Installation Guide for Cisco Unified Communications Integration for Microsoft Office Communicator Release 7.1
Configuring Client Computers for Cisco Unified Communications Integration for Microsoft Office Communicator
Downloads: This chapterpdf (PDF - 172.0KB) The complete bookPDF (PDF - 1.54MB) | Feedback

Configuring Client Computers for Cisco Unified Communications Integration for Microsoft Office Communicator

Table Of Contents

Configuring Client Computers for Cisco Unified Communications Integration for Microsoft Office Communicator

About Client Computer Configuration

Location of CSF Configuration Data

Value Names for CSF Client Integration

Using an Active Directory Group Policy Administrative Template to Configure CSF Clients

Installing Security Certificates on Client Computers

Enabling LDAP Over SSL

Creating a Certificate on the Active Directory Server

Installing the Certificate on the Client Computer

Configuring CSF

Configuring Microsoft Office Communicator to Use HTTPS to Access Custom Availability Statuses

Configuration of Policies for Microsoft Office Applications

Microsoft Office Communicator Policies

Microsoft Office Phone Policy

About the CSF Cache and LDAP Searches

Incoming Calls

Outgoing Calls to Contacts Who Are Enabled for OCS

Outgoing Calls to Contacts Who Are Not Enabled for OCS

Outgoing Calls to Microsoft Outlook Contacts


Configuring Client Computers for Cisco Unified Communications Integration for Microsoft Office Communicator


Revised: January 29, 2010

About Client Computer Configuration

Location of CSF Configuration Data

Value Names for CSF Client Integration

Configuring Microsoft Office Communicator to Use HTTPS to Access Custom Availability Statuses

Enabling LDAP Over SSL

Configuring Microsoft Office Communicator to Use HTTPS to Access Custom Availability Statuses

Configuration of Policies for Microsoft Office Applications

About the CSF Cache and LDAP Searches

About Client Computer Configuration

Before you install Cisco UC Integration for Microsoft Office Communicator, you must perform some configuration on the computers of your users. You specify the CSF client settings, Microsoft Office Communicator settings, and Microsoft Office settings that you want the client computers to use.

Then you must deploy the policy changes to the CSF client and Microsoft Office Communicator to the computers in your Cisco Unified Communications system. To do this, you can use software management system, for example, Active Directory Group Policy, Altiris, Microsoft System Management Server (SMS), and so on.

You must configure the Client Services Framework (CSF) on the computers of your users so that the CSF can function as the phone device for that user, to specify where CSF can connect to, and to specify the LDAP parameters. For more information about the configuring CSF on client computers, read this chapter.

Location of CSF Configuration Data

You specify the configuration for CSF in the following registry key:

HKEY_CURRENT_USER\Software\Cisco Systems, Inc.\Client Services Framework\AdminData

If you use Active Directory Group Policy to configure Cisco UC Integration for Microsoft Office Communicator, then CSF configuration data is specified in the following registry key:

HKEY_CURRENT_USER\Software\Policies\Cisco Systems, Inc.\Client Services Framework\AdminData


NoteIf CSF configuration data is present in both of these registry keys, the policies configuration data takes precedence.

CSF reads only HKEY_CURRENT_USER keys. CSF does not read HKEY_LOCAL_MACHINE keys.


Value Names for CSF Client Integration

Table 3-1 lists the name-value pairs that you must use to specify the servers, voice message service configuration, and security certificate location.

Table 3-1 Server and Voice Message Service Value Names

Value Names
Description

TftpServer1, TftpServer2, TftpServer3

Enter the IP address of the primary TFTP server in your Cisco Unified Communications system, and any other TFTP servers.

CtiServer1, CtiServer2

Enter the IP address of the primary CTIManager server in your Cisco Unified Communications system, and the secondary CTIManager server, if present.

CcmcipServerValidation

Enter the type of certificate validation for CSF to use with HTTPS to sign in to Cisco Unified Communications Manager to retrieve the device list. Enter one of the following values:

0: CSF accepts all certificates.

1: CSF accepts certificates that are defined in the keystore and self-signed certificates. A keystore is a file that stores authentication and encryption keys. The keystore is located in <location-of-jre>/lib/security. The default location of the JRE is C:\Program Files\Common Files\Cisco Systems\Client Services Framework.

2: CSF only accepts certificates that are defined in the keystore.

Note CSF uses this certificate to verify the Cisco Unified Communications Manager server. When the certificate is accepted, CSF must use the credentials of the user to sign in to Cisco Unified Communications Manager.

CcmcipServer1, CcmcipServer2

Enter the IP address of the primary CCMCIP server in your Cisco Unified Communications system, and the secondary CCMCIP server, if present.

VoicemailPilotNumber

Enter the number of the voice message service in your Cisco Unified Communications system. This value only relates to when users use the desk phone to access their voice message.

SECURITY_CertificateDirectory

Specify the location of the directory where the security certificates are stored. For example, you might store LDAP or CCMCIP certificates in this location.

Use this setting to specify a location for the certificates where the certificates will not be overwritten if you reinstall Cisco UC Integration for Microsoft Office Communicator.

If you do not specify a value for this setting, the certificates are stored in the following locations:

Windows XP: <drive>:\Documents and Settings\<username>\Application Data\Cisco\Unified Communications\Client Services Framework\certificates

Windows Vista: <drive>:\Users\<username>\AppData\Roaming\Cisco\Unified Communications\Client Services Framework\certificates


Table 3-2 lists the name-value pairs that you must use to specify the LDAP configuration.

Table 3-2 LDAP Value Names

Value Names
Description

LDAP_Server_1

Enter the protocol name, followed by the fully-qualified domain name (FQDN) of your LDAP server. For example:

ldap://ldap.example.com

If you want to use a port number other than the default 389, add a colon to the value, followed by the port number. For example:

ldap://ldap.example.com:19389

If you want to use LDAP over SSL, this IP address must begin with ldaps://. For example:

ldaps://ldap.example.com

If you want to use a port number other than the default 636, add a colon to the value, followed by the port number. For example:

ldaps://ldap.example.com:19636

For more information about how to enable LDAP over SSL, see Enabling LDAP Over SSL.

LDAP_SearchBaseDN_1, LDAP_SearchBaseDN_2, LDAP_SearchBaseDN_3, LDAP_SearchBaseDN_4, LDAP_SearchBaseDN_5

Specify the primary distinguished name for the location in the LDAP directory from which searches begin. For example, specify a distinguished name similar to the following:

OU=Sales,DC=example,DC=com

Specify any further search bases also.

LDAP_MaxCacheSize

Specify the maximum number of LDAP directory records to retain in the cache of the user.

LDAP_ResultSetMaxSize

Specify the maximum number of records to return when the user searches the LDAP directory. That is, when the user searches for contacts in Microsoft Office Communicator.

LDAP_UserLogonDomain

Enter the name of the domain that contains the LDAP account of the user.

LDAP_enableWildcardMatchesForPhoneNumberSearches

Set to true if you want to enable wildcard searches for phone numbers in the LDAP.

Note If you set this key to true, the speed of searches of the LDAP might be affected.

LDAP_AttributeName_primaryPhoneNumberForSearches

Specify the phone number field that you use to resolve most of your LDAP queries.

CSF searches this field first. If a match is not found, CSF searches the remaining phone number fields. The default value is the value you set for the LDAP_AttributeName_businessPhone key.


Table 3-3 lists the values you must enter for LDAP attribute key names to enable CSF searches to map to the appropriate fields of the Active Directory.

Table 3-3 Values to Enter to Map CSF Searches to Active Directory

For This Value Name...
Enter the Following Active Directory Field...

LDAP_AttributeName_objectclassKey

objectclass

LDAP_AttributeName_objectclassValue

person

LDAP_AttributeName_userLogonName

userPrincipalName

LDAP_AttributeName_displayName

displayName

LDAP_AttributeName_commonName

cn

LDAP_AttributeName_firstName

givenName

LDAP_AttributeName_lastName

sn

LDAP_AttributeName_email

mail

LDAP_AttributeName_uri

msRTCSIP-PrimaryUserAddress

LDAP_AttributeName_photoUri

photoUri

LDAP_AttributeName_businessPhone

telephoneNumber

LDAP_AttributeName_homePhone

homePhone

LDAP_AttributeName_mobilePhone

mobile

LDAP_AttributeName_otherPhone

otherTelephone

LDAP_AttributeName_title

title

LDAP_AttributeName_companyName

company

LDAP_AttributeName_userAccountName

sAMAccountName


Note Do not use any other Active Directory field for this key name.


POLICY_CREDENTIALS_IsLdapSynchronizedWithCucm

Specify whether CSF uses the Cisco Unified Communications Manager user ID and password to authenticate with LDAP. Set to true if the Cisco Unified Communications Manager user ID and password have been synchronized with LDAP. This means that users do not need to enter a separate LDAP user ID and password in the options dialog box of Cisco UC Integration for Microsoft Office Communicator.


Related Topics

Configuration of Policies for Microsoft Office Applications

Using an Active Directory Group Policy Administrative Template to Configure CSF Clients

Using an Active Directory Group Policy Administrative Template to Configure CSF Clients

A Group Policy administrative template is provided with Cisco UC Integration for Microsoft Office Communicator. You can use this template to define the CSF registry settings on a system, or for groups of users. The template file is CUCIMOC.adm.

Procedure


Step 1 Execute the following command to start the Group Policy application:

gpedit.msc

Step 2 Expand the User Configuration node.

Step 3 Right-click Administrative Templates, then select Add/Remove Templates.

Step 4 Add the file CUCIMOC.adm to the list of current policy templates in the Add/Remove Templates dialog box, then select Close.

Step 5 Open the Cisco Unified Communications Integration for Microsoft Office Communicator folder in the right pane.


Note In Windows Vista, this folder is in the Administrative Templates > Classic Administrative Templates folder. In Windows XP, this folder is in the Administrative Templates folder.


Step 6 Open the folder for the settings whose value you want to specify.

Step 7 Double-click the setting whose value you want to specify.

Step 8 Enter the value you require, then select OK.



Note Every time that you start the Group Policy application after you set the registry settings, the settings under the Cisco Unified Communications Integration for Microsoft Office Communicator folder are not automatically displayed. Each time you start the Group Policy application, you must uncheck Only show policy settings that can be fully managed in the Filtering dialog box to display the settings.


Related Topics

Configuration of Policies for Microsoft Office Applications

Installing Security Certificates on Client Computers

Procedure


Step 1 Put the certificate file into a folder where you store your security certificates.

Step 2 Use the SECURITY_CertificateDirectory registry key value name to specify the folder where the certificates are stored.


Related Topics

Value Names for CSF Client Integration

Enabling LDAP Over SSL

Creating a Certificate on the Active Directory Server

Installing the Certificate on the Client Computer

Configuring CSF

Creating a Certificate on the Active Directory Server

Before You Begin

Ensure that the LDAP server is configured to support LDAP over SSL (LDAPS).

Procedure


Step 1 Sign in to the Active Directory server.

Step 2 Execute the following command:

certutil -ca.cert cucimoc.crt

This command generates a file called cucimoc.crt. You must install this certificate on each client computer.


What to Do Next

Installing the Certificate on the Client Computer

Installing the Certificate on the Client Computer

Before you install the certificate on the client computer, ensure that neither of the following processes are running:

CSF, that is, the cucsf.exe process.

Cisco UC Integration for Microsoft Office Communicator, that is, the cucimoc.exe process.

For information about how to install the LDAP security certificate, see Installing Security Certificates on Client Computers.

What to Do Next

Configuring CSF

Configuring CSF

Procedure


Step 1 Set the value for the LDAP_Server_1 value name to set the URL of the LDAP server. For example, set the value of LDAP_Server_1 to the following:

ldaps://ldap.example.com

The only change from using standard LDAP is that you specify the protocol as ldaps instead of ldap.

Use the FQDN of the LDAP server as specified in the certificate. You cannot use the IP address of the LDAP server, or the server name alone. Ensure that the FQDN is reachable. If the FQDN cannot be reached using DNS, add an appropriate entry to your hosts file.

If your LDAP server does not use the default port for LDAPS, specify the port with the URL. For example, enter a value such as the following:

ldaps://ldap.example.com:19636

Step 2 Restart Cisco UC Integration for Microsoft Office Communicator.

Step 3 To verify that you are connected to LDAPS, select the Menu button in the Microsoft Office Communicator title bar, then select Tools > Server Status.

Read the server protocol information in the Server Status tab. The protocol is displayed as ldap. Read the server port field to verify that you are connected to LDAPS.


Related Topics

Value Names for CSF Client Integration

Configuring Microsoft Office Communicator to Use HTTPS to Access Custom Availability Statuses

Cisco UC Integration for Microsoft Office Communicator includes custom availability statuses such as "On the Phone". These statuses are stored in a custom availability status file, cisco-presence-states-config.xml.

To enable Microsoft Office Communicator to access the custom availability status file, the security mode of Microsoft Office Communicator must be set to high.

That is, you must set the value of the following Microsoft Office Communicator registry key to 1:

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Communicator]"EnableSIPHighSecurityMode"

For information about how to apply this policy setting to Microsoft Office Communicator, see the following URL:

http://www.microsoft.com/downloads/details.aspx?FamilyID=dd3cae08-3153-4c6a-a314-daa79d616248&displaylang=en

Configuration of Policies for Microsoft Office Applications

Microsoft Office Communicator Policies

Microsoft Office Phone Policy

Microsoft Office Communicator Policies

We strongly recommend that you configure Microsoft Office Communicator policies to allow only IM and availability status traffic on all Cisco UC Integration for Microsoft Office Communicator user groups.

If you do not do this, voice traffic is allowed from both Cisco UC Integration for Microsoft Office Communicator and Microsoft Office Communicator. This can result in the following problems:

A confusing user experience, as users can place and receive calls from a mixture of user interface elements in both applications.

Inconsistent voice traffic. That is, calls from Cisco UC Integration for Microsoft Office Communicator might give a different audio experience to Microsoft Office Communicator.

A mixed configuration is more difficult to manage, as administrators must track traffic from two sources. You might want to monitor voice usage in your network and if you use both applications, you must configure your monitoring tools to track traffic from both applications.

We strongly recommend that you configure the Microsoft Office Communicator policies as shown in the following table:

Policy
Set Value To...

TelephonyMode

5 = IM and Presence Only

DisableAVConferencing

1


For information about how to apply these policy settings to Microsoft Office Communicator, see the following URL:

http://www.microsoft.com/downloads/details.aspx?FamilyID=dd3cae08-3153-4c6a-a314-daa79d616248&displaylang=en

You can also find the policy administrative template file Communicator.adm on that web site.

Alternatively, you can apply the following keys to set the policies manually:

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Communicator]"TelephonyMode"=dword:00000005

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Communicator]"DisableAVConferencing"=dword:00000001

Related Topics

Value Names for CSF Client Integration

Microsoft Office Phone Policy

We strongly recommend that you configure a Microsoft Office policy to disable the Call menu that appears when you select a contact in a Microsoft Office application. This Call menu only appears if you have the correct smart tag switched on in the relevant Microsoft Office application.

Cisco UC Integration for Microsoft Office Communicator provides an Additional Actions menu that enables you to call contacts that you select in your Microsoft Office applications. If you do not disable the Call menu, this can result in a confusing user experience, as users might think that they can perform similar actions from a mixture of user interface elements.

To disable the Call menu in Microsoft Office, set the value of the Phone policy to zero (0).

Alternatively, you can apply the key to set the policy manually.

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\PersonaMenu]"Phone"=dword:00000000


Note In the registry keys, the values 11.0 and 12.0 refer to the different versions of Microsoft Office; 11.0 refers to Microsoft Office 2003 and 12.0 refers to Microsoft Office 2007.


About the CSF Cache and LDAP Searches

CSF maintains a cache of LDAP contacts. When you place a call, receive a call, or miss a call, the contacts for the calls are added to your CSF cache. Any contact that is in your conversation history is automatically placed in your cache. All the data for the contacts in your contact list in Microsoft Office Communicator is also cached.

If a contact for a call already exists in the cache, CSF does not search LDAP. If a contact does not exist in the cache, CSF searches LDAP. LDAP searches are only performed when you place a call to, or receive a call from a contact who is not in your conversation history or your Microsoft Office Communicator contact list.

All contacts in the CSF cache have already had the directory lookup dialing rules applied to all of their numbers. When Cisco UC Integration for Microsoft Office Communicator displays numbers for contacts that are in the CSF cache, the numbers have already had the directory lookup dialing rules applied to them.

The CSF cache is a disk cache. The contents of the cache are not copied to a local file system. When the cucsf.exe process is restarted, the contents of the CSF cache are refreshed.

Incoming Calls

Outgoing Calls to Contacts Who Are Enabled for OCS

Outgoing Calls to Contacts Who Are Not Enabled for OCS

Outgoing Calls to Microsoft Outlook Contacts

Incoming Calls

When a user receives a call, the following events occur:

1. When Cisco Unified Communications Manager detects the incoming call, it sends the following data to CSF:

The directory number from which the call originates.

The Alerting Name of the directory number that is specified in the Directory Number Configuration screen, if the field is not blank.

2. CSF sends the directory number and alerting name to Cisco UC Integration for Microsoft Office Communicator.

3. Cisco UC Integration for Microsoft Office Communicator displays the directory number and alerting name in a notification window and, if the call is answered, in the conversation window.

4. If the directory number is not in the CSF cache, CSF applies any directory lookup dialing rules to the directory number. This occurs while CSF transmits the data to Cisco UC Integration for Microsoft Office Communicator.

5. If the directory number is not in the CSF cache, CSF searches LDAP for the number that is returned after the directory number is processed by the directory lookup dialing rules.

6. LDAP sends the LDAP data for any matches back to CSF, including data such as other phone numbers, and a URI of a photo of the caller.

7. CSF updates the data for the contact and sends the updated data to Cisco UC Integration for Microsoft Office Communicator.

8. Cisco UC Integration for Microsoft Office Communicator updates the conversation window. For example, at this point a photo of the caller might be displayed as the photoURI field from LDAP is passed to Cisco UC Integration for Microsoft Office Communicator by CSF.

Outgoing Calls to Contacts Who Are Enabled for OCS

When a user places a call to a contact who is enabled for OCS, the following events occur:

1. Cisco UC Integration for Microsoft Office Communicator sends the number for the contact to be called to CSF, and asks CSF to place a call to that number.

2. If the contact is not in the CSF cache, CSF searches LDAP for details of the party to be called.

3. LDAP sends data back to CSF.

4. CSF sends data about the contact back to Cisco UC Integration for Microsoft Office Communicator. If the contact has several numbers, Cisco UC Integration for Microsoft Office Communicator displays a window from which the user selects the number to call. If the contact has only one number, Cisco UC Integration for Microsoft Office Communicator places the call.

5. CSF applies any directory lookup dialing rules to the number to be called.

6. CSF searches LDAP for the number that is returned after the directory lookup dialing rules are applied.

7. CSF applies the application dialing rules and sends the number to Cisco Unified Communications Manager.

8. Cisco Unified Communications Manager places the call.

Outgoing Calls to Contacts Who Are Not Enabled for OCS

When a user places a call to a contact who is not enabled for OCS, the following events occur:

1. Cisco UC Integration for Microsoft Office Communicator sends the display name for the contact to CSF.

2. If the contact is not in the CSF cache, CSF searches LDAP for the contact associated with the display name. The operator for this search is contains rather than equals.

3. If the LDAP search returns more than one contact, Cisco UC Integration for Microsoft Office Communicator displays a window from which the user selects the number to call. If the contact has only one number, Cisco UC Integration for Microsoft Office Communicator places the call.

4. CSF applies any directory lookup dialing rules to the number to be called.

5. CSF searches LDAP for the number that is returned after the directory lookup dialing rules are applied.

6. CSF applies the application dialing rules and sends the number to Cisco Unified Communications Manager.

7. Cisco Unified Communications Manager places the call.

Outgoing Calls to Microsoft Outlook Contacts

When a user places a call to a Microsoft Outlook contact, the following events occur:

1. The user drags a contact from the Microsoft Office Communicator to the Cisco UC Integration for Microsoft Office Communicator conversation pane.

2. Cisco UC Integration for Microsoft Office Communicator searches the Microsoft Outlook contacts for a user that matches the display name. If a contact is found, then the contact is added to the CSF cache.

3. CSF applies any directory lookup dialing rules to the phone numbers of the contact.

4. CSF searches LDAP for the number that is returned after the directory lookup dialing rules are applied.

5. CSF applies the application dialing rules and sends the number to Cisco Unified Communications Manager.

6. Cisco Unified Communications Manager places the call.