Contact Source

Configure Contact Source Workflow

Procedure
     Command or ActionPurpose
    Step 1 Configure directory integration:  

    Configure directory integration through service profiles using Cisco Unified Communications Manager or with the configuration file.

     
    Step 2 Optional: Configure Photos 

    Review the options for configuring photos for users.

     
    Step 3Optional: Configure Intradomain Federation for BDI or EDI 

    Let Cisco Jabber users communicate with users who are provisioned on different systems and who are using client applications other than Cisco Jabber.

     

    Client Configuration for Directory Integration

    You can configure directory integration through service profiles using Cisco Unified Communications Manager release 9 or later or with the configuration file. Use this section to learn how to configure the client for directory integration.

    When both a service profile and a configuration file are present, the following table describes which parameter value takes precedence.

    Service Profile

    Configuration File

    Which Parameter Value Takes Precedence?

    Parameter value is set

    Parameter value is set

    Service profile

    Parameter value is set

    Parameter value is blank

    Service profile

    Parameter value is blank

    Parameter value is set

    Configuration file

    Parameter value is blank

    Parameter value is blank

    Service profile blank (default) value

    Configure Directory Integration in a Service Profile

    With Cisco Unified Communications Manager release 9 and later, you can provision users with service profiles and deploy the _cisco-uds SRV record on your internal domain server. The client can then automatically discover Cisco Unified Communications Manager and retrieve the service profile to get directory integration configuration.

    Procedure
       Command or ActionPurpose
      Step 1Add a Directory Service
       

      Create a Directory UC Service.

       
      Step 2Apply Directory Service to a Service Profile
       

      Add the Directory UC Service to the Service Profile.

       

      Add a Directory Service

      Procedure
        Step 1   Open the Cisco Unified CM Administration interface.
        Step 2   Select User Management > User Settings > UC Service. The Find and List UC Services window opens.
        Step 3   Select Add New. The UC Service Configuration window opens.
        Step 4   Select Directory from the UC Service Type menu and then select Next.
        Step 5   Set all appropriate values for the directory service.
        To configure Cisco Jabber directory searches on the Global Catalog, add the following values:

        • Port—3268

        • Protocol—TCP

        Step 6   Select Save.
        What to Do Next

        Apply Directory Service.

        Directory Profile Parameters
        The following table lists the configuration parameters you can set in the directory profile:

        Directory Service Configuration

        Description

        Primary server

        Specifies the address of the primary directory server.

        This parameter is required for manual connections where the client cannot automatically discover the directory server.

        Secondary server

        Specifies the address of the backup directory server.

        Tertiary Server

        Applies to Cisco Jabber for Windows only.

        Specifies the address of the tertiary directory server.

        Use UDS for Contact Resolution

        Specifies if the client uses UDS as a contact source.

        True (Default)
        Use UDS as a contact source. When this option is selected the following parameters in this table are not used.
        False
        Use EDI or BDI as a contact source.
        The following parameters are used to connect to the LDAP server.

        By default, UDS provides contact resolution when users connect to the corporate network through Expressway for Mobile and Remote Access.

        Use Logged On User Credential

        Specifies if the client uses the logged on username and password for LDAP contact resolution.

        If you have configured Active Directory (AD) SSO, this will take priority over this setting.

        True (default)
        Use logged on user credentials. This value maps to the values for the UseWindowsCredentials parameter for Windows clients, and the BDIUseJabberCredntials parameter for other clients.
        False
        Do not use logged on user credentials.

        When you have SSO configured, Jabber uses those credentials before using the ConnectionUsername and ConnectionPassword parameters.

        You must specify the logged on user credentials with the following parameters:

        • ConnectionUsername

        • ConnectionPassword

        You must specify the logged on user credentials with the following parameters:

        • EDI (Windows client)

          • ConnectionUsername

          • ConnectionPassword

        • BDI (Mac, Android, iOS clients)

          • BDIConnectionUsername

          • BDIConnectionPassword

        Username

        Lets you manually specify a shared username that the client can use to authenticate with the directory server.

        By default, Cisco Jabber for Windows uses Integrated Windows Authentication when connecting to the directory server.

        You should use this parameter only in deployments where you cannot authenticate with the directory server using Microsoft Windows credentials.

        Use only a well-known or public set of credentials for an account that has read-only permissions.

        Password

        Lets you manually specify a shared password that the client can use to authenticate with the directory server.

        By default, Cisco Jabber for Windows uses Integrated Windows Authentication when connecting to the directory server.

        You should use this parameter only in deployments where you cannot authenticate with the directory server using Microsoft Windows credentials.

        Use only a well-known or public set of credentials for an account that has read-only permissions.

        Search Base 1

        The following parameters only apply to Cisco Jabber for Windows:

        Search Base 2

        Search Base 3

        Specifies a location in the directory server from which searches begin. In other words, a search base is the root from which the client executes a search.

        By default, the client searches from the root of the directory tree. You can specify the value of up to three search bases in your OU to override the default behavior.

        Active Directory does not typically require a search base. Specify search bases for Active Directory only for specific performance requirements.

        Specify a search base for directory servers other than Active Directory to create bindings to specific locations in the directory.

        Tip   

        Specify an OU to restrict searches to certain user groups.

        For example, a subset of your users have instant messaging capabilities only. Include those users in an OU and then specify that as a search base.

        Recursive Search on All Search Bases

        Select this option to perform a recursive search of the directory starting at the search base. Use recursive searches to allow the Cisco Jabber client contact search queries to search all of the LDAP directory tree from a given search context (search base). This is a common option when searching LDAP.

        This is a required field.

        The default value is True.

        Base Filter

        Specifies a base filter for Active Directory queries.

        Specify a directory subkey name only to retrieve objects other than user objects when you query the directory.

        The default value is (&(objectCategory=person)( objectClass=user).

        Predictive Search Filter

        Defines filters to apply to predictive search queries.

        You can define multiple, comma-separated values to filter search queries.

        The default value is ANR.

        When Cisco Jabber performs a predictive search, it issues a query using Ambiguous Name Resolution (ANR). This query disambiguates the search string and returns results that match the attributes that are set for ANR on your directory server.
        Important:

        Configure your directory server to set attributes for ANR if you want the client to search for those attributes.

        Attribute Mappings

        It is not possible to change the default attribute mappings in a service profile. If you plan to change any default attribute mappings, you must define the required mappings in a client configuration file.

        Apply Directory Service to a Service Profile

        Procedure
          Step 1   Select User Management > User Settings > Service Profile. The Find and List Service Profiles window opens.
          Step 2   Select Add New. The Service Profile Configuration window opens.
          Step 3   Add the directory services to the directory profile. See the Directory Profile Parameters topic for information about the specific settings that are needed for the directory profile.
          Step 4   Select Save.

          Configure Photos

          Cisco Jabber uses the following methods to configure Photos for users:

          • Active Directory Binary Objects—No configuration needed, Cisco Jabber retrieves the binary photo from the thumbnailPhoto attribute.

          • PhotoURL attribute—Use the PhotoSource parameter in the jabber-config.xml file to specify an attribute in your directory. The client will retrieve the attribute and determine if it is a URL or binary data and display the photo from either source.

            EDI parameter: PhotoSource

            Example: 
            <Directory>
 <PhotoSource>url</PhotoSource> 
</Directory>

            BDI parameter: BDIPhotoSource

            <Directory>
 <BDIPhotoSource>url</BDIPhotoSource> 
</Directory>

          • URI Substitution—For your directory server type, use the following parameters in the jabber-config.xml file:

            EDI parameters:

            • PhotoUriSubstitutionEnabled

            • PhotoUriWithToken

            • PhotoUriSubstitutionToken

            Example: 
            <PhotoUriSubstitutionEnabled>True</PhotoUriSubstitutionEnabled> 
<PhotoUriSubstitutionToken>sAMAccountName</PhotoUriSubstitutionToken> 
<PhotoUriWithToken>http://example.com/photo/sAMAccountName.jpg</PhotoUriWithToken>
            BDI parameters:

            • BDIPhotoUriSubstitutionEnabled

            • BDIPhotoUriWithToken

            • BDIPhotoUriSubstitutionToken

            Example: 
            <BDIPhotoUriSubstitutionEnabled>True</BDIPhotoUriSubstitutionEnabled> 
<BDIPhotoUriSubstitutionToken>sAMAccountName</BDIPhotoUriSubstitutionToken> 
<BDIPhotoUriWithToken>http://example.com/photo/sAMAccountName.jpg</BDIPhotoUriWithToken>
            UDS parameters:

            • UdsPhotoUriSubstitutionEnabled

            • UdsPhotoUriWithToken

            • UdsPhotoUriSubstitutionToken

            Example: 
            <UDSPhotoUriSubstitutionEnabled>True</UDSPhotoUriSubstitutionEnabled> 
<UDSPhotoUriSubstitutionToken>sAMAccountName</UDSPhotoUriSubstitutionToken> 
<UDSPhotoUriWithToken>http://example.com/photo/sAMAccountName.jpg</UDSPhotoUriWithToken>

          Advanced Directory Integration in the Configuration File

          You can configure directory integration in the Cisco Jabber configuration file. For more information see the Directory chapter in the Parameters Reference Guide for Cisco Jabber.

          Important: When a Service Profile and a configuration file are present, settings in the Service Profile always take priority.

          Federation

          Federation lets Cisco Jabber users communicate with users who are provisioned on different systems and who are using client applications other than Cisco Jabber.

          Configure Intradomain Federation for BDI or EDI

          In addition to configuring intradomain federation on the presence server, you might need to specify some configuration settings in the Cisco Jabber configuration files.

          To resolve contacts during contact search or retrieve contact information from your directory, Cisco Jabber requires the contact ID for each user. Cisco Unified Communications Manager IM & Presence server uses a specific format for resolving contact information that does not always match the format on other presence servers such as Microsoft Office Communications Server or Microsoft Live Communications Server.

          The parameters that you use to configure intradomain federation depend on whether you use Enhanced Directory Integration (EDI) or Basic Directory Integration (BDI). EDI uses native Microsoft Windows APIs to retrieve contact data from the directory service and is only used by Cisco Jabber for Windows. For BDI, the client retrieves contact data from the directory service and is used by Cisco Jabber for Mac, Cisco Jabber for Android, and Cisco Jabber for iPhone and iPad.

          Procedure
            Step 1   Set the value of the relevant parameter to true:

            • For BDI: BDIUseSipUriToResolveContacts

            • For EDI: UseSIPURIToResolveContacts

            Step 2   Specify an attribute that contains the Cisco Jabber contact ID that the client uses to retrieve contact information. The default value is msRTCSIP-PrimaryUserAddress, or you can specify another attribute in the relevant parameter:

            • For BDI: BDISipUri

            • For EDI: SipUri

            Note   
            When you deploy intradomain federation and the client connects with Expressway for Mobile and Remote Access from outside the firewall, contact search is supported only when the contact ID uses one of the following formats:

            • sAMAccountName@domain

            • UserPrincipleName (UPN)@domain

            • EmailAddress@domain

            • employeeNumber@domain

            • phoneNumber@domain

            Step 3   In the UriPrefix parameter, specify any prefix text that precedes each contact ID in the relevant SipUri parameter.

            Example:For example, you specify msRTCSIP-PrimaryUserAddress as the value of SipUri. In your directory the value of msRTCSIP-PrimaryUserAddress for each user has the following format: sip:username@domain.

            • For BDI: BDIUriPrefix

            • For EDI: UriPrefix

            The following XML snippet provides an example of the resulting configuration for BDI: 
            <Directory>
  <BDIUseSIPURIToResolveContacts>true</BDIUseSIPURIToResolveContacts>
  <BDISipUri>non-default-attribute</BDISipUri>
  <BDIUriPrefix>sip:</BDIUriPrefix>
</Directory>
            The following XML snippet provides an example of the resulting configuration for EDI: 
            <Directory>
  <UseSIPURIToResolveContacts>true</UseSIPURIToResolveContacts>
  <SipUri>non-default-attribute</SipUri>
  <UriPrefix>sip:</UriPrefix>
</Directory>