Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

First Published: March 26, 2014

Last Modified: May 18, 2015

Americas Headquarters

Cisco Systems, Inc.

170 West Tasman Drive

San Jose, CA 95134-1706

USA http://www.cisco.com

Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408 527-0883

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,

INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,

EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH

THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,

CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright

©

1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS.

CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF

MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT

LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS

HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http:// www.cisco.com/go/trademarks

. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Google, Google Play, Android and certain other marks are trademarks of Google Inc.

©

2015 Cisco Systems, Inc. All rights reserved.

C O N T E N T S

C H A P T E R 1

C H A P T E R 2

Cisco Jabber for Windows 1

Documentation

1

Community Resources

1

Plan for Installation 3

Hardware Requirements for Cisco Jabber for Windows

3

Software Requirements

4

Operating Systems for Cisco Jabber for Windows

4

On-Premises Servers for Cisco Jabber for Windows and Cisco Jabber for Mac

5

High Availability for Instant Messaging and Presence

5

Cloud-Based Servers

7

Directory Servers

7

Microsoft Internet Explorer

7

Microsoft Office

8

Add Local Contacts from Microsoft Outlook

8

Enable Calendar Events from Microsoft Outlook

8

Enable Presence Integration with Microsoft Outlook

9

Enable Presence with the Active Directory User and Computers Tool

9

Microsoft SharePoint

10

Microsoft Office 365

10

Calendar Integration

11

Calendar Integration Issues after Upgrading to Outlook 2013

11

Computer Telephony Integration Servitude

11

Ports and Protocols for Cisco Jabber for Windows and Cisco Jabber for Mac

12

Call Control with Accessories API

13

Compatible Third Party Accessories

13

Install Vendor Plugins

14

Plugin Versions

14

Cisco Jabber for Windows 9.7 Installation and Configuration Guide iii

Contents

C H A P T E R 3

CTI Supported Devices

14

Supported Codecs for Cisco Jabber for Windows and Cisco Jabber for Mac

14

COP Files for Cisco Jabber for Windows and Cisco Jabber for Mac

15

Client Availability

15

Instant Message Encryption

17

On-Premises Encryption

17

Cloud-Based Encryption

18

Client-to-Client Encryption

19

Encryption Icons

20

Lock Icon for Client to Server Encryption

21

Padlock Icon for Client to Client Encryption

21

Local Chat History

21

Quality of Service Configuration

21

Cisco Media Services Interface

22

Set DSCP Values

22

Port Ranges on Cisco Unified Communications Manager

22

Define a Port Range on the SIP Profile

22

How the Client Uses Port Ranges

23

Options for Setting DSCP Values

23

Set DSCP Values on Cisco Unified Communications Manager

24

Set DSCP Values with Group Policy

24

Set DSCP Values on the Network

25

Protocol Handlers

25

Registry Entries for Protocol Handlers

26

Protocol Handlers on HTML Pages

26

Audio and Video Performance Reference

27

Audio Bit Rates for Cisco Jabber Desktop Clients

27

Video Bit Rates for Cisco Jabber Desktop Clients

28

Presentation Video Bit Rates

28

Maximum Negotiated Bit Rate

29

Bandwidth Performance Expectations for Cisco Jabber for Windows and Cisco Jabber for

Mac

29

Video Rate Adaptation

30

Set Up Servers

31

iv

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Contents

C H A P T E R 4

C H A P T E R 5

Server Setup Guide

31

About Certificate Validation 33

On-Premises Servers

33

Required Certificates for On-Premises Servers

33

Get Certificates Signed by Certificate Authority

34

Certificate Signing Request Formats and Requirements

35

Revocation Servers

35

Server Identity in Certificates

35

Provide XMPP Domain to Clients

36

Import Root Certificates on Client Computers

37

Deploy Certificates on Client Computers

38

Certificate Requirements for Cloud-Based Servers

39

Update Profile Photo URLs

39

Deployment Options 41

On-Premises Deployments

41

Product Modes

41

Default Mode Diagrams

42

Diagram with Cisco Unified Presence

42

Diagram with Cisco Unified Communications IM and Presence

44

Phone Mode Diagram

46

Cloud-Based Deployments

47

Cloud-Based Diagram

48

Hybrid Cloud-Based Diagram

49

How the Client Connects to Services

50

Recommended Connection Methods

50

Sources of Authentication

52

Initial Launch Sequence

52

How the Client Gets an Authenticator

53

About Service Discovery

54

How the Client Locates Services

55

Client Issues HTTP Query

56

Cisco UDS SRV Record

56

CUP Login SRV Record

58

Cisco Jabber for Windows 9.7 Installation and Configuration Guide v

Contents

C H A P T E R 6

Manual Connection Settings

59

Manual Connection Settings for On-Premises Deployments

59

Manual Connection Settings for On-Premises Deployments in Phone Mode

60

Manual Connection Settings for Cloud-Based Deployments

61

Automatic Connection Setting for Service Discovery

62

Installer Switches: Cisco Jabber for Windows

62

Bootstrap Settings for On-Premises Deployments

62

Bootstrap Settings for On-Premises Deployments in Phone Mode

64

Bootstrap Settings for Cloud-Based Deployments

65

Cloud-Based SSO

66

Enable Cloud-Based SSO

67

Expressway for Mobile and Remote Access Deployments

68

Supported Services

69

Deployment in a Virtual Environment

75

Install Cisco Jabber

79

Methods of Installation

79

Use the Command Line

80

Example Installation Commands

80

Run the MSI Manually

81

Create a Custom Installer

82

Get the Default Transform File

82

Create Custom Transform Files

82

Transform the Installer

83

Deploy with Group Policy

84

Set a Language Code

85

Deploy the Client with Group Policy

86

Command Line Arguments

87

Override Argument

87

Mode Type Argument

87

When to Set the Product Mode

88

Change Product Modes

88

Change Product Modes with Cisco Unified Communications Manager Version

9.x and Later

88

vi

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Contents

C H A P T E R 7

Change Product Modes with Cisco Unified Communications Manager Version

8.x

89

Authentication Arguments

90

TFTP Server Address

93

Common Installation Arguments

94

SSO Arguments

97

Cloud-Based SSO Arguments

97

Installer Properties

97

Supported Languages

98

Cisco Media Services Interface

99

Traffic Marking

99

Desk Phone Video Capabilities

99

Prepare Your Network

100

Install Cisco Media Services Interface

100

Uninstall Cisco Jabber for Windows

100

Use the Installer

100

Use the Product Code

101

Configure Cisco Jabber 103

Introduction to Client Configuration

103

Configure Service Profiles

104

Set Parameters on Service Profile

105

Parameters in Service Profiles

105

Add Cisco Unified Communications Manager Services

107

Create Service Profiles

107

Apply Service Profiles

108

Associate Users with Devices

108

Set Parameters on Phone Configuration for Desktop Clients

109

Parameters in Phone Configuration

110

Create and Host Client Configuration Files

111

Client Configuration Files

112

Global Configuration Files

112

Group Configuration Files

112

Configuration File Requirements

112

Specify Your TFTP Server Address

113

Cisco Jabber for Windows 9.7 Installation and Configuration Guide vii

Contents

Specify Your TFTP Server on Cisco Unified Presence

113

Specify Your TFTP Server on Cisco Unified Communications Manager IM and Presence

Service

114

Specify TFTP Servers in Phone Mode

114

Specify TFTP Servers with the Cisco WebEx Administration Tool

114

Create Global Configurations

115

Create Group Configurations

116

Host Configuration Files

117

Restart Your TFTP Server

117

Configuration File Structure

118

Group Elements and Parameters

118

XML Structure

118

Summary of Configuration Parameters

119

Example Configuration

121

Client Parameters

122

Options Parameters

123

Phone Parameters

127

Policies Parameters

130

On-Premises Policies

130

Common Policies

131

Cisco WebEx Policies

139

Presence Parameters

139

Service Credentials Parameters

140

Voicemail Parameters

140

Configure Automatic Updates

141

Configure Problem Reporting

142

Custom Embedded Tabs for Cisco Jabber for Windows

143

Custom Embedded Tab Definitions

143

User Custom Tabs

145

Custom Icons

145

Chats and Calls from Custom Tabs

146

UserID Tokens

146

JavaScript Notifications

146

Show Call Events in Custom Tabs

147

Custom Embedded Tab Example

148

viii

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Contents

C H A P T E R 8

Integrate with Directory Sources 149

Set Up Directory Synchronization and Authentication

149

Synchronize with the Directory Server

150

Enable Synchronization

150

Specify an LDAP Attribute for the User ID

150

Perform Synchronization

151

Authenticate with the Directory Server

152

Contact Sources

152

Enhanced Directory Integration

153

Domain Name Retrieval

154

Directory Server Discovery

155

Cisco Unified Communications Manager User Data Service

155

Enable Integration with UDS

156

Set UDS Service Parameters

156

UDS Service Parameters

157

Contact Resolution with Multiple Clusters

157

Client Configuration for Directory Integration

158

When to Configure Directory Integration

158

Configure Directory Integration in a Service Profile

159

Directory Profile Parameters

160

Summary of Directory Integration Configuration Parameters

162

Directory Integration Parameters

164

Attribute Mapping Parameters

164

Attributes on the Directory Server

165

Directory Connection Parameters

166

Directory Query Parameters

171

Base Filter Examples

173

Phone Number Masks Parameter

174

Contact Photo Parameters

175

Contact Photo Retrieval with EDI

177

Contact Photo Formats and Dimensions

178

Contact Photo Formats

178

Contact Photo Dimensions

178

Contact Photo Adjustments

179

Cisco Jabber for Windows 9.7 Installation and Configuration Guide ix

Contents

C H A P T E R 9

C H A P T E R 1 0

UDS Parameters

180

Contact Photo Retrieval with UDS

181

Contact Photo Formats and Dimensions

181

Contact Photo Formats

181

Contact Photo Dimensions

182

Contact Photo Adjustments

182

Directory Server Configuration Examples

183

Domain Controller Connection

183

Manual Server Connection

183

UDS Integration

184

LDAP Integration with Expressway for Mobile and Remote Access

184

Simple Authentication for Cisco Jabber for Windows

185

Simple Authentication with SSL for Cisco Jabber for Windows

185

OpenLDAP Integration

186

Anonymous Binds for Cisco Jabber for Windows

186

Authenticated Binds for Cisco Jabber for Windows

186

AD LDS Integration

187

Anonymous Binds

187

Windows Principal User Authentication

188

AD LDS Principal User Authentication

189

Federation

189

Interdomain Federation

189

Intradomain Federation

190

Configure Intradomain Federation for BDI or EDI

190

Example of Intradomain Federation

191

Customize Cisco Jabber for Windows

193

Add Custom Emoticons

193

Emoticon Definitions

194

Create Custom Embedded Tabs

197

Appendix 199

Migrate Your Unified Communications Server Infrastructure

199

Differences in Server Infrastructures

199

Upgrade Servers from Version 8.x to Version 9.x or Higher

201

x

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Contents

ADSI Error Codes

202

Cisco Jabber for Windows 9.7 Installation and Configuration Guide xi

Contents xii

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

C H A P T E R

1

Cisco Jabber for Windows

Cisco Jabber for Windows is a unified communications client within the Cisco Jabber suite of collaboration software. This document contains the information you need to install and configure the client.

Find out more about Cisco Jabber at www.cisco.com/go/jabber

Documentation, page 1

Community Resources, page 1

Documentation

Cisco Jabber for Windows provides the following documentation in addition to this guide:

• Release Notes — http://www.cisco.com/en/US/products/ps12511/prod_release_notes_list.html

• Server Setup Guide — http://www.cisco.com/en/US/products/ps12511/prod_installation_guides_list.html

• End-User Guides — http://www.cisco.com/en/US/products/ps12511/products_user_guide_list.html

• Licensing Information — http://www.cisco.com/en/US/products/ps12511/products_licensing_information_ listing.html

Community Resources

Cisco provides different community resources where you can engage with support representatives or join other community members in product discussions.

Cisco product conversation and sharing site

Join other community members in discussing features, functions, licensing, integration, architecture, challenges, and more. Share useful product resources and best practices.

https://communities.cisco.com/community/technology/collaboration/product

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

1

Cisco Jabber for Windows

Community Resources

Cisco support community

Visit the Cisco support community for IT installation, implementation, and administrative questions.

https://supportforums.cisco.com/community/netpro/collaboration-voice-video/jabber

Cisco support and downloads

Find a wealth of product support resources, download application software, and find bugs based on product and version.

http://www.cisco.com/cisco/web/support/index.html

Cisco expert corner

Engage, collaborate, create, and share with Cisco experts. The Cisco expert corner is a collection of resources that various experts contribute to the community, including videos, blogs, documents, and webcasts.

https://supportforums.cisco.com/community/netpro/expert-corner#view=ask-the-experts

2

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

C H A P T E R

2

Plan for Installation

Review what the client supports before you begin installation. Learn about hardware and software requirements. Find out what ports the client requires and what protocols it uses.

Hardware Requirements for Cisco Jabber for Windows, page 3

Software Requirements, page 4

Ports and Protocols for Cisco Jabber for Windows and Cisco Jabber for Mac, page 12

Call Control with Accessories API, page 13

CTI Supported Devices, page 14

Supported Codecs for Cisco Jabber for Windows and Cisco Jabber for Mac, page 14

COP Files for Cisco Jabber for Windows and Cisco Jabber for Mac, page 15

Client Availability, page 15

Instant Message Encryption, page 17

Quality of Service Configuration, page 21

Protocol Handlers, page 25

Audio and Video Performance Reference, page 27

Hardware Requirements for Cisco Jabber for Windows

Installed RAM

2 GB RAM on Microsoft Windows 7 and Windows 8

Free Physical Memory

128 MB

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

3

Plan for Installation

Software Requirements

Free Disk Space

256 MB

CPU Speed and Type

Mobile AMD Sempron Processor 3600+ 2 GHz

Intel Core2 CPU T7400 @ 2. 16 GHz

GPU

DirectX11 on Microsoft Windows 7

I/O Ports

USB 2.0 for USB camera and audio devices.

Software Requirements

For successful deployment, ensure that client workstations meet the software requirements.

Operating Systems for Cisco Jabber for Windows

You can install Cisco Jabber for Windows on the following operating systems:

• Microsoft Windows 8.1 32 bit

• Microsoft Windows 8.1 64 bit

• Microsoft Windows 8 32 bit

• Microsoft Windows 8 64 bit

• Microsoft Windows 7 32 bit

• Microsoft Windows 7 64 bit

Note

Cisco Jabber for Windows does not require the Microsoft .NET Framework or any Java modules.

Note

For Microsoft Windows 7 or 8.x, you can download Cisco Media Services Interface (MSI) 4.1.2 for use with deskphone video.

Important

Cisco Jabber for Windows supports Microsoft Windows 8 in desktop mode only.

4

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

On-Premises Servers for Cisco Jabber for Windows and Cisco Jabber for Mac

On-Premises Servers for Cisco Jabber for Windows and Cisco Jabber for Mac

Cisco Jabber supports the following on-premises servers:

• Cisco Unified Communications Manager, release 8.0(1) or later

• Cisco Unified Presence, release 8.0(3) or later

• Cisco Unity Connection, release 8.5 or later

• Cisco WebEx Meetings Server, version 1.1 or later

• Cisco Expressway Series for Cisco Unified Communications Manager

◦Cisco Expressway-E, version 8.1.1 or later

◦Cisco Expressway-C, version 8.1.1 or later

• Cisco TelePresence Video Communications Server

◦Cisco VCS Expressway, version 8.1.1 or later

◦Cisco VCS Control, version 8.1.1 or later

Cisco Jabber supports the following features with Cisco Unified Survivable Remote Site Telephony, Version

8.5:

• Basic call functionality

• Ability to hold and resume calls

Refer to the Cisco Unified SCCP and SIP SRST System Administrator Guide for information about configuring

Cisco Unified Survivable Remote Site Telephony at: http://www.cisco.com/en/US/docs/voice_ip_comm/ cusrst/admin/sccp_sip_srst/configuration/guide/SCCP_and_SIP_SRST_Admin_Guide.html

.

For Cisco Unified Communications Manager Express support details, refer to the Cisco Unified CME documentation: http://www.cisco.com/en/US/products/sw/voicesw/ps4625/products_device_support_tables_ list.html

High Availability for Instant Messaging and Presence

High availability refers to an environment in which multiple nodes exist in a subcluster to provide failover capabilities for instant messaging and presence services. If one node in a subcluster becomes unavailable, the instant messaging and presence services from that node failover to another node in the subcluster. In this way, high availability ensures reliable continuity of instant messaging and presence services for Cisco Jabber.

Cisco Jabber supports high availability with the following servers:

Cisco Unified Presence releases 8.5 and 8.6

Use the following Cisco Unified Presence documentation for more information about high availability.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

5

Plan for Installation

On-Premises Servers for Cisco Jabber for Windows and Cisco Jabber for Mac

Configuration and Administration of Cisco Unified Presence Release 8.6

Multi-node Deployment Administration

Troubleshooting High Availability

Deployment Guide for Cisco Unified Presence Release 8.0 and 8.5

Planning a Cisco Unified Presence Multi-Node Deployment

Cisco Unified Communications Manager IM and Presence Service release 9.0 and higher

Use the following Cisco Unified Communications Manager IM and Presence Service documentation for more information about high availability.

Configuration and Administration of IM and Presence Service on Cisco Unified Communications

Manager

High Availability Client Login Profiles

Troubleshooting High Availability

Active Calls on Hold During Failover

You cannot place an active call on hold if failover occurs from the primary instance of Cisco Unified

Communications Manager to the secondary instance.

High Availability in the Client

Client Behavior During Failover

If high availability is configured on the server, then after the primary server fails over to the secondary server, the client temporarily loses presence states for up to one minute. Configure the re-login parameters to define how long the client waits before attempting to re-login to the server.

Configure Re-Login Parameters

In Cisco Unified Presence and Cisco Unified Communications Manager IM and Presence Service, you can configure the maximum and minimum number of seconds that Cisco Jabber waits before attempting to re-login to the server. On the server, you specify the re-login parameters in the following fields:

Client Re-Login Lower Limit

Client Re-Login Upper Limit

Related Topics

Cisco Unified Communications Manager Configuration Guides

Cisco Unified Presence Configuration Guides

Supported Services, on page 69

6

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Cloud-Based Servers

Cloud-Based Servers

Cisco Jabber supports integration with the following hosted servers:

• Cisco WebEx Messenger service

• Cisco WebEx Administration Tool, minimum supported version is 7.5

• Cisco WebEx Meeting Center, minimum supported versions are as follows:

• Version T26L with Service Pack EP 20

• Version T27L with Service Pack 9

Directory Servers

You can use the following directory servers with Cisco Jabber:

• Active Directory Domain Services for Windows Server 2012 R2

• Active Directory Domain Services for Windows Server 2008 R2

• Active Directory for Windows Server 2003 R2

• Cisco Unified Communications Manager User Data Server (UDS)

Cisco Jabber supports UDS using the following Cisco Unified Communications Manager versions:

Cisco Unified Communications Manager, version 9.1(2) or later, with the following Cisco Options

Package (COP) file: cmterm-cucm-uds-912-5.cop.sgn.

Cisco Unified Communications Manager, version 10.0(1). No COP file is required.

• OpenLDAP

• Active Directory Lightweight Directory Service (AD LDS) or Active Directory Application Mode

(ADAM)

Restriction

Directory integration with OpenLDAP, AD LDS, or ADAM requires that you define specific parameters in a Cisco Jabber configuration file. See LDAP Directory Servers for more information.

Microsoft Internet Explorer

Cisco Jabber for Windows requires Microsoft Internet Explorer 7 or later. Cisco Jabber for Windows uses the Internet Explorer rendering engine to display HTML content.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

7

Plan for Installation

Microsoft Office

Attention

Cisco Jabber for Windows requires Internet Explorer active scripting to render instant messages. See the following Microsoft documentation for instructions to enable active scripting: http://windows.microsoft.com/ en-US/windows/help/genuine/ie-active-script

Known Issues with Internet Explorer

• In cloud-based deployments that use single sign-on (SSO), an issue exists with Internet Explorer 9. Users with Internet Explorer 9 get security alerts when they sign in to Cisco Jabber for Windows. To resolve this issue, add webexconnect.com to the list of websites in the Compatibility View Settings window.

Microsoft Office

Cisco Jabber for Windows supports integration with the following software:

• Microsoft Office 2007 32 bit

• Microsoft Office 2010, 32 and 64 bit

• Microsoft Office 2013, 32 and 64 bit

Add Local Contacts from Microsoft Outlook

Cisco Jabber for Windows lets users search for and add local contacts in Microsoft Outlook. To enable this integration with Microsoft Outlook, you must enable Cached Exchange Mode on the Microsoft Exchange server.

To search for local contacts in Microsoft Outlook with the client, users must have profiles set in Microsoft

Outlook. In addition, users must do the following:

1

Select File > Options.

2

Select the Integration tab.

3

Select either None or Microsoft Outlook.

To add local Microsoft Outlook contacts to contact lists in the client, local contacts must have instant message addresses in Microsoft Outlook.

To show contact photos in the client interface, local contacts in Microsoft Outlook must have instant message addresses.

To communicate with local contacts in Microsoft Outlook using the client, local contacts must have the relevant details. To send instant messages to contacts, local contacts must have an instant message address. To call contacts in Microsoft Outlook, local contacts must have phone numbers.

Enable Calendar Events from Microsoft Outlook

You must apply a setting in Microsoft Outlook so that calendar events display in Cisco Jabber for Windows.

8

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Microsoft Office

Procedure

Step 1

Open the email account settings in Microsoft Outlook, as in the following example: a) Select File > Account Settings.

b) Select the Email tab on the Account Settings window.

Step 2

Double-click the server name.

In most cases, the server name is Microsoft Exchange.

Step 3

Select the Use Cached Exchange Mode checkbox.

Step 4

Apply the setting and then restart Microsoft Outlook.

When users create calendar events in Microsoft Outlook, those events display in the Meetings tab.

Enable Presence Integration with Microsoft Outlook

To enable integration with Microsoft Outlook, you specify SIP:[email protected] as the value of the proxyAddresses attribute in Microsoft Active Directory. Users can then share availability in Microsoft

Outlook.

To modify the proxyAddresses attribute, you can:

Use an Active Directory administrative tool such as Active Directory User and Computers

The Active Directory User and Computers administrative tool allows you to edit attributes on Microsoft

Windows Server 2008 or later.

Use the ADSchemaWizard.exe utility

The ADSchemaWizard.exe utility is available in the Cisco Jabber administration package. This utility generates an LDIF file that modifies your directory to add the proxyAddresses attribute to each user with the following value: SIP:[email protected]

You should use the ADSchemaWizard.exe utility on servers that do not support the edit attribute feature in the Active Directory User and Computers administrative tool. You can use a tool such as ADSI Edit to verify the changes that you apply with the ADSchemaWizard.exe utility.

The ADSchemaWizard.exe utility requires Microsoft .NET Framework version 3.5 or later.

Create a script with Microsoft Windows PowerShell

Refer to the appropriate Microsoft documentation for creating a script to enable presence in Microsoft

Outlook.

Enable Presence with the Active Directory User and Computers Tool

Complete the following steps to enable presence in Microsoft Outlook for individual users with the Active

Directory User and Computers administrative tool:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

9

Plan for Installation

Microsoft SharePoint

Procedure

Step 1

Start the Active Directory User and Computers administrative tool.

You must have administrator permissions to run the Active Directory User and Computers administrative tool.

Step 2

Select View in the menu bar and then select the Advanced Features option from the drop-down list.

Step 3

Navigate to the appropriate user in the Active Directory User and Computers administrative tool.

Step 4

Double click the user to open the Properties dialog box.

Step 5

Select the Attribute Editor tab.

Step 6

Locate and select the proxyAddresses attribute in the Attributes list box.

Step 7

Select Edit to open the Multi-valued String Editor dialog box.

Step 8

In the Value to add text box, specify the following value: SIP:[email protected]

For example, SIP:[email protected]

Where the [email protected] value is the user's instant messaging address. cupdomain corresponds to the domain for Cisco Unified Presence or Cisco Unified Communications Manager IM and Presence Service.

Microsoft SharePoint

Cisco Jabber for Windows supports the following versions of Microsoft SharePoint:

• Microsoft SharePoint 2007

• Microsoft SharePoint 2010

• Microsoft SharePoint 2013

Important

Cisco Jabber for Windows supports availability status in Microsoft SharePoint sites only if users access those sites with Microsoft Internet Explorer. You should add the Microsoft SharePoint site to the list of trusted sites in Microsoft Internet Explorer.

Microsoft Office 365

Microsoft Office 365 supports different configuration types based on the plan, or subscription, type. Cisco

Jabber for Windows has been tested with small business plan P1 of Microsoft Office 365, which requires an on-premise Active Directory server.

Cisco Jabber for Windows supports client-side integration with Microsoft Office 365 with the following applications:

• Microsoft Office 2013 32 bit and 64 bit

• Microsoft Office 2010 32 bit and 64 bit

10

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Calendar Integration

• Microsoft Office 2007 32 bit

• Microsoft SharePoint 2010

Calendar Integration

You can use the following client applications for calendar integration:

• Microsoft Outlook 2013 32 bit

• Microsoft Outlook 2013 64 bit

• Microsoft Outlook 2010 32 bit

• Microsoft Outlook 2010 64 bit

• IBM Lotus Notes 9 32 bit

• IBM Lotus Notes 8.5.3 32 bit

• IBM Lotus Notes 8.5.2 32 bit

• IBM Lotus Notes 8.5.1 32 bit

• Google Calendar

Related Topics

Deployment in a Virtual Environment, on page 75

Calendar Integration Issues after Upgrading to Outlook 2013

There is a known issue when upgrading to a version of Outlook 2013 that is not part of Microsoft Office

Professional Plus 2013. If users find that their calendar integration does not work, do the following:

Procedure

Step 1

In the Microsoft Windows registry editor locate the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Messaging Subsystem

.

Step 2

Add a new string value with the name:

MAPIX

.

Step 3

Open the new string value and enter

1 for the value data.

Step 4

Restart the Cisco Jabber client.

Computer Telephony Integration Servitude

Cisco Jabber for Windows and Cisco Jabber for Mac support CTI servitude of Cisco Jabber from a third party application.

Computer Telephony Integration (CTI) enables you to use computer-processing functions while making, receiving, and managing telephone calls. A CTI application can allow you to retrieve customer information

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

11

Plan for Installation

Ports and Protocols for Cisco Jabber for Windows and Cisco Jabber for Mac

from a database on the basis of information that caller ID provides and can enable you to use information that an interactive voice response (IVR) system captures.

For more information on CTI servitude, see the CTI sections in the appropriate release of the Cisco Unified

Communications Manager System Guide. Or you can see the following sites on the Cisco Developer Network for information about creating applications for CTI control through Cisco Unified Communications Manager

APIs:

• Cisco TAPI: http://developer.cisco.com/web/tapi/home

• Cisco JTAPI: http://developer.cisco.com/web/jtapi/home

Ports and Protocols for Cisco Jabber for Windows and Cisco

Jabber for Mac

The following table lists outbound ports and protocols that Cisco Jabber uses.

Port

443

Protocol Description

TCP

(Extensible Messaging and Presence Protocol

[XMPP] and HTTPS)

XMPP traffic to the WebEx Messenger service.

The client sends XMPP through this port in cloud-based deployments only. If port 443 is blocked, the client falls back to port 5222.

Note

Cisco Jabber can also use this port for HTTPS traffic to Cisco Unity Connection and Cisco WebEx

Meetings Server.

30000 to 39999 FECC The client uses this port for far end camera control.

389 UDP/TCP

636

3268

3269

5070 to 6070

5222

8443

LDAPS

TCP

LDAPS

UDP

TCP

(XMPP)

TCP

( HTTPS )

Lightweight Directory Access Protocol (LDAP) directory server.

LDAP directory server (secure).

Global Catalog server.

Global Catalog server (secure).

Binary Floor Control Protocol (BFCP) for video desktop sharing capabilities.

XMPP traffic to Cisco Unified Presence or Cisco Unified

Communications Manager IM and Presence Service.

Traffic to Cisco Unified Communications Manager and

Cisco Unified Communications Manager IM and Presence

Service.

12

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Call Control with Accessories API

Port

7080

53

37200

5060

5061

Protocol

TCP

( HTTPS )

Description

Cisco Unity Connection for notifications of voice messages

(new message, message update, and message deletion).

UDP/TCP Domain Name System (DNS) traffic.

SOCKS5 Bytestreams Peer-to-peer file transfers.

In on-premises deployments, the client also uses this port to send screen captures.

UDP/TCP

TCP

Session Initiation Protocol (SIP) call signaling.

Secure SIP call signaling.

Ports for Additional Services and Protocols

In addition to the ports listed in this section, you should review the required ports for all protocols and services in your deployment. See to the appropriate documentation for your server version. You can find the port and protocol requirements for different servers in the following documents:

• For Cisco Unified Communications Manager, Cisco Unified Communications Manager IM and Presence

Service, and Cisco Unified Presence, see the TCP and UDP Port Usage Guide.

• For Cisco Unity Connection, see the System Administration Guide.

• For Cisco WebEx Meetings Server, see the Administration Guide.

• For Cisco WebEx services, see the Administrator's Guide.

• Expressway for Mobile and Remote Access, refer to Cisco Expressway IP Port Usage for Firewall

Traversal.

Call Control with Accessories API

Cisco Jabber for Windows includes an API that exposes call control functions to third party accessories. This

API lets our vendor partners create software plugins that enable their accessories to use the API call control functions in Cisco Jabber.

Compatible Third Party Accessories

You can use certain Cisco compatible accessories such as headsets, speakers, keyboards, and audio devices to perform call control actions with Cisco Jabber from the device. For example, with some headsets you can use controls to answer incoming calls, end active calls, mute audio, and place calls on hold.

For a list of devices that are compatible with Cisco Jabber, refer to the Unified Communications Endpoint

and Client Accessories site at: http://www.cisco.com/en/US/prod/voicesw/uc_endpoints_accessories.html

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

13

Plan for Installation

Install Vendor Plugins

Note

You can use certain third party accessories that are not Cisco compatible. However, Cisco cannot guarantee an optimal user experience with such third party accessories. For the best user experience, you should use only Cisco compatible devices with Cisco Jabber.

Install Vendor Plugins

To use compatible accessories with Cisco Jabber, you must do the following:

Procedure

Step 1

Download a compatible plugin from the third party vendor site.

Step 2

Install the plugin separately to Cisco Jabber.

Plugin Versions

The following are the minimum plugin versions required for integration with Cisco Jabber:

• Jabra PC Suite Version 2.12.3655

• Logitech UC Plugin 1.1.27

CTI Supported Devices

To view the list of Computer Telephony Integration (CTI) supported devices: From Cisco Unified Reporting, select Unified CM Phone Feature List. From the Feature drop-down list, select CTI controlled.

Supported Codecs for Cisco Jabber for Windows and Cisco

Jabber for Mac

Supported Audio Codecs

• G.722.1—32k and 24k. G.722.1 is supported on Cisco Unified Communications Manager 8.6.1 or later.

• G.711—a-law and u-law

• G.729a

Supported Video Codec

• H.264/AVC

14

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

COP Files for Cisco Jabber for Windows and Cisco Jabber for Mac

COP Files for Cisco Jabber for Windows and Cisco Jabber for

Mac

In certain cases, you might need to apply COP files to Cisco Unified Communications Manager.

You can download the following COP files from the Cisco Jabber administration package on Cisco.com:

COP File Description Cisco Unified

Communications

Manager

Versions

ciscocm.installcsfdevicetype.cop.sgn

Adds the CSF device type to Cisco Unified

Communications Manager.

For more information, see Software

Requirements.

7.1.3

cmterm-bfcp-e.8-6-2.cop.sgn

ciscocm.addcsfsupportfield.cop.sgn

Enables CSF devices to support BFCP video desktop sharing.

For more information, see Apply COP File for

BFCP Capabilities.

8.6.2 only

Adds the CSF Support Field field for group configuration files.

For more information, see Create Group

Configurations.

8.6.1 and earlier cmterm-cupc-dialrule-wizard-0.1.cop.sgn

Publishes application dial rules and directory lookup rules to Cisco Jabber.

For more information, see Publish Dial Rules.

8.6.1 and earlier

Related Topics

Download software

Client Availability

Users can define whether their availability reflects their calendar events by setting an option to let others know they are in a meeting from the Status tab of the Options window from the client. This option synchronizes events in your calendar with your availability. The client only displays In a meeting availability for supported integrated calendars.

The client supports using two sources for the In a meeting availability:

Note

In Cisco Jabber for Android and Cisco Jabber for iPod or iPad, we do not support this meeting integration.

But we do support In a meeting status in Cisco Jabber for Mac and Cisco Jabber for Windows.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

15

Plan for Installation

Client Availability

• Microsoft Exchange and Cisco Unified Presence Integration — Applies to on-premises deployments.

The Include Calendar information in my Presence Status field in Cisco Unified Presence is the same as the In a meeting option in the client. Both fields update the same value in the Cisco Unified Presence database.

If users set both fields to different values, then the last field that the user sets takes priority. If users change the value of the Include Calendar information in my Presence Status field while the client is running, the users must restart the client for those changes to apply.

• Cisco Jabber Client — Applies to on-premises and cloud-based deployments. You must disable Cisco

Unified Presence and Microsoft Exchange integration for the client to set the In a meeting availability.

The client checks if integration between Cisco Unified Presence and Microsoft Exchange is on or off.

The client can only set availability if integration is off.

The following deployment scenarios describe how availability is created:

Deployment Scenario You select In a meeting (according to my calendar)

You do not select In a meeting

(according to my calendar)

You enable integration between Cisco Unified

Presence and Microsoft

Exchange.

Cisco Unified Presence sets availability status

Availability status does not change

You do not enable integration between Cisco Unified

Presence and Microsoft

Exchange.

Client sets availability status

Cloud-based deployments Client sets availability status

Availability status does not change

Availability status does not change

Additionally, the following table describes availability that is supported differently by each deployment scenarios:

Availability Enabled in the Client Availability Enabled by Integrating Cisco Unified

Presence with Microsoft Exchange

Offline in a meeting availability is not supported.

Offline in a meeting availability is supported.

In a meeting availability is supported for non-calendar events.

Note

In a meeting availability is not supported for non-calendar events.

Offline in a meeting availability refers to when the user is not logged in to the client but an event exists in the user's calendar.

Non-calendar events refer to events that do not appear in the user's calendar, such as instant meetings,

Offline, or On a call.

Related Topics

Calendar Integration, on page 11

16

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Instant Message Encryption

Instant Message Encryption

Cisco Jabber uses Transport Layer Security (TLS) to secure Extensible Messaging and Presence Protocol

(XMPP) traffic over the network between the client and server. Cisco Jabber encrypts point to point instant messages.

On-Premises Encryption

The following table summarizes the details for instant message encryption in on-premises deployments.

Connection Protocol Negotiation Certificate Expected Encryption

Algorithm

Client to server XMPP over TLS v2 X.509 public key infrastructure certificate

AES 256 bit

Server and Client Negotiation

The following servers negotiate TLS encryption with Cisco Jabber using X.509 public key infrastructure

(PKI) certificates with the following:

• Cisco Unified Presence

• Cisco Unified Communications Manager

After the server and client negotiate TLS encryption, both the client and server generate and exchange session keys to encrypt instant messaging traffic.

The following table lists the PKI certificate key lengths for Cisco Unified Presence and Cisco Unified

Communications Manager IM and Presence Service.

Version Key Length

Cisco Unified Communications Manager IM and

Presence Service versions 9.0.1 and higher

2048 bit

Cisco Unified Presence version 8.6.4

2048 bit

Cisco Unified Presence versions lower than 8.6.4

1024 bit

XMPP Encryption

Cisco Unified Presence and Cisco Unified Communications Manager IM and Presence Service both use

256-bit length session keys that are encrypted with the AES algorithm to secure instant message traffic between

Cisco Jabber and the presence server.

If you require additional security for traffic between server nodes, you can configure XMPP security settings on Cisco Unified Presence or Cisco Unified Communications Manager IM and Presence Service. See the following documents for more information about security settings:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

17

Plan for Installation

Cloud-Based Encryption

• Cisco Unified Presence—Configuring Security on Cisco Unified Presence

• Cisco Unified Communications Manager IM and Presence Service—Security configuration on IM and

Presence

Instant Message Logging

You can log and archive instant messages for compliance with regulatory guidelines. To log instant messages, you either configure an external database or integrate with a third-party compliance server. Cisco Unified

Presence and Cisco Unified Communications Manager IM and Presence Service do not encrypt instant messages that you log in external databases or in third party compliance servers. You must configure your external database or third party compliance server as appropriate to protect the instant messages that you log.

See the following documents for more information about compliance:

• Cisco Unified Presence— Instant Messaging Compliance Guide

• Cisco Unified Communications Manager IM and Presence Service—Instant Messaging Compliance for

IM and Presence Service

For more information about encryption levels and cryptographic algorithms, including symmetric key algorithms such as AES or public key algorithms such as RSA, see Next Generation Encryption.

For more information about X.509 public key infrastructure certificates, see the Internet X.509 Public Key

Infrastructure Certificate and CRL Profile document.

Related Topics

Instant Messaging Compliance Guide

Configuring Security on Cisco Unified Presence

Instant Messaging Compliance for IM and Presence Service

Security configuration on IM and Presence

Internet X.509 Public Key Infrastructure Certificate and CRLProfile

Next Generation Encryption

Cloud-Based Encryption

The following table summarizes the details for instant message encryption in cloud-based deployments:

Connection Protocol Negotiation Certificate Expected Encryption

Algorithm

Client to server XMPP within TLS X.509 public key infrastructure certificate

AES 128 bit

Client to client XMPP within TLS X.509 public key infrastructure certificate

AES 256 bit

Server and Client Negotiation

The following servers negotiate TLS encryption with Cisco Jabber using X.509 public key infrastructure

(PKI) certificates with the Cisco WebEx Messenger service.

18

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Cloud-Based Encryption

After the server and client negotiate TLS encryption, both the client and server generate and exchange session keys to encrypt instant messaging traffic.

XMPP Encryption

The Cisco WebEx Messenger service uses 128-bit session keys that are encrypted with the AES algorithm to secure instant message traffic between Cisco Jabber and the Cisco WebEx Messenger service.

You can optionally enable 256-bit client-to-client AES encryption to secure the traffic between clients.

Instant Message Logging

The Cisco WebEx Messenger service can log instant messages, but it does not archive those instant messages in an encrypted format. However, the Cisco WebEx Messenger service uses stringent data center security, including SAE-16 and ISO-27001 audits, to protect the instant messages that it logs.

The Cisco WebEx Messenger service cannot log instant messages if you enable AES 256 bit client-to-client encryption.

For more information about encryption levels and cryptographic algorithms, including symmetric key algorithms such as AES or public key algorithms such as RSA, see Next Generation Encryption.

For more information about X509 public key infrastructure certificates, see the Internet X.509 Public Key

Infrastructure Certificate and CRL Profile document.

Related Topics

Client to Client Encryption

Internet X.509 Public Key Infrastructure Certificate and CRLProfile

Next Generation Encryption

Client-to-Client Encryption

By default, instant messaging traffic between the client and the Cisco WebEx Messenger service is secure.

You can optionally specify policies in the Cisco WebEx Administration Tool to secure instant messaging traffic between clients.

The following policies specify client-to-client encryption of instant messages:

Support AES Encoding For IM—Sending clients encrypt instant messages with the AES 256-bit algorithm. Receiving clients decrypt instant messages.

Support No Encoding For IM—Clients can send and receive instant messages to and from other clients that do not support encryption.

The following table describes the different combinations that you can set with these policies.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

19

Plan for Installation

Encryption Icons

Policy Combination Client-to-Client

Encryption

When the Remote Client

Supports AES Encryption

When the Remote Client

Does not Support AES

Encryption

Support AES Encoding For IM = false

Support No Encoding For IM = true

No Cisco Jabber sends unencrypted instant messages.

Cisco Jabber does not negotiate a key exchange.

As a result, other clients do not send Cisco Jabber encrypted instant messages.

Cisco Jabber sends and receives unencrypted instant messages.

Support AES Encoding For IM = true

Support No Encoding For IM = true

Yes

Support AES Encoding For IM = true

Support No Encoding For IM = false

Yes

Cisco Jabber sends and receives encrypted instant messages.

Cisco Jabber displays an icon to indicate instant messages are encrypted.

Cisco Jabber sends encrypted instant messages.

Cisco Jabber receives unencrypted instant messages.

Cisco Jabber sends and receives encrypted instant messages.

Cisco Jabber displays an icon to indicate instant messages are encrypted.

Cisco Jabber does not send or receive instant messages to the remote client.

Cisco Jabber displays an error message when users attempt to send instant messages to the remote client.

Note

Cisco Jabber does not support client-to-client encryption with group chats. Cisco Jabber uses client-to-client encryption for point-to-point chats only.

For more information about encryption and Cisco WebEx policies, see About Encryption Levels in the Cisco

WebEx documentation.

Related Topics

About Encryption Levels

Encryption Icons

Review the icons that the client displays to indicate encryption levels.

20

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Local Chat History

Lock Icon for Client to Server Encryption

In both on-premises and cloud-based deployments, Cisco Jabber displays the following icon to indicate client to server encryption:

Padlock Icon for Client to Client Encryption

In cloud-based deployments, Cisco Jabber displays the following icon to indicate client to client encryption:

Local Chat History

If you enable local chat history, Cisco Jabber for Windows does not archive instant messages in an encrypted format. In order to restrict access to chat history, the client saves archives to the following directory:

%USERPROFILE%\AppData\Local\Cisco\Unified

Communications\Jabber\CSF\History\uri.db

.

Chat history is retained after participants close the chat window and until participants sign out. If you do not want to retain chat history after participants close the chat window, set the Disable_IM_History parameter to true. This parameter is available to all clients except IM-only users.

Quality of Service Configuration

Cisco Jabber supports the following methods for prioritizing and classifying Real-time Transport Protocol

(RTP) traffic as it traverses the network:

• Deploy with Cisco Media Services Interface

• Set DSCP values in IP headers of RTP media packets

Tip

Cisco recommends deploying with Cisco Media Services Interface (MSI). This method effectively improves the quality of experience and reduces cost of deployment and operations. MSI also enables the client to become network aware so it can dynamically adapt to network conditions and integrate more tightly with the network.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

21

Plan for Installation

Cisco Media Services Interface

Cisco Media Services Interface

Cisco Media Services Interface provides a service that works with Cisco Prime Collaboration Manager and

Cisco Medianet-enabled routers to ensure that Cisco Jabber can send audio media and video media on your network with minimum latency or packet loss.

Before Cisco Jabber sends audio media or video media, it checks for Cisco Media Services Interface.

• If the service exists on the computer, Cisco Jabber provides flow information to Cisco Media Services

Interface.

The service then signals the network so that routers classify the flow and provide priority to the Cisco

Jabber traffic.

• If the service does not exist, Cisco Jabber does not use it and sends audio media and video media as normal.

Note

Cisco Jabber checks for Cisco Media Services Interface for each audio call or video call.

You must install Cisco Media Services Interface separately and ensure your network is enabled for Cisco

Medianet. You must also install Cisco Prime Collaboration Manager and routers enabled for Cisco Medianet.

Related Topics

Install Cisco Media Services Interface, on page 100

Set DSCP Values

Set Differentiated Services Code Point (DSCP) values in RTP media packet headers to prioritize Cisco Jabber traffic as it traverses the network.

Port Ranges on Cisco Unified Communications Manager

You define the port range that the client uses on the SIP profile in Cisco Unified Communications Manager.

The client then uses this port range to send RTP traffic across the network.

Define a Port Range on the SIP Profile

The client uses the port range to send RTP traffic across the network. The client divides the port range equally and uses the lower half for audio calls and the upper half for video calls. As a result of splitting the port range for audio media and video media, the client creates identifiable media streams. You can then classify and prioritize those media streams by setting DSCP values in the IP packet headers.

22

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Set DSCP Values

Procedure

Step 1

Open the Cisco Unified CM Administration interface.

Step 2

Select Device > Device Settings > SIP Profile.

Step 3

Find the appropriate SIP profile or create a new SIP profile.

The SIP Profile Configuration window opens.

Step 4

Specify the port range in the following fields:

Start Media Port — Defines the start port for media streams. This field sets the lowest port in the range.

Stop Media Port — Defines the stop port for media streams. This field sets the highest port in the range.

Step 5

Select Apply Config and then OK.

Related Topics

8.6.x: SIP Profile Configuration

9.0.x: SIP profile setup

How the Client Uses Port Ranges

Cisco Jabber equally divides the port range that you set in the SIP profile. The client then uses the port range as follows:

• Lower half of the port range for audio streams

• Upper half of the port range for video streams

For example, if you use a start media port of 3000 and an end media port of 4000, the client sends media through ports as follows:

• Ports 3000 to 3501 for audio streams

• Ports 3502 to 4000 for video streams

As a result of splitting the port range for audio media and video media, the client creates identifiable media streams. You can then classify and prioritize those media streams by setting DSCP values in the IP packet headers.

Options for Setting DSCP Values

The following table describes the options for setting DSCP values:

Method for Setting DSCP Values

Set DSCP values with Microsoft Group Policy

Set DSCP values on network switches and routers

Microsoft Windows 7

Yes

Yes

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

23

Plan for Installation

Set DSCP Values

Method for Setting DSCP Values Microsoft Windows 7

Set DSCP values on Cisco Unified Communications

Manager

No

Set DSCP Values on Cisco Unified Communications Manager

You can set DSCP values for audio media and video media on Cisco Unified Communications Manager.

Cisco Jabber can then retrieve the DSCP values from the device configuration and apply them directly to the

IP headers of RTP media packets.

Restriction

For later operating systems such as Microsoft Windows 7, Microsoft implements a security feature that prevents applications from setting DSCP values on IP packet headers. For this reason, you should use an alternate method for marking DSCP values, such as Microsoft Group Policy.

For more information on configuring flexible DSCP values, refer to Configure Flexible DSCP Marking and

Video Promotion Service Parameters

Procedure

Step 1

Open the Cisco Unified CM Administration interface.

Step 2

Select System > Service Parameters.

The Service Parameter Configuration window opens.

Step 3

Select the appropriate server and then select the Cisco CallManager service.

Step 4

Locate the Clusterwide Parameters (System - QOS) section.

Step 5

Specify DSCP values as appropriate and then select Save.

Set DSCP Values with Group Policy

If you deploy Cisco Jabber for Windows on a later operating system such as Microsoft Windows 7, you can use Microsoft Group Policy to apply DSCP values.

Complete the steps in the following Microsoft support article to create a group policy: http:// technet.microsoft.com/en-us/library/cc771283%28v=ws.10%29.aspx

You should create separate policies for audio media and video media with the following attributes:

Attributes Audio Policy Video Policy Signaling Policy

Application name

CiscoJabber.exe

CiscoJabber.exe

CiscoJabber.exe

Protocol UDP UDP TCP

24

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Protocol Handlers

Attributes

Port number or range

DSCP value

Audio Policy Video Policy Signaling Policy

Corresponding port number or range from the SIP profile on Cisco

Unified

Communications

Manager.

Corresponding port number or range from the SIP profile on Cisco

Unified

Communications

Manager.

5060 for SIP

5061 for secure SIP

46 34 24

Set DSCP Values on the Network

You can configure switches and routers to mark DSCP values in the IP headers of RTP media.

To set DSCP values on the network, you must identify the different streams from the client application.

• Media Streams — Because the client uses different port ranges for audio streams and video streams, you can differentiate audio media and video media based on those port range. Using the default port ranges in the SIP profile, you should mark media packets as follows:

• Audio media streams in ports from 16384 to 24574 as EF

• Video media streams in ports from 24575 to 32766 as AF41

• Signaling Streams — You can identify signaling between the client and servers based on the various ports required for SIP, CTI QBE, and XMPP. For example, SIP signaling between Cisco Jabber and

Cisco Unified Communications Manager occurs through port 5060.

You should mark signaling packets as AF31.

Protocol Handlers

Cisco Jabber registers the following protocol handlers with the operating system to enable click-to-call or click-to-IM functionality from web browsers or other applications:

• XMPP:

Starts an instant message and opens a chat window in Cisco Jabber.

• IM:

Starts an instant message and opens a chat window in Cisco Jabber.

• TEL:

Starts an audio or video call with Cisco Jabber.

Note

TEL is registered by Apple native phone. It cannot be used to cross launch Cisco Jabber for iPhone and iPad.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

25

Plan for Installation

Registry Entries for Protocol Handlers

• CISCOTEL:

Starts an audio or video call with Cisco Jabber.

• SIP:

Starts an audio or video call with Cisco Jabber.

• CISCOTELCONF:

Starts a conference call with Cisco Jabber.

Registry Entries for Protocol Handlers

To register as a protocol handler, the client writes to the following locations in the Microsoft Windows registry:

• HKEY_CLASSES_ROOT\tel\shell\open\command

• HKEY_CLASSES_ROOT\xmpp\shell\open\command

• HKEY_CLASSES_ROOT\im\shell\open\command

In the case where two or more applications register as handlers for the same protocol, the last application to write to the registry takes precedence. For example, if Cisco Jabber registers as a protocol handler for XMPP: and then a different application registers as a protocol handler for XMPP:, the other application takes precedence over Cisco Jabber.

Protocol Handlers on HTML Pages

You can add protocol handlers on HTML pages as part of the href attribute. When users click the hyperlinks that your HTML pages expose, the client performs the appropriate action for the protocol.

TEL and IM Protocol Handlers

Example of the TEL: and IM: protocol handlers on an HTML page:

<html>

<body>

<a href="TEL:1234">Call 1234</a><br/>

<a href="IM:[email protected]">Send an instant message to Mary Smith</a>

</body>

</html>

In the preceding example, when users click the hyperlink to call 1234, the client starts an audio call to that phone number. When users click the hyperlink to send an instant message to Mary Smith, the client opens a chat window with Mary.

CISCOTEL and SIP Protocol Handlers

Example of the CISCOTEL and SIP protocol handlers on an HTML page:

<html>

<body>

<a href="CISCOTEL:1234">Call 1234</a><br/>

<a href="SIP:[email protected]">Call Mary</a><br/>

<a href="CISCOTELCONF:[email protected];[email protected]">Weekly conference call</a>

</body>

</html>

In the preceding example, when users click the Call 1234 or Call Mary hyperlinks, the client starts an audio call to that phone number.

26

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Audio and Video Performance Reference

CISOTELCONF Protocol Handler

Example of the CISCOTELCONF protocol handler on an HTML page:

<html>

<body>

<a href="CISCOTELCONF:[email protected];[email protected]">Weekly conference call</a>

</body>

</html>

In the preceding example, when users click the Weekly conference call hyperlink, a conference call is set up between Mary, Adam, and the user who clicked the link.

Tip

Add lists of contacts for the CISCOTELCONF: handler to create conference calls. Use a semi-colon to delimit contacts, as in the following example:

CISCOTELCONF:[email protected];[email protected];[email protected];[email protected]

XMPP Protocol Handlers

Example of a group chat using the XMPP: protocol handler on an HTML page:

<html>

<body>

<a href="XMPP:[email protected];[email protected]">Create a group chat with Mary Smith and

Adam McKenzie</a>

</body>

</html>

In the preceding example, when users click the hyperlink to create a group chat with Mary Smith and Adam

McKenzie, the client opens a group chat window with Mary and Adam.

Tip

Add lists of contacts for the XMPP: and IM: handlers to create group chats. Use a semi-colon to delimit contacts, as in the following example:

XMPP:[email protected];[email protected];[email protected];[email protected]

Audio and Video Performance Reference

Attention

The following data is based on testing in a lab environment. This data is intended to provide an idea of what you can expect in terms of bandwidth usage. The content in this topic is not intended to be exhaustive or to reflect all media scenarios that might affect bandwidth usage.

Audio Bit Rates for Cisco Jabber Desktop Clients

The following audio bit rates apply to Cisco Jabber for Windows and Cisco Jabber for Mac.

Codec

g.722.1

RTP (kbits/second)

24/32

Actual bitrate (kbits/second)

54/62

Notes

High quality compressed

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

27

Plan for Installation

Video Bit Rates for Cisco Jabber Desktop Clients

Codec

g.711

RTP (kbits/second)

64 g.729a

8

Actual bitrate (kbits/second)

80

38

Notes

Standard uncompressed

Low quality compressed

Video Bit Rates for Cisco Jabber Desktop Clients

The following video bit rates (with g.711 audio) apply to Cisco Jabber for Windows and Cisco Jabber for

Mac. This table does not list all possible resolutions.

Resolution

w144p

Pixels

256 x 144

Measured bit rate (kbits per second) with g.711

audio

156

320 w288p

This is the default size of the video rendering window for Cisco Jabber.

512 x 288 w448p w576p

720p

768 x 448

1024 x 576

1280 x 720

570

890

1300

Note

The measured bit rate is the actual bandwidth used (RTP payload + IP packet overhead).

Presentation Video Bit Rates

Cisco Jabber captures at 8 fps and transmits at 2 to 8 fps.

The values in this table do not include audio.

Pixels

720 x 480

Estimated wire bit rate at 2 fps

(kbits per second)

41

Estimated wire bit rate at 8 fps (kbits per second)

164

704 x 576 47

1024 x 768 80

1280 x 720 91

188

320

364

28

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Plan for Installation

Maximum Negotiated Bit Rate

Pixels

1280 x 800

Estimated wire bit rate at 2 fps

(kbits per second)

100

Estimated wire bit rate at 8 fps (kbits per second)

400

Maximum Negotiated Bit Rate

You specify the maximum payload bit rate in Cisco Unified Communications Manager in the Region

Configuration window. This maximum payload bit rate does not include packet overhead, so the actual bit rate used is higher than the maximum payload bit rate you specify.

The following table describes how Cisco Jabber allocates the maximum payload bit rate:

Desktop sharing session Audio Interactive video (Main video) Presentation video

(Desktop sharing video)

No Cisco Jabber uses the maximum audio bit rate.

Cisco Jabber allocates the remaining bit rate as follows:

The maximum video call bit rate minus the audio bit rate.

Yes Cisco Jabber uses the maximum audio bit rate.

Cisco Jabber allocates half of the remaining bandwidth after subtracting the audio bit rate.

Cisco Jabber allocates half of the remaining bandwidth after subtracting the audio bit rate.

Bandwidth Performance Expectations for Cisco Jabber for Windows and Cisco

Jabber for Mac

Cisco Jabber for Windows separates the bit rate for audio and then divides the remaining bandwidth equally between interactive video and presentation video. The following table provides information to help you understand what performance you should be able to achieve per bandwidth:

Upload speed Audio Audio + Interactive video (Main video)

Audio +

Presentation video

(Desktop sharing video)

Audio + Interactive video +

Presentation video

125 kbps under

VPN

Insufficient bandwidth for video.

Insufficient bandwidth for video.

.

At bandwidth threshold for g.711.

Sufficient bandwidth for g.729a and g.722.1

Insufficient bandwidth for video.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

29

Plan for Installation

Video Rate Adaptation

Upload speed

384 kbps under

VPN

Audio

Sufficient bandwidth for any audio codec.

Audio + Interactive video (Main video)

Audio +

Presentation video

(Desktop sharing video)

Audio + Interactive video +

Presentation video

w288p (512 x 288) at 30 fps

1280 x 800 at 2+ fps w144p (256 x 144) at 30 fps + 1280 x

720 at 2+ fps

384 kbps in an enterprise network

Sufficient bandwidth for any audio codec.

w288p (512 x 288) at 30 fps

1280 x 800 at 2+ fps w144p (256 x 144) at 30 fps + 1280 x

800 at 2+ fps

1000 kbps

2000 kbps

Sufficient bandwidth for any audio codec.

w576p (1024 x 576) at 30 fps

1280 x 800 at 8 fps w288p (512 x 288) at 30 fps + 1280 x

800 at 8 fps

Sufficient bandwidth for any audio codec.

w720p30 (1280 x

720) at 30 fps

1280 x 800 at 8 fps w288p (1024 x 576) at 30 fps + 1280 x

800 at 8 fps

Note that VPN increases the size of the payload, which increases the bandwidth consumption.

Video Rate Adaptation

Cisco Jabber uses video rate adaptation to negotiate optimum video quality. Video rate adaptation dynamically increases or decreases video bit rate throughput to handle real-time variations on available IP path bandwidth.

Cisco Jabber users should expect video calls to begin at lower resolution and scale upwards to higher resolution over a short period of time. Cisco Jabber saves history so that subsequent video calls should begin at the optimal resolution.

30

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

C H A P T E R

3

Set Up Servers

Set up the servers before you install the client. Add users to your environment and provision them with services.

Server Setup Guide, page 31

Server Setup Guide

The Cisco Jabber Server Setup Guide describes the tasks you need to complete to set up and configure services for Cisco Jabber.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

31

Server Setup Guide

Set Up Servers

32

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

C H A P T E R

4

About Certificate Validation

Cisco Jabber uses certificate validation to establish secure connections with servers.

When attempting to establish secure connections, servers present Cisco Jabber with certificates.

Cisco Jabber for Windows validates those certificates against certificates in the Microsoft Windows certificate store.

If the client cannot validate a certificate, it prompts the user to confirm if they want to accept the certificate.

In Expressway for Mobile and Remote Access deployment, when using an online certificate status protocol

(OCSP) or online certificate revocation lists (CRL) to obtain the revocation status of the certificates, the

Cisco Jabber client expects a response time of less than 5 seconds. Connections will fail if the response time is greater than the expected 5 seconds.

On-Premises Servers, page 33

Certificate Requirements for Cloud-Based Servers, page 39

On-Premises Servers

Review which certificates on-premises servers present to the client and the tasks involved in getting those certificates signed.

Required Certificates for On-Premises Servers

On-premises servers present the following certificates to establish a secure connection with Cisco Jabber:

Server Certificate

Cisco Unified Presence or Cisco Unified

Communications Manager IM and Presence Service

HTTP (Tomcat)

XMPP

Cisco Unified Communications Manager HTTP (Tomcat) and CallManager certificate (secure

SIP call signaling for secure phone)

Cisco Unity Connection HTTP (Tomcat)

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

33

About Certificate Validation

Get Certificates Signed by Certificate Authority

Server

Cisco WebEx Meetings Server

Cisco VCS Expressway

Cisco Expressway-E

Certificate

HTTP (Tomcat)

Server certificate (used for HTTP, XMPP, and SIP call signaling)

Important Notes

• Security Assertion Markup Language (SAML) single sign-on (SSO) and the Identity Provider (IdP) require an X.509 certificate.

• You should apply the most recent Service Update (SU) for Cisco Unified Presence or Cisco Unified

Communications Manager IM and Presence Service before you begin the certificate signing process.

• The required certificates apply to all server versions.

• Each cluster node, subscriber, and publisher, runs a Tomcat service and can present the client with an

HTTP certificate.

You should plan to sign the certificates for each node in the cluster.

• To secure SIP signaling between the client and Cisco Unified Communications Manager, you should use Certification Authority Proxy Function (CAPF) enrollment.

Get Certificates Signed by Certificate Authority

Cisco recommends using server certificates that are signed by one of the following types of Certificate Authority

(CA):

• Public CA — A third-party company verifies the server identity and issues a trusted certificate.

• Private CA — You create and manage a local CA and issue trusted certificates.

The signing process varies for each server and can vary between server versions. It is beyond the scope of this document to provide detailed steps for every version of each server. You should consult the appropriate server documentation for detailed instructions on how to get certificates signed by a CA. However, the following steps provide a high-level overview of the procedure:

Procedure

Step 1

Generate a Certificate Signing Request (CSR) on each server that can present a certificate to the client.

Step 2

Submit each CSR to the CA.

If the process your company uses means you must wait for the CSRs to be sent back to you before you can apply them, then you may wish to configure your services now while you wait for the CSRs. Then you can apply the certificates after the service configuration is complete, prior to deployment.

Step 3

Upload the certificates that the CA issues to each server.

34

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

About Certificate Validation

Revocation Servers

Certificate Signing Request Formats and Requirements

A public certificate authority (CA) typically requires a certificate signing request (CSR) to conform to specific formats. For example, a public CA might only accept CSRs that have the following requirements:

• Are Base64-encoded.

• Do not contain certain characters, such as @&!, in the Organization, OU, or other fields.

• Use specific bit lengths in the server's public key.

If you submit CSRs from multiple nodes, public CAs might require that the information is consistent in all

CSRs.

To prevent issues with your CSRs, you should review the format requirements from the public CA to which you plan to submit the CSRs. You should then ensure that the information you enter when configuring your server conforms to the format that the public CA requires.

One Certificate Per FQDN—Some public CAs sign only one certificate per fully qualified domain name

(FQDN).

For example, to sign the HTTP and XMPP certificates for a single Cisco Unified Communications Manager

IM and Presence Service node, you might need to submit each CSR to different public CAs.

Revocation Servers

To validate certificates, the certificate must contain an HTTP URL in the CDP or AIA fields for a reachable server that can provide revocation information. If a certificate authority (CA) revokes a certificate, the client does not allow users to connect to that server.

Users are not notified of the following outcomes:

• The certificates do not contain revocation information.

• The revocation server cannot be reached.

To ensure that your certificates are validated when you get a certificate issued by a CA, you must meet one of the following requirements:

• Ensure that the CRL Distribution Point (CDP) field contains an HTTP URL to a certificate revocation list (CRL) on a revocation server.

• Ensure that the Authority Information Access (AIA) field contains an HTTP URL for an Online

Certificate Status Protocol (OCSP) server.

Server Identity in Certificates

As part of the signing process, the CA specifies the server identity in the certificate. When the client validates that certificate, it checks that:

• A trusted authority has issued the certificate.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

35

About Certificate Validation

Server Identity in Certificates

Note

Public CAs generally require a fully qualified domain name (FQDN) as the server identity, not an IP address.

Identifier Fields

The client checks the following identifier fields in server certificates for an identity match:

• XMPP certificates

• SubjectAltName\OtherName\xmppAddr

• SubjectAltName\OtherName\srvName

• SubjectAltName\dnsNames

• Subject CN

• HTTP certificates

• SubjectAltName\dnsNames

• Subject CN

Tip

The Subject CN field can contain a wildcard (*) as the leftmost character, for example, *.cisco.com.

Prevent Identity Mismatch

If users attempt to connect to a server with an IP address, and the server certificate identifies the server with an FQDN, the client cannot identify the server as trusted and prompts the user.

If your server certificates identify the servers with FQDNs, you should plan to specify each server name as

FQDN throughout your environment.

Provide XMPP Domain to Clients

This task is not required if you are using Cisco Unified Communications Manager IM and Presence Service version 10.0 or later.

The client identifies XMPP certificates using the XMPP domain, rather than the FQDN. The XMPP certificates must contain the XMPP domain in an identifier field.

When the client attempts to connect to the presence server, the presence server provides the XMPP domain to the client. The client can then validate the identity of the presence server against the XMPP certificate.

Complete the following steps to ensure the presence server provides the XMPP domain to the client:

Procedure

Step 1

Open the administration interface for your presence server, as follows:

36

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

About Certificate Validation

Import Root Certificates on Client Computers

• Cisco Unified Communications Manager IM and Presence Service — Open the Cisco Unified CM IM

and Presence Administration interface.

• Cisco Unified Presence — Open the Cisco Unified Presence Administration interface.

Step 2

Select System > Security > Settings.

Step 3

Locate the XMPP Certificate Settings section.

Step 4

Specify the presence server domain in the following field: Domain name for XMPP Server-to-Server

Certificate Subject Alternative Name.

Step 5

Select the following checkbox: Use Domain Name for XMPP Certificate Subject Alternative Name.

Step 6

Click Save.

Import Root Certificates on Client Computers

Every server certificate should have an associated root certificate present in the trust store on client computers.

Cisco Jabber validates the certificates that servers present against the root certificates in the trust store.

If you get server certificates signed by a public CA, the public CA should already have a root certificate present in the trust store on the client computer. In this case, you do not need to import root certificates on the client computers.

You should import root certificates into the Microsoft Windows certificate store if:

• The certificates are signed by a CA that does not already exist in the trust store, such as a private CA.

Import the private CA certificate to the Trusted Root Certification Authorities store.

• The certificates are self-signed.

Import self-signed certificates to the Enterprise Trust store.

Important

If root certificates are not present in the trust store, Cisco Jabber prompts users to accept certificates from each server in your environment.

When the client prompts users to accept a certificate, users can:

• Accept the certificate — The client saves the certificate to the Enterprise Trust store.

• Decline the certificate — The client:

• Does not save the certificate.

• Does not connect to the server.

• Displays an error notification.

When users restart the client, it prompts them to accept the certificate again.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

37

About Certificate Validation

Deploy Certificates on Client Computers

You can use any appropriate method to import certificates into the Microsoft Windows certificate store, including the following. For detailed instructions on importing certificates, refer to the appropriate Microsoft documentation.

• Use the Certificate Import Wizard to import certificates individually.

• Deploy certificates to users with the CertMgr.exe command line tool on Microsoft Windows Server.

Note

This option requires you to use the Certificate Manager tool, CertMgr.exe, not the Certificates Microsoft

Management Console, CertMgr.msc.

• Deploy certificates to users with a Group Policy object (GPO) on Microsoft Windows Server.

Deploy Certificates on Client Computers

Every server certificate should have an associated certificate in the Keychain on the client computers. Cisco

Jabber validates the certificates that the servers present against the certificates in the Keychain.

Important

If root certificates are not present in the Keychain, Cisco Jabber prompts users to accept certificates from each server in your environment.

When the client prompts users to verify a certificate, users can:

• Always trust server name — The client saves the certificate to the Keychain.

• Continue — The client will connect, but when the user restarts the client they are prompted to accept the certificate again.

• Cancel — The client:

• Does not save the certificate.

• Does not connect to the server.

Prevent the warning dialogs by downloading the certificates from the Cisco Unified OS Administration interface. Complete the following steps to deploy self-signed certificates to the user.

Procedure

Step 1

For each Cisco node, download the corresponding “tomcat-trust” certificate from the Cisco Unified OS

Administration interface. Select Security > Certificate Management.

Step 2

Concatenate the certificates into a single file with the extension .pem (for example,

“companyABCcertificates.pem”).

Step 3

Send the file to your Cisco Jabber users and ask them to double-click it. Doing so launches the Keychain

Access application and imports the certificates.

Note

The operating system requires that the user enter the Mac OS X administration password for each certificate that is being imported.

38

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

About Certificate Validation

Certificate Requirements for Cloud-Based Servers

Certificate Requirements for Cloud-Based Servers

Cisco WebEx Messenger and Cisco WebEx Meeting Center present the following certificates to the client:

• Central Authentication Service (CAS)

• WLAN Authentication and Privacy Infrastructure (WAPI)

Important

Cisco WebEx certificates are signed by a public certificate authority (CA). Cisco Jabber validates these certificates to establish secure connections with cloud-based services.

As of Cisco Jabber for Windows 9.7.2 and Cisco Jabber for Mac 9.6.1, Cisco Jabber validates the XMPP certificate received from Cisco WebEx Messenger. If your operating system does not contain the following certificates for Cisco WebEx Messenger, you must provide them:

• VeriSign Class 3 Public Primary Certification Authority—G5 (stored in the Trusted Root Certificate

Authority)

• VeriSign Class 3 Secure Server CA—G3 (stored in the Intermediate Certificate Authority)

The same set of certificates are applicable for Cisco Jabber for Android, iPhone and iPad.

The certificate that is stored in the Intermediate Certificate Authority validates the Cisco WebEx Messenger server identity.

For Cisco Jabber for Windows 9.7.2 or later, you can find more information and installation instructions for the root certificate at http://www.identrust.co.uk/certificates/trustid/install-nes36.html

.

For Cisco Jabber for Mac 9.6.1 or later and iOS, you can find more information for the root certificate on the

Apple support website at https://support.apple.com

.

Update Profile Photo URLs

In cloud-based deployments, Cisco WebEx assigns unique URLs to profile photos when you add or import users. When Cisco Jabber resolves contact information, it retrieves the profile photo from Cisco WebEx at the URL where the photo is hosted.

Profile photo URLs use HTTP Secure (https://server_name/) and present certificates to the client.

If the server name in the URL is:

• A fully qualified domain name (FQDN) that contains the Cisco WebEx domain — The client can validate the web server that is hosting the profile photo against the Cisco WebEx certificate.

• An IP address — The client cannot validate the web server that is hosting the profile photo against the

Cisco WebEx certificate. In this case, the client prompts users to accept certificates whenever they look up contacts with an IP address in their profile photo URLs.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

39

About Certificate Validation

Update Profile Photo URLs

Important

• We recommend that you update all profile photo URLs that contain an IP address as the server name.

Replace the IP address with the FQDN that contains the Cisco WebEx domain to ensure that the client does not prompt users to accept certificates.

• When you update a photo, the photo can take up to 24 hours to refresh in the client.

The following steps describe how to update profile photo URLs. Refer to the appropriate Cisco WebEx documentation for detailed instructions.

Procedure

Step 1

Export user contact data in CSV file format with the Cisco WebEx Administration Tool.

Step 2

In the userProfilePhotoURL field, replace IP addresses with the Cisco WebEx domain.

Step 3

Save the CSV file.

Step 4

Import the CSV file with the Cisco WebEx Administration Tool.

40

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

C H A P T E R

5

Deployment Options

Learn about options for deploying Cisco Jabber.

On-Premises Deployments, page 41

Cloud-Based Deployments, page 47

How the Client Connects to Services, page 50

Cloud-Based SSO , page 66

Expressway for Mobile and Remote Access Deployments, page 68

Deployment in a Virtual Environment, page 75

On-Premises Deployments

An on-premises deployment is one in which you set up, manage, and maintain all services on your corporate network.

Product Modes

You can deploy the client in the following modes:

Full UC and Cisco Jabber for Everyone (IM Only)

The default product mode is one in which the user's primary authentication is to a presence server. At a minimum, users have instant messaging and presence capabilities.

Both full UC and Cisco Jabber for Everyone deployments use the default product mode.

To deploy full UC, you enable instant messaging and presence capabilities. You then provision users with devices for audio and video in addition to voicemail and conferencing capabilities.

To deploy Cisco Jabber for Everyone, you enable instant messaging and presence capabilities. You can optionally provision users with desk phone devices that they can control with the client.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

41

Deployment Options

Default Mode Diagrams

Phone Mode

In phone mode, the user's primary authentication is to Cisco Unified Communications Manager.

To deploy phone mode, you provision users with devices for audio and video capabilities. You can also provision users with additional services such as voicemail.

Default Mode Diagrams

Review architecture diagrams for on-premises deployments in the default product mode.

Diagram with Cisco Unified Presence

The following diagram illustrates the architecture of an on-premises deployment that includes Cisco Unified

Presence:

Figure 1: On-Premises Architecture

The following are the services available in an on-premises deployment:

42

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Default Mode Diagrams

Presence

Users can publish their availability and subscribe to other users' availability through Cisco Unified

Presence.

Instant Messaging

Users send and receive instant messages through Cisco Unified Presence.

Audio Calls

Users place audio calls through desk phone devices or on their computers through Cisco Unified

Communications Manager.

Video

Users share their screens and place video calls through Cisco Unified Communications Manager.

Voicemail

Users send and receive voice messages through Cisco Unity Connection.

Conferencing

Integrate with one of the following:

Cisco WebEx Meeting Center

Provides hosted meeting capabilities.

Cisco WebEx Meeting Server

Provides on-premises meeting capabilities.

Related Topics

Integrate with Directory Sources, on page 149

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

43

Deployment Options

Default Mode Diagrams

Diagram with Cisco Unified Communications IM and Presence

The following diagram illustrates the architecture of an on-premise deployment that includes Cisco Unified

Communications IM and Presence:

Figure 2: On-Premise architecture

The following are the services available in an on-premise deployment:

Presence

Users can publish their availability and subscribe to other users' availability through Cisco Unified

Communications IM and Presence.

Instant Messaging

Users send and receive instant messages through Cisco Unified Communications IM and Presence.

Audio Calls

Users place audio calls through desk phone devices or on their computers through Cisco Unified

Communications Manager.

44

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Default Mode Diagrams

Video

Users share their screens and place video calls through Cisco Unified Communications Manager.

Voicemail

Users send and receive voice messages through Cisco Unity Connection.

Conferencing

Integrate with one of the following:

Cisco WebEx Meeting Center

Provides hosted meeting capabilities.

Cisco WebEx Meetings Server

Provides on-premise meeting capabilities.

Related Topics

Integrate with Directory Sources, on page 149

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

45

Deployment Options

Phone Mode Diagram

Phone Mode Diagram

The following diagram illustrates the architecture of an on-premise deployment for phone mode:

Figure 3: Phone Mode architecture

The following are the services available in a phone mode deployment:

Audio Calls

Users place audio calls through desk phone devices or on their computers through Cisco Unified

Communications Manager.

Video

Users share their screens and place video calls through Cisco Unified Communications Manager.

Voicemail

Users send and receive voice messages through Cisco Unity Connection.

46

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Cloud-Based Deployments

Conferencing

Integrate with one of the following:

Cisco WebEx Meeting Center

Provides hosted meeting capabilities.

Cisco WebEx Meetings Server

Provides on-premise meeting capabilities.

Cloud-Based Deployments

In cloud-based deployments, the user's primary authentication is to the Cisco WebEx Messenger service.

Cisco WebEx hosts all services. You manage and monitor cloud-based deployments with the Cisco WebEx

Administration Tool.

Related Topics

WebEx Single Sign-On Documentation

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

47

Cloud-Based Diagram

Cloud-Based Diagram

The following diagram illustrates the architecture of a cloud-based deployment:

Figure 4: Cloud-Based Architecture

Deployment Options

The following are the services available in a cloud-based deployment:

• Contact Source — The Cisco WebEx Messenger service provides contact resolution.

• Presence — The Cisco WebEx Messenger service lets users publish their availability and subscribe to other users' availability.

• Instant Messaging — The Cisco WebEx Messenger service lets users send and receive instant messages.

• Conferencing — Cisco WebEx Meeting Center provides hosted meeting capabilities.

48

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Hybrid Cloud-Based Diagram

Hybrid Cloud-Based Diagram

The following diagram illustrates the architecture of a hybrid cloud-based deployment:

Figure 5: Hybrid Cloud-Based Architecture

The following are the services available in a hybrid cloud-based deployment:

• Contact Source — The Cisco WebEx Messenger service provides contact resolution.

• Presence — The Cisco WebEx Messenger service lets users can publish their availability and subscribe to other users' availability.

• Instant Messaging — The Cisco WebEx Messenger service lets users send and receive instant messages.

• Conferencing — Cisco WebEx Meeting Center provides hosted meeting capabilities.

• Audio Calls — Users place audio calls through desk phone devices or on their computers through Cisco

Unified Communications Manager.

• Video — Users share their screens and place video calls through Cisco Unified Communications Manager.

• Voicemail — Users send and receive voice messages through Cisco Unity Connection.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

49

Deployment Options

How the Client Connects to Services

How the Client Connects to Services

To connect to services, Cisco Jabber requires the following information:

• Source of authentication that enables users to sign in to the client.

• Location of services.

You can provide that information to the client with the following methods:

Service Discovery

The client automatically locates and connects to services.

Manual Connection Settings

Users manually enter connection settings in the client user interface.

Bootstrap File

You manually enter connection settings during installation.

Recommended Connection Methods

The method that you should use to provide the client with the information it needs to connect to services depends on your deployment type, server versions, and product modes. The following tables highlight various deployment methods and how to provide the client with the necessary information.

Table 1: On-Premises Deployments for Cisco Jabber for Windows

Product

Mode

Full UC

(default mode)

Server Versions

Release 9.1.2 and later:

• Cisco Unified

Communications

Manager

• Cisco Unified

Communications

Manager IM and

Presence Service

Discovery Method Non-DNS Method

A DNS SRV request against

_cisco-uds .<domain>

Use the following installer switches and values:

• AUTHENTICATOR=CUP

• CUP_ADDRESS=

<presence_server_address>

Full UC

(default mode)

Release 8.x:

• Cisco Unified

Communications

Manager

• Cisco Unified

Presence

A DNS SRV request against

_cuplogin.<domain>

Use the following installer switches and values:

• AUTHENTICATOR=CUP

• CUP_ADDRESS=

<presence_server_address>

50

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Recommended Connection Methods

Product

Mode

IM Only

(default mode)

Server Versions

Release 9 and later:

Cisco Unified

Communications

Manager IM and

Presence Service

Discovery Method Non-DNS Method

A DNS SRV request against

_cisco-uds .<domain>

Use the following installer switches and values:

• AUTHENTICATOR=CUP

• CUP_ADDRESS=

<presence_server_address>

IM Only

(default mode)

Release 8.x:

Cisco Unified Presence

A DNS SRV request against

_cuplogin .<domain>

Use the following installer switches and values:

• AUTHENTICATOR=CUP

• CUP_ADDRESS=

<presence_server_address>

Phone

Mode

Phone

Mode

Release 9 and later:

Cisco Unified

Communications

Manager

Release 8.x:

Cisco Unified

Communications

Manager

A DNS SRV request against

_cisco-uds.<domain>

Use the following installer switches and values:

• AUTHENTICATOR=CUCM

• TFTP=<CUCM_address>

• CCMCIP=<CUCM_address>

• PRODUCT_MODE=phone_mode

Manual connection settings or bootstrap file

Use the following installer switches and values:

• AUTHENTICATOR=CUCM

• TFTP=<CUCM_address>

• CCMCIP=<CUCM_address>

• PRODUCT_MODE=phone_mode

Cisco Unified Communications Manager release 9.x and earlier—If you enable Cisco Extension Mobility, the

Cisco Extension Mobility service must be activated on the Cisco Unified Communications Manager nodes that are used for CCMCIP. For information about Cisco Extension Mobility, see the Feature and

Services guide for your Cisco Unified Communications Manager release.

Note

Cisco Jabber release 9.6 and later can still discover full Unified Communications and IM-only services using the _cuplogin DNS SRV request but a _cisco-uds request will take precedence if it is present.

Use the SERVICES_DOMAIN installer switch to specify the value of the domain where DNS records reside if you want users to bypass the email screen during the first login of a fresh installation.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

51

Deployment Options

Sources of Authentication

Note

The services domain is read from a cached configuration if you are upgrading from Cisco Jabber for

Windows 9.2.

Table 2: Hybrid Cloud-Based Deployments

Server Versions Connection Method

Cisco WebEx Messenger HTTPS request against http://loginp.webexconnect.com/cas/FederatedSSO?org=<domain>

Table 3: Cloud-Based Deployments

Deployment Type

Enabled for single sign-on (SSO)

Not enabled for SSO

Connection Method

Cisco WebEx Administration Tool

Bootstrap file to set the SSO_ORG_DOMAIN argument.

Cisco WebEx Administration Tool

Sources of Authentication

A source of authentication, or an authenticator, enables users to sign in to the client.

Three possible sources of authentication are as follows:

• Cisco Unified Presence—On-premises deployments in either full UC or IM only.

• Cisco Unified Communications Manager—On-premises deployments in phone mode.

• Cisco WebEx Messenger Service—Cloud-based or hybrid cloud-based deployments.

Initial Launch Sequence

On the initial launch after installation, Cisco Jabber starts in the default product mode. The client then gets an authenticator and signs the user in. After sign in, the client determines the product mode.

The following diagram illustrates the initial launch sequence:

52

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Sources of Authentication

How the Client Gets an Authenticator

Cisco Jabber looks for an authenticator as follows:

1

Client checks cache for manual settings.

Users can manually enter authenticator through the client user interface.

2

Client checks cache to discover if the user's domain is a Webex organisation..

The client chooses Webex as the authenticator.

3

Client makes a Webex cloud service HTTP request to discover if the user's organisation domain is a Webex organisation.

The client chooses Webex as the authenticator.

4

Client checks cache for service discovery.

The client loads settings from previous queries for service (SRV) records.

5

Client queries for SRV records.

The client queries the DNS name server for SRV records to locate services.

If the client finds the _cisco-uds SRV record, it can get the authenticator from the service profile.

6

Client reads from the bootstrap file.

You can optionally set the authenticator during installation.

If the client cannot get an authenticator, it prompts the user to manually select the source of authentication in the client user interface.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

53

Deployment Options

About Service Discovery

About Service Discovery

Service discovery enables clients to automatically detect and locate services on your enterprise network.

Clients query domain name servers to retrieve service (SRV) records that provide the location of servers.

The primary benefits to using service discovery are as follows:

• Speeds time to deployment.

• Allows you to centrally manage server locations.

Important

If you are migrating from Cisco Unified Presence 8.x to Cisco Unified Communications Manager IM and

Presence Service 9.0 or later, you must specify the Cisco Unified Presence server FQDN in the migrated

UC service on Cisco Unified Communications Manager. Open Cisco Unified Communications Manager

Administration interface. Select User Management > User Settings > UC Service.

For UC services with type IM and Presence, when you migrate from Cisco Unified Presence 8.x to Cisco

Unified Communications Manager IM and Presence Service the Host Name/IP Address field is populated with a domain name and you must change this to the Cisco Unified Presence server FQDN.

However, the client can retrieve different SRV records that indicate to the client different servers are present and different services are available. In this way, the client derives specific information about your environment when it retrieves each SRV record.

The following table lists the SRV records that you can deploy and explains the purpose and benefits of each record:

SRV Record Purpose Why You Deploy

_cisco-uds

Provides the location of Cisco

Unified Communications Manager version 9.0 and later.

The client can retrieve service profiles from Cisco Unified

Communications Manager to determine the authenticator.

• Eliminates the need to specify installation arguments.

• Lets you centrally manage configuration in

UC service profiles.

• Enables the client to discover the user's home cluster.

As a result, the client can automatically get the user's device configuration and register the devices. You do not need to provision users with Cisco Unified Communications

Manager IP Phone (CCMCIP) profiles or

Trivial File Transfer Protocol (TFTP) server addresses.

• Supports mixed product modes.

You can easily deploy users with full UC,

IM only, or phone mode capabilities.

• Supports Expressway for Mobile and

Remote Access.

54

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

About Service Discovery

SRV Record

_cuplogin

Purpose

Provides the location of Cisco

Unified Presence.

Sets Cisco Unified Presence as the authenticator.

Why You Deploy

• Supports deployments with Cisco Unified

Communications Manager and Cisco

Unified Presence version 8.x.

• Supports deployments where all clusters have not yet been upgraded to Cisco Unified

Communications Manager 9.

_collab-edge

Provides the location of Cisco VCS

Expressway or Cisco Expressway-E.

The client can retrieve service profiles from Cisco Unified

Communications Manager to determine the authenticator.

• Supports deployments with Expressway for

Mobile and Remote Access.

How the Client Locates Services

The following steps describe how the client locates services with SRV records:

1

The client's host computer or device gets a network connection.

When the client's host computer gets a network connection, it also gets the address of a Domain Name

System (DNS) name server from the DHCP settings.

2

User starts the client.

3

The client gets the address of the DNS name server from the DHCP settings.

4

The client issues an HTTP query to a Central Authentication Service (CAS) URL for the Cisco WebEx

Messenger service.

This query enables the client to determine if the domain is a valid Cisco WebEx domain.

5

The client queries the name server for the following SRV records in order of priority:

• _cisco-uds

• _cuplogin

• _collab-edge

The client caches the results of the DNS query to load on subsequent launches.

The following is an example of an SRV record entry:

_cuplogin._tcp.DOMAIN SRV service location: priority = 0 weight = 0 port = 8443 svr hostname=192.168.0.26

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

55

Deployment Options

About Service Discovery

Client Issues HTTP Query

In addition to querying the name server for SRV records to locate available services, the client sends an HTTP query to the CAS URL for the Cisco WebEx Messenger service. This request enables the client to determine cloud-based deployments and authenticate users to the Cisco WebEx Messenger service.

When the client gets a domain from the user, it appends that domain to the following HTTP query: http://loginp.webexconnect.com/cas/FederatedSSO?org=

For example, if the client gets example.com as the domain from the user, it issues the following query: http://loginp.webexconnect.com/cas/FederatedSSO?org=example.com

That query returns an XML response that the client uses to determine if the domain is a valid Cisco WebEx domain.

If the client determines the domain is a valid Cisco WebEx domain, it prompts users to enter their Cisco

WebEx credentials. The client then authenticates to theCisco WebEx Messenger service and retrieves configuration and UC services configured in Cisco WebEx Org Admin.

If the client determines the domain is not a valid Cisco WebEx domain, it uses the results of the query to the name server to locate available services.

Note

The client will use any configured system proxies when sending the HTTP request to the CAS URL. Proxy support for this request has the following limitations :

• Proxy Authentication is not supported.

• Wildcards in the bypass list are not supported. Use example.com instead of *.example.com

for example.

Cisco UDS SRV Record

In deployments with Cisco Unified Communications Manager version 9 and later, the client can automatically discover services and configuration with the _cisco-uds SRV record.

56

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

The following figure shows how the client uses the _cisco-uds SRV record.

Figure 6: UDS SRV Record Login Flow

About Service Discovery

1

The client queries the domain name server for SRV records.

2

The domain name server returns the _cisco-uds SRV record.

3

The client locates the user's home cluster.

As a result, the client can retrieve the device configuration for the user and automatically register telephony services.

Important

In an environment with multiple Cisco Unified Communications Manager clusters, you can configure the

Intercluster Lookup Service (ILS). ILS enables the client to find the user's home cluster and discover services.

If you do not configure ILS, you must manually configure remote cluster information, similar to the

Extension Mobility Cross Cluster (EMCC) remote cluster setup. For more information on remote cluster configurations, see the Cisco Unified Communications Manager Features and Services Guide.

4

The client retrieves the user's service profile.

The user's service profile contains the addresses and settings for UC services and client configuration.

The client also determines the authenticator from the service profile.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

57

Deployment Options

About Service Discovery

5

The client signs the user in to the authenticator.

The following is an example of the _cisco-uds SRV record:

_cisco-uds._tcp.example.com

priority = 6 weight = 30

SRV service location: port = 8443 svr hostname = cucm3.example.com

_cisco-uds._tcp.example.com

priority = 2

SRV service location: weight port

= 20

= 8443 svr hostname = cucm2.example.com

_cisco-uds._tcp.example.com

priority = 1

SRV service location: weight port

= 5

= 8443 svr hostname = cucm1.example.com

Related Topics

Remote Cluster Configuration on Cisco Unified Communications Manager 10.0

CUP Login SRV Record

Cisco Jabber can automatically discover and connect to Cisco Unified Presence or Cisco Unified

Communications Manager IM and Presence Service with the _cuplogin SRV record.

The following figure shows how the client uses the _cuplogin SRV record.

Figure 7: CUP SRV Record Login Flow

1

The client queries the domain name server for SRV records.

2

The name server returns the _cuplogin SRV record.

58

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Manual Connection Settings

As a result, Cisco Jabber can locate the presence server and determine that Cisco Unified Presence is the authenticator.

3

The client prompts the user for credentials and authenticates to the presence server.

4

The client retrieves service profiles from the presence server.

Tip

The _cuplogin SRV record also sets the default server address on the Advanced Settings window.

The following is an example of the _cuplogin SRV record:

_cuplogin._tcp.example.com

priority weight

= 8

= 50

SRV service location: port = 8443 svr hostname = cup3.example.com

SRV service location: _cuplogin._tcp.example.com

priority = 5 weight = 100 port = 8443 svr hostname = cup1.example.com

_cuplogin._tcp.example.com

priority = 7

SRV service location: weight port

= 4

= 8443 svr hostname = cup2.example.com

Manual Connection Settings

Manual connection settings provide a fallback mechanism when Service Discovery is not used.

When you start Cisco Jabber, you can specify the authenticator and server address in the Advanced settings window. The client caches the server address to the local application configuration that loads on subsequent starts.

Cisco Jabber prompts users to enter these advanced settings on the initial start as follows:

• On-Premises with Cisco Unified Communications Manager release 9.x and Later — If the client cannot get the authenticator and server addresses from the service profile.

• Cloud-Based or On-Premises with Cisco Unified Communications Manager release 8.x — If you do not set the authenticator in the bootstrap file. The client also prompts users to enter server addresses in the Advanced settings window if you do not set server addresses in the bootstrap file or with SRV records.

Settings that you enter in the Advanced settings window take priority over any other sources including SRV records and bootstrap settings.

If you select either Cisco IM & Presence or Cisco Communications Manager 8.x options, the client retrieves

UC services from Cisco Unified Presence or Cisco Unified Communications Manager IM and Presence

Service. The client does not use service profiles or SSO discovery.

Manual Connection Settings for On-Premises Deployments

Users can set Cisco Unified Presence or Cisco Unified Communications Manager IM and Presence Service as the authenticator and specify the server address in the Advanced settings window.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

59

Deployment Options

Manual Connection Settings

Remember

You can automatically set the default server address with the _cuplogin SRV record.

The following diagram illustrates how the client uses manual connection settings in on-premises deployments:

1

Users manually enter connection settings in the Advanced settings window.

2

The client authenticates to Cisco Unified Presence or Cisco Unified Communications Manager IM and

Presence Service.

3

The client retrieves service profiles from the presence server.

Manual Connection Settings for On-Premises Deployments in Phone Mode

Users can set Cisco Unified Communications Manager as the authenticator and specify the following server addresses in the Advanced settings window:

• TFTP server

• CTI server

• CCMCIP server

The following diagram illustrates how the client uses manual connection settings in phone mode deployments:

60

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Manual Connection Settings

1

Users manually enter connection settings in the Advanced settings window.

2

The client authenticates to Cisco Unified Communications Manager and gets configuration.

3

The client retrieves device and client configuration.

Manual Connection Settings for Cloud-Based Deployments

Users can set the Cisco WebEx Messenger service as the authenticator and specify the CAS URL for login in the Advanced settings window.

The following diagram illustrates how the client uses manual connection settings in cloud-based deployments:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

61

Deployment Options

Installer Switches: Cisco Jabber for Windows

1

Users manually enter connection settings in the Advanced settings window.

2

The client authenticates to the Cisco WebEx Messenger service.

3

The client retrieves configuration and services.

Automatic Connection Setting for Service Discovery

Users can select the Automatic option in the Advanced settings window to discover servers automatically.

This option lets users change from manually setting the service connection details to using service discovery.

For example, on the initial launch, you manually set the authenticator and specify a server address in the

Advanced settings window.

The client always checks the cache for manual settings. The manual settings also take higher priority over

SRV records, and for Cisco Jabber for Windows, the bootstrap file. For this reason, if you decide to deploy

SRV records and use service discovery, you must override the manual settings from the initial launch.

Installer Switches: Cisco Jabber for Windows

When you install Cisco Jabber, you can specify the authenticator and server addresses. The installer saves these details to a bootstrap file. When users launch the client for the first time, it reads the bootstrap file. The bootstrap file is ignored if service discovery is deployed.

Bootstrap files provide a fallback mechanism for service discovery in situations where service discovery has not been deployed and where you do not want users to manually specify their connection settings.

The client only reads the bootstrap file on the initial launch. After the initial launch, the client caches the server addresses and configuration, and then loads from the cache on subsequent launches.

We recommend that you do not use a bootstrap file, and instead use service discovery, in on-premises deployments with Cisco Unified Communications Manager release 9.x and later.

Bootstrap Settings for On-Premises Deployments

The following table lists the argument values for various deployment types.

Product Mode Server Releases Argument Values

Full UC (Default

Mode)

Release 9 and later:

• Cisco Unified Communications

Manager

• Cisco Unified Communications

Manager IM and Presence Service

Use the following installer switches and values:

• AUTHENTICATOR=CUP

• CUP_ADDRESS=

<presence_server_address>

62

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Installer Switches: Cisco Jabber for Windows

Product Mode

Full UC (Default

Mode)

Server Releases

Release 8.x:

• Cisco Unified Communications

Manager

• Cisco Unified Presence

Argument Values

Use the following installer switches and values:

• AUTHENTICATOR=CUP

• CUP_ADDRESS=

<presence_server_address>

IM Only (Default

Mode)

Release 9 and later:

Cisco Unified Communications

Manager IM and Presence Service

Use the following installer switches and values:

• AUTHENTICATOR=CUP

• CUP_ADDRESS=

<presence_server_address>

IM Only (Default

Mode)

Release 8.x:

Cisco Unified Presence

Use the following installer switches and values:

• AUTHENTICATOR=CUP

• CUP_ADDRESS=

<presence_server_address>

The following diagram illustrates how the client uses bootstrap settings in on-premises deployments:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

63

Installer Switches: Cisco Jabber for Windows

Deployment Options

When users start the client for the first time, the following occurs:

1

The client retrieves settings from the bootstrap file.

The client starts in default mode and determines that Cisco Unified Presence or Cisco Unified

Communications Manager IM and Presence Service is the authenticator. The client also gets the address of the presence server, unless Service Discovery results dictate otherwise.

2

The client authenticates to Cisco Unified Presence or Cisco Unified Communications Manager IM and

Presence Service .

3

The client retrieves service profiles from the presence server.

Bootstrap Settings for On-Premises Deployments in Phone Mode

During installation, you set values for arguments as follows:

• Set CUCM as the value for AUTHENTICATOR.

• Set phone_mode as the value for PRODUCT_MODE.

• Set the TFTP server address as the value for TFTP.

• Set the CTI server address as the value for CTI.

• Set the CCMCIP server address as the value for CCMCIP.

Cisco Unified Communications Manager release 9.x and earlier—If you enable Cisco Extension Mobility, the

Cisco Extension Mobility service must be activated on the Cisco Unified Communications Manager

64

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Installer Switches: Cisco Jabber for Windows

nodes that are used for CCMCIP. For information about Cisco Extension Mobility, see the Feature and

Services guide for your Cisco Unified Communications Manager release.

The following diagram illustrates how the client uses bootstrap settings in phone mode deployments:

When users start the client for the first time, the following occurs:

1

The client retrieves settings from the bootstrap file.

The client starts in phone mode and determines that Cisco Unified Communications Manager is the authenticator. The client also gets the addresses for the TFTP and CTI servers, unless Service Discovery results dictate otherwise.

2

The client authenticates to Cisco Unified Communications Manager and gets configuration.

3

The client retrieves device and client configuration.

Bootstrap Settings for Cloud-Based Deployments

During installation, you set values for arguments as follows:

• Set WEBEX as the value for AUTHENTICATOR.

The following diagram illustrates how the client uses bootstrap settings in cloud-based deployments:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

65

Deployment Options

Cloud-Based SSO

When users start the client for the first time, the following occurs:

1

The client retrieves settings from the bootstrap file.

The client starts in default mode and determines that the Cisco WebEx Messenger service is the authenticator, unless Service Discovery results dictate otherwise.

2

The client authenticates to the Cisco WebEx Messenger service.

3

The client retrieves configuration and services.

Cloud-Based SSO

In cloud-based deployments, Cisco Jabber supports SSO with the Cisco WebEx Messenger service.

The following steps describe the login flow for cloud-based SSO after users start Cisco Jabber:

1

Cisco Jabber sends a login request to the Cisco WebEx Messenger service.

2

The Cisco WebEx Messenger service redirects Cisco Jabber to the domain where your identity provider resides.

3

Cisco Jabber follows the redirect and requests a login token from the identity provider.

4

The identity provider gives a login token to Cisco Jabber.

5

Cisco Jabber passes that login token to the Cisco WebEx Messenger service.

As a result, Cisco Jabber authenticates with the Cisco WebEx Messenger service.

66

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

The following diagram illustrates the login flow for cloud-based SSO:

Figure 8: Cloud-Based SSO Login Flow

Enable Cloud-Based SSO

Note

The identity provider must be Security Assertion Markup Language (SAML) compliant. Cisco Jabber has been tested with, and supports, the following products as identity providers:

• PingFederate

• Microsoft Active Directory Federation Services (ADFS)

• CA SiteMinder

• Oracle Access Manager

Related Topics

WebEx Single Sign-On Documentation

Command Line Arguments, on page 87

Enable Cloud-Based SSO

The client detects Cisco WebEx as the authentication source using one of the supported deployment methods: service discovery, installer switches, or manual configuration.

For Cisco Jabber for Windows, you must specify the SSO_ORG_DOMAIN argument during installation to enable Cisco Jabber for Windows for SSO in cloud-based deployments.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

67

Deployment Options

Expressway for Mobile and Remote Access Deployments

Related Topics

Command Line Arguments, on page 87

Expressway for Mobile and Remote Access Deployments

Expressway for Mobile and Remote Access for Cisco Unified Communications Manager allows users to access their collaboration tools from outside the corporate firewall without a VPN client. Using Cisco collaboration gateways, the client can connect securely to your corporate network from remote locations such as public Wi-Fi networks or mobile data networks.

You must do the following to set up the Expressway for Mobile and Remote Access feature:

1

Set up servers to support Expressway for Mobile and Remote Access using Cisco Expressway-E and Cisco

Expressway-C.*

a

See the following documents to set up the Cisco Expressway servers:

Cisco Expressway Basic Configuration Deployment Guide

Mobile and Remote Access via Cisco Expressway Deployment Guide

* If you currently deploy a Cisco TelePresence Video Communications Server (VCS) environment, you can set up Expressway for Mobile and Remote Access. For more information, see Cisco VCS Basic

Configuration (Control with Expressway) Deployment Guide and Mobile and Remote Access via Cisco

VCS Deployment Guide.

b

Add any relevant servers to the whitelist for your Cisco Expressway-C server to ensure that the client can access services that are located inside the corporate network.

To add a server to the Cisco Expressway-C whitelist, use the HTTP server allow setting.

This list can include the servers on which you host voicemail or contact photos.

2

Configure an external DNS server that contains the

_collab-edge

DNS SRV record to allow the client to locate the Expressway for Mobile and Remote Access server.

3

If you deploy a hybrid cloud-based architecture where the domain of the IM and presence server differs from the domain of the voice server, ensure that you configure the Voice Services Domain.

The Voice Services Domain allows the client to locate the DNS server that contains the

_collab-edge record.

Important

In most cases, users can sign in to the client for the first time using Expressway for Mobile and Remote

Access to connect to services from outside the corporate firewall. In the following cases, however, users must perform initial sign in while on the corporate network:

• If the voice services domain is different from the services domain. In this case, users must be inside the corporate network to get the correct voice services domain from the jabber-config.xml file.

• If the client needs to complete the CAPF enrollment process, which is required when using a secure or mixed mode cluster.

68

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Supported Services

The following diagram illustrates the architecture of an Expressway for Mobile and Remote Access environment.

Figure 9: How the Client Connects to the Expressway for Mobile and Remote Access

Related Topics

Cisco Expressway Configuration Guides

Cisco VCS Configuration Guides

Supported Services

The following table summarizes the services and functionality that are supported when the client uses

Expressway for Mobile and Remote Access to remotely connect to Cisco Unified Communications Manager.

Table 4: Summary of supported services for Expressway for Mobile and Remote Access

Supported Unsupported Service

Directory

UDS directory search

LDAP directory search

Directory photo resolution

X

X

X

* Using HTTP white list on Cisco

Expressway-C

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

69

Deployment Options

Supported Services

Service

Intradomain federation

Supported

X

* Contact search support depends of the format of your contact

IDs. For more information, see the note below.

Unsupported

X Interdomain federation

Instant Messaging and Presence

On-premises

Cloud

Chat

Group chat

X

X

X

X

High Availability: On-premises deployments X

File transfer: On-premises deployments

File transfer: Cloud deployments

Video desktop share - BFCP

X

Desktop clients, some file transfer features are supported for mobile clients.

X (Cisco Jabber for mobile clients only support BFCP receive.)

X

Audio and Video

Audio and video calls X

* Cisco Unified

Communications

Manager 9.1(2) and later

Deskphone control mode (CTI)

Extend and connect

Session persistency

X

X

X

70

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Service

Early media

Self Care Portal access

Voicemail

Visual voicemail

Cisco WebEx Meetings

On-premises

Cloud

Cisco WebEx desktop share

Installation

Installer update

Customization

Custom HTML tabs

Security

End-to-end encryption

CAPF enrollment

Troubleshooting

Problem report generation

Problem report upload

High Availability (failover)

Audio and Video services

Supported Services

Supported

X

* Using HTTP white list on Cisco

Expressway-C

X

X

X

* Using HTTP white list on Cisco

Expressway-C

X

* Using HTTP white list on Cisco

Expressway-C

(Desktop clients only)

X

X

X

X

X

X

Unsupported

X

X

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

71

Deployment Options

Supported Services

Service

Voicemail services

IM and Presence services

Supported

X

Unsupported

X

Directory

When the client connects to services using Expressway for Mobile and Remote Access, it supports directory integration with the following limitations.

• LDAP contact resolution —The client cannot use LDAP for contact resolution when outside of the corporate firewall. Instead, the client must use UDS for contact resolution.

When users are inside the corporate firewall, the client can use either UDS or LDAP for contact resolution.

If you deploy LDAP within the corporate firewall, Cisco recommends that you synchronize your LDAP directory server with Cisco Unified Communications Manager to allow the client to connect with UDS when users are outside the corporate firewall.

• Directory photo resolution — To ensure that the client can download contact photos, you must add the server on which you host contact photos to the white list of your Cisco Expressway-C server. To add a server to Cisco Expressway-C white list, use the HTTP server allow setting. For more information, see the relevant Cisco Expressway documentation.

• Intradomain federation — When you deploy intradomain federation and the client connects with

Expressway for Mobile and Remote Access from outside the firewall, contact search is supported only when the contact ID uses one of the following formats:

[email protected]

• UserPrincipleName (UPN)@domain

[email protected]

[email protected]

[email protected]

Instant Messaging and Presence

When the client connects to services using Expressway for Mobile and Remote Access, it supports instant messaging and presence with the following limitations.

File transfer — The client does not support file transfer including screen capture with Cisco Unified

Communications Manager IM and Presence Service deployments. File Transfer is supported only with Cisco

WebEx cloud deployments with desktop clients. Managed File Transfer is supported with Cisco Unified

Communication IM and Presence when Cisco Jabber is connected to Cisco Unified services using Expressway.

Peer-to-Peer files transfer is not supported.

Audio and Video Calling

When the client connects to services using Expressway for Mobile and Remote Access, it supports voice and video calling with the following limitations.

72

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Supported Services

• Cisco Unified Communications Manager — Expressway for Mobile and Remote Access supports video and voice calling with Cisco Unified Communications Manager Version 9.1.2 and later. Expressway for Mobile and Remote Access is not supported with Cisco Unified Communications Manager Version

8.x.

• Deskphone control mode (CTI) — The client does not support deskphone control mode (CTI), including extension mobility.

• Extend and connect — The client cannot be used to:

• Make and receive calls on a Cisco IP Phone in the office.

• Perform mid-call control such as hold and resume on a home phone, hotel phone, or Cisco IP Phone in the office.

• Session Persistency — The client cannot recover from audio and video calls drop when a network transition occurs. For example, if a users start a Cisco Jabber call inside their office and then they walk outside their building and lose Wi-Fi connectivity, the call drops as the client switches to use Expressway for Mobile and Remote Access.

• Early Media — Early Media allows the client to exchange data between endpoints before a connection is established. For example, if a user makes a call to a party that is not part of the same organization, and the other party declines or does not answer the call, Early Media ensures that the user hears the busy tone or is sent to voicemail.

When using Expressway for Mobile and Remote Access, the user does not hear a busy tone if the other party declines or does not answer the call. Instead, the user hears approximately one minute of silence before the call is terminated.

• Self care portal access — Users cannot access the Cisco Unified Communications Manager Self Care

Portal when outside the firewall. The Cisco Unified Communications Manager user page cannot be accessed externally.

Cisco Expressway-E proxies all communications between the client and unified communications services inside the firewall. However, the Cisco Expressway-E does not proxy services that are accessed from a browser that is not part of the Cisco Jabber application.

Voicemail

Voicemail service is supported when the client connects to services using Expressway for Mobile and Remote

Access.

Note

To ensure that the client can access voicemail services, you must add the voicemail server to the white list of your Cisco Expressway-C server. To add a server to Cisco Expressway-C white list, use the HTTP

server allow setting. For more information, see the relevant Cisco Expressway documentation.

Cisco WebEx Meetings

When the client connects to services using Expressway for Mobile and Remote Access, it supports only cloud-based conferencing using Cisco WebEx Meetings Center.

The client cannot access the Cisco WebEx Meetings Server or join or start on-premises Cisco WebEx meetings.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

73

Deployment Options

Supported Services

Installation

When the client connects to services using Expressway for Mobile and Remote Access, it supports installer updates.

Note

To ensure that the client can download installer updates, you must add the server that hosts the installer updates to the white list of your Cisco Expressway-C server. To add a server to the Cisco Expressway-C white list, use the HTTP server allow setting. For more information, see the relevant Cisco Expressway documentation.

Customization

When the client connects to services using Expressway for Mobile and Remote Access, it supports custom

HTML tab configuration for desktop clients.

Note

To ensure that the client can download the custom HTML tab configuration, you must add the server that hosts the custom HTML tab configuration to the white list of your Cisco Expressway-C server. To add a server to the Cisco Expressway-C whitelist, use the HTTP server allow setting. For more information, see the relevant Cisco Expressway documentation.

Security

When the client connects to services using Expressway for Mobile and Remote Access, it supports most security features with the following limitations.

• Initial CAPF enrollment — Certificate Authority Proxy Function (CAPF) enrollment is a security service that runs on the Cisco Unified Communications Manager Publisher that issues certificates to Cisco

Jabber (or other clients). To successfully enrol for CAPF, the client must connect from inside the firewall or using VPN.

• End-to-end encryption — When users connect through Expressway for Mobile and Remote Access and participate in a call:

• Media is encrypted on the call path between the Cisco Expressway-C and devices that are registered to the Cisco Unified Communications Manager using Expressway for Mobile and Remote Access.

• Media is not encrypted on the call path between the Cisco Expressway-C and devices that are registered locally to Cisco Unified Communications Manager, if either Cisco Jabber or an internal device is not configured with Encrypted security mode.

• Media is encrypted on the call path between the Expressway-C and devices that are registered locally to Cisco Unified Communnication Manager, if both Cisco Jabber and internal device are configured with Encypted security mode.

Troubleshooting

Problem report upload — When the desktop client connects to services using Expressway for Mobile and

Remote Access, it cannot send problem reports because the client uploads problem reports over HTTPS to a specified internal server.

74

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Deployment in a Virtual Environment

To work around this issue, users can save the report locally and send the report in another manner.

High Availability (failover)

High Availability means that if the client fails to connect to the primary server, it fails over to a secondary server with little or no interruption to the service. In relation to high availability being supported on the

Expressway for Mobile and Remote Access, high availability refers to the server for the specific service failing over to a secondary server (such as Instant Messaging and Presence), and not the Cisco Expressway-E server itself failing over.

Some services are available on the Expressway for Mobile and Remote Access that are not supported for high availability. This means that if users are connected to the client from outside the corporate network and the instant messaging and presence server fails over, the services will continue to work as normal. However, if the audio and video server or voicemail server fails over, those services will not work as the relevant servers do not support high availability.

Deployment in a Virtual Environment

You can deploy Cisco Jabber for Windows in virtual environments using the following software:

• Citrix XenDesktop 7.5

• Citrix XenDesktop 7.1

• Citrix XenDesktop 7.0

• Citrix XenDesktop 5.6

• Citrix XenApp 7.5 Enterprise Edition for Windows Server 2008 R2 Standard Service Pack 1 64 bit, published desktop

• Citrix XenApp 6.5 Feature Pack 2 Enterprise Edition for Windows Server 2008 Service Pack 2 64 bit, published desktop

• Citrix XenApp 6.5 Feature Pack 1 Enterprise Edition for Windows Server 2008 R2 Standard Service

Pack 1 64 bit, published desktop

• Citrix XenApp 6.5 Enterprise Edition for Windows Server 2008 R2 Standard Service Pack 1 64 bit, published desktop

• VMware Horizon View 6.0

• VMware Horizon View 5.3

• VMware Horizon View 5.2

Supported Features

• Instant messaging and presence with other Cisco Jabber clients

• Desk phone control

• Voicemail

• Presence integration with Microsoft Outlook 2007, 2010 and 2013

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

75

Deployment Options

Deployment in a Virtual Environment

Softphones in Virtual Environments

Use Cisco Virtualization Experience Media Engine (VXME) for softphone calls in a virtual environment.

Roaming Profiles

The client stores user data such as user call history and configuration store cache on the local machine for use when the user next signs in. In virtual environments, users do not always access the same virtual desktop. To guarantee a consistent user experience, these files need to be accessible every time the client is launched.

To preserve the user's personal settings in a virtual environment when roaming between hosted virtual desktops, use dedicated profile management solutions from Citrix and VMware.

Citrix Profile Management is a profile solution for Citrix environments. In deployments with random hosted virtual desktop assignments, Citrix Profile Management synchronizes each user's entire profile between the system it is installed on and the user store.

VMware View Persona Management preserves user profiles and dynamically synchronizes them with a remote profile repository. VMware View Persona Management does not require the configuration of Windows roaming profiles and can bypass Windows Active Directory in the management of View user profiles. Persona

Management enhances the functionality of existing roaming profiles.

You can specify which files and folders to omit from synchronization by adding them to an exclusion list. To include a subfolder within an excluded folder, add the subfolder to an inclusion list.

To preserve the user's personal settings, do not exclude the following directories:

AppData\Local\Cisco

AppData\Local\JabberWerxCPP

AppData\Roaming\Cisco

AppData\Roaming\JabberWerxCPP

Client Information Storage

The client stores user information in the following locations:

C:\Users\username\AppData\Local\Cisco\Unified Communications\Jabber\CSF

Folder Name Description

Contacts

History

Photo cache

Contact cache files

Call history and chat history

Caches the directory photos locally

C:\Users\username\AppData\Roaming\Cisco\Unified Communications\Jabber\CSF

Folder Name Description

Config

Credentials

Maintains users' Jabber configuration files and stores configuration store cache

Stores encrypted user name and password file

76

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Deployment Options

Related Topics

Calendar Integration, on page 11

Deployment in a Virtual Environment

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

77

Deployment in a Virtual Environment

Deployment Options

78

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

C H A P T E R

6

Install Cisco Jabber

Review the options for installation and learn about different methods for installing Cisco Jabber. Understand the requirements for successful deployments before you start the installation procedure.

Methods of Installation, page 79

Use the Command Line, page 80

Run the MSI Manually, page 81

Create a Custom Installer, page 82

Deploy with Group Policy, page 84

Command Line Arguments, page 87

Installer Properties, page 97

Supported Languages, page 98

Cisco Media Services Interface, page 99

Uninstall Cisco Jabber for Windows, page 100

Methods of Installation

Cisco Jabber for Windows provides an MSI installation package. You must be logged in as an administrator to complete installation. You can use this installation package in the following ways:

Use the Command Line

Specify arguments in a command line window to set installation properties.

Choose this option if you plan to install multiple instances.

Run the MSI Manually

Run the MSI manually on the file system of the client workstation and then specify connection properties when you start the client.

Choose this option if you plan to install a single instance for testing or evaluation purposes.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

79

Install Cisco Jabber

Use the Command Line

Create a Custom Installer

Open the default installation package, specify the required installation properties, and then save a custom installation package.

Choose this option if you plan to distribute an installation package with the same installation properties.

Deploy with Group Policy

Install the client on multiple computers in the same domain.

Use the Command Line

Specify installation arguments in a command line window.

Procedure

Step 1

Open a command line window.

Step 2

Enter the following command: msiexec.exe /i CiscoJabberSetup.msi

Step 3

Specify command line arguments as parameter=value pairs.

msiexec.exe /i CiscoJabberSetup.msi argument=value

Step 4

Run the command to install Cisco Jabber for Windows.

Example Installation Commands

Review examples of commands to install Cisco Jabber for Windows.

Cisco Unified Communications Manager, Release 9.x

msiexec.exe /i CiscoJabberSetup.msi /quiet CLEAR=1

Where:

CLEAR=1 — Deletes any existing bootstrap file.

/quiet

— Specifies a silent installation.

Cisco Unified Communications Manager, Release 8.x in Default Mode

msiexec.exe /i CiscoJabberSetup.msi /quiet CLEAR=1 AUTHENTICATOR=CUP CUP_ADDRESS=1.2.3.4

Where:

CLEAR=1 — Deletes any existing bootstrap file.

AUTHENTICATOR=CUP — Sets Cisco Unified Presence as the authenticator.

CUP_ADDRESS=1.2.3.4 — Sets 1.2.3.4 as the IP address of the presence server.

/quiet

— Specifies a silent installation.

80

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

Run the MSI Manually

Cisco Unified Communications Manager, Release 8.x in Phone Mode

If you are integrating with UDS when you are installing in phone mode, you must first define the

<PresenceDomain>Domain address of your Presence server</PresenceDomain> parameter.

msiexec.exe /i CiscoJabberSetup.msi /quiet CLEAR=1 PRODUCT_MODE=Phone_Mode AUTHENTICATOR=CUCM

TFTP=1.2.3.4 CTI=5.6.7.8

Where:

CLEAR=1 — Deletes any existing bootstrap file.

PRODUCT_MODE=Phone_Mode — Sets the client to phone mode.

AUTHENTICATOR=CUCM — Sets Cisco Unified Communications Manager as the authenticator.

TFTP=1.2.3.4 — Sets 1.2.3.4 as the IP address of the TFTP server that hosts the client configuration.

CTI=5.6.7.8 — Sets 5.6.7.8 as the IP address of the CTI server.

/quiet

— Specifies a silent installation.

Cisco WebEx Messenger Service

msiexec.exe /i CiscoJabberSetup.msi /quiet CLEAR=1 AUTHENTICATOR=WEBEX

Where:

CLEAR=1 — Deletes any existing bootstrap file.

AUTHENTICATOR=WEBEX — Sets the Cisco WebEx Messenger service as the authenticator.

/quiet

— Specifies a silent installation.

Cisco WebEx Messenger Service with SSO

msiexec.exe /i CiscoJabberSetup.msi /quiet CLEAR=1 AUTHENTICATOR=WEBEX

SSO_ORG_DOMAIN=example.com

Where:

CLEAR=1 — Deletes any existing bootstrap file.

AUTHENTICATOR=WEBEX — Sets the Cisco WebEx Messenger service as the authenticator.

SSO_ORG_DOMAIN=example.com — Sets example.com as the single sign-on (SSO) domain.

/quiet

— Specifies a silent installation.

Run the MSI Manually

You can run the installation program manually to install a single instance of the client and specify connection settings in the Advanced settings window.

Procedure

Step 1

Launch CiscoJabberSetup.msi.

The installation program opens a window to guide you through the installation process.

Step 2

Follow the steps to complete the installation process.

Step 3

Start Cisco Jabber for Windows.

Step 4

Select Manual setup and sign in.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

81

Install Cisco Jabber

Create a Custom Installer

The Advanced settings window opens.

Step 5

Specify values for the connection settings properties.

Step 6

Select Save.

Create a Custom Installer

You can transform the default installation package to create a custom installer.

Note

You use Microsoft Orca to create custom installers. Microsoft Orca is available as part of the Microsoft

Windows SDK for Windows 7 and .NET Framework 4.

Download and install Microsoft Windows SDK for Windows 7 and .NET Framework 4 from the Microsoft website.

Related Topics

Microsoft Windows SDK for Windows 7 and .NET Framework 4

Get the Default Transform File

You must have the default transform file to modify the installation package with Microsoft Orca.

Procedure

Step 1

Download the Cisco Jabber administration package from cisco.com.

Step 2

Copy CiscoJabberProperties.msi from the Cisco Jabber administration package to your file system.

Related Topics

Software Downloads

Create Custom Transform Files

To create a custom installer, you use a transform file. Transform files contain installation properties that you apply to the installer.

The default transform file lets you specify values for properties when you transform the installer. You should use the default transform file if you are creating one custom installer.

You can optionally create custom transform files. You specify values for properties in a custom transform file and then apply it to the installer.

82

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

Transform the Installer

Create custom transform files if you require more than one custom installer with different property values.

For example, create one transform file that sets the default language to French and another transform file that sets the default language to Spanish. You can then apply each transform file to the installation package separately. The result is that you create two installers, one for each language.

Procedure

Step 1

Start Microsoft Orca.

Step 2

Open CiscoJabberSetup.msi and then apply CiscoJabberProperties.msi.

Step 3

Specify values for the appropriate installer properties.

Step 4

Generate and save the transform file.

a) Select Transform > Generate Transform.

b) Select a location on your file system to save the transform file.

c) Specify a name for the transform file and select Save.

The transform file you created is saved as file_name.mst. You can apply this transform file to modify the properties of CiscoJabberSetup.msi.

Transform the Installer

Apply a transform file to customize the installer.

Note

Applying transform files will alter the digital signature of CiscoJabberSetup.msi. Attempts to modify or rename CiscoJabberSetup.msi will remove the signature entirely.

Procedure

Step 1

Start Microsoft Orca.

Step 2

Open CiscoJabberSetup.msi in Microsoft Orca.

a) Select File > Open.

b) Browse to the location of CiscoJabberSetup.msi on your file system.

c) Select CiscoJabberSetup.msi and then select Open.

The installation package opens in Microsoft Orca. The list of tables for the installer opens in the Tables pane.

Step 3

Remove all language codes except for 1033 (English).

Restriction

You must remove all language codes from the custom installer except for 1033 (English).

Microsoft Orca does not retain any language files in custom installers except for the default, which is 1033. If you do not remove all language codes from the custom installer, you cannot run the installer on any operating system where the language is other than English.

a) Select View > Summary Information.

The Edit Summary Information window displays.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

83

Install Cisco Jabber

Deploy with Group Policy

b) Locate the Languages field.

c) Delete all language codes except for 1033.

d) Select OK.

English is set as the language for your custom installer.

Step 4

Apply a transform file.

a) Select Transform > Apply Transform.

b) Browse to the location of the transform file on your file system.

c) Select the transform file and then select Open.

Step 5

Select Property from the list of tables in the Tables pane.

The list of properties for CiscoJabberSetup.msi opens in the right panel of the application window.

Step 6

Specify values for the properties you require.

Tip

Set the value of the CLEAR property to 1 to override any existing bootstrap file from previous installations. If you do not override existing bootstrap files, the values you set in the custom installer do not take effect.

Step 7

Drop any properties that you do not require.

It is essential to drop any properties that are not being set, otherwise the properties being set will not take effect. Drop each property that is not needed one at a time.

a) Right-click the property you want to drop.

b) Select Drop Row.

c) Select OK when Microsoft Orca prompts you to continue.

Step 8

Enable your custom installer to save embedded streams.

a) Select Tools > Options.

b) Select the Database tab.

c) Select Copy embedded streams during 'Save As'.

d) Select Apply and then OK.

Step 9

Save your custom installer.

a) Select File > Save Transformed As.

b) Select a location on your file system to save the installer.

c) Specify a name for the installer and then select Save.

Related Topics

Installer Properties, on page 97

Deploy with Group Policy

Install Cisco Jabber for Windows with Group Policy using the Microsoft Group Policy Management Console

(GPMC) on Microsoft Windows Server.

84

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

Set a Language Code

Note

To install Cisco Jabber for Windows with Group Policy, all computers or users to which you plan to deploy

Cisco Jabber for Windows must be in the same domain.

Set a Language Code

Altering the installation language is not necessary in Group Policy deployment scenarios where the exact MSI file provided by Cisco will be used. The installation language will be determined from the Windows User

Locale (Format) in these situations. You must use this procedure and set the Language field to 1033 only if the MSI is to be modified by Orca in any way.

Procedure

Step 1

Start Microsoft Orca.

Microsoft Orca is available as part of the Microsoft Windows SDK for Windows 7 and ,NET Framework 4 that you can download from the Microsoft website.

Step 2

Open CiscoJabberSetup.msi.

a) Select File > Open.

b) Browse to the location of CiscoJabberSetup.msi on your file system.

c) Select CiscoJabberSetup.msi and then select Open.

Step 3

Select View > Summary Information.

Step 4

Locate the Languages field.

Step 5

Set the Languages field to 1033.

Step 6

Select OK.

Step 7

Enable your custom installer to save embedded streams.

a) Select Tools > Options.

b) Select the Database tab.

c) Select Copy embedded streams during 'Save As'.

d) Select Apply and then OK.

Step 8

Save your custom installer.

a) Select File > Save Transformed As.

b) Select a location on your file system to save the installer.

c) Specify a name for the installer and then select Save.

Related Topics

Supported Languages, on page 98

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

85

Install Cisco Jabber

Deploy the Client with Group Policy

Deploy the Client with Group Policy

Complete the steps in this task to deploy Cisco Jabber for Windows with Group Policy.

Procedure

Step 1

Copy the installation package to a software distribution point for deployment.

All computers or users to which you plan to deploy Cisco Jabber for Windows must be able to access the installation package on the distribution point.

Step 2

Select Start > Run and then enter the following command:

GPMC.msc

The Group Policy Management console opens.

Step 3

Create a new group policy object.

a) Right-click on the appropriate domain in the left pane.

b) Select Create a GPO in this Domain, and Link it here.

The New GPO window opens.

c) Enter a name for the group policy object in the Name field.

d) Leave the default value or select an appropriate option from the Source Starter GPO drop-down list and then select OK.

The new group policy displays in the list of group policies for the domain.

Step 4

Set the scope of your deployment.

a) Select the group policy object under the domain in the left pane.

The group policy object displays in the right pane.

b) Select Add in the Security Filtering section of the Scope tab.

The Select User, Computer, or Group window opens.

c) Specify the computers and users to which you want to deploy Cisco Jabber for Windows.

Step 5

Specify the installation package.

a) Right-click the group policy object in the left pane and then select Edit.

The Group Policy Management Editor opens.

b) Select Computer Configuration and then select Policies > Software Settings.

c) Right-click Software Installation and then select New > Package.

d) Enter the location of the installation package next to File Name; for example,

\\server\software_distribution

.

Important

You must enter a Uniform Naming Convention (UNC) path as the location of the installation package. If you do not enter a UNC path, Group Policy cannot deploy Cisco Jabber for

Windows.

e) Select the installation package and then select Open.

f) In the Deploy Software dialog box, select Assigned and then OK.

Group Policy installs Cisco Jabber for Windows on each computer the next time each computer starts.

86

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

Command Line Arguments

Command Line Arguments

Review the command line arguments you can specify when you install Cisco Jabber for Windows.

Override Argument

The following table describes the parameter you must specify to override any existing bootstrap files from previous installations:

Argument

CLEAR

Value

1

Description

Specifies if the client overrides any existing bootstrap file from previous installations.

The client saves the arguments and values you set during installation to a bootstrap file. The client then loads settings from the bootstrap file at startup.

If you specify CLEAR, the following occurs during installation:

1

The client deletes any existing bootstrap file.

2

The client creates a new bootstrap file.

If you do not specify CLEAR, the client checks for existing bootstrap files during installation.

• If no bootstrap file exists, the client creates a bootstrap file during installation.

• If a bootstrap file exists, the client does not override that bootstrap file and preserves the existing settings.

Note

If you are reinstalling Cisco Jabber for Windows, you should consider the following:

• The client does not preserve settings from existing bootstrap files. If you specify CLEAR, you must also specify all other installation arguments as appropriate.

• The client does not save your installation arguments to an existing bootstrap file. If you want to change the values for installation arguments, or specify additional installation arguments, you must specify CLEAR to override the existing settings.

To override existing bootstrap files, specify CLEAR in the command line as follows: msiexec.exe /i CiscoJabberSetup.msi CLEAR=1

Mode Type Argument

The following table describes the command line argument with which you specify the product mode:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

87

Install Cisco Jabber

Mode Type Argument

Argument

PRODUCT_MODE

Value

Phone_Mode

Description

Specifies the product mode for the client. You can set the following value:

• Phone_Mode — Cisco Unified Communications

Manager is the authenticator.

Choose this value to provision users with audio devices as base functionality.

When to Set the Product Mode

In phone mode deployments Cisco Unified Communications Manager is the authenticator. When the client gets the authenticator, it determines the product mode is phone mode. However, because the client always starts in the default product mode on the initial launch, users must restart the client to enter phone mode after sign in.

• Cisco Unified Communications Manager, Release 9.x and Later — You should not set PRODUCT_MODE during installation. The client gets the authenticator from the service profile. After the user signs in, the client requires a restart to enter phone mode.

• Cisco Unified Communications Manager, Release 8.x — You can specify phone mode during installation if you set Cisco Unified Communications Manager as the authenticator. The client reads the bootstrap file on the initial launch and determines it should start in phone mode. The client then gets Cisco Unified

Communications Manager as the authenticator from the bootstrap file or manual settings. After the user signs in, the client does not require a restart.

Change Product Modes

To change the product mode, you must change the authenticator for the client. The client can then determine the product mode from the authenticator.

The method for changing from one product mode to another after installation, depends on your deployment.

Note

In all deployments, the user can manually set the authenticator in the Advanced settings window.

In this case, you must instruct the user to change the authenticator in the Advanced settings window to change the product mode. You cannot override the manual settings, even if you uninstall and then reinstall the client.

Change Product Modes with Cisco Unified Communications Manager Version 9.x and Later

To change product modes with Cisco Unified Communications Manager version 9.x and later, you change the authenticator in the service profile.

88

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

Mode Type Argument

Procedure

Step 1

Change the authenticator in the service profiles for the appropriate users.

Change Default Mode > Phone Mode

Do not provision users with an IM and Presence service.

If the service profile does not contain an IM and presence service configuration, the authenticator is

Cisco Unified Communications Manager.

Change Phone Mode > Default Mode

Provision users with an IM and Presence service.

If you set the value of the Product type field in the IM and Presence profile to:

Unified CM (IM and Presence) the authenticator is Cisco Unified Presence or Cisco Unified

Communications Manager IM and Presence Service.

WebEx (IM and Presence) the authenticator is the Cisco WebEx Messenger service.

Step 2

Instruct users to sign out and then sign in again.

When users sign in to the client, it retrieves the changes in the service profile and signs the user in to the authenticator. The client then determines the product mode and prompts the user to restart the client.

After the user restarts the client, the product mode change is complete.

Change Product Modes with Cisco Unified Communications Manager Version 8.x

To change product modes with Cisco Unified Communications Manager version 8.x, you must reinstall Cisco

Jabber for Windows to change the authenticator.

Change Default Mode > Phone Mode

Set the following arguments, at a minimum:

• CLEAR=1 to delete any existing bootstrap file.

• AUTHENTICATOR=CUCM to set the authenticator to Cisco Unified Communications Manager.

• PRODUCT_MODE=Phone_Mode to set phone mode as the product mode.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

89

Install Cisco Jabber

Authentication Arguments

Change Phone Mode > Default Mode

Set the following arguments, at a minimum:

• CLEAR=1 to delete any existing bootstrap file.

• AUTHENTICATOR= one of the following:

• CUP to set the authenticator to Cisco Unified Presence or Cisco Unified Communications

Manager.

• WEBEX to set the authenticator to the Cisco WebEx Messenger service.

Authentication Arguments

The following table describe the command line arguments you can set to specify the source of authentication:

Argument Value Description

AUTHENTICATOR CUP

CUCM

WEBEX

Specifies the source of authentication for the client.

This value is used if Service Discovery fails. Set one of the following as the value:

• CUP — Cisco Unified Presence. On-premises deployments in the default product mode. The default product mode can be either full UC or IM only.

• CUCM — Cisco Unified Communications

Manager. On-premises deployments in phone mode.

• WEBEX — Cisco WebEx Messenger Service.

Cloud-based or hybrid cloud-based deployments.

CUP_ADDRESS IP address

Hostname

FQDN

In on-premises deployments with Cisco Unified

Communications Manager version 9.x and later, you should deploy the _cisco-uds SRV record. The client can then automatically determine the authenticator.

Specifies the address of Cisco Unified Presence or Cisco

Unified Communications Manager IM and Presence

Service. Set one of the following as the value:

• Hostname (hostname)

• IP address (123.45.254.1)

• FQDN (hostname.domain.com)

90

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

Argument

TFTP

CTI

CCMCIP

Authentication Arguments

Value

IP address

Hostname

FQDN

IP address

Hostname

FQDN

IP address

Hostname

FQDN

Description

Specifies the address of your TFTP server. Set one of the following as the value:

• Hostname (hostname)

• IP address (123.45.254.1)

• FQDN (hostname.domain.com)

You should specify this argument if you set Cisco

Unified Communications Manager as the authenticator.

If you deploy:

• In phone mode, you should specify the address of the TFTP server that hosts the client configuration.

• In default mode, you can specify the address of the Cisco Unified Communications Manager

TFTP service that hosts the device configuration.

Sets the address of your CTI server.

Specify this argument if:

• You set Cisco Unified Communications Manager as the authenticator.

• Users have desk phone devices and require a CTI server.

Sets the address of your CCMCIP server.

Specify this argument if:

• You set Cisco Unified Communications Manager as the authenticator.

• The address of your CCMCIP server is not the same as the TFTP server address.

The client can locate the CCMCIP server with the

TFTP server address if both addresses are the same.

Cisco Unified Communications Manager release 9.x

and earlier—If you enable Cisco Extension Mobility, the

Cisco Extension Mobility service must be activated on the Cisco Unified Communications

Manager nodes that are used for CCMCIP. For information about Cisco Extension Mobility, see the

Feature and Services guide for your Cisco Unified

Communications Manager release.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

91

Install Cisco Jabber

Authentication Arguments

Argument

SERVICES_DOMAIN

Value

Domain

VOICE_SERVICES_DOMAIN Domain

Description

Sets the value of the domain where the DNS SRV records for Service Discovery reside.

This argument can be set to a domain where no DNS

SRV records reside if you want the client to use installer settings or manual configuration for this information.

If this argument is not specified and Service Discovery fails, the user will be prompted for services domain information.

In Hybrid Deployments the domain required to discover

Webex via CAS lookup may be a different domain than where the DNS records are deployed. If this is the case then set the SERVICES_DOMAIN to be the domain used for Webex discovery (or let the user enter an email address) and set the VOICE_SERVICES_DOMAIN to be the domain where DNS records are deployed. If this setting is specified, the client will use the value of

VOICE_SERVICES_DOMAIN to lookup the following

DNS records for the purposes of Service Discovery and

Edge Detection:

• _cisco-uds

• _cuplogin

• _collab-edge

This setting is optional and if not specified, the DNS records are queried on the Services Domain which is obtained from the SERVICES_DOMAIN, email address input by the user, or cached user configuration.

92

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

Authentication Arguments

Argument

EXCLUDED_SERVICES

Value

One or more of:

• CUP

• WEBEX

• CUCM

Description

Lists the services that you want Jabber to exclude from

Service Discovery. For example, you may have done a trial with WebEx which means that your company domain is registered on WebEx, but you do not want

Jabber users to authenticate using WebEx. You want

Jabber to authenticate with an on-premises CUP server.

In this case set:

• EXCLUDED_SERVICES=WEBEX

Possible values are CUP, CUCM, WEBEX.

To exclude more than one service, use comma separated values. For example, to exclude CUP and CUCM, specify: EXCLUDED_SERVICEs=CUP,CUCM. To exclude all services, specify:

EXCLUDED_SERVICES=CUP,CUCM,WEBEX

If you exclude all services, you need to use manual configuration or bootstrap configuration to configure the Jabber client.

TFTP Server Address

Cisco Jabber for Windows retrieves two different configuration files from the TFTP server:

• Client configuration files that you create.

• Device configuration files that reside on the Cisco Unified Communications Manager TFTP service when you provision users with devices.

To minimize effort, you should host your client configuration files on the Cisco Unified Communications

Manager TFTP service. You then have only one TFTP server address for all configuration files and can specify that address as required.

You can, however, host your client configuration on a different TFTP server to the one that contains the device configuration. In this case, you have two different TFTP server addresses, one address for the TFTP server that hosts device configuration and another address for the TFTP server that hosts client configuration files.

Default Deployments

This section describes how you should handle two different TFTP server addresses in deployments that have a presence server.

You should do the following:

1

Specify the address of the TFTP server that hosts the client configuration on the presence server.

2

During installation, specify the address of the Cisco Unified Communications Manager TFTP service with the TFTP argument.

When the client starts for the first time, it:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

93

Install Cisco Jabber

Common Installation Arguments

1

Retrieves the address of the Cisco Unified Communications Manager TFTP service from the bootstrap file.

2

Gets device configuration from the Cisco Unified Communications Manager TFTP service.

3

Connects to the presence server.

4

Retrieves the address of the TFTP service that hosts the client configuration from the presence server.

5

Gets client configuration from the TFTP server.

Phone Mode Deployments

This section describes how you should handle two different TFTP server addresses in phone mode deployments.

You should do the following:

1

During installation, specify the address of the TFTP server that hosts the client configuration with the

TFTP argument.

2

Specify the address of the TFTP server that hosts the device configuration in your client configuration file with the following parameter: TftpServer1.

3

Host the client configuration file on the TFTP server.

When the client starts for the first time, it:

1

Retrieves the address of the TFTP server from the bootstrap file.

2

Gets client configuration from the TFTP server.

3

Retrieves the address of the Cisco Unified Communications Manager TFTP service from the client configuration.

4

Gets device configuration from the Cisco Unified Communications Manager TFTP service.

Common Installation Arguments

The following table describes command line arguments that are common to all deployments:

94

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

Common Installation Arguments

Argument

LANGUAGE

FORGOT_PASSWORD_URL

TFTP_FILE_NAME

Value

LCID in decimal

URL

Filename

Description

Defines the Locale ID (LCID), in decimal, of the language that Cisco Jabber for Windows uses. The value must be an LCID in decimal that corresponds to a supported language.

For example, you can specify one of the following:

• 1033 specifies English.

• 1036 specifies French.

See the Supported Languages topic for a full list of the languages you can specify.

This argument is optional. If you do not specify a value,

Cisco Jabber for Windows uses the regional language for the current user as the default. The regional language is set at Control Panel > Region and

Language > Change the date, time, or number

format > Formats tab > Format dropdown.

Specifies the URL where users can reset lost or forgotten passwords.

This argument is optional but recommended.

Note

In cloud-based deployments, you can specify a forgot password URL using the Cisco

WebEx Administration Tool. However, the client cannot retrieve that forgot password

URL until users sign in.

Specifies the unique name of a group configuration file.

You can specify either an unqualified or fully qualified filename as the value. The filename you specify as the value for this argument takes priority over any other configuration file on your TFTP server.

This argument is optional.

Remember

You can specify group configuration files in the Cisco Support Field on the

CSF device configuration on Cisco

Unified Communications Manager.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

95

Install Cisco Jabber

Common Installation Arguments

Argument

LOGIN_RESOURCE

LOG_DIRECTORY

CLICK2X

Value

WBX

MUT

Description

Controls user sign in to multiple client instances.

By default, users can sign in to multiple instances of

Cisco Jabber at the same time. Set one of the following values to change the default behavior:

• WBX — Users can sign in to one instance of

Cisco Jabber for Windows at a time.

Cisco Jabber for Windows appends the wbxconnect suffix to the user's JID. Users cannot sign in to any other Cisco Jabber client that uses the wbxconnect suffix.

• MUT — Users can sign in to one instance of

Cisco Jabber for Windows at a time, but can sign in to other Cisco Jabber clients at the same time.

Each instance of Cisco Jabber for Windows appends the user's JID with a unique suffix.

Absolute path on the local filesystem

Defines the directory where the client writes log files.

Use quotation marks to escape space characters in the path, as in the following example:

"C:\my_directory\Log Directory"

The path you specify must not contain Windows invalid characters.

The default value is

%USER_PROFILE%\AppData\Local\Cisco\Unified

Communications\Jabber\CSF\Logs

DISABLE Disables click-to-x functionality with Cisco Jabber.

If you specify this argument during installation,

• The client does not register as a handler for click-to-x functionality with the operating system.

In effect, this argument prevents the client from writing to the Microsoft Windows registry during installation.

• You must re-install the client and omit this argument to enable click-to-x functionality with the client after installation.

96

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

SSO Arguments

Argument

Telemetry_Enabled

Value

true false

Description

Specifies whether analytics data is gathered. The default value is true.

To improve your experience and product performance,

Cisco Jabber may collect and send non-personally identifiable usage and performance data to Cisco. The aggregated data is used by Cisco to understand trends in how Jabber clients are being used and how they are performing.

Full details on what analytics data Cisco Jabber does and does not collect can be found in the Cisco Jabber

Supplement to Cisco’s On-Line Privacy Policy at http:/

/www.cisco.com/web/siteassets/legal/privacy_

02Jun10.html

.

SSO Arguments

This section describes the command line arguments you can use to deploy Cisco Jabber for Windows with single sign on (SSO) capabilities.

Cloud-Based SSO Arguments

The arguments in the following table apply to cloud-based deployments only:

Argument Value Description

SSO_ORG_DOMAIN Domain name Specifies the domain name for the Cisco WebEx Org that contains the URL for the SSO service.

Cisco Jabber for Windows uses this argument to retrieve the URL of the SSO service from the Org.

When Cisco Jabber for Windows gets the SSO service

URL, it can request login tokens to authenticate with

Cisco WebEx Messenger.

Note

You specify the URL for the SSO service as the value of the Customer SSO Service Login

URL in the Cisco WebEx Administration

Tool.

Installer Properties

The following are the properties you can modify in a custom installer:

• CLEAR

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

97

Install Cisco Jabber

Supported Languages

• PRODUCT_MODE

• AUTHENTICATOR

• CUP_ADDRESS

• TFTP

• CTI

• CCMCIP

• LANGUAGE

• TFTP_FILE_NAME

• FORGOT_PASSWORD_URL

• SSO_ORG_DOMAIN

• LOGIN_RESOURCE

• LOG_DIRECTORY

• CLICK2X

• SERVICES_DOMAIN

These properties correspond to the installation arguments and have the same values.

Supported Languages

The following table lists the languages that Cisco Jabber for Windows supports. You can change the language that your client uses by changing the language setting in your operating system Control Panel. After you select the language, restart your computer, and the Cisco Jabber client will automatically update its language settings to match your system language selection.

Arabic

Bulgarian

Catalan

Croatian

Czech

Danish

German

Greek

English

Spanish

Finnish

French

Hebrew

Hungarian

Italian

Japanese

Korean

Norwegian

Dutch

Polish

Portuguese - Brazil

Portuguese - Portugal

Romanian

Russian

Serbian

Slovak

Slovenian

Swedish

Thai

Turkish

Chinese - China

Chinese - Taiwan

98

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

Cisco Media Services Interface

Note

Cisco Jabber for Windows does not support Locale IDs for all sub-languages. For example, if you specify

French - Canada, Cisco Jabber for Windows uses French - France.

See the following documentation for more information about Locale IDs:

Microsoft Windows Locale Code Identifier (LCID) Reference

Locale IDs Assigned by Microsoft

Related Topics

Microsoft Windows Locale Code Identifier (LCID) Reference

Locale IDs Assigned by Microsoft

Cisco Media Services Interface

Cisco Jabber for Windows supports Cisco Media Services Interface version 4.1.2 for Microsoft Windows 7 and later.

Cisco Jabber for Mac supports Cisco Media Services Interface version 4.0.2 or later.

Traffic Marking

Cisco Media Services Interface provides a service that works with Cisco Prime Collaboration Manager and

Cisco Medianet-enabled routers to ensure that Cisco Jabber can send audio media and video media on your network with minimum latency or packet loss.

Before Cisco Jabber sends audio media or video media, it checks for Cisco Media Services Interface.

• If the service exists on the computer, Cisco Jabber provides flow information to Cisco Media Services

Interface.

The service then signals the network so that routers classify the flow and provide priority to the Cisco

Jabber traffic.

• If the service does not exist, Cisco Jabber does not use it and sends audio media and video media as normal.

Note

Cisco Jabber checks for Cisco Media Services Interface for each audio call or video call.

Desk Phone Video Capabilities

You must install Cisco Media Services Interface to enable desk phone video capabilities. Cisco Media Services

Interface provides a driver that enables Cisco Jabber for Windows to do the following:

• Discover the desk phone device.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

99

Install Cisco Jabber

Prepare Your Network

• Establish and maintain a connection to the desk phone device using the CAST protocol.

Prepare Your Network

To install Cisco Media Service Interface for traffic marking, you must prepare your network.

Procedure

Step 1

Install Cisco Prime Collaboration manager.

Step 2

Install routers or switches enabled for Cisco Medianet where appropriate.

Step 3

Configure your network to handle the metadata attributes that Cisco Media Service Interface applies to applications.

Not all devices on your network must support Cisco Medianet.

The first hop should prioritize traffic based on the metadata attributes from Cisco Media Service Interface.

As the traffic traverses the network, all other devices should also prioritize that traffic unless you configure policies on those devices to handle the traffic differently.

Install Cisco Media Services Interface

Procedure

Step 1

Download the Cisco Media Services Interface installation program from the download site on cisco.com.

Step 2

Install Cisco Media Services Interface on each computer on which you install Cisco Jabber.

See the appropriate Cisco Medianet documentation for installing Cisco Media Services Interface.

Related Topics

Download software

Medianet Knowledge Base Portal

Uninstall Cisco Jabber for Windows

You can uninstall Cisco Jabber for Windows using either the command line or the Microsoft Windows control panel. This document describes how to uninstall Cisco Jabber for Windows using the command line.

Use the Installer

If the installer is available on the file system, use it to remove Cisco Jabber for Windows.

100

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Install Cisco Jabber

Use the Product Code

Procedure

Step 1

Open a command line window.

Step 2

Enter the following command: msiexec.exe /x path_to_

CiscoJabberSetup.msi

For example, msiexec.exe /x C:\Windows\Installer\

CiscoJabberSetup.msi

/quiet

Where

/quiet specifies a silent uninstall.

The command removes Cisco Jabber for Windows from the computer.

Use the Product Code

If the installer is not available on the file system, use the product code to remove Cisco Jabber for Windows.

Procedure

Step 1

Find the product code.

a) Open the Microsoft Windows registry editor.

b) Locate the following registry key: HKEY_CLASSES_ROOT\Installer\Products c) Select Edit > Find.

d) Enter Cisco Jabber in the Find what text box in the Find window and select Find Next.

e) Find the value of the ProductIcon key.

The product code is the value of the ProductIcon key, for example,

C:\Windows\Installer\{product_code}\ARPPRODUCTICON.exe

.

Note

The product code changes with each version of Cisco Jabber for

Windows.

Step 2

Open a command line window.

Step 3

Enter the following command: msiexec.exe /x product_code

For example, msiexec.exe /x 45992224-D2DE-49BB-B085-6524845321C7 /quiet

Where

/quiet specifies a silent uninstall.

The command removes Cisco Jabber for Windows from the computer.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

101

Use the Product Code

Install Cisco Jabber

102

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

C H A P T E R

7

Configure Cisco Jabber

Learn how to configure Cisco Jabber and review the configuration parameters you can set.

Introduction to Client Configuration, page 103

Configure Service Profiles, page 104

Create and Host Client Configuration Files, page 111

Configuration File Structure, page 118

Summary of Configuration Parameters, page 119

Example Configuration, page 121

Client Parameters, page 122

Options Parameters, page 123

Phone Parameters, page 127

Policies Parameters, page 130

Presence Parameters, page 139

Service Credentials Parameters, page 140

Voicemail Parameters, page 140

Configure Automatic Updates, page 141

Configure Problem Reporting, page 142

Custom Embedded Tabs for Cisco Jabber for Windows, page 143

Introduction to Client Configuration

Cisco Jabber can retrieve configuration settings from the following sources:

• Service Profiles — You can configure some client settings in UC service profiles on Cisco Unified

Communications Manager release 9 and later. When users launch the client, it discovers the Cisco

Unified Communications Manager home cluster using a DNS SRV record and automatically retrieves the configuration from the UC service profile.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

103

Configure Cisco Jabber

Configure Service Profiles

Applies to on-premises deployments only.

• Phone Configuration — You can set some client settings in the phone configuration on Cisco Unified

Communications Manager release 9 and later. The client retrieves the settings from the phone configuration in addition to the configuration in the UC service profile.

Applies to on-premises deployments only.

• Cisco Unified Presence or Cisco Unified Communications Manager IM and Presence Service — You can enable instant messaging and presence capabilities and configure certain settings such as presence subscription requests.

In the Advanced settings window, if you select either Cisco IM & Presence or Cisco Communications

Manager 8.x, the client retrieves UC services from Cisco Unified Presence or Cisco Unified

Communications Manager IM and Presence Service. The client does not use service profiles or SSO discovery.

Applies to on-premises deployments only.

• Client Configuration Files — You can create XML files that contain configuration parameters. You then host the XML files on a TFTP server. When users sign in, the client retrieves the XML file from the

TFTP server and applies the configuration.

Applies to on-premises and cloud-based deployments.

• Cisco WebEx Administration Tool — You can configure some client settings with the Cisco WebEx

Administration Tool.

Applies to cloud-based deployments only.

Configure Service Profiles

You can configure some client settings in UC service profiles on Cisco Unified Communications Manager version 9 and later.

Important

• Cisco Jabber only retrieves configuration from service profiles on Cisco Unified Communications

Manager if the client gets the _cisco-uds SRV record from a DNS query.

In a hybrid environment, if the CAS URL lookup is successful Cisco Jabber retrieves the configurations from Cisco WebEx Messenger service and the _cisco-uds SRV record is ignored.

• In an environment with multiple Cisco Unified Communications Manager clusters, you can configure the Intercluster Lookup Service (ILS). ILS enables the client to find the user's home cluster and discover services.

If you do not configure ILS, then you must manually configure remote cluster information, similar to the EMCC remote cluster set up. For more information on Remote Cluster Configuration, see the

Cisco Unified Communications Manager Features and Services Guide.

Related Topics

Remote Cluster Configuration on Cisco Unified Communications Manager 10.0

104

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Set Parameters on Service Profile

Set Parameters on Service Profile

The client can retrieve UC service configuration and other settings from service profiles.

Parameters in Service Profiles

Learn which configuration parameters you can set in service profiles. Review the corresponding parameters in the client configuration file.

IM and Presence Service Profile

The following table lists the configuration parameters you can set in the IM and Presence Service profile:

Parameter Description

Product type Provides the source of authentication to Cisco Jabber and has the following values:

• Unified CM (IM and Presence Service) — Cisco

Unified Presence or Cisco Unified

Communications Manager IM and Presence

Service is the authenticator.

• WebEx (IM and Presence Service) — The Cisco

WebEx Messenger service is the authenticator.

Note

As of this release, the client issues an

HTTP query in addition to the query for

SRV records. The HTTP query allows the client to determine if it should authenticate to the Cisco WebEx

Messenger service.

As a result of the HTTP query, the client connects to the Cisco WebEx Messenger service in cloud-based deployments before getting the _cisco-uds SRV record. Setting the value of the Product

type field to WebEx may have no practical effect if the WebEx service has already been discovered by a CAS lookup.

• Not set — If the service profile does not contain an IM and presence service configuration, the authenticator is Cisco Unified Communications

Manager

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

105

Configure Cisco Jabber

Set Parameters on Service Profile

Parameter

Primary server

Description

Specifies the address of your primary presence server.

• On-Premises Deployments — You should specify the fully qualified domain name (FQDN) of Cisco

Unified Presence or Cisco Unified

Communications Manager IM and Presence

Service.

• Cloud-Based Deployments — The client uses the following URL as default when you select WebEx as the value for the Product type parameter: https://loginp.webexconnect.com/cas/auth.do

This default URL overrides any value that you set.

Voicemail Profile

The following table lists the configuration parameters you can set in the voicemail profile:

Parameter Description

Voicemail server Specifies connection settings for the voicemail server.

Credentials source for voicemail service Specifies that the client uses the credentials for the instant messaging and presence or conferencing service to authenticate with the voicemail service.

Ensure that the credentials source that you set match the user's voicemail credentials. If you set a value for this parameter, users cannot specify their voicemail service credentials in the client user interface.

Conferencing Profile

The following table lists the configuration parameters you can set in the conferencing profile:

Conferencing Service Configuration Description

Conferencing server

Specifies connection settings for the conferencing server.

Credentials source for web conference service

Specifies that the client uses the credentials for the instant messaging and presence or voicemail service to authenticate with the conferencing service.

Ensure that the credentials source that you set match the user's conferencing credentials.

106

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Set Parameters on Service Profile

Directory Profile

See the Client Configuration for Directory Integration chapter for information about configuring directory integration in a service profile.

CTI Profile

The following table lists the configuration parameters you can set in the CTI profile:

CTI Service Configuration Description

CTI server

Specifies connection settings for the CTI server.

Add Cisco Unified Communications Manager Services

Add Cisco Unified Communications Manager services to specify the address, ports, protocols, and other settings for services such as IM and Presence Service, voicemail, conferencing, and directory.

Procedure

Step 1

Open the Cisco Unified CM Administration interface.

Step 2

Select User Management > User Settings > UC Service.

The Find and List UC Services window opens.

Step 3

Select Add New.

The UC Service Configuration window opens.

Step 4

Select the UC service type you want to add and then select Next.

Step 5

Configure the UC service as appropriate and then select Save.

What to Do Next

Add your UC services to service profiles.

Create Service Profiles

After you add and configure Cisco Unified Communications Manager services, you add them to a service profile. You can apply additional configuration in the service profile.

Procedure

Step 1

Open the Cisco Unified CM Administration interface.

Step 2

Select User Management > User Settings > Service Profile.

The Find and List UC Services window opens.

Step 3

Select Add New.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

107

Configure Cisco Jabber

Set Parameters on Service Profile

The Service Profile Configuration window opens.

Step 4

Enter a name for the service profile in the Name field.

Step 5

Select Make this the default service profile for the system if you want the service profile to be the default for the cluster.

Note

On Cisco Unified Communications Manager release 9.x only, users who have only instant messaging capabilities (IM only) must use the default service profile. For this reason, you should set the service profile as the default if you plan to apply the service profile to IM only users.

Step 6

Add your UC services, apply any additional configuration, and then select Save.

What to Do Next

Apply service profiles to end user configuration.

Apply Service Profiles

After you add UC services and create a service profile, you apply the service profile to users. When users sign in to Cisco Jabber, the client can then retrieve the service profile for that user from Cisco Unified

Communications Manager.

Procedure

Step 1

Open the Cisco Unified CM Administration interface.

Step 2

Select User Management > End User.

The Find and List Users window opens.

Step 3

Enter the appropriate search criteria to find existing users and then select a user from the list.

The End User Configuration window opens.

Step 4

Locate the Service Settings section.

Step 5

Select a service profile to apply to the user from the UC Service Profile drop-down list.

Important

Cisco Unified Communications Manager release 9.x only: If the user has only IIM and

Presence Service capabilities (IM only), you must select Use Default. For IM only users, Cisco

Unified Communications Manager release 9.x always applies the default service profile regardless of what you select from the UC Service Profile drop-down list.

Step 6

Apply any other configuration as appropriate and then select Save.

Associate Users with Devices

On Cisco Unified Communications Manager version 9.x only, when the client attempts to retrieve the service profile for the user, it first gets the device configuration file from Cisco Unified Communications Manager.

The client can then use the device configuration to get the service profile that you applied to the user.

108

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Set Parameters on Phone Configuration for Desktop Clients

For example, you provision Adam McKenzie with a CSF device named CSFAKenzi. The client retrieves

CSFAKenzi.cnf.xml

from Cisco Unified Communications Manager when Adam signs in. The client then looks for the following in CSFAKenzi.cnf.xml:

<userId serviceProfileFile="identifier.cnf.xml">amckenzi</userId>

For this reason, if you are using Cisco Unified Communications Manager version 9.x, you should do the following to ensure that the client can successfully retrieve the service profiles that you apply to users:

• Associate users with devices.

• Set the User Owner ID field in the device configuration to the appropriate user. The client will retrieve the Default Service Profile if this value is not set.

Note

A CSF should not be associated to multiple users if you intend to use different service profiles for these users.

Procedure

Step 1

Associate users with devices.

a) Open the Unified CM Administration interface.

b) Select User Management > End User.

c) Find and select the appropriate user.

The End User Configuration window opens.

d) Select Device Association in the Device Information section.

e) Associate the user with devices as appropriate.

f) Return to the End User Configuration window and then select Save.

Step 2

Set the User Owner ID field in the device configuration.

a) Select Device > Phone.

b) Find and select the appropriate device.

The Phone Configuration window opens.

c) Locate the Device Information section.

d) Select User as the value for the Owner field.

e) Select the appropriate user ID from the Owner User ID field.

f) Select Save.

Set Parameters on Phone Configuration for Desktop Clients

The client can retrieve configuration settings in the phone configuration from the following locations on Cisco

Unified Communications Manager:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

109

Configure Cisco Jabber

Set Parameters on Phone Configuration for Desktop Clients

Enterprise Phone Configuration

Applies to the entire cluster.

Note

For users with only IM and Presence Service capabilities (IM only), you must set phone configuration parameters in the Enterprise Phone Configuration window.

Common Phone Profile Configuration

Applies to groups of devices and takes priority over the cluster configuration.

Cisco Unified Client Services Framework (CSF) Phone Configuration

Applies to individual CSF devices and takes priority over the group configuration.

Parameters in Phone Configuration

The following table lists the configuration parameters you can set in the Product Specific Configuration

Layout section of the phone configuration and maps corresponding parameters from the client configuration file:

Desktop Client Settings Configuration Description

Video Calling

Enables or disables video capabilities.

Enabled (default)

Users can send and receive video calls.

Disabled

Users cannot send or receive video calls.

Restriction

This parameter is available only on the CSF device configuration.

File Types to Block in File Transfer

Restricts users from transferring specific file types.

Set a file extension as the value, for example, .exe.

Use a semicolon to delimit multiple values, for example,

.exe;.msi;.rar;.zip

110

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Create and Host Client Configuration Files

Desktop Client Settings Configuration

Automatically Start in Phone Control

Jabber For Windows Software Update

Server URL

Problem Report Server URL

Description

Sets the phone type for users when the client starts for the first time. Users can change their phone type after the initial start. The client then saves the user preference and uses it for subsequent starts.

Enabled

Use the desk phone device for calls.

Disabled (default)

Use the software phone (CSF) device for calls.

Specifies the URL to the XML file that holds client update information. The client uses this URL to retrieve the XML file from your web server.

In hybrid cloud-based deployments, you should use the Cisco

WebEx Administration Tool to configure automatic updates.

Specifies the URL for the custom script that allows users to submit problem reports.

Create and Host Client Configuration Files

In on-premises and hybrid cloud-based deployments you can create client configuration files and host them on the Cisco Unified Communications Manager TFTP service.

In cloud-based deployments, you should configure the client with the Cisco WebEx Administration Tool.

However, you can optionally set up a TFTP server to configure the client with settings that are not available in Cisco WebEx Administration Tool.

Important

In most environments, the client does not require any configuration to connect to services. You should create a configuration file only if you require custom content such as:

• Embedded HTML tabs

• Automatic updates

• Problem reporting

• User policies and options

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

111

Configure Cisco Jabber

Client Configuration Files

Client Configuration Files

Before you deploy configuration files, review the differences between global and group configuration files.

To successfully deploy configuration files you should also review the requirements for configuration files such as supported encoding.

Global Configuration Files

Global configuration files apply to all users. The client downloads the global configuration file from your

TFTP server during the login sequence.

The default name for the global configuration file is jabber-config.xml.

Group Configuration Files

Note

• Group configuration files are supported on Cisco Jabber for Windows and on Cisco Jabber for mobile devices.

• Group configuration files apply to subsets of users. Group configuration files take priority over global configuration files.

Group Configuration File Names

You specify the name of the group configuration files in the Cisco Support Field on the CSF, BOT, TCT, or TAB device configuration in Cisco Unified Communications Manager.

If you remove the name of the group configuration file in the CSF device configuration on Cisco Unified

Communications Manager, the client detects the change, prompts the users to sign out, and loads the global configuration file. You can remove the name of the group configuration file in the CSF, BOT, TCT, or TAB device configuration by deleting the entire configurationFile=group_configuration_file_name.xml string or by deleting the group configuration filename from the string.

If users have desk phone devices only, use the following command line argument to specify unique names configuration files for different groups during installation:

TFTP_FILE_NAME

Configuration File Requirements

• Configuration filenames are case sensitive. Use lowercase letters in the filename to prevent errors and to ensure the client can retrieve the file from the TFTP server.

• You must use utf-8 encoding for the configuration files.

• The client cannot read configuration files that do not have a valid XML structure. Ensure you check the structure of your configuration file for closing elements and that elements are nested correctly.

112

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Specify Your TFTP Server Address

• Your XML can contain only valid XML character entity references. For example, use &amp; instead of &. If your XML contains invalid characters, the client cannot parse the configuration file.

Tip

Open your configuration file in Microsoft Internet Explorer to see if any characters or entities are not valid.

If Internet Explorer displays the entire XML structure, your configuration file does not contain invalid characters or entities.

If Internet Explorer displays only part of the XML structure, your configuration file most likely contains invalid characters or entities.

Specify Your TFTP Server Address

The client gets configuration files from a TFTP server. The first step in configuring the client is to specify your TFTP server address so the client can access your configuration file.

Attention

If Cisco Jabber gets the _cisco-uds SRV record from a DNS query, it can automatically locate the user's home cluster. As a result, the client can also locate the Cisco Unified Communications Manager

TFTP service.

You do not need to specify your TFTP server address if you deploy the _cisco-uds SRV record.

Specify Your TFTP Server on Cisco Unified Presence

If you are using Cisco Unified Communications Manager release 8.x, complete the steps to specify the address of your TFTP server on Cisco Unified Presence. If you are using Cisco Unified Communications Manager release 9.x, then you do not need to follow the steps below.

Procedure

Step 1

Open the Cisco Unified Presence Administration interface.

Step 2

Select Application > Cisco Jabber > Settings.

Note

In some versions of Cisco Unified Presence, this path is as follows: Application > Cisco Unified

Personal Communicator > Settings.

The Cisco Jabber Settings window opens.

Step 3

Locate the fields to specify TFTP servers in one of the following sections, depending on your version of Cisco

Unified Presence:

Cisco Jabber Security Settings

CUPC Global Settings

Step 4

Specify the IP address of your primary and backup TFTP servers in the following fields:

Primary TFTP Server

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

113

Configure Cisco Jabber

Specify Your TFTP Server Address

Backup TFTP Server

Backup TFTP Server

Step 5

Select Save.

Specify Your TFTP Server on Cisco Unified Communications Manager IM and Presence Service

If you are using Cisco Unified Communications Manager release 8.x, complete the steps to specify the address of your TFTP server on Cisco Unified Communications Manager. If you are using Cisco Unified

Communications Manager release 9.x, then you do not need to follow the steps below.

Procedure

Step 1

Open the Cisco Unified CM IM and Presence Administration interface.

Step 2

Select Application > Legacy Clients > Settings.

The Legacy Client Settings window opens.

Step 3

Locate the Legacy Client Security Settings section.

Step 4

Specify the IP address of your primary and backup TFTP servers in the following fields:

Primary TFTP Server

Backup TFTP Server

Backup TFTP Server

Step 5

Select Save.

Specify TFTP Servers in Phone Mode

If you deploy the client in phone mode you can provide the address of the TFTP server as follows:

• Users manually enter the TFTP server address when they start the client.

• You specify the TFTP server address during installation with the TFTP argument.

Specify TFTP Servers with the Cisco WebEx Administration Tool

If the client connects to the Cisco WebEx Messenger service, you specify your TFTP server address with the

Cisco WebEx Administrator Tool.

114

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Create Global Configurations

Procedure

Step 1

Open the Cisco WebEx Administrator Tool.

Step 2

Select the Configuration tab.

Step 3

Select Unified Communications in the Additional Services section.

The Unified Communications window opens.

Step 4

Select the Clusters tab.

Step 5

Select the appropriate cluster from the list.

The Edit Cluster window opens.

Step 6

Select Advanced Server Settings in the Cisco Unified Communications Manager Server Settings section.

Step 7

Specify the IP address of your primary TFTP server in the TFTP Server field.

Step 8

Specify the IP address of your backup TFTP servers in the Backup Server #1 and Backup Server #2 fields.

Step 9

Select Save.

The Edit Cluster window closes.

Step 10 Select Save in the Unified Communications window.

Create Global Configurations

The client downloads the global configuration file from your TFTP server during the login sequence. Configure the client for all users in your deployment.

Before You Begin

If the structure of your configuration file is not valid, the client cannot read the values you set. Review the

XML samples in this chapter for more information.

Procedure

Step 1

Create a file named jabber-config.xml with any text editor.

• Use lowercase letters in the filename.

• Use UTF-8 encoding.

Step 2

Define the required configuration parameters in jabber-config.xml.

Step 3

Host the group configuration file on your TFTP server.

If your environment has multiple TFTP servers, ensure that the configuration file is the same on all TFTP servers.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

115

Configure Cisco Jabber

Create Group Configurations

Create Group Configurations

Group configuration files apply to subsets of users and are supported on Cisco Jabber for Windows (CSF devices) and on Cisco Jabber for mobile devices ( except iOS devices). Group configuration files take priority over global configuration files.

If you provision users with CSF devices, specify the group configuration file names in the Cisco Support

Field field on the device configuration. If users do not have CSF devices, set a unique configuration file name for each group during installation with the TFTP_FILE_NAME argument.

Before You Begin

• If you have Cisco Unified Communications Manager, 8.6, the Cisco Support Field field does not exist..

Download the ciscocm.addcsfsupportfield.cop COP file from the Cisco Jabber administration package to your file system and deploy to Cisco Unified Communications Manager. For more information about deploying COP files, see the Cisco Unified Communications Manager documentation.

The COP file adds the Cisco Support Field field to CSF devices in the Desktop Client Settings section on the Phone Configuration window.

• If the structure of your configuration file is not valid, the client cannot read the values you set. Review the XML samples in this chapter for more information.

Procedure

Step 1

Create an XML group configuration file with any text editor.

The group configuration file can have any appropriate name; for example, jabber-groupa-config.xml.

Step 2

Define the required configuration parameters in the group configuration file.

Step 3

Add the group configuration file to applicable CSF devices.

a) Open the Cisco Unified CM Administration interface.

b) Select Device > Phone.

c) Find and select the appropriate CSF device to which the group configuration applies.

d) In the Phone Configuration window, navigate to Product Specific Configuration Layout > Desktop

Client Settings.

e) In the Cisco Support Field field, enter configurationfile=group_configuration_file_name.xml

. For example, enter configurationfile=groupa-config.xml

.

Note

If you host the group configuration file on your TFTP server in a location other than the default directory, you must specify the path and the filename; for example, configurationfile=/customFolder/groupa-config.xml

.

Do not add more than one group configuration file. The client uses only the first group configuration in the Cisco Support Field field.

f) Select Save.

Step 4

Host the group configuration file on your TFTP server.

116

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Host Configuration Files

Host Configuration Files

You can host configuration files on any TFTP server. However, Cisco recommends hosting configuration files on the Cisco Unified Communications Manager TFTP server, which is the same as that where the device configuration file resides.

Procedure

Step 1

Open the Cisco Unified OS Administration interface on Cisco Unified Communications Manager.

Step 2

Select Software Upgrades > TFTP File Management.

Step 3

Select Upload File.

Step 4

Select Browse in the Upload File section.

Step 5

Select the configuration file on the file system.

Step 6

Do not specify a value in the Directory text box in the Upload File section.

You should leave an empty value in the Directory text box so that the configuration file resides in the default directory of the TFTP server.

Step 7

Select Upload File.

Restart Your TFTP Server

You must restart your TFTP server before the client can access the configuration files.

Procedure

Step 1

Open the Cisco Unified Serviceability interface on Cisco Unified Communications Manager.

Step 2

Select Tools > Control Center - Feature Services.

Step 3

Select Cisco Tftp from the CM Services section.

Step 4

Select Restart.

A window displays to prompt you to confirm the restart.

Step 5

Select OK.

The Cisco Tftp Service Restart Operation was Successful status displays.

Step 6

Select Refresh to ensure the Cisco Tftp service starts successfully.

What to Do Next

To verify that the configuration file is available on your TFTP server, open the configuration file in any browser. Typically, you can access the global configuration file at the following URL: http://tftp_server_address:6970/jabber-config.xml

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

117

Configure Cisco Jabber

Configuration File Structure

Configuration File Structure

You create client configuration files in an XML format that contains the following elements

XML Declaration

The configuration file must conform to XML standards and contain the following declaration:

<?xml version="1.0" encoding="utf-8"?>

Root Element

The root element config, contains all group elements. You must also add the version attribute to the root element as follows:

<?xml version="1.0" encoding="utf-8"?>

<config version="1.0">

</config>

Group Elements

Group elements contain configuration parameters and values. You must nest group elements within the root element.

Group Elements and Parameters

The following table describes the group elements you can specify in a client configuration file:

Element Description

Client Contains configuration parameters for the client.

Directory

Options

Phone

Policies

Presence

Voicemail

Contains configuration parameters for directory integration.

Contains configuration parameters for user options.

Contains configuration parameters for phone services.

Contains configuration parameters for policies.

Contains configuration parameters for presence options.

Contains configuration parameters for the voicemail service.

XML Structure

The following snippet shows the XML structure of a client configuration file:

<Client>

<parameter>value</parameter>

</Client>

<Directory>

<parameter>value</parameter>

</Directory>

118

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Summary of Configuration Parameters

<Options>

<parameter>value</parameter>

</Options>

<Phone>

<parameter>value</parameter>

</Phone>

<Policies>

<parameter>value</parameter>

</Policies>

<Presence>

<parameter>value</parameter>

</Presence>

<Voicemail>

<parameter>value</parameter>

</Voicemail>

Summary of Configuration Parameters

The following table lists all the parameters you can include in the client configuration:

Parameter Group Element

PrtLogServerUrl

UpdateUrl jabber-plugin-config

Forgot_Password_URL

Persistent_Chat_Enabled

Mention_P2Pchat

Mention_GroupChat

Mention_PersistentChat

Disable_IM_History

Set_Status_Away_On_Inactive

Set_Status_Inactive_Timeout

Set_Status_Away_On_Lock_OS

StartCallWithVideo

Start_Client_On_Start_OS

AllowUserCustomTabs

ShowContactPictures

ShowOfflineContacts

DockedWindowVisible

DockedWindowPosition

DeviceAuthenticationPrimaryServer

DeviceAuthenticationBackupServer

Options

Options

Options

Options

Options

Options

Options

Options

Options

Options

Phone

Phone

Client

Client

Client

Client

Client

Client

Client

Client

Client

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

119

Summary of Configuration Parameters

Parameter

TftpServer1

TftpServer2

CtiServer1

CtiServer2 useCUCMGroupForCti

CcmcipServer1

CcmcipServer2

Meeting_Server_Address

Meeting_Server_Address_Backup

Meeting_Server_Address_Backup2

EnableVideo

InitialPhoneSelection

UserDefinedRemoteDestinations enableLocalAddressBookSearch

EnableAccessoriesManager

BlockAccessoriesManagerPlugins

ForceFontSmoothing

Screen_Capture_Enabled

File_Transfer_Enabled

Disallowed_File_Transfer_Types

EnableBFCPVideoDesktopShare

Meetings_Enabled

Telephony_Enabled

Voicemail_Enabled

EnableTelProtocolHandler

EnableSaveChatToFile

EnableSIPURIDialling

DirectoryURI

ForceC2XDirectoryResolution

ServiceDiscoveryExcludedServices

Phone

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Policies

Group Element

Phone

Phone

Phone

Phone

Phone

Phone

Phone

Phone

Phone

Policies

Policies

120

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Configure Cisco Jabber

Example Configuration

Parameter

VoiceServicesDomain

LoginResource

PresenceServerAddress

PresenceServerURL

VoiceMailService_UseCredentialsFrom

VVM_Mailstore_Server_0

Group Element

Policies

Presence

Presence

Presence

Voicemail

Voicemail

Related Topics

Group Elements and Parameters, on page 118

Client Parameters, on page 122

Options Parameters, on page 123

Phone Parameters, on page 127

Policies Parameters, on page 130

Presence Parameters, on page 139

Service Credentials Parameters, on page 140

Voicemail Parameters, on page 140

Integrate with Directory Sources, on page 149

Example Configuration

The following is an example of a configuration file used in an on-premises deployment for all clients:

<?xml version="1.0" encoding="utf-8"?>

<config version="1.0">

<Client>

<PrtLogServerUrl>http://server_name:port/path/prt_script.php</PrtLogServerUrl>

<jabber-plugin-config>

<browser-plugin>

<page refresh="true" preload="true">

<tooltip>Cisco</tooltip>

<icon>http://www.cisco.com/web/fw/i/logo.gif</icon>

<url>www.cisco.com</url>

</page>

</browser-plugin>

</jabber-plugin-config>

</Client>

<Options>

<Set_Status_Inactive_Timeout>20</Set_Status_Inactive_Timeout>

<StartCallWithVideo>false</StartCallWithVideo>

</Options>

<Policies>

<Disallowed_File_Transfer_Types>.exe;.msi</Disallowed_File_Transfer_Types>

</Policies>

<Directory>

<PrimaryServerName>dir.example.com</PrimaryServerName>

<SearchBase1>ou=staff,dc=example,dc=com</SearchBase1>

<ConnectionUsername>[email protected]</ConnectionUsername>

<ConnectionPassword>jabber</ConnectionPassword>

<PhotoUriSubstitutionEnabled>True</PhotoUriSubstitutionEnabled>

<PhotoUriSubstitutionToken>sAMAccountName</PhotoUriSubstitutionToken>

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

121

Configure Cisco Jabber

Client Parameters

<PhotoUriWithToken>http://example.com/photo/sAMAccountName.jpg

</PhotoUriWithToken>

</Directory>

</config>

Client Parameters

The following table describes the parameters you can specify within the Client element:

Parameter Value Description

PrtLogServerUrl URL Specifies the custom script for submitting problem reports.

UpdateUrl jabber-plugin-config

Forgot_Password_URL

Persistent_Chat_Enabled

URL Specifies the URL to the automatic updates XML definition file on your HTTP server. The client uses this

URL to retrieve the update XML file.

In hybrid cloud-based deployments, you should use the

Cisco WebEx Administration Tool to configure automatic updates.

Plug-in definition

Contains plug-in definitions such as custom embedded tabs that display HTML content.

URL true false

Specifies the URL of your web page for users to reset or retrieve forgotten passwords.

In hybrid cloud-based deployments, you should use the

Cisco WebEx Administration Tool to direct users to the web page to reset or retrieve forgotten passwords.

Specifies whether the Persistent Chat feature is available in the client.

true

If the value is set to true, the Persistent Chat interface is shown in the client.

false (default)

The default value is assumed if the setting is not present in the configuration file.

Mention_P2Pchat true false

Specifies whether mentions are enabled in person to person chat.

true (default)

Enables mentions in person to person chat.

false

Disables mentions in person to person chat.

122

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Options Parameters

Parameter

Mention_GroupChat

Mention_PersistentChat

Disable_IM_History

Value

true false true false true false

Description

Specifies whether mentions are enabled in group chat.

true (default)

Enables mentions in group chat.

false

Disables mentions in group chat.

Specifies whether mentions are enabled in persistent chat.

true (default)

Enables mentions in persistent chat.

false

Disables mentions in persistent chat.

Specifies whether to retain chat history after participants close the chat window.

Note

This parameter is not available for IM-only deployments.

true

Do not retain chat history after participants close the chat window.

false (default)

Retain chat history:

• After participants close the chat window.

• Until the participants sign out.

If the participants re-open the chat window, the last

99 messages show.

Message archiving should be disabled on the server.

Options Parameters

The following table describes the parameters you can specify within the Options element:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

123

Configure Cisco Jabber

Options Parameters

Parameter

Set_Status_Away_On_Inactive

Value

true false

Description

Specifies if the availability status changes to Away when users are inactive.

true (default)

Availability status changes to Away when users are inactive.

false

Availability status does not change to Away when users are inactive.

Set_Status_Inactive_Timeout

Set_Status_Away_On_Lock_OS

Number of minutes

Sets the amount of time, in minutes, before the availability status changes to Away if users are inactive.

The default value is 15.

true false

Specifies if the availability status changes to Away when users lock their operating systems.

true (default)

Availability status changes to Away when users lock their operating systems.

false

Availability status does not change to Away when users lock their operating systems.

124

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Options Parameters

Parameter

StartCallWithVideo

Start_Client_On_Start_OS

Value

true false true false

Description

Specifies how calls start when users place calls. Calls can start with audio only or audio and video.

true (default)

Calls always start with audio and video.

false

Calls always start with audio only.

Important

Server settings take priority over this parameter in the client configuration file.

However, if users change the default option in the client user interface, that setting takes priority over both the server and client configurations.

Configure this setting on the server as follows:

Cisco Unified Presence

1

Open the Cisco Unified Presence

Administration interface.

2

Select Application > Cisco Jabber > Settings.

3

Select or clear the Always begin calls with

video muted parameter and then select Save.

Cisco Unified Communications Manager version

9.x and higher

1

Open the Cisco Unified CM Administration interface.

2

Select System > Enterprise Parameters.

3

Set a value for the Never Start Call with

Video parameter and then select Save.

Specifies if the client starts automatically when the operating system starts.

true

The client starts automatically.

false (default)

The client does not start automatically.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

125

Configure Cisco Jabber

Options Parameters

Parameter

AllowUserCustomTabs

ShowContactPictures

ShowOfflineContacts

Value

true false true false true false

Description

Specifies if users can create their own custom embedded tabs.

true (default)

Users can create custom embedded tabs.

false

Users cannot create custom embedded tabs.

Note

This parameter affects only custom embedded tabs that users create.

• If you allow users to create custom embedded tabs, they cannot modify or remove the tabs that you define in the client configuration.

• If you do not allow users to create custom embedded tabs, the tabs that you define are still available to users.

Specifies if contact pictures display in the contact list.

true (default)

Contact pictures display in the contact list.

false

Contact pictures do not display in the contact list.

Specifies if offline contacts display in the contact list.

true (default)

Offline contacts display in the contact list.

false

Offline contacts do not display in the contact list.

126

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Phone Parameters

Parameter

DockedWindowVisible

DockedWindowPosition

Value

TRUE

FALSE

Description

Specifies if the docked window displays when the client starts.

true (default)

The docked window displays when the client starts.

false

The docked window does not display when the client starts.

TopCenter

TopLeft

TopRight

Sets the position of the docked window on the user's screen.

TopCenter (default)

The position of the docked window is at the top center of the screen.

TopLeft

The position of the docked window is at the top left of the screen.

TopRight

The position of the docked window is at the top right of the screen.

Phone Parameters

The following table describes the parameters you can specify within the Phone element:

Parameter Value Description

DeviceAuthenticationPrimaryServer Hostname

IP address

FQDN

Specifies the address of the primary instance of Cisco

Unified Communications Manager to which users authenticate in phone mode deployments. Set one of the following as the value:

• Hostname (hostname)

• IP address (123.45.254.1)

• FQDN (hostname.domain.com)

This parameter can only be used in Cisco Jabber 9.6

and 9.7.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

127

Configure Cisco Jabber

Phone Parameters

Parameter

DeviceAuthenticationBackupServer

Value

Hostname

IP address

FQDN

Description

Specifies the address of the backup instance of Cisco

Unified Communications Manager to which users authenticate in phone mode deployments. Set one of the following as the value:

• Hostname (hostname)

• IP address (123.45.254.1)

• FQDN (hostname.domain.com)

TftpServer1 Hostname

IP address

FQDN

This parameter can only be used in Cisco Jabber 9.6

and 9.7

Specifies the address of the primary Cisco Unified

Communications Manager TFTP service where device configuration files reside. Set one of the following as the value:

• Hostname (hostname)

• IP address (123.45.254.1)

• FQDN (hostname.domain.com)

You should set this parameter in the client configuration only if:

• You deploy the client in phone mode.

• The TFTP server address for the device configuration is different to the TFTP server address for the client configuration.

During installation, you should set the address of the TFTP server where the client configuration file resides with the following argument: TFTP.

TftpServer2

CtiServer1

CtiServer2

Hostname

IP address

FQDN

Specifies the address of the secondary Cisco Unified

Communications Manager TFTP service.

This parameter is optional.

Hostname

IP address

FQDN

Specifies the address of the primary CTI server.

You should specify a CTI server address in the client configuration if users have desk phone devices.

Hostname

IP address

FQDN

Specifies the address of the secondary CTI server.

This parameter is optional.

128

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Parameter

useCUCMGroupForCti

CcmcipServer1

CcmcipServer2

Phone Parameters

Value

true false

Description

Specifies if the Cisco Unified CM Group handles load balancing for CTI servers. Set one of the following values:

true

The Cisco Unified CM Group handles CTI load balancing.

You should set this value in phone mode deployments only. In full UC mode, the presence server automatically handles CTI load balancing.

false (default)

The Cisco Unified CM Group does not handle

CTI load balancing.

Hostname

IP address

FQDN

Specifies the address of the primary CCMCIP server.

This parameter is required:

• Only if the address of your CCMCIP server is not the same as the TFTP server address.

If the address of the CCMCIP server is the same as the TFTP server address, the client can use the TFTP server address to connect to the

CCMCIP server.

• In deployments with Cisco Unified

Communications Manager version 8.

In deployments with Cisco Unified

Communications Manager version 9 and higher, the client can discover the CCMCIP server if you provision the _cisco-uds SRV record.

Hostname

IP address

FQDN

Cisco Unified Communications Manager release 9.x

and earlier—If you enable Cisco Extension Mobility, the

Cisco Extension Mobility service must be activated on the Cisco Unified Communications

Manager nodes that are used for CCMCIP. For information about Cisco Extension Mobility, see the

Feature and Services guide for your Cisco Unified

Communications Manager release.

Specifies the address of the secondary CCMCIP server.

This parameter is optional.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

129

Configure Cisco Jabber

Policies Parameters

Parameter

Meeting_Server_Address

Value

Cisco

WebEx meetings site URL

Meeting_Server_Address_Backup Cisco

WebEx meetings site URL

Meeting_Server_Address_Backup2 Cisco

WebEx meetings site URL

Description

Specifies the primary Cisco WebEx meeting site URL for users.

The client populates this meeting site in the user's host account on the Options window. Users can enter their credentials to set up the host account and access their

Cisco WebEx meetings, if the meeting site requires credentials.

Important

If you specify an invalid meeting site, users cannot add, or edit, any meetings sites in the client user interface.

This parameter is optional.

Specifies the secondary Cisco WebEx meeting site

URL for users.

This parameter is optional.

Specifies the tertiary Cisco WebEx meeting site URL for users.

This parameter is optional.

Related Topics

TFTP Server Address, on page 93

Policies Parameters

Policies parameters let you control specific client functionality.

On-Premises Policies

The following table describes the parameters you can specify within the Policies element in on-premises deployments:

Parameter Value Description

Screen_Capture_Enabled true false

Specifies if users can take screen captures.

true (default)

Users can take screen captures.

false

Users cannot take screen captures.

130

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Common Policies

Parameter

File_Transfer_Enabled

Value

true false

Disallowed_File_Transfer_Types File extension

Description

Specifies if users can transfer files to each other.

true (default)

Users can transfer files to each other.

false

Users cannot transfer files to each other.

Restricts users from transferring specific file types.

Set file extensions as the value, for example, .exe.

Use a semicolon to delimit multiple file extensions, for example, .exe;.msi;.rar;.zip.

Common Policies

The following table describes the parameters you can specify within the Policies element in both on-premises deployments and hybrid cloud-based deployments:

Parameter Value Description

EnableVideo true false

Enables or disables video capabilities.

true (default)

Users can make and receive video calls.

false

Users cannot make or receive video calls.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

131

Common Policies

Configure Cisco Jabber

Parameter

InitialPhoneSelection

UserDefinedRemoteDestinations

Value

deskphone softphone true false

Description

Sets the phone type for users when the client starts for the first time. Users can change their phone type after the initial start. The client then saves the user preference and uses it for subsequent starts.

deskphone

Use the desk phone device for calls.

softphone (default)

Use the software phone (CSF) device for calls.

The client selects devices in the following order:

1

Software phone devices

2

Desk phone devices

If you do not provision users with software phone devices, the client automatically selects desk phone devices.

Lets users add, edit, and delete remote destinations through the client interface. Use this parameter to change the default behavior when you provision Extend and

Connect capabilities.

By default, if a user's device list contains only a CTI remote device, the client does not let that user add, edit, or delete remote destinations. This occurs to prevent users from modifying dedicated remote devices that you assign. However, if the user's device list contains a software device or a desk phone device, the client lets users add, edit, and delete remote destinations.

true

Users can add, edit, and delete remote destinations.

false (default)

Users cannot add, edit, and delete remote destinations.

132

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Common Policies

Parameter

enableLocalAddressBookSearch

EnableAccessoriesManager

ForceFontSmoothing

Value

true false true false

BlockAccessoriesManagerPlugins Plugin library true false

Description

Lets users search for and add local Microsoft Outlook contacts to their contact lists.

true (default)

Users can search for and add local contacts to their contact lists.

false

Users cannot search for or add local contacts to their contact lists.

Enables the accessories API in the client. This API lets accessory vendors create plugins to enable call management functionality for devices such as headsets.

true (default)

Enable the accessories API.

false

Disable the accessories API.

Disables specific Accessories Manager plugins from third party vendors such as Jabra or Logitech. You should set the name of the plugin DLL file as the value. Use a comma to separate multiple values, for example, on

Microsoft Windows:

<BlockAccessoriesManagerPlugins>

JabraJabberPlugin.dll,lucpcisco.dll

</BlockAccessoriesManagerPlugins>

There is no default value.

Specifies if the client applies anti-aliasing to smooth text.

true (default)

The client applies anti-aliasing to text.

false

The operating system applies anti-aliasing to text.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

133

Common Policies

Configure Cisco Jabber

Parameter

EnableBFCPVideoDesktopShare

Value

true false

Meetings_Enabled

CalendarIntegrationType true false

0

1

Description

Enables BFCP video desktop sharing capabilities.

true (default)

Enables BFCP video desktop sharing on the client.

false

Disables BFCP video desktop sharing.

Note

BFCP video desktop sharing is enabled on the server as follows:

• On Cisco Unified Communications

Manager version 8.x and lower, you must select the Allow Presentation Sharing

using BFCP checkbox.

• On Cisco Unified Communications

Manager version 9.x and higher, BFCP video desktop sharing is enabled by default.

Enables meetings capabilities in the client. Works in conjunction with the CalendarIntegrationType parameter.

true (default)

Enables meetings capabilities, allowing you to create meetings and get reminders to join meetings.

false

Disables meetings capabilities and user interface.

This parameter works in conjunction with the

Meetings_Enabled parameter.

0

Disables calendar integration in the Meetings tab of the client user interface. If you disable this parameter, the Meetings tab in the client is empty, but the Meetings tab remains on the hub window.

1

Enables calendar integration in the Meetings tab of the client user interface.

134

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Common Policies

Parameter

Telephony_Enabled

Voicemail_Enabled

EnableTelProtocolHandler

EnableSaveChatToFile

Value

true false true false true false true false

Description

Enables audio and video capabilities and user interface in the client.

true (default)

Enables audio and video capabilities and user interface.

false

Disables audio and video capabilities and user interface.

If you are upgrading to this release, and your client is enabled for IM-only mode, then you must set this parameter to false. If you do not set this parameter in

IM-only mode deployments, then users may see disabled telephony capabilities on their user interface.

Enables voicemail capabilities and user interface in the client.

true (default)

Enables voicemail capabilities and user interface.

false

Disables voicemail capabilities and user interface.

Specifies if the client registers as the protocol handler for the tel: URI.

true (default)

The client registers as the protocol handler for the tel:

URI.

false

The client does not register as the protocol handler for the tel: URI.

Allows users to save their chats to the file system as

HTML.

true (default)

Users can save their chats to file.

false

Users cannot save their chats to file.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

135

Common Policies

Configure Cisco Jabber

Parameter

EnableSIPURIDialling

DirectoryURI

Value

true false

Description

Enables URI dialing with Cisco Jabber and allows users to make calls with URIs.

true

Users can make calls with URIs.

false (default)

Users cannot make calls with URIs.

Directory attribute

Specifies the directory attribute that holds the SIP URI for users.

On-Premises Deployments

Set one of the following as the value:

• mail

• msRTCSIP-PrimaryUserAddress

Cloud-Based Deployments

Set one of the following as the value:

• mail

• imaddress

• workphone

• homephone

• mobilephone

The mail attribute is used by default.

Important

The value you specify must match the directory URI setting for users in Cisco

Unified Communications Manager or the

Cisco WebEx Administration Tool.

136

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Common Policies

Parameter

ForceC2XDirectoryResolution

Value

true false

Description

Specifies if the client queries the directory to resolve contact information when users perform click-to-x actions.

true (default)

The client queries the directory when users perform click-to-x actions.

false

The client does not query the directory for click-to-x actions.

Note

This parameter does not take effect when users connect to the corporate network through

Expressway for Mobile and Remote Access. In this case, UDS provides contact resolution and the client cannot query the directory.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

137

Common Policies

Configure Cisco Jabber

Parameter Value

ServiceDiscoveryExcludedServices WEBEX

CUCM

CUP

Description

Specifies whether to exclude certain services from

Service Discovery.

WEBEX

When you set this value, the client:

• Does not perform CAS lookup

• Looks for _cisco-uds, _cuplogin, and

_collab-edge

VoiceServicesDomain FQDN

CUCM

When you set this value, the client:

• Does not look for _cisco_uds

• Looks for _cuplogin and

_collab-edge

CUP

When you set this value, the client:

• Does not look for _cuplogin

• Looks for _cisco-uds_collab-edge

You can specify multiple, comma-separated values to exclude multiple services. For example:

<ServiceDiscoveryExcludedServices>

WEBEX,CUCM

</ServiceDiscoveryExcludedServices>

Specifies the Fully Qualified Domain Name that represents the DNS domain where the DNS SRV records for _collab-edge and _cisco-uds are configured.

Example:

Given the following DNS SRV records:

_collab-edge._tls.voice.example.com

_cisco-uds._tcp.voice.example.com

The VoiceServicesDomain value would be

voice.example.com.

138

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Cisco WebEx Policies

Cisco WebEx Policies

If you use the Cisco WebEx Messenger service for instant messaging and presence capabilities, you can set policies for the client through the Cisco WebEx Administration Tool. See Using policy actions available in

Cisco WebEx for a list of available policies and descriptions.

Related Topics

Using policy actions available in Cisco WebEx

Presence Parameters

The following table describes the parameters you can specify within the Presence element:

Parameter Value Description

LoginResource multiResource Controls user log in to multiple client instances.

wbxconnect

multiResource (default)

Users can log in to multiple instances of the client at the same time.

wbxconnect

Users can log in to one instance of the client at a time.

The client appends the wbxconnect suffix to the user's JID. Users cannot log in to any other

Cisco Jabber client that uses the wbxconnect suffix.

PresenceServerAddress

PresenceServerURL

Hostname

IP address

FQDN

Specifies the address of a presence server for on-premises deployments. Set one of the following as the value:

• Hostname (hostname)

• IP address (123.45.254.1)

• FQDN (hostname.domain.com)

CAS URL Specifies the Central Authentication Service (CAS)

URL for the Cisco WebEx Messenger service. The following is an example of a URL you can set as the value: https://loginp.webexconnect.com/cas/sso/ex_org/orgadmin.app

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

139

Configure Cisco Jabber

Service Credentials Parameters

Service Credentials Parameters

You can specify service credentials parameters so that users do not need to authenticate with certain services.

Voicemail Service Credentials

You can specify the following parameter to configure voicemail service credentials within the Voicemail element:

Parameter Value Description

VoiceMailService_UseCredentialsFrom phone Specifies that the client uses the phone service credentials to access voicemail services.

Ensure the user's phone service credentials match their voicemail service credentials. If you set this configuration, users cannot specify voicemail service credentials in the client interface.

This parameter is not set by default.

You should set this parameter in the following deployments only:

• Hybrid cloud-based deployments.

• Phone mode deployments.

In on-premises deployments, you should set the credentials source for voicemail services on the presence server.

The following is an example of the voicemail service credentials parameter:

<?xml version="1.0" encoding="utf-8"?>

<config version="1.0">

<Voicemail>

<VoicemailService_UseCredentialsFrom>phone</VoicemailService_UseCredentialsFrom>

</Voicemail>

</config>

Voicemail Parameters

The following table describe the voicemail service configuration parameters you can specify within the

Voicemail element:

Key Value Description

VVM_Mailstore_Server_0 Hostname

IP address

FQDN

Specifies the address of your voicemail server. Set one of the following as the value:

• Hostname (hostname)

• IP address (123.45.254.1)

• FQDN (hostname.domain.com)

140

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Configure Automatic Updates

Related Topics

Service Credentials Parameters, on page 140

Configure Automatic Updates

To enable automatic updates, you create an XML file that contains the information for the most recent version, including the URL of the installation package on the HTTP server. The client retrieves the XML file when users sign in, resume their computer from sleep mode, or perform a manual update request from the Help menu.

Note

If you use the Cisco WebEx Messenger service for instant messaging and presence capabilities, you should use the Cisco WebEx Administration Tool to configure automatic updates.

Before You Begin

• Install and configure an HTTP server to host the XML file and installation package.

• Ensure users have permission to install software updates on their workstations.

Microsoft Windows stops update installations if users do not have administrative rights on their workstations. You must be logged in with administrative rights to complete installation.

Procedure

Step 1

Host the update installation program on your HTTP server.

Step 2

Create an update XML file with any text editor.

XML files for automatic updates have the following structure:

<JabberUpdate>

<App name=

”JabberWin”>

<LatestBuildNum>12345</LatestBuildNum>

<LatestVersion>10.5.x</LatestVersion>

<Mandatory>true</Mandatory>

<Message>

<![CDATA[<b>This new version of Cisco Jabber lets you do the following:</b><ul><li>Feature 1</li><li>Feature 2</li></ul>For more information click <a target="_blank" href="http://cisco.com/go/jabber">here</a>.]]>

</Message>

<DownloadURL>http://http_server_name/CiscoJabberSetup.msi</DownloadURL>

</App>

</JabberUpdate>

Step 3

Specify values in the XML as follows:

• name — Specify the following ID as the value of the name attribute for the App element:

• JabberWin — The update applies to Cisco Jabber for Windows.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

141

Configure Cisco Jabber

Configure Problem Reporting

• LatestBuildNum — Build number of the update.

• LatestVersion — Version number of the update.

• Mandatory — (Windows clients only) True or False. Determines whether users must upgrade their client version when prompted.

• Message — HTML in the following format:

<![CDATA[your_html]]>

• DownloadURL — URL of the installation package on your HTTP server.

Example:

The following is example XML for automatic updates:

<JabberUpdate>

<App name="JabberWin">

<LatestBuildNum>12345</LatestBuildNum>

<LatestVersion>9.x</LatestVersion>

<Message><![CDATA[<b>This new version of Cisco Jabber lets you do the

following:</b><ul><li>Feature 1</li><li>Feature 2</li></ul>For more information click <a target="_blank"

href="http://cisco.com/go/jabber">here</a>.]]></Message>

<DownloadURL>http://http_server_name/CiscoJabberSetup.msi</DownloadURL>

</App>

</JabberUpdate>

Step 4

Save and close your update XML file.

Step 5

Host your update XML file on your HTTP server.

Step 6

Specify the URL of your update XML file as the value of the UpdateUrl parameter in your configuration file.

Configure Problem Reporting

Setting up problem reporting enables users to send a summary of issues that they encounter with the client.

There are two methods for submitting problem reports as follows:

• Users submit the problem report directly through the client interface.

• Users save the problem report locally and then upload it at a later time.

The client uses an HTTP POST method to submit problem reports. Create a custom script to accept the POST request and specify the URL of the script on your HTTP server as a configuration parameter. Because users can save problem reports locally, you should also create an HTML page with a form to enable users to upload problem reports.

Before You Begin

Complete the following steps to prepare your environment:

1

Install and configure an HTTP server.

2

Create a custom script to accept the HTTP POST request.

142

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Custom Embedded Tabs for Cisco Jabber for Windows

3

Create an HTML page that enables users to upload problem reports that are saved locally. Your HTML page should contain a form that accepts the problem report saved as a .ZIP archive and contains an action to post the problem report using your custom script.

The following is an example form that accepts problem reports:

<form name="uploadPrt" action="http://server_name.com/scripts/UploadPrt.php" method="post" enctype="multipart/form-data">

<input type="file" name="zipFileName" id="zipFileName" /><br />

<input type="submit" name="submitBtn" id="submitBtn" value="Upload File" />

</form>

Procedure

Step 1

Host your custom script on your HTTP server.

Step 2

Specify the URL of your script as the value of the PrtLogServerUrl parameter in your configuration file.

Custom Embedded Tabs for Cisco Jabber for Windows

Custom embedded tabs display HTML content in the client interface. Learn how to create custom embedded tab definitions for Cisco Jabber.

Custom Embedded Tab Definitions

The custom embedded tab can only be configured using the jabber-config.xml file. The following

XML snippet shows the structure for custom tab definitions:

<jabber-plugin-config>

<browser-plugin>

<page refresh="" preload="">

<tooltip></tooltip>

<icon></icon>

<url></url>

</page>

</browser-plugin>

</jabber-plugin-config>

The following table describes the parameters for custom embedded tab definitions:

Parameter Description

browser-plugin Contains all definitions for custom embedded tabs.

The value includes all custom tab definitions.

page Contains one custom embedded tab definition.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

143

Custom Embedded Tab Definitions

Parameter

refresh preload tooltip icon url

Configure Cisco Jabber

Description

Controls when the content refreshes.

• true — Content refreshes each time users select the tab.

• false (default) — Content refreshes when users restart the client or sign in.

This parameter is optional and is an attribute of the page element.

Controls when the content loads.

• true — Content loads when the client starts.

• false (default) — Content loads when users select the tab.

This parameter is optional and is an attribute of the page element.

Defines hover text for the custom embedded tab.

This parameter is optional. If you do not specify the hover text, the client will use Custom tab.

The value is string of unicode characters.

Specifies an icon for the tab. You can specify a local or hosted icon as follows:

• Local icon — Specify the URL as follows: file://file_path/icon_name

• Hosted icon — Specify the URL as follows: http://path/icon_name

You can use any icon that Microsoft Internet Explorer can render, including

.JPG, .PNG, and .GIF formats.

This parameter is optional. If you do not specify an icon, the client loads the favicon from the HTML page. If no favicon is available, the client loads the default icon.

Specifies the URL where the content for the embedded tab resides.

The client uses the Internet Explorer rendering engine to display the content of the embedded tab. For this reason, you can specify any content that Internet

Explorer supports.

Note

The client supports Internet Explorer version 9 or earlier. The client uses Internet Explorer in version 9 mode if a later version is on the workstation.

This parameter is required.

144

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

User Custom Tabs

User Custom Tabs

Users can create their own custom embedded tabs through the client user interface.

You must enable users to create custom embedded tabs. Set true as the value for the AllowUserCustomTabs parameter in your configuration file as follows:

<Options>

<AllowUserCustomTabs>true</AllowUserCustomTabs>

</Options>

Note

User custom embedded tabs are set to true by default.

Custom Icons

Icons for custom embedded tabs contain ten frames for each state within a single image file.

Note

To achieve optimal results, your custom icons should conform to the following guidelines:

• Dimensions: 20 x 20 pixels

• 1 pixel of padding between each frame. 1 pixel of padding results in a working icon space of 19 by

19 pixels.

• Transparent background

• PNG file format

Each frame of an icon represents the following states:

1

Normal

2

Pressed

3

Hover

4

Disabled

5

Focused

6

Selected and normal

7

Selected and pressed

8

Selected and hover

9

Selected and disabled

10

Selected and focused

The following is an example icon:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

145

Configure Cisco Jabber

Chats and Calls from Custom Tabs

The following are the hexadecimal color codes for each frame of the preceding icon. Use these color codes for a consistent appearance with your custom icons.

1

#4f6b7c

2

#2aa6c7

3

#99b5c7

4

#FFFFFF

5

#19bae3

6

#19bae3

7

#2aa6c7

8

#99b5c7

9

#FFFFFF

10

#19bae3

Chats and Calls from Custom Tabs

You can use protocol handlers to start chats and calls from custom embedded tabs.

Use the XMPP: or IM: protocol handler to start chats.

Use the TEL: protocol handler to start audio and video calls.

Related Topics

Protocol Handlers, on page 25

UserID Tokens

You can specify the ${UserID} token as part of the value for the url parameter. When users sign in, the client replaces the ${UserID} token with the username of the logged in user.

Tip

You can also specify the ${UserID} token in query strings; for example, www.cisco.com/mywebapp.op?url=${UserID}

.

The following is an example of how you can use the ${UserID} token:

1

You specify the following in your custom embedded tab:

<url>www.cisco.com/${UserID}/profile</url>

2

Mary Smith signs in. Her username is msmith.

3

The client replaces the ${UserID} token with Mary's username as follows:

<url>www.cisco.com/msmith/profile</url>

JavaScript Notifications

You can implement JavaScript notifications in custom embedded tabs. This topic describes the methods the client provides for JavaScript notifications. This topic also gives you an example JavaScript form that you

146

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Configure Cisco Jabber

Show Call Events in Custom Tabs

can use to test notifications. It is beyond the scope of this documentation to describe how to implement

JavaScript notifications for asynchronous server calls and other custom implementations. You should refer to the appropriate JavaScript documentation for more information.

Notification Methods

The client includes an interface that exposes the following methods for JavaScript notifications:

• SetNotificationBadge — You call this method from the client in your JavaScript. This method takes a string value that can have any of the following values:

• Empty — An empty value removes any existing notification badge.

• A number from 0 to 999

• Two digit alphanumeric combinations, for example, A1

• onPageSelected() — The client invokes this method when users select the custom embedded tab.

• onPageDeselected() — The client invokes this method when users select another tab.

Show Call Events in Custom Tabs

You can use the following JavaScript function to show call events in a custom tab:

OnTelephonyConversationStateChanged — An API in the telephony service enables the client to show call events in a custom embedded tab. Custom tabs can implement the

OnTelephonyConversationStateChanged

JavaScript function. The client calls this function every time a telephony conversation state changes. The function accepts a JSON string that the client parses to get call events.

The following snippet shows the JSON that holds the call events:

{

"conversationId": string,

"acceptanceState": "Pending" | "Accepted| | "Rejected",

"state": "Started" | "Ending" | "Ended",

"callType": "Missed" | "Placed" | "Received" | "Passive" | "Unknown",

"remoteParticipants": [{participant1}, {participant2},

…, {participantN}],

"localParticipant": {

}

}

Each participant object in the JSON can have the following properties:

{

"voiceMediaDisplayName": "<displayName>",

"voiceMediaNumber": "<phoneNumber>",

"translatedNumber": "<phoneNumber>",

"voiceMediaPhoneType": "Business" | "Home" | "Mobile" | "Other" | "Unknown",

"voiceMediaState": "Active" | "Inactive" | "Pending" | "Passive" | "Unknown",

}

The following is an example implementation of this function in a custom embedded tab. This example gets the values for the state and acceptanceState properties and shows them in the custom tab.

function OnTelephonyConversationStateChanged(json) { console.log("OnTelephonyConversationStateChanged"); try { var conversation = JSON.parse(json); console.log("conversation id=" + conversation.conversationId); console.log("conversation state=" + conversation.state); console.log("conversation acceptanceState=" + conversation.acceptanceState);

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

147

Configure Cisco Jabber

Custom Embedded Tab Example

} console.log("conversation callType=" + conversation.callType);

} catch(e) { console.log("cannot parse conversation:" + e.message);

}

The following is an example implementation of this function with all possible fields: function OnTelephonyConversationStateChanged(json) { console.log("OnTelephonyConversationStateChanged"); try { var conversation = JSON.parse(json); console.log("conversation state=" + conversation.state); console.log("conversation acceptanceState=" + conversation.acceptanceState); console.log("conversation callType=" + conversation.callType); for (var i=0; i<conversation.remoteParticipants.length; i++) { console.log("conversation remoteParticipants[" + i + "]="); console.log("voiceMediaDisplayName=" + conversation.remoteParticipants[i].voiceMediaDisplayName); console.log("voiceMediaNumber=" + conversation.remoteParticipants[i].voiceMediaNumber); console.log("translatedNumber=" + conversation.remoteParticipants[i].translatedNumber); console.log("voiceMediaPhoneType=" + conversation.remoteParticipants[i].voiceMediaPhoneType); console.log("voiceMediaState=" + conversation.remoteParticipants[i].voiceMediaState);

} console.log("conversation localParticipant="); console.log(" voiceMediaDisplayName=" + conversation.localParticipant.voiceMediaDisplayName); console.log(" voiceMediaNumber=" + conversation.localParticipant.voiceMediaNumber); console.log(" translatedNumber=" + conversation.localParticipant.translatedNumber); console.log(" voiceMediaPhoneType=" + conversation.localParticipant.voiceMediaPhoneType); console.log(" voiceMediaState=" + conversation.localParticipant.voiceMediaState);

} catch(e) { console.log("cannot parse conversation:" + e.message);

}

}

Custom Embedded Tab Example

The following is an example of a configuration file with one embedded tab:

<?xml version="1.0" encoding="utf-8"?>

<config version="1.0">

<Client>

<jabber-plugin-config>

<browser-plugin>

<page refresh ="true" preload="true">

<tooltip>Cisco</tooltip>

<icon>http://www.cisco.com/web/fw/i/logo.gif</icon>

<url>www.cisco.com</url>

</page>

</browser-plugin>

</jabber-plugin-config>

</Client>

</config>

148

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

C H A P T E R

8

Integrate with Directory Sources

Cisco Jabber integrates with directory sources in on-premises deployments to query for and resolve contact information. Learn why you should enable synchronization and authentication between your directory source and Cisco Unified Communications Manager. Understand how directory integration works with certain contact sources. Review when you should configure the client for directory integration. Find configuration examples of specific integration scenarios.

Set Up Directory Synchronization and Authentication, page 149

Contact Sources, page 152

Client Configuration for Directory Integration, page 158

Federation, page 189

Set Up Directory Synchronization and Authentication

When you set up an on-premises deployment, you should configure Cisco Unified Communications Manager to do both of the following:

• Synchronize with the directory server.

• Authenticate with the directory server.

Synchronizing with the directory server replicates contact data from your directory to Cisco Unified

Communications Manager.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

149

Integrate with Directory Sources

Synchronize with the Directory Server

Enabling authentication with the directory server lets Cisco Unified Communications Manager proxy authentication from the client to the directory server. In this way, users authenticate with the directory server, not with Cisco Unified Communications Manager or a presence server.

Related Topics

Configuring Cisco Unified Communications Manager Directory Integration

Synchronize with the Directory Server

Directory server synchronization ensures that contact data in your directory server is replicated to Cisco

Unified Communications Manager.

Enable Synchronization

To ensure that contact data in your directory server is replicated to Cisco Unified Communications Manager, you must synchronize with the directory server. Before you can synchronize with the directory server, you must enable synchronization.

Procedure

Step 1

Open the Cisco Unified CM Administration interface.

Step 2

Select System > LDAP > LDAP System.

The LDAP System Configuration window opens.

Step 3

Locate the LDAP System Information section.

Step 4

Select Enable Synchronizing from LDAP Server.

Step 5

Select the type of directory server from which you are synchronizing data from the LDAP Server Type drop-down list.

What to Do Next

Specify an LDAP attribute for the user ID.

Specify an LDAP Attribute for the User ID

When you synchronize from your directory source to Cisco Unified Communications Manager, you can populate the user ID from an attribute in the directory. The default attribute that holds the user ID is sAMAccountName

.

Procedure

Step 1

Locate the LDAP Attribute for User ID drop-down list on the LDAP System Configuration window.

Step 2

Specify an attribute for the user ID as appropriate and then select Save.

150

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Synchronize with the Directory Server

Important

If the attribute for the user ID is other than sAMAccountName and you are using the default

IM address scheme in Cisco Unified Communications Manager IM and Presence Service, you must specify the attribute as the value for the parameter in your client configuration file as follows:

The EDI parameter is UserAccountName.

<UserAccountName>attribute-name</UserAccountName>

If you do not specify the attribute in your configuration, and the attribute is other than sAMAccountName

, the client cannot resolve contacts in your directory. As a result, users do not get presence and cannot send or receive instant messages.

Perform Synchronization

After you add a directory server and specify the required parameters, you can synchronize Cisco Unified

Communications Manager with the directory server.

Before You Begin

If your environment includes a presence server, you should ensure the following feature service is activated and started before you synchronize with the directory server:

• Cisco Unified Presence — Cisco UP Sync Agent

• Cisco Unified Communications Manager IM and Presence Service — Cisco Sync Agent

This service keeps data synchronized between the presence server and Cisco Unified Communications Manager.

When you perform the synchronization with your directory server, Cisco Unified Communications Manager then synchronizes the data with the presence server. However, the Cisco Sync Agent service must be activated and started.

Procedure

Step 1

Select System > LDAP > LDAP Directory.

Step 2

Select Add New.

The LDAP Directory window opens.

Step 3

Specify the required details on the LDAP Directory window.

See the Cisco Unified Communications Manager Administration Guide for more information about the values and formats you can specify.

Step 4

Create an LDAP Directory Synchronization Schedule to ensure that your information is synchronized regularly.

Step 5

Select Save.

Step 6

Select Perform Full Sync Now.

Note

The amount of time it takes for the synchronization process to complete depends on the number of users that exist in your directory. If you synchronize a large directory with thousands of users, you should expect the process to take some time.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

151

Integrate with Directory Sources

Authenticate with the Directory Server

User data from your directory server is synchronized to the Cisco Unified Communications Manager database.

Cisco Unified Communications Manager then synchronizes the user data to the presence server database.

Authenticate with the Directory Server

You should configure Cisco Unified Communications Manager to authenticate with the directory server.

When users sign in to the client, the presence server routes that authentication to Cisco Unified Communications

Manager. Cisco Unified Communications Manager then proxies that authentication to the directory server.

Procedure

Step 1

Open the Cisco Unified CM Administration interface.

Step 2

Select System > LDAP > LDAP Authentication.

Step 3

Select Use LDAP Authentication for End Users.

Step 4

Specify LDAP credentials and a user search base as appropriate.

See the Cisco Unified Communications Manager Administration Guide for information about the fields on the LDAP Authentication window.

Step 5

Select Save.

Contact Sources

In on-premises deployments, the client requires a contact source to resolve directory look ups for user information. You can use the following as a contact source:

Enhanced Directory Integration

Enhanced Directory Integration (EDI) is an LDAP-based contact source.

152

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Enhanced Directory Integration

Cisco Unified Communications Manager User Data Service

Cisco Unified Communications Manager User Data Service (UDS) is a contact source on Cisco Unified

Communications Manager.

UDS is used for contact resolution in the following cases:

• If you configure the DirectoryServerType parameter in the client configuration file to use “UDS”.

With this configuration, the client uses UDS for contact resolution when it is inside or outside of the corporate firewall.

• If you deploy Expressway for Mobile and Remote Access.

With this configuration, the client automatically uses UDS for contact resolution when it is outside of the corporate firewall.

Note

Cisco Jabber supports UDS using the following Cisco Unified Communications

Manager versions:

• Cisco Unified Communications Manager Version 9.1(2) or later with the following COP file: cmterm-cucm-uds-912-5.cop.sgn.

• Cisco Unified Communications Manager Version 10.0(1). No COP file is required.

You can deploy approximately 50 percent of the maximum number of Cisco

Jabber clients that your Cisco Unified Communications Manager node supports.

For example, if a Cisco Unified Communications Manager node can support

10,000 Cisco Jabber clients using an LDAP-based contact source, that same node can support 5,000 Cisco Jabber clients using UDS as a contact source.

Enhanced Directory Integration

EDI uses native Microsoft Windows APIs to retrieve contact data from the directory service.

The following are the default settings for on-premises deployments with EDI:

• Cisco Jabber integrates with Active Directory as the contact source.

• Cisco Jabber automatically discovers and connects to a Global Catalog.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

153

Enhanced Directory Integration

Integrate with Directory Sources

In the preceding diagram, the client does the following by default:

1

Gets the DNS domain from the workstation and looks up the SRV record for the Global Catalog.

2

Retrieves the address of the Global Catalog from the SRV record.

3

Connects to the Global Catalog with the logged in user's credentials.

Domain Name Retrieval

Cisco Jabber for Windows retrieves the fully qualified DNS domain from the USERDNSDOMAIN environment variable on the client workstation.

After the client gets the DNS domain, it can locate the Domain Name Server and retrieve SRV records.

In some instances, the value of the USERDNSDOMAIN environment variable does not resolve to the DNS domain that corresponds to the domain of the entire forest. For example, when an organization uses a sub-domain or resource domain. In this case, the USERDNSDOMAIN environment variable resolves to a child domain, not the parent domain. As a result, the client cannot access information for all users in the organization.

If the USERDNSDOMAIN environment variable resolves to a child domain, you can use one of the following options to enable Cisco Jabber for Windows to connect to a service in the parent domain:

• Ensure that the Global Catalog or LDAP directory server can access all users in the organization.

• Configure your DNS server to direct the client to a server that can access all users in the organization when Cisco Jabber for Windows requests a Global Catalog or LDAP directory server.

• Configure Cisco Jabber for Windows to use the FQDN of the parent domain.

Specify the FQDN of the parent domain as the value of the PrimaryServerName parameter in your client configuration as follows:

<PrimaryServerName>parent-domain-fqdn</PrimaryServerName>

154

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Cisco Unified Communications Manager User Data Service

Related Topics

Directory Connection Parameters, on page 166

Configuring DNS for the Forest Root Domain

Assigning the Forest Root Domain Name

Deploying a GlobalNames Zone

Support for DNS Namespace planning in Microsoft server products

Directory Server Discovery

Cisco Jabber can automatically discover and connect to the directory server if:

• The workstation on which you install Cisco Jabber is on the Microsoft Windows domain.

• The client can retrieve the address of the directory server from a DNS SRV record.

Directory Server

Global Catalog

SRV Record

_gc._msdcs._tcp.domain.com

Domain Controller

LDAP-based directory servers

_ldap._msdcs._tcp.domain.com

Cisco Unified Communications Manager User Data Service

User Data Service (UDS) is a REST interface on Cisco Unified Communications Manager that provides contact resolution.

UDS is used for contact resolution in the following cases:

• If you set the DirectoryServerType parameter to use a value of UDS in the client configuration file.

With this configuration, the client uses UDS for contact resolution when it is inside or outside of the corporate firewall.

• If you deploy Expressway for Remote and Mobile Access.

With this configuration, the client automatically uses UDS for contact resolution when it is outside of the corporate firewall.

You synchronize contact data into Cisco Unified Communications Manager from a directory server. Cisco

Jabber then automatically retrieves that contact data from UDS.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

155

Cisco Unified Communications Manager User Data Service

Integrate with Directory Sources

Enable Integration with UDS

To enable integration with UDS, perform the following steps:

Procedure

Step 1

Create your directory source in Cisco Unified Communications Manager.

Step 2

Synchronize the contact data to Cisco Unified Communications Manager.

After the synchronization occurs, your contact data resides in Cisco Unified Communications Manager.

Step 3

For manual connections, specify the IP address of the Cisco Unified Communications Manager server to ensure that the client can discover the server.

The following is an example configuration for the Cisco Unified Communications Manager server:

<UdsServer>11.22.33.444</UdsServer>

Step 4

Configure the client to retrieve contact photos with UDS.

The following is an example configuration for contact photo retrieval:

<UdsPhotoUriWithToken>http://server_name.domain/%%uid%%.jpg</UdsPhotoUriWithToken>

Set UDS Service Parameters

You can set service parameters for UDS on Cisco Unified Communications Manager.

156

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Cisco Unified Communications Manager User Data Service

Procedure

Step 1

Open the Cisco Unified CM Administration interface.

Step 2

Select System > Enterprise Parameters.

The Enterprise Parameters Configuration window opens.

Step 3

Locate the User Data Service Parameters section.

UDS Service Parameters

Set values for the following service parameters to configure UDS:

Parameter Description

Enable All User Search Allows searches for all users in the directory (search with no last name, first name, or directory number specified).

The default value is true.

User Search Limit Limits the number of users returned in a query.

The default value is 64.

Number of Digits to Match Specifies the number of digits to match when users search for phone numbers.

Tip

To resolve PSTN numbers, set the value equal to the number of digits in the PSTN numbers.

For example, if the PSTN numbers have 10 digits, set the value to 10.

Contact Resolution with Multiple Clusters

For contact resolution with multiple Cisco Unified Communications Manager clusters, synchronize all users on the corporate directory to each cluster. Provision a subset of those users on the appropriate cluster.

For example, your organization has 40,000 users. 20,000 users reside in North America. 20,000 users reside in Europe. Your organization has the following Cisco Unified Communications Manager clusters for each location:

• cucm-cluster-na for North America

• cucm-cluster-eu for Europe

In this example, synchronize all 40,000 users to both clusters. Provision the 20,000 users in North America on cucm-cluster-na and the 20,000 users in Europe on cucm-cluster-eu.

When users in Europe call users in North America, Cisco Jabber retrieves the contact details for the user in

Europe from cucm-cluster-na.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

157

Integrate with Directory Sources

Client Configuration for Directory Integration

When users in North America call users in Europe, Cisco Jabber retrieves the contact details for the user in

North America from cucm-cluster-eu.

Client Configuration for Directory Integration

You can configure directory integration through service profiles using Cisco Unified Communications Manager release 9 or later or with the configuration file. Use this section to learn how to configure the client for directory integration.

When both a service profile and a configuration file are present, the following table describes which parameter value takes precedence.

Service Profile Configuration File

Parameter value is set Parameter value is set

Which Parameter Value Takes

Precedence?

Service profile

Parameter value is set Parameter value is blank Service profile

Parameter value is blank

Parameter value is blank

Parameter value is set

Parameter value is blank

Configuration file

Service profile blank (default) value

Note

Cisco Unified Presence, Release 8.x profiles cannot be used for directory integration.

When to Configure Directory Integration

Note

Install Cisco Jabber for Windows on a workstation that is registered to an Active Directory domain. In this environment, you do not need to configure Cisco Jabber for Windows to connect to the directory. The client automatically discovers the directory and connects to a Global Catalog server in that domain.

Configure Cisco Jabber to connect to a directory if you plan to use one of the following as the contact source:

• Domain Controller

• Cisco Unified Communications Manager User Data Service

• OpenLDAP

• Active Directory Lightweight Directory Service

• Active Directory Application Mode

You can optionally configure directory integration to:

• Change the default attribute mappings.

158

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Configure Directory Integration in a Service Profile

• Adjust directory query settings.

• Specify how the client retrieves contact photos.

• Perform intradomain federation.

Configure Directory Integration in a Service Profile

With Cisco Unified Communications Manager version 9 and higher, you can provision users with service profiles and deploy the _cisco-uds SRV record on your internal domain name server.

The client can then automatically discover Cisco Unified Communications Manager and retrieve the service profile to get directory integration configuration.

To set up service discovery to support service profiles, you must:

• Deploy the _cisco-uds SRV record on your internal domain name server.

• Ensure that the client can resolve the domain name server address.

• Ensure that the client can resolve the hostname of Cisco Unified Communications Manager.

• Ensure that the client can resolve the fully qualified domain name (FQDN) for the Cisco Unified

Communications Manager.

Cisco Jabber now supports Cisco Unified Communications Manager User Data Service (UDS). In addition to being able to deploy Cisco Jabber using LDAP to connect to Active Directory, Jabber can now alternatively be deployed with Cisco Unified Communications Manager User Data Services contact lookup service. Server scaling must be considered when using the UDS server. A Cisco Unified Communication node can support

UDS contact service connections for 50% of the maximum device registrations supported by the server.

To configure directory integration in a service profile, do the following:

Procedure

Step 1

Open the Cisco Unified CM Administration interface.

Step 2

Add a directory service.

a) Select User Management > User Settings > UC Service.

The Find and List UC Services window opens.

b) Select Add New.

The UC Service Configuration window opens.

c) Select Directory from the UC Service Type menu and then select Next.

d) Set all appropriate values for the directory service and then select Save.

Step 3

Apply the directory service to a service profile.

a) Select User Management > User Settings > Service Profile.

The Find and List Service Profiles window opens.

b) Select Add New.

The Service Profile Configuration window opens.

c) Add the directory services to the directory profile.

d) Select Save.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

159

Integrate with Directory Sources

Configure Directory Integration in a Service Profile

Directory Profile Parameters

The following table lists the configuration parameters you can set in the directory profile:

Directory Service Configuration Description

Primary server

Specifies the address of the primary directory server.

This parameter is required for manual connections where the client cannot automatically discover the directory server.

Secondary server

Specifies the address of the backup directory server.

Tertiary Server

Use UDS for Contact Resolution

Use Logged On User Credential

Specifies the address of the tertiary directory server.

Specifies if the client uses UDS as a contact source.

Important

Note

When this option is selected the following parameters are not used.

By default, UDS provides contact resolution when users connect to the corporate network through Expressway for Mobile and Remote Access.

Specifies if the client uses Microsoft Windows usernames and passwords.

True

False

Use Windows credentials. This is the default value.

Do not use Windows credentials.

Specify credentials with the ConnectionUsername and

ConnectionPassword parameters.

Username

Lets you manually specify a shared username that the client can use to authenticate with the directory server.

You should use this parameter only in deployments where you cannot authenticate with the directory server using Microsoft

Windows credentials.

By default, the client uses Integrated Windows Authentication when connecting to the directory server. This parameter lets you manually specify a username in scenarios where it is not possible to authenticate with the directory server with the user's Microsoft

Windows credentials.

Use only a well-known or public set of credentials for an account that has read-only permissions.

160

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Configure Directory Integration in a Service Profile

Directory Service Configuration

Password

Search Base 1

Search Base 2

Search Base 3

Description

Lets you manually specify a shared password that the client can use to authenticate with the directory server.

You should use this parameter only in deployments where you cannot authenticate with the directory server using Microsoft

Windows credentials.

By default, the client uses Integrated Windows Authentication when connecting to the directory server. This parameter lets you manually specify a password in scenarios where it is not possible to authenticate with the directory server with the user's Microsoft

Windows credentials.

Use only a well-known or public set of credentials for an account that has read-only permissions.

Specifies a location in the directory server from which searches begin. In other words, a search base is the root from which the client executes a search.

By default, the client searches from the root of the directory tree.

You can specify the value of up to three search bases in your

OU to override the default behavior.

Active Directory does not typically require a search base. Specify search bases for Active Directory only for specific performance requirements.

Specify a search base for directory servers other than Active

Directory to create bindings to specific locations in the directory.

Tip

Specify an OU to restrict searches to certain user groups.

For example, a subset of your users have instant messaging capabilities only. Include those users in an

OU and then specify that as a search base.

Recursive Search on All Search Bases

Select this option to perform a recursive search of the directory starting at the search base. Use recursive searches to allow the

Cisco Jabber client contact search queries to search all of the

LDAP directory tree from a given search context (search base).

This is a common option when searching LDAP.

This is a required field.

The default value is True.

Search Timeout

Specifies the timeout period for directory queries in seconds.

The default value is 5.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

161

Integrate with Directory Sources

Summary of Directory Integration Configuration Parameters

Directory Service Configuration

Base Filter

Predictive Search Filter

Description

Specifies a base filter for Active Directory queries.

Specify a directory subkey name only to retrieve objects other than user objects when you query the directory.

The default value is (&(objectCategory=person)( objectClass=user)

.

Defines filters to apply to predictive search queries.

You can define multiple, comma-separated values to filter search queries.

The default value is Ambiguous Name Resolution (ANR).

When Cisco Jabber for Windows performs a predictive search, it issues a query using Ambiguous Name Resolution (ANR).

This query disambiguates the search string and returns results that match the attributes that are set for ANR on your directory server.

Important

You must configure your directory server to set attributes for ANR if you want the client to search for those attributes.

Service Discovery will use UDS search when the Use UDS for Contact Resolution option is selected, otherwise it uses BDI or EDI search. During service discovery the Username, Password, SearchBase1,

PrimaryServerName, ServerPort1, UriPrefix, UseJabberCredentials, BaseFilter, PredictiveSearchFilter, and DirectoryServerType in the directory profile will be used to connect to LDAP server for contact search.

Manual sign on uses the Username and Password from the directory profile to connect to the LDAP server for contact search.

Attribute Mappings

It is not possible to change the default attribute mappings in a service profile. If you plan to change any default attribute mappings, you must define the required mappings in a client configuration file.

Summary of Directory Integration Configuration Parameters

This topic lists all the parameters you can specify to configure directory integration.

The following table lists the parameters you can use for attribute mapping with LDAP directory servers:

162

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Summary of Directory Integration Configuration Parameters

Attribute Mapping Parameters

• CommonName

• DisplayName

• Firstname

• Lastname

• EmailAddress

• SipUri

• PhotoSource

• BusinessPhone

• MobilePhone

• HomePhone

• OtherPhone

• Title

• CompanyName

• UserAccountName

• DomainName

• Location

• Nickname

• PostalCode

• City

• State

• StreetAddress

The following table lists the parameters you can use to connect to an LDAP directory server:

Directory Server Connection Parameters

• ConnectionType

• PrimaryServerName

• SecondaryServerName

• ServerPort1

• ServerPort2

• UseWindowsCredentials

• ConnectionUsername

• ConnectionPassword

• UseSSL

• UseSecureConnection

The following table lists the parameters you can use for contact resolution and directory queries with LDAP directory servers:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

163

Integrate with Directory Sources

Directory Integration Parameters

Contact Resolution and Directory Query Parameters

• BaseFilter

• PredictiveSearchFilter

• DisableSecondaryNumberLookups

• PhoneNumberMasks

• SearchTimeout

• UseWildcards

• MinimumCharacterQuery

• SearchBase1, SearchBase2, SearchBase3,

SearchBase4, and SearchBase5

• PhotoUriSubstitutionEnabled

• PhotoUriSubstitutionToken

• PhotoUriWithToken

• UseSIPURIToResolveContacts

• UriPrefix

• IMAddresses

• IMAddress

Summary of UDS Parameters

The following table lists the parameters you can use to connect to UDS and perform contact resolution and directory queries.

UDS Parameters

• DirectoryServerType

• PresenceDomain

• UdsServer

• UdsPhotoUriWithToken

Directory Integration Parameters

The following sections lists details about the parameters you can configure for LDAP-based directory integration.

Attribute Mapping Parameters

The following table describes the parameters for mapping LDAP directory attributes:

Parameter Directory Attribute Exists in Global

Catalog by

Default

Is Indexed by

Default

CommonName

DisplayName cn displayName

Yes

Yes

Yes

Yes

Set for

Ambiguous Name

Resolution (ANR) by Default

No

Yes

164

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Directory Integration Parameters

Parameter

Firstname

Lastname

EmailAddress

SipUri

PhotoSource

BusinessPhone

MobilePhone

HomePhone

OtherPhone

Title

CompanyName

UserAccountName

DomainName

Location

Nickname

PostalCode

City

State

StreetAddress

Directory Attribute

givenName sn

Yes

Yes mail Yes msRTCSIP-PrimaryUserAddress Yes thumbnailPhoto No telephoneNumber mobile homePhone otherTelephone title company sAMAccountName userPrincipalName

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes co Yes displayName postalCode l st streetAddress

Yes

Yes

Yes

Yes

Yes

No

Yes

Yes

Yes

No

No

No

No

Yes

Yes

Yes

Yes

No

No

Yes

No

Yes

Yes

No

Exists in Global

Catalog by

Default

Is Indexed by

Default

Yes

No

No

No

No

No

No

Yes

No

No

No

No

No

Set for

Ambiguous Name

Resolution (ANR) by Default

Yes

Yes

Yes

Yes

No

No

Attributes on the Directory Server

You must index attributes on your LDAP directory server so that the client can resolve contacts.

If you use the default attribute mappings, ensure the following attributes are indexed:

• sAMAccountName

• displayName

• sn

• name

• proxyAddresses

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

165

Integrate with Directory Sources

Directory Integration Parameters

• mail

• department

• givenName

• telephoneNumber

Additionally, ensure you index the following attributes for secondary number queries:

• otherTelephone

• mobile

• homePhone

Note

By default secondary number queries are enabled in Cisco Jabber for Windows. You can disable secondary number queries with the DisableSecondaryNumberLookups parameter.

• msRTCSIP-PrimaryUserAddress

Index msRTCSIP-PrimaryUserAddress for intradomain federation only.

Because Cisco Jabber for Windows connects to a Global Catalog server by default, you must ensure that all attributes reside on your Global Catalog server. You can replicate attributes to a Global Catalog server using an appropriate tool such as the Microsoft Active Directory Schema snap-in

• Replicating attributes to your Global Catalog server generates traffic between Active Directory servers in the domain. For this reason, replicate attributes to your Global Catalog server at a time when network traffic can handle extra load.

• If you do not want to replicate attributes to a Global Catalog server, configure Cisco Jabber to connect to a Domain Controller. However, the client queries single domains only when it connects to a Domain

Controller.

Directory Connection Parameters

The following table describes parameters for configuring your LDAP directory connection:

166

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Parameter

ConnectionType

PrimaryServerName

Directory Integration Parameters

SecondaryServerName

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

167

Integrate with Directory Sources

Directory Integration Parameters

Parameter

ServerPort1

ServerPort2

UseWindowsCredentials

ConnectionUsername

0

1

Value

Port number

Port number

Username

Description

Specifies the port for the primary directory server.

Specifies the port for the backup directory server.

Specifies if the client uses Microsoft Windows usernames and passwords.

0

Do not use Windows credentials.

Specify credentials with the

ConnectionUsername and

ConnectionPassword parameters.

1

Use Windows credentials. This is the default value.

Lets you manually specify a shared username that the client can use to authenticate with the directory server. You should use this parameter only in deployments where you cannot authenticate with the directory server using

Microsoft Windows credentials.

Important

The client transmits and stores this username as plain text.

By default, the client uses Integrated Windows

Authentication when connecting to the directory server. This parameter lets you manually specify a username in scenarios where it is not possible to authenticate with the directory server with the user's Microsoft Windows credentials.

If you must use this parameter, you should use only a well-known or public set of credentials.

The account that you use for integration should have read-only permissions to the directory.

168

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Parameter

ConnectionPassword

Directory Integration Parameters

Value

Password

Description

Lets you manually specify a shared password that the client can use to authenticate with the directory server. You should use this parameter only in deployments where you cannot authenticate with the directory server using

Microsoft Windows credentials.

Important

The client transmits and stores this password as plain text.

By default, the client uses Integrated Windows

Authentication when connecting to the directory server. This parameter lets you manually specify a password in scenarios where it is not possible to authenticate with the directory server with the user's Microsoft Windows credentials.

If you must use this parameter, you should use only a well-known or public set of credentials.

The account that you use for integration should have read-only permissions to the directory.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

169

Directory Integration Parameters

Parameter

UseSSL

Integrate with Directory Sources

Value

0

1

Description

Use SSL for secure connections to the directory.

0

Do not use SSL. This is the default value.

1

Use SSL.

The SSL connection certificate must be present:

• In the Microsoft Windows certificate store.

• On the directory server to which the client connects.

To establish an SSL connection, the server presents the client with the certificate. The client then validates the certificate from the server against the certificate in the store on the client computer.

Default protocols and ports for SSL connections are as follows:

Global Catalog

Protocol: TCP

Port number: 3269

Domain Controller

Protocol: TCP

Port number: 636

170

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Directory Integration Parameters

Parameter

UseSecureConnection

Value

0

1

Description

Specifies the mechanism for authentication with the directory server.

0

Use simple authentication.

Set this value to connect to the directory server using simple binds.

Note

With simple authentication, the client transmits credentials in plain text. You can enable SSL to encrypt credentials with the

UseSSL parameter.

1

Use Generic Security Service API

(GSS-API). This is the default value.

GSS-API leverages the system authentication mechanism. In a Microsoft

Windows environment, GSS-API lets you connect to the directory server using

Kerberos-based Windows authentication.

Directory Query Parameters

The following table describes parameters for configuring how the client queries your LDAP directory:

Parameter Value Description

BaseFilter Base filter Specifies a base filter for Active Directory queries.

Specify a directory subkey name only to retrieve objects other than user objects when you query the directory.

The default value is

(&amp;(objectCategory=person))

.

Configuration files can contain only valid XML character entity references. Use &amp; instead of & if you specify a custom base filter.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

171

Integrate with Directory Sources

Directory Integration Parameters

Parameter

PredictiveSearchFilter

DisableSecondaryNumberLookups 0

1

SearchTimeout

UseWildcards 0

1

Value

Search filter

Number of seconds

Description

Defines filters to apply to predictive search queries.

You can define multiple, comma-separated values to filter search queries.

The default value is anr

When Cisco Jabber for Windows performs a predictive search, it issues a query using

Ambiguous Name Resolution (ANR). This query disambiguates the search string and returns results that match the attributes that are set for

ANR on your directory server.

Important

You must configure your directory server to set attributes for ANR if you want the client to search for those attributes.

Specifies whether users can search for alternative contact numbers if the work number is not available, such as the mobile, home, or other number.

0

Users can search for alternative contact numbers. This is the default value.

1

Users cannot search for alternative contact numbers.

Specifies the timeout period for queries in seconds.

The default value is 5.

Enables wildcard searches.

0

Do not use wildcards. This is the default value.

1

Use wildcards.

If you use wildcards, it might take longer to search the directory.

172

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Directory Integration Parameters

Parameter

MinimumCharacterQuery

SearchBase1

SearchBase2

SearchBase3

SearchBase4

SearchBase5

Value

Numerical value

Description

Sets the minimum number of characters in a contact name to query the directory.

For example, if you set 2 as the value of this parameter, the client searches the directory when users enter at least two characters in the search field.

The default value is 3.

Searchable organizational unit (OU) in the directory tree

Specifies a location in the directory server from which searches begin. In other words, a search base is the root from which the client executes a search.

By default, the client searches from the root of the directory tree. You can specify the value of up to five search bases in your OU to override the default behavior.

Active Directory does not typically require a search base. You should specify search bases for Active Directory only for specific performance requirements.

You must specify a search base for directory servers other than Active Directory to create bindings to specific locations in the directory.

Tip

Specify an OU to restrict searches to certain user groups.

For example, a subset of your users have instant messaging capabilities only.

Include those users in an OU and then specify that as a search base.

Related Topics

Ambiguous Name Resolution for LDAP in Windows 2000

LDAP Referrals

Common Default Attributes Set for Active Directory and Global Catalog

Base Filter Examples

The following are example base filters you can use to look up specific locations or objects.

Find only specific groups:

(&amp;(objectClass=user)(memberOf=cn=group-name,ou=Groups,dc=example,dc=com))

Find a nested group within a group:

(&amp;(objectClass=user)(memberOf:search-oid:=cn=group-name,ou=Groups,dc=example,dc=com))

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

173

Integrate with Directory Sources

Directory Integration Parameters

Find only enabled accounts and non-administrator accounts:

(&amp;(objectCategory=person)(objectClass=user)(!(userAccountControl:search-oid:=2))

(!(sAMAccountName=*_dbo))(!(sAMAccountName=*-admin)))

Phone Number Masks Parameter

Phone number masks parameter only applies to EDI. The following table describes the parameter to configure masks for phone number resolution:

Parameter Value Description

PhoneNumberMasks Mask string Specifies masks to use when users search for phone numbers.

For example, a user receives a call from

+14085550100. In the directory, this number is

+(1) 408 555 0100.

The following mask resolves the number:

+1408|+(#) ### ### ####

The length of mask strings cannot exceed the size restriction for registry subkey names.

Phone masks apply to phone numbers before the client searches your directory. If you configure phone masks correctly, directory searches succeed as exact query matches and prevent any impact to performance of your directory server.

The following table describes the elements you can include in a phone mask:

Element Description

Phone number pattern

Provides a number pattern to retrieve phone numbers from your directory.

To add a phone mask, you specify a number pattern that applies to the mask.

For example, to specify a mask for searches that begin with +1408, you can use the following mask: +1408|+(#) ### ### ####

To enable a mask to process phone numbers that have the same number of digits, but different patterns, use multiple masks with the same number of digits.

For example, your company has site A and site B. Each site maintains a separate directory in which the phone numbers have different formats, such as the following:

+(1) 408 555 0100

+1-510-5550101

The following mask ensures you can use both numbers correctly: +1408|+(#) ### ###

####|+1510|+#-###-#######.

Pipe symbol

(|)

Separates number patterns and masks.

For example, +1408|+(#) ### ### ####|+34|+(##) ### ####.

174

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Directory Integration Parameters

Element

Wildcard character

Reverse mask

Description

Substitutes one or more characters for a subset of possible matching characters.

Any wildcard character can exist in a phone mask.

For example, an asterisk (*) represents one or more characters and can apply to a mask as follows: +3498|+##*##*###*####. Using this mask with the wildcard, a phone number search can match any of the following formats:

+34(98)555 0199

+34 98 555-0199

+34-(98)-555.0199

Applies a number pattern from right to left.

For example, a mask of +3498|R+34 (98) 559 #### applied to +34985590199 results in +34

(98) 559 0199.

You can use both forward and reverse masks.

Contact Photo Parameters

The following table describes parameters for configuring how the client retrieves contact photos from an

LDAP directory:

Parameter Value Description

PhotoUriSubstitutionEnabled true false

Specifies if photo URI substitution is enabled.

true false

Photo URI substitution is enabled.

Specifies if photo URI substitution is disabled. This is the default value.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

175

Integrate with Directory Sources

Directory Integration Parameters

Parameter

PhotoUriSubstitutionToken

Value

Directory attribute

Description

Specifies a directory attribute to insert in the photo URI; for example, sAMAccountName.

Only the following attributes are supported for use with the PhotoURISubstitutionToken parameter:

• Common Name

• Display Name

• First Name

• Last Name

• Nickname

• Email Address

• Photo Source

• Business Phone

• Mobile Phone

• Home Phone

• Preferred Phone

• Other Phone

• Title

• Company Name

• User Account Name

• Domain Name

• Location

• Post Code

• State

• City

• Street

176

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Directory Integration Parameters

Parameter

PhotoUriWithToken

Value

URI

Description

Specifies a photo URI with a directory attribute as a variable value; for example, http://staffphoto.example.com/sAMAccountName.jpg

.

The parameter applies to LDAP directory integrations.

To configure photo URI substitution, you set the directory attribute as the value of

PhotoUriSubstitutionToken.

Restriction

The client must be able to retrieve the photos from the web server without credentials.

Related Topics

Contact Photo Formats and Dimensions, on page 178

Contact Photo Retrieval with EDI

Cisco Jabber retrieves and displays contact photos with the following methods.

Note

When you change a photo in the Active Directory, the photo can take up to 24 hours to refresh in Cisco

Jabber.

URI substitution

Cisco Jabber dynamically builds a URL to contact photos with a directory attribute and a URL template.

To use this method, set the following values in your configuration file:

1

Specify true as the value of the PhotoUriSubstitutionEnabled parameter.

2

Specify a directory attribute to use as a dynamic token as the value of the PhotoUriSubstitutionToken parameter; for example,

<PhotoUriSubstitutionToken>sAMAccountName</PhotoUriSubstitutionToken>

3

Specify the URL and the dynamic token as the value of the PhotoUriWithToken parameter; for example,

<PhotoUriWithToken>http://staffphoto.example.com/sAMAccountName.jpg</PhotoUriWithToken>

With the example values in the preceding steps, the sAMAccountName attribute might resolve to msmith in your directory. Cisco Jabber then takes this value and replaces the token to build the following

URL: http://staffphoto.example.com/msmith.jpg.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

177

Integrate with Directory Sources

Directory Integration Parameters

Binary objects

Cisco Jabber retrieves the binary data for the photo from your database.

if using binary objects from Active Directory, PhotoUriWithToken should not be set.

To use this method to retrieve contact photos, specify the attribute that contains the binary data as the value of the PhotoSource parameter in the configuration; for example,

<PhotoSource>jpegPhoto</PhotoSource>

PhotoURL attribute

Cisco Jabber retrieves a URL from a directory attribute.

To use this method to retrieve contact photos, specify the attribute that contains the photo URL as the value of the PhotoSource parameter in the configuration; for example,

<PhotoSource>photoUri</PhotoSource>

Contact Photo Formats and Dimensions

To achieve the best result with Cisco Jabber, your contact photos should have specific formats and dimensions.

Review supported formats and optimal dimensions. Learn about adjustments the client makes to contact photos.

Contact Photo Formats

Cisco Jabber supports the following formats for contact photos in your directory:

• JPG

• PNG

• BMP

• GIF

Important

Cisco Jabber does not apply any modifications to enhance rendering for contact photos in GIF format. As a result, contact photos in GIF format might render incorrectly or with less than optimal quality. To obtain the best quality, use PNG format for your contact photos.

Contact Photo Dimensions

Tip

The optimum dimensions for contact photos are 128 pixels by 128 pixels with an aspect ratio of 1:1.

128 pixels by 128 pixels are the maximum dimensions for local contact photos in Microsoft Outlook.

The following table lists the different dimensions for contact photos in Cisco Jabber.

Location Dimensions

Audio call window 128 pixels by 128 pixels

178

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Directory Integration Parameters

Location

Invitations and reminders, for example:

• Incoming call windows

• Meeting reminder windows

Lists of contacts, for example:

• Contact lists

• Participant rosters

• Call history

• Voicemail messages

Dimensions

64 pixels by 64 pixels

32 pixels by 32 pixels

Contact Photo Adjustments

Cisco Jabber adjusts contact photos as follows:

• Resizing—If contact photos in your directory are smaller or larger than 128 pixels by 128 pixels, the client automatically resizes the photos. For example, contact photos in your directory are 64 pixels by

64 pixels. When Cisco Jabber retrieves the contact photos from your directory, it resizes the photos to

128 pixels by 128 pixels.

Tip

Resizing contact photos can result in less than optimal resolution. For this reason, use contact photos that are 128 pixels by 128 pixels so that the client does not automatically resize them.

• Cropping—Cisco Jabber automatically crops nonsquare contact photos to a square aspect ratio, or an aspect ratio of 1:1 where the width is the same as the height.

• Portrait orientation—If contact photos in your directory have portrait orientation, the client crops 30 percent from the top and 70 percent from the bottom.

For example, if contact photos in your directory have a width of 100 pixels and a height of 200 pixels,

Cisco Jabber needs to crop 100 pixels from the height to achieve an aspect ratio of 1:1. In this case, the client crops 30 pixels from the top of the photos and 70 pixels from the bottom of the photos.

• Landscape orientation—If contact photos in your directory have landscape orientation, the client crops

50 percent from each side.

For example, if contact photos in your directory have a width of 200 pixels and a height of 100 pixels,

Cisco Jabber needs to crop 100 pixels from the width to achieve an aspect ratio of 1:1. In this case, the client crops 50 pixels from the right side of the photos and 50 pixels from the left side of the photos.

• Rounding — Cisco Jabber rounds the corners of contact photos after retrieving them from your directory.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

179

Integrate with Directory Sources

UDS Parameters

UDS Parameters

The following table provides details about the parameters you can use in the configuration file to connect to

UDS and perform contact resolution and directory queries.

Parameter Value Description

PresenceDomain Domain of the presence node.

Required parameter. Specifies the domain of the presence server.

The client appends this domain to the user ID to create an IM address. For example, a user named Adam

McKenzie has the following user ID: amckenzie

. You specify example.com

as the presence server domain.

When the user logs in, the client constructs the following IM address for Adam McKenzie: [email protected]

UdsServer IP address

FQDN

UdsPhotoUriWithToken URI

Specifies the address of the Cisco Unified

Communications Manager User Data Service (UDS) server.

This parameter is required for manual connections where the client cannot automatically discover the

UDS server.

Specifies a photo URI with a directory attribute as a variable value; for example, http://www.photo/url/path/%%uid%%.jpg

.

This parameter applies to UDS directory integrations.

You must specify this parameter to download contact photos in either of the following cases:

• If you configure the DirectoryServerType parameter to use UDS. With this configuration, the client uses UDS for contact resolution when it is inside or outside of the corporate firewall.

• If you deploy Expressway for Mobile and

Remote Access. With this configuration, the client automatically uses UDS for contact resolution when it is outside of the corporate firewall.

Restriction

The client must be able to retrieve the photos from the web server without credentials.

180

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

UDS Parameters

Contact Photo Retrieval with UDS

Cisco Unified Communications Manager User Data Service (UDS) dynamically builds a URL for contact photos with a directory attribute and a URL template.

To resolve contact photos with UDS, you specify the format of the contact photo URL as the value of the

UdsPhotoUriWithToken parameter. You also include a %%uid%% token to replace the contact username in the URL, for example,

<UdsPhotoUriWithToken>http://server_name/%%uid%%.jpg</UdsPhotoUriWithToken>

UDS substitutes the %%uid%% token with the value of the userName attribute in UDS. For example, a user named Mary Smith exists in your directory. The value of the userName attribute for Mary Smith is msmith.

To resolve the contact photo for Mary Smith, Cisco Jabber takes the value of the userName attribute and replaces the %%uid%% token to build the following URL: http://staffphoto.example.com/msmith.jpg

Note

When you change a photo in the Active Directory, the photo can take up to 24 hours to refresh in Cisco

Jabber.

Important

• If you deploy Expressway for Mobile and Remote Access, the client automatically uses UDS for contact resolution when users connect to services from outside the corporate network. When you set up UDS contact resolution for Expressway for Mobile and Remote Access, you must add the web server on which you host the contact photos to the HTTP server allow list in your Cisco

Expressway-C server configuration. The HTTP server allow list enables the client to access web services inside the corporate network.

• All contact photos must follow the format of the URL you specify as the value of

UdsPhotoUriWithToken.

Contact Photo Formats and Dimensions

To achieve the best result with Cisco Jabber, your contact photos should have specific formats and dimensions.

Review supported formats and optimal dimensions. Learn about adjustments the client makes to contact photos.

Contact Photo Formats

Cisco Jabber supports the following formats for contact photos in your directory:

• JPG

• PNG

• BMP

• GIF

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

181

Integrate with Directory Sources

UDS Parameters

Important

Cisco Jabber does not apply any modifications to enhance rendering for contact photos in GIF format. As a result, contact photos in GIF format might render incorrectly or with less than optimal quality. To obtain the best quality, use PNG format for your contact photos.

Contact Photo Dimensions

Tip

The optimum dimensions for contact photos are 128 pixels by 128 pixels with an aspect ratio of 1:1.

128 pixels by 128 pixels are the maximum dimensions for local contact photos in Microsoft Outlook.

The following table lists the different dimensions for contact photos in Cisco Jabber.

Location Dimensions

Audio call window 128 pixels by 128 pixels

Invitations and reminders, for example:

• Incoming call windows

• Meeting reminder windows

64 pixels by 64 pixels

Lists of contacts, for example:

• Contact lists

• Participant rosters

• Call history

• Voicemail messages

32 pixels by 32 pixels

Contact Photo Adjustments

Cisco Jabber adjusts contact photos as follows:

• Resizing—If contact photos in your directory are smaller or larger than 128 pixels by 128 pixels, the client automatically resizes the photos. For example, contact photos in your directory are 64 pixels by

64 pixels. When Cisco Jabber retrieves the contact photos from your directory, it resizes the photos to

128 pixels by 128 pixels.

Tip

Resizing contact photos can result in less than optimal resolution. For this reason, use contact photos that are 128 pixels by 128 pixels so that the client does not automatically resize them.

182

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Directory Server Configuration Examples

• Cropping—Cisco Jabber automatically crops nonsquare contact photos to a square aspect ratio, or an aspect ratio of 1:1 where the width is the same as the height.

• Portrait orientation—If contact photos in your directory have portrait orientation, the client crops 30 percent from the top and 70 percent from the bottom.

For example, if contact photos in your directory have a width of 100 pixels and a height of 200 pixels,

Cisco Jabber needs to crop 100 pixels from the height to achieve an aspect ratio of 1:1. In this case, the client crops 30 pixels from the top of the photos and 70 pixels from the bottom of the photos.

• Landscape orientation—If contact photos in your directory have landscape orientation, the client crops

50 percent from each side.

For example, if contact photos in your directory have a width of 200 pixels and a height of 100 pixels,

Cisco Jabber needs to crop 100 pixels from the width to achieve an aspect ratio of 1:1. In this case, the client crops 50 pixels from the right side of the photos and 50 pixels from the left side of the photos.

• Rounding — Cisco Jabber rounds the corners of contact photos after retrieving them from your directory.

Directory Server Configuration Examples

This section describes supported integration scenarios and provides example configurations.

Domain Controller Connection

To connect to a Domain Controller, set the following parameters:

Parameter Value

ConnectionType 1

The following is an example configuration:

<Directory>

<ConnectionType>1</ConnectionType></Directory>

Manual Server Connection

To manually connect to a directory server, set the following parameters:

Parameter Value

PrimaryServerName FQDN

IP address

ServerPort1

SecondaryServerName

ServerPort2

Port number

FQDN

IP address

Port number

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

183

Integrate with Directory Sources

Directory Server Configuration Examples

The following is an example configuration:

<Directory>

<PrimaryServerName>primary-server-name.domain.com</PrimaryServerName>

<ServerPort1>1234</ServerPort1>

<SecondaryServerName>secondary-server-name.domain.com</SecondaryServerName>

<ServerPort2>5678</ServerPort2>

</Directory>

UDS Integration

To integrate with UDS, set the following parameters.

Parameter Value

DirectoryServerType UDS

UdsServer

UdsPhotoUriWithToken

IP address of the UDS server

Contact photo URL

PresenceDomain

Note

This parameter is only applicable to Phone

Mode.

Server address of your presence domain

Note

Configure the DirectoryServerType parameter to UDS only if you want to use UDS for all contact resolution

(that is, from inside and outside the corporate firewall).

The following is an example configuration:

<Directory>

<DirectoryServerType>UDS</DirectoryServerType>

<UdsServer>11.22.33.444</UdsServer>

<UdsPhotoUriWithToken>http://server-name/%%uid%%.jpg</UdsPhotoUriWithToken>

</Directory>

LDAP Integration with Expressway for Mobile and Remote Access

When you deploy Expressway for Mobile and Remote Access with an LDAP directory integration, the client uses:

• LDAP when inside the corporate firewall

• UDS when outside the corporate firewall

Note

LDAP is the default configuration, so it is not necessary to include the DirectoryServerType parameter in your client configuration file.

To ensure that the client can resolve contact photos from both inside and outside your corporate firewall, set the following parameters.

184

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Directory Server Configuration Examples

Parameter

PhotoUriWithToken

UdsPhotoUriWithToken

Value

Contact photo URL when inside the corporate firewall

Contact photo URL when outside the corporate firewall

The following is an example configuration:

<Directory>

<PhotoUriWithToken>http://photo.example.com/sAMAccountName.jpg</PhotoUriWithToken>

<UdsPhotoUriWithToken>http://server-name/%%uid%%.jpg</UdsPhotoUriWithToken>

</Directory>

Simple Authentication for Cisco Jabber for Windows

Simple authentication lets you connect to a directory server using simple binds, as in the following example configuration:

<UseWindowsCredentials>0</UseWindowsCredentials>

<UseSSL>0</UseSSL>

<UseSecureConnection>0</UseSecureConnection>

<ConnectionUsername>username</ConnectionUsername>

<ConnectionPassword>password</ConnectionPassword>

This configuration specifies that the client:

• Does not use Microsoft Windows credentials.

• Does not use SSL.

• Uses simple authentication.

• Uses custom credentials.

As a result of the simple bind, the client transmits the credentials in the payload of the bind request in plain text.

Simple Authentication with SSL for Cisco Jabber for Windows

Enable SSL in directory server connections with the UseSSL parameter. You can use SSL to encrypt credentials when you use simple authentication, as in the following example configuration:

<UseWindowsCredentials>0</UseWindowsCredentials>

<UseSSL>1</UseSSL>

<UseSecureConnection>0</UseSecureConnection>

<ConnectionUsername>username</ConnectionUsername>

<ConnectionPassword>password</ConnectionPassword>

This configuration specifies that the client:

• Does not use Microsoft Windows credentials.

• Uses SSL.

• Uses simple authentication.

• Uses custom credentials.

As a result, the client uses SSL to encrypt the credentials in the client configuration.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

185

Integrate with Directory Sources

Directory Server Configuration Examples

OpenLDAP Integration

You can integrate with OpenLDAP using anonymous binds or authenticated binds.

Anonymous Binds for Cisco Jabber for Windows

To integrate with OpenLDAP using anonymous binds, set the following parameters:

Parameter Value

ConnectionType 1

PrimaryServerName IP address

Hostname

UseWindowsCredentials

UseSecureConnection

SearchBase1

0

1

Root of the directory service or the organizational unit

(OU)

UserAccountName

BaseFilter

PredictiveSearchFilter

Unique identifier such as UID or CN

Object class that your directory service uses; for example, inetOrgPerson.

UID or other search filter

The following is an example configuration:

<Directory>

<ConnectionType>1</ConnectionType>

<PrimaryServerName>11.22.33.456</PrimaryServerName>

<UseWindowsCredentials>0</UseWindowsCredentials>

<UseSecureConnection>1</UseSecureConnection>

<SearchBase1>ou=people,dc=cisco,dc=com</SearchBase1>

<UserAccountName>uid</UserAccountName>

<BaseFilter>(&amp;(objectClass=inetOrgPerson)</BaseFilter>

<PredictiveSearchFilter>uid</PredictiveSearchFilter>

</Directory>

Authenticated Binds for Cisco Jabber for Windows

To integrate with OpenLDAP using authenticated binds, set the following parameters:

Parameter Value

ConnectionType 1

PrimaryServerName IP address

Hostname

186

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Directory Server Configuration Examples

Parameter

UserWindowsCredentials

UseSecureConnection

SearchBase1

UserAccountName

BaseFilter

PredictiveSearchFilter

ConnectionUsername

ConnectionPassword

Value

0

0

Root of the directory service or the organizational unit

(OU)

Unique identifier such as UID or CN

Object class that your directory service uses; for example, inetOrgPerson.

UID or other search filter

Username

Password

The following is an example configuration:

<Directory>

<ConnectionType>1</ConnectionType>

<PrimaryServerName>11.22.33.456</PrimaryServerName>

<UserWindowsCredentials>0</UserWindowsCredentials>

<UseSecureConnection>0</UseSecureConnection>

<SearchBase1>ou=people,dc=cisco,dc=com</SearchBase1>

<UserAccountName>uid</UserAccountName>

<BaseFilter>(&amp;(objectClass=inetOrgPerson)</BaseFilter>

<PredictiveSearchFilter>uid</PredictiveSearchFilter>

<ConnectionUsername>cn=lds-read-only-user,dc=cisco,dc=com</ConnectionUsername>

<ConnectionPassword>password</ConnectionPassword>

</Directory>

AD LDS Integration

You can integrate with AD LDS or ADAM using specific configurations.

Anonymous Binds

To integrate with AD LDS or ADAM using anonymous binds, set the following parameters:

Parameter Value

PrimaryServerName IP address

Hostname

ServerPort1

UseWindowsCredentials

UseSecureConnection

Port number

0

1

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

187

Integrate with Directory Sources

Directory Server Configuration Examples

Parameter

SearchBase1

Value

Root of the directory service or the organizational unit

(OU)

The following is an example configuration:

<Directory>

<PrimaryServerName>11.22.33.456</PrimaryServerName>

<ServerPort1>50000</ServerPort1>

<UseWindowsCredentials>0</UseWindowsCredentials>

<UseSecureConnection>1</UseSecureConnection>

<SearchBase1>dc=adam,dc=test</SearchBase1>

</Directory>

Windows Principal User Authentication

To integrate with AD LDS or ADAM using authentication with the Microsoft Windows principal user, set the following parameters:

Parameter Value

PrimaryServerName IP address

Hostname

ServerPort1 Port number

UseWindowsCredentials

UseSecureConnection

0

1

ConnectionUsername

ConnectionPassword

UserAccountName

SearchBase1

Username

Password

Unique identifier such as UID or CN

Root of the directory service or the organizational unit

(OU)

The following is an example configuration:

<Directory>

<PrimaryServerName>11.22.33.456</PrimaryServerName>

<ServerPort1>50000</ServerPort1>

<UseWindowsCredentials>0</UseWindowsCredentials>

<UseSecureConnection>1</UseSecureConnection>

<ConnectionUsername>cn=administrator,dc=cisco,dc=com</ConnectionUsername>

<ConnectionPassword>password</ConnectionPassword>

<UserAccountName>cn</UserAccountName>

<SearchBase1>ou=people,dc=cisco,dc=com</SearchBase1>

</Directory>

188

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Federation

AD LDS Principal User Authentication

To integrate with AD LDS or ADAM using authentication with the AD LDS principal user, set the following parameters:

Parameter Value

PrimaryServerName IP address

Hostname

ServerPort1

UseWindowsCredentials

UseSecureConnection

ConnectionUsername

ConnectionPassword

UserAccountName

SearchBase1

Port number

0

0

Username

Password

Unique identifier such as uid or cn

Root of the directory service or the organizational unit

(OU)

The following is an example configuration:

<Directory>

<PrimaryServerName>11.22.33.456</PrimaryServerName>

<ServerPort1>50000</ServerPort1>

<UseWindowsCredentials>0</UseWindowsCredentials>

<UseSecureConnection>0</UseSecureConnection>

<ConnectionUsername>cn=administrator,dc=cisco,dc=com</ConnectionUsername>

<ConnectionPassword>password</ConnectionPassword>

<UserAccountName>cn</UserAccountName>

<SearchBase1>ou=people,dc=cisco,dc=com</SearchBase1>

</Directory>

Federation

Federation lets Cisco Jabber users communicate with users who are provisioned on different systems and who are using client applications other than Cisco Jabber.

Interdomain Federation

Interdomain federation enables Cisco Jabber users in an enterprise domain to share availability and send instant messages with users in another domain.

• Cisco Jabber users must manually enter contacts from another domain.

• Cisco Jabber supports federation with the following:

• Microsoft Office Communications Server

• Microsoft Lync

• IBM Sametime

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

189

Integrate with Directory Sources

Intradomain Federation

• XMPP standard-based environments such as Google Talk

• AOL Instant Messenger

You configure interdomain federation for Cisco Jabber on Cisco Unified Presence or Cisco Unified

Communications Manager IM and Presence Service. See the appropriate server documentation for more information.

Related Topics

Integration Guide for Configuring Cisco Unified Presence Release 8.6 for Interdomain Federation

Interdomain Federation for IM and Presence Service on Cisco Unified Communications Manager

Intradomain Federation

Intradomain federation enables users within the same domain to share availability and send instant messages between Cisco Unified Presence and Microsoft Office Communications Server, Microsoft Live Communications

Server, or another presence server.

Intradomain federation allows you to migrate users to Cisco Unified Presence or Cisco Unified Communications

Manager IM and Presence Service from a different presence server. For this reason, you configure intradomain federation for Cisco Jabber on the presence server. See the following documents for more information:

• Cisco Unified Presence: Integration Guide for Configuring Partitioned Intradomain Federation for

Cisco Unified Presence Release 8.6 and Microsoft LCS/OCS

• Cisco Unified Communications Manager IM and Presence Service: Partitioned Intradomain Federation

for IM and Presence Service on Cisco Unified Communications Manager

Configure Intradomain Federation for BDI or EDI

In addition to configuring intradomain federation on the presence server, you might need to specify some configuration settings in the Cisco Jabber configuration files.

To resolve contacts during contact search or retrieve contact information from your directory, Cisco Jabber requires the contact ID for each user. Cisco Unified Presence uses a specific format for resolving contact information that does not always match the format on other presence servers such as Microsoft Office

Communications Server or Microsoft Live Communications Server.

The parameters that you use to configure intradomain federation depend on whether you use Enhanced

Directory Integration (EDI) or Basic Directory Integration (BDI). EDI uses native Microsoft Windows APIs to retrieve contact data from the directory service and is only used by Cisco Jabber for Windows. For BDI, the client retrieves contact data from the directory service and is used by Cisco Jabber for Mac, Cisco Jabber for Android, and Cisco Jabber for iPhone and iPad.

Procedure

Step 1

Set the value of the relevant parameter to true:

• For BDI: BDIUseSipUriToResolveContacts

• For EDI: UseSIPURIToResolveContacts

190

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Integrate with Directory Sources

Intradomain Federation

Step 2

Specify an attribute that contains the Cisco Jabber contact ID that the client uses to retrieve contact information.

The default value is msRTCSIP-PrimaryUserAddress, or you can specify another attribute in the relevant parameter:

• For BDI: BDISipUri

• For EDI: SipUri

Note

When you deploy intradomain federation and the client connects with Expressway for Mobile and

Remote Access from outside the firewall, contact search is supported only when the contact ID uses one of the following formats:

[email protected]

• UserPrincipleName (UPN)@domain

[email protected]

[email protected]in

[email protected]

Step 3

In the UriPrefix parameter, specify any prefix text that precedes each contact ID in the relevant SipUri parameter.

Example:

For example, you specify msRTCSIP-PrimaryUserAddress as the value of SipUri. In your directory the value of msRTCSIP-PrimaryUserAddress for each user has the following format: sip:[email protected]

.

• For BDI: BDIUriPrefix

• For EDI: UriPrefix

The following XML snippet provides an example of the resulting configuration for BDI:

<Directory>

<BDIUseSIPURIToResolveContacts>true</BDIUseSIPURIToResolveContacts>

<BDISipUri>non-default-attribute</BDISipUri>

<BDIUriPrefix>sip:</BDIUriPrefix>

</Directory>

The following XML snippet provides an example of the resulting configuration for EDI:

<Directory>

<UseSIPURIToResolveContacts>true</UseSIPURIToResolveContacts>

<SipUri>non-default-attribute</SipUri>

<UriPrefix>sip:</UriPrefix>

</Directory>

Example of Intradomain Federation

The following example shows how to create intradomain federation contacts using the following BDI or EDI parameters and example values:

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

191

Integrate with Directory Sources

Intradomain Federation

For BDI: SipUri

For EDI: SipURI

Value: msRTCSIP-PrimaryUserAddress

For BDI: UseSIPURIToResolveContacts

For EDI: UseSIPURIToResolveContacts

Value: true

For BDI: UriPrefix

For EDI: UriPrefix

Value: sip

For the user Mary Smith, the directory contains sip:[email protected] as the value of the msRTCSIP-PrimaryUserAddress attribute.

The following workflow describes how the client connects to your directory to resolve contact information for Mary Smith:

1

Your presence server passes [email protected] to the client.

2

The client adds sip: to [email protected] and then queries your directory.

3

sip:[email protected]

matches the value of the msRTCSIP-PrimaryUserAddress attribute.

4

The client retrieves contact information for Mary Smith.

When Cisco Jabber users search for Mary Smith, the client removes the sip: prefix from sip:[email protected]

to get her contact ID.

192

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

C H A P T E R

9

Customize Cisco Jabber for Windows

Review what features you can customize after installation. Learn how to change these features to meet your organizational requirements.

Add Custom Emoticons, page 193

Create Custom Embedded Tabs, page 197

Add Custom Emoticons

You can add custom emoticons to Cisco Jabber for Windows by creating emoticon definitions in an XML file and saving it to the file system.

Note

To achieve optimal results, your custom emoticons should conform to the following guidelines:

• Dimensions: 17 x 17 pixels

• Transparent background

• PNG file format

• RGB colors

Procedure

Step 1

Create a file named emoticonDefs.xml with any text editor.

Step 2

Specify the emoticon definitions as appropriate in emoticonDefs.xml.

See Emoticon Definitions for more information on the structure and available parameters for emoticonDefs.xml

.

Step 3

Save and close emoticonDefs.xml.

Step 4

Save emoticonDefs.xml in the appropriate directory on the file system.

Cisco Jabber for Windows loads emoticon definitions from the following directories on the file system.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

193

Customize Cisco Jabber for Windows

Emoticon Definitions

• The directory can differ depending on your operating system

◦For 32-bit operating systems:

◦Program Files\Cisco Systems\Cisco Jabber\Emoticons

◦Program Files\Cisco Systems\Cisco Jabber\CustomEmoticons

◦For 64-bit operating systems:

◦Program Files(x86)\Cisco Systems\Cisco Jabber\Emoticons

◦Program Files(x86)\Cisco Systems\Cisco Jabber\CustomEmoticons

The Emoticons folder contains the default emoticons for Cisco Jabber for Windows and the default emoticonDefs.xml

.

The CustomEmoticons folder does not exist by default. Administrators can create this folder to contain custom emoticon definitions to include in organizational deployments.

Emoticons that you define in the CustomEmoticons folder take precedence over emoticon definitions in the default Emoticons folder.

%USERPROFILE%\AppData\Roaming\Cisco\Unified

Communications\Jabber\CSF\CustomEmoticons

This folder contains custom emoticon definitions for individual instances of Cisco Jabber for Windows.

Emoticons that you define in this directory take precedence over emoticon definitions in the

CustomEmoticons folder in the installation directory.

Step 5

Restart Cisco Jabber for Windows.

Cisco Jabber for Windows loads the custom emoticon definitions in emoticonDefs.xml.

Remember

Custom emoticon definitions are available to users only if they are defined locally in emoticonDefs.xml

. If you send custom emoticons to users who do not have the same emoticon definitions, those users receive the default keys, not the icons; for example:

1

User A defines a custom emoticon in emoticonDefs.xml.

The custom emoticon definition exists only on User A's local file system.

2

User A sends that custom emoticon to User B.

3

User B receives only the default key for the custom emoticon. User B does not receive the icon.

Emoticon Definitions

Cisco Jabber for Windows loads emoticon definitions from emoticonDefs.xml.

194

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Customize Cisco Jabber for Windows

Emoticon Definitions

The following XML snippet shows the basic structure for the emoticon definitions file:

<emoticons>

<emoticon defaultKey="" image="" text="" order="" hidden="">

<alt></alt>

</emoticon>

</emoticons>

The following table describes the elements and attributes for defining custom emoticons:

Element or attribute Description

emoticons This element contains all emoticon definitions.

emoticon This element contains the definition of an emoticon.

defaultKey image text order

This attribute defines the default key combination that renders the emoticon.

Specify any key combination as the value.

This attribute is required.

defaultKey is an attribute of the emoticon element.

This attribute specifies the filename of the emoticon image.

Specify the filename of the emoticon as the value. The emoticon image must exist in the same directory as emoticonDefs.xml.

This attribute is required.

Cisco Jabber for Windows supports any icon that Internet Explorer can render, including .jpeg, .png, and .gif.

image is an attribute of the emoticon element.

This attribute defines the descriptive text that displays in the Insert

emoticon dialog box.

Specify any string of unicode characters.

This attribute is optional.

text is an attribute of the emoticon element.

This attribute defines the order in which emoticons display in the Insert

emoticon dialog box.

Specify an ordinal number beginning from 1 as the value.

order is an attribute of the emoticon element.

This attribute is required. However, if the value of hidden is true this parameter does not take effect.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

195

Customize Cisco Jabber for Windows

Emoticon Definitions

Element or attribute

hidden alt

Description

This attribute specifies whether the emoticon displays in the Insert

emoticon dialog box.

Specify one of the following as the value:

true false

Specifies the emoticon does not display in the Insert emoticon dialog box. Users must enter the key combination to render the emoticon.

Specifies the emoticon displays in the Insert emoticon dialog box.

Users can select the emoticon from the Insert emoticon dialog box or enter the key combination to render the emoticon. This is the default value.

This attribute is optional.

hidden is an attribute of the emoticon element.

This element enables you to map key combinations to emoticons.

Specify any key combination as the value.

For example, if the value of defaultKey is :), you can specify :-) as the value of alt so that both key combinations render the same emoticon.

This element is optional.

Remember

The default emoticons definitions file contains the following key combinations that enable users to request calls from other users:

• :callme

• :telephone

These key combinations send the callme emoticon, or communicon. Users who receive this emoticon can click the icon to initiate an audio call. You should include these key combinations in any custom emoticons definition file to enable the callme emoticon.

Emoticon Definition Example

<emoticons>

<emoticon defaultKey=":)" image="Emoticons_Smiling.png" text="Smile" order="1">

<alt>:-)</alt>

<alt>^_^</alt>

</emoticon>

<emoticon defaultKey=":(" image="Emoticons_Frowning.png" text="Frown" order="2">

<alt>:-(</alt>

</emoticon>

</emoticons>

196

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Customize Cisco Jabber for Windows

Create Custom Embedded Tabs

Create Custom Embedded Tabs

You create custom embedded tabs to display HTML content in the client interface.

You define custom embedded tabs as part of your client configuration file. See the Custom Embedded Tabs section for more information.

Related Topics

Custom Embedded Tabs for Cisco Jabber for Windows, on page 143

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

197

Create Custom Embedded Tabs

Customize Cisco Jabber for Windows

198

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

C H A P T E R

10

Appendix

Review additional information that can help you successfully deploy or troubleshoot Cisco Jabber for

Windows.

Migrate Your Unified Communications Server Infrastructure, page 199

ADSI Error Codes, page 202

Migrate Your Unified Communications Server Infrastructure

To migrate your unified communications infrastructure, you upgrade your presence server from Cisco Unified

Presence version 8.x to Cisco Unified Communications Manager IM and Presence Service version 9.x or higher. You also upgrade Cisco Unified Communications Manager from version 8.x to version 9.x or higher.

Before you begin the migration effort, you should understand the architectural differences in the server versions and how this change impacts the client.

Differences in Server Infrastructures

The key to a successful migration is understanding the differences in the server infrastructures and how these differences impact the client.

Version 8.x Server Infrastructure

In the version 8.x server infrastructure, Cisco Unified Presence is the primary source of authentication and configuration.

You provision users with services and provide the location of servers, including the TFTP and CCMCIP services, on Cisco Unified Presence. Those details reside in the server database. When the client gets the location of Cisco Unified Presence from the _cuplogin SRV record, the client authenticates users and retrieves the details from the database through an interface on Cisco Unified Presence. In this way, the client retrieves configuration and services from the presence server after users sign in.

Version 9.x Server Infrastructure

In the version 9.x server infrastructure, Cisco Unified Communications Manager is the main source of configuration for users.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

199

Appendix

Differences in Server Infrastructures

You define configuration on Cisco Unified Communications Manager in service profiles that you apply to users, groups, or clusters. That configuration holds the location of services that you provision to users as well as other client specific settings. Those details reside in the server database. When the client gets the

_cisco-uds

SRV record, it can discover the user's home cluster. The client can also discover the TFTP and CCMCIP services, get the devices configured for the user, and register the configured devices. The client also then retrieves the service profile that contains additional service configuration and client configuration.

After the client gets the service profile, it can determine the authenticator to which users sign in.

The following diagram illustrates the differences between the version 8.x infrastructure and the version 9.x

infrastructure:

Summary of Differences in Server Infrastructures

The following table highlights the main differences between the version 8.x infrastructure and the version 9.x

infrastructure:

Version 8.x Server Infrastructure Version 9.x Infrastructure

You deploy the _cuplogin SRV record.

The client gets configuration from Cisco Unified

Presence.

You deploy the _cisco-uds SRV record.

The client gets configuration from Cisco Unified

Communications Manager.

200

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Appendix

Upgrade Servers from Version 8.x to Version 9.x or Higher

Version 8.x Server Infrastructure

Cisco Unified Presence is the primary source of authentication.

Version 9.x Infrastructure

Cisco Unified Communications Manager is the primary source of authentication.

After the client gets the service profile, it determines which of the following authenticators users should sign in to:

Cisco Unified Communications Manager IM and

Presence Service

Full UC and IM only deployments.

Cisco Unified Communications Manager

Phone mode deployments.

Cisco WebEx service

Cloud-based deployments.

You must configure directory integration and additional client settings in client configuration files.

You can configure directory integration and some client settings in the service profile.

You must provision users with telephony capabilities with TFTP and CCMCIP services.

The client discovers TFTP and UDS services when it finds the user's home cluster.

Remember

UDS replaces CCMCIP in the Cisco

Unified Communications Manager version 9.x infrastructure. You do not need to provision users with CCMCIP profiles.

The client gets the device configuration and registers devices after sign in.

The client gets the device configuration and registers devices before sign in.

Upgrade Servers from Version 8.x to Version 9.x or Higher

To upgrade servers from version 8.x to version 9.x or higher, you should take a phased approach. Upgrade your server infrastructure first and leave existing configuration in place. After you upgrade all servers across your infrastructure, you should then migrate service profiles from Cisco Unified Presence to Cisco Unified

Communications Manager. When all users have service profiles on Cisco Unified Communications Manager version 9.x, you can deploy the _cisco-uds SRV record.

The steps to migrate your unified communication server infrastructure are as follows:

Procedure

Step 1

Upgrade your server infrastructure.

You should perform the required steps to upgrade each node in the cluster, one cluster at a time.

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

201

Appendix

ADSI Error Codes

Leave existing configuration for users until you have upgraded servers across all clusters. The client can retrieve existing configuration, including settings you define for services in Cisco Unified Presence, from

Cisco Unified Communications Manager IM and Presence Service using the _cuplogin SRV record.

Step 2

Provision users with service profiles on Cisco Unified Communications Manager.

Step 3

Deploy the _cisco-uds SRV record.

When you verify that all users in the deployment can successfully sign in and get all provisioned services, you should remove the _cuplogin SRV record.

ADSI Error Codes

Cisco Jabber for Windows uses Microsoft Active Directory Service Interfaces (ADSI) for directory integration.

You should refer to the ADSI error codes to help troubleshoot directory integration issues.

See the following Microsoft documentation for information about ADSI error codes:

ADSI Error Codes at http://msdn.microsoft.com/en-us/library/windows/desktop/aa772195(v=vs.85).aspx

Generic ADSI Error Codes at http://msdn.microsoft.com/en-us/library/windows/desktop/ aa705940(v=vs.85).aspx

Error Codes for ADSI 2.5 at http://support.microsoft.com/kb/242076

202

Cisco Jabber for Windows 9.7 Installation and Configuration Guide

Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement

Table of contents