Cisco CCNP Course Training in New Delhi

Friday, April 20, 2012

6 weeks summer training in Networking courses in Delhi

Summer Training/Industrial Training/Summer Internship

Network Bulls is Best Institute for Cisco CCNA, CCNA Security, CCNA Voice, CCNP, CCNP Security/CCSP and CCIE R&S/Security course/certifications Training in India. Network Bulls is a Networking Training and Network Consultancy company. Network Bulls offer Summer Trainings and Summer Internship programs for Btech BE and BCA Candidates. There are different programs for Summer Training Candidates. Those who are willing to take Six weeks summer training, they can join CCNA course as their training. We provide Projects on Real Cisco Networks. This would be a Project Based Industrial/Summer Training, which will be held in Delhi NCR region in Gurgaon.

Network Bulls has Biggest Cisco networking Training labs in North India. Students must visit Network Bulls and compare the labs with other training companies.

Network Bulls has a team of CCIE Certified Trainers and Dual CCIE Trainers.

We offer 24x7 labs Facility, as students can stay in nights for practice on real routers and switches.

During Summer Training programs, students will get 24x7 Lab access and project on real devices. Students will get a chance to implement a real Network and to troubleshoot on a Network topology. After their Networking Training in Summer Training or Industrial Training, students will get Training Certificate, Project certificate, Experience Letter and Awards to best candidates.

6/Six Weeks Summer Training in networking options:

Courses	CCNA	MCSE	MCITP	CCNA Sec	Linux	CEH
Training Fee	Rs 7,000/-	Rs 10,000/-	Rs 12,000/-	Rs 9,000/-	Rs 12,000/-	Rs 8,000/-

Wednesday, December 15, 2010

CUCM User Accounts Best Cisco CCIE Security Coaching Center in Delhi Gurgaon

Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192

Several CUCM features require user accounts for authentication purposes. These features include an
administrative web page, user web pages, and the following applications:
■ Cisco Unified Attendant Console
■ Cisco Unified Extension Mobility
■ Cisco Unified Manager Assistant (CUMA)
Cisco IP Phones can browse corporate and personal directories to find the directory number of a user.
CUCM is provisioned with a user’s first and last name to provide this directory-browsing
functionality.
114 Chapter 6: Managing User Accounts
CUCM IP phone services can be configured to require a user login before providing access
to the service. Users can authenticate with their username and password (alphanumeric) or
PIN (numeric), depending on the needs of the application. CUCM sends authentication
requests to an internal library called the Identity Management System (IMS) library, which
is responsible for authenticating the user login credentials against the user database.
User Account Types
There are two types of user accounts in CUCM:
■ End users: End users are associated with an individual and have an interactive login.
End users can have administrative roles based on the user group role configuration.
■ Application users: Application users are associated with applications such as Cisco
Unified Attendant Console, Cisco Unified Contact Center Express (UCCX), or
Cisco Unified Manager Assistant. The mentioned applications need to authenticate
with CUCM, but application users do not have the ability to interactively log
in. Application users are leveraged for internal process-level communications between
applications.
Table 6-1 summarizes the differences between end users and application users.
The attributes associated with end users are separated into three categories, as follows:
■ Personal and organizational settings:
—User ID, first, middle, and last name
—Manager user ID, department
—Phone number, mail ID
Table 6-1 User Account Types in CUCM
End Users Application Users
Associated with an individual Associated with an application
Provide interactive logins Provide noninteractive logins
User feature and system administration
authorization
Application authorization
Included in phone directory Not included in phone directory
Can be provisioned and authenticated using an
external LDAPv3 directory server
Cannot use LDAPv3
CUCM User Accounts 115
■ Password
■ CUCM administration settings:
—PIN, SIP digest credentials
—User privileges (user groups and roles)
—Associated PCs, controlled devices, and directory numbers
—Application and feature parameters
User Privileges
CUCM allows for the assignment of user privileges to application users and end users.
Privileges that can be assigned to users include the following:
■ Access to administration and user web pages
■ Access to specific administrative functions
■ Access to application interfaces such as Computer Telephony Integration (CTI) and
Simple Object Access Protocol (SOAP)
User privileges are configured using two configuration entities:
■ User groups: A collection of application users and end users with similar privilege
levels
■ Roles: Resources for an application
Each role refers to exactly one application, and each application has one or more
resources. Access privileges are configured per application resource in the role
configuration. Roles are assigned to user groups.
Figure 6-1 illustrates the access that four users have to two different applications. The needs
of the four users are achieved through the assignment of two user groups.
User1 and User2 are assigned to Group1, which has two roles assigned to it for Application1.
The privilege levels of Role1 and Role2 refer to the same application but provide different
levels of access (privileges) to the resource. The overlapping configuration can be configured
to give the highest or lowest overlapping privilege level.
116 Chapter 6: Managing User Accounts
User3 is assigned to both Group1 and Group2. Group1 and Group2 have role assignments
of 1, 2, and 3. Role1 and Role2 both control different privilege levels to Application1 and
Application2. It is best to avoid overlapping role privileges (Role1 and Role2) when
possible.
User4 is assigned to Group2, which has privilege levels to Application1 and Application2,
controlled through Role2 and Role3. User4 does not have overlapping privilege challenges.
Figure 6-1 User Privilege Component Interaction
The goal of the configuration illustrated in Figure 6-2 is to create administrative groups that
have read, write, and update access to the Communications Manager configuration web
pages (CCMAdmin), and junior-level administrators who have read-only privileges to the
CCMAdmin configuration web pages. The following text relates to the example illustrated
in Figure 6-2.
Users
Application1
Resource1
Resource2
Resource3
Application1
Resource1
Resource2
Resource3
Application2
Resource1
Resource2
Resource3
Resource4
Role2
Role1
Role3
Group1
Group2
User1
User2
User3
User4
Users Groups Roles 1 : 1 Applications 1 : 1 Privileges
Read
(None)
Read, Update
Read
Read
(None)
Read, Update
Read
(None)
Read, Update
n : n n : n
CUCM User Accounts 117
CUCM has various Administration web pages associated with functions, such as the Call
Park web pages (used to the configure call park feature), the AAR Group web pages (used
to configure automated alternate routing), the CallManager group web pages (for CUCM
configuration), and the DRF Show Status page (used to check the status of Disaster
Recovery System backup or restore jobs).
CUCM has many default roles, called standard roles. Some of the standard roles are
associated with CUCM Administration applications (CCMAdmin). There are many
predefined roles in CUCM by default, but we explore two in this example. Two standard roles
for CUCM Administration exist: Standard CCMAdmin Administration and Standard
CCMAdmin Read-Only. Standard CCMAdmin Administration has all privileges of the
CCMAdmin application set to Update, whereas Standard CCMAdmin Read-Only has
CCMAdmin privileges set to Read-Only Access. Standard roles can be copied, renamed,
and reconfigured to achieve the needs of the organization deploying CUCM.
CUCM has many default user groups, called standard user groups. Two examples of standard
user groups are Standard CCM Super Users and Standard CCM Read-Only. User group
Standard CCM Super Users is associated with role Standard CCMAdmin Administration,
and user group Standard CCM Read-Only is associated with role Standard CCMAdmin
Read-Only. This is illustrated in Figure 6-2.
To assign an end user full access to all configuration pages of CUCM Administration, you have
to assign the end user just to the Standard CCM Super Users group. End users who should
have read-only access to all configuration pages of CUCM Administration just have to be
assigned to the Standard CCMAdmin Read-Only user group. The appropriate application
privileges are configured in the default roles, and the default roles are assigned to the
corresponding user groups.
The final step required to achieve the objective of Figure 6-2 is to assign the users John and
Jane to the Standard CCM Super Users group and to assign Kim and Tom to the Standard
CCM Read-Only user group.
Figure 6-2 Roles and User Groups
User Group
Standard CCM Super
Users
• User “John Doe”
• User “Jane Smith”
Standard
CCMADMIN
Administration
Standard
CCMADMIN
Read-Only
Standard CCM Read-
Only
• User “Kim Lu”
• User “Tom Adams”
Role
Cisco
CallManager
Administration
• Call Park Web
Pages
• AAR Group
Web Pages
• CallManager
Group Web
Pages
• DRF Show
Status Page
• ...
Cisco
CallManager
Administration
Application Resource Privilege
Update
Read-Only
118 Chapter 6: Managing User Accounts
User Management
User management options in CUCM include the following:
■ CUCM Administration: Suitable for configuring a small number of users or doing
single updates to the configuration of a user. CUCM administration of users is not
scalable for large deployments of CUCM.
■ Bulk Administration tool (BAT): BAT is a tool that allows large insertions, updates,
and deletions of users when LDAPv3 synchronization is not leveraged. Many learning
institutions have frequent changes to the user database. BAT is an excellent tool for
initial deployment or large updates to many configuration options, including the user
database.
■ LDAPv3 integration: LDAPv3 integration allows end users to be synchronized from
a centralized database to CUCM. This option proves useful when all the end users
already exist in an LDAPv3 database. LDAPv3 user synchronization is available only
to end users. LDAPv3 authentication is another LDAPv3 feature that can be leveraged.
LDAPv3 authentication passes any authentication requests through the CUCM server
to the LDAPv3 server where the user login is authenticated. LDAPv3 authentication
has the benefit of maintaining one central password database. CUCM does not replicate
the passwords that are configured in the central LDAPv3 database.
LDAPv3 synchronization replicates data to the CUCM database. User data cannot be
modified from CUCM administration tools when LDAPv3 synchronization is enabled.
User data is modified on the LDAPv3 server by the LDAPv3 administrator, and
NOTE CUCM has numerous default user groups that cover the needs of most
requirements. Examples of default user groups include the following:
■ CCM Super Users
■ Standard CCMAdmin Read-Only
■ Standard CAR Admin Users
■ Standard CCM Server Maintenance
■ Standard CCM Server Monitoring
■ Standard CCM Phone Administration
■ Standard CCM End User
■ Standard CCM Gateway Administration
CUCM User Accounts 119
resynchronization will occur at the next resynchronization interval. Depending on the
resynchronization schedule, the resynchronization event might not occur for days or weeks.
Manual synchronization can be performed at any time.
Passwords are not replicated to the CUCM database when LDAPv3 authentication is turned
on. User passwords may exist in both CUCM and the LDAPv3 server if the user exists in
both servers. It is recommended to combine LDAPv3 authentication with LDAPv3
synchronization to avoid inconsistencies in usernames and to eliminate the need for
maintaining multiple usernames.
Table 6-2 summarizes the differences between the local CUCM database, LDAPv3
synchronization, and LDAPv3 authentication.
Managing User Accounts
CUCM user management is performed from the Cisco Unified Communications Manager
Administration User Management menu. The administrator must use an account with user
management privileges. Any end-user account that has the user management privilege
assigned can modify user accounts (including the CCMAdministrator).
The User Management menu includes options to configure application users, end users,
roles, and user groups, as shown in Figure 6-3.
Table 6-2 End-User Data Location
No LDAPv3
Integration
LDAPv3
Synchronization
LDAPv3
Authentication
User ID, First Name, Middle Name,
Last Name, Manager User ID,
Department, Phone Number,
Mail ID
Local database LDAPv3
(replicated to
local database)
LDAPv3
(replicated to
local database)
Password Local database Local database LDAPv3
PIN, Digest Credentials, Groups,
Roles, Associated PCs, Controlled
Devices, Extension Mobility
Profile, CAPF Presence Group,
Mobility
Local database Local database Local database
120 Chapter 6: Managing User Accounts
Figure 6-3 User Management Menu
Figure 6-4 shows the Application User Configuration page. The most important settings are
the user ID and the password. The user ID and password must match on the application
server if the application user is configured for integration with another server. The application
user could be associated with multiple devices (phones, CTI route points, and pilot points).
Navigate to User Management > Application User from the CUCMAdministration to add
an application user. Click the Add New button.
Figure 6-4 Application User Configuration
CUCM User Accounts 121
At the bottom of the Application User Configuration page, the application user can be
added to user groups, as shown in Figure 6-5. The roles that are assigned to the user groups
are listed in the Roles field under the Groups field.
Figure 6-5 Application User Group Configuration
The End User Configuration page is similar to the Application User Configuration page.
User ID, password, and group membership are the most important settings. Figure 6-6
displays the End User Configuration page in CUCM. Navigate to User Management > End
User to add an end user in CUCM Administration. Click the Add New button.
Standard roles cannot be deleted or modified. Custom roles, however, can be created from
scratch or by copying and then modifying a standard role. Figure 6-7 shows an abbreviated
listing of CUCM roles. Navigate to User Management > Role to find an existing role
configuration. Click the Find button to display all existing roles. Click Find.
Add Application User to User Groups
View Roles of Application User
122 Chapter 6: Managing User Accounts
Figure 6-6 End User Configuration
Figure 6-7 Default Role Configuration
Figure 6-8 displays the Role Configuration page. When configuring a new role, you have to
select an application on the configuration web page. The application resources will be
displayed and read, or update privilege can be assigned to each. The Role Configuration
pages are accessible via User Management > Role in CUCM Administration.
CUCM User Accounts 123
Figure 6-8 Role Configuration Page
Standard user groups cannot be deleted or modified. Custom user groups can be created
from scratch or by copying an existing user group. Figure 6-9 displays an abbreviated list
of the default user groups. Navigate to User Management > User Group and click the Find
button to display existing user groups. Click Find. Click a user group.
Figure 6-9 Default User Groups
Selected Application
Configured Privilege per Application Resource
124 Chapter 6: Managing User Accounts
Figure 6-10 displays the User Group Configuration page in which users can be added to a
user group. In this example, the Standard CCM Super Users Group was selected.
Figure 6-10 User Group Configuration
Figure 6-11 displays the end-user addition to a user group. Click the Add End Users to
Group button of Figure 6-10 to display the user search page displayed in Figure 6-12. Enter
a search string and click Find. Select the user by checking the box next to the user, and then
click Add Selected.
Figure 6-11 User Group Configuration
Assign roles to a user group by selecting the Assign Role to User Group item from the
Related Links list box in the upper right of the User Group Configuration page. A new
window will display where you can assign or delete roles, as shown in Figure 6-12.
Lightweight Directory Access Protocol 125
Figure 6-12 User Group Role Assignment
Click the Add Role to Group button. Select the roles that you would like to add, as shown
in Figure 6-13, and then click the Add Selected button.

Global Server Settings Best Cisco CCIE Training Institute in Delhi Gurgaon

Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192

Two types of settings parameters can be changed in CUCM globally across a server or
globally across the cluster: enterprise parameters and service parameters.
Enterprise Parameters
Enterprise parameters are used to define cluster-wide system settings, and they apply to all
devices and services in the cluster. After installation, enterprise parameter default values
should be verified and modified if required before deploying endpoints. Some enterprise
parameters will specify initial values of device defaults.
CAUTION Only change enterprise parameters if you are fully aware of the impact of
your modifications or if instructed to do so by Cisco Technical Assistance Center (TAC).
Network and Feature Services 101
Figure 5-10 Control Center
You can modify many enterprise parameters. Table 5-3 displays some frequently modified
enterprise parameters.
Table 5-3 Enterprise Parameters
Parameter Description Default Value
Auto Registration Phone
Protocol
Specifies the protocol that autoregistered
phones should boot
with during initialization
SCCP
Enable Dependency Records Determines whether to display
dependency records
False
continues
Activation status
Current status Service start time and up time
Start, stop, restart, refresh
selected service
Select service to
start, stop, or restart
102 Chapter 5: Initial Configuration Settings
Dependency records are a feature of CUCM that enable an administrator to view
configuration database records that reference the currently displayed record. Dependency
record reports can be run by using the Related Links drop-down menu in most configuration
pages throughout CUCM Administration. Dependency record reports search the database
and return links to all configuration items that include the configuration detail in question.
Dependency record reports are useful when CUCM will not allow a configuration element
to be deleted because it is in use somewhere in the system but should no longer be in use.
Because dependency records could cause a CPU spike in the server platform, it is not
recommended that they be run during high-usage periods.
To modify enterprise parameters, follow these steps in the CUCM Administration web
interface:
Step 1 Navigate to System > Enterprise Parameters.
Step 2 Change the enterprise parameter values as desired and save the changes.
Figure 5-11 shows the procedure to hide configuration elements from the CCMUser
configuration pages. A business might not want end users to be able to change the Call
CCMUser Parameters Display or hide certain userconfigurable
settings from the
CCMUser web page
Not applicable
Phone URL Parameters URLs for IP phone
authentication, Directory
button, Services button, and
so on
Hostnames rather than IP
addresses
User Search Limit Specifies the maximum number
of users to be retrieved from a
search in the Corporate
Directory feature on the phone
64
NOTE To obtain additional information about specific enterprise parameters, click the
? symbol in the upper-right corner of the screen. The same help system is available by
clicking the hyperlink of the enterprise parameter name.
Table 5-3 Enterprise Parameters (Continued)
Parameter Description Default Value
Network and Feature Services 103
Forward All options of their phone in the CCMUser configuration pages, but the option
exists in the page by default. Using the enterprise parameter options shown in Figure 5-11,
the administrator can choose to remove the hyperlink to Call Forward All in the CCMUser
section of the Enterprise Parameters Configuration page. All default settings appear on the
right side of the Enterprise Parameter Configurations page.
Figure 5-11 Enterprise Parameter Configuration
When you are removing DNS reliance, all hostnames within enterprise URL parameters
have to be changed to IP addresses. Phone URL parameters change the website that the
phone launches when the settings, services, or directories buttons are clicked on the Cisco
IP Phone. The phone URL parameters are part of the enterprise parameters. Figure 5-12
shows the configuration of the phone URL parameters.
1. Select the new setting Default setting
2. Save the changes
104 Chapter 5: Initial Configuration Settings
Figure 5-12 Phone URL Parameters
Service Parameters
Service parameters are used to define settings for a specific service (for example, the callprocessing
CallManager service). They can be configured separately for each server in
the cluster. After installation (or activation of feature services), service parameter default
values should be verified and modified if required, before deploying endpoints. The most
important service parameters for the CallManager service are as follows:
■ T302 timer: The T.303 interdigit timeout specifies the interdigit timeout value used to
route calls when there are multiple possible matches in the database. Multiple possible
matches is a condition that will exist when variable-length numbers (international) or
overlapping dial plans are being analyzed by CUCM. Reducing the default T.302 value
will accelerate the call-routing decision of CUCM when users dial international phone
numbers or a phone number that overlaps with another. The default T.302 timer is
15,000-ms (15 seconds). A value of 15 seconds is too long for most environments. Best
practice is to reconfigure this timer to a value of 5000 ms (5 seconds). An example of
an overlapping dial plan is extension 1500 and extension 15001. CUCM would not
know whether it was done receiving digits if the digits of 1500 were received. The user
might dial another 1, which would direct the call to a different extension. In this situation,
CUCM waits for the T.302 timer to expire and then extends the call to extension 1500.
Network and Feature Services 105
■ CDR and CMR: CDRs are the basis for call reporting, accounting, and billing. The
service parameters are used to enable CDRs and CMRs. CMRs report QoS information
related to the phone call (lost packets, average jitter, maximum jitter, and so forth).
■ Cisco Unified Extension Mobility maximum login time: After expiration of this
timer, a user is logged out of Cisco Unified Extension Mobility.
■ Cisco Unified Attendant Console username: Specifies the application username that
is used by the Cisco Unified Attendant Console application when logging in to the
CUCM Computer Telephony Integration (CTI) interface.
By default, not all service parameters display. To see the complete list of service parameters,
click the Advanced button. The Change B-Channel Maintenance Status service parameter
is an example of a CallManager service parameter that does not show by default. Table 5-4
includes some frequently modified service parameters. Hundreds of service parameters are
available to CUCM, many of which you will never encounter. The best way to find one of
the parameters listed in Table 5-4 is to use the Find function of your web browser to locate
the option on the page.
Table 5-4 Service Parameter Examples
Parameter Description Default Value
CDR Enabled Flag This parameter determines whether CDRs are
generated.
False
Station Keepalive Interval This parameter designates the interval between
keepalive messages sent from Cisco IP Phones to the
primary CUCM.
30 seconds
T302 Timer This parameter specifies an interdigit timer for
sending the setup acknowledgment message. When
this timer expires, CUCM routes the dialed digits.
15 seconds
Automated Alternate
Routing Enable
This parameter determines whether to use automated
alternate routing when the system does not have
enough bandwidth.
False
Change B-Channel
Maintenance Status (click
Advanced button first)
This parameter allows CUCM to change individual B
channel maintenance status for PRI and CAS
interfaces in real time for troubleshooting.
No default
106 Chapter 5: Initial Configuration Settings
To modify service parameters, follow these steps in the CUCM Administration web
interface:
Step 1 Navigate to System > Service Parameters.
Step 2 Select the server and the service for which you want to change service
parameters.
Step 3 Change the service parameter values as desired and save the changes.
Step 4 Click Save.
Steps 2 through 4 are illustrated in Figures 5-13 and 5-14.

Network and Feature Services Best Cisco CCSP Coaching Institute in Delhi Gurgaon

Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192

A CUCM cluster can consist of up to 20 servers. Each server can fulfill different tasks, such
as running a TFTP or DHCP server, being the database publisher, processing calls,
providing media resources, and so on.
Depending on the usage of a server, different services have to be activated on the system.
There are two types of services on CUCM servers:
■ Network services: Network services are automatically activated and are required for
the operation of the server. Network services cannot be activated or deactivated by the
administrator, but they can be stopped, started, or restarted from the Cisco Unified
Serviceability web interface. Just choose Control Center > Network Services.
NOTE Repeat Steps 2 and 3 for each server in the cluster.
98 Chapter 5: Initial Configuration Settings
■ Feature services: Feature services can be selectively activated or deactivated per
server to assign specific tasks or functions (call processing, TFTP, and so on) to a
certain server. Feature services can be activated and deactivated by the administrator
from the Cisco Unified Serviceability web interface (Tools > Service Activation).
Feature services can be started, stopped, or restarted from the Cisco Unified
Serviceability web interface (Control Center > Feature Services).
Network Services
Network services are the operating system services that CUCM relies on. Network services
are summarized as follows:
■ Performance and monitoring services: Cisco CallManager Serviceability RTMT,
Cisco RTMT Reporter
■ Backup and restore services: Cisco DRF Master, Cisco DRF Local System Services:
Cisco CallManager Serviceability, Cisco CDP, Cisco Trace Collection Service
■ Platform services: Cisco Database, Cisco Tomcat, SNMP Master Agent
■ DB services: Cisco Database Layer Monitor
■ SOAP services: SOAP Real Time Service APIs and so on
■ CM services: Cisco CallManager Personal Directory, Cisco Extension Mobility
Application, Cisco CallManager Cisco IP Phone Services
■ CDR services: Cisco CDR Repository Manager, CDR Agent
■ Admin services: Cisco CallManager Admin
Feature Services
Feature services are the CUCM-related services that run on top of the operating system and
database. Feature services are summarized as follows:
■ Database and admin services: Cisco AXL Web Service, Cisco Bulk Provisioning
Service, Cisco TAPS Service
Network and Feature Services 99
■ Performance and monitoring services: Cisco Serviceability Reporter, Cisco
CallManager SNMP Service
■ CM services: Cisco CallManager, Cisco TFTP, Cisco CTIManager, Cisco Extension
Mobility
■ CTI services: Cisco CallManager Attendant Console Server, Cisco IP Manager
Assistant, Cisco WebDialer Web Service
■ CDR services: Cisco SOAP, including CDRonDemand Service, Cisco CAR Scheduler,
Cisco CAR Web Service
■ Security services: Cisco CTL Provider, Cisco Certificate Proxy Function
■ Directory Services: Cisco DirSync
■ Voice Quality Reporter Services: Cisco Extended Functions
Service Activation
To activate or deactivate feature services for a server, follow these steps in the Cisco Unified
Serviceability web interface:
Step 1 Go to Tools > Service Activation.
Step 2 Select the server where you want to activate or deactivate a service.
Step 3 Check or uncheck the check box for each service you want to modify, and
save the changes.
Step 4 Use the Control Center to verify that the service has been started (Tools >
Control Center – Feature Services).
Figure 5-9 illustrates the Service Activation configuration page in CUCM. The Related
Links drop-down menus in the upper-right portion of the CUCM web pages hyperlink to
different areas of CUCM configuration. Learning how to leverage the related links can
increase the speed in which you can provision services in CUCM.
Control Center
The Control Center for feature services is used to start, stop, or restart services. It is also
used to verify the current status and the activation status of feature services per server in the
cluster.
100 Chapter 5: Initial Configuration Settings
Figure 5-9 Service Activation
Figure 5-10 illustrates the process of viewing a service status and runtime. The figure also
shows the process of selecting the radio button related to a particular service so that the
service can be started, stopped, restarted, or refreshed.

DHCP Best Cisco CCNP Coaching Institutein Delhi Gurgaon

Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192

The CUCM DHCP server is designed to serve IP phones in small deployments (maximum
of 1000 devices). It provides a subset of the functionality that was provided by the Windows
2000 Server in CUCM versions earlier than CallManager 5.0.
Only one DHCP server can be configured per CUCM cluster; no backup configuration is
possible. The CUCM DHCP server can be configured with multiple subnets. DHCP relay
must be enabled in remote subnets to allow the DHCP broadcast request packets to be
forwarded to the DHCP server. Routers drop all broadcast packets by default, but the
packets can be configured with DHCP relay by using the ip helper-address command.
To configure DHCP support on CUCM, follow these steps:
Step 1 Activate the DHCP Monitor Service.
Step 2 Add and configure the DHCP server.
Step 3 Configure the DHCP subnets.
Navigate to the Cisco Unified Serviceability web pages. From the Tools menu, choose
Service Activation. Activate the DHCP Monitor Service by clicking the DHCP Monitor
Service check box and then clicking the Save icon. Figure 5-3 is a screen capture of the
DHCP Monitor Service activation.
The DHCP server then needs to be configured. Configure the DHCP server from the CUCM
Administration page. Navigate to System > DHCP > DHCP Server. The Find and List
DHCP Servers page will display. Click the Add New button. Choose the CUCM server that
will be acting as the DHCP server from the Host Server drop-down menu. Configure the
Primary TFTP Server IP Address field and the Secondary TFTP Server IP Address field. It
is advisable to have two CUCM servers running the TFTP service for fault-tolerance
purposes. Figure 5-4 shows the DHCP server configuration page options.
NOTE Due to the CPU load impact, CUCM DHCP server must not be used in deployments
larger than 1000 registered devices. The CPU load of the server can be monitored
using the Real-Time Monitoring Tool (RTMT). If high CPU load is experienced, the
DHCP service should be provided by other devices (DHCP server, switch, or router).
RTMT is covered in Cisco Unified Communications IP Telephony, Part 2.
CUCM Initial Configuration 93
Figure 5-3 Service Activation: DHCP Monitor Service
Figure 5-4 DHCP Server Configuration
94 Chapter 5: Initial Configuration Settings
The DHCP subnet(s) needs to be configured from the CUCM Administration page.
Navigate to System > DHCP > DHCP Subnet. The Find and List DHCP Subnets page will
display. Click the Add New button. Choose the DHCP server from the DHCP Server dropdown
menu. This is a required field. All fields in the configuration pages that have an
asterisk (*) to the upper right of the configuration option are required fields. Specify the
subnet IP address, IP address range, primary router IP address, subnet mask, and TFTP
servers. Figure 5-5 displays the DHCP subnet configuration page options.
Figure 5-5 DHCP Subnet Configuration
In CUCM releases earlier than 5.0, DHCP services could be provided by the Windowsbased
operating system of CUCM. If the Windows DHCP server was used and CUCM is
upgraded to a CUCM release running the Linux operating system, all DHCP configuration
is lost. The Data Migration Assistant (DMA) does not migrate Windows DHCP configuration.
DHCP can configured on CUCM servers beginning with Release 5.0.
DNS
CUCM can use either IP addresses or names to refer to other IP devices in application
settings. When names are used, they need to be resolved to IP addresses by DNS.
CUCM Initial Configuration 95
Both methods have some advantages:
■ Using IP addresses: The system does not depend on a DNS server. This prevents loss
of service when the DNS server cannot be reached. Clients, using DNS, query the
server with a name lookup request and receive a reply in which the DNS server resolves
the hostname record of the query to an IP address. Eliminating the requirement of a DNS
server reduces the danger of DNS configuration errors, DNS outages, and the latency
issues involved in sending a query and receiving a response using the DNS model.
Troubleshooting is simplified when using IP addresses rather than DNS names because
there is no need to perform name resolution.
■ Using DNS: Management is simplified because logical names are easier to remember
than IP addresses. If IP addresses change, there is no need to modify any of the application
settings that rely on the existing IP address. When DNS is used, the applications point
to a DNS name that does not change; the underlying IP address might change at any
time with no consequence to the IP addresses that rely on the server. CUCM server
addressing is sent to Cisco IP Phones in the CUCM group in the phone’s XML
configuration file. The addressing sent down to the IP phone can be based on IP
addresses or names.
Because of the additional point of failure introduced using DNS, the Cisco best
practices recommendation is to not use DNS with CUCM.
Table 5-2 summarizes the advantages and disadvantage of using DNS with CUCM.
Before the IP phone can communicate with CUCM, it has to resolve the name of the server.
Signaling messages are then exchanged between the Cisco IP Phone and CUCM, as
illustrated in Figure 5-6.
Table 5-2 IP Addressing and DNS Comparison
IP Addressing Advantages DNS Advantages
Does not require a DNS server Simplifies management because of the use of
names rather than numbers
Prevents the IP telephony network from failing if
the IP phones lose connection to the DNS server
Enables easier IP address changes because of
name-based IP paths
Decreases the amount of time required when a
device attempts to contact the Unified CM server
Allows server to IP phone NAT
Simplifies troubleshooting
96 Chapter 5: Initial Configuration Settings
Figure 5-6 Call Flow with DNS
When DNS naming is not used in the CUCM cluster, there is no need to resolve the name
of the CUCM to an IP address. The signaling between the IP phone and CUCM can be set
up faster, and calls can be processed even if the DNS service is not available. CUCM will
have higher availability and faster response times by removing any DNS reliance. Call flow
without the use of DNS is illustrated in Figure 5-7.
Figure 5-7 Call Flow Without DNS
IP Phone A IP Phone B
2) Signaling Protocol
3) RTP Media Path
2) Signaling Protocol
1) DNS Query/Response 1) DNS Query/Response
DNS Server
IP Phone A IP Phone B
1) Signaling Protocol
2) RTP Media Path
1) Signaling Protocol
Network and Feature Services 97
To change the system to operate without a DNS server, follow these steps:
Step 1 In CUCM Administration, go to System > Server.
Step 2 Click the Find button and select the first (next) available server from the
list of CUCM servers.
Step 3 Change the server name to the IP address of the server and save the
changes, as shown in Figure 5-8.

CUCM Initial Configuration Best Cisco CCNA Coaching Institute in Delhi Gurgaon

Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192

After you install CUCM, some initial configuration has to be done before starting to deploy
endpoints. This initial configuration includes the items in Table 5-1.
Network Components
CUCM leverages various IP networking protocols and systems.
Network Time Protocol
Network Time Protocol (NTP) is a protocol for synchronizing the clocks of computer
systems over IP networks through use of a hierarchical clock strata organization. A stratum
level 1 timing source device is an extremely precise clock source using the rare earth element
cesium. Cesium clocks used to be very expensive, but most service providers with large
central offices now have local stratum level 1 clocks. Global positioning system (GPS)
satellites provide a stratum level 1 clocking source that provides a cost-effective synchronization
system.
Stratum level 1 clocks are distributed over networks to provide timing information to a large
number of devices. A linear relationship exists between the number of nodes passed and the
degradation of the timing quality.
Stratum level 2 timing sources are based on the rare earth element rubidium. Distribution
of stratum 2 time information becomes inaccurate more quickly than stratum 1 information.
Table 5-1 Publisher Server Required Services
Configuration Item Description
Network settings Basic network settings have already been configured during installation,
but some of them should be revisited (use of external NTP and DNS
servers), and network settings that are not configurable during
installation (for example, enabling DHCP services on CUCM) have
to be addressed before endpoint deployment.
Network and feature services CUCM servers run network services (automatically activated) and
feature services (activated by the administrator). After installation,
network services should be checked, and desired feature services
have to be activated.
Enterprise parameters CUCM has cluster-wide configuration settings called enterprise
parameters. After installation, enterprise parameter default values
should be verified and modified if required.
Service parameters CUCM services have configurable parameters that can usually be set
per CUCM server. After installation and service activation, service
parameter default values should be verified and modified if required.
CUCM Initial Configuration 89
Stratum level 2 timing is not as accurate as stratum level 1, but the timing is accurate enough
to time a large SONET node. SONET nodes are very high-speed networks that are used
by service providers to transport time-division multiplexing (TDM) voice calls through
networks operating at up to OC-192 speeds (almost 10 Gbp/s). T1 and T3 voice interfaces
are provisioned from SONET nodes, such as the Cisco ONS 15454.
Stratum level 3 timing sources are based on the rare earth element quartz, which has become
affordable enough that it is built in to most off-the-shelf wristwatches. Stratum level 3 is
accurate enough to time a SONET node, but it quickly loses accuracy when distributed to
other nodes. Most T3 (44.736 Mb/s) controllers have built-in oscillators with a stratum
level 3 timing source. T3 interfaces multiplex (28) individual T1 interfaces for a total of
672 voice channels.
CUCM has an option to use NTP to obtain time information from a time server. Only
the CUCM publisher will communicate with one or more NTP servers. The timing that the
publisher receives is synchronized to the subscriber servers. If an external NTP server is not
used, CUCM can be manually configured with the date and time. The system time in most
servers is a stratum level 4 timing source and should not be relied on to time a production
network.
Dynamic Host Configuration Protocol
Dynamic Host Configuration Protocol (DHCP) is a protocol that allows IP endpoints to
obtain their IP settings dynamically from a server. The most important settings include the
IP address, subnet mask, default gateway, TFTP server (option 150), and DNS server.
CUCM features a DHCP server that was designed to serve Cisco IP Phones only.
Trivial File Transfer Protocol
Trivial File Transfer Protocol (TFTP) is a simple file transfer protocol used by Cisco IP Phones
to obtain configuration files and their software (binary image load). A CUCM server has to
run the TFTP service on at least one server to be able to support Cisco IP Phones.
Domain Name System
Domain Name System (DNS) is a name-resolution protocol that allows IP applications to
refer to other systems by logical names rather than IP addresses. A CUCM cluster can be
configured to use either DNS or IP addresses.
NOTE More information on SONET, optical networking, and the ONS 15454 is
available in Cisco Self-Study: Building Cisco Metro Optical Networks (METRO), by
Dave Warren and Dennis Hartmann (Cisco Press, 2003).
90 Chapter 5: Initial Configuration Settings
NTP and DHCP Considerations
NTP can be configured during installation of the CUCM product. NTP can also be
configured after the installation procedure using the CUCM Administration web pages.
It is extremely important that all network devices have accurate time information because
the system time of CUCM is relevant in the following situations:
■ Cisco IP Phones display date and time information; this information is obtained from
CUCM unless an NTP reference is assigned to the phone. NTP references can be
configured in date/time groups in CUCM versions 5.x and later. The date/time group is
then added to Cisco IP Phone devices.
■ Call details records (CDR) provide time-stamped call reporting, analysis, and billing
information. Call management records (CMR) contain quality of service (QoS)
information regarding the quality of phone calls, including the number of lost packets
(per direction), average jitter (delay variation), and maximum jitter. CMRs are mapped
to CDRs.
■ Alarms, log files, and trace files include time stamps with millisecond-level accuracy.
One second of processing in a CUCM server can have hundreds of lines of trace output.
Troubleshooting calls that involve multiple servers frequently require the correlation of
alarm, event, and trace information available in different systems. Correlation of these
records is possible only if all devices in the network have the same date and time
information.
■ CUCM includes features that rely on date and time. These features include time-of-day
routing, certificate-based security features, and remote support.
Figure 5-1 displays a master reference clock from which the publisher server is synchronizing
time. The publisher server redistributes the timing information to the subscriber servers.
NOTE Cisco Unified Communications IP Telephony, Part 2 (Cisco Press, 2007)
explains the operation of X.509v3 certificates, certificate trust lists, IPsec, transport layer
security, and Secure Skinny Client Control Protocol (SCCPS).
CUCM Initial Configuration 91
Figure 5-1 Network Time Protocol
CUCM and all network devices should synchronize their time from a stratum level 1 NTP
server. To modify NTP configurations in CUCM, navigate to System > NTP Servers from
the CUCM Administration web pages, as shown in Figure 5-2. NTP servers can be added,
deleted, or modified.

Operating System Administration Best Cisco CCIE Institute in Gurgaon

Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192

The CUCM Operating System Administration web interface allows platform
administrators to configure and manage the CUCM operating system. Examples of
operating system administration tasks include the following:
■ Check software and hardware status
■ Upgrade system software and install or upgrade options
■ View or update IP addresses
■ Manage Network Time Protocol (NTP) servers
80 Chapter 4: Administration
■ Manage server security, including IPsec configuration and certificates
■ Ping other network devices
■ Manage remote support (Technical Assistance Center, TAC) accounts
The Operating System Administration web page is accessible via the Navigation drop-down
menu or directly at https://<ip-address>/cmplatform. Figure 4-11 shows the Operating
System Administration web page.
Figure 4-11 Operating System Login Page
The platform administrator username is required for access to the Operating System
Administration page. Figure 4-12 shows the Operating System Administration page
menu options.
Figure 4-12 Operating System Menu Page
CUCM User Interface Options 81
Command-Line Interface
The CUCM CLI provides similar features to platform administrators that they can find in
the CUCM OS and CUCM DRS GUI and includes some additional functions:
■ Display platform information, such as product version, CPU, memory, disk usage,
platform hardware, serial number, and so on
■ Display network, process, and load information
■ Configure additional platform administrator accounts
■ Change platform administrator account password and security passwords
■ Perform disaster recovery tasks
■ Use tools such as ping, traceroute, and packet capture
■ Change network configuration settings
■ Start, stop, and restart services
■ Perform system restarts, shutdowns, and switch versions
When accessing the CUCM CLI, the platform administrator has to log in with a username
and password. The CLI is accessible via the physical Media Convergence Server (MCS)
platform or over the network via a Secure Shell (SSH) client. Telnet is not supported on
CUCM because Telnet does not provide transport security.
When using the CUCM CLI, you can use ? to see the available commands or command
options. In the first example shown in Figure 4-13, the ? was used at the root access level;
therefore, all top-level commands displayed. In the second example, the command show ?
was entered; therefore, all available show commands displayed. Finally, all utility
commands (utils) displayed because the utils ? command was entered.

Pages

Courses