Re: [cisco-voip] Azure to Webex User Provisioning and Tokens

2019-08-07 Thread Stephen Welsh 
The following may be a possibility to programatically update the SecretToken:

https://stackoverflow.com/questions/54484428/how-to-update-secret-token-property-in-azure-ad-synchronization-api

Basically a HTTP PUT, so just a matter of figuring out the authentication to 
the Azure API & getting the GUID of the servicePrincipal and it should just be 
a few of lines of Python etc.

Stephen


On 7 Aug 2019, at 21:35, Anthony Holloway  
wrote:

Ok, so it's one-liner to pull an OAuth token from my webex account for an 
integration which doesn't exist (or at least, it doesn't require me to create 
one first, nor does it create one for me).

Since there is nothing to look at, after the link is processed, it almost seems 
like a better idea to create the integration on 
https://developer.webex.com/my-apps, obtain the token, so that I have something 
to look at/reference later for this integration.

Also, if I'm not mistaken, since Azure is not going to ask for a refresh token 
then, this will forever be a task that we manually perform every year, right?  
Perhaps someone will get fancy and write middleware to refresh the token and 
push it into Azure, but I'm not even sure if Azure exposes an API to update 
that field.

On Wed, Aug 7, 2019 at 12:05 PM Ryan Ratliff (rratliff) 
mailto:rratl...@cisco.com>> wrote:
The URL is just a shortcut way to get an OAuth token for the integration.

You can easily do the same thing via the API if you had to.

Look at the URL itself:
https://idbroker.webex.com/idb/oauth2/v1/authorize

Here are the parameters for the GET request (leaving the %-encoded characters 
because I’m lazy):
response_type=token
client_id=
redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fcode
scope=spark%3Apeople_read%20spark%3Apeople_write%20Identity%3ASCIM
state=this-should-be-a-random-string-for-security-purpose

You can see the definitions of the parameters at 
https://developer.webex.com/docs/integrations.

A given integration can have only one OAuth token at a time, so if you 
regenerate your token by logging into that URL then it will invalidate any 
previous ones.
The web page isn’t going away, it’s just the URL the OAuth generation 
redirected you to when it generated your token, which happens to include your 
token.
It’s non-developer speak for “don’t close your browser until you copy that 
token”, and worst case, generate a new one.

Ryan Ratliff
Manager, Cisco Cloud Collaboration TAC
Standard Business Hours: 8:00AM-5:00PM EDT
Email: rratl...@cisco.com
Office: +1 919-476-2081
Mobile: +1-919-225-0448
Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209

From: cisco-voip 
mailto:cisco-voip-boun...@puck.nether.net>> 
on behalf of Anthony Holloway 
mailto:avholloway%2bcisco-v...@gmail.com>>
Date: Wednesday, August 7, 2019 at 12:32 PM
To: Matthew Loraditch 
mailto:mloradi...@heliontechnologies.com>>
Cc: cisco-voip list 
mailto:cisco-voip@puck.nether.net>>
Subject: Re: [cisco-voip] Azure to Webex User Provisioning and Tokens

Thank you for that confirmation.

It's concerning to me that the note below the URL says:

"We recommend that you paste this value into a text file and save it, so that 
you have a record of the token in case the URL is not available any more."

Considering the token expires every 365 days.  I sure hope the URL is available 
in the future.

On Wed, Aug 7, 2019 at 11:26 AM Matthew Loraditch 
mailto:mloradi...@heliontechnologies.com>> 
wrote:
FWIW the Cisco documents say the same thing: 
https://help.webex.com/en-us/aumpbz/Synchronize-Azure-Active-Directory-Users-into-Cisco-Webex-Control-Hub



Matthew Loraditch​
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com
 |
e: mloradi...@heliontechnologies.com




From: cisco-voip 
mailto:cisco-voip-boun...@puck.nether.net>> 
On Behalf Of Anthony Holloway
Sent: Wednesday, August 7, 2019 12:18 PM
To: Cisco VoIP Group 
mailto:cisco-voip@puck.nether.net>>
Subject: [cisco-voip] Azure to Webex User Provisioning and Tokens

I'm using the following link:

https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial

And in step 6 it describes how to obtain the secret token from Cisco, to input 
into Azure.

It notes that the token is valid for 365 days, however, in my testing it's 
looking like it might be 30 days.

The resulting URL from step 6 has a URI parameter of:

expires_in=31535999

Which if you treat it as seconds, then it's 365 days, so the URL seems to match 
the document.

I'm wondering if there is anyone with experience on this topic, before I put 
some serious time in with TAC.

Thanks much!

___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/m

Re: [cisco-voip] Azure to Webex User Provisioning and Tokens

2019-08-07 Thread Anthony Holloway 
Ok, so it's one-liner to pull an OAuth token from my webex account for an
integration which doesn't exist (or at least, it doesn't require me to
create one first, nor does it create one for me).

Since there is nothing to look at, after the link is processed, it almost
seems like a better idea to create the integration on
https://developer.webex.com/my-apps, obtain the token, so that I have
something to look at/reference later for this integration.

Also, if I'm not mistaken, since Azure is not going to ask for a refresh
token then, this will forever be a task that we manually perform every
year, right?  Perhaps someone will get fancy and write middleware to
refresh the token and push it into Azure, but I'm not even sure if Azure
exposes an API to update that field.

On Wed, Aug 7, 2019 at 12:05 PM Ryan Ratliff (rratliff) 
wrote:

> The URL is just a shortcut way to get an OAuth token for the integration.
>
>
>
> You can easily do the same thing via the API if you had to.
>
>
>
> Look at the URL itself:
>
> https://idbroker.webex.com/idb/oauth2/v1/authorize
>
>
>
> Here are the parameters for the GET request (leaving the %-encoded
> characters because I’m lazy):
>
> response_type=token
>
> client_id=
>
> redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fcode
>
> scope=spark%3Apeople_read%20spark%3Apeople_write%20Identity%3ASCIM
>
> state=this-should-be-a-random-string-for-security-purpose
>
>
>
> You can see the definitions of the parameters at
> https://developer.webex.com/docs/integrations.
>
>
>
> A given integration can have only one OAuth token at a time, so if you
> regenerate your token by logging into that URL then it will invalidate any
> previous ones.
>
> The web page isn’t going away, it’s just the URL the OAuth generation
> redirected you to when it generated your token, which happens to include
> your token.
>
> It’s non-developer speak for “don’t close your browser until you copy that
> token”, and worst case, generate a new one.
>
>
>
> Ryan Ratliff
>
> Manager, Cisco Cloud Collaboration TAC
>
> Standard Business Hours: 8:00AM-5:00PM EDT
> Email: rratl...@cisco.com
>
> Office: +1 919-476-2081
>
> Mobile: +1-919-225-0448
>
> Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209
>
>
>
> *From: *cisco-voip  on behalf of
> Anthony Holloway 
> *Date: *Wednesday, August 7, 2019 at 12:32 PM
> *To: *Matthew Loraditch 
> *Cc: *cisco-voip list 
> *Subject: *Re: [cisco-voip] Azure to Webex User Provisioning and Tokens
>
>
>
> Thank you for that confirmation.
>
>
>
> It's concerning to me that the note below the URL says:
>
>
>
> "We recommend that you paste this value into a text file and save it, so
> that you have a record of the token in case the URL is not available any
> more."
>
>
>
> Considering the token expires every 365 days.  I sure hope the URL is
> available in the future.
>
>
>
> On Wed, Aug 7, 2019 at 11:26 AM Matthew Loraditch <
> mloradi...@heliontechnologies.com> wrote:
>
> FWIW the Cisco documents say the same thing:
> https://help.webex.com/en-us/aumpbz/Synchronize-Azure-Active-Directory-Users-into-Cisco-Webex-Control-Hub
>
>
>
>
>
>
>
> *Matthew Loraditch**​*
>
> *Sr. Network Engineer*
>
> p: *443.541.1518* <443.541.1518>
>
> w: *www.heliontechnologies.com* 
>
>  |
>
> e: *mloradi...@heliontechnologies.com* 
>
> [image: Helion Technologies] 
>
> [image: Facebook] 
>
> [image: Twitter] 
>
> [image: LinkedIn] 
>
> *From:* cisco-voip  *On Behalf Of *Anthony
> Holloway
> *Sent:* Wednesday, August 7, 2019 12:18 PM
> *To:* Cisco VoIP Group 
> *Subject:* [cisco-voip] Azure to Webex User Provisioning and Tokens
>
>
>
> I'm using the following link:
>
>
>
>
> https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial
>
>
>
>
> And in step 6 it describes how to obtain the secret token from Cisco, to
> input into Azure.
>
>
>
> It notes that the token is valid for 365 days, however, in my testing it's
> looking like it might be 30 days.
>
>
>
> The resulting URL from step 6 has a URI parameter of:
>
>
>
> expires_in=31535999
>
>
>
> Which if you treat it as seconds, then it's 365 days, so the URL seems to
> match the document.
>
>
>
> I'm wondering if there is anyone with experience on this topic, before I
> put some serious time in with TAC.
>
>
>
> Thanks much!
>
>
>
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Azure to Webex User Provisioning and Tokens

2019-08-07 Thread Lelio Fulgenzi 

You mean like, “what’s this big red button do?”

---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | le...@uoguelph.ca

www.uoguelph.ca/ccs | @UofGCCS on Instagram, 
Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

From: cisco-voip  On Behalf Of Anthony 
Holloway
Sent: Wednesday, August 7, 2019 12:30 PM
To: Cisco VoIP Group 
Subject: Re: [cisco-voip] Azure to Webex User Provisioning and Tokens

I should have also mentioned, every time I access the URL in step 6, I get a 
different Secret Token.

It would be good to know if this action is invalidating the previous tokens, or 
if they're all active for 365 days.

Since we cannot stop Admins from accessing that URL, I'd hope it's the latter, 
but I fear its the former.  All it would take is one curious Admin to click on 
the link in the document, and inadvertently break the integration.

On Wed, Aug 7, 2019 at 11:17 AM Anthony Holloway 
mailto:avholloway%2bcisco-v...@gmail.com>> 
wrote:
I'm using the following link:

https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial

And in step 6 it describes how to obtain the secret token from Cisco, to input 
into Azure.

It notes that the token is valid for 365 days, however, in my testing it's 
looking like it might be 30 days.

The resulting URL from step 6 has a URI parameter of:

expires_in=31535999

Which if you treat it as seconds, then it's 365 days, so the URL seems to match 
the document.

I'm wondering if there is anyone with experience on this topic, before I put 
some serious time in with TAC.

Thanks much!

___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Azure to Webex User Provisioning and Tokens

2019-08-07 Thread Ryan Ratliff (rratliff) 
The URL is just a shortcut way to get an OAuth token for the integration.

You can easily do the same thing via the API if you had to.

Look at the URL itself:
https://idbroker.webex.com/idb/oauth2/v1/authorize

Here are the parameters for the GET request (leaving the %-encoded characters 
because I’m lazy):
response_type=token
client_id=
redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fcode
scope=spark%3Apeople_read%20spark%3Apeople_write%20Identity%3ASCIM
state=this-should-be-a-random-string-for-security-purpose

You can see the definitions of the parameters at 
https://developer.webex.com/docs/integrations.

A given integration can have only one OAuth token at a time, so if you 
regenerate your token by logging into that URL then it will invalidate any 
previous ones.
The web page isn’t going away, it’s just the URL the OAuth generation 
redirected you to when it generated your token, which happens to include your 
token.
It’s non-developer speak for “don’t close your browser until you copy that 
token”, and worst case, generate a new one.

Ryan Ratliff
Manager, Cisco Cloud Collaboration TAC
Standard Business Hours: 8:00AM-5:00PM EDT
Email: rratl...@cisco.com
Office: +1 919-476-2081
Mobile: +1-919-225-0448
Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209

From: cisco-voip  on behalf of Anthony 
Holloway 
Date: Wednesday, August 7, 2019 at 12:32 PM
To: Matthew Loraditch 
Cc: cisco-voip list 
Subject: Re: [cisco-voip] Azure to Webex User Provisioning and Tokens

Thank you for that confirmation.

It's concerning to me that the note below the URL says:

"We recommend that you paste this value into a text file and save it, so that 
you have a record of the token in case the URL is not available any more."

Considering the token expires every 365 days.  I sure hope the URL is available 
in the future.

On Wed, Aug 7, 2019 at 11:26 AM Matthew Loraditch 
mailto:mloradi...@heliontechnologies.com>> 
wrote:
FWIW the Cisco documents say the same thing: 
https://help.webex.com/en-us/aumpbz/Synchronize-Azure-Active-Directory-Users-into-Cisco-Webex-Control-Hub



Matthew Loraditch​
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com
 |
e: mloradi...@heliontechnologies.com
[Helion Technologies]
[Facebook]
[Twitter]
[LinkedIn]
From: cisco-voip 
mailto:cisco-voip-boun...@puck.nether.net>> 
On Behalf Of Anthony Holloway
Sent: Wednesday, August 7, 2019 12:18 PM
To: Cisco VoIP Group 
mailto:cisco-voip@puck.nether.net>>
Subject: [cisco-voip] Azure to Webex User Provisioning and Tokens

I'm using the following link:

https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial

And in step 6 it describes how to obtain the secret token from Cisco, to input 
into Azure.

It notes that the token is valid for 365 days, however, in my testing it's 
looking like it might be 30 days.

The resulting URL from step 6 has a URI parameter of:

expires_in=31535999

Which if you treat it as seconds, then it's 365 days, so the URL seems to match 
the document.

I'm wondering if there is anyone with experience on this topic, before I put 
some serious time in with TAC.

Thanks much!

___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Do you need TMS to get OBTP

2019-08-07 Thread Ryan Huff 
To do OBTP on prem; TMS/TMS-XE. If you want to go the cloud registration route 
for the endpoint, Expressway-C/management connector and Hybrid calendar 
connector (on-prem Exchange) or cloud (Webex) calendar (O365 or Google)

Sent from my iPhone

On Aug 7, 2019, at 12:39, Jonathan Charles 
mailto:jonv...@gmail.com>> wrote:

OK, do we need TMS XE as well, or can the Calendar Connector handle it? (they 
are O365)


Thanks!


On Wed, Aug 7, 2019 at 11:36 AM Matthew Loraditch 
mailto:mloradi...@heliontechnologies.com>> 
wrote:
You need TMS. Something has to publish the schedule to the endpoints, on prem 
that’s TMS. In the cloud that’s Webex.


Matthew Loraditch​
Sr. Network Engineer
p: 443.541.1518
w: 
www.heliontechnologies.com
   |  e: 
mloradi...@heliontechnologies.com




From: cisco-voip 
mailto:cisco-voip-boun...@puck.nether.net>> 
On Behalf Of Jonathan Charles
Sent: Wednesday, August 7, 2019 12:34 PM
To: cisco-voip@puck.nether.net
Subject: [cisco-voip] Do you need TMS to get OBTP

Have a customer with CUCM 10.5 and they want to register video endpoints 
locally to CCM.

They do not have TMS, but they want OBTP... can we just install an Expressway 
Connector and use the Webex Hybrid cloud to use @webex and @meet to get OBTP 
without TMS?



Jonathan
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpuck.nether.net%2Fmailman%2Flistinfo%2Fcisco-voip&data=02%7C01%7C%7C18941cb1b07f4a780b0908d71b55c058%7C84df9e7fe9f640afb435%7C1%7C0%7C637007927426353859&sdata=%2Bvb%2FG7r7yRyv9Hhn4vBq%2BFOCrgDtwlj6gdd1SYC3Cik%3D&reserved=0
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Do you need TMS to get OBTP

2019-08-07 Thread Jonathan Charles 
Thanks, looks like they are gonna get both then... trying to convince them
to go cloud registered but they are afraid of it.

I think once they see the pricetag they will change their minds.


Jonathan

On Wed, Aug 7, 2019 at 11:41 AM Matthew Loraditch <
mloradi...@heliontechnologies.com> wrote:

> If you are doing booking in outlook you will need TMS XE
>
>
>
>
> Matthew Loraditch​
> Sr. Network Engineer
> p: *443.541.1518* <443.541.1518>
> w: *www.heliontechnologies.com*   |
> e: *mloradi...@heliontechnologies.com* 
> [image: Helion Technologies] 
> [image: Facebook] 
> [image: Twitter] 
> [image: LinkedIn] 
> *From:* Jonathan Charles 
> *Sent:* Wednesday, August 7, 2019 12:39 PM
> *To:* Matthew Loraditch 
> *Cc:* cisco-voip@puck.nether.net
> *Subject:* Re: [cisco-voip] Do you need TMS to get OBTP
>
>
>
> OK, do we need TMS XE as well, or can the Calendar Connector handle it?
> (they are O365)
>
>
>
>
> Thanks!
>
>
>
>
>
> On Wed, Aug 7, 2019 at 11:36 AM Matthew Loraditch <
> mloradi...@heliontechnologies.com> wrote:
>
> You need TMS. Something has to publish the schedule to the endpoints, on
> prem that’s TMS. In the cloud that’s Webex.
>
>
>
>
>
> *Matthew Loraditch**​*
>
> *Sr. Network Engineer*
>
> p: *443.541.1518* <443.541.1518>
>
> w: *www.heliontechnologies.com* 
>
>  |
>
> e: *mloradi...@heliontechnologies.com* 
>
> [image: Helion Technologies] 
>
> [image: Facebook] 
>
> [image: Twitter] 
>
> [image: LinkedIn] 
>
> *From:* cisco-voip  *On Behalf Of 
> *Jonathan
> Charles
> *Sent:* Wednesday, August 7, 2019 12:34 PM
> *To:* cisco-voip@puck.nether.net
> *Subject:* [cisco-voip] Do you need TMS to get OBTP
>
>
>
> Have a customer with CUCM 10.5 and they want to register video endpoints
> locally to CCM.
>
>
>
> They do not have TMS, but they want OBTP... can we just install an
> Expressway Connector and use the Webex Hybrid cloud to use @webex and @meet
> to get OBTP without TMS?
>
>
>
>
>
>
>
> Jonathan
>
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Do you need TMS to get OBTP

2019-08-07 Thread Matthew Loraditch 
If you are doing booking in outlook you will need TMS XE


Matthew Loraditch
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com | e: mloradi...@heliontechnologies.com
From: Jonathan Charles 
Sent: Wednesday, August 7, 2019 12:39 PM
To: Matthew Loraditch 
Cc: cisco-voip@puck.nether.net
Subject: Re: [cisco-voip] Do you need TMS to get OBTP

OK, do we need TMS XE as well, or can the Calendar Connector handle it? (they 
are O365)


Thanks!


On Wed, Aug 7, 2019 at 11:36 AM Matthew Loraditch 
mailto:mloradi...@heliontechnologies.com>> 
wrote:
You need TMS. Something has to publish the schedule to the endpoints, on prem 
that’s TMS. In the cloud that’s Webex.


Matthew Loraditch​
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com
 |
e: mloradi...@heliontechnologies.com
[Helion Technologies]
[Facebook]
[Twitter]
[LinkedIn]
From: cisco-voip 
mailto:cisco-voip-boun...@puck.nether.net>> 
On Behalf Of Jonathan Charles
Sent: Wednesday, August 7, 2019 12:34 PM
To: cisco-voip@puck.nether.net
Subject: [cisco-voip] Do you need TMS to get OBTP

Have a customer with CUCM 10.5 and they want to register video endpoints 
locally to CCM.

They do not have TMS, but they want OBTP... can we just install an Expressway 
Connector and use the Webex Hybrid cloud to use @webex and @meet to get OBTP 
without TMS?



Jonathan
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Do you need TMS to get OBTP

2019-08-07 Thread Myron Young 
Is it the same if environment is using O365? Still need TMS or Expressway 
connector can connect to O365 since that is also in the cliud

On Aug 7, 2019, at 12:37 PM, Matthew Loraditch 
mailto:mloradi...@heliontechnologies.com>> 
wrote:

You need TMS. Something has to publish the schedule to the endpoints, on prem 
that’s TMS. In the cloud that’s Webex.


Matthew Loraditch​
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com|  
e: mloradi...@heliontechnologies.com




From: cisco-voip 
mailto:cisco-voip-boun...@puck.nether.net>> 
On Behalf Of Jonathan Charles
Sent: Wednesday, August 7, 2019 12:34 PM
To: cisco-voip@puck.nether.net
Subject: [cisco-voip] Do you need TMS to get OBTP

Have a customer with CUCM 10.5 and they want to register video endpoints 
locally to CCM.

They do not have TMS, but they want OBTP... can we just install an Expressway 
Connector and use the Webex Hybrid cloud to use @webex and @meet to get OBTP 
without TMS?



Jonathan
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Do you need TMS to get OBTP

2019-08-07 Thread Jonathan Charles 
OK, do we need TMS XE as well, or can the Calendar Connector handle it?
(they are O365)


Thanks!


On Wed, Aug 7, 2019 at 11:36 AM Matthew Loraditch <
mloradi...@heliontechnologies.com> wrote:

> You need TMS. Something has to publish the schedule to the endpoints, on
> prem that’s TMS. In the cloud that’s Webex.
>
>
>
>
> Matthew Loraditch​
> Sr. Network Engineer
> p: *443.541.1518* <443.541.1518>
> w: *www.heliontechnologies.com*   |
> e: *mloradi...@heliontechnologies.com* 
> [image: Helion Technologies] 
> [image: Facebook] 
> [image: Twitter] 
> [image: LinkedIn] 
> *From:* cisco-voip  *On Behalf Of 
> *Jonathan
> Charles
> *Sent:* Wednesday, August 7, 2019 12:34 PM
> *To:* cisco-voip@puck.nether.net
> *Subject:* [cisco-voip] Do you need TMS to get OBTP
>
>
>
> Have a customer with CUCM 10.5 and they want to register video endpoints
> locally to CCM.
>
>
>
> They do not have TMS, but they want OBTP... can we just install an
> Expressway Connector and use the Webex Hybrid cloud to use @webex and @meet
> to get OBTP without TMS?
>
>
>
>
>
>
>
> Jonathan
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Do you need TMS to get OBTP

2019-08-07 Thread Matthew Loraditch 
You need TMS. Something has to publish the schedule to the endpoints, on prem 
that’s TMS. In the cloud that’s Webex.


Matthew Loraditch
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com | e: mloradi...@heliontechnologies.com
From: cisco-voip  On Behalf Of Jonathan 
Charles
Sent: Wednesday, August 7, 2019 12:34 PM
To: cisco-voip@puck.nether.net
Subject: [cisco-voip] Do you need TMS to get OBTP

Have a customer with CUCM 10.5 and they want to register video endpoints 
locally to CCM.

They do not have TMS, but they want OBTP... can we just install an Expressway 
Connector and use the Webex Hybrid cloud to use @webex and @meet to get OBTP 
without TMS?



Jonathan
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

[cisco-voip] Do you need TMS to get OBTP

2019-08-07 Thread Jonathan Charles 
Have a customer with CUCM 10.5 and they want to register video endpoints
locally to CCM.

They do not have TMS, but they want OBTP... can we just install an
Expressway Connector and use the Webex Hybrid cloud to use @webex and @meet
to get OBTP without TMS?



Jonathan
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Azure to Webex User Provisioning and Tokens

2019-08-07 Thread Anthony Holloway 
Thank you for that confirmation.

It's concerning to me that the note below the URL says:

"We recommend that you paste this value into a text file and save it, so
that you have a record of the token in case the URL is not available any
more."

Considering the token expires every 365 days.  I sure hope the URL is
available in the future.

On Wed, Aug 7, 2019 at 11:26 AM Matthew Loraditch <
mloradi...@heliontechnologies.com> wrote:

> FWIW the Cisco documents say the same thing:
> https://help.webex.com/en-us/aumpbz/Synchronize-Azure-Active-Directory-Users-into-Cisco-Webex-Control-Hub
>
>
>
>
>
>
> Matthew Loraditch​
> Sr. Network Engineer
> p: *443.541.1518* <443.541.1518>
> w: *www.heliontechnologies.com*   |
> e: *mloradi...@heliontechnologies.com* 
> [image: Helion Technologies] 
> [image: Facebook] 
> [image: Twitter] 
> [image: LinkedIn] 
> *From:* cisco-voip  *On Behalf Of *Anthony
> Holloway
> *Sent:* Wednesday, August 7, 2019 12:18 PM
> *To:* Cisco VoIP Group 
> *Subject:* [cisco-voip] Azure to Webex User Provisioning and Tokens
>
>
>
> I'm using the following link:
>
>
>
>
> https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial
>
>
>
>
> And in step 6 it describes how to obtain the secret token from Cisco, to
> input into Azure.
>
>
>
> It notes that the token is valid for 365 days, however, in my testing it's
> looking like it might be 30 days.
>
>
>
> The resulting URL from step 6 has a URI parameter of:
>
>
>
> expires_in=31535999
>
>
>
> Which if you treat it as seconds, then it's 365 days, so the URL seems to
> match the document.
>
>
>
> I'm wondering if there is anyone with experience on this topic, before I
> put some serious time in with TAC.
>
>
>
> Thanks much!
>
>
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Azure to Webex User Provisioning and Tokens

2019-08-07 Thread Anthony Holloway 
I should have also mentioned, every time I access the URL in step 6, I get
a different Secret Token.

It would be good to know if this action is invalidating the previous
tokens, or if they're all active for 365 days.

Since we cannot stop Admins from accessing that URL, I'd hope it's the
latter, but I fear its the former.  All it would take is one curious Admin
to click on the link in the document, and inadvertently break the
integration.

On Wed, Aug 7, 2019 at 11:17 AM Anthony Holloway <
avholloway+cisco-v...@gmail.com> wrote:

> I'm using the following link:
>
>
> https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial
>
>
> And in step 6 it describes how to obtain the secret token from Cisco, to
> input into Azure.
>
> It notes that the token is valid for 365 days, however, in my testing it's
> looking like it might be 30 days.
>
> The resulting URL from step 6 has a URI parameter of:
>
> expires_in=31535999
>
> Which if you treat it as seconds, then it's 365 days, so the URL seems to
> match the document.
>
> I'm wondering if there is anyone with experience on this topic, before I
> put some serious time in with TAC.
>
> Thanks much!
>
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Azure to Webex User Provisioning and Tokens

2019-08-07 Thread Matthew Loraditch 
FWIW the Cisco documents say the same thing: 
https://help.webex.com/en-us/aumpbz/Synchronize-Azure-Active-Directory-Users-into-Cisco-Webex-Control-Hub



Matthew Loraditch
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com | e: mloradi...@heliontechnologies.com
From: cisco-voip  On Behalf Of Anthony 
Holloway
Sent: Wednesday, August 7, 2019 12:18 PM
To: Cisco VoIP Group 
Subject: [cisco-voip] Azure to Webex User Provisioning and Tokens

I'm using the following link:

https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial

And in step 6 it describes how to obtain the secret token from Cisco, to input 
into Azure.

It notes that the token is valid for 365 days, however, in my testing it's 
looking like it might be 30 days.

The resulting URL from step 6 has a URI parameter of:

expires_in=31535999

Which if you treat it as seconds, then it's 365 days, so the URL seems to match 
the document.

I'm wondering if there is anyone with experience on this topic, before I put 
some serious time in with TAC.

Thanks much!

___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

[cisco-voip] Azure to Webex User Provisioning and Tokens

2019-08-07 Thread Anthony Holloway 
I'm using the following link:

https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial


And in step 6 it describes how to obtain the secret token from Cisco, to
input into Azure.

It notes that the token is valid for 365 days, however, in my testing it's
looking like it might be 30 days.

The resulting URL from step 6 has a URI parameter of:

expires_in=31535999

Which if you treat it as seconds, then it's 365 days, so the URL seems to
match the document.

I'm wondering if there is anyone with experience on this topic, before I
put some serious time in with TAC.

Thanks much!
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Azure MFA/Unity Connection UM

2019-08-07 Thread Matthew Loraditch 
We are using MS Authenticator. Yes MFA works in general for OWA, Azure Portal, 
etc. etc.


Matthew Loraditch
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com | e: mloradi...@heliontechnologies.com
From: Scott Voll 
Sent: Wednesday, August 7, 2019 11:22 AM
To: Matthew Loraditch 
Cc: cisco-voip@puck.nether.net
Subject: Re: [cisco-voip] Azure MFA/Unity Connection UM

So i'm assuming you have it working on admin side, your just working on the UM 
part?

What are you using for MFA?

On Mon, Aug 5, 2019 at 9:51 AM Matthew Loraditch 
mailto:mloradi...@heliontechnologies.com>> 
wrote:
Anyone out there have MFA enabled for ALL users and have UM in UCXN? We are a 
MS Partner and MFA has to be enabled for all accounts as of last week.

Setup an app password for service account for UM but that doesn’t work…

Not sure what other options I have here.



Matthew Loraditch​
Sr. Network Engineer
p: 443.541.1518
w: www.heliontechnologies.com
 |
e: mloradi...@heliontechnologies.com
[Helion Technologies]
[Facebook]
[Twitter]
[LinkedIn]
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] Azure MFA/Unity Connection UM

2019-08-07 Thread Scott Voll 
So i'm assuming you have it working on admin side, your just working on the
UM part?

What are you using for MFA?

On Mon, Aug 5, 2019 at 9:51 AM Matthew Loraditch <
mloradi...@heliontechnologies.com> wrote:

> Anyone out there have MFA enabled for ALL users and have UM in UCXN? We
> are a MS Partner and MFA has to be enabled for all accounts as of last
> week.
>
>
>
> Setup an app password for service account for UM but that doesn’t work…
>
>
>
> Not sure what other options I have here.
>
>
>
>
>
> Matthew Loraditch​
> Sr. Network Engineer
> p: *443.541.1518* <443.541.1518>
> w: *www.heliontechnologies.com*   |
> e: *mloradi...@heliontechnologies.com* 
> [image: Helion Technologies] 
> [image: Facebook] 
> [image: Twitter] 
> [image: LinkedIn] 
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] do installs outside of mexico need to worry about this?

2019-08-07 Thread Scott Voll 
I'm assuming it would not affect us.  we would still dial 9 011  

our international pattern allows for non fixed digit length.

YMMV.

Scott


On Tue, Aug 6, 2019 at 12:05 PM Lelio Fulgenzi  wrote:

>
> https://www.cisco.com/c/en/us/support/web/mexico-dial-plan-change.html
>
> I don't see any COP files in 11.5 CUCM anywhere regarding this either.
>
>
>
> ---
> Lelio Fulgenzi, B.A. | Senior Analyst
> Computing and Communications Services | University of Guelph
> Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON |
> N1G 2W1
> 519-824-4120 Ext. 56354 | le...@uoguelph.ca
>
> www.uoguelph.ca/ccs | @UofGCCS on Instagram,
> Twitter and Facebook
>
> [University of Guelph Cornerstone with Improve Life tagline]
>
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip