PDF

Cisco Jabber Lab

Lab Guide
version 9.5

SEVT
March 2014
Cisco Jabber Lab Page 1

Index
INDEX ............................................................................................................................................................... 2
1 LAB GUIDE – OVERVIEW AND HOUSEKEEPING .......................................................................... 5
1.1 Authors ........................................................................................................................................................... 5
1.2 Lab Topology ................................................................................................................................................... 5
1.3 Lab Hosts, IP Addresses, Usernames, Passwords .............................................................................................. 6
1.4 Users, IM Address, SIP URI and DNs ................................................................................................................. 7
2 CISCO JABBER LAB INTRODUCTION ............................................................................................... 8
3 CUCM CONFIGURATION TO PERMIT JABBER LOGON ............................................................... 9
3.1 Introduction .................................................................................................................................................... 9
3.2 CUCM Jabber Profile Configuration .................................................................................................................. 9
3.3 Cisco Jabber-‐Config.XML .................................................................................................................................. 9
3.4 Directory Sync & Automatic Device provisioning ........................................................................................... 10
3.5 Cisco Jabber/Cisco UCM Service Discovery (Inside the Company) .................................................................. 20
4 JABBER LOGON AND TESTING OF THE NEW DEFAULT CAPABILITIES ............................ 23
4.1 Introduction .................................................................................................................................................. 23
4.2 Verify the server configuration -‐ Logon on Jabber .......................................................................................... 23
4.3 Alpha-‐numeric URI dialing ............................................................................................................................. 25
4.4 “Video always on top” option ........................................................................................................................ 26
4.5 Chat Window “Pop Out” ................................................................................................................................ 27
4.6 Custom Contact ............................................................................................................................................. 28
5 CONFIGURING AND TESTING THE PERSISTENT CHAT CAPABILITY ................................ 31

5.1 Introduction .................................................................................................................................................. 31
5.2 CUCM IM/P Configuration – Add External Database ...................................................................................... 32
5.3 How to create a Persistent Chat Room ........................................................................................................... 38
5.4 Testing the Persistent Chat Capability ............................................................................................................ 44
5.5 Additional info on MomentIM Group Chat management ............................................................................... 48
6 CONFIGURING AND TESTING THE MOBILE REMOTE ACCESS (MRA) CAPABILITY ...... 50
6.1 Introduction .................................................................................................................................................. 50
6.2 How to Configure the Expressway Solution for MRA ...................................................................................... 51
6.3 Setting up Secure Traversal Zone (Expressway-‐C & -‐E) ................................................................................... 61
6.4 Testing the Mobile Remote Access (MRA) capability on Jabber 9.7 ................................................................ 69
6.5 How to configure Photo Lookup from Outside the Firewall (MRA scenario) ................................................... 74
7 INTRA-‐DOMAIN FEDERATION FOR IM/P BETWEEN JABBER AND LYNC ........................ 78
7.1 Introduction .................................................................................................................................................. 78
7.2 CUCM IM/P cluster configuration .................................................................................................................. 79
7.3 Microsoft Lync 2010 configuration ................................................................................................................. 88
7.4 Testing Intra-‐domain federation between the different clients ...................................................................... 88
8 AUDIO SIP TRUNK BETWEEN JABBER AND LYNC ................................................................... 90
8.1 Introduction .................................................................................................................................................. 90
8.2 CUCM configuration ...................................................................................................................................... 90
8.3 Expressway configuration .............................................................................................................................. 99
8.4 Microsoft Lync 2010 configuration ............................................................................................................... 107
8.5 Additional AD Contacts to permit calls from Lync users toward Jabber users ............................................... 107
8.6 Test audio calls between the different clients .............................................................................................. 108

9 USER MIGRATION FROM LYNC 2010 TO JABBER [OPTIONAL CHAPTER] .................... 111
9.1 Introduction ................................................................................................................................................ 111
9.2 Export of contact lists for migrating user ..................................................................................................... 111
9.3 Disable users on Lync ................................................................................................................................... 114
9.4 Delete user data from database for migrating users .................................................................................... 116
9.5 Create a line for Cathy Chung ...................................................................................................................... 117
9.6 Create a CSF device for Cathy Chung ............................................................................................................ 118
9.7 Enable user Cathy Chung for IM/P ............................................................................................................... 120
9.8 Import contact lists for migrating users into IM and Presence ...................................................................... 120
9.9 Logon on Jabber and test the result of the migration ................................................................................... 121


1 Lab Guide – Overview and housekeeping

1.1 Authors
For any feedback or questions please contact the following persons:
• Fabio Chiesa (fchiesa@cisco.com) -‐ CSE, EMEAR Theatre Technical Services Team
• Tobias Neumann (tneumann@cisco.com) – TSA, EMEAR Central Collaboration Team
• Marc Dionysius (mdionysi@cisco.com) – TSA, EMEAR Central Collaboration Team

1.2 Lab Topology

Lab topology is shown on a diagram below. Each student has his own set of terminals in his POD.
Your POD will contain the following infrastructure:

• 1 x Windows Server 2008 R2 based Domain Controller (AD), Certification Authority and Internal DNS
Server
• 1 x Windows Server 2008 R2 based external DNS Server
• 3 x Windows 7 Clients (2 x Jabber client and 1 x Lync client)
• 1 x UC 10.0 Voice/Video nodes with all needed services active
• 1 x UC 10.0 IM&Presence nodes with all needed services active.
• 1 x Cisco Expressway-‐C X8.1
• 1 x Cisco Expressway-‐E X8.1
• 1 x ASA XXXX
• 1 x Microsoft Lync Sever 2010
• 1 x Microsoft Exchange Server 2010
• 1 x Windows Server 2008 R2 with PostgreSQL database, version 9.3.2

1.3 Lab Hosts, IP Addresses, Usernames, Passwords

IP address
SERVER Hostname
(Private)
AD DC – CA - Internal DNS ad01-‐bc.bootcamp.com 10.52.226.68
CUCM A/V 10.0 Node 1 cucm01-‐bc.bootcamp.com 10.52.226.70
Exchange 2010 exchange01-‐bc.bootcamp.com 10.52.226.73
Cisco Expressway-C expressway-‐c.bootcamp.com 10.52.226.74
PC 1 (Alice Adams) (Internal Lan) -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ 10.52.226.76
PC 2 (Bob Banks) -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ 10.52.226.77
PC 3 (Cathy Chung) -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ 10.52.226.78
CUCM IM&P 10.0 Node 1 cup01-‐bc.bootcamp.com 10.52.226.80
Lync 2010 lync01-‐bc.bootcamp.com 10.52.226.82
Postgres SQL database sql01-‐bc.bootcamp.com 10.52.226.83

Cisco Expressway-E (Internal DMZ Lan) expressway-‐e.bootcamp.com 10.1.238.74
Cisco Expressway-E (External DMZ Lan) -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ 10.1.239.80

PC 1 (Alice Adams) (Public Internet Lan) -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ 172.16.100.76
Cisco Expressway-E (Public Internet Lan) 172.16.100.80
External DNS (Public Internet Lan) 172.16.100.253


Servers, PC and Infrastructure – Login credentials:
SERVER Username Password

AD DC – CA - Internal DNS bootcamp\administrator C1sc0,123
Postgres SQL database bootcamp\administrator C1sc0,123
CUCM A/V - Node 1 cucmadmin C1sc0,123
CUCM IM&P - Node 1 cucmadmin C1sc0,123
CISCO Expressway-C X8.1 admin C1sc0,123
CISCO Expressway-E X8.1 admin C1sc0,123
Exchange 2010 bootcamp\administrator C1sc0,123
Lync Server 2010 bootcamp\administrator C1sc0,123
EXTERNAL DNS (DMZ) bootcamp\administrator C1sc0,123

PC 1(Alice Adams) bootcamp\aadams cisco,123
PC 2(Bob Banks) bootcamp\bbanks cisco,123
PC 3(Cathy Chung) bootcamp\cchung cisco,123

Note: the Active Directory (AD) domain is “bootcamp.com” for all the users. The same happens for
the email and IM Domains – they are both “bootcamp.com”.
1.4 Users, IM Address, SIP URI and DNs

Jabber Users:
User IM address (XMPP) A/V AlphaNumeric URI (SIP) Extension (E164)

Alice Adams aadams@bootcamp.com aadams@bootcamp.com +14087590581
Bob Banks bbanks@bootcamp.com bbanks@bootcamp.com +41448789728

Lync Users:
User IM address (SIP) A/V AlphaNumeric URI (SIP) Extension (E164)
Cathy Chung cchung@bootcamp.com cchung@bootcamp.com +39028789728


2 Cisco Jabber Lab Introduction

There is a dedicated POD assigned to each individual or group of lab participants. You can access your POD
by accessing the Lab Ops portal:

LabOps Portal: https://labops-‐out.cisco.com/labops/ilt/

The IP-‐Addresses reported in the previous tables reflect POD-‐internal addressing and you are supposed to
access them from WITHIN your POD after you RDP into one of the Windows 7 machines from the LabOps
Portal!!

To make the soft client work in the correct way you need to configure your RDP client to leave the audio on
remote device instead of trying to use local device.

To save time and help you complete the lab on time, some configuration steps are already in place.
These pre-‐configured steps are also documented in the “Appendix” Lab Guide and you can use it
for reference and review the settings.

At high level, your POD has the following baseline configuration in-‐place:
• Basic configuration between CUCM A/V Nodes and IM&Presence nodes are done.
• UC Service and Service Profile created on CUCM
• CUCM 3rd party CA based certificates are pre-‐configured
• CUCM CTL configuration and enabling Cluster in Mixed-‐Mode (Security)
• CUCM IM&Presence server side presence integration with Microsoft Exchange 2010
• User display pictures are loaded on to the AD and on to the Web Server
• 2 x Windows 7 is setup with Jabber 9.7 Client
• 1 x Windows 7 is setup with Lync Client 2010
• Cisco RTMT is available on PC 3
• Lync Server Logging tools are installed on the Lync Server box
• Moment IM is installed on PC 3 to manage Persistent Chat room


3 CUCM configuration to permit Jabber Logon

We found specific issue when accessing CUCM and CUP using IE 11. In order to have the fully
functional Admin-‐Interface please either use Chrome (Preferred option) or add the bootcamp.com
Domain into the “Compatibility Settings” of IE.
3.1 Introduction

In this chapter we will implement all the configuration needed on the CUCM cluster to permit you to logon
on two Jabber Client inserting only the user’s email address and then username and password. We will also
describe the new automatic provisioning capability on the CUCM server that improve speed and quality of
the Jabber deployment.
3.2 CUCM Jabber Profile Configuration

Cisco UCM uses UC Services (CTI, IM&P, directory, conferencing, etc.) which can be combined into Service
Profiles to provide certain configuration to groups of Jabber users. Please see the Lab Guide Appendix
document for a detailed description of the steps required, that have been pre-‐configured for you in this Lab
to reduce time and focus on the new automatic provisioning capabilities.
3.3 Cisco Jabber-‐Config.XML

To enable specific non default behaviors on the Jabber client we need to use an XML config file. The main
three items are:
• Enable Alpha Numeric URI dialing

• Enable Persistent Chat
• Photo lookup for UDS mode (needed when the client is connected from outside through Expressway)
On the client machines Win7 PC01 (aadams) and Win7 PC02 (bbanks) a first jabber-‐config.xml file, which
include the first two items, has been prepared for you. All Jabber clients in this setup are utilizing the same
configuration, therefore uploading the default Jabber-‐Config.XML to the Cisco UCM Tftp-‐Server will allow all
clients to access the configuration.
In the chapter related to MRA will we use another XML config file that includes also the third item (Photo
lookup in UDS)
Please verify the correct format of the Jabber-‐Config.XML file by opening the file stored in the following
path:
Windows desktop -‐> Lab Materials -‐> jabber-‐config v2
This should display the properly XML formatted configuration in a browser window.
1. Next browse to https://cucm01-‐bc.bootcamp.com/cmplatform

2. Go to Software Upgrades -‐> TFTP File Management
3. Upload the Jabber-‐Config.XML to the root directory of the TFTP Server
4. Next, go to https://cucm01-‐bc.bootcamp.com/ccmservice and restart the TFTP Server

Every change to any file stored on the TFTP Server needs a restart of the TFTP service to take effect.
3.4 Directory Sync & Automatic Device provisioning

A major deliverable of Cisco UCM 10.0 is simplification of provisioning and configuration. For this purpose
the LDAP synchronization has been enhanced not only to allow the import of end user data, but also
additional information and the ability to use this information to create and configure directory numbers and
other capabilities.

Per Cisco’s dial plan best practice in a centralized call control model each site has a minimum of 1 Calling
Search Space (CSS). To accommodate this best practice provisioning templates are created for each
geographical group of users. These are mapped to groups of users imported from the directory. LDAP filters
are used for grouping users to each site based on membership in active directory security groups.
Some limitations apply to these capabilities in the version 10.0 of CUCM (improvements are planned for next
releases):
• Cisco UCM supports a maximum of 5 LDAP sync statements, limiting the number of groups/location
that can be mapped to a distinct Feature Group Template
• +E.164 Directory number format is not yet supported for import and DN/line creation
• Variable length Directory numbers are not yet supported
3.4.1 Provisioning Templates

In this Lab all the templates have been pre-‐configured for you. You can find all the steps to do it in the
Appendix Document.
Please note that in the Feature Group Template we have not select the option “Enable User for
Unified CM IM and Presence” because there are some user migrating from Lync to Jabber and we
want to be able to enable users on Jabber selectively, one by one….but meantime be able to search
them in the CUCM directory


3.4.2 Enable Directory Synchronization

Having all the templates pre-‐configured, the first real step you will have to do is to create an LDAP sync
statement to import user from AD and create in automatic the associated lines to use later with the CSF
devices.
We will create an LDAP customer filter to show you the possibility to import only a SUBSET of the users from
AD, because for example you would need to create lines with specific CSS, Device pools or other parameters.
Create a new LDAP Custom Filter:
1. Navigate to https://cucm01-‐bc.bootcamp.com/ccmadmin

2. Go to System > LDAP > LDAP Customer Filter
3. Create the custom LDAP filter related to the user in San Jose with following details (please note that
the users are assigned to a specific AD security group called “SJC-‐Users”):

o Filter Name: SJC User Filter
o Filter: (memberOf=cn=SJC-‐Users,ou=my-‐user,dc=bootcamp,dc=com)

Create a new LDAP Directory Synchronization Partnerships:
In this lab we are using administration account to sync AD with CUCM. However, in a production
setup we do NOT require administrative access to the Windows AD setup. Any domain user
account would suffice for CUCM to “Read” AD user entries.
1. Go to System > LDAP > LDAP Directory > Add New
2. Create a new LDAP Directory Sync Partnership with following parameters:
Configuration Name: SJC-‐Users
LDAP Manager Distinguished Name: cn=Administrator,cn=Users,dc=bootcamp,dc=com
LDAP Password: C1sc0,123
LDAP User Search Base: ou=my-‐user, dc=bootcamp, dc=com
LDAP Customer Filter: select SJC User Filter
Access Control Group: select as shown in screenshot
Feature Group Template: select SJC FG Template
Check “Apply Mask to synched telephone numbers” and enter XXXXXXXXXXX (11 times the
character “X”)
LDAP Server Information: ad01-‐bc.bootcamp.com

4) Press “Save” and then select Perfom Full Sync Now, to start the sync process.
5) Go to User Management -‐> End User to check if Alice Adams, Bob Banks, Cathy Chung and Harry Hong
are imported correctly and are active.

Note: Current pre-‐FCS build of Cisco UCM has a bug where +E164 numbers are not correctly
imported in the line definition. Please follow these steps to correct this error:
1) Go to Call Routing > Directory Number
2) Change/check the imported directory number details as shown in the screenshot below
3) Repeat the same for Bob Banks using

Directory number = \+41448789728
Alerting Name = Bob Banks
Calling Search Space = CHinternational

4) At the end, your list of Directory Numbers should look like this:
Please note that CUCM will not create Cathy’s Line in automatic because the AD User
doesn’t include a directory number. We decided to do it because during the lab exercise you
will make a call from Alice to Cathy while Cathy is still on Lync and if we would create the line
in CUCM with the URI address associated to it the call will never be routed outside CUCM
toward Lync….
3.4.3 Enable LDAP Authentication

1) Go to System > LDAP > LDAP Authentication

2) Enabled the Use LDAP Authentication for End Users option and verify the following details:
LDAP Manager Distinguished Name: cn=Administrator, cn=Users, dc=bootcamp, dc=com
LDAP Password: C1sc0,123
LDAP User Search Base: ou=my-‐user, dc=bootcamp, dc=com

3) In the end, your LDAP Authentication page should look like this:
3.4.4 Create CSF-‐Devices

Using feature group templates users are automatically created with the corresponding directory numbers
including the directory URI. Currently the CSF-‐Device required for Cisco Jabber in softphone mode needs to
be created. This can be done manually, using the BAT update process or the new Quick Add capability in
Cisco UCM. This chapter explains how to use Quick Add, using Alice Adams as example:
1) Navigate to User Management > User/Phone Add > Quick User/Phone Add

2) Find and Select the user Alice Adams from the list of available users
3) In the Quick User/Phone Add dialog the parameters are pre-‐configured based on the templates
configured earlier for the directory synchronization. Now, Select Manage Devices

4) From the Manage Devices dialog select Add New Phone
5) Enter the following details:

Product Type : Cisco Unified Client Services Framework

Device Name : csfaadams
6) Don’t forget to repeat the same steps to create a CSF Device for Bob Banks.
7) Please note that the user template doesn’t enable the user for the IM/P service, so you will have to
do it manually for both users. To do it go to the menu User Management ! End User, search for
the users Alice Adams & Bob Banks and then enable them for IM/P flagging the following checkboxes.
Once done, press Save.
We are NOT enabling the user Cathy Chung for IM/P now because in our Lab scenario this user is still
enabled on Lync so it would be a mistake to enable him also on Jabber. We will do it later, after
disabling her on Lync.

3.5 Cisco Jabber/Cisco UCM Service Discovery (Inside the Company)

Significant improvements have been made to further simply the provisioning of services and auto discovery
of those services in Cisco UCM 10.0.
As described in a previous chapter (3.2), profiles and corresponding services are configured centrally on
Cisco UCM. Earlier versions required some parameters to be configured on the Cisco UCM (v2) nodes and
some on the IM&P nodes.
Cisco Jabber Clients are capable of using DNS to auto discover the services created on CUCM. This will work
when the Jabber users within the corporate network or even while connecting from the internet (using the
new Remote Access Capability).
This chapter covers the aspects of service discovery and it’s configuration for internal deployments only. For
deployments utilizing the Cisco Expressway product please refer to the documentation or attend the
separate lab that covers all aspects of remote working.
Service discovery is based on Domain Name Service (DNS) Service Records (SRV). For full automatic discovery
the administrator has to configure these SRV records to enable Cisco Jabber Clients to resolve them while
searching for service.
For discovery inside the corporate network Cisco Jabber utilizes the _cisco-‐uds._tcp.<domain-‐
name> SRV record.
The following steps explain how to configure the required SRV DNS records. In this exercise a Microsoft
Windows 2008 R2 server is providing the DNS service, when using other DNS servers please consult the
required documentation – steps bellow should provide a good understanding of the concepts and the
required tasks.
We will start now with the SRV records associated to the sip domain “bootcamp.com”:
1) Please RDP to AD01-‐BC.bootcamp.com

2) Open Server Manager Console
3) Go to Role > DNS Server > AD01-‐BC > Forward Lookup Zones
4) Right click on the domain bootcamp.com and select Other New Record

5) Select Service Location (SRV) from the type of records to be added and enter the following details:
Enter the following details for the Cisco UDS Services Discovery
Service : _cisco-‐uds
Protocol : _tcp
Priority : <Leave Blank> (Priority is an optional parameter, the lower the priority the higher the
clients will rank this SRV record)
Weight : <Leave Blank>
Port : 8443
Host offering this service: cucm01-‐bc.bootcamp.com

3.5.1 How to verify the DNS SRV configuration

“NSLOOKUP” can be used to verify that the SRV records are correctly configured. This is particular important
in environments where DNS configuration is handled by different organizational entities.

By default the NSLOOKUP tool queries either DNS A records -‐ mapping a name to an IP address or PTR
records mapping IP address to DNS names. To use the tool to check SRV records these are the steps:

First start nslookup (on a windows client start first a commands prompts and then enter nslookup).

Next set the query type to SRV -‐> set type=SRV

After that insert the SRV record we need to check -‐> _cisco-‐uds._tcp.bootcamp.com

This will return the DNS A records pointing to the CUCM servers.

In case of wrong information reported as result it could be a good idea to clean the local DNS cache. To do it
use the following command: ipconfig /flushdns


4 Jabber Logon and testing of the new default capabilities

4.1 Introduction

In this chapter we will guide you through the testing of most of the new end user capabilities introduced
with Jabber 9.6 and Jabber 9.7. We will test later in dedicated chapters the Persistent Chat and the MRA
capabilities.
4.2 Verify the server configuration -‐ Logon on Jabber

Verify Jabber logon process:
1) Logon to workstation Win7 PC 01 with the user Alice Adams and launch the Cisco Jabber client from
the desktop. (Please note that in this moment Alice’s PC is connected to the internal LAN).
2) Enter full email address for Alice Adams: aadams@bootcamp.com
The email address is used for service discovery (auto discover). Cisco Jabber will use the
right hand side of the email address (bootcamp.com) and look-‐up the DNS for SRV records
to locate the CUCM services for this domain.

3) Next enter the logon name: aadams (currently the client will default to the email address in the user
ID field, please manually enter the account name). Enter Password.
If you get an error saying “Cannot communicate with server”. Try logging on to CUCM IM/P
Serviceability Page and restart the “Cisco Client Profile Agent” service under select Cisco
Unified IM and Presence Serviceability > Tools > Control Center – Network Services:
CUCM IM/P Serviceability: https://CUP01-‐BC.BOOTCAMP.COM/ccmservice
4) After user is logged in to Jabber, verify that the phone service (CSF Device) is registered correctly. You
can also go to Help > Show Connection Status to verify if all services are up and running.

Repeat the same steps for the use Bob Banks. To do it logon on the workstation Win7 PC 02 with the right
credential and launch the Cisco Jabber client from the desktop.
4.3 Alpha-‐numeric URI dialing

Long awaited, this feature has been introduced into the software since Jabber for Windows 9.6.

Note -‐ This capability is not enabled by default in this moment on Jabber, so you need the XML
configuration file with inside a specific parameter to enable it. We have inserted this parameter in the
xml file that we asked you to upload in previous step 4.2.

Now, to see URI dialing working you have multiple way, one of these is to use the “call” arrow on the right of
the user in buddy list:

You will see that in addition to the normal phone numbers there is now a line related to the URI address
associated to the user (equal to the IM/P presence address). Clicking on it will start the call and from there
the behavior is the standard one associated also to number dialing.
4.4 “Video always on top” option

Last new feature introduced into the software since Jabber for Windows 9.6, you will find the capability to
keep the video window always on top, ensuring that your active video window will always be in the focus of
your desktop.
To enable it, please select the View-‐Menu and check the “Video call always on top” option.

Place a call from Alice to Gary or vice-‐versa to verify that no other application will cover the active call
window.
4.5 Chat Window “Pop Out”

You can click on the pop-out icon to move any chat window into a separate window. You can pop-out a one-to-one
conversation, a group chat, and persistent chat room window.

You will have a separate window for the session you selected. To bring back to the ;multiple TAB view click on thje “Pop-
In” icon:
4.6 Custom Contact

Another new functionality you will find in Jabber for Windows 9.7 is the “Custom Contact” aka. Pizza Guy .
While you could already have your personal Outlook contacts displayed and searched in Jabber for quite a
while, it is now also possible to manually add contacts to your buddy list without having them anywhere else
defined (Corporate Directory, Outlook Contacts etc. )

Please be aware that we use a pre-‐FCS build of the 9.7 version, so the code might still contain
some defects.

Upon selecting “New -‐> Custom contact” you will presented with a mask to enter the contact details,
including multiple numbers, address etc. as will as assign a picture to the contact:

Just go and play a little, adding a contact of your choice to the buddy list or follow the next screenshot.

You will find that only the fields containing information will be displayed. Similar to the personal Outlook
Contacts, you would be able to get presence information for a custom contact if your company does allow
federations.


5 Configuring and Testing the Persistent Chat capability

5.1 Introduction

In this chapter we will guide you through the configuration of the Persistent Chat capability on CUCM IM/P
and the testing of the same feature using the Jabber for Windows 9.7 release.
Please be aware that we use a pre-‐FCS build of the 9.7 version, so the code might still contain
some defects and not all aspects of the new functionality are yet available. Also to use
Persistent Chat with Jabber for Windows 9.7, a CUCM IM&P server running on version 10.x is a
mandatory requirement.
Persistent Chat functionality itself consists of three components: Cisco Unified Communications Manager
IM&Presence, a external database to actually store the chat rooms and content as well as the client to access
this functionality. CUCM IM&Presence does support either a Postgres SQL database or an Oracle database
for this integration. In this lab, we decided to use the Postgres SQL option and to reduce the time to
implement the full capability we had to preconfigure the Postgres database for you.
Note that Persistent Chat capabilities in Jabber for Windows are disabled by default. Therefore they have to
be explicitly enabled using the following parameter in <Client> section of the jabber-‐config.xml file:
<Persistent_Chat_Enabled>True</Persistent_Chat_Enabled>
To save you some time, this command was already included in the config-‐file you uploaded in Chapter 3.
You will now have to configure the integration into CUCM IM&Presence as well as create the Persistent Chat
rooms using a complementary IM client.

5.2 CUCM IM/P Configuration – Add External Database

As the external Postgres Database has already been preconfigured for you the next step will be adding the
database to CUCM IM&P.
5. Next browse to https://cup01-‐bc.bootcamp.com/cupadmin/

6. Go to Messaging -‐> External Server Setup -‐> External Databases

3. Choose Add New

3. Configure the database using the following parameters:

Database Name: cup
Database Type: Postgres
Tablespace: -‐please leave blank-‐
Description: Persistent Chat
User Name: tcuser
Password: cisco
Confirm Password: cisco
Hostname: sql01-‐bc.bootcamp.com
Port Number: 5432
5. Hit Save.

You will notice two status messages after creating the database:

To get full connectivity to the external database, it has to be mapped to either Message Achiever or
Persistent Chat services. Navigate to Messaging -‐> Group Chat and Persistent Chat
Next up we will enable Persistent Chat and map the database created above to this service:
Please ensure you also UNCHECK the automatic alias creation option, which is at the beginning of the page:
Hit Save after completion.

If you now check back for the status of the external database we should see the following messages:
As the automatic alias creation has been disabled in the step above, you will now need to specify an alias
manually.
Navigate to Messaging -‐> Group Chat Server Alias Mapping and add a new alias named “Bootcamp-‐Chat-‐
Rooms” which is mapped to cup01-‐bc.bootcamp.com
Hit Save afterwards.
In order use Persistent Chat via Expressway, the Chat Server Alias has to be specified as a
Subject Alternate Name ( SAN ) in the certificate installed on the Expressway-‐E. This step has
been preconfigured for you.

Last we need to define a Group Chat System Administrator who will later have the appropriate rights to
create a room. Therefore we will enable a dedicated user in CUCM for IM and Presence in order to promote
him to be the Chat Administrator.
To do so, please open a new Tab to go to https://cucm01-‐bc.bootcamp.com/ccmadmin , navigate to User
Management -‐> End User and choose Harry Hong from the list of users. Enable IM&Presence capabilities for
this user and hit Save.
Now we can move back to the CUCM IM&Presence Administration and navigate to Messaging -‐> Group Chat
System Administrators.

Add a new user and specify the values as per the following screenshot:
Hit Save once completed.
Finally, in order for the changes to become active, please navigate to the CUCM IM&Presence Servicability
page and restart the Cisco XCP Text Conference Manager under Tools -‐> Feature Services -‐> cup01-‐
bc.bootcamp.com.
If you now log Alice Adams and Bob Banks out of Cisco Jabber and sign back in, you should be presented with
a new icon on the sidebar:

Congratulations, you have successfully enabled Persistent Chat functionality. Now let’s move on.

5.3 How to create a Persistent Chat Room

As stated above, not all functions are yet fully available in Cisco Jabber for Windows. The
ability to create and administer Persistent Chat rooms has been defined to be part of the
“Phase 2” implementation of Persistent Chat and will be available in Jabber for Windows
10.0.
For now we have to use a complementary IM client to do the administration. This could be CUPC, but also
some native XMPP Client like Pidgin or (as we use it here ) Jabber MomentIM.
1. Logon to workstation Win7 PC 3 with the user Cathy Chung and launch the Jabber MomentIM client
from the desktop
2. Click the preconfigured profile of “hhong” to connect


3. Once logged in, please select the “Join a conference” Option

4. Create a new room as described in the screenshot below and click Finish.


5. The new room will open and you will be presented the room configuration dialog. Please ensure you
check the “Make the room persistent” option. Otherwise the room will NOT be displayed in Jabber.
In this case we will also check the “Only members can enter the room” option to make this a closed
room.
NOTE: Please do NOT check the “Password is required to enter” option or specify any password. The
current version of Jabber is not yet supporting passwords for rooms.


6. The new room is now ready and you can optionally specify a room subject:

In this case we will put “Human Resources – Closed User Group” as the Subject

Right click inside the conference room and select to “Bookmark Conference Room” for easier access
later.

7. Now check the Jabber Client of either Alice or Bob for the newly created room

Once you click the “All rooms” tab, you will be presented with a list of the currently defined rooms.
Please note the lock icon next to the “Human Resources” group indicating that this is a closed group
by invitation only.


Repeat the Step 3 and 4 above and create another room with name “Bootcamp Corp. Public” as
describe in the screenshot, but this time leave the “Only members can enter the room” unchecked:

Specify a subject for the new room, bookmark it and hit refresh on the room list in Jabber.
The new public room should be available to Join now:


5.4 Testing the Persistent Chat Capability

Now you are ready to play a little with the new capabilities. For example use MomentIM to add Bob to the
“Human Resources” closed group:

Add bbanks@bootcamp.com to the invite list and click “OK”.

Bob will now receive a notification about his new membership in the Human Resources room:
If you check the list of available rooms or Bob’s rooms, you will now find the membership granted
and Bob able to enter the chat room:

Feel free to create more rooms, leave chats and also test the option to define personal filters. In all
cases, please be aware that this is still a non-‐FCS build that might not work 100% as expected.
If you would like to modify settings of an already existing room, or potentially delete a room
permanently, you can do so by entering the room in the MomentIM client – > Right Click in the chat
-‐> Admin and either select “Configure Conference Room” or “Destroy Conference Room”.
Note: Please be aware that the “Destroy” can NOT be reverted.


5.5 Additional info on MomentIM Group Chat management

Please note that in case you did not assign a bookmark to the rooms you created with MomentIM, you will
need to select the following option to show them again:

At this point you will get this page with the Room list:


6 Configuring and testing the Mobile Remote Access (MRA) capability

6.1 Introduction

Cisco Expressway is the solution to provide Mobile Remote Access (MRA) to Jabber Clients and Video
Endpoints. In this chapter you will review the overall architecture of the Cisco Expressway Solution and
deploy it for use with a Cisco Jabber for Windows 9.7 client machine in your pod.
Cisco Expressway is based on the existing Cisco Telepresence Video Communication Server (VCS). Both
products share the same codebase. The installed option keys (licenses) decide in which mode the code
operates. A Cisco Expressway solution consists of two entities: Expressway-‐C and Expressway-‐E.
Expressway-‐C is deployed inside the enterprise network and is a SIP-‐Proxy and a communications gateway
for Cisco Unified CM. Expressway-‐C is configured with a traversal client zone to communicate with the
Expressway-‐E to allow inbound and outbound calls to traverse the NAT device.
Both components can be deployed in a cluster for redundancy and scalability. Customers can deploy
multiple expressway solutions at different Internet access points. Geo-‐DNS can be deployed to serve
clients the closest entry point into the corporate network (i.e. users in the continental United States
will use an expressway deployed at an Internet DMZ in their territory where European or APJC users
will have their respective expressway deployments in their theater.
These options are not part of this lab!
Expressway-‐E is deployed in the DMZ. Also a SIP-‐Proxy it is configured with a traversal server zone to receive
communication from the Expressway-‐C in order to allow inbound and outbound calls to traverse the NAT
device. Expressway-‐E has a public network domain name. For example, in this lab setup the Expressway-‐E is
configured with two network interfaces (this requires a separate option key to be installed on the
Expressway-‐E system. One network interfaces is connected to the internal DMZ network and one is
connected to the Internet facing external DMZ network). The external facing network interface has an
externally resolvable name of expressway-‐e.bootcamp.com (which resolves to the IP address of A.B.C.D by
the external/public DNS servers.

The following chapter will guide through the necessary steps to deploy MRA with expressway.
Certain steps regarding the basic configuration (network, DNS, release and option keys and
certificates) of the expressway-‐C and –E machines have been pre-‐configured already. These steps are
included in this guide for your reference. Please pay special attention to the comments “This has
already been done for you!” It actually means what it says there in plain English – either skip this
section or review but don’t do anything!
6.2 How to Configure the Expressway Solution for MRA

Expressway components can either be deployed on an physical appliance or in a virtualized environment.

The required VMware virtual machine templates can be downloaded from here (current version X8.1):
http://software.cisco.com/download/release.html?mdfid=283733603&softwareid=280886992&release=X8.
1&relind=AVAILABLE&rellifecycle=&reltype=latest
6.2.1 Basic configuration of Expressway-‐C

Please note that the section 6.2.1. is already PRECONFIGURED for you. Starting section 6.2.2 you will
start the configuration.
6.2.1.1 Domain Name System (DNS) configuration

Expressway requires DNS to be configured for resolution of full qualified hostnames (FQDN) to IP addresses.
DNS is also required for certain aspects of the SIP-‐Proxy operations of expressway. For these reasons it is
mandatory to configure. From the main administration interface of the expressway-‐c machine navigate to:
System -‐> DNS

Enter the parameters as shown on the screenshot above:
System host name: expressway-‐c
Domain name: bootcamp.com
Default DNS Servers

Address 1 10.52.226.68
(Note: in this setup the internal DNS server is co-‐located with the Active Directory service)
6.2.1.2 Configure Network Time Service (NTP)

Expressway relies on certificates for several security related features and functionalities. Ensure that all
expressway systems are synchronized to a reliable time source. To configure the required NTP parameters
navigate to:
System -‐> Time
NTP server 1: 10.1.1.1
Time zone: US/Pacific
Depending on specific requirements the default public NTP servers can be utilized. Alternatively a NTP time
source in the enterprise network can be used.

6.2.2 Configuring Expressway-‐C for Unified Communications

Please start configuration here. ☺
To enable Unified Communications aka MRA on Expressway-‐C navigate to:
Configuration -‐> Unified Communications -‐> Configuration
Turn “Mobile and remote access” to ON and hit save.
6.2.2.1 Configure the domains to route to Unified CM

You must configure the domains for which registration, call control, provisioning messaging and presence
services are to be routed to Unified CM. Navigate to:
Configuration -‐> Domains


Domain name: bootcamp.com
SIP registration: ON
IM and Presence: ON
In a hybrid deployment where IM&P services are provided by Cisco Webex Messenger as a cloud
service IM and Presence setting on this configuration screen needs to be left in the OFF position.
Also note that the Jabber Guest feature is a technical preview in X8.1. It is not supported to enable
Jabber Guest in conjunction with providing SIP registration and IM&P services on Unified CM.
6.2.2.2 Discovering IM&P and Unified CM Servers

To provide provisioning, SIP registration and IM&P services Expressway needs to be aware of the deployed
topology of servers. On the Expressway-‐C the administrator needs to enter the necessary connection
parameters and credentials.
To configure IM&P servers navigate to:
Note that the IM&P server configuration is not required when in a hybrid (Cisco Webex Messenger)
deployment.
Configuration –> Unified Communications -‐> IM and Presence servers

Enter the parameters as shown in the screenshot above:
IM and Presence publisher address: cup01-‐bc.bootcamp.com
(FQDN recommended for certificate validation)
Username: cucmadmin
(Unified CM AXL enabled user, for this lab the general

Unified CM admin userid and password is used. It is a good
best practice to create a separate AXL enabled user for
production deployments).
Password: C1sc0,123
TLS Verify Mode: ON
Expressway-‐C will verify the certificate presented by the

Cisco Tomcat service on Unified IM&P. When using self
signed certificates the Unified CM node certificate needs to
be installed on Expressway-‐C. With CA signed certificates the
CA root certificate must be present on Expressway.
To configure the Unified CM servers, navigate to:
Configuration -‐> Unified Communications -‐> Unified CM Servers

Unified CM publisher address: cucm01-‐bc.bootcamp.com
Username: cucmadmin
Password: C1sc0,123
TLS verify mode: ON
The same comments apply as outlined in the previous section for configuring IM&P servers.
6.2.2.3 Automatically generated zones and search rules

Expressway-‐C automatically generates non-‐configurable zones between itself and each discovered Unified
CM node. A TCP zone is always created, and a TLS zone is created also if the Unified CM node is configured
with Cluster Security Mode = Mixed Mode. Each zone is created with a name in the format ‘CEtcp-‐<node-‐
name>’ or ‘CEtls-‐<node-‐name>’.
A non-‐configurable search rules, following the same naming convention, is created automatically for each
zone.

6.2.3 Basic configuration of Expressway-‐E

Section 6.2.3 has been PRECONFIGURED, please double-‐check what we have done and move on to
6.2.4
Please refer to the previous chapter for configuring DNS and NTP on Expressway-‐E
6.2.3.1 Network configuration Expressway-‐E

As outlined in the introduction this setup utilizes the dual network option on Expressway-‐E. Utilizing dual
network interfaces on Expressway-‐E requires extra steps to ensure that IP connectivity towards the public
Internet and the internal enterprise network is correctly routed out the respective interfaces and to the
correct next hop addresses. For configuration of network parameters navigate to:
System -‐> IP
IP protocol: IPv4 (not using IPv6 yet in this lab)
Use dual network interfaces: Yes
External LAN interface: LAN2
IPv4 gateway: 10.1.239.66

(the default gateway needs to point toward the internet to enable
Expressway-‐E to reach any device trying to connect from outside.
This default gateway is reachable via the LAN2 interface designed as
the external facing LAN interface)
LAN 1 – Internal LAN2 -‐ External
IPv4 address: 10.1.238.74 IPv4 address: 10.1.238.80
IPv4 subnet mask: 255.255.255.0 IPv4 subnet mask: 255.255.255.0
IPv4 static NAT mode: OFF ON
IPv4 static NAT address: 172.16.100.80
Expressway-‐E can be deployed behind a static NAT. With the emphasis on static as dynamic NAT
configuration are not supported. When deploying behind a NAT device (i.e. Firewall) NAT mode must be set
to ON and the publicly visible address that is used by expressway-‐e must be configured.
With this configuration in place the Expressway-‐E would be able to reach the Internet via the default
gateway configured. For the dual network option Expressway-‐E has to be configured with a static route to
reach the internal enterprise network via the LAN 1 internal interface. This needs to be done from the
Expressway CLI either on the VM console or by SSH login.

To verify that the route(s) to the internal network have correctly been added use the CLI command:
xconfig IP route


6.2.4 Configuring Expressway-‐E for Unified Communications

Please start configuration here. ☺
Similar to Expressway-‐C, Expressway-‐E has to be configured for Unified Communications. Navigate to:
Configuration -‐> Unified Communications -‐> Configuration
On the Unified Communications configuration page, set Mobile and remote access to ON.

6.3 Setting up Secure Traversal Zone (Expressway-‐C & -‐E)

A secure traversal zone connection must be configured between the Expressway-‐C and Expressway-‐E, but
before doing it we need to create a local user to authenticate the traversal connection.
6.3.1 Expressway-‐E local authentication database

When Expressway-‐C (traversal client) establishes the connection to Expressway-‐E (traversal server) a userID
and password is exchanged for authentication. On Expressway-‐C these info will be entered in the traversal
zone configuration. On Expressway-‐E the credentials must be configured in the local authentication
database. To do it logon on the Expressway-‐E box and go to the menu Configuration – Authentication –
Local Database:
At this point you can create a new local user with the following credential:
• Userid: traversal-‐admin
• Password: C1sc0,123

Now you can start configuring the traversal zone on both boxes. To configure the traversal zone navigate
first to the menu Configuration -‐> Zones -‐> Zones (same location on Expressway-‐C and –E respectively).
The screen shots below show on the left hand side the configuration on Expressway-‐C and on the right hand
side shows the configuration on Expressway-‐E:
Expressway-‐C Expressway-‐E


6.3.2 Checking Expressway-‐C and Expressway-‐E Unified Communications status

Go to the menu Status – Unified Communications on both device (C & E):

6.3.3 Configuring Service Discovery on the external (public Internet facing DNS)

For MRA and automatic service discovery, aka switching Jabber between internal network and external
network mode, it is required to deploy DNS SRV records in the internal and external DNS infrastructure. In
the previous chapter the internal DNS SRV records have already been deployed. This chapter will explain
how the external DNS server needs to be setup.

It is a mandatory requirement that Jabber clients connected outside the corporate network are not capable
to resolve the internal _cisco-‐uds._tcp.<domain> SRV record.
The lab topology provides a DNS record located on the “Public Internet”. To configure the required DNS SRV
records please RDP to the internal AD/DNS server.
On the Windows Desktop is a shortcut on the Windows DNS Management Console. For ease of configuration
the management console has the internal DNS (AD Server) and the external DNS registered. As shown on the
screen shot the DNS A-‐record for expressway has already been configured for you (when using NAT this A-‐
record has to point to the IP address that is visible on the Internet!)
Right click on the domain bootcamp.com show underneath the external-‐dns in the Forward Lookup Zone
folder.

Scroll down the and select “Service Location (SRV)” then create record
Enter the parameters as follows:
Service: _collab-‐edge
Protocol: _tls
Priority: -‐leave blank-‐
Weight: -‐leave blank-‐
Port number: 8443
Host offering this service: expressway-‐e.bootcamp.com

Verify the external DNS SRV record
To verify that the external DNS server does correctly answer queries for the create SRV record we use the
nslookup tool. It is important to understand that nslookup by default would query the DNS server configured
on the local machine (since we are RDPed into the AD server it would query the internal DNS server). To
change this behavior we need to start nslookup with an additional parameter to point the queries to the
external DNS server.
Open a CMD prompt on the AD server and type:
nslookup -‐ external-‐dns.bootcamp.com
Nslookup will start and shows the address of the server that queries are send to as 172.16.100.253 (the
external DNS).
Issued the command: set type=SRV (we are only interested in SRV records)
Type _collab-‐edge._tls.bootcamp.com
The DNS server should respond with SRV and the parameters configured before.
Result: expressway-‐e.bootcamp.com internet address= 172.16.100.80 (the publicly visible NATed address)

6.4 Testing the Mobile Remote Access (MRA) capability on Jabber 9.7

6.4.1 Basic Testing

In the provided lab setup PC1 (user Alice Adams) is configured with 2 network interfaces. One allows Jabber
to run within the enterprise network. The second interface simulates Jabber connected via the “Internet”
and using Expressway-‐E and –C for MRA. In previous exercises the internal network connection was used.
With Expressway MRA full configured the Jabber client can now be moved to the “Internet”.
On PC1 bottom right of the desktop right click on the network card interface and select “Open Network and
Sharing Center”
From the Network and Sharing Center dialog select from the left “Change adapter settings”

A word of caution – in the next step we will disable and enable network adapters to move the
machine from the internal network to the “Internet”. You will see 3 adapters – the reason is
since we are enabling and disabling the adapters that Jabber uses to communicate there is a
3rd adapter clearly marked today for you with the name RDP. This 3rd adapter is your RDP
interface through which the remote desktop connection is running. Over millennia not only
lumberjacks have learned – many times the hard way -‐ how bad an idea it is to saw off a tree
branch one is sitting on! ;-‐) With that said PLEASE DO NOT DISABLE THE RDP INTERFACE!!!
To move PC1 into MRA mode – right click on the adapter named “Internal Network” and select disable

Next enable the “Internet” by right click on the adapter named “Public Internet” and select enable
If you have kept Jabber running while you were switching the network interfaces you should see the client
reregister after a moment – congratulations! you are now working via Expressway ;-‐)
Verify MRA status on Expressway-‐E
You can see further details about remote clients registered via Expressway by logging into the Expressway-‐E
admin interface and navigate to:
Status -‐> Unified Communications
Now you can IM between Bob on the internal network and Alice on the external network. Escalate from IM
session and start a call. This will create a video call between Alice and Bob via the Expressway infrastructure.
Leave the call running and look at the information in the Expressway-‐E admin interface. Navigate to:
Status -‐> Calls -‐> Calls
Select the active call from the list, you can further drill down into call details and media information

You can also check the connection status from Jabber:
6.4.2 Testing the Photo Lookup behavior

Before doing any test on the photo lookup when the client is connected via MRA we need to clean the local
Photo cache on Alice’s PC by opening the related folder and deleting all the pictures contained there.
To do it please follow these steps:
• Exit from Jabber

• Double click on the shortcut placed on the Desktop to go directly in the right folder:

• Then select all the pictures and delete them:
• At this point you can logon again on Jabber, search for Bob and display his profile. The result should
be like the one reported below on the left, compared with the profile on the right, which you get if
the client is connected inside the company (using therefore EDI):
In the next chapter we will see how to resolve this issue, changing the default configuration for Photo
Lookup.

6.5 How to configure Photo Lookup from Outside the Firewall (MRA scenario)

The issue you have seen before is due to the fact that when the client is outside the Firewall there is no way
to make direct query in AD for Photo lookup, which is the default behavior.
We need therefore to introduce a Web Server as repository for the Photo, tell Jabber to use it and allow this
new traffic through the Expressway using the “HTTP allow list”.
6.5.1 Expressway Configuration

Let’s start with the configuration on the Expressway solution to allow the traffic from the Jabber client
towards the internal web server that is hosted on the Exchange VM in our lab. An important note is that we
need to make this configuration only on the Expressway-‐C box, which is the MRA policy controller for the
Inbound Http traffic.
To do it please logon to the Expressway-‐C box http://expressway-‐c.bootcamp.com, select the menu

“Configuration -‐> Unified Communication -‐ > Configuration” and click on the option “Configure Http Server
Allow list”, as reported below:

Now you can insert the information related to the internal web server (exchange01-‐bc.bootcamp.com)
where the Photos are hosted and press “Save”:

6.5.2 Photo lookup method to use in UDS mode (using Jabber-‐Config.XML)

Last step is to give instruction to the Jabber client to retrieve the photos from the web server when it is in
UDS mode (UDS is the automatic behavior when the client is connected from outside through Expressway).
We need to use also in this case an XML config file. On the client machines Win7 PC01 (aadams) and Win7
PC02 (bbanks) a second jabber-‐config.xml file, which include all the items needed (Alphanumeric URI
Dialing, Persistent Chat and photo in UDS mode) has been prepared for you. All Jabber clients in this setup
are utilizing the same configuration; therefore uploading the default Jabber-‐Config.XML to the Cisco UCM
Tftp-‐Server will allow all clients to access the configuration.
Please verify the correct format of the Jabber-‐Config.XML file by opening the file stored in the following
path:
Windows desktop -‐> Lab Materials -‐> jabber-‐config v3
This should display the properly XML formatted configuration in a browser window.
7. Next browse to https://cucm01-‐bc.bootcamp.com/cmplatform

8. Go to Software Upgrades -‐> TFTP File Management
9. Upload the Jabber-‐Config.XML to the root directory of the TFTP Server
10. Next, go to https://cucm01-‐bc.bootcamp.com/ccmservice and restart the TFTP Server

Every change to any file stored on the TFTP Server needs a restart of the TFTP service to take effect.
If you now go to Alice’s PC and try to force a picture refresh viewing the Bob Bank’s profile you will see that a
“Special” photo is retrieved from the web server inside the company.
Please note that to differentiate the UDS behavior from the default EDI behavior we decided to
force the lookup toward a different picture set for the same user……☺:


7 Intra-‐domain Federation for IM/P between Jabber and Lync

7.1 Introduction

In this module the student will focus on the tasks needed to configure Intra-‐domain federation between
Jabber and Lync 2010 environments. The Lync 2010 setup we have in this lab is quite simple being based on
a single Front End Server (Standard Edition) but is able to provide all the capabilities needed to test this
scenario.

Implementing the same scenario in a more complex Lync Environment will need further steps to take into
account the multiple servers included in the Lync Pool (equivalent to our “CUCM cluster”) and the Load
Balancer in front of them, but will not change anything of the pre-‐requisite steps, the concepts related to
route IM/Presence between the two environments and the tasks needed to migrate users from Lync to
Jabber.

The high level steps needed are:

• Assign and/or verify Certificate to Cisco IM/Presence nodes
• Change the default ports assigned to the Application Listeners on Cisco IM/Presence node
• Enable Intra-‐domain federation on cisco IM/Presence cluster
• Configure Cisco IM/Presence nodes to trust Lync servers
• Setup Routing rules from Cisco IM/Presence nodes towards Lync Front End nodes
• Assign and/or verify Certificate to Microsoft Lync Front End nodes
• Enable Federal Information Processing Standard Compliance on Lync (please see important note later in
the chapter regarding this step)
• Configure Microsoft Lync Front End nodes to trust Cisco IM/Presence servers
• Setup Routing rules from Lync Front End nodes towards Cisco IM/Presence nodes
• Verify that the needed specific AD attributes (Presence URI address) are correctly populated
• Logout and Login from all clients
• Test the interoperability scenario adding to the buddy list users that are registered to the “other” system
• [optional] Migrate users from Lync to Jabber using the specific utility that Cisco released

IMPORTANT NOTES:

• The step “Assign and/or verify Certificate to Cisco IM/Presence nodes” has been already done for you
and we have described it in the chapter “CUCM Security configuration in the appendix manual.
• All the steps needed on Lync side have been pre-‐configured for you and documented in one chapter in
the appendix manual. This is due to the facts that first they are quite time consuming and we would have
risked to not permit you to arrive at the end of all the exercises and, second, most of them are long
PowerShell command to digit so it would be a big “source” of possible typing mistake….


7.2 CUCM IM/P cluster configuration

7.2.1 Change the default ports assigned to the Application Listeners on Cisco IM/Presence node

This step is mainly a sequence of parameter changes to arrive at the scenario reported here below where the
services are allocate to the right ports needed for Lync interoperability. We need this because the default
association is not ok for this interoperability scenario. Here the steps to do:

• Select Cisco Unified Communications Manager IM and Presence Administration > System > Application
Listeners.
• If they are not already displayed, select Find to display all application listeners.
• Select Default Cisco SIP Proxy TLS Listener – Server Auth.
• Change the Port value to 5063.
• Select Save and select OK on the popup window that appears.
• From the Related Links drop-‐down list, select Back to Find/List and select OK to return to the Application
Listeners list.
• Select Default Cisco SIP Proxy TLS Listener – Peer Auth.
• Change the Port value to 5061.
• Select Save and select OK on the popup window that appears.
• From the Related Links drop-‐down list, select Back to Find/List and select OK to return to the Application
Listeners list.
• Select Default Cisco SIP Proxy TLS Listener – Server Auth.
• Change the Port value from 5063 to 5062.
• Select Save.

Note: Officially we should restart the SIP Proxy service on all IM and Presence nodes in the cluster at
this point, but to reduce the amount of time needed to configure the full federation story we will do
it one time at the end of the chapter.

You can see the final result Selecting again Cisco Unified Communications Manager IM and Presence
Administration > System > Application Listeners:


7.2.2 Enable Intra-‐domain federation on cisco IM/Presence cluster

Here we are enabling the Intra-‐domain federation feature. To do it logon to the first Cisco IM/P node
https://cup01-‐bc.bootcamp.com and Go to Presence -‐> Settings -‐> Standard Configuration, check the flag
“Enable Partitioned Intradomain Federation with LCS/OCS/Lync”, select the option “Basic Routing Mode”
and click Save. For detailed description of the two possible options for the Routing Mode please refer to the
public deployment guide.


7.2.3 Configure Cisco IM/Presence nodes to trust Lync servers

Next Step is the Configuration of Cisco IM/Presence nodes to trust the Lync servers. Here we have two sub-‐
actions to do:

• Add new entries to the incoming and Outgoing ACL to accept connection to/from Lync server
• Add a TLS “trust” to specify the TLS host that CUP is authorized to speak with.

Let’s start with the ACL.

Go to System ! Security -‐> Incoming ACL and add the following two entries (one for the Hostname and one
for the IP address), related to the Lync Front End server:

• Description “Lync FE IP Address” -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ Address Pattern “10.52.226.82”
• Description “Lync FE FQDN” -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ Address Pattern “lync01-‐bc.bootcamp.com”

The final situation must be the following:

Now we need to repeat the same action for the outgoing ACL:

Go to System ! Security -‐> Outgoing ACL and add the following two entries (one for the Hostname and one
for the IP address), related to the Lync Front End server:

• Description “Lync FE IP Address” -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ Address Pattern “10.52.226.82”
• Description “Lync FE FQDN” -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ Address Pattern “lync01-‐bc.bootcamp.com”


The final situation must be the following:

Now we need to config the TLS “trust” to specify the certificate entries that the Presence server will accept
as valid. Please go to System ! Security -‐> TLS Peer Subject and add the following entry:

Peer Subject name “lync01-‐bc.bootcamp.com” -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ Description “Lync FE Hostname”

NOTE: if you copy the string from the PDF please pay attention that all the characters are
copied without errors….


Lastly we have to configure the “policy” to apply to the TLS connection with the Lync server. Go to System !
Security -‐> TLS Contexts Configuration and select the one highlighted below:

Select the different options as reported below to associate the policy to the TLS peer subject we just created
and then press save:

NOTE: Please flag the “Disable Empty String” option are reported below


7.2.4 Configure Routing Rules from Cisco IM/Presence nodes towards Lync Front End Pool

Here the goal is to tell to the IM/Presence nodes in the cluster which Presence Domain route towards Lync.
To do that please go to Presence ! Routing -‐> Static Routes and add a new one for the domain that is
shared between Lync and Jabber:

• Bootcamp.com

The other parameters must have the following values:
• Destination Pattern – “.com.bootcamp”
• Description -‐ route to “Bootcamp.com” domain (Lync)
• Next Hop – “lync01-‐bc.bootcamp.com”
• Next Hop Port number – “5061”
• Route Type – “domain”
• Protocol Type – “TLS”
• Select the default values for all other parameters.

Note – Pay attention to the “.” in the destination pattern, they are mandatory


We only need now to restart some services to let CUCM “read” the new configuration. Therefore, go to the
Presence Serviceability Page as highlighted below:

Restart the SIP Proxy service on all IM and Presence nodes in the cluster. To restart the SIP Proxy service,
Select Cisco Unified IM and Presence Serviceability > Tools > Control Center – Feature Services, for both
servers, as reported here:


Then you must restart the Cisco XCP Router on all IM and Presence nodes in the cluster. To restart the Cisco
XCP Router, select Cisco Unified IM and Presence Serviceability > Tools > Control Center – Network
Services, for both servers.

Note -‐ Due to a CUCM defect in the Pre-‐FCS version used in this lab it could happen that you will see
the following “strange” alert message…please ignore it!


7.2.5 Additional verification and steps to do only in this lab due to Beta Code software.

NOTE: In this specific Lab scenario we are using Beta code for both CUCM and Jabber software, so to
workaround specific bugs we encountered, we suggest you to do the following additional steps:

• Check the status and in case it is not running start the Cisco XCP SIP Federation Connection Manager
Service on IM and Presence node cup01-‐bc. To do it Select Cisco Unified IM and Presence
Serviceability > Tools > Control Center – Feature Services, as reported here:


• Restart the “Cisco Client Profile Agent” service on CUP01-‐BC, otherwise the Jabber client could have
some issue in the logon process. To do it select Cisco Unified IM and Presence Serviceability > Tools
> Control Center – Network Services on CUP01-‐BC and restart the service:

7.3 Microsoft Lync 2010 configuration

NOTE: the configuration steps on Lync Server are already in place. For your reference all the
configuration done and some troubleshooting suggestions are in the Jabber Lab Appendix document.

7.4 Testing Intra-‐domain federation between the different clients

You can now logon on PC 1 (Alice Adams – Jabber user) and PC 3 (Cathy Chung – Lync user). This is the
easiest step because the two users are in the same Presence Domain (bootcamp.com).

First of all logout and logon again on both UC clients, in this way they can read the new configuration. Then,
from both clients you can search for the other users and add them to the buddy list in transparent way. Once
added you can chat and exchange presence status between the two worlds.

Here below some screen shots example:



8 Audio Sip Trunk between Jabber and Lync

8.1 Introduction

In this module the student will focus on the tasks needed to configure a SIP trunk for audio between Cisco
Jabber and Microsoft Lync 2010.

High Level Configuration Steps

• CUCM Configuration: Configure CUCM to forward voice traffic to Lync Server via the Expressway
• Expressway Configuration: Configure Expressway Lync Gateway to route traffic (1) From CUCM to
Lync Server, (2) From Lync Server to CUCM
• Lync Configuration: Configure Lync Server to forward voice traffic to CUCM via the Expressway Lync
Gateway

IMPORTANT NOTES: All steps needed on Lync side have been pre-‐configured for you and
documented in one chapter in the appendix This is due to the facts that first they are quite
time consuming and we would have risked to not permit you to arrive at the end of all the
exercises and, second, most of them are long PowerShell command to digit so it would be a
big “source” of possible typing mistake.

8.2 CUCM configuration

Here we have few steps to do to enable the communication with Expressway via SIP Trunking and to route
the needed SIP domain toward Expressway itself, which will be our “gateway” to/from the Lync
infrastructure.

8.2.1 Sip Trunk Security Profile creation

As described in the official MRA Deployment Guide we need to change the default port used by the CUCM to
accept Sip trunk from other entity. This is due to the fact that we have already a “connection” to the
Expressway box used for Remote Device registration using the default port 5060. The two type of traffic (line
side registration and trunking) would overlap and create conflicts, so we will change the port of the sip trunk
from the default 5060 to 5090.
Here the steps to do:
1. Navigate to https://cucm01-‐bc.bootcamp.com/ccmadmin

2. Select the menu “Systems – Security – Sip trunk Security Profile” and select “Add New”. Insert the
information reported below (pay attention to the port 5090):

3. After doing that press “Save”

8.2.2 SIP Trunk to Expressway

We need now to create a sip trunk to the Expressway. Logon to the CUCM A/V admin interface, Go to the
menu “Device – Trunk” and then press “Add new”. Insert now all the key parameters reported below and
press “Save”:





8.2.3 Static SIP Routing toward Expressway

We need now to create all the static routes needed to forward call from Jabber to Lync based on the main
SIP Domain “Bootcamp.com”. To do it please go to the menu “Call Routing – Sip Route Pattern” and select
“Add New”. Insert all the info reported below for the domain “bootcamp.com”:


8.2.4 Line side Sip Profile update

Here we need to create a new Sip Profile with the option enabled to send full Alpha Numeric URI, including
the domain portion, toward Lync. This is important otherwise we will send to Lync something that is not
“meaningful” for it…..
Here the steps to do:
• Select the menu “Device – Device Setting – Sip Profile”

• Select “Standard Sip Profile”
• Press the option “Copy”
• Insert the information reported below:
• Press “Save”


8.2.5 Change URI Lookup Policy on CUCM

This parameter specifies the way the match is done for the configured user part of the URIs in Cisco Unified
Call Manager. If the parameter is set to Case Sensitive, we will match the exact case sensitive URI configured
in Cisco Unified CM. If the parameter is set to Case Insensitive, then case insensitive lookup will be done. In
our case, to manage an extended scenario where user can have also URI address with uppercase letters, we
need to change it to “case insensitive”.
In this lab we have done already this change for you, but to check it please go to the menu “System –
Enterprise Parameters”, search for the parameter called “URI Lookup Policy” and verify that it has the
following value:


8.3 Expressway configuration

8.3.1 Licenses needed

Just as side note, to enable the Lync interoperability we added two items to the Expressway-‐C box:
• The Option key for Microsoft Lync interoperability

• 10 Rich Media sessions
8.3.2 Expressway Certificate update

We need to generate a Lync Trusted Certificate and install it on the Expressway Server to enable TLS
communication between the two.

NOTE: The configuration steps needed for this task are already done in this lab. For your reference
they are all reported and commented in the Jabber Lab Appendix document.

8.3.3 CUCM zone creation

No we have to create a specific zone pointing to the CUCM A/V servers; this will permit Expressway to
establish a sip trunk to the CUCM itself. Select the option “Configuration – Zones – Zones”:

Click “New” and insert the information reported below. Please note that there is now a specific Zone Profile
for CUCM that you can select (Cisco Unified Communication Manager 8.6.1 or later) and it is quite useful
because it will automatically set all the parameters needed by CUCM for a correct interop.

Note 1: Pay attention to insert correctly the value for the parameter “Peer 1 Address” that is “cucm01-‐
bc.bootcamp.com”.

Note 2: You cannot see correctly the description field in the screen shot below– you can use whatever you
want but we suggest “cucm01-‐bc.bootcamp.com (Trunk to CUCM)”



8.3.4 B2BUA configuration

Next step will be to enable and configure the integration with Lync. To do that we will need to enable the
B2BUA going to the page “Applications – B2BUA – Microsoft Lync – configuration” and insert the following
parameters. After that you can press Save to confirm the change made.


You will have now to configure the B2BUA Trusted Host, including the IP Address of the Lync Frontend. This
is very similar to what we will have to do on Lync side to “trust” the Expressway as external entity. To do it,
go to the menu page Applications – B2BUA – Microsoft Lync – B2BUA Trusted Hosts and insert the info
below. Press “Save” at the end.


At this point you will have to restart the B2BUA service to read the new configuration. Go to the menu
Applications – B2BUA – Microsoft Lync – B2BUA Restart Service and click “restart”:

Last step, to check that the service is running and the B2BUA is able to communicate with Lync you can go to
the B2BUA status page (Status – Applications – Lync B2BUA) and you should see the page below with the
two “legs” active. The first leg is between the B2BUA and the local Expressway SIP service, while the second
leg is the one between the B2BUA and the Lync Server specified in the configuration.


8.3.5 How to add Static Route to Expressway

In this section we will have to add to Expressway:
• The static routes pointing to Lync for the main SIP Domain “bootcamp.com”. CUCM devices, including
Jabber, will be able to use this route pointing to the Expressway-‐C to call a Lync user.
• The static routes pointing to CUCM A/V for the subdomains “audio.bootcamp.com” used to route the
audio call from Lync towards Jabber. This is due to the fact that on the Lync side the main domains have
been already assigned to the static routes pointing to the CUCM IM/P servers for the IM/P Intra-‐domain
federation, therefore we cannot re-‐use them again for the A/V routing from Lync toward Expressway.

To insert all the needed static routes please go to the menu option “Configuration – Dial Plan – Search
Rules”, press “New” and insert the info reported in the following screen shots:



You have now terminated the Expressway configuration. Let’s move to the Lync configuration.


8.4 Microsoft Lync 2010 configuration

NOTE: The entire configuration steps needed on Lync Server are already done in this lab. For your
reference all the configuration are commented in the Jabber Lab Appendix document.

8.5 Additional AD Contacts to permit calls from Lync users toward Jabber users

NOTE: we have pre-‐configured this step for you, so you will only need to check what we have done
reading the descriptions below, to be able to understand the behavior that you will see later playing
with the clients.

This is a critical activity because as we have explained before Lync cannot use the main URI address
UserID@bootcamp.xxx to call a Jabber user, having already assigned that domain to the static route used for
IM/P. We will use therefore a dedicated URI address for A/V routing, with the format
UserID@audio.bootcamp.xxx.

We created a new contact for each user migrated to Jabber, and to simplify the search from the Lync
interface we used a different Display Name with a reference to the “Audio” path (Example – “Bob Banks
(Audio)“). In this way when a Lync user will search for Bob, He will receive back two contacts – one for the
main IM/P communication and one for the A/V sessions. It is not perfect but this is what is possible today.
Below you can see a screen shot of the Lync client with the two items in the buddy list for the user “Bob
Banks”

Note: We are working (as Cisco) on future enhancements on this topic that we hope to be able to
implement and let you test in the next version of this Lab!


8.6 Test audio calls between the different clients

You can now logon on PC 1 (Alice Adams – Jabber user) and PC 3 (Cathy Chung – Lync user). This is the
easiest step because the two users are in the same Presence Domain (bootcamp.com).

First of all logout and logon again on both UC clients, in this way they can read the new configuration. Then,
from both clients you can search for the other users and add them to the buddy list in transparent way. Once
added you can chat and exchange presence status between the two worlds and now, thanks to the
configuration we have just done, also have calls between them.

Please be aware of the following caveats and user experience:

• Jabber can call Lync User only using URI dialing in this scenario, not phone numbers. This is because
we are evaluating a situation where Lync users have not the “right” to use the Enterprise Voice
capabilities therefore they cannot have an E164 phone number associated and cannot receive and
make call through the mediation server.
• Consequently, the URI address associated to the Lync Users must be correctly populated in AD to be
used by Jabber and we have instructed the Jabber client to read the right AD attribute for it.
• Jabber users will use the same URI address to chat with and to call a Lync user.
• Lync Users cannot call Jabber Users using the same URI address used for the chat; therefore as we
explained before the Lync users will need to manage a “double contacts” scenario during the
migration period.

Let’s see here the user experience with call generated on both directions.

• Calling from Jabber to Lync users:


This is what the Lync client will report as alerting info:

• Calling from Lync to Jabber users. You should see two items for each user on Jabber– one for the
main IM/Presence contact (@bootcamp.com) and one for the Audio call contact
(@audio.bootcamp.com), as reported below. In case you miss one or both of them you can search
for that user and after receiving the two results you can add them to the buddy list. Clicking on the
Lync native “call” icon will start the call, as reported below:

And this is what the Jabber client will report as alerting info:



9 User migration from Lync 2010 to Jabber [optional chapter]

9.1 Introduction

In this module the student will focus on migrating one of the Lync user (Cathy Chung) to Jabber, trying to
minimize the user impact in terms of buddy list, Presence URI Address, etc..

9.2 Export of contact lists for migrating user

Cisco provides an Export Contact List tool (ExportContacts.exe) to allow an administrator to export contact
lists in bulk from Lync/OCS/LCS for migrating users. The tool uses Lync/OCS/LCS application programming
interfaces (APIs) to export contact lists and output to a comma-‐separated values (CSV) file. This file can then
be used by the IM and Presence Bulk Administration Tool (BAT) to import these same contact lists into IM
and Presence at a later point in the migration.

After you run the tool, a file that contains the exported contact lists is created in the same directory as the
tool. The filename is ExportedContacts<Timestamp>.csv. A time stamp is appended to the filename when
the file is created; therefore, each time you run the Export Contact List tool; it creates a unique output file.

The Export Contact List tool also creates a second file that contains the Lync/OCS/LCS SIP URI of each user
that you specify for the contact list export. The filename is UserList<Timestamp>.txt and it is also created in
the same directory as the tool. You can use the UserList<Timestamp>.txt file as input to the Disable Account
tool and the Delete Account tool.

To run the tool, logon to the Lync Front End server, Open a command prompt and change directory to the
location of the Export Contact List tool that we pre-‐installed for you (C:\JabberMigrationTools):


NOTE: To facilitate your job and reduce possibility of errors we create a .txt file with all the
commands needed in this exercise so you can copy and paste them from there instead of typing
directly one by one. You will find this file on the desktop with the name “Jabber Migration tools
commands.txt”. Please DO NOT copy and paste the commands directly from the PDF guide because this will
give errors as result, due to hidden characters in the copy and paste action from the PDF.

Then run the ExportContacs.exe tool with the following parameters to export all the contacts of all the Lync
users:

ExportContacts.exe -‐s/10.52.226.68 -‐f/ALL -‐l/info -‐r/NORMAL -‐i/LYNC01-‐BC\RTC


Now to see the results of the export please open the files just created in the same directory. The first one is
related to the Exported Contacts and is called “ExportedContactsxxxxxxxxxxxxxxxx.csv”. In this file you will
see the list of all the users enabled for Lync with the related buddy list items:

Note: We will use this file later to run other commands for this specific user. Please also note that in
this specific case the only user enabled for Lync is Cathy. If you had multiple users you should have
removed from the file all of them except the one who you want to migrate to Lync in this moment.

The second file is related to the Exported User List and is called “UserListxxxxxxxxxxxxxxxx.txt”. In this file
you will see the list of all the users enabled for Lync with the associated SIP URI address (the screen shot
below is only an example, the real list of users could be different):

Please remove all the lines of the file leaving only the one related to Cathy Chung, who is the user we want
to migrate to Jabber in this moment:

Note: We will use this file later to run other commands for this specific user.


9.3 Disable users on Lync

This section describes procedures on how to disable a Lync/OCS/LCS account for migrating users and how
to verify that Active Directory updates are synchronized to Lync/OCS/LCS.

Cisco provides a tool to disable the Lync/OCS/LCS account of migrating users. This tool (DisableAccount.exe)
connects to Active Directory (AD) and updates the users ’ Lync/OCS/LCS attributes to disable their
Lync/OCS/LCS account. Running the Disable Account tool is the first step in a two-‐step process that must
take place to disable a migrating user on Lync/OCS/LCS:

1. Disable Lync/OCS/LCS account for migrating user.
2. Delete Lync/OCS/LCS user data for migrating user.

In our environment run the command with the options reported below (please note that the name of the
input file with the list of users to disable is the output from the previous step):

DisableAccount.exe -‐s/10.52.226.68 –f/UserListxxxxxxxxxxxxxxxxxxxx.txt -‐l/info

Now to see the results of the command please open the log files “DisableAccountLogxxxxxxxxxxxxxxxxxxxx”
just created by the tool in the same directory:


After these Active Directory and Lync changes have been applied to disable the Lync/OCS/LCS accounts, the
next steps is to verify that those updates have synchronized to Lync/OCS/LCS:

1. Using Lync Server 2010, select Start > All Programs > Microsoft Lync Server 2010 > Lync Server
Control Panel.
2. Select Users and ensure that the disabled user no longer appears in the list of enabled users.


9.4 Delete user data from database for migrating users
Lync/OCS/LCS provides an administrative way to delete a user from the Lync/OCS/LCS database. However, if
you delete a user from the database in this way, the user is removed from other user’s contact lists. To
prevent the user being removed from the contact lists of other Microsoft Lync or Microsoft Office
Communicator users, Cisco provides an alternative means of deleting the user from the Lync/OCS/LCS
database.
This alternative tool (DeleteAccount.exe) allows you to delete migrating users so that presence requests for
these users are later routed to IM and Presence. This tool also ensures that the deleted users are not
removed from the contact list of any users that remain on Lync/OCS/LCS. Running the Delete Account tool is
the second step in a two-‐step process to disable a migrating user on Lync/OCS/LCS. The two-‐step process is
as follows:

1. Disable Lync/OCS/LCS account for migrating user.
2. Delete Lync/OCS/LCS user data for migrating user.

In our environment run the following command with the options reported below, pointing to the main Lync
RTC Database (please note that the name of the input file with the list of users to disable is again the
output from the previous step):

DeleteAccount.exe -‐s/LYNC01-‐BC\RTC -‐f/UserLisxxxxxxxxxxxxxxxxx.txt -‐l/info

Repeat the same command for another Lync Database (RTClocal):

DeleteAccount.exe -‐s/LYNCFE01-‐BC\RTClocal -‐f/UserListxxxxxxxxxxxxxxxxxxx.txt -‐l/info

After both steps you can check the related log file to see the status of the update just made:

At this point the user has been completely disabled and removed from Lync but, very important to highlight,
all the other Lync clients still have his reference in their buddy list so there will be no impact for them when
the same user will start to use Jabber.

9.5 Create a line for Cathy Chung

The next step would be to enable Cathy for Jabber but before doing it we need to create the line and the CSF
device that will be used by Cathy to register on CUCM and have a full UC client active. We need to do it now
because we excluded Cathy from the automatic provisioning process at the beginning, otherwise we would
not be able to call her from Jabber while She was still on Lync. In fact the CUCM would have found Cathy’s
URI address defined locally, stopping any additional routing steps.
Let’ start with the line creation:
1) Go to Call Routing > Directory Number

2) Add a new line with the following parameters:

Directory number = \+39028789728
Alerting Name = Cathy Chung
Calling Search Space = CHinternational
Directory URI = cchung@bootcamp.com
9.6 Create a CSF device for Cathy Chung

To create the CSF device we will follow the same steps done for the other two Jabber Users (Quick
User/Phone Add menu):
8) Navigate to User Management > User/Phone Add > Quick User/Phone Add
9) Find and Select the user Cathy Chung from the list of available users

10) In the Quick User/Phone Add dialog the parameters are pre-‐configured based on the templates
configured earlier for the directory synchronization.

11) Select the line you just created as Extension Number (+39028789728), to associate the line
with Cathy.

12) Now, Select Manage Devices

13) From the Manage Devices dialog select Add New Phone
14) Enter the following details:

Product Type : Cisco Unified Client Services Framework
Device Name : csfcchung

9.7 Enable user Cathy Chung for IM/P

We need now to enable Cathy for IM/P before logon on the Jabber client. To do it go to the menu User
Management ! End User, search for Cathy and then enable her for IM/P flagging the following checkboxes.
Once done, press Save.

Please verify that all the parameters are correctly reported in the page and the CSF device just created is
associated to the User.

9.8 Import contact lists for migrating users into IM and Presence

You can use two options to import Lync/OCS/LCS contacts into Jabber:
• Use the IM and Presence Bulk Assignment Tool (BAT) to import the buddy lists exported with the
“migration tools” explained in the previous chapters
• Use a new capability available with Jabber 9.6 called “local import”. The idea is that you can create
an XML file formatted in a pre-‐defined way and then with an end user option you can open it with
Jabber and import the contacts contained in it.


In this lab you will test the second option (local import) but for your reference the entire configuration
related to the first option (BAT) steps is in the Jabber Lab Appendix document.

You will see in the following paragraph how to use the local import feature, after the logon of the client.

9.9 Logon on Jabber and test the result of the migration

We can now logon on PC 2 changing the default user from Bob Banks to Cathy Chung, launch Jabber and
start using it.

Logon via RDP to the PC2 with the user “Cathy Chung”, go on the desktop and launch Jabber. When
prompted to do it please insert the logon credential for Cathy – first the email address
(cchung@bootcamp.com) and the userid/password (cchung/cisco,123). Leave the server selection to
automatic, in this way the client will use the new service discovery mechanism that we configured before:

When the client completes the logon process, you should see an empty buddy list structure. To import a
buddy list example (could be the same you had in Lync if you need…) please use the following option in the
Jabber menu:

Once clicked on it you can select the xml file called “Contatti.xml” available in the folder
“Lab_Material\Jabber-‐Contacts-‐Import” on PC2’s desktop. At this point you should see the buddy list
structure populated with several users.

You can then start playing with the Jabber client and see how it interacts with other users already on Jabber
(Alice & bob).


PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

PDF

Uploaded by

Copyright:

Available Formats

Cisco Jabber Lab

Cisco Jabber Lab Page 1

1 LAB GUIDE – OVERVIEW AND HOUSEKEEPING .......................................................................... 5

1.1 Authors ........................................................................................................................................................... 5

1.2 Lab Topology ................................................................................................................................................... 5

1.3 Lab Hosts, IP Addresses, Usernames, Passwords .............................................................................................. 6

1.4 Users, IM Address, SIP URI and DNs ................................................................................................................. 7

2 CISCO JABBER LAB INTRODUCTION ............................................................................................... 8

3 CUCM CONFIGURATION TO PERMIT JABBER LOGON ............................................................... 9

3.1 Introduction .................................................................................................................................................... 9

3.2 CUCM Jabber Profile Configuration .................................................................................................................. 9

3.3 Cisco Jabber-­‐Config.XML .................................................................................................................................. 9

3.4 Directory Sync & Automatic Device provisioning ........................................................................................... 10

4.1 Introduction .................................................................................................................................................. 23

4.3 Alpha-­‐numeric URI dialing ............................................................................................................................. 25

4.4 “Video always on top” option ........................................................................................................................ 26

4.5 Chat Window “Pop Out” ................................................................................................................................ 27

4.6 Custom Contact ............................................................................................................................................. 28

5 CONFIGURING AND TESTING THE PERSISTENT CHAT CAPABILITY ................................ 31

Cisco Jabber Lab Page 2

5.2 CUCM IM/P Configuration – Add External Database ...................................................................................... 32

5.3 How to create a Persistent Chat Room ........................................................................................................... 38

5.4 Testing the Persistent Chat Capability ............................................................................................................ 44

6.1 Introduction .................................................................................................................................................. 50

7.1 Introduction .................................................................................................................................................. 78

7.2 CUCM IM/P cluster configuration .................................................................................................................. 79

7.3 Microsoft Lync 2010 configuration ................................................................................................................. 88

8 AUDIO SIP TRUNK BETWEEN JABBER AND LYNC ................................................................... 90

8.1 Introduction .................................................................................................................................................. 90

8.2 CUCM configuration ...................................................................................................................................... 90

8.3 Expressway configuration .............................................................................................................................. 99

8.4 Microsoft Lync 2010 configuration ............................................................................................................... 107

Cisco Jabber Lab Page 3

9.1 Introduction ................................................................................................................................................ 111

9.3 Disable users on Lync ................................................................................................................................... 114

9.5 Create a line for Cathy Chung ...................................................................................................................... 117

9.6 Create a CSF device for Cathy Chung ............................................................................................................ 118

9.7 Enable user Cathy Chung for IM/P ............................................................................................................... 120

Cisco Jabber Lab Page 4

1.2 Lab Topology

Your POD will contain the following infrastructure:

Cisco Jabber Lab Page 5

1.3 Lab Hosts, IP Addresses, Usernames, Passwords

Cisco Jabber Lab Page 6

SERVER Username Password

1.4 Users, IM Address, SIP URI and DNs

User IM address (XMPP) A/V AlphaNumeric URI (SIP) Extension (E164)

User IM address (SIP) A/V AlphaNumeric URI (SIP) Extension (E164)

Cathy Chung cchung@bootcamp.com cchung@bootcamp.com +39028789728

Cisco Jabber Lab Page 7

Cisco Jabber Lab Page 8

3.2 CUCM Jabber Profile Configuration

3.3 Cisco Jabber-­‐Config.XML

• Enable Alpha Numeric URI dialing

Cisco Jabber Lab Page 9

Windows desktop -­‐> Lab Materials -­‐> jabber-­‐config v2

1. Next browse to https://cucm01-­‐bc.bootcamp.com/cmplatform

3.4 Directory Sync & Automatic Device provisioning

Cisco Jabber Lab Page 10

3.4.1 Provisioning Templates

Cisco Jabber Lab Page 11

Create a new LDAP Custom Filter:

1. Navigate to https://cucm01-­‐bc.bootcamp.com/ccmadmin

3.3 Cisco Jabber-‐Config.XML .................................................................................................................................. 9

4.3 Alpha-‐numeric URI dialing ............................................................................................................................. 25

3.3 Cisco Jabber-‐Config.XML

Windows desktop -‐> Lab Materials -‐> jabber-‐config v2

1. Next browse to https://cucm01-‐bc.bootcamp.com/cmplatform

1. Navigate to https://cucm01-‐bc.bootcamp.com/ccmadmin

3.4.4 Create CSF-‐Devices

1) Please RDP to AD01-‐BC.bootcamp.com

4.2 Verify the server configuration -‐ Logon on Jabber

CUCM IM/P Serviceability: https://CUP01-‐BC.BOOTCAMP.COM/ccmservice

4.3 Alpha-‐numeric URI dialing

5. Next browse to https://cup01-‐bc.bootcamp.com/cupadmin/

6.2.1 Basic configuration of Expressway-‐C

System -‐> DNS

System host name: expressway-‐c