Setup for Cisco Unified Presence

Available Languages

Download Options

  • PDF     (1.2 MB)
    View with Adobe Reader on a variety of devices
Updated:December 31, 2012

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Setup for Cisco Unified Presence

Setup for Cisco Unified Presence

This chapter describes how you can set up Cisco Jabber for iPad using Cisco Unified Presence.

Specifying Cisco Unified Presence Settings

Follow these steps.

Procedure
    Step 1   Select Cisco Unified Presence Administration > Application > Jabber > Settings.
    Note   

    Cisco Unified Presence is known as Cisco Unified Communications Manager IM and Presence starting with Release 9.0. Select Cisco Unified CM IM and Presence > Application > Legacy Client > Settings if you are using Release 9.0.
    Step 2   Enter the information described in this table:
    Field Setting
    CSF certificate directory (relative to CSF install directory)

    This field applies only if the Client Services Framework (CSF) requires you to import security certificates to authenticate with LDAP, web conferencing, and CCMCIP. For most deployments, you do not need to import security certificates.

    You only need to import security certificates for CSF to trust in the following scenarios:

    • You use a signed certificate for Cisco Unified Communications Manager Tomcat instead of the default self-signed certificate.
    • You want CSF to connect to the LDAP server via LDAPS.
    • You use a signed certificate for Cisco Unity Connection Tomcat instead of the default self-signed certificate.

    If you must specify a value, specify the directory that contains the security certificates as an absolute path. If you do not specify a directory, CSF looks for the certificates in the default directory and trusts any certificates in that location.

    Default Setting: Not set
    Credentials source for voicemail service If user credentials for the voicemail service are shared with another service, select the appropriate service. The user credentials automatically synchronize from the service that you select.

    Default Setting: Not set

    Tip   

    If this value is set to Not set, users need to enter their credentials in Jabber for iPad.
    Credentials source for web conferencing service If user credentials for the meeting service are shared with another service, select the appropriate service. The user credentials automatically synchronize from the service that you select.

    Default Setting: Not set

    Tip   

    If this value is set to Not set, users need to enter their credentials manually in the application.
    Maximum message size Enter the allowed size limit for instant messages, in bytes.
    Allow cut & paste in instant messages Check this check box to allow users to cut and paste in their chat messages.

    Default Setting: On
    Step 3   Select Save.

    Starting Essential Services

    Start the following Cisco Unified Presence Extensible Communication Platform (XCP) services on all Cisco Unified Presence nodes in all clusters:

    • Cisco Unified Presence XCP Authentication Service
    • Cisco Unified Presence XCP Connection Manager

    You may also start these Unified Presence XCP services on all Unified Presence nodes in all clusters, depending on what features you want to make available:

    • Cisco Unified Presence XCP Text Conference Manager, for group chat
    • Cisco Unified Presence XCP SIP Federation Connection Manager, to support federation services with third-party applications that use SIP
    • Cisco Unified Presence XCP XMPP Federation Connection Manager, to support federation services with third-party applications that use XMPP
    • Cisco Unified Presence XCP Counter Aggregator, if you want system administrators to be able to view statistical data on XMPP components
    • Cisco Unified Presence XCP Message Archiver, for automatic archiving of all instant messages

    Note

    Read the documentation for any feature that you are setting up before you turn on the related services. Additional work might be required.

    Firewall Requirements

    Configure hardware firewalls to allow the ports to carry traffic for the application. Hardware firewalls are network devices that provide protection from unwanted traffic at an organizational level. This table lists the ports required for the deployments of Cisco Unified Communications Manager and Cisco Unified Presence. These ports must be open on all firewalls for the application to function properly.

    Port Protocol Description
    Inbound
    16384-32766 UDP Receives Real-Time Transport Protocol (RTP) media streams for video and audio. You set up these ports in Cisco Unified Communications Manager.
    Outbound
    69, then Ephemeral TFTP Connects to the Trivial File Transfer Protocol (TFTP) server to download the TFTP file
    80 and 6970 HTTP Connects to services such as Cisco WebEx Messenger for meetings and Cisco Unity Connection for voicemail features

    If no port is specified in a TFTP server address, Cisco Jabber for iPad will try port 6970 to obtain phone setup files and dial rule files.
    5060 UDP/TCP Provides Session Initiation Protocol (SIP) call signaling
    5061 TCP Provides secure SIP call signaling
    8443 TCP Connects to the Cisco Unified Communications Manager IP Phone (CCMCIP) server to get a list of currently assigned devices
    16384-32766 UDP UDP Sends RTP media streams for video and audio
    389 TCP Connects to the LDAP server for contact searches
    443

    7080

    		 VMRest

    HTTPS

    		 Connects to Cisco Unity Connection to retrieve and manage voice messages.
    636 LDAPS Connects to the secure LDAP server for contact searches

    Setting Up Directory Search, IM, and Availability

    Review the following topics to set up IM and availability.

    Setting Up LDAP Servers

    Perform this task in Cisco Unified Presence.

    Before You Begin

    Do the following:

    • Set up the LDAP attribute map
    • Obtain the hostnames or IP addresses of the LDAP directories
    Procedure
      Step 1   Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > LDAP Server.
      Note   

      LDAP server configuration is done in Cisco Unified Communications Manager starting with Release 9.0.
      Step 2   Select Add New.
      Step 3   Enter the LDAP server name.
      Step 4   Enter an IP address or an FQDN (Fully Qualified Domain Name) of the LDAP server.
      Step 5   Specify the port number used by the LDAP server. The defaults are:
      • TCP—389
      • TLS—636

      Check the LDAP directory documentation or the LDAP directory configuration for this information.
      Step 6   Select TCP or TLS for the protocol type.
      Step 7   Select Save.

      Creating LDAP Profiles and Adding Users

      Cisco Jabber for iPad connects to an LDAP server on a per-search basis. If the connection to the primary server fails, the application attempts the first backup LDAP server, and if it is not available, it then attempts to connect to the second backup server. The application also periodically attempts to return to the primary LDAP server. If an LDAP query is in process when the system fails over, the next available server completes this LDAP query.

      Before You Begin

      Do the following:

      • Specify the LDAP server names and addresses
      • You must create the LDAP profile before you can add Cisco Jabber for iPad users to the profile.
      Procedure
        Step 1   Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > LDAP Profile.
        Note   

        LDAP profile configuration is done in Cisco Unified Communications Manager starting with Release 9.0.
        Step 2   Select Add New.
        Step 3   Enter information in the fields.
        Field Setting
        Name Enter the profile name limited to 128 characters.
        Description Optional. Enter a description limited to 128 characters.
        Bind Distinguished Name

        Optional. Enter the administrator-level account information limited to 128 characters. This is the distinguished name with which you bind for authenticated bind.

        The syntax for this field depends on the type of LDAP server that you deploy. For details, see the LDAP server documentation.
        Anonymous Bind Optional. Uncheck this option to use the user credentials to sign in to this LDAP server.

        For non-anonymous bind operations, Cisco Jabber for iPad receives one set of credentials. If configured, these credentials must be valid on the backup LDAP servers.

        Note   

        If you check Anonymous Bind, users can sign in anonymously to the LDAP server with read-only access. Anonymous access might be possible on your directory server, but Cisco does not recommend it. Instead, create a user with read-only privileges on the same directory where the users to be searched are located. Specify the directory number and password in Cisco Unified Presence for the application to use.
        Password Optional. Enter the LDAP bind password limited to 128 characters. This is the password for the administrator-level account that you provided in the Bind Distinguished Name string to allow users to access this LDAP server.
        Confirm Password Reenter the password you entered in Password.
        Search Context Optional. Enter the location where you set up all the LDAP users. This location is a container or directory. The name is limited to 256 characters. Use only a single OU/LDAP search context.
        Recursive Search Optional. Check to perform a recursive search of the directory starting at the search base.
        Primary LDAP Server and Backup LDAP Server Select the primary LDAP server and optional backup servers.
        Add Users to Profile Select the button to open the Find and List Users window. Select Find to populate the search results fields. Alternatively, search for a specific user and select Find. To add users to this profile, select the users, and select Add Selected.
        Step 4   Select Save.

        Setting Up the LDAP Attribute Map

        Before You Begin

        Set up the LDAP attribute map on Cisco Unified Presence where you enter LDAP attributes for your environment and map them to the given Cisco Jabber for iPad attributes.

        If you want to use LDAP to store your employee profile photos, use a third-party extension to upload the photo files to the LDAP server or extend the LDAP directory server schema by other means to create an attribute that the LDAP server can associate with an image.

        For Cisco Jabber for iPad to display profile photos, in the LDAP attribute map, map the Jabber for iPad "Photo" value to the appropriate LDAP attribute.


        Note
        • Contact photos may be cropped when they are displayed in Jabber for iPad.
        • The UPC UserID setting in the LDAP attribute map must match the Cisco Unified Communications Manager user ID. This mapping allows a user to add a contact from LDAP to the contact list in Cisco Jabber for iPad. This field associates the LDAP user with the corresponding user on Cisco Unified Communications Manager and Cisco Unified Presence.
        • You can map an LDAP field to only one Cisco Jabber field.
        Procedure
          Step 1   Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator > Settings.

          Select Cisco Unified CM IM and Presence > Application > Legacy Client > Settings if you are using Release 9.0.
          Step 2   Select a supported LDAP server from Directory Server Type.

          The LDAP server populates the LDAP attribute map with Cisco Jabber user fields and LDAP user fields.
          Step 3   If necessary, make modifications to the LDAP field to match your specific LDAP directory.

          The values are common to all LDAP server hosts. Note the following LDAP directory product mappings:

          Product LastName Mapping UserID Mapping
          Microsoft Active Directory SN sAMAccountName
          OpenLDAP SN uid
          Step 4   Select Save.
          Tip   

          If you want to stop using the current attribute mappings and use the factory default settings, select Restore Defaults.

          Indexing Active Directory Attributes

          Index these Active Directory attributes:

          • sAMAccountName
          • displayName
          • mail
          • msRTCSIP-PrimaryUserAddress

          In addition, index any attributes that are used for contact resolution. For example, you might need to index these attributes:

          • telephoneNumber
          • Any other directory phone number attributes that are used to find contacts, depending on the value of the DisableSecondaryNumberLookups key
          • ipPhone, if this attribute is used in your environment

          Turning IM Policy On or Off

          This procedure describes how to turn on or off IM features for all IM applications in a Cisco Unified Presence cluster. IM features are turned on by default in Cisco Unified Presence.


          Caution

          If you turn off IM features in Cisco Unified Presence, all group chat functionality (ad hoc and persistent chat) will not work in Cisco Unified Presence. Cisco recommends that you do not turn on the Cisco UP XCP Text Conference service or set up an external database for persistent chat in Cisco Unified Presence.
          Procedure
            Step 1   Select Cisco Unified Presence Administration > Messaging > Settings.
            Step 2   Select Enable instant messaging.
            Note   
            • If you turn on this setting, users can send and receive IMs.
            • If you turn off this setting, users cannot send or receive IMs. Users can use IM only for availability and phone operations.
            Step 3   Select Save.
            Step 4   Restart the Cisco UP XCP Router service.

            Specifying IM Policy Settings

            You can specify IM policy settings by following these steps.

            Procedure
              Step 1   Select Cisco Unified Presence Administration > Presence > Settings.
              Step 2   Turn on or off automatic authorization for viewing availability.
              If you want to… Do this…
              Turn on automatic authorization so that Unified Presence automatically authorizes all availability subscription requests it receives from Jabber for iPad users in the local enterprise Check Allow users to view the availability of other users without being prompted for approval.
              Turn off automatic authorization so that Unified Presence sends all availability subscriptions to where the user is prompted to authorize or reject the subscription Uncheck Allow users to view the availability of other users without being prompted for approval.
              Step 3   Select Cisco Unified Presence Administration > Messaging > Settings.
              Step 4   Turn on or off these global settings:
              If you want to… Do this…
              Globally turn off instant messaging services Uncheck Enable instant messaging.
              Globally turn on offline instant messaging Uncheck Suppress Offline Instant Messaging.
              Step 5   Select Save.
              Step 6   Restart the Cisco UP XCP Router service.

              Setting Up URL Strings to Fetch Contact Pictures from Web Server

              You can set up a parameterized URL string in the Photo field in the LDAP attribute map so that Cisco Jabber for iPad can fetch pictures from a web server instead of from the LDAP server. The URL string must contain an LDAP attribute with a query value containing a piece of data that uniquely identifies the photo of the user. Cisco recommends that you use the User ID attribute. However, you can use any LDAP attribute whose query value contains a piece of data that uniquely identifies the photo of the user.

              Cisco recommends that you use %%<userID>%% as the substitution string. For example:

              • http://mycompany.example.com/photo/std/%%uid%%.jpg
              • http://mycompany.example.com/photo/std/%%sAMAccountName%%.jpg

              You must include the double percent symbols in this string, and they must enclose the name of the LDAP attribute to substitute. Cisco Jabber for iPad removes the percent symbols and replaces the parameter inside with the results of an LDAP query for the user whose photo it resolves.

              For example, if a query result contains the attribute "uid" with a value of "johndoe," then a template such as http://mycompany.com/photos/%%uid%%.jpg creates the URL http://mycompany.com/photos/johndoe.jpg. Cisco Jabber for iPad attempts to fetch the photo.

              This substitution technique works only if Cisco Jabber for iPad can use the results of the query and can insert it into the template you specify above to construct a working URL that fetches a JPG photo. If the web server that hosts the photos in a company requires a POST (for example, the name of the user is not in the URL) or uses some other cookie name for the photo instead of the username, this technique does not work.


              Note
              • Limit a URL length to 50 characters.
              • Cisco Jabber for iPad does not support authentication for this query; the photo must be retrievable from the web server without credentials.

              Setting Up Connect on Demand VPN

              The Connect On Demand VPN feature is supported in Cisco Unified Presence standalone mode within limits. Your Cisco Unified Presence server must be configured with a Fully Qualified Domain Name(FQDN) to enable the Connect to On Demand VPN feature in Cisco Jabber for iPad.

              Preparing User Instructions

              When you finish setting up Cisco Unified Presence, send your users an email message that includes the following information:

              • Directions to download and install the app, named Cisco Jabber for iPad, from the App Store
              • The user's username or email address
              • Directions to input email address after the user starts the application on their iPad
              • Instructions for connecting the device to the corporate Wi-Fi network. This process is independent of Cisco Jabber for iPad.
              • Instructions for setting up VPN (Virtual Private Network) access on the device, if you allow users to use Cisco Jabber for iPad through VPN connections. This process is independent of Cisco Jabber for iPad.
              • Directions to access the FAQs, which users can view by selecting Settings icon > Help > FAQs
              • Anything else you want to communicate with your users

              Was this Document Helpful?

              FeedbackFeedback

              Contact Cisco