Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)

Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
First Published: September 23, 2013
Last Modified: February 25, 2014
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
© 2015
Cisco Systems, Inc. All rights reserved.
CONTENTS
CHAPTER 1
Overview of Cisco Jabber for Mac 1
Overview of Cisco Jabber for Mac 1
How to use this guide 2
Deploy certificates for Cisco Jabber for Mac 2
CHAPTER 2
Deploy Cisco Jabber for Mac on-demand 5
Overview of Cisco Jabber for Mac on-demand deployment 5
CHAPTER 3
Deploy Cisco Jabber for Mac on-premises 7
Overview of Cisco Jabber for Mac on-premises deployment 7
On-premises deployment checklist 8
Before you deploy 9
Configure Cisco Unified Presence settings 9
Start essential services 10
Firewall requirements for Cisco Jabber for Mac 11
Cisco Jabber for Mac Configuration Requirements 13
Global configuration files 13
Group configuration files 14
Group Configuration File Names 14
Configuration file caching 15
Configuration file examples 15
Cisco Media Services Interface 19
Traffic Marking 19
Prepare Your Network 19
Install Cisco Media Services Interface 20
Configure IM and Availability 20
Configure LDAP Servers 20
Configure LDAP Servers in Cisco Unified Presence 20
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
iii
Contents
Configure LDAP Servers in Cisco Unified Communication Manager 21
Add a new service profile in Cisco Unified CM 21
Configure LDAP Servers in Cisco Unified Communication Manager 23
Add Directory Profile to Service Profile in Cisco Unified Communication
Manager 23
Configure IM and Presence Servers 25
Add IM and Presence Profile to Service Profile 25
Configure a Secure Connection Between Cisco Unified Presence and the LDAP
Directory 26
Create LDAP Configuration 26
Create LDAP Profiles and Add Users in Cisco Unified Presence 8.6 or earlier 26
Create LDAP Profiles and Add Users in Cisco Unified Presence 8.6.3 or later 29
Specify LDAP Directory Configuration on Cisco Unified Communications
Manager 31
Configure the LDAP Attribute Map 33
LDAP Authentication 34
Indexed Active Directory Attributes 34
Intradomain Federation 35
Configure intradomain federation 35
Intradomain Federation Example 36
Predictive search 36
Cisco Unified Communications Manager User Data Service 37
Enable Integration with UDS 37
Set UDS Service Parameters 38
Contact photo retrieval 38
Retrieve photo with URI substitution 39
Retrieve binary data for photos 39
Configure LDAP Authentication 39
Configure LDAP Synchronization for User Provisioning 40
Enable Instant Messaging Policy 41
Turn IM History Logging On or Off 42
Fetch Contact Pictures from a Web Server 43
Configure IM Policy Settings 43
Optional configurations 44
Third-party XMPP client support 44
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
iv
Contents
Requirements for supporting third-party XMPP clients 44
Configure a secure connection between Cisco Unified Presence and XMPP clients 45
Enable support for third-party XMPP clients 45
Telephony 46
Configure CCMCIP profiles 46
Configure CCMCIP profiles in Cisco Unified Presence 46
Configure CCMCIP profiles in Cisco Unified Presence Administration 48
Configure CTI profiles 50
Configure CTI gateway profiles in Cisco Unified Presence 50
Configure CTI Profile in Cisco Unifed Communications Manager 51
Add CTI Profile to Service Profile 52
Desk Phone Control Mode 52
Configuration of Cisco Unified Presence to enable use of desk phone for calls 52
Enable control of desk phone from CTI 52
Using the computer as a phone 53
Enable control of computer as a phone from CTI 53
Create a Cisco Unified Client Services Framework device for each user 53
Naming guidelines for Cisco Unified Client Services Framework devices 55
Associate a new device with a user 55
Associate a line for a phone device with a user 56
Configure the proxy listener and TFTP addresses 56
Configure proxy listener and TFTP addresses for Cisco Unified Presence 57
Configure proxy listener and TFTP addresses for IM and Presence Service 58
Configuration of security for calls 58
Configure security for a device 59
Reset a device 59
Voicemail 59
Configure Cisco Unity Connection servers 59
Add a Voicemail Service 61
Apply Voicemail Service 62
Add a Mailstore Service 63
Apply Mailstore Service 64
Configure Retrieval and Redirection 64
Set a Voicemail Credentials Source 65
Meetings 66
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
v
Contents
Configure the Cisco WebEx Meetings Server 66
Configure Cisco WebEx Meeting Server for Cisco Unified Presence 66
Configure the Cisco WebEx Meeting Server in Cisco Unified CM 67
Add Conferencing Profile to Service Profile 69
Distribute the Cisco Jabber for Mac client 69
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
vi
CHAPTER
1
Overview of Cisco Jabber for Mac
• Overview of Cisco Jabber for Mac, page 1
• How to use this guide, page 2
• Deploy certificates for Cisco Jabber for Mac, page 2
Overview of Cisco Jabber for Mac
Cisco Jabber for Mac streamlines communications and enhances productivity by unifying availability, instant
messaging, voice, video, voice messaging, desktop sharing, and conferencing capabilities securely into one
client on your desktop. Cisco Jabber for Mac delivers secure, clear, and reliable communications, offers
flexible deployment models, is built on open standards and integrates with commonly used desktop applications.
Communicate and collaborate effectively from anywhere you have an Internet connection.
Release 9.2.1
The following improvements have been made in Cisco Jabber for Mac Release 9.2.1:
• Video
◦Place and receive Video calls to various video endpoints including EX60 and EX90 phones, and
TP bridges
◦Full screen video
◦Moveable picture-in-picture
◦Support for multiple cameras and camera selection
◦Hold and resume video calls
◦Stop and start your video during a call
◦Handle multiple video calls
• Medianet Metadata
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
1
Overview of Cisco Jabber for Mac
How to use this guide
How to use this guide
This guide is designed to help you install, configure, and perform administrative tasks for Cisco Jabber for
Mac. The following table will direct you to the sections of this guide that are relevant to your needs:
If you want to:
Consult the following section(s):
Deploy Cisco Jabber for Mac in an on-demand
environment using Cisco Collaboration Cloud
Overview of Cisco Jabber for Mac on-demand
deployment
Configure or administrate telephony for Cisco Jabber See Getting started with Cisco Unified
for Mac
Communications Manager for Click to Call.
Configure or administrate voicemail for Cisco Jabber See Specifying Visual Voicemail settings.
for Mac
Configure or administrate meetings for Cisco Jabber See Understanding additional services.
for Mac
Distribute the Cisco Jabber for Mac client
See Overview of Cisco Jabber for Mac on-demand
deployment.
Deploy certificates for Cisco Jabber for Mac
Cisco Jabber for Mac features a new security enhancement that provides users with a warning dialog in the
event that a certificate cannot be validated (due to self-signage, incorrect name or date, or other reasons). As
long as the certificate is valid and trusted, the dialog will not appear.
Cisco provides users with the opportunity to "Continue" connecting from the warning dialogs when Cisco
Jabber for Mac is deployed into networks with self-signed certificates. Users also have the option to mark the
self-signed certificate as "Always Trust," which places the certificate in the user's Keychain and eliminates
the warning dialog on subsequent launches.
Users may become frustrated when presented with several warning dialogs when first launching the product,
since Cisco Jabber for Mac connects to many servers. In order to resolve this issue and improve the user
experience, Cisco recommends that administrators acquire proper certificates that are issued from a trusted
Certificate Authority. When Cisco Jabber for Mac is presented with a valid certificate, it will connect normally
without prompting the user (unless the user has chosen the option to see certificates before Cisco Jabber for
Mac connects).
Alternatively, you can provide self-signed certificates that the user can install on his or her local machine.
The user will not encounter the dialog box if the certificates are already in place when Cisco Jabber for Mac
launches.
Perform the following steps to deploy self-signed certificates to users:
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
2
Overview of Cisco Jabber for Mac
Deploy certificates for Cisco Jabber for Mac
Procedure
Step 1
Step 2
Step 3
Step 4
Download the "tomcat-trust" certificate from the Cisco Unified OS administration interface, under Security
> Certificate Management.
Download the corresponding certificates from the Cisco Unified Presence, Cisco Unified Communications
Manager, and Unity Connection servers, where applicable.
Concatenate the certificates into a single file with the extension .pem (for example,
"companyABCcertificates.pem").
Send the file to your Cisco Jabber for Mac users and ask them to double-click it. Doing so launches the
Keychain Access application and imports the certificates.
Note:
The operating system requires that the user enter the Mac OS X administration password for each certificate
that is being imported.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
3
Overview of Cisco Jabber for Mac
Deploy certificates for Cisco Jabber for Mac
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
4
CHAPTER
2
Deploy Cisco Jabber for Mac on-demand
• Overview of Cisco Jabber for Mac on-demand deployment, page 5
Overview of Cisco Jabber for Mac on-demand deployment
You can deploy Cisco Jabber for Mac in an on-demand (or "cloud") environment by using the Cisco WebEx
Connect Administration Tool. To learn how to use this tool, consult the Cisco WebEx Connect Administration
Guide:
http://www.webex.com/webexconnect/orgadmin/help/index.htm
You may also download a PDF of the guide.
Recommended installation
To perform this type of deployment from start to finish, Cisco recommends that you follow the steps below
in the order specified:
1 Configure organization information. See Understanding the Configuration Tab.
2 Create and provision users. See Overview of User Management.
3 Configure IM and availability. See Cisco WebEx Connect federation with other instant messaging providers.
4 Configure telephony services. See Getting started with Cisco Unified Communications Manager for Click
to Call.
5 Configure voicemail. See Specifying Visual Voicemail settings.
6 Configure meetings. See Understanding additional services.
Note
This is a list of high-level tasks that may not include every aspect of your configuration. Consult the
individual links for more information.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
5
Deploy Cisco Jabber for Mac on-demand
Overview of Cisco Jabber for Mac on-demand deployment
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
6
CHAPTER
3
Deploy Cisco Jabber for Mac on-premises
This chapter describes how to deploy Cisco Jabber for Mac in an on-premises environment, using Cisco
Unified Presence.
• Overview of Cisco Jabber for Mac on-premises deployment, page 7
• On-premises deployment checklist, page 8
• Before you deploy, page 9
• Cisco Jabber for Mac Configuration Requirements, page 13
• Cisco Media Services Interface, page 19
• Configure IM and Availability, page 20
• Optional configurations, page 44
• Distribute the Cisco Jabber for Mac client, page 69
Overview of Cisco Jabber for Mac on-premises deployment
You can deploy Cisco Jabber for Mac in an on-premises environment by leveraging the following key Cisco
technologies:
• Cisco Unified Presence or Cisco Unified Communications IM and Presence
• Cisco Unified Communications Manager
• Cisco Unity Connection
• Cisco Webex Meeting
Note
This guide has been prepared to align with Cisco Unified Presence release 8.6(1). The system administration
interface and menu choices described in the procedures that follow may vary with other versions of Cisco
Unified Presence. For example, references to Cisco Unified Personal Communicator have been updated
to Cisco Jabber in Cisco Unified Presence release 8.6(3).
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
7
Deploy Cisco Jabber for Mac on-premises
On-premises deployment checklist
Recommended installation
To perform this type of deployment, Cisco recommends that you configure your system in the following order:
1 Configure directory (LDAP) services
2 Configure firewall
3 Create and provision users
4 Configure IM and availability
5 Configure optional features (federated IM, telephony, voicemail, meetings)
6 Distribute the client
Note
This is a list of high-level tasks that may not include every aspect of your configuration. Consult the
On-premises deployment checklist for a more detailed example of a typical deployment.
You should also be aware that you will occasionally switch from entering information in the Cisco Unified
Presence Administration Tool to entering information in the Cisco Unified Communications Manager
Administration Tool.
On-premises deployment checklist
The following checklist describes a typical on-premises deployment of Cisco Jabber for Mac for your reference.
Your organization's deployment may vary.
1 Configure Cisco Unified Presence settings
2 Start essential services, on page 10
3 Configure firewall(s)
4 Deploy certificates for Cisco Jabber for Mac
5 Configure LDAP Servers
6 Configure a Secure Connection Between Cisco Unified Presence and the LDAP Directory
7 Create LDAP profiles and add users
8 Configure the LDAP attribute map
9 Configure LDAP Synchronization for User Provisioning
10 Configure LDAP Authentication
11 Enable Instant Messaging Policy, on page 41
12 Fetch Contact Pictures from a Web Server
13 Option: Configure federated IM
14 Option: Configure telephony
15 Option: Configure voicemail
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
8
Deploy Cisco Jabber for Mac on-premises
Before you deploy
16 Option: Configure meetings
17 Distribute the Cisco Jabber for Mac client
Before you deploy
Configure Cisco Unified Presence settings
Note
You must perform this task in Cisco Unified Presence.
Procedure
Step 1
Step 2
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator
> Settings.
Enter information into the fields:
Field
Setting
CSF certificate directory (relative to CSF install
directory)
This field applies only if the Client Services
Framework (CSF) requires you to import security
certificates to authenticate with LDAP, web
conferencing, and CCMCIP. For most deployments,
you do not need to import security certificates. You
only need to import security certificates for CSF to
trust in the following scenarios:
• You use a signed certificate for Cisco Unified
Communications Manager Tomcat instead of
the default self-signed certificate.
• You want CSF to connect to the LDAP server
via LDAPS.
• You use a signed certificate for Cisco Unity
Connection Tomcat instead of the default
self-signed certificate.
If you must specify a value, specify the directory that
contains the security certificates as an absolute path.
If you do not specify a directory, CSF looks for the
certificates in the default directory and trusts any
certificates in that location.
Default Setting: Not set
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
9
Deploy Cisco Jabber for Mac on-premises
Start essential services
Credentials source for voicemail service
If user credentials for the voicemail service are shared
with another service, select the appropriate service
from this list box. The user credentials automatically
synchronize from the service that you select.
Default Setting: Not set
Troubleshooting Tips
If this value is set to Not set, users must enter their
credentials manually using the Preferences menu from
the client.
Credentials source for web conferencing service
If user credentials for the meeting service are shared
with another service, select the appropriate service
from this list box. The user credentials automatically
synchronize from the service that you select.
Default Setting: Not set
Troubleshooting Tips
If this value is set to Not set, users must enter their
credentials manually using the Preferences menu from
the client.
Maximum message size
Enter the allowed size limit for instant messages, in
bytes.
Allow cut & paste in instant messages
Check this check box to allow users to cut and paste
in their instant messages (IMs).
Default Setting: On
Step 3
Select Save.
Start essential services
Note
You must perform this task in Cisco Unified Communications Manager.
To deploy Cisco Jabber, start the following Cisco Unified Presence Extensible Communication Platform
(XCP) services on all Cisco Unified Presence nodes in all clusters:
• Cisco Unified Presence XCP Authentication Service
• Cisco Unified Presence XCP Connection Manager
You may also start the following optional Cisco Unified Presence XCP services on all Cisco Unified Presence
nodes in all clusters, depending on what features you want to make available:
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
10
Deploy Cisco Jabber for Mac on-premises
Firewall requirements for Cisco Jabber for Mac
• Cisco Unified Presence XCP Text Conference Manager, for group chat.
• Cisco Unified Presence XCP SIP Federation Connection Manager, to support federation services with
third-party applications that use SIP.
• Cisco Unified Presence XCP XMPP Federation Connection Manager, to support federation services
with third-party applications that use XMPP.
• Cisco Unified Presence XCP Counter Aggregator, if you want system administrators to be able to view
statistical data on XMPP components.
• Cisco Unified Presence XCP Message Archiver, for automatic archiving of all instant messages.
Note
Read the documentation relating to any feature that you are implementing before you turn on the relevant
services. Additional configuration might be required.
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Select Cisco Unified Serviceability > Tools > Control Center - Network Services.
Select the desired Cisco Unified Presence server from the Server list box.
Select Go.
Confirm the Cisco UP XCP Router service is running.
If the Cisco UP XCP Router service is not running, do the following:
a) Select the radio button next to the Cisco UP XCP Router service in the CUP Services section.
b) Select OK.
Step 6
Step 7
Step 8
Step 9
Step 10
Select Cisco Unified Serviceability > Tools > Service Activation.
Select the desired Cisco Unified Presence server from the Server list box.
Select Go.
Select Cisco UP XCP Directory Service.
Select Save.
Firewall requirements for Cisco Jabber for Mac
Internet traffic moves through a firewall based on service identification numbers that are known as ports.
Ports are an organizational concept used categorize and prioritize traffic. The primary purpose of a firewall
is to recognize the traffic that moves through it and to allow or deny the traffic based on its port number.
Firewalls must be configured to allow traffic on certain ports for Cisco Jabber to work properly. Network
administrators typically block all unnecessary traffic on their networks. This involves only opening those
ports that are required by enterprise-specific applications and closing all others.
There are two types of firewalls that may be encountered in the enterprise environment, software and hardware
firewalls. Software firewalls exist as a component of most modern computer operating systems. They are
intended to provide a basic level of security at the individual user level. When users run Cisco Jabber for the
first time, they may be asked to Accept or Unblock the application. This is the operating system software
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
11
Deploy Cisco Jabber for Mac on-premises
Firewall requirements for Cisco Jabber for Mac
firewall asking if the application should be allowed to run. Users should be notified of this and provided
information on how to properly respond. If users experience problems with availability, phone mode switching,
or instant messages, the firewall might be denying connections despite the previous allowed setting. Restart
Cisco Jabber. If this does not resolve the issue, return to the Firewall settings, remove Cisco Jabber, and add
it again to the list of applications that allow incoming connections.
Hardware firewalls are network devices that provide protection from unwanted traffic at an enterprise level.
Hardware firewalls must be configured to allow the ports carrying traffic for Cisco Jabber. The following
table lists the ports used by Cisco Jabber. These ports must be open on all firewalls for Cisco Jabber to function
properly.
Port
Protocol
Description
UDP
Real-Time Transport Protocol (RTP)
media streams for audio
69
UDP
Trivial File Transfer Protocol (TFTP)
service
80
TCP
HTTP
Cisco Unified Communications Manager
administrator and user web pages
443
TCP
(HTTPS and XMPP)
Cisco WebEx Meetings Server for
on-premises conferencing
Cisco Unity Connection for voicemail
Inbound
16384-32766
Outbound
Cisco WebEx Messenger service in
cloud-based deployments.
Note
7080
TCP
(HTTPS)
Cisco Unity Connection for notifications
of voice messages
389
UDP/TCP
LDAP directory server
636
LDAPS
LDAP directory server (secure)
3268
TCP
Global Catalog server
2748
TCP
CTI gateway
5060
UDP/TCP
Session Initiation Protocol (SIP) call
signaling
5061
TCP
Secure SIP call signaling
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
12
The client sends XMPP through
port 443 in cloud-based
deployments. If port 443 is
blocked, the client falls back to
port 5222
Deploy Cisco Jabber for Mac on-premises
Cisco Jabber for Mac Configuration Requirements
5222
TCP
(XMPP)
Cisco Unified Presence or Cisco Unified
Communications IM and Presence in
on-premises deployments
Note
In on-premises deployments, the
client sends XMPP traffic
through port 5222. In cloud-based
deployments, the client uses port
5222 as fallback for XMPP traffic
to the Cisco WebEx Messenger
service if port 443 is blocked.
8443
HTTPS
Connection to Cisco Unified
Communications Manager IP Phone
(CCMCIP) server to get a list of
currently-assigned devices.
16384-32766
UDP
RTP media streams for audio
53
UDP/TCP
Domain Name System (DNS) traffic
1080
SOCKS5 Bytestreams
Peer to peer file transfers
If port 1080 is in use, the client attempts
to use the next available port in the range
from 1081 to 1089.
3804
TCP
Locally Significant Certificates (LSC) for
IP phones
This is the listening port for Cisco Unified
Communications Manager Certificate
Authority Proxy Function (CAPF)
enrollment.
44442
HTTP
The client listens for events from Cisco
Unified Client Services Framework.
Cisco Jabber for Mac Configuration Requirements
In most environments, Cisco Jabber for Mac does not require any configuration. You should create a
configuration file for Cisco Jabber for Mac only if the default configuration does not suit your environment
or you require custom configuration.
Global configuration files
Global configuration files apply to all Cisco Jabber for Mac users. Cisco Jabber for Mac downloads the global
configuration file from your TFTP server during the login sequence.
The default name for the global configuration file is jabber-config.xml.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
13
Deploy Cisco Jabber for Mac on-premises
Group configuration files
Group configuration files
Group configuration files apply to subsets of Cisco Jabber for Mac users. Group configuration files take
priority over global configuration files.
Cisco Jabber for Mac retrieves group configuration files after users sign in to their phone account in the client
for the first time. Cisco Jabber for Mac then prompts the users to sign out. During the second login sequence,
Cisco Jabber for Mac downloads the group configuration file from your TFTP server.
Cisco Jabber for Mac loads group configuration files as follows:
Users are not signed in
1 Users sign in and then Cisco Jabber for Mac notifies the users about the change to their configuration
settings.
2 Users sign out.
3 Users sign in and then Cisco Jabber for Mac loads the group configuration settings.
Users are signed in and use Cisco Jabber for Mac for calls
1 Cisco Jabber for Mac notifies the users about the change to their configuration settings.
2 Users sign out.
3 Users sign in and then Cisco Jabber for Mac loads the group configuration settings.
Users are signed in and use Cisco Jabber for Mac for calls
1 Users sign out.
2 Users sign in and then Cisco Jabber for Mac notifies the users about the change to their configuration
settings.
3 Users sign out.
4 Users sign in and then Cisco Jabber for Mac loads the group configuration settings.
If users select the option to use Cisco Jabber for Macs for calls before they sign out, Cisco Jabber for
Mac notifies the users to sign out and then sign in again to load the group configuration settings.
Group Configuration File Names
You specify the name of the group configuration files in the Cisco Support Field on the CSF device
configuration in Cisco Jabber for Mac.
If you remove the name of the group configuration file in the CSF device configuration on Cisco Jabber for
Mac, Cisco Jabber for Mac detects the change, prompts the users to sign out, and loads the global configuration
file. You can remove the name of the group configuration file in the CSF device configuration by deleting
the entire configurationFile=group_configuration_file_name.xml string or by deleting
the group configuration filename from the string.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
14
Deploy Cisco Jabber for Mac on-premises
Configuration file caching
Configuration file caching
Cisco Jabber for Mac always attempts to download configuration files from your TFTP server during the
login sequence. If Cisco Jabber for Mac cannot download a configuration file, it reads the previously loaded
configuration from the cache.
Cisco Jabber for Mac caches the content of both group and global configuration files in a file named
JabberLocalConfig.xml. For this reason, if you create a group configuration file, the contents of that
file replace the contents of the global configuration file in the cache.
Note
Because the group configuration file replaces the global configuration file in the cache, you can lose
configuration settings if the group configuration file does not contain the same parameters as the global
configuration. For example, you create a global configuration file that contains custom embedded tab
definitions. You then create a global configuration file that does not contain those embedded tab definitions.
When Cisco Jabber for Mac downloads the group configuration file, those custom embedded tab definitions
no longer exist in the configuration that Cisco Jabber for Mac loads.
The JabberLocalConfig.xml file is in~/Library/Application Support/Cisco/Unified
Communications/Jabber/CSF/Config
The cache file isjabber-config.xml and is cached on the local machine.
Configuration file examples
EDI/BDI example
The following example includes elements for a Windows configuration (EDI) and a non-Windows configuration
(BDI). EDI and BDI can coexist in the same jabber-config.xml file. .
<?xml version="1.0" encoding="UTF-8"?>
<config version="1.0">
<!-- LDAP Directory configuration for windows platform clients -->
<Directory>
<!-- EDI Settings-->
<PrimaryServerName>10.194.114.210</PrimaryServerName>
<PresenceDomain>jabbermac75.net</PresenceDomain>
<PresenceServer>10.189.123.231</PresenceServer>
<ServerPort1>389</ServerPort1>
<ConnectionUsername>aaaaaaa</ConnectionUsername>
<ConnectionPassword>xxxxxx</ConnectionPassword>
<SearchBase1>CN=Users,DC=jabbermac75,DC=net</SearchBase1>
<!-- BDI Settings-->
<BDIPhotoURISubstitutionEnabled>True</BDIPhotoURISubstitutionEnabled>
<BDIPhotoURISubstitutionToken>sAMAccountName</BDIPhotoURISubstitutionToken>
<BDIPhotoURIWithToken>http://www.photo.cisco.com/url/path/sAMAccountName.jpg
</BDIPhotoURIWithToken>
<BDILDAPServerType>OpenLDAP</BDILDAPServerType>
<BDIPrimaryServerName>10.194.114.210</BDIPrimaryServerName>
<BDIPresenceDomain>jabbermac75.net</BDIPresenceDomain>
<BDIServerPort1>389</BDIServerPort1>
<BDISearchBase1>CN=Users,DC=jabbermac75,DC=net</BDISearchBase1>
<BDIConnectionUsername>[email protected]</BDIConnectionUsername>
<BDIConnectionPassword>xxxxxx</BDIConnectionPassword>
<BDIEnableTLS>True</BDIEnableTLS>
<BDIUseANR>False</BDIUseANR>
<BDIPredictiveSearchFilter>mail , displayName</BDIPredictiveSearchFilter>
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
15
Deploy Cisco Jabber for Mac on-premises
Configuration file examples
</Directory>
</config>
Element definitions
The following table describes the elements in the jabber-config.xml file example.
Note
Only the first element, DirectoryServerType, is required. All other keys are optional.
Element
Description
DirectoryServerType
EDI, BDI or UDS . Only used if PresenceServerType is CUP. EDI
is LDAP for Windows clients and BDI is LDAP for non-windows
clients
BDIPrimaryServerName
IP address of the directory server
BDIServerPort1
Port used to connect to the directory server
BDIConnectionUsername
Specifies a username to connect to the directory server.
Important: The username is visible in the jabber-config.xml file as
plain text. If you specify credentials in the configuration, you should
use a shared, read-only directory account for all users. For more
information on setting credentials, see “LDAP Credentials
Configuration”
BDIConnectionPassword
Password you can specify to connect to the directory server.
Important: The password is visible in the jabber-config.xml file as
plain text. If you specify credentials in the configuration, you should
use a shared, read-only directory account for all users. For more
information on setting credentials, see “LDAP Credentials
Configuration”
BDISearchBase1
BaseDN
BDIBaseFilter
Specifies a base filter for AD/LDAP queries. Use a directory subkey
name only to retrieve objects other than user objects when you query
AD/LDAP.
The default value is (&(objectCategory=person) Configuration files
can contain only valid XML character entity references. Use &amp;
instead of & if you specify a custom base filter
BDILDAPServerType
LDAP server type. Possible values are OpenLDAP or AD. Default
is AD.
BDIPresenceDomain
LDAP domain
BDIPhotoUriSubstitutionEnabled
True or False. For more information about photos, see the section,
“Contact Photo Retrieval”
BDIPhotoUriSubstitutionToken
Specify a directory attribute to use as a dynamic token (for example,
sAMAccountName). For more information about photos, see the
section, “Contact Photo Retrieval”
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
16
Deploy Cisco Jabber for Mac on-premises
Configuration file examples
BDIPhotoUriWithToken
Photo URL template. Specify the URL and the dynamic token as the
value of the parameter . Possible values:
• http://staffphoto.example.com/sAMAccountName.jpg
• http://staffphoto.example.com/uid.jpeg
For more information about photos, see the section, “Contact Photo
Retrieval”
BDIEnableTLS
Default is False. Use True to enable TLS
BDIPredictiveSearchFilter
(Optional) Defines a filter Cisco Jabber for Mac applies to predictive
search queries. This key is only used if BDIUseANR is set to False.
If BDIUseANR is set to False and BDIPredictiveSearchFilter is not
set, Cisco Jabber for Mac uses a default search filter.
BDIUseANR
The default for BDIUseANR is True for AD and False for openLDAP.
When it is set to False, LDAP search is based on the value of the
BDIPredictiveSearchFilter set in jabber-config.xml, if that value is
set.
For more information about ANR, see “Predictive Search”.
BDIUseSIPURIToResolveContacts
Determines if the app should be SIP-aware. True or False. False is
default.
BDIUriPrefix
String that Cisco Jabber for Mac searches for in the Primary Address,
typically SIP. Default is an empty string.
BDIUseJabberCredentials
Default is False. If this is set to True, and credentials are not set in
configuration or in Cisco Unified Presence, Cisco Jabber credentials
will be used for login.
BDIDomainName
Attribute for domain name. Default is dn
BDIUserAccountName
Attribute for user name. Defaults:
• AD: sAMAccountName
• OpenLDAP: uid
BDIDisplayName
Attribute for display name. Defaults:
• AD: displayName
• OpenLDAP: cn
BDICommonName
Attribute for common name. Default is cn for AD; no default for
OpenLDAP
BDIFirstName
Attribute for first name. Default is givenName
BDILastName
Attribute for last name. Default is sn
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
17
Deploy Cisco Jabber for Mac on-premises
Configuration file examples
BDINickName
Attribute for nickname. Default is nickname for AD; no default for
OpenLDAP
BDIEmailAddress
Attribute for email address. Default is mail
BDIBusinessPhone
Attribute for office phone number. Default is telephoneNumber
BDIMobilePhone
Attribute for mobile phone. Defaults:
• AD: mobile
• OpenLDAP: mobileTelephoneNumber
BDIHomePhone
Attribute for home phone. Defaults:
• AD: mobile
• OpenLDAP: mobileTelephoneNumber
BDIOtherPhone
Attribute for other phone. Default is otherTelephone for AD; no
default for OpenLDAP
BDITitle
Attribute for title. Default is title
BDICompanyName
Attribute for company name. Default is company
BDILocation
Attribute for location. Default is location
BDOStreetAddress
Attribute for street address. Default is streetAddress
BDIState
Attribute for state. Default is st
BDICity
Attribute for city. Default is l
BDIPostalCode
Attribute for postal code. Default is postalCode
BDICountry
Attribute for country. Default is co
BDIPhotoSource
Attribute for photo source. Defaults:
• AD: thumbnaiPhoto
• OpenLDAP: jpegPhoto
To use a photo with AD, remove any BDIPhotoSource attributes in
jabber-config.xml. You need not specify thumbnailPhoto as the
attribute, because Cisco Jabber for Mac uses thumbnailPhoto as the
default. Simply upload the user image to the thumbnailPhoto attribute
in AD.
For more information about photos, see the section, “Contact Photo
Retrieval”
BDISipUri
Attribute for SIP URI. Default is msRTCSIP-PrimaryUserAddress
UDS example
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
18
Deploy Cisco Jabber for Mac on-premises
Cisco Media Services Interface
The following example includes a UDS configuration.
<?xml version="1.0" encoding="UTF-8"?>
<config version="1.0">
<Directory>
<DirectoryServerType>UDS</DirectoryServerType>
<PhotoURISubstitutionEnabled>True</PhotoURISubstitutionEnabled>
<PhotoURISubstitutionToken>sAMAccountName</PhotoURISubstitutionToken>
<PhotoURIWithToken>http://10.194.114.133/software/photo/%%uid%%.jpg
</PhotoURIWithToken>
<OtherPhone>telephoneNumber</OtherPhone>
<EmailAddress>mail</EmailAddress>
<CcmipServer1>10.194.114.240</CcmipServer1>
<PresenceDomain>jabbermac75.net</PresenceDomain>
</Directory>
</config>
Cisco Media Services Interface
Traffic Marking
Cisco Media Services Interface provides a service that works with Cisco Prime Collaboration Manager and
Cisco Medianet-enabled routers to ensure that Cisco Jabber can send audio media and video media on your
network with minimum latency or packet loss.
Before Cisco Jabber sends audio media or video media, it checks for Cisco Media Services Interface.
• If the service exists on the computer, Cisco Jabber provides flow information to Cisco Media Services
Interface.
The service then signals the network so that routers classify the flow and provide priority to the Cisco
Jabber traffic.
• If the service does not exist, Cisco Jabber does not use it and sends audio media and video media as
normal.
Note
Cisco Jabber checks for Cisco Media Services Interface for each audio call or video call.
Prepare Your Network
To install Cisco Media Service Interface for traffic marking, you must prepare your network.
Procedure
Step 1
Step 2
Step 3
Install Cisco Prime Collaboration manager.
Install routers or switches enabled for Cisco Medianet where appropriate.
Configure your network to handle the metadata attributes that Cisco Media Service Interface applies to
applications.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
19
Deploy Cisco Jabber for Mac on-premises
Install Cisco Media Services Interface
Not all devices on your network must support Cisco Medianet.
The first hop should prioritize traffic based on the metadata attributes from Cisco Media Service Interface.
As the traffic traverses the network, all other devices should also prioritize that traffic unless you configure
policies on those devices to handle the traffic differently.
Install Cisco Media Services Interface
Procedure
Step 1
Download the Cisco Media Services Interface installation program from the download site on cisco.com.
Step 2
Install Cisco Media Services Interface on each computer on which you install Cisco Jabber.
See the appropriate Cisco Medianet documentation for installing Cisco Media Services Interface.
Configure IM and Availability
Configure LDAP Servers
Configure LDAP Servers in Cisco Unified Presence
Note
Use this procedure for Cisco Unified Presence 8.6 or earlier. If you have installed Cisco Unified
Communications Manager IM and Presence Service 9.0 or later, see Configure LDAP Servers in Cisco
Unified Communication Manager, on page 21
Before You Begin
• Configure the LDAP attribute map.
• Obtain the hostnames or IP addresses of the LDAP directories.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
20
Deploy Cisco Jabber for Mac on-premises
Configure LDAP Servers
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator
> LDAP Server.
Select Add New.
Enter the LDAP server name.
Enter an IP address or a Fully Qualified Domain Name (FQDN) of the LDAP server.
Select TCP or TLS for the protocol type.
Select Save.
Related Topics
Configure LDAP Servers in Cisco Unified Communication Manager, on page 21
Configure LDAP Servers in Cisco Unified Communication Manager
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Select Cisco Unified Communication Manager > User Management > User Settings > UC Service.
Select Add New.
Select Directory. Then, click Next.
Enter the LDAP server name.
Enter the IP address or Fully Qualified Domain Name (FQDN) of the LDAP server.
Specify the port number to be used by the LDAP server. The default port is 389 for either TCP or TLS.
Select TCP or TLS as the protocol type.
Select Save.
Add a new service profile in Cisco Unified CM
Procedure
Step 1
In Unified Communications Management Administration, select User Management > User Settings > Service
Profile.
The Find and List window opens.
Step 2
Step 3
Select Add New.
Enter the following settings for the service profile fields:
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
21
Deploy Cisco Jabber for Mac on-premises
Configure LDAP Servers
Field Name
Entry Details
Name
Enter the name of the service profile, which is
descriptive enough for you to instantly recognize it.
This name is visible on the End User settings window.
The field allows all but the following characters:
• Quote (")
• Angle brackets (< >)
• Backslash (\)
• Ampersand (&)
• percent (%)
Maximum characters is 50 (ASCII only)
Step 4
Description
(Optional) Enter a description that helps you to
distinguish between service profiles when you
configure more than one. You can change the
description at any time
Make this the default service profile for the system
Check this check box to make this service profile the
default option for the system.
Note
If you specify a default service profile, end
users who do not have an associated service
profile automatically inherit the default
service profile settings.
Select Save.
The Add Successful message appears and Cisco Unified Communications Management creates the service
profile in the database.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
22
Deploy Cisco Jabber for Mac on-premises
Configure LDAP Servers
Configure LDAP Servers in Cisco Unified Communication Manager
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Select Cisco Unified Communication Manager > User Management > User Settings > UC Service.
Select Add New.
Select Directory. Then, click Next.
Enter the LDAP server name.
Enter the IP address or Fully Qualified Domain Name (FQDN) of the LDAP server.
Specify the port number to be used by the LDAP server. The default port is 389 for either TCP or TLS.
Select TCP or TLS as the protocol type.
Select Save.
Add Directory Profile to Service Profile in Cisco Unified Communication Manager
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Communication Manager > User Management > User Settings > Service Profile
Select the service profile.
Go to Directory Profile.
Enter information in the following fields:
Field
Setting
Primary
Select a primary directory server from the drop-down
list. The list contains the directory servers that you
previously configured on the UC Services window.
Note
If you select User Data Service (UDS) for
directory integration, then you can use UDS
for directory searches without selecting any
primary, secondary, or tertiary servers.
Clients connect to UDS using DNS/SRV.
Tip: You can specify, instead of (or in addition to)
UDS, primary, secondary, or tertiary basic or
advanced LDAP UC services. Some clients that use
these services might not support UDS.
Secondary
Select a secondary directory server, if applicable.
If you do not set up any backup directory servers, you
cannot perform directory searches for Cisco Jabber
clients if the first server fails.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
23
Deploy Cisco Jabber for Mac on-premises
Configure LDAP Servers
Field
Setting
Tertiary
Select a tertiary directory server, if applicable.
If you do not set up any backup directory servers, you
cannot perform directory searches for Cisco Jabber
clients if the first server fails.
Use Logged On User Credential
(Optional) Check this option to use the user
credentials to sign in to the LDAP server.
Username
Enter LDAP administrator login name.
Password
Enter the LDAP bind password, which is limited to
128 characters. This password for the
administrator-level account that you provided in the
Bind Distinguished Name string allows users to access
this LDAP server.
Search Base 1
Enter the location where you configured all the LDAP
users. This location is a container or directory.
Maximum allowable characters is 256. Only use a
single OU/LDAP search context.
Note
Follow these guidelines is you integrate with
Microsoft Active Directory:
• Set O and OU
OU must contain users; ou=users,
dc=cisco, dc=com). For example,
cn=users, DC=EFT-LA,DC=cisco,
DC=com
• Include all users of Cisco Jabber in the
search base
Step 5
Recursive Search on All Search Bases
(Optional) Check this check box to perform a
recursive search of the directory, starting at the search
base
Search Timeout (seconds)
Specify the timeout interval. Default is five seconds.
Select Save.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
24
Deploy Cisco Jabber for Mac on-premises
Configure LDAP Servers
Configure IM and Presence Servers
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Select Cisco Unified Communication Manager > User Management > User Settings > UC Service.
Select Add New.
Select IM and Presence.. Then, click Next.
Enter the Cisco Unified Communication Manager IM and Presence Administration server name.
Enter a description.
Enter the IP address or Fully Qualified Domain Name (FQDN) of the Cisco Unified Presence server.
Select Save.
Add IM and Presence Profile to Service Profile
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Communication Manager > User Management > User Settings > Service Profile.
Select the service profile.
Go to IM and Presence Profile.
Enter information in the following fields:
Field
Setting
Primary
Select a IM and Presence server from the drop-down
list. The list contains the IM and Presence servers that
you previously configured on the UC Services
window.
Note
An IM and Presence profile cannot mix the
IM and Presence server and Webex.
Secondary
Select a secondary IM and Presence server, if
applicable.
Tertiary
Select a tertiary IM and Presence server, if applicable.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
25
Deploy Cisco Jabber for Mac on-premises
Configure a Secure Connection Between Cisco Unified Presence and the LDAP Directory
Configure a Secure Connection Between Cisco Unified Presence and the LDAP
Directory
Before You Begin
Enable SSL for LDAP on Cisco Unified Communications Manager, and upload the LDAP directory certificate
to Cisco Unified Communications Manager.
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Select Cisco Unified OS Administration > Security > Certificate Management.
Select Upload Certificate.
Select directory-trust from the Certificate Name menu.
Browse and select the LDAP server certificate from your local computer.
Select Upload File.
Restart the Tomcat service from the CLI using this command:
utils service restart Cisco Tomcat
Create LDAP Configuration
Create LDAP Profiles and Add Users in Cisco Unified Presence 8.6 or earlier
Before You Begin
Note
Use this procedure for Cisco Unified Presence 8.6 or earlier. If you have installed Cisco Unified Presence
8.6.3 or later, see Create LDAP Profiles and Add Users in Cisco Unified Presence 8.6.3 or later. If you
have installed Cisco Unified Communications Manager IM and Presence Service 9.0 or later, see Create
LDAP Profiles and Add Users in Cisco Unified Communications Manager IM and Presence Service 9.0
or later.
Cisco Jabber connects to an LDAP server on a per-search basis.
You can see LDAP server information in the Server Health window in Cisco Jabber (Help > Show System
Diagnostics). If Cisco Jabber cannot connect to any of the LDAP servers, it reports the failure in the System
Diagnostics window.
• Specify the LDAP server names and addresses.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
26
Deploy Cisco Jabber for Mac on-premises
Create LDAP Configuration
Procedure
Step 1
Step 2
Step 3
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator
> LDAP Profile.
Select Add New.
Enter information into the fields.
Field
Setting
Name
Enter the profile name limited to 128 characters.
Description
(Optional) Enter a description limited to 128
characters.
Bind Distinguished Name
(Optional) Enter administrator-level account
information limited to 128 characters. This is the
distinguished name with which you bind for
authenticated bind.
The syntax for this field depends on the type of LDAP
server that you deploy. For details, see the LDAP
server documentation.
Anonymous Bind
(Optional) Uncheck this option to use the user
credentials to sign in to this LDAP server.
For non-anonymous bind operations, Cisco Jabber
receives one set of credentials. If configured, these
credentials must be valid on the backup LDAP
servers.
Note
Password
If you check Anonymous Bind, users can
sign in anonymously to the LDAP server
with read-only access. Anonymous access
might be possible on your directory server,
but Cisco does not recommend it. Instead,
create a user with read-only privileges on
the same directory where the users to be
searched are located. Specify the directory
number and password in Cisco Unified
Presence for Cisco Jabber to use.
(Optional) Enter the LDAP bind password limited to
128 characters. This is the password for the
administrator-level account that you provided in the
Bind Distinguished Name string to allow users to
access this LDAP server.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
27
Deploy Cisco Jabber for Mac on-premises
Create LDAP Configuration
Confirm Password
Reenter the same password as the password you
entered in the Password field.
(Optional) After configuring Cisco Unified Presence
for authenticated bind with the LDAP server,
configure the LDAP server for anonymous
permissions and anonymous login so that all directory
information (name, number, mail, fax, home number,
and so forth) is passed to the Cisco Jabber client.
Search Context
(Optional) Enter the location where you configured
all the LDAP users. This location is a container or
directory. The name is limited to 256 characters. Only
use a single OU/LDAP search context.
Note
If you integrate with Microsoft Active
Directory:
• Set O and OU (OU must contain users;
for example, ou=users, dc=cisco,
dc=com). For example, cn=users,
DC=EFT-LA,DC=cisco, DC=com
• Include all users of Cisco Jabber in the
search base.
Step 4
Recursive Search
(Optional) Check to perform a recursive search of the
directory starting at the search base.
Primary LDAP Server
Select the primary LDAP server.
Make this the Default LDAP Profile for the System
(Optional) Check to add any new users to the system
into this default profile. If you turn on this setting,
Cisco Unified Presence adds any users that it
synchronizes from Cisco Unified Communications
Manager to this default profile. Cisco Unified
Presence adds users to this default profile only after
you select the default profile (and you turn on the
Sync Agent). Cisco Unified Presence does not change
any existing profile configuration. Therefore, Cisco
recommends that you select and configure the default
profile before you turn on the Sync Agent.
Add Users to Profile
Select the button to open the Find and List Users
window. Select Find to populate the search results
fields. Alternatively, search for a specific users and
select Find. To add users to this profile, select the
users, and then select Add Selected.
Select Save.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
28
Deploy Cisco Jabber for Mac on-premises
Create LDAP Configuration
Create LDAP Profiles and Add Users in Cisco Unified Presence 8.6.3 or later
Before You Begin
Note
Use this procedure for Cisco Unified Presence 8.6.3 or later. If you have installed Cisco Unified Presence
8.6 or earlier, see Create LDAP Profiles and Add Users in Cisco Unified Presence 8.6 or earlier. If you
have installed Cisco Unified Communications Manager IM and Presence Service 9.0 or later, see Create
LDAP Profiles and Add Users in Cisco Unified Communications Manager IM and Presence Service 9.0
or later.
You can see LDAP server information in the Server Health window in Cisco Jabber (Help > Show System
Diagnostics). If Cisco Jabber cannot connect to any of the LDAP servers, it reports the failure in the System
Diagnostics window.
• Specify the LDAP server names and addresses.
Procedure
Step 1
Step 2
Step 3
Select Cisco Unified Presence Administration > Application > Cisco Jabber > LDAP Profile.
Select Add New.
Enter information into the fields.
Field
Setting
Name
Enter the profile name limited to 128 characters.
Description
(Optional) Enter a description limited to 128
characters.
Bind Distinguished Name
(Optional) Enter administrator-level account
information limited to 128 characters. This is the
distinguished name with which you bind for
authenticated bind.
The syntax for this field depends on the type of LDAP
server that you deploy. For details, see the LDAP
server documentation.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
29
Deploy Cisco Jabber for Mac on-premises
Create LDAP Configuration
Anonymous Bind
(Optional) Uncheck this option to use the user
credentials to sign in to this LDAP server.
For non-anonymous bind operations, Cisco Jabber
receives one set of credentials. If configured, these
credentials must be valid on the backup LDAP
servers.
Note
If you check Anonymous Bind, users can
sign in anonymously to the LDAP server
with read-only access. Anonymous access
might be possible on your directory server,
but Cisco does not recommend it. Instead,
create a user with read-only privileges on
the same directory where the users to be
searched are located. Specify the directory
number and password in Cisco Unified
Presence for Cisco Jabber to use.
Password
(Optional) Enter the LDAP bind password limited to
128 characters. This is the password for the
administrator-level account that you provided in the
Bind Distinguished Name string to allow users to
access this LDAP server.
Confirm Password
Reenter the same password as the password you
entered in the Password field.
(Optional) After configuring Cisco Unified Presence
for authenticated bind with the LDAP server,
configure the LDAP server for anonymous
permissions and anonymous login so that all directory
information (name, number, mail, fax, home number,
and so forth) is passed to the Cisco Jabber client.
Search Context
(Optional) Enter the location where you configured
all the LDAP users. This location is a container or
directory. The name is limited to 256 characters. Only
use a single OU/LDAP search context.
Note
If you integrate with Microsoft Active
Directory:
• Set O and OU (OU must contain users;
for example, ou=users, dc=cisco,
dc=com). For example, cn=users,
DC=EFT-LA,DC=cisco, DC=com
• Include all users of Cisco Jabber in the
search base.
Recursive Search
(Optional) Check to perform a recursive search of the
directory starting at the search base.
Primary LDAP Server
Select the primary LDAP server.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
30
Deploy Cisco Jabber for Mac on-premises
Create LDAP Configuration
Step 4
Make this the Default LDAP Profile for the System
(Optional) Check to add any new users to the system
into this default profile. If you turn on this setting,
Cisco Unified Presence adds any users that it
synchronizes from Cisco Unified Communications
Manager to this default profile. Cisco Unified
Presence adds users to this default profile only after
you select the default profile (and you turn on the
Sync Agent). Cisco Unified Presence does not change
any existing profile configuration. Therefore, Cisco
recommends that you select and configure the default
profile before you turn on the Sync Agent.
Add Users to Profile
Select the button to open the Find and List Users
window. Select Find to populate the search results
fields. Alternatively, search for a specific users and
select Find. To add users to this profile, select the
users, and then select Add Selected.
Select Save.
Specify LDAP Directory Configuration on Cisco Unified Communications Manager
If your environment includes Cisco Unified Communications Manager version 9.x and higher, you can specify
credentials when you add a directory service. The client can then get the configuration from the server to
authenticate with the directory source. If you have installed Cisco Unified Presence 8.6 or earlier, see Create
LDAP Profiles and Add Users in Cisco Unified Presence 8.6 or earlier. If you have installed Cisco Unified
Presence 8.6.3 or later, see Create LDAP Profiles and Add Users in Cisco Unified Presence 8.6.3 or later.
Complete the steps to add a directory service, apply the directory service to the service profile, and specify
the LDAP authentication configuration for the directory service.
Procedure
Step 1
Step 2
Open the Cisco Unified CM Administration interface.
Add a directory service as follows:
a) Select User Management > User Settings > UC Service.
The Find and List UC Services window opens.
b) Select Add New.
The UC Service Configuration window opens.
c) In the Add a UC Service section, select Directory from the UC Service Type drop-down list.
d) Select Next.
e) Specify details for the directory service as follows:
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
31
Deploy Cisco Jabber for Mac on-premises
Create LDAP Configuration
Product Type
Select Directory.
Name
Enter a descriptive name for the server, for example, PrimaryDirectoryServer.
Description
Enter an optional description.
Hostname/IP Address
Enter the address of the directory server in one of the following formats:
• Hostname
• IP Address
• FQDN
Protocol Type
Select one of the following protocols from the following drop-down list:
• TCP
• UDP
f) Select Save.
Step 3
Apply the directory service to your service profile as follows:
a) Select User Management > User Settings > Service Profile.
The Find and List Service Profiles window opens.
b) Find and select your service profile.
The Service Profile Configuration window opens.
c) In the Directory Profile section, select up to three services from the following drop-down lists:
• Primary
• Secondary
• Tertiary
d) Specify the credentials that the client can use to authenticate with the LDAP server in the following fields:
• Username
• Password
e) Select Save.
Step 4
Apply the service profile to users as follows:
a) Select User Management > End User.
The Find and List Users window opens.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
32
Deploy Cisco Jabber for Mac on-premises
Configure the LDAP Attribute Map
b) Find and select your user.
The End User Configuration window opens.
c) In the Service Settings section, select the service profile from the UC Service Profile drop-down list.
Important
Cisco Unified Communications Manager version 9.x only: If the user has only instant
messaging and presence capabilities (IM only), you must select Use Default. For IM only
users, Cisco Unified Communications Manager version 9.x always applies the default service
profile regardless of what you select from the UC Service Profile drop-down list.
d) Select Save.
Configure the LDAP Attribute Map
Note
You must perform this task in Cisco Unified Presence.
Before You Begin
Note
• You can map an LDAP field to only one Cisco Jabber field.
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator
> Settings.
Select a supported LDAP server from Directory Server Type.
The LDAP server populates the LDAP attribute map with Cisco Jabber user fields and LDAP user fields.
If necessary, make modifications to the LDAP field to match your specific LDAP directory.
The values are common to all LDAP server hosts. Note the following LDAP directory product mappings:
Product
LastName Mapping
UserID Mapping
Microsoft Active Directory
SN
sAMAccountName
iPlanet, Sun ONE or
OpenLDAP
SN
uid
Select Save.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
33
Deploy Cisco Jabber for Mac on-premises
LDAP Authentication
Troubleshooting Tips
• If you want to stop using the current attribute mappings and use the factory default settings, select
Restore Defaults.
LDAP Authentication
You can set the credentials that are required for LDAP authentication in several ways for Cisco Jabber for
Mac. The following sequence describes the order of how the credentials are obtained:
1 LDAP credentials from CUP: Set Credentials in CUP for LDAP authentication. This is a secure way of
setting and accessing the credentials for LDAP authentication. For more details on how to set the LDAP
credentials in CUP see "Create LDAP Profiles and Add User."
2 LDAP credentials from configuration file: Set the credentials in the configuration file. The credentials
are read from the parameters BDIConnectionUsername and BDIConnectionUsername. The username and
password are visible in the configuration file as plain text.
If you specify credentials in the configuration, you should use a shared, read-only directory account for
all users.
Note
If the LDAP credentials are set in CUP (see #1 above) then the credentials set in the configuration file
will be ignored.
3 Cisco Jabber credentials as LDAP credentials: Set BDIUseJabberCredentials to True in the configuration
file to use Cisco Jabber credentials for LDAP authentication.
Note
If credentials are set in #1 or #2, above, the Cisco Jabber credentials are not used for LDAP authentication.
4 Anonymous bind: Anonymous bind is used to connect to LDAP. Anonymous binding happens only if
the LDAP credentials were not set using any of the methods mentioned above.
Indexed Active Directory Attributes
The following Active Directory attributes must be indexed:
• sAMAccountName
• displayName
• mail
Any attributes that are used for contact resolution must also be indexed. For example, you might need to index
the following attributes:
• telephoneNumber
• ipPhone, if this attribute is used in your environment
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
34
Deploy Cisco Jabber for Mac on-premises
Intradomain Federation
Intradomain Federation
Intradomain federation enables users within the same domain to share availability and send instant messages
between Cisco Unified Presence and Microsoft Office Communications Server, or Microsoft Lync Server, or
other presence server.
Intradomain federation allows you to migrate users to Cisco Unified Presence or Cisco Unified Communications
IM and Presence from a different presence server. For this reason, you configure intradomain federation for
Cisco Jabber for Mac on the presence server. See the following documents for more information:
• Cisco Unified Presence: Integration Guide for Configuring Partitioned Intradomain Federation for
Cisco Unified Presence Release 8.6 and Microsoft LCS/OCS
• Cisco Unified Communications IM and Presence: Partitioned Intradomain Federation for IM and
Presence Service on Cisco Unified Communications Manager
Configure intradomain federation
In addition to configuring intradomain federation on the presence server, you might need to specify some
configuration settings in the Cisco Jabber for Mac configuration files.
To resolve contacts during contact search or retrieve contact information from your directory, Cisco Jabber
for Mac requires the contact ID for each user. Cisco Unified Presence uses a specific format for resolving
contact information that does not always match the format on other presence servers such as Microsoft Office
Communications Server or Microsoft Lync.
Procedure
Command or Action
Purpose
Step 1
Set the value of the UseSIPURIToResolveContacts
parameter to true.
Step 2
Specify an attribute that contains the contact ID that Cisco
Jabber for Mac uses to retrieve contact information as the
value of the SipUri parameter. The default value is
msRTCSIP-PrimaryUserAddress.
Step 3
Specify any text that prefixes each contact ID as the value For example, you specify
of the UriPrefix parameter. The prefix is any text that
msRTCSIP-PrimaryUserAddress as the
exists before the username in the contact ID.
value of SipUri. In your directory the
value of
msRTCSIP-PrimaryUserAddress for
each user has the following format:
sip:[email protected]
Sample Configuration
The following XML snippet provides an example of the resulting configuration:
<Directory>
<UseSIPURIToResolveContacts>true</UseSIPURIToResolveContacts>
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
35
Deploy Cisco Jabber for Mac on-premises
Predictive search
<SipUri>non-default-attribute</SipUri>
<UriPrefix>sip:</UriPrefix>
</Directory>
Intradomain Federation Example
This topic provides an example of intradomain federation contact resolution using the SipUri,
UseSIPURIToResolveContacts, and UriPrefix parameters.
In this example, your configuration has the following settings:
• The value of the SipUri parameter is msRTCSIP-PrimaryUserAddress.
• The value of the UseSIPURIToResolveContacts parameter is true.
• The value of the UriPrefix parameter is sip:.
• The directory contains sip:[email protected] as the value of the msRTCSIP-PrimaryUserAddress
attribute for a user named Mary Smith.
Cisco Jabber for Mac connects to your directory to resolve contact information
1 Your presence server passes [email protected] to Cisco Jabber for Mac
2 Cisco Jabber for Mac appends sip: to [email protected] and then queries your directory
3
sip:[email protected]
matches the value of the msRTCSIP-PrimaryUserAddress attribute
4 Cisco Jabber for Mac retrieves contact information for Mary Smith.
Cisco Jabber for Mac users search for Mary Smith
Cisco Jabber for Mac removes the prefix of sip: from sip:[email protected] and gets the contact ID of
[email protected]
Predictive search
When Cisco Jabber for Mac performs a predictive search, it issues a query using Ambiguous NameResolution
(ANR). This query disambiguates the search string and returns results that match the attributes that are set for
ANR on your directory server
Note
You must configure your directory server to set attributes for ANR if you want the client to search for
those attributes.
See the following Microsoft documentation for more information on ANR:
• Ambiguous Name Resolution for LDAP in Windows 2000
• DAP Referrals, see the Ambiguous Name Resolution section
• Common Default Attributes Set for Active Directory and Global Catalog
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
36
Deploy Cisco Jabber for Mac on-premises
Cisco Unified Communications Manager User Data Service
Cisco Unified Communications Manager User Data Service
UDS is a REST interface on Cisco Unified Communications Manager that provides contact resolution. You
synchronize contact data into Cisco Unified Communications Manager from a directory server. Cisco Jabber
for Mac then automatically retrieves that contact data directly from UDS.
Note
A known issue in UDS exists on versions of Cisco Unified Communications Manager lower than 8.6.2.
This known issue prevents successful contact resolution.
Enable Integration with UDS
To enable integration with UDS, perform the following steps:
Procedure
Step 1
Step 2
Create your directory source in Cisco Unified Communications Manager.
Synchronize the contact data to Cisco Unified Communications Manager.
After the synchronization occurs, your contact data resides in Cisco Unified Communications Manager.
Step 3
Provision users with CCMCIP profiles on Cisco Unified Presence or Cisco Unified Communications IM and
Presence
The client requires a CCMCIP profile that contains the primary Cisco Unified Communications Manager
server address. The client uses the CCMCIP profile to locate Cisco Unified Communications Manager and
resolve contacts with UDS.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
37
Deploy Cisco Jabber for Mac on-premises
Contact photo retrieval
Step 4
Specify UDS as the value of the DirectoryServerType parameter in your configuration file.
The following is an example configuration where UDS is the directory server type:
<Directory>
<DirectoryServerType>UDS</DirectoryServerType>
</Directory>
Step 5
Configure the client to retrieve contact photos with UDS.
The following is an example configuration for contact photo retrieval:
<PhotoUriWithToken>http://server_name.domain/%%uid%%.jpg
</PhotoUriWithToken>
Set UDS Service Parameters
You can set service parameters for UDS on Cisco Unified Communications Manager.
Procedure
Step 1
Step 2
Open the Cisco Unified Communications Manager Administration interface.
Select System > Enterprise Parameters.
The Enterprise Parameters Configuration window opens.
Step 3
Locate the User Data Service Parameters section and enter information according to the following table.
Parameter
Description
Enable All User Search
Allows searches for all users in the directory.
User Search Limit
Limits the number of users returned in a query.
Number of Digits to Match
Specifies the number of digits to match when users
search for phone numbers.
Note
To resolve PSTN numbers, you should set
the value as equal to the number of digits in
the PSTN numbers. For example, if the
PSTN numbers have 10 digits, set the value
to 10.
Contact photo retrieval
Cisco Jabber for Mac retrieves and displays contact photos with the following methods:
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
38
Deploy Cisco Jabber for Mac on-premises
Configure LDAP Authentication
Retrieve photo with URI substitution
Cisco Jabber for Mac can dynamically build a URL to locate contact photos with a directory attribute and a
URL template. To use this method, set the following values in your configuration file:
Procedure
Step 1
Step 2
Specify true as the value of the BDIPhotoUriSubstitutionEnabled parameter.
Specify a directory attribute to use as a dynamic token as the value of the BDIPhotoUriSubstitutionToken
parameter
Example:
<BDIPhotoUriSubstitutionToken>sAMAccountName</BDIPhotoUriSubstitutionToken>
Step 3
Specify the URL and the dynamic token as the value of the BDIPhotoUriWithToken parameter.
Example:
<BDIPhotoUriWithToken>http://staffphoto.example.com/sAMAccountName.jpg</BDIPhotoUriWithToken
>
In this example, the sAMAccountName attribute might resolve to msmith in your directory. Cisco Jabber for
Mac would take this value and replace the token to build the following URL:
http://staffphoto.example.com/msmith.jpg
Retrieve binary data for photos
Cisco Jabber for Mac can retrieve the binary data for a photo from your database.
To use this method for contact photo retrieval, make sure that the following parameters are not used in the
configuration:
• BDIPhotoUriWithToken
• BDIPhotoUriSubstitutionToken
• BDIPhotoUriSubstitutionEnabled
Cisco Jabber for Mac uses the value of the BDIPhotoSource parameter from the configuration file. For example,
<BDIPhotoSource>jpegPhoto</BDIPhotoSource> . By default the value of this BDIPhotoSource parameter
is thumbnailPhoto for AD and jpegPhoto for openLDAP.
Configure LDAP Authentication
Note
You must perform this task in Cisco Unified Communications Manager.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
39
Deploy Cisco Jabber for Mac on-premises
Configure LDAP Synchronization for User Provisioning
The LDAP authentication feature enables Cisco Unified Communications Manager to authenticate user
passwords against the corporate LDAP directory.
Note
LDAP authentication does not apply to the passwords of application users; Cisco Unified Communications
Manager authenticates application users in its internal database.
Before You Begin
Enable LDAP synchronization on Cisco Unified Communications Manager.
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Select Cisco Unified Communications Manager Administration > System > LDAP > LDAP
Authentication.
Check Use LDAP Authentication for End Users.
Configure the LDAP authentication settings.
Configure the LDAP server hostname or IP address, and port number.
Note
To use Secure Socket Layer (SSL) to communicate with the LDAP directory, check Use
SSL.
Click Save.
Troubleshooting Tip
If you configure LDAP over SSL, upload the LDAP directory certificate to Cisco Unified Communications
Manager.
Configure LDAP Synchronization for User Provisioning
Note
You must perform this task in Cisco Unified Communications Manager.
LDAP synchronization uses the Cisco Directory Synchronization (DirSync) tool on Cisco Unified
Communications Manager to synchronize information (either manually or periodically) from a corporate
LDAP directory. When you enable the DirSync service, Cisco Unified Communications Manager automatically
provisions users from the corporate directory. Cisco Unified Communications Manager still uses its local
database but disables its facility to allow you to create user accounts. You use the LDAP directory interface
to create and manage user accounts.
• Make sure that you install the LDAP server before you attempt the LDAP-specific configuration on
Cisco Unified Communications Manager.
• LDAP synchronization does not apply to application users on Cisco Unified Communications Manager.
• Activate and start the Cisco DirSync service on Cisco Unified Communications Manager.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
40
Deploy Cisco Jabber for Mac on-premises
Enable Instant Messaging Policy
Note
You must manually provision application users in Cisco Unified Communications Manager Administration.
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Select Cisco Unified Communications Manager Administration > System > LDAP > LDAP System.
Select Add New.
Configure the LDAP server type and attribute.
Select Enable Synchronizing from LDAP Server.
Click Save.
Select Cisco Unified Communications Manager Administration > System > LDAP > LDAP Directory.
Select Add New.
Step 8
Configure the following items:
• LDAP directory account settings
• User attributes to be synchronized
• Synchronization schedule
• LDAP server hostname or IP address, and port number
Step 9 Check Use SSL if you want to use Secure Socket Layer (SSL) to communicate with the LDAP directory.
Step 10 Click Save.
Troubleshooting Tips
• If you configure LDAP over SSL, upload the LDAP directory certificate onto Cisco Unified
Communications Manager.
• See the LDAP directory content in the Cisco Unified Communications Manager SRND for information
on the account synchronization mechanism for specific LDAP products, and general best practices for
LDAP synchronization.
Enable Instant Messaging Policy
Note
You must perform this task in Cisco Unified Presence.
This procedure describes how to turn on or off IM capabilities for all IM client applications in a Cisco Unified
Presence cluster. IM capabilities are turned on by default on Cisco Unified Presence.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
41
Deploy Cisco Jabber for Mac on-premises
Turn IM History Logging On or Off
Caution
When you turn off IM capabilities on Cisco Unified Presence, all group chat functionality (ad hoc and
persistent chat) will not work on Cisco Unified Presence. Cisco recommends that you do not turn on the
Cisco UP XCP Text Conference service or configure an external database for persistent chat on Cisco
Unified Presence.
Procedure
Step 1
Step 2
Select Cisco Unified Presence Administration > Messaging > Settings.
Configure the IM settings as follows:
If You Want To
Do This
Turn on IM capabilities for client applications in the Cisco Unified Presence
cluster.
Check Enable instant
messaging.
If you turn on this setting, local users of client applications can send and receive
IMs.
If you turn off this setting, local users of client applications cannot send and
receive IMs. Users can use the IM application for availability and phone
operations only.
Step 3
Step 4
Select Save.
Restart the Cisco UP XCP Router service.
Turn IM History Logging On or Off
Note
You must perform this task in Cisco Unified Presence.
You can prevent or allow users to log IM history locally on their computer. On the client side, the application
must support this functionality; it must enforce the prevention of IM logging.
Procedure
Step 1
Step 2
Select Cisco Unified Presence Administration > Messaging > Settings.
Configure the IM history log as follows:
If You Want To
Do This
Allow users of client applications to log IM history
on Cisco Unified Presence.
Check Allow clients to log instant message history
(on supported clients only).
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
42
Deploy Cisco Jabber for Mac on-premises
Fetch Contact Pictures from a Web Server
Prevent users of client applications from logging IM Uncheck Allow clients to log instant message
history on Cisco Unified Presence.
history (on supported clients only).
Step 3
Select Save.
Fetch Contact Pictures from a Web Server
You can configure a parameterized URL string in the Photo field in the LDAP attribute map so that Cisco
Jabber can fetch pictures from a web server instead of from the LDAP server. The URL string must contain
an LDAP attribute with a query value containing a piece of data that uniquely identifies the photo of the user.
Cisco recommends that you use the User ID attribute. However, you can use any LDAP attribute whose query
value contains a piece of data that uniquely identifies the photo of the user.
Cisco recommends that you use <userID> as the substitution string, for example:
• http://mycompany.example.com/photo/std/uid.jpg
• http://mycompany.example.com/photo/std/sAMAccountName.jpg
You must include the double percent symbols in this string, and they must enclose the name of the LDAP
attribute to substitute. Cisco Jabber removes the percent symbols and replaces the parameter inside with the
results of an LDAP query for the user whose photo it resolves.
For example, if a query result contains the attribute “uid” with a value of “johndoe,” then a template such as
http://mycompany.com/photos/ui.jpg creates the URL http://mycompany.com/photos/johndoe.jpg. Cisco
Jabber attempts to fetch the photo.
This substitution technique works only if Cisco Jabber can use the results of the query and can insert it into
the template you specify above to construct a working URL that fetches a JPG photo. If the web server that
hosts the photos in a company requires a POST (for example, the name of the user is not in the URL) or uses
some other cookie name for the photo instead of the username, this technique does not work.
Note
Cisco Jabber does not support authentication for this query; the photo must be retrievable from the web
server without credentials.
Configure IM Policy Settings
Procedure
Step 1
Step 2
Step 3
Select Cisco Unified Presence Administration > Presence > Settings.
Select Cisco Unified Presence Administration > Messaging > Settings.
Perform the following configuration:
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
43
Deploy Cisco Jabber for Mac on-premises
Optional configurations
Step 4
Step 5
If You Want To . . .
Do This
Globally disable instant messaging services.
Uncheck Enable instant messaging.
Globally enable offline instant messaging.
Uncheck Suppress Offline Instant Messaging.
Globally display client instant messaging history.
Check Allow clients to log instant message history
(on supported clients only).
Select Save.
Restart the Cisco UP XCP Router service.
Optional configurations
Third-party XMPP client support
Requirements for supporting third-party XMPP clients
Support for Third-Party XMPP Clients
Cisco Unified Presence supports standards-based XMPP to enable third-party XMPP client applications to
integrate with Cisco Unified Presence for availability and instant messaging (IM) services. Third-party XMPP
clients must comply with the XMPP standard as outlined in the Cisco Software Development Kit (SDK).
License Requirements for Third-Party Clients
For each user of an XMPP client application, you require a Cisco Unified Presence user feature license. The
Cisco Unified Presence user feature license consumes one Cisco Unified Communications Manager Device
License Unit (DLU). On Cisco Unified Communications Manager, you will need to upload the user DLU,
and assign Cisco Unified Presence capabilities to the user.
XMPP Client Integration on Cisco Unified Communications Manager
Before you integrate an XMPP client, perform the following tasks on Cisco Unified Communications Manager:
• Configure the licensing requirements. Upload the user DLU, and then assign Cisco Unified Presence
capabilities for the user.
• Configure the users and devices. Associate a device with each user, and associate each user with a line
appearance.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
44
Deploy Cisco Jabber for Mac on-premises
Third-party XMPP client support
LDAP Integration for XMPP Contact Search
To allow users of the XMPP client applications to search and add contacts from an LDAP directory, configure
the LDAP settings for XMPP clients on Cisco Unified Presence.
Domain Name for XMPP Clients
The domain name on the XMPP client, specifically the XMPP connection attempt domain name, must match
the domain on Cisco Unified Presence. To verify the domain value on Cisco Unified Presence, select Cisco
Unified Presence Administration > System > Cluster Topology, select Settings in the right pane, and verify
the Domain Name value.
DNS Configuration for XMPP Clients
You must enable DNS SRV in your deployment when you integrate XMPP clients with Cisco Unified Presence.
The XMPP client performs a DNS SRV query to find an XMPP server (Cisco Unified Presence) to communicate
with, and then performs a record lookup of the XMPP server to get the IP address.
Configure a secure connection between Cisco Unified Presence and XMPP clients
To configure a secure connection between your Cisco Unified Presence server and third-party XMPP clients:
Procedure
Step 1
Step 2
Select Cisco Unified Presence Administration > System > Security > Settings.
To establish a secure TLS connection between Cisco Unified Presence and XMPP client applications in a
cluster, select Enable XMPP Client To CUP Secure Mode.
Cisco recommends that you do not turn off this secure mode unless the XMPP client application can protect
the client login credentials in non-secure mode. If you do turn off the secure mode, verify that you can secure
the XMPP client-to-server communication in some other way.
Step 3
To establish a secure TLS connection between Cisco Unified Presence and XMPP-based API client applications
in a cluster, select Enable Web Client To CUP Secure Mode.
If you turn on this setting, upload the certificates or signing certificates for the web client in the
cup-xmpp-trust repository on Cisco Unified Presence.
Step 4
Select Save.
Enable support for third-party XMPP clients
To enable support for third-party XMPP clients, perform the following steps for each node of your Cisco
Unified Presence cluster:
Procedure
Step 1
Step 2
Step 3
Select Cisco Unified Serviceability > Tools > Service Activation.
Select the Cisco Unified Presence server from the Server menu.
Turn on the following services:
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
45
Deploy Cisco Jabber for Mac on-premises
Telephony
• Cisco UP XCP Connection Manager - Turn on this service if you are integrating third-party XMPP
clients on Cisco Unified Presence.
• Cisco UP XCP Authentication Service - Turn on this service if you are integrating third-party XMPP
clients, or XMPP-based API clients, on Cisco Unified Presence.
• Cisco UP XCP Web Connection Manager - Turn on this service if you are integrating XMPP-based API
clients on Cisco Unified Presence.
For XMPP clients to function correctly, make sure you turn on the Cisco UP XCP Router on all nodes in your
cluster.
Step 4
Click Save.
Telephony
Configure CCMCIP profiles
Configure CCMCIP profiles in Cisco Unified Presence
The CCMCIP service runs on Cisco Unified Communications Manager and retrieves a list of devices associated
with each user. CCMCIP profiles are required before the client application can retrieve the list of user devices
from Cisco Unified Communications Manager. You can create a profile to control client applications when
the application allows a user to use a desk phone for phone calls. The profile can also facilitate discovery of
devices when the client applications allow users to use a desk phone for phone calls, or to use a computer for
phone calls.
You can then associate selected users with the new profile.
Before You Begin
This procedure applies to Cisco Unified Presence 8.6 or earlier. If you installed Cisco Unified Communications
Manager IM and Presence Service 9.0 or later, see Configure CCMCIP profiles in Cisco Unified Presence
Administration, on page 48
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator
> CCMCIP Profile.
Select Add New.
Enter the profile name and description.
Enter information into the fields:
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
46
Deploy Cisco Jabber for Mac on-premises
Telephony
Field
Setting
Primary CCMCIP
Host
Enter the address of the server for the CCMCIP service to use to retrieve the list of
associated devices when users sign in to Cisco Jabber.
Enter the address in one of the following forms:
• IP address
• Host name
• Fully-qualified domain name (FQDN)
This value must match exactly the IP address, host name, or FQDN of the CCMCIP
server.
Backup CCMCIP
Host
Enter the address of the backup server for the CCMCIP service to use if the primary
CCMCIP server fails.
Enter the address in one of the following forms:
• IP address
• Host name
• FQDN
This value must match exactly the IP address, host name, or FQDN of the backup
CCMCIP server.
Server Certificate
Verification
Specify how the CCMCIP server associated with this profile supports TLS
connections. This setting is for TLS verification of the CCMCIP servers listed for
this CCMCIP profile.
Select from the following options:
• Self Signed or Keystore—Cisco Unified Presence accepts the certificate if the
certificate is self-signed, or the signing Certificate Authority certificate is in
the local trust store. A keystore is a file that stores authentication and encryption
keys.
• Any Certificate—Cisco Unified Presence accepts all valid certificates.
• Keystore Only—Cisco Unified Presence accepts only certificates that are
defined in the keystore. You must import the certificate or its Certificate
Authority signing certificate into the local trust store.
Default Setting: Self Signed or Keystore
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
47
Deploy Cisco Jabber for Mac on-premises
Telephony
Field
Setting
Make this the default (Optional) Check this option if you want new users to be automatically added to
CCMCIP Profile for the default profile.
the system
Users who are already synchronized to Cisco Unified Presence from Cisco Unified
Communications Manager are not added to the default profile. However, any users
who are synchronized after the default profile is created are added to the default
profile.
Step 5
Step 6
Step 7
Select Add Users to Profile.
Use the Find and List Users window to find and select users, and select Add Selected to add users to the
profile.
Select Save.
Configure CCMCIP profiles in Cisco Unified Presence Administration
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Presence Administration > Application > Legacy Applications > CCMCIP Profile.
Select Add New.
Enter the profile name and description.
Enter information into the fields:
Field
Setting
Primary CCMCIP
Host
Enter the address of the server for the CCMCIP service to use to retrieve the list of
associated devices when users sign in to Cisco Jabber.
Enter the address in one of the following forms:
• IP address
• Host name
• Fully-qualified domain name (FQDN)
This value must match exactly the IP address, host name, or FQDN of the CCMCIP
server.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
48
Deploy Cisco Jabber for Mac on-premises
Telephony
Field
Setting
Backup CCMCIP
Host
Enter the address of the backup server for the CCMCIP service to use if the primary
CCMCIP server fails.
Enter the address in one of the following forms:
• IP address
• Host name
• FQDN
This value must match exactly the IP address, host name, or FQDN of the backup
CCMCIP server.
Server Certificate
Verification
Specify how the CCMCIP server associated with this profile supports TLS
connections. This setting is for TLS verification of the CCMCIP servers listed for
this CCMCIP profile.
Select from the following options:
• Self Signed or Keystore—Cisco Unified Presence accepts the certificate if the
certificate is self-signed, or the signing Certificate Authority certificate is in
the local trust store. A keystore is a file that stores authentication and encryption
keys.
• Any Certificate—Cisco Unified Presence accepts all valid certificates.
• Keystore Only—Cisco Unified Presence accepts only certificates that are
defined in the keystore. You must import the certificate or its Certificate
Authority signing certificate into the local trust store.
Default Setting: Self Signed or Keystore
Make this the default (Optional) Check this option if you want new users to be automatically added to
CCMCIP Profile for the default profile.
the system
Users who are already synchronized to Cisco Unified Presence from Cisco Unified
Communications Manager are not added to the default profile. However, any users
who are synchronized after the default profile is created are added to the default
profile.
Step 5
Step 6
Step 7
Select Add Users to Profile.
Use the Find and List Users window to find and select users, and select Add Selected to add users to the
profile.
Select Save.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
49
Deploy Cisco Jabber for Mac on-premises
Telephony
Configure CTI profiles
Configure CTI gateway profiles in Cisco Unified Presence
Note
You must perform this task in Cisco Unified Presence.
You must create CTI gateway profiles in Cisco Unified Presence Administration and assign primary and
backup servers for redundancy.
Before You Begin
Note
Use this procedure for Cisco Unified Presence 8.6 or earlier. If you installed Cisco Unified Communications
Manager IM and Presence Service 9.0 or later, see Configure CTI Profile in Cisco Unifed Communications
Manager, on page 51
• The CTI gateway profile must be created before you can add licensed users of the client application to
the application profile.
• The CTI gateway server names and addresses must be specified in Cisco Unified Presence
Administration > Application > Cisco Unified Personal Communicator > CTI Gateway Server
before you can select the servers as primary or backup servers in this procedure.
• Cisco Unified Presence dynamically creates a TCP-based CTI gateway profile based on the hostname
of Cisco Unified Communications Manager. Before using this profile, verify that Cisco Unified Presence
and the application clients can ping Cisco Unified Communications Manager by the DNS name. If they
cannot contact the server, you need to add the IP address of Cisco Unified Communications Manager
in Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator
> CTI Gateway Server. You do not need to delete the host profiles that are created automatically.
• If you previously configured Cisco Unified Communications Manager with an IP address through the
Cisco Unified Communications Manager Administration > System > Server menu, Cisco Unified
Presence dynamically creates a TCP-based CTI gateway profile based on that address. The fields in
Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator >
CTI Gateway Profile are automatically populated, and you need only add users to the default CTI TCP
profile that is created (see Step 3).
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator
> CTI Gateway Profile.
Search for the CTI gateway profile in the Find and List CTI Gateway Profiles window.
If the CTI gateway profile is found, no further action is required.
If the CTI gateway profile is not found, select Add New.
Enter information into the fields.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
50
Deploy Cisco Jabber for Mac on-premises
Telephony
Field
Setting
Name
Enter the profile name.
Description
Enter a profile description.
Primary CTI Gateway Server and
Backup CTI Gateway Server
Select a primary server and backup servers.
Make this the Default CTI Gateway Check this option if you want any new users that are added to the
Profile for the System
system to be placed automatically into this default profile.
Users who are already synchronized to Cisco Unified Presence from
Cisco Unified Communications Manager are not added to the default
profile. However, once the default profile is created, any users
synchronized after that are added to the default profile.
Step 5
Step 6
Select Add Users to Profile.
Use the Find and List Users window to find and select users.
Step 7
Step 8
Select Add Selected to add users to the profile.
Select Save in the main CTI Gateway Profile window.
Configure CTI Profile in Cisco Unifed Communications Manager
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Select Cisco Unified Communication Manager > User Management > User Settings > UC Service.
Select Add New.
Enter the Cisco Unified Communication Manager server name.
Enter a description.
Enter an IP address or a Fully Qualified Domain Name (FQDN) of the Cisco Unified Communication Manager
server.
Specify the port number used by the Cisco Unified Communication Manager server.
Select Save.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
51
Deploy Cisco Jabber for Mac on-premises
Telephony
Add CTI Profile to Service Profile
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Communication Manager > User Management > User Settings > Service Profile.
Select the service profile.
Go to CTI Profile.
Enter information in the following fields:
Field
Setting
Primary
Select a primary server from the drop-down list. The
list contains the CTI servers that you previously
configured on the UC Services window.
Secondary
Select a secondary CTI server, if applicable.
Tertiary
Select a tertiary CTI server, if applicable.
Desk Phone Control Mode
Configuration of Cisco Unified Presence to enable use of desk phone for calls
If you want Cisco Jabber to be able to control a desk phone, the following must be true:
• The desk phone registers to Cisco Unified Communications Manager.
• The Cisco Unified Communications Manager server has a CTI server.
• Cisco Unified Presence must be configured to enable Cisco Jabber to connect to a CTI server to control
the phone.
This section describes how to configure Cisco Unified Presence to enable Cisco Jabber to connect to a CTI
server.
Enable control of desk phone from CTI
Note
You must perform this task in Cisco Unified Communications Manager.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
52
Deploy Cisco Jabber for Mac on-premises
Telephony
Procedure
Step 1
Step 2
Select Cisco Unified Communications Manager Administration > Device > Phone.
Search for the desk phone in the Find and List Phones window.
Step 3
Step 4
Step 5
Select the device name of the desk phone.
Check Allow Control of Device from CTI to enable CTI to control and monitor this device.
Select Save.
Using the computer as a phone
Enable control of computer as a phone from CTI
To enable control of the computer as a phone device from the computer telephony interface (CTI) in Cisco
Jabber:
Procedure
Step 1
Step 2
Step 3
Select User Management > End User in Cisco Unified Communications Manager Administration.
Select the user you want to add.
Select Add to User Group in the Permissions Information group in the End User Configuration window.
Step 4
Search for "Standard CTI" in the Find and List User Groups window.
Step 5
Select Standard CTI Enabled user group.
If the phone of the user is a Cisco Unified IP Phone 6900, 8900 or 9900 series model, select the Standard
CTI Allow Control of Phones supporting Connected Xfer and conf user group also.
Step 6
Step 7
Select Add Selected.
Select Save in the End User Configuration window.
Create a Cisco Unified Client Services Framework device for each user
Note
You must perform this task in Cisco Unified Communications Manager.
To enable users to use phone features on their computers, you must create a new Cisco Unified Client Services
Framework device for each user. This topic describes how to create this device for one user. To create these
devices for many users, you can use the Bulk Administration Tool (BAT).
BAT performs bulk updates to the Cisco Unified Communications Manager database. For more information
about BAT, see the Cisco Unified Communications Manager Bulk Administration Guide at the following
URL:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
53
Deploy Cisco Jabber for Mac on-premises
Telephony
Before You Begin
• Read the licensing requirements information, including the information on adjunct licensing.
• Read the guidelines on configuring the device name.
• Restriction: The auto-registration features in Cisco Unified Communications Manager are not supported
with this application.
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Select Cisco Unified Communications Manager Administration > Device > Phone.
Select Add New.
Select Cisco Unified Client Services Framework from the Phone Type menu.
Select Next.
Configure the following information:
a) Specify the device name in the Device Name field.
b) Enter a descriptive name for the phone in the Description field. For example, enter
Richard-phone-on-computer.
c) Select Default from the Device Pool list.
d) Select Standard Client Services Framework from the Phone Button Template list.
e) In the Product Specific Configuration Layout section, set Video Calling to Enabled.
f) Configure all the required fields for your environment.
g) If you want to use an adjunct license with this device, select the user ID from the Owner User ID list
h) If you want to use an adjunct license with this device, select the device name of the Cisco Unified IP Phone
to associate with the client application from the Primary Phone list.
i) Enter information in the Protocol Specific Information section, as follows:
Field
Description
Presence Group
Select Standard Presence Group.
Device Security Profile
Select Cisco Unified Client Services Framework - Standard SIP
Non-Secure Profile.
SIP Profile
Select Standard SIP Profile to specify the default SIP profile. SIP profiles
provide specific SIP information for the phone such as registration and
keep-alive timers, media ports, and Do Not Disturb control.
Select Save.
Select the Add a New DN link in the Association Information section that displays on the left side of the
window.
Configure the following information:
a) Enter the directory number and route partition for Cisco Jabber.
b) Enter the caller ID in Display (Internal Caller ID), in the Line 1 on Device Device-Name section.
c) In the Multiple Call/Call Waiting section, specify the maximum number of calls that can be presented
to the application in the Maximum Number of Calls field.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
54
Deploy Cisco Jabber for Mac on-premises
Telephony
d) In the Multiple Call/Call Waiting section, specify the trigger after which an incoming call receives a
busy signal in the Busy Trigger field.
Note
The Busy Trigger setting works with the Maximum Number of Calls setting. For example, if
the maximum number of calls is set to six and the busy trigger is set to six, the seventh incoming
call receives a busy signal.
Step 9
Select Save.
Troubleshooting Tips
• Cisco Unified Communications Manager reminds you that changes to line or directory number settings
require a restart. However, a restart is required only when you edit lines on Cisco Unified IP Phones
that are running at the time of the modifications.
• The directory number that is configured for the Cisco Unified Client Services Framework device and
the Cisco Unified IP Phone must be identical. A directory number is configured with a partition, and
you assign a directory number to the Cisco Unified Client Services Framework device and the Cisco
Unified IP Phone. This configuration causes the Cisco Unified Client Services Framework device to
share the line with the Cisco Unified IP Phone for this user.
Naming guidelines for Cisco Unified Client Services Framework devices
To enable users to use phone features on their computers, you must create a new Cisco Unified Client Services
Framework device for each user. When you create a Cisco Unified Client Services Framework device, ensure
that the device name conforms to these guidelines:
• Can contain uppercase and lowercase letters, and numerals.
• Contains no more than 15 characters.
No correlation to the username is required, but for convenience you might choose to include a username in
the device name. For example, you might use the device name CSFabaker.
Associate a new device with a user
This procedure contains information on how to associate a new device with an existing user.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
55
Deploy Cisco Jabber for Mac on-premises
Telephony
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Step 9
Step 10
Select Cisco Unified Communications Manager Administration > User Management > End User.
Search for the user in the Find and List Users window.
Select the user.
Select Device Association in the Device Information section.
Search for the device in the User Device Association window.
Select the device.
Select Save Selected/Changes.
Select Back to User from the menu in the Related Links navigation box at the top right of the window.
Select Go.
Verify that the device is listed in the Device Information section on the End User Configuration window.
Associate a line for a phone device with a user
Note
You must perform this task in Cisco Unified Communications Manager.
You must ensure that user IDs are the same between LDAP and Cisco Unified Communications Manager.
This is easier to accomplish if you have LDAP synchronization enabled in Cisco Unified Communications
Manager.
Procedure
Step 1
Step 2
Select Cisco Unified Communications Manager Administration > Device > Phone.
Search for the device for the user in the Find and List Phones window.
Step 3
Step 4
Step 5
Step 6
Select the name of the device.
Select the directory number for the device in the Association Information section that displays on the left
side of the window.
Select Associate End Users at the bottom of the window.
Search for the user in the Find and List Users window.
Step 7
Step 8
Select the user, then select Add Selected.
Select Save on the Directory Number Configuration window.
Configure the proxy listener and TFTP addresses
You must perform this task in Cisco Unified Presence.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
56
Deploy Cisco Jabber for Mac on-premises
Telephony
Before You Begin
• Obtain the hostnames or IP addresses of the TFTP servers.
Note
Cisco recommends that Cisco Jabber use TCP to communicate with the proxy server. If you use UDP to
communicate with the proxy server, availability information for contacts in the Cisco Jabber contact list
might not be available for large contact lists.
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator
> Settings.
Select the Proxy Listener Default Cisco SIP Proxy TCP Listener.
Assign the primary (required) and backup (optional) TFTP server addresses in the fields provided. You can
enter an IP address or an FQDN (Fully Qualified Domain Name).
Select Save.
Troubleshooting Tips
You can see the TFTP server addresses in the Server Health window in Cisco Jabber ( Help > Show System
Diagnostics).
Configure proxy listener and TFTP addresses for Cisco Unified Presence
Before You Begin
Note
Use this procedure for Cisco Unified Presence 8.6 and earlier. If you installed Cisco Unified
Communications Manager IM and Presence Service 9.0 or later, see Configure proxy listener and TFTP
addresses for IM and Presence Service, on page 58
• Obtain the hostnames or IP addresses of the TFTP servers.
Note
Cisco recommends that Cisco Jabber use TCP to communicate with the proxy server. If you use UDP to
communicate with the proxy server, availability information for contacts in the Cisco Jabber contact list
might not be available for large contact lists.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
57
Deploy Cisco Jabber for Mac on-premises
Telephony
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator
> Settings.
Select the Proxy Listener Default Cisco SIP Proxy TCP Listener.
Assign the primary (required) and backup (optional) TFTP server addresses in the fields provided. You can
enter an IP address or an FQDN (Fully Qualified Domain Name).
Select Save.
You can see the TFTP server addresses in the Server Health window in Cisco Jabber ( Help > Show System
Diagnostics).
Configure proxy listener and TFTP addresses for IM and Presence Service
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Presence Administration > Application > Legacy Applications > Settings.
Select the Proxy Listener Default Cisco SIP Proxy TCP Listener.
Assign the primary (required) and backup (optional) TFTP server addresses in the fields provided. You can
enter an IP address or an FQDN (Fully Qualified Domain Name).
Select Save.
Configuration of security for calls
If your organization has a requirement for encrypted voice traffic on the network, the following configuration
must be performed:
1 Configure the Cisco Unified Communications Manager server in secure mode.
2 Configure the Certificate Authority Proxy Function (CAPF) server with secure tokens.
3 Create device security profiles.
4 Apply the device security profiles to the Cisco Unified Client Services Framework devices of your users.
The client application can be configured to authenticate to CAPF with a null string, or a string. If a string is
used, the user is prompted to enter their authentication string when they connect to Cisco Unified
Communications Manager for the first time.
Administrators must distribute the authentication string to the users.
For more information about how to configure security for calls, see the Cisco Unified Communications
Manager Security Guide:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_support_series_home.html
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
58
Deploy Cisco Jabber for Mac on-premises
Voicemail
Configure security for a device
Procedure
Step 1
Step 2
Select Cisco Unified Communications Manager Administration > Device > Phone.
Search for the device in the Find and List Phones window.
Step 3
Step 4
Select the name of the device.
Select the security profile you require for the device from the Device Security Profile drop-down list.
Only the phone security profiles that are configured for the phone type and device protocol display.
Step 5
(Optional) If you select Cisco Unified Client Services Framework- Standard SIP Secure Profile, do the
following:
a) Enter certification and authentication information in the Certification Authority Proxy Function (CAPF)
Information section.
b) Select Generate String.
c) Email the contents of the Authentication String field to the user.
Reset a device
Note
You must perform this task in Cisco Unified Communications Manager.
Procedure
Step 1
Step 2
Select Cisco Unified Communications Manager Administration > Device > Phone.
Search for the device for the user in the Find and List Phones window.
Step 3
Step 4
Step 5
Select the name of the device.
Select the directory number for the device in the Association Information section that displays on the left
side of the window.
Select Reset on the Directory Number Configuration window.
Step 6
Select Confirm Reset on the Device Reset window.
Voicemail
Configure Cisco Unity Connection servers
Cisco Unity Connection provides users with the ability to view, play, sort, and delete voicemail messages
from the application interface.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
59
Deploy Cisco Jabber for Mac on-premises
Voicemail
Before You Begin
• Install and configure a supported release of Cisco Unity Connection.
• Integrate Cisco Unified Communications Manager and Cisco Unity Connection. Both servers must be
installed and running to configure voicemail ports.
Procedure
Step 1
Set up a new or existing class of service in Cisco Unity Connection Administration to enable Internet Mail
Access Protocol (IMAP) client access to voice messages.
a) Expand Class of Service in the section on the left-hand side.
b) Select Class of Service.
c) Select the display name of the applicable class of service in the search results table, in the Search Class
of Service window.
d) Check Allow Users to Use Unified Client to Access Voice Mail, under Features.
e) Check Allow Users to Access VoiceMail Using an IMAP Client, under Licensed Features. Then select
Allow Users to Access Message Bodies.
f) Select Save.
Step 2
Configure the user:
• If the users are existing Cisco Unity Connection users, add them to the Cisco Unified Communications
Manager database. Proceed to Step 4.
• If the user is a new user, add the user to the Cisco Unified Communications Manager database and
proceed to Step 3.
Step 3
Step 4
Step 5
Create a Cisco Unity Connection user account on the Cisco Unity Connection server with a voice mailbox
for each user.
Note
The user ID in Cisco Unity Connection does not need to match the user ID in Cisco Unified Presence
or in the client application. The client application has an independent voicemail ID, which is set in
the application Options dialog box. However, you might find it useful to have the same user IDs
across your Cisco Unified Communications system.
(Optional) Enable secure messaging as follows:
a) Expand Class of Service in the section on the left-hand side.
b) Select Class of Service.
c) Select the display name of the applicable class of service in the search results table, in the Search Class
of Service window.
d) Select the option you require from the Require Secure Messaging drop-down list in the Message Options
section.
(Optional) Specify how to handle unidentified caller message security for your users as follows:
a) Expand Users in the section on the left-hand side.
b) Select Users.
c) Select the alias of a user.
d) Select Edit > Message Settings.
e) Check Mark Secure in the Unidentified Callers Message Security section.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
60
Deploy Cisco Jabber for Mac on-premises
Voicemail
Step 6
If one does not already exist, specify a web application password in Cisco Unity Connection for the applicable
user accounts.
Troubleshooting Tips
• Users may need to enter their voicemail credentials in the client application if synchronization with
Cisco Unified Presence is not enabled.
• If the server can be contacted and the user credentials are correct, but voicemail messages are not
downloaded, do the following:
◦Check the configuration of port 7993.
◦Make sure that Cisco Unity Connection is listening on port 7993.
◦Check the firewall configuration. Use Telnet from a remote computer to the computer running
Cisco Jabber, and make sure that you can connect to the firewall. Allow the Cisco Unified Client
Services Framework executable file (cucsf.exe) to establish IMAP network connections using
TCP, TLS, and SSL at the appropriate server and port. For information about the ports and protocols
used by the client application and Cisco Unified Client Services Framework, see the release notes:
http://www.cisco.com/en/US/products/ps6844/prod_release_notes_list.html
Add a Voicemail Service
Allow users to receive voice messages
Procedure
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Open the Cisco Unified CM Administration interface.
Select User Management > User Settings > UC Service.
The Find and List UC Services window opens.
Select Add New.
The UC Service Configuration window opens.
In the Add a UC Service section, select Voicemail from the UC Service Type drop-down list.
Select Next.
Specify details for the voicemail service as follows:
Product Type
Select Unity Connection.
Name
Enter a descriptive name for the server, for example, PrimaryVoicemailServer.
Description
Enter an optional description.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
61
Deploy Cisco Jabber for Mac on-premises
Voicemail
Hostname/IP Address
Enter the address of the voicemail server in one of the following formats:
• Hostname
• IP Address
• FQDN
Port
You do not need to specify a port number. By default, the client always uses port 443 to connect to the
voicemail server. For this reason, any value you specify does not take effect.
Protocol Type
You do not need to specify a value. By default, the client always uses HTTPS to connect to the voicemail
server. For this reason, any value you specify does not take effect.
Step 7
Select Save.
What to Do Next
Add the voicemail service to your service profile.
Apply Voicemail Service
After you add a voicemail service on Cisco Unified Communications Manager, you must apply it to a service
profile so that the client can retrieve the settings.
Before You Begin
Create a service profile if none already exist or you require a separate service profile for voicemail.
Procedure
Step 1
Step 2
Step 3
Step 4
Open the Cisco Unified CM Administration interface.
Select User Management > User Settings > Service Profile.
The Find and List Service Profiles window opens.
Find and select your service profile.
The Service Profile Configuration window opens.
Configure the Voicemail Profile section as follows:
a) Select up to three services from the following drop-down lists:
• Primary
• Secondary
• Tertiary
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
62
Deploy Cisco Jabber for Mac on-premises
Voicemail
b) To synchronize credentials with the voicemail service, select Unified CM - IM and Presence from
theCredentials source for voicemail service drop-down list.
Unified CM - IM and Presence uses the instant messaging and presence credentials to log in to the
voicemail service. As a result, users do not need to enter their credentials for voicemail services in the
client.
Do not select Web conferencing. This option uses the conferencing credentials to log in to the
voicemail service. You cannot currently synchronize with conferencing credentials.
Select Save.
Note
Step 5
Add a Mailstore Service
The mailstore service provides users with visual voicemail capabilities.
Before You Begin
Apply a Voicemail Service
Procedure
Step 1
Open the Cisco Unified CM Administration interface.
Step 2
Select User Management > User Settings > UC Service.
The Find and List UC Services window opens.
Step 3
Step 4
Select Add New.
In the Add a UC Service section, from the UC Service Type drop-down list, select MailStore and then click
Next.
Provide details for the mailstore service as follows:
Step 5
• Name—Enter a descriptive name for the server, for example, PrimaryMailStoreServer.
• Hostname/IP Address—Enter the IP address or the Fully Qualified Domain Name (FQDN) of the
mailstore server.
• Port—You do not need to specify a port number. By default, the client always uses port 443 to connect
to the mailstore server. For this reason, any value you specify does not take effect.
• Protocol Type—You do not need to specify a value. By default, the client always uses HTTPS to connect
to the mailstore server. For this reason, any value you specify does not take effect.
Step 6
Select Save.
What to Do Next
Apply Mailstore Service, on page 64
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
63
Deploy Cisco Jabber for Mac on-premises
Voicemail
Apply Mailstore Service
After you add a mailstore service on Cisco Unified Communications Manager, you must apply it to a service
profile so that the client can retrieve the settings.
Before You Begin
Add a Mailstore Service, on page 63
Procedure
Step 1
Open the Cisco Unified CM Administration interface.
Step 2
Select User Management > User Settings > Service Profile.
The Find and List Service Profiles window opens.
Step 3
Find and select your service profile.
The Service Profile Configuration window opens.
Step 4
Configure the MailStore Profile section as follows:
a) Select up to three services from the following drop-down lists:
• Primary
• Secondary
• Tertiary
b) Specify appropriate values for the following fields:
• Inbox Folder
• Trash Folder
• Polling Interval
Step 5
Select Save.
What to Do Next
Configure Retrieval and Redirection
Configure Retrieval and Redirection
Configures retrieval so that users can access voicemail messages in the client interface. Configure redirection
so that users can send incoming calls to voicemail. You configure retrieval and redirection on Cisco Unified
Communications Manager.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
64
Deploy Cisco Jabber for Mac on-premises
Voicemail
Procedure
Step 1
Step 2
Open the Cisco Unified CM Administration interface.
Configure the voicemail pilot.
a) Select Advanced Features > Voice Mail > Voice Mail Pilot.
The Find and List Voice Mail Pilots window opens.
b) Select Add New.
The Voice Mail Pilot Configuration window opens.
c) Specify the appropriate details on the Voice Mail Pilot Configuration window.
d) Select Save.
Step 3
Add the voicemail pilot to the voicemail profile.
a) Select Advanced Features > Voice Mail > Voice Mail Profile.
The Find and List Voice Mail Mail Profiles window opens.
b) Specify the appropriate filters in the Find Voice Mail Profile where Voice Mail Profile Name field and
then select Find to retrieve a list of profiles.
c) Select the appropriate profile from the list.
The Voice Mail Pilot Configuration window opens.
d) Select the voicemail pilot from the Voice Mail Pilot drop-down list.
e) Select Save.
Step 4
Specify the voicemail profile in the directory number configuration.
a) Select Device > Phone.
The Find and List Phones window opens.
b) Specify the appropriate filters in the Find Phone where field and then select Find to retrieve a list of
devices.
c) Select the appropriate device from the list.
The Phone Configuration window opens.
d) Locate the Association Information section.
e) Select the appropriate device number.
The Directory Number Configuration window opens.
f) Locate the Directory Number Settings section.
g) Select the voicemail profile from the Voice Mail Profile drop-down list.
h) Select Save.
Set a Voicemail Credentials Source
You can specify a voicemail credentials source for users.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
65
Deploy Cisco Jabber for Mac on-premises
Meetings
Procedure
Step 1
Step 2
Step 3
Step 4
Open the Cisco Unified CM Administration interface.
Select User Management > User Settings > Service Profile.
Select the appropriate service profile to open the Service Profile Configuration window.
In the Voice mail Profile section, select Unified CM - IM and Presencefrom the Credentials source for
voicemail service drop-down list.
Note
Do not select Web Conferencing from the Credentials source for voicemail service drop-down
list. You cannot currently use conferencing credentials as a credentials source for voicemail services.
The user's instant messaging and presence credentials match the user's voicemail credentials. As a result, users
do not need to specify their voicemail credentials in the client user interface.
What to Do Next
Important
There is no mechanism to synchronize credentials between servers. If you specify a credentials source,
you must ensure that those credentials match the user's voicemail credentials.
For example, you specify that a user's instant messaging and presence credentials match the user's Cisco
Unity Connection credentials. The user's instant messaging and presence credentials then change. You
must update the user's Cisco Unity Connection credentials to reflect that change.
Meetings
Configure the Cisco WebEx Meetings Server
The first step in setting up integration between Cisco WebEx Meetings Server and the client is to install and
configure Cisco WebEx Meetings Server. You should refer to the Cisco WebEx Meetings Server product
documentation for installation and configuration procedures.
Cisco WebEx Meetings Server Install and Upgrade Guides
Configure Cisco WebEx Meeting Server for Cisco Unified Presence
Before You Begin
Use this procedure for Cisco Unified Presence 8.6 and earlier. If you installed Cisco Unified Communications
Manager IM and Presence Service 9.0 or later, see Configure the Cisco WebEx Meeting Server in Cisco
Unified CM, on page 67.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
66
Deploy Cisco Jabber for Mac on-premises
Meetings
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Presence Administration > Application > Cisco Unified Personal Communicator
> Conferencing Server.
Select Add New.
Enter information in the following fields.
Field Name
Description
Name
Enter the name of the conferencing server. The name
should be descriptive enough for you to instantly
recognize it.
Description
(Optional) Enter a description that helps you to
distinguish between conferencing servers. You can
change the description at any time.
Hostname/IP Address
Enter the site URL for Cisco WebEx Meetings Server.
Port
Leave the default value.
Protocol
Select HTTPS: from the drop-down list.
Server Type
Select WebEx from the drop-down list.
Select Save.
Configure the Cisco WebEx Meeting Server in Cisco Unified CM
Procedure
Step 1
Step 2
Step 3
Step 4
In Cisco Unified Communications Manager, select User Management > User Settings > UC Service.
Select Add New.
Select Conferencing from the UC Service drop-down list.
Enter information in the following fields.
Field Name
Description
UC Service Type
Select Conferencing as the UC service type.
Product Type
Select WebEx
Name
Enter the name of the conferencing service. The name should be
descriptive enough for you to instantly recognize it. Maximum character
length is 50 (ASCII only).
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
67
Deploy Cisco Jabber for Mac on-premises
Meetings
Field Name
Description
Description
(Optional) Enter a description that helps you to distinguish between
conferencing services. You can change the description at any time.
Maximum character length is 100.
Hostname/IP Address
Address of the conferencing service. May take one of the following forms:
• Hostname
• IP address
• FQDN
This field value must exactly match the hostname, IP address, or FQDN
of the associated directory service. If the address of the directory service
changes, change this field value accordingly.
Allowed values are:
• Alphanumeric (a-zA-Z0-9)
• period (.)
• backslash (\)
• dash (-)
• underscore (_)
Port
Enter the port for the conferencing service so that users can contact the
service when they sign in to web conferences. Allowable values are 1 to
65535. Default is 80.
Note
• Use port 80 for HTTP and port 443 for HTTPS
communications
• This value must match the available port on the
conferencing service. Change the port number only if it
conflicts with other services.
Protocol
Step 5
SelectHTTPS
Select Save.
An Add Successful message appears and the conferencing service is created in the Unified Communications
Manager database.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
68
Deploy Cisco Jabber for Mac on-premises
Distribute the Cisco Jabber for Mac client
Add Conferencing Profile to Service Profile
Procedure
Step 1
Step 2
Step 3
Step 4
Select Cisco Unified Communication Manager > User Management > User Settings > Service Profile
Select the service profile.
Go to Conferencing Profile.
Enter information in the following fields:
Field
Setting
Primary
Select a primary directory server from the drop-down
list. The list contains the conferencing servers that
you previously configured on the UC Services
window.
Secondary
Select a secondary directory server, if applicable.
Tertiary
Select a tertiary directory server, if applicable.
Server Certificate Validation
Specify how the conferencing server associated with
this profile supports TLS connections. This setting is
for TLS verification of the conferencing servers listed
for this conferencing profile.
Select from one of the following options:
• Any Certificate: Cisco Jabber would accept all
valid certificates. (This is the default setting)
• Self Signed or Keystore: Cisco Jabber would
accept any certificate that is self-signed, or one
for which the signing Certificate Authority is
in the local trust store
Note
A keystore is a file that stores
authentication and encryption keys.
• Keystore Only: Cisco Jabber would accept only
certificates that are defined in the keystore.
When you select this option, you must import
a certificate or its Certificate Authority signing
certificate into the local trust store.
Distribute the Cisco Jabber for Mac client
Visit the Cisco Software Center to download the Cisco Jabber for Mac client.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
69
Deploy Cisco Jabber for Mac on-premises
Distribute the Cisco Jabber for Mac client
Upgrading in the Mac OS X environment is performed automatically by the application, with permission from
the user.
Cisco Jabber for Mac Installation and Configuration Guide 9.2(1)
70
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement