 5
Specify the port number on the LDAP server that is listening to the TCP or SSL connection.
The default port is 389. If you enable SSL, specify port 636.
Step 6
Specify the username and the password for the LDAP server. These values must match the credentials
you configure on the LDAP server.
See the LDAP directory documentation or the LDAP directory configuration for this information.
Step 7
Check Enable SSL if you want to use Secure Socket Layer (SSL) to communicate with the LDAP server.
Step 8
Select Save.
Step 9
Start the Cisco UP XCP Router service on all nodes in the cluster (if this service is not already running).
15-14
Chapter 15
Troubleshooting Tips
If you enable SSL, the XMPP contact searches may be slower because of the negotiation procedures
at SSL connection setup, and data encryption and decryption after Cisco Unified Presence
establishes the SSL connection. As a result, if your users perform XMPP contact searches
extensively in your deployment, this could impact the overall system performance.
You can use the certificate import tool to check the communication with the LDAP server
hostname/port after you have upload the certificate for the LDAP server. Select Cisco Unified
Presence Administration > System > Security > Certificate Import Tool.
If you make an update to the LDAP server configuration for third-party XMPP clients, restart the
Cisco UP XCP Directory Service. Select Cisco Unified Serviceability > Tools > Control Center Feature Services to restart this service.
Related Topics
Secure Connection Between Cisco Unified Communications Manager and the LDAP Directory,
page 15-3
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory,
page 15-6
What To Do Next
Configuring the LDAP Search Settings for XMPP Clients, page 15-15
When XMPP clients search for their own vCard, or the vCard for a contact, the vCards are retrieved
from LDAP via the JDS service.
Clients cannot set or modify their own vCard as they are not authorized to edit the corporate LDAP
directory.
When XMPP clients search for their own vCard, or the vCard for a contact, the vCards are retrieved
from the local Cisco Unified Presence database.
Specify the LDAP server names and addresses for XMPP clients.
15-15
Chapter 15
How to Integrate the LDAP Directory for Contact Searches on XMPP Clients
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Third-Party Clients > Third-Party
LDAP Settings.
Step 2
Field
Setting
Generic Directory Server - Select this menu item if you are using any other
supported LDAP server type (iPlanet, Sun ONE or OpenLDAP).
Enter the User Object Class value appropriate to your LDAP server type. This
value must match the User Object Class value configured on your LDAP server.
If you use Microsoft Active Directory, the default value is user.
Base Context
Enter the Base Context appropriate to your LDAP server. This value must match
a previously configured domain, and/or an organizational structure on your
LDAP server.
User Attribute
Enter the User Attribute value appropriate to your LDAP server type. This value
must match the User Attribute value configured on your LDAP server.
If you use Microsoft Active Directory, the default value is sAMAccountName.
LDAP Server 1
LDAP Server 2
LDAP Server 3
Step 3
Check Build vCards from LDAP if you want to enable users to request vCards for their contacts and
retrieve the vCard information from the LDAP server. Leave the check box unchecked if you want clients
to be able to automatically request vCards for users as users join the contact list. In this case, clients
retrieve the vCard information from the local Cisco Unified Presence database.
Step 4
Enter the LDAP field required to construct the vCard FN field. Clients use the value in the vCard FN
field to display the contact's name in the contact list when a user requests a contact's vCard.
Step 5
In the Searchable LDAP Attributes table, map the client user fields to the appropriate LDAP user fields.
If you use Microsoft Active Directory, Cisco Unified Presence populates the default attribute values in
the table.
Step 6
Select Save.
Step 7
Start the Cisco UP XCP Router service (if this service is not already running)
Troubleshooting Tips
If you make an update to the LDAP search configuration for third-party XMPP clients, restart the
Cisco UP XCP Directory Service. Select Cisco Unified Serviceability > Tools > Control Center Feature Services to restart this service.
15-16
Chapter 15
Related Topic
Configuring LDAP Server Names and Addresses for XMPP Clients, page 15-14
What To Do Next
Note
Do not turn on the Cisco UP XCP Directory Service until you configure the LDAP server, and LDAP
search settings for third-party XMPP clients. If you turn on the Cisco UP XCP Directory Service, but
you do not configure the LDAP server, and LDAP search settings for third-party XMPP clients, the
service will start, and then stop again.
Before You Begin
Configure the LDAP server, and LDAP search settings for third-party XMPP clients.
Procedure
Step 1
Step 2
Select the Cisco Unified Presence server from the Server menu.
Step 3
Step 4
Select Save.
Related Topics
Configuring LDAP Server Names and Addresses for XMPP Clients, page 15-14
Configuring the LDAP Search Settings for XMPP Clients, page 15-15
15-17
Chapter 15
How to Integrate the LDAP Directory for Contact Searches on XMPP Clients
15-18
CH A P T E R
16
How to Migrate Users between Cisco Unified Presence Clusters, page 16-8
16-1
Chapter 16
Cisco Unified Presence uses the AXL/SOAP interface to retrieve user information for the home cluster
association. Cisco Unified Presence uses this user information to detect if a user is a local user (user on
the home cluster), or a user on a remote Cisco Unified Presence cluster within the same domain.
Cisco Unified Presence uses the XMPP interface for the subscription and notification traffic. If Cisco
Unified Presence detects a user to be on a remote cluster within the same domain, Cisco Unified Presence
reroutes the messages to the remote cluster.
Note
If you configure an intercluster deployment between a Cisco Unified Presence Release 8.0(x) cluster and
a cluster running a previous version of Cisco Unified Presence, Cisco Unified Presence uses the existing
SIP interface for the subscription and notification traffic.
Caution
Cisco highly recommends that you set up intercluster peers in a staggered manner, as the initial sync uses
substantial bandwidth and CPU. Setting up multiple peers at the same time could result in excessive sync
times.
Related Topic
How to Perform Intercluster Upgrades. For more information, see the Upgrade Guide for Cisco Unified
Presence Release 8.6.
Note
Router-to-router connections are dynamically established when a new node is added to the deployment.
As a result, you do not need to restart the Cisco UP XCP Router on any node in your deployment when
you add a new node.
Related Topic
This topic is only applicable if you are not using DNS in your network.
If you configure an intercluster deployment, and you do not use DNS in your network, you must
configure the node name value as the IP address of the node.
16-2
Chapter 16
During installation Cisco Unified Presence only permits you to specify the hostname as the node name
value. Therefore, once you complete the installation, you must change the node name value to the IP
address of the node.
Perform this configuration on all nodes in both the local and remote clusters.
Related Topics
This topic is only applicable if you are not using DNS in your network.
If you configure an intercluster deployment, and you do not use DNS in your network, note the
following:
The Domain value on the local server must match the Domain value on the remote server.
Cisco Unified Presence automatically defaults to the Domain value DOMAIN.NOT.SET. On both
the local and remote cluster, you must replace this default value with a valid Domain value,
otherwise the intercluster functionality will not work correctly.
If you configure an intercluster deployment between a Cisco Unified Presence Release 8.x cluster
and a Cisco Unified Presence Release 7.0(x) cluster, and the 7.0(x) cluster uses the default domain
value "DOMAIN_NOT_SET" or a value that does not match the Cisco Unified Presence Release 8.x
cluster, replace this value to match the Domain value on Cisco Unified Presence Release 8.x cluster.
To configure the Domain value, follow the procedures described in Configuring the Domain Value,
page 6-28.
Related Topic
16-3
Chapter 16
The intercluster peers must each integrate with a different Cisco Unified Communications Manager
cluster.
You must complete the required multi-node configuration in both the home Cisco Unified Presence
cluster, and in the remote Cisco Unified Presence cluster:
Configure the system topology and assign your users as required.
Activate the services on each Cisco Unified Presence node in the cluster.
You must turn on the AXL interface on the local Cisco Unified Presence publisher node, and on the
remote Cisco Unified Presence publisher node. Cisco Unified Presence creates, by default, an
intercluster application user with AXL permissions. To configure an intercluster peer, you will
require the username and password for the intercluster application user on the remote Cisco Unified
Presence server.
You must turn on the Sync Agent on the local Cisco Unified Presence publisher node, and on the
remote Cisco Unified Presence publisher node. Allow the Sync Agent to complete the user
sychronization from Cisco Unified Communications Manager before you configure the intercluster
peers.
For sizing and performance recommendations for intercluster deployments, including information on
determining a presence user profile, see the Cisco Unified Presence SRND.
Related Topics
How to Perform Intercluster Upgrades. For more information, see the Upgrade Guide for Cisco
Unified Presence Release 8.6.
16-4
Chapter 16
Activate the AXL interface on the local Cisco Unified Presence node, and confirm that the AXL
interface is activated on the remote Cisco Unified Presence publisher node.
Confirm that the Sync Agent has completed the user synchronization from Cisco Unified
Communications Manager on the local and remote cluster.
Acquire the AXL username and password for the intercluster application user on the remote Cisco
Unified Presence server.
If you do not use DNS in your network, read the Domain topic and the Node Name topic in this
module.
Restriction
We recommend that you use TCP as the intercluster trunk transport for all Cisco Unified Presence
clusters.
Procedure
Step 1
Step 2
Enter the IP address of the publisher node of a remote Cisco Unified Presence cluster.
Step 3
Enter the username of the application user on the remote Cisco Unified Presence server that has AXL
permissions.
Step 4
Enter the associated password of the application user on the remote Cisco Unified Presence server that
has AXL permissions.
Step 5
Step 6
(Optional) Enter the External Phone Number Mask value. This is the E164 mask to apply to Directory
Numbers retrieved from the remote cluster.
Step 7
Select Save.
Step 8
Restart the Cisco UP XCP Router service on all nodes in the local cluster.
Step 9
Repeat this procedure to create the remote intercluster peer, and then restart the Cisco UP XCP Router
service on all nodes in the remote cluster
Troubleshooting Tips
If you configure an intercluster deployment between a Cisco Unified Presence Release 8.0(x) cluster
and a Cisco Unified Presence release 7.0(x) cluster, you must turn on the XCP SIP Federation
Connection Manager service on all nodes in the Cisco Unified Presence Release 8.0(x) cluster. To
turn on the XCP SIP Federation Connection Manager, select Cisco Unified Serviceability > Tools
> Service Activation.
If you configure the intercluster peer connection before the Sync Agent completes the user
synchronization from Cisco Unified Communications Manager (on either the local or remote
cluster), the status of the intercluster peer connection will display as failed.
If you select TLS as the intercluster transport protocol, Cisco Unified Presence attempts to
automatically exchange certificates between intercluster peers to establish a secure TLS connection.
Cisco Unified Presence indicates whether or not the certificate exchange is successful in the
intercluster peer status section.
16-5
Chapter 16
What To Do Next
How to Perform Intercluster Upgrades. For more information, see the Upgrade Guide for Cisco
Unified Presence Release 8.6.
Note
to retrieve user information for Cisco Unified Presence to determine if a user is a local user (on the
local cluster), or a user on a remote Cisco Unified Presence cluster within the same domain.
to notify remote Cisco Unified Presence clusters of changes to users local to the cluster.
You must turn on the Intercluster Sync Agent on all nodes in the Cisco Unified Presence cluster because
in addition to synchronizing user information from the local publisher node to the remote publisher node,
the Intercluster Sync Agent also handles security between all nodes in the clusters.
Procedure
Step 1
Select Cisco Unified Serviceability > Tools > Control Center - Network Services.
Step 2
Select the Cisco Unified Presence server from the Server menu.
Step 3
Step 4
Select Start.
Related Topics
What To Do Next
16-6
Chapter 16
Step 2
Step 3
Select Find.
Step 4
Step 5
Verify that there are check marks beside each of the result entries for the intercluster peer.
Make sure that the Associated Users value equals the number of users on the remote cluster.
If you select TLS as the intercluster transport protocol, the Certificate Status item displays the status
of the TLS connection, and indicates if Cisco Unified Presence successfully exchanged security
certificates between the clusters. If the certificate is out-of-sync, you need to manually update the
tomcat trust certificate (as described in this module). For any other certificate exchange errors,
check the Online Help for a recommended action.
Step 6
Select Cisco Unified Presence Administration > Diagnostics > System Troubleshooter.
Step 7
Verify that there are check marks beside the status of each of the intercluster peer connection entries in
the InterClustering Troubleshooter section.
Related Topic
Step 2
Step 3
In the confirmation window that displays, select Also resync peer's Tomcat certificates.
Step 4
Select OK.
16-7
Chapter 16
Related Topics
For information about how to perform intercluster upgrades, see the Upgrade Guide for Cisco
Unified Presence.
Note
This procedure only migrates user contacts that are provisioned with an IM Address. User contacts with
only phone numbers are not migrated and must be manually re-added by the end user after the migration
completes.
You must complete the following procedures in the order in which they are presented:
Export the contact lists of the migrating users from their current home cluster
Unlicense the migrating users for Cisco Unified Presence and Cisco Jabber on their current home
cluster from Cisco Unified Communications Manager
information
synchronize the users to the new home Cisco Unified Communications Manager, see
Note
If LDAP Sync is not enabled on Cisco Unified Communications Manager, manually provision the
migrating users on Cisco Unified Communications Manager
Import contact lists to the new home cluster to restore contact list data for migrated users
For deployments where partitioned intradomain federation is enabled, Microsoft users must login in
again to establish presence. Alternatively, users can wait until Microsoft LCS/OCS refreshes the
subscription (this can take up to 2 hours).
Before You Begin
Perform a full DRS of the current cluster and the new home cluster.
See the Disaster Recovery System Administration Guide for Cisco Unified Presence for more
information.
Run the Troubleshooter and ensure that there are no Intercluster Sync Agent issues reported. All
Intercluster Sync Agent issues reported on the Troubleshooter must be resolved before proceeding
with this procedure.
16-8
Chapter 16
Cisco recommends that the Allow users to view the availability of other users without being
prompted for approval setting is enabled. To enable this setting, select Cisco Unified Presence
Administration > Presence > Settings. Any change to this setting requires a restart of the Cisco
XCP Router.
To configure these settings, select Cisco Unified Presence Administration > Presence > Settings.
Select Cisco Unified Presence Administration > System > Cluster Topology.
Step 2
Select the users that you want to migrate to a remote Cisco Unified Presence cluster.
Step 3
Select Assign Selected Users and in the next dialog box, select Unassigned.
Step 4
Select Save.
What To Do Next
Step 2
Export the contact lists of the migrating users from the current home cluster.
a.
Select Cisco Unified Presence Administration > Bulk Administration > Contact List > Export.
b.
c.
Review the results and use the AND/OR filter to filter the search results as required.
d.
e.
f.
g.
Select Cisco Unified Presence Administration > Bulk Administration > Job Scheduler.
b.
16-9
Chapter 16
Step 3
c.
Find your contact list export job and when it is reported as completed, select the job.
d.
Select the CSV File Name link to view the contents of the contact list export file. Note that a
timestamp is appended to the filename.
e.
From the Job Results section, select the log file to see the summary of what was exported. The job
begin and end time is listed and a result summary for the job is presented.
Download the contact list export file and store it for use later when the user migration is complete.
a.
Select Cisco Unified Presence Administration > Bulk Administration > Upload/Download
Files.
b.
Select Find.
c.
Select the contact list export file and select Download Selected.
d.
Save the CSV file locally for upload later in the procedure.
What To Do Next
From Cisco Unified Communications Manager Administration, select System > Licensing >
Capabilities Assignment.
Step 2
Step 3
Step 4
Step 5
Select Save.
What To Do Next
16-10
Chapter 16
Note
You do not need to move the users if the deployment uses a flat LDAP structure, that is, all users are
synchronized to all Unified CM and Cisco Unified Presence clusters where users are licensed to only
one cluster.
For more information about how to move the migrating users to the relevant OU of the new home cluster,
see the LDAP Administration documentation.
After you move the users, you must delete the LDAP entries from the old LDAP cluster.
What To Do Next
From Cisco Unified CM Administration, select System > LDAP > LDAP Directory.
Step 2
What To Do Next
16-11
Chapter 16
Procedure
Step 1
From Cisco Unified CM Administration, select System > Licensing > Capabilities Assignment.
Step 2
Select the users that were migrated to the cluster and select Bulk Assignment.
Step 3
Use the Bulk Assignment Tool to license the users on their new home cluster.
Step 4
Provision the users on Unified CM for Phone and CSF. See the Cisco Unified Communications Manager
Administration Guide for more information.
Note
After you have licensed the users on the new cluster, Cisco recommends that you rebalance users on
Cisco Unified Presence.
What To Do Next
Step 2
Step 3
Select Cisco Unified Presence Administration > Bulk Administration > Upload/Download
Files.
b.
c.
Select Browse to locate and select the contact list CSV file.
d.
e.
f.
g.
Select Cisco Unified Presence Administration > Bulk Administration > Contact List > Update.
b.
c.
d.
To run the job now, select Run Immediately. Select Run Later to schedule the update for a later
time.
e.
Select Submit.
Select Cisco Unified Presence Administration > Bulk Administration > Job Scheduler.
b.
16-12
Chapter 16
c.
Select the job ID of the contact list import job when its status is reported as complete.
d.
To view the contents of the contact list file, select the file listed at CSV File Name.
e.
16-13
Chapter 16
How to Migrate Users between Cisco Unified Presence Clusters
16-14
CH A P T E R
17
The phone numbers and other user information for Cisco Unified Personal Communicator are provided
by Active Directory. Cisco Unified Client Services Framework provides Active Directory services for
Cisco Unified Personal Communicator.
Cisco Unified Client Services Framework can use either of the following mechanisms to retrieve contact
information from an Active Directory server:
Enhanced Directory Integration (EDI): EDI uses native Windows APIs. If you select to use EDI, you
might not need to do any further configuration, depending on how your clients can access the
directory.
Basic Directory Integration (BDI): The integration is not native to Windows environments, and
requires configuration.
We recommend that you use EDI because EDI provides significant advantages over BDI, as described
in Feature Comparison of Enhanced and Basic Directory Integration, page 17-2.
If you use BDI, or use EDI and do additional configuration, you must deploy the configuration settings
to the computers in your Cisco Unified Communications system. To do this, you can use Active
Directory Group Policy.
This chapter includes the information required to deploy Cisco Unified Personal Communicator. For
information specific to Cisco Jabber clients, such as Jabber for Windows, see the appropriate client
documentation below:
Cisco Jabberhttp://www.cisco.com/web/products/voice/jabber.html
Androidhttp://www.cisco.com/en/US/products/ps11678/index.html
BlackBerryhttp://www.cisco.com/en/US/products/ps11763/index.html
iPadhttp://www.cisco.com/en/US/products/ps12430/index.html
iPhonehttp://www.cisco.com/en/US/products/ps11596/index.html
Nokiahttp://www.cisco.com/en/US/products/ps11766/index.html
Web SDKhttp://www.cisco.com/en/US/products/ps11765/index.html
17-1
Chapter 17
Related Topics
Specifying How Cisco Unified Client Services Framework Integrates with Active Directory,
page 17-3
Mapping Keys Required for Basic and Enhanced Directory Integration, page 17-4
About Configuring Enhanced Directory Integration with Active Directory, page 17-7
Feature
Enhanced
Basic
No
Yes
Yes
No
Yes
No, requires
configuration
Yes
Yes, requires
configuration
Supports connection to the Active Directory global catalog (GC) Yes, supported by Yes, requires
default
configuration
Supports connection to Active Directory Lightweight Directory Yes
Services (AD LDS) and Active Directory Application Mode
(ADAM) servers
Partial, proxy
authentication
not supported
You can define the service and port for the directory service
Yes, optional
Yes, required
Yes
No
Yes, up to 5
Yes, up to 5
SSL is supported
Yes
Yes
Yes
Yes
17-2
Chapter 17
Table 17-1
Feature
Enhanced
Basic
No
Yes
No
Yes
Yes
Yes
Yes
No
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
Subkey Name
Description
Subkey Name
Value
LDAP_AttributeName_uri
msRTCPSIP
LDAP_UriSchemeName
SIP
17-3
Chapter 17
Mapping Keys Required for Basic and Enhanced Directory Integration
The registry key EnableNativeDirectoryProvider in Table 17-9 and all keys listed in Table 17-5,
Table 17-6, and Table 17-10 are applicable only to Enhanced Directory Integration.
All registry keys listed in this chapter that are prefaced with LDAP_, with the exception of those
listed in the first bullet, are applicable to Basic Directory Integration only.
You might not need to do any further configuration, depending on how your clients can access the
directory.
Your clients will connect securely to a Global Catalog (GC) server in the domain that the user is
logged into. The GC server must be discoverable by DNS with Windows authentication. The
credentials used are the credentials of the Windows user who is currently logged in.
Users can sign in to a Windows domain, then access Active Directory without entering an Active
Directory username and password.
Connections to Active Directory Lightweight Directory Services (AD LDS) and Active Directory
Application Mode (ADAM) servers that implement local and proxy authentication are supported.
SSL is supported. The Windows certificate store is used, so you do not need to configure a separate
certificate store.
Related Topics
Topics to Consider Before You Use Enhanced Directory Integration, page 17-7
17-4
Chapter 17
17-5
Chapter 17
GC: 3268
DC: 389
Usage of SSL
Enhanced Directory Integration (EDI) encrypts all authentication data by default.
If your system requires encryption for both user credentials and query data, then you can enable SSL.
You can use SSL for both global catalog (GC) and domain controller (DC) connections. When you use
EDI, the certificate for the SSL connection must be present in the Windows certificate store. In a
Windows domain, the certificate is typically already present in the certificate store on the client
computer.
The default protocols and ports that are used for GC and DC server connections when you use SSL are
as follows:
Usage of SSL for Users that Are Not Part of Your Domain
To use Enhanced Directory Integration (EDI) with users that are not part of your domain, you must use
SSL, and each user outside your domain must have a certificate.
Certificates must be in the list of trusted root certificate authority (CA) certificates on the computers of
your users. If the certificates come from a third party registrar, then the certificates might chain to a
trusted root CA. If your certificates chain to a root CA that is not in the default set of trusted root
certificates on the computer of a Cisco Unified Personal Communicator user, then the computer cannot
negotiate with the server.
17-6
Chapter 17
Mode (ADAM)
Whether the root of the directory is searched, or whether users are located in several search bases.
Related Topic
Default Configuration of Active Directory with Enhanced Directory Integration, page 17-7
Directory Attributes Are Standard Active Directory Attribute Names, page 17-11
Configuration Area
Description
Uses DNS to locate the Global Catalog (GC) server or the domain
controller (DC) for the domain of the Windows machine. The GC or DC
is located by the DNS service (SRV) _gc record.
Port
3268
Credentials
17-7
Chapter 17
About Configuring Enhanced Directory Integration with Active Directory
Table 17-4
Configuration Area
Description
Security
Related Topics
Directory Attributes Are Standard Active Directory Attribute Names, page 17-11
Subkey Names
Description
ConnectionType
Specify how you want Client Services Framework to discover the Active
Directory. Enter one of the following values:
1: Use LDAP.
1: Use SSL.
17-8
Chapter 17
Table 17-5
Subkey Names
Description
UseWindowsCredentials
ConnectionPassword
BaseFilter
Only use this subkey name if the object type that you want to retrieve
with queries that you execute against Active Directory is not a user
object. The default value is (objectCategory=person).
The following example base filter would exclude disabled users:
(&(objectCategory=person)(objectClass=user)(
!(userAccountControl:1.2.840.113556.1.4.803:=2))
Note
Remove the last bracket from all filters. This is the due to the
way the filter is loaded.
SearchTimeout
Specify the timeout period for queries, in seconds. The default value is 5.
PrimaryServerName
SecondaryServerName
Port1
Specify the port of the primary server that cannot be discovered by DNS.
Port2
SearchBase1, SearchBase2,
SearchBase3, SearchBase4,
SearchBase5
17-9
Chapter 17
About Configuring Enhanced Directory Integration with Active Directory
Table 17-5
Subkey Names
Description
DisableSecondaryNumberL Specify whether users can search for the mobile, other, or home numbers
ookups
of contacts, if the work number is not available.
Enter one of the following values:
UseWildcards
Set this value to 1 if you want to enable wildcard searches for phone
numbers in the LDAP.
If you set this key to 1, the speed of searches of the LDAP might be
affected, particularly when the directory attributes that are searched are
not indexed.
You can use phone number masks instead of wildcard searches.
Typically, you do not need to use wildcard searches if the phone numbers
in your directory are in +E.164 format.
UserSearchFields
This value is used to specify the Active Directory fields to search when
users search for contacts. Specify one or more of the following values
separated by commas:
DisplayName
UserAccountName
FirstName
LastName
Note
17-10
Chapter 17
Related Topic
Attribute Description
Subkey Name
Default Value
Common Name
CommonName
cn
Display Name
DisplayName
displayName
First Name
Firstname
givenName
Last Name
Lastname
sn
Email Address
EmailAddress
SIP URI
SipUri
msRTCSIP-PrimaryUserAddress
Photo URI
PhotoUri
photoUri
Work Number
BusinessPhone
telephoneNumber1
Mobile Number
MobilePhone
mobile
Home Number
HomePhone
homePhone
Other Number
OtherPhone
otherTelephone
Preferred Number
PreferredNumber
telephoneNumber
Title
Title
title
Company Name
CompanyName
company
Account Name
UserAccount
sAMAccountName
Domain
userPrincipalName
Location
Location
co
Nick Name
Nickname
mailNickname
Postcode
PostalCode
postalCode
State
State
st
Street Address
StreetAddress
streetAddress
1. This is the primary and default directory attribute for contact resolution. Other directory phone number attributes might be
used to find contacts, depending on the value of the DisableSecondaryNumberLookups key.
Related Topic
17-11
Chapter 17
About Configuring Enhanced Directory Integration with Active Directory
Attribute Description
Subkey Name
Default Value
PhotoUriSubstitutionEnabled
PhotoUriSubstitutionToken
Use wildcards
UseWildcards
PhoneNumberMasks
sAMAccountName
displayName
msRTCSIP-PrimaryUserAddress
Any attributes that are used for contact resolution must also be indexed. For example, you might need to
index the following attributes:
telephoneNumber
Any other directory phone number attributes that are be used to find contacts, depending on the
value of the DisableSecondaryNumberLookups key
17-12
Chapter 17
Configuration Question
Is the directory discoverable
by DNS?
Configuration Actions
subkey name to 1.
Port1.
(Optional) Specify the appropriate values for
Note
17-13
Chapter 17
ADM - ADM files are used for Group Policy management in a Windows Server 2003 environment.
They can be used in a Windows Server 2008 environment if required.
2.
ADML / ADMX - ADML / ADMX files are used for Group Policy management in a Windows
Server 2008 environment. They are not backward compatible to Windows Server 2003.
The procedures contained in this section should only be used a reference for deploying Group Policies.
If you are not already familiar with the Group Policy management process, consult the Windows Server
2003 or Windows Server 2008 documentation provided by Microsoft. This documentation provides full
instructions on Group Policy management and should be consulted before deployment.
This section contains the following procedures:
17-14
Chapter 17
Note
Step 2
Browse to the container containing the users to which the new policy will be applied.
Step 3
View the container properties and select the Group Policy tab.
Step 4
Step 5
Step 6
Step 7
Right click on the Administrative Templates folder and select Add/Remove Templates.
Step 8
Step 9
Step 10
A folder named Cisco Unified Client Services Framework or Cisco Unified Personal Communicator
should be present below the Administrative Templates folder.
Step 11
Manage and deploy registry keys to the selected user group from here.
Browse to the location of the policy definitions on the Active Directory server. These are typically found
in C:\Windows\PolicyDefinitions.
Step 2
Step 3
Step 4
Step 5
Launch the Group Policy Management console. This is typically found on the Start Menu at Start >
All Programs > Administrative Tools.
Step 6
Right click the container which holds the users to which the policy will be applied.
Step 7
Step 8
Step 9
Click OK.
Step 10
Expand the selected user container. It should contain the newly created GPO with the provided name.
17-15
Chapter 17
Step 11
Step 12
Step 13
Step 14
A folder named Cisco Unified Client Service Framework or Cisco Unified Personal Communicator
will be present depending on the imported policy file.
Step 15
Manage and deploy registry keys to the selected user group from here.
Communications\CUPC8
Framework\AdminData
Framework\Active Directory
17-16
Chapter 17
Table 17-9
Subkey Names
Description
LDAP_enableWildcardMat Set this value to False to disable wildcard searches for phone numbers in
chesForPhoneNumberSearc the LDAP.
hes
If you set this key to True, the speed of searches of the LDAP might be
affected.
You can use phone number masks instead of wildcard searches.
Typically, you do not need to use wildcard searches if the phone numbers
in your directory are in +E.164 format.
LDAP_SearchFields
Specify the Active Directory field or fields to search when users search
for contacts. Specify one or more of the following values, separated by
spaces:
LDAP_AttributeName_UserAccountName
LDAP_AttributeName_lastName
LDAP_AttributeName_firstName
LDAP_AttributeName_displayName
The default behavior is that all of these fields are searched. You might
want to search fewer of these fields. For example, you might want to
search only those fields that are indexed.
LDAP_UriSchemeName
The Active Directory attribute that is the value that is specified in the
LDAP_AttributeName_uri subkey name. Typically, this Active
Directory field value is prefixed by a scheme name, for example, one of
the following:
im:
sip:
If a scheme name is used, you must specify the scheme name in the
LDAP_UriSchemeName subkey name to ensure an exact match for
searches.
If no value is specified in the LDAP_UriSchemeName subkey name, a
wild card search is used. The wild card search might adversely affect
Active Directory performance, especially if the field is not indexed.
For example, if the Active Directory field
msRTCSIP-PrimaryUserAddress is populated with URIs of the format
sip:mweinstein@example.com, the following is a recommended
configuration:
LDAP_AttributeName_uri
17-17
Chapter 17
Table 17-9
Subkey Names
Description
LDAP_SearchByUsername
Enable or disable voicemail LDAP searches for phone number and email
address. If disabled, the User ID from the Unity email address is used.
For example, for a user configured as 'calane@cisco.com' in Unity, the
LDAP search performed in voicemail will be for user account name
calene.'
For 'pizza-guy' voicemail contacts, a telephone number lookup is still
performed.
This registry key is a String value located in
HKEY_CURRENT_USER\Software\Policies\Cisco Systems,
Inc.\Client Services Framework\Active Directory. Set the key to True to
enable this functionality and False to disable it. False is the default.
LDAP_DisableSecondaryN
umberLookups
Specify whether users can search for the mobile, other, or home numbers
of contacts, if the work number is not available.
Enter one of the following values:
17-18
Chapter 17
Directory attribute default values are the standard Active Directory attribute names. Directory attributes
are only configured in the registry when using EDI and default values are not sufficient. BDI uses the
LDAP Profile values provided by the Cisco Unified Presence server.
The following table outlines the directory attributes and their default values.
Table 17-10
Directory Attribute
Value
BusinessPhone
CommonName
CompanyName
DisplayName
DomainName
EmailAddress
Firstname
HomePhone
Lastname
Location
MobilePhone
Nickname
OtherPhone
PhotoUri
PostalCode
PreferredNumber
SipUri
State
StreetAddress
Title
UserAccount
Related Topics
17-19
Chapter 17
17-20
Chapter 17
Element
Description
You must specify a number pattern to which you want to apply the mask.
For example, to specify a mask for searches that begin with +1408, you can
use the following mask:
+1408|+(#) ### ### ####
When you identify number patterns to which to apply masks, you can use
multiple masks with the same number of digits. This enables the mask to
deal with scenarios where phone numbers at different company sites might
have the same number of digits, but with different patterns.
For example, your company might have site A and site B, and each site
maintains their own directory information. You could end up with two
formats for number, such as the following:
+(1) 408 555 0100
+1-510-5550101
In this scenario, to resolve +E.164 numbers of 12 digits correctly, you can
set up the phone masks as follows:
+1408|+(#) ### ### ####|+1510|+#-###-#######
Separate pairs of number patterns and masks with a pipe symbol, as shown
in the following example:
+1408|+(#) ### ### ####|+34|+(##) ### ####
When you add multiple masks for your searches, each mask must have a
different number pattern.
When the Cisco Unified Personal Communicator searches Active Directory
for a phone number, only one mask is applied to the phone number before
the search. If a phone number matches more than one number pattern, then
the number pattern that matches the most digits in the phone number is
chosen, and the associated mask is applied.
17-21
Chapter 17
Element
Description
Wildcard character
You can also use wildcard characters in masks. Use an asterisk (*) to
represent one or more characters. For example, you can set a mask as
follows:
+3498|+##*##*###*####
If Cisco Unified Personal Communicator searches Active Directory for the
+E.164-format number +34985550199, the search can find any of the
following formats in the directory:
+34(98)555 0199
+34 98 555-0199
+34-(98)-555.0199
Reverse mask
You can also use a reverse mask. A reverse mask is applied from right to
left. The mask and phone number pattern are traversed from right to left,
and each character in the mask is checked to decide whether to copy a digit
from the phone number.
Use reverse masks if you want to do both of the following when Cisco
Unified Personal Communicator searches Active Directory:
PhoneNumberMasks in [HKEY_CURRENT_USER\Software\Cisco
Systems, Inc.\Client Services Framework\Active Directory]
LDAP_PhoneNumberMask in
[HKEY_CURRENT_USER\Software\Cisco Systems, Inc.\Client
Services Framework\AdminData]
Related Topics
17-22
Chapter 17
(Enhanced Directory Integration only) Retrieve a binary photo from Active Directory
(Basic and Enhanced Directory Integration) Retrieve a static URL from Active Directory
(Enhanced Directory Integration only) Retrieve a dynamically-created URL from Active Directory
Note
The basic directory attribute map uses a different setting for attribute name. The EDI PhotoUri must be
populated if the photo attribute is not stored in an Active Directory field called PhotoUri.
17-23
Chapter 17
Setting
Value
UserAccount
sAMAccountName
PhotoUri
http://staffphoto.example.com/PHOTONAME.jpg
PhotoUriSubstitutionEnabled
true
PhotoUriSubstitutionToken
PHOTONAME
The value of the string PHOTONAME is replaced with the directory attribute specified by the
AccountName setting. If you use the preceding configuration, a user with a sAMAccountName of
mweinstein results in the following URL:
http://staffphoto.example.com/mweinstein.jpg
17-24
CH A P T E R
18
This chapter contains information about the additional registry key customizations provided by
Cisco Unified Personal Communicator over and above those set aside for Active Directory.
For information specific to Cisco Jabber clients, such as Jabber for Windows, see the appropriate
documentation below:
Cisco Jabberhttp://www.cisco.com/web/products/voice/jabber.html
Androidhttp://www.cisco.com/en/US/products/ps11678/index.html
BlackBerryhttp://www.cisco.com/en/US/products/ps11763/index.html
iPadhttp://www.cisco.com/en/US/products/ps12430/index.html
iPhonehttp://www.cisco.com/en/US/products/ps11596/index.html
Nokiahttp://www.cisco.com/en/US/products/ps11766/index.html
Web SDKhttp://www.cisco.com/en/US/products/ps11765/index.html
Related Topics
For information about configuring this feature, see the Release Notes for Cisco Unified Personal
Communicator Release 8.5., page 18-3
18-1
Chapter 18
Subkey Names
Description
VideoEnabled
Subkey Names
Description
CtiServerJtapiLibDownloadPort
Subkey Names
Description
WebConfSSOIdentityProvider
Related Topic
How to Configure Conferencing Servers for Cisco Unified Personal Communicator, page 13-12
18-2
Chapter 18
Subkey Names
Description
DVOModeEnabled
For information about configuring this feature, see the Release Notes for Cisco Unified Personal
Communicator Release 8.5.
Subkey Names
Description
AudioCustomRingtone
DeskphoneStartupMode
18-3
Chapter 18
Table 18-5
Subkey Names
Description
AutomaticTetheredPhoneSelection
Note
18-4
CH A P T E R
19
If you want to expand your Cisco Unified Presence deployment to support multiple languages, you must
configure Cisco Unified Communications Manager and Cisco Unified Presence to support the user
locales that you require. There is no limit to the number of supported languages.
Installing the Locale Installer on Cisco Unified Communications Manager, page 19-1
Install Cisco Unified Communications Manager (Release 6.x or a higher release) on every server in
the cluster before you install the Cisco Unified Communications Manager Locale Installer.
If you want to use a locale other than English, you must install the appropriate language installers
on both Cisco Unified Communications Manager and on Cisco Unified Presence. Ensure the locale
installer is installed on every server in the cluster (install on the Publisher server before the
Subscriber servers).
User locales should not be set until all appropriate locale installers are loaded on both systems. Users
may experience problems if they inadvertently set their user locale after the locale installer is loaded
on Cisco Unified Communications Manager but before the locale installer is loaded on Cisco
Unified Presence. If issues are reported, we recommend that you notify each user to sign into Cisco
Unified Communications Manager user options pages and change their locale from the current
setting to English and then back again to the appropriate language. Yo u can also use the BAT tool
to synchronize user locales to the appropriate language.
You must restart the servers for the changes to take effect. After you complete all locale installation
procedures, restart each server in the cluster. Updates do not occur in the system until you restart all
servers in the cluster; services restart after the server reboots.
19-1
Chapter 19
Installing the Locale Installer on Cisco Unified Communications Manager
Procedure
Step 1
Step 2
Do this:
Cisco website
a.
Click:
http://www.cisco.com/kobayashi/sw-center/telep
hony/callmgr/locale-installer.shtml
Plugin window in Cisco Unified Communications
Manager Administration
Go to Step 2.
a.
b.
c.
d.
Go to Step 2.
Step 3
Click the version of the Cisco Unified Communications Manager Locale Installer.
Step 4
Step 5
After downloading the file, save the file to the hard drive and note the location of the saved file.
Step 6
Step 7
Window
Configuration Steps
a.
Page 1 of 4
b.
Note
a.
b.
Click Next.
Page 2 of 4
19-2
b.
Chapter 19
Window
Configuration Steps
a.
Page 3 of 4
b.
Click Next.
Ready to Install the Program Click Install to start the installation of the selected user locales.
Window
Note
The speed of installation depends on the performance of the
Page 4 of 4
server. It is estimated to take between two to ten minutes to
complete the database update. Observe the progress bar and text
above it to determine the status of installation.
Step 8
When the installation is complete, a new dialog requests confirmation of a restart. Should you wish to
apply another locale installer, repeat this procedure before restarting the server in order to reduce
downtime.
Step 9
Click Finish. The Setup dialog box displays. Do not click any buttons or press any keys.
Step 10
When the dialog box automatically closes, you have completed the installation on the server. Install the
Cisco Unified Communications Manager Locale Installer on every server in the cluster.
Step 11
After you complete all locale installation procedures, complete these actions:
Step 12
a.
Run the following command on the CLI: run sql update enduser set cucm_cdrtime=0
b.
Restart the Sync Agent service in Cisco Unified Serviceability (select Tools > Service Activation).
c.
Verify that your users can select the locale(s) for supported products.
Troubleshooting Tip
Make sure that you install the same components on every server in the cluster.
What To Do Next
Install the Locale Installer on Cisco Unified Communications Manager. If you want to use a locale
other than English, you must install the appropriate language installers on both Cisco Unified
Communications Manager and on Cisco Unified Presence.
If your Cisco Unified Presence cluster has more than one node, make sure that the locale installer is
installed on every server in the cluster (install on the Publisher server before the Subscriber servers).
User locales should not be set until all appropriate locale installers are loaded on both systems. Users
may experience problems if they inadvertently set their user locale after the locale installer is loaded
on Cisco Unified Communications Manager but before the locale installer is loaded on Cisco
Unified Presence. If issues are reported, we recommend that you notify each user to sign into Cisco
Unified Communications Manager user options pages and change their locale from the current
setting to English and then back again to the appropriate language. You can also use the BAT tool
to synchronize user locales to the appropriate language.
19-3
Chapter 19
You must restart the server for the changes to take effect. After you complete all locale installation
procedures, restart each server in the cluster. Updates do not occur in the system until you restart all
servers in the cluster; services restart after the server reboots.
Procedure
Step 1
Browse to this location on cisco.com to locate the Cisco Unified Presence locale installer:
http://www.cisco.com/cisco/software/release.html?mdfid=283931705&flowid=28621&softwareid=282
074311&release=8.6%281%29&relind=AVAILABLE&rellifecycle=&reltype=latest
Step 2
Click the version of the Cisco Unified Presence Locale Installer that is appropriate for your working
environment.
Step 3
After downloading the file, save the file to the hard drive and note the location of the saved file.
Step 4
Step 5
Sign into Cisco Unified OS Administration using the administrator account and password.
Step 6
Step 7
Step 8
Enter the file location, for example /tmp, in the Directory field.
Step 9
Enter the Cisco Unified Presence server name in the Server field.
Step 10
Enter your username and password credentials in the User Name and User Password fields.
Step 11
Step 12
Click Next.
Step 13
Select the Cisco Unified Presence locale installer from the list of search results.
Step 14
Step 15
After you complete the locale installation, restart each server in the cluster.
Step 16
The default setting for installed locales is "English, United States. While your Cisco Unified Presence
server is restarting, change the language of your browser, if necessary, to match the locale of the installer
that you have downloaded.
If you use this browser:
Configuration Steps
Internet Explorer
a.
Version 6.x
b.
c.
Click Languages.
d.
Use the Move Up button to move your preferred language to the top
of the list.
e.
Click OK.
Mozilla Firefox
a.
Version 3.x
b.
c.
d.
Use the Move Up button to move your preferred language to the top
of the list.
e.
Click OK.
19-4
Chapter 19
Note
Step 17
Verify that your users can select the locale(s) for supported products.
Troubleshooting Tip
Make sure that you install the same components on every server in the cluster.
Related Topics
Localized Applications
Cisco Unified Presence applications support a variety of different languages. See Table 19-1 for a list of
localized applications and the available languages.
19-5
Chapter 19
Localized Applications
Table 19-1
Interface
Supported Languages
Administrative Applications
Administration
OS
19-6
A P P E N D I X
Reference
Configure the license requirements for Cisco Follow the configuration procedures described in the
Unified Presence and Cisco Unified Personal chapter Configuring the Licensing for this Integration,
Communicator.
page 2-1.
On Cisco Unified Presence, perform these
configuration procedures to integrate
Cisco Unified Personal Communicator:
A-1
Appendix A
IM-Only Configuration Steps
A-2
A P P E N D I X
Important Notes About the High Availability Login Profiles, page B-1
The High Availability login profiles only apply to Cisco Unified Presence Release 8.5 or higher 8.x
releases, and Cisco Unified Personal Communicator Release 8.5 or higher 8.x releases.
You can use the High Availability login profile tables in this section to configure the upper and lower
client re-login values for your subcluster. You configure the upper and lower client login values by
selecting Cisco Unified Presence Administration > System > Service Parameters, and selecting
Cisco UP Server Recovery Manager from the Service menu.
By configuring the upper and lower client re-login limits on your subcluster based on the tables we
provide here, you can avoid performance issues and high CPU spikes in your deployment.
We provide a High Availability login profile for each Cisco Unified Presence server memory size
(2, 4 or 6 GB), and for each High Availability deployment type, active/active or active/standby.
The High Availability login profile tables are calculated based on the following inputs:
B-1
Appendix B
The Users Moved Per Iteration service parameter. This parameter determines the number of
users moved per iteration during a failover or a fallback operation. We provide a recommended
value for the Users Moved Per Iteration service parameter for each High Availability login
profile table.
The total number of users in the subcluster for Active/Standby deployments, or the node with
You must configure the upper and lower client re-login limit values, and the Users Moved Per
Iteration service parameter on both nodes in a subcluster. You must manually configure all these
values on both nodes in the subcluster.
The upper and lower client re-login limit values must be the same on each node in the subcluster.
If you rebalance your users, you must reconfigure the upper and lower client re-login limit values
based on the High Availability login profile tables.
Related Topic
Configuring the Advanced Service Parameters for the Server Recovery Manager, page 6-23
Procedure
Step 1
Select a profile table based on your memory size, and your High Availability deployment type.
Step 2
In the profile table, select the number of users in your deployment (round up to the nearest value). If you
have an active/standby deployment, use the node with the highest number of users.
Step 3
Based on the Number of Users value for your subcluster, retrieve the corresponding lower and upper
retry limits in the profile table.
Step 4
Configure the lower and upper retry limits on Cisco Unified Presence by selecting Cisco Unified
Presence Administration > System > Service Parameters, and selecting Cisco UP Server Recovery
Manager from the Service menu.
Step 5
Retrieve the corresponding Users Moved Per Iteration service parameter value for your High
Availability login profile table.
Step 6
Configure the Users Moved Per Iteration value on Cisco Unified Presence by selecting Cisco Unified
Presence Administration > System > Service Parameters, and selecting Cisco UP Server Recovery
Manager from the Service menu.
Related Topic
B-2
Appendix B
You have 3,000 users in your subcluster, with 2000 users on one node, and 1000 users on the second
node. For active/standby deployments, we recommend you use the node with the highest number of
users, in this case the node with 2000 users. Using Table B-11, you retrieve these lower and upper retry
values:
Note
Number of Users
2000
40
107
The upper retry limit is the approximate time (seconds) it takes for all clients to login to their backup
node after a failover occurs.
You also configure the corresponding Users Moved per Iteration service parameter value for
Table B-11 which is 50.
Example 2: 4GB Active/Active IM-Only Deployment
You have 6800 users on the first node in your subcluster in an IM-only deployment. We recommend that
you round up to the nearest value, so using Table B-4 you retrieve the lower and upper retry value based
on a number of users value of 7000:
Number of Users
7000
280
1447
You also configure the corresponding Users Moved per Iteration service parameter value for Table B-4
which is 25.
2 GB Active/Active Profile
Corresponding Users Moved per Iteration service parameter value: 6
Table B-1
Number of Users
100
17
83
250 (Default)
42 (Default)
208 (Default)
500
83
417
B-3
Appendix B
2 GB Active/Standby Profile
2 GB Active/Standby Profile
Corresponding Users Moved per Iteration service parameter value: 6
Table B-2
Number of Users
100
17
57
250
42
142
500
83
283
750
125
425
1000
167
567
4 GB Active/Active Profile
Corresponding Users Moved per Iteration service parameter value: 25
Table B-3
Number of Users
100
21
500 (Default)
20 (Default)
103 (Default)
1000
40
207
1500
60
310
2000
80
413
2500
100
517
Number of Users
3000
120
620
3500
140
723
4000
160
827
4500
180
930
5000
200
1033
6000
240
1240
7000
280
1447
7500
300
1550
B-4
Appendix B
4 GB Active/Standby Profile
Corresponding Users Moved per Iteration service parameter value: 25
Table B-5, Part 1
Number of Users
100
14
500
20
70
1000
40
140
1500
60
210
2000
80
280
2500
100
350
3000
120
420
3500
140
490
4000
160
560
4500
180
630
5000
200
700
Number of Users
6000
240
840
7000
280
980
8000
320
1120
9000
360
1260
10000
400
1400
11000
440
1540
12000
480
1680
13000
520
1820
14000
560
1960
15000
600
2100
6 GB Active/Active Profile
This section includes the upper and lower user login retry limits for both standard and IM-only
deployments.
B-5
Appendix B
6 GB Active/Active Profile
Number of Users
100
500 (Default)
10 (Default)
38 (Default)
1000
20
76
1500
30
113
2000
40
151
2500
50
189
Number of Users
100
10
500 (Default)
10 (Default)
52 (Default)
1000
20
103
1500
30
155
2000
40
207
2500
50
258
3000
60
310
3500
70
362
4000
80
413
4500
90
465
5000
100
517
6000
120
620
7000
140
723
7500
150
775
B-6
Appendix B
Number of Users
3000
60
227
3500
70
264
4000
80
302
4500
90
340
5000
100
378
6000
120
453
7000
140
529
7500
150
569
Number of Users
8000
160
827
9000
180
930
10000
200
1033
11000
220
1137
12000
240
1240
12500
250
1292
6 GB Active/Standby Profile
This section includes the upper and lower user login retry limits for both standard and IM-only
deployments.
B-7
Appendix B
6 GB Active/Standby Profile
Table B-11
Number of Users
100
500 (Default)
10 (Default)
27 (Default)
1000
20
53
1500
30
80
2000
40
107
2500
50
133
3000
60
160
3500
70
187
4000
80
213
4500
90
240
5000
100
267
Number of Users
100
500 (Default)
10 (Default)
33 (Default)
1000
20
65
1500
30
98
2000
40
131
2500
50
164
3000
60
196
3500
70
229
4000
80
262
4500
90
295
5000
100
327
6000
120
393
7000
140
458
8000
160
524
9000
180
589
10000
200
655
11000
220
720
12000
240
785
B-8
Appendix B
Table B-12
Number of Users
13000
260
851
14000
280
916
15000
300
982
Number of Users
6000
120
320
7000
140
373
8000
160
427
9000
180
480
10000
200
533
11000
220
587
12000
240
640
13000
260
693
14000
280
747
15000
300
800
Number of Users
16000
320
1047
17000
340
1113
18000
360
1178
19000
380
1244
20000
400
1309
21000
420
1375
22000
440
1440
23000
460
1505
24000
480
1571
25000
500
1636
B-9
Appendix B
6 GB Active/Standby Profile
B-10
A P P E N D I X
Glossary of Terms
May 30, 2012
Term
Definition
Cluster
Intercluster
Line Appearance
Multi-node Feature
C-1
Appendix C
Term
Definition
Subcluster
User
Node
C-2
Glossary of Terms