Jabber windows 9.2.6 certificates (sub cluster)

Similar Messages

• J4W 9.2.6 and Jabber for Mobile 9.6 : Certificate Management

  Hello,
  I have deployed 2 Cisco IM & P servers 9.1.1. When client jabber log in, the server presents 3 certificates (IM&P Pub, IM&P Sub, CUCM) to be validated and saved in local trust store.
  What are the certificates that I have to sign against the Private CA ? Or Do I only upload Root CA of the company into IM&P servers ?

  Hi Driss,
  Per my understanding the certificates that are presented are the Tomcat self-signed Certificates that are created during CUPS Pub&Sub and CUCM installation.
  http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/Windows/9_2/JABW_BK_C9731738_00_jabber-windows-install-config/JABW_BK_C9731738_00_jabber-windows-install-config_chapter_01001.html
  Here I see you have 3 options:
  a) Complex: Install thirdparty certs in your CUCM/CUPS servers, those certs should be issued by a Certificate Authority which root certificate is already part of your Truststore in Mobile client (Example: Verisign, Godaddy, etc.)
  This process in CUCM/CUPS has been there for a while, you can look up how to install third party certs for CUCM/CUPS. Process is very straight forward, you generate a CSR (Tomcat), provide the CSR to your CA and then obtain the new cert, once you have the new cert, import it to your CUCM. The CA must be a trusted one by your clients (Example: Verisign, Godaddy, etc)
  b) Simple: Import those default Tomcat CUCM/CUP self-signed certificates into your Desktops/Mobile clients trust store.
  c) Annoying: Educate users to select Accept certificates
  -Gonzalo

• Unable to login with Jabber Windows

  Hi ,
  Am unable to login the Jabber Windows Client. Getting the error as "Unable to Communicate With the Server".
  Able to login with CUPS & CUCM end user page. CUCM Integrated with LDAP.
  While going through the UP Profile logs seen that "Failed to SOAP login".
  Tried with restart of CUCM & CUPS several times but no go.
  CUCM Version - 8.6.2
  CUPS Version - 8.6.1
  Tried with CUPC client result also same.
  Thanks in Advance

  If credentials work on CCMuser CUPSuser I would suspect either some kind of communication problem between the clients and the servers and/or misconfiguration (user/device/line association, device owner, roles, CTI/CCMCIP profiles, etc) on CUCM/CUPS.
  Specially because you mention the same happens with CUPC.
  HTH
  java
  if this helps, please rate
  www.cisco.com/go/pdihelpdesk

• Creating sub-cluster within a Coherence cluster

  Hi all,
  Does Coherence support creation of 'sub-clusters' within a larger coherence cluster - such that certain caches can be configured to run only on these subclusters, and other caches run on the entire coherence cluster as usual.
  E.g., suppose my application consists of 3 websphere clusters (under same cell) - each cluster consists of 2 Websphere server instances. Each Websphere cluster has got a specific functional responsbility (e.g., 1 cluster handles the UI, one handles core processing functionality and the 3rd cluster handles links with external legacy systems). Since the functionality itself is 'partitioned' - its possible that certain data managed by a particular WAS cluster should only be managed within that cluster and not across all 6 WAS instances.
  So - in this case - suppose I do have an 'outer' Coherence cluster of all 6 WAS instances (and some Caches are configured to be acessible to all 6 WAS instances - since the data managed in these caches is needed by all 6 WAS instances). Can I configure a smaller Coherence cluster to be available only on say 2 of the Websphere instances (say the WAS cluster which handles legacy links) - and configure certain caches which are available only on this smaller sub-cluster.
  regards,
  Sanjeev.

  I am quite confused about the purpose of the service-name. How would you tie down a cache to a particular service? In the context of the above example, the requirement seems to be:
  CacheA should be spread over the UI cluster.
  CacheB should be spread over the legacy cluster.
  CacheC should be spread over the global cluster.
  Are you suggesting something like the following:
  <u>Cache config file on a UI node</u>:
  <cluster-config>
     <caching-scheme-mapping>
        <cache-mapping>
           <cache-name>CacheA</cache-name>
           <scheme-name>ui</scheme-name>
        </cache-mapping>
        <cache-mapping>
           <cache-name>CacheC</cache-name>
           <scheme-name>global</scheme-name>
        </cache-mapping>
     </caching-scheme-mapping>
     <caching-schemes>
        <distributed-scheme>
            <scheme-name>ui</scheme-name>
            <service-name>ui</service-name>
       </distributed-scheme>
       <distributed-scheme>
            <scheme-name>global</scheme-name>
            <service-name>global</service-name>
       </distributed-scheme>
     </caching-schemes>
  </cluster-config><u>Cache config file on a legacy node</u>:
  <cluster-config>
     <caching-scheme-mapping>
        <cache-mapping>
           <cache-name>CacheB</cache-name>
           <scheme-name>legacy</scheme-name>
        </cache-mapping>
        <cache-mapping>
           <cache-name>CacheC</cache-name>
           <scheme-name>global</scheme-name>
        </cache-mapping>
     </caching-scheme-mapping>
     <caching-schemes>
        <distributed-scheme>
            <scheme-name>legacy</scheme-name>
            <service-name>legacy</service-name>
       </distributed-scheme>
       <distributed-scheme>
            <scheme-name>global</scheme-name>
            <service-name>global</service-name>
       </distributed-scheme>
     </caching-schemes>
  </cluster-config>The basic question seems to be: how do you control the nodes over which a cache is spread, purely from the cache name?
  Also, the 3.2 <role-name> feature seems to be something that addresses this requirement. How does that play v/s a service-name?
  My requirement is similar (needing to control the nodes over which different caches are spread) but I do not quite understand how the service-name would be used to satisfy this example. Could you please explain via cache configurations for this example?
  Thanks
  Ghanshyam

• How to get sub cluster element's caption?

  Hi All,
  I have a big cluster, which contains several sub clusters. They are all typ def.  My queation is, 
  how to get the sub cluster element's caption?
  Thanks.
  Anne 
  Solved!
  Go to Solution.

  Find the VIs in 8.5
  Balaji PK (CLA)
  Ever tried. Ever failed. No matter. Try again. Fail again. Fail better
  Don't forget Kudos for Good Answers, and Mark a solution if your problem is solved.
  Attachments:
  Get caption.vi ‏10 KB
  typ def.ctl ‏7 KB

• Remove fields from contact profile jabber windows

  Is it possible remove some fields from the contac profile jabber windows?
  For example if you see the attach i want to remove entirely the field "compañia" (company).
  Thanks in advance.

  No, you only get to choose from which LDAP field to sync the info, not what is shown in the info card.
  HTH
  java
  if this helps, please rate
  www.cisco.com/go/pdihelpdesk

• Adding nodes to Windows Server 2008 R2 Hyper-V Cluster..

  Currently we have a 3 node Windows Server 2008 R2 Hyper-V Cluster in production. There are about 3 terrabytes worth of VMs running across these nodes.
  It is over-committed, so i've setup two new nodes to add to the cluster.
  I've done this before in a SQL cluster but never a Hyper-V cluster.
  If I don't run validation when adding the nodes, will there be downtime?
  The quorum is setup for disk majority, everything is identical on all nodes that needs to be. Shared storage is recognized and ready on the new nodes. I've gone through every checklist that Microsoft has. I'm just curious if the virtual machines will go
  offline on the current nodes when i add the two new nodes.
  Everything is identical down to the wsus updates installed. From networking to storage everything is perfect.
  I don't want to run validation as I know that'll take everything offline.

  Hi,
  It is recommend to run a validation test. You can select custom test. (skip storage).
  When add the new node to existing cluster . it will not bring down existing VM. 
  Lai (My blog:- http://www.ms4u.info)

• Support for Desktop Sharing with Jabber Windows and without CSF

  Hi,
  is there a official Cisco say, that Desktop Sharing with Jabber is only supported with the Desktop Softphone mode (CSF-Device)?
  Somebody has a link? Or is it supported with the normal deskphone? Which version of jabber and CUP&IM?

  Hi
  I can confirm that Cisco Jabber 10.5 supports desktop sharing with both CSF and Desktop mode. It also supports Conference desktop sharing, and desktop sharing through regular chat (No active call)
  We are running CUCM 9.1 and IM/Presence 9.1, so  our platform is not the newest.  
  You will need the new media driver as well, Cisco Media Services Interface 4.1.2.8049. 
  Here is a link to Cisco's release document for 10.5
  http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/Windows/10_5/rn/JABW_BK_J559CFFB_00_jabber-windows-release-notes-10-5/JABW_BK_J559CFFB_00_jabber-windows-release-notes-10-5_chapter_00.html

• Jabber Windows - no phone control with LDAP Custom filter

  I am unable to control the desktop phone from the Jabber 9.1 Windows client when the CallManager LDAP Directory uses a Custom Filter.
  Has anyone else experienced this?
  If I set the LDAP Custom Filter to <none> and save, then Desktop Phone control works great.
  If I set it to use my custom filter, then trying to enable Desktop control just gives me the spinning circle, then times out to the Red X symbol.
  I do not need to resync the LDAP Directory to get the error, just enable/disable the custom filter and save.
  In both cases calling from the Computer works great.
  This is an On-Prem deployment with full MS-AD LDAP integration.
  Versions are:
  Jabber - 9.1.0 build 12296
  CUPC - 8.6.4.11900-1
  CUCM - 8.6.2.22900-9
  I upgraded to CUCM 8.6.2 SU2 last night hoping that would fix the problem, but no luck.
  The LDAP filter is one I have used in numerous other clusters with no CTI issues.
  It allows me to sync to the root directory, but only import active user accounts with an entry in the ipPhone AD attribute:
  (&((objectclass=user)(ipPhone=*))(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))
  Thanks, Randy

  Hi Randy,
  Have you specified this base filter in jabber-config.xml file? As per Admin Guide:
  "In some cases, base filters do not return query results if you specify a closing bracket in your Cisco Jabber for Windows  configuration file. For example, this issue might occur if you specify  the following base filter: (&(memberOf=CN=UCFilterGroup,OU=DN))
  To resolve this issue, remove the closing bracket; for example, (&(memberOf=CN=UCFilterGroup,OU=DN)"
  Thanks,
  Maqsood

• Cisco Jabber windows call option and user addition issue

  Hi,
  After uploading the jabber-config.xml (EDI-BDI) on the CUCM, the call option for new user contacts started appearing but the already existing contacts in Jabber client have still no call option. Also when we add new contacts to the Jabber client, it just disappears as such. Any one faced similar issue before. Below are the details and attached jabber-config.xml and LDAP profile snap.
  We are using employeeNumber as attribute in LDAP configuration.
  CUCM - 8.5.1.15900-4
  UCCX - 8.6.3.10000-20
  Jabber for windows - 9.7.0 (Tried with earlier version of jabber as well)

  Hey
  Just right click on the contacts which do not have the call option and select view profile, then see if those contacts that are added are they from the Outlook or the AD, if its AD then they will have a contact number and as such they will have the Call Option enabled.
  If they are from outlook then delete the users and readd them by checking the view profile option to verify they are being pulled from AD.
  Also if i assumed the issue differently then what it is please explain the whole scenario.
  Note-: In case of J4W it will not connect to the directory using the LDAP profile info, it automatically verified and cnnects to the domain using your login creds.

• Jabber Windows Softphone - No outgoing ring

  When I run Jabber for Windows in Softphone mode, I do not hear the "ringing" when placing a call out the PSTN.  I have silence until the called party answers or voicemail is reached.  I do get "ringing" for internal calls.  I did not have this problem with CUPC.
  Jabber v 9.1.2
  CUCM: 8.0 (3)
  Presence: 8.6.4          

  I know this is a pretty old post but I'm having the exact same issue, however, I'm running an MGCP gateway. I can say that i just realized this was an issue today, as we cutover to CUCM 10.0.1 this morning and haven't been able to test PSTN calls from Jabber yet. 
  My tests this evening were done from Windows Jabber 9.7 externally connected via an Expressway pair. I get no ringback on calls to PSTN destinations, but once the remote end answers, two way audio is established with no issues. I haven't been back in the office yet to test PSTN calls from Jabber over the LAN. Calls between Jabber clients, even when I'm external to the business signal fine and I can hear ringback and get two way audio and video. Below is a brief description of the environment. Any suggestions are welcome. Thanks!
  Incoming Jabber flow
  Watchguard Firewall -> Expressway-E -> Watchguard Firewall (Same physical firewall) -> Expressway-C -> CUCM 10.0.1 and IM&P 10.0.1
  Outgoing Flow
  CUCM 10.0.1 -> 2921 MGCP Gateway -> T1 PRI -> PSTN
  And visa versa on the reverse leg. 
  Thanks!

• Unable to install SCCM client on Windows Server 2008 R2 - certificate permission error?

  I am trying to comply with corporate policy, which is, have an SCCM agent or client on every Windows device. I have successfully used the provided SCCM installer on other Windows 2008 R2 servers. However for one particular server I cannot get the SCCM agent
  to install successfully. I've searched forums and documentation, but can't find a solution. Part of the problem is the lack of feedback by SCCM on what is wrong. I think I have narrowed down the symptom to the following error messages from the "C:\Windows\CCM\Logs\ClientIDManagerStartup.log":
  [LOG[Certificate [Thumbprint C559304C1598F17641D0732EB9EB787169A25FA7] issued to 'SMS' doesn't have private key or caller doesn't have access to private key.
  [LOG[Failed in GetCertificate(...): 0x87d00281]LOG]!><time="10:56:59.014+300" date="04-17-2014" component="ClientIDManagerStartup" context="" type="3" thread="3024" file="ccmcert.cpp:2122">
  [LOG[CCMCreateAuthHeaders failed (0x8009200b).]LOG]!><time="10:56:59.014+300" date="04-17-2014" component="ClientIDManagerStartup" context="" type="3" thread="3024" file="clientauthutil.cpp:978">
  When I use the Certificates MMC snap in to look at installed certs on this Windows Server 2008 R2 machine, there are plenty of normal and expected certificates there. There is also a branch called SMS with hundreds of entries, I have no idea what that is.
  The above error seems to indicate a permissions issue. What do I do to fix this SCCM install? It seems like a server cert issue, not an SCCM issue, so I'm posting to the Windows Server forums.
  Thanks in advance.
  Thanks

  this maybe helpful...
  http://www.jamesbannanit.com/2011/04/certificate-requirements-for-sccm-2012/
  should be asked in SCCM forum...
  http://social.technet.microsoft.com/Forums/en-US/home?forum=configmanagerdeployment
  Best,
  Howtodo

• Windows Phone 8.1 can't install "Windows Phone App Studio certificate"

  I try to install the certificates from provided on appstudio.windowsphone.com/Home/HowTo
  choose "Open" device go to "Add workplace account"  I choose "add" 
  nothing happen
  and can't install my app in next step
  thank you

  I'm having the exact same issue. I've made the whole app, and received the email from Microsoft. After receiving & reading the email, I (on my Dev Preview Windows Phone 8.1) tapped on the "click here" to install the certificate for my phone. Upon tapping,
  I was given the screen "open" or "save. I've tried both now. Neither of them work, though. It's simply the AET.aetx file. I click on "tap to open", and yes, it does open just fine. However, it simply takes me to "add workplace account?" I have also tried both
  "add" or "cancel". Both simply return you to the IE page. Nothing seems to be going on, but I thought that perhaps it may be downloading in the background. So, I simply waited for a bit, and then tried downloading my actual app (from the email). However, it
  tells me that I need an app to open the file (App.Studio.WindowsPhone_1.0.0.0_AnyCPU.appx). This is where I am stuck at as of now. I'm sure I'm missing an obvious step, but I'm really just not sure. Any help would be greatly appreciated. 

• How can I create digital signatures for my users using Windows 2008 Active Directory Certificate Services?

  Hi,
  I need to create local digital signatures for my users. How can I do that using W2k8 Active Directory Certificate Services? We are gonna sign Office 2010 documents.
  What company offers cheap digital signatures solutions?
  Thanks in advanced

  Consider the following:
  if you use your local CA server to issue digital signature certificates, there is no cost, because you are eligible to issue so many certificates as you need. However, documents signed by these certificates will be considered trusted only within your AD
  forest and other machines that explicitly trust your local CA. Any external client will not trust your signatures.
  If you want to make your signature trusted outside your network (say, in worldwide), you need to pruchase a certificate from trusted commercial CA (VeriSign, GoDaddy, GlobalSign, StartCom, etc) according to respective vendor price list. In that case you
  don't need to have your local CA server, because it is not used. All certificate management is performed by the external CA. A most common scenario is to purchase signing certificate for particular departament principals (head managers) or few certificates
  for a whole company (all documents are revised by a responsible person or persons who holds signing certificate and sign them after review).
  so, it is not clear from your post what exactly you need.
  My weblog: http://en-us.sysadmins.lv
  PowerShell PKI Module: http://pspki.codeplex.com
  Windows PKI reference:
  on TechNet wiki

• Windows Mail App - Install Certificate

  We've installed Windows 8.1 (Enterprise) on to our corporate network, but we're having problems adding an Exchange account to the Mail app.  After entering all the necessary settings (Domain, server, user name etc.) - we get the following error:
  To use this account, choose a valid certificate on this PC.  If there isn't one, contact systems administrator. 
  We have digital certificate set up on our Exchange, but this doesn't appear to be enough for it connect to the mailbox.
  Anyone else experiencing this - any advice??
  Thanks

  Hi,
  Please check the Certificate to see if we have installed the self-signed certificate.
  1.  Start > Run, type “MMC” and enter.
  2.  In the open window, click File > Add/Remove snap in…
  3.  In the Available snap-ins tab, select Certificates > Add > Computer account > Local computer.
  4.  Click “Finish” and “Ok”.
  5.  Expand Certificates > Personal > Certificate.
  Meanwhile, I suggest you refer to Self-Signed Certificates section below.
  http://blogs.technet.com/b/exchange/archive/2012/11/26/supporting-windows-8-mail-in-your-organization.aspx
  Regards,
  Kelvin Xu
  TechNet Community Support