Mino – The UC Guy

Microsoft Unified Communications Blog

Archive for the ‘Unified Messaging’ Category

How to Fix Exchange UM Certificate errors when Integrating with OCS 2007

Posted by Mino on May 19, 2009

Typically When Exchange 2007 is installed, it generates a self-issued certificate for use with IIS, SMTP, and SIP (if you’re using UM).  This certificate generally isn’t ideal for Outlook and OWA clients because it’s not trusted by any machines except for the Exchange server, and one of the first tasks to do is replace this certificate with one that is trusted by the user’s machines.

So typically you would request to buy a Public certificate for the Exchange and usually people don’t include the internal FQDN of the servers in this request.

On the Other Hand when you deploy the OCS 2007 you will require Certificate for each OCS server and this is required for securing the communication internally between OCS to OCS servers and OCS to Client. So you will deploy internal Enterprise CA in your domain to issue the certificates for the OCS , and since this is Enterprise CA so it will be published in the Active directory and it will be trusted by default for all internal domain user computers.

However when you try to integrate the OCS 2007 with the Exchange UM by this design , the first thing you will notice that the Voice mail is not accessible from the Communicator client  and it is giving you communicator error whenever you click on voice mail ,and you will find lots of Certificate event logs and OCS Protocol stack errors on both OCS front end and Exchange UM Server.

The reason behind that is because the Exchange UM server is still using the Exchange Self Signed certificate for its internal name and it is trying to communicate with the OCS using this certificate , and since the OCS doesn’t know anything about this issuer so it drops the connection.

To solve this problem we will have to replace the Exchange UM self signed certificate with one from the same CA that the OCS 2007 is using. To accomplish this task simply run the below command on the Exchange command shell.

New-ExchangeCertificate -GenerateRequest -Path c:\UMrequest.req -SubjectName “c=US, o=Contoso, cn=umsrv.mydomain.local” -DomainName mydomain.local  -PrivateKeyExportable $true

This will generate a request on the C: drive under the name of UMrequest.req  for the UM server internal FQDN umsrv.mydomain.local , open it with notepad and copy the content and then go to the PKI auto enrolment page https:\\pkisrv.mydomain.local\certsrv   to issue the certificate and save it locally .

Then we need to import the certificate to exchange and Enable it for UM service usage , my certificate is saved on the C: drive with the name of UMCertificate.cer

Import-ExchangeCertificate -Path c:\UMCertificate.cer

The last thing we will do is to enable this certificate for UM usage, first make sure to copy the Thumbprint of the certificate that you will see in the command shell then run the below command .

Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e –Services UM

Restart UM service and restart OCS Front End Server and now you will get the UM working fine with the OCS and you will no longer see the protocol stack errors.

Posted in Certificates, Common Errors, communicator client, Front End Server, Mediation Server, OCS & Exchange07, OCS 2007 R2, Phone Edition, Unified Messaging | Tagged: , , , , , , , , , , | 3 Comments »

How to Integrate Exchange UM Voicemail into Cisco IP Phones

Posted by Mino on March 27, 2009

I am working with a client who is using Cisco CUCM with Cisco Phones, along with Microsoft Exchange 2007 voice mail on the UM , but when you divert the phone to voicemail you are not prompted with the users voicemail prompt – you are prompted with the Subscriber access greeting of “ Welcome , you are connected to Microsoft exchange ,…etc )

Usually when you call someone and there is no answer then you are transferred to the Pilot number, the extension of the person you are calling is sent also in the request so that you would be directly transferred to the users voice mail not to the Welcome greeting.

This Problem Happens when Diverted Calls are not accepted because both sides cannot agree on DTMF handling , the MTP is important, because it deals with differences in how DTMF is signaled between the phones and gateways and the sip trunk

Just make sure the following on the Cisco SIP trunk:

  1. Accept Out-of-Dialog REFER
  2. Accept unsolicited Notification
  3. Accept Replaces Header
  4. Have the SIP trunk configured to use MTP, once I’d configured MTP and MRG/MGRL

The changes detailed below are based on a new installation of Call Manager 5. As this environment been created for the purpose of testing the integration between platforms, it contains only minimum configuration. The required Changes are with:

·         Media Termination Point (MTP)

·         Changes to security profile

Media Termination Point: The Cisco Call Manager installation builds the default media termination point.

Media Resource Group: Create a media resource group “MRG_CCM5” and add the media resource (MTP) to the group. Multicast is not required.

Media Resource Group List: Create a media resource group list “MRGL_CCM5” and add the media resource group “MRG_CCM5” to the list.

Device Pools: By default Cisco Call Manager creates the “default” device pool. Open the device pool “default” and select the new media resource group list “MRGL_CCM5”.

SIP Trunk Security Profiles: Copy the “Non Secure SIP Trunk Profile” to “E2K7 Non Secure SIP Trunk Profile” and enable “Accept Unsolicited Notifications”.

Partition Configuration: Create a Class of Control Partition “Local”.

Calling Search Space: Create a Class of Control Calling Search Space “CCS_Local” and add the Partition “Local” to the calling search space.

Trunk Configuration:

Trunk Configuration

General

Setting

Device Name

E2K7

Description

Exchange UM

Device Pool

Default

Call Classification

Use System Default

Media Resource Group List

<None>

Location

Hub_None

AAR Group

<None>

Packet Capture Mode

None

Packet Capture Duration

0

Media Termination Point Required

Enabled

Retry Video Calls as Audio

Disabled

Transmit UTF-8 for Calling Party Name

Disabled

Unattended Port

Disabled

MLPP Domain Information

<None>

   

Trunk Configuration
Call Routing Information

Setting

Inbound Calls

Significant Digits

All

Connected Line ID Presentation

Default

Connected Name Presentation

Default

Calling Search Space

CCS_Local

ARR Calling Search Space

<None>

Prefix DN

<Blank>

Redirecting Diversion Header Delivery

Disabled

Outbound Calls

Calling Party Selection

First Redirect Number

Connected Line ID Presentation

Default

Connected Name Presentation

Default

Caller ID DN

<Blank>

Caller Name

<Blank>

Redirecting Diversion Header Delivery

Enabled

Trunk Configuration

SIP Information

Setting

Destination Address

<IP Address of E2K7 Server>

Destination Address is an SRV

Disabled

Destination Port

5060

MTP Preferred Originating Codec

711alaw

Presence Group

Standard Presence Group

SIP Trunk Security Profile

E2K7 Non Secure SIP Trunk Profile

Rerouting Calling Search Space

<None>

Out-of-Dialog Refer Calling Search Space

<None>

SUBSCRIBE Calling Search Space

Default

SIP Profile

Standard SIP Profile

DTMF Signalling Method

No Preference

Posted in Cisco 4.x Integration, Cisco 5.x Integration, Cisco 6.x Integration, Cisco 7.x Integration, Good Articles take from Other Blogs, OCS & Exchange07, Unified Messaging | Tagged: , , , , , , , , | 8 Comments »

How to enable inbound fax for OCS 2007 Enterprise Voice and Exchange 2007 UM enabled users?

Posted by Mino on March 9, 2009

Any Post starting with this disclaimer means that this post was not written by me however I have liked it and added to my blog. I will also include the link to the original or Similar post to provide credit to the original author.

http://blogs.technet.com/jenstr/archive/2007/11/13/how-to-enable-inbound-fax-for-enterprise-voice-and-exchange-2007-um-enabled-ocs-2007-users.aspx

Exchange 2007 SP1 UM supports both voice mail and incoming fax to a given extension. However, if the user is both UM-enabled and enabled for Enterprise Voice using OCS 2007, incoming fax is not supported using the same extension. The reason being that OCS 2007 Mediation Server does not currently support T.38.

How is it possible to provide incoming fax support for Enterprise Voice enabled users? The answer is to use a separate extension for fax and route fax calls to this extension directly to Exchange 2007 SP1 UM outside of OCS 2007.

Let’s assume we have a company called Contoso with the environment shown below and we will use that company to explain the issue and the solution

12

The OCS 2007 environment is connected to the PBX via a SIP/PSTN gateway called PSTNOCSGWY. The PBX routes all calls to the DID range +131255xxxxx to OCS 2007. OCS 2007 is integrated with the Exchange 2007 SP1 UM server called UMSRV1. It hosts a UM Dial Plan called OcsUmDialPlan of UriType = SipName (required for OCS 2007 integration). There is a UM Mailbox Policy associated with this UM dial plan called OcsUm. Exchange 2007 SP1 UM is connected to the PBX via OCS 2007.2

The Contoso user Test User is enabled for Enterprise Voice with the DID +13125510001 and SIP URI TestUser@contoso.com. His extension is 10001. His Enterprise Voice configuration is shown below.

 

 

To be enabled for Exchange 2007 SP1 UM the administrator would issue the following Exchange Management Shell command:

Enable-UmMailbox -id TestUser -UmMailboxPolicy OcsUmPolicy -Extensions 10001 -SIPResourceIdentifier TestUser@contoso.com -Pin 1234

Test User is now enabled for Exchange 2007 SP UM, but will not be able to receive incoming fax on extension 10001 or DID +13125510001.

As indicated above the solution is to give Test User a separate extension for fax and the extension needs to be routed to Exchange 2007 SP1 UM directly without going through OCS 2007. Contoso will therefore have to create a configuration as shown below. There is a dedicated SIP/PSTN gateway for connectivity to Exchange 2007 SP1 UM. The PBX routes the DID range +131266xxxxx to this SIP/PSTN gateway. There is a new UM Dial Plan called UmDialPlan with UriType=TelExtn. There is a UM Mailbox Policy associated with this UM dial plan called Um. The UM server UMSRV1 hosts both UM Dial Plans.

The administrator now decides that Test User should have the extra extension 11001 and DID +13126611001 as the fax number.

To enable Test User to receive fax the administrator need to issue the following Exchange Management Shell command:

Set-Mailbox -id TestUser -SecondaryAddress 11001 -SecondaryDialPlan UmDialPlan

With the above configuration Test User is now able to receive fax on DID +13126611001.

3

Posted in AVAYA, Cisco 4.x Integration, Cisco 5.x Integration, Cisco 6.x Integration, Cisco 7.x Integration, Mediation Server, Nortel CS1000, OCS & Exchange07, OCS 2007 R2, PBX Integration, Quintum's gateways, Unified Messaging | Tagged: , , , , , , , , , , , , , , , , | 13 Comments »