Cisco Packaged Contact Center Enterprise Installation and Upgrade Guide, Release 10.5(x)
Reference
Downloads: This chapterpdf (PDF - 1.37 MB) The complete bookPDF (PDF - 4.83 MB) | The complete bookePub (ePub - 1.16 MB) | Feedback

Reference

Reference

Base Configuration Updates

This topic lists base configuration file updates subsequent to the initial base configuration of Release 9.0(1). If you have an older base configuration, you need to apply the missing configuration items manually before upgrading to a later version. For example, if you upgrade from Release 9.0(1) to Release 9.0(4), you need to manually update the Release 9.0(2) and Release 9.0(3) base configuration changes. To update manually, change deployment type from Packaged CCE so that you can access the appropriate Configuration Manager tools.

No base configuration changes are required if you are upgrading from Release 10.0(1)


Note


Installing the latest base configuration will delete existing configuration information.


All base configuration file updates beginning with Release 10.0(1) are applied automatically. No manual configuration is required. For example, if you upgrade from Release 9.0(2) to Release 10.5(1), you only need to manually update the Release 9.0(3) and Release 9.0(4) base configuration changes.

Release 9.0(2) Base Configuration Changes

Expanded Call Variables--- Delete these two ECC variables and re-add them with the following parameter changes:

  1. Name = user.microapp.ToExtVXML
    • Maximum length = 60

    • Array = checked

    • Maximum array size = 4

  2. Name = user.microapp.FromExtVXML
    • Maximum length = 60

    • Array = checked

    • Maximum array size = 4

Release 9.0(3) Base Configuration Changes

Enterprise Route and Enterprise Skill Groups: remove all.

Label --- add the following label:
  • Label = 6661111000

  • Label type = Normal

  • Target Type (filter)= Network_VRU

  • Network target = CVP_Network_VRU

  • Customer = <None>

Media Routing Domain --- add four media routing domains as follows:

  1. Name = Cisco_BC

    • Media Class = CIM_BC
    • Task life = 300

    • Task start timeout = 30

    • Task Max Duration = 28800

    • Calls in Queue Max = 50

    • Calls in Queue Max per call type = 50

    • Calls in Queue Max time in queue = 28800
    • Service level threshold = 30

    • Service level type = Ignore abandoned calls

    • Interruptible = checked

  2. Name = Cisco_EIM

    • Media Class = CIM_EIM
    • Task life = 300

    • Task start timeout = 30

    • Task Max Duration = 28800

    • Calls in Queue Max = 50

    • Calls in Queue Max per call type = 50

    • Calls in Queue Max time in queue = 28800
    • Service level threshold = 30

    • Service level type = Ignore abandoned calls

    • Interruptible = checked

  3. Name = Cisco_EIM_Outbound

    • Media Class = CIM_EIM_Outbound
    • Task life = 300

    • Task start timeout = 30

    • Task Max Duration = 28800

    • Calls in Queue Max = 50

    • Calls in Queue Max per call type = 50

    • Calls in Queue Max time in queue = 28800
    • Service level threshold = 30

    • Service level type = Ignore abandoned calls

    • Interruptible = checked

  4. Name = Cisco_WIM
    • Media Class = CIM_WIM
    • Task life = 300

    • Task start timeout = 30

    • Task Max Duration = 28800

    • Calls in Queue Max = 50

    • Calls in Queue Max per call type = 50

    • Calls in Queue Max time in queue = 28800
    • Service level threshold = 30

    • Service level type = Ignore abandoned calls

    • Interruptible = checked

Network Trunk Group --- add this Network Trunk Group:
  • Name = GENERIC

  • Description = null

Trunk Group --- add these12 Trunk Groups to Network Trunk Group GENERIC.

  1. Peripheral = CVP_PG_1A
    • Peripheral number = 100

    • Peripheral Name = 100

    • Name = CVP_PG_1A.100

    • Trunk count = 0

  2. Peripheral = CVP_PG_1A

    • Peripheral number = 200

    • Peripheral name = 200

    • Name = CVP_PG_1A.200

    • Peripheral ID = 5001

    • Trunk count = 0

  3. Peripheral = CVP_PG_1A

    • Peripheral number = 300

    • Peripheral name = 300

    • Name = CVP_PG_1A.300

    • Trunk count = 0

  4. Peripheral = CVP_PG_1B

    • Peripheral number = 100

    • Peripheral name = 100

    • Name = CVP_PG_1B.100

    • Trunk count = 0

  5. Peripheral = CVP_PG_1B

    • Peripheral number = 200

    • Peripheral name = 200

    • Name = CVP_PG_1B.200

    • Trunk count = 0

  6. Peripheral = CVP_PG_1B

    • Peripheral number = 300

    • Peripheral name = 300

    • Name = CVP_PG_1B.300

    • Trunk count = 0

  7. Peripheral = CVP_PG_2A
    • Peripheral number = 100

    • Peripheral name = 100

    • Name = CVP_PG_2A.100

    • Trunk count = 0

  8. Peripheral = CVP_PG_2A

    • Peripheral number = 200

    • Peripheral name = 200

    • Name = CVP_PG_2A.200

    • Trunk count = 0

  9. Peripheral = CVP_PG_2A

    • Peripheral number = 300

    • Peripheral name = 300

    • Name = CVP_PG_2A.300

    • Trunk count = 0

  10. Peripheral = CVP_PG_1B

    • Peripheral number = 100

    • Peripheral name = 100

    • Name = CVP_PG_2B.100

    • Trunk count = 0

  11. Peripheral = CVP_PG_1B

    • Peripheral number = 200

    • Peripheral name = 200

    • Name = CVP_PG_2B.200

    • Trunk count = 0

  12. Peripheral = CVP_PG_1B

    • Peripheral number = 300

    • Peripheral name = 300

    • Name = CVP_PG_2B.300

    • Trunk count = 0

Release 9.0(4) Base Configuration Changes

Agent Targeting Rule --- add this rule:

Name = AgentExtensions
  • Peripheral = CUCM_PG_1
  • Rule type = Agent Extension

  • Translation route id = <None>

  • Agent extension prefix = null

  • Agent extension length = 1

  • Routing client:
    • CUCM_PG_1
    • CVP_PG_1A
    • CVP_PG_1B
    • CVP_PG_2A
    • CVP_PG_2B
    • Outbound
    • Multichannel
  • Extension ranges Low - High:
    • 000---999
    • 0000---9999
    • 00000---99999
    • 000000---999999
    • 0000000---9999999
    • 00000000---99999999
    • 000000000---999999999
    • 000000000---9999999999

Label---Change the Label attribute to 7777777777 for Routing Clients CVP_PG_1A, CVP_PG1B, CVP_PG_2A, and CVP_PG2B.

Media Routing Domain---Change 3 of the Media Routing Domains added in 9.0(3) as follows:

  1. Name = Cisco_BC

    • Change Interruptible to unnchecked.

  2. Name = Cisco_EIM

    • Change Calls in Queue Max to15000.

  3. Name = Cisco_WIM

    • Change Calls in Queue Max to 5000.

Install Language Pack

If a customer requires a language instead of the default (English), you can download the Packaged CCE Language Pack executable from the Unified Contact Center Download Software page.

Install Language Pack

Install the Language Pack on both CCE Data Servers (Side A and Side B) and on any external HDS systems. After the Language Pack is installed, the Unified Web Administration Sign-In page has a language drop-down menu that lists all available languages. Select a language to display the user interface and the online help in that language.

Important: Install at off-peak hours. The CCE Data Servers and external HDS systems are not usable during the installation of the Language Pack.

UnInstall Language Pack

The customer can uninstall the Language Pack from Windows Control Panel > Programs and Features > Uninstall or change a program.

Simple Network Management Protocol

Simple Network Management Protocol (SNMP) facilitates the exchange of management information among network devices so that administrators can manage network performance and solve network problems. SNMP community strings, users, and network destinations are configured in Cisco Unified Serviceability.

Unified Serviceability is one of the tools that open from the Navigation drop-down in Cisco Unified Communications Solutions tools. You can also access Unified Serviceability by entering http://x.x.x.x/ccmservice/, where x.x.x.x is the IP address of the publisher.

Community Strings

The SNMP agent uses community strings to provide security. You must configure community strings to access any management information base (MIB). Add new community strings in the Cisco Serviceability Administration interface.

A community string is configured with:
  • a server

  • a name of up to 32 characters

  • a setting to accept SNMP packets from any host or from specified hosts

  • access privileges (readonly, readwrite, readwritenotify, notifyonly, readnotifyonly, and none)

  • a setting to apply the community string to all nodes in the cluster

Notification Destinations

Add notification destinations for delivery of SNMP notification events when events occur. Add and maintain notification destinations in the Cisco Serviceability Administration interface.

A notification destination is configured with:
  • a server

  • the host IP addresses of the trap destination

  • a port number

  • the SNMP version (V1 or V2c)

  • the community string name to be used in the notification messages that the host generates

  • the notification type

  • a setting to apply to the notification destination configuration to all nodes in the cluster

Configure Ingress Gateways for Locations-based Call Admission Control

Locations-based call admission control (CAC) is used in the Unified CCE branch-office call flow model (also known as the Centralized Model). This means that all servers (Unified CVP, Unified CCE, Unified Communications Manager, and SIP Proxy server) are centralized in one or two data centers, and each branch office.

Configure Unified Communications Manager to use the Ingress gateway instead of Unified CVP as the originating location of the call. This configuration ensures that CAC can be properly adjusted based on the locations of the calling endpoint and the phone.

Important:

Do not define Unified CVP as a gateway device in Unified Communications Manager.

Procedure
In Cisco Unified CM Administration, define the Ingress gateways as gateway devices. Assign the correct location to the devices.

Certificates for Live Data

You must set up security certificates for Finesse and Cisco Unified Intelligence Center with HTTPS.

You can:

  • Use the self-signed certificates provided with Finesse and Cisco Unified Intelligence Center.

  • Obtain and install a Certification Authority (CA) certificate from a third-party vendor.

  • Produce a certificate internally.


Note


As is the case when using other self-signed certificates, agents must accept the Live Data certificates in the Finesse desktop when the sign in before they can use the Live Data gadget.


Add Self-Signed Certificates for Live Data

Both Finesse and Unified Intelligence Center are installed with self-signed certificates. If you choose to work with these self-signed certificates (rather than producing your own CA certificate or obtaining a CA certificate from a third-party certificate vendor), you must first export the certificates from the Unified Intelligence Center Publisher and Subscriber. You must then import the certificates into Finesse, importing the Publisher certificate to the Finesse Primary node and the Subscriber certificate to the Finesse Secondary node.

As is the case when using other self-signed certificates, agents must accept the Live Data certificates in the Finesse desktop when they sign in before they can use the Live Data gadget.

Procedure
    Step 1   Sign in to Cisco Unified Operating System Administration on Cisco Unified Intelligence Center (https://<hostname of Cisco Unified Intelligence Center server>/cmplatform).
    Step 2   From the Security menu, select Certificate Management.
    Step 3   Click Find.
    Step 4   Do one of the following:
    • If the tomcat certificate for your server is not on the list, click Generate New. When the certificate generation is complete, reboot your server. Then restart this procedure.

    • If the tomcat certificate for your server is on the list, click the certificate to select it. (Ensure that the certificate you select includes the hostname for the server.)

    Step 5   Click Download .pem file and save the file to your desktop. You must download the certificates that contain the hostnames Cisco Unified Intelligence Center publisher and Cisco Unified Intelligence Center subscriber.
    Step 6   Sign in to Cisco Unified Operating System Administration on the primary Finesse server (http://hostname of Finesse server/cmplatform).
    Step 7   From the Security menu, select Certificate Management.
    Step 8   Click Upload Certificate.
    Step 9   From the Certificate Name drop-down list, select tomcat-trust.
    Step 10   Click Browse and browse to the location of the .pem files (Cisco Unified Intelligence Center publisher and subscriber certificates).
    Step 11   Click Upload File.
    Step 12   Restart Cisco Tomcat on the Finesse server.

    Obtain and Upload CA Certificate for Live Data

    You must perform the following steps on both the Cisco Unified Intelligence Center publisher server and the Finesse primary server. Use the Certificate Management utility from Cisco Unified Communications Operating System Administration.

    To open Cisco Unified Communications Operating System Administration, enter the following URL in your browser:

    https://hostname of Finesse or Cisco Unified Intelligence Center server/cmplatform

    Procedure
      Step 1   Generate a CSR.
      1. Select Security > Certificate Management > Generate CSR.
      2. From the Certificate Name drop-down list, select tomcat.
      3. Click Generate CSR.
      Step 2   Download the CSR.
      1. Select Security > Certificate Management > Download CSR.
      2. From the Certificate Name drop-down list, select tomcat.
      3. Click Download CSR.
      Step 3   Use the CSR to obtain the signed application certificate and the CA root certificate from the Certificate Authority.
      Step 4   When you receive the certificates, select Security > Certificate Management > Upload Certificate.
      Step 5   Upload the root certificate.
      1. From the Certificate Name drop-down list, select tomcat-trust.
      2. In the Upload File field, click Browse and browse to the root certificate file.
      3. Click Upload File.
      Step 6   Upload the application certificate.
      1. From the Certificate Name drop-down list, select tomcat.
      2. In the Root Certificate field, enter the name of the CA root certificate.
      3. In the Upload File field, click Browse and browse to the application certificate file.
      4. Click Upload File.
      Step 7   After the upload is complete, access the CLI on the primary Finesse server.
      Step 8   Enter the command utils service restart Cisco Finesse Notification Service to restart the Cisco Finesse Notification service.
      Step 9   Enter the command utils service restart Cisco Tomcat to restart the Cisco Tomcat service.
      Step 10   Upload the root certificate and application certificate to the Cisco Unified Intelligence Center publisher server.
      Step 11   After the upload is complete, access the CLI on the Cisco Unified Intelligence Center server.
      Step 12   Enter the command utils service restart Intelligence Center Openfire Service to restart the Intelligence Center Openfire service.
      Step 13   Enter the command utils service restart Intelligence Center Reporting Service to restart the Intelligence Center Reporting service.

      Produce Certificate Internally

      Set up Microsoft Certificate Server for Windows 2008 R2

      This procedure assumes that your deployment includes a Windows Server 2008 R2 (Standard) Active Directory server. Perform the following steps to add the Active Directory Certificate Services role on the Windows 2008 R2 (Standard) domain controller.

      Procedure
        Step 1   Click Start, right-click Computer, and select Manage.
        Step 2   In the left pane, click Roles.
        Step 3   In the right pane, click Add Roles.

        The Add Roles Wizard opens.

        Step 4   On the Select Server Roles screen, check the Active Directory Certificate Services check box, and then click Next.
        Step 5   On the Introduction to Active Directory Certificate Services screen, click Next.
        Step 6   On the Select Role Services screen, check the Certification Authority check box, and then click Next.
        Step 7   On the Specify Setup Type screen, select Enterprise, and then click Next.
        Step 8   On the Specify CA Type screen, select Root CA, and then click Next.
        Step 9   Click Next on the Set Up Private Key, Configure Cryptography for CA, Configure CA Name, Set Validity Period, and Configure Certificate Database screens to accept the default values.
        Step 10   On the Confirm Installations Selections screen, verify the information, and then click Install.

        Download CA certificate

        This procedure assumes that you are using the Windows Certificate Services. Perform the following steps to retrieve the root CA certificate from the certificate authority. After you retrieve the root certificate, each user must install it in the browser used to access Finesse.

        Procedure
          Step 1   On the Windows domain controller, run the CLI command certutil -ca.cert ca_name.cer, in which ca_name is the name of your certificate.
          Step 2   Save the file. Note where you saved the file so you can retrieve it later.

          Deploy Root Certificate for Internet Explorer

          In environments where group policies are enforced via the Active Directory domain, the root certificate can be added automatically to each user's Internet Explorer. Adding the certificate automatically simplifies user requirements for configuration.


          Note


          To avoid certificate warnings, each user must use the fully-qualified domain name (FQDN) of the Finesse server to access the desktop.


          Procedure
            Step 1   On the Windows domain controller, navigate to Administrative Tools > Group Policy Management.
            Step 2   Right-click Default Domain Policy and select Edit.
            Step 3   In the Group Policy Management Console, go to Computer Configuration > Policies > Window Settings > Security Settings > Public Key Policies.
            Step 4   Right-click Trusted Root Certification Authorities and select Import.
            Step 5   Import the ca_name.cer file.
            Step 6   Go to Computer Configuration > Policies > Windows Settings > Security Settings > Public Key Policies > Certificate Services Client - Auto-Enrollment.
            Step 7   From the Configuration Model list, select Enabled.
            Step 8   Sign in as a user on a computer that is part of the domain and open Internet Explorer.
            Step 9   If the user does not have the certificate, run the command gpupdate.exe /target:computer /force on the user's computer.

            Set Up Certificate for Internet Explorer Browser

            After obtaining and uploading the CA certificates, either all users must accept the certificate or the certificate must be automatically installed via group policy.

            In environments where users do not log directly in to a domain or group policies are not utilized, every Internet Explorer user in the system must perform the following steps once to accept the certificate.

            Procedure
              Step 1   In Windows Explorer, double-click the ca_name.cer file (in which ca_name is the name of your certificate) and then click Open.
              Step 2   Click Install Certificate > Next > Place all certificates in the following store.
              Step 3   Click Browse and select Trusted Root Certification Authorities.
              Step 4   Click OK.
              Step 5   Click Next.
              Step 6   Click Finish.

              A message appears that states you are about to install a certificate from a certification authority (CA).

              Step 7   Click Yes.

              A message appears that states the import was successful.

              Step 8   To verify the certificate was installed, open Internet Explorer. From the browser menu, select Tools > Internet Options.
              Step 9   Click the Content tab.
              Step 10   Click Certificates.
              Step 11   Click the Trusted Root Certification Authorities tab.
              Step 12   Ensure that the new certificate appears in the list.

              Set Up Certificate for Firefox Browser

              Every Firefox user in the system must perform the following steps once to accept the certificate.


              Note


              To avoid certificate warnings, each user must use the fully-qualified domain name (FQDN) of the Finesse server to access the desktop.


              Procedure
                Step 1   From the Firefox browser menu, select Options.
                Step 2   Click Advanced.
                Step 3   Click the Certificates tab.
                Step 4   Click View Certificates.
                Step 5   Click Import and browse to the ca_name.cer file (in which ca_name is the name of your certificate).