Re: [cisco-voip] are we still using custom jabber xml files in CUCM v11.5 and JAbber v12?

[Lelio Fulgenzi]

Well, if you have resources available, you can do what we did.

Delegate a sub-domain to a separate set of DNS server that do support split 
view.

You can contact me off list if you have questions.

Lelio

-sent from mobile device-

Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 
2W1<x-apple-data-detectors://1/0>
519-824-4120 Ext. 56354<tel:519-824-4120;56354> | 
le...@uoguelph.ca<mailto:le...@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, 
Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

On Jun 15, 2018, at 5:22 PM, Hunter Fuller 
<hf0...@uah.edu<mailto:hf0...@uah.edu>> wrote:

yeah, I'm currently up a creek as a result of this issue. Our DNS vendor 
doesn't even have an official way to offer split horizon (oops... that 
requirement didn't exist when we were looking for integrated IPAM products).

On Fri, Jun 15, 2018 at 8:35 AM Lelio Fulgenzi 
<le...@uoguelph.ca<mailto:le...@uoguelph.ca>> wrote:

Well, just like you said below… , “Webexconnect, which once attempted, if 
unsuccessful, just kills the how authentication attempt.”

Why couldn’t they do the same thing with the other services? Attempt to connect 
directly to the on-prem hosts, if that fails, then connect through expressway. 
Have a heartbeat going that always attempts to connect to on-prem and switches 
after a reliable connection history is established. Sure, takes a few more 
smarts, but I’m guessing, you asked 100 EDUs out there if they have split view 
DNS, chances are they don’t. That could be changing I guess.


---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354<tel:(519)%20824-4120> | 
le...@uoguelph.ca<mailto:le...@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, 
Twitter and Facebook

<image001.png>

From: Ryan Huff <ryanh...@outlook.com<mailto:ryanh...@outlook.com>>
Sent: Friday, June 15, 2018 8:36 AM
To: Lelio Fulgenzi <le...@uoguelph.ca<mailto:le...@uoguelph.ca>>
Cc: Matthew Loraditch 
<mloradi...@heliontechnologies.com<mailto:mloradi...@heliontechnologies.com>>; 
voyp list, cisco-voip 
(cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>) 
<cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>>

Subject: Re: [cisco-voip] are we still using custom jabber xml files in CUCM 
v11.5 and JAbber v12?

Now, I think DNS is the way to go for determining authentication and I actually 
like the way Jabber does it; it’s the perfect example of application democracy.

Jabber has an ordered list of things it checks for and moves on to each until 
it finds a service discovery and attempts authentication.

With my DNS server and the use of SRV priorities and weights, I can control how 
that ordered list is executed.

Each side of the process has balanced control, which I think, is the way it 
should be.

The you have the outlier, Webexconnect, which once attempted, if unsuccessful, 
just kills the how authentication attempt.

I feel like a simple conditional construct would solve this whole thing:

if (webexconnectLogin) { Login } else { checkForOtherThings }

Sent from my iPhone

On Jun 14, 2018, at 19:04, Lelio Fulgenzi 
<le...@uoguelph.ca<mailto:le...@uoguelph.ca>> wrote:

Hey - I had to go buy two new DNS servers and configure a specialty subdomain 
to enable MRA.

DNS resolution as the best way to decide who to speak to? Not sure I’m on board 
there.

You’re preaching to the converted as they say.


-sent from mobile device-


Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354<tel:519-824-4120;56354> | 
le...@uoguelph.ca<mailto:le...@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, 
Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

On Jun 14, 2018, at 6:59 PM, Ryan Huff 
<ryanh...@outlook.com<mailto:ryanh...@outlook.com>> wrote:
It just a silly draconian style application behavior that just doesn’t need to 
be there.
Sent from my iPhone

On Jun 14, 2018, at 18:51, Lelio Fulgenzi 
<le...@uoguelph.ca<mailto:le...@uoguelph.ca>> wrote:

Interesting. Thanks. I’m guessing we’re either not configured for Jabber cloud 
or are custom domain is preventing issues.

Now that I think about it, I do remember reading about this in the deployment 
guide. And the ways around it.
-sent from mobile device-


Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354<tel:519-824-4120;56354> | 
le...@uoguelph.ca<mailto:le...@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, 
Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

On Jun 14, 2018, at 6:47 PM, Ryan Huff 
<ryanh...@outlook.com<mailto:ryanh...@outlook.com>> wrote:
The Jabber client, by default, attempts service discovery with Webexconnect 
first (Cloud Jabber). If it finds the user’s suffix domain there, it attempts 
authentication and if its unsuccessful (Ex. it’s configured but not used by the 
customer, which accounts for many scenarios) it fails and does not attempt any 
other authentication methods.
Sent from my iPhone

On Jun 14, 2018, at 18:42, Lelio Fulgenzi 
<le...@uoguelph.ca<mailto:le...@uoguelph.ca>> wrote:

Interesting - I’ll have to read the rest of the thread to understand the full 
the impact of this, however, is it only a problem when you have WebEx messenger 
subscription and you don’t want to use it. Or does this impact everyone?

As for your comment on URLs and MSIs, I hear ya. Both good points. For me, 
though, reading that the URL only works (or worked) on certain devices didn’t 
bode well.

And what if they get a new device and need to reinstall? They’d have to find 
that email. I like educating our users on what service discovery domain to use.

Our software deployment team might be able to help to make it easier, but 
again, I’d rather they know how to log in themselves.




-sent from mobile device-


Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354<tel:519-824-4120;56354> | 
le...@uoguelph.ca<mailto:le...@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, 
Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

On Jun 14, 2018, at 3:51 PM, Ryan Huff 
<ryanh...@outlook.com<mailto:ryanh...@outlook.com>> wrote:
Sorry to Hijack this but ......

I’d settle for not having a forced Webexconnect authorization attempt without a 
good solution to turn it off.

If you think the command line installer switches to exclude a WebEx service 
discovery is an acceptable solution, I’d argue that you’re wrong. What if I 
want to go cloud someday? Just reinstall all the clients (since this method 
modified the bootstrap)?

If you think the mobile provisioning URL is a solution, it’s not. It’s a 
horrible solution. Convince my users to click on a funky looking url on their 
devices when I spend my existence espousing to users, not to click on funny 
looking links?

If you would think calling WebEx support to turn it off is acceptable ... 
please, by all means, try it and let me know your thoughts.

I’ve been after this feature for awhile now, just wrote a new idea request too 
...

https://communities.cisco.com/ideas/2827
Sent from my iPhone

On Jun 14, 2018, at 15:30, Lelio Fulgenzi 
<le...@uoguelph.ca<mailto:le...@uoguelph.ca>> wrote:
Well, that’s promising!

I hope whatever comes along will work with v11.5su4. I mean, if it requires and 
additional suX, I can live with that, too.



---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354<tel:(519)%20824-4120> | 
le...@uoguelph.ca<mailto:le...@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, 
Twitter and Facebook

<image001.png>

From: Matthew Loraditch 
<mloradi...@heliontechnologies.com<mailto:mloradi...@heliontechnologies.com>>
Sent: Thursday, June 14, 2018 3:12 PM
To: Lelio Fulgenzi <le...@uoguelph.ca<mailto:le...@uoguelph.ca>>; voyp list, 
cisco-voip (cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>) 
<cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>>
Subject: Re: [cisco-voip] are we still using custom jabber xml files in CUCM 
v11.5 and JAbber v12?

Hmm the most Ill say is you may be happy this fall wink wink

Get Outlook for iOS<https://aka.ms/o0ukef>


Matthew Loraditch​

Sr. Network Engineer


p: 443.541.1518<tel:443.541.1518>



w: www.heliontechnologies.com<http://www.heliontechnologies.com/>

 |

e: mloradi...@heliontechnologies.com<mailto:mloradi...@heliontechnologies.com>


<image002.png>


<image003.png><https://facebook.com/heliontech>


<image004.png><https://twitter.com/heliontech>


<image005.png><https://www.linkedin.com/company/helion-technologies>




<image006.png><https://heliontechnologies.com/events/14th-annual-automotive-cx-summit-hosted-thought-leadership-summits/>




________________________________
From: cisco-voip 
<cisco-voip-boun...@puck.nether.net<mailto:cisco-voip-boun...@puck.nether.net>> 
on behalf of Lelio Fulgenzi <le...@uoguelph.ca<mailto:le...@uoguelph.ca>>
Sent: Thursday, June 14, 2018 2:59:19 PM
To: voyp list, cisco-voip 
(cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>)
Subject: [cisco-voip] are we still using custom jabber xml files in CUCM v11.5 
and JAbber v12?


I realized that in CUCM v9 and Jabber v11, we needed to use custom jabber xml 
files if we wanted to turn on a feature for some people but not others. That 
gets tricky with multiple features and providing some but not others. 
Definitely not scalable.

Has this changed in CUCM v11.5 and Jabber v12? I’m really hoping that the 
device configuration page will include most of the feature information.

We see new COP files distributed for phones as they are improved upon, it would 
be neat to see the same thing for Jabber.



---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354<tel:(519)%20824-4120> | 
le...@uoguelph.ca<mailto:le...@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, 
Twitter and Facebook

<image001.png>

_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip
--

--
Hunter Fuller
Network Engineer
VBH Annex B-5
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Systems and Infrastructure

_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip