Re: [cisco-voip] CUCM translation pattern postfix
I don't think so, because the XXX can only be at the end of a TP called party mask. From: Steve Siltman [mailto:steve.silt...@assurant.com] Sent: Tuesday, July 21, 2015 10:18 AM To: cisco-voip@puck.nether.net Cc: natec...@gmail.com Subject: Re: CUCM translation pattern postfix Hi Nate, Would double dipping translations work? First translation for *5XXX 8XXX which then calls Second translation 8XXX3101 I want to do some system wide speed dials in CUCM. *5XXX to call 8XXX3101. I tried Called Party Transform Mask on the translation pattern of 8XXX3101, but it doesn?t allow the post fixing of digits and still use the XXX, it needs to be the last digits. I know I could do this in IOS, but I really want a CUCM only solution, without creating an individual TP for each XXX. Thanks, -Nate Thanks, Steve Assurant Corporate Technology Senior Network Engineer - Cisco CCNP Voice _ This e-mail message and all attachments transmitted with it may contain legally privileged and/or confidential information intended solely for the use of the addressee(s). If the reader of this message is not the intended recipient, you are hereby notified that any reading, dissemination, distribution, copying, forwarding or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete this message and all copies and backups thereof. Thank you. ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
[cisco-voip] Call abandonment
Anyone doing any call abandonment with cisco ? We were looking at chronicall but doesn't not support cisco. Our site has a small CME install with sip trunks so would prefer something sip based so we have flexibility going forward If anyone has any hands on experience or recommendations please do share on or off list Thanks Chris ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
[cisco-voip] UCCE Agent Silent Monitoring
I'm looking for some guides/sample code for using JTAPI besides the Cisco JTAPI Developers Guides (http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/jtapi_dev/8_6_1/jtapidevguide.pdf). Specifically what I want to do is invoke the startMonitoring JTAPI function for a target DN when that DN is on a call and a supervisor DN is not on a call. I was able to get as far as invoking monitoring, but can't seem to determine if a DN is on a call in a useful way that monitoring can be invoked based on the result. I can see the status of the call, but can't pass that value outside of the method that sees the status. The purpose of this application is to allow supervisors to monitor their agents without needing to deploy MediaSense with a 3rd party add on, or upgrading to Finesse at this time. CAD 8.5.4 ES4 for UCCE seems to fail more than 50% of the time while attempting to locate its VoIP monitor servers during start up of Cisco Agent Desktop, when this occurs silent monitoring does not function. I would also be interested in hearing any reviews of agent monitoring products (open source or commercial) that make use of the built in bridge for agent monitoring. As well as reviews of Finesse under UCCE and its integrated silent monitoring. Thanks, Gentoo ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] PCD download Bootable?
Scot, It comes pre-installed on the BE6/7K. The other option is to get it e-delivered from the PUT tool (using a valid contract). There are alternative methods to getting non-bootable ISOs to work but I cannot endorse them as the are not supported. Thanks, Ryan Date: Tue, 21 Jul 2015 09:01:50 -0700 From: svoll.v...@gmail.com To: cisco-voip@puck.nether.net Subject: [cisco-voip] PCD download Bootable? OK, I have found the upgrade, but where do I find the bootable version of PCD? I've tried PUT and can't find it. Any ideas? Thanks scott ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] PCD download Bootable?
I have Valid contracts and just PUT for UC, CM, CER, UCCx, PLM and got all of them downloaded. But I Can't find PCD in the PUT. Am I looking for the wrong thing? I do see a Prime Collaboration Standard. is that it in PUT? TIA Scott On Tue, Jul 21, 2015 at 9:19 AM, Ryan Huff ryanh...@outlook.com wrote: Scot, It comes pre-installed on the BE6/7K. The other option is to get it e-delivered from the PUT tool (using a valid contract). There are alternative methods to getting non-bootable ISOs to work but I cannot endorse them as the are not supported. Thanks, Ryan -- Date: Tue, 21 Jul 2015 09:01:50 -0700 From: svoll.v...@gmail.com To: cisco-voip@puck.nether.net Subject: [cisco-voip] PCD download Bootable? OK, I have found the upgrade, but where do I find the bootable version of PCD? I've tried PUT and can't find it. Any ideas? Thanks scott ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] Digicert Wildcard certificates
While we are on the topic of certs, has anyone had issues with certain CAs not allowing top level domain as a SAN (e.g. cisco.com) ? GoDaddy would complain in the UI that you shouldn't have a top level domain as a SAN but would still sign the cert. I'm having a problem know with Internet2/Incommon where it won't let me put a top level domain in the cert as a SAN. It just won't take the CSR. Justin On Tue, Jul 21, 2015 at 8:16 AM, NateCCIE natec...@gmail.com wrote: I think it’s 15 SANS plus *.domain.com and domain.com Pricing is at https://www.digicert.com/wildcard-ssl-certificates.htm *From:* cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] *On Behalf Of *Anthony Holloway *Sent:* Monday, July 20, 2015 11:49 PM *To:* Charles Goldsmith; Ian Anderson *Cc:* Cisco VOIP *Subject:* Re: [cisco-voip] Digicert Wildcard certificates That's great to hear about digicert. I just went through a rough time with Comodo trying to get multiserver certs and my CNAMEs in the SAN field. How many SAN entries does digicert limit you to and at what price per year? On Mon, Jul 20, 2015 at 11:19 AM Charles Goldsmith wo...@justfamily.org wrote: One thing of note, Digicert works very well with all of our UC apps with their UC certificate. Add all of your server names as SAN's, as well as the domain name, and just duplicate the certificate for each app, changing the CN. It works well and also Digicert has great support. On Sun, Jul 19, 2015 at 4:27 AM, Ian Anderson i...@andersoi.co.uk wrote: Hi Nate, I think that the concern of using wildcards generaly comes from the security and compliance folks in that if the private key of any of the servers was to be compromised then the resulting public and private keys could be used to impersonate any subdomain, e.g e-payments.domain.com.. That said, as long as the customer is aware of the risk then the digicert is a fantastic option, although a lot of these issues go away in 10.5. The only app I've had it completely throw a wobble on so far is UCCX 9.0 as this was checking the CN on certificate upload and didn't like * even though the server name as in the SAN. Cheers Ian On 16 July 2015 at 02:35, NateCCIE natec...@gmail.com wrote: Most of the time wildcard certs mean you have a CSR and a private key generated by something, and then you upload the private key and the public key to lots of servers. The application would need to be able to upload a private key and not require its own CSR. Cucm, unity cxn, uccx, do not support uploading a private key. Expressway, I think conductor do allow you to upload a private key. But what makes digicert really cool is you can buy the wildcard cert, then you keep reissuing a new certificate from that one purchase. You can do this from what I understand an unlimited times. There may be other CAs that do this. I saw one the seemed like it was going to work, but since the CSR did not include the * as a SAN, they would not issue the cert. Digicert with the Willard includes the *.domain.com and domain.com SANs automatically, and you can specify about 15 other SANs for each CSR/cert. So cucm and the other apps are happy because the cert was generated using its own CSR. Using these certs, I had one TAC case where cucm balked at the cert, but I could upload the cluster wide tomcat SAN cert via imp. This turned out to be a problem with the domain casing not matching between all of the servers and the cert. always use domain.com and not DOMain.com and life is happy. I am not affiliated with digicert other than they are here in Utah also. It just makes life really easy to tell the customer to buy this one cert and O I can make all of the Cisco UC/jabber cert errors go away! Ps. Has anyone figured out what to do with conductor wanting IP address in the SAN? Sent from my iPhone On Jul 15, 2015, at 10:42 AM, Anthony Holloway avholloway+cisco-v...@gmail.com wrote: I'm a little confused here. According to this article: http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-callmanager/115957-high-level-view-ca-00.html#wildcard, and this defect ID: https://tools.cisco.com/bugsearch/bug/CSCta14114/, wild card certs are not supported. Are we talking about the same thing here? On Wed, Jul 15, 2015 at 10:08 AM Eric Pedersen peders...@bennettjones.com wrote: Digicert lets you put your domain and subdomains of any level as SANs. It’s great! They even generated a duplicate certificate for me with a different root CA that was supported with WebEx enabled Telepresence. We use their wildcard certificates on all of our UC servers. *From:* cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] *On Behalf Of *Heim, Dennis *Sent:* 15 July 2015 8:28 AM *To:* Ian Anderson; NateCCIE; Cisco VOIP *Subject:* Re: [cisco-voip] Digicert Wildcard certificates I’ve found the
Re: [cisco-voip] CUCM translation pattern postfix
Hi Nate, Would double dipping translations work? First translation for *5XXX 8XXX which then calls Second translation 8XXX3101 I want to do some system wide speed dials in CUCM. *5XXX to call 8XXX3101. I tried Called Party Transform Mask on the translation pattern of 8XXX3101, but it doesn?t allow the post fixing of digits and still use the XXX, it needs to be the last digits. I know I could do this in IOS, but I really want a CUCM only solution, without creating an individual TP for each XXX. Thanks, -Nate Thanks, Steve Assurant Corporate Technology Senior Network Engineer - Cisco CCNP Voice ** This e-mail message and all attachments transmitted with it may contain legally privileged and/or confidential information intended solely for the use of the addressee(s). If the reader of this message is not the intended recipient, you are hereby notified that any reading, dissemination, distribution, copying, forwarding or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete this message and all copies and backups thereof. Thank you. ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] How to send call to 10 digit in ICM Scripting
Nevermind, didn't realize how different it was in ICM scripting. On Tue, Jul 21, 2015 at 10:40 AM, Brian Meade bmead...@vt.edu wrote: Abdul, Usually you'll want to use the Call Redirect step for something like this. Brian On Tue, Jul 21, 2015 at 10:27 AM, AbdusSaboor Khan saboor.k...@gmail.com wrote: Hi, Can someone guide me how to send call to to 10 Digits in ICM scripting, as sending to some digits label is working fine and then we need to call forward on that extension in Call manager. Here is the scenario, Our Script is like press 1 to an agent press 2 for field agent (need to forward that call to that agent who is not login into CAD) Regards, Abdul ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] CUCM IMP and postgress database instances
Lelio, Yes you need an external instance of postgresql. I find that Ubuntu works best. Thanks, Ryan Original Message From: Lelio Fulgenzi le...@uoguelph.ca Sent: Tuesday, July 21, 2015 12:37 PM To: cisco-voip@puck.nether.net Subject: [cisco-voip] CUCM IMP and postgress database instances I'm trying to make sense out of the database instance requirements for persistent chat, etc., in the IMP section of the v9 SRND. http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html In particular: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html#wp1133638 Are they referring to different tables in the same database process running on the server, or are they requiring that I spin up additional postgreSQL instances on different TCP ports? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] CUCM IMP and postgress database instances
So depending on my cluster configuration, I could have up to six or eight postgreSQL instances running on my database server? Seems like overkill. Wonder why they couldn't simply use a different table in the database? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 - Original Message - From: Ryan Huff ryanh...@outlook.com To: le...@uoguelph.ca, cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 1:07:47 PM Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Lelio, Yes you need an external instance of postgresql. I find that Ubuntu works best. Thanks, Ryan Original Message From: Lelio Fulgenzi le...@uoguelph.ca Sent: Tuesday, July 21, 2015 12:37 PM To: cisco-voip@puck.nether.net Subject: [cisco-voip] CUCM IMP and postgress database instances I'm trying to make sense out of the database instance requirements for persistent chat, etc., in the IMP section of the v9 SRND. http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html In particular: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html#wp1133638 Are they referring to different tables in the same database process running on the server, or are they requiring that I spin up additional postgreSQL instances on different TCP ports? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] PCD download Bootable?
Follow up. I did find it under my edelivery for CM. Sorry for the noise. scott On Tue, Jul 21, 2015 at 9:29 AM, Scott Voll svoll.v...@gmail.com wrote: I have Valid contracts and just PUT for UC, CM, CER, UCCx, PLM and got all of them downloaded. But I Can't find PCD in the PUT. Am I looking for the wrong thing? I do see a Prime Collaboration Standard. is that it in PUT? TIA Scott On Tue, Jul 21, 2015 at 9:19 AM, Ryan Huff ryanh...@outlook.com wrote: Scot, It comes pre-installed on the BE6/7K. The other option is to get it e-delivered from the PUT tool (using a valid contract). There are alternative methods to getting non-bootable ISOs to work but I cannot endorse them as the are not supported. Thanks, Ryan -- Date: Tue, 21 Jul 2015 09:01:50 -0700 From: svoll.v...@gmail.com To: cisco-voip@puck.nether.net Subject: [cisco-voip] PCD download Bootable? OK, I have found the upgrade, but where do I find the bootable version of PCD? I've tried PUT and can't find it. Any ideas? Thanks scott ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] CUCM IMP and postgress database instances
I believe it would still be just one DB instance on your external DB server for the IMP cluster. Now outside of the Cisco world; you could then setup your own PostgreSQL farm for redundancy ... etc. Date: Tue, 21 Jul 2015 13:12:23 -0400 From: le...@uoguelph.ca To: ryanh...@outlook.com CC: cisco-voip@puck.nether.net Subject: Re: [cisco-voip] CUCM IMP and postgress database instances So depending on my cluster configuration, I could have up to six or eight postgreSQL instances running on my database server? Seems like overkill. Wonder why they couldn't simply use a different table in the database? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 From: Ryan Huff ryanh...@outlook.com To: le...@uoguelph.ca, cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 1:07:47 PM Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Lelio,Yes you need an external instance of postgresql. I find that Ubuntu works best.Thanks,Ryan Original Message From: Lelio Fulgenzi le...@uoguelph.ca Sent: Tuesday, July 21, 2015 12:37 PM To: cisco-voip@puck.nether.net Subject: [cisco-voip] CUCM IMP and postgress database instances I'm trying to make sense out of the database instance requirements for persistent chat, etc., in the IMP section of the v9 SRND. http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html In particular: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html#wp1133638 Are they referring to different tables in the same database process running on the server, or are they requiring that I spin up additional postgreSQL instances on different TCP ports? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] CUCM IMP and postgress database instances
Thanks Ryan. Just reading through some more documents and it seems that's correct. One actual spin of the postgreSQL process with multiple databases on that process. The documents show that I have to create the appropriate users and databases on the postgreSQL CLI and then the rest is done on the IMP servers, i.e. the creating of the tables. This is still a pilot project, but I want to be able to use as many features as possible. In the event we go production, especially if we go Jabber for Everyone, I would definitely recommend some sort of postgreSQL cluster or however they do redundancy. We have limited postgreSQL experience in our area, so it might even mean getting a contractor in to decide how to configure things properly. Especially for things like performance and system backup/restore. Cheers, Lelio --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 - Original Message - From: Ryan Huff ryanh...@outlook.com To: Lelio Fulgenzi le...@uoguelph.ca Cc: cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 2:30:06 PM Subject: RE: [cisco-voip] CUCM IMP and postgress database instances I believe it would still be just one DB instance on your external DB server for the IMP cluster. Now outside of the Cisco world; you could then setup your own PostgreSQL farm for redundancy ... etc. Date: Tue, 21 Jul 2015 13:12:23 -0400 From: le...@uoguelph.ca To: ryanh...@outlook.com CC: cisco-voip@puck.nether.net Subject: Re: [cisco-voip] CUCM IMP and postgress database instances So depending on my cluster configuration, I could have up to six or eight postgreSQL instances running on my database server? Seems like overkill. Wonder why they couldn't simply use a different table in the database? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 From: Ryan Huff ryanh...@outlook.com To: le...@uoguelph.ca, cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 1:07:47 PM Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Lelio, Yes you need an external instance of postgresql. I find that Ubuntu works best. Thanks, Ryan Original Message From: Lelio Fulgenzi le...@uoguelph.ca Sent: Tuesday, July 21, 2015 12:37 PM To: cisco-voip@puck.nether.net Subject: [cisco-voip] CUCM IMP and postgress database instances I'm trying to make sense out of the database instance requirements for persistent chat, etc., in the IMP section of the v9 SRND. http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html In particular: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html#wp1133638 Are they referring to different tables in the same database process running on the server, or are they requiring that I spin up additional postgreSQL instances on different TCP ports? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] CUCM IMP and postgress database instances
Thanks Ryan. That's the one I'm reading (among others). I'm in the planning stages right now. So reading through first, without actually having access to servers to try things out. --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 - Original Message - From: Ryan Huff ryanh...@outlook.com To: Lelio Fulgenzi le...@uoguelph.ca Cc: cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 2:45:36 PM Subject: RE: [cisco-voip] CUCM IMP and postgress database instances Lelio, Follow this guide; http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/im_presence/database_setup/9_0_1/CUP0_BK_D6919EAA_00_database-setup-guide-imp-90/CUP0_BK_D6919EAA_00_database-setup-guide-imp-90_chapter_010.html Walks you through the DB setup ... etc. Having done CPIM compliance server installs more than a few times, I can tell you it isn't as tough as the docs make it seem. Thanks, Ryan Date: Tue, 21 Jul 2015 14:38:19 -0400 From: le...@uoguelph.ca To: ryanh...@outlook.com CC: cisco-voip@puck.nether.net Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Thanks Ryan. Just reading through some more documents and it seems that's correct. One actual spin of the postgreSQL process with multiple databases on that process. The documents show that I have to create the appropriate users and databases on the postgreSQL CLI and then the rest is done on the IMP servers, i.e. the creating of the tables. This is still a pilot project, but I want to be able to use as many features as possible. In the event we go production, especially if we go Jabber for Everyone, I would definitely recommend some sort of postgreSQL cluster or however they do redundancy. We have limited postgreSQL experience in our area, so it might even mean getting a contractor in to decide how to configure things properly. Especially for things like performance and system backup/restore. Cheers, Lelio --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 From: Ryan Huff ryanh...@outlook.com To: Lelio Fulgenzi le...@uoguelph.ca Cc: cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 2:30:06 PM Subject: RE: [cisco-voip] CUCM IMP and postgress database instances I believe it would still be just one DB instance on your external DB server for the IMP cluster. Now outside of the Cisco world; you could then setup your own PostgreSQL farm for redundancy ... etc. Date: Tue, 21 Jul 2015 13:12:23 -0400 From: le...@uoguelph.ca To: ryanh...@outlook.com CC: cisco-voip@puck.nether.net Subject: Re: [cisco-voip] CUCM IMP and postgress database instances So depending on my cluster configuration, I could have up to six or eight postgreSQL instances running on my database server? Seems like overkill. Wonder why they couldn't simply use a different table in the database? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 From: Ryan Huff ryanh...@outlook.com To: le...@uoguelph.ca, cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 1:07:47 PM Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Lelio, Yes you need an external instance of postgresql. I find that Ubuntu works best. Thanks, Ryan Original Message From: Lelio Fulgenzi le...@uoguelph.ca Sent: Tuesday, July 21, 2015 12:37 PM To: cisco-voip@puck.nether.net Subject: [cisco-voip] CUCM IMP and postgress database instances I'm trying to make sense out of the database instance requirements for persistent chat, etc., in the IMP section of the v9 SRND. http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html In particular: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html#wp1133638 Are they referring to different tables in the same database process running on the server, or are they requiring that I spin up additional postgreSQL instances on different TCP ports? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 ___ cisco-voip mailing list cisco-voip@puck.nether.net
Re: [cisco-voip] CUCM IMP and postgress database instances
Lelio, Follow this guide; http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/im_presence/database_setup/9_0_1/CUP0_BK_D6919EAA_00_database-setup-guide-imp-90/CUP0_BK_D6919EAA_00_database-setup-guide-imp-90_chapter_010.html Walks you through the DB setup ... etc. Having done CPIM compliance server installs more than a few times, I can tell you it isn't as tough as the docs make it seem. Thanks, Ryan Date: Tue, 21 Jul 2015 14:38:19 -0400 From: le...@uoguelph.ca To: ryanh...@outlook.com CC: cisco-voip@puck.nether.net Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Thanks Ryan. Just reading through some more documents and it seems that's correct. One actual spin of the postgreSQL process with multiple databases on that process. The documents show that I have to create the appropriate users and databases on the postgreSQL CLI and then the rest is done on the IMP servers, i.e. the creating of the tables. This is still a pilot project, but I want to be able to use as many features as possible. In the event we go production, especially if we go Jabber for Everyone, I would definitely recommend some sort of postgreSQL cluster or however they do redundancy. We have limited postgreSQL experience in our area, so it might even mean getting a contractor in to decide how to configure things properly. Especially for things like performance and system backup/restore. Cheers, Lelio --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 From: Ryan Huff ryanh...@outlook.com To: Lelio Fulgenzi le...@uoguelph.ca Cc: cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 2:30:06 PM Subject: RE: [cisco-voip] CUCM IMP and postgress database instances I believe it would still be just one DB instance on your external DB server for the IMP cluster. Now outside of the Cisco world; you could then setup your own PostgreSQL farm for redundancy ... etc. Date: Tue, 21 Jul 2015 13:12:23 -0400 From: le...@uoguelph.ca To: ryanh...@outlook.com CC: cisco-voip@puck.nether.net Subject: Re: [cisco-voip] CUCM IMP and postgress database instances So depending on my cluster configuration, I could have up to six or eight postgreSQL instances running on my database server? Seems like overkill. Wonder why they couldn't simply use a different table in the database? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 From: Ryan Huff ryanh...@outlook.com To: le...@uoguelph.ca, cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 1:07:47 PM Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Lelio,Yes you need an external instance of postgresql. I find that Ubuntu works best.Thanks,Ryan Original Message From: Lelio Fulgenzi le...@uoguelph.ca Sent: Tuesday, July 21, 2015 12:37 PM To: cisco-voip@puck.nether.net Subject: [cisco-voip] CUCM IMP and postgress database instances I'm trying to make sense out of the database instance requirements for persistent chat, etc., in the IMP section of the v9 SRND. http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html In particular: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html#wp1133638 Are they referring to different tables in the same database process running on the server, or are they requiring that I spin up additional postgreSQL instances on different TCP ports? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] CUCM IMP and postgress database instances
If you need/want any additional assistance just unicast me. Thanks, Ryan Original Message From: Lelio Fulgenzi le...@uoguelph.ca Sent: Tuesday, July 21, 2015 02:52 PM To: Ryan Huff ryanh...@outlook.com Subject: Re: [cisco-voip] CUCM IMP and postgress database instances CC: cisco-voip@puck.nether.net Thanks Ryan. That's the one I'm reading (among others). I'm in the planning stages right now. So reading through first, without actually having access to servers to try things out. --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 - Original Message - From: Ryan Huff ryanh...@outlook.com To: Lelio Fulgenzi le...@uoguelph.ca Cc: cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 2:45:36 PM Subject: RE: [cisco-voip] CUCM IMP and postgress database instances Lelio, Follow this guide; http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/im_presence/database_setup/9_0_1/CUP0_BK_D6919EAA_00_database-setup-guide-imp-90/CUP0_BK_D6919EAA_00_database-setup-guide-imp-90_chapter_010.html Walks you through the DB setup ... etc. Having done CPIM compliance server installs more than a few times, I can tell you it isn't as tough as the docs make it seem. Thanks, Ryan Date: Tue, 21 Jul 2015 14:38:19 -0400 From: le...@uoguelph.ca To: ryanh...@outlook.com CC: cisco-voip@puck.nether.net Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Thanks Ryan. Just reading through some more documents and it seems that's correct. One actual spin of the postgreSQL process with multiple databases on that process. The documents show that I have to create the appropriate users and databases on the postgreSQL CLI and then the rest is done on the IMP servers, i.e. the creating of the tables. This is still a pilot project, but I want to be able to use as many features as possible. In the event we go production, especially if we go Jabber for Everyone, I would definitely recommend some sort of postgreSQL cluster or however they do redundancy. We have limited postgreSQL experience in our area, so it might even mean getting a contractor in to decide how to configure things properly. Especially for things like performance and system backup/restore. Cheers, Lelio --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 From: Ryan Huff ryanh...@outlook.com To: Lelio Fulgenzi le...@uoguelph.ca Cc: cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 2:30:06 PM Subject: RE: [cisco-voip] CUCM IMP and postgress database instances I believe it would still be just one DB instance on your external DB server for the IMP cluster. Now outside of the Cisco world; you could then setup your own PostgreSQL farm for redundancy ... etc. Date: Tue, 21 Jul 2015 13:12:23 -0400 From: le...@uoguelph.ca To: ryanh...@outlook.com CC: cisco-voip@puck.nether.net Subject: Re: [cisco-voip] CUCM IMP and postgress database instances So depending on my cluster configuration, I could have up to six or eight postgreSQL instances running on my database server? Seems like overkill. Wonder why they couldn't simply use a different table in the database? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 From: Ryan Huff ryanh...@outlook.com To: le...@uoguelph.ca, cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 1:07:47 PM Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Lelio, Yes you need an external instance of postgresql. I find that Ubuntu works best. Thanks, Ryan Original Message From: Lelio Fulgenzi le...@uoguelph.ca Sent: Tuesday, July 21, 2015 12:37 PM To: cisco-voip@puck.nether.net Subject: [cisco-voip] CUCM IMP and postgress database instances I'm trying to make sense out of the database instance requirements for persistent chat, etc., in the IMP section of the v9 SRND. http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html In particular: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html#wp1133638 Are they referring to different tables in the same database process running on the server, or are they requiring that I spin up additional postgreSQL instances on different TCP ports? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure
Re: [cisco-voip] cisco-voip Digest, Vol 141, Issue 18
balked at the cert, but I could upload the cluster wide tomcat SAN cert via imp. This turned out to be a problem with the domain casing not matching between all of the servers and the cert. always use domain.com and not DOMain.com and life is happy. I am not affiliated with digicert other than they are here in Utah also. It just makes life really easy to tell the customer to buy this one cert and O I can make all of the Cisco UC/jabber cert errors go away! Ps. Has anyone figured out what to do with conductor wanting IP address in the SAN? Sent from my iPhone On Jul 15, 2015, at 10:42 AM, Anthony Holloway avholloway+cisco-v...@gmail.com wrote: I'm a little confused here. According to this article: http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-callmanager/115957-high-level-view-ca-00.html#wildcard, and this defect ID: https://tools.cisco.com/bugsearch/bug/CSCta14114/, wild card certs are not supported. Are we talking about the same thing here? On Wed, Jul 15, 2015 at 10:08 AM Eric Pedersen peders...@bennettjones.com wrote: Digicert lets you put your domain and subdomains of any level as SANs. It?s great! They even generated a duplicate certificate for me with a different root CA that was supported with WebEx enabled Telepresence. We use their wildcard certificates on all of our UC servers. *From:* cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] *On Behalf Of *Heim, Dennis *Sent:* 15 July 2015 8:28 AM *To:* Ian Anderson; NateCCIE; Cisco VOIP *Subject:* Re: [cisco-voip] Digicert Wildcard certificates I?ve found the hardest thing to find a cert providers that likes putting the domain as a san such as DNS=mycollab.com. Has anyone found any providers that are kosher with that? From one of the Cisco Live sessions, I was told this is needed for service discovery to function properly. *Dennis Heim | Emerging Technology Architect (Collaboration)* World Wide Technology, Inc. | +1 314-212-1814 [image: twitter] https://twitter.com/CollabSensei image002.pngimage003.png +13142121814image004.png ?There is a fine line between Wrong and Visionary. Unfortunately, you have to be a visionary to see it. ? Sheldon Cooper Click here to join me in my Collaboration Meeting Room https://wwt.webex.com/meet/dennis.heim *From:* cisco-voip [mailto:cisco-voip-boun...@puck.nether.net cisco-voip-boun...@puck.nether.net] *On Behalf Of *Ian Anderson *Sent:* Wednesday, July 15, 2015 10:18 AM *To:* NateCCIE; Cisco VOIP *Subject:* Re: [cisco-voip] Digicert Wildcard certificates On 15 July 2015 at 15:02, NateCCIE natec...@gmail.com wrote: Did you put all of your SANs in the digicert page? z I have this working on all of my expressway installs. Hi Nate, Thanks for the quick response, just for preservation in the archives for future posterity and confirmation that digicert seems fine despite the warnings in the manuals, it seemed I was running into 2 separate issues. 1) I had uploaded the intermediate cert, but needed to manually download and upload the root CA 2) That then got me past the TLS error, only to find that I had fat-fingered the hostname in the SAN field :-( Cheers Ian The contents of this message may contain confidential and/or privileged subject matter. If this message has been received in error, please contact the sender and delete all copies. Like other forms of communication, e-mail communications may be vulnerable to interception by unauthorized parties. If you do not wish us to communicate with you by e-mail, please notify us at your earliest convenience. In the absence of such notification, your consent is assumed. Should you choose to allow us to communicate by e-mail, we will not take any additional security measures (such as encryption) unless specifically requested. If you no longer wish to receive commercial messages, you can unsubscribe by accessing this link: http://www.bennettjones.com/unsubscribe ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip -- next part -- An HTML attachment was scrubbed... URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20150721/0c12cef0/attachment-0001.html -- next part -- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 3876 bytes Desc: not available URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20150721/0c12cef0/attachment-0001.png -- Message: 11
Re: [cisco-voip] Digicert Wildcard certificates
Ya sorry I meant the parent domain. The issue ended up being that the Incommon wasn't setup right. Their 800 tech support fixed it in like 40 seconds which was pretty cool. I believe the 10.5 systems add the parent domain, or maybe it is just Multiserver certs. Justin Justin, TLDs are like .com, .net, .org , etc. I think you meant parent domain. Also, is that a feature of the multiserver cert, because I don't see CER for example putting the parent domain in the CSR. On Tue, Jul 21, 2015 at 10:24 AM Justin Steinberg jsteinb...@gmail.com wrote: While we are on the topic of certs, has anyone had issues with certain CAs not allowing top level domain as a SAN (e.g. cisco.com) ? GoDaddy would complain in the UI that you shouldn't have a top level domain as a SAN but would still sign the cert. I'm having a problem know with Internet2/Incommon where it won't let me put a top level domain in the cert as a SAN. It just won't take the CSR. Justin On Tue, Jul 21, 2015 at 8:16 AM, NateCCIE natec...@gmail.com wrote: I think it’s 15 SANS plus *.domain.com and domain.com Pricing is at https://www.digicert.com/wildcard-ssl-certificates.htm *From:* cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] *On Behalf Of *Anthony Holloway *Sent:* Monday, July 20, 2015 11:49 PM *To:* Charles Goldsmith; Ian Anderson *Cc:* Cisco VOIP *Subject:* Re: [cisco-voip] Digicert Wildcard certificates That's great to hear about digicert. I just went through a rough time with Comodo trying to get multiserver certs and my CNAMEs in the SAN field. How many SAN entries does digicert limit you to and at what price per year? On Mon, Jul 20, 2015 at 11:19 AM Charles Goldsmith wo...@justfamily.org wrote: One thing of note, Digicert works very well with all of our UC apps with their UC certificate. Add all of your server names as SAN's, as well as the domain name, and just duplicate the certificate for each app, changing the CN. It works well and also Digicert has great support. On Sun, Jul 19, 2015 at 4:27 AM, Ian Anderson i...@andersoi.co.uk wrote: Hi Nate, I think that the concern of using wildcards generaly comes from the security and compliance folks in that if the private key of any of the servers was to be compromised then the resulting public and private keys could be used to impersonate any subdomain, e.g e-payments.domain.com.. That said, as long as the customer is aware of the risk then the digicert is a fantastic option, although a lot of these issues go away in 10.5. The only app I've had it completely throw a wobble on so far is UCCX 9.0 as this was checking the CN on certificate upload and didn't like * even though the server name as in the SAN. Cheers Ian On 16 July 2015 at 02:35, NateCCIE natec...@gmail.com wrote: Most of the time wildcard certs mean you have a CSR and a private key generated by something, and then you upload the private key and the public key to lots of servers. The application would need to be able to upload a private key and not require its own CSR. Cucm, unity cxn, uccx, do not support uploading a private key. Expressway, I think conductor do allow you to upload a private key. But what makes digicert really cool is you can buy the wildcard cert, then you keep reissuing a new certificate from that one purchase. You can do this from what I understand an unlimited times. There may be other CAs that do this. I saw one the seemed like it was going to work, but since the CSR did not include the * as a SAN, they would not issue the cert. Digicert with the Willard includes the *.domain.com and domain.com SANs automatically, and you can specify about 15 other SANs for each CSR/cert. So cucm and the other apps are happy because the cert was generated using its own CSR. Using these certs, I had one TAC case where cucm balked at the cert, but I could upload the cluster wide tomcat SAN cert via imp. This turned out to be a problem with the domain casing not matching between all of the servers and the cert. always use domain.com and not DOMain.com and life is happy. I am not affiliated with digicert other than they are here in Utah also. It just makes life really easy to tell the customer to buy this one cert and O I can make all of the Cisco UC/jabber cert errors go away! Ps. Has anyone figured out what to do with conductor wanting IP address in the SAN? Sent from my iPhone On Jul 15, 2015, at 10:42 AM, Anthony Holloway avholloway+cisco-v...@gmail.com wrote: I'm a little confused here. According to this article: http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-callmanager/115957-high-level-view-ca-00.html#wildcard, and this defect ID: https://tools.cisco.com/bugsearch/bug/CSCta14114/, wild card certs are not supported. Are we talking about the same thing here? On Wed, Jul 15, 2015 at 10:08 AM Eric
Re: [cisco-voip] CUCM IMP and postgress database instances
If you need/want any additional assistance just unicast me. Thanks, Ryan Original Message From: Lelio Fulgenzi le...@uoguelph.ca Sent: Tuesday, July 21, 2015 02:52 PM To: Ryan Huff ryanh...@outlook.com Subject: Re: [cisco-voip] CUCM IMP and postgress database instances CC: cisco-voip@puck.nether.net Thanks Ryan. That's the one I'm reading (among others). I'm in the planning stages right now. So reading through first, without actually having access to servers to try things out. --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 - Original Message - From: Ryan Huff ryanh...@outlook.com To: Lelio Fulgenzi le...@uoguelph.ca Cc: cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 2:45:36 PM Subject: RE: [cisco-voip] CUCM IMP and postgress database instances Lelio, Follow this guide; http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/im_presence/database_setup/9_0_1/CUP0_BK_D6919EAA_00_database-setup-guide-imp-90/CUP0_BK_D6919EAA_00_database-setup-guide-imp-90_chapter_010.html Walks you through the DB setup ... etc. Having done CPIM compliance server installs more than a few times, I can tell you it isn't as tough as the docs make it seem. Thanks, Ryan Date: Tue, 21 Jul 2015 14:38:19 -0400 From: le...@uoguelph.ca To: ryanh...@outlook.com CC: cisco-voip@puck.nether.net Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Thanks Ryan. Just reading through some more documents and it seems that's correct. One actual spin of the postgreSQL process with multiple databases on that process. The documents show that I have to create the appropriate users and databases on the postgreSQL CLI and then the rest is done on the IMP servers, i.e. the creating of the tables. This is still a pilot project, but I want to be able to use as many features as possible. In the event we go production, especially if we go Jabber for Everyone, I would definitely recommend some sort of postgreSQL cluster or however they do redundancy. We have limited postgreSQL experience in our area, so it might even mean getting a contractor in to decide how to configure things properly. Especially for things like performance and system backup/restore. Cheers, Lelio --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 From: Ryan Huff ryanh...@outlook.com To: Lelio Fulgenzi le...@uoguelph.ca Cc: cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 2:30:06 PM Subject: RE: [cisco-voip] CUCM IMP and postgress database instances I believe it would still be just one DB instance on your external DB server for the IMP cluster. Now outside of the Cisco world; you could then setup your own PostgreSQL farm for redundancy ... etc. Date: Tue, 21 Jul 2015 13:12:23 -0400 From: le...@uoguelph.ca To: ryanh...@outlook.com CC: cisco-voip@puck.nether.net Subject: Re: [cisco-voip] CUCM IMP and postgress database instances So depending on my cluster configuration, I could have up to six or eight postgreSQL instances running on my database server? Seems like overkill. Wonder why they couldn't simply use a different table in the database? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services (CCS) University of Guelph 519‐824‐4120 Ext 56354 le...@uoguelph.ca www.uoguelph.ca/ccs Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1 From: Ryan Huff ryanh...@outlook.com To: le...@uoguelph.ca, cisco-voip@puck.nether.net Sent: Tuesday, July 21, 2015 1:07:47 PM Subject: Re: [cisco-voip] CUCM IMP and postgress database instances Lelio, Yes you need an external instance of postgresql. I find that Ubuntu works best. Thanks, Ryan Original Message From: Lelio Fulgenzi le...@uoguelph.ca Sent: Tuesday, July 21, 2015 12:37 PM To: cisco-voip@puck.nether.net Subject: [cisco-voip] CUCM IMP and postgress database instances I'm trying to make sense out of the database instance requirements for persistent chat, etc., in the IMP section of the v9 SRND. http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html In particular: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/9x/uc9x/presence.html#wp1133638 Are they referring to different tables in the same database process running on the server, or are they requiring that I spin up additional postgreSQL instances on different TCP ports? --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure
Re: [cisco-voip] Digicert Wildcard certificates
Justin, TLDs are like .com, .net, .org , etc. I think you meant parent domain. Also, is that a feature of the multiserver cert, because I don't see CER for example putting the parent domain in the CSR. On Tue, Jul 21, 2015 at 10:24 AM Justin Steinberg jsteinb...@gmail.com wrote: While we are on the topic of certs, has anyone had issues with certain CAs not allowing top level domain as a SAN (e.g. cisco.com) ? GoDaddy would complain in the UI that you shouldn't have a top level domain as a SAN but would still sign the cert. I'm having a problem know with Internet2/Incommon where it won't let me put a top level domain in the cert as a SAN. It just won't take the CSR. Justin On Tue, Jul 21, 2015 at 8:16 AM, NateCCIE natec...@gmail.com wrote: I think it’s 15 SANS plus *.domain.com and domain.com Pricing is at https://www.digicert.com/wildcard-ssl-certificates.htm *From:* cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] *On Behalf Of *Anthony Holloway *Sent:* Monday, July 20, 2015 11:49 PM *To:* Charles Goldsmith; Ian Anderson *Cc:* Cisco VOIP *Subject:* Re: [cisco-voip] Digicert Wildcard certificates That's great to hear about digicert. I just went through a rough time with Comodo trying to get multiserver certs and my CNAMEs in the SAN field. How many SAN entries does digicert limit you to and at what price per year? On Mon, Jul 20, 2015 at 11:19 AM Charles Goldsmith wo...@justfamily.org wrote: One thing of note, Digicert works very well with all of our UC apps with their UC certificate. Add all of your server names as SAN's, as well as the domain name, and just duplicate the certificate for each app, changing the CN. It works well and also Digicert has great support. On Sun, Jul 19, 2015 at 4:27 AM, Ian Anderson i...@andersoi.co.uk wrote: Hi Nate, I think that the concern of using wildcards generaly comes from the security and compliance folks in that if the private key of any of the servers was to be compromised then the resulting public and private keys could be used to impersonate any subdomain, e.g e-payments.domain.com.. That said, as long as the customer is aware of the risk then the digicert is a fantastic option, although a lot of these issues go away in 10.5. The only app I've had it completely throw a wobble on so far is UCCX 9.0 as this was checking the CN on certificate upload and didn't like * even though the server name as in the SAN. Cheers Ian On 16 July 2015 at 02:35, NateCCIE natec...@gmail.com wrote: Most of the time wildcard certs mean you have a CSR and a private key generated by something, and then you upload the private key and the public key to lots of servers. The application would need to be able to upload a private key and not require its own CSR. Cucm, unity cxn, uccx, do not support uploading a private key. Expressway, I think conductor do allow you to upload a private key. But what makes digicert really cool is you can buy the wildcard cert, then you keep reissuing a new certificate from that one purchase. You can do this from what I understand an unlimited times. There may be other CAs that do this. I saw one the seemed like it was going to work, but since the CSR did not include the * as a SAN, they would not issue the cert. Digicert with the Willard includes the *.domain.com and domain.com SANs automatically, and you can specify about 15 other SANs for each CSR/cert. So cucm and the other apps are happy because the cert was generated using its own CSR. Using these certs, I had one TAC case where cucm balked at the cert, but I could upload the cluster wide tomcat SAN cert via imp. This turned out to be a problem with the domain casing not matching between all of the servers and the cert. always use domain.com and not DOMain.com and life is happy. I am not affiliated with digicert other than they are here in Utah also. It just makes life really easy to tell the customer to buy this one cert and O I can make all of the Cisco UC/jabber cert errors go away! Ps. Has anyone figured out what to do with conductor wanting IP address in the SAN? Sent from my iPhone On Jul 15, 2015, at 10:42 AM, Anthony Holloway avholloway+cisco-v...@gmail.com wrote: I'm a little confused here. According to this article: http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-callmanager/115957-high-level-view-ca-00.html#wildcard, and this defect ID: https://tools.cisco.com/bugsearch/bug/CSCta14114/, wild card certs are not supported. Are we talking about the same thing here? On Wed, Jul 15, 2015 at 10:08 AM Eric Pedersen peders...@bennettjones.com wrote: Digicert lets you put your domain and subdomains of any level as SANs. It’s great! They even generated a duplicate certificate for me with a different root CA that was supported with WebEx enabled Telepresence. We use their
Re: [cisco-voip] Greeting notification?
I believe there are a few unity connection tools that log (port) activity. You could (possibly) use an app that monitors the file for specific lines of text and then proceed from there. Alternatively, (and much easier) if timing is not a factor, you could ask them to leave a message on a special mailbox. From there, trigger an email that sends the email message. Then, go and save the message as their greeting using media master bar utilities. Sent from my iPhone On Jul 21, 2015, at 4:07 AM, Lisa Notarianni lisa.notaria...@scranton.edu wrote: In Unity Connection 10.5 is there any way to be notified if a greeting changes? I need to email the wav file of greetings for groups traveling abroad on service trips each time their greetings change. It would be helpful to know when they change. It needs to be a greeting because parents will also call in to hear the status update as they progress on their trips. Any ideas out there? Thanks, Lisa Notarianni Manager of Business and Telecom Services The University of Scranton ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] Digicert Wildcard certificates
I think it’s 15 SANS plus *.domain.com and domain.com Pricing is at https://www.digicert.com/wildcard-ssl-certificates.htm From: cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] On Behalf Of Anthony Holloway Sent: Monday, July 20, 2015 11:49 PM To: Charles Goldsmith; Ian Anderson Cc: Cisco VOIP Subject: Re: [cisco-voip] Digicert Wildcard certificates That's great to hear about digicert. I just went through a rough time with Comodo trying to get multiserver certs and my CNAMEs in the SAN field. How many SAN entries does digicert limit you to and at what price per year? On Mon, Jul 20, 2015 at 11:19 AM Charles Goldsmith wo...@justfamily.org mailto:wo...@justfamily.org wrote: One thing of note, Digicert works very well with all of our UC apps with their UC certificate. Add all of your server names as SAN's, as well as the domain name, and just duplicate the certificate for each app, changing the CN. It works well and also Digicert has great support. On Sun, Jul 19, 2015 at 4:27 AM, Ian Anderson i...@andersoi.co.uk mailto:i...@andersoi.co.uk wrote: Hi Nate, I think that the concern of using wildcards generaly comes from the security and compliance folks in that if the private key of any of the servers was to be compromised then the resulting public and private keys could be used to impersonate any subdomain, e.g e-payments.domain.com http://e-payments.domain.com .. That said, as long as the customer is aware of the risk then the digicert is a fantastic option, although a lot of these issues go away in 10.5. The only app I've had it completely throw a wobble on so far is UCCX 9.0 as this was checking the CN on certificate upload and didn't like * even though the server name as in the SAN. Cheers Ian On 16 July 2015 at 02:35, NateCCIE natec...@gmail.com mailto:natec...@gmail.com wrote: Most of the time wildcard certs mean you have a CSR and a private key generated by something, and then you upload the private key and the public key to lots of servers. The application would need to be able to upload a private key and not require its own CSR. Cucm, unity cxn, uccx, do not support uploading a private key. Expressway, I think conductor do allow you to upload a private key. But what makes digicert really cool is you can buy the wildcard cert, then you keep reissuing a new certificate from that one purchase. You can do this from what I understand an unlimited times. There may be other CAs that do this. I saw one the seemed like it was going to work, but since the CSR did not include the * as a SAN, they would not issue the cert. Digicert with the Willard includes the *.domain.com http://domain.com and domain.com http://domain.com SANs automatically, and you can specify about 15 other SANs for each CSR/cert. So cucm and the other apps are happy because the cert was generated using its own CSR. Using these certs, I had one TAC case where cucm balked at the cert, but I could upload the cluster wide tomcat SAN cert via imp. This turned out to be a problem with the domain casing not matching between all of the servers and the cert. always use domain.com http://domain.com and not DOMain.com http://DOMain.com and life is happy. I am not affiliated with digicert other than they are here in Utah also. It just makes life really easy to tell the customer to buy this one cert and O I can make all of the Cisco UC/jabber cert errors go away! Ps. Has anyone figured out what to do with conductor wanting IP address in the SAN? Sent from my iPhone On Jul 15, 2015, at 10:42 AM, Anthony Holloway avholloway+cisco-v...@gmail.com mailto:avholloway+cisco-v...@gmail.com wrote: I'm a little confused here. According to this article: http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-callmanager/115957-high-level-view-ca-00.html#wildcard, and this defect ID: https://tools.cisco.com/bugsearch/bug/CSCta14114/, wild card certs are not supported. Are we talking about the same thing here? On Wed, Jul 15, 2015 at 10:08 AM Eric Pedersen peders...@bennettjones.com mailto:peders...@bennettjones.com wrote: Digicert lets you put your domain and subdomains of any level as SANs. It’s great! They even generated a duplicate certificate for me with a different root CA that was supported with WebEx enabled Telepresence. We use their wildcard certificates on all of our UC servers. From: cisco-voip [mailto:cisco-voip-boun...@puck.nether.net mailto:cisco-voip-boun...@puck.nether.net ] On Behalf Of Heim, Dennis Sent: 15 July 2015 8:28 AM To: Ian Anderson; NateCCIE; Cisco VOIP Subject: Re: [cisco-voip] Digicert Wildcard certificates I’ve found the hardest thing to find a cert providers that likes putting the domain as a san such as DNS=mycollab.com. Has anyone found any providers that are kosher with that? From one of the Cisco Live sessions,
[cisco-voip] Greeting notification?
In Unity Connection 10.5 is there any way to be notified if a greeting changes? I need to email the wav file of greetings for groups traveling abroad on service trips each time their greetings change. It would be helpful to know when they change. It needs to be a greeting because parents will also call in to hear the status update as they progress on their trips. Any ideas out there? Thanks, Lisa Notarianni Manager of Business and Telecom Services The University of Scranton ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
[cisco-voip] How to send call to 10 digit in ICM Scripting
Hi, Can someone guide me how to send call to to 10 Digits in ICM scripting, as sending to some digits label is working fine and then we need to call forward on that extension in Call manager. Here is the scenario, Our Script is like press 1 to an agent press 2 for field agent (need to forward that call to that agent who is not login into CAD) Regards, Abdul ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] How to send call to 10 digit in ICM Scripting
Abdul, Usually you'll want to use the Call Redirect step for something like this. Brian On Tue, Jul 21, 2015 at 10:27 AM, AbdusSaboor Khan saboor.k...@gmail.com wrote: Hi, Can someone guide me how to send call to to 10 Digits in ICM scripting, as sending to some digits label is working fine and then we need to call forward on that extension in Call manager. Here is the scenario, Our Script is like press 1 to an agent press 2 for field agent (need to forward that call to that agent who is not login into CAD) Regards, Abdul ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
