Design Guide for Cisco Unity Release 5.x - Designing a Cisco Unity System with Exchange as the Message Store [Cisco Unity]

Table Of Contents

Designing a Cisco Unity System with Exchange as the Message Store

Deployment Models

Unified Messaging with Customer-Provided Infrastructure

Mixed Unified Messaging and Voice Messaging with Customer-Provided Infrastructure

Voice Messaging with Cisco-Provided, Dedicated Infrastructure

Voice Messaging with Customer-Provided Infrastructure

Multi-Site WAN with Distributed Messaging

Physical Placement and Network Infrastructure

Considerations for Customer-Provided Infrastructure

Active Directory Considerations

Exchange Considerations (All Versions)

Exchange Considerations That Apply Only Exchange 2007

Considerations for Cisco-Provided, Dedicated Infrastructure

Designing a Cisco Unity System with Exchange as the Message Store

This chapter focuses on using Exchange as the message store and Active Directory as the directory for Cisco Unity. All references to Exchange apply to the currently supported versions of Exchange—Exchange 2007 and Exchange 2003—unless specified otherwise. Exchange 2000 is supported only for upgrades from Cisco Unity 4.x and is, therefore, not discussed in this design guide.

See the following topics:

•Deployment Models

•Physical Placement and Network Infrastructure

•Considerations for Customer-Provided Infrastructure

•Considerations for Cisco-Provided, Dedicated Infrastructure

Deployment Models

You can deploy Cisco Unity by using customer-provided infrastructure or by using dedicated, Cisco-provided infrastructure.

With customer-provided infrastructure, Cisco Unity can be configured either as Unified Messaging or as Voice Messaging. Cisco Unity is a part of the messaging environment, it services subscribers who are homed on existing Exchange e-mail servers, and it uses existing DC/GCs. For more information, see the following sections:

•Unified Messaging with Customer-Provided Infrastructure

•Mixed Unified Messaging and Voice Messaging with Customer-Provided Infrastructure

•Voice Messaging with Customer-Provided Infrastructure

With dedicated, Cisco-provided infrastructure, Cisco Unity is configured as Voice Messaging. Each Cisco Unity subscriber requires a separate Active Directory user account in a dedicated forest and a separate Exchange mailbox that holds only Cisco Unity voice messages on a separate, dedicated Exchange server that homes only Cisco Unity voice messages. For more information, see the "Voice Messaging with Cisco-Provided, Dedicated Infrastructure" section.

If the customer has more than one data center, you can combine deployment models. For more information, see the "Multi-Site WAN with Distributed Messaging" section.

Unified Messaging with Customer-Provided Infrastructure

Revised May 6, 2008

For the Cisco Unity Unified Messaging configurations, Cisco Unity installs into an existing infrastructure, is a part of the messaging environment, services subscribers who are homed on existing Exchange e-mail servers, and uses existing DC/GCs. This reduces administrative overhead when compared with maintaining a Cisco Unity Voice Messaging solution or maintaining a legacy voice messaging system. With Unified Messaging, only one messaging infrastructure is required to support both e-mail and voice messaging. The customer is responsible for maintaining the DC/GCs, Exchange servers, and DNS.

Each Cisco Unity server can be connected to a circuit-switched phone system, to Cisco Unified Communications Manager, or to both. If the phone system has ports available, you can connect more than one Cisco Unity server to each phone system.

When you are setting up two or more Cisco Unity servers in the same Active Directory forest, the Cisco Unity servers can be networked by using Cisco Unity Digital Networking.

Mixed Unified Messaging and Voice Messaging with Customer-Provided Infrastructure

When mixing Unified Messaging and Voice Messaging deployment models, the Unified Messaging portion of the deployment is the same as a Unified Messaging deployment without the Voice Messaging subscribers.

The Voice Messaging subscribers require separate accounts and mailboxes:

•Each Voice Messaging subscriber requires a separate Active Directory user account in the existing forest.

•Each Voice Messaging subscriber requires a separate Exchange mailbox that holds only Cisco Unity voice messages. The mailbox can be stored on existing Exchange servers or can be stored on separate, dedicated Exchange servers that home only Cisco Unity voice messages. If the mailboxes are stored on existing Exchange servers, the customer is responsible for support for the servers. If the mailboxes are stored on Exchange servers that are dedicated to Cisco Unity voice messages, Cisco will support the Exchange servers.

If the Voice Messaging subscribers are homed on one or more dedicated Exchange servers on which the Voice Mail Run-time Edition of Microsoft Exchange was installed, those subscribers do not need Microsoft Client Access Licenses (CALs). Unified Messaging subscribers all need CALs.

For more information on the Unified Messaging portion of a mixed system, see the "Unified Messaging with Customer-Provided Infrastructure" section.

For more information on the Voice Messaging portion of a mixed system, see the "Voice Messaging with Customer-Provided Infrastructure" section.

Voice Messaging with Cisco-Provided, Dedicated Infrastructure

Revised May 6, 2008

In this deployment model:

•Each Voice Messaging subscriber requires a separate Active Directory user account in a dedicated forest.

•Each Voice Messaging subscriber requires a separate Exchange mailbox that holds only Cisco Unity voice messages on a separate, dedicated Exchange server that homes only Cisco Unity voice messages.

The advantages of this model include the following:

•The customer does not need to extend the Active Directory schema in the existing forest.

•Some companies have one department that manages the phone and voice-messaging system and a separate department that manages Exchange. Dedicated Exchange servers for Cisco Unity voice messages may simplify implementation and maintenance.

•Some customers like to keep voice messages and e-mail messages separate.

•If Active Directory accounts are created in an existing forest and mailboxes are stored on existing Exchange servers, the customer is responsible for support for the servers. If accounts are created in a dedicated forest and mailboxes are stored on Exchange servers that are dedicated to Cisco Unity voice messages, Cisco will support the entire Cisco Unity system, including dedicated DC/GCs (if any) and dedicated Exchange servers.

The disadvantages of this model include:

•A more complicated and time-consuming migration to a Unified Messaging configuration.

•More overhead for maintaining the Active Directory and Exchange infrastructure.

•Possible additional hardware expense.

Voice Messaging with Customer-Provided Infrastructure

Revised May 6, 2008

In this deployment model:

•Each Voice Messaging subscriber requires a separate Active Directory user account in the existing forest. The customer can create a separate domain for these accounts, but that is not required.

•Each Voice Messaging subscriber requires a separate Exchange mailbox that holds only Cisco Unity voice messages. The mailbox can be stored on existing Exchange servers or can be stored on separate, dedicated Exchange servers that home only Cisco Unity voice messages. If the mailboxes are stored on existing Exchange servers, the customer is responsible for support for the servers. If the mailboxes are stored on Exchange servers that are dedicated to Cisco Unity voice messages, Cisco will support the Exchange servers.

This model has the following advantages:

•It simplifies the migration from a Voice Messaging Configuration to a Unified Messaging configuration.

•Some companies have one department that manages the phone and voice-messaging system and a separate department that manages Exchange. If the two departments do not communicate with one another, dedicated Exchange servers for Cisco Unity voice messages may simplify implementation and maintenance.

Multi-Site WAN with Distributed Messaging

When deploying Cisco Unity in a multi-site WAN with distributed messaging, the customer uses two or more of the deployment models discussed earlier in this section, either at the same physical site or in geographically diverse data centers connected by a WAN. In this deployment, network bandwidth should meet the minimum Microsoft Exchange server inter-site requirements.

When all Cisco Unity servers will be in the same Active Directory forest and the customer wants subscribers to be able to send voice messages across servers, use Cisco Unity Digital Networking to connect them. The messaging functionality across Cisco Unity servers is the same as the messaging functionality on a single Cisco Unity server.

When Cisco Unity servers will be in two or more Active Directory forests, you can use VPIM networking to connect them. The messaging functionality across Cisco Unity servers is not identical to the messaging functionality on a single Cisco Unity server, but most functionality is preserved. (VPIM networking requires that the Cisco Unity Voice Connector for Microsoft Exchange be installed on an Exchange 2003 or Exchange 2000 server in each forest.) For more information, see the applicable Networking Guide for Cisco Unity Release 5.x at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_feature_guides_list.html.

When the customer wants Cisco Unity to communicate with another voice messaging system, the method you use to network them and the functionality that is available depend on the voice-messaging system. For example, to network Cisco Unity with Cisco Unity Express or with Cisco Unity Connection, you use VPIM networking, and to network Cisco Unity with Octel voice-messaging systems, you use the Cisco Unity Bridge. For more information, see:

•The applicable Networking Guide for Cisco Unity Release 5.x at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_feature_guides_list.html.

•Networking Options Requirements for Cisco Unity at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html.

Physical Placement and Network Infrastructure

Revised May 6, 2008

To ensure that Cisco Unity functions properly, we require that a Cisco Unity server be in the same data center as the following servers:

•The Exchange server that Cisco Unity communicates with, commonly known as the partner Exchange server. For more information on the partner Exchange server, see the "Exchange Considerations (All Versions)" section.

•Every Exchange server on which mailboxes for that Cisco Unity server are homed. If Cisco Unity is separated by a WAN from an Exchange server on which subscriber mailboxes are homed, a second Cisco Unity server must be co-located with the remote Exchange server.

•At least one domain controller. If Cisco Unity subscribers are homed in more than one domain, a DC for each domain must be in the same data center as the Cisco Unity server.

•At least one global catalog server.

•At least one DNS server.

These requirements apply regardless of whether the non-Cisco Unity servers are customer provided, or are Cisco provided and dedicated to Cisco Unity.

Connect the Cisco Unity server and the servers that Cisco Unity relies on with a high-speed switched gigabit network with no congestion. Total MAPI response time must be less that 10 milliseconds.

The Cisco Unity server should be installed into the same Windows site as the Exchange servers it services.

Note the following:

•Cisco Unity can coexist with firewalls. However, note that Cisco Unity should never be deployed outside of a firewall. Doing so can expose the Cisco Unity server to unwanted intrusion from the Internet, even if the server is hardened.

For detailed firewall requirements, see the following sections in the System Requirements for Cisco Unity at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html:

–"Network Requirements"

–"Failover Requirements for Separating Cisco Unity Servers by a Firewall"

–"Standby Redundancy Requirements for Separating Cisco Unity Servers by a Firewall"

•When Cisco Unity is remotely connected with an IP phone system, it is acceptable to calculate the per-port bandwidth and necessary overhead. The aggregate total of bandwidth for all ports plus any necessary overhead is the minimum bandwidth required.

•Cisco Unity supports a maximum of 250 Exchange information stores.

•If the Cisco Unity server has two NICs, the NICs cannot be used for load balancing. If dual NICs are configured, we recommend that they be configured in adaptive fault tolerant (AFT) or network fault tolerant (NFT) mode. For additional information about dual NICs, see the "Customizing the Cisco Unity Platform" chapter in the applicable Cisco Unity installation guide, available at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html.

•In general, Cisco Unity failover servers can be on separate network segments or subnets. However, both servers must reside in the same Windows site, and each server must directly connect to the DCs, GCs, message store servers, and other network resources necessary to operate normally. For requirements for failover over a WAN, see the "Requirements for Cisco Unity Failover Over a WAN" section in the System Requirements for Cisco Unity Release 5.0 at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html.

•For information on network requirements for phone system integrations, see the "Integrating Cisco Unity with the Phone System" chapter.

Considerations for Customer-Provided Infrastructure

See the following sections:

•Active Directory Considerations

•Exchange Considerations (All Versions)

•Exchange Considerations That Apply Only Exchange 2007

Active Directory Considerations

Note the following Active Directory considerations when a Cisco Unity implementation will use customer-provided Active Directory infrastructure:

•The Active Directory schema must be extended for Cisco Unity to function properly. For information on capacity planning recommendations related to using Cisco Unity with Active Directory, see the Active Directory Capacity Planning (Cisco Unity Version 5.x and Later with Microsoft Exchange) white paper at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_white_papers_list.html. This white paper also includes sizing information for Active Directory objects that have been voice enabled by Cisco Unity. Finally, it discusses the Cisco Unity schema: what is required when the customer extends the schema, and when it is required.

For general information on Cisco Unity and Active Directory, see the applicable Cisco Unity Data and the Directory white paper, also at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_white_papers_list.html.

•The main Cisco Unity services log on by using two Active Directory accounts that the installer creates during Cisco Unity installation:

–Message store services log on by using the message store services account. These services send and receive messages on behalf of the subscriber. The account with which these services log on must have direct access to the Exchange message store where the subscribers reside.

–Directory services log on by using the directory services account. These services write to user, group, and contact objects when the objects are imported into Cisco Unity, and they write to individual subscriber properties when a subscriber or an administrator changes personal settings for the subscriber.

Each service account can be used by more than one Cisco Unity server in the same domain.

•The Cisco Unity installation, message store services, and directory services accounts require Active Directory permissions to create objects during installation and to manage the objects during regular operation. The Cisco Unity Permissions wizard grants the required permissions automatically based on options the installer chooses for the customer configuration. For a detailed explanation of the permissions required, see the Help file Permissions Granted by the Cisco Unity 5.0(1)+ Permissions Wizard at http://ciscounitytools.com/HelpFiles/PW501/PWHelpPermissionsSet_ENU.htm.

The installation and directory services accounts also require Exchange permissions. For more information, see the Help file Delegating Exchange Administrative Control for Cisco Unity 5.0(1)+ at http://ciscounitytools.com/HelpFiles/PW501/PWHelpExchange_ENU.htm.

For additional information on the Permissions wizard, see the Help file Granting Permissions with Cisco Unity 5.0(1)+ Permissions Wizard at http://ciscounitytools.com/HelpFiles/PW501/PWHelp_ENU.htm.

•The Cisco Unity directory service periodically queries the local DC and GC for changes to Active Directory data that also appears in the SQL Server database on the Cisco Unity server. If any changes are found, the directory service updates the SQL Server or MSDE database accordingly. These queries do not significantly affect the performance of the DC or GC unless a significant number of changes have been made to Active Directory user accounts.

•Cisco Unity is an Active Directory site-aware application. If Active Directory sites are configured correctly, when Cisco Unity queries Active Directory for directory updates, a DC or GC in the site will respond rather than a DC or GC in a remote site. In a Unified Messaging configuration, in which Active Directory sites are already configured, this should not be an issue. For large Voice Messaging configurations, with Cisco Unity servers in multiple separate locations in a dedicated Active Directory forest, Active Directory sites must be configured to respond intelligently to queries.

•Active Directory Application Mode (ADAM) is not supported.

Exchange Considerations (All Versions)

Note the following Exchange considerations when a Cisco Unity implementation will use customer-provided Exchange infrastructure:

•When Cisco Unity is installed, the installer chooses a partner Exchange server, which is the home of several default Cisco Unity mailboxes, including:

–The Cisco Unity system mailbox (alias: Unity_<ServerName>), which is the mailbox that originates voice messages from outside callers. (Voice messages from Cisco Unity subscribers originate from the mailbox of the caller.) Each Cisco Unity server must have its own system mailbox.

–The mailbox from which broadcast messages are sent.

–If Cisco Unity is interoperating with other voice messaging systems, the mailboxes that send voice messages to and receiver voice messages from the other voice messaging systems.

The partner Exchange server can be running Exchange 2007, Exchange 2003, or Exchange 2000, and it can be either a clustered or non-clustered Exchange server.

Because of the importance of the partner Exchange server in a Cisco Unity installation, the server should be selected primarily on the basis of availability and secondarily on the basis of performance.

•Exchange performance is critical to Cisco Unity performance. To ensure that Exchange performance will not adversely affect Cisco Unity, we recommend that customers assess the performance of their Exchange infrastructure before installing Cisco Unity. For example, the Microsoft TechNet article Exchange Server 2003: Ruling Out Disk-Bound Problems (http://technet.microsoft.com/en-us/library/aa997558.aspx) can provide useful guidance.

•Exchange servers must meet Microsoft requirements, including the maximum number of users per server, the proper amount of memory, the proper processors and processor speed, hard disks that can meet disk-access response times, and placement of data files and transaction log files.

Cisco Unity cannot support Exchange servers that have performance bottlenecks such as slow hard drives or insufficient memory. For example, if slow hard drives or the lack of a dedicated mirror for transaction logs cause delays in recording log transactions, MAPI access (which is used by Microsoft Outlook, Exchange, and Cisco Unity to access Exchange) will be temporarily suspended until the transaction buffers can be cleared to a certain level. This can substantially delay phone access to Cisco Unity.

•The Cisco Unity Voice Connector for Microsoft Exchange, which is required for communicating with another voice-messaging system by using AMIS, the Cisco Unity Bridge, or VPIM, must be installed on the partner Exchange server. The Voice Connector can also, optionally, be installed on one or more other Exchange 2000 or Exchange 2003 servers to optimize message routing via Exchange's native, cost-based routing. (The Voice Connector cannot be installed on an Exchange 2007 server.)

•For information on the impact of audio codecs on Exchange, see the "Audio Codecs" section on page 3-5.

•In a Voice Messaging configuration, to prevent the message store from filling the hard disk, some customers configure storage limits in Exchange, and use Cisco Unity Message Store Manager to delete old messages. For example, messages older than 30 days might be moved to the deleted-messages folder, and messages older than 60 days might be purged. For more information on Message Store Manager, see the Message Store Manager Help at http://ciscounitytools.com/HelpFiles/MSM/MSMConsoleHelp_ENU.htm.

•In a Voice Messaging configuration, to help prevent Exchange transaction logs from filling the hard disk, a wizard in Cisco Unity Setup prompts the installer to change the circular-logging setting for any message store in the forest for which circular logging is turned off. If the customer is using an Exchange-aware backup application to back up Exchange message stores and clear transaction logs, the installer can choose not to change the circular-logging setting.

Exchange Considerations That Apply Only Exchange 2007

Note the following Exchange 2007 considerations when a Cisco Unity implementation will use customer-provided Exchange 2007 infrastructure:

•Exchange 2007 is supported as the message store only when Cisco Unity is configured as Unified Messaging.

•The Cisco Unity Voice Connector for Microsoft Exchange, which is required for communicating with another voice-messaging system by using AMIS, the Cisco Unity Bridge, or VPIM, can only be installed on an Exchange 2000 or an Exchange 2003 server. A Voice Connector is not currently available for Exchange 2007. If the customer has already configured a pure Exchange 2007 environment, an Exchange 2000 or Exchange 2003 server cannot be added to the environment and, therefore, Cisco Unity functionality that requires the Voice Connector is not available.

•Cisco Unity Mobile Message Access for BlackBerry is not supported for Exchange 2007.

•Integrated messaging via IMAP with Exchange 2007 is supported when Cisco Unity voice messages are stored in Exchange 2000 or Exchange 2003.

With Exchange 2000 or Exchange 2003, you can store e-mail messages in one Exchange message store, store Cisco Unity voice messages in another message store, and view both types of messages in a Microsoft Outlook Inbox. In this configuration, known as integrated messaging, you:

–Configure Outlook to use MAPI to communicate with the message store that contains e-mail (MAPI is required because the e-mail message store commonly also contains calendars and contacts).

–Configure Outlook to use IMAP to communicate with the message store that contains Cisco Unity voice messages. (Outlook only supports one MAPI connection at a time.)

–Enable Exchange rich-text format on Exchange servers, which converts IMAP to TNEF-encoded IMAP. (If you do not enable rich-text format, voice messages appear in the Outlook Inbox as e-mail messages, so ViewMail for Outlook is not available.)

Exchange 2007 does not support TNEF-encoded IMAP, but you can still use an integrated messaging configuration with Exchange 2007 if you store e-mail in Exchange 2007 and store Cisco Unity voice messages in Exchange 2000 or Exchange 2003.

For more information on Cisco Unity limitations when Exchange 2007 is the message store, see the subsection "Cisco Unity with Exchange: Exchange Server 2007" in the section "New and Changed Requirements and Support—Release 5.0(1)" in Release Notes for Cisco Unity Release 5.0(1) at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_release_notes_list.html.

Considerations for Cisco-Provided, Dedicated Infrastructure

Note the following considerations when a Cisco Unity implementation will use Cisco-provided, dedicated Exchange and Active Directory infrastructure:

•Ensure that the servers selected for Cisco Unity and for Exchange are able to handle the proposed number of users. For information on selecting servers, see the Cisco Unity Supported Platforms List at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_data_sheets_list.html.

•If the customer is installing Cisco Unity and Exchange servers in multiple locations and if they will all be in the same Active Directory forest, ensure that Active Directory sites are configured.

•If two or more Cisco Unity servers are being installed in a forest but they are being installed in different forest roots, configure a one-way trust to enable client authentication. For more information, see the "Grant Unity Access" section in the Client Access in a Voice Messaging-Only Deployment (Cisco Unity Version 4.0) white paper at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_white_papers_list.html.

Note The version of GrantUnityAccess shipped with Cisco Unity 5.0 requires a two-way trust due to caveat CSCsi68156. An updated version of GrantUnityAccess that does not have this problem is available on the "4.x/5.x Tools" page on the Cisco Unity Tools website at http://ciscounitytools.com/4_x_tools.htm.

•Within a given data center, if the location will have two Exchange servers, we recommend that the customer make both servers DC/GCs and run DNS on both servers. If the location will have four or more Exchange servers, we recommend that the customer make half of the Exchange servers DC/GCs and run DNS on two of them.

•In a Voice Messaging configuration, to prevent the message store from filling the hard disk, some customers configure storage limits in Exchange, and use Cisco Unity Message Store Manager to delete old messages. For example, messages older than 30 days might be moved to the deleted-messages folder, and messages older than 60 days might be purged. For more information on Message Store Manager, see the Message Store Manager Help at http://ciscounitytools.com/HelpFiles/MSM/MSMConsoleHelp_ENU.htm.

•The Cisco Unity Voice Connector for Microsoft Exchange, which is required for communicating with another voice-messaging system by using AMIS, the Cisco Unity Bridge, or VPIM, must be installed on the partner Exchange server. The Voice Connector can also, optionally, be installed on one or more other Exchange 2000 or Exchange 2003 servers to optimize message routing via Exchange's native, cost-based routing. (The Voice Connector cannot be installed on an Exchange 2007 server.)

•The customer can configure Exchange clustering by using the Voice Mail Run-Time Edition of Microsoft Exchange Server 2003 Enterprise Edition that is shipped with Cisco Unity. However, the customer is responsible for supporting the Exchange cluster and any custom hardware or configuration.

•In a Voice Messaging configuration, to help prevent Exchange transaction logs from filling the hard disk, a wizard in Cisco Unity Setup prompts the installer to change the circular-logging setting for any message store in the forest for which circular logging is turned off. If the customer is using an Exchange-aware backup application to back up Exchange message stores and clear transaction logs, the installer can choose not to change the circular-logging setting.

	Design Guide for Cisco Unity Release 5.x
	Designing a Cisco Unity System with Exchange as the Message Store
Design Guide for Cisco Unity Release 5.x Index Preface Design Guide Overview Cisco Unity Concepts Network Infrastructure Requirements Designing a Cisco Unity System with Exchange as the Message Store Designing a Cisco Unity System with Domino as the Message Store Integrating Cisco Unity with the Phone System Cisco Unity Failover and Standby Redundancy Voice-Recognition Access to Cisco Unity Migrating to Cisco Unity from Another Voice-Messaging System Design Differences Among Versions of Cisco Unity	Download this chapter Designing a Cisco Unity System with Exchange as the Message Store Download the complete book PDF Version of the Entire Guide (PDF - 2 MB) Table Of Contents Designing a Cisco Unity System with Exchange as the Message Store Deployment Models Unified Messaging with Customer-Provided Infrastructure Mixed Unified Messaging and Voice Messaging with Customer-Provided Infrastructure Voice Messaging with Cisco-Provided, Dedicated Infrastructure Voice Messaging with Customer-Provided Infrastructure Multi-Site WAN with Distributed Messaging Physical Placement and Network Infrastructure Considerations for Customer-Provided Infrastructure Active Directory Considerations Exchange Considerations (All Versions) Exchange Considerations That Apply Only Exchange 2007 Considerations for Cisco-Provided, Dedicated Infrastructure Designing a Cisco Unity System with Exchange as the Message Store This chapter focuses on using Exchange as the message store and Active Directory as the directory for Cisco Unity. All references to Exchange apply to the currently supported versions of Exchange—Exchange 2007 and Exchange 2003—unless specified otherwise. Exchange 2000 is supported only for upgrades from Cisco Unity 4.x and is, therefore, not discussed in this design guide. See the following topics: •Deployment Models •Physical Placement and Network Infrastructure •Considerations for Customer-Provided Infrastructure •Considerations for Cisco-Provided, Dedicated Infrastructure Deployment Models You can deploy Cisco Unity by using customer-provided infrastructure or by using dedicated, Cisco-provided infrastructure. With customer-provided infrastructure, Cisco Unity can be configured either as Unified Messaging or as Voice Messaging. Cisco Unity is a part of the messaging environment, it services subscribers who are homed on existing Exchange e-mail servers, and it uses existing DC/GCs. For more information, see the following sections: •Unified Messaging with Customer-Provided Infrastructure •Mixed Unified Messaging and Voice Messaging with Customer-Provided Infrastructure •Voice Messaging with Customer-Provided Infrastructure With dedicated, Cisco-provided infrastructure, Cisco Unity is configured as Voice Messaging. Each Cisco Unity subscriber requires a separate Active Directory user account in a dedicated forest and a separate Exchange mailbox that holds only Cisco Unity voice messages on a separate, dedicated Exchange server that homes only Cisco Unity voice messages. For more information, see the "Voice Messaging with Cisco-Provided, Dedicated Infrastructure" section. If the customer has more than one data center, you can combine deployment models. For more information, see the "Multi-Site WAN with Distributed Messaging" section. Unified Messaging with Customer-Provided Infrastructure Revised May 6, 2008 For the Cisco Unity Unified Messaging configurations, Cisco Unity installs into an existing infrastructure, is a part of the messaging environment, services subscribers who are homed on existing Exchange e-mail servers, and uses existing DC/GCs. This reduces administrative overhead when compared with maintaining a Cisco Unity Voice Messaging solution or maintaining a legacy voice messaging system. With Unified Messaging, only one messaging infrastructure is required to support both e-mail and voice messaging. The customer is responsible for maintaining the DC/GCs, Exchange servers, and DNS. Each Cisco Unity server can be connected to a circuit-switched phone system, to Cisco Unified Communications Manager, or to both. If the phone system has ports available, you can connect more than one Cisco Unity server to each phone system. When you are setting up two or more Cisco Unity servers in the same Active Directory forest, the Cisco Unity servers can be networked by using Cisco Unity Digital Networking. Mixed Unified Messaging and Voice Messaging with Customer-Provided Infrastructure When mixing Unified Messaging and Voice Messaging deployment models, the Unified Messaging portion of the deployment is the same as a Unified Messaging deployment without the Voice Messaging subscribers. The Voice Messaging subscribers require separate accounts and mailboxes: •Each Voice Messaging subscriber requires a separate Active Directory user account in the existing forest. •Each Voice Messaging subscriber requires a separate Exchange mailbox that holds only Cisco Unity voice messages. The mailbox can be stored on existing Exchange servers or can be stored on separate, dedicated Exchange servers that home only Cisco Unity voice messages. If the mailboxes are stored on existing Exchange servers, the customer is responsible for support for the servers. If the mailboxes are stored on Exchange servers that are dedicated to Cisco Unity voice messages, Cisco will support the Exchange servers. If the Voice Messaging subscribers are homed on one or more dedicated Exchange servers on which the Voice Mail Run-time Edition of Microsoft Exchange was installed, those subscribers do not need Microsoft Client Access Licenses (CALs). Unified Messaging subscribers all need CALs. For more information on the Unified Messaging portion of a mixed system, see the "Unified Messaging with Customer-Provided Infrastructure" section. For more information on the Voice Messaging portion of a mixed system, see the "Voice Messaging with Customer-Provided Infrastructure" section. Voice Messaging with Cisco-Provided, Dedicated Infrastructure Revised May 6, 2008 In this deployment model: •Each Voice Messaging subscriber requires a separate Active Directory user account in a dedicated forest. •Each Voice Messaging subscriber requires a separate Exchange mailbox that holds only Cisco Unity voice messages on a separate, dedicated Exchange server that homes only Cisco Unity voice messages. The advantages of this model include the following: •The customer does not need to extend the Active Directory schema in the existing forest. •Some companies have one department that manages the phone and voice-messaging system and a separate department that manages Exchange. Dedicated Exchange servers for Cisco Unity voice messages may simplify implementation and maintenance. •Some customers like to keep voice messages and e-mail messages separate. •If Active Directory accounts are created in an existing forest and mailboxes are stored on existing Exchange servers, the customer is responsible for support for the servers. If accounts are created in a dedicated forest and mailboxes are stored on Exchange servers that are dedicated to Cisco Unity voice messages, Cisco will support the entire Cisco Unity system, including dedicated DC/GCs (if any) and dedicated Exchange servers. The disadvantages of this model include: •A more complicated and time-consuming migration to a Unified Messaging configuration. •More overhead for maintaining the Active Directory and Exchange infrastructure. •Possible additional hardware expense. Voice Messaging with Customer-Provided Infrastructure Revised May 6, 2008 In this deployment model: •Each Voice Messaging subscriber requires a separate Active Directory user account in the existing forest. The customer can create a separate domain for these accounts, but that is not required. •Each Voice Messaging subscriber requires a separate Exchange mailbox that holds only Cisco Unity voice messages. The mailbox can be stored on existing Exchange servers or can be stored on separate, dedicated Exchange servers that home only Cisco Unity voice messages. If the mailboxes are stored on existing Exchange servers, the customer is responsible for support for the servers. If the mailboxes are stored on Exchange servers that are dedicated to Cisco Unity voice messages, Cisco will support the Exchange servers. This model has the following advantages: •It simplifies the migration from a Voice Messaging Configuration to a Unified Messaging configuration. •Some companies have one department that manages the phone and voice-messaging system and a separate department that manages Exchange. If the two departments do not communicate with one another, dedicated Exchange servers for Cisco Unity voice messages may simplify implementation and maintenance. Multi-Site WAN with Distributed Messaging When deploying Cisco Unity in a multi-site WAN with distributed messaging, the customer uses two or more of the deployment models discussed earlier in this section, either at the same physical site or in geographically diverse data centers connected by a WAN. In this deployment, network bandwidth should meet the minimum Microsoft Exchange server inter-site requirements. When all Cisco Unity servers will be in the same Active Directory forest and the customer wants subscribers to be able to send voice messages across servers, use Cisco Unity Digital Networking to connect them. The messaging functionality across Cisco Unity servers is the same as the messaging functionality on a single Cisco Unity server. When Cisco Unity servers will be in two or more Active Directory forests, you can use VPIM networking to connect them. The messaging functionality across Cisco Unity servers is not identical to the messaging functionality on a single Cisco Unity server, but most functionality is preserved. (VPIM networking requires that the Cisco Unity Voice Connector for Microsoft Exchange be installed on an Exchange 2003 or Exchange 2000 server in each forest.) For more information, see the applicable Networking Guide for Cisco Unity Release 5.x at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_feature_guides_list.html. When the customer wants Cisco Unity to communicate with another voice messaging system, the method you use to network them and the functionality that is available depend on the voice-messaging system. For example, to network Cisco Unity with Cisco Unity Express or with Cisco Unity Connection, you use VPIM networking, and to network Cisco Unity with Octel voice-messaging systems, you use the Cisco Unity Bridge. For more information, see: •The applicable Networking Guide for Cisco Unity Release 5.x at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_feature_guides_list.html. •Networking Options Requirements for Cisco Unity at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html. Physical Placement and Network Infrastructure Revised May 6, 2008 To ensure that Cisco Unity functions properly, we require that a Cisco Unity server be in the same data center as the following servers: •The Exchange server that Cisco Unity communicates with, commonly known as the partner Exchange server. For more information on the partner Exchange server, see the "Exchange Considerations (All Versions)" section. •Every Exchange server on which mailboxes for that Cisco Unity server are homed. If Cisco Unity is separated by a WAN from an Exchange server on which subscriber mailboxes are homed, a second Cisco Unity server must be co-located with the remote Exchange server. •At least one domain controller. If Cisco Unity subscribers are homed in more than one domain, a DC for each domain must be in the same data center as the Cisco Unity server. •At least one global catalog server. •At least one DNS server. These requirements apply regardless of whether the non-Cisco Unity servers are customer provided, or are Cisco provided and dedicated to Cisco Unity. Connect the Cisco Unity server and the servers that Cisco Unity relies on with a high-speed switched gigabit network with no congestion. Total MAPI response time must be less that 10 milliseconds. The Cisco Unity server should be installed into the same Windows site as the Exchange servers it services. Note the following: •Cisco Unity can coexist with firewalls. However, note that Cisco Unity should never be deployed outside of a firewall. Doing so can expose the Cisco Unity server to unwanted intrusion from the Internet, even if the server is hardened. For detailed firewall requirements, see the following sections in the System Requirements for Cisco Unity at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html: –"Network Requirements" –"Failover Requirements for Separating Cisco Unity Servers by a Firewall" –"Standby Redundancy Requirements for Separating Cisco Unity Servers by a Firewall" •When Cisco Unity is remotely connected with an IP phone system, it is acceptable to calculate the per-port bandwidth and necessary overhead. The aggregate total of bandwidth for all ports plus any necessary overhead is the minimum bandwidth required. •Cisco Unity supports a maximum of 250 Exchange information stores. •If the Cisco Unity server has two NICs, the NICs cannot be used for load balancing. If dual NICs are configured, we recommend that they be configured in adaptive fault tolerant (AFT) or network fault tolerant (NFT) mode. For additional information about dual NICs, see the "Customizing the Cisco Unity Platform" chapter in the applicable Cisco Unity installation guide, available at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html. •In general, Cisco Unity failover servers can be on separate network segments or subnets. However, both servers must reside in the same Windows site, and each server must directly connect to the DCs, GCs, message store servers, and other network resources necessary to operate normally. For requirements for failover over a WAN, see the "Requirements for Cisco Unity Failover Over a WAN" section in the System Requirements for Cisco Unity Release 5.0 at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html. •For information on network requirements for phone system integrations, see the "Integrating Cisco Unity with the Phone System" chapter. Considerations for Customer-Provided Infrastructure See the following sections: •Active Directory Considerations •Exchange Considerations (All Versions) •Exchange Considerations That Apply Only Exchange 2007 Active Directory Considerations Note the following Active Directory considerations when a Cisco Unity implementation will use customer-provided Active Directory infrastructure: •The Active Directory schema must be extended for Cisco Unity to function properly. For information on capacity planning recommendations related to using Cisco Unity with Active Directory, see the Active Directory Capacity Planning (Cisco Unity Version 5.x and Later with Microsoft Exchange) white paper at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_white_papers_list.html. This white paper also includes sizing information for Active Directory objects that have been voice enabled by Cisco Unity. Finally, it discusses the Cisco Unity schema: what is required when the customer extends the schema, and when it is required. For general information on Cisco Unity and Active Directory, see the applicable Cisco Unity Data and the Directory white paper, also at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_white_papers_list.html. •The main Cisco Unity services log on by using two Active Directory accounts that the installer creates during Cisco Unity installation: –Message store services log on by using the message store services account. These services send and receive messages on behalf of the subscriber. The account with which these services log on must have direct access to the Exchange message store where the subscribers reside. –Directory services log on by using the directory services account. These services write to user, group, and contact objects when the objects are imported into Cisco Unity, and they write to individual subscriber properties when a subscriber or an administrator changes personal settings for the subscriber. Each service account can be used by more than one Cisco Unity server in the same domain. •The Cisco Unity installation, message store services, and directory services accounts require Active Directory permissions to create objects during installation and to manage the objects during regular operation. The Cisco Unity Permissions wizard grants the required permissions automatically based on options the installer chooses for the customer configuration. For a detailed explanation of the permissions required, see the Help file Permissions Granted by the Cisco Unity 5.0(1)+ Permissions Wizard at http://ciscounitytools.com/HelpFiles/PW501/PWHelpPermissionsSet_ENU.htm. The installation and directory services accounts also require Exchange permissions. For more information, see the Help file Delegating Exchange Administrative Control for Cisco Unity 5.0(1)+ at http://ciscounitytools.com/HelpFiles/PW501/PWHelpExchange_ENU.htm. For additional information on the Permissions wizard, see the Help file Granting Permissions with Cisco Unity 5.0(1)+ Permissions Wizard at http://ciscounitytools.com/HelpFiles/PW501/PWHelp_ENU.htm. •The Cisco Unity directory service periodically queries the local DC and GC for changes to Active Directory data that also appears in the SQL Server database on the Cisco Unity server. If any changes are found, the directory service updates the SQL Server or MSDE database accordingly. These queries do not significantly affect the performance of the DC or GC unless a significant number of changes have been made to Active Directory user accounts. •Cisco Unity is an Active Directory site-aware application. If Active Directory sites are configured correctly, when Cisco Unity queries Active Directory for directory updates, a DC or GC in the site will respond rather than a DC or GC in a remote site. In a Unified Messaging configuration, in which Active Directory sites are already configured, this should not be an issue. For large Voice Messaging configurations, with Cisco Unity servers in multiple separate locations in a dedicated Active Directory forest, Active Directory sites must be configured to respond intelligently to queries. •Active Directory Application Mode (ADAM) is not supported. Exchange Considerations (All Versions) Note the following Exchange considerations when a Cisco Unity implementation will use customer-provided Exchange infrastructure: •When Cisco Unity is installed, the installer chooses a partner Exchange server, which is the home of several default Cisco Unity mailboxes, including: –The Cisco Unity system mailbox (alias: Unity_<ServerName>), which is the mailbox that originates voice messages from outside callers. (Voice messages from Cisco Unity subscribers originate from the mailbox of the caller.) Each Cisco Unity server must have its own system mailbox. –The mailbox from which broadcast messages are sent. –If Cisco Unity is interoperating with other voice messaging systems, the mailboxes that send voice messages to and receiver voice messages from the other voice messaging systems. The partner Exchange server can be running Exchange 2007, Exchange 2003, or Exchange 2000, and it can be either a clustered or non-clustered Exchange server. Because of the importance of the partner Exchange server in a Cisco Unity installation, the server should be selected primarily on the basis of availability and secondarily on the basis of performance. •Exchange performance is critical to Cisco Unity performance. To ensure that Exchange performance will not adversely affect Cisco Unity, we recommend that customers assess the performance of their Exchange infrastructure before installing Cisco Unity. For example, the Microsoft TechNet article Exchange Server 2003: Ruling Out Disk-Bound Problems (http://technet.microsoft.com/en-us/library/aa997558.aspx) can provide useful guidance. •Exchange servers must meet Microsoft requirements, including the maximum number of users per server, the proper amount of memory, the proper processors and processor speed, hard disks that can meet disk-access response times, and placement of data files and transaction log files. Cisco Unity cannot support Exchange servers that have performance bottlenecks such as slow hard drives or insufficient memory. For example, if slow hard drives or the lack of a dedicated mirror for transaction logs cause delays in recording log transactions, MAPI access (which is used by Microsoft Outlook, Exchange, and Cisco Unity to access Exchange) will be temporarily suspended until the transaction buffers can be cleared to a certain level. This can substantially delay phone access to Cisco Unity. •The Cisco Unity Voice Connector for Microsoft Exchange, which is required for communicating with another voice-messaging system by using AMIS, the Cisco Unity Bridge, or VPIM, must be installed on the partner Exchange server. The Voice Connector can also, optionally, be installed on one or more other Exchange 2000 or Exchange 2003 servers to optimize message routing via Exchange's native, cost-based routing. (The Voice Connector cannot be installed on an Exchange 2007 server.) •For information on the impact of audio codecs on Exchange, see the "Audio Codecs" section on page 3-5. •In a Voice Messaging configuration, to prevent the message store from filling the hard disk, some customers configure storage limits in Exchange, and use Cisco Unity Message Store Manager to delete old messages. For example, messages older than 30 days might be moved to the deleted-messages folder, and messages older than 60 days might be purged. For more information on Message Store Manager, see the Message Store Manager Help at http://ciscounitytools.com/HelpFiles/MSM/MSMConsoleHelp_ENU.htm. •In a Voice Messaging configuration, to help prevent Exchange transaction logs from filling the hard disk, a wizard in Cisco Unity Setup prompts the installer to change the circular-logging setting for any message store in the forest for which circular logging is turned off. If the customer is using an Exchange-aware backup application to back up Exchange message stores and clear transaction logs, the installer can choose not to change the circular-logging setting. Exchange Considerations That Apply Only Exchange 2007 Note the following Exchange 2007 considerations when a Cisco Unity implementation will use customer-provided Exchange 2007 infrastructure: •Exchange 2007 is supported as the message store only when Cisco Unity is configured as Unified Messaging. •The Cisco Unity Voice Connector for Microsoft Exchange, which is required for communicating with another voice-messaging system by using AMIS, the Cisco Unity Bridge, or VPIM, can only be installed on an Exchange 2000 or an Exchange 2003 server. A Voice Connector is not currently available for Exchange 2007. If the customer has already configured a pure Exchange 2007 environment, an Exchange 2000 or Exchange 2003 server cannot be added to the environment and, therefore, Cisco Unity functionality that requires the Voice Connector is not available. •Cisco Unity Mobile Message Access for BlackBerry is not supported for Exchange 2007. •Integrated messaging via IMAP with Exchange 2007 is supported when Cisco Unity voice messages are stored in Exchange 2000 or Exchange 2003. With Exchange 2000 or Exchange 2003, you can store e-mail messages in one Exchange message store, store Cisco Unity voice messages in another message store, and view both types of messages in a Microsoft Outlook Inbox. In this configuration, known as integrated messaging, you: –Configure Outlook to use MAPI to communicate with the message store that contains e-mail (MAPI is required because the e-mail message store commonly also contains calendars and contacts). –Configure Outlook to use IMAP to communicate with the message store that contains Cisco Unity voice messages. (Outlook only supports one MAPI connection at a time.) –Enable Exchange rich-text format on Exchange servers, which converts IMAP to TNEF-encoded IMAP. (If you do not enable rich-text format, voice messages appear in the Outlook Inbox as e-mail messages, so ViewMail for Outlook is not available.) Exchange 2007 does not support TNEF-encoded IMAP, but you can still use an integrated messaging configuration with Exchange 2007 if you store e-mail in Exchange 2007 and store Cisco Unity voice messages in Exchange 2000 or Exchange 2003. For more information on Cisco Unity limitations when Exchange 2007 is the message store, see the subsection "Cisco Unity with Exchange: Exchange Server 2007" in the section "New and Changed Requirements and Support—Release 5.0(1)" in Release Notes for Cisco Unity Release 5.0(1) at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_release_notes_list.html. Considerations for Cisco-Provided, Dedicated Infrastructure Note the following considerations when a Cisco Unity implementation will use Cisco-provided, dedicated Exchange and Active Directory infrastructure: •Ensure that the servers selected for Cisco Unity and for Exchange are able to handle the proposed number of users. For information on selecting servers, see the Cisco Unity Supported Platforms List at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_data_sheets_list.html. •If the customer is installing Cisco Unity and Exchange servers in multiple locations and if they will all be in the same Active Directory forest, ensure that Active Directory sites are configured. •If two or more Cisco Unity servers are being installed in a forest but they are being installed in different forest roots, configure a one-way trust to enable client authentication. For more information, see the "Grant Unity Access" section in the Client Access in a Voice Messaging-Only Deployment (Cisco Unity Version 4.0) white paper at http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_white_papers_list.html. Note The version of GrantUnityAccess shipped with Cisco Unity 5.0 requires a two-way trust due to caveat CSCsi68156. An updated version of GrantUnityAccess that does not have this problem is available on the "4.x/5.x Tools" page on the Cisco Unity Tools website at http://ciscounitytools.com/4_x_tools.htm. •Within a given data center, if the location will have two Exchange servers, we recommend that the customer make both servers DC/GCs and run DNS on both servers. If the location will have four or more Exchange servers, we recommend that the customer make half of the Exchange servers DC/GCs and run DNS on two of them. •In a Voice Messaging configuration, to prevent the message store from filling the hard disk, some customers configure storage limits in Exchange, and use Cisco Unity Message Store Manager to delete old messages. For example, messages older than 30 days might be moved to the deleted-messages folder, and messages older than 60 days might be purged. For more information on Message Store Manager, see the Message Store Manager Help at http://ciscounitytools.com/HelpFiles/MSM/MSMConsoleHelp_ENU.htm. •The Cisco Unity Voice Connector for Microsoft Exchange, which is required for communicating with another voice-messaging system by using AMIS, the Cisco Unity Bridge, or VPIM, must be installed on the partner Exchange server. The Voice Connector can also, optionally, be installed on one or more other Exchange 2000 or Exchange 2003 servers to optimize message routing via Exchange's native, cost-based routing. (The Voice Connector cannot be installed on an Exchange 2007 server.) •The customer can configure Exchange clustering by using the Voice Mail Run-Time Edition of Microsoft Exchange Server 2003 Enterprise Edition that is shipped with Cisco Unity. However, the customer is responsible for supporting the Exchange cluster and any custom hardware or configuration. •In a Voice Messaging configuration, to help prevent Exchange transaction logs from filling the hard disk, a wizard in Cisco Unity Setup prompts the installer to change the circular-logging setting for any message store in the forest for which circular logging is turned off. If the customer is using an Exchange-aware backup application to back up Exchange message stores and clear transaction logs, the installer can choose not to change the circular-logging setting.
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.