Jabber design and configuration

Local Edition
Jabber Design and Configuration
Download this slide
http://ouo.io/AOl2H

© 2014 Cisco and/or its affiliates. All rights reserved.Presentation_ID Cisco Public
Local Edition
Agenda
• Introduction
• Jabber Update
• Service Discovery
• Persistent Chat
• Federation Overview
• Conclusion
2

Local Edition
Cisco Expressway Support
Cisco Unified CM UDS Support
Service Discovery
SIP URI Dialing
Persistent Chat*
* Available only on Windows
at this time.
sjwindows@cisco.com

Local Edition
9.7 on Windows
• Persistent chat
• Custom contacts
• Group chat enhancement
• Accessories support
• Targeted FCS – March, 2014
9.6 on Mac
• Mavericks support
• CWMS support
• Desktop alignment (screen capture, IM
archiving notification, etc.)
• Targeted FCS – April, 2014
9.6 on iPhone & iPad
• Universal client
• iOS 7 UE update*
• Secure phone (SIP over TLS & sRTP)
• Admin control over user saving password
on the device
• Targeted 9.6.1 FCS – Early April, 2014
9.6 on Android Smartphone
• Unified client with video
• Secure phone (SIP over TLS & sRTP)
• Admin control over user saving password
on the device
• Targeted FCS – Early April, 2014
* Jabber for iPhone and iPad 9.6.1 or later

Local Edition
True or False?
“Jabber 9.6 on mobile device
supports SIP URI dialing.”
True !!!As long as DVO-R is not enabled on the device in Unified CM.

Local Edition
Cisco Jabber Voice 9.1
• Rebranded from previous Jabber for iPhone/Android
• Separate apps in App Store/Google Play (no auto-update)
• In maintenance mode (no new features)
• Registers directly to Unified CM
• Voice only (no video support)
• No IM/presence service
• No Cisco Expressway support
Cisco Jabber Video 9.3
• Rebranded from previous Jabber for iPad
• Separate app in App Store (no auto-update)
• In maintenance mode (no new features)
• Without presence service,
– Registers to VCS* as phone only mode
– Registers to Unified CM as phone only mode
• No Cisco Expressway support

Local Edition
Service Discovery

Local Edition
• Jabber’s cross platform initiative
– Windows, Mac OSX, iOS & Android
• Enables Jabber to automatically acquire client
configuration
– UC services domain
– Operating mode (on-premises, cloud or hybrid)
– Operating location (inside or outside corporate network)
– Home cluster in multi-cluster environment
• Enhances end user experience
– No prompt to ask for configurations
• Reduces the chance of support calls due to
misconfiguration
Cloud or
On-Premises
(Mode Detection)
Client
Location
(Edge Detection)
UC Service
(Cluster &
Profile Detection)

Local Edition
• To subscribe UC services, Jabber needs to know:
– Where the services are
– How to authenticate the user
• Such information can be provided by:
– Service discovery (automatic)
– Bootstrap or URL Configuration by system admin
– Manual entry by end user during first time login
Service
Discovery
Bootstrap or
URL Configuration
Best End User
Experience
The way Jabber 9.6 or later
starts up is completely
different from how the older
versions used to do.

Local Edition
AADAMS@EXAMPLE.COM
Jabber ID or “JID”
“Jabber” DomainCluster UserID
• Consider your Jabber domain carefully, you’ll live with it for a while!
• Multi-modal communications address (Email, IM, Voice, Video & Federation)
• User created on UC Manager (can be synced from LDAP, AD Server)
• Presence domain is configured on IM & Presence Server

Local Edition
Unified Communications
Manager
Jabber User
[aadams@example.com]
Jabber
Client
Jabber User
[aadams]
Jabber User
[aadams@example.com]
The result forms the JID (JabberID)
of user@jabberdomain.com

Local Edition
• First time user login
– When no locally cached information available
• Network change events
– When the user moves from outside to inside corporate network
• Transport errors (SIP, XMPP & HTTP)
– When the user moves from inside to outside corporate network
Note: DNS SRV lookup is performed only when there is a real-time
network activity to save battery life on mobile platforms.

Local Edition
• Must discover the UC services domain on the very
first run of Jabber
Option 1
– Jabber can prompt end user to enter User ID with domain
name (form of email address or Jabber ID)
– Jabber will use domain portion of data entered by user to
resolve service type (on-premises or cloud)
– Jabber will cache domain information for future logins
Option 2 (Better user experience)
– Administrator can provide the domain information via
either Windows Installer or URL Configuration
– End user is not prompted to enter the domain information
(email address)
– Jabber will cache domain information for future logins
user@example.com

Local Edition
• Jabber will use the ‘cached’ information to
connect to UC services
– No service discovery process
– End user will not get prompted for email address (UC
services domain)
• If the connection to the login service is failed,
service discovery will be triggered

Local Edition
Priority Service HTTP Request / DNS SRV
1 WebEx Messenger HTTP CAS lookup
2 Unified CM 9.x _cisco-uds._tcp.example.com
3 Cisco Presence 8.x _cuplogin._tcp.example.com
4 Cisco Expressway _collab-edge._tls.example.com
Messenger
http://loginp.webexconnect.com/cas/Fede
ratedSSO?org=[DOMAIN]
DNS SRV Lookups
DNS (internal or external)
Jabber uses service discovery to learn about the operating mode
• The highest priority returned record will be used for connecting
to UC services
• Jabber sends all requests (HTTP request & DNS queries)
simultaneously no matter what is returned from each request HTTP Request to CAS
DNS
Queries

Local Edition
• Jabber can automatically determine if it is
inside or outside the corporate network
• JCF Service Discovery component issues:
– DNS queries for _cisco-uds & _cuplogin
– A HTTP request to WebEx CAS
• DNS SRV lookup for Expressway is
initiated by JCF Edge Detection
component
– DNS query for _collab-edge to be made
even if other records are present
Internal DNS
External DNS
_cisco-uds
_cuplogin
_collab-edge
_cisco-uds
_cuplogin
_collab-edge
_collab-edge
_cisco-uds
_cuplogin
HTTP request
to WebEx CAS
HTTP request
to WebEx CAS

Local Edition
Messenger
clopez
@
example.com
Internal
DNS
Central
UCM UDS
Home
UCM
Cluster
UCM IM/P
Unity
Connection
WebEx
Meetings
Server
DNS SRV
lookup
HTTP Request to
CAS URL for
example.com
example.com is
not WebEx
domain
Look for
home UCM
cluster
Home UCM
cluster address
2
2
3
5
6
4
3
UC Profiles via
TFTP
_cisco-uds
_cuplogin
Central UCM
UDS address
7 User log in
UCM Call
Control
Connect/Regi
ster8
1

Local Edition
External DNS Expressway-E Firewall Expressway-C Internal DNS Home UDS Home TFTP IM & P
DNS queries
_collab-edge
Establish TLS connection
Request for edge config
Request for edge config
DNS queries
_cisco-uds
User authentication
Respond with edge config data
Respond with edge config data
….
Cisco Jabber
All subsequent
messages
….
UCM, TFTP, IM/P SRV
SIP, XMPP, HTTP edge
Etc.
Jabber determines whether it’s
inside or outside using the results
from DNS SRV lookups.
Outside if neither _cisco-uds or
_cuplogin returns
DNS SRV
lookups

Local Edition
• Pre-populate with UC services domain so
the “email” prompt is not displayed
• Provide separate services domains for on-
premises or edge services
• Settings can be specified either using:
– Command Line Switches
– MSI installer packaging/transformation
using MST file
SERVICES_DOMAIN
Set to domain for login service (WebEx Messenger, Unified CM or IM and
Presence Service)
VOICE_SERVICES_DOMAIN
Set to domain used for discovering Cisco Expressway infrastructure
(_collab-edge)
AUTHENTICATOR
Set to authentication service name if service discovery is not used or fails
(WEBEX, Unified CM or IM and Presence Server)
TFTP
Unified CM TFTP address if Service Discovery is not used or fails
Orca MSI Editor Shown

Local Edition
• For Mac, Android & iPhone/iPad
• End user needs to download/install Jabber client prior to executing URL configuration
• During download/installation, Jabber registers the ciscojabber protocol handler
• Administrator creates URL & sends to users using email or wiki
– ciscojabber://provision?
– ServicesDomain=example.com&VoiceServicesDomain=video.example.com
• As user clicks the URL, Jabber will be cross-launched & the information in the URL
will be provided for service discovery

Local Edition
• When service discovery is not used or fails
• User can specify operating mode & server addresses
• Manual configuration is not available for remote access
operation via Cisco Expressway
Manual configuration option should be
considered as a last resort. It will NOT
provide the best end user experience.

Local Edition
Important Unified CM Configurations for Service Discovery
• Home Cluster & UC Service Profile assignment in End User Configuration
• Owner User ID Assignment in Phone Configuration (for Unified CM 9.x)

Local Edition
Persistent Chat is Back and … even Better
• Implemented features & capabilities requested
by customers
• More configuration granularity in IM and
Presence Administration GUI
• Enhanced UI design (still similar to standard
group chat)
• Additional database support (Oracle)
• Only end-user functions at this time
(administrator functions coming in a later
release)

Local Edition
Summary of Requirements
• Supported only with on-premises IM and Presence Service
10.0 or higher (Not for WebEx Messenger)
• Must be enabled & configured in IM and Presence Service
– Otherwise, the chat room will not show up on Jabber
• Requires external database
– PostgresSQL 8.3.x – 9.1.1
– Oracle 11G, 10G, or 9G
• Disabled in Jabber by default
– To enable, use “Persistent_Chat_Enabled” key under Policies in
jabber-config.xml
• Requires a standard-compliant XMPP client for administration*
– Recommends MomentIM client * In 10.5 release, as part of Persistent Chat Phase 2, the admin will be able to use
Jabber to create/manage persistent chat rooms.

Local Edition
Cisco IM and Presence Compliance
• Three compliance vendors support the Cisco IM & Presence offering
– Actiance Vantage
– Verba
– DataParser
• Actiance and Verba provide a compliance solution that does an
integration with the IM&P Event Broker interface and stores IM within
their own backend DB environment
• DataParser uses IM messaging that has been stored in PostgreSQL
(and Oracle starting in 10.0) via the IM&P message archiver interface. It
transcribes the IM sessions so that they can be stored in the company
email archiving environment. They support interfaces to most of the
major email archiving systems.

Local Edition
User
• Browse/join chat rooms
• Refresh the room list
• Show/hide participants list
• Pop-out conversation tabs
• Load all the messages from
the beginning of the chat
room
• Filter & aggregate incoming
chat messages (using user-
defined keywords)
Administrator
• Create chat rooms
• Invite users to chat rooms
• Kick or ban users
• Ban – Remove users from a
room permanently & won’t let
them re-enter the room
• Kick – Remove users from a
room temporarily but let them
re-enter the room
• Revoke Voice – Allow users for
read-only access to the room

Local Edition
• The catalog of chat Rooms on the server
• User can refresh list
• Open or Closed rooms
• Icon indicates the rooms you’re a member of
• The list of rooms you’re a member of
• Shows the name of the room & the subject
• Listed alphabetically by room name
• Shows the timestamp of the last message sent into that room
• Badges/bolding indicates unread messages
• Double click to open a chat room
All rooms
My rooms

Local Edition
Chat Room Conversation
• Integrated into Jabber conversation window
• Tab icon differentiates Chat Rooms from Group
Chats
• Font & emoticons as normal
• Ability to show/hide the participant list
• Support participant list of up to 300
• Pop-out IM conversation tabs
in separate windows
• Not limited to chat rooms
• Each tab remembers size &
position
• Multi-monitor support
• Loads more message
history from the server
• Retrieves ~100
messages at a time to
the beginning

Local Edition
32
Notification service
on hub window
Notification on “My
Mentions”
Multiple
Notifications

Local Edition
Filters
• Able to filter & aggregate incoming
messages
• User specified criteria
• Label
• Keywords and/or senders
• Apply to all rooms in “My rooms”
• Apply from point of creation onwards
• Match messages sent even when offline
Creating a filter for the
phrase “SEVT”
• Aggregates matched content
across all chat rooms
• Shows matched terms highlighted
• Filter matches listed
chronologically
• Click a filter match to load original
chat to read context

Local Edition
Mentions
• While typing in the IM input box, press “@” to bring up
“mention dialog”
• Search Contacts/Recents and Directory for contact
• Click to start P2P chat
• Can be sent in any IM conversation
• When people mention me in any chat rooms in which I’m
a member, that IM goes into “My mentions” filter.

Local Edition
• Chat room history is cached locally on the client in SQLite
databases
• All cached chat room content is encrypted with AES 256-bit
encryption
• No mechanism to inspect the contents
• Data location on disk:
– C:Users<WindowsLogin>AppDataLocalCiscoUnified
CommunicationsJabberCSFHistory<Username>
• If data is deleted, Filter data will be lost

Local Edition
• Configure database servers on
IM and Presence
• Enable Persistent Chat &
assign database server per IM
and Presence node
• Configure Group Chat
Administrators

Local Edition
Database Sync
IDS Global User Data Replication
Unified CM
Publisher
Unified CM IM and Presence Service Cluster
Sub-cluster 1 Sub-cluster 4Sub-cluster 2
Sub-cluster 3
ODBC
Important: Each node in the Unified CM IM and Presence Service cluster requires a separate
database instance for persistent chat. The database instances can share the same hardware,
but are not required to.
Unique Separate Database Instance
Unique
Database
Instance
PostgresSQL or Oracle database

Local Edition
• Choose Postgres or Oracle as Database Type
(Postgres by default)
• When Oracle is selected, Tablespace needs to
be specified
• The external database can be assigned to IM
and Presence Service for Persistent Chat or
Message Archiver
Messaging > External Server Setup > External
Databases
Note: IM and Presence Service does not
provide the secure TLS/SSL connection to the
external database.

Local Edition
Federation Overview

Local Edition40
Jabber Identifier (JID) can be the default user@default_domain or the JID
can be based on the DirectoryURI.
DirectoryURI configured in the Unified CM LDAP Directory administration, allows for IM &
Presence address (JID) to be based on mail or msRTCSIP-PrimaryUserAddress.
Default setting of user@default_domain allows for only a single domain, DirectoryURI allows
for greater flexibility in handling multiple domains with email as the contact identifier.
DirectoryURI is a global configuration; therefore, all clients in the deployment must be able to
handle it.
LDAP
Attributes:
* mail
* msRTCSIP-
PrimaryUserAddress
1. LDAP Sync
2. IM&P Sync of Unified CM DirectoryURI
3. DirectoryURI is used as
the JID for the user

Local Edition
IM & Presence Multi-Domain Federation
• More than a single domain for federation can be configured
– Domains are automatically discovered when using DirectoryURI, or manually added by
the administrator
• DNS SRV records need to be published for each email domain
– Each DNS SRV record should resolve to an identical set of results, where XMPP
federation is a list of all XMPP federation nodes and SIP federation is the Public FQDN
of the Routing IM & Presence node
• Federation with multiple email domains also requires regeneration of the
security certificates cup-xmpp (certificate presented to XMPP clients)
and cup-xmpp-s2s (certificate presented to federated systems)
– For both certificates, all domains must be included as Subject Alt Name (SAN) entries
– A manual administrative configuration gives the administrator the option to pre-populate
the domains to avoid having to regenerate the certificates every time a new domain
automatically gets discovered

Local Edition42
Basic federation of IM/P to Cisco from an outside domain
would include the following:
• CUPS domain set in CUPS Admin
• Configure Internal DNS SRV’s
• Configure External DNS SRV’s
• Add SIP Federation in CUPS Admin
• Choices are aol.com or MS OCS/Lync
• Add SIP Static Route(s) in CUPS Admin
• Ex: .com.cisco.* next hop is Cisco’s _xmpp-server._tcp.cisco.com address
• XMPP Federation Enabled in CUPS Admin

Local Edition
Unified CM IM
& Presence
XMPP
imp.cisco.com
Jabber
imandp.cisco.com
IM & Presence configured using inter-domain federation between the two
presence domains. For larger deployments the solution scales up by enabling
further IM&P nodes as XMPP Federation nodes.
Adaptive
Security
Appliance
Adaptive
Security
Appliance
Unified CM IM
& Presence
Jabber
XMPPXMPP

Local Edition
Unified CM IM
& Presence
XMPP
SIP
imp.cisco.com
Edge
Server
Lync
Jabber
lync.cisco.com
IM & Presence must be configured as a “Public Provider” on the “Provider” list
Check “Enable communications with this provider”
Enter <jabberdomain> as a provider name
Enter the Public FQDN of the jabberdomain
Choose “Allow all communications with this provider”
Front End
Server
Adaptive
Security
Appliance
DNS Records
(recommended)
or SIP Static
Route
* Not configured as
Federated Domain
on the Edge Server

Local Edition
Unified CM IM & Presence
XMPP
SIP
imp.cisco.com
Microsoft
Front End
Lync
Jabber
lync.cisco.com
There is an option on Cisco IM & Presence to enable direct federation;
however, Microsoft states all federations must go through Edge Server
Note: For contact lookup, the jabber-config.xml file will need
to be configured using the full Jabber Identifier (JID)
DNS Records
(recommended) or
SIP Static Route

Local Edition
Microsoft
IM &
Presence
OCS 2007 R2 Lync 2010 Lync 2013
8.6(5)+
RCC
Inter-Domain
Intra-Domain
RCC
Inter-Domain
Intra-Domain
RCC
Inter-Domain
Intra-Domain
9.1(1)+
RCC
Inter-Domain
Intra-Domain
RCC
Inter-Domain
Intra-Domain
RCC
Inter-Domain
Intra-Domain
10.0(1)+
RCC
Inter-Domain
Intra-Domain
RCC
Inter-Domain
Intra-Domain
RCC
Inter-Domain
Intra-Domain
Supported
Under Test – based on a backlog priority

Local Edition
• Cisco Jabber now supports URI Dial
• Service Discovery allows for easier client configuration
• Persistent Chat provides Jabber for Windows users with manageable static chat
room capabilities
• Federation capabilities have expanded to include inter-domain, intra-domain as
well as partitioned intra-domain support
• Overall success of Jabber deployment, for both internal and external use cases
hinges on DNS configuration

Local Edition
_xmpp-client._tcp.example.com SRV 0 5 5222 c2s.example.webexconnect.com (for clients)
_xmpp-server._tcp.example.com SRV 0 1 5269 c2s.example.webexconnect.com (for peer servers)
_cuplogin._tcp.example.com SRV 0 1 8443 cup.example.com
_cisco-uds._tcp.example.com SRV 1 5 8443 cucm1.example.com (Publisher)
_cisco-uds._tcp.example.com SRV 2 20 8443 cucm2.example.com (Subscriber 1)
_cisco-phone-tftp._tcp.example.com SRV 0 0 69 cucm.example.com (TFTP)
_cisco-phone-http._tcp.example.com SRV 0 0 80 cucm.example.com (CCMCMIP)
_sip._tcp.example.com SRV 0 0 5060 vcsc.example.com (VCS Control – Internal)
_sip._tcp.example.com SRV 0 0 5060 vcse.example.com (VCS Expressway – External)
_ciscowtp._tcp.jabber.com SRV 0 0 443 boot.ciscojabbervideo.com (Free Jabber Video)
_collab-edge._tls.example.com SRV 0 0 8443 expe.example.com (Expressway E)

Local Edition
Collaboration SRND: http://www.cisco.com/go/ucsrnd
IM & Presence Product Page: http://www.cisco.com/en/US/products/ps6837/
http://www.cisco.com/c/en/us/products/unified-communications/unified-presence/index.html
Inter-Domain Federation 10.0:
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/im_presence/interdomain_federation/10_0_1/CUP0_BK_I0607EF2_
00_integration-guide-interdomain-federation-100.html
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/im_presence/interdomain_federation/9_1_1/CUP0_BK_IB27169T_0
0_interdomain-federation-integration-guide-9_1_1.html
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cups/8_6/english/integration_notes/Federation/CUP_8-
6_Interdomain_Federation.html
Partitioned Intra-Domain Federation 10.0:
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/im_presence/intradomain_federation/10_0_1/CUP0_BK_I264FBF0_
00_integration-guide-intradomain-federation-100.html
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/im_presence/intradomain_federation/9_1_1/CUP0_BK_PFB0D200_
00_partitioned-intradomain-guide-911.html
http://www.cisco.com/en/US/docs/voice_ip_comm/cups/8_6/english/integration_notes/Federation/Intradomain_Federation/Partitio
ned_Intradomain_Federation.html

Local Edition
Cisco Expressway Main Page:
http://www.cisco.com/c/en/us/solutions/collaboration/collaboration-edge-
architecture/index.html
Cisco Expressway Admin Guide:
http://www.cisco.com/en/US/docs/voice_ip_comm/expressway/admin_guide/Cisco-
Expressway-Administrator-Guide-X8-1.pdf

Jabber design and configuration

Jabber design and configuration

More Related Content

Similar to Jabber design and configuration (20)

More from solarisyougood (20)

Recently uploaded (20)

Jabber design and configuration