Guest

Cisco Unity

Cisco Unity Data and the Directory (Cisco Unity 4.x and 3.x with Microsoft Exchange)

  • Viewing Options

  • PDF (347.9 KB)
  • Feedback
White Paper: Cisco Unity Data and the Directory (Cisco Unity 4.x and 3.x with Microsoft Exchange)

Table Of Contents

White Paper: Cisco Unity Data and the Directory (Cisco Unity 4.x and 3.x with Microsoft Exchange)

Introduction

About Subscribers

About Distribution Lists

About Locations

About Permissions

Cisco Unity Database and the Directory

Cisco Unity Database

Why the SQL Database Is Used

Directory

Why the Directory Is Used

Support for Unified Messaging

Support for Networking

Flexible Administration

Cisco Unity Data in the Directory

Exchange 5.5 Directory

Users and Custom Recipient Attributes in Exchange 5.5

Distribution List Attributes in Exchange 5.5

Location Object Attributes in Exchange 5.5

Voice Connector Attributes in Exchange 5.5

Active Directory

Extending the Schema

Viewing the Version of the Schema Extensions

Users and Contact Attributes in Active Directory

Distribution List Attributes in Active Directory

Location Object Attributes in Active Directory

Voice Connector Attributes in Active Directory

About Synchronization

Updates to the Directory Are Synchronous

Updates to the SQL Database Are Asynchronous

Exchange 5.5 Directory Monitor

Subscriber Attributes That Are Synchronized

Distribution List Attributes That Are Synchronized

Location Attributes That Are Synchronized

Active Directory Monitors

Subscriber Attributes That Are Synchronized

Distribution List Attributes That Are Synchronized

Location Attributes That Are Synchronized


White Paper: Cisco Unity Data and the Directory (Cisco Unity 4.x and 3.x with Microsoft Exchange)


Republished September 17, 2007

This document describes the Cisco Unity data that is stored in the directory, and explains how this data is kept consistent with the SQL database on the Cisco Unity server (for versions 3.x and 4.x). Included in this document are tables that map the Cisco Unity attributes to their corresponding Exchange 5.5 and Active Directory attributes.


Note Exchange 5.5 is no longer supported—in new installations and in upgrades—as the message store for Cisco Unity messages. This white paper contains information related to Exchange 5.5, but only for use with existing installations that are running Cisco Unity 4.1(1) or earlier. The Exchange 5.5 information is not applicable for use with installations that are running Cisco Unity 4.2(1) or later.


See the following sections:

Introduction

Cisco Unity Database and the Directory

Cisco Unity Data in the Directory

About Synchronization

Introduction

In Cisco Unity versions 3.x and 4.x, almost all of the information about subscriber accounts and other Cisco Unity objects is stored in a SQL database on the Cisco Unity server, not in the directory. However, a minimal amount of Cisco Unity information about subscribers, distribution lists, and locations is stored in the directory.

New for Cisco Unity 4.2(1)—A new property set was added to control permissions for the individual Cisco Unity-specific attributes and the msExchRecordedName attribute.

New for Cisco Unity 4.0(1)—The required Active Directory schema extensions (in addition to those required for Cisco Unity 3.x) are the following:

One attribute in the user object class

One attribute in the location object class

See the following sections for descriptions of the directory objects that contain Cisco Unity-specific attributes:

About Subscribers

About Distribution Lists

About Locations

About Permissions

About Subscribers

Anyone who has an account on Cisco Unity is a subscriber. Typically, each subscriber account is associated with a Windows domain account and an Exchange mailbox in which Cisco Unity stores voice messages. The associated user objects for subscribers in Active Directory or the Exchange 5.5 directory contain Cisco Unity-specific attributes (see Table 1 and Table 5).

When you create a subscriber account in Cisco Unity, the associated user object in the directory is created with Cisco Unity-specific attributes. You can also create subscriber accounts by importing existing users. In this case, when the subscriber account is created, the Cisco Unity-specific attributes are written to the existing user object in the directory.

In addition to regular subscriber accounts, Cisco Unity has a number of "external" subscriber accounts for people who do not have mailboxes on the local Exchange network. There are different types of external subscribers: AMIS, Bridge, Internet, and VPIM. Voice messages for Internet subscribers are sent to an e-mail address that you specify when you create the Internet subscriber account. Voice messages for AMIS, Bridge, and VPIM subscribers are sent to a mailbox on another voice messaging system.

When an "external" subscriber is created, an associated Active Directory contact (or an Exchange 5.5 custom recipient) is also created. The contacts in Active Directory or the custom recipients in the Exchange 5.5 directory for external subscribers contain Cisco Unity-specific attributes.

About Distribution Lists

A Cisco Unity public distribution list is an Active Directory group or an Exchange 5.5 distribution list that contains Cisco Unity-specific attributes (see Table 2 and Table 7).

When you create a distribution list in Cisco Unity, the associated group object in the directory is created with Cisco Unity-specific attributes. You can also create distribution lists by importing existing groups. In this case, when the distribution list is created, the Cisco Unity-specific attributes are written to the existing group object in the directory.

Distribution lists can contain both subscribers and non-subscribers. When a voice message is sent to a distribution list, it is delivered as an e-mail with a WAV attachment to the mailboxes of non-subscribers. Depending on the codec used to record the message, non-subscribers can use Windows Media Player or another program to listen to the voice message.

About Locations

Locations are Cisco Unity objects that are used in Cisco Unity networking (see Table 3 and Table 8). There are two types of locations: primary locations and delivery locations.

Each Cisco Unity server is associated with one location object—referred to as the primary location—which is created during installation and which cannot be deleted. Each primary location contains the network information that identifies the Cisco Unity server to other Cisco Unity servers and to other voice messaging systems.

A delivery location contains the network information that Cisco Unity needs to send messages to and receive messages from other voice messaging servers—which may or may not be Cisco Unity servers. You create a delivery location for each voice messaging server with which the local Cisco Unity server will communicate. The delivery location identifies the voice messaging system to Cisco Unity.

For more information about networking in Cisco Unity, see the Networking Guide for Cisco Unity, available at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_feature_guides_list.html.

About Permissions

In Cisco Unity 4.2(1) and later, the Permissions Wizard sets only the permissions that Cisco Unity requires to function rather than setting permissions at a higher level. To simplify the setting of permissions for the Cisco Unity-specific properties, a new property set that contains these individual properties—ciscoEcsbuUnityInformation—has been added to the schema. With the Cisco Unity 4.2(1) and later Permissions wizard, permissions for Cisco Unity-specific attributes are set at the property set level instead of at the object level, and permissions for non-Cisco Unity-specific attributes that Cisco Unity requires access to are set at the property level.

If you want to take advantage of the reduced permissions, you need to create new accounts, run the Permissions wizard to set permissions on the new accounts, and then change the accounts that Cisco Unity services log on as.

For information on the permissions set by the Cisco Unity Permissions wizard, see Permissions wizard Help.

Cisco Unity Database and the Directory

In versions of Cisco Unity prior to 3.x, all Cisco Unity data (except for recorded greetings) was stored in the directory. For small organizations where the Cisco Unity server is the only Exchange server, storing all the data in the directory worked fine. However, storing all the Cisco Unity data in the directory proved to be impractical for larger organizations. By using both the SQL database and the directory, Cisco Unity 3.x and later provide the groundwork for enhancements that benefit both large and small organizations.

See the following sections for more information:

Cisco Unity Database—This section briefly describes the structure and content of the tables in the SQL database on the Cisco Unity server.

Why the SQL Database Is Used—This section explains the benefits of storing data in the SQL database.

Directory—This section describes which directory Cisco Unity uses.

Why the Directory Is Used—This section explains the benefits of storing selected data in the directory.

Cisco Unity Database

The Cisco Unity database is a Structured Query Language (SQL)-based, scalable, relational database. Depending on your configuration, the database that Cisco Unity uses is either Microsoft SQL Server 2000 or Microsoft Data Engine 2000 (MSDE 2000). (Note that the MSDE 2000 data engine is fully compatible with SQL Server.)

Cisco Unity stores its data in a database called Unitydb. Unitydb contains tables for each type of Cisco Unity object. These tables contain all of the Cisco Unity objects that have been created on the local Cisco Unity server. Additionally, there are global tables that contain information about the subscriber accounts and locations that were created on other Cisco Unity servers. When subscriber accounts and location objects from other servers replicate in the directory, Cisco Unity detects these objects and saves information about them in the global tables.

You can use the standard database tools on the Cisco Unity server to run SQL queries on the Unitydb tables to view the data, but you should use the tools that Cisco Unity provides to modify the data. In particular, do not add or delete tables, and do not add or delete columns from the tables in the Unitydb.

Note that recorded voice names and greetings are stored in files on the Cisco Unity server (in the \CommServer\StreamFiles directory) and not in the SQL database.

Why the SQL Database Is Used

By storing its data in a SQL database rather than in the directory, Cisco Unity 3.x and later provide the following improvements over Cisco Unity 2.4.6:

Performance—Because the SQL database is on the Cisco Unity server and because the database is heavily indexed, accessing data (including looking up subscriber extensions) is fast.

Reliability—Because subscriber data is stored on the Cisco Unity server, Cisco Unity can answer calls, let outside callers look up subscriber extensions, and take messages when the Exchange network is down. While the Exchange network is unavailable, the Unity Messaging Repository (UMR) stores messages from outside callers on the Cisco Unity server (in the \CommServer\UnityMTA directory), and subscribers have access to those messages.

Scalability—SQL Server 2000 is designed to support the largest enterprise data processing systems, so there is more than enough room for storing the Cisco Unity data. MSDE is based on the same data engine as SQL Server. Although MSDE has storage limitations, it is more than adequate for the Cisco Unity configurations for which it is sold.

Network Impact—Only a small subset of subscriber information needs to be stored in the directory, and that information does not change frequently. Therefore, after subscriber accounts have been created, directory replication caused by changes to Cisco Unity data is minimal.

Directory

Cisco Unity stores data in either the Exchange 5.5 directory or Active Directory. During setup, you specify one Exchange server (the partner Exchange server) through which Cisco Unity communicates with other Exchange servers in the network. If the partner server is Exchange 2000, Cisco Unity uses Active Directory. If the partner server is Exchange 5.5, Cisco Unity uses the Exchange 5.5 directory. If your network consists of both Exchange 5.5 and Exchange 2000 servers, the partner Exchange server must be Exchange 2000, which means that Cisco Unity stores data in Active Directory.

Why the Directory Is Used

Because there is a SQL database on the Cisco Unity server, it may not be clear why any Cisco Unity objects are stored in the directory. At first glance, it seems to add complexity, because of the need to keep two data stores synchronized. While this is a valid concern, there are three main reasons for storing information in the directory:

To support Unified Messaging. See the "Support for Unified Messaging" section.

To support networking. See the "Support for Networking" section.

To provide flexible administration. See the "Flexible Administration" section.

Support for Unified Messaging

Cisco Unity provides true Unified Messaging: voice messages are stored along with e-mail messages in the Exchange information store. Cisco Unity uses the Exchange message transfer agent to route voice messages to subscribers. Because of the reliance on Exchange, some information about subscribers and distribution lists must be stored in the directory to support Unified Messaging.

Cisco Unity needs access to Active Directory user account information and/or the associated Exchange mailboxes in order to:

Authenticate subscribers when they log on to Cisco Unity.

Provide the Text to Speech feature, allowing subscribers to have their e-mail messages read to them over the phone.

Allow subscribers to use the same address book when addressing voice mails by using the phone that they use when addressing messages by using Outlook.

Support ViewMail for Microsoft Outlook, which allows subscribers to record and play voice messages within Outlook.

Turn on and off message waiting indicators on subscriber phones.

Support for Networking

In organizations with two or more Cisco Unity servers connected to a network, each Cisco Unity installation serves a distinct group of subscribers. In Cisco Unity, "networking" is the general term for messaging between Cisco Unity servers, and between Cisco Unity and other voice messaging systems. The term networking has a broad definition and encompasses the following ideas:

Subscribers associated with one Cisco Unity server can use the phone to send voice messages to:

Subscribers associated with another Cisco Unity server.

Individuals with access to a computer connected to the Internet.

Individuals who use a voice messaging system other than Cisco Unity.

Outside callers can find any subscriber in the directory and leave a voice message. Depending on the phone system and network configuration, outside callers who reach the Cisco Unity automated attendant or directory assistance can be transferred to any subscriber phone, even to the phone of a subscriber who is not associated with the local server.

By storing all the attributes for primary and delivery location objects in the directory, the addressing information that Cisco Unity needs for messaging between other Cisco Unity servers and other voice messaging systems replicates to all Cisco Unity servers in the Active Directory forest or the Exchange 5.5 site (or in the entire Exchange 5.5 organization if Exchange site connectors are installed).

In order to address messages to subscribers associated with another Cisco Unity server, each server in the network needs access to some subscriber attributes such as the location with which the subscriber is associated and the subscriber extension. These subscriber attributes (and others) are stored in the directory so that they replicate to all Cisco Unity servers on the network. Cisco Unity stores this replicated data in a table for global subscriber data in the SQL server.

Like other voice messaging systems, Cisco Unity allows subscribers to record their names. A subscriber must have a recorded name in order to be listed in Cisco Unity directory assistance. The recorded name is played when outside callers use directory assistance to look up a subscriber extension by pressing keys on the phone to spell part of the recipient name ("For John Smith at extension 5512, press 1; for Jane Smith at extension 5591, press 2."). When subscribers use the phone to address messages, the recorded name is played so that the subscribers can confirm that the extension they entered is correct. To allow outside callers to look up a subscriber in directory assistance no matter which Cisco Unity server the subscriber is associated with, the recorded name must be stored in the directory so that it replicates to the other Cisco Unity servers. Similarly, to provide confirmation to subscribers when they address messages over the phone to subscribers on other Cisco Unity servers, the recorded name must be in the directory.

Before Cisco Unity is installed, the Active Directory schema is extended to store the Cisco Unity-specific information. To support the Bridge or VPIM networking options, the schema must be further extended to store information needed by Bridge and VPIM delivery location objects.


Note Bridge Networking and VPIM Networking are not supported for Exchange 5.5.


Flexible Administration

Because information is stored in the directory, Cisco Unity allows for flexible administration of subscribers and distribution lists. You can create subscriber accounts and distribution lists by using the Cisco Unity Administrator, which is a Web-based interface to all Cisco Unity data. When creating a subscriber, external subscriber, or distribution list, Cisco Unity creates the corresponding user, contact, and group automatically; it is not necessary to first create the directory objects by using the standard Microsoft tools.

In addition, if the directory objects already exist, they can be imported into Cisco Unity. For example, if your organization has an existing directory of Exchange users, these users can be imported into Cisco Unity. When the user data is imported, the Cisco Unity-specific data is added to the user accounts. You can then use the Cisco Unity Administrator to view and modify the subscriber accounts as needed.

However, if you delete a subscriber or distribution list in the Cisco Unity Administrator, the objects are not deleted from the directory, for security reasons. Instead, only the Cisco Unity-specific attributes are deleted from the directory object. You can then use standard Microsoft tools to delete the directory object. In Cisco Unity 4.0(1) and earlier, this was also true for external subscribers; in Cisco Unity 4.0(2) and later, when you delete an AMIS, Bridge, or VPIM subscriber, the underlying directory object is removed automatically, and when you delete an Internet subscriber, you are offered the option to delete the associated directory object.

Because Cisco Unity synchronizes the information between the SQL database and the directory, if you make a change to a subscriber account in the Cisco Unity Administrator (such as changing the last name of the subscriber), this information is written to the directory. Similarly, if you change the last name of a user in Active Directory Users and Computers, Cisco Unity detects the change and updates the SQL database. See the "About Synchronization" section for more information.


Note In Cisco Unity 4.2(1) and later, the Cisco Unity Permissions wizard allows a greater amount of control over the types of Active Directory objects that administrators can administer through Cisco Unity. See Permissions wizard Help for information on individual settings in the Permissions wizard and how they affect Cisco Unity functionality.


Cisco Unity Data in the Directory

The Cisco Unity data stored in Active Directory is the same as the data stored in the Exchange 5.5 directory. How Cisco Unity stores the objects and their attributes is quite different in each directory.

With the exception of the recorded voice name, the Cisco Unity-specific attributes added to subscriber accounts is small (approximately 1K or less). In general, the length of a recording for a voice name will be approximately 2 seconds. The size of the recording depends on the codec, and on the version of Cisco Unity used to make the recording. The size of recorded voice names in version 3.1(2) and later of Cisco Unity is smaller than in previous versions.

The size of both the Exchange 5.5 directory and Active Directory increases in stages. For example, when you create numerous subscriber accounts, the directory grows to accommodate the new data and provides room to grow. Subsequently, when you create additional subscriber accounts, the directory may not increase in size until a certain threshold is reached, and then the size of the directory jumps. In this way, space does not need to be allocated in the directory each time you add a subscriber.

For details on the information stored in the Exchange 5.5 Directory, see the "Exchange 5.5 Directory" section. For details on the information stored in the Active Directory, see the "Active Directory" section.

Exchange 5.5 Directory

The schema for the Exchange 5.5 directory is not extensible like Active Directory is. However, there are four hidden Custom Attributes that applications may use. If you open the Exchange Administrator in "raw" mode (use the /r command line option to open in raw mode), you can look at a list of the attributes in the schema. This list includes Custom Attribute 11 through Custom Attribute 14.

Because the Custom Attributes are available to any application running on your network, you need to verify that no other application stores data in the Custom Attributes that Cisco Unity uses. Cisco Unity checks to see if the Custom Attributes that it needs are in use before it creates a subscriber account or distribution list. If the Custom Attributes that it needs already contain data, the creation fails, and Cisco Unity displays an error message.

Users and Custom Recipient Attributes in Exchange 5.5

The Cisco Unity-specific attributes shown in Table 1 are added to Exchange 5.5 users and custom recipients. Specifically, the mail-recipient and mailbox object classes are used to store data for regular subscribers, and the remote-address object class is used to store data for Internet and AMIS subscribers.

Table 1 User and Custom Recipient Attributes in Exchange 5.5 

Cisco Unity Attribute
Exchange 5.5 Attribute (LDAP Name)

Alternate Extensions

Voice-Mail-Greetings

AMIS Disable Outbound

Voice-Mail-Speed

Extension

Voice-Mail-User-ID

List In Phone Directory

Voice-Mail-Flags

Call Transfer String

Extension-Attribute-14

Location Object ID

Extension-Attribute-12

Recorded Voice Name

Voice-Mail-Recorded-Name

Object Type

ObjectClass


For regular and Internet subscribers, the Location Object ID is the Object ID of the primary location. For AMIS, Bridge, and VPIM subscribers, the Location Object ID is the Object ID of the delivery location with which the subscribers are associated.

Distribution List Attributes in Exchange 5.5

The Cisco Unity-specific attributes shown in Table 2 are added to Exchange 5.5 distribution lists.

The same set of attributes are stored in the directory for Cisco Unity 3.x and Cisco Unity 4.x.

Table 2 Distribution List Attributes in Exchange 5.5 

Cisco Unity Attribute
Exchange 5.5 Attribute (LDAP Name)

Extension

Voice-Mail-User-ID

Location Object ID

Extension-Attribute-12

Voice Enabled

Voice-Mail-Speed

Alias

uid

Recorded Voice Name

Voice-Mail-Recorded-Name

Object Type

ObjectClass


Location Object Attributes in Exchange 5.5

Locations are Cisco Unity-specific objects. Because additional object classes cannot be added to the Exchange 5.5 schema, an existing Exchange 5.5 object class is used to store data for location objects. Specifically, the Exchange 5.5 person object class is used to store information about locations, and in some cases, more than one Cisco Unity attribute is added to one Exchange 5.5 attribute. Table 3 shows the attributes for location objects.

New for Cisco Unity 4.0(1)—In Cisco Unity 4.x, the System State attribute, which is stored in the directory attribute Voice-Mail-System-GUID, is used.

Table 3 Location Object Attributes in Exchange 5.5 

Cisco Unity Attribute
Exchange 5.5 Attribute (LDAP Name)

Addressing Max Scope

Voice-Mail-Speed

Allow Blind Addressing

Extension-Attribute-1

AMIS Delivery Phone Number

Extension-Attribute-5

AMIS Node Active

Voice-Mail-Password

AMIS Node ID

Extension-Attribute-14

Blind Addressing Max Scope

Voice-Mail-Recording-Length

Destination Type

Extension-Attribute-2

Dialing Domain Name

Extension-Attribute-5

Dial ID

Voice-Mail-User-ID

SMTP Domain

mail

Location Object ID

Extension-Attribute-12

System ID

Extension-Attribute-3

Undeletable

Extension-Attribute-4

Display Name

Admin-Description

Directory ID

distinguishedName

Recorded Voice Name

Voice-Mail-Recorded-Name

Home Server

Extension-Attribute-6

Alias

uid

Object Changed ID

USN_Changed

System State

Voice-Mail-System-GUID (Added in Cisco Unity 4.0(1).)


Voice Connector Attributes in Exchange 5.5

The Cisco Unity Voice Connector for Microsoft Exchange is a Cisco Unity networking component that enables messaging between Cisco Unity servers that access separate directories, and between Cisco Unity servers and other voice messaging systems.

The Voice Connector for Exchange 5.5 uses the object class mail-gateway to store data. All the Voice Connector data is packed together and stored in the attribute called Extension-data.

Typically, you install only one instance of the Voice Connector per Exchange 5.5 site, and the amount of data stored in the directory by the Voice Connector is approximately 1K (or less).

Active Directory

The Active Directory schema can be extended to store application-specific data. This section describes the extensions that Cisco Unity makes to the Active Directory schema. See the following sections for details:

Extending the Schema

Viewing the Version of the Schema Extensions

Users and Contact Attributes in Active Directory

Distribution List Attributes in Active Directory

Location Object Attributes in Active Directory

Voice Connector Attributes in Active Directory

Extending the Schema

Active Directory supports the use of LDAP Data Interchange Format (LDIF) scripts to extend the schema. Before installing Cisco Unity for use with an Exchange 2000 or Exchange 2003 partner server, you must run a script that makes Cisco Unity-specific modifications to the Active Directory schema. To support VPIM Networking or Bridge Networking, the schema must be further extended.

To extend the Active Directory schema, you run a Cisco Unity utility called ADSchemaSetup. The utility applies the schema extensions specified in the LDIF script files located on Cisco Unity DVD 1 and CD 1 in the directory Schema\LdifScripts. The user interface for ADSchemaSetup.exe consists of a dialog box with check boxes that correspond to the LDIF script files, as shown in Figure 1.

Figure 1 Active Directory Schema Setup Interface

The LDIF files have changed among Cisco Unity versions as needed to provide additional features and functionality, as described in Table 4.

Table 4 Description of the Check Boxes in ADSchemaSetup.exe 

ADSchemaSetup Check Box
LDIF Script File Name
Cisco Unity Versions
Description

Directory Monitor

Avdirmonex2k.ldf

3.0(1) - 3.1(6)

The core schema extensions required by Cisco Unity itself, Digital Networking, SMTP Networking, and AMIS Networking.1 The schema extensions specified in Avdirmonex2k.ldf are essentially the same for all versions of Cisco Unity 3.x. However, when using Digital Networking to network different versions of Cisco Unity, always extend the schema by using the latest version of Avdirmonex2k.ldf.

4.0(1) - 4.1(1)

In Cisco Unity 4.0(x), the following attributes were added:

ciscoEcsbuUMSystemState attribute to the location object class

ciscoEcsbuAlternateDtmfIdsOrder attribute to the user object class.

ciscoEcsbuUMSchemaVersion

Because attributes were added and not taken away or changed, the 4.0(x) version of Avdirmonex2k.ldf is backward compatible. When using Digital Networking to network different versions of Cisco Unity (including Cisco Unity 3.x servers), always extend the schema by using the latest version of Avdirmonex2k.ldf.

4.2(1) and later

In Cisco Unity 4.2(1), the property set ciscoEcsbuUnityInformation was added to Avdirmonex2k.ldf to accommodate changes to the Cisco Unity Permissions wizard; however, the changes are backward compatible. When using Digital Networking to network different versions of Cisco Unity, always extend the schema by using the latest version of Avdirmonex2k.ldf.

Bridge Connector

Omnigateway.ldf

3.1(3) - 3.1(6)

The schema extensions required for Bridge Networking.

4.0(1) - 4.0(2)

There was a slight change in Omnigateway.ldf in Cisco Unity 4.0(1) (the ciscoEcsbuDtmfId attribute was indexed); however, the change is backward compatible. When using the Bridge Networking option in installations with multiple Cisco Unity servers connected by Digital Networking, always extend the schema by using the latest version of Omnigateway.ldf.

4.0(3) - 4.1(1)

The schema extensions for Bridge Networking changed significantly in Cisco Unity 4.0(3). If you have Bridge Networking set up in a previous version of Cisco Unity and are upgrading to Cisco Unity 4.0(3) or later, the schema extensions in the latest version of Omnigateway.ldf must be applied.

In addition to the attributes added to support Bridge Networking in Cisco Unity 4.0(3) and later, the attribute ciscoEcsbuUMSchemaVersion was added.

4.2(1) and later

The schema extensions for Bridge Networking changed slightly to accommodate changes to the Cisco Unity Permissions wizard. When using the Bridge Networking option in installations with multiple Cisco Unity servers connected by Digital Networking, always extend the schema by using the latest version of Omnigateway.ldf.

VPIM Connector

Vpimgateway.ldf

4.0(1) - 4.0(2)

The schema extensions required for VPIM Networking.

4.0(3) - 4.1(1)

The attribute ciscoEcsbuUMSchemaVersion was added.

4.2(1) and later

The schema extensions for VPIM Networking changed slightly to accommodate changes to the Cisco Unity Permissions wizard. When using the VPIM Networking option in installations with multiple Cisco Unity servers connected by Digital Networking, always extend the schema by using the latest version of Vpimgateway.ldf.

Voice Connector

Voicegateway.ldf

3.0 - 3.1(5)2

The schema extensions required for the Voice Connector for Exchange 2000. Voice Connector version 10.0(1) and later does not require additional Active Directory schema extensions beyond the core schema extensions required by Cisco Unity itself.

1 Although a file called AMISProps.ldf appears in the Schema\LdifScripts directory, the schema extensions needed for AMIS Networking are in Avdirmonex2k.ldf.

2 The check box for applying the Voice Connector schema extensions was removed in Cisco Unity 3.1(6) and later, although the file Voicegateway.ldf still appears in the Schema\LdifScripts directory.


All Cisco Unity attributes added by avdirmonex2.ldf, omnigateway.ldf, and vpimgateway.ldf are replicated in the Global Catalog server. These are the attributes marked with "ismemberofpartialattributeset = TRUE" in the script files. The Voice Connector attributes are not replicated to the Global Catalog server.

Attributes with the "searchFlags" property set to a non-zero number are indexed.

Viewing the Version of the Schema Extensions

Each time changes are made to an LDIF script, the script is updated to write a new version description. The updated description will be added to the existing description rather than replacing it so that there is a history of the schema extensions that have been applied.

See the following procedures for instructions for viewing the schema version:

To View the Version of the Schema Extensions on the Server on Which ADSchemaSetup Was Run

To View the Version of the Schema Extensions by Using ADSI Edit

To View the Version of the Schema Extensions on the Server on Which ADSchemaSetup Was Run


Step 1 On the desktop of the server on which ADSchemaSetup was run, open the folder Ldif logs.

This folder contains subfolders that are named based on the date on which ADSchemaSetup was run.

Step 2 Open the folder named with the most recent date.

This folder contains a separate folder for Avdirmonex2k.ldf (Cisco Unity schema extensions), Omnigateway.ldf (Cisco Unity Bridge extensions), and Vpimgateway.ldf (VPIM extensions).

Step 3 Open the folder for the appropriate type of schema extensions, and open the file Ldif.log in Notepad.

Step 4 Scroll to the end of the file, and click the last line. There is more than one instance of cisco-Ecsbu-UM-Schema-Version in the file, and you need to locate the last instance that contains a version description.

Step 5 Click Edit > Find, enter cisco-Ecsbu-UM-Schema-Version, and click Up for the direction of the search.

Step 6 Click Find Next one or more times until you find an instance that is followed a few lines down by a line containing the word "Description" and one of the following, as applicable:

Cisco Unity <version>

Cisco Unity Bridge <version>

Cisco Unity VPIM <version>

Note that the version displayed is the Cisco Unity version when the LDIF file was last modified, which may be older than your Cisco Unity version.

The following example shows part of an ldif.log file for the Avdirmonex2k.ldf extensions for a server that was installed using a version between 4.0(1) and 4.1(1), and then upgraded to 4.2(1):

51: CN=cisco-Ecsbu-UM-Schema-Version,CN=Schema,CN=Configuration,DC=Media,
DC=cisco-uty-sea,DC=cisco,DC=com
Entry DN: CN=cisco-Ecsbu-UM-Schema-Version,CN=Schema,CN=Configuration,DC=Media,
DC=cisco-uty-sea,DC=cisco,DC=com
change: modify
Attribute 0) Description:Unity 4.0

Attribute or value exists, entry skipped.

52: CN=cisco-Ecsbu-UM-Schema-Version,CN=Schema,CN=Configuration,DC=Media,
DC=cisco-uty-sea,DC=cisco,DC=com
Entry DN: CN=cisco-Ecsbu-UM-Schema-Version,CN=Schema,CN=Configuration,DC=Media,
DC=cisco-uty-sea,DC=cisco,DC=com
change: modify
Attribute 0) Description:Cisco Unity 4.2

To View the Version of the Schema Extensions by Using ADSI Edit

If you do not know the server on which ADSchemaSetup was run, or if you do not have access to the server, you can use the Microsoft utility, ADSI Edit, to view the contents of the attribute cisco-Ecsbu-UM-Schema-Version. ADSI Edit comes with Cisco Unity and also comes with Windows 2000 Support Tools. ADSI Edit can be run on a Cisco Unity server or any server in the domain.


Note The steps in the procedure apply to using the version of ADSI Edit that is included in the TechTools directory. They may not apply to newer versions of ADSI Edit that are downloaded from Microsoft.



Caution Be very careful when running ADSI Edit. Do not make any changes to the schema. Making changes to the schema could cause problems with Cisco Unity, Exchange, and/or Active Directory.


Step 1 Log on to the Cisco Unity server. If you have already registered adsiedit.dll, or if you have installed the Windows 2000 support tools on the server (which registers adsiedit.dll automatically), skip to Step 3. Otherwise, open a command prompt window and change to the directory <drive>:\CommServer\TechTools. Enter the following:

regsvr32 adsiedit.dll

Step 2 Close the command prompt window.

Step 3 In Windows Explorer, browse to <drive>:\CommServer\TechTools and double-click adsiedit.msc.

Step 4 Enter your user name and password when prompted.

Step 5 In tree in the left pane, expand the Schema container so that the schema attributes and classes are displayed in the right pane.

Step 6 In the right pane, scroll down as needed and right-click CN=cisco-Ecsbu-UM-Schema-Version, and click Properties.

Step 7 In the Select a Property to View list, click Description.

If the Omnigateway.ldf schema extensions have been applied, the description will contain:
Unity Bridge <version>

If the Vpimgateway.ldf schema extensions have been applied, the description will contain:
Unity VPIM <version>

If the Avdirmonex2k.ldf schema extensions have been applied, the description will contain:
Unity <version>

Note that the version displayed is the Cisco Unity version when the LDIF file was last modified, which may be older than your Cisco Unity version.


Users and Contact Attributes in Active Directory

Table 5 shows attributes for users and contacts.

Table 6 shows attributes for users to support Bridge Networking.

Table 5 User and Contact Attributes in Active Directory 

Cisco Unity Attribute
Active Directory Attribute
Description

Alternate Extensions

ciscoEcsbuAlternateDtmfIds

Multi-valued collection of unique alternate DTMF access codes that callers can dial to access the Cisco Unity subscriber that is associated with this user or contact.

AMIS Disable Outbound

ciscoEcsbuAmisDisableOutbound

For an AMIS subscriber, indicates no messages are being delivered to this target.

Extension

ciscoEcsbuDtmfId

Primary unique DTMF access code that callers can dial to access the Cisco Unity subscriber that is associated with this user or contact.

List In Phone Directory

ciscoEcsbuListInUMDirectory

List the subscriber in the phone directory for outside callers.

Call Transfer String

ciscoEcsbuTransferId

The primary call handler contact rule transfer string for the subscriber, accessed by directory handlers when doing searches on remote Cisco Unity servers in the same dialing domain and for automated attendant transfers.

Location Object ID

ciscoEcsbuUMLocationObjectId

Identifies the location with which the subscriber is associated.

Undeletable

ciscoEcsbuUndeletable

If true, this object cannot be deleted by using the Cisco Unity Administrator or other tools (used to prevent deletion of factory defaults).

Recorded Voice Name

msExchRecordedName1

The recorded name of the subscriber.

Object Type

ciscoEcsbuObjectType

Cisco Unity enumeration for type of object.

Order of Alternate Extensions

ciscoEcsbuAlternateDtmfIdsOrder2

Used to determine the order of the alternate DTMF ids.

1 Cisco Unity extends the schema with and uses msExchRecordedName by written permission of the Microsoft Corporation.

2 This attribute was added in Cisco Unity 4.0(1), but the functionality that uses the attribute was introduced in Cisco Unity 4.0(4).


For regular and Internet subscribers, the Location Object ID is the Object ID of the primary location. For AMIS, Bridge, and VPIM subscribers, the Location Object ID is the Object ID of the delivery location with which the subscribers are associated.

Table 6 User Object Attributes in Active Directory to Support Bridge Networking 

Cisco Unity Attribute
Active Directory Attribute
Description

Extension

ciscoEcsbuDtmfId

Same as Extension attribute described in Table 5.

In Omnigateway.ldf that is shipped with Cisco Unity 4.0(1) and 4.0(2), this field is indexed. In Omnigateway.ldf that is shipped with Cisco Unity 4.0(3), this field is no longer indexed.

Unity Node Serial Number

ciscoEcsbuRemoteNodeID

The Octel network serial number of the node with which the Cisco Unity subscriber is associated. Added in Cisco Unity 4.0(3).

Legacy Mailbox ID

ciscoEcsbuLegacyMailbox

The number that Octel subscribers dial (excluding the location Dial ID and/or prefix) to address messages to the Cisco Unity subscriber. Added in Cisco Unity 4.0(3).


Distribution List Attributes in Active Directory

The Cisco Unity-specific attributes shown in Table 7 are added to Active Directory groups.

Table 7 Distribution List Attributes in Active Directory 

Cisco Unity Attribute
Active Directory Attribute
Description

Extension

ciscoEcsbuDtmfId

Primary unique DTMF access code that callers can dial to access the Cisco Unity Distribution List that is associated with this distribution list.

Location Object ID

ciscoEcsbuUMLocationObjectId

Identifies the location that the subscriber is associated with.

Undeleteable

ciscoEcsbuUndeletable

If true, this object cannot be deleted by using the Cisco Unity Administrator (used to prevent deletion of factory defaults).

Voice Enabled

ciscoEcsbuVoiceEnabled

Set when the distribution list is enabled for voice.

Alias

mailNickname

Mail name of the distribution list.

Recorded Voice Name

msExchRecordedName1

Distribution List recorded name.

Object Type

ciscoEcsbuObjectType

Cisco Unity enumeration for type of object.

1 Cisco Unity extends the schema with and uses msExchRecordedName by written permission of the Microsoft Corporation.


Location Object Attributes in Active Directory

Table 8 shows the attributes for location objects in Active Directory.

Table 9 shows the attributes for location objects in Active Directory that support Bridge Networking.

Table 10 shows the attributes for location objects in Active Directory that support VPIM Networking.

Table 8 Location Object Attributes in Active Directory 

Cisco Unity Attribute
Active Directory Attribute
Description

Addressing Max Scope

ciscoEcsbuAddressingMaxScope

Used to indicate the type of addressing that is supported by this location (local, dialing domain, global).

Allow Blind Addressing

ciscoEcsbuAllowBlindAddressing

If true, messages can be addressed to this location without an existing handler or mail user.

AMIS Delivery Phone Number

ciscoEcsbuAmisDialId

Corresponds to the AMIS dial ID on the Delivery Location page in the Cisco Unity Administrator.

AMIS Node Active

ciscoEcsbuAmisNodeActive

True if the node is active.

AMIS Node ID

ciscoEcsbuAmisNodeId

Identifier for the AMIS Node.

Blind Addressing Max Scope

ciscoEcsbuBlindAddressingMaxScope

Scope of blind addressing search.

Destination Type

ciscoEcsbuDestinationType

Indicates the destination type for the location (SMTP, AMIS, VPIM, Bridge).

Dialing Domain Name

ciscoEcsbuDialingDomainName

Name of the dialing domain for networking.

Location Dial ID

ciscoEcsbuDtmfId

Primary unique DTMF access code that callers can dial to access the Cisco Unity Location.

Include Locations

ciscoEcsbuIncludeLocations

If set on the primary location, the Cisco Unity conversation will include locations in search results.

SMTP Domain

ciscoEcsbuUMDomain

For the primary location, the domain name that the remote voice messaging system uses when addressing messages to Cisco Unity subscribers. Corresponds to the SMTP Domain Name field on the Primary Location page in the Cisco Unity Administrator.

For a VPIM or SMTP delivery location, the domain name that Cisco Unity uses when addressing messages to subscribers on the remote voice messaging system. Corresponds to the SMTP Domain Name field on the Delivery Location page in the Cisco Unity Administrator.

For an AMIS delivery location, the phone number used to reach the remote AMIS system. Corresponds to the Delivery Phone Number field on the Delivery Location page in the Cisco Unity Administrator.

Domain ID

ciscoEcsbuUMDomainId

Not currently used.

Location Object ID

ciscoEcsbuUMLocationObjectId

The unique identifier for this location object.

System ID

ciscoEcsbuUMSystemId

Used to identify the Cisco Unity system on which this location was created.

Schema Version

ciscoEcsbuUMSchemaVersion

The version of schema extensions that has been applied. (Note that the version displayed is the Cisco Unity version when the LDIF file was last modified, which may be older than your Cisco Unity version.)

Undeletable

ciscoEcsbuUndeletable

If true, this object cannot be deleted by using the Cisco Unity Administrator (used to prevent deletion of factory defaults).

Display Name

displayName

Spelled name.

Alias

ciscoEcsbuDirectoryAlias

Unique text name for this object.

Recorded Voice Name

msExchRecordedName1

Location recorded name.

Object Type

ciscoEcsbuObjectType

Cisco Unity enumeration for type of object.

Home Server

ciscoEcsbuUMServer

The Cisco Unity server which owns this location.

System State

ciscoEcsbuUMSystemState
(Added in Cisco Unity 4.0(1).)

Licensing information for the Cisco Unity server that is associated with this location. Only present on non-delivery locations.

1 Cisco Unity extends the schema with and uses msExchRecordedName by written permission of the Microsoft Corporation.


Table 9 Location Object Attributes in Active Directory to Support Bridge Networking 

Cisco Unity Attribute
Active Directory Attribute
Description

Octel Serial Number

ciscoEcsbuRemoteNodeID

The serial number of the Octel node that corresponds to this location.

Bridge Server Address

ciscoEcsbuRemoteServer

The fully qualified domain name of the Bridge server that is used for messaging with this delivery location.

Prefixes

ciscoEcsbuPrefixes
(Added in Cisco Unity 4.0(3).)

A list of the node prefixes that are assigned to this location. Corresponds to the entries on the Prefixes page of the Delivery Location in the Cisco Unity Administrator.

Remote Mailbox Length

ciscoEcsbuRemoteMailboxLength
(Added in Cisco Unity 4.0(3).)

The number of digits required for mailboxes as specified in Octel for the node that corresponds to this delivery location.

Auto-Created Bridge Subscriber Options, Private Messages Settings

ciscoEcsbuOptionFlags
(Added in Cisco Unity 4.0(3).)

A bit mask that controls various options including how Bridge subscribers are automatically created and how private messages are handled.


Table 10 Location Object Attributes in Active Directory to Support VPIM Networking 

Cisco Unity Attribute
Active Directory Attribute
Description

Unity Phone Prefix

ciscoEcsbuLocalPhonePrefix

Used to construct To/From addresses for Cisco Unity subscribers. Corresponds to the Cisco Unity Phone Prefix field on the Delivery Location page in the Cisco Unity Administrator.

Remote Phone Prefix

ciscoEcsbuRemotePhonePrefix

Used to construct To/From addresses for VPIM subscribers. Corresponds to the Remote Phone Prefix field on the Delivery Location page in the Cisco Unity Administrator.

Include Sender's Recorded Name and/or Sender's vCard, Auto-Created VPIM Subscriber Options, Private Messages Settings

ciscoEcsbuOptionFlags

A bit mask that controls various options including whether the recorded name or vCard of the sender are included in outgoing messages, how VPIM subscribers are automatically created, and how private messages are handled.

Remote Server

ciscoEcsbuRemoteServer

Not currently used.


Voice Connector Attributes in Active Directory

The Cisco Unity Voice Connector for Microsoft Exchange is a Cisco Unity networking component that enables messaging between Cisco Unity servers that access separate directories, and between Cisco Unity servers and other voice messaging systems.

In Cisco Unity 3.0 through 3.1(5), the version of the Voice Connector that shipped with Cisco Unity required that the Active Directory schema be extended for Voice Connector data. The amount of data stored in the directory by the Voice Connector is less than 1K.

In Cisco Unity versions 3.1(6), 4.0(1), and later, the Voice Connector schema extensions are not required. Instead, the Voice Connector stores its data in the Windows registry on the Exchange server on which it is installed. (Note that as of Cisco Unity version 4.0(1), the Voice Connector version number changed so that it no longer matches the Cisco Unity version. For more information, see the "Cisco Unity Voice Connector for Microsoft Exchange Versions" section of Networking Options Requirements for Cisco Unity, at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_device_support_tables_list.html.)

The schema extensions for the Voice Connector that shipped with Cisco Unity 3.0 through 3.1(5) can be found on the Cisco Unity DVD 1 and CD 1 in the file Schema\LdifScripts\voicegateway.ldf. Table 11 shows the Voice Connector schema extensions.

Table 11 Voice Connector Attributes in Cisco Unity Version 3.0 Through 3.1(5) 

Voice Connector Attribute
Active Directory Attribute

Address Type

msExchSgwAddressType

Display Name

msExchSgwDisplayName

Email Address

msExchSgwEmailAddress

Messages to Process: Inbound

msExchSgwMsgIn

Messages to Process: Outbound

msExchSgwMsgOut

Number of Threads: Inbound

msExchSgwThreadsIn

Number of Threads: Outbound

msExchSgwThreadsOut

Messages per Thread: Inbound

msExchSgwMsgsIn

Messages per Thread: Outbound

msExchSgwMsgsOut

Sleep per Message (ms): Inbound

msExchSgwSleepIn

Sleep per Message (ms): Outbound

msExchSgwSleepOut

Polling Interval: Inbound

msExchSgwIntervalIn

Polling Interval: Outbound

msExchSgwIntervalOut

Directory: Inbound

msExchSgwDirectoryIn

Directory: Outbound

msExchSgwDirectoryOut

Converter: Inbound

msExchSgwConverterIn

Converter: Outbound

msExchSgwConverterOut

Recipient Policy

msExchSgwGdiPolicy


About Synchronization

Cisco Unity includes directory monitors that keep the Cisco Unity objects in the directory synchronized with the SQL database on the Cisco Unity server. In addition to monitoring the directory for changes, the monitors also work in the other direction, and write changed information from Cisco Unity to the directory.

There are separate directory monitors for Active Directory and for Exchange 5.5. For Active Directory, there are two monitors: one monitors changes to Cisco Unity objects that are associated with the local server, and the other monitors the Active Directory global catalog for changes to Cisco Unity objects that are associated with other servers.

See the following sections for more detailed information about synchronization:

For information on updates to the directory, see the "Updates to the Directory Are Synchronous" section.

For information on updates to the SQL database, see the "Updates to the SQL Database Are Asynchronous" section.

For information on the attributes that are synchronized in Exchange 5.5, see the "Exchange 5.5 Directory Monitor" section.

For information on the attributes that are synchronized in Active Directory, see the "Active Directory Monitors" section.

Updates to the Directory Are Synchronous

Changes to subscriber accounts, distribution lists, and location objects made by using the Cisco Unity Administrator (or another Cisco Unity application) are written to the directory when the change occurs, so that both the SQL database and the directory remain consistent, as Figure 2 illustrates.

The changes made to the directory depend on the action in the Cisco Unity application: create, import, modify, or delete.

Create—When subscriber accounts, distribution lists, and location objects are created, the objects are written to both the SQL database and the directory. The objects in the directory include Cisco Unity-specific attributes.

Import—When subscriber accounts and distribution lists are created by importing existing directory objects, the objects are written to the SQL database, and the Cisco Unity-specific attributes are written to the directory objects.

Modify—When a subscriber account, distribution list, or location object is modified by using a Cisco Unity application, the updated information is written to both the SQL database and the directory.

Delete—When subscriber accounts and distribution lists are deleted by using the Cisco Unity Administrator, the objects are deleted from the SQL database, and most of the Cisco Unity-specific attributes are deleted from the directory objects. You then use standard Microsoft tools to delete the directory objects.


Note Not all Cisco Unity custom attributes are deleted. In Exchange 5.5, Extension-Attribute-14 is modified to a string value of "Deleted-Unity-Object," and in Active Directory, the ciscoEcsbuUMLocationObjectId attribute is left as is. This is done so that another networked Cisco Unity server will detect the deletion and remove the object from its Global Subscriber table in the SQL Unitydb database.)


When location objects are deleted by using the Cisco Unity Administrator, the location objects are deleted from both the SQL database and the directory.

Figure 2 Updates to the Directory Are Synchronous

Updates to the SQL Database Are Asynchronous

Every few minutes the directory monitor polls for new, changed, and deleted objects and then queues the detected changes. The changed information is pulled from the queue and written to the SQL database. Figure 3 illustrates this process.

Figure 3 Updates to the SQL Database Are Asynchronous

Exchange 5.5 Directory Monitor

The Exchange 5.5 directory monitor, AvDSEx55.exe, runs as a service on the Cisco Unity server. Polling is done at regular, configurable intervals; the default is every ten minutes.

All directory objects have an attribute that contains the update sequence number (USN). When an object is changed, the USN for the object is updated to be the highest number (plus one) of all the objects in the directory. For example, assume the USN for object A is 100, the USN for object B is 101, and the USN for object C is 102. In this case, when a change is made to object A, its USN is updated to 103. Each time the monitor performs a synchronization cycle, it stores the highest USN encountered during the synchronization.

During synchronization, the monitor queries the directory to obtain a list of objects. The monitor filters out all non-Cisco Unity objects. By comparing the LastUSN to the current USN of each object, all objects that have not changed since the last polling (that is, objects with a USN value that is less than LastUSN) are filtered out of the list.

If the monitor encounters an error while synchronizing an object, the synchronization cycle is aborted, and the LastUSN value is not updated. Updates to SQL are not performed for the object on which the error was encountered and for subsequent objects on the list. When the next synchronization occurs, because LastUSN was not updated, the list of objects to be updated is the same as in the previous synchronization.

When a change is detected, the monitor sends a notification by using Microsoft Message Queuing (MSMQ). The notification specifies whether the object has been changed or deleted. The notification includes the value of each object property that is used by Cisco Unity. In case of conflict, changes to an object made by using the Cisco Unity Administrator take precedence over changes detected in the directory.

By default, the directory monitor looks for changes from the site level down, but you can configure the directory monitor to look for changes in the entire Exchange organization if you have Cisco Unity servers installed in different sites.

Subscriber Attributes That Are Synchronized

The directory monitor keeps the subscriber attributes shown in Table 12 synchronized. The Cisco Unity-specific attributes are in bold.

Table 12 Subscriber Attributes That Are Synchronized in Exchange 5.5 

Cisco Unity Attribute
Exchange Attribute (LDAP Name)

Alias

uid

First Name

givenName

Last Name

sn

Display Name

cn

Primary Fax Number

facsimileTelephoneNumber

SMTP Address

mail

Object Changed ID

USN-Changed

Directory ID

distinguishedName

Location Object ID

Extension-Attribute-12

Extension

Voice-Mail-User-ID

Mailbox ID

distinguishedName

Mail Server

Obtained from Home-MDB

Address Type

Obtained from Target-Address

Voice Name Data

Voice-Mail-Recorded-Name

Transfer String

Extension-Attribute-14

SID

Assoc-NT-Account

E-mail Address

distinguishedName

AMIS Disable Outbound

Voice-Mail-Speed

Alternate Extensions

Voice-Mail-Greetings

List In Directory

Voice-Mail-Flags

Distinguished Name

distinguishedName

Remote Address

Target-Address

Mail Database

Home-MDB

Mailbox Warning Limit

MDB-Storage-Quota

Mailbox Send Limit

MDB-Over-Quota-Limit

Mailbox Send/Receive Limit

DXA-Task

Mailbox Use Default Limits

MDB-Use-Defaults


Distribution List Attributes That Are Synchronized

The directory monitor keeps the distribution list attributes shown in Table 13 synchronized. The Cisco Unity-specific attributes are in bold.

Table 13 Distribution List Attributes That Are Synchronized in Exchange 5.5 

Cisco Unity Attribute
Exchange Attribute (LDAP Name)

Alias

uid

Display Name

cn

DTMF Dlist ID (Extension)

Voice-Mail-User-ID

SMTP Address

mail

Directory ID

distinguishedName

Object Changed ID

USN-Changed

Voice Name Data

Voice-Mail-Recorded-Name

Distinguished Name

distinguishedName

E-mail Address

distinguishedName

Voice Enabled

Voice-Mail-Speed

Location Object ID

Extension-Attribute-12


Location Attributes That Are Synchronized

All location attributes are synchronized. See Table 3 for a list of location object attributes.

Active Directory Monitors

The Active Directory monitors run as services on the Cisco Unity server. Both Active Directory domain controller (DC) databases and global catalog (GC) databases are polled for changes. There are two monitors:

AvDSAD.exe—Initiates updates to objects associated with the local Cisco Unity server (that is, the Cisco Unity server on which AvDSAD is running). In installations with multiple Cisco Unity servers networked together, other domains could contain objects associated with other Cisco Unity servers. The AvDSAD for each server monitors only those domains that contain objects that are associated with the local Cisco Unity server. Polling is done at regular, configurable intervals; the default is every two minutes.

Changes to Active Directory objects that appear on a DC that AvDSAD is monitoring will be reflected in Cisco Unity within the two-minute polling interval. If a change to an object occurs on a DC that AvDSAD is not monitoring, the change first has to be replicated to the monitored DC. In this case, the time that it takes for the change to be reflected in Cisco Unity depends on your network configuration and replication schedule.

AvDSGlobalCatalog.exe—Monitors the Active Directory global catalog for changes to distribution lists, mailbox stores, locations, and for objects associated with other Cisco Unity servers in the network. The subscriber and location changes detected by AvDSGlobalCatalog result in updates to the global tables in the SQL database. Polling is done at regular, configurable intervals; the default is every fifteen minutes. This service is read-only; that is, it makes no directory changes.

In order for changes to objects associated with other Cisco Unity servers to be reflected, the changes first have to be replicated to the Active Directory global catalog, and then the monitor can detect the changes. The time that it takes for changes to be reflected in the global catalog depends on your network configuration and replication schedule.

All directory objects have an attribute called uSN-Changed, which contains the update sequence number (USN). Whenever an object is changed, uSN-Changed is updated to be the highest number (plus one) of all the objects in the directory. For example, assume the uSN_Changed of object A is 100, the uSN-Changed of object B is 101, and the uSN-Changed of object C is 102. In this case, when a change is made to object A, its uSN-Changed is updated to 103. Each time the monitors perform a synchronization cycle, they store the highest USN encountered during the synchronization.

During synchronization, the monitors query the DC and GC databases (as applicable) to obtain a list of objects. The monitors filter out all non-Cisco Unity objects. By comparing the LastUSN to the current USN of each object, all objects that have not changed since the last polling (that is, objects with a uSN-Changed value that is less than LastUSN) are filtered out of the list.

If the monitors encounter an error while synchronizing an object, the synchronization cycle is aborted, and the LastUSN value is not updated. Updates to SQL are not performed for the object on which the error was encountered and for subsequent objects on the list. When the next synchronization occurs, because LastUSN was not updated, the list of objects to be updated is the same as in the previous synchronization.

When a change is detected, the monitor sends a notification by using Microsoft Message Queue (MSMQ). The notification specifies whether the object has been changed or deleted, and whether the change has been detected in the DC or in the GC. The notification includes the value of each object property that is used by Cisco Unity. In case of conflict, changes to an object made by using the Cisco Unity Administrator take precedence over changes detected in Active Directory.

The monitor uses a table called ADMonitorDirObjsList in the SQL database that associates each object used by Cisco Unity with the domain in which it resides. Additionally, the monitor uses a table called ADMonitorDistributionListMember in the SQL database that associates each distribution list used by Cisco Unity with the members of the list.

Subscriber Attributes That Are Synchronized

The directory monitor keeps the subscriber attributes that are shown in Table 14 synchronized. The Cisco Unity-specific attributes begin with the letters "ciscoEcsbu," except for msExchRecordedName, and are in bold. Active Directory allows you to set permissions on an object class at the attribute level. The Active Directory permissions required by Cisco Unity for each attribute are listed in the third column.

Note that "regular" subscribers are associated with mail user objects and "external" subscribers (that is, AMIS, Bridge, Internet, and VPIM subscribers) are associated with contacts, which do not have mailboxes in the local Exchange network. In the SQL Unitydb database, all types of subscribers are stored in the same table (called the Subscriber table). Therefore, attributes that are not applicable to external subscribers (such as "Mail Database") simply have a NULL value in the SQL subscriber table.

Also note that in Cisco Unity 4.2(1) and later, the Permissions wizard can be used to restrict Active Directory permissions on certain objects and attributes. Read permissions are not affected, but write, modify, or delete permissions may be restricted, depending on your configuration.

Table 14 Subscriber Attributes That Are Synchronized 

Cisco Unity Attribute 1
Active Directory Attribute
Active Directory Permission

Alias

mailNickName

Read, Write, Modify

First Name

givenName

Read, Write, Modify, Delete

Last Name

surName

Read, Write, Modify, Delete

Display Name

displayName

Read, Write, Modify, Delete

Primary Fax Number

facsimileTelephoneNumber

Read, Write, Modify, Delete

SMTP Address

Mail

Read, Write, Modify, Delete

Object Changed ID

uSNChanged

Read

Directory ID

objectGUID

Read

Location Object ID

ciscoEcsbuUMLocationObjectId

Read, Write, Modify, Delete

DTMF Access ID

ciscoEcsbuDtmfId

Read, Write, Modify, Delete

Mailbox ID

LegacyExchangeDN

Read

Mail Server

msExchHomeServerName

Read, Write, Modify, Delete

Object Type

ciscoEcsbuObjectType

Read, Write, Modify, Delete

Object Is Undeletable

ciscoEcsbuUndeletable

Read, Write, Modify, Delete

Recorded Voice Name

msExchRecordedName

Read, Write, Modify, Delete

Call Transfer String

ciscoEcsbuTransferId

Read, Write, Modify, Delete

AMIS Disable Outbound

ciscoEcsbuAmisDisableOutbound

Read, Write, Modify, Delete

Alternate Extensions

ciscoEcsbuAlternateDTMFIds

Read, Write, Modify, Delete

Order of Alternate Extensions

ciscoEcsbuAlternateDTMFIdsOrder2

Read, Write, Modify, Delete

List in Directory

ciscoEcsbuListInUMDirectory

Read, Write, Modify, Delete

Remote Address

targetAddress

Read, Write, Modify, Delete

SID History

SIDHistory

Read

SID

objectSid

Read

Mail Database

homeMDB

Read

Mailbox Warning Limit

mDBStorageQuota

Read

Mailbox Send Limit

mDBOverQuotaLimit

Read

Mailbox Send Receive Limit

mDBOverHardQuotaLimit

Read

Mailbox Use Default Limits

mDBUseDefaults

Read

1 Cisco Unity attribute names vary slightly depending on the tool that you use to view the attributes. For example, the "List in Directory" attribute above has the following names: "ListInDirectory" is the column name when using SQL Enterprise Manager to view the Subscriber table in the Unitydb database; "AVP_LIST_IN_DIRECTORY" is the object property name when using the DohPropTest tool; "List in phone directory" is the field name on the Subscriber > Profile page in the Cisco Unity Administrator.

2 This attribute was added in Cisco Unity 4.0(1), but the functionality that uses the attribute was introduced in Cisco Unity 4.0(4).


Distribution List Attributes That Are Synchronized

The directory monitor keeps the distribution list attributes that are shown in Table 15 synchronized. The Cisco Unity-specific attributes are in bold. Active Directory allows you to set permissions on an object class at the attribute level. The Active Directory permissions required by Cisco Unity for each attribute are listed in the third column.

Note that in Cisco Unity 4.2(1) and later, the Permissions wizard can be used to restrict Active Directory permissions on certain objects and attributes. Read permissions are not affected, but write, modify, or delete permissions may be restricted, depending on your configuration.

Table 15 Distribution List Attributes That Are Synchronized in Active Directory 

Cisco Unity Attribute
Active Directory Attribute
Active Directory Permission

Alias

mailNickName

Read, Write, Modify

Display Name

displayName

Read, Write, Modify, Delete

Recorded Voice Name

msExchRecordedName

Read, Write, Modify, Delete

DTMF Dlist ID

ciscoEcsbuDtmfId

Read, Write, Modify, Delete

SMTP Address

mail

Read, Write, Modify, Delete

Directory ID

objectGUID

Read

Object Changed ID

usnChanged

Read

Location Object ID

ciscoEcsbuUMLocationObjectId

Read, Write, Modify, Delete

E-mail Address

legacyExchangeDN

Read

Cisco Unity or E-Mail List

ciscoEcsbuVoiceEnabled

Read, Write, Modify, Delete


Location Attributes That Are Synchronized

All location attributes are synchronized, and each attribute has "Read, Write, Modify, Delete" Active Directory permissions. See the "Location Object Attributes in Active Directory" section for a list of location object attributes.