Partitioned Intradomain Federation for IM and Presence Service on Cisco Unified Communications Manager Release 9.1(1)
Planning for integration
Download this chapter
Planning for integrationPlanning for integration
Download the complete book
Partitioned Intradomain Federation for IM and Presence Service on Cisco Unified Communications Manager Release 9.1(1)Partitioned Intradomain Federation for IM and Presence Service on Cisco Unified Communications Manager Release 9.1(1) (PDF - 4 MB)
 Feedback

Planning for integration

Supported Partitioned Intradomain Federation integrations


Note

For Partitioned Intradomain Federation with Microsoft Lync, you must configure TLS; TCP is not supported. See the chapter Configure Microsoft Lync for Partitioned Intradomain Federation for more information.

This chapter describes the configuration steps for enabling Partitioned Intradomain Federation between IM and Presence and Microsoft Live Communications Server (LCS) or Microsoft Lync or Microsoft Office Communications Server (OCS). The following Lync, LCS and OCS platforms are supported:

  • Microsoft Lync Server 2010, Standard Edition and Enterprise Edition
  • Microsoft Live Communications Server 2005, Standard Edition and Enterprise Edition
  • Microsoft Office Communications Server 2007 Release 2, Standard Edition and Enterprise Edition

Note

If you have a mixed deployment of both Lync and OCS/LCS servers, you must run the user migration tools independently for the Lync users and the OCS/LCS users, that is, you must run the tools twice; once for the Lync users and once for the OCS/LCS users.

Related References

Hardware requirements

Partitioned Intradomain Federation between IM and Presence and Lync/OCS/LCS requires the following Cisco hardware:

  • IM and Presence server. For IM and Presence hardware support, refer to the IM and Presence compatibility matrix.
  • Cisco Unified Communications Manager server. For Cisco Unified Communications Manager hardware support, refer to the Cisco Unified Communications Manager compatibility matrix.
  • (Optional) Cisco CSS11506 Content Services Switch
Related References
Related Information

Software requirements

The following sections outline the software required for Partitioned Intradomain Federation between IM and Presence and Lync/OCS/LCS.

Server software

The following server software is required for Partitioned Intradomain Federation:

Cisco Software

  • IM and Presence Server Release 9.1(1)
  • Cisco Unified Communications Manager Server Release 9.1(1)

Microsoft Software

  • Depending on the deployment, one of:
    • Microsoft Lync Server 2010, Standard Edition or Enterprise Edition
    • Microsoft Live Communications Server 2005, Standard or Enterprise Edition
    • Microsoft Office Communications Server 2007 Release 2, Standard or Enterprise Edition
  • Depending on the deployment, one of:
    • Lync Administrative Tools (optional install item available during installation of Lync)
    • LCS Administrative Tools (optional install item available during installation of LCS)
    • OCS Administrative Tools (optional install item available during installation of OCS)
  • Microsoft Active Directory

Other Software

At least version 1.1 of the .NET Framework—this must be installed on the server from which you run the user migration tools.

Client software

The client software required for Partitioned Intradomain Federation deployment between IM and Presence and Lync/OCS/LCS depends on your deployment. You can have any combination of IM and Presence supported clients in a Partitioned Intradomain Federation deployment.

IM and Presence supported clients

The following IM and Presence clients are supported in a Partitioned Intradomain Federation deployment between IM and Presence and Lync/OCS/LCS:

Cisco Software
  • Cisco Unified Personal Communicator Release 8.5
  • Cisco Jabber for Mac
  • Cisco Jabber for Windows
  • Cisco Jabber IM for Mobile (iPhone, Android, Blackberry)
  • Cisco Jabber for iPad
  • Cisco Jabber for Cius

Note

For version compatibility for all Cisco Jabber clients, see the appropriate Cisco Jabber client documentation.

Third-Party Software

Third-party XMPP Clients

Microsoft Lync/OCS/LCS supported clients

Depending on the deployment, the following clients are supported:

  • Microsoft Lync 2010
  • Microsoft Office Communicator 2005
  • Communicator Web Access 2005

Note

Communicator Web Access 2005 is only supported when TLS encryption is not enabled between IM and Presence and Microsoft LCS. This is because Communicator Web Access 2005 does not support Federal Information Processing Standard (FIPS) Compliance, which must be enabled on Microsoft LCS to support TLSv1 encryption as required by IM and Presence.

  • Microsoft Office Communicator 2007 Release 2
  • Communicator Web Access 2007 Release 2
Related Topic

Hardware requirements

Integration preparation

It is essential that you plan carefully for the configuration of Partitioned Intradomain Federation between IM and Presence and Lync/OCS/LCS. Read the items in this section before you begin any configuration for this integration.

Presence domains

Partitioned Intradomain Federation, by its nature, supports integration between IM and Presence and Lync/OCS/LCS within a shared presence domain. Lync/OCS/LCS, however, supports the configuration of multiple presence domains for each Lync/OCS/LCS deployment.


Note

Cisco requires that all Microsoft Lync and Microsoft Office Communicator users have the same presence domain as IM and Presence client users for Partitioned Intradomain Federation.

If any Microsoft Lync or Microsoft Office Communicator users do not share the same presence domain, Partitioned Intradomain Federation is not possible for those users.

User migration

If users are being migrated from Lync/OCS/LCS to IM and Presence as part of this integration, consider the information below.

Detailed user migration plan

The Partitioned Intradomain Federation integration between IM and Presence and Lync/OCS/LCS is designed to provide basic communication between users during a phased migration from Lync/OCS/LCS to IM and Presence.

However, Partitioned Intradomain Federation integration introduces a performance overhead. Because of this, IM and Presence can support a maximum of 130,000 SIP Intradomain Federation contacts per server. To ensure that this federated contact threshold is not exceeded on any IM and Presence server during migration of users from Lync/OCS/LCS to IM and Presence, a detailed user migration plan may be required.

You can use the following calculation to get an estimate of the maximum number of IM and Presence users that can be supported without breaking the above federated contact threshold:

Max Supported Users = 130,000 / Average Contact List Size

Based on this calculation, the following table gives an indication of the maximum number of IM and Presence users that can be supported without breaking the 130,000 federated contact threshold.

Table 1 Maximum Number of Supported IM and Presence Users

Average Contact List Size

Maximum Supported Users (without High Availability)

Maximum Supported Users (with High Availability1)

200

650

325

150

866

433

100

1300

650

75

1733

866

50

2600

1300

25

5000

2500
1 This assumes a 2-node subcluster running in active/active mode.

You require a detailed user migration plan if the number of users to be provisioned on any IM and Presence server within your deployment exceeds the relevant limit above. Contact your Cisco Support representative to begin the process of defining a detailed migration plan.

Notes
  1. The values for the maximum number of supported users in the table above are based on worst-case figures; that is, in the case where all contacts are federated. With proper migration planning, the full complement of users can be deployed on an IM and Presence server in a phased manner, without breaking the 130,000 federated contact threshold.
  2. When High Availability is enabled, each IM and Presence server must be able to handle the load associated with all users within the IM and Presence 2-node subcluster. Therefore, the limit per IM and Presence server must be halved.
  3. If you are unsure about the average contact list size within your Lync/OCS/LCS deployment, assume it to be worst-case (200 contacts) when you are deciding whether a migration plan is required.
  4. The values for the maximum number of supported users in the table above assume HCS-7845-I3 hardware or the equivalent Cisco supported virtual platform based on the IM and Presence OVA template for 5000 users. The equivalent numbers for a subset of other platforms are detailed below. If your platform is not listed, contact your Cisco Support representative for advice.
HCS-7825-H4 hardware
IM and Presence can support up to 18,000 SIP Intradomain Federation contacts per server on the HCS-7825-H4 platform. The following table gives an indication of the maximum number of IM and Presence users that can be supported without breaking the18,000 federated contact threshold.
Table 2 Maximum Number of Supported IM and Presence Users on HCS-7825-H4 Hardware

Average Contact List Size

Maximum Supported Users (without High Availability)

Maximum Supported Users (with High Availability2)

200

90

45

150

120

60

100

180

90

75

240

120

50

360

180

25

720

360

18

1000

500
2 This assumes a 2-node subcluster running in active/active mode.
HCS-7845-H2 hardware

IM and Presence can support up to 90,000 SIP Intradomain Federation contacts per server on the HCS-7845-H2 platform. The following table gives an indication of the maximum number of IM and Presence users that can be supported without breaking the 90,000 federated contact threshold.

Table 3 Maximum Number of Supported IM and Presence Users on HCS-7845-H2 Hardware

Average Contact List Size

Maximum Supported Users (without High Availability)

Maximum Supported Users (with High Availability3)

200

450

225

150

600

300

100

900

450

75

1200

600

50

1800

900

25

3600

1800

18

5000

2500
3 This assumes a 2-node subcluster running in active/active mode.
Related References

Maintenance of user identity during migration

During migration from Lync/OCS/LCS to IM and Presence, Microsoft Lync, and Microsoft Office Communicator users should maintain the same identity (URI). Maintaining the same identity during migration has the following benefits:

  • It allows for the user’s availability state to be maintained because the user’s identity does not change.
  • It also allows for much simpler migration of a user’s contact lists because the contact lists can be directly imported from Lync/OCS/LCS to IM and Presence.

IM and Presence URIs are composed by joining the Cisco Unified Communications Manager user ID with the IM and Presence domain as follows:

<userid>@<domain>

If users are manually added through the Cisco Unified Communications Manager GUI or through the Cisco Unified Communications Manager Bulk Administration Tool (BAT), you must ensure that the user ID that you specified when you created the user matches the user portion of the user’s Lync/OCS/LCS URI. For example, if the Lync/OCS/LCS URI is bobjones@foo.com, you should create the user with a user ID of bobjones.

If Cisco Unified Communications Manager is configured to synchronize users from Active Directory, you must ensure that the Active Directory field that is used to map to the Cisco Unified Communications Manager user ID matches the user portion of the Lync/OCS/LCS URI. Note the following:

  • Cisco Unified Communications Manager maps to userID from a limited number of Active Directory fields, the most common of which is sAMAccountName.
  • If Cisco Unified Communications Manager maps userID to sAMAccountName, the Lync/OCS/LCS URI for the migrating users must also match the format <sAMAccountName>@<domain>.
  • If the sAMAccountName of Bob Jones is bjones, the Lync/OCS/LCS URI must be bjones@cisco.com.
  • If any Lync/OCS/LCS URIs do not match the format <sAMAccountName>@<domain>, you must modify them prior to the first migration of users from Lync/OCS/LCS to IM and Presence.

Duration guidelines for user migration tools

Cisco provides a number of tools to allow bulk migration of users from Lync/OCS/LCS to IM and Presence. To allow you to plan your migration, it is important to be aware of the time required for each tool to run when you are migrating a large number of users. This section describes the expected run time for each of those tools.


Note

If you have a mixed deployment of both Lync and OCS/LCS servers, you must run the tools independently for the Lync users and the OCS/LCS users, that is, you must run the tools twice; once for the Lync users and once for the OCS/LCS users.

Export Contact List tool

The Export Contact List tool (ExportContacts.exe) can export contacts from Lync/OCS/LCS at an average rate of 800 contacts per second (or 48,000 contacts per minute). You can use the following equation as a guide to estimate the expected run time for this tool for a set of Lync/OCS/LCS users.

Time to export contacts (mins) = Number of Lync/OCS/LCS users x Average Contact List Size / 48000

The following table shows the expected run time for a number of sample cases.

Table 4 Sample Expected Run Times for the Export Contact List Tool

Number of Lync/OCS/LCS Users

Average Contact List Size

Time to Export Contacts

2000

100

5 minutes

5000

75

8 minutes

15000

60

19 minutes
Disable Account tool

The Disable Account tool (DisableAccount.exe) can disable Lync/OCS/LCS accounts at an average rate of 13 accounts per second (or 800 accounts per minute). You can use the following equation as a guide to estimate the expected run time for this tool for a set of Lync/OCS/LCS users.

Time to disable accounts (mins) = Number of Lync/OCS/LCS users / 800

The following table shows the expected run time for a number of sample cases.

Table 5 Sample Expected Run Times for the Disable Account Tool

Number of Lync/OCS/LCS Users

Time to Disable Accounts

2000

3 minutes

5000

7 minutes

15000

20 minutes
Delete Account tool

The Delete Account tool (DeleteAccount.exe) can delete Lync/OCS/LCS accounts at an average rate of 13 accounts per second (or 800 accounts per minute). You can use the following equation as a guide to estimate the expected run time for this tool for a set of Lync/OCS/LCS users.

Time to delete accounts (mins) = Number of Lync/OCS/LCS users / 800

The following table shows the expected run time for a number of sample cases.

Table 6 Sample Expected Run Times for the Delete Account Tool

Number of Lync/OCS/LCS Users

Time to Delete Accounts

2000

3 minutes

5000

7 minutes

15000

20 minutes
BAT Contact List Import tool

The IM and Presence BAT utility can import contacts at varying rates, depending on the IM and Presence platform. The following table shows the expected import rate for a selection of IM and Presence platforms.

Table 7 Import Rate for IM and Presence BAT Tool

IM and Presence Platform

Import Rate

MCS-7825-H4/1000 user OVA

6/sec

MCS-7845-H2

12/sec

MCS-7845-I3/5000 user OVA

22/sec

The following table shows the expected run time for a number of sample cases

Table 8 Sample Expected Run Times for the BAT Contact List Import Tool

Number of Users

Average Contact List Size

Import Time (Rate = 22/sec)

2000

100

2hours, 32 minutes

5000

75

4 hours, 45 minutes

15000

60

11 hours, 22 minutes
Notes
  1. The calculations for the Export Contact List tool, Disable Account tool and Delete Account tool are based on Lync/OCS/LCS and Active Directory (AD) running on hardware with at least 2Ghz CPU processing power, and 2GB of RAM.
  2. Running these user migration tools has no affect on the capabilities of other Lync/OCS/LCS users who are signed into Microsoft Lync or Microsoft Office Communicator.
  3. Cisco recommends that you perform user migration during a scheduled maintenance window to reduce the load on the Lync/OCS/LCS and AD system.

DNS configuration

Domain Name System (DNS) "A" records must be published within the enterprise for all IM and Presence and Lync/OCS/LCS servers.

Lync/OCS/LCS servers must be able to resolve Fully Qualified Domain Names (FQDN) and IP addresses for all IM and Presence servers.

Likewise, IM and Presence servers must be able to resolve FQDNs and IP addresses for all Lync/OCS/LCS server and pool FQDNs.

Certificate Authority server

If TLS encryption is enabled as part of this Partitioned Intradomain Federation integration, an external or internal Certificate Authority (CA) may be used to sign security certificates on IM and Presence and Lync/OCS/LCS. Cisco recommends that you use the same CA to sign Lync/OCS/LCS and IM and Presence certificates. If not, the root certificates for each CA must be uploaded onto Lync/OCS/LCS and IM and Presence servers.

High availability

You need to consider how you are going to configure availability in your Partitioned Intradomain Federation deployment.

If you wish to make your IM and Presence Partitioned Intradomain Federation capability highly available, you can deploy a load balancer in front of your designated (routing) IM and Presence nodes. Cisco recommends that you use the Cisco CSS 11500 Content Services Switch.

The Cisco CSS 11500 Content Services Switch documentation is available at the following URL:

http:/​/​www.cisco.com/​en/​US/​products/​hw/​contnetw/​ps792/​products_​installation_​and_​configuration_​guides_​list.html

Related Topic

High Availability for Intradomain Federation

Prerequisite configuration for IM and Presence

You must complete the following tasks on IM and Presence before you begin to configure Partitioned Intradomain Federation.

  1. Install and configure IM and Presence as described in the Deployment Guide for IM and Presence Service on Cisco Unified Communications Manager.
  2. Perform the following checks to ensure that your IM and Presence system is operating properly:
    • Run the IM and Presence Troubleshooter.
    • Check that you can add local contacts to IM and Presence.
    • Check that your clients are receiving availability states from the IM and Presence server.
Related Information

Additional configuration for Routing IM and Presence Server

In multi-server deployments, an IM and Presence server must be dedicated as the Routing IM and Presence server. This means that it is a front-end server that accepts all new inbound SIP requests from Lync/OCS/LCS and routes them onwards to the IM and Presence server on which the request recipient is homed.

Cisco recommends that you do not assign any users to Routing IM and Presence servers; this ensures that the Routing IM and Presence servers have the capacity to handle the volume of SIP traffic from Lync/OCS/LCS.

Because no users are assigned to Routing IM and Presence servers, you can deactivate many of the feature services to free up resources on the Routing IM and Presence servers. Deactivate the following feature services on Routing IM and Presence servers:

  • Cisco Presence Engine
  • Cisco XCP Text Conference Manager
  • Cisco XCP Web Connection Manager
  • Cisco XCP Connection Manager
  • Cisco XCP SIP Federation Connection Manager
  • Cisco XCP XMPP Federation Connection Manager
  • Cisco XCP Message Archiver
  • Cisco XCP Directory Service
  • Cisco XCP Authentication Service

Related Topic

Deactivate feature services on Routing IM and Presence Server

Start IM and Presence Feature Services

The following services must be running on each IM and Presence server to support Partitioned Intradomain Federation:

  • Cisco SIP Proxy
  • Cisco XCP SIP Federation Connection Manager
  • Cisco XCP Router

The Cisco XCP Router is a network service and therefore is started by default. The Cisco SIP Proxy and Cisco SIP Federation Connection Manager are feature services, which you must start.

The following procedure describes how to start the Cisco SIP Proxy and Cisco SIP Federation Connection Manager feature services. You must perform this procedure on all IM and Presence servers.


Note

For dedicated Routing IM and Presence servers, do not activate the Cisco XCP SIP Federation Connection Manager service because no users are assigned to dedicated Routing IM and Presence servers.

Procedure
    Step 1   Select Cisco Unified IM and Presence Serviceability > Tools > Service Activation.
    Step 2   From the Server menu, select the IM and Presence server.
    Step 3   Check the following services:
    1. Cisco SIP Proxy
    2. Cisco SCP SIP Federation Connection Manager
    Step 4   Select Save.

    Plan services restarts during off-peak periods

    During the integration process, you need to restart the Lync\OCS\LCS server front-end services. Plan to perform the services restart during off-peak periods, such as during a maintenance window, to minimize the impact to users. For more information, see the Partitioned Intradomain Federation configuration workflows and topics related to restarting services for your server type.