Deployment Guide For Cisco Unified Presence Release 8.0 and 8.5

Deployment Guide for Cisco Unified Presence Release 8.0 and 8.
5
November 21, 2011
Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R) Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental. Deployment Guide for Cisco Unified Presence Release 8.0 and 8.5 2011 Cisco Systems, Inc. All rights reserved.
CONTENTS
CHAPTER
Overview of a Basic Integration
1-1 1-1
About the Cisco Unified Presence Interfaces Main Components 1-1 SIP Interface 1-2 CTI Interface 1-3 AXL/SOAP Interface 1-3 LDAP Interface 1-4 XMPP Interface 1-4 XMPP Standards Module Overview IM Compliancy Cisco Integrations
1-8 1-8 1-8 1-9 1-4 1-5
Third-Party Integrations Getting More Information

2
CHAPTER
Configuring the Licensing for this Integration
2-1
About the License Requirements 2-1 Cisco Unified Presence License Requirements 2-1 Licensing Modes 2-1 User and Server License Requirements 2-3 Cisco Unified Personal Communicator License Requirements User License Requirements 2-5 Adjunct Licensing 2-6 Obtaining a License File
2-7
2-5
Uploading a License File on Cisco Unified Communications Manager
2-8 2-9
Assigning the Licensing Capabilities on Cisco Unified Communications Manager Viewing Licensing Information on Cisco Unified Communications Manager
3
2-10
CHAPTER
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence 3-1 User and Device Configuration on Cisco Unified Communications Manager Configuring the Presence Service Parameter
3-3 3-3 3-1
How to Configure the SIP Trunk on Cisco Unified Communications Manager
Deployment Guide for Cisco Unified Presence Release 8.0 and 8.5
Contents
Configuring the SIP Trunk Security Profile for Cisco Unified Presence Configuring the SIP Trunk for Cisco Unified Presence 3-4
3-4
Verifying That the Required Services are Running on Cisco Unified Communications Manager
4
3-6
CHAPTER
Planning a Cisco Unified Presence Multi-Node Deployment
4-1
About the Multi-Node Scalability Feature 4-1 Scalability Enhancements 4-1 Supported End Points 4-2 IM-Only Deployment 4-2 Performance Recommendations 4-2 High Availability Deployments 4-3 Subclusters 4-3 User Assignment 4-3 Server-Side Failback for Cisco Unified Personal Communicator 7.x Clients Cisco Unified Personal Communicator Sign-In and Redirect 4-4 Clustering over WAN 4-4 About the Multi-Node Deployment Models 4-5 Balanced User Assignment Redundant High Availability Deployment 4-5 Active/Standby User Assignment Redundant High Availability Deployment Scalability Options for Your Deployment Cluster-Wide DNS SRV
4-9 4-9 4-7
4-4
4-6
Multi-Node Hardware Recommendations
About Clustering over WAN Deployments 4-10 WAN Bandwidth requirements 4-10 Intracluster Deployments over WAN 4-10 Local Failover 4-11 Subcluster Failure Detection 4-11 Method Event Routing 4-12 Multi-Node Configuration for Deployment over WAN Bandwidth Considerations 4-12 External Database Recommendations 4-13 Intercluster Deployments over WAN 4-13
5
4-12
CHAPTER
Performing a Cisco Unified Presence Multi-Node Deployment Cisco UP Replication Watcher Service
5-1 5-3
5-1
Performing a Fresh Multi-Node Installation
About Upgrade Notes and Recommendations 5-4 Upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.0(x)
5-5
Contents
Upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.5(x) How to Update a Multi-Node Configuration after Deployment Performing a Software Upgrade 5-6 Adding a New Node 5-7 Expanding the Cluster 5-8 How to Troubleshoot a Multi-Node Deployment Monitoring a Multi-Node System 5-9 Resolving a Hardware Problem 5-10
6
5-9 5-6
5-5
CHAPTER
Configuring a Cisco Unified Presence Server for Deployment in the Network About Configuration Changes and Service Restart Notifications Service Restart Notifications 6-1 Cisco UP XCP Router Restart 6-2 Restarting the Cisco UP XCP Router Service
6-2 6-1
6-1
How to Configure the Cluster Topology on Cisco Unified Presence 6-3 About Subcluster, Node and User Management Recommendations Node Creation and Movement Recommendations 6-3 Node Name Recommendations 6-4 User Assignment Mode Recommendations 6-5 Manual User Assignment Recommendations 6-5 User Redistribution 6-6 Creating Subclusters in System Topology 6-6 Creating, Assigning and Moving Nodes in System Topology 6-7 Configuring User Assignment in System Topology 6-9
6-3
About High Availability Cisco Unified Presence Deployments 6-10 Requirements for High Availability 6-11 High Availability in a Subcluster 6-11 Impact of Failover to Cisco Unified Presence Clients and Services 6-11 Automatic Failover Detection 6-12 Cisco UP Server Recovery Manager (SRM) 6-13 Manual Failover and Fallback 6-14 Important Note About High Availability and Intercluster Deployments 6-14 Node State Definitions 6-15 Node States, Causes and Recommended Actions 6-16 How To Configure High Availability Cisco Unified Presence Deployments 6-19 Turning On or Off High Availability for a Subcluster 6-20 Configuring the Advanced Service Parameters for the Server Recovery Manager Performing a Manual Failover to Backup Node 6-24 Performing a Manual Fallback to Active Node 6-25
6-21
Contents
Performing a Manual Recovery of a Subcluster
6-25
How to Configure the Cluster-Wide Routing Information on Cisco Unified Presence 6-26 Configuring the Domain Value 6-26 Replacing the Default Domain Value 6-26 Changing the Domain Value 6-27 About the Routing Communication Type 6-28 Routing Communication Recommendations 6-28 MDNS Routing and Cluster ID 6-29 Configuring the Routing Communication 6-29 Viewing or Configuring the Cluster ID 6-30 Configuring a Cluster-Wide Cisco Unified Presence Address 6-31 Configuring the Throttling Rate for Availability State Change Messages 6-32 Uploading the Licences on Cisco Unified Presence
6-32
How to Configure Static Routes on Cisco Unified Presence 6-33 Route Embed Templates 6-34 Configuring Route Embed Templates on Cisco Unified Presence Configuring Static Routes on Cisco Unified Presence 6-35 How to Configure the Presence Gateway on Cisco Unified Presence Presence Gateway Configuration Option 6-38 Configuring the Presence Gateway 6-38
6-35
6-38
How To Configure the Authorization Policy on Cisco Unified Presence 6-39 Automatic Authorization on Cisco Unified Presence 6-39 User Policy & Automatic Authorization 6-40 Configuring the Authorization Policy on Cisco Unified Presence 6-41 How To Configure the Availability Settings on Cisco Unified Presence 6-42 Turning On or Off Availability Sharing for a Cisco Unified Presence Cluster Configuring the Do Not Disturb Settings on Cisco Unified Presence 6-43 Configuring the Temporary Presence Subscription Settings 6-44 Configuring the Maximum Contact List Size Per User 6-45 Configuring the Maximum Number of Watchers Per User 6-46
6-42
How to Configure the Instant Messaging Settings on Cisco Unified Presence 6-46 Turning On or Off Instant Messaging for a Cisco Unified Presence Cluster 6-46 Turning On or Off Offline Instant Messaging 6-47 Allowing Clients to Log Instant Message History 6-48 Configuring the SIP Publish Trunk on Cisco Unified Presence Configuring the Proxy Server Settings
6-49 6-49 6-48
How to Turn On the Cisco Unified Presence Services Turning On the Sync Agent 6-49 Turning On the Cisco Unified Presence Services
6-50
Contents
CHAPTER
Configuring Security on Cisco Unified Presence Cisco Unified Presence Certificate Types
7-1
7-1
How to Configure the Certificate Exchange Between Cisco Unified Presence and Cisco Unified Communications Manager 7-2 Prerequisites for Configuring Security 7-2 Importing the Cisco Unified Communications Manager Certificate to Cisco Unified Presence 7-3 Restarting the SIP Proxy Service 7-3 Downloading the Certificate from Cisco Unified Presence 7-4 Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager 7-4 Restarting the Cisco Unified Communications Manager Service 7-5 How to Configure the SIP Security Settings on Cisco Unified Presence 7-5 Configuring a TLS Peer Subject 7-5 Configuring a TLS Context 7-6 Configuring the SIP Proxy-to-Proxy Intracluster Protocol Type 7-6 How to Configure the XMPP Security Settings on Cisco Unified Presence XMPP Security Modes 7-7 Configuring the XMPP Certificate Settings 7-8
8
7-7
CHAPTER
Integrating Third-Party XMPP Client Applications on Cisco Unified Presence About Third-Party Client Integration 8-1 Supported Third-Party XMPP Clients 8-1 License Requirements for Third-Party Clients 8-2 XMPP Client Integration on Cisco Unified Communications Manager LDAP Integration for XMPP Contact Search 8-2 Domain Name for XMPP Clients 8-2 DNS Configuration for XMPP Clients 8-2 Turning On Cisco Unified Presence Services to Support XMPP Clients
8-4
8-1
8-2
Configuring a Secure Connection between Cisco Unified Presence and XMPP Clients
8-3
CHAPTER
Configuring Chat on Cisco Unified Presence
9-1
About Chat 9-1 Chat 9-1 IM Forking 9-2 Offline IM 9-2 Broadcast IM 9-2 Chat Rooms on Cisco Unified Presence 9-2 Chat Room Limits 9-3 File Transfer 9-3 Important Notes About Cisco Unified Presence Service and Chat
9-3
Contents
How to Configure Chat Settings on Cisco Unified Presence 9-3 Configuring the Service Parameters for the IM Gateway 9-4 Configuring Persistent Chat Room Settings 9-4 How to Manage Chat Node Aliases 9-6 Chat Node Aliases 9-6 Key Considerations 9-7 Turning On System-Generated Aliases 9-7 Managing Chat Node Aliases Manually 9-8 Turning On the Cisco UP XCP Text Conference Service Sample Deployments 9-11 Scenario 1 9-12 Scenario 2 9-12 Scenario 3 9-13 Scenario 4 9-13 Scenario 5 9-15
10
9-10
CHAPTER
Configuring the Cisco IP PhoneMessenger Service Prerequisites for Integrating Cisco IP PhoneMessenger
10-1 10-1 10-1
How to Configure Cisco IP PhoneMessenger on Cisco Unified Communications Manager Configuring Cisco IP PhoneMessenger as an Application User 10-2 Configuring a Phone Service for the Cisco IP PhoneMessenger 10-2 Subscribing Phones to the Cisco IP PhoneMessenger Service 10-3 How to Configure Cisco IP PhoneMessenger on Cisco Unified Presence 10-3 Configuring the Cisco IP PhoneMessenger Settings 10-4 Configuring Meeting Notification Settings 10-4 Information to Provide to Users About the Meeting Notification Feature 10-5 Configuring Cisco IP Phone Messenger Response Messages 10-6 Sending a Broadcast Message 10-6 Signing Out a Cisco IP Phone Messenger User 10-7
11
CHAPTER
Configuring Basic Features for Cisco Unified Personal Communicator Roadmap for Deploying Cisco Unified Personal Communicator Adding Licensing Capabilities for Users
11-7 11-2 11-6
11-1
Prerequisites for Integrating Cisco Unified Personal Communicator
Configuring Firewalls to Pass Cisco Unified Personal Communicator Traffic Verifying That the Cisco UP XCP Router Service Is Running
11-7
11-7
(Cisco Unified Personal Communicator Release 8.x) About Configuring XCP Services for Cisco Unified Personal Communicator 11-8
Contents
(Cisco Unified Personal Communicator Release 8.x) Required XCP Services 11-8 (Cisco Unified Personal Communicator Release 8.x) Optional XCP Services 11-8 How to Configure Chat 11-9 Configuring the Service Parameters for the IM Gateway 11-9 (Cisco Unified Personal Communicator Release 8.x) Configuring Persistent Chat Rooms (Cisco Unified Personal Communicator Release 8.5) Disabling Chat 11-10 (Cisco Unified Personal Communicator Release 8.5) Configuring Chat History 11-10
11-9
About Configuring Cisco Unified Personal Communicator on Cisco Unified Communications Manager 11-10 Application Dialing and Directory Lookup Rules 11-10 Transformation of Dialed Numbers by Cisco Unified Personal Communicator 11-11 Cisco Unified Client Services Framework Device Type 11-12 Extension Mobility Configuration 11-12 (Cisco Unified Personal Communicator Release 8.x) Guidelines for Configuring the Softphone Device Name 11-13 (Cisco Unified Personal Communicator Release 7.1) Guidelines for Configuring the Softphone Device Name 11-13 How to Configure Cisco Unified Personal Communicator on Cisco Unified Communications Manager 11-14 Creating a Softphone Device for Each Cisco Unified Personal Communicator User 11-14 Associating Users with Softphone Devices 11-16 Adding Users to User Groups 11-17 Associating a New Device with a User 11-17 Resetting a Device 11-18 Specifying Which Softphone Device to Use for a User with Multiple Associated Softphone Devices 11-18 About Configuring Cisco Unified Personal Communicator on Cisco Unified Presence TFTP Server Connection 11-19 High Availability 11-20
11-19
How to Configure Cisco Unified Personal Communicator on Cisco Unified Presence 11-20 Configuring the Proxy Listener and TFTP Addresses 11-20 (Cisco Unified Personal Communicator Release 8.x) Configuring Settings 11-21 (Cisco Unified Personal Communicator Release 7.1) Configuring the Service Parameters 11-23 (Cisco Unified Personal Communicator Release 7.1) Configuring a Secure Connection Between Cisco Unified Presence and Cisco Unified Personal Communicator 11-24 About Configuring CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence 11-25 Desk-Phone Control and the CTI Connection Failures 11-25 (Cisco Unified Personal Communicator Release 7.x) Desk-Phone Control and LDAP TelephoneNumber Field 11-26 How to Configure CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence
11-27
Contents
Configuring CTI Gateway Server Names and Addresses Creating CTI Gateway Profiles 11-28
11-27
How to Configure Video Calls and Videoconferencing 11-29 Configuring Users for Point-to-Point Video Calls and for Multipoint Videoconferencing 11-29 Configuring Videoconferencing Resources and Ad-Hoc Conferencing on Cisco Unified Communications Manager 11-30 Configuring Bandwidth Capability for Cisco Unified Personal Communicator 11-32 (Cisco Unified Personal Communicator Release 8.x) How to Configure Cisco Unified IP Phones for Video 11-33 (Cisco Unified Personal Communicator Release 8.x) Connecting a Cisco Unified IP Phone to the Network and Your Computer 11-33 (Cisco Unified Personal Communicator Release 8.x) Enabling Video for a Cisco Unified IP Phone 11-34
12
CHAPTER
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator 12-1 About Secure Voicemail Messaging 12-1 Secure Voicemail Messaging on Cisco Unity Connection Secure Voicemail Messaging on Cisco Unity 12-2 Secure Voicemail Messaging Configuration 12-3
12-2
How to Configure Voicemail Servers for Cisco Unified Personal Communicator 12-3 Configuring Cisco Unity Connection Servers 12-4 Configuring Cisco Unity Servers 12-5 Configuring Voicemail Server Names and Addresses on Cisco Unified Presence 12-8 Configuring Mailstore Server Names and Addresses on Cisco Unified Presence 12-9 Creating Voicemail Profiles on Cisco Unified Presence 12-10 How to Configure Conferencing Servers for Cisco Unified Personal Communicator 12-12 About the Conferencing Servers for Cisco Unified Personal Communicator 12-13 (Cisco Unified Personal Communicator Release 7.1) Configuring Cisco Unified MeetingPlace Express and Cisco Unified MeetingPlace Express VT Servers 12-13 Configuring Cisco Unified MeetingPlace Servers 12-16 (Cisco Unified Personal Communicator Release 8.x) Configuring the Cisco Unified MeetingPlace Web Server 12-18 Adding Custom Cisco Unified MeetingPlace Template Files to a Cisco Unified MeetingPlace7.x Web Server 12-18 (Cisco Unified Personal Communicator Release 8.5) Configuring Cisco Webex Servers 12-19 Configuring Single Sign-on for Cisco Webex and Cisco Unified MeetingPlace 12-19 Configuring Conferencing Server Names and Addresses on Cisco Unified Presence 12-19 Creating Conferencing Profiles on Cisco Unified Presence 12-21 (Cisco Unified Personal Communicator Release 8.x) Creating Audio Profiles on Cisco Unified Presence 12-23
10
Contents
Configuring CCMCIP Profiles for Cisco Unified Personal Communicator Release 8.x About Configuring Third-Party Clients on Cisco Unified Presence
12-26
12-24
(Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal Communicator as a Desktop Agent 12-27 About Running Cisco Unified Personal Communicator as a Desktop Agent 12-27 Before You Start Cisco Unified Personal Communicator as a Desktop Agent 12-27 Starting Cisco Unified Personal Communicator as a Desktop Agent 12-28 Stopping Cisco Unified Personal Communicator as a Desktop Agent 12-29 (Cisco Unified Personal Communicator Release 8.5) Distributing HTML Files for Display in the Cisco Unified Personal Communicator Window 12-30 About Migrating Users from Cisco Unified Personal Communicator Release 7.x to Release 8.x
12-31
How to Update User Configuration After Deploying Cisco Unified Personal Communicator 12-31 Application Profiles 12-31 Changing Application Profiles for a Single User 12-32 Changing Application Profiles for Multiple Users 12-32 Configuring a New User for Full Cisco Unified Personal Communicator Functionality 12-33
13
CHAPTER
Deploying and Upgrading Cisco Unified Personal Communicator
13-1
Pre-Deployment Tasks 13-1 Removing Any Applications That Depend on Cisco Unified Client Services Framework 13-1 Removing Cisco Unified Video Advantage 13-2 (Cisco Unified Personal Communicator Release 8.x) Setting a Default Address for the Cisco Unified Presence Server 13-2
13-2
Cisco Unified Personal Communicator Deployment 13-3 Executable File 13-3 Windows Installer (MSI) File 13-4 Software Download Site and Installer Package Names Deployment Options 13-5 Automated Mass Deployment 13-5 Standalone Installation 13-5
13-4
How to Deploy the Application 13-6 (Cisco Unified Personal Communicator Release 8.5 and Earlier) Deploying the Application in a Mac OS Environment 13-6 Deploying the Application and the Camera Drivers in a Microsoft Windows Environment 13-6 Installing Security Certificates on Client Computers for Client Services Framework (CSF) 13-7 Enabling Availability Status for Microsoft Office 2010 Users 13-8 Upgrading the Application
13-9 13-10
Installation and Configuration of Headsets and Other Audio Devices
11
Contents
Use of Third-Party Headsets with Cisco Unified Personal Communicator Do Not Disturb Behavior of Cisco Unified Personal Communicator Information to Provide to Users
13-13 13-11
13-10
Troubleshooting 13-16 Cisco Unified Personal Communicator Fails to Start or Starts with a Black Background with No Visible Controls 13-16 Limitations Creating Group Chats 13-17 Cannot Place or Receive Calls After a Secure Profile is Enabled 13-17 Error Connecting to the CSF Device 13-17
14
CHAPTER
Integrating the LDAP Directory LDAP Integrations

14-2
14-1 14-1
Prerequisites for Integrating the LDAP Directory
How to Integrate the LDAP Directory with Cisco Unified Communications Manager 14-2 Secure Connection Between Cisco Unified Communications Manager and the LDAP Directory 14-3 Configuring the LDAP Synchronization for User Provisioning 14-3 Uploading LDAP Authentication Server Certificates 14-4 Configuring LDAP Authentication 14-5 Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory 14-6 How to Integrate the LDAP Directory with Cisco Unified Personal Communicator 14-6 Rules for a Displayed Contact Name 14-7 (Cisco Unified Personal Communicator Release 8.0) Fetch Contact Pictures from a Web Server 14-7 Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator 14-8 Configuring LDAP Server Names and Addresses for Cisco Unified Personal Communicator 14-10 Creating LDAP Profiles and Adding Cisco Unified Personal Communicator Users to the Profile 14-11 How to Integrate the LDAP Directory for Contact Searches on XMPP Clients 14-13 LDAP Account Lock Issue 14-14 Configuring LDAP Server Names and Addresses for XMPP Clients 14-14 Configuring the LDAP Search Settings for XMPP Clients 14-15 Turning On The Cisco UP XCP Directory Service 14-17
15
CHAPTER
Configuring a Cisco Unified Presence Intercluster Deployment About Intercluster Deployments 15-1 Intercluster Peer Relationships 15-1 Intercluster Router to Router Connections 15-2 Node Name Value for Intercluster Deployments 15-2 Domain Value for Intercluster Deployments 15-3 Secure Intercluster Router to Router Connections 15-3
15-1
12
Contents
Prerequisites for Intercluster Deployment
15-3
How to Configure Intercluster Peers 15-4 Configuring an Intercluster Peer 15-4 Turning On the Intercluster Sync Agent 15-6 Verifying the Intercluster Peer Status 15-6 Updating Intercluster Sync Agent Tomcat Trust Certificates
15-7
How to Perform Intercluster Upgrades 15-7 Prerequisites for an Intercluster Upgrade 15-8 Roster Migration for Intercluster Upgrade 15-8 Contact List Size for Intercluster Upgrade 15-9 SIP Remote Contact Limit 15-9 Performing an Intercluster Upgrade 15-9 Verifying that the Roster Migration is Complete on Cisco Unified Presence
16
15-11
CHAPTER
Configuring Active Directory for Cisco Unified Personal Communicator Release 8.5(x) Feature Comparison of Enhanced and Basic Directory Integration
16-2
16-1
Specifying How Cisco Unified Client Services Framework Integrates with Active Directory Mapping Keys Required for Basic and Enhanced Directory Integration
16-3
16-3
About Enhanced Directory Integration 16-3 Automatic Discovery of the Directory Service 16-4 Configuration of Directory Servers that Cannot Be Discovered Automatically Connections to Global Catalog Servers or Domain Controllers 16-5 Usage of SSL 16-5 Usage of SSL for Users that Are Not Part of Your Domain 16-5 Usage of Windows Credentials 16-6 Usage of Non-Windows Credentials 16-6 Topics to Consider Before You Use Enhanced Directory Integration 16-6 About Configuring Enhanced Directory Integration with Active Directory 16-7 Default Configuration of Active Directory with Enhanced Directory Integration Configuration of the Connection for Enhanced Directory Integration 16-7 Directory Attributes Are Standard Active Directory Attribute Names 16-10 Configuration of Additional Directory Attributes 16-11 Active Directory Attributes That Must Be Indexed 16-12 Sample Configuration Questions 16-13
16-4
16-7
About Basic Directory Integration 16-14 Using an Active Directory Group Policy Administrative Template to Configure Client Services Framework Clients 16-14 Deployment of Group Policy Administrative Templates in a Windows Server 2003 Environment 16-15
13
Contents
Deployment of Group Policy Administrative Templates in a Windows Server 2008 Environment 16-15 Registry Location on Client Machines 16-16 Configuration of LDAP Registry Settings 16-16 About Phone Number Masks 16-20 Elements of Phone Number Masks 16-20 Subkey Names for Specifying Masks 16-22 About Retrieving Photos for Contacts 16-23 Retrieval of Binary Photos from Active Directory 16-23 Retrieval of Static URLs from Active Directory 16-23 Retrieval of Dynamic URLs from Active Directory 16-23
17
CHAPTER
Configuring Additional Registry Keys for Cisco Unified Personal Communicator Release 8.5(x) 17-1 Mapping Registry Keys
17-1 17-2 17-2 17-2
Configuration of Video Registry Settings Configuration of CTI Registry Settings
Configuration of Web Conferencing Registry Settings Configuration of Dial via Office Registry Settings Configuration of Additional Registry Settings
17-4 17-3 17-2
APPENDIX
18
How to Configure Multilingual Support for Cisco Unified Presence Installing the Locale Installer on Cisco Unified Presence Localized Applications
18-5 18-3
18-1 18-1
Installing the Locale Installer on Cisco Unified Communications Manager
APPENDIX
Configuring Cisco Unified Presence for an IM-Only Deployment IM-Only Configuration Steps
A-1
A-1
APPENDIX
High Availability Client Login Profiles
B-1
How to Use the High Availability Login Profiles B-1 Important Notes About the High Availability Login Profiles Using the High Availability Login Profile Tables B-2 Example High Availability Login Configurations B-3 2 GB Active/Active Profile 2 GB Active/Standby Profile 4 GB Active/Active Profile
B-3 B-4 B-4
B-1
14
Contents
4 GB Active/Standby Profile 6 GB Active/Active Profile 6 GB Active/Standby Profile

C
B-5 B-5 B-6
APPENDIX
Glossary of Terms
C-1
15
Contents
16
CH A P T E R

November 21, 2011
About the Cisco Unified Presence Interfaces, page 1-1 XMPP Standards, page 1-4 Module Overview, page 1-5 IM Compliancy, page 1-8 Cisco Integrations, page 1-8 Third-Party Integrations, page 1-8 Getting More Information, page 1-9
About the Cisco Unified Presence Interfaces

Main Components, page 1-1 SIP Interface, page 1-2 CTI Interface, page 1-3 AXL/SOAP Interface, page 1-3 LDAP Interface, page 1-4 XMPP Interface, page 1-4
Main Components
Figure 1-1 provides an overview of a Cisco Unified Presence deployment, including the main components and interfaces between Cisco Unified Communications Manager and Cisco Unified Presence. and between Cisco Unified Presence and third-party products.
1-1
Chapter 1 About the Cisco Unified Presence Interfaces
Figure 1-1
Cisco Unified Presence Basic Deployment
Cisco UC Client CUMC CUCM End User Identity CUMA Third - party XMPP Client Phone state Device data Licensing SIP, AXL, Data Sync Cisco Unified Presence Rich Presence Roster Mgt Instant Messaging - Permanent chat - IM History - Compliance Policy/User Preferences Open API Federation RCC ODBC External IM Archive XMPP Federation - IBM Sametime - WebEx - Googletalk SIP Federation - Microsoft OCS
, PP AP XM /SO P SI
Web Applications
HTTP
XM SI PP P ,
Compliance XDB Record Retention Storage Vendors
Location Appliance
SOAP
MS Exchange Calendaring
SIP Interface
A SIP connection handles the presence information exchange between Cisco Unified Communications Manager and Cisco Unified Presence. To enable the SIP connection on Cisco Unified Communications Manager, you must configure a SIP trunk pointing to the Cisco Unified Presence server. On Cisco Unified Presence, configuring Cisco Unified Communications Manager as a Presence Gateway will allow Cisco Unified Presence to send SIP subscribe messages to Cisco Unified Communications Manager over the SIP trunk.
Note
Cisco Unified Presence does not support clients (Cisco clients or third party) connecting to Cisco Unified Presence using SIP/SIMPLE interface over TLS. Only a SIP connection over TCP is supported.
Related Topics

How to Configure the SIP Trunk on Cisco Unified Communications Manager, page 3-3 How to Configure the Presence Gateway on Cisco Unified Presence, page 6-38
1-2
207482
Chapter 1
Overview of a Basic Integration About the Cisco Unified Presence Interfaces
CTI Interface
The CTI (Computer Telephony Integration) interface handles all the CTI communication for users on the Cisco Unified Presence server to control phones on Cisco Unified Communications Manager. The CTI functionality allows users of the Cisco Unified Personal Communicator client to run the application in desk phone control mode. The CTI functionality is also used for the Cisco Unified Presence remote call control feature on the Microsoft Office Communicator client. For information on configuring the remote call control feature, see the Integration Note for Configuring Cisco Unified Presence with Microsoft OCS for MOC Call Control. To configure CTI functionality for Cisco Unified Presence users on Cisco Unified Communications Manager, users must be associated with a CTI-enabled group, and the primary extension assigned to that user must be enabled for CTI. To configure Cisco Unified Personal Communicator desk phone control, you must configure a CTI server and profile on Cisco Unified Presence, and assign any users that wish to use the application in desk phone mode to that profile. However, note that all CTI communication occurs directly between Cisco Unified Communications Manager and Cisco Unified Personal Communicator, and not through the Cisco Unified Presence server.
Related Topics

User and Device Configuration on Cisco Unified Communications Manager, page 3-1 How to Configure CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence, page 11-27 Integration Note for Configuring Cisco Unified Presence with Microsoft OCS for MOC Call Control: http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_lis t.html
AXL/SOAP Interface
The AXL/SOAP interface handles the database synchronization from Cisco Unified Communications Manager and populates the Cisco Unified Presence database. To activate the database synchronization, you must start the Sync Agent service on Cisco Unified Presence. By default the Sync Agent load balances all users equally across all nodes within the Cisco Unified Presence cluster. You also have the option to manually assign users to a particular node in the Cisco Unified Presence cluster. For guidelines on the recommended synchronization intervals when executing a database synchronization with Cisco Unified Communications Manager, for single and dual-node Cisco Unified Presence, see the Cisco Unified Presence SRND document.
Related Topics
Cisco Unified Presence SRND: http://www.cisco.com/go/designzone
Turning On the Sync Agent, page 6-49
1-3
Chapter 1 XMPP Standards
LDAP Interface
Cisco Unified Communications Manager obtains all user information via manual configuration or synchronization directly over LDAP. Cisco Unified Presence then synchronizes all this user information from Cisco Unified Communications Manager (using the AXL/SOAP interface). Cisco Unified Presence provides LDAP authentication for users of the Cisco Unified Personal Communicator client and Cisco Unified Presence user interface. If a Cisco Unified Personal Communicator user logs into Cisco Unified Presence, and LDAP authentication is enabled on Cisco Unified Communications Manager, Cisco Unified Presence goes directly to the LDAP directory for Cisco Unified Personal Communicator user authentication. Once Cisco Unified Personal Communicator is authenticated, Cisco Unified Presence forwards this information to Cisco Unified Personal Communicator to continue the user login. Cisco Unified Personal Communicator and third party XMPP clients use the LDAP directory to allow users to search and add contacts.
Related Topic
Integrating the LDAP Directory, page 14-1
XMPP Interface
An XMPP connection handles the presence information exchange and instant messaging operations for XMPP-based clients. Cisco Unified Presence supports temporary (ad-hoc) and persistent chat rooms for XMPP-based clients. An IM Gateway supports the IM interoperability between SIP-based and XMPP-based clients in a Cisco Unified Presence deployment.
Related Topics

Integrating Third-Party XMPP Client Applications on Cisco Unified Presence, page 8-1 Configuring Chat on Cisco Unified Presence, page 9-1
XMPP Standards
Cisco Unified Presence is compliant with the following XMPP standards:
RFC 3920 Extensible Messaging and Presence Protocol (XMPP): Core RFC 3921 Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence
XEP-0004 Data Forms XEP-0012 Last Activity XEP-0013 Flexible Offline Message Retrieval XEP-0016 Privacy Lists XEP-0030 Service Discovery XEP-0045 Multi-User Chat XEP-0054 Vcard-temp XEP-0055 Jabber Search XEP-0060 Publish-Subscribe
1-4
Chapter 1
Overview of a Basic Integration Module Overview
XEP-0065 SOCKS5 Bystreams XEP-0066 Out of Band Data Archive OOB requests XEP-0068 Field Standardization for Data Forms XEP-0071 XHTML-IM XEP-0082 XMPP Date and Time Profiles XEP-0092 Software Version XEP-0106 JID Escaping XEP-0114 Jabber Component Protocol XEP-0115 Entity Capabilities XEP-0124 Bidirectional Streams over Synchronous HTTP (BOSH) XEP-0126 Invisibility XEP-0128 Service Discovery Extensions XEP-0160 Best Practices for Handling Offline Messages XEP-0163 Personal Eventing Via PubSub XEP-0170 Recommended Order of Stream Feature Negotiation XEP-0178 Best Practices for Use of SASL EXTERNAL XEP-0220 Server Dialback XEP-0273 SIFT (Stanza Interception and Filtering Technology)
Module Overview
Module Configuring the Licensing for this Integration This Module Describes...
Notes
Licensing requirements for Cisco Unified Presence and Cisco Unified Personal Communicator. Instructions on how to obtain and upload a license file, and how to view license information on Cisco Unified Communications Manager. Instructions to configure the presence parameters and the SIP trunk, on Cisco Unified Communications Manager.
This is required configuration.
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence
This is required configuration. Make sure that you complete the prerequisite user and device configuration on Cisco Unified Communications Manager as described in this module.
1-5
Chapter 1 Module Overview
Module Planning a Cisco Unified Presence Multi-node Deployment
This Module Describes...

Notes
Multi-node scalability feature introduction. Different multi-node deployment models. DNS configuration options for a multi-node deployment. A high-level overview of how to perform a multi-node installation and deployment. Describes the high-level sequence of tasks when performing a fresh multi-node deployment, and updating an existing multi-node deployment. System topology configuration (multi-node) High availability configuration (multi-node) Cluster-wide SRV address (multi-node) Routing parameters (multi-node) Uploading Cisco Unified Presence license file (single node and multi-node) Presence gateway and service parameters (single node and multi-node) Authorization policy configuration (single node and multi-node) Turning on Cisco Unified Presence services (single node and multi-node) The exchange of self-signed certificates between Cisco Unified Communications Manager and Cisco Unified Presence. Configuring Cisco Unified Presence secure modes Instructions to configure third-party XMPP clients on Cisco Unified Presence. Instructions to configure the chat, and group chat settings on Cisco Unified Presence. Instructions to configure Cisco IP PhoneMessenger on Cisco Unified Communications Manager Instructions to configure Cisco IP PhoneMessenger on Cisco Unified Presence
This module is only applicable if you are configuring a multi-node deployment.
Performing a Cisco Unified Presence Multi-node Deployment
This module is only applicable if you are configuring a multi-node deployment.
Configuring a Cisco Unified Presence Server for Deployment in the Network
Some topics in this module are only applicable to the multi-node deployment, and some are applicable to both single node and multi-node deployments. You perform certain tasks in this module on the Cisco Unified Presence publisher node, and certain tasks on all nodes in the cluster.
Configuring Security between Cisco Unified Communications Manager and Cisco Unified Presence Integrating Third-Party XMPP Client Applications on Cisco Unified Presence Configuring Chat on Cisco Unified Presence Configuring the Cisco IP PhoneMessenger Service
This module is only required if you want a secure connection between these servers. This module is only required if you are deploying third-party XMPP clients. This module is only applicable if you are deploying XMPP clients. This module is only required if you are deploying Cisco IP PhoneMessenger
1-6
Chapter 1
Overview of a Basic Integration Module Overview
Module Configuring the Cisco Unified Personal Communicator
This Module Describes...
Notes
This module describes how to configure Cisco Unified Personal Communicator Release 8.x and Cisco Unified Personal Communicator Release 7.x. Instructions to configure Cisco Unified Personal Communicator on Cisco Unified Communications Manager Instructions to configure Cisco Unified Personal Communicator on Cisco Unified Presence Configuring firewalls to pass Cisco Unified Personal Communicator traffic Configuring users for point-to-point video calls and for multipoint video conferencing Instructions to configure the voicemail servers for Cisco Unified Personal Communicator Instructions to configure the conferencing servers for Cisco Unified Personal Communicator Instructions to configure the video conferencing resources on Cisco Unified Communications Manager Updating user configuration after deploying Cisco Unified Personal Communicator Instructions on deploying and upgrading Cisco Unified Personal Communicator Information on installation and use of headsets and other audio devices. Integrating the LDAP directory with Cisco Unified Communications Manager Integrating the LDAP directory with Cisco Unified Personal Communicator Integrating the LDAP directory for XMPP client contact search Information about intercluster deployments, and how to configure intercluster peers. Outline of the configuration steps required for an IM-only deployment Information on installing the locale installer on Cisco Unified Communications Manager and Cisco Unified Presence
This module is only required if you are deploying Cisco Unified Personal Communicator.
Additional Deployment Information for Cisco Unified Personal Communicator
This module describes optional configuration if you are deploying Cisco Unified Personal Communicator
Deploying and Updating Cisco Unified Personal Communicator Integrating the LDAP Directory
This module is only required if you are deploying Cisco Unified Personal Communicator. This is recommended configuration.
Configuring a Cisco Unified Presence Intercluster Deployment Configuring Cisco Unified Presence for an IM-Only Deployment How to Configure Multilingual Support for Cisco Unified Presence
This module is only required if you are configuring a multi-cluster deployment. This module is only required if you are configuring an IM-only deployment. This module is only required if you wish to expand your Cisco Unified Presence deployment to support multiple languages.
1-7
Chapter 1 IM Compliancy
IM Compliancy
For information on configuring Instant Message (IM) compliancy on Cisco Unified Presence, refer to the following documents:
Instant Messaging Compliance Guide for Cisco Unified Presence: http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_lis t.html
Database Setup Guide for Cisco Unified Presence http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_lis t.html
Cisco Integrations
For information on integrating Cisco Unified Presence with Cisco Unified Mobility, see the Cisco Unified Mobility server documentation.
Related Topic
Cisco Unified Mobility documentation: http://www.cisco.com/en/US/products/ps7270/prod_installation_guides_list.html
Third-Party Integrations
This guide only details how to configure a basic Cisco Unified Presence deployment. For third-party integrations, see the document references below. Third Party Integration Integrating Cisco Unified Presence with Microsoft Exchange Integrating Cisco Unified Presence with Microsoft OCS/LCS for MOC Call Control This Guide Describes...

Integrating with Microsoft Exchange 2003, 2007 and 2010 Configuring Microsoft Active Directory for this integration Configuring Cisco Unified Presence as a CSTA gateway for remote call control from the Microsoft Office Communicator client Configuring Microsoft Active Directory for this integration Load-balancing MOC requests in a dual node Cisco Unified Presence deployment over TCP Load-balancing MOC requests in a dual node Cisco Unified Presence deployment over TLS Configuring Cisco Unified Presence for interdomain federation over the SIP protocol with Microsoft OCS and AOL, and over the XMPP protocol with IBM Sametime, Googletalk, Webex Connect, and another Cisco Unified Presence Release 8.x enterprise.
Integrating Cisco Unified Presence for Interdomain Federation
1-8
Chapter 1
Overview of a Basic Integration Getting More Information
Related Topic
Cisco Unified Presence third party integration documentation: http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_lis t.html
Getting More Information

Cisco Unified Presence Solution Reference Network Design (SRND) Document:
http://www.cisco.com/go/designzone
Cisco Unified Presence Compatibility Matrices and Port List:
http://www.cisco.com/en/US/products/ps6837/products_device_support_tables_list.html
Cisco Unified Presence Release Notes:
http://www.cisco.com/en/US/products/ps6837/prod_release_notes_list.html
Cisco Unified Communications Manager Documentation:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_support_series_home.html
Cisco Unified Personal Communicator Documentation:
http://www.cisco.com/en/US/products/ps6844/tsd_products_support_series_home.html
1-9
Chapter 1 Getting More Information
1-10
CH A P T E R

November 21, 2011
About the License Requirements, page 2-1 Cisco Unified Presence License Requirements, page 2-1 Obtaining a License File, page 2-7 Uploading a License File on Cisco Unified Communications Manager, page 2-8 Assigning the Licensing Capabilities on Cisco Unified Communications Manager, page 2-9 Viewing Licensing Information on Cisco Unified Communications Manager, page 2-10
About the License Requirements

Cisco Unified Presence License Requirements, page 2-1 Cisco Unified Personal Communicator License Requirements, page 2-5
Cisco Unified Presence License Requirements

Licensing Modes, page 2-1 User and Server License Requirements, page 2-3
Licensing Modes
Immediately following a fresh installation of Cisco Unified Presence, a 90-day trial evaluation period starts by default. During this time,

an organization can use or "run" a Cisco Unified Presence server without requiring a server license, and users in that organization, who you have already configured on Cisco Unified Communications Manager, can access Cisco Unified Presence and you can configure these users to use Cisco Unified Personal Communicator, without requiring the necessary user licenses (DLUs)
After the trial evaluation period ends, users no longer have access to Cisco Unified Presence functionality. You must upload the server license file, and the required user licenses, to enable Cisco Unified Presence in permanent Production mode.
2-1
Chapter 2 About the License Requirements
Restrictions
The Evaluation expiration date occurs 90 days after Cisco Unified Presence is first installed. To determine the number of days remaining to expiry, review the licensing warning messages in Cisco Unified Presence Administration and the Real-Time Monitoring Tool Syslog viewer. The alarm notifications begin 30 days before the end of the evaluation period, with a final alarm occurring on the date that the Evaluation expires. You can only evaluate each Cisco Unified Presence release once. Multiple evaluations per release are not permitted. If your Cisco Unified Presence server is operating in Evaluation mode following a fresh installation, you cannot upgrade it until you enable Cisco Unified Presence in permanent Production mode. When the Cisco Unified Presence server is operating in Evaluation mode, users of Cisco Unified Personal Communicator are able to exchange instant messaging and availability information, and use desk phone control. However, Cisco Unified Presence does not support the softphone client feature on Cisco Unified Personal Communicator during the evaluation period. It is recommended that you use a Windows PC rather than a MAC PC to both obtain and upload the license files. Receiving a license file using a MAC PC email client may result in a licensing failure, as will uploading or viewing the file on a MAC PC.
The table below describes Cisco Unified Presence licensing modes:

Table 2-1 Licensing Modes in Cisco Unified Presence
License Behavior Evaluation Mode
Cisco Unified Presence User
Cisco Unified Personal Communicator User All users who are configured on Cisco Unified Communications Manager can use Cisco Unified Personal Communicator. No Device License Unit (DLU) is required.
Note
All users who are configured on Cisco Unified Communications Manager can use Cisco Unified Presence. No Device License Unit (DLU) is Warning messages, in Cisco required. Unified Presence Administration, indicate that Cisco Unified Presence is in Evaluation mode. The Real-Time Monitoring Tool (Syslog Viewer) also displays license alarm messages. Users can manually start Cisco Unified Presence without uploading a license file. Evaluation Mode - Expired
In Evaluation mode, Cisco Unified Presence does not support the softphone client feature on Cisco Unified Personal Communicator.
2-2
Chapter 2
Configuring the Licensing for this Integration About the License Requirements
Table 2-1
Licensing Modes in Cisco Unified Presence
License Behavior
Cisco Unified Presence User
Cisco Unified Personal Communicator User
Users no longer have access to Cisco Unified Presence functionality. The PE and proxy shut down. Warning messages, in Cisco Unified Presence Administration, indicate that Cisco Unified Presence Evaluation mode has expired. The Real-Time Monitoring Tool (Syslog Viewer) also displays license alarm messages. Administrators must upload a valid server license file to enable Cisco Unified Presence in Production mode. You can upload the server license to Cisco Unified Presence before or after the trial evaluation period ends.
Users cannot log into Administrators can log into Cisco Unified Cisco Unified Presence Administration to upload a valid Personal Communicator. license.
Production Mode
Note
All users who are configured on Cisco Unified Communications Manager can use Cisco Unified Presence. A Device License Unit (DLU) is required.
All users who are configured on Cisco Unified Communications Manager can use Cisco Unified Personal Communicator. A Device License Unit (DLU) is required.
Related Topic
See the Real-Time Monitoring Tool (Syslog viewer) for the licensing alarm messages that display in Evaluation mode and Evaluation-Expired mode.
User and Server License Requirements

Table 2-2 describes the user and server license requirements for Cisco Unified Presence.
2-3
Table 2-2
Cisco Unified Presence user and server license requirements
License Requirement Cisco Unified Presence user feature license
Description You need to assign presence capabilities for each Cisco Unified Presence user. This will consume one Cisco Unified Communications Manager Device License Unit (DLU). You can assign Cisco Unified Presence capabilities on a per user basis, regardless of the number of clients you associate with each user. When you assign Cisco Unified Presence capabilities for a user, this enables the user to send and receive availability updates. If the user is not enabled for Cisco Unified Presence capabilities, no availability updates are allowed for that user. On Cisco Unified Communications Manager, you will need to upload the user DLU, and then assign Cisco Unified Presence capabilities for a user.
Cisco Unified Presence server license
You will require one server license for each Cisco Unified Presence server. This license covers service activation for the Cisco UP Presence Engine and Cisco UP SIP Proxy services on Cisco Unified Presence.
Note
This only applies if you are configuring the Cisco Unified Presence publisher node, or enabling Cisco Unified Presence in permanent Production mode.
You can deploy Cisco Unified Presence software as a single server or as a cluster of up to six servers. You must order a separate server license for each Cisco Unified Presence server, however, you only need to upload the license to the first node in a cluster as the license file contains the number of Cisco Unified Presence servers in a cluster that are licensed to the customer. For Cisco Unified Presence Release 8.x, you must provide the MAC address of the physical server or the License MAC value of the VMware server to obtain the Cisco Unified Presence licenses. You can only upload a license file issued for a physical server to a physical server. Similarly, you can only upload a VMware license file to a VMware server. Cisco Unified Presence software You only require a software version license if you are performing an upgrade to version license Cisco Unified Presence Release 8.x.You require one software version license for each Cisco Unified Presence cluster. The software version license enables service startup for the Cisco UP Presence Engine and Cisco UP SIP Proxy services on Cisco Unified Presence after an upgrade.
Troubleshooting Tips
If the Cisco Unified Presence publisher fails, you will need to reinstall Cisco Unified Presence on a new machine with the same hostname, IP address and software version. Cisco Unified Presence detects the change in the MAC address in the physical server of Cisco Unified Presence server, or the change in the License MAC value in the VMware of the Cisco Unified Presence server. It allows you a grace period of 30 days to upload valid license files to Cisco Unified Presence with the new MAC address for the physical server, or the new License MAC value for VMware. To do this, send an e-mail to [email protected] requesting a rehost of your license. After you upload the new license file, you must issue this CLI command file delete license invalid-license-filename and restart the license manager to stop the grace period. If you perform a bridge upgrade to supported hardware for Cisco Unified Presence 8.x, you will need to request new server license and software version license files, with new MAC address for the physical server, or the new License MAC value for VMware. To do this send an email to
2-4
Chapter 2
Configuring the Licensing for this Integration About the License Requirements
[email protected] requesting a "rehost" of your license. After you upload the new license files, you must issue this CLI command file delete license invalid-license-filename to remove the original license files and restart the license manager to stop the grace period.
Note
You can only use the CLI command "file delete license" to remove the license files that become invalid due to the publisher re-host. Do not use this command to manually remove any license files that are still considered valid.
You should include the MAC address or the License MAC value of the new server to which you want to migrate. To obtain the MAC address or the License MAC value of the server, select Show > Network in Cisco Unified Operating System Administration. If you do not obtain and upload a valid server license during the 30-day grace period, you will no longer have access to Cisco Unified Presence functionality. Cisco Unified Presence shuts down the Presence Engine (PE) and Proxy, and removes the invalid license file. Cisco includes an End User Licence Agreements (EULA) with Cisco Unified Presence 8.x for compliancy-oriented customers and to align with the Cisco Unified Communications licensing structure.
Related Topics

Cisco Unified Personal Communicator License Requirements, page 2-5 Uploading a License File on Cisco Unified Communications Manager, page 2-8 Uploading the Licences on Cisco Unified Presence, page 6-32 Assigning the Licensing Capabilities on Cisco Unified Communications Manager, page 2-9 For information on bridge upgrades, see the Installation Guide for Cisco Unified Presence at this URL: http://www.cisco.com/en/US/products/ps6837/prod_installation_guides_list.html
What To Do Next
Obtaining a License File, page 2-7
Cisco Unified Personal Communicator License Requirements

User License Requirements, page 2-5 Adjunct Licensing, page 2-6
User License Requirements

Cisco Unified Communications Manager tracks the number of Cisco Unified Personal Communicator devices that are connected to it and compares it with the number of device licenses that have been purchased. Table 2-3 describes the user license requirements for Cisco Unified Personal Communicator.
2-5
Table 2-3
Cisco Unified Personal Communicator user licensing requirements
Configuration Cisco Unified Personal Communicator basic functionality
License Requirement Cisco Unified Personal Communicator software license
Description You will require one Cisco Unified Personal Communicator software license per user. The Cisco Unified Personal Communicator software license comes with one Cisco Unified Communications Manager Device License Unit (DLU). You need to assign Cisco Unified Personal Communicator capabilities for a user. This will consume one DLU. On Cisco Unified Communications Manager, you will need to upload the software license for a user, and then assign Cisco Unified Personal Communicator capabilities for a user.
Cisco Unified Personal Communicator user feature license
You will require one Cisco Unified Personal Communicator user feature license per user. This license is also known as a Cisco Unified Communications Manager phone device license. You upload this license on Cisco Unified Communications Manager. In addition to the normal licensing requirements listed above, you require three Cisco Unified Communications Manager user feature licenses to register as a Cisco Unified Communications Manager softphone (three device licenses are consumed).
Softphone mode (optional)
Cisco Unified Personal Communicator user feature license registered as Cisco Unified Communications Manager softphone
Related Topics

Adjunct Licensing, page 2-6 Cisco Unified Presence License Requirements, page 2-1 Uploading a License File on Cisco Unified Communications Manager, page 2-8 Assigning the Licensing Capabilities on Cisco Unified Communications Manager, page 2-9 Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 11-14
Adjunct Licensing
From Cisco Unified Communications Manager Release 6.0(1), you can associate a secondary device with a primary device and consume only one device license per device. This is also known as adjunct licensing. On Cisco Unified Communications Manager, you can configure adjunct licensing manually on the Phone Configuration window, using the AXL interface, or using the Bulk Administration Tool (BAT). For releases prior to Cisco Unified Communications Manager Release 6.0(1), three device licenses are consumed. Adjunct licensing has these restrictions:

You can associate up to two secondary softphone devices to a primary phone. You cannot delete the primary phone unless you remove the associated secondary softphone devices.
2-6
Chapter 2
Configuring the Licensing for this Integration Obtaining a License File
The primary phone must be the device that consumes the most licenses. You cannot make the softphone device the primary phone and associate a Cisco Unified IP Phone as the secondary device. Secondary softphone devices are limited to Cisco IP Communicator, Cisco Unified Personal Communicator, and Cisco Unified Mobile Communicator.
Related Topics

User License Requirements, page 2-5 Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 11-14
What To Do Next
Obtaining a License File, page 2-7
Obtaining a License File

When you place an order for Cisco software, Cisco provides a Product Authorization Key (PAK). The PAK provides the software activation key and the license file.
Before You Begin

Obtain the MAC address or the License MAC value of the server for which you are requesting the licenses. Obtain a valid email address. Determine the number of device licenses that you need by using the license unit calculator in Cisco Unified Communications Manager Administration (System > Licensing > License Unit Calculator).
Procedure
Step 1 Step 2
Register the PAK that you received using the License Registration web tool that is provided on CCO. Enter the following information:

The MAC address or the License MAC value of the server for which you are requesting the licenses. Your valid email address. The number of servers and devices for which you want licenses. The server type, physical server or VMware. The install type, fresh install or upgrade.
Step 3
Upload the license file to Cisco Unified Communications Manager.
Related Topics
About the License Requirements, page 2-1
What To Do Next
Uploading a License File on Cisco Unified Communications Manager, page 2-8
2-7
Chapter 2 Uploading a License File on Cisco Unified Communications Manager
Uploading a License File on Cisco Unified Communications Manager

Use this procedure to upload the following licenses:

User licenses for Cisco Unified Presence capabilities. Software and user licenses for Cisco Unified Personal Communicator.
Before You Begin
Obtain the license file.

Restrictions
License files must have a .lic suffix

Procedure
Step 1 Step 2 Step 3 Step 4 Step 5
Select Cisco Unified Communications Manager Administration > System > Licensing > License File Upload. Select Upload License File. Locate the license file on your local computer. Select Upload. Restart the Cisco Unified Communications Manager service.
Run the License Unit Report to verify that the license files have uploaded correctly. Select Cisco Unified Communications Manager Administration > System > Licensing > License Unit Report.
Related Topics

About the License Requirements, page 2-1 Obtaining a License File, page 2-7 Viewing Licensing Information on Cisco Unified Communications Manager, page 2-10 Uploading the Licences on Cisco Unified Presence, page 6-32
What To Do Next
Assigning the Licensing Capabilities on Cisco Unified Communications Manager, page 2-9
2-8
Chapter 2
Configuring the Licensing for this Integration Assigning the Licensing Capabilities on Cisco Unified Communications Manager
Assigning the Licensing Capabilities on Cisco Unified Communications Manager

Use this procedure to assign Cisco Unified Presence and Cisco Unified Personal Communicator capabilities for a user.
Note
Each capability that you assign for a user will consume one Cisco Unified Communications Manager DLU. You can also assign licenses by using the Bulk Administration Tool (BAT). In Cisco Unified Communications Manager Administration, select Bulk Administration > CUP > Update CUP/CUPC Users.
Before You Begin
Upload the licence file to Cisco Unified Communications Manager.

Procedure
Step 1 Step 2 Step 3
Select Cisco Unified Communications Manager Administration > System > Licensing > Capabilities Assignment. Select Find. Perform one of the following actions:
a. b.
To assign capabilities to one user, select the user link to view the Capabilities Assignment Configuration window. To assign capabilities to more than one user, perform the following: Check the users as required. Select Bulk Assignment.
Check Enable CUP to enable Cisco Unified Presence capability. Check Enable CUPC to enable Cisco Unified Personal Communicator capability. Select Save.
Related Topics

About the License Requirements, page 2-1 Uploading a License File on Cisco Unified Communications Manager, page 2-8 Viewing Licensing Information on Cisco Unified Communications Manager, page 2-10
What To Do Next
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence, page 3-1
2-9
Chapter 2 Viewing Licensing Information on Cisco Unified Communications Manager
Viewing Licensing Information on Cisco Unified Communications Manager

Table 2-4
To... Display the license report Determine the required number of license units
Menu path Cisco Unified Communications Manager Administration > System > Licensing > License Unit Report. Cisco Unified Communications Manager Administration > System > Licensing > License Unit Calculator.
Cisco Unified Presence Administration > Diagnostics > System Display the number of licensed Status Cisco Unified Presence and Cisco Unified Personal Communicator users synchronized from the The status window provides this information: Cisco Unified Communications Manager Number of licensed Cisco Unified Presence and Cisco Unified Personal Communicator users synchronized from the Cisco Unified Communications Manager database.

User IDs and the primary extension, number of devices, and the number of contacts associated with users. Which users are licensed to use Cisco Unified Personal Communicator.
2-10
CH A P T E R
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence
November 21, 2011
User and Device Configuration on Cisco Unified Communications Manager, page 3-1 Configuring the Presence Service Parameter, page 3-3 How to Configure the SIP Trunk on Cisco Unified Communications Manager, page 3-3 Verifying That the Required Services are Running on Cisco Unified Communications Manager, page 3-6
User and Device Configuration on Cisco Unified Communications Manager

Before you configure Cisco Unified Communications Manager for integration with Cisco Unified Presence, make sure that the following user and device configuration is completed on Cisco Unified Communications Manager. If you deploy Cisco Unified Personal Communicator, refer to the chapter on configuring Cisco Unified Communications Manager for Cisco Unified Personal Communicator deployment later in this guide.
3-1
Chapter 3 Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence User and Device Configuration on Cisco Unified Communications Manager
Task Modify the User Credential Policy
Notes
Menu path Cisco Unified Communications Manager Administration > User Management > Credential Policy Default
This procedure is only applicable if you are integrating with Cisco Unified Communications Manager version 6.0 or a later release. We recommend that you set an expiration date on the credential policy for users. The only type of user that does not require a credential policy expiration date is an Application user. Cisco Unified Communications Manager does not use the credential policy if you are using an LDAP server to authenticate your users on Cisco Unified Communications Manager. Check Allow Control of Device from CTI to allow the phone to interoperate with the Cisco Unified Personal Communicator client.
Configure the phone devices, and associate a Directory Number (DN) with each device Configure the users, and associate a device with each user
Cisco Unified Communications Manager Administration > Device > Phone
Cisco Unified Communications If you are planning to deploy Cisco Unified Manager Administration > User Personal Communicator, make sure that the user Management > End User. ID value is unique for each user. The user ID is converted into the softphone device name, and if two users have the same softphone device name Cisco Unified Personal Communicator will not be able to derive the softphone device name, and as a result, will not function properly. This procedure is only applicable to Cisco Unified Cisco Unified Communications Communications Manager version 6.0 or a later Manager Administration > release. Device > Phone Cisco Unified Communications This procedure is only applicable if you are Manager Administration > User planning to deploy Cisco Unified Personal Communicator. To enable Cisco Unified Personal Management > User Group Communicator desk phone control, you must add the Cisco Unified Personal Communicator users to a CTI-enabled user group.
Associate a user with a line appearance
Add users to CTI-enabled user group
Note
Note that because menu options and parameters may vary per Cisco Unified Communications Manager releases, see the Cisco Unified Communications Manager documentation appropriate to your release.
Related Topics

Integrating the LDAP Directory, page 14-1 How to Configure Cisco Unified Personal Communicator on Cisco Unified Communications Manager, page 11-14 How to Configure CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence, page 11-27
3-2
Chapter 3
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence Configuring the Presence Service Parameter
Configuring the Presence Service Parameter

You enable the Inter-Presence Group Subscription parameter to allow users in one Presence Group to subscribe to the availability information for users in a different presence group.
Restriction
You can only enable the Inter-Presence Group Subscription parameter when the subscription permission for the default Standard Presence Group, or any new Presence Groups, is set to Use System Default. To configure Presence Groups, select Cisco Unified Communications Manager Administration > System > Presence Groups.
Procedure
Select Cisco Unified Communications Manager Administration > System > Service Parameters. Select Cisco Unified Communications Manager server from the Server menu. Select Cisco CallManager from the Service menu. Select Allow Subscription for Default Inter-Presence Group Subscription in the Clusterwide Parameters (System - Presence) section. Select Save.
You no longer have to manually add Cisco Unified Presence as an Application Server on Cisco Unified Communications Manager:

When you add or remove a node on the system topology interface, the node is automatically added to or removed from the Application Server list on Cisco Unified Communications Manager. When you configure the Cisco Unified Communications Manager publisher on Cisco Unified Presence from Cisco Unified Presence Administration > System > CUCM Publisher, the Cisco Unified Presence node is automatically added to the Application Server list on Cisco Unified Communications Manager.
Related Topic
How to Configure the Cluster Topology on Cisco Unified Presence, page 6-3
What To Do Next
How to Configure the SIP Trunk on Cisco Unified Communications Manager, page 3-3
How to Configure the SIP Trunk on Cisco Unified Communications Manager

Note
The port number that you configure for the SIP Trunk differs depending on the version of Cisco Unified Presence that you are deploying:
For Cisco Unified Presence version 6.x, configure the port number 5070 for the SIP Trunk.
3-3
Chapter 3 Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence How to Configure the SIP Trunk on Cisco Unified Communications Manager
For Cisco Unified Presence version 7.0(x) or higher, configure the port number 5060 for the SIP Trunk.
Configuring the SIP Trunk Security Profile for Cisco Unified Presence, page 3-4 Configuring the SIP Trunk for Cisco Unified Presence, page 3-4
Configuring the SIP Trunk Security Profile for Cisco Unified Presence
Procedure
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7
Select Cisco Unified Communications Manager Administration > System > Security > SIP Trunk Security Profile. Select Find. Select Non Secure SIP Trunk Profile. Verify that the setting for Device Security Mode is Non Secure. Verify that the setting for Incoming Transport Type is TCP+UDP. Verify that the setting for Outgoing Transport Type is TCP. Check to enable these items:

Accept Presence Subscription Accept Out-of-Dialog REFER Accept Unsolicited Notification Accept Replaces Header
Step 8
Select Save.
What To Do Next
Configuring the SIP Trunk for Cisco Unified Presence, page 3-4
Configuring the SIP Trunk for Cisco Unified Presence

You only configure one SIP trunk between a Cisco Unified Communications Manager cluster and a Cisco Unified Presence cluster. After you configure the SIP trunk, you must assign that SIP trunk as the CUP PUBLISH trunk on Cisco Unified Communications Manager by selecting Cisco Unified Communications Manager Administration > System > Service Parameters. If DNS SRV is an option in your network, and you want availability messaging to be shared equally among all the servers used for availability information exchange, you must configure the SIP trunk for the Cisco Unified Presence server with a DNS SRV record of the Cisco Unified Presence publisher and subscriber servers. You must also configure the Presence Gateway on the Cisco Unified Presence server with a DNS SRV record of the Cisco Unified Communications Manager subscriber nodes.
Before You Begin
Configure the SIP Trunk security profile on Cisco Unified Communications Manager.
3-4
Chapter 3
Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence How to Configure the SIP Trunk on Cisco Unified Communications Manager
Read the Presence Gateway configuration options topic.
Procedure
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9
Select Cisco Unified Communications Manager Administration > Device > Trunk. Select Add New. Select SIP Trunk from the Trunk Type menu. Select SIP from the Device Protocol menu. Select None for the Trunk Service Type. Select Next. Enter CUPS-SIP-Trunk for the Device Name. Select a device pool from the Device Pool menu. In the SIP Information section at the bottom of the window, configure the following values:
a.
In the Destination Address field, enter the dotted IP address, or the FQDN (Fully Qualified Domain Name), or the DNS SRV record for the Cisco Unified Presence server.
Note
Check Destination Address is an SRV if you have configured a DNS SRV record for the Destination Address value.
b. c. d.
Enter 5060 for the Destination Port. Select Non Secure SIP Trunk Profile from the SIP Trunk Security Profile menu. Select Standard SIP Profile from the SIP Profile menu.
Step 10
Select Save.
If you modify the DNS entry of the Publish SIP Trunk SRV record by changing the port number or IP address, you must restart all devices that previously published to that address and ensure each device points to the correct Cisco Unified Presence contact.
Related Topics

Configuring the SIP Trunk Security Profile for Cisco Unified Presence, page 3-4 Configuring the SIP Publish Trunk on Cisco Unified Presence, page 6-48 Presence Gateway Configuration Option, page 6-38
What To Do Next
How to Configure Cisco IP PhoneMessenger on Cisco Unified Communications Manager, page 10-1 or About Configuring Cisco Unified Personal Communicator on Cisco Unified Communications Manager, page 11-10
3-5
Chapter 3 Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence Verifying That the Required Services are Running on Cisco Unified Communications Manager
Verifying That the Required Services are Running on Cisco Unified Communications Manager
Procedure
On Cisco Unified Communications Manager, select Cisco Unified Serviceability> Tools > Control Center - Feature Services. Select a Cisco Unified Communications Manager server from the Server menu. Make sure that the following services are running:

Cisco CallManager Cisco TFTP (if you are deploying Cisco Unified Personal Communicator softphone) Cisco CTIManager (if you are deploying Cisco Unified Personal Communicator in desk phone control mode) Cisco AXL Web Service (for data synchronization between Cisco Unified Presence and Cisco Unified Communications Manager)
To turn on a service on Cisco Unified Communications Manager, select Cisco Unified Serviceability> Tools > Service Activation.
3-6
CH A P T E R

November 21, 2011
About the Multi-Node Scalability Feature, page 4-1 About the Multi-Node Deployment Models, page 4-5 Scalability Options for Your Deployment, page 4-7 Cluster-Wide DNS SRV, page 4-9 Multi-Node Hardware Recommendations, page 4-9 About Clustering over WAN Deployments, page 4-10
About the Multi-Node Scalability Feature

Scalability Enhancements, page 4-1 Supported End Points, page 4-2 IM-Only Deployment, page 4-2 Performance Recommendations, page 4-2 High Availability Deployments, page 4-3 Subclusters, page 4-3 User Assignment, page 4-3 Server-Side Failback for Cisco Unified Personal Communicator 7.x Clients, page 4-4 Cisco Unified Personal Communicator Sign-In and Redirect, page 4-4 Clustering over WAN, page 4-4
Scalability Enhancements
The Cisco Unified Presence multi-node scalability feature supports the following:

Six nodes per cluster 15,000 users per cluster with maximum of 5000 users per node in a deployment with High Availability turned on
4-1
Chapter 4 About the Multi-Node Scalability Feature
30,000 users per cluster in a deployment with High Availability turned off 5000 users per node with a Cisco Unified IP Phone and a client (two end points per user, or 10,000 end points per node). A user can have a maximum contact list size of 200. Cisco Unified Presence continues to support intercluster deployments with the multi-node feature.
Supported End Points

The multi-node scalability feature supports the following end points:

Cisco Unified Communications Manager (desk phone) Cisco Unified Personal Communicator Release 8.x (XMPP client) Cisco Unified Personal Communicator Release 7.x (SIP client) Third-Party XMPP clients Cisco Unified Mobile Communicator Microsoft Office Communicator (Microsoft soft client) Lotus Sametime (Lotus soft client) Third-Party Interface clients
IM-Only Deployment
Cisco Unified Presence supports an IM-only deployment. This type of deployment supports up to 45,000 users in a Cisco Unified Presence cluster. An overview of the configuration steps required to set up an IM-only Cisco Unified Presence deployment is provided in the appendix of this guide.
Related Topic
Configuring Cisco Unified Presence for an IM-Only Deployment, page A-1
Performance Recommendations
You can achieve optimum performance with the multi-node feature when:
The resources on all Cisco Unified Presence servers are equivalent in terms of memory, disk size, and age. Mixing hardware classes results in servers that are under-powered, therefore resulting in poor performance. You deploy hardware that complies with the hardware recommendations. You configure a Balanced Mode deployment model. In this case, the total number of users is equally divided across all nodes in all subclusters. Cisco Unified Presence defaults to Balanced Mode user assignment to achieve optimum performance.
Related Topics

Multi-Node Hardware Recommendations, page 4-9 Balanced User Assignment Redundant High Availability Deployment, page 4-5
4-2
Chapter 4
Planning a Cisco Unified Presence Multi-Node Deployment About the Multi-Node Scalability Feature
High Availability Deployments

Cisco Unified Presence Release 8.5 (x) and later releases support High Availability deployments. Any earlier Cisco Unified Presence 8.0(x) releases do not support High Availability deployments. We recommend that you configure your Cisco Unified Presence deployments as High Availability deployments. Although mixed mode deployments are permitted, for example High Availability subclusters and non High Availability subclusters in a single deployment, we do not recommend this configuration. You must manually turn on High Availability in a subcluster. You can achieve a High Availability deployment by configuring the Balanced Mode (Redundant High Availability) or the Active/Standby Redundant High Availability deployment models, and turning on High Availability in your deployment.
Related Topics

Subclusters, page 4-3 Balanced User Assignment Redundant High Availability Deployment, page 4-5 Active/Standby User Assignment Redundant High Availability Deployment, page 4-6
Subclusters
The multi-node feature introduces the concept of a subcluster. A subcluster is a single Cisco Unified Presence server, or a pair of Cisco Unified Presence servers, where each node has an independent database and set of users operating with a shared availability database that is able to support common users. In a single-node deployment within a subcluster, there is no High Availability failover protection for users assigned to the node. In a dual-node deployment within a subcluster, if you turn on High Availability in the subcluster, users have failover protection; each node acts as a backup for the other node allowing clients to fail over in case of outages of components or nodes. When you turn on High Availability in a subcluster, all users in the subcluster have redundancy and full failover capabilities.
Related Topics

About High Availability Cisco Unified Presence Deployments, page 6-10 Creating Subclusters in System Topology, page 6-6
User Assignment
To allow users receive the availability and Instant Messaging (IM) services on Cisco Unified Presence, you must assign users to nodes, and subclusters, in your Cisco Unified Presence deployment. You can manually or automatically assign users in a Cisco Unified Presence deployment. You manage user assignment using the User Assignment Mode parameter on the Sync Agent on Cisco Unified Presence. If you select automatic user assignment, the Sync Agent assigns the users to all nodes in all subclusters in an attempt to balance the user assignment evenly across all nodes. You can also configure the Sync Agent to assign the total number of users to only the first (active) node of an subcluster. If you select manual user assignment, you must manually assign your users to nodes, and subclusters, using the System Topology interface in Cisco Unified Presence Administration.
4-3
Chapter 4 About the Multi-Node Scalability Feature
Related Topics

About the Multi-Node Deployment Models, page 4-5 User Assignment Mode Recommendations, page 6-5 Configuring User Assignment in System Topology, page 6-9
Server-Side Failback for Cisco Unified Personal Communicator 7.x Clients

Note
Server-side failback is not applicable to Cisco Unified Personal Communicator Release 8.x. Cisco Unified Presence provides server-side failback, which uses the same throttle mechanism as server failover. This feature detects when a failed Cisco Unified Presence server in a High Availability deployment comes back in service. It then sends terminating notify messages to Cisco Unified Personal Communicator clients that are failed over to initiate failback to their home node. Also, if a user is moved between nodes in the subcluster, the Cisco Unified Presence server sends terminating notify messages, and the client will sign out and sign in to the new node. To balance the load between two nodes in the subcluster, you can assign the users equally in each node.
Cisco Unified Personal Communicator Sign-In and Redirect

Cisco Unified Presence supports the ability to redirect a Cisco Unified Personal Communicator client application to the correct Cisco Unified Presence node (the node that the user is assigned to). This redirect occurs when the client application signs in. For example, if a Cisco Unified Presence cluster contains four nodes, publisher, subscriber1, subscriber2 and subscriber3. A Cisco Unified Personal Communicator user attempts to sign in to subscriber2 node, but this user is actually assigned to subscriber3 node. In this case, Cisco Unified Presence sends a response to the Cisco Unified Personal Communicator client requesting that the client signs in to subscriber3 node. The SOAP interface is responsible for this redirect functionality.
Note
Cisco Unified Presence does not support Cisco Unified Personal Communicator redirect across intercluster Cisco Unified Presence deployments.
Related Topic
AXL/SOAP Interface, page 1-3
Clustering over WAN

Cisco Unified Presence Release 8.5(x) or later releases support Clustering over WAN deployments. Any earlier Cisco Unified Presence 8.0(x) releases do not support Clustering over WAN.
Related Topic
About Clustering over WAN Deployments, page 4-10
4-4
Chapter 4
Planning a Cisco Unified Presence Multi-Node Deployment About the Multi-Node Deployment Models
About the Multi-Node Deployment Models

You need to consider how you are going to deploy the multi-node feature in your network. You configure your desired multi-node deployment model in Cluster Topology in Cisco Unified Presence Administration. Select System > Cluster Topology in Cisco Unified Presence Administration to access Cluster Topology. This module provides an overview of the deployment model options for the multi-node feature, and provides examples of these deployments on Cluster Topology. You only use Cluster Topology to configure your local Cisco Unified Presence cluster. See the intercluster peer module for information on configuring intercluster peer relationships with remote Cisco Unified Presence clusters.
Note
The High Availability deployment models described in this module are only applicable to Cisco Unified Presence Release 8.5.x or later releases.
Balanced User Assignment Redundant High Availability Deployment, page 4-5 Active/Standby User Assignment Redundant High Availability Deployment, page 4-6
Balanced User Assignment Redundant High Availability Deployment

You can achieve a balanced mode High Availability deployment by evenly balancing users across all nodes in the subcluster, but only using up to 35% of the CPU of each Cisco Unified Presence server. The balanced mode High Availability deployment option in a redundant mode supports up to fifteen thousand users per cluster. For example, if you have six Cisco Unified Presence nodes in your deployment, and fifteen thousand users, you assign 2.5 thousand users to each Cisco Unified Presence node. When you use the balanced mode High Availability deployment option in a redundant mode, as compared to a non-redundant mode, only half the number of users are assigned to each node. However, if one node fails, the other node will handle the full load of the additional 50% of users in the subcluster, even at peak traffic. In order to support this failover protection, you must turn on High Availability in each of the subclusters in your deployment. See Figure 4-1 for an example of this deployment model on Cluster Topology. In this example, there are 15,000 users in total, so 2500 users are evenly balanced across the six nodes.
4-5
Chapter 4 About the Multi-Node Deployment Models
Figure 4-1
Balanced User Assignment Non- Redundant High Availability Deployment
Related Topics

How to Configure the Cluster Topology on Cisco Unified Presence, page 6-3 User Assignment Mode Recommendations, page 6-5 Scalability Options for Your Deployment, page 4-7 How To Configure High Availability Cisco Unified Presence Deployments, page 6-19 For the hardware user assignment guidelines for the multi-node feature, see the Cisco Unified Presence compatibility matrices at this URL: http://www.cisco.com/en/US/products/ps6837/products_device_support_tables_list.html
Active/Standby User Assignment Redundant High Availability Deployment

For this deployment model, assign all your users to the active Cisco Unified Presence node, and none to the backup node. When you turn on High Availability in the subcluster, the backup node can handle all traffic from the active node if the active node fails. See Figure 4-2 for an example configuration for this deployment model on Cluster Topology. In this example, there are 15,000 users in total, so 5000 users are assigned to the first node of each subcluster.
4-6
Chapter 4
Planning a Cisco Unified Presence Multi-Node Deployment Scalability Options for Your Deployment
Figure 4-2
Active/Standby User Assignment High Availability Deployment
Related Topics

How to Configure the Cluster Topology on Cisco Unified Presence, page 6-3 User Redistribution, page 6-6 User Assignment Mode Recommendations, page 6-5 Scalability Options for Your Deployment, page 4-7 How To Configure High Availability Cisco Unified Presence Deployments, page 6-19 For the hardware user assignment guidelines for the multi-node feature, see the Cisco Unified Presence compatibility matrices at this URL: http://www.cisco.com/en/US/products/ps6837/products_device_support_tables_list.html
Scalability Options for Your Deployment

Cisco Unified Presence clusters can support up to six nodes. If you originally installed less than six nodes, then you can install additional nodes at any time. If you want to scale your Cisco Unified Presence deployment to support more users, you must consider the multi-node deployment model you have configured. Table 4-1 describes the scalability options for each multi-node deployment model.
4-7
Chapter 4 Scalability Options for Your Deployment
Table 4-1
Multi-node Scalability Options
Scalability Option Add a New Node to an Existing Subcluster Deployment Mode Balanced Non-Redundant High If you add a new node to an existing Availability Deployment subcluster, the new node can support the same number of users as the existing node; the subcluster can now support twice the number of users. It also provides balanced High Availability for the users on the existing node and the new node in that subcluster. Balanced Redundant High Availability Deployment If you add a new node to an existing subcluster, the new node can support the same number of users as the existing node; the subcluster can now support twice the number of users. It also provides balanced redundant High Availability for the users on the existing node and the new node in that subcluster. If you add a new node to a new subcluster, you can support more users in your deployment. This does not provide balanced High Availability for the users in the subcluster. To provide balanced High Availability, you must add a second node to the subcluster. If you add a new node to a new subcluster, you can support more users in your deployment. This does not provide balanced High Availability for the users in the subcluster. To provide balanced High Availability, you must add a second node to the subcluster. Add a New Node to a New Subcluster
Note
You may have to reassign your users within the subcluster, depending how many users were on the existing node. If you add a new node in a new subcluster, you can support more users in your deployment. This does not provide High Availability for the users in the subcluster. To provide High Availability, you must add a second node to the subcluster.
Active/Standby Redundant High Availability Deployment
If you add a new node to an existing subcluster, you provide High Availability for the users in the existing node in the subcluster. This provides a High Availability enhancement only; it does not increase the number of users you can support in your deployment.
Related Topics

About the Multi-Node Deployment Models, page 4-5 Expanding the Cluster, page 5-8
4-8
Chapter 4
Planning a Cisco Unified Presence Multi-Node Deployment Cluster-Wide DNS SRV
Cluster-Wide DNS SRV

For DNS configuration, you can define a cluster-wide Cisco Unified Presence address. The SIP Publish Trunk on Cisco Unified Communications Manager uses this address to load-balance SIP PUBLISH messages from Cisco Unified Communications Manager to all nodes in the Cisco Unified Presence cluster. Notably this configuration ensures that the initial SIP PUBLISH messages are load-balanced across all nodes in the Cisco Unified Presence cluster. This configuration also provides a High Availability deployment as, in the event of a node failing, DNS will route the SIP PUBLISH messages to the remaining nodes. The cluster-wide DNS configuration is not a required configuration. It is a suggested configuration that provides a method to load-balance the initial SIP PUBLISH messages across all nodes in the Cisco Unified Presence cluster. Cisco Unified Presence sends subsequent SIP PUBLISH messages for each device to the node where the user is homed on Cisco Unified Presence.
Related Topic
Configuring a Cluster-Wide Cisco Unified Presence Address, page 6-31
Multi-Node Hardware Recommendations

When configuring the multi-node feature, consider the following:

We recommend turning on High Availability in your deployment. Minimize your hardware, for example, instead of using six MCS 7825 servers that support a total of six thousand users, choose two MCS 7835 servers that can support a total of five thousand users. Use the same generation of server hardware. Use similar hardware for all nodes in your deployment. If you must mix generations of similar hardware, put the same generations of older hardware together in a subcluster and put fewer users on this subcluster than on the more powerful subclusters. Note that we do not recommend this deployment practice.
Warning
For multi-node deployments using mixed hardware (for example, UCS, MCS, or VMware), it is highly recommended that the subscriber and publisher nodes in the same subcluster have similar database size. If a significant difference in database size exists between the two nodes, you will receive an error during installation of the subscriber node.
Use the following disk drives for the multi-node feature:

MCS 7816: minimum one 160GB drive (a 250GB drive can also be used) MCS 7825: minimum two 160GB drives (two 250GB drives can also be used, upgrade required
from smaller 80GB drives)

MCS 7835: minimum two 146GB drives (upgrade required from smaller 72GB drives) MCS 7845: minimum four 72GB drives (upgrade recommended to four 146GB drives)
Note
The MCS 7845 with four 72GB drives can run the scalability feature, but this hardware with four 146GB drives is preferred.
4-9
Chapter 4 About Clustering over WAN Deployments
If you have older-generation hardware, follow the disk drive upgrade recommendations above. You must meet the minimal disk capacity on each server in the cluster in order to achieve scale.
Note
Upgrading drives will allow you to use older hardware in a multi-node cluster. However, we recommend that you use the latest hardware available for the multi-node feature because this hardware has more powerful CPU, more memory and faster input/output processing.
Related Topic
For a list of the supported hardware for the multi-node feature, and hardware user assignment guidelines for the multi-node feature, see the Cisco Unified Presence compatibility matrices at this URL: http://www.cisco.com/en/US/products/ps6837/products_device_support_tables_list.html
About Clustering over WAN Deployments

Cisco Unified Presence supports Clustering over WAN for intracluster and intercluster deployments.

WAN Bandwidth requirements, page 4-10 Intracluster Deployments over WAN, page 4-10 Local Failover, page 4-11 Subcluster Failure Detection, page 4-11 Method Event Routing, page 4-12 Multi-Node Configuration for Deployment over WAN, page 4-12 Bandwidth Considerations, page 4-12 External Database Recommendations, page 4-13 Intercluster Deployments over WAN, page 4-13
WAN Bandwidth requirements

At a minimum, you must dedicate five megabits per second of bandwidth for each Cisco Unified Presence subcluster, with no more than an eighty millisecond round-trip latency. If there are more than 10, 000 users spread across the WAN, 10 megabits of bandwidth is required. These bandwidth recommendations apply to both intracluster and intercluster WAN deployments. Any bandwidth less than this recommendation can adversely impact performance.
Note
Each Cisco Unified Presence subcluster that you add to your Clustering over WAN deployment requires an additional (dedicated) five megabits per second bandwidth.
Intracluster Deployments over WAN

Cisco Unified Presence supports intracluster deployments over WAN, using the bandwidth recommendations provided in this module. Cisco Unified Presence supports a single subcluster geographically split over WAN, where one node in the subcluster is in one geographic site and the second node in the subcluster is in another geographic location.
4-10
Chapter 4
Planning a Cisco Unified Presence Multi-Node Deployment About Clustering over WAN Deployments
This model can provide geographical redundancy and remote failover, for example failover to a backup Cisco Unified Presence node on a remote site. With this model, the Cisco Unified Presence server does not need to be co-located with the Cisco Unified Communications Manager publisher server. The Cisco Unified Personal Communicator client can be either local or remote to the Cisco Unified Presence server. This model also supports High Availability for the Cisco Unified Personal Communicator Release clients, where the clients fail over to the remote peer Cisco Unified Presence node if the services or hardware fails on the home Cisco Unified Presence node. When the failed node comes online again, the clients automatically reconnect to the home Cisco Unified Presence node. When you deploy Cisco Unified Presence over WAN with remote failover, note the following restrictions:
This model only supports High Availability at the system level. Certain Cisco Unified Presence components may still have a single point of failure. These components are the Cisco UP Sync Agent, Cisco Intercluster Sync Agent, and Cisco Unified Presence Administration interface. This model supports High Availability for the Cisco Unified Personal Communicator Release 7.x and Release 8.5.
Cisco Unified Presence also supports multiple subclusters in a Clustering over WAN deployment. For information on scale for a Clustering over WAN deployment, see the Cisco Unified Presence SRND.
Related Topic
Cisco Unified Presence Solution Reference Network Design (SRND): http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/uc7_0.html
Local Failover
You can also deploy Cisco Unified Presence over WAN where one subcluster is located in one geographic site, and a second subcluster is located in another geographic site. The subcluster can contain a single node, or a dual node for High Availability between the local nodes. This model provides no failover between geographic sites.
Subcluster Failure Detection

Cisco Unified Presence supports a failure detection mechanism for a subcluster. Each node in the subcluster monitors the status, or heartbeat, of the peer node. You can configure the heartbeat connection and heartbeat intervals on Cisco Unified Presence by selecting Cisco Unified Presence Administration > System > Service Parameters > Cisco UP Config Agent (service). In the section General Cisco UP Config Agent Parameters (Clusterwide), configure the following parameters:
Heart Beat Interval: This parameter specifies how often in seconds the Cisco UP Config Agent sends a heartbeat message to the peer Cisco UP Config Agent in the same subcluster. The heartbeat is used to determine network availability. The default value is 60 seconds. Connect Timeout: This parameter specifies how long in seconds the Cisco UP Config Agent waits to receive a response from a connection request to the peer Cisco UP Config Agent. The default value is 30 seconds.
Note
We recommend that you configure these parameters with the default values.
4-11
Method Event Routing

When you deploy Cisco Unified Presence over WAN we recommend that you configure TCP method event routing on Cisco Unified Presence. Select Cisco Unified Presence Administration > Presence > Routing > Method/Event Routing to configure method event routes.
Multi-Node Configuration for Deployment over WAN

When you configure the Cisco Unified Presence multi-node feature for an intracluster deployment over WAN, configure the Cisco Unified Presence subcluster, nodes and user assignment as described in the multi-node section, but note the following recommendations:
For optimum performance, we recommend that you assign the majority of your users to the home Cisco Unified Presence node. This deployment model decreases the volume of messages sent to the remote Cisco Unified Presence server over WAN, however the failover time to the secondary node depends on the number of users failing over. If you wish to configure a High Availability deployment model over WAN, you can configure a subcluster-wide DNS SRV address. In this case Cisco Unified Presence sends the initial PUBLISH request message to the node specified by DNS SRV and the response message indicates the host node for the user. Cisco Unified Presence then sends all subsequent PUBLISH messages for that user to the host node. Before configuring this High Availability deployment model, you must consider if you have sufficient bandwidth for the potential volume of messages that may be sent over the WAN.
Related Topics

Intracluster Deployments over WAN, page 4-10 Performing a Cisco Unified Presence Multi-Node Deployment, page 5-1 Cisco Unified Presence Solution Reference Network Design (SRND): http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/uc7_0.html
Bandwidth Considerations
When you calculate the bandwidth requirements for your Clustering over WAN deployment, consider the following:
In your bandwidth considerations, you must include the normal bandwidth consumption of a Cisco Unified Communications Manager cluster. If you configure multiple nodes, Cisco Unified Communications Manager uses a round-robin mechanism to load balance SIP/SIMPLE messages, which consumes more bandwidth. To improve performance and decrease traffic, you could provision a single dedicated Cisco Unified Communications Manager node for all SIP/SIMPLE messages sent between Cisco Unified Presence and Cisco Unified Communications Manager. In your bandwidth considerations, we also recommend that you consider the number of contacts in the contact list for a Cisco Unified Personal Communicator user, and the size of user profiles on Cisco Unified Presence. See the Cisco Unified Presence SRND for recommendations regarding the size of a contact list when you deploy Cisco Unified Presence over WAN. Note also that the maximum contact list size on Cisco Unified Presence is 200, so you need to factor this in to your bandwidth considerations for systems with large numbers of users.
Related Topic
Cisco Unified Presence Solution Reference Network Design (SRND):
4-12
Chapter 4
Planning a Cisco Unified Presence Multi-Node Deployment About Clustering over WAN Deployments
http://www.cisco.com/go/designzone
External Database Recommendations

If you configure external database server(s) in your Clustering over WAN deployment, we recommend that you co-locate the external database server(s) with the Cisco Unified Presence servers that will use the external database server(s).
Related Topic
Database Setup Guide for Cisco Unified Presence http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_list.ht ml
Intercluster Deployments over WAN

Cisco Unified Presence supports intercluster deployments over WAN, using the bandwidth recommendations provided in this module.
Related Topics

WAN Bandwidth requirements, page 4-10 Configuring a Cisco Unified Presence Intercluster Deployment, page 15-1
4-13
4-14
CH A P T E R
Performing a Cisco Unified Presence Multi-Node Deployment

November 21, 2011
Cisco UP Replication Watcher Service, page 5-1 Performing a Fresh Multi-Node Installation, page 5-3 How to Update a Multi-Node Configuration after Deployment, page 5-6 How to Troubleshoot a Multi-Node Deployment, page 5-9
Note
The purpose of this module is to provide the user with the recommended sequence of high-level tasks for installing and configuring the multi-node feature.
Cisco UP Replication Watcher Service

Note
This section is only applicable to Cisco Unified Presence Release 8.5.x or higher. The Cisco UP Replication Watcher monitors IDS replication state on Cisco Unified Presence. Other Cisco Unified Presence services are dependent on the Cisco UP Replication Watcher service. These dependent services use the Cisco UP Replication Watcher service to delay startup until such time as IDS replication is in a stable state. On the subscriber nodes, the Cisco UP Replication Watcher service delays the startup of feature services until IDS replication is successfully established. The Cisco UP Replication Watcher service only delays the startup of feature services on the problem subscriber node in a cluster, it will not delay the startup of feature services on all subscriber nodes due to one problem node. For example, if IDS replication is successfully established on node1 and node2, but not on node3, the Cisco UP Replication Watcher service allows feature services to start on node1 and node2, but delays feature service startup on node3. The Cisco UP Replication Watcher service behaves differently on the publisher node. It only delays the startup of feature services until a timeout expires. When the timeout expires, it allows all feature services to start on the publisher node even if IDS replication is not successfully established. The Cisco UP Replication Watcher service generates an alarm when it delays feature service startup on a node. It then generates a notification when IDS replication is successfully established on that node.
5-1
Chapter 5 Cisco UP Replication Watcher Service
The Cisco UP Replication Watcher service impacts both a fresh multi-node installation, and a software upgrade procedure. Both will only complete when the publisher and subscriber nodes are running the same Cisco Unified Presence release, and IDS replication is successfully established on the subscriber nodes. To check the status of the IDS replication on a node either:
Use this CLI command:

utils dbreplication runtimestate
Use the Cisco Unified Reporting Tool (CURT). The Unified CUP Database Status report displays a detailed status of the cluster.
Related Topics

Performing a Fresh Multi-Node Installation, page 5-3 Upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.5(x), page 5-5
5-2
Chapter 5
Performing a Cisco Unified Presence Multi-Node Deployment Performing a Fresh Multi-Node Installation
Performing a Fresh Multi-Node Installation

We recommend that you follow this sequence of tasks when you are configuring your multi-node Cisco Unified Presence deployment. You configure the Cisco Unified Presence multi-node feature, and manage your subclusters, nodes and users in Cluster Topology in Cisco Unified Presence Administration. Select System > Cluster Topology in Cisco Unified Presence Administration to access Cluster Topology. You can create the subscriber nodes in your topology before you install these subscriber nodes, specifically before you install the Cisco Unified Presence software on these nodes. However, you cannot assign these subscriber nodes to a subcluster before you install Cisco Unified Presence software on these subscriber nodes.
Before You Begin

Determine the type of multi-node deployment model that you are going to configure. Perform the multi-node configuration for your Cisco Unified Presence deployment on the Cisco Unified Presence publisher node.
Restriction
Your hardware must comply with the multi-node hardware recommendations.

Procedure
Install and configure the Cisco Unified Presence publisher node (the first server in the Cisco Unified Presence cluster). (On the publisher node) In Cluster Topology, create all subclusters and nodes in the cluster. (On the publisher node) In Cluster Topology, associate each of the subscriber nodes in the cluster with the publisher node. Install and configure each of the subscriber nodes in the cluster. (On the publisher node) In Cluster Topology, assign these nodes to the subcluster arrangement as required.
Note
Before you assign or move a node to a subcluster, check the following

From System troubleshooter page, verify that the Cisco UP Replication Watcher service is running on all nodes. On the Network services screen in Cisco Unified Serviceability (on the subscriber node), verify that all Cisco Unified Presence services are running.
Step 6 Step 7
If you install Cisco Unified Presence Release 8.5.x, turn on High Availability in the subclusters as required. When you have installed all the Cisco Unified Presence nodes in the cluster, turn on the Sync Agent service on the publisher node to synchronize with the Cisco Unified Communications Manager user and device configuration information. When the synchronization is complete, turn on the Cisco UP Presence Engine and the Cisco IP SIP Proxy services, and verify that the Cisco UP XCP Router service is turned on.
Step 8
5-3
Chapter 5 About Upgrade Notes and Recommendations
Step 9
Turn on the XCP services applicable to the features in your deployment. Refer to the documentation for those features to determine what XCP services you must turn on.
Troubleshooting Topics

The Cisco UP XCP Router must be running for all availability services to function properly on Cisco Unified Presence (both SIP-based and XMPP-based client messaging). Before you perform the installation of a subscriber Cisco Unified Presence node, you must associate the subscriber node in the Cluster Topology view of the publisher node. Do not assign the subscriber node to a subcluster until after you install it. If you assign a subscriber Cisco Unified Presence node to a subcluster prior to installing it, users in remote clusters will not receive availability information. An availability outage will occur until you install the subscriber node. If you move a node before you start the Cisco Unified Presence services under the Network Services in the Serviceability interface, there is a possibility that users will not be able to sign in to Cisco Unified Personal Communicator. If this scenario occurs, restart the Cisco UP Client Profile Agent service (in Network Services). If you install Cisco Unified Presence Release 8.5.x, note the following:
You must turn off High Availability in a subcluster before you move or unassign a node in that
subcluster.
Cisco UP Replication Watcher service delays feature service startup on subscriber nodes if IDS
replication is not successfully established.

What To Do Next
(On the publisher node) Configure any intercluster peer relationships with remote Cisco Unified Presence clusters.
Related Topics

Planning a Cisco Unified Presence Multi-Node Deployment, page 4-1 Creating Subclusters in System Topology, page 6-6 Creating, Assigning and Moving Nodes in System Topology, page 6-7 Configuring User Assignment in System Topology, page 6-9 How To Configure High Availability Cisco Unified Presence Deployments, page 6-19 How to Turn On the Cisco Unified Presence Services, page 6-49 Configuring a Cisco Unified Presence Intercluster Deployment, page 15-1 Cisco UP Replication Watcher Service, page 5-1 Installation and Upgrade Guide for Cisco Unified Presence
About Upgrade Notes and Recommendations

Upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.0(x), page 5-5 Upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.5(x), page 5-5
5-4
Chapter 5
Performing a Cisco Unified Presence Multi-Node Deployment About Upgrade Notes and Recommendations
Upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.0(x)

If you upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.0(x), note the following:

You require a new software version license for each Cisco Unified Presence cluster in your deployment. Upload this license to the publisher node in a cluster. Cisco Unified Presence Release 8.0(x) supports 15000 users per cluster. If, when you upgrade, you will be left with a number of unsupported users, we recommended that you unlicense these surplus users on Cisco Unified Communications Manager before you perform the upgrade. If you have 15,000 users across six nodes in an active standby deployment, you can delete the unused nodes from the topology, either before or after the upgrade. We recommend that you delete unused nodes as they increase the serviceability overhead of your deployment. If you deploy the active/standby user assignment model in Cisco Unified Presence Release 7.0(x), and you upgrade to Cisco Unified Presence Release 8.0(x), where the active/standby model no longer supports failover, we recommend that you redistribute (rebalance) your users across the cluster. If you have 15,000 users across six nodes in a balanced deployment, after you upgrade you can either move your users to three nodes and delete the unused nodes, or retain the deployment as is. The default value for the maximum number of contacts is 200, however you can configure this to a higher value, or configure 0 to set it to unlimited value. After you perform the upgrade, check that the contact list size for users has not reached the maximum value. If you have a large number of contacts per user, the number of users that a Cisco Unified Presence node supports is reduced. Cisco Unified Presence Release 8.x does not permit the underscore character (_) in the Cluster ID value. If you perform an upgrade to Cisco Unified Presence Release 8.x, make user the Cluster ID value does not contain this character. Cisco Unified Presence migrates contact lists for users during the upgrade. Cisco Unified Presence synchronizes the contacts lists across SIP (via SOAP) and XMPP clients. Note the following:
Cisco Unified Presence does not synchronize empty groups until a contact is added to the group. Cisco IP Phone Messenger users must sign out and sign in to receive dynamic contact list
synchronization.
After the upgrade, request that all Cisco Unified Personal Communicator users in the local and remote cluster sign out, and sign back in to the application.
Related Topics

Configuring the SIP Publish Trunk on Cisco Unified Presence, page 6-48 How to Perform Intercluster Upgrades, page 15-7 Viewing or Configuring the Cluster ID, page 6-30
Upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.5(x)

If you upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.5(x), note the following:

You require a new software version license for each Cisco Unified Presence cluster in your deployment. Upload this license to the publisher node in a cluster. To support High Availability deployments, you need to manually turn on High Availability in each subcluster in the cluster topology.
5-5
Chapter 5 How to Update a Multi-Node Configuration after Deployment
The default value for the maximum number of contacts is 200, however you can configure this to a higher value, or configure 0 to set it to unlimited value. After you perform the upgrade, check that the contact list size for users has not reached the maximum value. If you have a large number of contacts per user, the number of users that a Cisco Unified Presence node supports is reduced. Cisco Unified Presence migrates contact lists for users during the upgrade. Cisco Unified Presence synchronizes the contacts lists across SIP (via SOAP) and XMPP clients. Note the following:
Cisco Unified Presence does not synchronize empty groups until a contact is added to the group. Cisco IP Phone Messenger users must sign out and sign in to receive dynamic contact list
synchronization.

After the upgrade, request that all Cisco Unified Personal Communicator users in the local and remote cluster sign out, and sign back in to the application. During a software upgrade, the Cisco UP Replication Watcher service delays feature service startup on subscriber nodes if IDS replication is not successfully established. Cisco Unified Presence Release 8.x does not permit the underscore character (_) in the Cluster ID value. If you perform an upgrade to Cisco Unified Presence Release 8.x, make user the Cluster ID value does not contain this character.
Related Topics

How To Configure High Availability Cisco Unified Presence Deployments, page 6-19 Cisco UP Replication Watcher Service, page 5-1 Viewing or Configuring the Cluster ID, page 6-30
How to Update a Multi-Node Configuration after Deployment

Performing a Software Upgrade, page 5-6 Adding a New Node, page 5-7 Expanding the Cluster, page 5-8
Performing a Software Upgrade

Caution
If you perform an upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.0(x) or from Release 7.0(x) to Release 8.5(x) on one, or both, of the clusters in an intercluster deployment, you must follow the recommended upgrade procedure in How to Perform Intercluster Upgrades, page 15-7.
Restrictions

Procedure
Step 1
Upgrade the Cisco Unified Presence publisher node. Do not switch the software to the new software release at this point.
5-6
Chapter 5
Performing a Cisco Unified Presence Multi-Node Deployment How to Update a Multi-Node Configuration after Deployment
Step 2 Step 3 Step 4 Step 5
Upgrade each subscriber node in the cluster. Again, do not switch the software version to the new software release at this point. Switch the software to the new software release on the publisher node. Wait until the publisher node has successfully restarted (is at the signin prompt) before you proceed to the next step. On the subscriber nodes, sequentially switch the software to the new software release one node at a time. Once the first subscriber has restarted and has come back online with the new software release, switch the software release on the next subscriber node. Wait until each subscriber node has successfully restarted (is at the signin prompt) before you proceed with the software switch on the next subscriber node. Repeat Step 5 until the new software release is running on all subscriber nodes. If you upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.x, on each subscriber node you must restart the Presence Engine service once the database replication is active on the node. Run the "utils dbreplication runtimestate" CLI command (on the publisher or subscriber node) to check if the database replication is active on a node. If database replication is active on all nodes, the output lists all the nodes and the replication setup value for each node is 2.
Step 6 Step 7
If you upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.x, perform the following steps:
Check that the contact list size for users has not reached the maximum value. The System Troubleshooter in Cisco Unified Presence Administration indicates if there are users who have reached the contact list limit. Request that all Cisco Unified Personal Communicator users in the local and remote cluster sign out, and sign back in to the application.
Related Topics

Multi-Node Hardware Recommendations, page 4-9 How to Perform Intercluster Upgrades, page 15-7 User Redistribution, page 6-6 Configuring the SIP Publish Trunk on Cisco Unified Presence, page 6-48 Installation and Upgrade Guide for Cisco Unified Presence For information on performing a software upgrade from Cisco Unified OS Administration, see the Cisco Unified Operating System Maintenance Guide for Cisco Unified Presence at this URL: http://www.cisco.com/en/US/products/ps6837/prod_maintenance_guides_list.html
Adding a New Node

Follow this procedure if you need to add new nodes after a multi-node deployment is running. You can create the new node in your topology before you install the node, specifically before you install the Cisco Unified Presence software on the new node. However, you cannot assign the new node to a subcluster before you install Cisco Unified Presence software on the new node.
Restrictions
5-7
Chapter 5 How to Update a Multi-Node Configuration after Deployment
Procedure
Create a new subcluster in Cluster Topology (if required). Create a new node in Cluster Topology. Install the Cisco Unified Presence software on the new node. See the Installation Guide for Cisco Unified Presence for the installation procedure. Assign the node to the subcluster (if required).
Step 4
Note

Cisco Unified Presence assigns the node to the cluster, but the node will not receive traffic until you assign users to it.
Step 5 Step 6
Turn on High Availability in the subclusters as required. Assign users from other nodes to the new node as required.
Related Topics

Multi-Node Hardware Recommendations, page 4-9 Creating Subclusters in System Topology, page 6-6 Creating, Assigning and Moving Nodes in System Topology, page 6-7 Configuring User Assignment in System Topology, page 6-9 How To Configure High Availability Cisco Unified Presence Deployments, page 6-19
Expanding the Cluster

Restrictions

Your hardware must comply with the multi-node hardware recommendations. We strongly recommend that you perform any node movements that involve you unassigning or moving a large numbers of users at off peak times. Such large operations can adversely impact performance.
Procedure
Create the new subcluster(s) in Cluster Topology (if required). Create the new nodes in Cluster Topology. Install each new node.
5-8
Chapter 5
Performing a Cisco Unified Presence Multi-Node Deployment How to Troubleshoot a Multi-Node Deployment
Step 4
Assign the nodes to the (new) subclusters.
Note

Step 5 Step 6
Turn on High Availability in the subclusters as required. Once all the nodes are online, assign users to the new nodes using the following user assignment options:

Using the Find User Assignment feature, unassign selected users from each node, and use the User Assignment Mode parameter to reassign new users to new subcluster(s) and nodes. Using the Find User Assignment feature, manually move users to new nodes. Unassign all users, and then reassign the users to the cluster using the appropriate User Assignment Mode parameter setting for the whole cluster.
You must turn off High Availability in a subcluster before you move or unassign a node in that subcluster.
Related Topics

Multi-Node Hardware Recommendations, page 4-9 Creating Subclusters in System Topology, page 6-6 Creating, Assigning and Moving Nodes in System Topology, page 6-7 Configuring User Assignment in System Topology, page 6-9 How To Configure High Availability Cisco Unified Presence Deployments, page 6-19
How to Troubleshoot a Multi-Node Deployment

Monitoring a Multi-Node System, page 5-9 Resolving a Hardware Problem, page 5-10
Monitoring a Multi-Node System

Restriction
If you need to add hardware to your multi-node deployment, the hardware must comply with the multi-node hardware recommendations.
5-9
Chapter 5 How to Troubleshoot a Multi-Node Deployment
Procedure
Step 1 Step 2
Use the Cisco Unified Presence Real-Time Monitoring Tool (RTMT) tool to monitor the CPU and memory usage of each Cisco Unified Presence node in the cluster. Use these guidelines to determine if you need additional hardware: Deployment Model Recommendation
No High Availability or Balanced Non-Redundant If the CPU reaches more than 70% capacity for a High Availability sustained period on any Cisco Unified Presence node, we recommend that you add hardware resources to your deployment. Balanced Redundant High Availability If the CPU reaches more than 35% capacity over a sustained period on either Cisco Unified Presence node in the subcluster, we recommend that you add hardware resources to your deployment. If the CPU reaches more than 70% capacity for a sustained period of time on the active Cisco Unified Presence node, we recommend that you add hardware resources to your deployment.
Active/Standby High Availability
Related Topics

Multi-Node Hardware Recommendations, page 4-9 About the Multi-Node Deployment Models, page 4-5 For information on using the RTMT tool, see the Serviceability Configuration and Maintenance Guide for Cisco Unified Presence.
Resolving a Hardware Problem

Follow this procedure if there is a problematic server, or some general hardware failure.
Restrictions
If you need to add hardware to your multi-node deployment, the hardware must comply with the multi-node hardware recommendations.
Procedure
Create a new node in Cluster Topology. Perform a fresh installation on this node. Unassign the users from the problematic node. Stop all services on the problematic node. Unassign the problematic node.
5-10
Chapter 5
Performing a Cisco Unified Presence Multi-Node Deployment How to Troubleshoot a Multi-Node Deployment
Assign the new node to the subcluster, replacing the problematic node. Reassign the unassigned users to the new node. Delete the problematic node. Activate all services on the new node.
You must turn off High Availability in a subcluster before you move or unassign a node in that subcluster.
Related Topics

Multi-Node Hardware Recommendations, page 4-9 Creating, Assigning and Moving Nodes in System Topology, page 6-7 Configuring User Assignment in System Topology, page 6-9
5-11
Chapter 5 How to Troubleshoot a Multi-Node Deployment
5-12
CH A P T E R

November 21, 2011
About Configuration Changes and Service Restart Notifications, page 6-1 Restarting the Cisco UP XCP Router Service, page 6-2 How to Configure the Cluster Topology on Cisco Unified Presence, page 6-3 About High Availability Cisco Unified Presence Deployments, page 6-10 How To Configure High Availability Cisco Unified Presence Deployments, page 6-19 How to Configure the Cluster-Wide Routing Information on Cisco Unified Presence, page 6-26 How to Configure Static Routes on Cisco Unified Presence, page 6-33 Uploading the Licences on Cisco Unified Presence, page 6-32 How to Configure the Presence Gateway on Cisco Unified Presence, page 6-38 How To Configure the Authorization Policy on Cisco Unified Presence, page 6-39 How To Configure the Availability Settings on Cisco Unified Presence, page 6-42 How to Configure the Instant Messaging Settings on Cisco Unified Presence, page 6-46 Configuring the SIP Publish Trunk on Cisco Unified Presence, page 6-48 Configuring the Proxy Server Settings, page 6-49 How to Turn On the Cisco Unified Presence Services, page 6-49
About Configuration Changes and Service Restart Notifications

Service Restart Notifications, page 6-1 Cisco UP XCP Router Restart, page 6-2
Service Restart Notifications

If you make a configuration change in Cisco Unified Presence Administration that impacts a Cisco Unified Presence XCP service, you will need to restart XCP services for your changes to take effect. Cisco Unified Presence notifies you of exactly which node the configuration change impacts and of any service that you must restart. An Active Notifications popup window displays on each page of Cisco
6-1
Chapter 6 Restarting the Cisco UP XCP Router Service
Unified Presence Administration to serve as a visual reminder that you must restart services. Use your mouse to hover over the dialog bubble icon to see the list of active notifications (if any) and associated severity levels. From the list of active notifications you can go directly to Cisco Unified Serviceability, where you can restart the required service. The topics in this module indicate if you need to perform a service restart, however it is good practice to monitor the service restart popup window for these notifications, particularly if you make any configuration changes after you deploy Cisco Unified Presence in the network. See the Online Help topic on Service Restart Notifications for information on types service notifications, and the service notification security levels.
Related Topic
Cisco UP XCP Router Restart, page 6-2
Cisco UP XCP Router Restart

The Cisco UP XCP Router must be running for all availability and messaging services to function properly on Cisco Unified Presence. This applies to both SIP-based and XMPP-based client messaging. If you restart the Cisco UP XCP Router, Cisco Unified Presence automatically restarts all active XCP services. The topics in this module indicate if you need to restart the Cisco UP XCP Router following a configuration change. Note that you must restart the Cisco UP XCP Router, not turn off and turn on the Cisco UP XCP Router. If you turn off the Cisco UP XCP Router, rather than restart this service, Cisco Unified Presence stops all other XCP services. Subsequently when you then turn on the XCP router, Cisco Unified Presence will not automatically turn on the other XCP services; you need to manually turn on the other XCP services.
Related Topic
Restarting the Cisco UP XCP Router Service, page 6-2
Restarting the Cisco UP XCP Router Service

Procedure
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6
On Cisco Unified Presence, select Cisco Unified Serviceability > Tools > Control Center - Network Services. Select the server from the Server list box. Select Go. Select the radio button next to the Cisco UP XCP Router service in the CUP Services section. Select Restart. Select OK. when a message indicates that restarting may take a while.
Related Topics
Service Restart Notifications, page 6-1
6-2
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network How to Configure the Cluster Topology on Cisco Unified Presence
How to Configure the Cluster Topology on Cisco Unified Presence

This module is only applicable if you are deploying the multi-node feature. When you configure the multi-node feature, note the following:

Perform the system topology configuration on the Cisco Unified Presence publisher node. Before configuring the system topology, read the multi-node planning and deployment information for best practice information on configuring this type of deployment.
Caution
Only use the system topology interface to configure your local Cisco Unified Presence cluster. See the intercluster peer module for information on configuring intercluster peer relationships with remote Cisco Unified Presence clusters.
About Subcluster, Node and User Management Recommendations, page 6-3 Creating Subclusters in System Topology, page 6-6 Creating, Assigning and Moving Nodes in System Topology, page 6-7 Configuring User Assignment in System Topology, page 6-9
About Subcluster, Node and User Management Recommendations

Node Creation and Movement Recommendations, page 6-3 Node Name Recommendations, page 6-4 User Assignment Mode Recommendations, page 6-5 Manual User Assignment Recommendations, page 6-5 User Redistribution, page 6-6
Node Creation and Movement Recommendations

When you create nodes in Cluster Topology you can:

Assign the nodes to a subcluster in Cisco Unified Presence, or allow the nodes to remain unassigned. These states are interchangeable. Assign Cisco Unified Presence users to the nodes, or allow the nodes to remain without any user assignments. Turn on or off High Availability on a subcluster. See the section about configuring High Availability deployments later in this chapter. Move a node from one subcluster to another if the node is assigned, has no users and highavailability is turned off in the subcluster. Move a node from one subcluster to another if the node is assigned and has no users.
6-3
Chapter 6 How to Configure the Cluster Topology on Cisco Unified Presence
Configure real pingable nodes, or logical nodes which can be installed later and which remain inaccessible until that time. Unassign the users, move the node, and then reassign the users to the node. Note that when you unassign the users, they will lose service. Create a logical node and move the users to the logical node. Move the node, reassign the users to the node, and remove the logical node.
To move nodes with users assigned, perform one of the following actions:

Note
Remove all users from a node before you unassign or move it. Turn off High Availability in the subcluster before you unassign or move a node in that subcluster. We strongly recommend that you perform any node movements that involve unassigning or moving a large numbers of users at off peak times. Such large operations can adversely impact performance.
Related Topics

Node Name Recommendations, page 6-4 User Assignment Mode Recommendations, page 6-5 Creating, Assigning and Moving Nodes in System Topology, page 6-7
Node Name Recommendations

By default, the name for a node is the hostname that you configure during the Cisco Unified Presence installation. For example, if the hostname of your Cisco Unified Presence node is calledcup1, the node name is cup1. You can change the node name to the dotted IP address or the FQDN, for example, "192.168.0.1" or "cup1.acme.com". If you change the default name for the node, note the following:

You must be able to resolve the hostname or the FQDN from the Cisco Unified Presence server, and Cisco Unified Personal Communicator client computers. If either Cisco Unified Presence server or the Cisco Unified Personal Communicator client computer cannot resolve the hostname or the FQDN, configure the IP address for the node name value. To test the name resolution from the Cisco Unified Presence server, use the command
utils network ping <node_name>
To test the name resolution from the Cisco Unified Personal Communicator client computer, use the command
ping <node_name>
If your network uses DNS that can map to IPv4 addresses, you can enter the Cisco Unified Presence hostname. Otherwise, you must enter the full IPv4 address of the Cisco Unified Presence server.
Related Topics

Node Creation and Movement Recommendations, page 6-3 Creating, Assigning and Moving Nodes in System Topology, page 6-7 Changing the IP Address and Hostname for Cisco Unified Presence Release 8.x
6-4
Chapter 6
User Assignment Mode Recommendations

You can manually or automatically assign users in a Cisco Unified Presence deployment. Use the User Assignment Mode parameter on the Sync Agent to manage user assignment on Cisco Unified Presence:
If set to Balanced, Cisco Unified Presence divides all users equally across all nodes in all subclusters. Use this user assignment mode for the Balanced Mode Non-Redundant High Availability and the Balanced Mode Redundant High Availability deployment options. If set to Active/Standby, Cisco Unified Presence assigns all users only to the first node of a subcluster. If there is only a single node in the subcluster, Cisco Unified Presence uses this node for assignment regardless of the location of the node within the subcluster. If set to None, you must manually assign your users to nodes in Cluster Topology.
Note
If all the hardware in your cluster is of the same generation and has the same capacity, set the User Assignment Mode to Balanced. If you have hardware of mixed generations and capacities in a node, set the User Assignment Mode to None. Manually assign your users making sure that each server is not loaded beyond capacity.
Related Topics

Manual User Assignment Recommendations, page 6-5 Turning On the Sync Agent, page 6-49
Manual User Assignment Recommendations

If you choose to manually assign users in Cluster Topology, note the following:

You can manually unassign, assign or reassign users. You can assign users to a single node, and you can also distribute groups of users across the node, or nodes, in a cluster, or a given subcluster. If you assign a user to one of the nodes in a subcluster, the other node in the subcluster can become the backup (redundant) node for the user if you turn on High Availability for the subcluster. If you do not configure a backup node in the subcluster, and you do not turn on High Availability for the subcluster, the user does not have High Availability failover protection. Users who are assigned may be reassigned, that is, moved to another subcluster, or to a specific node. You can move users individually or in bulk. Users can remain unassigned. Unassigned users do not receive availability information.
Note
We recommend that you only reassign a user (assign a user that was previously unassigned) if the Cisco UP Presence Engine is running on all nodes in your cluster, otherwise Cisco Unified Presence will not reestablish the presence subscriptions to and from this user. When you are assigning users, note the following:

You can only assign users if they are licensed. Unassigning or reassigning users results in termination of active sessions. In such instances, clients must reconnect to the new location. You can export users in bulk using the Bulk Administration Tool (BAT). You can also use BAT to perform bulk user reassignment from one node to another.
6-5
Generally we recommend that you take the Cisco UP Presence Engine and Cisco UP SIP Proxy services offline when performing bulk operations. Note that taking these services offline will adversely impact performance.
Related Topics

User Assignment Mode Recommendations, page 6-5 Configuring User Assignment in System Topology, page 6-9 Turning On or Off High Availability for a Subcluster, page 6-20 User Redistribution, page 6-6
User Redistribution
Note
If you turn on High Availability in a subcluster, be aware that Cisco Unified Presence does not redistribute users to nodes that are in a failover states; the valid node states that support user redistribution are Normal and Running in Backup Mode. If you rebalance your users, you must reconfigure the upper and lower client re-login limit values based on the HA login profile tables, refer to the High Availability Client Login Profiles, page B-1.
After adding or removing nodes, you can redistribute users using the Rebalance Users parameter in Cluster Topology. This parameter redistributes users based on the configured User Assignment mode. These are examples of how you can use the Rebalance Users parameter with the User Assignment mode to manage user assignment:
Scenario A: The customer has a subcluster with two nodes, and each node contains 5000 users. The User Assignment mode is set to Balanced. The customer then adds a second subcluster with two nodes, and sets the Rebalance Users parameter. Cisco Unified Presence distributes the users evenly to the four nodes so that each node now has 2500 users. Scenario B: The customer has a subcluster with two nodes, and each node contains 2500 users. The User Assignment mode is set to Balanced. The customer wants to add a second subcluster with two nodes, but also wants to change the User Assignment mode to Active/Standby. The customer changes the mode to Active/Standby, whereby all 5000 users are redistributed to the first node in the subcluster. The customer then adds a second subcluster with two nodes, and sets the Rebalance Users parameter. Cisco Unified Presence evenly distributes the users across both first nodes in each subcluster. Each first node now has 2500 users.
We strongly recommend that you perform any node movements that involve unassigning or moving a large numbers of users at off peak times. Such large operations can adversely impact performance.
Related Topics

Node Creation and Movement Recommendations, page 6-3 Configuring User Assignment in System Topology, page 6-9
Creating Subclusters in System Topology

The system automatically assigns the first Cisco Unified Presence node that you install as the publisher node. After you install the publisher node, create the required subclusters and subsequent nodes in your Cisco Unified Presence cluster in Cluster Topology.
6-6
Chapter 6
Repeat this procedure for each subcluster that you require for your deployment.
Note
Perform this procedure on the publisher Cisco Unified Presence node.

Before You Begin
Plan your multi-node deployment model.

Procedure
Select Cisco Unified Presence Administration > System > Cluster Topology. Select Add New Subcluster. Define a unique name for the subcluster. Select Save.
To update a subcluster, or view the status of a subcluster, select the edit link on the subcluster.
Related Topics

Planning a Cisco Unified Presence Multi-Node Deployment, page 4-1 About High Availability Cisco Unified Presence Deployments, page 6-10
What To Do Next
Creating, Assigning and Moving Nodes in System Topology, page 6-7
Creating, Assigning and Moving Nodes in System Topology

Create the required subsequent nodes for your deployment. By creating the subsequent nodes in the topology view of the publisher node, Cisco Unified Presence associates the subsequent nodes with the publisher node.
Note
Perform this procedure on the publisher Cisco Unified Presence node. Perform this procedure before you install any of the subsequent Cisco Unified Presence nodes. If you assign a subsequent Cisco Unified Presence node to a subcluster prior to installing it, users in remote clusters will not receive availability information. An availability outage will occur until the node is installed.
Before You Begin

Create the required subclusters for your deployment. Depending on how you plan to configure your node name, obtain the required value for your nodes (for example hostname, dotted IP address, FQDN or DNS-SRV).
6-7
Restrictions

If you wish to change the default node name, there are certain node name restrictions. Read the node name recommendations topic. You can only move a node from one subcluster to another if the node is assigned and has no users. You must turn off High Availability in a subcluster before you move or unassign a node in that subcluster.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > System > Cluster Topology. Create the required subsequent nodes for your deployment:
a. b. c.
Select Add New Node. Define a unique name for the node. Select Save.
Step 3
Perform one of these actions: If you want to: Assign a node to a subcluster Action Drag the node into the empty slot in the subcluster Notes
Do not assign the subsequent node to a subcluster until after you install it, and you have checked the status of the node. Before you assign a node to a subcluster, check the following
From System troubleshooter page,
verify that the Cisco UP Replication Watcher service is running on all nodes.
On the Network services screen in
Cisco Unified Serviceability (on the subscriber node), verify that all Cisco Unified Presence services are running on the assigned node. To move a previously assigned node. Drag the node from the subcluster and drop it into the empty slot of the peer subcluster.

Turn off high -availability in the subcluster before you move the node. Unassign all users from the node before you move it.
To update a node, or view the status of a node, select the edit link on the node to view the Node Detail screen. From the edit window, you can:
View the total users assigned to the node. Verify the status of the node.
6-8
Chapter 6
If you turn on High Availability in the subcluster, the critical services that
Cisco Unified Presence monitors on the node for failover are marked in the Monitored column.
If you turn on High Availability, you can also view the High Availability state of the node, and
the reason for this state.
Select Cisco Unified Presence Administration > Diagnostics > System Troubleshooter to verify the status of your topology configuration.
Related Topics

Restarting the Cisco UP XCP Router Service, page 6-2 Creating Subclusters in System Topology, page 6-6 Node Name Recommendations, page 6-4 Node Creation and Movement Recommendations, page 6-3 About High Availability Cisco Unified Presence Deployments, page 6-10 Configuring a Cisco Unified Presence Intercluster Deployment, page 15-1
What To Do Next
Configuring User Assignment in System Topology, page 6-9
Configuring User Assignment in System Topology

Note
This topic is only applicable if you have chosen to manually assign your users. In Cluster Topology, you can manually unassign, assign or reassign users. You can assign users to a single node, and you can also distribute groups of users across the node, or nodes, in a cluster, or a given subcluster.
Before You Begin

Read the user assignment recommendations topic. You may want to export users in bulk. Use the Bulk Administration Tool (BAT) to perform this procedure.
Restriction

You can only assign licensed users. If you turn on High Availability in a subcluster, note that you can only assign or move users to nodes in that subcluster that are not in a failover state. Valid node states are Normal and Running in Backup Mode.
Procedure
Step 1
Select Cisco Unified Presence Administration > System > Topology.
6-9
Chapter 6 About High Availability Cisco Unified Presence Deployments
Step 2
Perform one of these actions: If you want to: Assign users Unassign or reassign users Action Select Assign Users. Select All Assigned Users in the left pane of the system topology interface.
Step 3 Step 4
Use the Find User Assignment window to find and display users. Perform one of the following actions:

Check the users that you wish to assign, and select Assign Selected Users. Select all users, and select Assign All Users. to a named node to a named subcluster (auto-assigned) to all subclusters (auto-assigned) to nothing (unassigned)
Step 5
Using the list boxes in the Change Assignment frame, specify your user assignment:

Step 6
Select Save.
Select Cisco Unified Presence Administration > Diagnostics > System Troubleshooter to verify the status of your topology configuration.
Related Topics

Planning a Cisco Unified Presence Multi-Node Deployment, page 4-1 User Assignment Mode Recommendations, page 6-5 Turning On or Off High Availability for a Subcluster, page 6-20 For information on exporting users in bulk using BAT, see the Online Help in Cisco Unified Presence Administration.
About High Availability Cisco Unified Presence Deployments

High Availability in a Subcluster, page 6-11 Impact of Failover to Cisco Unified Presence Clients and Services, page 6-11 Automatic Failover Detection, page 6-12 Cisco UP Server Recovery Manager (SRM), page 6-13 Node State Definitions, page 6-15 Node States, Causes and Recommended Actions, page 6-16
6-10
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network About High Availability Cisco Unified Presence Deployments
Requirements for High Availability

The requirements for High Availability are:

You must be running Cisco Unified Presence release 8.5 (x), or a later 8.x release. Any earlier Cisco Unified Presence 8.0(x) releases do not support High Availability. Cisco Unified Presence supports High Availability at a subcluster level. Both nodes in the subcluster must be running the same version of Cisco Unified Presence 8.x software for High Availability to work.
High Availability in a Subcluster

Cisco Unified Presence supports High Availability in a subcluster meaning if a node in the subcluster fails, the Instant Message and Availability services from that node can failover to the second node in the subcluster. You must manually turn on High Availability in a subcluster on the Cluster Topology interface on Cisco Unified Presence Administration interface. On the main Cluster Topology interface, the subcluster icon indicates that you have turned on High Availability on the subcluster. A green tick beside the High Availability icon indicates that High Availability in the subcluster is running normally. A red x beside the High Availability icon indicates that the subcluster is in a failed state. Cisco Unified Presence automatically detects failover in a subcluster by monitoring the heartbeat and monitoring the critical services on the peer node. When Cisco Unified Presence detects failover, it automatically moves all user to the backup node. From the Cisco Unified Presence Administration interface, you can initiate a manual fallback to the active node.
Caution
Cisco Unified Presence does not perform an automatic fallback to the active node after failover. You must manually perform the fallback from the Cluster Topology interface, otherwise the failed over users will remain on the backup node. To monitor and troubleshoot the status of the High Availability functionality on a subcluster, view the High Availability states that Cisco Unified Presence assigns to each node. See Table 6-1 and Table 6-2 for descriptions of these states and recommended actions if the subcluster is in a failed state. If a failover occurs, on the node detail screen, Cisco Unified Presence marks the users that have failed over to the backup node.
Related Topics

Automatic Failover Detection, page 6-12 Manual Failover and Fallback, page 6-14 How To Configure High Availability Cisco Unified Presence Deployments, page 6-19
Impact of Failover to Cisco Unified Presence Clients and Services

Cisco Unified Presence supports High Availability for Cisco Unified Personal Communicator Release 7.x and Release 8.5(x) and on.
6-11
During failover to the backup node, availability and instant messaging services are temporarily unavailable on client applications. Once failover is complete, the availability and instant messaging services become available on the client again when the client signs back in. Similarly, if fallback occurs, availability and instant messaging services are temporarily unavailable on client applications until fallback completes and the client signs back in. Cisco Unified Personal Communicator signs users back in automatically. The impact of failover on temporary adhoc chat messages depends on the particular client application. On Cisco Unified Personal Communicator, any adhoc chat windows that were open before failover should display again once the failover is complete. However, if all of the users in a chat room automatically exit the chat room as part of a failover or fallback process, or if the adhoc chat room is hosted on a failed node, the adhoc chat windows will not display again after failover and a message is displayed explaining that the chat room was deleted. On all clients, any persistent chat rooms that users create on the failed node cannot be accessed again until recovery. If Cisco Unified Personal Communicator is operating in softphone mode (the user is on a voice call) during failover, the voice call is not disconnected.
Automatic Failover Detection

Cisco Unified Presence uses these methods to automatically detect if a node fails:
Peer Heartbeat - In a subcluster, each node sends heartbeat intervals to the other node to check if the node is up and running. If a node detects a loss of heartbeat in the peer node, the node initiates a failover. You can configure the heartbeat interval and the heartbeat timeout from the Service Parameters page on Cisco Unified Presence Administration interface. Monitor Critical Services - Each node monitors a list of critical services. If the node detects that any critical service is not running for a configurable outage period (ninety seconds is the default value), it instructs the peer node to initiate a failover. You can configure this critical service delay from the Service Parameters page on Cisco Unified Presence Administration interface. These are the list of critical services that the node monitors:
Cisco DB (internal IDS database) Cisco UP Presence Engine (if you activate this service) Cisco UP XCP Router Cisco UP Message Archiver (if you integrate Cisco Unified Presence with a third-party
off-board database, and you activate this service)

Cisco UP SIP Proxy (if you configure SIP federation or you have an intercluster connection with
a Cisco Unified Presence Release 7.x cluster, and you activate this service)
Cisco UP XCP SIP Federation Connection Manager (if you configure SIP federation or you
have an intercluster connection with a Cisco Unified Presence Release 7.x cluster, and you activate this service) You can view the critical services that Cisco Unified Presence monitors for failover on the node details screen on the Cluster Topology interface. The critical services that Cisco Unified Presence monitors are marked in the Monitored column in the services list.
6-12
Chapter 6
Note
Cisco Unified Presence only detects a failover if a critical service is not running for the duration of the outage period. It does not detect a failover in the case where one or more critical services are not running during the outage period, but not for the duration of the outage period, for example, a rolling outage. In this case, Cisco Unified Presence generates alarms indicating that services are starting and stopping, and you can perform a manual failover on Cisco Unified Presence. If you manually stop a critical service, and the service is stopped for longer than the permitted outage period, failover will occur.
If Cisco Unified Presence detects the situation where both nodes in the subcluster think that they own the same user, both nodes will go into a failed state, and you will need to perform a manual recovery from the Cluster Topology interface. After you perform the manual recovery, you may experience IDS replication delays. To check the status of the IDS replication on a node either:
Use this CLI command:

utils dbreplication runtimestate
Use the Cisco Unified Reporting Tool (CURT). The Unified CUP Database Status report displays a detailed status of the cluster.
Related Topics

Performing a Manual Failover to Backup Node, page 6-24 Configuring the Advanced Service Parameters for the Server Recovery Manager, page 6-21 Cisco UP Replication Watcher Service, page 5-1
Cisco UP Server Recovery Manager (SRM)

The Cisco UP Server Recovery Manager (SRM) on Cisco Unified Presence manages the failover between nodes in a subcluster. The Cisco UP Server Recovery Manager manages all state changes in a node; state changes are either automatic or initiated by the administrator (manual). Once you turn on High Availability in a subcluster, the Cisco UP Server Recovery Manager on each node establishes heartbeat connections with the peer node, and begins to monitor the critical processes. The SRM is responsible for the user move operations once it detects that failover has occurred. It is the SRM on the peer node, not on the failed node, that performs the user move operation. For example, if node A fails, the SRM on node B performs the user move operation. The SRM throttles the number of users moved to the peer node, it moves the users in batches or iterations. You can configure the number of users that the SRM moves per iteration (the default value is 25). On failover, the SRM will move users that are signed in first, and then move users that are not signed in. Note that if you initiate a fallback, users that are not signed in are moved first, and then users that are signed in. If the SRM is not turned on, it does not monitor any critical processes, nor does it monitor the heartbeat connections with the peer node.
Caution
Before you turn on High Availability in a subcluster, you must configure the SRM service parameters to properly reflect your deployment, see High Availability Client Login Profiles, page B-1.
6-13
Related Topics

Node State Definitions, page 6-15 Configuring the Advanced Service Parameters for the Server Recovery Manager, page 6-21
Manual Failover and Fallback

From the Cluster Topology interface, you can perform the following procedures:
Initiate a manual failover for a subcluster. When you initiate a manual failover, the Cisco UP Server Recovery Manager stops the critical services on the failed node, and moves all users to the backup node. Initiate a manual fallback from the Cluster Topology interface, where the Cisco UP Server Recovery Manager restarts critical services on the active node and moves users back to the active node. Perform a manual recovery for a subcluster (when both nodes in the subcluster are in a failed state). When you perform a manual recovery, Cisco Unified Presence restarts the Cisco UP Server Recovery Manager service on both nodes in the subcluster.
Related Topics

Performing a Manual Failover to Backup Node, page 6-24 Performing a Manual Fallback to Active Node, page 6-25 Performing a Manual Recovery of a Subcluster, page 6-25
Important Note About High Availability and Intercluster Deployments

When failover occurs, the Intercluster Sync Agent is responsible for communicating the user move information to other clusters. The Intercluster Sync Agent only runs on the publisher node in a cluster. If the publisher node fails (the whole node fails, not just services on the node), the Intercluster Sync Agent will stop running, meaning the other clusters will not receive the information that users have moved to a different node. This will cause IM and availability issues across the clusters. Users that have failed over will not receive availability information for remote users. Remote users will receive availability information and IMs from users that have failed over, but any IMs that they send to a failed over user are not delivered.
6-14
Chapter 6
Node State Definitions

Table 6-1 describes the different node states, and associated reasons. You can view the state of an existing node by either viewing the node details or the subcluster details on the Cluster Topology interface.
Note
These fields are only displayed on the Cluster Topology interface if you turn on High Availability in a subcluster.
Table 6-1 Node State Descriptions
State Initializing Idle
Description This is the initial (transition) state when the Cisco UP Server Recovery Manager service starts; it is a temporary state. Cisco Unified Presence is in Idle state when failover occurs and services are stopped. In Idle state, the Cisco Unified Presence node does not provide any availability or Instant Messaging services. In Idle state, you can manually initiate a fallback to this node from the Cluster Topology interface. This is a stable state. The Cisco Unified Presence node is operating normally. In this state, you can manually initiate a failover to this node from the Cluster Topology interface. This is a stable state. The Cisco Unified Presence node is acting as the backup for its peer node. Users have moved to this (backup) node. This is a transition state. The Cisco Unified Presence node is taking over for its peer node. This is a transition state. The Cisco Unified Presence node is being taken over by its peer node. This is a stable state. The Cisco Unified Presence node has failed over, but no critical services are down. In this state, you can manually initiate a fallback to this node from the Cluster Topology interface. This is a stable state. Some of the critical services on the Cisco Unified Presence node have either stopped or failed. This is a transition state. The system is falling back to this Cisco Unified Presence node from the node running in Backup Mode. This is a transition state. The failed Cisco Unified Presence node is taking back over from its peer. An error occurs during the transition states or Running in Backup Mode state. State unknown.
Normal
Running in Backup Mode Taking Over Failing Over Failed Over
Failed Over with Critical Services Not Running Falling Back Taking Back Running in Failed Mode Unknown
Related Topic
Node States, Causes and Recommended Actions, page 6-16
6-15
Node States, Causes and Recommended Actions

Table 6-2 describes the node states, reasons, causes, and recommended actions for failed states.
Table 6-2 Node High Availability states, causes and recommended actions
Node 1 State Normal Reason Normal State Normal
Node 2 Reason Normal

Cause/Recommended Actions High Availability is running on both nodes in the subcluster. Subcluster is running normally (it is in non failover mode).The critical services on both nodes in the subcluster are running. The administrator initiates a manual failover from node1 to node2.The manual failover is in progress. The manual failover from node1 to node2 (initiated by the administrator) is complete. The administrator initiates a manual fallback from node2 to node1. The manual fallback is in progress. The administrator restarts the SRM service on node1 while node1 is in Idle state. The administrator restarts both nodes in the subcluster, or restarts the SRM service on both nodes in the subcluster, while the subcluster was in manual failover mode (failover initiated by the administrator). The administrator restarts the SRM service on node2 while node2 is running in backup mode, but before the heartbeat on node1 times out. The administrator restarts the SRM service on node2 while node2 is taking over, but before the heartbeat on node1 times out. The administrator restarts the SRM service on node1 while taking back, but before the heartbeat on node2 times out. After the taking back process is complete, both nodes are in Normal state.
Failing Over On Admin Request Idle, On Admin Request
Taking Over
On Admin Request
Running in Backup Mode Falling Back
On Admin Request On Admin Request
Taking Back On Admin Request Idle Idle Initialization Initialization
Running in Backup Mode Running in Backup Mode
On Admin Request Initialization
Idle
On Admin Request
Running in Backup Mode Taking Over
Initialization
Failing Over On Admin Request
Initialization
Taking Back Initialization
Falling Back
On Admin Request
6-16
Chapter 6
Table 6-2
Node High Availability states, causes and recommended actions
Node 1 State Failed Over Reason Initialization or Critical Services Down State Running in Backup Mode
Node 2 Reason Critical Service Down
Cause/Recommended Actions Node 1 transitions to Failed Over state when:

Critical service(s) come back up due to
reboot of node1, or
The administrator starts critical service(s) on
node1 while node1 is in "Failed Over with Critical Services Not Running" state
When node1 transitions to Failed Over state the node is ready for the administrator to perform a manual fallback to restore the nodes in the subcluster to Normal state.
Failed Over Critical Service with Critical Down Services not Running
Running in Backup Mode
Critical Service Down
A critical service is down on node1. Cisco Unified Presence performs an automatic failover to node2. Recommended Actions:
1. 2. 3.
Check what critical services are down on node1, and try to start these services manually. If the critical services on node1 do not start,, reboot node1. After the reboot and when all the critical services are running, perform a manual fallback to restore the nodes in the subcluster to Normal state.
Failed Over Database with Critical Failure Services not Running
Database Failure
A database service is down on node1. Cisco Unified Presence performs an automatic failover to node2. Recommended Actions:
1. 2.
Reboot Node1. After the reboot and when all the critical services are running, perform a manual fallback to restore the nodes in the subcluster to Normal state.
Running in Start of Critical Failed Mode Services Failed
Running in Failed Mode
Start of Critical Services Failed
Critical services fail to start while a node in subcluster is taking back from the other node. Recommended Actions: (on the node that is taking back)
1.
Check what critical services are down on the node. To start these services manually, select Recovery on the subcluster details screen. If the critical services do not start, reboot the node. After the reboot and when all the critical services are running, perform a manual fallback to restore the nodes in the subcluster to Normal state.
2. 3.
6-17
Table 6-2
Node 1 State Reason State Running in Failed Mode Running in Critical Service Failed Mode Down
Node 2 Reason Critical Service Down Cause/Recommended Actions Critical services go down while a node in subcluster is running in backup mode for the other node. Recommended Actions:
1.
Check what critical services are down on backup node. To start these services manually, select Recovery on the subcluster details screen. If the critical services do not start, reboot the subcluster.
2.
Node1 is down due to loss of network connectivity or the SRM service is not running.
Peer Down
Node2 has lost its heartbeat with node1. Cisco Unified Presence performs an automatic failover to node2. Recommended Action: (If the node1 is up)
1.
Check and repair the network connectivity between nodes in the subcluster. When you reestablish the network connection between the nodes, the node may go into a failed state. Select Recovery on the subcluster details screen to restore the nodes in the subcluster to Normal state. Start the SRM service, and perform manual fallback to restore the nodes in the subcluster to Normal state. Repair/Power up node1. When node is up and all critical services are running, perform manual fallback to restore the nodes in the subcluster to Normal state.
2.
(If the node is down)

1. 2.
Node1 is down (due to possible Running in power down, hardware failure, Backup Mode shutdown, reboot)
Peer Reboot
Cisco Unified Presence performs an automatic failover to node2 due to possible hardware failure/power down/restart /shutdown of Node1. Recommended Action:
1. 2.
Repair/Power up node1. When node is up and all critical services are running, perform manual fallback to restore the nodes in the subcluster to Normal state.
6-18
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network How To Configure High Availability Cisco Unified Presence Deployments
Table 6-2
Node 1 State Reason State Backup Mode Failed Over Initialization with Critical Services not Running OR Failed Over
Node 2 Reason Peer Down During Initialization Cause/Recommended Actions Node2 doesnt see Node1 during startup. Recommended Action: When node1 is up and all critical services are running, perform manual fallback to restore the nodes in the subcluster to Normal state. Cisco UP Server Recovery Manager Take Over Users Failed User move fails during taking over process. Recommended Action: Possible database error. Select Recovery on the subcluster details screen.If that doesn't resolve the issue, reboot the subcluster. User move fails during falling back process. Recommended Action: Possible database error. Select Recovery on the subcluster details screen.If that doesn't resolve the issue, reboot the subcluster. The SRM on a node restarts while the SRM on the other node is in a failed state, or an internal system error occurs. Recommended Action: Select Recovery on the subcluster details screen.If that doesn't resolve the issue, reboot the subcluster.
Running in Cisco UP Server Running in Failed Mode Failed Mode Recovery Manager Take Over Users Failed
Running in Cisco UP Server Running in Failed Mode Failed Mode Recovery Manager Take Back Users Failed Running in Unknown Failed Mode Running in Failed Mode
Cisco UP Server Recovery Manager Take Back Users Failed
Unknown
Related Topics

Performing a Manual Failover to Backup Node, page 6-24 Performing a Manual Fallback to Active Node, page 6-25 Performing a Manual Recovery of a Subcluster, page 6-25
How To Configure High Availability Cisco Unified Presence Deployments

Turning On or Off High Availability for a Subcluster, page 6-20 Configuring the Advanced Service Parameters for the Server Recovery Manager, page 6-21 Performing a Manual Failover to Backup Node, page 6-24 Performing a Manual Fallback to Active Node, page 6-25
6-19
Chapter 6 How To Configure High Availability Cisco Unified Presence Deployments
Turning On or Off High Availability for a Subcluster

Caution
Before you turn on High Availability in a subcluster, you must configure the SRM service parameters to properly reflect your deployment, see High Availability Client Login Profiles, page B-1. You have to manually turn on High Availability in a subcluster; Cisco Unified Presence does not turn on High Availability in a subcluster by default. You can turn on High Availability in a subcluster when:

there are two nodes in the subcluster, and both nodes have IP addresses that are resolvable addresses, and both nodes are running Cisco Unified Presence Release 8.5 or higher.
You can either assign users to the nodes in the subcluster before or after you turn on High Availability for the subcluster.
Before You Begin

Configure the subclusters and nodes in your network, and assign nodes to the subclusters. Make sure critical services are running on both nodes in the subcluster before you turn on highavailability in a subcluster. If one or more critical services are not running on a node, when you turn on High Availability, that node will failover to the backup node. When one or more critical services are not running on one node in a subcluster, but all critical services are running on the second node, the subcluster will go into a failed state after you turn on High Availability.
Restriction
You can only turn on High Availability in a subcluster when there are two nodes assigned to that subcluster. The High Availability checkbox does not display when there are no nodes, or one node, assigned to the subcluster.
Procedure
Cisco Unified Presence Administration > System > Cluster Topology. Select the edit link on the appropriate subcluster. Check Enable High Availability.
Note Step 4
To turn off High Availability for the sublcluster, uncheck Enable High Availability.
Select Save. Cisco Unified Presence displays the following information about High Availability for the subcluster
Field Monitored Node Node State
Description The node in the subcluster that Cisco Unified Presence is monitoring for failover detection. The state of the node. See Node State Definitions, page 6-15for definitions of the states.
6-20
Chapter 6
Field Node Reason Node Action
Description The reason for the node state. The action you can take to change the state of the node:
Fallback - This option is displayed for nodes that are in Idle or Failed Over states. Select to manually initiate a fallback to this node. Failover - This option is displayed for nodes that are in Normal state. Select to manually initiate a failover to this node. Recovery - This option is displayed if both nodes in the subcluster are in a failed state. Select to manually initiate a recovery of the subcluster where Cisco Unified Presence restarts the SRM service on both nodes.
When you turn on High Availability in a subcluster, Cisco Unified Presence restarts the Cisco UP Service Recovery Manager service and it begins to monitor for failover detection. To verify this service is running, select Cisco Unified Serviceability > Tools > Control Center - Network Services. You can turn off High Availability in a subcluster, so the two nodes in the subcluster act as standalone nodes. You can only turn off High Availability when the nodes in the subcluster are not in a transition state (Failing Over, Falling Back). If you turn off High Availability in a subcluster when either node is in a failed over scenario (Failed Over, Failed), users that Cisco Unified Presence fails over to the backup node are homed to the backup node. Cisco Unified Presence will not move these users back to the active node, they remain on the backup node. The System Troubleshooter indicates if there are any two node subclusters without High Availability turned on. Select Cisco Unified Presence Administration > Diagnostics > System Troubleshooter.
Configuring the Advanced Service Parameters for the Server Recovery Manager
Procedure
Cisco Unified Presence Administration > System > Service Parameters. Select a Cisco Unified Presence server from the Server menu. Select Cisco UP Server Recovery Manager from the Service menu. Configure these service parameters:
6-21
Parameter Service Port
Description This parameter specifies the port that Cisco UP Server Recovery Manager uses to communicate with its peer.
Additional Information If you modify this parameter, Cisco Unified Presence restarts the Cisco UP Server Recovery Manager on all nodes in the cluster. If you modify this parameter, Cisco Unified Presence restarts the Cisco UP Server Recovery Manager on all nodes in the cluster. If you change this value, this affects how long a critical service can be down before Cisco Unified Presence initiates an automatic failover. This parameter is on by default. Only turn this parameter off if you do not want automatic failover on Cisco Unified Presence and you only want to perform manual failover. We recommend that you configure this value to at least twice the value of the Keep Alive (Heartbeat) Timeout in order to avoid unnecessary failovers. We recommend that you configure this value to at least twice the value of KeepAliveInterval value. If this value is too close to the KeepAliveInterval value, this can cause a failover to occur.
Admin RPC Port
This parameter specifies the port that Cisco UP Server Recovery Manager uses to provide admin RPC requests.
Critical Service Down This parameter determines the Delay duration a critical service can be down before Cisco Unified Presence initiates an automatic failover. Enable Automatic Failover This parameter turns on or off automatic failover on Cisco Unified Presence.
Initialization Keep Alive (Heartbeat) Timeout
This parameter specifies the duration that the heartbeat is lost with the peer node (SRM) when the peer SRM restarts and is in the initialization state. This parameter specifies the duration that the heartbeat is lost with the peer node (SRM) before Cisco Unified Presence initiates an automatic failover.
Keep Alive (Heartbeat) Timeout
Keep Alive (Heart Beat) Interval
This parameter specifies the interval between keep alive (heartbeat) messages sent to the peer node.
6-22
Chapter 6
Parameter Users Moved Per Iteration
Description This parameter specifies the number of users that Cisco Unified Presence moves for each iteration when it performs a failover or a fallback. There is a delay of one second between each iteration.
Additional Information Increasing this value will shorten the failover time at the expense of CPU. Lowering the value will lengthen failover time, but have less impact on the CPU.
Caution
Before you configure the Users Moved Per Iteration parameter value, refer to the High Availability Client Login Profiles, page B-1.
Client Re-Login Lower Limit
This parameter specifies the minimum number of seconds which Cisco Unified Personal Communicator will wait before attempting to re-login to this Cisco Unified Presence server. This waiting time occurs due to the failure of a node or a critical service on a node.
This parameter only applies to Cisco Unified Personal Communicator Release 8.5 or higher 8.x releases.
Caution
Note
This parameter is per node.
Refer to the High Availability Client Login Profiles, page B-1 for guidelines on defining the client re-login lower and upper limits.
Client Re-Login Upper Limit
This parameter specifies the maximum number of seconds which Cisco Unified Personal Communicator will wait before attempting to re-login to this Cisco Unified Presence server. This waiting time occurs due to the failure of a node or a critical service on a node.
This parameter only applies to Cisco Unified Personal Communicator Release 8.5 or higher 8.x releases.
Caution
Note
This parameter is per node.
Refer to the High Availability Client Login Profiles, page B-1 for guidelines on defining the client re-login lower and upper limits.
Step 5
Select Save.
Related Topic
High Availability Client Login Profiles, page B-1
6-23
Performing a Manual Failover to Backup Node

You can perform a manual failover to the backup node in the subcluster using in the Cluster Topology interface. When you initiate a manual failover, the Cisco UP Server Recovery Manager stops the critical services on that node, and moves all users to the backup node. The Cisco UP Server Recovery Manager stops the following critical services on the node:

Cisco UP SIP Proxy Cisco UP Presence Engine Cisco UP XCP Router (this causes all XCP processes to stop) Cisco UP Client Profile Agent
The Cisco UP Server Recovery Manager then move all users to the backup node
Restriction
You can only initiate a failover for a node that is in Normal state.
Before You Begin
Make sure that these services are running on the Failing Over node:

Cisco UP XCP Connection Manager service Cisco UP XCP Router Cisco UP Presence Engine
Procedure
Cisco Unified Presence Administration > System > Cluster Topology. Select the edit link on the appropriate subcluster. Select Failover in the Node Action column. Select Ok to confirm the failover operation. To verify the failover operation is complete and successful:
When the failover operation is in progress, the active node should be in the Failing Over state, and the backup node should be in the Taking Over state. When the failover operation is complete, check that the backup node is in the state Running in Backup Mode, and the active node is in Idle state. If the failover is unsuccessful, and the nodes are in a failed state, see Table 6-2 for a recommended action. Check that the users have failed over to the backup node:
On the subcluster details screen, check that all users are now assigned to the backup node, and
no users are assigned to the active node.

On the node details screen, the Failed Over column indicates the users that have failed over to
the backup node.
Related Topic
6-24
Chapter 6
Performing a Manual Fallback to Active Node

You can perform a manual fallback to the active node in the Cluster Topology interface. When you initiate a manual fallback, the Cisco UP Server Recovery Manager restarts any critical services that are not already running on the active node, and moves the failed over users back to the active node. When you manually initiate a fallback, the Cisco UP Server Recovery Manager restarts the following services on the active node (if they are not already running):

Cisco UP SIP Proxy Cisco UP Presence Engine Cisco UP XCP Router Any XCP services that were activated Cisco UP Client Profile Agent
The Cisco UP Server Recovery Manager then moves all failed over users back to the active node.
Restriction
You can only initiate fallback for a node that is in Idle or Failed Over state.
Procedure
Cisco Unified Presence Administration > System > Cluster Topology. Select the edit link on the appropriate subcluster. Select Fallback in the Node Action column. Select Ok to confirm the fallback operation. To verify the fallback operation is complete and successful:
When fallback operation is in progress, the active node should be in the Taking Back state, and the backup node should be in the Falling Back state.When the fallback operation is complete, check that both nodes are in Normal state. If the fallback is unsuccessful, and the nodes are in a failed state, see Table 6-2 for a recommended action. Check that the users have fallen back to the active node.
On the subcluster details screen, check that all users are now assigned to the active node, and
no users are assigned to the backup node.

On the node details screen, the Failed Over column should be empty.
Related Topic
Performing a Manual Recovery of a Subcluster

When you perform a manual recovery of a subcluster, Cisco Unified Presence restarts the Cisco UP Server Recovery Manager service on both nodes in the subcluster.
6-25
Chapter 6 Configuring a Cisco Unified Presence Server for Deployment in the Network How to Configure the Cluster-Wide Routing Information on Cisco Unified Presence
Restriction
You can only initiate a recovery for a subcluster if both nodes are in a failed state.
Procedure
Cisco Unified Presence Administration > System > Cluster Topology. Select the edit link on the appropriate subcluster. Select Recovery in the Node Action column. See see Table 6-2 to verify the status of the subcluster after you perform the manual recovery.
If Cisco Unified Presence detects the situation where both nodes in the subcluster think that they own the same user, both nodes will go into a failed state, and you will need to perform a manual recovery from the Cluster Topology interface. After you perform the manual recovery, you may experience IDS replication delays. You can check the status of the IDS replication on a node using this CLI command: Utils dbreplication runtimestate
Related Topic
How to Configure the Cluster-Wide Routing Information on Cisco Unified Presence

Configuring the Domain Value, page 6-26 About the Routing Communication Type, page 6-28 Configuring the Routing Communication, page 6-29 Viewing or Configuring the Cluster ID, page 6-30 Configuring a Cluster-Wide Cisco Unified Presence Address, page 6-31 Configuring the Throttling Rate for Availability State Change Messages, page 6-32
Configuring the Domain Value

Replacing the Default Domain Value, page 6-26 Changing the Domain Value, page 6-27
Replacing the Default Domain Value

The domain name specifies the DNS domain name of the Cisco Unified Presence server. Cisco Unified Presence automatically defaults to the domain namevalue PROXY.DOMAIN.NOT.SET. You must replace this default domain name with the DNS domain name in order for the SRM to initialize correctly
6-26
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network How to Configure the Cluster-Wide Routing Information on Cisco Unified Presence
in a High Availability deployment. If you are not using DNS in your network, and you did not set the domain at install, you must replace this default value with the enterprise wide domain and ensure the node names are configured as IP addresses or Cisco Unified Presence will not function correctly. Perform this configuration on all nodes in your Cisco Unified Presence cluster.
Procedure
Step 1
Perform the following steps to configure the new domain value:

a. b. c. a. b. c.
Select Cisco Unified Presence Administration > System > Cluster Topology. In the right pane, select Settings. Configure the Domain Name value with the new domain. Select Cisco Unified Presence Administration > System > Service Parameters, and select the Cisco UP SIP Proxy service. Configure the Federation Routing CUP FQDN with the new domain. You will be prompted to confirm these configuration changes. Select OK for both prompts, and then select Save.
Step 2
Use this CLI command to set the new domain: set network domain <new_domain> This CLI command invokes a reboot of the server.
Step 3
Manually regenerate all certificates on the local Cisco Unified Presence server.
Note
When you regenerate the Tomcat certificate, you must restart Tomcat. You can restart Tomcat after you regenerate all of the certificates on the local server. Use this CLI command to restart Tomcat: utils service restart Cisco Tomcat
Changing the Domain Value

Follow this procedure if you want to change the domain value (from one valid domain value to another valid IP proxy domain value). This procedure is applicable if you have a DNS or non-DNS deployment.
Note
It is highly recommended that you use a DNS deployment. In order to be considered valid, the domain value must match the DNS domain name. Using a valid domain name ensures that the SRM initializes correctly in a High Availability deployment.
Procedure
Step 1 Step 2
Stop the Cisco UP SIP Proxy, Presence Engine and XCP Router services on Cisco Unified Presence on all nodes in your cluster. On the publisher node, perform the following steps to configure the new domain value:
a.
Select Cisco Unified Presence Administration > System > Cluster Topology.
6-27
b. c. a. b. c. Step 3
In the right pane, select Settings. Configure the Domain Name value with the new domain. Select Cisco Unified Presence Administration > System > Service Parameters, and select the Cisco UP SIP Proxy service. Configure the Federation Routing CUP FQDN with the new domain. You will be prompted to confirm these configuration changes. Select OK for both prompts, and then select Save.
On all nodes in the cluster, use this CLI command to set the new domain: set network domain <new_domain> This CLI command invokes a reboot of the servers
Step 4 Step 5
On all nodes in the cluster, manually start the Cisco UP Presence Engine and Cisco UP XCP Router services once the reboot is complete (if required). Manually regenerate all certificates on each node in the cluster.
Note
When you regenerate the Tomcat certificate, you must restart Tomcat. You can restart Tomcat after you regenerate all of the certificates on the local server. Use this CLI command to restart Tomcat: utils service restart Cisco Tomcat If you use DNS in your network, update the DNS configuration for the new domain. Update any host records and any DNS SRV records that you require for the new domain Configure any XMPP clients with the new domain.
Step 6 Step 7
About the Routing Communication Type

Routing Communication Recommendations, page 6-28 MDNS Routing and Cluster ID, page 6-29
Routing Communication Recommendations

MDNS is the default mechanism for establishing the XCP route fabric on Cisco Unified Presence; the network automatically establishes router-to-router connections between all Cisco Unified Presence nodes in a cluster. A requirement for MDNS routing is that all nodes in the cluster are in the same multicast domain. We recommend MDNS routing because it can seamlessly support new XCP routers joining the XCP route fabric. If you select MDNS as the routing communication, you must have multicast DNS enabled in your network. In some networks multicast is enabled by default, or enabled in a certain area of the network, for example, in an area that contains the nodes that form the cluster. In these networks, you do not need to perform any additional configuration in your network to use MDNS routing. When multicast DNS is disabled in the network, MDNS packets cannot reach the other nodes in a cluster. If multicast DNS is disabled in your network, you must perform a configuration change to your network equipment to use MDNS routing.
6-28
Chapter 6
Alternatively, you can select router-to-router communication for your deployment. In this case, Cisco Unified Presence dynamically configures all router-to-router connections between nodes in a cluster. Select this routing configuration type if all the nodes in your cluster are not in the same multicast domain. Note that when you select router-to-router communication:

Your deployment will incur the additional performance overhead while Cisco Unified Presence establishes the XCP route fabric. If you are running Cisco Unified Presence Release 8.0(x), if you add a new node, you must restart the Cisco UP XCP Router on all nodes in your deployment. If you are running Cisco Unified Presence Release 8.5(x), you do not need to restart the Cisco UP XCP Router on all nodes in your deployment when you add a new node. If you delete or remove a node, you must restart the Cisco UP XCP Router on all nodes in your deployment when you add a new node.
Related Topics

MDNS Routing and Cluster ID, page 6-29 Configuring the Routing Communication, page 6-29
MDNS Routing and Cluster ID

At installation, the system assigns a unique cluster ID to the Cisco Unified Presence publisher node. The systems distributes the cluster ID so that all nodes in your cluster share the same cluster ID value. The nodes in the cluster use the cluster ID to identify other nodes in the multicast domain using MDNS. A requirement for MDNS routing is that the cluster ID value is unique to prevent nodes in one standalone Cisco Unified Presence cluster from establishing router-to-router connections with nodes in another standalone cluster. Standalone clusters should only communicate over intercluster peer connections. Select Cisco Unified Presence Administration > Presence > Settings to view or configure the cluster ID value for a cluster. If you change the cluster ID value, make sure that the value remains unique to your Cisco Unified Presence deployment.
Note
If you deploy the Chat feature, Cisco Unified Presence uses the cluster ID value to define chat server aliases. There are certain configuration scenarios that may require you to change the cluster ID value. See the Group Chat module for details.
Related Topics

Routing Communication Recommendations, page 6-28 Viewing or Configuring the Cluster ID, page 6-30 Configuring the Routing Communication, page 6-29 Configuring Chat on Cisco Unified Presence, page 9-1
Configuring the Routing Communication

To allow the nodes in a cluster to route messages to each other, you must configure the routing communication type. This setting determines the mechanism for establishing router connections between nodes in a cluster. Configure the routing communication type on the publisher node, and Cisco Unified Presence applies this routing configuration to all nodes in the cluster.
6-29
For single node Cisco Unified Presence deployments, we recommend that you leave the routing communication type at the default setting.
Caution
You must configure the routing communication type before you complete your cluster configuration and start to accept user traffic into your Cisco Unified Presence deployment.
Before You Begin

If you want to use MDNS routing, confirm that MDNS is enabled in your network. If you want to use router-to-router communication, and DNS is not available in your network, for each node you must configure the IP address as the node name in the cluster topology. to edit the node name, select Cisco Unified Presence Administration > System > Cluster Topology, and click the edit link on a node. Perform this configuration after you install Cisco Unified Presence, and before you restart the Cisco UP XCP Router on all nodes.
Procedure
Select Cisco Unified Presence Administration > System > Cluster Topology. In the right pane, select Settings. Select one of these Routing Communication Types from the menu:
Multicast DNS (MDNS)- Select Multicast DNS communication if the nodes in your cluster are in the same multicast domain. Multicast DNS communication is enabled by default on Cisco Unified Presence. Router to Router - Select Router-to-Router communication if the nodes in your cluster are not in the same multicast domain.
Step 4 Step 5
Select Save. Restart the Cisco UP XCP Router service on all nodes in your deployment.
Related Topics

Restarting the Cisco UP XCP Router Service, page 6-2 About the Routing Communication Type, page 6-28 Viewing or Configuring the Cluster ID, page 6-30 Configuring the Domain Value, page 6-26
Viewing or Configuring the Cluster ID

At installation, the system assigns a default unique cluster ID to the Cisco Unified Presence publisher node. If you configure multiple nodes in the cluster, the systems distributes the cluster ID so that each node in your cluster shares the same cluster ID value. We recommend that you leave the cluster ID value at the default setting. If you do change the cluster ID value, note the following:
If you select MDNS routing, all nodes must have the same cluster ID to allow them to identify other nodes in the multicast domain.
6-30
Chapter 6
If you are deploying the Group Chat feature, Cisco Unified Presence uses the cluster ID value for chat server alias mappings, and there are certain configuration scenarios that may require you to change the cluster ID value. See the Group Chat module for details.
If you change the default Cluster ID value, you only need to make this change on the publisher node, and the system replicates the new Cluster ID value to the other nodes in the cluster.
Procedure
Select Cisco Unified Presence Administration > System > Cluster Topology. In the right pane, select Settings. View or edit the Cluster ID value.
Note Step 4
By default, Cisco Unified Presence assigns the cluster ID value StandaloneCluster to a cluster.
Select Save.
Cisco Unified Presence Release 8.x does not permit the underscore character (_) in the Cluster ID value. If you perform an upgrade to Cisco Unified Presence Release 8.x, make user the Cluster ID value does not contain this character.
Related Topics

MDNS Routing and Cluster ID, page 6-29 Configuring Chat on Cisco Unified Presence, page 9-1
Configuring a Cluster-Wide Cisco Unified Presence Address

This procedure is only applicable if you are configuring a multi-node deployment. Configure the cluster-wide Cisco Unified Presence address on the publisher node, and Cisco Unified Presence will replicate the address on all nodes in the cluster.
Note
When you configure a cluster-wide Cisco Unified Presence address, set the port of SRV to 5060.
Before You Begin
Read the cluster-wide DNS SRV topic.

Procedure
Select Cisco Unified Presence Administration > System > Service Parameters. Select the Cisco Unified Presence server from the Server menu. Select Cisco UP Sip Proxy from the Service menu. Edit the SRV Cluster Name field in the General Proxy Parameters (Clusterwide) section.
6-31
Chapter 6 Uploading the Licences on Cisco Unified Presence
By default this parameter is empty.

Step 5
Select Save.
Related Topic
Scalability Options for Your Deployment, page 4-7

What To Do Next
Uploading the Licences on Cisco Unified Presence, page 6-32
Configuring the Throttling Rate for Availability State Change Messages

To prevent an overload of the on Cisco Unified Presence, you can configure the rate of availability (presence) changes sent to the Cisco UP XCP Router in messages per second. When you configure this value, Cisco Unified Presence throttles the rate of availability (presence) changes back to meet the configured value.
Procedure
Select Cisco Unified Presence Administration > System > Service Parameters. Select the Cisco Unified Presence server from the Server menu. Select Cisco UP Presence Engine from the Service menu. In the Clusterwide Parameters section, edit the Presence Change Throttle Rate parameter. This parameter defines the number of presence updates per second. Select Save.
Uploading the Licences on Cisco Unified Presence

Follow this procedure to upload the server license file, and the software version license to Cisco Unified Presence.
Note
This topic is only applicable if you are configuring the Cisco Unified Presence publisher node. Only upload the Cisco Unified Presence server license file on the publisher node of a Cisco Unified Presence cluster. The license file contains the number of Cisco Unified Presence servers in a cluster that are licensed to the customer. You can only upload a license file issued for a physical server to a physical server. Similarly, you can only upload a VMware license file to a VMware server.
Before You Begin
Read the Cisco Unified Presence License Requirements topic.
6-32
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network How to Configure Static Routes on Cisco Unified Presence
Upload the Cisco Unified Presence user licenses on Cisco Unified Communications Manager, and assign Cisco Unified Presence capabilities to these users.
Restrictions
License files must have a .lic suffix.

Procedure
Select Cisco Unified Presence Administration > System > Licensing > License File Upload. Select Upload License File. Locate the file on your local computer. Select Upload. Restart the Cisco UP Sync Agent service.
Cisco Unified Presence only uploads the license file into the database if the version that the license file specifies is greater than or equal to the Cisco Unified Presence version that is running in the cluster. If the version check fails, Cisco Unified Presence generates an alarm, and you should get a new license file with the correct version. The system bases the version check only on major releases. To verify that the license file uploads correctly, confirm the license file is listed in the existing licenses menu on the License File Upload window. Select the license file in the existing license file menu, and select View File.
Related Topics

Cisco Unified Presence License Requirements, page 2-1 Configuring the Licensing for this Integration, page 2-1
What To Do Next
How to Configure the Presence Gateway on Cisco Unified Presence, page 6-38
How to Configure Static Routes on Cisco Unified Presence

If you configure a static route for SIP proxy server traffic, consider the following:

A dynamic route represents a path through the network that is automatically calculated according to routing protocols and routing update messages. A static route represents a fixed path that you explicitly configure through the network. Static routes take precedence over dynamic routes. Route Embed Templates, page 6-34 Configuring Route Embed Templates on Cisco Unified Presence, page 6-35 Configuring Static Routes on Cisco Unified Presence, page 6-35
6-33
Chapter 6 How to Configure Static Routes on Cisco Unified Presence
Route Embed Templates

You must define a route embed template for any static route pattern that contains embedded wildcards. The route embed template contains information about the leading digits, the digit length, and location of the embedded wildcards. Before you define a route embed template, consider the sample templates we provide below. When you define a route embed template, the characters that follow the '.' must match actual telephony digits in the static route. In the sample route embed templates below, we represent these characters with 'x'. Sample Route Embed Template A Route embed template: 74..78xxxxx* With this template, Cisco Unified Presence will enable this set of static routes with embedded wildcards:
Destination Pattern 74..7812345* 74..7867890* 74..7811993*
Next Hop Destination 1.2.3.4:5060 5.6.7.8.9:5060 10.10.11.37:5060
With this template, Cisco Unified Presence will NOT enable these static route entries:

73..7812345* (The initial string is not 74 as the template defines) 74..781* (The destination pattern digit length does not match the template) 747812345* (The number of wildcards does not match the template)
Sample Route Embed Template B Route embed template: 471.xx* With this template, Cisco Unified Presence will enable this set of static routes with embedded wildcards:
Destination Pattern 471.34* 47155*
Next Hop Destination 20.20.21.22 21.21.55.79
With this template, Cisco Unified Presence will NOT enable these static route entries:

47344* (The initial string is not 471 as the template defines) 4714* (The string length does not match template) 471.450* (The number of wildcards does not match template)
6-34
Chapter 6
Configuring Route Embed Templates on Cisco Unified Presence

You can define up to five route embed templates. However, there is no limit to the number of static routes that you can define for any route embed template. A static route that contains an embedded wildcard must match at least one of the route embed templates.
Procedure
Select Cisco Unified Presence Administration > System > Service Parameters. Select a Cisco Unified Presence server. Select the Cisco UP SIP Proxy service. Define a route embed templates in the RouteEmbedTemplate field in the Routing Parameters (Clusterwide) section. You can define up to five route embed templates. Select Save.
What To Do Next
Configuring Static Routes on Cisco Unified Presence, page 6-35
Configuring Static Routes on Cisco Unified Presence

Procedure
Select Cisco Unified Presence Administration > Routing > Static Routes. Select Add New. Configure these static route settings:
6-35
Chapter 6 How to Configure Static Routes on Cisco Unified Presence
Field Destination Pattern
Description This field specifies the pattern of the incoming number, up to a maximum of 255 characters. The SIP proxy allows only 100 static routes to have an identical route pattern. If you exceed this limit, Cisco Unified Presence logs an error. Wildcard Usage You can use "." as a wildcard for a single character and "*" as a wildcard for multiple characters. Cisco Unified Presence supports embedded '.' wildcard characters in static routes. However, you must define route embed templates for static routes that contain embedded wildcards. Any static route that contains an embedded wildcard must match at least one route embed template. See the route embed template topic (referenced in the Related Topics section below) for information on defining route embed templates. For phones:
A dot can exist at the end of the pattern, or embedded in a pattern. If you embed the dot in a pattern, you must create a route embed template to match the pattern. An asterisk can only exist at the end of the pattern. You can use an asterisk as part of the a host name. The dot acts as a literal value in a host name.
For IP addresses and host names:

An escaped asterisk sequence, \*, matches a literal * and can exist anywhere. Description Next Hop Specifies the description of a particular static route, up to a maximum of 255 characters. Specifies the domain name or IP address of the destination (next hop) and can be either a Fully Qualified Domain Name (FQDN) or dotted IP address. Cisco Unified Presence supports DNS SRV-based call routing. To specify DNS SRV as the next hop for a static route, set this parameter to the DNS SRV name. Next Hop Port Specifies the port number of the destination (next hop). The default port is 5060. Cisco Unified Presence supports DNS SRV-based call routing. To specify DNS SRV as the next hop for a static route, set the next hop port parameter to 0.
6-36
Chapter 6
Field Route Type
Description Specifies the route type: User or Domain. The default value is user. For example, in the SIP URI "sip:[email protected]" request, the user part is '19194762030', and the host part is 'myhost.com'. If you select User as the route type, Cisco Unified Presence uses the user-part value '19194762030' for routing SIP traffic. If you select the Domain as the route type, Cisco Unified Presence uses 'myhost.com' for routing SIP traffic.
Protocol Type Priority
Specifies the protocol type for this route, TCP, UDP, or TLS. The default value is TCP. Specifies the route priority level. Lower values indicate higher priority. The default value is 1. Value range: 1-65535 Specifies the route weight. Use this parameter only if two or more routes have the same priority. Higher values indicate which route has the higher priority. Value range: 1-65535 Example: Consider these three routes with associated priorities and weights:

Weight
1, 20 1, 10 2, 50
In this example, the static routes are listed in the correct order. The priority route is based on the lowest value priority, that is 1. Given that two routes share the same priority, the weight parameter with the highest value decides the priority route. In this example, Cisco Unified Presence directs SIP traffic to both routes configured with a priority value of 1, and distributes the traffic according to weight; The route with a weight of 20 receives twice as much traffic as the route with a weight of 10. Note that in this example, Cisco Unified Presence will only attempt to use the route with priority 2, if it has tried both priority 1 routes and both failed. Allow Less-Specific Route Specifies that the route can be less specific. The default setting is On. In Service Specifies whether this route has been taken out of service. This parameter allows the administrator to effectively take a route out of service (versus removing it completely and re-adding it). Block Route Check Box
Step 4
Check to block the static route. The default setting is Unblocked.
Select Save.
Related Topics

Route Embed Templates, page 6-34 Configuring Route Embed Templates on Cisco Unified Presence, page 6-35
6-37
Chapter 6 How to Configure the Presence Gateway on Cisco Unified Presence
How to Configure the Presence Gateway on Cisco Unified Presence

Presence Gateway Configuration Option, page 6-38 Configuring the Presence Gateway, page 6-38
Presence Gateway Configuration Option

You must configure Cisco Unified Communications Manager as a Presence Gateway on Cisco Unified Presence to enable the SIP connection that handles the availability information exchange between Cisco Unified Communications Manager and Cisco Unified Presence. The Cisco Unified Presence server sends SIP subscribe messages to Cisco Unified Communications Manager over a SIP trunk which allows the Cisco Unified Presence server to receive availability information (for example, phone on/off hook status). When configuring the Presence Gateway, specify the FQDN (Fully Qualified Domain Name) or the IP address of the associated Cisco Unified Communications Manager server. Depending on your network this value can be one of the following:

the FQDN address of the Cisco Unified Communications Manager publisher a DNS SRV FQDN that resolves to the Cisco Unified Communications Manager subscriber nodes the IP address of the Cisco Unified Communications Manager publisher Configure the Presence Gateway on the Cisco Unified Presence server with a DNS SRV FQDN of the Cisco Unified Communications Manager subscriber nodes (equally weighted). This will enable Cisco Unified Presence to share availability messages equally among all the servers used for availability information exchange. On Cisco Unified Communications Manager, configure the SIP trunk for the Cisco Unified Presence server with a DNS SRV FQDN of the Cisco Unified Presence publisher and subscriber.
If DNS SRV is an option in your network, configure the following:

1.
2.
If DNS SRV is not an option in your network, and you are using the IP address of the associated Cisco Unified Communications Manager server, you cannot share presence messaging traffic equally across multiple subscriber nodes because the IP address points to a single subscriber node.
Related Topic
Configuring the Presence Gateway

Before You Begin

Read the Presence Gateway configuration options topic. Depending on your configuration requirements, obtain the FQDN, DNS SRV FQDN, or the IP address of the associated Cisco Unified Communications Manager server.
6-38
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network How To Configure the Authorization Policy on Cisco Unified Presence
Procedure
Select Cisco Unified Presence Administration > Presence > Gateways. Select Add New. Select CUCM for the Presence Gateway Type. Enter a description of the presence gateway in the Description field. Specify the FQDN, DNS SRV FQDN, or the IP address of the associated Cisco Unified Communications Manager server in the Presence Gateway field. Select Save.
Related Topic
Presence Gateway Configuration Option, page 6-38

What To Do Next
Configuring the Authorization Policy on Cisco Unified Presence, page 6-41
How To Configure the Authorization Policy on Cisco Unified Presence

Automatic Authorization on Cisco Unified Presence, page 6-39 User Policy & Automatic Authorization, page 6-40 Configuring the Authorization Policy on Cisco Unified Presence, page 6-41
Automatic Authorization on Cisco Unified Presence

Cisco Unified Presence authorizes all presence subscription requests that it receives from SIP-based clients in the local enterprise. A local user running a SIP-based client automatically receives the availability status for contacts in the local enterprise, without being prompted to authorize these subscriptions on the client. Cisco Unified Presence only prompts the user to authorize the subscription of a contact in the local enterprise if the contact is on the blocked list for the user. This is the default authorization behavior for SIP-based clients on Cisco Unified Presence, and you cannot configure this behavior. In the XMPP network, it is standard behavior for the server to send all presence subscriptions to the client, and the client prompts the user to authorize or reject the subscription. To allow enterprises to deploy Cisco Unified Presence with a mix of SIP-based and XMPP-based clients (to align the authorization policy for both client types), Cisco provides the following automatic authorization setting on Cisco Unified Presence:
When you turn on automatic authorization, Cisco Unified Presence automatically authorizes all presence subscription requests it receives from both XMPP-based clients and SIP-based in the local enterprise. This is the default setting on Cisco Unified Presence.
6-39
Chapter 6 How To Configure the Authorization Policy on Cisco Unified Presence
When you turn off automatic authorization, Cisco Unified Presence only supports XMPP-based clients. For XMPP-based clients, Cisco Unified Presence sends all presence subscriptions to the client, and the client prompts the user to authorize or reject the presence subscription. SIP-based clients will not operate correctly on Cisco Unified Presence when you turn off automatic authorization.
Caution
If you turn off automatic authorization, SIP-based clients such as Cisco Unified Personal Communicator Release 7.x are not supported. Only XMPP-based clients (Cisco Unified Personal Communicator Release 8.0 and third-party XMPP clients) are supported when you turn off automatic authorization.
Related Topics

User Policy & Automatic Authorization, page 6-40 Configuring the Authorization Policy on Cisco Unified Presence, page 6-41 Integration Guide for Configuring Cisco Unified Presence for Interdomain Federation
User Policy & Automatic Authorization

In addition to reading the automatic authorization policy, Cisco Unified Presence reads the policy settings for the user to determine how to handle presence subscription requests. Users configure the policy settings from either the client (Cisco Unified Personal Communicator) and the Cisco Unified Presence User Options interface. A user policy contains the following configuration options:
Blocked list - a list of local and external (federated) users that will always see the availability status of the user as unavailable regardless of the true status of the user. The user can also block a whole federated domain. Allowed list - a list of local and external users that the user has approved to see their availability. The user can also allow a whole external (federated) domain. Default policy - the default policy settings for the user. The user can set the policy to block all users, or allow all users.
On the Cisco Unified Presence User Options interface, the user can also select an ask me setting so that the user is prompted to set their own Allow/Block policy for external contacts (except those external contacts that a user explicitly adds to their Allowed/Blocked list). Note that if you turn off automatic authorization, Cisco Unified Presence automatically authorizes subscription requests a user that is on the contact list of another user. This applies to users in the same domain, and users in different domains (federated users). For example:

UserA wishes to subscribe the view the availability status of UserB. Automatic authorization is off on Cisco Unified Presence, and UserB is not in the Allowed or Blocked list for the UserA. Cisco Unified Presence sends the presence subscription request to the client application of UserB, and the client application prompts userB to accept or reject the subscription. UserB accepts the presence subscription request, and UserB is added to the contact list of UserA. UserA is then automatically added to the contact list for UserB without being prompted to authorize the presence subscription.
Cisco Unified Presence will automatically add UserA to the contact list of UserB even if the policy for UserB (i) blocks the external domain, or (ii) the default policy for the user is block all, or (ii) ask me is selected.
6-40
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network How To Configure the Authorization Policy on Cisco Unified Presence
If you deploy interdomain federation between a local Cisco Unified Presence enterprise and a supported external enterprise, Cisco Unified Presence does not apply the automatic authorization setting to presence subscription requests received from external contacts, unless the user has applied a policy on that external contact or domain. On receipt of a presence subscription request from an external contact, Cisco Unified Presence will only send the subscription request to the client application if the user selects ask me to be prompted to set their own Allow/Block policy for external contacts, and if the external contact or domain is not in either the Allowed or Blocked list for the user. The client application prompts the user to authorize or reject the subscription.
Note
Cisco Unified Presence uses a common user policies for both availability and instant messages.
Related Topics

Automatic Authorization on Cisco Unified Presence, page 6-39 Configuring the Authorization Policy on Cisco Unified Presence, page 6-41 For information on the Cisco Unified Presence User Options interface, see the User Guide for Cisco Unified Presence at this URL: http://www.cisco.com/en/US/products/ps6837/products_user_guide_list.html For information on the interdomain federation integration for Cisco Unified Presence, see the Integration Guide for Configuring Cisco Unified Presence for Interdomain Federation at this URL: http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_lis t.html
Configuring the Authorization Policy on Cisco Unified Presence

See the Online Help topic in the Cisco Unified Presence Administration interface for a definition of all the parameters on this window.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Presence > Settings. Configure the authorization setting as follows:
If You Want To...
Do This
Check Allow users to view the availability of Turn on automatic authorization so that other users without being prompted for Cisco Unified Presence automatically approval. authorizes all presence subscription requests it receives from both XMPP-based clients and SIP-based in the local enterprise. Turn off automatic authorization so that Cisco Unified Presence only supports XMPP-based clients, and sends all presence subscriptions to the client where the user is prompted to authorize or reject the presence subscription. Uncheck Allow users to view the availability of other users without being prompted for approval.
6-41
Chapter 6 How To Configure the Availability Settings on Cisco Unified Presence
Step 3 Step 4
Select Save. Restart the Cisco UP XCP Router service.
Related Topics

Restarting the Cisco UP XCP Router Service, page 6-2 Automatic Authorization on Cisco Unified Presence, page 6-39 Configuring Chat on Cisco Unified Presence, page 9-1
What To Do Next
Configuring the SIP Publish Trunk on Cisco Unified Presence, page 6-48
How To Configure the Availability Settings on Cisco Unified Presence

Turning On or Off Availability Sharing for a Cisco Unified Presence Cluster, page 6-42 Configuring the Do Not Disturb Settings on Cisco Unified Presence, page 6-43 Configuring the Temporary Presence Subscription Settings, page 6-44 Configuring the Maximum Contact List Size Per User, page 6-45 Configuring the Maximum Number of Watchers Per User, page 6-46
Turning On or Off Availability Sharing for a Cisco Unified Presence Cluster

This procedure describes how to turn on or off availability sharing for all client applications in a Cisco Unified Presence cluster. Availability sharing is turned on by default on Cisco Unified Presence.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Presence > Settings. Configure the availability setting as follows:
6-42
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network How To Configure the Availability Settings on Cisco Unified Presence
If You Want To...
Do This
Check Enable availability sharing. Turn on availability sharing in the Cisco Unified Presence cluster. If you turn on this setting, Cisco Unified Presence shares availability information for a user amongst all users in the cluster, based on the policy settings for that user. The default policy setting for a user is to allow all other users view their availability. Users configure their policy settings from either the client (Cisco Unified Personal Communicator) and the Cisco Unified Presence User Options interface. Turn off availability sharing for all clients in the Cisco Unified Presence cluster. If you turn off this setting, Cisco Unified Presence does not share any availability to other users in the Cisco Unified Presence cluster, nor does it share availability information it receives from outside the cluster. Users can only view their own availability status.
Step 3 Step 4
Uncheck Enable availability sharing.
Select Save. Restart the following services:

Cisco UP XCP Router Cisco UP Presence e Engine

When you turn off availability sharing, a user can view their own availability status on the client application; the availability status for all other users are greyed out. When you turn off availability sharing, when a user enters a chat room, their availability status shows a status of Unknown with a green icon.
Configuring the Do Not Disturb Settings on Cisco Unified Presence

You can configure global administrator-level Do Not Disturb (DND) availability states as an alternative to the Busy state for phone calls and meetings. Cisco Unified Presence then sets global administrator-level Do Not Disturb (DND) availability states on all instant message client applications. Note the following behavior for the DND feature:

Cisco Unified Presence does not pass the administrator-level DND status to associated devices for the user. The administrator-level DND settings impact future calls and meetings, not those calls and meetings in progress at the time that you configure the DND setting.
If you turn off availability sharing on Cisco Unified Presence, the DND settings only impact users when they view their own availability.
6-43
Chapter 6 How To Configure the Availability Settings on Cisco Unified Presence
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Presence > Settings. Configure the administrator-level DND setting as follows:
If You Want...
Do This
Cisco Unified Presence to display an availability status of Check Use DND status when user is on DND when users are on the phone. If you turn off (uncheck) the phone. this setting, Cisco Unified Presence displays a status of Busy when users are on the phone. By default, this setting is turned off. Cisco Unified Presence to display an availability status of Check Use DND status when user is in DND when users are in a meeting. If you turn off (uncheck) a meeting. this setting, Cisco Unified Presence displays a status of Busy when users are in a meeting. By default, this setting is turned off.
Step 3
Select Save.
Related Topic
Do Not Disturb Behavior of Cisco Unified Personal Communicator, page 13-11
Configuring the Temporary Presence Subscription Settings

Note
This section only applies if you deploy Cisco Unified Personal Communicator Release 8.5 or higher with Cisco Unified Presence. These settings allow Cisco Unified Personal Communicator users to initiate temporary presence subscriptions to users that are not on their contact list.
Procedure
Select Cisco Unified Presence Administration > Presence > Settings. Check Enable ad-hoc presence subscriptions to turn on temporary presence subscriptions for Cisco Unified Personal Communicator Release users. Configure the maximum number of active temporary subscriptions that Cisco Unified Presence permits at one time. If you configure a value of zero, Cisco Unified Presence permits an unlimited number of active temporary subscriptions. Configure the time-to-live value (in seconds) for the temporary presence subscriptions. When this time-to-live value expires, Cisco Unified Presence drops any temporary presence subscriptions and no longer temporarily monitors the availability status for that user.
Step 4
6-44
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network How To Configure the Availability Settings on Cisco Unified Presence
Note
If the time-to-live value expires while the user is still viewing an instant message from a temporary presence subscription, the availability status that displays may not be current. Select Save.
Step 5
You do not have to restart any services on Cisco Unified Presence for this setting, however Cisco Unified Personal Communicator users will have to sign out, and sign back in, to retrieve the latest temporary presence subscriptions settings on Cisco Unified Presence.
Configuring the Maximum Contact List Size Per User

You can configure the maximum contact list size for a user; this is the number of contacts the user can add to their contact list. This setting applies to the contact list on Cisco client applications such as Cisco Unified Personal Communicator, and on third-party client applications.
Note
Users who reach the maximum number of contacts are unable to add new contacts to their contact list, nor can other users add them as a contact.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Presence > Settings. Edit the value of the Maximum Contact List Size (per user) setting. The default value is 200. Select Save. Restart the Cisco UP XCP Router service.
Step 3 Step 4
If you upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.x, check that the contact list size for users has not reached the maximum value. The System Troubleshooter in Cisco Unified Presence Administration indicates if there are users who have reached the contact list limit. If a user is close to the maximum contact list size, and the user adds a group of contacts that pushes the contact list over the maximum number, Cisco Unified Presence does not add the surplus contacts. For example, if the maximum contact list size on Cisco Unified Presence is 200. A user has 195 contacts and attempts to add 6 new contacts to the list, Cisco Unified Presence adds five contacts and does not add the sixth contact.
Related Topics

Configuring the Maximum Number of Watchers Per User, page 6-46 Restarting the Cisco UP XCP Router Service, page 6-2 How to Perform Intercluster Upgrades, page 15-7
6-45
Chapter 6 Configuring a Cisco Unified Presence Server for Deployment in the Network How to Configure the Instant Messaging Settings on Cisco Unified Presence
Configuring the Maximum Number of Watchers Per User

You can configure the number of watchers for a user, specifically the maximum number of people that can subscribe to see the availability status for a user. This setting applies to the contact list on Cisco clients such as Cisco Unified Personal Communicator, and on third-party clients.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Presence > Settings. Edit the value of the Maximum Watchers (per user) setting. The default value is 200. Select Save. Restart the Cisco UP XCP Router service.
Step 3 Step 4
How to Configure the Instant Messaging Settings on Cisco Unified Presence

Turning On or Off Instant Messaging for a Cisco Unified Presence Cluster, page 6-46 Turning On or Off Offline Instant Messaging, page 6-47 Allowing Clients to Log Instant Message History, page 6-48
Turning On or Off Instant Messaging for a Cisco Unified Presence Cluster

This procedure describes how to turn on or off instant message capabilities for all client applications in a Cisco Unified Presence cluster. Instant message capabilities is turned on by default on Cisco Unified Presence.
Caution
When you turn off instant message capabilities on Cisco Unified Presence, all group chat functionality (adhoc and persistent chat) will not work on Cisco Unified Presence. We recommend that you do not turn on the Cisco UP XCP Text Conference service or configure an external database for persistent chat on Cisco Unified Presence.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Messaging > Settings. Configure the instant messaging setting as follows:
6-46
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network How to Configure the Instant Messaging Settings on Cisco Unified Presence
If You Want To...
Do This
Turn on instant message capabilities for client applications in Check Enable instant messaging. the Cisco Unified Presence cluster. If you turn on this setting, local users of client applications can send and receive instant messages. Turn off instant message capabilities for client applications in Uncheck Enable instant messaging. the Cisco Unified Presence cluster. If you turn off this setting, local users of client applications cannot send and receive instant messages.Users can only use the instant messaging application for availability and phone operations. If you turn off this setting, users do not receive instant messages from outside the cluster.
Step 3 Step 4
Select Save. Restart the Cisco UP XCP Router service.
Turning On or Off Offline Instant Messaging

By default Cisco Unified Presence stores (locally) any instant messages that are sent to a user when they are offline, and Cisco Unified Presence delivers these instant messages to the user the next time they sign in to the client application. You can turn off (suppress) this feature so Cisco Unified Presence does not store offline instant messages. For example, in large deployments, this feature could require significant message storage, so you may want to suppress offline instant messages to increase performance.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Messaging > Settings. Configure the offline instant messaging setting as follows:
If You Want To... Turn off the storage of offline instant messages on Cisco Unified Presence. If you check this setting, any instant messages that are sent to a user when they are offline, Cisco Unified Presence does not deliver these instant messages to the user the next time they sign in to the client application.
Do This Check Suppress Offline Instant Messaging.
Uncheck Suppress Offline Instant Turn on the storage of offline instant messages on Cisco Unified Presence If you uncheck this setting, any instant Messaging. messages that are sent to a user when they are offline, Cisco Unified Presence delivers these instant messages to the user the next time they sign in to the client application.
6-47
Chapter 6 Configuring the SIP Publish Trunk on Cisco Unified Presence
Step 3
Select Save.
Allowing Clients to Log Instant Message History

You can prevent or allow users to log instant message history locally on their computer. On the client side, the application must support this functionality; it must enforce the prevention of instant message logging.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Messaging > Settings. Configure the log instant message history setting as follows:
If You Want To... Allow users of client applications to log instant message history on Cisco Unified Presence. Prevent users of client applications from logging instant message history on Cisco Unified Presence.
Do This Check Allow clients to log instant message history (on supported clients only). Uncheck Allow clients to log instant message history (on supported clients only).
Step 3
Select Save.
Configuring the SIP Publish Trunk on Cisco Unified Presence

When you turn on this setting, Cisco Unified Communications Manager publishes phone presence for all line appearances that are associated with Cisco Unified Presence licensed users. This procedure is the same operation as assigning a SIP trunk as the CUP PUBLISH trunk in Cisco Unified Communications Manager service parameters.
Procedure
Select Cisco Unified Presence Administration > Presence > Settings. Check Enable SIP Publish on CUCM. Select a SIP Trunk from the CUCM SIP Publish Trunk menu. Select Save.
6-48
Chapter 6
Configuring a Cisco Unified Presence Server for Deployment in the Network Configuring the Proxy Server Settings
Configuring the Proxy Server Settings

Procedure
Select Cisco Unified Presence Administration > Presence > Routing > Settings. Select On for the Method/Event Routing Status. Select Default SIP Proxy TCP Listener for the Preferred Proxy Server. Select Save.
What To Do Next

How to Configure Cisco IP PhoneMessenger on Cisco Unified Presence, page 10-3, or About Configuring Cisco Unified Personal Communicator on Cisco Unified Presence, page 11-19
How to Turn On the Cisco Unified Presence Services

Turning On the Sync Agent, page 6-49 Turning On the Cisco Unified Presence Services, page 6-50
Turning On the Sync Agent

We recommend that you turn on the Sync Agent on all Cisco Unified Presence nodes in the cluster. Before You Begin

Configure the topology for your deployment before starting the Sync Agent. If you deploy the Cisco Unified Personal Communicator client with Cisco Unified Presence, and you configure system-wide default application profiles (LDAP, CTI Gateway, Voicemail, Conferencing profiles) for your users, configure and enable the default profiles before you activate the Sync Agent.
Procedure
Select Cisco Unified Presence Administration > System > Service Parameters. Select the Cisco Unified Presence server from the Server menu. Select Cisco UP Sync Agent server from the Service menu. Select a value for the User Assignment Mode as follows:
If set to Balanced, the Sync Agent synchronizes user information to Cisco Unified Presence, and then assigns the users to each node in an attempt to balance the user assignment evenly across all nodes. If set to Active/Standby, the Sync Agent synchronizes user information to Cisco Unified Presence, and assigns the total number of users to the first node of a subcluster only. If there is only a single node in the subcluster, the Sync Agent uses this node for assignment regardless of the location of the node within the subcluster.
6-49
Chapter 6 How to Turn On the Cisco Unified Presence Services
If set to None, the Sync Agent synchronizes user information to Cisco Unified Presence but does not assign any users. You must manually assign your users to nodes using the system topology interface
Step 5
Select Save.
Related Topics

How to Configure the Cluster Topology on Cisco Unified Presence, page 6-3 Configuring Basic Features for Cisco Unified Personal Communicator, page 11-1 Turning On the Cisco Unified Presence Services, page 6-50
Turning On the Cisco Unified Presence Services

The procedure below lists out the services that you need to turn on when you deploy a basic Cisco Unified Presence configuration. You need to turn on these services on each node in your Cisco Unified Presence cluster. There are other optional Cisco Unified Presence services that you may need to turn on depending on the additional features that you deploy on Cisco Unified Presence. See the Cisco Unified Presence documentation relating to those specific features for further details. The Cisco UP XCP Router service must be running for a basic Cisco Unified Presence deployment. Cisco Unified Presence turns on the Cisco UP XCP Router by default. Verify that this network service is on by selecting Cisco Unified Presence Serviceability > Control Center - Network Services.
Procedure
Select Cisco Unified Presence Serviceability > Tools > Service Activation. Select the Cisco Unified Presence server from the Server menu. For a basic Cisco Unified Presence deployment, turn on the following services:

Cisco UP SIP Proxy Cisco UP Presence Engine Cisco UP Sync Agent Cisco UP XCP Counter Aggregator
Step 4
Select Save.
Related Topics

Serviceability Configuration and Maintenance Guide for Cisco Unified Presence Turning On the Sync Agent, page 6-49
6-50
CH A P T E R
Configuring Security on Cisco Unified Presence

November 21, 2011
Cisco Unified Presence Certificate Types, page 7-1 How to Configure the Certificate Exchange Between Cisco Unified Presence and Cisco Unified Communications Manager, page 7-2 How to Configure the SIP Security Settings on Cisco Unified Presence, page 7-5 How to Configure the XMPP Security Settings on Cisco Unified Presence, page 7-7
Cisco Unified Presence Certificate Types

This section describes the different certificates required for the clients and services on Cisco Unified Presence.
Table 7-1 Certificate Types for Client Applications on Cisco Unified Presence
Client SIP client (Cisco Unified Personal Communicator Release 7.x, IPPM, Cisco Unified Communications Manager)
Certificate tomcat
XMPP client (Cisco Unified Personal Communicator Release 8.0, cup-xmpp third-party client)
Table 7-2
Certificate Types for Cisco Unified Presence Services
Service SIP Proxy Presence Engine SOAP AXL LDAP
Certificate cup cup tomcat tomcat tomcat
Certificate Trust Store cup-trust cup-trust directory-trust directory-trust directory-trust
Notes
LDAP uses the tomcat certificate because directory/directory-trust is now tomcat/ttrust.
7-1
Chapter 7 Configuring Security on Cisco Unified Presence How to Configure the Certificate Exchange Between Cisco Unified Presence and Cisco Unified Communications
Table 7-2
Certificate Types for Cisco Unified Presence Services
Service Microsoft Exchange Microsoft OCS/LCS Call Control SIP Federation XMPP Federation
Certificate cup cup Cup-xmpp-s2s
Certificate Trust Store cup-trust cup-trust cup-trust cup-xmpp-trust
Notes
The trust certificates for cup-xmpp-s2s are stored in cup-xmpp-trust along with the general XMPP trust certificates.
Related Topics

(Cisco Unified Personal Communicator Release 8.x) Configuring Settings, page 11-21 How to Configure the XMPP Security Settings on Cisco Unified Presence, page 7-7 Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory, page 14-6
How to Configure the Certificate Exchange Between Cisco Unified Presence and Cisco Unified Communications Manager
This module describes the exchange of self-signed certificates between the Cisco Unified Communications Manager server and the Cisco Unified Presence server. You can use the Certificate Import Tool on Cisco Unified Presence to automatically import the Cisco Unified Communications Manager certificate to Cisco Unified Presence. However, you must manually upload the Cisco Unified Presence certificate to Cisco Unified Communications Manager. Only perform these procedures if you require a secure connection between Cisco Unified Presence and Cisco Unified Communications Manager.

Prerequisites for Configuring Security, page 7-2 Importing the Cisco Unified Communications Manager Certificate to Cisco Unified Presence, page 7-3 Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager, page 7-4 Downloading the Certificate from Cisco Unified Presence, page 7-4 Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager, page 7-4 Restarting the Cisco Unified Communications Manager Service, page 7-5
Prerequisites for Configuring Security

Configure the following items on Cisco Unified Communications Manager:
Configure a SIP security profile for Cisco Unified Presence.
7-2
Chapter 7
Configuring Security on Cisco Unified Presence How to Configure the Certificate Exchange Between Cisco Unified Presence and Cisco Unified Communications
Configure a SIP trunk for Cisco Unified Presence:

Associate the security profile with the SIP trunk. Configure the SIP trunk with the subject Common Name (CN) of Cisco Unified Presence
certificate.
Related Topic
Importing the Cisco Unified Communications Manager Certificate to Cisco Unified Presence
Procedure
Select Cisco Unified Presence Administration > System > Security > Certificate Import Tool. Select CUP Trust from the Certificate Trust Store menu. Enter the IP address, hostname or FQDN of the Cisco Unified Communications Manager server. Enter a port number to communicate with the Cisco Unified Communications Manager server. Select Submit.
Once the Certificate Import Tool completes the import operation, it reports whether or not it successfully connected to Cisco Unified Communications Manager, and whether or not it successfully downloaded the certificate from Cisco Unified Communications Manager. If the Certificate Import Tool reports a failure, see the Online Help for a recommended action. You can also manually import the certificate by selecting Cisco Unified OS Administration > Security > Certificate Management.
What To Do Next
Restarting the SIP Proxy Service, page 7-3
Restarting the SIP Proxy Service

Before You Begin
Import the Cisco Unified Communications Manager certificate to Cisco Unified Presence.
Procedure
Select Cisco Unified Serviceability > Tools > Control Center - Feature Services on Cisco Unified Presence, Select Cisco UP SIP Proxy. Select Restart.
7-3
Chapter 7 Configuring Security on Cisco Unified Presence How to Configure the Certificate Exchange Between Cisco Unified Presence and Cisco Unified Communications
What To Do Next
Downloading the Certificate from Cisco Unified Presence, page 7-4
Downloading the Certificate from Cisco Unified Presence

Procedure
Select Cisco Unified OS Administration > Security > Certificate Management on Cisco Unified Presence. Select Find. Select the cup.pem file. Select Download and save the file to your local computer.
Ignore any errors that Cisco Unified Presence displays regarding access to the cup.csr file; The CA (Certificate Authority) does not need to sign the certificate that you exchange with Cisco Unified Communications Manager.
What To Do Next
Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager, page 7-4
Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager
Before You Begin
Download the certificate from Cisco Unified Presence.

Procedure
Select Cisco Unified OS Administration > Security > Certificate Management on Cisco Unified Communications Manager. Select Upload Certificate. Select Callmanager-trust from the Certificate Name menu. Browse and select the certificate (.pem file) previously downloaded from Cisco Unified Presence. Select Upload File.
Related Topic
Downloading the Certificate from Cisco Unified Presence, page 7-4

What To Do Next
Restarting the Cisco Unified Communications Manager Service, page 7-5
7-4
Chapter 7
Configuring Security on Cisco Unified Presence How to Configure the SIP Security Settings on Cisco Unified Presence
Restarting the Cisco Unified Communications Manager Service

Before You Begin
Upload the Cisco Unified Presence certificate to Cisco Unified Communications Manager.
Procedure.
Select Cisco Unified Serviceability > Tools > Control Center - Feature Services. on Cisco Unified Communications Manager. Select Cisco CallManager. Select Restart.
Related Topic
Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager, page 7-4
What To Do Next
How to Configure the SIP Security Settings on Cisco Unified Presence, page 7-5
How to Configure the SIP Security Settings on Cisco Unified Presence

Configuring a TLS Peer Subject, page 7-5 Configuring a TLS Context, page 7-6 Configuring the SIP Proxy-to-Proxy Intracluster Protocol Type, page 7-6
Configuring a TLS Peer Subject

When you import a Cisco Unified Presence certificate, Cisco Unified Presence automatically attempts to add the TLS peer subject to the TLS peer subject list, and to the TLS context list. Verify the TLS peer subject and TLS context configuration is set up to your requirements.
Procedure
Select Cisco Unified Presence Administration > System > Security > TLS Peer Subjects. Select Add New. Perform one of the following actions for the Peer Subject Name:
a. b.
Enter the subject CN of the certificate that the server presents. Open the certificate, look for the CN and paste it here.
Step 4
Enter the name of the server in the Description field.
7-5
Chapter 7 How to Configure the SIP Security Settings on Cisco Unified Presence
Step 5
Select Save.
What To Do Next
Configuring a TLS Context, page 7-6
Configuring a TLS Context

When you import a Cisco Unified Presence certificate, Cisco Unified Presence automatically attempts to add the TLS peer subject to the TLS peer subject list, and to the TLS context list. Verify the TLS peer subject and TLS context configuration is set up to your requirements.
Before You Begin
Configure a TLS peer subject on Cisco Unified Presence.

Procedure
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8
Select Cisco Unified Presence Administration > System > Security > TLS Context Configuration. Select Find. Select Default_Cisco_UPS_SIP_Proxy_Peer_Auth_TLS_Context. From the list of available TLS peer subjects, select the TLS peer subject that you configured. Move this TLS peer subject to Selected TLS Peer Subjects. Select Save. Select Cisco Unified Presence Serviceability > Tools > Service Activation. Restart the Cisco Unified Presence SIP Proxy service.
You must restart the SIP proxy service before any changes that you make to the TLS context take effect.
Related Topics

Configuring a TLS Peer Subject, page 7-5 Restarting the SIP Proxy Service, page 7-3
Configuring the SIP Proxy-to-Proxy Intracluster Protocol Type

Select the protocol that Cisco Unified Presence uses to route SIP messages securely in an intracluster deployment. The default value is the TLS protocol. Use TLS if a cluster node sends traffic over a unsecured network and you want a secure (encrypted) connection channel.
Procedure
Step 1
Select System > Security > General Settings.
7-6
Chapter 7
Configuring Security on Cisco Unified Presence How to Configure the XMPP Security Settings on Cisco Unified Presence
Step 2 Step 3
Select a protocol type from the SIP Intra-cluster Proxy-to-Proxy Transport Protocol menu. Select Save.
You must restart the SIP proxy service before any changes that you make to the SIP proxy protocol take effect.
Related Topic
Restarting the SIP Proxy Service, page 7-3
How to Configure the XMPP Security Settings on Cisco Unified Presence

XMPP Security Modes, page 7-7 Configuring the XMPP Certificate Settings, page 7-8
XMPP Security Modes

Cisco Unified Presence provides increased security for XMPP-based configuration.Table 7-3 describes these XMPP secure modes. To configure the XMPP secure modes on Cisco Unified Presence, select Cisco Unified Presence Administration > System > Security > Settings.
Table 7-3 XMPP Secure Mode Descriptions
Secure Mode Enable XMPP Client To CUP Secure Mode
Description If you turn on this setting, Cisco Unified Presence establishes a secure TLS connection between the Cisco Unified Presence servers and XMPP client applications in a cluster. Cisco Unified Presence turns on this secure mode by default. We recommend that you do not turn off this secure mode unless the XMPP client application can protect the client login credentials in non-secure mode. If you do turn off the secure mode, verify that you can secure the XMPP client-to-server communication in some other way.
7-7
Chapter 7 How to Configure the XMPP Security Settings on Cisco Unified Presence
Secure Mode Enable XMPP Router-to-Router Secure Mode
Description If you turn on this setting, Cisco Unified Presence establishes a secure TLS connection between XMPP routers in the same cluster, or in different clusters. Cisco Unified Presence automatically replicates the XMPP certificate within the cluster, and across clusters, as an XMPP trust certificate. An XMPP router will attempt to establish a TLS connection with any other XMPP router that is in the same cluster, or a different cluster, and is available to establish a TLS connection. If you turn on this setting, Cisco Unified Presence establishes a secure TLS connection between the Cisco Unified Presence servers and XMPP-based API client applications.If you turn on this setting, upload the certificates or signing certificates for the web client in the cup-xmpp-trust repository on Cisco Unified Presence.
Enable Web Client to CUP Secure Mode
If you update the XMPP security settings, perform one of these actions:

If you are running Cisco Unified Presence Release 8.0(x), restart the Cisco UP XCP Router. Select Cisco Unified Serviceability > Tools > Control Center - Network Services to restart this service. If you are running Cisco Unified Presence Release 8.5(x), restart the services as follows:
Restart the Cisco UP XCP Connection Manager if you edit Enable XMPP Client To CUP
Secure Mode. Select Cisco Unified Serviceability > Tools > Control Center - Feature Services to restart this service.
Restart the Cisco UP XCP Router if you edit the Enable XMPP Router-to-Router Secure
Mode. Select Cisco Unified Serviceability > Tools > Control Center - Network Services to restart this service.
Restart the Cisco UP XCP Web Connection Manager if you edit Enable Web Client To CUP
Secure Mode. Select Cisco Unified Serviceability > Tools > Control Center - Feature Services to restart this service.
Related Topics

Integrating Third-Party XMPP Client Applications on Cisco Unified Presence, page 8-1 Configuring the XMPP Certificate Settings, page 7-8
Configuring the XMPP Certificate Settings

Procedure
Select Cisco Unified Presence Administration > System > Security > Settings. Enter a server-to-server domain name for this Cisco Unified Presence cluster, for example, cisco.com. Check Use Domain Name for XMPP Certificate Subject Common Name if you want the general XMPP certificate to use the same Domain Name as the XMPP server-to-server certificate. Select Save.
7-8
Chapter 7
Configuring Security on Cisco Unified Presence How to Configure the XMPP Security Settings on Cisco Unified Presence
Step 5
Restart the Cisco UP XCP Router service. Select Cisco Unified Serviceability > Tools > Control Center - Network Services > Cisco UP XCP Router to restart this service.
If you change the server-to-server domain name value, you must regenerate affected XMPP S2S certificates before you restart the Cisco UP XCP Router service.
Related Topic
XMPP Security Modes, page 7-7
7-9
Chapter 7 How to Configure the XMPP Security Settings on Cisco Unified Presence
7-10
CH A P T E R
Integrating Third-Party XMPP Client Applications on Cisco Unified Presence

November 21, 2011
About Third-Party Client Integration, page 8-1 Configuring a Secure Connection between Cisco Unified Presence and XMPP Clients, page 8-3 Turning On Cisco Unified Presence Services to Support XMPP Clients, page 8-4
About Third-Party Client Integration

Supported Third-Party XMPP Clients, page 8-1 License Requirements for Third-Party Clients, page 8-2 XMPP Client Integration on Cisco Unified Communications Manager, page 8-2 LDAP Integration for XMPP Contact Search, page 8-2 Domain Name for XMPP Clients, page 8-2 DNS Configuration for XMPP Clients, page 8-2
Supported Third-Party XMPP Clients

Cisco Unified Presence supports standards-based XMPP to enable third-party XMPP client applications to integrate with Cisco Unified Presence for availability and instant messaging (IM) services. Third-party XMPP clients must comply with the XMPP standard as outlined in the Cisco Software Development Kit (SDK). This module describes the configuration requirements for integrating XMPP clients with Cisco Unified Presence. If you are integrating XMPP-based API (web) client applications with Cisco Unified Presence, also see developer documentation for Cisco Unified Presence APIs on the Cisco Developer Portal.
Related Topic
Cisco Developer portal: http://developer.cisco.com/
8-1
Chapter 8 About Third-Party Client Integration
License Requirements for Third-Party Clients

For each user of an XMPP client application, you require a Cisco Unified Presence user feature license. The Cisco Unified Presence user feature license consumes one Cisco Unified Communications Manager Device License Unit (DLU). On Cisco Unified Communications Manager, you will need to upload the user DLU, and assign Cisco Unified Presence capabilities to the user.
Related Topics

Uploading a License File on Cisco Unified Communications Manager, page 2-8 Assigning the Licensing Capabilities on Cisco Unified Communications Manager, page 2-9
XMPP Client Integration on Cisco Unified Communications Manager

Before you integrate an XMPP client, perform the following tasks on Cisco Unified Communications Manager:

Configure the licensing requirements. Upload the user DLU, and then assign Cisco Unified Presence capabilities for the user. Configure the users and devices. Associate a device with each user, and associate each user with a line appearance.
Related Topics

Configuring the Licensing for this Integration, page 2-1 User and Device Configuration on Cisco Unified Communications Manager, page 3-1.
LDAP Integration for XMPP Contact Search

To allow users of the XMPP client applications to search and add contacts from an LDAP directory, configure the LDAP settings for XMPP clients on Cisco Unified Presence.
Related Topics
How to Integrate the LDAP Directory for Contact Searches on XMPP Clients, page 14-13
Domain Name for XMPP Clients

The domain name on the XMPP client, specifically the XMPP connection attempt domain name, must match the domain on Cisco Unified Presence. To verify the domain value on Cisco Unified Presence, select Cisco Unified Presence Administration > System > Cluster Topology, select Settings in the right pane, and verify the Domain Name value.
DNS Configuration for XMPP Clients

You must enable DNS SRV in your deployment when you integrate XMPP clients with Cisco Unified Presence. The XMPP client performs a DNS SRV query to find an XMPP server (Cisco Unified Presence) to communicate with, and then performs a record lookup of the XMPP server to get the IP address.
8-2
Chapter 8
Integrating Third-Party XMPP Client Applications on Cisco Unified Presence Configuring a Secure Connection between Cisco Unified Presence and XMPP Clients
Configuring a Secure Connection between Cisco Unified Presence and XMPP Clients
Procedure
Step 1 Step 2
Cisco Unified Presence Administration > System > Security > Settings Perform these configuration steps:
If You Want To...
Do This
Establish a secure TLS connection between Cisco Select Enable XMPP Client To CUP Secure Unified Presence and XMPP client applications in Mode. a cluster. We recommend that you do not turn off this secure mode unless the XMPP client application can protect the client login credentials in non-secure mode. If you do turn off the secure mode, verify that you can secure the XMPP client-to-server communication in some other way. Establish a secure TLS connection between Cisco Select Enable Web Client To CUP Secure Unified Presence and XMPP-based API client Mode. applications in a cluster. If you turn on this setting, upload the certificates or signing certificates for the web client in the cup-xmpp-trust repository on Cisco Unified Presence.
Step 3
Select Save.
I f you update the XMPP security settings, perform one of these actions:

If you are running Cisco Unified Presence Release 8.0(x), restart the Cisco UP XCP Router. If you are running Cisco Unified Presence Release 8.5(x), restart the following services:
Restart the Cisco UP XCP Connection Manager if you edit Enable XMPP Client To CUP
Secure Mode. Select Cisco Unified Serviceability > Tools > Control Center - Feature Services to restart this service
Restart the Cisco UP XCP Web Connection Manager if you edit Enable Web Client To CUP
Secure Mode. Select Cisco Unified Serviceability > Tools > Control Center - Feature Services to restart this service
What To Do Next
Turning On Cisco Unified Presence Services to Support XMPP Clients, page 8-4
Related Topics
About Third-Party Client Integration, page 8-1
8-3
Chapter 8 Turning On Cisco Unified Presence Services to Support XMPP Clients
Turning On Cisco Unified Presence Services to Support XMPP Clients

Note
Perform this procedure on each node in your Cisco Unified Presence cluster.
Procedure
Select Cisco Unified Serviceability > Tools > Service Activation. Select the Cisco Unified Presence server from the Server menu. Turn on the following services:

Cisco UP XCP Connection Manager - Turn on this service if you are integrating XMPP clients (such as Cisco Unified Personal Communicator), or XMPP-based API clients, on Cisco Unified Presence Cisco UP XCP Authentication Service - Turn on this service if you are integrating XMPP clients (such as Cisco Unified Personal Communicator), or XMPP-based API clients, on Cisco Unified Presence. Cisco UP XCP Web Connection Manager - Optionally, turn on this service if you are integrating XMPP clients (such as Cisco Unified Personal Communicator), or XMPP-based API clients, on Cisco Unified Presence.
Step 4
Select Save.
For XMPP clients to function correctly, make sure you turn on the Cisco UP XCP Router on all nodes in your cluster.
Related Topics

About Third-Party Client Integration, page 8-1 Configuring a Secure Connection between Cisco Unified Presence and XMPP Clients, page 8-3
8-4
CH A P T E R

November 21, 2011
About Chat, page 9-1 How to Configure Chat Settings on Cisco Unified Presence, page 9-3 How to Manage Chat Node Aliases, page 9-6 Sample Deployments, page 9-11
About Chat

Chat, page 9-1 IM Forking, page 9-2 Offline IM, page 9-2 Broadcast IM, page 9-2 Chat Rooms on Cisco Unified Presence, page 9-2 Chat Room Limits, page 9-3 File Transfer, page 9-3 Important Notes About Cisco Unified Presence Service and Chat, page 9-3
Chat
Point-to-point Instant Messaging (IM) supports real-time conversations between two users at a time. Cisco Unified Presence exchanges messages directly between users, from the sender to the recipient. Users must be online in their IM clients to exchange point-to-point IMs. From Cisco Unified Presence Release 8.5(x), you can disable both the chat and availability functionality on Cisco Unified Presence.
Related Topics

Turning On or Off Instant Messaging for a Cisco Unified Presence Cluster, page 6-46 Turning On or Off Availability Sharing for a Cisco Unified Presence Cluster, page 6-42
9-1
Chapter 9 About Chat
IM Forking
When a user sends an IM to a contact who is signed in to multiple IM clients. Cisco Unified Presence delivers the IM to each client. This functionality is called IM forking. Cisco Unified Presence continues to fork IMs to each client, until the contact replies. Once the contact replies, Cisco Unified Presence only delivers IMs to the client on which the contact replied.
Note
IM forking is not supported when using Cisco IP PhoneMessenger (IPPM) with Cisco Unified Personal Communicator Release 7.0. From Cisco Unified Presence Release 8.5(x), you can disable offline instant messaging on Cisco Unified Presence.
Related Topics
Turning On or Off Offline Instant Messaging, page 6-47
Offline IM
Offline IM is the ability to send IMs to a contact when they are offline. When a user sends an IM to an offline contact, Cisco Unified Presence stores the IM and delivers the IM when the offline contact signs in to an IM client.
Broadcast IM
Broadcast IM is the ability to send an IM to multiple contacts at the same time, for example, a user wants to send a notification to a large group of contacts. Note that not all IM clients support this feature.
Chat Rooms on Cisco Unified Presence

Cisco Unified Presence supports IM exchange in both temporary (ad-hoc) chat rooms and persistent (persistent) chat rooms. By default, the Text Conference (TC) component on Cisco Unified Presence is set up and configured to handle IM exchange in temporary (ad-hoc) chat rooms. There are additional requirements you must configure to support persistent chat rooms, described further in this module. Temporary chat rooms are IM sessions that remain in existence only as long as one person is still connected to the chat room, and are deleted from the system when the last user leaves the room. Records of the IM conversation are not maintained permanently. Persistent chat rooms are persistent IM sessions that remain in existence even when all users have left the room and do not terminate like temporary IM sessions. The intent is that users will return to persistent chat rooms over time to collaborate and share knowledge of a specific topic, search through archives of what was said on that topic (if this feature is enabled on Cisco Unified Presence), and then participate in the discussion of that topic in real-time. The TC component on Cisco Unified Presence enables users to:

create new rooms, and manage members and configurations of the rooms they create. invite other users to rooms.
9-2
Chapter 9
Configuring Chat on Cisco Unified Presence How to Configure Chat Settings on Cisco Unified Presence
determine the presence status of the members displayed within the room. The presence status displayed in a room confirms the attendance of the member in a room but may not reflect their overall presence status. search for and join existing chat rooms. store a transcript of the chat and make the message history available for searching.
In addition, the Persistent Chat feature on Cisco Unified Presence allows users to:

Chat Room Limits

Number Of... Persistent chat rooms per node Total rooms per node (temporary and persistent) Occupants per room Messages that appear in chat history. Maximum 1500 rooms 16500 rooms 1000 occupants 100 messages
Note
The default value is 15 messages.
File Transfer
Cisco Unified Presence Release 8.0(x) support point to point file transfer between XMPP clients that are compliant with XEP 096 (http://xmpp.org/extensions/xep-0096.html).
Important Notes About Cisco Unified Presence Service and Chat

For SIP to SIP IM, the following services must be running on Cisco Unified Presence:

Cisco UP SIP Proxy Cisco UP Presence Engine Cisco UP XCP Router
For SIP to XMPP IM, the following services must be running on Cisco Unified Presence:

Cisco UP SIP Proxy Cisco UP Presence Engine Cisco UP XCP Router Cisco UP XCP Text Conference Manager
How to Configure Chat Settings on Cisco Unified Presence
Configuring the Service Parameters for the IM Gateway, page 9-4
9-3
Chapter 9 How to Configure Chat Settings on Cisco Unified Presence
Configuring Persistent Chat Room Settings, page 9-4
Configuring the Service Parameters for the IM Gateway

Users of SIP IM clients must be able to exchange bi-directional IMs with users of XMPP IM clients. Turn on the SIP-to-XMPP connection on the Cisco Unified Presence IM Gateway for IM interoperability between SIP and XMPP clients.
Restriction
SIP clients cannot participate in chat rooms because this is an XMPP-specific feature.
Before You Begin
The IM gateway is turned on by default. We recommend that you leave it on. Only turn it off if you want to actively prevent XMPP and SIP client communication.
Procedure
Select Cisco Unified Presence Administration > System > Service Parameters. Select a Cisco Unified Presence server from the Server menu. Select Cisco UP SIP Proxy as the service on the Service Parameter Configuration window. Set IM Gateway Status to On in the SIP XMPP IM Gateway (Clusterwide) section. Set the Inactive Timeout interval (in seconds) of IM conversations maintained by the gateway. The default setting is 600 seconds, which is appropriate to most environments. Specify the error message that you want users to see if the IM fails to deliver. Default error message: Your IM could not be delivered. Select Save.
What To Do Next
Configuring Persistent Chat Room Settings, page 9-4
Configuring Persistent Chat Room Settings

You need only configure persistent chat settings if you use persistent chat rooms as opposed to temporary (ad-hoc) chat rooms. This configuration is specific to persistent chat and has no impact on IM archiving for regulatory compliance.
Restriction
SIP clients cannot participate in chat rooms because this is an XMPP-specific feature.
Before You Begin
To use persistent chat rooms, you must configure a unique external database instance per node.
9-4
Chapter 9
Configuring Chat on Cisco Unified Presence How to Configure Chat Settings on Cisco Unified Presence
If you use an external database for persistent chat logging, consider the size of your database. Archiving all the messages in a chat room is optional, and will increase traffic on the node and consume space on the external database disk. In large deployments, disk space could be quickly consumed. Ensure that your database is large enough to handle the volume of information. Before you configure the number of connections to the external database, consider the number of IMs you are writing offline and the overall volume of traffic that results. The number of connections that you configure will allow the system to scale. While the default settings on the UI suit most installations, you may want to adapt the parameters for your specific deployment. The heartbeat interval is typically used to keep connections open through firewalls. Do not set the Database Connection Heartbeat Interval value to zero without contacting Cisco support.
Procedure
Select Cisco Unified Presence Administration > Messaging > Group Chat and Persistent Chat. Check Enable Persistent Chat. (Optional) Specify how to store chat room messages, if required:
a. b. c.
Check Archive all room messages if you want to archive all the messages that are sent in the room. This is a cluster-wide setting that applies to all persistent chat rooms. Enter the number of connections to the database that you to want to use for processing requests. This is a cluster-wide setting that applies to all connections between chat nodes and associated databases. Enter the number of seconds after which the database connection should refresh. This is a cluster-wide setting that applies to all connections between chat nodes and associated databases.
Step 4
Select from the list of preconfigured external databases and assign the appropriate database to the chat node.
If you turn on the Archive all messages in a room setting, we recommend that you monitor the performance of each external database used for persistent chat. You should anticipate an increased load on the database server(s). If you enable persistent chat rooms, but do not establish the correct connection with the external database, the chat node will fail. Under these circumstances, you will lose the functionality of all chat rooms - both temporary and persistent. If a chat node establishes a connection (even if other chat nodes fail), it will still start. Click the hyperlink if you need to edit the chat node details in the Cluster Topology Details window. If you update any of the Persistent Chat settings, perform one of these actions:
If you are running Cisco Unified Presence Release 8.0(x), restart the Cisco UP XCP Router.
Select Cisco Unified Serviceability > Tools > Control Center - Network Services to restart this service
If you are running Cisco Unified Presence Release 8.5(x), restart the Cisco UP XCP Text
Conference Manager. Select Cisco Unified Serviceability > Tools > Control Center - Feature Services to restart this service.
Related Topics
Configuring the Service Parameters for the IM Gateway, page 9-4
9-5
Chapter 9 How to Manage Chat Node Aliases
How to Manage Chat Node Aliases, page 9-6 To configure an external database instance for offline message logging and retrieval, see the Database Setup Guide for Cisco Unified Presence. For more information about IM compliance using either Message Archiver or a third-party compliance server, see the Instant Messaging Compliance Guide for Cisco Unified Presence.
What To Do Next
Turning On the Cisco UP XCP Text Conference Service, page 9-10.
How to Manage Chat Node Aliases

Chat Node Aliases, page 9-6 Key Considerations, page 9-7 Turning On System-Generated Aliases, page 9-7 Managing Chat Node Aliases Manually, page 9-8 Turning On the Cisco UP XCP Text Conference Service, page 9-10
Chat Node Aliases

Aliases create a unique address for each chat node so that users (in any domain) can search for specific chat rooms on specific nodes, and join chat in those rooms. Each chat node in a system must have a unique alias.
Note
This chat node alias, conference-3-mycup.cisco.com, for example, will form part of the unique ID for each chat room created on that node, [email protected] You can assign your aliases cluster-wide, in these ways:
System-generatedallows the system to automatically assign a unique alias to each chat node.You do not have do to anything further to address your chat node if you enable the system-generated aliases. The system will auto-generate one alias per chat node by default using the following naming convention: conference-x-clusterid.domain, where:
conference - is a hardcoded keyword x- is the unique integer value that denotes the node ID Example: conference-3-mycup.cisco.com
ManuallyYou may choose to override the default system-generated alias if the conference-x-clusterid.domain naming convention does not suit your customer deployment, for example, if you do not want to include the Cluster ID in your chat node alias. With manually-managed aliases, you have complete flexibility to name chat nodes using aliases that suit your specific requirements. Additional AliasesYou can associate more than one alias with each chat node on a per-node basis. Multiple aliases per node allows users to create additional chat rooms using these aliases. This applies whether you assign a system-generated alias or manage your aliases manually.
9-6
Chapter 9
Configuring Chat on Cisco Unified Presence How to Manage Chat Node Aliases
Key Considerations
Changing chat node aliases can make the chat rooms in the database unaddressable and prevent your users from finding existing chat rooms. Note these results before you change the constituent parts of aliases or other node dependencies:
Cluster ID - This value is part of the fully qualified cluster name (FQCN). Changing the Cluster ID (select System > Cluster Topology: Settings) causes the FQCN to incorporate the new value and the system-managed alias to automatically change across the cluster. For manually-managed aliases, it is the responsibility of the Administrator to manually update the alias list if the Cluster ID changes. Domain - This value is part of the FQCN. Changing the Domain (select System > Service Parameters > Cisco UP Proxy) causes the FQCN to incorporate the new value and the system-managed alias to automatically change across the cluster. For manually-managed aliases, it is the responsibility of the Administrator to manually update the alias list if the Domain changes. Connection between the chat node and external database - The chat node will not start if persistent chat is enabled and you do not maintain the correct connection with the external database. Deletion of a chat node - If you delete a node associated with an existing alias from the Cluster Topology, chat rooms created using the old alias may not be addressable unless you take further action.
We recommend that you do not change existing aliases without considering the wider implications of your changes, namely:

Make sure that you maintain the address of old chat nodes in the database so that users can locate existing chat rooms via the old alias, if required If there is federation with external domains, you may need to publish the aliases in DNS to inform the users in those domains that the aliases have changed and new addresses are available. This depends on whether or not you want to advertise all aliases externally.
Related Topics
For best practice guidelines, see Scenario 1, page 9-12
Turning On System-Generated Aliases

Before You Begin

Review the topics about chat node aliases and key considerations. You cannot edit or delete a system-generated alias, for example, conference-3-mycup.cisco.com.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Messaging > Group Chat and Persistent Chat. Check System Automatically Manages Primary Group Chat Server Aliases to enable the system to automatically assign chat room aliases to nodes, using this alias naming convention: conference-x-clusterid.domain.
9-7
Step 3
The Number of messages in chat history displayed for new conference participants setting controls the number of instant messages from the recent message history that Cisco Unified Presence pushes to the client application of a user when that user joins a chat room. Increase this number if you want to display more text message history to users. Select Messaging > Group Chat Server Alias Mapping to verify that the system-generated alias is listed under Primary Group Chat Server Aliases.
Step 4

Even if you configure a system-generated alias for a chat node, you can associate more than one alias with the node if required. If you are federating with external domains, you may want to inform federated parties that the aliases have changed and new aliases are available. To advertise all aliases externally, configure DNS and publish the aliases as DNS records. If users of clients applications create a chat room, they may potentially override the default number of messages that display in a chat room. Note that if you turn on the Archive all room messages option for persistent chat, Cisco Unified Personal Communicator actively queries Cisco Unified Presence for all instant message history regardless of the value you configure for the Number of messages in chat history displayed for new chat participants setting. If you update any of the system-generated alias configuration, perform one of these actions:
Select Cisco Unified Serviceability > Tools > Control Center - Network Services to restart this service.
If you are running Cisco Unified Presence Release 8.5(x), restart the Cisco UP XCP Text
Conference Manager. Select Cisco Unified Serviceability > Tools > Control Center - Feature Services to restart this service
If you are running Cisco Unified Presence Release 8.5(x), the Number of messages in chat
history displayed for new chat participants setting updates dynamically; You do not need to restart the Cisco UP XCP Text Conference Manager.
Related Topics

Chat Node Aliases, page 9-6 Key Considerations, page 9-7 Configuring Persistent Chat Room Settings, page 9-4 Managing Chat Node Aliases Manually, page 9-8
What To Do Next
For best practice guidelines, see Scenario 1, page 9-12
Managing Chat Node Aliases Manually

Before You Begin

Review the topics about chat node aliases and key considerations. If you do not want to use a system-generated alias, you must turn off the default setting.
9-8
Chapter 9
Configuring Chat on Cisco Unified Presence How to Manage Chat Node Aliases
If you turn off a system-generated alias, the old alias (conference-x-clusterid.domain) reverts
to a standard, editable alias listed under Conference Server Aliases. This maintains the old alias and the chat room addresses associated with that alias.
Even if you configure a system-generated alias for a chat node, you can associate more than one
alias with the node if required. You can manually assign one (or more) aliases to chat nodes. You can also edit aliases and delete any aliases that you no longer need.
Although it is not mandatory, we recommend that you always include the Domain when you assign a new chat node alias to a node. Use this convention for additional aliases, newalias.domain. Select System > Cluster Topology: Settings in Cisco Unified Presence Administration to see the Domain. For manually-managed aliases, it is the responsibility of the Administrator to manually update the alias list if the Cluster ID or Domain changes. System-generated aliases will incorporate the changed values automatically.
Procedure
Select Cisco Unified Presence Administration > Messaging > Group Chat and Persistent Chat. [If Required] Uncheck System Automatically Manages Primary Group Chat Server Aliases to turn off the default system-generated alias. All the existing chat node aliases (including the disabled system-generated alias) are listed together under Group Chat Server Aliases. To view the alias list, perform these actions:
a. b.
Select Messaging > Group Chat Server Alias Mapping. Click Find.
Step 4
Complete one or more of the following actions as required: If you want to: Edit an existing alias (old system-generated or user-defined alias) Action
a. b.
Select the hyperlink for any existing alias that you want to edit. Edit the alias for the node in the Group Chat Server Alias field. Make sure the alias is unique for the node. Select the appropriate node to which you want to assign this changed alias. Click Add New. Enter a unique alias for the node in the Group Chat Server Alias field. Select the appropriate node to which you want to assign the new alias. Check the check box for the alias that you want to delete. Click Delete Selected.
c.
Add a new chat node alias
a. b. c.
Delete an existing alias
a. b.
9-9

Every chat node alias must be unique. The system will prevent you from creating duplicate chat node aliases across the cluster. A chat node alias name cannot match the Cisco Unified Presence domain name. Delete old aliases only if you no longer need to maintain the address of chat rooms via the old alias. If you are federating with external domains, you may want to inform federated parties that the aliases have changed and new aliases are available. To advertise all aliases externally, configure DNS and publish the aliases as DNS records. If you update any of the chat node alias configuration, perform one of these actions:
If you are running Cisco Unified Presence Release 8.0(x), restart the Cisco UP XCP Router. If you are running Cisco Unified Presence Release 8.5(x), restart the Cisco UP XCP Text
Conference Manager
Related Topics

Chat Node Aliases, page 9-6 Key Considerations, page 9-7 Turning On System-Generated Aliases, page 9-7 For best practice guidelines, see Sample Deployments, page 9-11 Configuring the Domain Value, page 6-26
What To Do Next
Turning On the Cisco UP XCP Text Conference Service, page 9-10
Turning On the Cisco UP XCP Text Conference Service

This procedure applies if you configure the persistent chat room settings, or manually add one or more aliases to a chat node. You must also turn on this service if you want to enable temporary (ad-hoc) chat on a node.
Before You Begin
If persistent chat is enabled, an external database must be associated with the Text Conference Manager service, and the database must be active and reachable or the Text Conference Manager will not start. If the connection with the external database fails after the Text Conference Manager service has started, the Text Conference Manager service will remain active and functional, however, messages will no longer be persisted to database and new persistent rooms cannot be created until the connection recovers.
Procedure
Select Cisco Unified Serviceability > Tools > Service Activation. Select the chat node from the Server menu. Select the Cisco UP XCP Text Conference Manager service to turn it on. Select Save.
9-10
Chapter 9
Configuring Chat on Cisco Unified Presence Sample Deployments
Related Topics

Configuring Persistent Chat Room Settings, page 9-4 Managing Chat Node Aliases Manually, page 9-8 Restarting the
Sample Deployments
The tables below contain a sample range of deployment scenarios that administrators may want to configure
9-11
Chapter 9 Sample Deployments
Scenario 1
Deployment Scenario: You do not want to include the Cluster ID in the chat node alias. Instead of the system-generated alias conference-1-mycup.cisco.com, you want to use the alias primary-conf-server.cisco.com.
1. 2.
Configuration Steps:
Select Messaging > Enterprise Instant Messaging to turn off the system-generated alias. (This is on by default). Edit the alias and change it to primary-conf-server.cisco.com.
Notes:
When you turn off the old system-generated alias, conference-1-mycup.cisco.com reverts to a standard, editable alias listed under Group Chat Server Aliases. This maintains the old alias and the chat room addresses associated with that alias.
Scenario 2
Deployment Scenario:: You want to:
change the Domain from cisco.com to linksys.com and use conference-1-mycup.linksys.com instead of conference-1-mycup.cisco.com. maintain the address of existing persistent chat rooms in the database so that users can still find old chat rooms of type [email protected]. Select System > Service Parameters > Cisco UP Proxy in Cisco Unified Presence Administration. Edit the Domain and change it to linksys.com.
1. 2.
Notes:
When you change the domain, the fully qualified cluster name (FQCN) automatically changes from conference-1-mycup.cisco.com to conference-1-mycup.linksys.com. The old system-generated alias conference-1-mycup.cisco.com reverts to a standard, editable alias listed under Group Chat Server Aliases. This maintains the old alias and the chat room addresses associated with that alias.
9-12
Chapter 9
Scenario 3
Deployment Scenario: You:
want to change the Cluster ID from mycup to ireland to use conference-1-ireland.cisco.com instead of conference-1-mycup.cisco.com. do not need to maintain the address of existing persistent chat rooms in the database. Select Presence > Settings in Cisco Unified Presence Administration. Edit the Cluster ID and change it to ireland. Select Messaging > Conferencing Server Alias Mapping in Cisco Unified Presence Administration. Delete the old alias conference-1-mycup.cisco.com.
1. 2. 3. 4.
Notes:
When you change the Cluster ID, the fully qualified cluster name (FQCN) automatically changes from conference-1-mycup.cisco.com to conference-1-ireland.cisco.com. The old system-generated alias conference-1-mycup.cisco.com reverts to a standard, editable alias listed under Group Chat Server Aliases. This maintains the old alias and the chat room addresses associated with that alias. Because (in this example) the Administrator has no need to maintain the old alias address, it is appropriate to delete it.
Scenario 4
Deployment Scenario: You want to:
change the Cluster ID from mycup to ireland to use conference-1-ireland.cisco.com instead of conference-1-mycup.cisco.com. only maintain chat room addressing via the old alias (does not need to associate nodes with the new system-generated alias).
9-13
1. 2. 3.
Select Presence > Settings in Cisco Unified Presence Administration. Edit the Cluster ID and changes it to ireland. Select Messaging > Enterprise Instant Messaging and turn off the new system-generated alias, conference-1-ireland.cisco.com. (This is on by default). Select Messaging > Conferencing Server Alias Mapping in Cisco Unified Presence Administration Deletes the new alias conference-1-ireland.cisco.com.
4. 5.
Notes:
When you change the Cluster ID, the fully qualified cluster name (FQCN) automatically changes from conference-1-mycup.cisco.com to conference-1-ireland.cisco.com. When you turn off the new system-generated alias, conference-1-ireland.cisco.com reverts to a standard, editable alias listed under Group Chat Server Aliases. Because (in this example) the Administrator has no need to maintain the new alias address, it is appropriate to delete it. The old system-generated alias conference-1-mycup.cisco.com reverts to a standard, editable alias listed under Group Chat Server Aliases. This maintains the old alias and the chat room addresses associated with that alias.
9-14
Chapter 9
Scenario 5
Deployment Scenario: You want to:

delete a node associated with an existing alias from the System Topology, for example, conference-3-mycup.cisco.com. add a new node with a new node ID (node id: 7) to the System Topology, for example, conference-7-mycup.cisco.com. maintain the address of chat rooms that were created using the old alias.
Option 1
1. 2.
Select Messaging > Conferencing Server Alias Mapping in Cisco Unified Presence Administration. Select Add New to add the additional alias, conference-3-mycup.cisco.com.
Option 2
1.
Select Messaging > Enterprise Instant Messaging and turn off the default system-generated alias, conference-7-mycup.cisco.com. (This is on by default). Edit the alias and change it to conference-3-mycup.cisco.com.
2.
Notes:
When you add the new node to the System Topology, the system automatically assigns this alias to the node: conference-7-mycup.cisco.com.
Option 1
If you add an additional alias, the node is addressable via both aliases, conference-7-mycup.cisco.com and conference-3-mycup.cisco.com.
Option 2
If you turn off the old system-generated alias, conference-7-mycup.cisco.com reverts to a standard, editable alias listed under Group Chat Server Aliases.
9-15
9-16
CH A P T E R
10
Configuring the Cisco IP PhoneMessenger Service

November 21, 2011
Prerequisites for Integrating Cisco IP PhoneMessenger, page 10-1 How to Configure Cisco IP PhoneMessenger on Cisco Unified Communications Manager, page 10-1 How to Configure Cisco IP PhoneMessenger on Cisco Unified Presence, page 10-3
Prerequisites for Integrating Cisco IP PhoneMessenger

Before you configure Cisco IP PhoneMessenger, make sure that you have configured the following:

Configured the Cisco Unified Communications Manager server for integration with Cisco Unified Presence Configured the Cisco Unified Presence server for deployment in the network.
Related Topics

Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence, page 3-1. Configuring a Cisco Unified Presence Server for Deployment in the Network, page 6-1
How to Configure Cisco IP PhoneMessenger on Cisco Unified Communications Manager

Configuring Cisco IP PhoneMessenger as an Application User, page 10-2 Configuring a Phone Service for the Cisco IP PhoneMessenger, page 10-2 Subscribing Phones to the Cisco IP PhoneMessenger Service, page 10-3
10-1
Chapter 10 How to Configure Cisco IP PhoneMessenger on Cisco Unified Communications Manager
Configuring Cisco IP PhoneMessenger as an Application User

Procedure
Select Cisco Unified Communications Manager Administration > User Management > Application User. Select Add New. Enter an application username in the User ID field, for example, PhoneMessenger. Enter a password for this application user, and confirm the password. Select the devices that you want the application user to control. Select Save.
Related Topics
Subscribing Phones to the Cisco IP PhoneMessenger Service, page 10-3
What To Do Next
Configuring a Phone Service for the Cisco IP PhoneMessenger, page 10-2
Configuring a Phone Service for the Cisco IP PhoneMessenger

Before You Begin
Configure Cisco IP PhoneMessenger as an application user on Cisco Unified Communications Manager.

Procedure
Select Cisco Unified Communications Manager Administration > Device > Device Settings > Phone Services. Select Add New. Enter PhoneMessenger in the Service Name field. Enter IP Phone Messenger in the Service Description field. Enter this URL in the Service URL field: http://my-cups:8081/ippm/default?name=#DEVICENAME# where my-cups specifies the IP address of the Cisco Unified Presence unless DNS is enabled on the phone.
Select XML Service from the Service Category menu. Select Standard IP Phone Service from the Service Type menu. Check Enable. Select Save.
10-2
Chapter 10
Configuring the Cisco IP PhoneMessenger Service How to Configure Cisco IP PhoneMessenger on Cisco Unified Presence
Related Topics
Configuring Cisco IP PhoneMessenger as an Application User, page 10-2
What To Do Next
Subscribing Phones to the Cisco IP PhoneMessenger Service, page 10-3
Subscribing Phones to the Cisco IP PhoneMessenger Service

Before You Begin
Configure a Phone Service for Cisco IP PhoneMessenger on Cisco Unified Communications Manager.
Procedure
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10
Select Cisco Unified Communications Manager Administration > Device > Phone. Select Find. Select a phone device link to access the Phone Configuration window. Select Subscribe/Unsubscribe Services from the menu in the Related Links navigation box at the top right of the window. Select Go. Select PhoneMessenger from the Select a Service menu in the Subscribed Cisco IP Phone Services window. Select Next. Select Subscribe when the window displays again. Select Save when the window displays again. Reset the phones individually or as a group.
Related Topics
Configuring Cisco IP PhoneMessenger as an Application User, page 10-2

What To Do Next
How to Configure Cisco IP PhoneMessenger on Cisco Unified Presence, page 10-3
How to Configure Cisco IP PhoneMessenger on Cisco Unified Presence

Configuring the Cisco IP PhoneMessenger Settings, page 10-4 Configuring Meeting Notification Settings, page 10-4 Information to Provide to Users About the Meeting Notification Feature, page 10-5 Configuring Cisco IP Phone Messenger Response Messages, page 10-6 Sending a Broadcast Message, page 10-6
10-3
Chapter 10 How to Configure Cisco IP PhoneMessenger on Cisco Unified Presence
Signing Out a Cisco IP Phone Messenger User, page 10-7
Configuring the Cisco IP PhoneMessenger Settings

Before You Begin
Obtain the application username and password that you configured for the Cisco IP PhoneMessenger on Cisco Unified Communications Manager.
Restriction
The Cisco IP PhoneMessenger application username and password must match the configured application username and password on Cisco Unified Communications Manager for the Cisco IP PhoneMessenger service to work properly.
Procedure
Select Cisco Unified Presence Administration > Application > IP Phone Messenger > Settings. Select On from the Application Status menu. Enter the application username that you configured on Cisco Unified Communications Manager for the Cisco IP PhoneMessenger service. Enter the password that you configured on Cisco Unified Communications Manager for the Cisco IP PhoneMessenger service. Select Save.
You can also use the System Dashboard to view enabled Cisco IP PhoneMessenger users in Cisco Unified Presence Administration. Select Diagnostics > System Dashboard.
Related Topics

Configuring Cisco IP PhoneMessenger as an Application User, page 10-2 Configuring Firewalls to Pass Cisco Unified Personal Communicator Traffic, page 11-7
Configuring Meeting Notification Settings

The Meeting Notification feature allows users to receive incoming meeting notifications from a Microsoft Outlook calendar on their Cisco IP PhoneMessenger enabled phone. To configure the Meeting Notification feature, you must integrate Cisco Unified Presence with a Cisco Unified MeetingPlace server.
Note
Cisco Unified Presence does not support Cisco Unified MeetingPlace Express.
Before You Begin
Obtain the hostname or IP address for the Cisco Unified MeetingPlace server.
10-4
Chapter 10
Procedure
Select Application > Meeting Notification > Settings. Enter the host name or IP address for the Cisco Unified MeetingPlace server. Enter the port number for the Cisco Unified MeetingPlace server. The default port numbers are 80 (SSL disabled) or 443 (SSL enabled). Check Use SSL if you want to use Secure Socket Layer (SSL) to communicate with the Cisco Unified MeetingPlace server. (If SSL enabled) Enter the subject common name for the Cisco Unified MeetingPlace server.
Step 4 Step 5
Note
If you select to configure a secure connection between Cisco Unified Presence and Cisco Unified MeetingPlace, you must configure certificate exchange between the two servers. You must upload the Cisco Unified MeetingPlace server certificate to Cisco Unified Presence as a cup-trust certificate. Once you have uploaded the certificate to Cisco Unified Presence, you must restart the SIP proxy service.
Related Topics

Configuring the Cisco IP PhoneMessenger Settings, page 10-4 Uploading the Cisco Unified Presence Certificate to Cisco Unified Communications Manager, page 7-4
Information to Provide to Users About the Meeting Notification Feature

Provide the following information to your users about setting up the Meeting Notification feature in Microsoft Outlook. The Meeting Notification feature allows you to receive Microsoft Outlook meeting notifications on your Cisco IP PhoneMessenger phone. To use the Meeting Notification feature, you must set up your meeting invitations in Microsoft Outlook as follows:
If you schedule a Cisco Unified MeetingPlace meeting, set the Location field on the Microsoft Outlook meeting invite window to: MeetingPlace: XXXXXXX ID: XXXX For example, MeetingPlace: 4761000 ID: 1020 where 4761000 is the meeting bridge number and 1020 is the meeting ID.
If you schedule a meeting on another supported conferencing server, set the Location field on the Microsoft Outlook meeting invite window to: Dial: XXXXXXX ID: XXXX For example, Dial: 4762000 ID: 2000 where 4762000 is the meeting bridge number and 2000 is the meeting ID.
When the meeting alert message displays on your Cisco Unified IP Phone, you can join the scheduled meeting by pressing Join.
10-5
If you schedule a Cisco Unified MeetingPlace meeting, you can set Cisco Unified MeetingPlace to call your Cisco Unified IP Phone when the scheduled meeting is about to begin. On your Cisco Unified IP Phone, press Todays meetings, select the meeting entry, and press Callback.
Note
You can turn off the Meeting Notification feature on your Cisco Unified IP Phone. Press Settings > Meeting Notifications, and turn off Enable Meeting Notifications.
Related Topics
User Guide for Cisco Unified Presence
Configuring Cisco IP Phone Messenger Response Messages

You can configure a predefined set of response messages to display in Cisco IP PhoneMessenger, for example:

On the phone, hold on On the phone, call later Not available Yes
These response messages allow the phone user to respond to incoming phone messages quickly. In addition, you can predefine a custom message, and control and change the order in which messages are displayed on the phone. You can configure up to a maximum of 10 predefined response messages.
Procedure
Select Cisco Unified Presence Administration > Application > IP Phone Messenger > Response Messages. Select Add New. Enter or modify the message text. Select the up or down arrow adjacent to the message to change the order in which the messages display. Select Save.
Sending a Broadcast Message

You can send a broadcast message to one or more Cisco IP PhoneMessenger users. Note the following changes to the broadcast feature behavior for Cisco Unified Presence Release 8.0(x):

The Cisco IP PhoneMessenger user receives broadcast messages in the Messages menu on their phone. The sender of the message is cupsystemadmin. If a user signs in to Cisco IP PhoneMessenger and Cisco Unified Personal Communicator at the same time, the user does not receive the broadcast message.
10-6
Chapter 10
If a user signs in to Cisco IP PhoneMessenger and an XMPP client at the same time, but not Cisco Unified Personal Communicator, the user receives the broadcast message.
Procedure
Select Cisco Unified Presence Administration > Application > IP Phone Messenger > Status. Locate the Cisco IP PhoneMessenger user(s). Perform one of the following actions: Select the end users to whom you want to send a broadcast message.

Select Select All. Enter the broadcast message text in the Message box.
Step 5 Step 6
Select Broadcast. Perform one of the following actions when you are prompted to confirm that you want to send a broadcast message:

Select OK to send the message. Select Cancel to exit without sending the message.
For the Broadcast feature to work on Cisco Unified Presence, you must turn on the Cisco UP XCP SIP Federation Connection Manager service. In Cisco Unified Serviceability, select Tools > Service Activation.
Signing Out a Cisco IP Phone Messenger User

You can force one or more users to sign out from the Cisco IP Phone Messenger service.
Procedure
Select Cisco Unified Presence Administration > Application > IP Phone Messenger > Status. Locate the Cisco IP Phone Messenger user. Perform one of the following actions:

Select the end users that you want to sign out. Select Select All.
Step 4 Step 5
Select Logout. Perform one of the following actions when you are prompted to confirm that you want to sign out the users:

Select OK to sign out the users. Select Cancel to exit without signing out the users.
10-7
10-8
CH A P T E R
11
Configuring Basic Features for Cisco Unified Personal Communicator

November 21, 2011
Roadmap for Deploying Cisco Unified Personal Communicator, page 11-2 Prerequisites for Integrating Cisco Unified Personal Communicator, page 11-6 Adding Licensing Capabilities for Users, page 11-7 Configuring Firewalls to Pass Cisco Unified Personal Communicator Traffic, page 11-7 Verifying That the Cisco UP XCP Router Service Is Running, page 11-7 (Cisco Unified Personal Communicator Release 8.x) About Configuring XCP Services for Cisco Unified Personal Communicator, page 11-8 Configuring Videoconferencing Resources and Ad-Hoc Conferencing on Cisco Unified Communications Manager, page 11-30 About Configuring Cisco Unified Personal Communicator on Cisco Unified Communications Manager, page 11-10 How to Configure Cisco Unified Personal Communicator on Cisco Unified Communications Manager, page 11-14 About Configuring Cisco Unified Personal Communicator on Cisco Unified Presence, page 11-19 How to Configure Cisco Unified Personal Communicator on Cisco Unified Presence, page 11-20 About Configuring CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence, page 11-25 How to Configure CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence, page 11-27 How to Configure Video Calls and Videoconferencing, page 11-29
11-1
Chapter 11 Roadmap for Deploying Cisco Unified Personal Communicator
Roadmap for Deploying Cisco Unified Personal Communicator

The following table provides a feature-by-feature map of topics that describe the tasks you need to perform to deploy Cisco Unified Personal Communicator: To Deploy These Features... Pre-deployment tasks Read These Topics...
Perform These Tasks...
Prerequisites for Integrating Cisco Unified Personal Communicator, page 11-6
Assigning the Licensing Capabilities on Cisco Unified Communications Manager, page 2-9 Configuring Firewalls to Pass Cisco Unified Personal Communicator Traffic, page 11-7 Verifying That the Cisco UP XCP Router Service Is Running, page 11-7 Turning On Cisco Unified Presence Services to Support XMPP Clients, page 8-4 (Cisco Unified Personal Communicator Release 8.x) Configuring Settings, page 11-21 (Cisco Unified Personal Communicator Release 8.5) Configuring Chat History, page 11-10 Configuring the Service Parameters for the IM Gateway, page 11-9 (Cisco Unified Personal Communicator Release 8.x) Configuring Persistent Chat Rooms, page 11-9
Availability status information and instant messaging
(Cisco Unified Personal Communicator Release 8.x) Required XCP Services, page 11-8 (Cisco Unified Personal Communicator Release 8.x) Optional XCP Services, page 11-8
Advanced instant messaging features, such as group chat and persistent chat rooms
(Cisco Unified Personal Communicator Release 8.x) Optional XCP Services, page 11-8
11-2
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator Roadmap for Deploying Cisco Unified Personal Communicator
To Deploy These Features... Place calls from a computer
Read These Topics...
Application Dialing and Directory Lookup Rules, page 11-10 Transformation of Dialed Numbers by Cisco Unified Personal Communicator, page 11-11 Cisco Unified Client Services Framework Device Type, page 11-12 Extension Mobility Configuration, page 11-12 (Cisco Unified Personal Communicator Release 8.x) Guidelines for Configuring the Softphone Device Name, page 11-13 (Cisco Unified Personal Communicator Release 7.1) Guidelines for Configuring the Softphone Device Name, page 11-13 TFTP Server Connection, page 11-19 Desk-Phone Control and the CTI Connection Failures, page 11-25 (Cisco Unified Personal Communicator Release 7.x) Desk-Phone Control and LDAP TelephoneNumber Field, page 11-26
Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 11-14 Associating Users with Softphone Devices, page 11-16 Adding Users to User Groups, page 11-17 Associating a New Device with a User, page 11-17 Associating a New Device with a User, page 11-17 Associating a New Device with a User, page 11-17 Resetting a Device, page 11-18 Configuring the Proxy Listener and TFTP Addresses, page 11-20 (Cisco Unified Personal Communicator Release 8.x) Configuring Settings, page 11-21
Place calls from a desk phone
Configuring CTI Gateway Server Names and Addresses, page 11-27 Creating CTI Gateway Profiles, page 11-28
11-3
Chapter 11 Roadmap for Deploying Cisco Unified Personal Communicator
To Deploy These Features... Video calls and videoconferencing
Configuring Users for Point-to-Point Video Calls and for Multipoint Videoconferencing, page 11-29 Configuring Videoconferencing Resources and Ad-Hoc Conferencing on Cisco Unified Communications Manager, page 11-30 (Cisco Unified Personal Communicator Release 8.x) Connecting a Cisco Unified IP Phone to the Network and Your Computer, page 11-33 (Cisco Unified Personal Communicator Release 8.x) Enabling Video for a Cisco Unified IP Phone, page 11-34 (Cisco Unified Personal Communicator Release 8.x) Configuring Settings, page 11-21 Configuring Cisco Unity Connection Servers, page 12-4 Configuring Cisco Unity Servers, page 12-5 Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 12-8 Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 12-9 Creating Voicemail Profiles on Cisco Unified Presence, page 12-10 (Cisco Unified Personal Communicator Release 8.x) Configuring Settings, page 11-21
Voicemail
Secure Voicemail Messaging on Cisco Unity Connection, page 12-2 Secure Voicemail Messaging on Cisco Unity, page 12-2 Secure Voicemail Messaging Configuration, page 12-3
11-4
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator Roadmap for Deploying Cisco Unified Personal Communicator
To Deploy These Features... Conference calls
How to Configure Conferencing Servers for Cisco Unified Personal Communicator, page 12-12
(Cisco Unified Personal Communicator Release 7.1) Configuring Cisco Unified MeetingPlace Express and Cisco Unified MeetingPlace Express VT Servers, page 12-13 Configuring Cisco Unified MeetingPlace Servers, page 12-16 (Cisco Unified Personal Communicator Release 8.x) Configuring the Cisco Unified MeetingPlace Web Server, page 12-18 Configuring Conferencing Server Names and Addresses on Cisco Unified Presence, page 12-19) Creating Conferencing Profiles on Cisco Unified Presence, page 12-21 (Cisco Unified Personal Communicator Release 8.x) Creating Audio Profiles on Cisco Unified Presence, page 12-23 Configuring CCMCIP Profiles for Cisco Unified Personal Communicator Release 8.x, page 12-24 (Cisco Unified Personal Communicator Release 8.x) Configuring Settings, page 11-21 How To Configure High Availability Cisco Unified Presence Deployments, page 6-19 About Configuring Third-Party Clients on Cisco Unified Presence, page 12-26
Audio quality features
Alternative server to control signing in
Security features
High availability features Third-party client applications
High Availability, page 11-20
(Cisco Unified Personal Communicator Release 8.x) Optional XCP Services, page 11-8
11-5
Chapter 11 Prerequisites for Integrating Cisco Unified Personal Communicator
To Deploy These Features... HTML content display
(Cisco Unified Personal Communicator Release 8.5) Distributing HTML Files for Display in the Cisco Unified Personal Communicator Window, page 12-30 Before You Start Cisco Unified Personal Communicator as a Desktop Agent, page 12-27 Starting Cisco Unified Personal Communicator as a Desktop Agent, page 12-28
Desktop agent
(Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal Communicator as a Desktop Agent, page 12-27
Prerequisites for Integrating Cisco Unified Personal Communicator

Before you configure Cisco Unified Personal Communicator, ensure that you have done the following:

Configured the Cisco Unified Communications Manager server for integration with Cisco Unified Presence Configured the Cisco Unified Presence server Configured the licensing details for Cisco Unified Personal Communicator Assigned all of your Cisco Unified Personal Communicator users to Cisco Unified Presence nodes in the system topology (Recommended) Configured the LDAP server (Optional) Configured the Cisco Unity and Cisco Unified MeetingPlace or Cisco WebEx on Cisco Unified Presence so that Cisco Unified Personal Communicator can use visual voicemail and meeting features.
Note
Before you deploy Cisco Unified Personal Communicator Release 8.x to the computers of your users, ensure that there are no other applications installed on the computers of your users that depend on Cisco Unified Client Services Framework. For a list of these applications, see the Release Notes for Cisco Unified Personal Communicator at: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
Related Topics

Configuring Cisco Unified Communications Manager for Integration with Cisco Unified Presence, page 3-1 Configuring a Cisco Unified Presence Server for Deployment in the Network, page 6-1 Cisco Unified Personal Communicator License Requirements, page 2-5 Integrating the LDAP Directory, page 14-1
11-6
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator Adding Licensing Capabilities for Users
Adding Licensing Capabilities for Users

For information about how to assign user capabilities, see Assigning the Licensing Capabilities on Cisco Unified Communications Manager, page 2-9.
Configuring Firewalls to Pass Cisco Unified Personal Communicator Traffic

Internet traffic moves through a firewall based on service identification numbers that are known as ports. Certain ports must be open for Cisco Unified Personal Communicator to work. Network administrators typically open a minimal number of network ports, allowing the traffic for approved applications to enter and leave the network while blocking other network traffic.
Before You Begin
Read information about the network ports used by Cisco Unified Personal Communicator in the Release Notes for Cisco Unified Personal Communicator.
Procedure
Step 1 Step 2
Identify whether users have a software firewall installed on their computers, or if there is a hardware firewall in the network between Cisco Unified Presence and Cisco Unified Personal Communicator. Configure the firewall to pass Cisco Unified Personal Communicator traffic. Failure to perform this step results in missing, incorrect, or intermittent display of availability status in Cisco Unified Personal Communicator.
Related Topics
Release Notes for Cisco Unified Personal Communicator: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
Verifying That the Cisco UP XCP Router Service Is Running

Procedure
Select Tools > Control Center - Network Services in Cisco Unified Serviceability in Cisco Unified Presence. Select the server from the Server list box. Select Go. Locate the Cisco UP XCP Router service in the CUP Services section. Verify that the Status column reads Running.
11-7
Chapter 11 Configuring Basic Features for Cisco Unified Personal Communicator (Cisco Unified Personal Communicator Release 8.x) About Configuring XCP Services for Cisco Unified Personal
Related Topics
(Cisco Unified Personal Communicator Release 8.x) About Configuring XCP Services for Cisco Unified Personal Communicator

(Cisco Unified Personal Communicator Release 8.x) Required XCP Services, page 11-8 (Cisco Unified Personal Communicator Release 8.x) Optional XCP Services, page 11-8
(Cisco Unified Personal Communicator Release 8.x) Required XCP Services

You must ensure that the following Cisco Unified Presence XCP services are running on all Cisco Unified Presence nodes in all clusters:

Cisco UP XCP Authentication Service Cisco UP XCP Connection Manager
(Cisco Unified Personal Communicator Release 8.x) Optional XCP Services

Depending on what features you want to make available, ensure that the following Cisco Unified Presence XCP services are running on all Cisco Unified Presence nodes in all clusters:
Cisco UP XCP Text Conference Manager, for group chat and persistent chat rooms. If you have a mixture of Cisco Unified Personal Communicator Release 8.x and Release 7.x users, then the Cisco UP XCP Text Conference Manager service must be running for them to communicate with one another. Cisco UP XCP Web Connection Manager, to manage connections for web-based client applications, that connect to Cisco Unified Presence using HTTP. Cisco UP XCP SIP Federation Connection Manager, to support federation services with third-party applications that use SIP. Cisco UP XCP XMPP Federation Connection Manager, to support federation services with third-party applications that use XMPP. Cisco UP XCP Counter Aggregator, if you want system administrators to be able to view statistical data on XMPP components. Cisco UP XCP Message Archiver, for automatic archiving of all instant messages. Cisco UP XCP Directory Service, if you want to enable third-party XMPP client applications to do LDAP searches.
Note
Read the documentation relating to any feature that you are implementing before you turn on the relevant services. Additional configuration might be required.
11-8
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator How to Configure Chat
Related Topics

Turning On Cisco Unified Presence Services to Support XMPP Clients, page 8-4 Turning On the Cisco UP XCP Text Conference Service, page 9-10 Configuring Chat on Cisco Unified Presence, page 9-1 Turning On the Cisco Unified Presence Services, page 6-50
How to Configure Chat

Configuring the Service Parameters for the IM Gateway, page 11-9 (Cisco Unified Personal Communicator Release 8.x) Configuring Persistent Chat Rooms, page 11-9 (Cisco Unified Personal Communicator Release 8.5) Disabling Chat, page 11-10 (Cisco Unified Personal Communicator Release 8.5) Configuring Chat History, page 11-10
Configuring the Service Parameters for the IM Gateway

Users of SIP IM clients must be able to exchange bi-directional IMs with users of XMPP IM clients. Turn on the SIP-to-XMPP connection on the Cisco Unified Presence IM Gateway for IM interoperability between SIP and XMPP clients. You must also ensure that the Cisco UP XCP SIP Federation Connection Manager service is running.
Related Topics

Turning On the Cisco Unified Presence Services, page 6-50 How To Configure the Authorization Policy on Cisco Unified Presence, page 6-39
(Cisco Unified Personal Communicator Release 8.x) Configuring Persistent Chat Rooms
To configure persistent chat rooms, you must first configure persistent chat servers. To configure persistent chat servers, you must set up a PostgreSQL database. For more information about how to configure an external database in Cisco Unified Presence see the Database Setup Guide for Cisco Unified Presence at the following URL: http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_list.ht ml You must also ensure that the Cisco UP XCP Text Conference Manager service is running. When a Cisco Unified Personal Communicator user joins a persistent chat room, Cisco Unified Presence sends instant message history information to the Cisco Unified Personal Communicator user. The number of messages in instant message history that Cisco Unified Presence sends is specified in the Number of messages that display per room option, which you specify when you configure conferencing and persistent chat. If the Archive all room messages option is enabled for persistent chat, Cisco Unified Personal Communicator queries Cisco Unified Presence for additional history, and the number of messages displayed by Cisco Unified Personal Communicator might exceed the value in the Number of messages to display per room setting on the Cisco Unified Presence server.
11-9
Chapter 11 Configuring Basic Features for Cisco Unified Personal Communicator About Configuring Cisco Unified Personal Communicator on Cisco Unified Communications Manager
Related Topics

Turning On the Cisco Unified Presence Services, page 6-50 Configuring Persistent Chat Room Settings, page 9-4
(Cisco Unified Personal Communicator Release 8.5) Disabling Chat

You can configure Cisco Unified Presence to disable the chat feature on Cisco Unified Personal Communicator. For information about how to disable chat, see Turning On or Off Instant Messaging for a Cisco Unified Presence Cluster, page 6-46.
Related Topics
Turning On or Off Instant Messaging for a Cisco Unified Presence Cluster, page 6-46
(Cisco Unified Personal Communicator Release 8.5) Configuring Chat History

You can configure Cisco Unified Presence to prevent Cisco Unified Personal Communicator from keeping a log of the chat history on the client computer. The ability to prevent the chat history is introduced in Cisco Unified Personal Communicator Release 8.5 and is not configurable on earlier versions of Cisco Unified Personal Communicator. For information about how to configure the chat history on Cisco Unified Presence, see Allowing Clients to Log Instant Message History, page 6-48.
Related Topics
Allowing Clients to Log Instant Message History, page 6-48
About Configuring Cisco Unified Personal Communicator on Cisco Unified Communications Manager

Application Dialing and Directory Lookup Rules, page 11-10 Transformation of Dialed Numbers by Cisco Unified Personal Communicator, page 11-11 Cisco Unified Client Services Framework Device Type, page 11-12 Extension Mobility Configuration, page 11-12 (Cisco Unified Personal Communicator Release 8.x) Guidelines for Configuring the Softphone Device Name, page 11-13 (Cisco Unified Personal Communicator Release 7.1) Guidelines for Configuring the Softphone Device Name, page 11-13
Application Dialing and Directory Lookup Rules

Based on the dial plan for your company and the information stored in the LDAP directory (telephone number for the user), you might need to define application dialing rules and directory lookup rules on Cisco Unified Communications Manager. Cisco Unified Presence then queries Cisco Unified Communications Manager to obtain these dialing rules for the Cisco Unified Personal Communicator.
11-10
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator About Configuring Cisco Unified Personal Communicator on Cisco Unified Communications Manager
These rules define how Cisco Unified Personal Communicator can reformat the inbound call ID to be used as a directory lookup key and how to transform a phone number retrieved from the LDAP directory for outbound dialing. When you are configuring application dial rules, note the following:

Cisco Unified Communications Manager Release 7.1 supports application dial rules that contain the plus character in dialed numbers. Cisco Unified Personal Communicator Release 7.1 does not remove the plus character from dialed numbers. Releases of Cisco Unified Personal Communicator earlier than Release 7.1 do remove the plus character from dialed numbers.
Table 11-1 defines the application dialing rules and directory lookup rules, and provides examples and the menu path for each.
Table 11-1 Dialing rule definitions
Rule Application dial rules
Definition Application dial rules automatically strip numbers from, or add numbers to, phone numbers that the user dials. Application dialing rules are used to manipulate numbers that are dialed from Cisco Unified Personal Communicator. Directory lookup rules transform caller identification numbers into numbers that can be looked up in the directory from Cisco Unified Personal Communicator. Each rule specifies which numbers to transform based on the initial digits and the length of the number.
Related Topics
Configuration Example You can configure a dialing rule in Cisco Unified Communications Manager Administration that automatically adds the digit 9 at the start of a 7-digit phone number to provide access to an outside line.
Menu path Call Routing > Dial Rules > Application Dial Rules
Directory lookup rules
Call Routing > Dial You can create a directory lookup Rules > Directory rule in Cisco Unified Lookup Dial Rules Communications Manager Administration that automatically removes the area code and two prefix digits from a 10-digit telephone. This rule transforms 4089023139 into 23139.
Transformation of Dialed Numbers by Cisco Unified Personal Communicator, page 11-11
Transformation of Dialed Numbers by Cisco Unified Personal Communicator

Before Cisco Unified Personal Communicator places a call through contact information, the application removes everything from the phone number to be dialed, except for letters and digits. The application transforms the letters to digits and applies the dialing rules from Cisco Unified Presence. The letter-to-digit mapping is locale-specific and corresponds to the letters found on a standard telephone keypad for that locale. For example, for an US English locale, 1-800-GOTMILK transforms to 18004686455. Users cannot view or modify transformed numbers before Cisco Unified Personal Communicator places the numbers. If there is a problem with the dialed number because of incorrect conversions, you must correct the dialing rules.
11-11
Chapter 11 Configuring Basic Features for Cisco Unified Personal Communicator About Configuring Cisco Unified Personal Communicator on Cisco Unified Communications Manager
Related Topics

Application Dialing and Directory Lookup Rules, page 11-10 For detailed conceptual and task-based information on dialing rules, see the Cisco Unified Communications Manager Administration Guide: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
Cisco Unified Client Services Framework Device Type

Cisco Unified Personal Communicator requires a new Cisco Unified Communications Manager device type called Cisco Unified Client Services Framework. Depending on which release of Cisco Unified Communications Manager is installed in your Cisco Unified Communications system, you might need to patch Cisco Unified Communications Manager with a Cisco Options Package (COP) file. You must run the COP file if your Cisco Unified Communications Manager does not have the Cisco Unified Client Services Framework device type. You run the COP file on the Cisco Unified Communications Manager publisher server. After you apply the COP file, you must restart the Cisco Unified Communications Manager publisher server, and all other servers. For information about which releases of Cisco Unified Communications Manager require you to run the COP file to install the Cisco Unified Client Services Framework device type, see the Release Notes for Cisco Unified Personal Communicator at the following URL: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
Extension Mobility Configuration

The Extension Mobility feature dynamically configures a phone according to the user that is currently logged into the phone. When a user logs in to the phone, the phone adopts the default device profile information for that user, including line numbers, speed dials, services links, and other user-specific phone properties. By using Extension Mobility, a Cisco Unified Personal Communicator user can associate the application with one or more desk phones that have the same directory number on the primary line as the default desk phone of the user on Cisco Unified Communications Manager. You can configure Extension Mobility on Cisco Unified Communications Manager Administration by selecting Device > Phone menu, and accessing the Directory Number configuration window. When you configure Extension Mobility, note the following:

When you create the device user profile (Device > Device Settings > Device Profile), enable CTI control, and ensure that the line is controllable by CTI. When you add the Cisco Unified IP Phone to Cisco Unified Communications Manager (Device > Phone), make sure that is controllable by CTI.
Related Topics

Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 11-14 Cisco Unified Communications Manager Features and Services Guide
11-12
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator About Configuring Cisco Unified Personal Communicator on Cisco Unified Communications Manager
(Cisco Unified Personal Communicator Release 8.x) Guidelines for Configuring the Softphone Device Name
When you create a softphone device for each Cisco Unified Personal Communicator Release 8.0 user, you select the Cisco Unified Client Services Framework device type. You must also specify a device name. Ensure that the device name conforms to these guidelines:

Can contain uppercase and lowercase letters, and numerals. Contains no more than 15 characters.
No correlation to the username is required, but for convenience you might choose to include a username in the device name. For example, you might use the device name CSFabaker.
(Cisco Unified Personal Communicator Release 7.1) Guidelines for Configuring the Softphone Device Name
When you create a softphone device for each Cisco Unified Personal Communicator user, you must specify a device name. Make sure that the device name conforms to these guidelines:

Derives from the username. Starts with UPC. Contains only uppercase letters, or numerals. Contains no more than 12 additional characters after UPC.
Table 11-2 provides some example device names.

Table 11-2 Username Conversion for Cisco Unified Personal Communicator Softphone Device
Cisco Unified Communications Manager Username jjackson johnnie_jackson johnniejackson john.jackson
Associated Softphone Device Name UPCJJACKSON UPCJOHNNIEJACKS UPCJOHNNIEJACKS UPCJOHNJACKSON
You must create username that do not collide when converted, for example, the usernames johnnie_jackson and johnniejackson convert to the same softphone device name and therefore are said to collide.
Caution
If Cisco Unified Personal Communicator is unable to derive its softphone device name, it cannot properly register and cannot function as expected. You might have to reconfigure a user to use a name other than their normal username to avoid this problem.
Related Topics
Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 11-14
11-13
Chapter 11 Configuring Basic Features for Cisco Unified Personal Communicator How to Configure Cisco Unified Personal Communicator on Cisco Unified Communications Manager
How to Configure Cisco Unified Personal Communicator on Cisco Unified Communications Manager

Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 11-14 Associating Users with Softphone Devices, page 11-16 Adding Users to User Groups, page 11-17 Associating a New Device with a User, page 11-17 Resetting a Device, page 11-18
Creating a Softphone Device for Each Cisco Unified Personal Communicator User
To enable Cisco Unified Personal Communicator softphone features, you must create a new softphone device for each user. This topic describes how to create a softphone device for one user. To create softphone devices for many users, you can use the Bulk Administration Tool (BAT). BAT performs bulk updates to the Cisco Unified Communications Manager database. For more information about BAT, see the Cisco Unified Communications Manager Bulk Administration Guide at the following URL: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
Before You Begin

Read the Cisco Unified Personal Communicator licensing requirements module, including the information on adjunct licensing. Read the guidelines on configuring the device name.
Restrictions
The auto-registration features in Cisco Unified Communications Manager are not supported with Cisco Unified Personal Communicator.
Procedure
Select Cisco Unified Communications Manager Administration > Device > Phone. Select Add New. (Cisco Unified Personal Communicator Release 8.x) Select Cisco Unified Client Services Framework from the Phone Type menu. (Cisco Unified Personal Communicator Release 7.1) Select Cisco Unified Personal Communicator from the Phone Type menu.
Step 4 Step 5
Select Next. Configure the following information:

a. b.
Specify the softphone device name in the Device Name field. Enter a descriptive name for the phone in the Description field. For example, enter Richardsoftphone.
11-14
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator How to Configure Cisco Unified Personal Communicator on Cisco Unified Communications Manager
c. d. e. f. g. h.
(Cisco Unified Personal Communicator Release 8.x) Select Default from the Device Pool list. (Cisco Unified Personal Communicator Release 8.x) Select Standard Client Services Framework from the Phone Button Template list. Configure all the required fields for your environment. Select the user ID from Owner User ID menu. Select the device name of the Cisco Unified IP Phone to associate with Cisco Unified Personal Communicator from Primary Phone. (Cisco Unified Personal Communicator Release 8.x) Check Allow Control of Device from CTI to enable CTI to control and monitor this device. (Cisco Unified Personal Communicator Release 7.1) Uncheck Allow Control of Device from CTI. Enter information in the Protocol Specific Information section, as follows: Setting Select Standard Presence Group. (Cisco Unified Personal Communicator Release 8.0) Select Cisco Unified Client Services Framework - Standard SIP Non-Secure Profile. (Cisco Unified Personal Communicator Release 7.1) Select Cisco Unified Personal Communicator - Standard SIP Non-Secure Profile.
i.
Field Presence Group Device Security Profile
SIP Profile
Select Standard SIP Profile to specify the default SIP profile. SIP profiles provide specific SIP information for the phone such as registration and keep-alive timers, media ports, and Do Not Disturb control. Select the user ID. This is the same user ID as the one you selected for Owner User ID.
Digest User
Select Save. Select the Add a New DN link in the Association Information section that displays on the left side of the window. Configure the following information:
a. b. c. d.
Enter the directory number and route partition for the Cisco Unified Personal Communicator. Enter the caller ID in Display (Internal Caller ID), in the Line 1 on Device Device-Name section. In the Multiple Call/Call Waiting section, specify the maximum number of calls that can be presented to Cisco Unified Personal Communicator in the Maximum Number of Calls field. In the Multiple Call/Call Waiting section, specify the trigger after which an incoming call receives a busy signal in the Busy Trigger field.
Note
The Busy Trigger setting works with the Maximum Number of Calls setting. For example, if the maximum number of calls is set to six and the busy trigger is set to six, the seventh incoming call receives a busy signal.
Step 9
Select Save. Make sure that the status shown at the top of the window indicates a successful save and that the resulting status is Ready.
11-15
The directory number that is configured for Cisco Unified Personal Communicator and the Cisco Unified IP Phone must be identical. A directory number is configured with a partition, and you assign a directory number to Cisco Unified Personal Communicator and the Cisco Unified IP Phone. This configuration causes the Cisco Unified Personal Communicator to share the line with the Cisco Unified IP Phone for this user. Cisco Unified Communications Manager reminds you that changes to line or directory number settings require a restart. However, a restart is required only when you edit lines on Cisco Unified IP Phones that are running at the time of the modifications. From Cisco Unified Communications Manager Release 6.x, make sure that an association exists between the user and the line that is configured for that user so that the correct availability status in Cisco Unified Personal Communicator is displayed. Select Device > Phone, and view the association information for the device. Make sure that the user is associated with the line on the Directory Number configuration window. Make sure that you associate the line and user for all the phones used by the user for that directory number.
Related Topics

(Cisco Unified Personal Communicator Release 7.1) Guidelines for Configuring the Softphone Device Name, page 11-13 Cisco Unified Personal Communicator License Requirements, page 2-5 Extension Mobility Configuration, page 11-12 Configuring Videoconferencing Resources and Ad-Hoc Conferencing on Cisco Unified Communications Manager, page 11-30
What To Do Next
Associating Users with Softphone Devices, page 11-16
Associating Users with Softphone Devices

You must ensure that user IDs are the same between LDAP and Cisco Unified Communications Manager. This is easier to accomplish if you have LDAP synchronization enabled in Cisco Unified Communications Manager.
Procedure
Select Cisco Unified Communications Manager Administration > System > LDAP > LDAP Directory. Search for the LDAP directory in the Find and List LDAP Directories window. Select the LDAP configuration name for the LDAP directory. Select Perform Full Sync Now. Select Cisco Unified Communications Manager Administration > Device > Phone. Search for the device for the user in the Find and List Phones window. Select the name of the device. Select the directory number for the device in the Association Information section that displays on the left side of the window.
11-16
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator How to Configure Cisco Unified Personal Communicator on Cisco Unified Communications Manager
Select Associate End Users at the bottom of the window. Search for the user in the Find and List Users window. Select the user, then select Add Selected. Select Save on the Directory Number Configuration window.
What To Do Next
Adding Users to User Groups, page 11-17
Adding Users to User Groups

Procedure
Select Cisco Unified Communications Manager Administration > User Management > End User. Search for the user in the Find and List Users window. Select the user. Select Add to User Group in the Permissions Information section. Use the Find and List User Groups window to find and select the following user groups:

Standard CCM End Users Standard CTI Enabled
If the phone of the user is a Cisco Unified IP Phone 9900 or 8900 series model, select the following user group also:
Standard CTI Allow Control of Phones supporting Connected Xfer and conf user group
If the phone of the user is a Cisco Unified IP Phone 6900 series model, select the following user group also:
Step 6 Step 7
Standard CTI Allow Control of Phones supporting Rollover Mode
Select Add Selected. Select Save on the End User Configuration window.
What To Do Next
Associating a New Device with a User, page 11-17
Associating a New Device with a User

Procedure
Select Cisco Unified Communications Manager Administration > User Management > End User. Search for the user in the Find and List Users window. Select the user.
11-17
Select Device Association in the Device Information section. Search for the device in the User Device Association window. Select the device. Select Save Selected/Changes. Select Back to User from the menu in the Related Links navigation box at the top right of the window. Select Go. Verify that the device is listed in the Device Information section on the End User Configuration window.
What To Do Next
Resetting a Device, page 11-18
Resetting a Device
Select Cisco Unified Communications Manager Administration > Device > Phone. Search for the device for the user in the Find and List Phones window. Select the name of the device. Select the directory number for the device in the Association Information section that displays on the left side of the window. Select Reset on the Directory Number Configuration window.
Specifying Which Softphone Device to Use for a User with Multiple Associated Softphone Devices
If Cisco Unified Personal Communicator user has more than one associated softphone device in Cisco Unified Communications Manager, you can specify which device to use on startup by excluding all other devices. To do this, you must set the value of the following registry key value to be a comma-separated list of device names, as follows: Registry Key ExcludedDevices Sample Value csfjohndoe,csfjanedoe
The registry key is located in HKEY_CURRENT_USER\Software\Cisco Systems, Inc.\Client Services Framework\AdminData.
11-18
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator About Configuring Cisco Unified Personal Communicator on Cisco Unified Presence
About Configuring Cisco Unified Personal Communicator on Cisco Unified Presence

TFTP Server Connection, page 11-19 High Availability, page 11-20
TFTP Server Connection

Cisco Unified Personal Communicator connects to the primary Trivial File Transfer Protocol (TFTP) server (whose address is retrieved from Cisco Unified Presence) at startup. When the connection is established, Cisco Unified Personal Communicator downloads the <softphone-device-name>.cnf.xml configuration file from Cisco Unified Communications Manager for each user. The configuration file contains the list of Cisco Unified Communications Manager primary and failover server addresses and the transport protocol for Cisco Unified Personal Communicator to use in softphone mode to connect to Cisco Unified Communications Manager. After Cisco Unified Personal Communicator downloads the file successfully, the configuration information is made available to other Cisco Unified Personal Communicator subsystems, and Cisco Unified Personal Communicator disconnects from the TFTP server. Each time Cisco Unified Personal Communicator tries to download the configuration file, the application attempts to contact the primary TFTP server. If the primary TFTP server does not respond, Cisco Unified Personal Communicator fails over to the backup TFTP servers, if any exist. Cisco Unified Personal Communicator fails over to the backup TFTP servers in the order specified in Cisco Unified Presence Administration. If all TFTP server connections fail, Cisco Unified Personal Communicator tries to load the last valid downloaded configuration from the following locations: Release 8.x Windows XP Release 7.1
drive:\Documents and drive:\Documents and Settings\username\Application Settings\username\Local Settings\Application Data\Cisco\Unified Data\Cisco\Unified Personal Communicator Communications\Client Services Framework\Config drive:\Users\username\AppData\Local\ Cisco\Unified Personal Communicator
Windows Vista
For Mac OS: ~/Library/Caches/com.cisco.AriesX/<username>/Phone/
If the loading of the local file is successful, Cisco Unified Personal Communicator updates the Server Health window with a warning notification (yellow indicator). If the file transfer fails and the file does not exist, Cisco Unified Personal Communicator updates the Server Health window with a failure notification and switches to Disabled mode. The following Cisco Unified Communications Manager failover restrictions apply to Cisco Unified Personal Communicator:
Auto-registration is not supported.
11-19
Chapter 11 Configuring Basic Features for Cisco Unified Personal Communicator How to Configure Cisco Unified Personal Communicator on Cisco Unified Presence
Cisco Unified Personal Communicator fails over to a configured TFTP server when it tries to download the configuration file. The application also tries to download the file from the backup TFTP servers. AutoUpdate and upgrades through TFTP are not supported for Cisco Unified Personal Communicator software.
Related Topics
Configuring the Proxy Listener and TFTP Addresses, page 11-20
High Availability
High availability in a subcluster means that if a node in the subcluster fails, the Instant Message and Availability services from that node can fail over to the second node in the subcluster. High Availability is supported for the following releases of Cisco Unified Personal Communicator:

Cisco Unified Personal Communicator Release 7.x with Cisco Unified Presence Release 7.x Cisco Unified Personal Communicator Release 8.5 with Cisco Unified Presence Release 8.5
To configure high availability for Cisco Unified Personal Communicator clients, you configure high availability on the Cisco Unified Presence server. For more information, refer to How To Configure High Availability Cisco Unified Presence Deployments, page 6-19. The impact of failover on Cisco Unified Personal Communicator is described in Impact of Failover to Cisco Unified Presence Clients and Services, page 6-11.
How to Configure Cisco Unified Personal Communicator on Cisco Unified Presence

Configuring the Proxy Listener and TFTP Addresses, page 11-20 (required) (Cisco Unified Personal Communicator Release 8.x) Configuring Settings, page 11-21 (Cisco Unified Personal Communicator Release 7.1) Configuring the Service Parameters, page 11-23 (required) (Cisco Unified Personal Communicator Release 7.1) Configuring a Secure Connection Between Cisco Unified Presence and Cisco Unified Personal Communicator, page 11-24
Configuring the Proxy Listener and TFTP Addresses

Before You Begin

Read the TFTP server connection topic. Obtain the hostnames or IP addresses of the TFTP servers.
Restriction
We recommend that Cisco Unified Personal Communicator use TCP to communicate with the proxy server. If you use UDP to communicate with the proxy server, availability information for contacts in the Cisco Unified Personal Communicator contact list might not be available for large contact lists.
11-20
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator How to Configure Cisco Unified Personal Communicator on Cisco Unified Presence
Procedure
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Settings. Select the Proxy Listener Default Cisco SIP Proxy TCP Listener. Assign the primary (required) and backup (optional) TFTP server addresses in the fields provided. You can enter an IP address or an FQDN (Fully Qualified Domain Name). Select Save.
Troubleshooting Tip
You can see the TFTP server addresses in the Server Health window in Cisco Unified Personal Communicator (Help > Show Server Health on Windows operating system and Help > Show System Diagnostics on Mac OS).
Related Topics
TFTP Server Connection, page 11-19
What To Do Next
(Cisco Unified Personal Communicator Release 7.1) Configuring the Service Parameters, page 11-23
(Cisco Unified Personal Communicator Release 8.x) Configuring Settings

Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Settings. Enter information into the fields:
11-21
Field CSF certificate directory (relative to CSF install directory)
Setting This field applies only if the Client Services Framework (CSF) requires you to import security certificates to authenticate with LDAP, web conferencing, and CCMCIP. For most deployments, you do not need to import security certificates. You only need to import security certificates for CSF to trust in the following scenarios:
You use a signed certificate for Cisco Unified Communications Manager Tomcat instead of the default self-signed certificate. You want CSF to connect to the LDAP server via LDAPS. You use a signed certificate for Cisco Unity Connection Tomcat instead of the default self-signed certificate.
If you must specify a value, specify the directory that contains the security certificates as an absolute path. For example, C:\CSFcerts. If you use a relative path, the path is relative to the CSF installation directory C:\Program Files\Common Files\Cisco Systems\Client Services Framework. If you do not specify a directory, CSF looks for the certificates in the following directory and trusts any certificates in that location: Windows XP: drive:\Documents and Settings\username\Local Settings\Application Data\Cisco\Unified Communications\Client Services Framework\certificates Windows Vista/Windows 7: drive:\Users\username\AppData\Local\Cisco\Unified Communications\Client Services Framework\certificates Default Setting: Not set Credentials source for voicemail If user credentials for the voicemail service are shared with another service service, select the appropriate service from this list box. The user credentials automatically synchronize from the service that you select. Default Setting: Not set
If this value is set to Not set, users must use their client preference settings to manually select a source for voicemail service credentials. Credentials source for web conferencing service If user credentials for the meeting service are shared with another service, select the appropriate service from this list box. The user credentials automatically synchronize from the service that you select. Default Setting: Not set
If this value is set to Not set, users must use their client preference settings to manually select a source for meeting service credentials.
11-22
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator How to Configure Cisco Unified Personal Communicator on Cisco Unified Presence
Field Maximum message size Allow cut & paste in instant messages
Setting Enter the allowed size limit for instant messages, in bytes. Check this check box to allow users to cut and paste in their instant messages (IMs). Most deployments have this option turned on. If you turn off this option, the Cisco Unified Presence server flags and passes the setting to the Cisco Unified Personal Communicator client, where the behavior is enforced. Default Setting: On
Always begin calls with video turned off
Check this check box if you want all video calls to start without sending video from the camera. Instead, an icon is displayed that indicates that video is not being sent from the camera. If users want to send video from their camera, they must explicitly select to send video from the camera. This setting overrides the Start video calls with my video signal muted setting that users can select in the Cisco Unified Personal Communicator options. If you turn this option off, video calls start according to the Cisco Unified Personal Communicator options. Default Setting: Off
Step 3
Select Save.
Related Topics

How to Integrate the LDAP Directory with Cisco Unified Personal Communicator, page 14-6 (Cisco Unified Personal Communicator Release 8.0) How to Integrate the LDAP Directory for Contact Searches on XMPP Clients, page 14-13
(Cisco Unified Personal Communicator Release 7.1) Configuring the Service Parameters
You need to configure all the availability-related notifications sent between Cisco Unified Personal Communicator and Cisco Unified Presence use TCP.
Procedure
Select Cisco Unified Presence Administration > System > Service Parameters. Select a Cisco Unified Presence server from the Server menu. Select Cisco UP SIP Proxy as the service on the Service Parameter Configuration window. Set Use Transport in Record-Route Header to On in the SIP Parameters (Clusterwide) section. This forces the Proxy to use the transport parameter in the record-route header.
11-23
Step 5
Select Save.
Related Topics
Configuring the Proxy Listener and TFTP Addresses, page 11-20

What To Do Next
(Cisco Unified Personal Communicator Release 7.1) Configuring a Secure Connection Between Cisco Unified Presence and Cisco Unified Personal Communicator, page 11-24
(Cisco Unified Personal Communicator Release 7.1) Configuring a Secure Connection Between Cisco Unified Presence and Cisco Unified Personal Communicator
If you want to exchange a CA-signed certificate between Cisco Unified Presence and Cisco Unified Personal Communicator, you must generate a Certificate Signing Request (CSR) and import a tomcat certificate for Cisco Unified Presence. Refer to the steps below for a high level overview of this process. Cisco Unified Personal Communicator uses the certificate called tomcat. The trust chain for this certificate is called tomcat-trust. Note that there can only be one tomcat certificate, but there can be more than one tomcat-trust.
Procedure
Select Cisco Unified OS Administration > Security > Certificate Management. Select Find to list all certificates. Select the tomcat certificate. Select Generate CSR. Send your CSR to your Certificate Authority (CA). Upload the signing chain of the certificate one at a time as "tomcat-trust" on Cisco Unified Presence. You will need to do this before you upload the signed certificate that you receive from your CA. If you receive a Geotrust (Equifax) or Verisign certificate, you just need to upload the appropriate root certificate. When the CA returns your signed certificate, select Cisco Unified OS Administration > Security > Certificate Management > Upload Certificate to upload the signed certificate to Cisco Unified Presence. Upload the signed certificate as tomcat. Make sure to save this certificate file. List the name of your signing certificate as the Root Certificate. Restart the Tomcat service from the CLI using this command:
utils service restart Cisco Tomcat
Step 7
Step 8 Step 9
The new certificate is not valid until you restart the Tomcat service .
11-24
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator About Configuring CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence
When you generate the CSR, we recommend that you backup your system using the Disaster Recovery System on Cisco Unified Presence. If you do not backup your system, and you regenerate the tomcat certificate, you will invalidate your signing chain and you will no longer be able to use your signed certificate. If you have an internal CA, in a signing chain, there will be at least a trusted root certificate. The trusted root certificate may sign an intermediate certificate, or may sign your certificate directly. If there is an intermediate certificate, then it will sign your certificate. The root and the intermediate certificate make up the "signing chain." You need to upload each of the certificates in the chain to Cisco Unified Presence. In each case, upload the certificate as "tomcat-trust." Do not attempt to upload a PKCS#7 (concatenated certificate chain), sometimes called a p7b. You should only upload public keys. Do not upload a PKCS#12.
Related Topics
Disaster Recovery System Administration Guide for Cisco Unified Presence Release 8.0
What To Do Next
About Configuring CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence, page 11-25
About Configuring CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence
Note
The procedures in this topic are only applicable if you are configuring Cisco Unified Personal Communicator for desk-phone control.

Desk-Phone Control and the CTI Connection Failures, page 11-25 (Cisco Unified Personal Communicator Release 7.x) Desk-Phone Control and LDAP TelephoneNumber Field, page 11-26
Desk-Phone Control and the CTI Connection Failures

The CTI gateway provides desk-phone control (phone-association mode) to Cisco Unified Personal Communicator users. You must specify CTI gateway server names, addresses, ports, and protocol types on Cisco Unified Presence so that the information required to reach the CTI gateway server can be downloaded when the user logs in to Cisco Unified Personal Communicator. If the CTI connection to Cisco Unified Communications Manager is lost while Cisco Unified Personal Communicator is operating in desk-phone mode, the application tries to reestablish the connection to the primary and then to the backup servers. Connection attempts continue on a round-robin basis, beginning again with the primary server. Successive attempts to reconnect to a server occur at intervals of 4, 8, 16, 32, and 60 seconds (maximum) until a connection is re-established.
11-25
Chapter 11 Configuring Basic Features for Cisco Unified Personal Communicator About Configuring CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence
Table 11-3
CTI Connection Status and Expected Recovery Behavior
Scenario CTI connection fails and no calls are present
Expected Recovery Behavior

Cisco Unified Personal Communicator attempts to reconnect to the next available CTI server. Until a connection is established, the Cisco Unified Personal Communicator user cannot initiate any new calls through the application. No new incoming call notifications are provided through the application. The user has manual control of the desk phone for making and receiving calls. When Cisco Unified Personal Communicator reconnects to one of the CTI servers, Cisco Unified Personal Communicator users again have the ability to control and monitor new calls through the application. Cisco Unified Personal Communicator attempts to reconnect to the next available CTI server. Existing calls are unaffected, but the user no longer has control through Cisco Unified Personal Communicator and does not receive any updates or changes in the call state. Any existing Cisco Unified Personal Communicator session window closes. The user has manual control of the physical phone for making and receiving calls. When Cisco Unified Personal Communicator reconnects to one of the CTI servers, it opens a new session window for each call and shows the current state. Cisco Unified Personal Communicator remains connected to the current server (whether primary or backup) until the user relaunches Cisco Unified Personal Communicator or when a connection failure causes it to reconnect.
CTI connection fails with one or more calls present
Related Topics

(Cisco Unified Personal Communicator Release 7.x) Desk-Phone Control and LDAP TelephoneNumber Field
You may need to index the telephoneNumber field on the LDAP server for desk-phone control to work. There are two possible scenarios that this applies to:

Desk-phone control is not working, and the server health on Cisco Unified Personal Communicator displays the status "Not Connected - Stopped". The contact search on Cisco Unified Personal Communicator does not return the full results.
11-26
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator How to Configure CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence
These issues could occur when you have a large Cisco Unified Personal Communicator user base, and the LDAP server is slow to respond to queries from Cisco Unified Presence. To fix the issue, index the telephoneNumber field on the LDAP server. Alternatively, if you use Windows Active Directory, change the Global Catalog port to 3268 (instead of using the standard LDAP port 389).
How to Configure CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence

Configuring CTI Gateway Server Names and Addresses

You do not need to perform this procedure if you previously configured Cisco Unified Communications Manager with an IP address through the Cisco Unified Communications Manager Administration > System > Server menu. Cisco Unified Presence dynamically creates a TCP-based CTI gateway host profile for that address, and automatically populates the CTI gateway fields on Cisco Unified Presence.
Before You Begin
Make sure that you have completed this configuration on Cisco Unified Communications Manager:
Configured the phone devices for CTI device control. Added the Cisco Unified Personal Communicator users to a CTI-enabled user group.
Obtained the hostnames or IP addresses of the CTI gateway.
Procedure
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > CTI Gateway Server. Select Add New. Enter information into the fields. Field Name Description Hostname/IP Address Port Setting Enter the server name. (Optional) Enter a server description. Enter an IP address or the FQDN (Fully Qualified Domain Name) of Cisco Unified Communications Manager that is running the CTI service. Enter 2748.
Step 4
Select Save.
11-27
Chapter 11 Configuring Basic Features for Cisco Unified Personal Communicator How to Configure CTI Gateway Settings for Desk-Phone Control on Cisco Unified Presence
Troubleshooting Tip
You can see the CTI gateway information in the Server Health window in Cisco Unified Personal Communicator (Help > Show Server Health on Windows operating system and Help > Show System Diagnostics on Mac OS).
Related Topics

User and Device Configuration on Cisco Unified Communications Manager, page 3-1 Desk-Phone Control and the CTI Connection Failures, page 11-25
What To Do Next
Creating CTI Gateway Profiles, page 11-28
Creating CTI Gateway Profiles

You must create CTI gateway profiles in Cisco Unified Presence Administration and assign primary and backup servers for redundancy.
Before You Begin

You must create the CTI gateway profile before you can add Cisco Unified Personal Communicator licensed users to the application profile. You must first specify CTI gateway server names and addresses in Application > Cisco Unified Personal Communicator > CTI Gateway Server before you can select the servers as primary or backup servers in this procedure. Cisco Unified Presence dynamically creates a TCP-based CTI gateway profile based on the hostname of Cisco Unified Communications Manager. Before using this profile, verify that Cisco Unified Presence and Cisco Unified Personal Communicator clients can ping Cisco Unified Communications Manager by the DNS name. If they cannot contact the server, you need to add the IP address of Cisco Unified Communications Manager in Cisco Unified Presence Administration (Application > Cisco Unified Personal Communicator > CTI Gateway Server). You do not need to delete the host profiles that are created automatically. If you previously configured Cisco Unified Communications Manager with an IP address through the Cisco Unified Communications Manager Administration > System > Server menu, Cisco Unified Presence dynamically creates a TCP-based CTI gateway profile based on that address. The fields in Cisco Unified Presence Administration (Application > Cisco Unified Personal Communicator > CTI Gateway Profile) are automatically populated, and you need only add users to the default CTI TCP profile that is created (see Step 3).
Procedure
Select Application > Cisco Unified Personal Communicator > CTI Gateway Profile. Select Add New. Enter information into the fields.
11-28
Chapter 11
Configuring Basic Features for Cisco Unified Personal Communicator How to Configure Video Calls and Videoconferencing
Field Name Description Primary CTI Gateway Server and Backup CTI Gateway Server Make this the Default CTI Gateway Profile for the System
Setting Enter the profile name. (Optional) Enter a profile description. Select a primary server and backup servers.
Check so that any new users that are added to the system are automatically placed into this default profile. Users who are already synchronized to Cisco Unified Presence from Cisco Unified Communications Manager are not added to the default profile. However, once the default profile is created, any users synchronized after that are added to the default profile.
Select Add Users to Profile. Use the Find and List Users window to find and select users. Select Add Selected to add users to the profile Select Save in the main CTI Gateway Profile window.
Related Topics

Configuring CTI Gateway Server Names and Addresses, page 11-27 Desk-Phone Control and the CTI Connection Failures, page 11-25
How to Configure Video Calls and Videoconferencing

Configuring Users for Point-to-Point Video Calls and for Multipoint Videoconferencing, page 11-29 Configuring Videoconferencing Resources and Ad-Hoc Conferencing on Cisco Unified Communications Manager, page 11-30 Configuring Bandwidth Capability for Cisco Unified Personal Communicator, page 11-32 (Cisco Unified Personal Communicator Release 8.x) How to Configure Cisco Unified IP Phones for Video, page 11-33
Configuring Users for Point-to-Point Video Calls and for Multipoint Videoconferencing
Procedure
Step 1
(Cisco Unified Personal Communicator Release 7.1) For point-to-point video calls, configure users for softphone use.
11-29
Chapter 11 How to Configure Video Calls and Videoconferencing
Step 2
(For multipoint videoconferencing) If you want Cisco Unified Personal Communicator softphone users to have merged conference calls (three or more parties) with audio and video support, you must first configure videoconferencing resources. Distribute cameras that are supported for use with Cisco Unified Personal Communicator. For a list of these cameras, see the Release Notes for Cisco Unified Personal Communicator: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html The camera driver installer is not provided with some models of Cisco VT Camera. In this case, you must distribute the installer.
Step 3
For new installations:

If users are to perform the installation, distribute the camera, the camera driver installer (if a
driver is necessary), and the user guide.

If users already have a supported camera, do not distribute the driver. Step 4
Provide users with the appropriate documentation to complete the installation.
Related Topics
For details about supported cameras, video codecs, and audio codecs, see the Release Notes for Cisco Unified Personal Communicator: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
Provide users with this documentation:

Cisco Unified Personal Communicator user documentation:
http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.html
Cisco VT Camera Quick Start Guide (for use with Windows-based computers)
http://www.cisco.com/en/US/products/sw/voicesw/ps5662/prod_installation_guides_list.html
What To Do Next
Configuring Videoconferencing Resources and Ad-Hoc Conferencing on Cisco Unified Communications Manager, page 11-30
Configuring Videoconferencing Resources and Ad-Hoc Conferencing on Cisco Unified Communications Manager
Using Cisco Unified Communications Manager Administration, you can enable merged conference calls (three or more parties) with audio and video support for Cisco Unified Personal Communicator users. Any participant in the conference call can merge other participants into the conference.
Before You Begin

Install a supported release of the videoconferencing server. Obtain the MAC address of the videoconference bridge.
11-30
Chapter 11
Procedure
Step 1
Perform the following configuration on Cisco Unified MeetingPlace Application Server Administration Center: Task Enter the IP address of your Cisco Unified Communications Manager in the Primary TFTP server fields. Enter the MAC address of your Cisco Unified Communications Manager in the Application server MAC address field. Add the licensing information. Maintenance > Licenses > Install Licenses Menu Path System Configuration > Call Configuration > Ad-Hoc Cisco Unified Communications Manager Configuration
Step 2
Perform the following configuration on Cisco Unified Communications Manager: Task Configure the videoconference bridge. Create a media resource group list. Add the videoconference bridge to the media resource group list. Create a media resource group. Menu Path Cisco Unified CM Administration > Media Resources > Conference Bridge Cisco Unified CM Administration > Media Resources > Media Resource Group List
Cisco Unified CM Administration > Media Add a media resource to the media resource group. Resources > Media Resource Group Cisco Unified CM Administration > Device > Assign devices to the media resource group list. Search for the device in the Find and List Phones Phone window. Select the device, then select the list from the Media Resource Group List drop-down list.
Step 3
(Optional) To enable any participant to add more participants to the conference, perform the following steps:
a. b. c. d. e.
Select Cisco Unified CM Administration > System > Service Parameters in Cisco Unified Communications Manager Administration. Select your Cisco Unified Communications Manager server from the Server drop-down list. Select Cisco CallManager (Active) from the Service drop-down list. To enable any participant to add more participants the conference, set Advanced Ad Hoc Conference Enabled to True in the Clusterwide Parameter (Feature - Conference) section. To specify a minimum number of video-capable participants for ad-hoc conferences, enter the minimum number in the Minimum Video Capable Participants To Allocate Video Conference field in the Clusterwide Parameters (Feature - Conference) section. When an ad-hoc conference starts, the conference uses an audio bridge or a video bridge, depending on the value in this setting. For example, if you set this setting to 2, a minimum of two participants in the conference must have video-enabled devices. If this at least two participants do not have video-enabled devices, then the conference becomes an audio-only conference. The participants cannot change the conference to video after this happens.
11-31
f. Step 4
Select Save. Select Cisco Unified CM Administration > Device > Phone. Under Search Options, search for the directory number of the phone, and when it is found, select the device name. In the Phone Configuration window in the Device Information section, find the Media Resource Group List, and select the media resource group list that you just configured. Select Enabled for Video Capabilities in the Product Specific Configuration Layout section. Select Save. Select Reset.
Associate the phone with the new media resource group list:
a. b. c. d. e. f.
Related Topics
For details about the Cisco Unified Videoconferencing server installation, see the product installation guide: http://www.cisco.com/en/US/products/hw/video/ps1870/tsd_products_support_series_home.html For detailed instructions about media resource configuration for Cisco Unified Videoconferencing, use the Cisco Unified Communications Manager Administration online help or the Cisco Unified Communications Manager Administration Guide: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
For details about supported Cisco Unified Videoconferencing releases, see the Cisco Unified Personal Communicator release notes: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html For detailed Cisco Unified MeetingPlace configuration instructions, see the Administration Documentation for Cisco Unified MeetingPlace: http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html
For detailed Cisco Unified Communications Manager configuration instructions, use the Cisco Unified Communications Manager Administration online help or the Cisco Unified Communications Manager Administration Guide: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
Creating a Softphone Device for Each Cisco Unified Personal Communicator User, page 11-14 Configuring Users for Point-to-Point Video Calls and for Multipoint Videoconferencing, page 11-29
Configuring Bandwidth Capability for Cisco Unified Personal Communicator

Cisco Unified Personal Communicator uses a Cisco Unified Communications Manager device type called Cisco Unified Client Services Framework. The bandwidth capability of the Cisco Unified Client Services Framework device that is associated with an installation of Cisco Unified Personal Communicator, is one of several factors that determine the video capability of the Cisco Unified Personal Communicator for the user. To configure the bandwidth capability of Cisco Unified Client Services Framework devices, use the region settings of the device pool that the Cisco Unified Client Services Framework device is in. The following settings affect the bandwidth capability of the device:
11-32
Chapter 11
Audio Codec Video Call Bandwidth
For more information about region and device pool configuration in Cisco Unified Communications Manager, see the Cisco Unified Communications Manager Administration online help, or the Cisco Unified Communications Manager Administration Guide: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
(Cisco Unified Personal Communicator Release 8.x) How to Configure Cisco Unified IP Phones for Video
The Cisco Unified Client Services Framework (CSF) device type is always video-enabled, so you do not need to configure devices of this type. However, you must explicitly configure Cisco Unified IP Phones to enable video. If you want Cisco Unified Personal Communicator to be able to send and receive video, you must select the following devices as controlled devices for the user:

The Cisco Unified Client Services Framework device Any desk-phone devices
Note
When you use your Cisco Unified IP Phone for phone calls, you can only use video on your computer if the Cisco Unified IP Phone uses Skinny Client Control Protocol (SCCP). To configure a Cisco Unified IP Phone for video, you must perform the following tasks:

(Cisco Unified Personal Communicator Release 8.x) Connecting a Cisco Unified IP Phone to the Network and Your Computer, page 11-33 (Cisco Unified Personal Communicator Release 8.x) Enabling Video for a Cisco Unified IP Phone, page 11-34
(Cisco Unified Personal Communicator Release 8.x) Connecting a Cisco Unified IP Phone to the Network and Your Computer
Procedure
Step 1 Step 2
Connect the SW port on the Cisco Unified IP Phone to the network. Connect the PC port on the Cisco Unified IP Phone to the controlling PC with an Ethernet cable.
What To Do Next
(Cisco Unified Personal Communicator Release 8.x) Enabling Video for a Cisco Unified IP Phone, page 11-34
11-33
(Cisco Unified Personal Communicator Release 8.x) Enabling Video for a Cisco Unified IP Phone
Procedure
Select Device > Phone in Cisco Unified Communications Manager Administration. Find the device that you want to configure. Click on the Device Name. Scroll to the Product Specific Configuration Layout section. Select Enabled from the PC Port drop-down list. Select Enabled from the Video Capabilities drop-down list. Select Save. When video is enabled on the phone, a video icon is displayed in the lower-right corner of the LCD screen.
11-34
CH A P T E R
12
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
November 21, 2011
About Secure Voicemail Messaging, page 12-1 How to Configure Voicemail Servers for Cisco Unified Personal Communicator, page 12-3 How to Configure Conferencing Servers for Cisco Unified Personal Communicator, page 12-12 (Cisco Unified Personal Communicator Release 8.x) Creating Audio Profiles on Cisco Unified Presence, page 12-23 Configuring CCMCIP Profiles for Cisco Unified Personal Communicator Release 8.x, page 12-24 About Configuring Third-Party Clients on Cisco Unified Presence, page 12-26 (Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal Communicator as a Desktop Agent, page 12-27 (Cisco Unified Personal Communicator Release 8.5) Distributing HTML Files for Display in the Cisco Unified Personal Communicator Window, page 12-30 About Migrating Users from Cisco Unified Personal Communicator Release 7.x to Release 8.x, page 12-31 How to Update User Configuration After Deploying Cisco Unified Personal Communicator, page 12-31
About Secure Voicemail Messaging

Secure Voicemail Messaging on Cisco Unity Connection, page 12-2 Secure Voicemail Messaging on Cisco Unity, page 12-2 Secure Voicemail Messaging Configuration, page 12-3
12-1
Chapter 12 About Secure Voicemail Messaging
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator
Secure Voicemail Messaging on Cisco Unity Connection

In Cisco Unity Connection, when a user sends a message, class-of-service settings determine the security level of the message. When a user marks a message as private, Cisco Unity Connection automatically marks the message as secure. Cisco Unity Connection provides audio for secure voicemail messages through a special IMAP port, port 7993. This port requires Transport Layer Security (TLS). Cisco Unified Personal Communicator uses this port to access, download, and play the secure message. For information on installing and configuring secure message features on Cisco Unity Connection, see the Cisco Unity Connection documentation.
Related Topics
See the Cisco Unity Connection Security Guide at the following URL: http://www.cisco.com/en/US/products/ps6509/prod_maintenance_guides_list.html Secure Voicemail Messaging Configuration, page 12-3
Secure Voicemail Messaging on Cisco Unity

Cisco Unity uses public-key cryptography to send secure messages. Each Cisco Unity server in the network has a public key and a private key. The public key for each server is stored in the Cisco Unity database and is shared through Active Directory with other Cisco Unity servers in the network. The Cisco Unity server generates new session keys daily. The server uses the session key to encrypt the voice mail, and to control the age of messages. Users cannot play messages that are encrypted with keys that are older than the age policy allows. Cisco Unity uses Microsoft Exchange to store secure messages. You configure all subscriber mailboxes on these message store servers. Cisco Unified Personal Communicator connects to the message store and performs the following actions:
1. 2. 3. 4.
Uses IMAP to download the message from Exchange. Determines if the message is encrypted. If the message is not encrypted, Cisco Unified Personal Communicator plays the message. If the message is encrypted, the following happens:
a. Cisco Unified Personal Communicator extracts the encrypted session keys from the .wav file
for the message.

b. Cisco Unified Personal Communicator submits the keys to the Cisco Unity server. c. The Cisco Unity server tries to decrypt the session keys. The server uses the private key
certificates in the Cisco Unity database.

d. If the Cisco Unity server decrypts the session key, Cisco Unified Personal Communicator uses
the key to decrypt the message, and plays the messages to the user.
Related Topics
See the Cisco Unity Security Guide with Microsoft Exchange at the following URL: http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_maintenance_guides_list.htm Configuring Cisco Unity Servers, page 12-5
12-2
Chapter 12
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator How to Configure Voicemail Servers for Cisco Unified Personal Communicator
Secure Voicemail Messaging Configuration

The required configuration is different, depending on what type of secure messaging you want to configure:
Table 12-1
Secure Messaging Type Action SOAP Make sure that the web service port and protocol are configured. You configure the web service port and protocol when you specify the voicemail server name and address. Make sure that the IMAP port and protocol are configured. You configure the IMAP port and protocol when you specify the mailstore server name and address.
Menu path Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Voicemail Server Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Mailstore
IMAP
Note
Cisco Unity requires SOAP configuration for secure messaging. Cisco Unity Connection does not require SOAP configuration for secure messaging.
Related Topics
See the Cisco Unity security guide with Microsoft Exchange at the following URL: http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_maintenance_guides_list.html Configuring Cisco Unity Servers, page 12-5 Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 12-8 Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 12-9
How to Configure Voicemail Servers for Cisco Unified Personal Communicator

Configuring Cisco Unity Connection Servers, page 12-4 Configuring Cisco Unity Servers, page 12-5 Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 12-8 Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 12-9 Creating Voicemail Profiles on Cisco Unified Presence, page 12-10
Note
Before you perform the tasks described here, make sure that you fully integrate Cisco Unified Personal Communicator with Cisco Unified Communications Manager and Cisco Unified Presence.
12-3
Chapter 12 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator How to Configure Voicemail Servers for Cisco Unified Personal Communicator
Configuring Cisco Unity Connection Servers

Cisco Unity Connection provides Cisco Unified Personal Communicator users with the ability to view, play, sort, and delete voicemail messages from the Cisco Unified Personal Communicator interface.
Before You Begin

Install and configure a supported release of Cisco Unity Connection. Integrate Cisco Unified Communications Manager and Cisco Unity Connection. Both servers must be installed and running to configure voicemail ports.
Procedure
Step 1
Set up a new or existing class of service in Cisco Unity Connection Administration to enable Internet Mail Access Protocol (IMAP) client access to voice messages.
a. b. c. d. e. f.
Expand Class of Service in the section on the left-hand side. Select Class of Service. Select the display name of the applicable class of service in the Search Results table, in the Search Class of Service window. Check Allow Users to Use Unified Client to Access Voice Mail, under Features. Check Allow Users to Access VoiceMail Using an IMAP Client, under Licensed Features. Then select Allow Users to Access Message Bodies. Select Save. If the users are existing Cisco Unity Connection users, add them to the Cisco Unified Communications Manager database and to Cisco Unified Presence. Proceed to Step 4. If the user is a new Cisco Unified Personal Communicator user, add the user to Cisco Unified Communications Manager database, Cisco Unity Connection, and to Cisco Unified Presence.
Step 2
Configure the user:

Step 3
Create a Connection user account on the Cisco Unity Connection server with a voice mailbox for each Cisco Unified Personal Communicator user.
Note
The user ID in Cisco Unity Connection does not need to match the user ID in Cisco Unified Presence or in Cisco Unified Personal Communicator. Cisco Unified Personal Communicator has an independent voicemail ID, which is set in the application Preference window. However, you might find it useful to have the same user IDs across your Cisco Unified Communications system. (Optional) Enable secure messaging as follows:
a. b.
Step 4
Expand Class of Service in the section on the left-hand side, and then select Class of Service. Select an option from Require Secure Messaging in the Message Options section to enable secure messages. Expand Users in the section on the left-hand side. Select Users. Select the alias of a user.
Step 5
(Optional) Specify how to handle unidentified caller message security for your users as follows:
a. b. c.
12-4
Chapter 12
d. e. Step 6
Select Edit > Message Settings. Check Mark Secure in Unidentified Callers Message Security.
If one does not already exist, specify a web application password in Cisco Unity Connection for the applicable user accounts.

Users must enter their voicemail credentials, that is, their username and password, in the Cisco Unified Personal Communicator application. If the server can be contacted and the user credentials are correct, but voicemail messages are not downloaded, do the following:
Check the configuration of port 7993. Make sure that Cisco Unity Connection is listening on port 7993. Check the firewall configuration. Use Telnet from a remote computer to the computer running
Cisco Unified Personal Communicator, and make sure that you can connect to the firewall. Allow the Cisco Unified Client Services Framework executable file (cucsf.exe) to establish IMAP network connections using TCP, TLS, and SSL at the appropriate server and port. For information about the ports and protocols used by Cisco Unified Personal Communicator and Cisco Unified Client Services Framework, see the Cisco Unified Personal Communicator release notes: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
Related Topics
For details about supported Cisco Unity Connection releases, see the Cisco Unified Personal Communicator release notes: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html For details about the voicemail configuration on Cisco Unified Communications Manager, see the Cisco Unified Communications Manager Administration Guide: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
For details about setting up the Connection user account and configuring a web application password onCisco Unity Connection, see the Cisco Unity Connection User Moves, Adds, and Changes Guide: http://www.cisco.com/en/US/products/ps6509/prod_maintenance_guides_list.html
What To Do Next
Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 12-8
Configuring Cisco Unity Servers

Cisco Unity receives calls, plays greetings, and records and encodes voicemail. When a voicemail is received, Cisco Unity adds the .wav file to an email and sends it to the configured email account. Cisco Unity creates a subscriber mailbox on the Microsoft Exchange server for use as its mailstore server for message storage. When Cisco Unified Personal Communicator users want to listen to their voicemails, they use Cisco Unified Personal Communicator to retrieve them from the mailstore server through IMAP.
12-5
Cisco Unified Personal Communicator supports both the Cisco Unity unified messaging and the Cisco Unity voice messaging configurations. With unified messaging, the Exchange server email account supports both voicemail and email. With voice messaging, the Exchange server email account contains only voicemail messages.
Before You Begin

Install and configure a supported release of Cisco Unity. Integrate Cisco Unified Communications Manager and Cisco Unity. Both servers must be installed and running to configure voicemail ports. If you plan to use SSL to provide secure transmission with the mailstore server, you must set up Cisco Unity to use SSL during the installation or upgrade (or at any time after the installation or upgrade is complete). You must designate a server to act as your certificate authority, submit a certificate request, issue the certificate, and install it on the Cisco Unity server.
Procedure
Step 1
Configure the Microsoft Exchange server to use the IMAP virtual server:
To Configure This Release Microsoft Exchange 2003
Do This
a. b. c. d. e.
Select Start > All Programs > Microsoft Exchange > System Manager. In the section on the left-hand side of the System Manager, expand Servers. Select the server name. Select Protocols > IMAP. Right-click, and select Start Server. Select Start > Run, enter services.msc, and select OK. Select the Microsoft Exchange IMAP4 service, and select Start. This service is not started by default.
Microsoft Exchange 2007
a. b.
Step 2
Configure the port and encryption type:
12-6
Chapter 12
To Configure This Server Microsoft Exchange 2003
Do This
a. b.
Right-click IMAP Virtual Server, and select Properties. Select Authentication from the Access tab.
Verify that Requires SSL/TLS Encryption is not
checked to use TCP and SSL connection.

Verify that Requires SSL/TLS Encryption is checked
to use SSL only.

c.
Select OK. Select Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell. Specify the authentication settings for the Client Access Server that is running the IMAP4 service through the Exchange Power Shell.
Microsoft Exchange 2007
a. b.
Note c.
Microsoft Exchange 2007 uses SSL by default. Execute one of the following commands for the appropriate setting:
For plain text login: set-imapsettings -LoginType
PlainTextLogin
For SSL: set-imapsettings -LoginType SecureLogin Step 3
Configure the user:

If the user is an existing Cisco Unity user, add the user to the Cisco Unified Communications Manager database and to Cisco Unified Presence. If the user is a new user, add the user to the Cisco Unified Communications Manager database, Cisco Unity (which adds the user to Exchange and to Active Directory), and to Cisco Unified Presence.
Step 4 Step 5
Create mailboxes for new and existing users. For details, see the documentation for your Exchange server. (Optional) Enable secure messaging as follows:
a.
Select Subscribers > Subscribers > Features to make the change on a subscriber template. The change you make here is not applied to current subscriber accounts that were created by using this template. The setting applies only to subscriber accounts that are created by using this template after the change has been made.
b.
Select an option from the Message Security When Sending a Message list to enable secure messages. For example, select Encrypt All Messages. This setting specifies whether messages are encrypted when subscribers send messages to other subscribers.
c. d.
Select Save. Repeat these steps for additional subscribers or subscriber templates, as applicable.
12-7
Step 6
(Optional) Enable secure messaging for messages from unidentified callers:

a. b. c.
Select System > Configuration > Message Security Settings. Specify whether messages from unidentified callers are encrypted. Select an option from the list. Select Save.
Troubleshooting Tip
Cisco Unified Personal Communicator users must enter their Cisco Unity credentials in the Cisco Unified Personal Communicator Preferences window.
Related Topics
For details about the Cisco Unity server installation with Microsoft Exchange, see the following URL: http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html For details about supported Cisco Unity releases, see the Cisco Unified Personal Communicator release notes at the following URL: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html For details about the voicemail configuration on Cisco Unified Communications Manager, see the Cisco Unified Communications Manager Administration Guide at the following URL: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html To configure Cisco Unity to use SSL, see the security guide: http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_maintenance_guides_list.html Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 12-9
What To Do Next
Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 12-8
Configuring Voicemail Server Names and Addresses on Cisco Unified Presence

You must configure voicemail settings so that the Cisco Unified Personal Communicator can interact with the voice message web service (VMWS) on Cisco Unity or Cisco Unity Connection. The VMWS service enables Cisco Unified Personal Communicator to move deleted voicemail messages to the correct location. This service also provides message encryption capabilities to support secure messaging.
Before You Begin

Configure a supported voicemail server. Obtain the hostname or IP address of the voicemail server. You might need to specify more than one hostname to provide services for the number of users in your environment. For Cisco Unity, you must also obtain the hostnames or IP addresses of the peer Microsoft Exchange server or servers. Perform this procedure for each voicemail server in your environment.
12-8
Chapter 12
Procedure
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Voicemail Server. Select Add New. Select Unity or Unity Connection from the Server Type menu. Enter the Cisco Unity Connection or Cisco Unity server name. Enter the hostname or the IP address of the voicemail server. Enter 443 for the Web Service Port value. Select HTTPS in Web Service Protocol menu. Select Save.
Related Topics

Configuring Cisco Unity Connection Servers, page 12-4 Configuring Cisco Unity Servers, page 12-5
What To Do Next
Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 12-9
Configuring Mailstore Server Names and Addresses on Cisco Unified Presence

You must configure Cisco Unified Presence with mailstore information so that Cisco Unified Personal Communicator can connect to the mailstore. Cisco Unified Personal Communicator uses IMAP to download messages. Cisco Unity creates subscriber mailboxes for message storage on the Microsoft Exchange server. Cisco Unity Connection usually provides a mailstore, and hosts the mailstore on the same server. The following table describes the protocols you can use for voicemail messages, and the security features the protocols implement for voicemail messages: Protocol SSL TCP TLS Description Uses a secure socket to encrypt usernames, passwords, and voicemail messages. Sends usernames, passwords, and voicemail messages in clear text. Uses the STARTTLS verb of IMAP to encrypt usernames, passwords, and voicemail messages.
Before You Begin

Obtain the hostname or IP address of the mailstore server. If you upgrade from Cisco Unified Presence Release 6.0(x) to Release 7.0(x), Cisco Unified Presence automatically imports the IMAP settings into the mailstore configuration window.
12-9
Restrictions
You must provision mailstore servers before you can add the servers to the voicemail profiles.
Procedure
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Mailstore. Select Add New. Enter the mailstore server name. Enter the hostname or the IP address of the mailstore server. Specify the IMAP port number configured for the server and the corresponding protocol to use when Cisco Unified Personal Communicator contacts this server: Server Cisco Unity Connection Protocol SSL TCP TLS Cisco Unity SSL TCP TLS Port Number 993 143 143 or 7993 993 143 143
Step 6
Select Save.
Related Topics
Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 12-9
What To Do Next
Creating Voicemail Profiles on Cisco Unified Presence, page 12-10
Creating Voicemail Profiles on Cisco Unified Presence

You must create voicemail profiles before you can add Cisco Unified Personal Communicator licensed users to profiles. Repeat this procedure for each voicemail profile you want to create.
Before You Begin

Specify voicemail server names and addresses. Specify mailstore server names and addresses.
Procedure
Step 1
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Voicemail Profile.
12-10
Chapter 12
Select Add New. Enter the profile name and description. Enter information into the fields: Field Voice Messaging Pilot Setting (Optional) The voicemail pilot number is the directory number that a user dials to access their voice messages. Cisco Unified Communications Manager automatically dials the voice-messaging number when a user presses the Messages button on their phone. Each pilot number can belong to a different voice-messaging system. Select one of the following options:
NumberSelect the voicemail pilot number for the system. This is the same as the number specified from the Voice Mail > Voice Mail Pilot menu, in Cisco Unified Communications Manager Administration. No Voice MailSelect this option if you do not want to send unanswered incoming calls to voice mail.
Primary Voicemail Server Backup Voicemail Server Primary Mailstore Backup Mailstore
Select a primary server. Select one of the mailstore servers you specified. (Optional) Enter the name of your backup voicemail server. If you do not want a backup voicemail server, select None. Select the primary mailstore server. Select one of the mailstore servers you specified. (Optional) Enter the name of your backup mailstore server. If you do not want a backup voicemail server, select None.
Make this the default Voicemail (Optional) Check this option if you want new users to be Profile for the system automatically added to the default profile. Users who are already synchronized to Cisco Unified Presence from Cisco Unified Communications Manager are not added to the default profile. However, any users who are synchronized after the default profile is created are added to the default profile.
Step 5
(Cisco Unified Personal Communicator Release 8.x) Enter information into the fields: Field Inbox Folder Setting Enter the name of the folder on the mailstore server in which to store new messages. Only change this value if the mailstore server uses a different folder name from the default folder. Default Folder: INBOX Trash Folder Enter the name of the folder on the mailstore server in which to store deleted messages. Only change this value if the mailstore server uses a different folder name from the default folder. Default Folder: Deleted Items
12-11
Chapter 12 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator How to Configure Conferencing Servers for Cisco Unified Personal Communicator
Field Polling Interval
Setting Enter the time (in seconds) that can elapse between polls of the IMAP server for new voice messages, when IDLE is not supported by the mailstore or when a connection failure occurs. Default Value: 60 Permitted Values: 60900
Allow dual folder mode
(Optional) This dual folder setting is turned on by default for use with mailstores that support the IMAP UIDPLUS extensions (RFC 2359 and 4315). By default, the Client Services Framework (CSF) will detect if UIDPLUS is not supported and automatically revert to Single Folder mode. Turn off this setting if you know that UIDPLUS is not supported and you want to force the system to use Single Folder mode. Default Setting: On
Tip
The Microsoft Exchange 2007 server does not support UIDPLUS extensions.
Select Add Users to Profile. Use the Find and List Users window to find and select users, and select Add Selected to add users to the profile. Select Save.
Related Topics

Configuring Voicemail Server Names and Addresses on Cisco Unified Presence, page 12-8 Configuring Mailstore Server Names and Addresses on Cisco Unified Presence, page 12-9.
How to Configure Conferencing Servers for Cisco Unified Personal Communicator

Note
Before you perform the tasks described here, make sure you fully integrate Cisco Unified Personal Communicator with Cisco Unified Communications Manager and Cisco Unified Presence.

About the Conferencing Servers for Cisco Unified Personal Communicator, page 12-13 (Cisco Unified Personal Communicator Release 7.1) Configuring Cisco Unified MeetingPlace Express and Cisco Unified MeetingPlace Express VT Servers, page 12-13 Configuring Cisco Unified MeetingPlace Servers, page 12-16 (Cisco Unified Personal Communicator Release 8.x) Configuring the Cisco Unified MeetingPlace Web Server, page 12-18 Adding Custom Cisco Unified MeetingPlace Template Files to a Cisco Unified MeetingPlace7.x Web Server, page 12-18
12-12
Chapter 12
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator How to Configure Conferencing Servers for Cisco Unified Personal Communicator
(Cisco Unified Personal Communicator Release 8.5) Configuring Cisco Webex Servers, page 12-19 Configuring Conferencing Server Names and Addresses on Cisco Unified Presence, page 12-19) Creating Conferencing Profiles on Cisco Unified Presence, page 12-21
About the Conferencing Servers for Cisco Unified Personal Communicator

Cisco Unified Personal Communicator can be configured to launch ad-hoc conference calls and web meetings on the following products: Conferencing Server(s) Cisco Unified MeetingPlace Cisco Unified MeetingPlace Express Cisco Unified MeetingPlace Express VT
1 2
Cisco Unified Personal Communicator Version All versions 7.1 8.x 8.0 7.1, 8.5
Cisco Webex Node for MCS integrated with Cisco Unified MeetingPlace Cisco Webex Node for MCS
1. Can be used for conference calls with video if Cisco Unified Communications Manager is configured to use Cisco Unified MeetingPlace Express VT. 2. Does not support web meetings.
You can use Cisco Unified Personal Communicator to join Cisco Unified MeetingPlace and Cisco Webex scheduled meetings as follows: Conferencing Server Cisco Unified MeetingPlace Cisco Webex Cisco Unified Personal Communicator Version All versions 8.5
(Cisco Unified Personal Communicator Release 7.1) Configuring Cisco Unified MeetingPlace Express and Cisco Unified MeetingPlace Express VT Servers
Cisco Unified MeetingPlace Express or Cisco Unified MeetingPlace ExpressVT provide Cisco Unified Personal Communicator users with the ability to add web meetings from within an existing audio or video communication session. With Cisco Unified MeetingPlace Express VT, users can move from point-to-point to multi-party voice and video calls.
Before You Begin

Install a supported release of the web conferencing server (Cisco Unified MeetingPlace Express or Cisco Unified MeetingPlace Express VT). Integrate the web conferencing server with Cisco Unified Communications Manager. Determine the number of Cisco Unified MeetingPlace Express (or Cisco Unified MeetingPlace Express VT) user licenses that are needed to provide enough web ports for meetings initiated through Cisco Unified Personal Communicator.
12-13
Procedure
Step 1
Integrate the web conference server with Cisco Unified Personal Communicator: To Configure This Server Cisco Unified MeetingPlace Express adhoc conferencing functionality Do This
a.
Install the following licenses through the Cisco Unified MeetingPlace Express Administration Center:

adhocsystemsoftware webconf maxadhoc
This provides enough web ports for Cisco Unified Personal Communicator users. Cisco Unified Personal Communicator requires support for more than six voice, six video, and six web ports.
b.
Configure Cisco Unified MeetingPlace Express VT for adhoc conferencing by following the instructions in the Cisco Unified MeetingPlace Express Configuration and Maintenance Guide. Install the following licenses:

For Cisco Unified MeetingPlace Express reservationless functionality:
a.
systemsoftware webconf maxweb
This provides enough web ports for both the full web meetings that are initiated from Cisco Unified MeetingPlace Express, and the web meetings that are initiated from Cisco Unified Personal Communicator.
b.
Configure Cisco Unified MeetingPlace Express for integration with Cisco Unified Personal Communicator. For Cisco Unified MeetingPlace Express-specific information about integrating with Cisco Unified Personal Communicator, managing certificates, creating user profiles, and configuring call-control, see the Cisco Unified MeetingPlace Express Configuration and Maintenance Guide.
Step 2
If not already enabled, enable the Secure Sockets Layer (SSL) encryption technology on the web conference server by obtaining and uploading the required certificates from a trusted certificate authority (CA). The certificate is required for secure communications between Cisco Unified Personal Communicator and the web conference server. Without SSL, clear text passwords are sent from Cisco Unified Personal Communicator to the web conferencing server and from the sign in browser to the web conferencing server.
Step 3
Set up a user profile on the web conference server for each Cisco Unified Personal Communicator user who might initiate web meetings from a Cisco Unified Personal Communicator conversation.
You do not need to create a user profile for Cisco Unified Personal Communicator users who attend web meetings. They join the web meeting as guests, and a password is not needed.
12-14
Chapter 12
Make sure to set the Method of Attending to Ill Call In for users who might initiate web meetings; otherwise, the web conference system will try to contact the user who selected the Escalate to Web Conference button in Cisco Unified Personal Communicator. Make sure to ask users not to change this setting.
Step 4 Step 5
Assist users with the Presenter Add-In installation so that desktops, documents, or computer applications can be shared. Change the network configuration so that inbound calls from the public switched telephone network (PSTN) to Cisco Unified Personal Communicator support RFC2833.
For inbound calls, Cisco Unified Personal Communicator requires RFC2833 support if these calls require dual tone multifrequency (DTMF) digit collection. Inbound calls to the client will not be answered with key press markup language (KPML) support. A typical inbound call scenario is when the web conference server calls the user as a conference is being set up. In this situation, if the inbound call from the PSTN supports RFC2833, the Cisco Unified Personal Communicator user can join the meeting by using the session dial pad.
For outbound calls, Cisco Unified Personal Communicator supports both KPML and RFC2833 digit collection.
As an alternative to setting up a user profile on the web conference server, you can configure the Administrative XML Layer Simple Object Access Protocol (AXL SOAP) authentication on Cisco Unified Communications Manager to simplify the web conference user profile administration. With this configuration, the Cisco Unified Personal Communicator meeting initiator needs a Cisco Unified Communications Manager profile instead of a web conference user profile. With AXL authentication, when the initiator requests a meeting for the first time through Cisco Unified Personal Communicator, a web conference profile is automatically created for the initiator. Cisco Unified Personal Communicator users must enter their Cisco Unified MeetingPlace Express credentials in the Cisco Unified Personal Communicator Preferences window.
Related Topics
For details about Cisco Unified MeetingPlace Express or Cisco Unified MeetingPlace Express VT the server installation, see the product installation guide: http://www.cisco.com/en/US/products/ps6533/prod_installation_guides_list.html For details about supported Cisco Unified MeetingPlace Express releases, and the supported and unsupported meeting controls, see the release notes: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html For details on integrating the web conferencing server with Cisco Unified Communications Manager. see the Cisco Unified Communications Manager documentation: http://www.cisco.com/en/US/products/ps6533/products_installation_and_configuration_guides_lis t.html
For details on configuring Cisco Unified MeetingPlace Express VT or Cisco Unified MeetingPlace Express, see the product configuration and maintenance guide: http://www.cisco.com/en/US/products/ps6533/prod_maintenance_guides_list.html For details on the Presenter Add-In installation, see the product user guide:
12-15
http://www.cisco.com/en/US/products/ps6533/products_user_guide_list.html
For a description of the characteristics of a web conference that you add to a Cisco Unified Personal Communicator conversation, see the user documentation at the following URL: http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.html
What To Do Next
Configuring Conferencing Server Names and Addresses on Cisco Unified Presence, page 12-19
Configuring Cisco Unified MeetingPlace Servers

Cisco Unified MeetingPlace provides a more extensive feature set (such as scheduled and reservationless rich-media conferencing) and allows more concurrent users than Cisco Unified MeetingPlace Express or Cisco Unified MeetingPlace Express VT. With Cisco Unified MeetingPlace, a Cisco Unified Personal Communicator user can start a meeting from an instant message conversation, from a phone conversation, or from a phone conversation with video.
Before You Begin
Install a supported release of the Cisco Unified MeetingPlace web conferencing server. For more information about how to install and configure Cisco Unified MeetingPlace, see the Administration Documentation for Cisco Unified MeetingPlace: http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html
Integrate the web conferencing server with Cisco Unified Communications Manager. Determine the number of web and audio conferencing user licenses that provide enough web ports for meetings initiated through Cisco Unified MeetingPlace and through Cisco Unified Personal Communicator.
Procedure
Step 1 Step 2
Install web and audio conferencing user licenses. If not already enabled, enable the Secure Sockets Layer (SSL) encryption technology on the web conference server. You must obtain and upload the required certificates from a trusted certificate authority (CA). The certificate is required for secure communications between Cisco Unified Personal Communicator and the web conference server. Without SSL, clear text passwords are sent from Cisco Unified Personal Communicator to the web conferencing server and from the sign in browser to the web conferencing server.
Step 3
Set up a user authentication method on the web conference server. The following authentication methods are supported for use with Cisco Unified Personal Communicator:

MeetingPlace HTTP Basic Authentication (Domain) LDAP LDAP, then MeetingPlace
12-16
Chapter 12
Step 4
Set up a user profile on the Cisco Unified MeetingPlace server for each Cisco Unified Personal Communicator user who might initiate web meetings from a Cisco Unified Personal Communicator conversation.
Cisco Unified Personal Communicator users must enter their Cisco Unified MeetingPlace credentials in the Cisco Unified Personal Communicator options or preferences window. Make sure that you provide the password that is consistent with the configured authentication method. For example, if you configured Cisco Unified MeetingPlace as the authentication method, provide the user with the Cisco Unified MeetingPlace password. If you configured LDAP as the authentication method, provide the user with the LDAP password. You do not need to create Cisco Unified MeetingPlace user profiles for all Cisco Unified Personal Communicator users. Cisco Unified Personal Communicator users who do not have Cisco Unified MeetingPlace profiles can attend web conferences initiated by other Cisco Unified Personal Communicator users as guests, and passwords are not needed. However, some authentication methods, for example, HTTP Basic Authentication, do not allow Cisco Unified Personal Communicator users to sign in to Cisco Unified MeetingPlace as guests. If you configure multiple web servers with different authentication methods and mismatched credentials, users might have problems when they try to sign in to web conferences.
Related Topics
For details about Cisco Unified MeetingPlace installation, see the product installation guide: http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html For details about supported Cisco Unified MeetingPlace releases, see the Cisco Unified Personal Communicator release notes: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html For details about integrating the web conferencing server with Cisco Unified Communications Manager, see the Cisco Unified Communications Manager documentation: http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_installation_and_configuration _guides_list.html
For details about setting up SSL and configuring authentication methods, see the Cisco Unified MeetingPlace configuration guide: http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_installation_and_configuration _guides_list.html
What To Do Next
12-17
(Cisco Unified Personal Communicator Release 8.x) Configuring the Cisco Unified MeetingPlace Web Server
Before You Begin
Install a supported release of the Cisco Unified MeetingPlace conferencing server. For more information about how to install and configure Cisco Unified MeetingPlace, see the Administration Documentation for Cisco Unified MeetingPlace: http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html
Procedure
Step 1
If required, enable a secure connection between Cisco Unified Personal Communicator and the Cisco Unified MeetingPlace Application Server. You must obtain and upload the required certificates from a trusted certificate authority (CA). Create a user profile on the Cisco Unified MeetingPlace Application Server for each Cisco Unified Personal Communicator user who wants to use the web conferencing feature. Configure a conferencing server entry on Cisco Unified Presence. Use the IP address of the Cisco Unified MeetingPlace Web Server as the conferencing server. Use the conferencing server to create a conferencing profile. Check Make this the default Conferencing Profile for the system for the conferencing profile. Create a conferencing profile on Cisco Unified Presence, and assign the Cisco Unified Personal Communicator web conferencing users to the conferencing profile.
What To Do Next
Related Topics
Administration Documentation for Cisco Unified MeetingPlace: http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html
Adding Custom Cisco Unified MeetingPlace Template Files to a Cisco Unified MeetingPlace7.x Web Server
If your Cisco Unified Communications system uses Cisco Unified MeetingPlace Release 7.x, you must install the following files on the Cisco Unified MeetingPlace Web server:

CSFGetProfileSuccess.tpl CSFScheduleSuccess.tpl
You can get the above files from the Administration Toolkit. To access the Administration Toolkit, navigate to Cisco Unified Personal Communicator from the Download Software page at the following URL: http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=278875240
12-18
Chapter 12
You can copy these files to the correct location on the Cisco Unified MeetingPlace Web server. You do not need to restart the server. The default location for these files is as follows: C:\Program Files\Cisco Systems\MPWeb\Template
(Cisco Unified Personal Communicator Release 8.5) Configuring Cisco Webex Servers
There is no specific configuration required to use Cisco Webex conferencing servers with Cisco Unified Personal Communicator. Install a supported version of Cisco Webex Node for MCS or use a Cisco Webex SaaS (software as a service) solution. For information about supported versions, see the Cisco Unified Personal Communicator release notes: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
What To Do Next
Configuring Single Sign-on for Cisco Webex and Cisco Unified MeetingPlace, page 12-19
Configuring Single Sign-on for Cisco Webex and Cisco Unified MeetingPlace
To deploy Cisco Unified Personal Communicator in an environment where users join Cisco Webex meetings using their Cisco Unified MeetingPlace credentials, and the credentials are verified by Cisco Unified MeetingPlace, you must set a registry key value as follows: Registry Key WebConfSSOIdentityProvider Value meetingplace
The registry key is located in HKEY_CURRENT_USER\Software\Policies\Cisco Systems, Inc.\Client Services Framework\AdminData.
Configuring Conferencing Server Names and Addresses on Cisco Unified Presence

Before You Begin

Configure a supported conferencing server. Obtain the hostname or IP address, and the port number, of the conferencing server. If you are configuring a Cisco Webex Node for MCS server for conferencing and you are using Cisco Unified Personal Communicator Release 7.0, you will need the Site ID and the Partner ID values assigned to your Cisco Webex site. If you do not have these values, obtain them from your Cisco Webex administrator. These values are optional if you are using Cisco Unified Personal Communicator Release 8.5.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Conferencing Server. Select Add New.
12-19
Enter the conferencing server name. Enter an IP address or FQDN (Fully Qualified Domain Name) of the conferencing server. Specify the following data for the conferencing server:
a.
Enter the port number:

Enter 80 for HTTP. Enter 443 for HTTPS.
b.
Enter the protocol to use when contacting this server:

HTTP: Selects Hypertext Transfer Protocol as the standard method for transferring data
between the server, Cisco Unified Personal Communicator, and the browser. Select this option if your conferencing server does not have SSL enabled.
HTTPS: Selects Hypertext Transfer Protocol over SSL as the method for securely transferring
data between the server, Cisco Unified Personal Communicator, and the browser. Select this option if your conferencing server has SSL enabled.
Note Step 6 Step 7
We recommend that you use HTTPS.
Specify the conferencing server type in the drop-down menu. If you select Cisco Webex as the server type:
a.
Enter the Site ID number assigned to your Cisco Webex site. Cisco Webex provides you with an ID number for your customer site when you deploy the Cisco Webex product. If you do not have a Site ID number, contact your Cisco Webex administrator. The field is optional if you are using Cisco Unified Personal Communicator Release 8.5. Enter the Partner ID (PID) value assigned to your Cisco Webex site. Cisco Webex provides you with a PID when they enable the Cisco Webex Application Programming Interface (API) on your Cisco Webex site. If you do not have a PID, contact your Cisco Webex administrator. The field is optional if you are using Cisco Unified Personal Communicator Release 8.5.
b.
Step 8
Select Save.
If you upgrade an existing Cisco Unified Presence server, the Server Type value may initially default to Undefined. In this case, select one of the known types of conferencing server from the menu. If you leave a conferencing server entry as Undefined, it may slow conferencing performance with Cisco Unified Personal Communicator.
Related Topics

(Cisco Unified Personal Communicator Release 7.1) Configuring Cisco Unified MeetingPlace Express and Cisco Unified MeetingPlace Express VT Servers, page 12-13 Configuring Cisco Unified MeetingPlace Servers, page 12-16 (Cisco Unified Personal Communicator Release 8.x) Configuring the Cisco Unified MeetingPlace Web Server, page 12-18 (Cisco Unified Personal Communicator Release 8.5) Configuring Cisco Webex Servers, page 12-19
12-20
Chapter 12
What To Do Next
Creating Conferencing Profiles on Cisco Unified Presence, page 12-21
Creating Conferencing Profiles on Cisco Unified Presence

You must create conferencing profiles on Cisco Unified Presence Administration and assign each profile to a primary server.
Note
By contrast, a profile in Cisco Unified MeetingPlace or in Cisco Unified MeetingPlace Express defines the privileges and preferences configured for a specific user in this application.
Before You Begin

You must create the conferencing profile before you can add Cisco Unified Personal Communicator licensed users to the application profile. You must first specify conferencing server names and addresses before you can select them in this procedure.
Restrictions
Conferencing server failover is not supported in Cisco Unified Personal Communicator.

Procedure
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Conferencing Profile. Select Add New. Enter the conferencing profile name. Enter information into the fields:
Field Primary Conferencing Server
Setting Select the conferencing server with which you want to associate this conferencing profile. This drop-down list contains the conferencing servers that you previously configured on the Conferencing Server Configuration window. Change the primary conferencing server to suit your network configuration. (Optional) Select up to two backup conferencing servers from the drop-down list of preconfigured servers. If you do not configure any backup conferencing servers, there will be no conferencing server for Cisco Unified Personal Communicator clients if the first server fails. Change the backup conferencing servers to suit your network configuration.
Backup Conferencing Server
12-21
Field Server Certificate Verification
Setting Specify how the conferencing server associated with this profile supports TLS connections. This setting is for TLS verification of the conferencing servers listed for this conferencing profile. Select from the following options:
Self Signed or KeystoreCisco Unified Presence accepts the certificate if the certificate is self-signed, or the signing Certificate Authority certificate is in the local trust store. A keystore is a file that stores authentication and encryption keys. Any CertificateCisco Unified Presence accepts all valid certificates. Keystore OnlyCisco Unified Presence accepts only certificates that are defined in the keystore. You must import the certificate or its Certificate Authority signing certificate into the local trust store.
Default Setting: Self Signed or Keystore Make this the default Conferencing Profile for the system (Optional) Check this option if you want new users to be automatically added to the default profile. Users who are already synchronized to Cisco Unified Presence from Cisco Unified Communications Manager are not added to the default profile. However, any users who are synchronized after the default profile is created are added to the default profile.
Related Topics

(Cisco Unified Personal Communicator Release 7.1) Configuring Cisco Unified MeetingPlace Express and Cisco Unified MeetingPlace Express VT Servers, page 12-13 Configuring Cisco Unified MeetingPlace Servers, page 12-16 (Cisco Unified Personal Communicator Release 8.x) Configuring the Cisco Unified MeetingPlace Web Server, page 12-18 Configuring Conferencing Server Names and Addresses on Cisco Unified Presence, page 12-19
What To Do Next
Configuring Videoconferencing Resources and Ad-Hoc Conferencing on Cisco Unified Communications Manager, page 11-30
12-22
Chapter 12
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator (Cisco Unified Personal Communicator Release 8.x) Creating Audio Profiles on Cisco Unified Presence
(Cisco Unified Personal Communicator Release 8.x) Creating Audio Profiles on Cisco Unified Presence
Procedure
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Audio Profile. Select Add New. Enter the profile name and description. Enter information into the fields:
Field Make this the default Audio Profile for the system
Setting (Optional) Check this check box if you want new users to be automatically added to the default profile. Users who are already synchronized to Cisco Unified Presence from Cisco Unified Communications Manager are not added to the default profile. However, any users who are synchronized after the default profile is created are added to the default profile.
Enable automatic gain control
(Optional) Check this option if you want automatic gain control (AGC) to keep the audio output constant by:

Reducing the volume of a strong signal Raising the volume of a weaker signal
Uncheck this option if you do not need AGC, or if it impedes the audio output. Default Setting: On Automatic gain control type Select the type of AGC to use. Default Setting: Digital Only. This is the most common network configuration and yields higher performance. Enable noise suppression (Optional) Check this check box to eliminate clicking, feedback or other noise problems in your audio output. Uncheck this check box if you do not want to apply noise suppression techniques, or if it impedes the audio output. Default Setting: On Noise suppression policy Enable voice activity detection (Optional) Select the level of noise suppression that you require. Default Setting: Low (Optional) Check this check box if you want voice activity detection (VAD) to detect the presence or absence of human speech, and facilitate speech processing in an audio session. Uncheck this check box if you do not need VAD, or if it impedes the audio output. Default Setting: On
12-23
Chapter 12 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator Configuring CCMCIP Profiles for Cisco Unified Personal Communicator Release 8.x
Field Voice activity detection mode Enable echo cancellation
Setting (Optional) Select the level of VAD you require. Default Setting: Least Aggressive (Optional) Check this check box to remove echo from audio output and improve the audio quality. Uncheck this check box if you do not need echo cancellation, or if it impedes the audio output. Default Setting: On (Optional) Select the level of echo cancellation you require. Default Setting: Normal

Echo cancellation mode
Select High Echo if you expect that the echo will be loud relative to the voice of the participant. Select Attenuate if you expect that the echo will be quiet relative to the voice of the participant. Note, however, that the Acoustic Echo Suppression echo cancellation type does not fully suppress the echo if you select Attenuate.
Echo cancellation type
(Optional) Select the type of echo cancellation you require. Default Setting: Acoustic Echo Cancellation
Troubleshooting Tip
If you select Attenuate as the Echo cancellation mode, the Acoustic Echo Suppression echo cancellation type does not fully suppress the echo.
Configuring CCMCIP Profiles for Cisco Unified Personal Communicator Release 8.x
The CCMCIP service runs on Cisco Unified Communications Manager and retrieves a list of devices associated with each user. CCMCIP profiles are required before Cisco Unified Personal Communicator Release 8.x clients can retrieve the list of user devices from Cisco Unified Communications Manager. You can create a profile to control Cisco Unified Personal Communicator Release 8.x in deskphone mode and to facilitate device discovery for deskphones and softphones. You can then associate selected users to the newly created profile.
12-24
Chapter 12
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator Configuring CCMCIP Profiles for Cisco Unified Personal Communicator Release 8.x
Procedure
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > CCMCIP Profile. Select Add New. Enter the profile name and description. Enter information into the fields:
Field Primary CCMCIP Host
Setting Enter the address of the server for the CCMCIP service to use to retrieve the list of associated devices when users sign in to a device or phone. Enter the address in one of the following forms:

IP address Host name FQDN
This value must match exactly the IP address, host name, or FQDN of the CCMCIP server. Backup CCMCIP Host Enter the address of the backup server for the CCMCIP service to use if the primary CCMCIP server fails. Enter the address in one of the following forms:

IP address Host name FQDN
This value must match exactly the IP address, host name, or FQDN of the backup CCMCIP server.
12-25
Chapter 12 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator About Configuring Third-Party Clients on Cisco Unified Presence
Field Server Certificate Verification
Setting Specify how the CCMCIP server associated with this profile supports TLS connections. This setting is for TLS verification of the CCMCIP servers listed for this CCMCIP profile. Select from the following options:
Self Signed or KeystoreCisco Unified Presence accepts the certificate if the certificate is self-signed, or the signing Certificate Authority certificate is in the local trust store. A keystore is a file that stores authentication and encryption keys. Any CertificateCisco Unified Presence accepts all valid certificates. Keystore OnlyCisco Unified Presence accepts only certificates that are defined in the keystore. You must import the certificate or its Certificate Authority signing certificate into the local trust store.
Default Setting: Self Signed or Keystore Make this the default CCMCIP Profile for the system (Optional) Check this option if you want new users to be automatically added to the default profile. Users who are already synchronized to Cisco Unified Presence from Cisco Unified Communications Manager are not added to the default profile. However, any users who are synchronized after the default profile is created are added to the default profile.
About Configuring Third-Party Clients on Cisco Unified Presence

You must configure LDAP settings that allow Cisco Unified Presence to search for contacts in third-party XMPP clients.
Related Topics
Integrating the LDAP Directory, page 14-1
12-26
Chapter 12
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator (Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal Communicator as a Desktop
(Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal Communicator as a Desktop Agent
You can start Cisco Unified Personal Communicator as a background application, which you can control as a CTI device. Cisco Unified Personal Communicator starts without a graphical user interface and you can only communicate with the client via a CTI connection. When you are running Cisco Unified Personal Communicator as a desktop agent, there is no indicator on the desktop to show that the application is running.

About Running Cisco Unified Personal Communicator as a Desktop Agent, page 12-27 Before You Start Cisco Unified Personal Communicator as a Desktop Agent, page 12-27 Starting Cisco Unified Personal Communicator as a Desktop Agent, page 12-28 Stopping Cisco Unified Personal Communicator as a Desktop Agent, page 12-29
About Running Cisco Unified Personal Communicator as a Desktop Agent

When you start Cisco Unified Personal Communicator as a desktop agent, the following features are not available:

Availability - you appear offline. Chat - you do not receive any instant messages. Conversation history - any calls that you make are not listed in the call logs. Video - you can make voice-only calls without video. Web meetings are not available. Call and chat features from applications such as Microsoft Outlook and Office are not available. You can only modify your audio or call settings, such as the audio device or call forwarding options, while running Cisco Unified Personal Communicator in normal mode. Any changes that you make in normal mode are applied when you restart the application as a desktop agent. Start the application in the normal manner. Set the CcmcipServer1 andTftpServer1 registry keys.
Before you can start Cisco Unified Personal Communicator as a desktop agent, you must first:

Related Topics

Before You Start Cisco Unified Personal Communicator as a Desktop Agent, page 12-27 Starting Cisco Unified Personal Communicator as a Desktop Agent, page 12-28 Stopping Cisco Unified Personal Communicator as a Desktop Agent, page 12-29
Before You Start Cisco Unified Personal Communicator as a Desktop Agent

Before you can start Cisco Unified Personal Communicator in desktop agent mode, you must perform some actions.
12-27
Chapter 12 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator (Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal Communicator as a Desktop
Procedure
Step 1
Set the following registry keys:

CcmcipServer1 - the IP address of the CCMCIP server TftpServer1 - the IP address of the TFTP server
The registry keys are located at: HKEY_CURRENT_USER/Software/Cisco Systems, Inc./Client Services Framework/AdminData
Note
These registry keys are ignored when you are using Cisco Unified Personal Communicator in normal mode.
Start Cisco Unified Personal Communicator in normal mode. Enter your credentials and check the Automatically sign in check box. Verify that your phone services are working as expected.
Note
Cisco Unified Personal Communicator will not operate in agent desktop mode if you are using your desk phone for phone calls. Do not check the Use my desk phone for audio check box.
Step 5 Step 6
Verify that your audio and call settings meet your requirements, for example, selected audio device and call forwarding options. These settings cannot be modified in desktop agent mode. Select File > Exit to close the application.
Note
You must perform steps 2 to 6 each time your user credentials in Cisco Unified Communications Manager change.
Related Topics

Starting Cisco Unified Personal Communicator as a Desktop Agent, page 12-28 Stopping Cisco Unified Personal Communicator as a Desktop Agent, page 12-29
Starting Cisco Unified Personal Communicator as a Desktop Agent

Enter the following command line: cupc.exe -START_AGENT_DESKTOP_MODE Cisco Unified Personal Communicator starts a background application accepting CTI connections from third party clients. You can only start one instance of Cisco Unified Personal Communicator, so if you execute the command again, nothing happens. The command is not case sensitive and if multiple arguments are used, only the first argument is considered by the system.
Related Topics

Before You Start Cisco Unified Personal Communicator as a Desktop Agent, page 12-27 Stopping Cisco Unified Personal Communicator as a Desktop Agent, page 12-29
12-28
Chapter 12
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator (Cisco Unified Personal Communicator Release 8.5) How to Use Cisco Unified Personal Communicator as a Desktop
Stopping Cisco Unified Personal Communicator as a Desktop Agent

Enter the following command line: cupc.exe -SHUTDOWN This command terminates all Cisco Unified Personal Communicator processes and exits the client. The command is not case sensitive and if multiple arguments are used, only the first argument is considered by the system.
Note
This command also terminates any Cisco Unified Personal Communicator process that is running in normal mode.
Related Topics

Before You Start Cisco Unified Personal Communicator as a Desktop Agent, page 12-27 Starting Cisco Unified Personal Communicator as a Desktop Agent, page 12-28
12-29
Chapter 12 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator (Cisco Unified Personal Communicator Release 8.5) Distributing HTML Files for Display in the Cisco Unified
(Cisco Unified Personal Communicator Release 8.5) Distributing HTML Files for Display in the Cisco Unified Personal Communicator Window
This feature of Cisco Unified Personal Communicator enables you to distribute HTML content for display on the Cisco Unified Personal Communicator main window. You can include up to three pages of content, and specify the title and icon to display for each page. To set up the HTML content, you must perform the steps in the following procedure.
Procedure
Step 1 Step 2
Start the Registry Editor. Go to the following location in the registry: HKEY_CURRENT_USER/Software/Cisco Systems, Inc/Unified Communications/CUPC If CUPC does not exist under Unified Communications, right-click on Unified Communications and select New > Key and create the CUPC key.
Right-click on the CUPC key, and select New > Multi-String Value. Name the multistring value CustomTabDescriptions. Right-click on CustomTabDescriptions and select Modify. In the Value data field, enter up to three lines in the following format: Label, icon1.png, filename1.html, True where

Label is the title for the HTML page that you want to appear in the Cisco Unified Personal Communicator window. Keep the labels short as long labels will be truncated. icon1.jpg is the location and filename of the icon that you want to use with the label for the HTML page. The supported formats are PNG (recommended), JPG, GIF, and BMP. The recommended icon size is 24x24 pixels. Any icons that are larger than this size are scaled to size. filename1.html is the page that you want to display. This can be a local file or a link to an external URL. True can be true or false to indicate if the HTML page is automatically refreshed each time you click on the icon. This value is optional and if not specified, a value of false is assumed.
For example: Cisco, C:\images\icon1.png, http://www.cisco.com, true Products, \\web\images\icon2.png, \\web\content\products.html, true Pricing, \\web\images\icon3.png, \\web\content\pricing.html, false Some particular notes about this feature are:

If the icon is not valid, it is replaced by a default icon. If the HTML content is not valid, the item is not displayed in the Cisco Unified Personal Communicator main window.
12-30
Chapter 12
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator About Migrating Users from Cisco Unified Personal Communicator Release 7.x to Release 8.x
If there are problems accessing the HTML content (for example, network connection issues) and you specified True in the registry value to refresh the content every time you click on the icon, the page is not displayed. If you specified False, not to refresh the content each time you click on the icon, the previously-cached content is displayed.
About Migrating Users from Cisco Unified Personal Communicator Release 7.x to Release 8.x
If you have both the Cisco Unified Client Services Framework and UPC devices, both consume device user licenses. If you want to migrate from Cisco Unified Personal Communicator Release 7.x to Release 8.x, you might want to delete the Cisco Unified Personal Communicator Release 7.x UPC device types so that you consume less device user licenses. You might want to export your Cisco Unified Personal Communicator Release 7.x from Cisco Unified Communications Manager before you upgrade to Release 8.x.
How to Update User Configuration After Deploying Cisco Unified Personal Communicator

Application Profiles, page 12-31 Changing Application Profiles for a Single User, page 12-32 Changing Application Profiles for Multiple Users, page 12-32 Configuring a New User for Full Cisco Unified Personal Communicator Functionality, page 12-33
Application Profiles
This module describes how to change the following application profiles for a single user, or for multiple users:

Voicemail Profile (Cisco Unified Personal Communicator Release 8.x) Audio Profile (Cisco Unified Personal Communicator Release 8.x) CCMCIP Profile Conferencing Profile CTI Gateway Profile LDAP Profile
Application profiles enable you to partition your Cisco Unified Personal Communicator user base for performance and scalability. You can change individual application profiles for each user. Application profiles are not required; some Cisco Unified Personal Communicator users might not have a voicemail or a conferencing profile. In this situation, the drop-down selection displays None.
Related Topics

Changing Application Profiles for a Single User, page 12-32 Changing Application Profiles for Multiple Users, page 12-32
12-31
Chapter 12 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator How to Update User Configuration After Deploying Cisco Unified Personal Communicator
Changing Application Profiles for a Single User

Procedure
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > User Settings. Select Find to populate the search results fields, or search for a user, and then select Find. Select the link to select the user. Specify the profiles to change for the user in the Application Profile Configuration section. If you change a user application profile in this window (for example, change from LDAP Profile 1 to LDAP Profile 2), the change is reflected in Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > LDAP Profile window.
Step 5
Select Save. The user must exit and restart Cisco Unified Personal Communicator for the changes to take effect.
Related Topics
Changing Application Profiles for Multiple Users, page 12-32
Changing Application Profiles for Multiple Users

Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Bulk Administration > CUPC/Deskphone > Export. Perform the following actions:
a. b. c.
Select Find in the Export Users Query window to obtain current profile information by finding all users. Select Next at the bottom of the window. Specify the filename to be exported in the Export CUP Users Configuration window.
Step 3 Step 4
Select Cisco Unified Presence Administration > Bulk Administration > Upload/Download Files. Perform the following actions:
a. b. c.
Find and select the file that you want to download. Select Download Selected. Add or remove profile names according to the instructions in the sample file. Select Add New. Enter the name of the file to upload. Select the target for which you want to use the file. Select the transaction type that the file defines.
Step 5
Select Cisco Unified Presence Administration > Bulk Administration > Upload/Download Files.
a. b. c. d.
12-32
Chapter 12
Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator How to Update User Configuration After Deploying Cisco Unified Personal Communicator
e. f. Step 6 Step 7
Check Overwrite File if it exists if you want to overwrite an existing file with the same name. Select Save.
Select Cisco Unified Presence Administration > Bulk Administration > CUPC/Deskphone > Update. Perform the following actions:
a. b.
Select the updated .csv file. Select Save to submit the file to update profile information in bulk.
Related Topics
Changing Application Profiles for a Single User, page 12-32
Configuring a New User for Full Cisco Unified Personal Communicator Functionality
The table lists the required configuration steps to add a new user to various servers after the initial deployment. By completing these tasks, the new user will have full Cisco Unified Personal Communicator functionality after the initial deployment.
Task Cisco Unified Communications Manager Configuration

Where to Find Information
Add the phone to the Cisco Unified Communications Manager database. Allow control of the Cisco Unified IP Phone from the computer telephony interface (CTI). Associate a directory number with the phone. Set up the user account, and associate the directory number with the user. Associate the phone with the user. Add the user to the Standard CTI-Enabled group. Add the user to the CCM End User group. Enable Cisco Unified Personal Communicator softphone features by manually creating a new device for each user. Make sure that availability status in Cisco Unified Personal Communicator is accurately displayed. Associate the line of the user with the user in Cisco Unified Communications Manager.
User and Device Configuration on Cisco Unified Communications Manager, page 3-1
About Configuring Cisco Unified Personal Communicator on Cisco Unified Communications Manager, page 11-10
12-33
Chapter 12 Configuring Voicemail, Conferencing, and Other Features for Cisco Unified Personal Communicator How to Update User Configuration After Deploying Cisco Unified Personal Communicator
Task

Where to Find Information
Obtain a license file, if necessary. Upload the license file, if necessary. Assign capabilities. Set up an account for the new user.
Configuring the Licensing for this Integration, page 2-1
Voicemail Server Configuration

How to Configure Voicemail Servers for Cisco Unified Personal Communicator, page 12-3 How to Configure Conferencing Servers for Cisco Unified Personal Communicator, page 12-12 Integrating the LDAP Directory, page 14-1 About Configuring Cisco Unified Personal Communicator on Cisco Unified Presence, page 11-19 Creating Voicemail Profiles on Cisco Unified Presence, page 12-10 Creating Conferencing Profiles on Cisco Unified Presence, page 12-21 Application Profiles, page 12-31
Web Conferencing Server Configuration
Set up a user profile for the new user.
Cisco Unified Presence Configuration

Configure the LDAP attribute map for Cisco Unified Personal Communicator. Create LDAP profiles and add users to the profile Add the new user to the server profiles.
Assign the preferred CTI device to the MAC address of the primary desk phone for the user. (Cisco Unified Presence Release 6.x only)
Point-to-point video calls Multipoint videoconferencing Video telephony camera
Configuring Users for Point-to-Point Video Calls and for Multipoint Videoconferencing, page 11-29 Configuring Videoconferencing Resources and Ad-Hoc Conferencing on Cisco Unified Communications Manager, page 11-30 Information to Provide to Users, page 13-13 Installation and Configuration of Headsets and Other Audio Devices, page 13-10
Provide information to users Headset and audio device Information
12-34
CH A P T E R
13

November 21, 2011

Pre-Deployment Tasks, page 13-1 Cisco Unified Personal Communicator Deployment, page 13-3 How to Deploy the Application, page 13-6 Upgrading the Application, page 13-9 Installation and Configuration of Headsets and Other Audio Devices, page 13-10 Use of Third-Party Headsets with Cisco Unified Personal Communicator, page 13-10 Do Not Disturb Behavior of Cisco Unified Personal Communicator, page 13-11 Information to Provide to Users, page 13-13 Troubleshooting, page 13-16
Pre-Deployment Tasks

Removing Any Applications That Depend on Cisco Unified Client Services Framework, page 13-1 Removing Cisco Unified Video Advantage, page 13-2 (Cisco Unified Personal Communicator Release 8.x) Setting a Default Address for the Cisco Unified Presence Server, page 13-2
Removing Any Applications That Depend on Cisco Unified Client Services Framework
Before you deploy Cisco Unified Personal Communicator to the computers of your users, ensure that there are no other applications that depend on Cisco Unified Client Services Framework installed on the computers.
13-1
Chapter 13 Pre-Deployment Tasks
Removing Cisco Unified Video Advantage

If Cisco Unified Video Advantage is installed on a client computer, you must uninstall it before you can install Cisco Unified Personal Communicator. If you do not uninstall Cisco Unified Video Advantage, you are prompted to do so during the Cisco Unified Personal Communicator installation.
Tip
If you are performing a mass deployment of Cisco Unified Personal Communicator, you can use a software deployment tool to silently uninstall Cisco Unified Video Advantage from client computers prior to the installation.
(Cisco Unified Personal Communicator Release 8.x) Setting a Default Address for the Cisco Unified Presence Server
Before you install Cisco Unified Personal Communicator, you can set the default address of the Cisco Unified Presence server on the computers of your users. You can use the CUPServer registry value name to set this address. The data type is string or REG_SZ. This address is displayed in the Change server field on the window where you sign in to Cisco Unified Personal Communicator. To deploy this change to the computers in your Cisco Unified Personal Communicator system, you can use a software management system, for example, Active Directory Group Policy, Altiris, Microsoft System Management Server (SMS), and so on.
Location of Registry Key

You can specify the CUPServer registry value name in the following registry key: HKEY_CURRENT_USER\Software\Cisco Systems, Inc.\Client Services Framework\AdminData If you use Active Directory Group Policy to configure Cisco Unified Personal Communicator, then the CUPServer information is specified in the following registry key: HKEY_CURRENT_USER\Software\Policies\Cisco Systems, Inc.\Client Services Framework\AdminData
Note
If CUPServer information is present in both of these registry keys, the policies configuration data takes precedence. Cisco Unified Personal Communicator reads only HKEY_CURRENT_USER keys. Cisco Unified Personal Communicator does not read HKEY_LOCAL_MACHINE keys.
13-2
Chapter 13
Deploying and Upgrading Cisco Unified Personal Communicator Cisco Unified Personal Communicator Deployment
Cisco Unified Personal Communicator Deployment

The Cisco Unified Personal Communicator installation application installs the following components:

User interface for Cisco Unified Personal Communicator. The client-related components of the Cisco Unified Client Services Framework. Click to Call add-on (optional). Microsoft Office Integration add-on (optional).
The Cisco Unified Personal Communicator application is provided in two separate installation formats as follows:

Cisco Unified Personal Communicator executable file. Cisco Unified Personal Communicator Windows Installer (MSI) file. Executable File, page 13-3 Windows Installer (MSI) File, page 13-4 Software Download Site and Installer Package Names, page 13-4 Deployment Options, page 13-5
This section describes the installation formats and the deployment options.

Executable File
Users can run the executable file on their own computers. The executable file includes the prerequisite software for the application, as follows:

Microsoft .NET Framework 3.5 Service Pack 1 (installer stub) Microsoft Visual C++ 2005 Redistributable Package (x86) Additional software required for Click to Call functionality:
Microsoft Office 2003 Primary Interop Assemblies (for machines with Office 2003) Microsoft Office 2007 Primary Interop Assemblies (for machines with Office 2007) Microsoft Visual 2005 Tools for Office Second Edition Runtime (x86)
Cisco Unified Personal Communicator checks if the prerequisite software is installed on the computer and if not, it automatically installs the prerequisites. To save time during the installation process, we recommend that you install the prerequisite software in advance of installing Cisco Unified Personal Communicator. All of the prerequisite software is available from the Microsoft website.
Note
If the minimum required version of .NET Framework is not installed on the computer, Cisco Unified Personal Communicator runs the installer stub provided for that application. The installer stub downloads the .NET Framework software from the Microsoft website. This action requires Internet access and takes a considerable amount of time. We recommend that you install the required release of Microsoft .NET Framework in advance of the Cisco Unified Personal Communicator installation to save time and avoid any Internet access issues.
13-3
Chapter 13 Cisco Unified Personal Communicator Deployment
Windows Installer (MSI) File

You can use a software management system to push the Windows Installer (MSI) file to the computers of your users. The MSI file does not contain any of the prerequisite software that is required for Cisco Unified Personal Communicator.
Note
If you choose to install the MSI file, you must install the prerequisite software prior to installing Cisco Unified Personal Communicator. The prerequisite software that you must install prior to installing the Cisco Unified Personal Communicator MSI file is:

Microsoft .NET Framework 3.5 Service Pack 1 Microsoft Visual C++ 2005 Redistributable Package (x86) Additional software required for Click to Call functionality:
Microsoft Office 2003 Primary Interop Assemblies (for computers with Office 2003) Microsoft Office 2007 Primary Interop Assemblies (for computers with Office 2007) Microsoft Visual 2005 Tools for Office Second Edition Runtime (x86)
The prerequisite software is available from the Microsoft website.
Software Download Site and Installer Package Names

You must register for an account on Cisco.com to access the software download site. On the software download site, the installer packages are offered as .zip files. The .zip files contain all of the files required to deploy the application and the camera drivers. The software download site is at the following URL: http://tools.cisco.com/support/downloads/pub/Redirect.x?mdfid=280455801 The installer package names available from the software download site are described in the following table. Filename
1
Description
CiscoUnifiedPersonalCommunicatorSetupK9_XXX .exe This executable contains the required Windows Installer engine, Cisco Unified Client Services Framework, the Outlook plug-in, the user interface, and a set of related DLLs2 for deployment. This package is typically used for individual users installing the application. CiscoVTCameraDriverSetup.exe This executable contains the installer for the Cisco VT Camera and Cisco VT Camera II device drivers. The installation prompts the user to choose a language if a language other than English is available. Cisco VT Camera III does not require installation of device drivers.
13-4
Chapter 13
Deploying and Upgrading Cisco Unified Personal Communicator Cisco Unified Personal Communicator Deployment
Filename CiscoUnifiedPersonalCommunicatorSetupK9_XXX.msi
Description This Microsoft Windows Installer (MSI) package contains the Outlook plug-in, the user interface, and a set of related DLLs for deployment. This package is typically used by IT administrators with the corporate deployment tool (for example, Altiris, System Management Server (SMS), and Active Directory) to distribute the installation to users.
CiscoVTCameraDriverSetup.msi
This MSI package contains the installer for the Cisco VT Camera and Cisco VT Camera II device drivers. For languages other than English, you associate the locale .mst file with the TRANSFORMS parameter to install a language locale. (Cisco Unified Personal Communicator Release 8.x) This package is the disk image (.dmg) of the application for Mac OS X.
uc-client-mac-latest.zip
1. XXX = three-letter language locale. 2. DLLs = dynamic link libraries
Deployment Options
You can deploy the Cisco Unified Personal Communicator installation application in one of the following ways:

Automated Mass Deployment, page 13-5 Standalone Installation, page 13-5
Automated Mass Deployment

The mass deployment options for installing Cisco Unified Personal Communicator are as follows:

Use Active Directory Group Policy. You can use group policy to deploy administrator configuration settings. Use a software management system, for example, Altiris Deployment Solution, Microsoft System Center Configuration Manager (SCCM), and so on. Use a self-extracting executable with a batch script. You can use the batch script to deploy administrator configuration settings.
Standalone Installation
The administrator can install Cisco Unified Personal Communicator on each individual client computer or users can install the application on their own computers. The administrator can use the options listed in Automated Mass Deployment, page 13-5 to deploy the administrator configuration settings.
13-5
Chapter 13 How to Deploy the Application
Note
We strongly recommend that you use the executable file for standalone installations.
How to Deploy the Application

(Cisco Unified Personal Communicator Release 8.5 and Earlier) Deploying the Application in a Mac OS Environment, page 13-6 Deploying the Application and the Camera Drivers in a Microsoft Windows Environment, page 13-6 Installing Security Certificates on Client Computers for Client Services Framework (CSF), page 13-7 Enabling Availability Status for Microsoft Office 2010 Users, page 13-8
(Cisco Unified Personal Communicator Release 8.5 and Earlier) Deploying the Application in a Mac OS Environment
Before You Begin
Download the disk image (.dmg) from Cisco.com in a Mac OS environment.

Procedure
Step 1 Step 2
Put the disk image on an internal server so that users can download the image from that location. Alternatively, you can burn the disk image on a CD for internal distribution. Ask users to complete the installation of Cisco Unified Personal Communicator by following the instructions in the user documentation.
Related Topics
User documentation: http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.htm Software Download Site and Installer Package Names, page 13-4 Installation and Configuration of Headsets and Other Audio Devices, page 13-10
What To Do Next
Information to Provide to Users, page 13-13
Deploying the Application and the Camera Drivers in a Microsoft Windows Environment
Before You Begin
Download the executable or MSI package from Cisco.com in a Windows environment.
13-6
Chapter 13
Deploying and Upgrading Cisco Unified Personal Communicator How to Deploy the Application
Restriction
Cisco Unified Personal Communicator does not support the advertising or publishing deployment in which users open an icon that the administrator places on their desktops to install the application.
Procedure
Step 1
Perform one of the following actions: If you want to... Then...
Deploy the executable or MSI package Distribute the installer at an elevated privilege so that users to a shared location (such as a web can complete the installation (run the installer and follow the server) where users can access it. installation wizard) Deploy either the executable or the MSI package directly to the client computer. Distribute the installer at an elevated privilege so that users can complete the installation (run the installer and follow the installation wizard). or Perform the installation operation directly on a client computer while logged in as the administrator. Use a software deployment tool to distribute Cisco Unified Personal Communicator and camera drivers to client computers. Distribute the installer and the drivers using the software deployment tool. No action is required by the users.
Note
Device drivers are not required for Cisco VT Camera III cameras.
Step 2
(If required) Ask users to complete the installation of Cisco Unified Personal Communicator by following the instructions in the user documentation.
Related Topics
User documentation: http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.htm Deployment Options, page 13-5
What To Do Next
Installing Security Certificates on Client Computers for Client Services Framework (CSF), page 13-7
Installing Security Certificates on Client Computers for Client Services Framework (CSF)
The following procedure describes the steps that the administrator needs to take to add security certificates to the keystore on the computer on which Cisco Unified Personal Communicator is running. By default, Cisco Unified Personal Communicator expects self-signed certificates, except when the administrator configures a CCMCIP security profile with a specified certificate type.
13-7
Chapter 13 How to Deploy the Application
Procedure
Step 1
Put the certificate file into the folder where you store your security certificates. The default location for storing security certificates is as follows:

Windows XP - <drive>:\Documents and Settings\<username>\Local Settings\Application Data\Cisco\Unified Communications\Client Services Framework\certificates Windows Vista and Windows 7 - <drive>:\Users\<username>\AppData\Local\Cisco\Unified Communications\Client Services Framework\certificates Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Settings. Use the CSF certificate directory field to specify the absolute path to the folder where the certificates are stored.
Step 2
(Optional) To specify a custom location for storing security certificates, do the following:
a. b.
Step 3
(Optional) To specify the Server Certificate Verification parameter for a CCMCIP security profile, do the following:
a. b. c.
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > CCMCIP Profile (CUPC 8.0 and higher). Select the profile you want to change. In the Server Certificate Verification field, select one of the following options:
Any Certificate Self Signed or Keystore Keystore Only
What To Do Next
Enabling Availability Status for Microsoft Office 2010 Users, page 13-8
Enabling Availability Status for Microsoft Office 2010 Users

To enable the availability status feature of Cisco Unified Personal Communicator to work with the supported Microsoft Office 2010 applications, the administrator must configure an attribute in Microsoft Active Directory.
Procedure
Start the ADSIEdit administrative tool. Expand the domain that contains your users. Open the organizational unit (OU) that contains your users. Add a new value to the proxyAddresses attribute in the format SIP:email-address, for example, SIP:[email protected].
13-8
Chapter 13
Deploying and Upgrading Cisco Unified Personal Communicator Upgrading the Application
Note
If Call Manager is not AD integrated, the proxyAddress LDAP attribute must be equal to sip uri on the Cisco Unified Presence server.
Upgrading the Application

Before You Begin
Register for an account on Cisco.com to access the software download site.

Restrictions
In a Windows environment, command-line options are not supported on upgrades. Command-line options are only supported on new installations. Upgrading in the Mac OS X environment is performed automatically by the application, with permission from the user.
Note
It is not possible to upgrade from Cisco Unified Personal Communicator Release 7.x to Release 8.5.
Procedure
Step 1 Step 2
Download the latest available Cisco Unified Personal Communicator software from the Software Center. For Windows, download the Cisco VT Camera drivers from the Software Center also. Device drivers are not required for Cisco VT Camera III cameras. Make the updated software available for deployment. (Optional) For Windows, ask users to uninstall the previous version of Cisco Unified Personal Communicator from the Control Panel. Ask users to perform the following steps to upgrade the application:
a. b. c. d. e.
Exit Cisco Unified Personal Communicator. Disconnect the camera. Install Cisco Unified Personal Communicator. Install the camera software, if any. Reconnect the camera.
Related Topics
User documentation: http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.htm Software Download Site and Installer Package Names, page 13-4 (Cisco Unified Personal Communicator Release 8.5 and Earlier) Deploying the Application in a Mac OS Environment, page 13-6
13-9
Chapter 13 Installation and Configuration of Headsets and Other Audio Devices
Deploying the Application and the Camera Drivers in a Microsoft Windows Environment, page 13-6
Installation and Configuration of Headsets and Other Audio Devices

You need to install and configure any audio devices that require drivers, such as sound cards or USB headsets. Follow the headset instructions that are supplied with the headset. For information on establishing the audio device and the control panel settings, see the user documentation for Cisco Unified Personal Communicator. For information about supported headsets and other audio devices, see the Release Notes for Cisco Unified Personal Communicator.
Related Topics
User documentation: http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.htm Release Notes for Cisco Unified Personal Communicator http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
Use of Third-Party Headsets with Cisco Unified Personal Communicator, page 13-10
Use of Third-Party Headsets with Cisco Unified Personal Communicator

While Cisco performs basic testing of third-party headsets for use with the Cisco Unified Personal Communicator application, it is ultimately the responsibility of the customer to test this equipment in their own environment to determine suitable performance. Because of the many inherent environmental and hardware inconsistencies in the locations where this application is deployed, there is not a single best solution that is optimal for all environments. Before customers begin deploying any headsets (especially deployment in quantity) in their production network, Cisco recommends thorough testing at the customer site to check for voice quality issues, especially hum and echo. The primary reason that support of a headset would be inappropriate for an installation is the potential for an audible hum. This hum can either be heard by the remote party or by both the remote party and this application user. Causes for this humming sound range from electrical lights near the computer to the computer power source itself. In some cases, a hum heard on a headset plugged directly into the computer Universal Serial Bus (USB) port might be reduced or eliminated by using a powered USB hub. In some instances, the mechanics or electronics of various headsets can cause remote parties to hear an echo of their own voice when speaking to Cisco Unified Personal Communicator users. The application user will not be aware of this echo. Finally, some analog headsets do not match the electrical characteristics for which some sound cards are designed. The microphones on such headsets are frequently too sensitive, even when the input levels in Cisco Unified Personal Communicator are reduced to their lowest values. The users of such headsets will sound distorted to remote parties.
13-10
Chapter 13
Deploying and Upgrading Cisco Unified Personal Communicator Do Not Disturb Behavior of Cisco Unified Personal Communicator
It is important to ask Cisco Unified Personal Communicator users whether a particular headset sounds good to them. In addition, ask remote parties about the reception from this application when they use a particular headset.
Related Topics
Installation and Configuration of Headsets and Other Audio Devices, page 13-10
Do Not Disturb Behavior of Cisco Unified Personal Communicator

The Do Not Disturb (DND) feature in Cisco Unified Personal Communicator is always available in the interface and is supported in both softphone and desk phone modes as described in Table 13-1.
Table 13-1 DND Behavior in Cisco Unified Personal Communicator
Configuration
Behavior
Ringer off. Cisco Unified Personal Communicator is in User can answer incoming calls from Cisco Unified Personal Communicator. softphone mode and set to DND Incoming call notifications are displayed. by the user

Incoming calls display in the Conversation History as Missed. Unanswered calls are diverted to the call forward no answer (CFNA) target. The default setting for CFNA is voicemail in Cisco Unified Communications Manager. If the CFNA target is not configured, incoming calls are rejected by Cisco Unified Communications Manager, and the caller hears a busy tone.
(Shared line) If Cisco Unified Personal Communicator shares the line appearance with other devices, the endpoints that are not set to DND are alerted to the incoming call, and the caller hears the ringing tone. If all endpoints sharing the line appearance are set to DND, incoming calls are forwarded to the CFNA target.
13-11
Chapter 13 Do Not Disturb Behavior of Cisco Unified Personal Communicator
Table 13-1
DND Behavior in Cisco Unified Personal Communicator
Configuration Cisco Unified Personal Communicator is in desk-phone mode with DND Call Reject configured in Cisco Unified Communications Manager
Behavior The DND behavior for Cisco Unified Personal Communicator is the same as the controlled Cisco Unified IP Phone:

User cannot answer calls from either Cisco Unified Personal Communicator or from the desk phone. Incoming call notifications are not displayed. Incoming calls do not display in Recent section of Cisco Unified Personal Communicator. (Shared line) If Cisco Unified Personal Communicator shares the line appearance with other devices, the endpoints that are not set to DND are alerted to the incoming call, and the caller hears the ringing tone. If all endpoints sharing the line appearance are set to DND, incoming calls are forwarded to the call forward busy (CFB) target.
Cisco Unified Personal Communicator is in desk-phone mode with DND Ringer Off configured in Cisco Unified Communications Manager
The DND behavior for Cisco Unified Personal Communicator is the same as the controlled Cisco Unified IP Phone:
User can answer incoming calls from Cisco Unified Personal Communicator or from the desk phone. In both cases, Cisco Unified Personal Communicator displays a call progress window with the connected call status. An incoming call notification displays without an audio alert on the Cisco Unified IP Phone under Cisco Unified Personal Communicator desk-phone control, and Cisco Unified Personal Communicator displays the incoming call notification. If the call is not answered, it is diverted to the Call Forward No Answer (CFNA) target. If CFNA is not configured, the call is rejected, and the caller hears a busy tone. Incoming calls display in both Cisco Unified Personal Communicator and the desk phone communication histories.
Apart from Cisco Unified Personal Communicator, other devices might be associated with a particular user. For example, devices such as IP Phone Messenger that are registered to Cisco Unified Communications Manager might be associated with a particular user. If the DND status is set on other devices, Cisco Unified Personal Communicator displays the DND status. Similarly, Cisco Unified Presence passes the DND setting from Cisco Unified Personal Communicator to other devices associated with this Cisco Unified Personal Communicator user.
Note
If the DND status is set from the Cisco Unified IP Phone (desk phone), Cisco Unified Presence does not pass the DND status to other devices associated with the user, and the status of the user does not change to the DND status on Cisco Unified Personal Communicator. Similarly if the DND status is set from the Cisco Unified IP Phone (desk phone), the DND status clears from the phone, but does not clear on any other devices.
Related Topics
For details about configuring the Cisco Unified IP Phone for DND, see the Cisco Unified Communications Manager Features and Services Guide: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
13-12
Chapter 13
Deploying and Upgrading Cisco Unified Personal Communicator Information to Provide to Users
For details about which Cisco Unified IP Phone models support the DND feature, see the administration guide for the specific phone model: http://www.cisco.com/en/US/products/hw/phones/ps379/prod_maintenance_guides_list.html
Information to Provide to Users

After Cisco Unified Personal Communicator is deployed, provide the information listed in the table to users. Give to Users Who Install Yes Give to Users If You Install Yes
Provide This Information about client hardware and software requirements. Location of Cisco Unified Personal Communicator and camera driver installers. Sign-in information.
Explanation You can copy the information from the Cisco Unified Personal Communicator release notes.
Provide the shared folder location or the CD with Yes the executable files. If Cisco Unified Communications Manager is Yes synchronized with Active Directory, provide this information:

No
Yes
Active Directory Username Active Directory Password
If Cisco Unified Communications Manager is not synchronized with Active Directory, provide this information:

Username. Password. Cisco Unified Presence host name or IP address. Yes Yes
User capabilities (presence, instant messaging, video softphone) available through Cisco Unified Communications Manager licenses.
Provide users with information about the capabilities (license) they have.
13-13
Chapter 13 Information to Provide to Users
Provide This Supported features: directory services, voicemail retrieval and playback, access to web conferences, and Cisco Unified Communications Manager extension mobility.
Explanation
Give to Users Who Install
Give to Users If You Install Yes
Yes Provide users with information about which Cisco Unified Personal Communicator features are supported based on the integration with the LDAP directory, voicemail servers, and web conferencing servers. Inform users that they have the ability to initiate web conferencing sessions from a Cisco Unified Personal Communicator conversation. Inform users that you configured for Cisco Unified Communications Manager extension mobility. For a description of the type of information to provide to them, see the Cisco Unified Communications Manager Features and Services Guide.
Account information
If Cisco Unified Communications Manager is Yes synchronized with Active Directory, provide this information:

Yes
Active Directory Username Active Directory Password
If Cisco Unified Communications Manager is not synchronized with Active Directory, provide this information to be entered into the Preferences window:
Voicemail server: username and web password (to use voicemail features supported by Cisco Unified Personal Communicator) Web conferencing server: username and password (to add web conferencing to a Cisco Unified Personal Communicator conversation) LDAP server: username and password (to access contacts from the corporate directory)
13-14
Chapter 13
Deploying and Upgrading Cisco Unified Personal Communicator Information to Provide to Users
Provide This
Explanation
Give to Users Who Install
Give to Users If You Install Yes
Yes User Options web page access Provide the URL information (https://server-address/ccmuser), user ID, and password for accessing user options interface on these servers:

Cisco Unified Communications Manager Cisco Unified Presence
From these interfaces, users can control certain settings, features, and services associated with the Cisco Unified IP Phone and with Cisco Unified Personal Communicator. Instructions for using the application. Provide the user documentation for Yes Cisco Unified Personal Communicator. Remind users to use the application online help. Yes Yes Yes
Troubleshooting information. Provide the information in the section called Troubleshooting, page 13-16. Internal company support for the application. Provide users with the names of people to contact for assistance and with instructions for contacting those people.
Yes Yes
Related Topics
User documentation: http://www.cisco.com/en/US/products/ps6844/products_user_guide_list.htm Release Notes for Cisco Unified Personal Communicator http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
Cisco Unified Communications Manager Features and Services Guide: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
Troubleshooting, page 13-16
13-15
Chapter 13 Troubleshooting
Troubleshooting

Cisco Unified Personal Communicator Fails to Start or Starts with a Black Background with No Visible Controls, page 13-16 Limitations Creating Group Chats, page 13-17 Cannot Place or Receive Calls After a Secure Profile is Enabled, page 13-17 Error Connecting to the CSF Device, page 13-17
Cisco Unified Personal Communicator Fails to Start or Starts with a Black Background with No Visible Controls
Problem Cisco Unified Personal Communicator fails to start, displaying a general exception error, or starts with a black background with no visible controls.
There can be a number of possible causes for this problem, as described in the following table: Possible Cause 1 Description This can occur if the sPositiveSign registry key is corrupt. To check if this is the problem, search the client log files for the presence of one or more of the following error messages:

Getting positive key - the user does not have the permissions required to read from the registry keyRequested registry access is not allowed. Cannot convert string '0.5,0' in attribute 'StartPoint' to object of type 'System.Windows.Point'. System.FormatException: Input string was not in a correct format.
This can occur if you customize the Regional Options for the English (United States) language to change the Decimal symbol or the List separator default settings. To check if this is the problem, search the client log files for the presence of multiple instances of the following error message:
Cannot convert string '0,0' in attribute 'StartPoint' to object of type 'System.Windows.Point'
The location of the client log files is:

Windows XP - <drive>:\Documents and Settings\<username>\Local Settings\Application Data\Cisco\Unified Communications\CUPC8\Logs Windows Vista and Windows 7 - <drive>:\Users\<username>\AppData\Local\Cisco\Unified Communications\CUPC8\Logs Open the Control Panel. Select Regional and Language Options. Select the Regional Options tab. In the Standards and formats section, select a different language from the drop-down list. For example, select English (Australia). Select Apply.
Solution To resolve this issue, do the following: 1. 2. 3. 4. 5.
13-16
Chapter 13
Deploying and Upgrading Cisco Unified Personal Communicator Troubleshooting
6. 7.
In the Standards and formats section, select English (United States) from the drop-down list. Select Apply again, then select OK.
You may need to reboot your computer for the change to take effect.
Limitations Creating Group Chats

You cannot create a group chat in the following circumstances:

Your selected default policy is to block all users, except those explicitly allowed. Your policy does not include any exceptions for conference aliases.
Cannot Place or Receive Calls After a Secure Profile is Enabled

Problem After a secure profile is enabled for a user, the user cannot place or receive calls. The user might see the following error message multiple times:
Failed to start conversation The user can use the instant messaging features. This problem occurs if a secure profile is enabled for the user in Cisco Unified Communications Manager while either of the following is true:

The user is signed in to Cisco Unified Personal Communicator. The cucsf.exe process is running on the computer of the user, that is, Cisco Unified Personal Communicator is running, but the user has not signed in.
Ask the user to sign out of Cisco Unified Personal Communicator, then sign in again.
Error Connecting to the CSF Device

Problem When Cisco Unified Personal Communicator tries to connect to the Client Services Framework (CSF) device on Cisco Unified Communications Manager after an upgrade, the user sees the error "CTL reset is required [1002]" and the phone on the computer does not function. Solution If you configure security in your Cisco Unified Communications system, you use Certificate
Trust List (CTL) files. The CTL file contains certificates for all of the servers in your Cisco Unified Communications system with which Client Services Framework might need to communicate securely. When a device connects to a server in your Cisco Unified Communications system, the server is verified against this list. Client Services Framework does not allow secure connections to servers that are not explicitly listed in the CTL. If a device is moved from one cluster to another or you upgrade to a new version of Cisco Unified Communications Manager, you must update the CTL file for the device list of servers in the new cluster.
13-17
Chapter 13 Troubleshooting
Procedure
Step 1
Delete the contents of the appropriate folder as described in the following table: Operating System Windows XP Folder <drive>:\Documents and Settings\<username>\Application Data\Cisco\Unified Communications\Client Services Framework\Security\sec <drive>:\Users\<username>\AppData\Roaming\Cisco\Unified Communications\Client Services Framework\Security\sec
Windows Vista Windows 7

Step 2
Delete the contents of the appropriate folder as described in the following table: Operating System Windows XP Windows Vista Windows 7 Folder <drive>:\Documents and Settings\<username>\Application Data\Cisco\Unified Communications\Client Services Framework\Config <drive>:\Users\<username>\AppData\Roaming\Cisco\Unified Communications\Client Services Framework\Config
Step 3
If a device is moved from one cluster to another, update the device settings for the user to point to the new cluster. For example, update the references to the Cisco Unified Communications Manager IP Phone (CCMCIP) server, Trivial File Transfer Protocol (TFTP) server, and Computer Telephony Integration (CTI) servers.
13-18
CH A P T E R
14
Integrating the LDAP Directory

November 21, 2011
Prerequisites for Integrating the LDAP Directory, page 14-1 LDAP Integrations, page 14-2 How to Integrate the LDAP Directory with Cisco Unified Communications Manager, page 14-2 How to Integrate the LDAP Directory with Cisco Unified Personal Communicator, page 14-6 How to Integrate the LDAP Directory for Contact Searches on XMPP Clients, page 14-13
Prerequisites for Integrating the LDAP Directory

Before you perform any of the configuration described in this module, do the following:

Purchase a supported LDAP directory server. Install and configure the LDAP server following the instructions in the product documentation. Microsoft Active Directory 2000, 2003 and 2008 Netscape Directory Server Sun ONE Directory Server 5.2 OpenLDAP
Cisco Unified Presence integrates with these LDAP directory servers:

For more information on the LDAP directory server support specifically for Cisco Unified Communications Manager and Cisco Unified Personal Communicator, see the specific product documentation below.
Related Topics
Cisco Unified Personal Communicator release notes: http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html Cisco Unified Communications Manager System Guide: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
14-1
Chapter 14 LDAP Integrations
LDAP Integrations
You can configure a corporate LDAP directory in this integration to satisfy a number of different requirements:
User provisioning: You can provision users automatically from the LDAP directory into the Cisco Unified Communications Manager database. Cisco Unified Communications Manager synchronizes with the LDAP directory content so you avoid having to add, remove, or modify user information manually each time a change occurs in the LDAP directory. User authentication: You can authenticate users using the LDAP directory credentials. Cisco Unified Presence synchronizes all the user information from Cisco Unified Communications Manager to provide authentication for users of the Cisco Unified Personal Communicator client and Cisco Unified Presence user interface. User lookup: You can enable LDAP directory lookups to allow Cisco Unified Personal Communicator client users, or third-party XMPP clients, to search for and add contacts from the LDAP directory.
As the scope of the LDAP integration is dependent on customer requirements and it can vary between companies, there are a number of potential LDAP integration scenarios:
1. 2.
You integrate Cisco Unified Communications Manager and Cisco Unified Personal Communicator with an LDAP directory. We strongly recommend this configuration. You integrate Cisco Unified Communications Manager with an LDAP directory, but you do not integrate Cisco Unified Personal Communicator. We do not recommend this configuration because it will impact Cisco Unified Personal Communicator functionality and you will experience performance issues. You integrate Cisco Unified Personal Communicator with an LDAP directory, but you do not integrate Cisco Unified Communications Manager. We do not recommend this configuration because you will have to manually configure all your users on Cisco Unified Communications Manager at initial installation, and each time a change is made on the LDAP directory.
3.
Note
When Cisco Unified Communications Manager is not integrated with LDAP, you must verify that the username is exactly the same in Active Directory and Cisco Unified Communications Manager before deploying Cisco Unified Presence. If the letter case does not match, the presence status will not work properly in Cisco Unified Personal Communicator Release 7.x. Correct the username in Cisco Unified Communications Manager to match Active Directory.
Related Topics

How to Integrate the LDAP Directory with Cisco Unified Communications Manager, page 14-2 How to Integrate the LDAP Directory with Cisco Unified Personal Communicator, page 14-6
How to Integrate the LDAP Directory with Cisco Unified Communications Manager

Secure Connection Between Cisco Unified Communications Manager and the LDAP Directory, page 14-3 Configuring the LDAP Synchronization for User Provisioning, page 14-3
14-2
Chapter 14
Integrating the LDAP Directory How to Integrate the LDAP Directory with Cisco Unified Communications Manager
Uploading LDAP Authentication Server Certificates, page 14-4 Configuring LDAP Authentication, page 14-5 Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory, page 14-6
Secure Connection Between Cisco Unified Communications Manager and the LDAP Directory
You can secure the connection between the Cisco Unified Communications Manager server and the LDAP directory server by enabling a Secure Socket Layer (SSL) connection for the LDAP server on Cisco Unified Communications Manager, and uploading the SSL certificate to Cisco Unified Communications Manager. You must upload the LDAP SSL certificate as a directory-trust certificate on Cisco Unified Communications Manager Release 7.x and earlier, and as a tomcat-trust certificate on Cisco Unified Communications Manager Release 8.x and later. After you upload the LDAP SSL certificate, you need to restart the following services on Cisco Unified Communications Manager:

Directory service Tomcat service
See the Cisco Unified Communications Manager documentation for details on uploading a certificate to Cisco Unified Communications Manager.
Related Topics

Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory, page 14-6 Cisco Unified Communications Operating System Administration Guide: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
Configuring the LDAP Synchronization for User Provisioning

LDAP synchronization uses the Cisco Directory Synchronization (DirSync) tool on Cisco Unified Communications Manager to synchronize information (either manually or periodically) from a corporate LDAP directory. When you enable the DirSync service, Cisco Unified Communications Manager automatically provisions users from the corporate directory. Cisco Unified Communications Manager still uses its local database, but disables its facility to allow you to create user accounts. You use the LDAP directory interface to create and manage user accounts.
Before You Begin

Make sure that you install the LDAP server before you attempt the LDAP-specific configuration on Cisco Unified Communications Manager. Activate the Cisco DirSync service on Cisco Unified Communications Manager.
Restrictions
LDAP synchronization does not apply to application users on Cisco Unified Communications Manager. You must manually provision application users in the Cisco Unified CM Administration interface.
14-3
Chapter 14 How to Integrate the LDAP Directory with Cisco Unified Communications Manager
Procedure
Select Cisco Unified CM Administration > System > LDAP > LDAP System. Select Add New. Configure the LDAP server type and attribute. Select Enable Synchronizing from LDAP Server. Select Cisco Unified CM Administration > System > LDAP > LDAP Directory Configure the following items:

LDAP directory account settings User attributes to be synchronized Synchronization schedule LDAP server hostname or IP address, and port number
Step 7
Check Use SSL if you want to use Secure Socket Layer (SSL) to communicate with the LDAP directory.

If you configure LDAP over SSL, upload the LDAP directory certificate onto Cisco Unified Communications Manager. See the LDAP directory content in the Cisco Unified Communications Manager SRND for information on the account synchronization mechanism for specific LDAP products, and general best practices for LDAP synchronization.
Related Topics

Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory, page 14-6 Cisco Unified Communication SRND: http://www.cisco.com/go/designzone
Cisco Unified Communications Manager Administration Guide: http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
What To Do Next
Uploading LDAP Authentication Server Certificates, page 14-4
Uploading LDAP Authentication Server Certificates

When Cisco Unified Communications Manager LDAP authentication is configured for secure mode (port 636 or 3269), LDAP authentication server certificates, such as Certificate Authority (CA) root and all other Intermediate certificates, must be individually uploaded as tomcat-trust to the Cisco Unified Presence server.
Procedure
Step 1
Select Cisco Unified OS Administration > Security > Certificate Management.
14-4
Chapter 14
Integrating the LDAP Directory How to Integrate the LDAP Directory with Cisco Unified Communications Manager
Select Upload Certificate. Select tomcat-trust from the Certificate Name menu. Browse and select the LDAP server certificate root from your local computer. Select Upload File. Repeat the above steps for all other intermediate certificates.
Related Topics
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory, page 14-6
What To Do Next
Configuring LDAP Authentication, page 14-5
Configuring LDAP Authentication

The LDAP authentication feature enables Cisco Unified Communications Manager to authenticate user passwords against the corporate LDAP directory.
Before You Begin
Enable LDAP synchronization on Cisco Unified Communications Manager.

Restrictions
LDAP authentication does not apply to the passwords of application users; Cisco Unified Communications Manager authenticates application users in its internal database.
Procedure
Select Cisco Unified CM Administration > System > LDAP > LDAP Authentication. Enable LDAP authentication for users. Configure the LDAP authentication settings. Configure the LDAP server hostname or IP address, and port number
Note
To use Secure Socket Layer (SSL) to communicate with the LDAP directory, check Use SSL.
If you configure LDAP over SSL, upload the LDAP directory certificate to Cisco Unified Communications Manager.
Related Topics

Configuring the LDAP Synchronization for User Provisioning, page 14-3 Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory, page 14-6
14-5
Chapter 14 How to Integrate the LDAP Directory with Cisco Unified Personal Communicator
What To Do Next
Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory
This topic is only applicable if you configure a secure connection between Cisco Unified Communications Manager and the LDAP directory.
Note
Perform this procedure on all Cisco Unified Presence nodes in the cluster.
Before You Begin
Enable SSL for LDAP on Cisco Unified Communications Manager, and upload the LDAP directory certificate to Cisco Unified Communications Manager.
Procedure
Select Cisco Unified OS Administration > Security > Certificate Management. Select Upload Certificate. On Cisco Unified Communications Manager Release 7.x and earlier, select directory-trust from the Certificate Name menu. On Cisco Unified Communications Manager Release 8.0 and later, select tomcat-trust from the Certificate Name menu. Browse and select the LDAP server certificate from your local computer. Select Upload File. Restart the Tomcat service from the CLI using this command: utils service restart Cisco Tomcat
Related Topics
What To Do Next
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator, page 14-6
How to Integrate the LDAP Directory with Cisco Unified Personal Communicator
These topics describe how to configure the LDAP settings on Cisco Unified Presence to allow Cisco Unified Personal Communicator users to search and add contacts from the LDAP directory.
14-6
Chapter 14
Integrating the LDAP Directory How to Integrate the LDAP Directory with Cisco Unified Personal Communicator
Before you perform this configuration, fully integrate the Cisco Unified Personal Communicator client with Cisco Unified Communications Manager and Cisco Unified Presence.

Rules for a Displayed Contact Name, page 14-7 (Cisco Unified Personal Communicator Release 8.0) Fetch Contact Pictures from a Web Server, page 14-7 Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator, page 14-8 Configuring LDAP Server Names and Addresses for Cisco Unified Personal Communicator, page 14-10 Creating LDAP Profiles and Adding Cisco Unified Personal Communicator Users to the Profile, page 14-11
Rules for a Displayed Contact Name

When you configure the user fields in the LDAP attribute map, note the following rules that determine how Cisco Unified Personal Communicator displays contact names:

If the user edits a contact name in Cisco Unified Personal Communicator, display this name. This is the Nickname LDAP attribute in Cisco Unified Presence. If you configure an LDAP user field for DisplayName, display this name. If you configure an LDAP user field for Nickname, display this name with the last name. Otherwise, display the configured LDAP user fields for the first and last names in the Contact pane. If there is a first name but no last name, display the first name. If there is a last name but no first name, display the last name. If you do not configure LDAP user fields for the FirstName and LastName, display the LDAP UserID or the Cisco Unified Presence user ID in the Contact pane. If a user adds a non-LDAP contact, the contact details in Cisco Unified Personal Communicator allow the user to edit the Display As name, the first name, and the last name.
Related Topics

(Cisco Unified Personal Communicator Release 8.0) Fetch Contact Pictures from a Web Server, page 14-7 Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator, page 14-8
(Cisco Unified Personal Communicator Release 8.0) Fetch Contact Pictures from a Web Server
You can configure a parameterized URL string in the Photo field in the LDAP attribute map so that Cisco Unified Personal Communicator can fetch pictures from a web server instead of from the LDAP server. The URL string must contain an LDAP attribute with a query value containing a piece of data that uniquely identifies the photo of the user. We recommend that you use the User ID attribute. However, you can use any LDAP attribute whose query value contains a piece of data that uniquely identifies the photo of the user. We recommend that you use %%<userID>%% as the substitution string, for example:
http://mycompany.cisco.com/photo/std/%%uid%%.jpg
14-7
http://mycompany.cisco.com/photo/std/%%sAMAccountName%%.jpg
You must include the double percent symbols in this string, and they must enclose the name of the LDAP attribute to substitute. Cisco Unified Personal Communicator removes the percent symbols and replaces the parameter inside with the results of an LDAP query for the user whose photo it resolves. For example, if a query result contains the attribute uid with a value of johndoe, then a template such as http://mycompany.com/photos/%%uid%%.jpg creates the URL http://mycompany.com/photos/johndoe.jpg. Cisco Unified Personal Communicator attempts to fetch the photo. This substitution technique works only if Cisco Unified Personal Communicator can use the results of the query and can insert it into the template you specify above to construct a working URL that fetches a JPG photo. If the web server that hosts the photos in a company requires a POST (for example, the name of the user is not in the URL) or uses some other cookie name for the photo instead of the username, this technique does not work.
Note
The URL length is limited to 50 characters. Cisco Unified Personal Communicator does not support authentication for this query; the photo must be retrievable from the web server without credentials.
Related Topics

Rules for a Displayed Contact Name, page 14-7 Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator, page 14-8
Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator
Note
The information about fetching a photo from Active Directory in this topic relates only to Cisco Unified Personal Communicator Release 7.1. You must configure the LDAP attribute map on Cisco Unified Presence where you enter LDAP attributes for your environment and map them to the given Cisco Unified Personal Communicator attributes. If you want to use LDAP to store your employee profile photos, you must either use a third-party extension to upload the photo files to the LDAP server, or extend the LDAP directory server schema by other means to create an attribute that the LDAP server can associate with an image. For Cisco Unified Personal Communicator to display the profile photo, in the LDAP attribute map, you must map the Cisco Unified Personal Communicator "Photo" value to the appropriate LDAP attribute. By default, Cisco Unified Personal Communicator uses the jpegPhoto LDAP attribute to display the user photo, which is present in the Windows 2003 and 2007 Active Directory schema. Note that Windows 2000 Active Directory uses the thumbnailPhoto attribute.
Before You Begin

Make sure that you install and set up the LDAP server before you configure the LDAP attribute map on Cisco Unified Presence. By default, Cisco Unified Personal Communicator uses the jpegPhoto LDAP attribute, which is present in the Windows 2003 Active Directory schema. By contrast, the Windows 2000 Active Directory uses the thumbnailPhoto attribute.
14-8
Chapter 14
Restrictions
The UPC UserID setting in the LDAP attribute map must match the Cisco Unified Communications Manager user ID. This mapping allows a user to add a contact from LDAP to the Contact list in Cisco Unified Personal Communicator. This field associates the LDAP user with the associated user on Cisco Unified Communications Manager and Cisco Unified Presence. You can map an LDAP field to only one Cisco Unified Personal Communicator field.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Settings Select a supported LDAP server from Directory Server Type. The LDAP server populates the LDAP attribute map with Cisco Unified Personal Communicator user fields and LDAP user fields.
Step 3
If necessary, make modifications to the LDAP field to match your specific LDAP directory. The values are common to all LDAP server hosts. Note the following LDAP directory product mappings:
Product Microsoft Active Directory iPlanet, Sun ONE or OpenLDAP

Step 4
LastName Mapping SN SN
UserID Mapping sAMAccountName uid
Select Save.

If you want to stop using the current attribute mappings and use the factory default settings, select Restore Defaults. You can see the LDAP attribute mappings in the Server Health window in Cisco Unified Personal Communicator (Help > Show Server Health on Windows and Help > Show System Diagnostics on Mac OS). For information on faster LDAP searches, see the Troubleshooting Guide for Cisco Unified Personal Communicator: http://www.cisco.com/en/US/products/ps6844/prod_troubleshooting_guides_list.html
Related Topics

Rules for a Displayed Contact Name, page 14-7 (Cisco Unified Personal Communicator Release 8.0) Fetch Contact Pictures from a Web Server, page 14-7
What To Do Next
Configuring LDAP Server Names and Addresses for Cisco Unified Personal Communicator, page 14-10
14-9
Configuring LDAP Server Names and Addresses for Cisco Unified Personal Communicator
Before You Begin

Configure the LDAP attribute map. Obtain the hostnames or IP addresses of the LDAP directories.
Procedure
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > LDAP Server. Select Add New. Enter the LDAP server name. Enter an IP address or an FQDN (Fully Qualified Domain Name) of the LDAP server. Specify the port number used by the LDAP server. The defaults are:

TCP389. TLS636.
Check the LDAP directory documentation or the LDAP directory configuration for this information.
Step 6 Step 7
Select TCP or TLS for the protocol type. Select Save.
If you integrate with Microsoft Active Directory and if the server is Global Catalog, configure the following values:
Enter 3268 as the port number. Select TCP as the protocol type.
The jpegPhoto attribute is not available in Microsoft Active Directory Global Catalog server, and it is not indexed (http://msdn2.microsoft.com/en-us/library/ms676813.aspx). If your LDAP configuration uses Global Catalog port 3268, Cisco Unified Personal Communicator cannot retrieve the jpegPhoto. Instead, change the LDAP directory configuration to TCP and port 389. Cisco Unified Personal Communicator retrieves the photo when you sign in again. If you configure an application dial rule, create proper directory lookup dialing rules in Cisco Unified Communications Manager to make sure that a picture displays both when you place a call to a contact and in the contact details. When you add a contact in Cisco Unified Personal Communicator, the directory lookup returns a 10-digit number (for example, 1234567890). If the user places the call by dialing only four digits (for example, 7890), the picture does not display because 7890 is not a match for 1234567890. Create the following rules to fix this problem:
Outbound rule to remove the area code. The picture displays in the contact details. Inbound rule for directory lookup to prefix the area code (translate the 4-digit extension number
into the 10-digit DID number stored in AD). The picture displays when you place a call.
14-10
Chapter 14
You can see LDAP server information in the server health window in Cisco Unified Personal Communicator (Help > Show Server Health on Windows and Help > Show System Diagnostics on Mac OS).
Related Topics
Configuring the LDAP Attribute Map for Cisco Unified Personal Communicator, page 14-8
What To Do Next
Creating LDAP Profiles and Adding Cisco Unified Personal Communicator Users to the Profile, page 14-11
Creating LDAP Profiles and Adding Cisco Unified Personal Communicator Users to the Profile
Cisco Unified Personal Communicator connects to an LDAP server on a per-search basis. If the connection to the primary server fails, Cisco Unified Personal Communicator attempts the first backup LDAP server, and if it is not available, it then attempts to connect to the second backup server. Cisco Unified Personal Communicator also periodically attempts to return to the primary LDAP server. If an LDAP query is in process when the system fails over, the next available server completes this LDAP query. You can see LDAP server information in the server health window in Cisco Unified Personal Communicator (Help > Show Server Health on Windows and Help > Show System Diagnostics on Mac OS).If Cisco Unified Personal Communicator cannot connect to any of the LDAP servers, it reports the failure in the System Diagnostics window.
Before You Begin

Specify the LDAP server names and addresses. You must create the LDAP profile before you can add Cisco Unified Personal Communicator licensed users to the profile.
Procedure
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > LDAP Profile. Select Add New. Enter information into the fields.
Table 14-1
Field Name Description
Setting Enter the profile name limited to 128 characters. (Optional) Enter a description limited to 128 characters.
14-11
Table 14-1
Field Bind Distinguished Name
Setting (Optional) Enter the administrator-level account information limited to 128 characters. This is the distinguished name with which you bind for authenticated bind. The syntax for this field depends on the type of LDAP server that you deploy. For details, see the LDAP server documentation.
Anonymous Bind
(Optional) Uncheck this option to use the user credentials to sign in to this LDAP server. For non-anonymous bind operations, Cisco Unified Personal Communicator receives one set of credentials. If configured, these credentials must be valid on the backup LDAP servers.
Note
If you check Anonymous Bind, users can sign in anonymously to the LDAP server with read-only access. Anonymous access might be possible on your directory server, but we do not recommend it. Instead, create a user with read-only privileges on the same directory where the users to be searched are located. Specify the directory number and password in Cisco Unified Presence for Cisco Unified Personal Communicator to use.
Password
(Optional) Enter the LDAP bind password limited to 128 characters. This is the password for the administrator-level account that you provided in the Bind Distinguished Name string to allow users to access this LDAP server. Reenter the same password as the password you entered in the Password field. (Optional) After configuring Cisco Unified Presence for authenticated bind with the LDAP server, configure the LDAP server for anonymous permissions and anonymous login so that all directory information (name, number, mail, fax, home number, and so forth) is passed to the Cisco Unified Personal Communicator client.
Confirm Password
Search Context
(Optional) Enter the location where you configured all the LDAP users. This location is a container or directory. The name is limited to 256 characters. Only use a single OU/LDAP search context.
Note
If you integrate with Microsoft Active Directory: Set O and OU (OU must contain users; for example, ou=users,dc=cisco,dc=com). For example, cn=users,DC=EFT-LA,DC=cisco,DC=com The search base should include all users of Cisco Unified Personal Communicator.
Recursive Search Primary LDAP Server and Backup LDAP Server
(Optional) Check to perform a recursive search of the directory starting at the search base. Select the primary LDAP server and optional backup servers.
14-12
Chapter 14
Integrating the LDAP Directory How to Integrate the LDAP Directory for Contact Searches on XMPP Clients
Table 14-1
Field Make this the Default LDAP Profile for the System
Setting (Optional) Check to add any new users to the system into this default profile. If you turn on this setting, Cisco Unified Presence adds any users that it synchronizes from Cisco Unified Communications Manager to this default profile. Cisco Unified Presence only adds users to this default profile after you select the default profile (and you turn on the Sync Agent). Cisco Unified Presence does not change any existing profile configuration. Therefore, we recommend that you select and configure the default profile before you turn on the Sync Agent. Select Find to populate the search results fields. Alternatively, search for a specific users and select Find. To add users to this profile, select the users, and select Add Selected.
Add Users to Profile Select the button to open the Find and List Users window.
Step 4
Select Save.
Troubleshooting Tip
You can see the LDAP profile information in the server health window in Cisco Unified Personal Communicator (Help > Show Server Health on Windows and Help > Show System Diagnostics on Mac).
Related Topics
How to Update User Configuration After Deploying Cisco Unified Personal Communicator, page 12-31
How to Integrate the LDAP Directory for Contact Searches on XMPP Clients
These topics describe how to configure the LDAP settings on Cisco Unified Presence to allow users of third-party XMPP client to search and add contacts from the LDAP directory. The JDS component on Cisco Unified Presence handles the third-party XMPP client communication with the LDAP directory. Third-party XMPP clients send queries to the JDS component on Cisco Unified Presence. The JDS component sends the LDAP queries to the provisioned LDAP servers, and then sends the results back to the XMPP client. Before you perform the configuration described here, perform the configuration to integrate the XMPP client with Cisco Unified Communications Manager and Cisco Unified Presence. See chapter Integrating Third-Party XMPP Client Applications on Cisco Unified Presence, page 8-1.

LDAP Account Lock Issue, page 14-14 Configuring LDAP Server Names and Addresses for XMPP Clients, page 14-14 Configuring the LDAP Search Settings for XMPP Clients, page 14-15 Turning On The Cisco UP XCP Directory Service, page 14-17
14-13
Chapter 14 How to Integrate the LDAP Directory for Contact Searches on XMPP Clients
LDAP Account Lock Issue

If you enter the wrong password for the LDAP server that you configure for third-party XMPP clients, and you restart the XCP services on Cisco Unified Presence, the JDS component will perform multiple attempts to sign in to the LDAP server with the wrong password. If the LDAP server is configured to lock out an account after a number of failed attempts, then the LDAP server may lock the JDS component out at some point. If the JDS component uses the same credentials as other applications that connect to LDAP (applications that are not necessarily on Cisco Unified Presence), these applications will also be locked out of LDAP. To fix this issue, configure a separate user, with the same role and privileges as the existing LDAP user, and allow only JDS to sign in as this second user. If you enter the wrong password for the LDAP server, only the JDS component is locked out from the LDAP server.
Configuring LDAP Server Names and Addresses for XMPP Clients

If you choose to enable SSL, configure a secure connection between the LDAP server and Cisco Unified Presence. Upload the root CA certificate to Cisco Unified Presence as an xmpp-trust-certificate, following the certificate upload procedure described in this module. The subject CN in the certificate must match the FQDN of the LDAP server.
Note
If you import a certificate chain (more than one certificate from the root node to the trusted node), import all certificates in the chain except the leaf node. For example, if the CA signs the certificate for the LDAP server, you just import the CA certificate, not the certificate for the LDAP server.
Before You Begin
Obtain the hostnames or IP addresses of the LDAP directories.
Procedure
Select Cisco Unified Presence Administration > Application > Third-Party Clients > Third-Party LDAP Servers. Select Add New. Enter an ID for the LDAP server. Enter the hostname of the LDAP server. Specify the port number on the LDAP server that is listening to the TCP or SSL connection. The default port is 389. If you enable SSL, specify port 636. Specify the username and the password for the LDAP server. These values must match the credentials you configure on the LDAP server. See the LDAP directory documentation or the LDAP directory configuration for this information. Check Enable SSL if you want to use Secure Socket Layer (SSL) to communicate with the LDAP server. Select Save. Start the Cisco UP XCP Router service on all nodes in the cluster (if this service is not already running).
Step 6
14-14
Chapter 14
If you enable SSL, the XMPP contact searches may be slower because of the negotiation procedures at SSL connection setup, and data encryption and decryption after Cisco Unified Presence establishes the SSL connection. As a result, if your users perform XMPP contact searches extensively in your deployment, this could impact the overall system performance. You can use the certificate import tool to check the communication with the LDAP server hostname/port after you have upload the certificate for the LDAP server. Select Cisco Unified Presence Administration > System > Security > Certificate Import Tool. If you make an update to the LDAP server configuration for third-party XMPP clients, perform one of these actions:
If you are running Cisco Unified Presence Release 8.5(x), restart the Cisco UP XCP Directory
Service. Select Cisco Unified Serviceability > Tools > Control Center - Feature Services to restart this service.
Related Topics

LDAP Account Lock Issue, page 14-14 Secure Connection Between Cisco Unified Communications Manager and the LDAP Directory, page 14-3 Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory, page 14-6
What To Do Next
Configuring the LDAP Search Settings for XMPP Clients, page 14-15
Configuring the LDAP Search Settings for XMPP Clients

You must specify the LDAP search settings that will allow Cisco Unified Presence to successfully perform contact search for third-party XMPP clients Third-party XMPP clients connect to an LDAP server on a per-search basis. If the connection to the primary server fails, the XMPP client tries the first backup LDAP server, and if it is not available, it then tries the second backup server and so on. If an LDAP query is in process when the system fails over, the next available server completes this LDAP query. Optionally you can turn on the retrieval of vCards from the LDAP server. If you turn on vCard retrieval:

The corporate LDAP directory stores the vCards. When XMPP clients search for their own vCard, or the vCard for a contact, the vCards are retrieved from LDAP via the JDS service. Clients cannot set or modify their own vCard as they are not authorized to edit the corporate LDAP directory. Cisco Unified Presence stores the vCards in the local database. When XMPP clients search for their own vCard, or the vCard for a contact, the vCards are retrieved from the local Cisco Unified Presence database.
If you turn off the retrieval of vCards from LDAP server:

14-15
Clients can set or modify their own vCard.
Before You Begin
Specify the LDAP server names and addresses for XMPP clients.
Procedure
Step 1 Step 2
Select Cisco Unified Presence Administration > Application > Third-Party Clients > Third-Party LDAP Settings. Enter information into the fields.
Table 14-2
Field LDAP Server Type
Setting Select an LDAP server type from this list:

Microsoft Active Directory Generic Directory Server - Select this menu item if you are using any other supported LDAP server type (iPlanet, Sun ONE or OpenLDAP).
User Object Class
Enter the User Object Class value appropriate to your LDAP server type. This value must match the User Object Class value configured on your LDAP server. If you use Microsoft Active Directory, the default value is user. Enter the Base Context appropriate to your LDAP server. This value must match a previously configured domain, and/or an organizational structure on your LDAP server. Enter the User Attribute value appropriate to your LDAP server type. This value must match the User Attribute value configured on your LDAP server. If you use Microsoft Active Directory, the default value is sAMAccountName. Select a primary LDAP server. (Optional) Select a backup LDAP server. (Optional) Select a backup LDAP server.
Base Context
User Attribute
LDAP Server 1 LDAP Server 2 LDAP Server 3

Step 3
Check Build vCards from LDAP if you want to enable users to request vCards for their contacts and retrieve the vCard information from the LDAP server. Leave the check box unchecked if you want clients to be able to automatically request vCards for users as users join the contact list. In this case, clients retrieve the vCard information from the local Cisco Unified Presence database. Enter the LDAP field required to construct the vCard FN field. Clients use the value in the vCard FN field to display the contact's name in the contact list when a user requests a contact's vCard. In the Searchable LDAP Attributes table, map the client user fields to the appropriate LDAP user fields. If you use Microsoft Active Directory, Cisco Unified Presence populates the default attribute values in the table.
Step 4 Step 5
Step 6 Step 7
Select Save. Start the Cisco UP XCP Router service (if this service is not already running)
14-16
Chapter 14
If you make an update to the LDAP search configuration for third-party XMPP clients, perform one of these actions:
If you are running Cisco Unified Presence Release 8.5(x), restart the Cisco UP XCP Directory
Service. Select Cisco Unified Serviceability > Tools > Control Center - Feature Services to restart this service.
Related Topics
Configuring LDAP Server Names and Addresses for XMPP Clients, page 14-14
What To Do Next
Turning On The Cisco UP XCP Directory Service, page 14-17
Turning On The Cisco UP XCP Directory Service

You must turn on the Cisco UP XCP Directory Service to allow users of a third-party XMPP client to search and add contacts from the LDAP directory. Turn on the Cisco UP XCP Directory Service on all nodes in the cluster.
Note
Do not turn on the Cisco UP XCP Directory Service until you configure the LDAP server, and LDAP search settings for third-party XMPP clients. If you turn on the Cisco UP XCP Directory Service, but you do not configure the LDAP server, and LDAP search settings for third-party XMPP clients, the service will start, and then stop again.
Before You Begin
Configure the LDAP server, and LDAP search settings for third-party XMPP clients.
Procedure
Select Cisco Unified Serviceability > Tools > Service Activation. Select the Cisco Unified Presence server from the Server menu. Select Cisco UP XCP Directory Service. Select Save.
Related Topics

Configuring LDAP Server Names and Addresses for XMPP Clients, page 14-14 Configuring the LDAP Search Settings for XMPP Clients, page 14-15
14-17
14-18
CH A P T E R
15
Configuring a Cisco Unified Presence Intercluster Deployment

November 21, 2011
About Intercluster Deployments, page 15-1 Prerequisites for Intercluster Deployment, page 15-3 How to Configure Intercluster Peers, page 15-4 How to Perform Intercluster Upgrades, page 15-7
About Intercluster Deployments

Intercluster Peer Relationships, page 15-1 Intercluster Router to Router Connections, page 15-2 Secure Intercluster Router to Router Connections, page 15-3 Node Name Value for Intercluster Deployments, page 15-2 Domain Value for Intercluster Deployments, page 15-3
Intercluster Peer Relationships

You can configure peer relationships that interconnect standalone Cisco Unified Presence clusters, known as intercluster peers. This intercluster peer functionality allows users in one Cisco Unified Presence cluster to communicate and subscribe to the availability information of users in a remote Cisco Unified Presence cluster within the same domain. Keep in mind that if you delete an intercluster peer from one cluster, then you must also delete the corresponding peer in the remote cluster. Cisco Unified Presence uses the AXL/SOAP interface to retrieve user information for the home cluster association. Cisco Unified Presence uses this user information to detect if a user is a local user (user on the home cluster), or a user on a remote Cisco Unified Presence cluster within the same domain. Cisco Unified Presence uses the XMPP interface for the subscription and notification traffic. If Cisco Unified Presence detects a user to be on a remote cluster within the same domain, Cisco Unified Presence reroutes the messages to the remote cluster.
15-1
Chapter 15 About Intercluster Deployments
Note
If you configure an intercluster deployment between a Cisco Unified Presence Release 8.0(x) cluster and a cluster running a previous version of Cisco Unified Presence, Cisco Unified Presence uses the existing SIP interface for the subscription and notification traffic.
Related Topics
How to Perform Intercluster Upgrades, page 15-7
Intercluster Router to Router Connections

By default, Cisco Unified Presence assigns all nodes in a cluster as intercluster router-to-router connectors. When Cisco Unified Presence establishes an intercluster peer connection between the clusters over the AXL interface, it synchronizes the information from all intercluster router-to-router connector nodes in the home and remote clusters. You must restart the Cisco UP XCP Router service on all nodes in both local and remote clusters for Cisco Unified Presence to establish a connection between the intercluster router-to-router connector nodes. Each intercluster router-to-router connector in one cluster then either initiates or accepts an intercluster connection with router-to-router connectors in the other cluster.
Note
In an intercluster deployment, when you add a new node to a cluster, you must restart the Cisco UP XCP router on all nodes in both the local and remote clusters.
Related Topics
Secure Intercluster Router to Router Connections, page 15-3
Node Name Value for Intercluster Deployments

Note
This topic is only applicable if you are not using DNS in your network. If you configure an intercluster deployment, and you do not use DNS in your network, you must configure the node name value as the IP address of the node. During installation Cisco Unified Presence only permits you to specify the hostname as the node name value. Therefore, once you complete the installation, you must change the node name value to the IP address of the node. Perform this configuration on all nodes in both the local and remote clusters.
Related Topics

Creating, Assigning and Moving Nodes in System Topology, page 6-7 Domain Value for Intercluster Deployments, page 15-3
15-2
Chapter 15
Configuring a Cisco Unified Presence Intercluster Deployment Prerequisites for Intercluster Deployment
Domain Value for Intercluster Deployments

Note
This topic is only applicable if you are not using DNS in your network. If you configure an intercluster deployment, and you do not use DNS in your network, note the following:

The Domain value on the local server must match the Domain value on the remote server. Cisco Unified Presence automatically defaults to the Domain value PROXY.DOMAIN.NOT.SET. On both the local and remote cluster, you must replace this default value with a valid Domain value, otherwise the intercluster functionality will not work correctly. If you configure an intercluster deployment between a Cisco Unified Presence Release 8.x cluster and a Cisco Unified Presence Release 7.0(x) cluster, and the 7.0(x) cluster uses the default domain value "PROXY_DOMAIN_NOT_SET" or a value that does not match the Cisco Unified Presence Release 8.x cluster, replace this value to match the Domain value on Cisco Unified Presence Release 8.x cluster.
To configure the Domain value, follow the procedures described in Configuring the Domain Value, page 6-26.
Related Topics
Node Name Value for Intercluster Deployments, page 15-2
Secure Intercluster Router to Router Connections

You can configure a secure XMPP connection between all router-to-router connectors in your Cisco Unified Presence deployment, incorporating both intracluster and intercluster router to router connections. Select Cisco Unified Presence Administration > System > Security > Settings, and check Enable XMPP Router-to-Router Secure Mode. When you turn on the secure mode for XMPP router-to-router connections, Cisco Unified Presence enforces a secure SSL connection using XMPP trust certificates. For intercluster deployments, Cisco Unified Presence enforces a secure SSL connection between each router-to-router connector node in the local cluster, and each router connector node in the remote cluster.
Related Topics
Intercluster Router to Router Connections, page 15-2
Prerequisites for Intercluster Deployment

You configure an intercluster peer between the publisher nodes in standalone Cisco Unified Presence clusters. No configuration is required on the subscriber nodes in a cluster for intercluster peer connections. Before you configure Cisco Unified Presence intercluster peers in your network, note the following:
The intercluster peers must each integrate with a different Cisco Unified Communications Manager cluster.
15-3
Chapter 15 How to Configure Intercluster Peers
You must complete the required multi-node configuration in both the home Cisco Unified Presence cluster, and in the remote Cisco Unified Presence cluster:
Configure the system topology and assign your users as required. Activate the services on each Cisco Unified Presence node in the cluster.
You must turn on the AXL interface on the local Cisco Unified Presence publisher node, and on the remote Cisco Unified Presence publisher node. Cisco Unified Presence creates, by default, an intercluster application user with AXL permissions. To configure an intercluster peer, you will require the username and password for the intercluster application user on the remote Cisco Unified Presence server. You must turn on the Sync Agent on the local Cisco Unified Presence publisher node, and on the remote Cisco Unified Presence publisher node. Allow the Sync Agent to complete the user sychronization from Cisco Unified Communications Manager before you configure the intercluster peers.
For sizing and performance recommendations for intercluster deployments, including information on determining a presence user profile, see the Cisco Unified Presence SRND.
Related Topics

Performing a Fresh Multi-Node Installation, page 5-3 Cisco Unified Communication SRND: http://www.cisco.com/go/designzone
How to Perform Intercluster Upgrades, page 15-7
How to Configure Intercluster Peers

Configuring an Intercluster Peer, page 15-4 Turning On the Intercluster Sync Agent, page 15-6 Verifying the Intercluster Peer Status, page 15-6 Updating Intercluster Sync Agent Tomcat Trust Certificates, page 15-7
Configuring an Intercluster Peer

Perform this procedure on the publisher node of the local Cisco Unified Presence cluster, and on the publisher node of the remote Cisco Unified Presence cluster (with which you want your local cluster to form a peer relationship with).
Before You Begin

Activate the AXL interface on the local Cisco Unified Presence node, and confirm that the AXL interface is activated on the remote Cisco Unified Presence publisher node. Confirm that the Sync Agent has completed the user synchronization from Cisco Unified Communications Manager on the local and remote cluster. Acquire the AXL username and password for the intercluster application user on the remote Cisco Unified Presence server. If you do not use DNS in your network, read the Domain topic and the Node Name topic in this module.
15-4
Chapter 15
Configuring a Cisco Unified Presence Intercluster Deployment How to Configure Intercluster Peers
Restriction
We recommend that you use TCP as the intercluster trunk transport for all Cisco Unified Presence clusters.
Procedure
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9
Select Cisco Unified Presence Administration > Presence > Inter-Clustering. Enter the IP address of the publisher node of a remote Cisco Unified Presence cluster. Enter the username of the application user on the remote Cisco Unified Presence server that has AXL permissions. Enter the associated password of the application user on the remote Cisco Unified Presence server that has AXL permissions. Enter the preferred protocol for SIP communication. (Optional) Enter the External Phone Number Mask value. This is the E164 mask to apply to Directory Numbers retrieved from the remote cluster. Select Save. Restart the Cisco UP XCP Router service on all nodes in the local cluster. Repeat this procedure to create the remote intercluster peer, and then restart the Cisco UP XCP Router service on all nodes in the remote cluster
If you configure an intercluster deployment between a Cisco Unified Presence Release 8.0(x) cluster and a Cisco Unified Presence release 7.0(x) cluster, you must turn on the XCP SIP Federation Connection Manager service on all nodes in the Cisco Unified Presence Release 8.0(x) cluster. To turn on the XCP SIP Federation Connection Manager, select Cisco Unified Serviceability > Tools > Service Activation. If you configure the intercluster peer connection before the Sync Agent completes the user synchronization from Cisco Unified Communications Manager (on either the local or remote cluster), the status of the intercluster peer connection will display as failed. If DNS is available in your network, you can configure the address for the intercluster peer as the DNS SRV FQDN that resolves to the remote Cisco Unified Presence cluster nodes. If you select TLS as the intercluster transport protocol, Cisco Unified Presence attempts to automatically exchange certificates between intercluster peers to establish a secure TLS connection. Cisco Unified Presence indicates whether or not the certificate exchange is successful in the intercluster peer status section.
What To Do Next
Turning On the Intercluster Sync Agent, page 15-6

Related Topics

Restarting the Cisco UP XCP Router Service, page 6-2 Node Name Value for Intercluster Deployments, page 15-2 Domain Value for Intercluster Deployments, page 15-3 How to Perform Intercluster Upgrades, page 15-7
15-5
Chapter 15 How to Configure Intercluster Peers
Verifying the Intercluster Peer Status, page 15-6
Turning On the Intercluster Sync Agent

By default, Cisco Unified Presence turns on the Intercluster Sync Agent parameter. Use this procedure to either verify that the Intercluster Sync Agent parameter is on, or to manually turn on this service. The Intercluster Sync Agent uses the AXL/SOAP interface for the following:

to retrieve user information for Cisco Unified Presence to determine if a user is a local user (on the local cluster), or a user on a remote Cisco Unified Presence cluster within the same domain. to notify remote Cisco Unified Presence clusters of changes to users local to the cluster.
Note
You must turn on the Intercluster Sync Agent on all nodes in the Cisco Unified Presence cluster because in addition to synchronizing user information from the local publisher node to the remote publisher node, the Intercluster Sync Agent also handles security between all nodes in the clusters.
Procedure
Select Cisco Unified Serviceability > Tools > Control Center - Network Services. Select the Cisco Unified Presence server from the Server menu. Select Cisco UP Intercluster Sync Agent. Select Start.
Related Topics

Configuring an Intercluster Peer, page 15-4 About the Multi-Node Scalability Feature, page 4-1
What To Do Next
Verifying the Intercluster Peer Status, page 15-6
Verifying the Intercluster Peer Status

Procedure
Select Cisco Unified Presence Administration > Presence > Inter-Clustering. Select the peer address from the search criteria menu. Select Find. Select the peer address entry that you wish to view. In the Intercluster Peer Status window:

Verify that there are check marks beside each of the result entries for the intercluster peer. Make sure that the Associated Users value equals the number of users on the remote cluster.
15-6
Chapter 15
Configuring a Cisco Unified Presence Intercluster Deployment How to Perform Intercluster Upgrades
If you select TLS as the intercluster transport protocol, the Certificate Status item displays the status of the TLS connection, and indicates if Cisco Unified Presence successfully exchanged security certificates between the clusters. If the certificate is out-of-sync, you need to manually update the tomcat trust certificate (as described in this module). For any other certificate exchange errors, check the Online Help for a recommended action.
Step 6 Step 7
Select Cisco Unified Presence Administration > Diagnostics > System Troubleshooter. Verify that there are check marks beside the status of each of the intercluster peer connection entries in the InterClustering Troubleshooter section.
Related Topics
Updating Intercluster Sync Agent Tomcat Trust Certificates, page 15-7
Updating Intercluster Sync Agent Tomcat Trust Certificates

If the tomcat certificate status for an intercluster peer is out-of-sync, you need to update the Tomcat trust certificate. In an intercluster deployment this error can occur if you reuse the existing Intercluster Peer Configuration to point to a new remote cluster. Specifically, in the existing Intercluster Peer Configuration window, you change the Peer Address value to point to a new remote cluster. This error can also occur in a fresh Cisco Unified Presence install, or if you change the Cisco Unified Presence host or domain name, or if you regenerate the Tomcat certificate. This procedure describes how to update the Tomcat trust certificate when the connection error occurs on the local cluster, and the bad Tomcat trust certificates are associated with the remote cluster.
Procedure
Select Cisco Unified Presence Administration > Presence > Inter-Clustering. Select Force Sync to synchronize certificates with the remote cluster. In the confirmation window that displays, select Also resync peer's Tomcat certificates. Select OK.
Related Topics

Verifying the Intercluster Peer Status, page 15-6 How to Perform Intercluster Upgrades, page 15-7
How to Perform Intercluster Upgrades

This section is applicable to the following Cisco Unified Presence intercluster upgrades:

Cisco Unified Presence Release 7.x to Release 8.0(x) Cisco Unified Presence Release 7.x to Release 8.5(x) Prerequisites for an Intercluster Upgrade, page 15-8 Roster Migration for Intercluster Upgrade, page 15-8
15-7
Chapter 15 How to Perform Intercluster Upgrades
Contact List Size for Intercluster Upgrade, page 15-9 SIP Remote Contact Limit, page 15-9 Performing an Intercluster Upgrade, page 15-9
Prerequisites for an Intercluster Upgrade

Before you perform the software upgrade to Cisco Unified Presence Release 8.x, we highly recommend that you turn off (deactivate) the Cisco UP Presence Engine service in the local Cisco Unified Presence cluster. If you intend to upgrade all clusters to Release 8.x, you should turn off (deactivate) the Cisco UP Presence Engine on all clusters until you complete the intercluster upgrade in your intercluster deployment. Once you complete the upgrades in your deployment, verify the status of the intercluster peer connections are ok, and there are no pending system notifications. You can then turn on (activate) the Cisco UP Presence Engine on all nodes in all clusters. You may experience high CPU (possibly for several hours) while the Cisco UP Presence Engine attempts to reestablish any presence subscriptions with remote contacts. If you intend to leave an intercluster peer on Release 7.0(x), verify the status of the intercluster peer connections are ok. Enable the Cisco UP XCP SIP Federation Connection Manager service before you turn on (activate) the Cisco UP Presence Engine service, as described in the intercluster upgrade procedure Performing an Intercluster Upgrade, page 15-9. You may experience high CPU (possibly for several hours) while the Cisco UP Presence Engine attempts to reestablish any presence subscriptions with remote contacts. For intercluster presence to work between a Cisco Unified Presence Release 7.0(x) cluster and a Cisco Unified Presence Release 8.0(x), the proxy service parameter RecordRoute should be enabled.
Roster Migration for Intercluster Upgrade

When you turn on the Cisco UP Presence Engine on the local publisher node and the remote publisher node, Cisco Unified Presence migrates the remote contact information to the local cluster (roster migration), and reestablishes the presence subscriptions with remote contacts in both the local and remote cluster. To allow Cisco Unified Presence to reestablish the presence subscriptions with remote contacts in both the local and the remote cluster, you must reestablish the intercluster router to router connections (by restarting the Cisco UP XCP Router) before you turn on the Cisco UP Presence Engine. Until the roster migration is complete, local users will not see the availability status of remote contacts, and remote contacts will not see the availability of their contacts belonging to the local cluster.
Note
Cisco Unified Presence does not automatically start the roster migration immediately after you reestablish the intercluster router to router connections. Therefore, if you do not follow the sequence described here, and manually turn on the Cisco UP Presence Engine after you restart the Cisco UP XCP Router, it may take up to one day for Cisco Unified Presence to reestablish the presence subscriptions to remote contacts in both the local and remote clusters. If this presence subscription interval time (one day) elapses before Cisco Unified Presence has successfully reestablished presence subscriptions, you can restart the Cisco UP Presence Engine to reset the interval.
15-8
Chapter 15
Related Topic
Performing an Intercluster Upgrade, page 15-9
Contact List Size for Intercluster Upgrade

If you upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.x, presence subscriptions to remote contacts will not work for users who have reached their contact list size limit on the local or remote cluster. The System Troubleshooter in Cisco Unified Presence Administration indicates if there are users who have reached the contact list limit. To fix this issue, you must increase the maximum contact list size value.
Related Topics
Configuring the SIP Publish Trunk on Cisco Unified Presence, page 6-48
SIP Remote Contact Limit

Cisco Unified Presence has a maximum limit on the number of SIP remote contacts that can be active at one time. This maximum value changes based on platform type, see Table 15-1. If you leave an intercluster peer running Release 7.0(x), you may exceed this limit depending on the number of remote contacts on the 7.0(x) peer clusters. If you exceed the limit, Cisco Unified Presence will not process the remaining contacts.
Table 15-1 SIP Subscription Limits
Platform MCS-7825 (100MB pre-allocation) MCS-7845 (450MB pre-allocation)
Simultaneous SIP Subscriptions 45000 202500
Simultaneous SIP Call-legs 5000 22500
You can configure the pre-allocated SIP stack memory value on Cisco Unified Presence. Select Cisco Unified Presence Administration > System > Service Parameters > Cisco UP XCP SIP Federation Connection Manager, and configure the Pre-allocated SIP stack memory (bytes) value
Performing an Intercluster Upgrade

To perform an intercluster upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.0(x), follow the intercluster upgrade procedure outlined in this topic. To perform an intercluster upgrade from Cisco Unified Presence Release 7.0(x) to Release 8.5(x) follow the intercluster upgrade procedure outlined in this topic, however skip steps 4 and 5, as you no longer need to restart the Cisco UP XCP Router.
Note
In your intercluster deployment, if Cisco Unified Presence cluster A is running Release 8.0(x), and cluster B is running Release 8.5(x), when you upgrade cluster A to Release 8.5(x), you do not need to restart the Cisco UP XCP Router on cluster B.
15-9
Before You Begin
Before you perform the software upgrade, turn off the Cisco UP Presence Engine on all nodes in the local cluster, see Prerequisites for Intercluster Deployment, page 15-3.
Procedure
Perform the software upgrade in the local cluster. Check the status of the intercluster peer connection. If the tomcat certificate is out-of-sync, you need to manually update the tomcat trust certificate following the procedure we describe in this module. On each node in the upgraded cluster, turn on the XCP services that are applicable to your deployment. Restart the Cisco UP XCP Router on all nodes in the local cluster. Restart the Cisco UP XCP Router on all nodes in any remote cluster that you have already upgraded to Cisco Unified Presence Release 8.0(x) prior to this upgrade. When you restart the Cisco UP XCP Router, Cisco Unified Presence establishes the connection between intercluster router to router connectors in the home and remote clusters.
Step 6
Check the following:

Check the status of the intercluster peer connection again. If the intercluster peer status is ok, move to the next step. Select Cisco Unified Presence > System > Notifications and verify that there are no active notifications. If there are no active notifications, move to the next step.
Step 7
If the remote cluster has an intercluster peer connection with a Cisco Unified Presence Release 7.0(x) cluster, or the remote cluster is running interdomain federation over SIP, restart the Cisco UP XCP SIP Federation Connection Manager service on all nodes in the remote cluster that you have already upgraded to Cisco Unified Presence Release 8.x. If the remote cluster does not have an intercluster peer connection with a 7.0(x) cluster, or is not running interdomain federation over SIP, turn off the Cisco UP XCP SIP Federation Connection Manager. If the local cluster that you upgrade to Cisco Unified Presence Release 8.x has an intercluster peer connection with a remote Cisco Unified Presence Release 7.0(x) cluster, you must turn on the Cisco UP XCP SIP Federation Connection Manager service on all nodes in the local cluster.
Step 8
Note
If, following this upgrade, all peer clusters in your intercluster deployment are running Cisco Unified Presence Release 8.x, and no clusters are running interdomain federation over SIP, you can turn off the Cisco UP XCP SIP Federation Connection Manager service on all clusters. Turn on the Cisco UP Presence Engine on all nodes in the local cluster, Turn on the Cisco UP Presence Engine on all nodes in any remote cluster that you have already upgraded to Cisco Unified Presence Release 8.x prior to this upgrade.
Step 9 Step 10
Note
If you perform an intercluster upgrade from Cisco Unified Presence Release 8.0(x) to Cisco Unified Presence Release 8.0(x), you must restart the Cisco UP XCP Router on all nodes in both the local and remote clusters.
Step 11
Verify that the roster migration is complete, see Verifying that the Roster Migration is Complete on Cisco Unified Presence, page 15-11.
15-10
Chapter 15
Step 12
Request that all Cisco Unified Personal Communicator users in the local and remote cluster sign out, and sign back in to the application.
The Presence Viewer only displays local watchers. Therefore, if you configure an intercluster peer connection between a Cisco Unified Presence Release 8.0(x) cluster and a Cisco Unified Presence Release 7.0(x) cluster. when you view the profile of a user on the Presence viewer on Cisco Unified Presence Release 7.0(x), any Cisco Unified Presence Release 8.0(x) watchers are not displayed. Similarly, if you view the profile of a user on the Presence Viewer on Cisco Unified Presence Release 8.0(x), any Cisco Unified Presence Release 7.0(x) watchers are not displayed.
Related Topics

Performing a Software Upgrade, page 5-6 Restarting the Cisco UP XCP Router Service, page 6-2 Verifying the Intercluster Peer Status, page 15-6 Updating Intercluster Sync Agent Tomcat Trust Certificates, page 15-7 How to Turn On the Cisco Unified Presence Services, page 6-49 For information on performing a software upgrade from Cisco Unified OS Administration, see the Cisco Unified Operating System Maintenance Guide for Cisco Unified Presence at this URL: http://www.cisco.com/en/US/products/ps6837/prod_maintenance_guides_list.html
Verifying that the Roster Migration is Complete on Cisco Unified Presence

After you perform the intercluster upgrade, the roster migration process continues on Cisco Unified Presence for the remote users for a long period. Use this procedure to verify that the roster migration is complete and the system is ready.
Note
Only perform this procedure after you complete the upgrade procedure, switch Cisco Unified Presence software versions, and complete the required configuration on Cisco Unified Presence (licensing, feature configuration and start the required services).
Procedure
Step 1
Run this CLI command to check the roster upgrade queue on all nodes in the Cisco Unified Presence 8.x local cluster and all nodes in the Cisco Unified Presence 8.x remote clusters
run sql select count(*) from rosterupgradequeue
If the rosterupgradequeue table for all of the local or remote clusters is empty, the roster migration is complete. If the rosterupgradequeue table for any of the local or remote clusters is not empty, the roster migration is not complete yet (proceed to step 2).
Step 2
If the rosterupgradequeue is not empty and the entry on rosterupgradequeue has not decreased over time, then perform the following steps on Cisco Unified Presence:
On the publisher node in both the local and remote Cisco Unified Presence 8.x clusters, check that the maximum contact size limitation is set to zero.
15-11
On the publisher node in both the local and remote Cisco Unified Presence 8.x clusters, check for any system notifications. On the publisher node in both the local and remote Cisco Unified Presence 8.0(x) clusters, check that the correct license file is present. On the publisher node, check that the required services are running, and if they are not, perform these steps:
Restart the Cisco UP Intercluster Sync Agent on all nodes in the Cisco Unified Presence 8.0(x)
local cluster and all nodes in the Cisco Unified Presence 8.0(x) remote clusters.
On the local publisher node, restart the Cisco UP Config Agent service. Step 3
Restart the Cisco UP XCP Router service on all local Cisco Unified Presence nodes and on all remote Cisco Unified Presence nodes. Restart the Cisco UP Presence Engine service on all local Cisco Unified Presence nodes and on all remote Cisco Unified Presence nodes. Restart the Cisco UP XCP SIP Federation Connection Manager service on all remote 7.0(x) Cisco Unified Presence clusters.
It may be necessary to repeat steps 1-2 until the rosterupgradequeue tables are empty on all nodes in the local Cisco Unified Presence cluster and remote Cisco Unified Presence clusters. However, note that roster migration is a CPU intensive process, and a process that takes a significant time to complete. The completion time is dependent on the size of the remote contact and rosters table in your deployment.
If you switch the software version from Cisco Unified Presence Release 8.0(x) back to Cisco Unified Presence Release 7.0(x) on local cluster, make sure that the rosterupgradequeue table is empty on all nodes in the remote 8.0(x) clusters before you perform an upgrade in local cluster again.
Related Topics
Performing an Intercluster Upgrade, page 15-9
15-12
CH A P T E R
16
Configuring Active Directory for Cisco Unified Personal Communicator Release 8.5(x)
November 21, 2011
The phone numbers and other user information for Cisco Unified Personal Communicator are provided by Active Directory. Cisco Unified Client Services Framework provides Active Directory services for Cisco Unified Personal Communicator. Cisco Unified Client Services Framework can use either of the following mechanisms to retrieve contact information from an Active Directory server:
Enhanced Directory Integration (EDI): EDI uses native Windows APIs. If you select to use EDI, you might not need to do any further configuration, depending on how your clients can access the directory. Basic Directory Integration (BDI): The integration is not native to Windows environments, and requires configuration.
We recommend that you use EDI because EDI provides significant advantages over BDI, as described in Feature Comparison of Enhanced and Basic Directory Integration, page 16-2. If you use BDI, or use EDI and do additional configuration, you must deploy the configuration settings to the computers in your Cisco Unified Communications system. To do this, you can use Active Directory Group Policy.
Related Topics

Feature Comparison of Enhanced and Basic Directory Integration, page 16-2 Specifying How Cisco Unified Client Services Framework Integrates with Active Directory, page 16-3 Mapping Keys Required for Basic and Enhanced Directory Integration, page 16-3 About Enhanced Directory Integration, page 16-3 About Configuring Enhanced Directory Integration with Active Directory, page 16-7 About Basic Directory Integration, page 16-14 About Phone Number Masks, page 16-20 About Retrieving Photos for Contacts, page 16-23 How to Perform Intercluster Upgrades, page 15-7
16-1
Chapter 16 Configuring Active Directory for Cisco Unified Personal Communicator Release 8.5(x) Feature Comparison of Enhanced and Basic Directory Integration
Feature Comparison of Enhanced and Basic Directory Integration

Table 16-1 lists the features that are available with enhanced and basic directory integration. Use this table to help you decide which mechanism is most suitable for your Cisco Unified Communications system.
Table 16-1 Feature Comparison of Enhanced and Basic Directory Integration
Feature Configured as the default mechanism for Active Directory integration Requires minimal configuration Automatic discovery of directory service Supports connection to the Active Directory domain controller (DC)
Enhanced No Yes Yes Yes
Basic Yes No No, requires configuration Yes, requires configuration
Supports connection to the Active Directory global catalog (GC) Yes, supported by Yes, requires default configuration Supports connection to Active Directory Lightweight Directory Yes Services (AD LDS) and Active Directory Application Mode (ADAM) servers You can define the service and port for the directory service You can configure a back-up directory server You can define search bases SSL is supported You can use the Windows certificate store for SSL Yes, optional Yes Yes, up to 5 Yes Yes Partial, proxy authentication not supported Yes, required No Yes, up to 5 Yes No, you must use the Java store No, unless you use SSL No No Yes Yes, but the map must be defined No Yes Yes Yes No
Support for encryption of Active Directory credentials
Yes
Support for integrated authentication with Windows credentials Yes Administrator can define alternative credentials User can define alternative credentials Custom attribute map Yes Yes Yes
Phone attribute search scope control Can customize LDAP queries Support for phone number masks Can retrieve contact photo URL Can retrieve binary photo object
Yes Yes Yes Yes Yes
16-2
Chapter 16
Configuring Active Directory for Cisco Unified Personal Communicator Release 8.5(x) Specifying How Cisco Unified Client Services Framework Integrates with Active Directory
Specifying How Cisco Unified Client Services Framework Integrates with Active Directory
Table 16-2 lists the registry subkeys that can be created or modified to specify whether to use Enhanced or Basic Directory Integration. The subkeys will be located in the following registry location: [HKEY_CURRENT_USER\Software\Cisco Systems, Inc.\Client Services Framework\AdminData]. The following subkeys must be created if they do not already exist.
Table 16-2 Registry Subkey for Configuration of Enhanced or Basic Directory Integration
Subkey Name
Description
EnableNativeDirectoryProv Specify whether to use Enhanced or Basic Directory Integration to get ider contact information from Active Directory. Enter one of the following values:

0: Use Basic Directory Integration. This is the default value. 1: Use Enhanced Directory Integration.
Data type: REG_SZ
Mapping Keys Required for Basic and Enhanced Directory Integration

This chapter provides information on the configuration of both Basic and Enhanced Directory Integration. The following guidelines are provided to ensure registry key explanations that are only applicable to only one type of directory integration or both are clear and easily understood by the administrator:
The registry keys LDAP_AttributeName_uri, LDAP_SearchByUsername, and LDAP_DisableNumberLookups listed in Table 16-8 provide services available to both Basic and Enhanced Directory Integration. The registry key EnableNativeDirectoryProvider in Table 16-8 and all keys listed in Table 16-4, Table 16-5, and Table 16-9 are applicable only to Enhanced Directory Integration. All registry keys listed in this chapter that are prefaced with LDAP_, with the exception of those listed in the first bullet, are applicable to Basic Directory Integration only.
About Enhanced Directory Integration

If you use Enhanced Directory Integration (EDI), you can benefit in the following ways:
You might not need to do any further configuration, depending on how your clients can access the directory. Your clients will connect securely to a Global Catalog (GC) server in the domain that the user is logged into. The GC server must be discoverable by DNS with Windows authentication. The credentials used are the credentials of the Windows user who is currently logged in.
The directory server is discovered automatically by DNS.
16-3
Chapter 16 About Enhanced Directory Integration
Users can sign in to a Windows domain, then access Active Directory without entering an Active Directory username and password. Connections to Active Directory Lightweight Directory Services (AD LDS) and Active Directory Application Mode (ADAM) servers that implement local and proxy authentication are supported. SSL is supported. The Windows certificate store is used, so you do not need to configure a separate certificate store. DNS provides failover support in Windows domains. DNS provides load balancing support in Windows domains. Anonymous binds and simple binds are supported.
Related Topics

Automatic Discovery of the Directory Service, page 16-4 Configuration of Directory Servers that Cannot Be Discovered Automatically, page 16-4 Connections to Global Catalog Servers or Domain Controllers, page 16-5 Usage of SSL, page 16-5 Usage of Windows Credentials, page 16-6 Usage of Non-Windows Credentials, page 16-6 Topics to Consider Before You Use Enhanced Directory Integration, page 16-6
Automatic Discovery of the Directory Service

If you configure Enhanced Directory Integration to use automatic discovery, the Cisco Unified Client Services Framework uses a similar method to discover the directory service that Windows uses to discover a domain controller (DC) or Global Catalog (GC). That is, the Cisco Unified Client Services Framework uses a DNS Service record (SRV) request. The Cisco Unified Client Services Framework searches for a GC server in the domain that the client computer is a member of. To identify the domain the client computer queries, check the value of the USERDNSDOMAIN environment variable of the computer.
Related Topics
Configuration of Directory Servers that Cannot Be Discovered Automatically, page 16-4
Configuration of Directory Servers that Cannot Be Discovered Automatically

If you configure a primary and a secondary server, Cisco Unified Personal Communicator attempts to connect to the primary server. If the primary server is not available, Cisco Unified Personal Communicator attempts to connect to the secondary server. If the connection to the secondary server is successful, the primary server is blacklisted for a period of time.
Related Topics
Automatic Discovery of the Directory Service, page 16-4
16-4
Chapter 16
Configuring Active Directory for Cisco Unified Personal Communicator Release 8.5(x) About Enhanced Directory Integration
Connections to Global Catalog Servers or Domain Controllers

We recommend that the LDAP and LDAPS connections in your Cisco Unified Communications system are configured to a Global Catalog (GC) server rather than to a domain controller (DC). The GC server holds primary directory attributes for all users in your Windows domain forest. The default search attributes that the Cisco Unified Client Services Framework uses are normally all available from a GC server. If LDAP and LDAPS connections are configured to a DC, directory searches from Cisco Unified Client Services Framework are restricted to data within that domain. Searches might not be able to resolve contact from peer subdomains within the organization. The administrator of the directory server might choose to connect to a DC if some search attributes are not present in the GC server. A DC only holds contact information for use in the domain that the DC manages. If your Cisco Unified Communications system uses custom attributes for phone numbers, then these attributes might not be available from the GC. If some attributes are not available from the GC, the directory server administrator might configure the Cisco Unified Personal Communicator to connect to a DC or to request the directory manager to enable the missing attribute on the GC server. If your system uses directory-based photos of contacts, confirm with your directory administrator that photo attributes are available from the GC. The directory administrator might enable these attributes in a GC server. If you configure Enhanced Directory Integration to use LDAP, any GC or DC server selection that you make is overwritten. The default ports used for GC and DC server connections are as follows:

GC: 3268 DC: 389
Usage of SSL
Enhanced Directory Integration (EDI) encrypts all authentication data by default. If your system requires encryption for both user credentials and query data, then you can enable SSL. You can use SSL for both global catalog (GC) and domain controller (DC) connections. When you use EDI, the certificate for the SSL connection must be present in the Windows certificate store. In a Windows domain, the certificate is typically already present in the certificate store on the client computer. The default protocols and ports that are used for GC and DC server connections when you use SSL are as follows:

GC: TCP, 3269 DC: TCP, 636
Usage of SSL for Users that Are Not Part of Your Domain
To use Enhanced Directory Integration (EDI) with users that are not part of your domain, you must use SSL, and each user outside your domain must have a certificate.
16-5
Chapter 16 About Enhanced Directory Integration
Certificates must be in the list of trusted root certificate authority (CA) certificates on the computers of your users. If the certificates come from a third party registrar, then the certificates might chain to a trusted root CA. If your certificates chain to a root CA that is not in the default set of trusted root certificates on the computer of a Cisco Unified Personal Communicator user, then the computer cannot negotiate with the server.
Usage of Windows Credentials

When client computers connect to an Active Directory server, encrypted authentication is used. If you connect to a non-Windows server, you might need to disable Windows encryption. When Windows encryption is disabled, a basic bind is used to connect to the directory. When you use a basic bind, the user credentials are transmitted in clear text. We recommend that you use SSL in this scenario.
Related Topics
Usage of SSL, page 16-5
Usage of Non-Windows Credentials

You might choose to use a common set of credentials for Cisco Unified Personal Communicator to authenticate for directory queries. In this scenario, you can push the credentials to all client computers. You might use this feature if your Cisco Unified Communications system accesses a third-party directory service. If the client computer does not provide credentials, then Enhanced Directory Integration (EDI) attempts to make an anonymous bind to the directory service.
Topics to Consider Before You Use Enhanced Directory Integration

Before you use Enhanced Directory Integration (EDI), you must consider the following topics:
The type of the directory that you need to connect to:

Global Catalog (GC) Active Directory or LDAP Active Directory Lightweight Directory Services (AD LDS), or Active Directory Application
Mode (ADAM)

Whether Windows authentication can be used. Whether the root of the directory is searched, or whether users are located in several search bases.
Related Topics
Sample Configuration Questions, page 16-13
16-6
Chapter 16
Configuring Active Directory for Cisco Unified Personal Communicator Release 8.5(x) About Configuring Enhanced Directory Integration with Active Directory
About Configuring Enhanced Directory Integration with Active Directory

For information about how to configure Enhanced Directory Integration, read the following topics:

Default Configuration of Active Directory with Enhanced Directory Integration, page 16-7 Configuration of the Connection for Enhanced Directory Integration, page 16-7 Directory Attributes Are Standard Active Directory Attribute Names, page 16-10 Configuration of Additional Directory Attributes, page 16-11 Active Directory Attributes That Must Be Indexed, page 16-12 Sample Configuration Questions, page 16-13
Default Configuration of Active Directory with Enhanced Directory Integration

Table 16-3 gives details of how Active Directory is configured with Enhanced Directory Integration (EDI) by default. If these configuration details do not meet your requirements, you might need to modify some of the settings appropriately.
Table 16-3 Default Configuration of Active Directory with EDI
Configuration Area Locating Global Catalog server Port Default search base Credentials Security Preferences for searches Directory attribute names
Related Topics

Description Uses DNS to locate the Global Catalog (GC) server or the domain controller (DC) for the domain of the Windows machine. The GC or DC is located by the DNS service (SRV) _gc record. 3268 Domain root, that is RootDSE. Connects with the credentials of the Windows user who is currently logged on. Uses a secure connection. subtree, chaseReferrals, timeout 5s, pageSize 100, PagedTimeLimit 5s Default Active Directory attribute names.
Configuration of the Connection for Enhanced Directory Integration, page 16-7 Directory Attributes Are Standard Active Directory Attribute Names, page 16-10
Configuration of the Connection for Enhanced Directory Integration

If the default configuration of Enhanced Directory Integration (EDI) does not meet your requirements, you might need to modify some of the settings appropriately. Table 16-4 lists the Active Directory configuration registry subkeys that can be created or modified. The subkeys are located in the following registry location:
16-7
Chapter 16 Configuring Active Directory for Cisco Unified Personal Communicator Release 8.5(x) About Configuring Enhanced Directory Integration with Active Directory
[HKEY_CURRENT_USER\Software\Cisco Systems, Inc.\Client Services Framework\Active Directory] The data type of the registry settings is REG_SZ, except where noted otherwise. Keys that do not already exist must be created.
Table 16-4 Registry Subkeys for Active Directory Connection Configuration
Subkey Names ConnectionType
Description Specify how you want Client Services Framework to discover the Active Directory. Enter one of the following values:
0: Use the Global Catalog (GC) or domain controller (DC) to discover the Active Directory server automatically. This is the default value. 1: Use LDAP.
Data type: REG_DWORD UseSecureConnection Specify whether Client Services Framework encrypts usernames and passwords on the connection. Enter one of the following values:

0: Use encryption. This is the default value. 1: Do not use encryption.
Data type: REG_DWORD UseSSL Specify whether Client Services Framework uses SSL to connect securely to the directory. Enter one of the following values:

0: Do not use SSL. This is the default value. 1: Use SSL.
Data type: REG_DWORD UseWindowsCredentials Specify whether Client Services Framework uses credentials, that is, usernames and passwords, from Windows or from another source. Enter one of the following values:

0: Use credentials from a source other than Windows. 1: Use Windows credentials. This is the default value.
Data type: REG_DWORD ConnectionUsername If you select to use credentials from a source other than Windows, specify the username to use when Client Services Framework connects to the Active Directory. The default is that this subkey name is not used. ConnectionPassword If you select to use credentials from a source other than Windows, specify the password to use when Client Services Framework connects to the Active Directory. The default is that this subkey name is not used.
16-8
Chapter 16
Table 16-4
Registry Subkeys for Active Directory Connection Configuration (continued)
Subkey Names BaseFilter
Description Only use this subkey name if the object type that you want to retrieve with queries that you execute against Active Directory is not a user object. The default value is (objectCategory=person). The following example base filter would exclude disabled users: (&(objectCategory=person)(objectClass=user)( !(userAccountControl:1.2.840.113556.1.4.803:=2))
Note
Remove the last bracket from all filters. This is the due to the way the filter is loaded.
SearchTimeout PrimaryServerName
Specify the timeout period for queries, in seconds. The default value is 5. Specify the FQDN or IP address of the primary server to connect to for directory access, if the server cannot be discovered by DNS. The default is that this subkey name is not used. Specify the FQDN or IP address of the backup server to connect to for directory access, if the server that cannot be discovered by DNS. The default is that this subkey name is not used. Specify the port of the primary server that cannot be discovered by DNS. Specify the port of the secondary server that cannot be discovered by DNS. For performance reasons, you might need to specify a location in the Active Directory from which searches begin. If you need to do this, set this subkey name to be the value of the first searchable organizational unit (OU) in the tree. The default value is the root of the tree. Specify any further search bases also.
SecondaryServerName
Port1 Port2 SearchBase1, SearchBase2, SearchBase3, SearchBase4, SearchBase5
DisableSecondaryNumberL Specify whether users can search for the mobile, other, or home numbers ookups of contacts, if the work number is not available. Enter one of the following values:

0: Users can search for the mobile, other, or home numbers of contacts. 1: Users cannot search for the mobile, other, or home numbers of contacts.
The default is that this subkey name is not used.
16-9
Table 16-4
Registry Subkeys for Active Directory Connection Configuration (continued)
Subkey Names PhoneNumberMasks
Description Set masks to use when users search for a phone number. For example, if a user receives a call from +14085550100, but the number is stored in Active Directory as +(1) 408 555 0100, you can ensure that the contact is found if you set the following mask: +1408|+(#) ### ### #### There is no restriction on the length of a mask string, except that the length cannot exceed the size that is allowed in registry subkey names. Typically, you do not need to use phone number masks if the phone numbers in your directory are in +E.164 format.
UseWildcards
Set this value to 1 if you want to enable wildcard searches for phone numbers in the LDAP. If you set this key to 1, the speed of searches of the LDAP might be affected, particularly when the directory attributes that are searched are not indexed. You can use phone number masks instead of wildcard searches. Typically, you do not need to use wildcard searches if the phone numbers in your directory are in +E.164 format.
UserSearchFields
This value is used to specify the Active Directory fields to search when users search for contacts. Specify one or more of the following values separated by commas:

DisplayName UserAccountName FirstName LastName
For example, the UserSearchFields key should be set to UserAccountName,FirstName if the administrator wants user contact searches to query the equivalent Active Directory fields. All of the above fields are searched if no value is specified.
Note
The Active Directory fields searched for UserAccountName or FirstName values may be customized if the administrator wants to restrict searches to indexed fields.
Related Topics
About Phone Number Masks, page 16-20
Directory Attributes Are Standard Active Directory Attribute Names

The default values for the directory attributes are the standard Active Directory attribute names. In other words, you do not need to set values for the directory attributes unless the directory to which you want to connect has attributes that are different to the Active Directory attribute names.
16-10
Chapter 16
You specify the values for the directory attributes in the following registry key: [HKEY_CURRENT_USER\Software\Cisco Systems, Inc.\Client Services Framework\Active Directory] Table 16-5 lists the directory attributes, the corresponding subkey names, and their default values.
Table 16-5 Default Values of Subkey Names for Directory Attributes
Attribute Description Common Name Display Name First Name Last Name Email Address SIP URI Photo URI Work Number Mobile Number Home Number Other Number Preferred Number Title Company Name Account Name User Principal Name Location Nick Name Postcode State Street Address
Subkey Name CommonName DisplayName Firstname Lastname EmailAddress SipUri PhotoUri BusinessPhone MobilePhone HomePhone OtherPhone PreferredNumber Title CompanyName UserAccount Domain Location Nickname PostalCode State StreetAddress
Default Value cn displayName givenName sn mail msRTCSIP-PrimaryUserAddress photoUri telephoneNumber1 mobile homePhone otherTelephone telephoneNumber title company sAMAccountName userPrincipalName co mailNickname postalCode st streetAddress
1. This is the primary and default directory attribute for contact resolution. Other directory phone number attributes might be used to find contacts, depending on the value of the DisableSecondaryNumberLookups key.
Related Topics
Active Directory Attributes That Must Be Indexed, page 16-12
Configuration of Additional Directory Attributes

You can configure additional directory attributes if you configure Enhanced Directory Integration. You specify the values for the directory attributes in the following registry key: [HKEY_CURRENT_USER\Software\Cisco Systems, Inc.\Client Services Framework\Active Directory]
16-11
Table 16-6 lists the additional directory attributes, the corresponding subkey names, and their default values.
Table 16-6 Default Values of Subkey Names for Additional Directory Attributes
Attribute Description Enable substitution of photo URI
Subkey Name PhotoUriSubstitutionEnabled Data type: REG_DWORD
Default Value The default is that this subkey name is not used. Example value: True The default is that this subkey name is not used. Example value: http://staffphoto.example.com/sA MAccountName.jpg
Photo URI with a variable value PhotoUriWithToken
Value that gets inserted to a photo URI that has a variable value Use wildcards Phone number masks
PhotoUriSubstitutionToken
The default is that this subkey name is not used. Example value: sAMAccountName 0 The default is that this subkey name is not used. Example value: +1408|+(#) ### ### ####
UseWildcards Data type: REG_DWORD PhoneNumberMasks
Active Directory Attributes That Must Be Indexed

The following Active Directory attributes must be indexed:

sAMAccountName displayName mail msRTCSIP-PrimaryUserAddress
Any attributes that are used for contact resolution must also be indexed. For example, you might need to index the following attributes:

telephoneNumber Any other directory phone number attributes that are be used to find contacts, depending on the value of the DisableSecondaryNumberLookups key ipPhone, if this attribute is used in your environment
16-12
Chapter 16
Sample Configuration Questions

Table 16-7 lists common questions that arise when you configure Cisco Unified Client Services Framework to use Enhanced Directory Integration (EDI). The table also lists actions that you must take depending on the answers to those questions.
Table 16-7 Sample Questions About Configuration of Client Services Framework to Use EDI
Configuration Question Is the directory discoverable by DNS?
Configuration Actions
If yes, is the directory a Global Catalog (GC) or LDAP server?

If the directory is a GC, no action is required. If the directory is an LDAP directory, set the ConnectionType
subkey name to 1.
If no, do the following:

Set the ConnectionType subkey name to 1. Specify the appropriate values for PrimaryServerName and
Port1.
(Optional) Specify the appropriate values for
BackupServerName and Port2. For example, if your directory is an ADAM directory, you might set these values. Do you use SSL when connecting to the directory? Can users connect to the directory with integrated Windows authentication?

If yes, set the UseSSL subkey name to 1. If no, no action is required. If yes, no action is required. If no, set the values for the following subkey names:
ConnectionUsername ConnectionPassword
Note
Passwords are stored in the registry unencrypted. This feature is designed to be used for well-known application accounts. An application account might be Cisco Unified Personal Communicator, where every user of Cisco Unified Personal Communicator knows the username and password. If the answer is yes, no action is required. If the answer is no, set the ConnectionSecurity subkey name to 1. If you do not specify a username and password, Client Services Framework attempts an anonymous bind to the Active Directory server.
Do you want to create a secure connection?
Do you want to use a simple bind?
If yes, set the ConnectionSecurity subkey name to 1. Specify a username and password. The username must be in distinguished name (DN) format. If no, no action is required.
16-13
Chapter 16 About Basic Directory Integration
About Basic Directory Integration

Cisco Unified Client Services Framework can use a Basic Directory Integration (BDI) to retrieve contacts from the Active Directory server. Cisco Unified Personal Communicator receives the majority of its LDAP configuration from the LDAP Profile provided by the Cisco Unified Presence server. Only a small subset of Basic Directory Integration configuration items are configurable only through registry settings. For information about the LDAP Profile provided, refer to Integrating the LDAP Directory, page 14-1. We recommend that you use Enhanced Directory Integration (EDI) because EDI provides significant advantages over BDI, as described in Feature Comparison of Enhanced and Basic Directory Integration, page 16-2. The configuration you must perform if you use BDI to retrieve contacts from the Active Directory server is described here:About Phone Number Masks, page 16-20. Group Policy administrative templates are provided with Cisco Unified Personal Communicator. You can use one of these templates to define the Client Services Framework registry settings on a system, or for groups of users. For information about how to accomplish this task, refer to Using an Active Directory Group Policy Administrative Template to Configure Client Services Framework Clients, page 16-14.
Using an Active Directory Group Policy Administrative Template to Configure Client Services Framework Clients
Group Policy administrative templates are provided with Cisco Unified Personal Communicator. You can use one of these templates to define the Client Services Framework registry settings on a system or for groups of users. The administrative templates included in this package provide support for deployment to a group of domain users that is managed through a Group Policy at the Active Directory level. Files intended for deployment through Group Policy have Group_Policy in the filename. The administrative template files provided can be used to support Windows Server 2003 or 2008 environments. The files used depends on the Windows Server environment. These files are as follows:
1. 2.
ADM - ADM files are used for Group Policy management in a Windows Server 2003 environment. They can be used in a Windows Server 2008 environment if required. ADML / ADMX - ADML / ADMX files are used for Group Policy management in a Windows Server 2008 environment. They are not backward compatible to Windows Server 2003.
The procedures contained in this section should only be used a reference for deploying Group Policies. If you are not already familiar with the Group Policy management process, consult the Windows Server 2003 or Windows Server 2008 documentation provided by Microsoft. This documentation provides full instructions on Group Policy management and should be consulted before deployment. This section contains the following procedures:

Deployment of Group Policy Administrative Templates in a Windows Server 2003 Environment, page 16-15 Deployment of Group Policy Administrative Templates in a Windows Server 2008 Environment, page 16-15
16-14
Chapter 16
Configuring Active Directory for Cisco Unified Personal Communicator Release 8.5(x) About Basic Directory Integration
Note
Registry keys may be deployed on local systems for testing purposes.
Deployment of Group Policy Administrative Templates in a Windows Server 2003 Environment

Use the following procedure to guide the deployment of Group Policy administrative templates in a Windows Server 2003 environment.
Procedure
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10 Step 11
Launch Active Directory Users and Computers. Browse to the container containing the users to which the new policy will be applied. View the container properties and select the Group Policy tab. Create a new Group Policy object with the desired name. Highlight the new object and select Edit. Add a new template to the Administrative Templates section. Right click on the Administrative Templates folder and select Add/Remove Templates. Browse to the location of the desired ADM file. Select the file and click OK. A folder named Cisco Unified Client Services Framework or Cisco Unified Personal Communicator should be present below the Administrative Templates folder. Manage and deploy registry keys to the selected user group from here.
Deployment of Group Policy Administrative Templates in a Windows Server 2008 Environment

Use the following procedure to guide the deployment of Group Policy administrative templates in a Windows Server 2008 environment.
Procedure
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10
Browse to the location of the policy definitions on the Active Directory server. These are typically found in C:\Windows\PolicyDefinitions. Copy the desired ADMX file to that location. Open the en-US folder. Copy the desired ADML file to that location. Launch the Group Policy Management console. This is typically found on the Start Menu at Start > All Programs > Administrative Tools. Right click the container which holds the users to which the policy will be applied. Select Create a GPO in this domain and, Link it here. Provide an appropriate name. Click OK. Expand the selected user container. It should contain the newly created GPO with the provided name.
16-15
Right click the GPO object and select Edit. Expand the Policies folder. Expand the Administrative Templates folder. A folder named Cisco Unified Client Service Framework or Cisco Unified Personal Communicator will be present depending on the imported policy file. Manage and deploy registry keys to the selected user group from here.
Registry Location on Client Machines

After the administrative templates are configured and pushed to a client, the key values are located in the following registry locations:
Keys contained in the Dial via Office Settings folder:

HKEY_CURRENT_USER\Software\Policies\Cisco Systems, Inc.\Unified
Communications\CUPC8
Keys used for Basic Directory Integration:

HKEY_CURRENT_USER\Software\Policies\Cisco Systems, Inc.\Client Services
Framework\AdminData
Keys used for Enhanced Directory Integration:

HKEY_CURRENT_USER\Software\Policies\Cisco Systems, Inc.\Client Services
Framework\Active Directory
Configuration of LDAP Registry Settings

Table 16-8 lists the registry subkeys that you may use for BDI or EDI LDAP configuration. If you use Enhanced Directory Integration (EDI) instead of Basic Directory Integration (BDI), you might not need to specify values for any registry settings.
16-16
Chapter 16
Table 16-8
LDAP Registry Subkeys
Subkey Names
Description
LDAP_enableWildcardMat Set this value to False to disable wildcard searches for phone numbers chesForPhoneNumberSearc in the LDAP. hes If you set this key to True, the speed of searches of the LDAP might be affected. You can use phone number masks instead of wildcard searches. Typically, you do not need to use wildcard searches if the phone numbers in your directory are in +E.164 format. LDAP_SearchFields Specify the Active Directory field or fields to search when users search for contacts. Specify one or more of the following values, separated by spaces:

LDAP_AttributeName_UserAccountName LDAP_AttributeName_lastName LDAP_AttributeName_firstName LDAP_AttributeName_displayName
The default behavior is that all of these fields are searched. You might want to search fewer of these fields. For example, you might want to search only those fields that are indexed. LDAP_UriSchemeName The Active Directory attribute that is the value that is specified in the LDAP_AttributeName_uri subkey name. Typically, this Active Directory field value is prefixed by a scheme name, for example, one of the following:

im: sip:
If a scheme name is used, you must specify the scheme name in the LDAP_UriSchemeName subkey name to ensure an exact match for searches. If no value is specified in the LDAP_UriSchemeName subkey name, a wild card search is used. The wild card search might adversely affect Active Directory performance, especially if the field is not indexed. For example, if the Active Directory field msRTCSIP-PrimaryUserAddress is populated with URIs of the format sip:[email protected], the following is a recommended configuration:

LDAP_AttributeName_uri subkey name: msRTCSIP-PrimaryUserAddress LDAP_UriSchemeName subkey name: sip:
LDAP_AttributeName_uri
Registry Sub keys to Use to Map Client Services Framework Searches to Active Directory. Typical value = msRTCSIP-PrimaryUserAddress
16-17
Table 16-8
LDAP Registry Subkeys (continued)
Subkey Names LDAP_SearchByUsername
Description Allows you to disable voicemail LDAP searches for phone number and email address and instead uses the User ID from Unity email address. For example, for a user configured as '[email protected]' in Unity, the LDAP search performed for this user in voicemail will be for user account name 'calane' For 'pizza-guy' voicemail contacts, a telephone number lookup is still performed.
LDAP_DisableSecondaryN umberLookups
Specify whether users can search for the mobile, other, or home numbers of contacts, if the work number is not available. Enter one of the following values:

0: Users can search for the mobile, other, or home numbers of contacts. 1: Users cannot search for the mobile, other, or home numbers of contacts.
The default is that this subkey name is not used. EnableNativeDirectoryProv Specify whether to use Enhanced or Basic Directory Integration to get ider contact information from Active Directory. Enter one of the following values:

0: Use Basic Directory Integration. This is the default value. 1: Use Enhanced Directory Integration
Data type: REG_SZ LDAP_PhoneNumberMask (BDI) / PhoneNumberMasks (EDI) Set masks to use when users search for a phone number. For example, if a user receives a call from +14085550100, but the number is stored in Active Directory as +(1) 408 555 0100, you can ensure that the contact is found if you set the following mask: +1408|+(#) ### ### #### There is no restriction on the length of a mask string, except that the length cannot exceed the size that is allowed in registry subkey names. Typically, you do not need to use phone number masks if the phone numbers in your directory are in +E.164 format. LDAP_DisableNumberLoo kups When an incoming call is received, or an outgoing call is made, to a number not in the users contact list or communication history, an LDAP query is performed to find that number within the directory. If a match is found, the client can then display contact information about this number. This lookup can be disabled by setting this registry key to false. This will disable all phone number lookups. The client will not be able to display contact information for any incoming or outgoing numbers if this value is set to false.
Directory attribute default values are the standard Active Directory attribute names. Directory attributes are only configured in the registry when using EDI and default values are not sufficient. BDI uses the LDAP Profile values provided by the Cisco Unified Presence server.
16-18
Chapter 16
The following table outlines the directory attributes and their default values.
Table 16-9 Directory Attribute Values
Directory Attribute BusinessPhone CommonName CompanyName DisplayName DomainName EmailAddress Firstname HomePhone Lastname Location MobilePhone Nickname OtherPhone PhotoUri PostalCode PreferredNumber SipUri State StreetAddress Title UserAccount
Value Business Phone attribute (default value is: 'telephoneNumber') Common Name attribute (default value is: 'cn') Company name attribute (default value is: 'company') Display name attribute (default value is: 'displayName') Domain name attribute (default value is: 'userPrincipalName') Email address attribute (default value is: 'mail') Firstname attribute (default value: 'givenName') Home phone attribute (default value: 'homePhone') Lastname attribute (default value is: 'sn') Location attribute (default value is: 'co') Mobile number attribute (default value is: 'mobile') Nickname attribute (default value is: 'mailNickname') Other phone attribute (default value is: 'otherTelephone') Photo Uri attribute (default value: 'photoUri') Post code attribute (default value: 'postalCode') Preferred Number attribute (default value 'telephoneNumber') An IP Uri attribute (default value: 'msRTCSIP-PrimaryUserAddress') State attribute (default value: 'st') Street Address attribute (default value: 'streetAddress') Title attribute (default value 'title') User account name attribute (default value 'sAMAccountName')
Related Topics

About Enhanced Directory Integration, page 16-3 About Phone Number Masks, page 16-20
16-19
Chapter 16 About Phone Number Masks
About Phone Number Masks

You can set masks to use when the Cisco Unified Personal Communicator searches Active Directory for a phone number. When you place a call, the Cisco Unified Personal Communicator might search the Active Directory to get the contact information that corresponds to a phone number. When you receive a call, the Cisco Unified Personal Communicator might search the Active Directory to resolve a phone number to a contact name. If the phone numbers in your Active Directory are not in +E.164 format, then these searches might not resolve to users in your Active Directory. You can apply masks to searches to counteract this problem. For example, if a user receives a call from +14085550100, but the number is stored in Active Directory as +(1) 408 555 0100, you can ensure that the contact is found if you set the following mask: +1408|+(#) ### ### #### The mask is applied to the number before Active Directory is searched for the number. If you configure masks correctly, directory searches succeed as exact match lookups. Therefore, these searches have a minimal impact on the performance of the directory server. Typically, you do not need to use phone number masks if the phone numbers in your directory are in +E.164 format. You can use phone number masks with either Enhanced Directory Integration (EDI) or Basic Directory Integration (BDI).
Related Topics

Elements of Phone Number Masks, page 16-20 Subkey Names for Specifying Masks, page 16-22
Elements of Phone Number Masks

The following table describes the elements that you can include in masks:
16-20
Chapter 16
Configuring Active Directory for Cisco Unified Personal Communicator Release 8.5(x) About Phone Number Masks
Element Phone number pattern
Description You must specify a number pattern to which you want to apply the mask. For example, to specify a mask for searches that begin with +1408, you can use the following mask: +1408|+(#) ### ### #### When you identify number patterns to which to apply masks, you can use multiple masks with the same number of digits. This enables the mask to deal with scenarios where phone numbers at different company sites might have the same number of digits, but with different patterns. For example, your company might have site A and site B, and each site maintains their own directory information. You could end up with two formats for number, such as the following: +(1) 408 555 0100 +1-510-5550101 In this scenario, to resolve +E.164 numbers of 12 digits correctly, you can set up the phone masks as follows: +1408|+(#) ### ### ####|+1510|+#-###-#######
Pipe symbol (|)
Separate pairs of number patterns and masks with a pipe symbol, as shown in the following example: +1408|+(#) ### ### ####|+34|+(##) ### #### When you add multiple masks for your searches, each mask must have a different number pattern. When the Cisco Unified Personal Communicator searches Active Directory for a phone number, only one mask is applied to the phone number before the search. If a phone number matches more than one number pattern, then the number pattern that matches the most digits in the phone number is chosen, and the associated mask is applied.
16-21
Chapter 16 About Phone Number Masks
Element Wildcard character
Description You can also use wildcard characters in masks. Use an asterisk (*) to represent one or more characters. For example, you can set a mask as follows: +3498|+##*##*###*#### If Cisco Unified Personal Communicator searches Active Directory for the +E.164-format number +34985550199, the search can find any of the following formats in the directory: +34(98)555 0199 +34 98 555-0199 +34-(98)-555.0199
Reverse mask
You can also use a reverse mask. A reverse mask is applied from right to left. The mask and phone number pattern are traversed from right to left, and each character in the mask is checked to decide whether to copy a digit from the phone number. Use reverse masks if you want to do both of the following when Cisco Unified Personal Communicator searches Active Directory:

Modify some of the leading digits of phone numbers. Format the numbers to match your directory format.
For example, you can set a reverse mask as follows: +3498|R+34 (98) 559 #### If this mask is applied to +34985550199, the result is +34 (98) 559 0199. You can use a mixture of forward and reverse masks.
Related Topics
Subkey Names for Specifying Masks, page 16-22
Subkey Names for Specifying Masks

Phone Number lookup mask locations for EDI and BDI are specified as follows: Type of Directory Integration Set Mask in This Subkey Name Enhanced Directory Integration (EDI) Basic Directory Integration (BDI) PhoneNumberMasks in [HKEY_CURRENT_USER\Software\Cisco Systems, Inc.\Client Services Framework\Active Directory] LDAP_PhoneNumberMask in [HKEY_CURRENT_USER\Software\Cisco Systems, Inc.\Client Services Framework\AdminData]
Related Topics

Configuration of the Connection for Enhanced Directory Integration, page 16-7 About Phone Number Masks, page 16-20 Elements of Phone Number Masks, page 16-20
16-22
Chapter 16
Configuring Active Directory for Cisco Unified Personal Communicator Release 8.5(x) About Retrieving Photos for Contacts
About Retrieving Photos for Contacts

Cisco Unified Client Services Framework can retrieve photo information for contacts as follows:

(Enhanced Directory Integration only) Retrieve a binary photo from Active Directory (Basic and Enhanced Directory Integration) Retrieve a static URL from Active Directory (Enhanced Directory Integration only) Retrieve a dynamically-created URL from Active Directory
Retrieval of Binary Photos from Active Directory

A photo is stored as a binary object in Active Directory. Cisco Unified Client Services Framework retrieves the attribute content of the directory attribute that is defined by the PhotoUri setting. Enhanced Directory Integration (EDI) parses the content of the attribute returned. If the attribute contains binary data, the content displayed as a JPEG photo. If the attribute contains a URL, the photo is retrieved from the URI. If a directory user object has a photo stored in the thumbnailphoto attribute setting, set PhotoUri to thumbnailphoto if you want the Cisco Unified Client Services Framework to retrieve the photo from this field. You can also store a photo in the jpegPhoto attribute in Active Directory. Microsoft Lync and Microsoft Outlook also use the thumbnailphoto binary attribute to retrieve photos.
Retrieval of Static URLs from Active Directory

You can retrieve a static URL that points to a photo from Active Directory in both Enhanced and Basic Directory Integration. Enhanced Directory Integration (EDI) parses the content of the attribute returned. If the attribute contains binary data, the content displayed as a JPEG photo. If the attribute contains a URL, the photo is retrieved from the URI. For example, the attribute might contain a URL structured as follows: http://staffphoto.example.com/mweinstein.jpg The string that is stored in the Active Directory is a static URI string that points to a location of a photo.
Note
The basic directory attribute map uses a different setting for attribute name. The EDI PhotoUri must be populated if the photo attribute is not stored in an Active Directory field called PhotoUri.
Retrieval of Dynamic URLs from Active Directory

You can configure EDI to construct a photo URL dynamically based on another directory attribute. The photo URL is constructed from a base URL and a substitution token. For example, if your organization maintains a web server of staff photos, and the filenames of the photos match the user account names, then you can create the following configuration:
16-23
Chapter 16 About Retrieving Photos for Contacts
Setting UserAccount PhotoUri PhotoUriSubstitutionEnabled PhotoUriSubstitutionToken
Value sAMAccountName http://staffphoto.example.com/PHOTONAME.jpg true PHOTONAME
The value of the string PHOTONAME is replaced with the directory attribute specified by the AccountName setting. If you use the preceding configuration, a user with a sAMAccountName of mweinstein results in the following URL: http://staffphoto.example.com/mweinstein.jpg
16-24
CH A P T E R
17
Configuring Additional Registry Keys for Cisco Unified Personal Communicator Release 8.5(x)
November 21, 2011
Cisco Unified Personal Communicator provides additional customization through registry key settings over and above those set aside for Active Directory configuration. This chapter contains information on these additional registry key customizations.
Related Topics

Mapping Registry Keys, page 17-1 Configuration of Video Registry Settings, page 17-2 Configuration of CTI Registry Settings, page 17-2 Configuration of Web Conferencing Registry Settings, page 17-2 Configuration of Dial via Office Registry Settings, page 17-2 Configuration of Additional Registry Settings, page 17-3
Mapping Registry Keys

All registry keys discussed in this chapter are located in HKEY_CURRENT_USER\Software\Policies\Cisco Systems, Inc.\Client Services Framework\AdminData, with the exception of those associated with Dial via Office (DVO) functionality, unless otherwise noted. Registry keys associated with Dial via Office are located in HKEY_CURRENT_USER\Software\Policies\Cisco Systems, Inc.\Unified Communications\CUPC8.
17-1
Chapter 17 Configuration of Video Registry Settings
Configuration of Video Registry Settings

Table 17-1 lists the registry subkeys that you must use to specify the video registry settings.
Table 17-1 Video Registry Settings
Subkey Names VideoEnabled
Description Setting this key to 'false', will disable all video capabilities in CUPC. Video capabilities are enabled by default.
Configuration of CTI Registry Settings

Table 17-2 lists the registry subkeys that you must use to specify CTI registry settings.
Table 17-2 CTI Registry Settings
Subkey Names CtiServerJtapiLibDownloadPort
Description Allows for an alternative port to be used to download the Jtapi.jar file from CUCM. This file is used to support deskphone mode. By default, port 80 is used. Currently, the only other alternative port which can be used is '8080'.
Configuration of Web Conferencing Registry Settings

Table 17-3 lists the registry subkeys that you must use to specify web conferencing registry settings.
Table 17-3 Web Conferencing Registry Settings
Subkey Names WebConfSSOIdentityProvider
Description If using WebEx SSO, enter the name of the provider type such as meetingplace'.
Configuration of Dial via Office Registry Settings

Table 17-4 lists the registry subkeys that you must use to specify Dial via Office registry settings.
Table 17-4 Dial via Office Registry Settings
Subkey Names DVOModeEnabled
Description Setting this key to false will disable the Dial via Office functionality introduced in Cisco Unified Personal Communicator 8.5(2). This feature is enabled by default
17-2
Chapter 17
Configuring Additional Registry Keys for Cisco Unified Personal Communicator Release 8.5(x) Configuration of Additional Registry Settings
Configuration of Additional Registry Settings

Table 17-5 lists additional registry keys that provide additional Cisco Unified Personal Communicator customizations.
Table 17-5 Additional Registry Settings
Subkey Names AudioCustomRingtone
Description Cisco Unified Personal Communicator supports the use of custom ring tones. Cisco will provide a set of custom ringtones. Only these ringtones are supported. The ringtone can be specified in a registry setting or in a directory named ringtone in the CSF appdata / roaming directory. The ringtone must be copied to that location by the administrator. To change a ringtone, the new file is copied into the correct location and the client restarted. The default is that this subkey name is not used.
DeskphoneStartupMode
This key is used to start Cisco Unified Personal Communicator in deskphone mode. In a VDI environment the client needs to be started in deskphone mode. To meet this requirement, this registry subkey has been introduced. If the value of this key is set to 1, the client will start in deskphone mode. If is not set, or has a value other than 1, the client will start up by using the last phone mode the client used during start up. The default is that this subkey name is not used.
17-3
Chapter 17
Table 17-5
Additional Registry Settings (continued)
Subkey Names AutomaticTetheredPhoneSelection
Description This key is used to set the Automatic Tethered Phone Selection feature. Cisco Unified Personal Communicator users will often have multiple deskphone devices assigned to them but only one that is tethered to their workstation through an Ethernet cable. This feature ensures that the tethered phone is always selected when a Cisco Unified Personal Communicator user enters deskphone mode. This feature is disabled by default. The following usage scenarios outline the operation of this feature when it is enabled through the registry:
If the user manually changes their deskphone device from the tethered device to a new one while the device is available, the new device will be chosen and automatic selection will be switched off. If the user manually changes their deskphone device from tethered while the device is not available, the new phone device will be selected but when the tethered phone becomes available again Cisco Unified Personal Communicator will automatically switch back to it. If the user manually changes the deskphone device to tethered, automatic selection will be switched on. If the user changes phone modes, automatic selection will be switched on.
Note
This feature will also work if the user is logged in to their tethered phone with extension mobility.
17-4
CH A P T E R
18
How to Configure Multilingual Support for Cisco Unified Presence

November 21, 2011
If you want to expand your Cisco Unified Presence deployment to support multiple languages, you must configure Cisco Unified Communications Manager and Cisco Unified Presence to support the user locales that you require. There is no limit to the number of supported languages.

Installing the Locale Installer on Cisco Unified Communications Manager, page 18-1 Installing the Locale Installer on Cisco Unified Presence, page 18-3 Localized Applications, page 18-5
Installing the Locale Installer on Cisco Unified Communications Manager

User locale files provide translated text for user applications and user web pages in the locale that the user chooses. User locales are country-specific.
Before You Begin

Install Cisco Unified Communications Manager (Release 6.x or a higher release) on every server in the cluster before you install the Cisco Unified Communications Manager Locale Installer. If you want to use a locale other than English, you must install the appropriate language installers on both Cisco Unified Communications Manager and on Cisco Unified Presence. Ensure the locale installer is installed on every server in the cluster (install on the Publisher server before the Subscriber servers). User locales should not be set until all appropriate locale installers are loaded on both systems. Users may experience problems if they inadvertently set their user locale after the locale installer is loaded on Cisco Unified Communications Manager but before the locale installer is loaded on Cisco Unified Presence. If issues are reported, we recommend that you notify each user to sign into Cisco Unified Communications Manager user options pages and change their locale from the current setting to English and then back again to the appropriate language. You can also use the BAT tool to synchronize user locales to the appropriate language. You must restart the servers for the changes to take effect. After you complete all locale installation procedures, restart each server in the cluster. Updates do not occur in the system until you restart all servers in the cluster; services restart after the server reboots.
18-1
Chapter 18 Installing the Locale Installer on Cisco Unified Communications Manager
Procedure
Step 1 Step 2
Perform one of the following actions to download the locale installer:
To download the locale installer from Cisco website
Do this:
a.
Click:
http://www.cisco.com/kobayashi/sw-center/telep hony/callmgr/locale-installer.shtml
b.
Go to Step 2. Sign in to Cisco Unified Communications Manager Administration using the administrator account and password Select Application > Install Plugins. Click the icon that represents the Cisco Unified Communications Manager Locale Installer. Go to Step 2.
Plugin window in Cisco Unified Communications Manager Administration
a.
b. c.
d.
Click the version of the Cisco Unified Communications Manager Locale Installer. To download the installer file to the server, click Download. After downloading the file, save the file to the hard drive and note the location of the saved file. Double-click the file to begin the installation. Perform these actions to complete the installation:
Window License Agreement Window Page 1 of 4
Configuration Steps
a. b. Note
Read and accept the license agreement. Click Next to display the Readme Notes dialog. The readme notes contain build-time information such as components and devices that are supported in the released build. The readme may be printed for reference. Examine and accept the readme notes then click Next to proceed to the Setup Type dialog. Select a custom setup type to allow you to select or deselect user locales as required. Click Next.
Setup Type Window Page 2 of 4
a. b.
18-2
Chapter 18
How to Configure Multilingual Support for Cisco Unified Presence Installing the Locale Installer on Cisco Unified Presence
Window Start Copying Files Window Page 3 of 4
Configuration Steps
a. b.
Review the setup options. Click Next.
Ready to Install the Program Click Install to start the installation of the selected user locales. Window Note The speed of installation depends on the performance of the Page 4 of 4 server. It is estimated to take between two to ten minutes to complete the database update. Observe the progress bar and text above it to determine the status of installation.
Step 8
When the installation is complete, a new dialog requests confirmation of a restart. Should you wish to apply another locale installer, repeat this procedure before restarting the server in order to reduce downtime. Click Finish. The Setup dialog box displays. Do not click any buttons or press any keys. When the dialog box automatically closes, you have completed the installation on the server. Install the Cisco Unified Communications Manager Locale Installer on every server in the cluster. After you complete all locale installation procedures, complete these actions:
a. b. c.
Run the following command on the CLI: run sql update enduser set cucm_cdrtime=0 Restart the Sync Agent service in Cisco Unified Serviceability (select Tools > Service Activation). Restart each server in the cluster.
Step 12
Verify that your users can select the locale(s) for supported products.
Make sure that you install the same components on every server in the cluster.
What To Do Next
Installing the Locale Installer on Cisco Unified Presence, page 18-3
Installing the Locale Installer on Cisco Unified Presence

Before You Begin
Install the Locale Installer on Cisco Unified Communications Manager. If you want to use a locale other than English, you must install the appropriate language installers on both Cisco Unified Communications Manager and on Cisco Unified Presence. If your Cisco Unified Presence cluster has more than one node, make sure that the locale installer is installed on every server in the cluster (install on the Publisher server before the Subscriber servers). User locales should not be set until all appropriate locale installers are loaded on both systems. Users may experience problems if they inadvertently set their user locale after the locale installer is loaded on Cisco Unified Communications Manager but before the locale installer is loaded on Cisco Unified Presence. If issues are reported, we recommend that you notify each user to sign into Cisco Unified Communications Manager user options pages and change their locale from the current setting to English and then back again to the appropriate language. Yo u can also use the BAT tool to synchronize user locales to the appropriate language.
18-3
Chapter 18 Installing the Locale Installer on Cisco Unified Presence
You must restart the server for the changes to take effect. After you complete all locale installation procedures, restart each server in the cluster. Updates do not occur in the system until you restart all servers in the cluster; services restart after the server reboots.
Procedure
Step 1
Browse to this location on cisco.com to locate the Cisco Unified Presence locale installer: http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=&isPlatform=Y&mdfid=2818202 45&sftType=Unified+Presence+Locale+Installer&treeName=Voice+and+Unified+Communications& modelName=Cisco+Unified+Presence+Version+7.0&mdfLevel=Software%20Version/Option&treeMd fId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10 Step 11 Step 12 Step 13 Step 14 Step 15 Step 16
Click the version of the Cisco Unified Presence Locale Installer that is appropriate for your working environment. After downloading the file, save the file to the hard drive and note the location of the saved file. Copy this file to a server that supports SFTP. Sign into Cisco Unified OS Administration using the administrator account and password. Select Software Upgrades > Install/Upgrade. Select Remote File System as the software location source. Enter the file location, for example /tmp, in the Directory field. Enter the Cisco Unified Presence server name in the Server field. Enter your username and password credentials in the User Name and User Password fields. Select SFTP for the Transfer Protocol. Click Next. Select the Cisco Unified Presence locale installer from the list of search results. Click Next to load the installer file and validate it. After you complete the locale installation, restart each server in the cluster. The default setting for installed locales is "English, United States. While your Cisco Unified Presence server is restarting, change the language of your browser, if necessary, to match the locale of the installer that you have downloaded.
18-4
Chapter 18
How to Configure Multilingual Support for Cisco Unified Presence Localized Applications
If you use this browser: Internet Explorer Version 6.x
Configuration Steps
a. b. c. d. e.
Select Tools > Internet Options. Select the General tab. Click Languages. Use the Move Up button to move your preferred language to the top of the list. Click OK. Select Tools > Options. Select the Content tab. Click Choose in the Languages section of the window. Use the Move Up button to move your preferred language to the top of the list. Click OK.
Mozilla Firefox Version 3.x
a. b. c. d. e.
Note Step 17
Cisco Unified Presence does not currently support Safari browser.
Verify that your users can select the locale(s) for supported products.
Make sure that you install the same components on every server in the cluster.
Related Topic
Localized Applications, page 18-5
Localized Applications
Cisco Unified Presence applications support a variety of different languages. See Table 18-1 for a list of localized applications and the available languages.
18-5
Chapter 18 Localized Applications
Table 18-1
List of Localized Applications and Supported Languages
Interface End User Applications IP Phone Messenger User Options
Supported Languages Arabic (Algeria, Bahrain, Egypt, Iraq, Jordan, Kuwait, Lebanon, Morocco, Oman, Qatar, Saudi Arabia, Tunisia, United Arab Emirates, Yemen) Bulgarian Catalan (Spain) Chinese (China, Hong Kong, Taiwan) Croatian Czech (Czech Republic) Danish (Denmark) Dutch (Netherlands) English Estonian (Estonia) Finnish (Finland) French (France) German (Germany) Greek (Greece) Hebrew (Israel) Hungarian (Hungary) Italian (Italy) Japanese (Japan) Korean (Korean Republic) Latvian (Latvia) Lithuanian (Lithuania) Norwegian (Norway) Polish (Poland) Portuguese (Brazil, Portugal) Romanian (Romania) Russian (Russian Federation) Serbian (Republics of Montenegro and Serbia) Slovak (Slovakia) Slovenian (Slovenia) Spanish (Columbia and Spain) Swedish (Sweden) Thai (Thailand) Turkish (Turkey) Chinese (China), English, Japanese (Japan), Korean (Korean Republic) Chinese (China), English, Japanese (Japan), Korean (Korean Republic)
Administrative Applications Administration OS
18-6
A P P E N D I X
Configuring Cisco Unified Presence for an IM-Only Deployment

November 21, 2011
IM-Only Configuration Steps, page A-1
IM-Only Configuration Steps

This section describes the required configuration for an IM-only Cisco Unified Presence deployment. Configuration Procedure Create your users on Cisco Unified Communications Manager. Reference See the Cisco Unified Communications Manager documentation at this URL: http://www.cisco.com/en/US/products/sw/voicesw/ps 556/tsd_products_support_series_home.html Configure the license requirements for Cisco Unified Presence and Cisco Unified Personal Communicator. On Cisco Unified Presence, perform these configuration procedures to integrate Cisco Unified Personal Communicator:

Follow the configuration procedures described in the chapter Configuring the Licensing for this Integration, page 2-1.

Configuring the Proxy Listener and TFTP Addresses, page 11-20 (Cisco Unified Personal Communicator Release 7.1) Configuring the Service Parameters, page 11-23
Configure the Proxy Listener and TFTP Server Addresses Configure the Cisco Unified Personal Communicator Service Parameter
Integrate the LDAP server for Cisco Unified Personal Communicator
Follow the configuration procedures described in the chapter Integrating the LDAP Directory, page 14-1.
A-1
Appendix A IM-Only Configuration Steps
Configuring Cisco Unified Presence for an IM-Only Deployment
A-2
A P P E N D I X

November 21, 2011
How to Use the High Availability Login Profiles, page B-1 2 GB Active/Active Profile, page B-3 2 GB Active/Standby Profile, page B-4 4 GB Active/Active Profile, page B-4 4 GB Active/Standby Profile, page B-5 6 GB Active/Active Profile, page B-5 6 GB Active/Standby Profile, page B-6
How to Use the High Availability Login Profiles

Important Notes About the High Availability Login Profiles, page B-1 Using the High Availability Login Profile Tables, page B-2 Example High Availability Login Configurations, page B-3
Important Notes About the High Availability Login Profiles

The High Availability login profiles only apply to Cisco Unified Presence Release 8.5 or higher 8.x releases, and Cisco Unified Personal Communicator Release 8.5 or higher 8.x releases. You can use the High Availability login profile tables in this section to configure the upper and lower client re-login values for your subcluster. You configure the upper and lower client login values by selecting Cisco Unified Presence Administration > System > Service Parameters, and selecting Cisco UP Server Recovery Manager from the Service menu. By configuring the upper and lower client re-login limits on your subcluster based on the tables we provide here, you can avoid performance issues and high CPU spikes in your deployment. We provide a High Availability login profile for each Cisco Unified Presence server memory size (2, 4 or 6 GB), and for each High Availability deployment type, active/active or active/standby. The High Availability login profile tables are calculated based on the following inputs:
B-1
Appendix B How to Use the High Availability Login Profiles
The Users Moved Per Iteration service parameter. This parameter determines the number of
users moved per iteration during a failover or a fallback operation. We provide a recommended value for the Users Moved Per Iteration service parameter for each High Availability login profile table.
The total number of users in the subcluster for Active/Standby deployments, or the node with
highest number of users for Active/Active deployments.
You must configure the upper and lower client re-login limit values, and the Users Moved Per Iteration service parameter on both nodes in a subcluster. You must manually configure all these values on both nodes in the subcluster. The upper and lower client re-login limit values must be the same on each node in the subcluster. If you rebalance your users, you must reconfigure the upper and lower client re-login limit values based on the High Availability login profile tables.
Related Topics
Configuring the Advanced Service Parameters for the Server Recovery Manager, page 6-21
Using the High Availability Login Profile Tables

Use the High Availability login profile tables to retrieve the following values:

Client Re-Login Lower Limit service parameter value Client Re-Login Upper Limit service parameter value. Users Moved Per Iteration service parameter value.
Procedure
Select a profile table based on your memory size, and your High Availability deployment type. In the profile table, select the number of users in your deployment (round up to the nearest value). If you have an active/standby deployment, use the node with the highest number of users. Based on the Number of Users value for your subcluster, retrieve the corresponding lower and upper retry limits in the profile table. Configure the lower and upper retry limits on Cisco Unified Presence by selecting Cisco Unified Presence Administration > System > Service Parameters, and selecting Cisco UP Server Recovery Manager from the Service menu. Retrieve the corresponding Users Moved Per Iteration service parameter value for your High Availability login profile table. Configure the Users Moved Per Iteration value on Cisco Unified Presence by selecting Cisco Unified Presence Administration > System > Service Parameters, and selecting Cisco UP Server Recovery Manager from the Service menu.
Step 5 Step 6
Related Topics
Example High Availability Login Configurations, page B-3
B-2
Appendix B
High Availability Client Login Profiles 2 GB Active/Active Profile
Example High Availability Login Configurations

Example 1: 6GB Active/Standby Standard Deployment
You have 3500 users in your subcluster, with 2000 users on one node, and 1000 users on the second node. For active/standby deployments, we recommend you use the node with the highest number of users, in this case the node with 2000 users. Using Table B-9, you retrieve these lower and upper retry values:
Number of Users 2000
Lower Retry Limit 40
Upper Retry Limit 107
Note
The upper retry limit is the approximate time (seconds) it takes for all clients to login to their backup node after a failover occurs. You also configure the corresponding Users Moved per Iteration service parameter value for Table B-9 which is 50.
Example 2: 4GB Active/Active IM-Only Deployment
You have 6800 users on the first node in your subcluster in an IM-only deployment. We recommend that you round up to the nearest value, so using Table B-4 you retrieve the lower and upper retry value based on a number of users value of 7000:
Number of Users 7000
Lower Retry Limit 280
Upper Retry Limit 1447
You also configure the corresponding Users Moved per Iteration service parameter value for Table B-4 which is 25.
2 GB Active/Active Profile
Corresponding Users Moved per Iteration service parameter value: 6
Table B-1 User Login Retry Limits for Standard Deployment (2 GB Active/Active)
Number of Users 100 250 (Default) 500
Lower Retry Limit 17 42 (Default) 83
Upper Retry Limit 83 208 (Default) 417
B-3
Appendix B 2 GB Active/Standby Profile
2 GB Active/Standby Profile
Table B-2
User Login Retry Limits for Standard Deployment (2 GB Active/Standby)
Number of Users 100 250 500 750 1000
Lower Retry Limit 17 42 83 125 167
Upper Retry Limit 57 142 283 425 567
Table B-3 User Login Retry Limits for Standard Deployment (4GB Active/Active)
Number of Users 100 500 (Default) 1000 1500 2000 2500
Lower Retry Limit 4 20 (Default) 40 60 80 100
Upper Retry Limit 21 103 (Default) 207 310 413 517

Table B-4 User Login Retry Limits for IM-Only Deployment (4GB Active/Active)
Number of Users 3000 3500 4000 4500 5000 6000 7000 7500
Lower Retry Limit 120 140 160 180 200 240 280 300
Upper Retry Limit 620 723 827 930 1033 1240 1447 1550
B-4
Appendix B
High Availability Client Login Profiles 4 GB Active/Standby Profile
Table B-5 User Login Retry Limits for Standard Deployment (4GB Active/Standby)
Number of Users 100 500 1000 1500 2000 2500 3000 3500 4000 4500 5000
Lower Retry Limit 4 20 40 60 80 100 120 140 160 180 200
Upper Retry Limit 14 70 140 210 280 350 420 490 560 630 700

Table B-6 User Login Retry Limits for IM-Only Deployment (4GB Active/Standby)
Number of Users 6000 7000 8000 9000 10000 11000 12000 13000 14000 15000
Lower Retry Limit 240 280 320 360 400 440 480 520 560 600
Upper Retry Limit 840 980 1120 1260 1400 1540 1680 1820 1960 2100
B-5
Table B-7
User Login Retry Limits for Standard Deployment (6 GB Active/Active)
Number of Users 100 500 (Default) 1000 1500 2000 2500
Lower Retry Limit 2 10 (Default) 20 30 40 50
Upper Retry Limit 8 38 (Default) 76 113 151 189

Table B-8 User Login Retry Limits for IM-Only Deployment (6 GB Active/Active)
Number of Users 3000 3500 4000 4500 5000 6000 7000 7500
Lower Retry Limit 60 70 80 90 100 120 140 150
Upper Retry Limit 227 264 302 340 378 453 529 567
Table B-9 User Login Retry Limits for Standard Deployment (6 GB Active/Standby)
Number of Users 100 500 1000 1500 2000 2500 3000 3500 4000
Lower Retry Limit 2 10 20 30 40 50 60 70 80
Upper Retry Limit 5 27 53 80 107 133 160 187 213
B-6
Appendix B
High Availability Client Login Profiles 6 GB Active/Standby Profile
Table B-9
User Login Retry Limits for Standard Deployment (6 GB Active/Standby)
Number of Users 4500 5000
Lower Retry Limit 90 100
Upper Retry Limit 240 267

Table B-10 User Login Retry Limits for IM-Only Deployment (6 GB Active/Standby)
Number of Users 6000 7000 8000 9000 10000 11000 12000 13000 14000 15000
Lower Retry Limit 120 140 160 180 200 220 240 260 280 300
Upper Retry Limit 320 373 427 480 533 587 640 693 747 800
B-7
B-8
A P P E N D I X
Glossary of Terms
November 21, 2011
Term Cluster
Definition One or multiple subclusters providing service to a single Cisco Unified Communications Manager cluster. Each Cisco Unified Communications Manager cluster requires one Cisco Unified Presence cluster. The deployment model that provides redundant services for users in case of the failure of services or hardware. Cisco Unified Presence supports a non High Availability deployment, a best effort High Availability deployment, and redundant High Availability deployment. A collection of Cisco Unified Presence clusters interconnected to provide uniform presence and IM services to all Cisco Unified Presence clusters. The Lightweight Directory Access Protocol (LDAP) provides applications with a standard method for accessing and potentially modifying the user information stored in the corporate directory. This capability enables enterprises to centralize all user information in a single repository available to several applications. A line appearance is the association of a particular line with a particular device. A single line can be associated with multiple devices, and a single device can be associated with multiple lines. You can associate one user, or many users, with a line appearance, rather than with a line or to a device. The Cisco Unified Presence multi-node feature, introduced in Cisco Unified Presence 7.0(x), enables the customer to increase the scalability of a Cisco Unified Presence cluster by a factor of three. The Cisco Unified Presence multi-node feature allows the customer to create Cisco Unified Presence groups, also known as subclusters, with up to 15,000 users within a Cisco Unified Presence cluster.
High Availability Deployment
Intercluster
Lightweight Directory Access Protocol (LDAP)
Line Appearance
Multi-node Feature
C-1
Appendix C
Glossary of Terms
Term Subcluster
Definition A single Cisco Unified Presence server, or a pair of Cisco Unified Presence servers operating with a shared presence database that is able to support common users. In a single-node deployment within the subcluster, there is no High Availability failover protection for the users assigned to that node. In a dual-node deployment within a subcluster, users have High Availability failover protection as each node acts as a backup for the other node allowing clients to fail over in case of outages of components or nodes. In this highavailability mode, all users in the subcluster have failover capabilities. A presence user for whom Cisco Unified Presence will maintain presence state. A Cisco Unified Presence user is assigned to a node in a subcluster. A single Cisco Unified Presence server instance supporting up to 5000 users. A Cisco Unified Presence node can be assigned to a subcluster.
User
Node
C-2

Deployment Guide For Cisco Unified Presence Release 8.0 and 8.5

Uploaded by

Copyright:

Available Formats

Deployment Guide For Cisco Unified Presence Release 8.0 and 8.5

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Deployment Guide For Cisco Unified Presence Release 8.0 and 8.5

Uploaded by

Copyright:

Available Formats

Deployment Guide for Cisco Unified Presence Release 8.0 and 8.

Overview of a Basic Integration

Third-Party Integrations Getting More Information

Configuring the Licensing for this Integration

Uploading a License File on Cisco Unified Communications Manager

How to Configure the SIP Trunk on Cisco Unified Communications Manager

Planning a Cisco Unified Presence Multi-Node Deployment

Multi-Node Hardware Recommendations

Performing a Fresh Multi-Node Installation

Performing a Manual Recovery of a Subcluster

Configuring Chat on Cisco Unified Presence

10-1 10-1 10-1

Prerequisites for Integrating Cisco Unified Personal Communicator

Deploying and Upgrading Cisco Unified Personal Communicator

Installation and Configuration of Headsets and Other Audio Devices

Integrating the LDAP Directory LDAP Integrations

Prerequisites for Integrating the LDAP Directory

Prerequisites for Intercluster Deployment

Configuration of Video Registry Settings Configuration of CTI Registry Settings

Installing the Locale Installer on Cisco Unified Communications Manager

High Availability Client Login Profiles

4 GB Active/Standby Profile 6 GB Active/Active Profile 6 GB Active/Standby Profile

B-5 B-5 B-6

Overview of a Basic Integration

About the Cisco Unified Presence Interfaces

Chapter 1 About the Cisco Unified Presence Interfaces

Overview of a Basic Integration

Cisco Unified Presence Basic Deployment

Compliance XDB Record Retention Storage Vendors

Overview of a Basic Integration About the Cisco Unified Presence Interfaces

Cisco Unified Presence SRND: http://www.cisco.com/go/designzone

Turning On the Sync Agent, page 6-49

Chapter 1 XMPP Standards

Overview of a Basic Integration

Integrating the LDAP Directory, page 14-1

Overview of a Basic Integration Module Overview

This is required configuration.

Chapter 1 Module Overview

Overview of a Basic Integration

Module Planning a Cisco Unified Presence Multi-node Deployment

This Module Describes...

This module is only applicable if you are configuring a multi-node deployment.

Performing a Cisco Unified Presence Multi-node Deployment

This module is only applicable if you are configuring a multi-node deployment.

Configuring a Cisco Unified Presence Server for Deployment in the Network

Overview of a Basic Integration Module Overview

Module Configuring the Cisco Unified Personal Communicator

This Module Describes...

Additional Deployment Information for Cisco Unified Personal Communicator

Overview of a Basic Integration

Database Setup Guide for Cisco Unified Presence http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_lis t.html

Cisco Unified Mobility documentation: http://www.cisco.com/en/US/products/ps7270/prod_installation_guides_list.html

Integrating Cisco Unified Presence for Interdomain Federation

Overview of a Basic Integration Getting More Information

Cisco Unified Presence third party integration documentation: http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_lis t.html

Getting More Information

Chapter 1 Getting More Information

Overview of a Basic Integration

Configuring the Licensing for this Integration