RealPresence CloudAXIS Suite 1.3.1
Transcription
RealPresence CloudAXIS Suite 1.3.1
RealPresence® CloudAXIS™ Suite Administrators’ Guide ADMINISTRATORS’ GUIDE Software 1.3.1 Software 1.3.1 | September 2013 | 3725-03273-003 Rev A RealPresence® CloudAXIS™ Suite Polycom, Inc. 1 RealPresenc ce® CloudAXIS™ ™ Suite Administtrators’ Guide Softwarre 1.3.1 Copyright ©2013, © Polycom, Inc. All rightts reserved. No o part of this do ocument may b be reproduced,, translated into o another lan nguage or form mat, or transmittted in any form m or by any mea ans, electronicc or mechanical, for any purpo ose, without the e express writte en permission of o Polycom, Inc c. 6001 Amerrica Center Driv ve San Jose, CA 95002 USA Trademarks s Polycom®,, the Polycom logo and the na ames and mark ks associated w with Polycom p products are tra ademarks and//or service ma arks of Polycom m, Inc. and are registered and d/or common la aw marks in the e United Statess and various o other countries. All A other tradem marks are prop perty of their res spective ownerrs. No portion h hereof may be reproduced orr transmitted d in any form or by any means s, for any purpo ose other than the recipient'ss personal use, without the exxpress written permission of Poly ycom. End User License Agreeme ent ave read, unde By installing, copying, or otherwise using this product, you acknowled dge that you ha erstand and ag gree to be bound by b the terms an nd conditions of o the End Userr License Agree ement for this p product. Patent Inforrmation The accom mpanying produ uct may be prottected by one or o more U.S. a nd foreign pate ents and/or pen nding patent applications held by Polyc com, Inc. Open Sourc ce Software Use ed in this Produ uct This product may contain n open source software. You u may receive the open sourrce software frrom Polycom u up to three (3) years y after the distribution da ate of the applicable product or software att a charge not greater than tthe cost to Pollycom of shipp ping or distributting the softwa are to you. To receive softwa are information, as well as the e open source softtware code use ed in this produ uct, contact Polycom by emai l at OpenSourcceVideo@polyccom.com. Disclaimer While Poly ycom uses reas sonable efforts to include accu urate and up-to o-date informattion in this document, Polycom m makes no warranties w or re epresentations s as to its accurracy. Polycom assumes no lia ability or respo onsibility for anyy typographical or other errrors or omissions in the conte ent of this docu ment. Limitation of o Liability Polycom and/or its respec ctive suppliers make no repre esentations abo out the suitability of the inform mation containe ed in ment for any purrpose. Informattion is provided d “as is” withou ut warranty of a any kind and is subject to cha ange this docum without nottice. The entire e risk arising ou ut of its use rem mains with the rrecipient. In no o event shall Po olycom and/or its respective suppliers be lia able for any dirrect, consequential, incidenta al, special, puniitive, or other d damages whatssoever w limitatio on, damages fo or loss of busin ness profits, bu siness interrup ption, or loss off business (including without information n), even if Polyc com has been advised of the possibility of ssuch damages.. Customer Feedback F We are striiving to improve our documen ntation quality and a we apprecciate your feedb back. Email your opinions and d comments to DocumentationFeedback@ @polycom.com m. Visit the Po olycom Supporrt Center for En nd User License Agreements,, software dow wnloads, producct documents, product lice enses, troubles shooting tips, service s requests, and more. Polycom, Inc c. 2 RealPresenc ce® CloudAXIS™ ™ Suite Administtrators’ Guide Softwarre 1.3.1 Con ntents s Abou ut This Guide ...................................................................................................... 6 Conventions Used in this Guide G ......................................................................................................... 6 Terrms and Writting Conventtions ......................................................................................................... 6 Info ormation Ele ements ........................................................................................................................... 7 Typ pographic Co onventions ................................................................................................................... 8 Wh hat’s in this Guide? G ........................................................................................................................... 8 1: Ge etting Startted .................................................................................................... 10 Understanding the RealPresence Platfo orm..................................................................................... 10 Understanding Minimum Re equirements s ......................................................................................... 13 Minimum M Serv ver Requireme ents ........................................................................................................ 15 Lea arning Port Usage U ........................................................................................................................... 16 Completing Settup Workshe eets ......................................................................................................... 18 Getting Help an nd Support Resources R ............................................................................................... 24 2: De eploying an nd Configu uring the Portals P ...... ...................................................... 25 Deploying the Services S Porrtal and Expe erience Porta al Packages ................................................ 25 Acc cessing the Services Porrtal .......................................................................................................... 26 Acc cessing the Experience Portal P ...................................................................................................... 28 Configuring the e Services Portal ........................................................................................................ 30 Lo ogging In as the t Super Admin......................................................................................................... 30 Synchronizing Portal Timing g ............................................................................................................. 31 Configuring C the e Connection to the LDAP Server ............................................................................. 32 Configuring C the e Connection to the SMTP P Server ............................................................................. 33 Configuring C Ad dditional Serv ver Settings ............................................................................................. 35 Configuring C So ocial Policies ............................................................................................................... 36 Configuring C the e Connection to the DMA System S and R RPAD Serverrs ............................................. 39 Lo ocalizing the Services Porttal ........................................................................................................... 46 Customizing C th he Email Tem mplates .................................................................................................... 47 Setting Date and Time ...................................................................................................................... 53 Managing M Certtificates ....................................................................................................................... 54 Selecting and Downloading Log Levels ............................................................................................ 59 Updating U Services Portal So oftware ................................................................................................... 61 Activating A Lice enses ........................................................................................................................... 65 Configuring C Prroxy Settings ............................................................................................................... 71 Configuring the e Experience e Portal ................................................................................................... 73 Configuring C the e Server Settings ........................................................................................................ 74 Configuring C the e Environmen nt General Se ettings ............................................................................... 77 Configuring C the e Meeting Ho osts .......................................................................................................... 80 Configuring C DM MA Settings ................................................................................................................. 83 Configuring C the e VMR Settings ........................................................................................................... 87 c. Polycom, Inc 3 RealPresenc ce® CloudAXIS™ ™ Suite Administtrators’ Guide Softwarre 1.3.1 Configuring C Co onnection Setttings ...................................................................................................... 93 Configuring C Au uthentication Provider P Settings .................................................................................. 97 Viewing V Experrience Portal Log L Files ................................................................................................ 99 Applying A Experience Portal Configuration ns.................................................................................... 100 Setting System m Administratiion UI Properrties ................................................................................. 102 Updating U Expe erience Portall Software ............................................................................................. 105 Exporting the Experience E Portal Configuration File ....................................................................... 105 Im mporting the Experience E Portal Configurration File ....................................................................... 106 Lo ocalizing the Experience Portal P ..................................................................................................... 107 3: Cre eating and d Managing g User Acc counts ...... .................................................... 109 Understanding Account Ro oles ........................................................................................................ 109 Cre eating Accou unts ............................................................................................................................ 111 Adding A Active Directory Use ers ........................................................................................................ 111 Adding A Local Users U ......................................................................................................................... 113 Editing Accoun nts .............................................................................................................................. 115 Editing Accoun nts Created frrom the Active e Directory ...................................................................... 115 Editing Locally y Created Use er Accounts........................................................................................... 117 Deleting Accou unts ............................................................................................................................ 119 Changing Yourr Password ................................................................................................................ 120 Res setting a Pas ssword ...................................................................................................................... 121 4: Pro oviding Se ecure Gues st Access ...................................................................... 123 Sec curing SIP Guest G Access s ............................................................................................................. 123 Enabling Gues st Access on Your Y Edge Prroxy ................................................................................ 123 Additional A Rec commendation ns for Greater Security ........................................................................ 124 Sec curing Web Access A ...................................................................................................................... 125 5: Tro oubleshoo oting the Se ervices Po ortal .......... .................................................... 126 User U Cannot Create C Meetin ngs ........................................................................................................ 126 User U Cannot Launch L the Welcome Scree en.................................................................................... 126 Configured C Co omponents are e Not Respon nding ............................................................................... 126 Super Admins and Admins Cannot Add an a Active Dire ectory User ............................................... 127 User U Cannot Send S Email No otifications ............................................................................................ 127 User U Receives s “Unable to Create C a Confference with a Personal VM MR” Message e ...................... 127 User U Receives s “External Se erver Not Set”” Message ....................................................................... 127 User U Receives s “Video Reso ources Are No ot Available” M Message ................................................... 127 Obtaining O Serv vices Portal Log Files ................................................................................................ 128 User U Cannot Download D Log gs on Internett Explorer ........................................................................ 128 6: Ge etting Help ...................................................................................................... 129 Polycom and Partner P Resou urces .................................................................................................... 129 The e Polycom Community... C .............................................................................................................. 129 A: Crreating a Google G Talk k™ App ......................................................................... 130 Polycom, Inc c. 4 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 B: Creating a Facebook App ................................................................................ 139 C: DMA Factory Conference Settings Impact ..................................................... 144 D: CloudAXIS Restricted Shell............................................................................. 147 Introduction ................................................................................................................................... 147 Usage ............................................................................................................................................. 147 Use Case - Login as 'caxis' via Console or via a SSH Connection ............................................. 147 Use Case - Change System Hostname ....................................................................................... 148 Use Case - Log Collection ........................................................................................................... 148 Use Case - Copying the generated logs to a different server ...................................................... 149 Use Case - Access Log Files ....................................................................................................... 149 Use Case - Changing Password of the 'caxis' User .................................................................... 149 Use Case - Configure System NTP Settings ............................................................................... 150 Use Case - Quick Sync System date-time with a Specific NTP server ....................................... 150 Use Case - Show Product Version .............................................................................................. 150 Use Case - Regeneration of Certificates ..................................................................................... 151 Use Case - Change System Timezone........................................................................................ 151 Use Case - Restarting Services ................................................................................................... 152 Use Case - Set System Date Time .............................................................................................. 152 Use Case - View System Network Information ............................................................................ 153 Use Case - System Network Configuration is already set to use DHCP ..................................... 153 Use Case - Enabling DHCP in a machine where DHCP is not enabled...................................... 154 Use Case - Configuring Static IP Address in a System where DHCP is in an 'Enabled' state .... 154 Use Case - Configuring Static IP Address in a system where DHCP is in a 'Disabled' state...... 156 Use Case - Configuring Static IP Address in a system where DHCP is in a 'Disabled' state with the currently assigned IP address................................................................................................ 158 Use Case - Attempting to configure manual DNS settings while DHCP is enabled in the system ..................................................................................................................................................... 160 Use Case - Using invalid network values..................................................................................... 160 Use Case - Using an IP that is already assigned to a machine in the same network ................. 161 Use Case - Reboot System ......................................................................................................... 162 Use Case - Exit Restricted Shell .................................................................................................. 162 Use Case - Login Timeout: .......................................................................................................... 162 E: Third-Party Software ........................................................................................ 163 Polycom, Inc. 5 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 About This Guide This administrators’ guide uses a number of conventions that can help you to understand information and perform tasks. Conventions Used in this Guide This administrators’ guide contains terms, graphical elements, and a few typographic conventions. Familiarizing yourself with these tools will help you to successfully perform tasks. Terms and Writing Conventions As you read this guide, you will notice the same terms and conventions are used repeatedly. Make sure you familiarize yourself with these terms and conventions so you understand how to perform administration tasks. Apache Tomcat application. Experience Portal An open source web server and application container to run the Services Portal The meeting conference interface. Also referred to as MEA. Services Portal The backend for scheduling meetings, adding users, and adding contacts. Also referred to as WSP. NGINX An HTTP Server used to render static content and delegate requests to Apache Tomcat. FQDN Fully Qualified Domain Name. Example of an FQDN: dma.example.com Network Time Protocol Server (NTP) Services Portal The NTP server sets the time and date settings for the VMR Virtual Meeting Rooms (VMR) A virtual meeting space that users and endpoints can join to participate in a multi-party videoconference. VMRs are identified and addressed by numeric IDs. A VMR may be personal or temporary. A personal VMR (also known as a persistent VMR) remains in existence indefinitely and can be used for different individual meeting events over time. A temporary VMR is created for a specific meeting or time period and is deleted once the meeting or time period has ended. Also see the Polycom DMA 7000 System Operations Guide on the Polycom Support site. VMR Prefix Specifying a VMR prefix value allows the Services Portal and Experience Portal to know where to direct requests concerning a particular VMR Id. For example, if DMA-1 had the dialing prefix specified as “1” and DMA-2 had no dialing prefix specified, all portal requests concerning VMRs with Id “1xxxx” would be directed to DMA-1 and requests concerning any other VMR Id would be directed to DMA-2. Polycom, Inc. 6 RealPresenc ce® CloudAXIS™ ™ Suite Administtrators’ Guide Softwarre 1.3.1 Inforrmation n Elem ments This guide e may include e any of the fo ollowing icons s to alert you to important iinformation. Icons Used in this Guide Name Ic con Des scription Note The e Note icon highlights informa ation of interestt or important in nformation nee eded to be b successful in n accomplishin ng a procedure or to understand a concept. Administrrator Tip e Administratorr Tip icon highliights technique es, shortcuts, o or productivity The rela ated tips. Caution e Caution icon highlights inforrmation you ne eed to know to a avoid a hazard d that The cou uld potentially im mpact device p performance, a application funcctionality, or suc ccessful feature e configuration.. Warning e Warning icon highlights an a action you musst perform (or a avoid) to preven nt The issu ues that may ca ause you to losse information o or your configu uration setup, and d/or affect phon ne or network p performance. Web Info e Web Info icon n highlights sup pplementary infformation availlable online such The as documents d or downloads d on ssupport.polyco om.com or othe er locations. Timesave er e Timesaver ico on highlights a faster or altern native method ffor accomplish hing The a method m or opera ation. Power Tip p e Power Tip ico on highlights fa ster, alternative procedures ffor advanced The adm ministrators alre eady familiar w with the techniques being disccussed. Troublesh hooting e Troubleshooting icon highlig ghts information n that may help p you solve a The rele evant problem or o to refer you to other releva ant troubleshoo oting resources. Settings e Settings icon highlights settiings you may n need to choose e for a specific The beh havior, to enable a specific fea ature, or to acccess customiza ation options. Polycom, Inc c. 7 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Typographic Conventions A few typographic conventions, listed next, are used in this guide to distinguish types of in-text information. Typographic Conventions Convention Description Bold Highlights interface items such as menus, soft keys, file names, and directories. Also used to represent menu selections and text entry to the phone. Italics Used to emphasize text, to show example values or inputs, and to show titles of reference documents available from the Polycom Support Web site and other reference sites. Blue Text Used for cross references to other sections within this document and for hyperlinks to external sites and documents. Courier Used for code fragments and parameter names. What’s in this Guide? This administrators’ guide is organized into five chapters and four appendices. The first chapter, Getting Started, introduces Polycom RealPresence CloudAXIS Services Portal and Experience Portal. The chapters that follow show you how to configure and deploy these portals and create and manage your user accounts. The appendices provide you with information on third-party apps and software and template settings. Chapter 1: Getting Started - This chapter gives you a brief overview of the Services Portal and Experience Portal, deployment prerequisites, and Setup Worksheets to assist you with configuring the Services Portal and Experience Portal. Chapter 2: Deploying and Configuring the Portals - This chapter shows you how to deploy and configure the Services Portal and the Experience Portal. Chapter 3: Creating and Managing User Accounts - This chapter shows you how to create, edit, and delete Active Directory and local user accounts. Chapter 4: Providing Secure Guest Access - This chapter gives you suggestions for enabling secure access to users located outside of your organization’s firewall. Chapter 5: Troubleshooting the Services Portal - This chapter gives you troubleshooting procedures to resolve common portal errors and situations. Appendix A: Creating a Google Talk™ App - This appendix shows you how to create a Google Talk app to enable access to those contacts from the Experience Portal. Appendix B: Creating a Facebook App - This appendix shows you how to create a Facebook app to enable access to those contacts from the Experience Portal. Appendix C: DMA Factory Conference Settings Impact - This appendix uses a table to show you how DMA factory conference template settings impact CloudAXIS web client behavior. Polycom, Inc. 8 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Appendix D: CloudAXIS Restricted Shell -This appendix provides you with the information to log in to CloudAXIS products from either a console or via an SSH connection and perform various shell operations. Appendix E: Third-Party Software - This appendix gives you the license details for third-party software mentioned in this guide. Polycom, Inc. 9 RealPresenc ce® CloudAXIS™ ™ Suite Administtrators’ Guide Softwarre 1.3.1 1: Getting G g Started The Cloud dAXIS™ Suite e extends and d enhances the Polycom® ® RealPresence® Platform m by providing access to a shared me eeting and collaboration ex xperience thatt can include users from th he hosting business and guests frrom outside th ponents of the suite are tw he business. The T key comp wo virtualized server com ortal and the Experience P mponents deployed by the e business: the Services Po Portal. The Services Portal en nables users to t create and participate in n online video o conference m meetings. Users create me eetings by log gging into the Services Porrtal, selecting the type of m meeting they w want to create e, setting the e meeting parrameters, and d entering a list of participa ants to invite. The Servicess Portal also provides administrative a e capabilities for creating and a managing g users and fo or configuring g the compone ents that enable the online video v confere ence meetings s. The Experiience Portal p provides the m meeting interfface, enabling users u to intera act with features such as content c sharin ng, group cha at, and privacyy settings. Th his guide sho ows you how to t deploy and d configure the e Services Po ortal and Exp perience Porta al packages a and create and d manage user accounts. This chap pter gives you an overview of the RealPresence Platfform, lists the e deployment requirementss for the Servic ces Portal and d the Experience Portal, an nd provides w worksheets to o complete be efore starting tthe deployme ent and config guration. Whe en you are rea ady to deploy and configurre the Service es Portal, see Deploying g and Configu uring the Porta als. This cha apter is orga anized as fo ollows: Und derstanding th he RealPrese ence Platform m Und derstanding Minimum M Requirements Lea arning Port Us sage Com mpleting Setu up Worksheetts Gettting Help and d Support Res sources b Info: An On nline Version of this Docu ument is Ava ailable Web Note that if you are reading this do ocument in PD DF format, an online version iss available on tthe com TechNet website w at http://support.polyccom.com/PolyccomService/home/home.htm. Polyc Unde erstanding th he Rea alPrese ence P Platform m The Polyc com RealPres sence Platform m is a produc ct suite used tto enable and d enhance sta andards-base ed videoconfference collab boration between hardware e and softwarre endpoints ffrom Polycom m and other optional vendors. v This implementation may includ de one or mo ore of the com mponents liste ed Table 1. c. Polycom, Inc 10 RealPresenc ce® CloudAXIS™ ™ Suite Administtrators’ Guide Softwarre 1.3.1 Table 1: RealPresence R Platform P Components Required d or Optional Polycom Platform P Com mponent Pu urpose Required d Polycom DMA D Sig gnaling, call ccontrol, and brridge virttualization. Required d RealPrese ence Collaborration Server ™ MC CU for hosting g conferencess. Optionall RealPrese ence Resourc ce Manager Pro ovisioning and d managing end dpoints Optionall RealPrese ence Access Director™ so olution* Firrewall traversa al Optionall RSS™ rec cording and streaming s serrver Me edia recording g *A An Acme Pack ket Net-Net Enterprise E Ses ssion Directorr may alterna ately be used to secure fire ewall tra aversal. The Services and Expe erience Porta als interoperatte with the Re ealPresence P Platform components along with the fo ollowing stand dard IT infrastructure elem ments that the deploying org ganization sh hould provide:: Dyn namic Host Configuratio C n Protocol (D DHCP) Serve er - Allows the e portals to obtain their IP add dresses. Dom main Name System S (DNS S) Server - Alllows the porttals and otherr RealPresence Platform com mponents to be b found and referenced using domain n names ratherr than IP addrresses. Lig ghtweight Dirrectory Acce ess Protocol (LDAP) Servver - Allows th he portals to b be integrated with an LDAP-compa atible directory y (e.g., a Micrrosoft Active Directory servver) to facilita ate user management an nd authenticattion. Sim mple Mail Tra ansport Proto ocol (SMTP) Server - Ena ables sending meeting invittations and otther use er notifications s, including lo ogin informatio on and passw word reset/updates, via e-m mail. HTT TP Reverse Proxy P Server - Provides web w clients wiith secure acccess to the C CloudAXIS porrtals from m outside the organizational firewall. Fo or best resultss, a proxy serrver should be e used that sup pports the We eb Sockets protocol (RFC 6455). 6 DNS Use e the host nam me selected (e.g., ( meet.co ontoso.com an nd schedule.ccontoso.com)) where both D reco ords point to the t same IP; the Reverse Proxy separa ates traffic based on the ho ost. Note: Diagram Legend mponents in the t following diagram are sspecified as ffollows: The com CloudAXIS C Component C ts Identified d by light blue e. Third-Party T Componen nts Identified d by orange. RealPresenc R ce Compon nents Identtified by brightt red. End-Points E Identified by y dark red. Polycom, Inc c. 11 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Figure 1: Polycom RealPresence Platform The RealPresence Platform components work with the CloudAXIS Suite to enable users to create and participate in video conference meetings accessed from a web browser or other hardware and software video endpoints, including mobile devices running the Polycom RealPresence Mobile application. The meetings are scheduled in the Services Portal and joined via the Experience Portal. The Services Portal and Experience Portal run on one or more VMware ESXi 5.x hosts. Scheduling a meeting in the Services Portal requires user or admin account access (see Understanding Account Roles). Participating in meetings, however, only requires access to the Experience Portal via a URL link sent in an email or instant message and a downloaded plug-in. Users may be added to the Services Portal locally or through integration with an enterprise Lightweight Directory Access Protocol (LDAP) server. If LDAP integration is configured, enterprise users may use their network credentials to access and host meetings on the Services Portal and to log into the Experience Portal. To create a scheduled meeting, users log in to the Services Portal, select the Schedule option, choose their meeting options, list the participants they want to invite, and then click on the Schedule button. The Services Portal then contacts the DMA system to create a Virtual Meeting Room (VMR) on an MCU for all participants to join and sends out email notifications to each invited participant via the configured SMTP server. The invitation contains a URL, but can also contain information for SIP, H.323, and ISDN access. When the meeting takes place, the DMA system validates the VMR and routes the call to the destination RealPresence Collaboration Server. When a user creates a meeting that starts immediately (ad hoc), the user’s Experience Portal launches and enables the user to begin inviting participants. The participants may be invited from an aggregated list of the meeting creator’s Facebook, Google Talk™, and/or Skype™ contacts. Accessing Facebook or Polycom, Inc. 12 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Google Talk™ contacts requires that the Services Portal administrator has enabled and provisioned appuser credentials on the relevant service. A user may then download and install a social plug-in to enable social integration by performing the following: Google Talk™ Log into Google Talk service via the Experience Portal. Facebook Log into Facebook service via the Experience Portal. Skype™ Run the Skype software, log in to the Skype service via the Skype software, instruct the Portal to integrate with the Skype session and allow that integration in the Skype client. All of the meeting creator’s contacts that are currently online populate the contacts list in the Experience Portal. When a contact is selected, a URL is sent to the contact on that particular social IM service. The invited participants click the URL or paste it in to their browser to gain access to the meeting. If a Polycom RSS server has been configured for the environment hosting the meeting, the creator of the meeting may select the record meeting option, which records all aspects of the meeting including all video streams, audio streams, and shared content. The Services Portal and the Experience Portal are each packaged in an .OVA file which must be deployed on VMware ESXi hosts using vSphere tools (e.g., VMware vCenter using the vSphere client). Before deployment, be sure all minimum requirements are met as outlined in the next section. Understanding Minimum Requirements Before deploying the Services Portal and the Experience Portal, you must complete the setup worksheets and meet the requirements in Table 2. To complete the worksheets, see Completing Setup Worksheets. Table 2: Minimum Requirements Component Description RealPresence Platform Functioning RealPresence Platform with DMA and sufficient MCU capacity to meet your requirements. For more information, see Understanding the RealPresence Platform. Web Browsers The following web browsers are supported: Microsoft Internet Explorer® v8.0 or higher Mozilla Firefox® v14.0 or higher Google Chrome™ v11.0 or higher Apple Safari v5.0.6 or higher .OVA Latest Experience Portal .OVA file, downloaded to your local machine from the Polycom support site. Latest Services Portal .OVA file, downloaded to your local machine from the Polycom support site. One or more ESXi hosts Must be version 5.0 or higher and support 64-bit VM installations. Using a vSphere client, you must be able to access and administer VMware ESXi hosts either directly or via a vCenter host controller. Polycom, Inc. 13 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Component Description VMware vSphere vCenter controller Optional Dynamic Host Configuration Protocol (DHCP) Allows the portals to obtain their IP addresses. LDAP Server (Optional) Enables Enterprise user’s authentication using their network credentials. Note that currently the Services Portal only supports integration with a Microsoft Active Directory. This feature also enables administrators to import Enterprise LDAP server users. The administrator can edit the imported user’s role or set the user status as inactive. For information on user roles, see Understanding Account Roles. For information on changing imported user accounts, see Editing Accounts Created from the Active Directory. SMTP Server Enables the Services Portal to deliver email meeting invites and other notifications such as user onboarding. Edge Proxy If providing access to external guests, a functioning firewall/NAT traversal element such as RealPresence Access Director or Acme Packet Net-Net Enterprise Session Director is required (see Understanding the RealPresence Platform). This element should be provisioned to allow SIP guest access (required) and H.323 access (optional) to your DMA and MCUs. HTTP Reverse Proxy If providing access to external guests, a functioning HTTP reverse proxy is required. This element should be provisioned to allow HTTPS and web socket access to the Experience Portal and HTTPS access to the Services Portal (optional). End User License Agreement (EULA) Access the EULA for your product at http://support.polycom.com/PolycomService/home/home.htm Polycom, Inc. 14 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Minimum Server Requirements The Services Portal and Experience Portal in the Polycom® RealPresence® CloudAXIS™ Suite are deployed as two virtual machine instances (one for the Services Portal and one for the Experience Portal). Each instance must meet the requirements in the following table. Table 3: Server Components per VM Instance Component Description CPU Each instance must be hosted on a physical CPU with the following clock-speed characteristics: >=2.0 GHz (Intel Xeon E5 Series or better CPU) >=2.5 GHz (Intel Xeon 5500 Series or better CPU) Support 64-bit installations Virtual Cores Each instance must have 8 virtual cores. RAM 8 GB Accessible Storage 100 GB Polycom, Inc. 15 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Learning Port Usage This section lists the ports used to ensure successful network traversal for the Services Portal. Figure 2: Port Usage Diagram Table 4: Port Usage Inbound Protocol/Function Communication Ports HTTP/HTTPS From web clients to the Services and Experience Portals. TCP 443. 80 is also enabled but redirects to 443. Provides web browser access to the User Interface (UI) and REST APIs. Polycom, Inc. 16 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Table 5: Port Usage Outbound Protocol/Function Communication SMTP Between the Services Portal and the organization’s SMTP server Ports TCP 25 for non-secure (SMTP). TCP 587/465 for secure (SMTP-S). LDAP Between the Services Portal and the organization’s LDAP server. TCP 389 for non-secure (LDAP). TCP 636 for secure (LDAP-S). XMPP SIP RTP/RTCP/SRTP/SRTCP Between web clients and external social media services. TCP 5222 Between client endpoints and DMA or the intermediate Edge Proxy (RPAD or Acme.) 5060 (UDP/TCP) /5061 (TLS) Between client endpoints and the MCU or the intermediate Edge Proxy (RPAD or Acme). CloudAXIS Web Client: UDP ports 3230 – 3237 The CloudAXIS Social Plug-in running on a host-user's PC uses this port to communicate with Google Talk™ and Facebook services to get contact presence information and deliver instant message invites. SIP is the signaling protocol used by the CloudAXIS Web Client, RealPresence Mobile, and other SIP endpoints. For the RTP/RTCP/SRTP/SRTCP port range used by other Polycom and third-party products, please see the appropriate product documentation. RTP and SRTP are used to carry visual and audio media between web-based clients and the RMX. RTCP and SRTCP provide outof-band statistics and control information for an associated RTP or SRTP flow. Polycom, Inc. 17 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Protocol/Function Communication Ports BFCP Between client endpoints and the MCU or the intermediate Edge Proxy (RPAD or Acme) 3238 (UDP/TCP) BFCP is the signaling protocol used by SIP clients to negotiate content sharing. Completing Setup Worksheets Before you begin the Services Portal deployment, complete the fields in the My System Values column of each of the Setup Worksheets. As you progress through the configuration, use the information in these worksheets as a reference. Table 6: Setup Worksheet for the LDAP Server Configuration LDAP Options My System Values Description Server Enter the FQDN or IP address of the LDAP Server. Secure Select to establish a secure connection to the LDAP Server. Note: If Secure is selected, upload the trust certificate of the LDAP server in the Service Portal. See Uploading Certificates or Certificate Chain. Port Enter the port number to connect to the LDAP Server. Typical values: 389 for non-secure (LDAP). 636 for secure (LDAP-S). BaseDN Specify the distinguished name (DN) of a subset of the Active Directory hierarchy. This determines the set of users that are able to schedule meetings via the Services Portal. Username Enter the LDAP service account user ID. Password Enter the login password for the service account user ID. Polycom, Inc. 18 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Table 7: Setup Worksheet for the SMTP Server Configuration Server Settings My System Values Description Server Enter the FQDN or IP address of the SMTP Server. Secure Select to establish a secure connection to the SMTP Server. Port After deployment, enter the port to use connect to SMTP Server. Typical values: 25 for non-secure (SMTP). 587/465 for secure (SMTP-S). Login Id After deployment, enter the SMTP service account user ID. Password Enter the login password for the service account user ID. Sender Mail Id Enter the email ID to be used as the return address for notifications sent by the Services Portal. This will typically be configured as a “null” or “no reply” address. Table 8: Setup Worksheet for the Server Settings SMTP Options My System Values Description MEA Server https:// Enter the URL, including the FQDN assigned to the IP address of the Experience Portal. See Accessing the Experience Portal. This information is used in constructing the meeting links. Make sure that this domain name is accessible to all users of the solution including any that may be located outside of the organization. WSP Server https:// Enter the URL including the FQDN assigned to the IP address of the Services Portal. See Accessing the Services Portal. This domain name is used in constructing the login link to Services Portal. Make sure that this domain name is accessible to all users who will access the Services Portal. Polycom, Inc. 19 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Table 9: Setup Worksheet for the DMA Configuration System Configuration Information My System Values Description Name Enter a ‘nickname’ to assign to the DMA system to distinguish it in the Services Portal configuration. Host Enter the FQDN or IP address of an individual DMA or the FQDN of the supercluster's virtual address if the DMA is part of a supercluster. Port Enter the TCP port number to use when communicating with the DMA system. Typically, you will specify port 8443 (corresponding to the https REST API for the DMA system). VMR Prefix Enter the VMR prefix that corresponds to this DMA system. This is optional and for use in environments where dialing plans are used to assign different VMR IDs to be handled by a peered set of DMA systems. Specifying this value allows the portals to know where to direct API requests concerning a particular VMR ID. For example, if DMA-1 had the dialing prefix specified as “1” and DMA-2 had no dialing prefix specified, all portal requests for VMRs with ID “1xxxx” would be directed to DMA-1 and requests concerning any other VMR ID would be directed to DMA-2. Note that the VMR prefix must match what is on the DMA. To set up this value, see the Polycom DMA 7000 System Operations Guide on the Polycom Support site. Default Admin Enter a user account name with an administrative role that exists on the DMA system. Note that if the DMA system is configured to have multiple domains, make sure that the admin user account has access to all the domains and hence can search the VMRs of all users. This typically requires a domain account rather than a local DMA account. See the Polycom DMA 7000 System Operations Guide for more detail on adding MCU Pool orders. Polycom, Inc. 20 RealPresence® CloudAXIS™ Suite Administrators’ Guide System Configuration Information My System Values Software 1.3.1 Description Admin Password Enter the password value defined on the DMA system for the Default Admin account. Owner Domain Enter the domain of the user account assigned for creating meetings in the DMA system. For local domains, enter “LOCAL.” Common SIP Username (Optional) Enter a username to use to authenticate SIP sessions for users who have authenticated with the Services Portal. Common SIP Password (Optional) Enter a password to use in conjunction with the Common SIP Username to authenticate SIP sessions for users who have authenticated with the Services Portal. Owner Username Enter the username assigned for creating meetings in the DMA system. The username must match the name of a user account defined on the DMA system. The user does not need to be an administrator. For information on how to create a username for the DMA system, see the Polycom DMA 7000 System Operations Guide on the Polycom Support site. Generate VMR From Range This is a checkbox option. Selecting this box displays two text boxes for entering a range. This option is used by admins to allow the Service Portal to randomly generate VMR IDs on the DMA within a specified range. This allows admins to separate the temporary VMRs created specifically for CloudAXIS meetings from other VMRs on same DMA. Note that the range must be all positive numbers with a 10 digit maximum. The first text box is for the lowest number of the range and the second text box is for the highest. For example, if entering a range of 123 to 1234, the Services Portal will generate VMRs between 123 and 1234. Polycom, Inc. 21 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Table 10: Setup Worksheet for the DMA Server Access Point Configuration System Configuration Information Location My System Values Description Enter the location name assigned in the Services Portal to identify a particular Access Point available for dialing. A single location may have multiple transport protocols configured for it. Note that an access point is a network location that is routed directly or indirectly to the DMA from where clients or endpoints can connect to participate in a conference. Transport Select the transport protocol associated with the location and dialstring. Select from SIP, H.323, ISDN, and PSTN. For information on provisioning endpoints for SIP, see the Polycom® RealPresence® Resource Manager Operations Guide. For information on enabling SIP calls for mobile apps, see the help files on the Polycom® RealPresence® Mobile support page. Note: It is mandatory that the Experience Portal have at least one SIP AP configured. Dialstring Polycom, Inc. Dialstrings (SIP URI, H.323 E.164 enum, PSTN phone number) are used by a video or audio endpoint to join a conference hosted by the DMA. Typically for SIP and H.323 callers, this string includes the address or domain name (preferred) of the edge traversal device (RPAD or Acme) provisioned to allow external access to this DMA. 22 RealPresence® CloudAXIS™ Suite Administrators’ Guide System Configuration Information My System Values Auth Mode Software 1.3.1 Description Options for this dropdown box include AUTH, NoAUTH, and SHARED. For an access point that may be used by endpoints without access to SIP credentials, select NoAUTH. For an access point that should be used by endpoints that have access to SIP credentials (e.g., authenticated web and RPM client users when the DMA settings have been configured with the Common SIP Username and Password described above), select AUTH. For an access point that may be used by either class of endpoints, select SHARED. Dial Prefix Use this optional field to specify a prefix to prepend to dialing information used when dialing this access point. This prefix can be used by the access point to route the call or to distinguish between callers who are able to authenticate themselves from those that require unauthenticated guest access. Table 11: Setup Worksheet for the Date Time Configuration System Configuration Information NTP Server Polycom, Inc. My System Values Description Enter the Network Time Protocol server FQDN or IP address. The Services Portal synchronizes time and date settings from this server. Entering the NTP will automatically populate the Date and Time fields. Note that the portals are configured to the UTC time zone, and this is not configurable. 23 RealPresence® CloudAXIS™ Suite Administrators’ Guide Software 1.3.1 Getting Help and Support Resources This administrators’ guide includes a Getting Help section where you can find links to Polycom product and support sites and partner sites. You can also find information about The Polycom Community, which provides access to discussion forums you can use to discuss hardware, software, and partner solution topics with your colleagues. To register with the Polycom Community, you will need to create a Polycom online account. The Polycom Community includes access to Polycom support personnel, as well as user-generated hardware, software, and partner solutions topics. You can view top blog posts and participate in threads on any number of recent topics. Polycom, Inc. 24 2: Deploy D ying and a Config C guring g the Porta als The Services Portal an nd Experience e Portal require deploymen nt on a VMwa are EXSi hostt using a vSph here Client adm ministrative GUI. G Our recom mmendation is i to deploy th he Services P Portal first and d the Experience Portal sec cond. Once th hey are both deployed, d log in to the Servvices Portal w with the defau ult super admin credentialls and configu ure the serverr settings then n complete th he Experience e Portal config gurations. Wh hen the config gurations are complete, c the e Services Po ortal is ready ffor adding and managing u users. Once u users receive ac ccess, they ca an use the Se ervices Portall to create me eetings, add ccontacts, and use the Experienc ce Portal to en nable confere ence interactio on. Informatio on on accessing and using g the Servicess Portal is fo ound in the RealPresence R ® CloudAXIS S™ Suite Use er Guide. This chap pter shows you how to deploy and config gure the Servvices Portal. B Before you be egin, confirm all prerequisites and comp plete the Setu up Worksheetts provided, ssee the steps for deploying g and configuring the Servic ces Portal and d the Experience Portal in the following sections of th his chapter. Dep ploying the Se ervices Portal and Experie ence Portal Pa ackages Acc cessing the Se ervices Porta al Acc cessing the Ex xperience Po ortal Con nfiguring the Services S Porttal Con nfiguring the Experience E Portal P Deploying the Se ervices s Porta al and Experience Porta al Pack kages Before yo ou begin, conffirm that you meet m the prerrequisites liste ed in Getting Started, and then deploy tthe Services Portal P and Ex xperience Porrtal .OVA files s to your VMw ware vSphere e EXSi hosts. Note that when the porrtal instances boot up, they y will each atttempt to obta in an IP address via DHCP P. The instan nce IP addres ss and the MA AC address can c be determ mined by acce essing the insstance informa ation using the vSphere Clie ent. Polycom recommends r that the insta ance IP assignments be m made permane ent by modifying your DHCP server’s s confiiguration to map m the curren nt IP addresss or another preferred addrress of your ch hoosing to the e respective in nstance MAC C address. The en, reboot the e instance if n necessary to enable it to t obtain a ne ew address. We also recommend r th hat you modiffy your DNS server s settings to assign a domain name to each insttance based on the permane ent IP address s you have se elected. If DHCP is s not available in your env vironment, eac ch portal insta ance’s IP add dress and nettworking settin ngs may altern natively be co onfigured via the portal’s co onsole. To do o this: 1 Using the vSphe ere console, access a the portal console 2 Log gin using “cax xis” for both yo our username e and passwo ord. 3 Entter the followin ng command to view the current c networrk settings: sh how_networkk_info c. Polycom, Inc 25 4 Entter the followin ng command to modify the e current netw work settings: chang ge_network_ _settings e more inform mation on this DHCP issue at Use Case - Configuring g Static IP Address in a sysstem See whe ere DHCP is in i a 'Disabled d' state. Note: Order of Dep ployment b deployed, accessed, an nd configured d in any logica al relative order. The packages may be der described d in this docum ment, howeve er, is recommended for tho ose unfamiliarr with The ord the ove erall process. Acce essing the Se ervices s Porta al Obtain the e Services Po ortal FQDN prrovisioned via a your DNS se erver, open a browser, and d enter the FQ QDN in the add dress bar. The e Services Po ortal login scre een will displa ay, and you a are now readyy to configure the Services Portal P for use e. For the first Services Porrtal login, ente er ‘admin’ forr both your Ussername and Password d, and accept the End User License Agrreement (EUL LA). Until the EULA is acce epted, no furtther action can n be taken. After acce epting the EULA, change the password for greater se ecurity. For in nformation on n changing passwords, see Chang ging Your Pas ssword. Note that you have a 30-day 3 trial of the service and a licenses ccan be activatted any time d during the tria al. To activate th he license, se ee Activating the t Services Portal Licens e. Troublleshooting: URL (FQDN) Does D Not Resspond If the Se ervices Porta al URL does not n respond, o open the Servvices Portal lo ogin screen and confirm m that the Ngin nx, Apache, or o all servers a are running a as follows: To check the Nginx x, Apache, orr all servers:: 1 Using U the vSphere console or by conneccting via an S SSH client to tthe Services P Portal FQDN, F access s the Services s Portal conso ole. 2 Log L in using “c caxis” for both h your userna ame and passsword. 3 Get G status: ○ Enter the fo ollowing to ge et the Nginx sstatus: service nginx s status ○ Enter the fo ollowing to ge et the Apache e status: serv vices tomca at6 status s ○ Enter the fo ollowing to ge et the status o on all servers:: service --status-al ll 4 Start servers if they are not running, r and restart them iif they are run nning but you u are h proble ems with the link: still having ○ Startup serrvers: servic ces <SomeS Server> sta art ○ Restart serrvers: servic ces <SomeS Server> res start Note: Configuration n Note DN is required d when config guring the Se rvices Portal.. Enter the Se ervices Portal An FQD FQDN you y noted in the t Setup Wo orksheet for th he Server Se ettings. Polycom, Inc c. 26 Polycom, Inc. 27 Acce essing the Ex xperience Po ortal To access the Experience Portal administrativ a ve and proviisioning interface: 1 Obttain the Experrience Portal FQDN provis sioned via you ur DNS server, open eitherr a Chrome or Fire efox browser, and enter the e FQDN in the e address ba ar. Because yo ou must speccify that the con nnection mustt be made to port p 9445 the e full URL of th he server wou uld be https:///<Server FQD DN>:9445. The e Experience Portal login screen s will dis splay. 2 Ente er ‘admin’ for both the Use ername and Password P (as in the above example), an nd click Login n. A sec cond Login screen will appe ear (see below) and reque est that you im mmediately ch hange from th he defa ault ‘admin’ to o a new more e secure and personalized p multi-charactter Username e and Passwo ord. Polycom, Inc c. 28 3 Clic ck Save after you enter you ur new Username and Passsword. Note: Configuration n Note QDN is require ed when conffiguring the Exxperience Po ortal. Enter the e Experience The FQ Portal FQDN F you en ntered in the Setup S Worksh heet for the Server Settings Note: Configuration n Note ess the Experrience Portal directly as an n end-user, en nter the URL To acce https:///<Server FQD DN>. No addittional port nu mber is need ded. Polycom, Inc c. 29 Configuring the Services Portal The Services Portal supports three types of accounts: super admin, admin, and user. Each account type provides a different level of access. Only super admin accounts have access to the Services Portal Settings and Platform Settings screens, and you must log in as a super admin to configure and update the Services Portal settings. For information on the account roles, see Understanding Account Roles. For first-time configurations, log in to the default super admin account and enter the LDAP, SMTP, core settings, and DMA system information in the Services Portal Settings screen. This information enables user management and video conference meeting creation and management functionalities. This section shows you the steps for configuring the Service Portal. Before you begin, you must deploy the Services Portal and Experience Portal packages as described in Deploying the Services Portal and Experience Portal Packages. Perform the first-time configuration steps in the following order: 1 Logging In as the Super Admin 2 Synchronizing Portal Timing 3 Configuring the Connection to the LDAP Server 4 Configuring the Connection to the SMTP Server 5 Configuring Additional Server Settings 6 Configuring Social Policies 7 Configuring the Connection to the DMA System and RPAD Servers 8 Configuring Conference Settings 9 Setting Date and Time 10 Managing Certificates 11 Selecting and Downloading Log Levels Logging In as the Super Admin You must log in as a super admin to configure or update the Services Portal settings. The super admin account has special access to the Settings and Platform Settings tabs that display next. For first-time configurations, log in with the default super admin credentials (Username/Password: admin/admin), and then immediately change the password for security reasons. Super admins can also reset passwords for local users. For information on changing passwords, see Changing Your Password. For information on resetting passwords, see Resetting a Password. Polycom, Inc. 30 Figure 3: Super S Admin Tabs T Admin n Tip: Creating g Additional Super S Adminss When the t Services Portal P is launc ched for the ffirst time, we rrecommend tthat you creatte anotherr super admin n account afte er the configu uration is com mpleted. See C Creating Acco ounts for morre information n. Login with the new superr admin crede entials, and delete the defa ault super admin a accoun nt for secure access. a Synch hronizing Portall Timing g Both the Services S Portal and the Ex xperience Porrtal MUST be configured to o the SAME time zone and d NTP server in order o for Clou udAXIS Recording to work properly. e: NTP Date an nd Time Zone Verification Note Chec ck that the NTP P date and time e zone of your EXSi host mattches the Porta al’s time. The d default time of Instances is s taken from EX XSi, and if that is wrong, the S Services Porta al scheduler can n go out ync. of sy To configure the sa ame time zo one and NTP P server 1. Acc cess the CLI (See ( Appendiix D: CloudAX XIS Restricted d Shell) on either of the tw wo portals usin ng ‘caxis’ for both yourr Username and Password. 2. Select your time zone by usin ng the CLI Command chan nge_timezon ne. See Use C Case - Set Syystem Date Time T in Appen ndix D for deta ails. 3. Syn nc your server with the NTP P server by using the CLI Command nttpdate. See U Use Case - Q Quick Sync System S date-ttime with a Sp pecific NTP se erver in Appe endix D for de etails. Repea at the above 3 steps on the e other portal. Polycom, Inc c. 31 Config guring the t Conn nection to the L LDAP Se erver The LDAP P server enab bles the Services Portal to import extern nal user accou unts from an enterprise, ed dit external user u account default d roles, set external user u accountss as active orr inactive, and d authenticate e user logins. Th his section sho ows you how to configure connection to o the LDAP se erver. You mu ust log in as a super adm min before configuring this connection. For F more info ormation, see Logging In as the Super Admin. Note: Setup Worksheet ection specific cally refers to information e entered in the e Setup Workssheet for the LDAP This se Server Configuration n. Complete the worksheett in advance a and use it as a reference d during nfiguration pro ocess and to obtain o inform ation about e each field. the con To config gure the connection to th he LDAP serv ver: 1 Sele ect SETTING GS > CORE SETTINGS S > LDAP. L The LD DAP Settingss screen (shown next) disp plays. 2 Enter the followin ng in the LDA AP Settings sc creen: ○ Server S Ente er the LDAP FQDN F or IP address. a ○ Secure S Che eck the check kbox to establlish a secure connection. T This is optiona al but recommende r d. Polycom, Inc c. 32 ○ Port P Enter the t LDAP porrt number (typ pically 636 forr secure and 389 for non-ssecure). ○ BaseDN B En nter the disting guished name e entered in tthe Setup Wo orksheet for th he LDAP Servver Configuration C n. ○ Username U AP services account a user ID for system m access to th he Active Dire ectory. Enter the LDA ○ Password P Enter E the login password for f the LDAP services acco ount user ID. 3 Clic ck UPDATE to o finish the co onfiguration, or o click RESE ET to populate e the fields with the most rece ently updated d LDAP inform mation. Config guring the t Conn nection to the S SMTP Se erver The SMTP P server enab bles the Services Portal to send email n notifications to o users when n their accoun nt is created, when w their acc count details are updated, when they arre invited to a meeting, or when a meetting they creatted or have been invited to o is updated or o cancelled. T This section sshows you the steps for configurin ng the connec ction to the SM MTP server. You Y must log in as a superr admin beforre configuring the SMTP serrver. For more e information, see Logging g In as the Su uper Admin. Note: Setup Worksheet ection specific cally refers to information e entered in the e Setup Workssheet for the This se SMTP Server S Config guration. Com mplete the wo rksheet in advance and usse it as a refe erence during the t configuration process and a to obtain information a about each fie eld. Note: Active Directo ory Users The Se ervices Portal considers imported Active e Directory ussers to have e enabled accou unts until ex xplicitly disable ed, and emails are not sen nt when an Acctive Directorry user is impo orted. To config gure the connection to th he SMTP serv ver: 1 Sele ect SETTING GS > CORE SETTINGS S > SMTP. S The S SMTP Settingss screen disp plays as show wn nex xt. Polycom, Inc c. 33 2 Enter the following in the SMTP Settings screen: ○ Server Enter the SMTP FQDN or IP address. ○ Secure Check the checkbox to establish a secure SMTP-S/SSL connection. This is optional but recommended if the SMTP server supports secure connection. ○ Port Enter the SMTP port number (typically 25 for non-secure SMTP and 587 or 465 for SMTP-S) ○ Login Id Enter the SMTP service account user ID. This is not required for non-secure connection. ○ Password Enter the service account user ID login password. This is not required for nonsecure connection. ○ Sender Mail Id Enter the email ID used to send notifications. 3 Click UPDATE to finish the configuration or RESET to populate the fields with the most recently updated SMTP information. Polycom, Inc. 34 Config guring Addition A nal Serve er Settin ngs This section describes how to enterr the locations s of the Servicces Portal and d Experience e Portal servers. The purpo ose of each server is: We eb Services Portal P (WSP) Server hosts s the Servicess Portal. Meeting Experience Applica ation (MEA) Server S hostss the Experien nce Portal. Before yo ou begin, you must be logged in to the Services S Porta al as a super admin. For m more informatiion, see Loggiing In as the Super S Admin. Note: Setup Worksheet This se ection refers to o specific info ormation ente ered in the Se etup Workshee et for the Serrver Settings. Complete the t workshee et in advance, and use it ass a reference during the uration proces ss and to obta ain information n about each field. configu To config gure the additional server settings: 1 Sele ect SETTING GS > CORE SETTINGS S > SERVER S SET TTINGS. The e SERVER SE ETTINGS screen (sho own next) dis splays. 2 Enter the followin ng information in the SERV VER SETTIN NGS screen te ext blocks: ○ MEA M Server Enter the Experience Po ortal’s FQDN ffrom Accessing the Experience Portal ○ WSP W Server Enter the Services S Porta al’s FQDN fro m Accessing the Servicess Portal 3 Clic ck UPDATE to o finish the co onfiguration, or o RESET to populate the fields with the e most recenttly upd dated Server Settings S inforrmation. Polycom, Inc c. 35 Config guring Social S Policies Users can n send conferrence invitatio ons in an insta ant message to any online e contacts liste ed in their Skype™, Facebook, orr Google Talk k™ accounts. How you ena able access tto social conta acts dependss on which soc cial connectorr(s) you want to use: Sky ype™ - To en nable access to Skype™ contacts, selecct the Skype checkbox in tthe Social Po olicy pag ge. Google Talk™ - Enabling access to Goog gle Talk™ con ntacts require es the followin ng steps: a Create C a Goo ogle Talk™ ap pp. See Appe endix A: Creatting a Google e Talk™ App. This app is o only enabled e to sh hare the conta acts lists while e keeping the e usernames, passwords, a and other information i prrivate. b Select S the Go oogle Talk™ checkbox c in th he Social Pollicy page. c Enter E the Clie ent ID and Clie ent Secret, re etrieved from step 10 of Ap ppendix A: Crreating a Goo ogle Talk™ T App. Fac cebook - Ena abling access to Facebook k contacts req uires the follo owing steps: a Create a Fac cebook app. See S Appendix x B: Creating a Facebook A App. This app p is only enab bled to share the con ntacts lists wh hile keeping th he username es, passwordss, and other in nformation private. b Select the Fa acebook chec ckbox in the Social S Policy p page. c Enter the App p ID and the App A Secret, re etrieved step 4 of Appendix B: creating a Facebook App. Note: CloudAXIS Social S Plug-in Access sing any of the e social conne ectors also re equires the ClloudAXIS Soccial Plug-in; th his plug-in is downloade ed when a use er accesses tthe Experiencce Portal men nu’s Contacts ormation, see e the RealPre sence® Clou udAXIS™ Use er Guide. option. For more info This section shows you u how to enab ble and disab ble Skype™, F Facebook, an nd/or Google T Talk™ account access in the Services Portal. Beforre enabling ac ccess to Goog gle Talk™ co ontacts, you m must create a Google Ta alk™ app. Se ee Appendix A: A Creating a Google Talk™ ™ App for mo ore informatio on. Before ena abling Facebook k contacts, yo ou must first create a Faceb book app. Se ee Appendix B B: Creating a Facebook Ap pp for more information. Note that you must log in to the Services Portal as a a super ad dmin before en ocial policy ntering the so settings. For F more information, see Logging In as s the Super A Admin. To configure sociall policies: 1 Select SETTING GS > SOCIAL L POLICY. The SOCIAL PO OLICY SETTI TINGS screen displays: Polycom, Inc c. 36 The e Skype™, Fa acebook, and Google Talk™ social optio ons display. 4 Clic ck the checkboxes for Skyp pe™, Google Talk™, and/o or Facebook to select or deselect the so ocial policy options. Selecting S a checkbox enablles users to a access the acccount type’s ccontact list fro om the Experience Portal; P desele ecting disables s users from accessing the e account typ pe’s contact lisst from m the Experie ence Portal. When selecting Google G Talk™ ™ and/or Face ebook, the Ap pp ID and App p Secret text boxes displayy as sho own next. Polycom, Inc c. 37 5 Ente er the followin ng: ○ Google G Talk™ ™ When selecting Google e Talk™, ente er the followin ng information n: » App ID Enter E the Clien nt ID from ste ep 10 of Appe endix A: Creatting a Google e Talk App. » App Secre et Enter the e Client Secre et from step 1 0 of Appendixx A: Creating a Google Ta alk™ App ○ Facebook F When W selectin ng Facebook, enter the folllowing information: » App ID Enter E the App ID from step 4 of Appendiix B: Creating g a Facebookk App. » App Secre et Enter the App Secret from f step 4 off Appendix B:: Creating a F Facebook App p. 4 Clic ck UPDATE. Polycom, Inc c. 38 Config guring the t Conn nection to the D DMA Sys stem and RPAD D Serve ers This section explains how h to enter configuration c details d for you ur DMA syste em, RPADs, a and access po oints. DMA systtems enable the t Services Portal P to launch online vide eo conference e meetings, R RPADs are external links to the DM MA that enablles firewall tra aversal, and p points of pressence enable you to route e either directly orr indirectly to the DMA. Forr example, an n access poin nt configured w with an FQDN N that points tto the RPAD extternally and points p to the DMA D from with hin the Polyco om network e enables the S Services Porta al to communic cate with the DMA from eitther side of a firewall. You must log in to the Services Porttal as a superr admin beforre entering the e server settings. For more e informatio on, see Loggin ng In as the Super S Admin. Note: Setup Worksheet ection specific cally refers to information e entered in the e Setup Workssheet for the DMA This se Configu uration. Comp plete the work ksheet in adva ance, and use it as a referrence during tthe configu uration proces ss and to obta ain information n about each field. To configure the co onnection to o the DMA system: s Select SETTINGS > DMA CONF FIG. The SET TTINGS scree en displays: From this t SETTING GS screen, you can either Con nfigure a new w DMA connec ction, or Cha ange an existing one. Polycom, Inc c. 39 To configure a new DMA connection: 1. Click +ANOTHER DMA. The DMA CONFIGURATION screen with the following fields and text boxes displays. 2. Enter the appropriate data for each of the following SETTINGS/DMA CONFIGURATION screen fields. All fields marked with an asterisk (*) REQUIRE you to enter data. ○ Name - Enter the name of this DMA system. ○ Host - Enter the DMA system interface FQDN. ○ Port - Enter “8443” as the DMA system communication port. ○ VMR Prefix - Enter the VMR dialing prefix corresponding to this DMA system (4-digit maximum). This is optional. Note that a personal VMR can only be used for CloudAXIS meetings if it exists on one of the DMA systems referenced in the Services Portal configuration, and if the correct DMA system hosting the VMR can be determined using the prefix configuration. If only one DMA system is configured, all VMRs are assumed to have provisioned on it, and no prefix configuration is necessary. ○ Common SIP Username – (optional) Enter a username to use to authenticate SIP sessions for users who have authenticated with the Services Portal. Polycom, Inc. 40 ○ Common C SIP P Password - (optional) En nter a passwo ord to use in conjunction w with the Comm mon SIP S Usernam me to authentic cate SIP sess sions for userrs who have a authenticated with the Servvices Portal. P If a SIP username and a password d are specifie ed here, these e credentials a are provided to authenticated a d CloudAXIS clients c that su upport this fun nctionality (the CloudAXIS web client an nd RealPresence R e Mobile v3.1 and above) so s that they m may respond to a SIP auth hentication challenge c when placing a call. c The purp pose of this fu unctionality is to allow userrs who have authenticated a d via the web interface to establish e an a uthenticated and trusted S SIP session to o the SIP S gatekeep per (typically the t DMA device). This, in tturn, may allo ow more privileged dialing access a to trus sted users of the organizattion. For more info ormation, see Securing SIP P Guest Acce ess. The SIP u username and password specified here should matc ch one of those configured d on the DMA A’s Inbound D Device Authenticatio on settings. Fo or more inform mation on thiss, see the “De evice Authenttication” sectio on in the Polycom DMA 7000 System Operations Guide. ○ Default D Admin - Enter the e DMA system m admin user name. ○ Admin A Passw word - Enter the DMA system admin acccount passw word. ○ Owner O Doma ain - Enter the e domain of th he owner who o creates the meetings. ○ Owner O Usern name - Enter the user nam me of the own ner who create es the meetin ngs. ○ Generate G VM MR range - Se elect to enter the range of numbers allo owed for gene erating VMRs. When W selecte ed, two text bo oxes display (see ( following g partial scree en). 3. Clic ck + ADD ACCESS POINT T to enter you ur access poin nt information n. The ACCES SS POINT po ortion of the screen s displa ays next. Note: Access Pointt An acce ess point is a network loca ation that is ro outed directly or indirectly tto the DMA frrom where clients c or end dpoints can co onnect to partticipate in a c onference. Acccess points are configu urable as follows: Direct D connec ction to DMA Externally E to access a the DM MA via H.323 3 video borderr proxy Externally E routed via a SIP Session Boa ard Controllerr (SBC), includ ding Polycom m Real Presence P Acc cess Director (RPAD), or a any third-partyy session boa arder controlle er IS SDN Audio A dial-in via v Public Switch Telephon ny Network (P PSTN). ent ent or end point could be th he CloudAXIS S Experience e Portal, a sep parate soft clie The clie such as s Polycom Re ealPresence Mobile, M a hard dware applian nce such as P Polycom Grou up Series, or a telephon ne. Polycom, Inc c. 41 4. Entter your acces ss point inform mation from th he Setup Worrksheet for th he DMA Serve er Access Poiint Configuration as follows: Note: Entering Access Points (A AP) he APs in the order that yo ou want the S Services Porta al to use. For example, entter Enter th internall APs first. Als so, note that iti is mandatorry to add at le east one SIP A AP. ○ Location L - En nter a name for f this access s point that de escribes its g geographic loccation or som me other o property y which distin nguishes it from other acce ess points. Th his is optional.. ○ Transport T - From F the drop pdown box, se elect the proto ocol associatted with the access point (S SIP, H323, H ISDN, or PSTN). At this time, you u must not ch hange from th he “SIP” defau ult value or CloudAXIS C will w not function n. ○ Dialstring D - Enter E the dial string that an n endpoint sho ould use to diial the accesss point. Your sstring should s be app propriate for the t specified access point transport type (e.g., an EN NUM for H.32 23). ○ Auth A Mode – Select AUTH H, NoAUTH, or o SHARED. points that ha For an ac ccess point th hat should be used by endp ave access to o SIP credentiials (e.g., autthenticated we eb and RPM client users w when the DMA A settings havve been configure ed with the Co ommon SIP Username U and d Password d described abo ove), select AUTH. For an ac ccess point th hat may be us sed by endpo ints without a access to SIP credentials, sselect NoAUTH H. Select SH HARED in an environmentt where all the e CloudAXIS clients will be e considered as guests orr where all will require auth hentication. ○ Dial D Prefix - Use this optio onal field to sp pecify a prefixx to prepend tto dialing info ormation used d when w dialing this access point. This pre efix can be us ed by the acccess point to route the call or to distinguish d be etween callers s who are ablle to authenticcate themselvves from thosse that require e unauthenticat u ted guest acc cess. Clic ck +ADD ACC CESS POINT T to enter anotther access p point as neede ed. 5. When all needed d DMA Config guration fields s are complete ed, select CO ONFIGURE. Polycom, Inc c. 42 To update an existing DMA connection: 1. Click the icon of the DMA Host you want to configure to the down position. A DMA CONFIG SETTINGS screen with the following fields displays. (See the following two partial screen examples.) With two exceptions, this screen contains the fields and data that you supplied when you first configured a DMA connection. Two new fields - MCU Pool Order and Conference Template – appear when you want to update your DMA connection: MCU Pool Order - Click on the dropdown menu, and select from the list of MCU pool orders available on DMA. This feature is used by the users hosting or joining meetings using CloudAXIS Conference Template - Click on the dropdown menu, and select from the list of Conference templates available on DMA. This feature is applied to all scheduled and ad hoc meetings created on this DMA using CloudAXIS Polycom, Inc. 43 After making selections from the dropdown boxes of the two fields, verify the contents of the other screen fields. After any necessary configuration changes have been made, select CONFIGURE. Polycom, Inc. 44 Configuring Conference Settings This section shows you how to set and control the visibility and functionality of meeting features. To configure conference settings: 1. Select SETTINGS > CONFERENCE SETTINGS. The CONFERENCE SETTINGS screen displays (see next). 2. Enter the following in the CONFERENCE SETTINGS screen options: ○ Passcode mandatory - If selected, an attendee passcode must be set for all meetings before they are started. ○ AdHoc meeting duration - Enter the duration (in minutes) of Meet Now meetings. A default value of 120 displays; minimum settable time is 15 minutes. ○ Buffer time before meeting starts - Enter a buffer time (in minutes). All meetings become active prior to the start of the meeting within the buffer time. By default, a 10 minute buffer time is set: the minimum settable time is 1 minute. ○ Buffer time after meeting ends - Enter a buffer time (in minutes). All meetings will be active after the meeting ends for the buffer time. No default value displays; minimum settable time is 0 minutes. ○ Allow use of PersonalVmr - Select to allow the use of a Personal VMR. When selected, the Use Personal VMR text and checkbox will appear on the Schedule a Meeting screen. Polycom, Inc. 45 ○ Allow use of JoinBridge - Select this checkbox to allow the display and use of the Join Bridge button. When selected, the Join Bridge button is visible on the Schedule a Meeting screen. If not selected, the Join Bridge button does not display. ○ Expose Passcode - Select this checkbox to display the passcode in the email invites and URLs. If not selected, it is assumed that the passcode is to be communicated by the Host through some out-of-band means for greater security. 3. Click SET. Localizing the Services Portal Localize your Services Portal by uploading a language pack made available by Polycom. To upload a language pack: 1. Select SETTINGS > LANGUAGE. The SETTINGS/LANGUAGE PACK screen displays: 2. Click the VIEW Supported languages hyperlink to see a list of the languages that are supported and available on your Services Portal. Polycom, Inc. 46 3. Clic ck CLOSE to return to the SETTINGS/L Language Pacck screen. 4. To upload a new w language pa ack, click on Browse B … , sselect the dessired language pack file fro om your brrowser, and click c UPGRAD DE. You ca an return to an n earlier version of your La anguage Packk by selecting g REVERT TO O THIS VERS SION. Custo omizing the Ema ail Temp plates Customize e the email te emplates you use for creating and send ing meeting a and user acco ount managem ment announce ements. View,, download an nd edit, or rep place any of yyour email tem mplates. e: Factory-defiined Template es Note Only y super admins can edit factorry-defined temp plates. To view an a email template: 1 Sele ect SETTING GS > EMAIL. The T SETTING GS/Customize e email templlates screen d displays: Polycom, Inc c. 47 2 Clic ck View on an ny of the nine existing ema ail templates. T The following g screen appe ears (see sam mple) whe en you click View V for the Meeting M Crea ate-Update Pa articipants te emplate: 3 Clic ck CLOSE to return to the Customize em mail template s screen. Polycom, Inc c. 48 To downlload and edit an email template: 1 Stay ying with the Meeting Create-Update Participants P template as our example,, click Downlo oad to add a that template to your browser b for ed diting. An HTM ML file starts d downloading in the browse er window. 2 Clic ck Save to com mplete the do ownload. To replac ce an email te emplate: 1 Editt the downloa aded template e file in your preferred p text editor. e: Template Ed diting Note Edit templates usin ng the HTML Ed ditor Sublime a at http://www.su ublimetext.com m/ e: HTML Know wledge Note The person editing the template is s assumed to b be familiar with h basic HTML. If he or she inte ends to modify the referenc ces or directive es, they should have a basic u understanding of Apache Velo ocity (http://velocity/apac che.org) 1 Clic ck Replace Te emplate to up pdate any exiisting templatte; the followin ng options ap ppear on yourr scre een: 2 Clic ck on Select Template, T an nd select the HTML H file you u want to update from the b browser window 3 Clic ck Preview an nd Upload to check the loo ok and feel off the template e, and then click Upload to o activate this template. e: HTML File and Template Modification M Note The template file in ncludes both sta andard HTML instructions ass well as Refere ences/Directive es that the vices Portal sub bstitutes with in nstance-specificc details when an individual e e-mail is generrated. Serv Whe en you modify the template, make m sure that vvalid HTML syn ntax is maintained. Refe erences/Directiv ves can be add ded, moved, orr removed, but only the refere ences/directives defined below w as being valiid for the applic cable type of e mail message may be used. e: Template File Size Note The template file size is limited to 1MB per temp plate. If any im mages are linkked in the HTML, ensu ure that these e images are accessible byy any user wh ho may receivve the email. T The user can get the image es from the URL. U Polycom, Inc c. 49 References/Directives in Email Templates The email templates contain references/directives that are used to specify per instance information that can be included in the generated email. These references/directives are dynamically replaced with information specific to the specific meeting or user management operation being reported, Apache Velocity calls variables/methods/conditional statements as “references” and “directives.” These start with a $ tag and a # tag (e.g., $Username, #if, #end). Here is the list of references/directives used in emails concerning user and password management: $FIRSTNAME - First name of the User for which the account was created or the password modified $WSP_URL - URL of the Services Portal on which the account was created or the password modified $USERNAME – The Username the User can use to log into the Services Portal $PASSWORD – The Password the User can use to log into the Services Portal Here is the list of references/directives used in emails concerning meeting invitations and cancellations: $EVENT_STATUS_HEADING – This is set to either “Invitation” or “Update” appropriately depending on whether the email is being sent to announce a new scheduled meeting or one whose details have been modified $EVENT_STATUS_BODY – This is set to either “created” or “updated” appropriately depending on whether the email is being sent to announce a new scheduled meeting or one whose details have been modified. $CREATED_BY_NAME – This is the name of the user who has scheduled the meeting $CREATED_BY_MAIL – This is the email address of the user who has scheduled the meeting $EVENT_NAME – This is the name of the meeting as it was defined in the Services Portal $EVENT_TIME_GMT – This is the scheduled start time of the meeting expressed relative to Greenwich Mean Time $EVENT_DURATION – This is the scheduled duration of the meeting $EVENT_DESCRIPTION – This is the agenda of the meeting as defined in the Services Portal $VMR – This is the VMR number for the meeting $HTTPS – This is the web URL for joining the meeting $PARTICIPANT_CODE – This is the participant passcode required to join the meeting $HOST_CODE – This is the host passcode required to join the meeting with chairperson privileges #set( $geo = "null") #foreach( $endpoint in $endpoints ) #if($geo != $endpoint.getGeoZone()) #set( $geo = $endpoint.getGeoZone()) )#end #end - This construct in the template encloses an iterative loop that is walked so that all the applicable access points (“endpoints” in the script) can be listed in the invitation using the below directives $endpoint.getGeoZone() – This is the location string associated with the current access point Polycom, Inc. 50 $e endpoint.getT Transport() – This is the tra ansport type ((“SIP”, “H.323 3”, “PSTN”, ettc.) associate ed with w the curren nt access poin nt. $e endpoint.getU Url() – This is the dial string g associated with the curre ent access po oint Here are two t sample im mages pointed to the referrences/directivves: Polycom, Inc c. 51 Polycom, Inc c. 52 Resettting Emaiil Templa ates This section shows you u how an ema ail template can be reset to o the default ttemplate thatt was shipped d during ins stallation. Once a te emplate has been b edited, a RESET button displays n next to it as sh hown in the fig gure. Click RESET to o revert to the e ‘factory’ template. Settin ng Date and a Tim me The Services Portal us ses a Network k Time Protoc col Server (NT TP Server) fo or basic clock synchronizattion. This section shows you u how to set the t date and time t for the S Services Porta al. Note: Setup Worksheet) ection specific cally refers to information e entered in the e Setup Workssheet for the Date This se Time Configuration. C e worksheet i n advance, a and use it as a reference du uring Complete the the con nfiguration pro ocess and to obtain o inform ation about e each field. To set the e date and time: 1. Select PLATFOR RM SETTING GS > DATE TIME. The DA TE TIME scre een displays. Polycom, Inc c. 53 2. The e DATE TIME E screen displays with the following f text boxes: ○ NTP N Server - Enter the NT TP server IP address a or FQ QDN to synch hronize the tim me on the Services S Porttal system. Th his value mus st match the d data supplied to the Experiience Portal. ○ Time T Zone - Nothing need ds to be enterred in this field d. This field d displays the time zone of th he Services S Porttal. ○ Date D & Time - Nothing nee eds to be entered in this fie eld. This field d displays the time of the Services S Porttal. 3. Clic ck UPDATE. e: Time Synchronization Note If the e Services Porttal is restarted or data is migrrated from an o old server, clickk UPDATE to sync chronize the tim me between the e NTP server a and the Portal. Manag ging Certificates The Services Portal req quires a secu ure connection n. When a se ecure connecttion is establisshed, the bro owser receives a self-signed certificate or a certificate signed s by a th hird party Cert rtificate Autho ority verifying tthe identity off the Services s Portal. This section describes how to generate self-signe ed certificatess and certifica ate sign reque ests (CSRs); how to view, download, and d delete certificates; and ho ow to upload third-party sig gned and trusst certificates to the Servic ces Portal. Polycom, Inc c. 54 Genera ating Cerrtificates and CSR Rs This section shows you u how to gene erate self-sign ned certificate es and certificcate sign requ uests (CSRs)). You must send d the CSRs to o a third party y Certificate Authority A for a digital signatture then uplo oad the signed certificate e. For uploadin ng certificates s, see Upload ding Certificattes or Certific ate Chain. Note that you must log in as a super admin to cre eate certificattes and CSRss. To determin ne your accou unt type, see Understandin ng Account Roles. R Cautio on: Overwrite Warning Be sure e you need a new certificatte or CSR beffore following g this procedu ure. Generatin ng a new certificate or CS SR overwrites s the previouss. To check, ssee Viewing, Downloading, and s. Deleting Certificates Note: Other Requirrements ated from CSR Rs generated d by the Servicces Portal willl only authen nticate The cerrtificates crea the use er connection to the Services Portal. A sseparate CSR R needs to be e externally generated for the Ex xperience Porrtal and RealP Presence com mponents. Se end the extern nally ertificate and kkey to generated CSR to a Certificate Authority, and then upload tthe signed ce mponents and d Services Po ortal. For uplo ading to the S Services Porttal, see Uploa ading the com Certificates. To generrate certificattes and CSRs: 1 Sele ect PLATFOR RM SETTING GS > CERTIFICATE > Gen nerate CSR/C Certificate. A certificate man nagement scrreen (see nex xt) displays. Polycom, Inc c. 55 2 Enter the following in the certificate management screen: ○ Operation Type Select the Operation Type dropdown box, and choose one of the following: » CSR Generates a Certificate Signing Request (CSR). Send the CSR to a Third Party Certificate Authority for a digital signature then upload the signed certificate to the server. For uploading, see Generating Certificates and CSRs. » Certificate Generates a self-signed certificate. ○ Type Select the dropdown box, and select WebServer. ○ Organization Enter your organization name. ○ Organizational Unit Enter your organization unit information. ○ Country Enter the two letter ISO code for your organization’s country. ○ State Enter your state with full spelling. ○ Location Enter your organization’s city or location. ○ Sub Alternate name Enter the list of host names protected by this certificate. The host names must be separated by commas. 3 Click GENERATE. Polycom, Inc. 56 Note: Restart Serviices Portal Se erver After ge enerating you ur certificate, the t tomcat6 a and nginx serv rvers on the S Services Porta al server must m be resta arted to recog gnize the certiificate. Note tthat a restart is not needed d for generating CSRs. To restart: cess the Servvices Portal F FQDN. 1. Using your SSH client, acc ng [caxis/caxis]. 2. Login as a prrivileged administrator usin 3. Restart serve er: services s <SomeServ ver> resta art Viewin ng, Downloading, and a Deleting Certtificates Super adm mins use the certificate listt to confirm if a certificate i s needed and d to delete ob bsolete certificcates. This section shows you u how to view w, download, and a delete ce ertificates in th he Services P Portal. To view,, download,, or delete certificates c and CSRs: 1 Select PLATFOR RM SETTING GS > CERTIFICATE > Cerrtificate list. T The Certificatte list screen, shown next, display ys any existing g certificates. 2 Select one of the e following op ptions: V ○ VIEW Click to view and/o or download the t certificate . To downloa ad: i. After selec cting VIEW, co opy the entire e hash from ------ BEGIN CERTIFICATE E to ----- END D CERTIFIC CATE ii. Paste the text t in to a tex xt file iii. Rename th he extension .cer. If the file is a CSR, you u can now send the file to a third-party C CA for signing. ○ DELETE D Click to delete the t certificate e. This option is only availa able to WebApp-trust certificates. c Webserver W cerrtificates can only be regen nerated or up ploaded as a C Certificate Authority-sign A ned certificate e. To generate e a WebApp ccertificate, se ee Generating g Certificates and CSRs. C Polycom, Inc c. 57 Cautio on: Deleting Trust T Certifica ates Deleting trust certific cates can break the chain o of certificate ttrust. Upload ding Certtificates or o Certific cate Chaiin uired certifica The Services Portal en nables super admin a users to t upload two o types of requ ates: third parrty certificate es signed by a Certificate Authority A and trust certificattes. Upload th he signed cerrtificate to establish a secure com mmunication with w users and d verify the id dentity informa ation of Servicces Portal servers. Upload the trust certific cate for serve ers that require secure com mmunication ssuch as the A Active Directorry server, SM MTP server, and a DMA system. This sec ction shows yyou how to up pload signed tthird party and d trust certifficates to the Services Porrtal. To uploa ad certificattes: 1 Select PLATFOR RM SETTING GS > CERTIFICATE > Upl oad Certifica ate as shown n next. 2 owing: Perform the follo To upload a third-party sig gned certificates a i. Select the WebServer Own O option in n the Type dro opdown menu u. ii. C File Click the Choose button. iii. Navigate to o the certifica ate or certifica ate chain, and d select Open n. Polycom, Inc c. 58 iv v. Click UPLO OAD. b To upload a trust t certificatte. i. Select the WebServer Trust T option in n the Type dro opdown menu. ii. Click . iii. Navigate to o the certifica ate, and selec ct Open. iv v. Click UPLO OAD. e: Upload Certtificates Brows ser Requirem ents Note Uplo oading certificattes is only supp ported in Intern net Explorer 10 0 or higher. If yo ou have Internet Explorer 8 or 9, use e another brow wser (e.g., Chro ome or Firefox)) to upload certtificates. Note: Restart Serviices Portal Se erver After up ploading the third-party t sig gned certificatte, the NGINX X and Tomcatt servers musst be restarte ed to recogniz ze the certifica ate. If you are e uploading a trust certifica ate, only the Tomcatt server needs to be restarrted. To restart: here console or by conneccting via an SS SH client to th he Services P Portal 1 Using the vSph DN, access th he Services Portal console . FQD 2 Lo og in using “c caxis” for both h your userna ame and passsword. 3 Restart R servers s by entering the command d: services s <SomeServ ver> resta art Selectting and d Downloading Log Lev vels The Services Portal log g levels are lis sted by hierarrchy and disp played in a dro opdown menu. When you select a lo og level, the Services S Porta al prints the selected s level , along with a all the lower le evels, to a log g file that can be b downloade ed. This section explains each e log level, shows you how h to select a log level to o print, and sh hows you how w to download the log file. To selectt a log level or o download the log file: 1 Sele ect PLATFOR RM SETTING GS > LOGS. The T logs leve l options scre een displays a as shown nexxt. Polycom, Inc c. 59 2 Sele ect the Level dropdown me enu to display y all log level options, in hiierarchical ord der, as shown n nex xt. 3 Cho oose one of th he following lo og levels: ○ ALL A Turns on o all logging g. ○ TRACE T Logs finer-grain ned informatio on than Debug g. These logss are also helpful for debug gging. ○ DEBUG D Log gs fine-graine ed information n that are help pful for debug gging. ○ INFO I Logs messages tha at highlight th he progress off the application at a coarsse-grained levvel. ○ WARN W Logs s potentially harmful h situattions. ○ ERROR E Log gs errors thatt might still allow the Servicces Portal to keep running. ○ OFF O Turns off the logging. Note: Log Level Hie erarchy s all le evels beneath h the selected d level are alsso printed. Fo or When a log level is selected, examplle, selecting Info will print the t Info, Debu ug, and Trace e levels. 4 Sele ect one of the e following op ptions: ○ Click C UPDAT TE to begin printing from the selected levvel. ○ Click C DOWNL LOAD to dow wnload the log g file. Polycom, Inc c. 60 Updating Services Portal Software To deploy an updated version of Services Portal software, do the following: Obtain the new Services Portal software OVA file Deploy the file using the instructions in “Deploying the Services Portal and Experience Portal Packages” Use the instructions that follow to migrate the provisioning and state information from the existing server running the older software to this new instance Migration Process Before you begin the upgrade process, verify that you have already loaded the correct certificates on the VM that you wish to migrate the settings to, i.e., the new Services Portal. No action needs to be taken on the older Services Portal during this migration process. To migrate your settings: 1. Accessing the Migration Interface In the Services Portal, navigate to PLATFORM SETTINGS, and click MIGRATE. Polycom, Inc. 61 2. Entter the Admin Credentials To validatte the user rig ghts, enter the e admin usern name and passsword for the new Servicces Portal. 3. Verrify and Begin n Migration Read the final disclaim mer, and click YES Y when yo ou are ready tto begin the m migration. Polycom, Inc c. 62 4. Enter the old Services Portal’s Information Enter the hostname (FQDN), admin username, and admin password for the Services Portal from which you want to migrate the settings and database. Select MIGRATE when finished. Polycom, Inc. 63 5. Mig grating Setting gs and Databa ase Wait for th he User Interfface to indicate that the infformation from m the old Servvices Portal h has been successfu ully imported. Once this import has finished, the Servvices Portal w will take a whille to do an intternal configurattion before re ebooting itself. 6. Verrifying Migratio on When the e Services Portal VM has re estarted, log in with the ad dmin credentia als from the o old Services P Portal, and verify y that the settiings are corre ect. Note: Verifying Mig gration he data is suc ccessfully mig grated, make sure that the DNS recordss are updated d to Once th point to o the new Serrvices Portal. Polycom, Inc c. 64 Activa ating Lic censes License activation a for the Services Portal P and the e Experience Portal is done through the e Services Po ortal. The Services Portal license, which is your CloudA AXIS productt license, musst be activated d before you can configure the Services Portal. The Experience E Po ortal license, which lets yo ou determine tthe number o of CloudAXIS product use ers, must also o be activated d. Activate your y licenses in either an online o or an offfline mode. O Online and offfline license d deactivation iss also available. e: Experience Portal URL Note The Experience Po ortal license URL U must be c configured be efore setting E Experience Portal nses on the Se ervices Portal. licen To activa ate the Servic ces Portal lic cense from th he online mo ode: 1. Ope en your Services Portal, an nd log in (“admin/admin”) a as a super ad dmin as in the e following scrreen. 2. Select PLATFOR RM SETTING GS > LICENSE. The follow wing screen, in n the default O Online Activa ation mode, displays. Polycom, Inc c. 65 3. Activate your Services Portal license by entering your three Activation Keys in the appropriate Activation Key block. (These Activation Keys will have been sent to you in an email after your purchase of a CloudAXIS product.) For example, you will receive your activation key information in the following format in an email. 4. Click ACTIVATE, and your screen will refresh with the License activated successfully message as in the following sample display. Polycom, Inc. 66 To deactivate any of your licenses, click on the Deactivate option in the appropriate Activation Key field. 5. (Optional) Click + ACTIVATE MORE USERS to activate an additional 100 users, To activate the Services Portal license from the offline mode: 1 Select PLATFORM SETTINGS > LICENSE 2 Select Offline Activation from the Mode: dropdown box. The following screen displays: Polycom, Inc. 67 3 Cop py the Service es Portal Activation Key yo ou received in n an email, an nd Paste it intto the Service e Portal Activation Key: K block on n your screen.. 4 Select Download Activation Request File e. The Activa ation Requestt File downloa ads. 5 Sen nd the Activattion Request File you have e just downloa aded, along w with your Hostt/Device ID (w which is foun nd just above the Service Portal P Activatiion Key: field)) in an email tto your Polyco om License Administrator. An Activation A Response File is automaticallyy sent back to o you. 6 Clic ck Choose File to select and upload your Activation Response File. Repeat stteps 3 to 6 ab bove to activate the Experie ence Portal w while in the Offfline mode. 7 Clic ck ACTIVATE E to activate th he Services Portal P license . To activa ate the Experrience Portal connection to the Servic ces Portal 1 Ope en the Experie ence Portal, and a log in using ‘admin’ ass both your Usser Name and d Password. Polycom, Inc c. 68 2 Whe en the Experiience Portal opens, o select Settings > E Environment > General Settings. The Gen neral Settings s screen displlays. 3 Firs st, in the License Server URL U field block k (see next sccreen), enter the URL of th he Services P Portal bein ng used to pro ocure your lic censing inform mation. 4 Nex xt, in the Licen nse Server Credentials fielld, enter the U Username an nd Password b being used to o acc cess the Licen nse Server. Polycom, Inc c. 69 5 Clic ck Submit, and d then select Maintenance e > Tools > Ap pply Configurration. 6 Whe en the Apply Configuration n screen displlays, click Go o to apply the configuration n. This s will display the license in nformation forr the Experien nce Portal. To view the t license in nformation in n the Experie ence Portal 1. Select Maintena ance > Tools > Get Licens se Info. 2. Clic ck Go to get your y Experien nce Portal lice ense informatiion as in the ffollowing sam mple screen: Polycom, Inc c. 70 Config guring Proxy P Se ettings To config gure your pro oxy settings in the Servic ces Portal 1. Ope en the Service es Portal, and d log in (“adm min/admin”) ass a super adm min. 2. Select Platform Settings > Proxy. P By deffault, proxy co onfigurations are not enablled. A proxy ccan be con nfigured as eitther Authentic cated or Non--authenticated d. e: Proxy Support Note For Software S Rele ease 1.3.1, we only support HTTP Forward d Proxy. Polycom, Inc c. 71 Configuring a Non-Authenticated Proxy 1. In the Proxy Settings screen (see next), enter the proxy Server IP address and Port information. 2. Click UPDATE. Configuring an Authenticated Proxy 1. In the Proxy Settings screen, enter the proxy Server IP address and Port information. 2. Select the Yes checkbox for the Authentication Proxy field. User Id and Password fields will display. Enter your information for these two fields, and select UPDATE. Polycom, Inc. 72 Disabling a Proxy 1. Select the No checkbox for Authentication Proxy. 2. Delete the entries in the Server and Port fields. 3. Select UPDATE. Configuring the Experience Portal Before configuring the Experience Portal, you must have the address for the DMA/conference provider, deploy the Experience Portal, and activate the Experience Portal license. For deploying the Experience Portal, see Deploying the Services Portal and Experience Portal Packages. For activating the Experience Portal license, see the previous section in this manual. When the Experience Portal server is online, opening the URL https://<Experience Portal FQDN>:9445 in your default browser will launch the Experience Portal Administration application and enable you to configure the Experience Portal server. The Administration application has a number screens, each containing fields that require specific values. This section is divided by screen name and uses tables with field names and value descriptions to help you configure the Experience Portal. The Experience Portal configurations are saved in the settings.json file, which can be exported and saved as a backup or imported to another Experience Portal server. Polycom, Inc. 73 This section explains how to set the Experience Portal configurations with the Experience Portal Administration tool and is divided as follows: Configuring the Server Settings Configuring the Environment General Settings Configuring the Meeting Hosts Configuring DMA Settings Configuring the VMR Settings Configuring Connection Settings Configuring Authentication Provider Settings Viewing Experience Portal Log Files Applying Experience Portal Configurations Setting System Administration UI Properties Updating Experience Portal Software Exporting the Experience Portal Configuration File Importing the Experience Portal Configuration File In order to deploy an updated version of Experience Portal software you must do the following: Obtain the new Experience Portal software OVA file Deploy this file using the instructions in Deploying the Services Portal and Experience Portal Packages Use the instructions that follow to migrate the provisioning and state information from the existing server using the older software to this new instance. Configuring the Server Settings This section has a table with field names and value descriptions to help you configure the server settings in the System Administration application. This configuration applies to the entire server instance across all configured environments. To configure the Server Settings: 1 With the System Administration application open in your browser, select Settings > Server as in the following example screen portion. The screen displays a list of text box fields as in the following Server screen. Polycom, Inc. 74 2 The Server Fields table, shown next, contains a list of fields found in the System Administration application’s Server screen. The value descriptions for each field listed in the table can help you to determine the values you need to enter in the Server screen. Table 12: Server Fields Field Name Value/Description Log Level Determines what levels of logging show up in the log files. Available options: trace, error, debug, and info. See Understanding Log Settings below. Log Target Determines where the log output is sent. Available options: console, file, and syslog. See Understanding Log Settings below. License Server URL This is the URL of the Services Portal used to get the Licensing information. License Server Credentials This is the Username and Password used to access the License server. Polycom, Inc. 75 3 Click Submit. Understanding Log Settings This section provides essential information on the Log Level and the Log Target settings. To set Log Levels, add the desired levels to the Log Level text field. These added levels must be separated by a comma with no spaces between them. Only Log Levels in the field will be written out to the Log Targets. Table 13: Log Levels Log Level Value/Description Error Shows only error tagged messages that indicate that a serious issue has occurred on the server. This is the default Log Level. Info Shows informational messages, with minimal detail, that highlight the progress of the application. Debug Shows informational messages, with more detail, that highlight the progress of the application. Trace Shows informational messages, with maximum detail, that highlight the progress of the application. To set Log Targets, add the desired targets to the Log Target text field. These targets must be separated by a comma with no spaces between them. Only Log Targets in the field will get the Log Level information sent to them. Table 14: Log Targets Log Target Value/Description Console Sends the log data to the CLI interface for real-time analysis. The log data sent to the target is defined by the Log Level. File Sends the log data to the log files available in the Administration System user interface. The log data sent to the target is defined by the Log Level; this is one of the default Log Targets. Syslog Sends the log data to a syslog server. The log data sent to the target is defined by the Log Level; this is one of the default Log Targets. Polycom, Inc. 76 Cautio on: Log Level and Log Targ get Settings To enable more than n the default Log L Level and d Log Targetss, be aware th hat the log file es will a y deleted and may use all o of the remainiing disk space e on your drivve. not be automatically Config guring the t Environmen nt Generral Settin ngs This section will help you configure the general settings s in the e Administratio on application n. The General Settings applies a to all subcomponen s nts within the specified envvironment. To config gure the Gen neral Settings s: 1 With the System Administratio on application n open in you r browser, at the Settings s tab select Env vironment > General Setttings as show wn in the follo owing screen example. The e screen displlays a list of te ext box fields s as shown in the next scre eens. Polycom, Inc c. 77 2 The General Settings Fields table, shown next, contains a list of fields found in the System Administration application’s General Settings screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the General Settings screen. After all values are entered, select Submit. Table 15: General Settings Fields Field Name Value/Description description Enter a short description of the environment. enabled Controls whether or not the environment is enabled. Must be selected to enable the environment. Shared Secret The shared secret key for the environment used for secure communications. This SHOULD NOT be modified by the user. Polycom, Inc. 78 Field Name Value/Description SSL Proxy Type This is the method used to proxy internally from the internal URL port to the host. In TCP mode, traffic is routed to host 0. Do not modify from TCP default unless instructed to. Secure External Address The address that external users will use to connect to the Experience Portal. External Address (non-secure) The non-secure address that external users will use to connect to the Experience Portal. By default, reroutes to the secure address. Secure Internal Address The address that internal users will be forwarded to when trying to connect to the Experience Portal. Internal Address (non-secure) The non-secure address that internal users will get when trying to connect to the Experience Portal. By default, reroutes to the secure address. certificates certificates[0].certificate The raw text of the SSL identity certificate for the environment. certificates[0].key The raw text of the private key used to generate the certificate’s CSR. certificates[0].usage Polycom, Inc. Select server or trustedroot from the dropdown menu to determine how the certificate file pair is used by the VM. 79 Configuring the Meeting Hosts This section uses a table with field names and value descriptions to help you configure the Meeting Host settings in the Administration app. The Meeting Host is the service responsible for serving the user interface to the end-user and acts as a broker between all components in the system. To configure the Meeting Hosts: 1 With the System Administration application open in your browser, select Settings > Environment > Meeting Hosts as shown next. The screen displays a list of text box fields in two areas of the Meeting Hosts screen. Note that the top half of this screen, shown next, contains the fields listed in the Meeting Hosts Fields section and the authmatch section. The bottom half of the screen contains the fields listed in the Lobby Rule Fields table. 2 The Meeting Hosts Fields table, shown next, contains a list of fields found in the System Administration app’s Meeting Hosts screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the fields at the top of the Meeting Hosts screen text boxes. See step 3 for the fields listed under authmatch. Polycom, Inc. 80 Table 16: Meeting Hosts Fields Field Name Value/Description Default Skin Enter the CCS skin to be applied to the meeting UI. This SHOULD NOT BE MODIFIED unless otherwise specified. Authmatch The authmatch lists rules made up of three fields: Match, Property, and Realm. The rules can be dragged into a specific order. The authentication matching stops when it matches the first rule. The authmatch field descriptions follow: Match - Enter a regular expression that you want the property to match to for authentication. For example, if you only want to authenticate users with a Polycom.com email address, you would use the regular expression “.+@polycom.com$”. Property - This is the data type that you want to apply the Match regular expression to. Based on the user information entered, at least one rule is needed for UserAddress, SSOSource, and SSOUsername. Realm - The target authentication realm is the SERVICES PORTAL server that you want to authenticate the rule against. For UserAddress and SSOSource, this can be a pointer to the WSPAuth Realm list using the $#, with $1 referencing the first element in the list, and so on. For the SSOUsername, you should explicitly enter the SERVICES PORTAL address. Lobby Rules are used to determine the meeting experience behavior when an attendee joins a meeting. This can include aspects such as the visual skin they see. The Lobby Rule Fields table contains a list of fields listed under the Meeting Hosts screen’s Lobby Rules section, shown next. Use the value descriptions for each field listed in the table to determine the values to enter in the Lobby Rule screen. Note that multiple Lobby Rules can be set. Drag the Lobby Rules to determine the order of rules. The meeting matching stops when a match is made. Polycom, Inc. 81 Table 17: Lobby Rule Fields Field Name Value Match Enter a regular expression for the matching VMRs that you want to allow access to this lobby. For ad hoc meetings (i.e., Meet Now), you should use a catch-all expression similar to ^[0-9]+ to allow any VMR number to work. Property This is what you want to apply the rule to, and can be either the lobby code or the host. Route This is the internal route for the lobby code match. Unless there is an explicit reason, this route SHOULD NOT be modified. Polycom, Inc. 82 Field Na ame Value Skin The CSS sskin that will b be applied to meetings matching tthis Lobby Ru ule. This SHO OULD NOT BE E MODIFIED D unless othe erwise specifie ed. 5 Clic ck Submit. e: Lobby Rule Route Note To disable users fro om directly dialing a VMR or JJoin Bridge fun nctionality, the Lobby Rule forr Route adho oc.cloudaxis loc cal should be ^$. ^ Config guring DMA D Setttings This section describes the steps use ed to configurre the DMA s ettings in the Administratio on application n. gure the DMA A Settings To config 1 With the System Administratio on application n open in you r browser, se elect the Settiings tab at the top, and d then Enviro onment (default.local) > Agents A > DMA A Settings as shown nextt. The e DMA Setting gs screen displays (see following two sccreens). Polycom, Inc c. 83 Polycom, Inc. 84 2 The DMA Settings Fields table contains a list of the fields found in the System Administration application’s DMA Settings screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the DMA Settings screen. Table 18: DMA Settings Fields Field Name Value/Description Run Locally Specifies whether the DMA agent is running on this server or on a remote server in accordance with the future roadmap. For this release, this option should ALWAYS be checked. Polycom, Inc. 85 Field Name Value/Description Startup Delay If there is a need to slow down the time between when the server starts and this agent starts, the number of seconds to delay startup should be entered here. This is especially relevant on older, slower servers. Auto Restart Determines if the agent can be automatically restarted when the configuration updates. This can affect call stability and is enabled by default. Agent Type Describes the type of agent this is. For the DMA, the correct agent type is realpresence-platform/ polycom.ccs.agent.rp-platform. Roles Describes which one of multiple role types should be assigned to an agent. For the DMA, select ExternalConferenceProvider. Experience Portal URL This field is for future product functionality. For now, leave blank unless explicitly instructed to do otherwise. Target Url This is the full URL of the DMA in the format https://<admin username>:<admin password> @<DMA address>:8443/api/rest Target Credentials Enter your Username and Password to access this resource. Enforce Certificate Validation Check this option to verify the DMA’s certificate as a security measure. Routes This is a list of routes from the Lobby Codes that the agent has access to. The routes in this list are separated by commas, and there are NO spaces between any of the list elements. By default, this list should not be changed. listenurl This is the port and REST API information that the server needs to communicate with the DMA. DO NOT change unless explicitly instructed to. Prefixes Enter the DMA prefix if one has been previously configured.. Enter 0 if no prefix is used. 3 Click Submit. Polycom, Inc. 86 Configuring the VMR Settings This section includes a table with field names and value descriptions to help you configure the VMR settings in the Administration application. To configure the Personal VMR Settings 1 With the System Administration application open in your browser, select the following menu path: Settings > Environment > Agents > VMR Settings (see following screen). The resultant Personal VMR screen displays a list of text fields. A partial Personal VMR screen with its initial data fields is shown next. Polycom, Inc. 87 2 The Personal VMR Settings Fields table that follows contains the complete list of text fields found on the Personal VMR Settings screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the Personal VMR Settings screen. Do not enter or change the value of any field that is not listed in Table 19. Table 19: Personal VMR Settings Fields Field Name Value/Description Run Locally Specifies whether the DMA agent is running on this server or on a remote Startup Delay If there is a need to slow down the time between when the server and the agent start, the number of seconds to delay startup should be entered here. This is especially relevant on older, slower servers. Polycom, Inc. 88 Field Name Value/Description Auto Restart Determines if the agent can be automatically restarted when the configuration updates. This can affect call stability and is enabled by default. Agent Type Describes the type of agent. The correct type for VMR agents is static/polycom.mea.agent.wsp-static Roles Describes which role type should be assigned to an agent. In the Role dropdown box, select ConferenceManager for your Personal VMR agent. To add agent roles, click on the button. Experience Portal URL This field is for future product functionality. For now, leave blank unless explicitly told to do otherwise. Target Url The URL of the DMA or the Services Portal. Target Credentials Enter your Username and Password to access this resource. Enforce Certificate Validation Check this option to verify the DMA’s certificate as a security measure, On by default. Routes This is a list of routes from the Lobby Codes that the agent has access to. The routes in this list are separated by commas, and there are NO spaces between any of the list elements. By default, this list should not be changed. Template Template.LobbyCode This is the lobby code to be used. Leave it at its default value unless explicitly told otherwise. Template.LobbyRoute This is the lobby route to be used when accessing a bridge meeting. Template.Description This describes what the template is about and for. Template.OrganizerUserEmail After the @ symbol, this is the email domain that allows users access to the VMRs Template.ExitMeeting Actions Template.ExitMeetingActions[#].Role The user role to which the exit point will be assigned. 2 is for Participant, 3 is for Presenter. Template.ExitMeetingActions[#].Url The address that users exiting the meeting will be taken to. Click the button to add additional user roles and meeting exit URLs. Polycom, Inc. 89 Field Na ame Value/Desscription Template.ExternalConferences Template.ExternalConferences[#]. AccessP Points Template.ExternalConferences[#]. AccessP Points[#].DialS String al string for co onnecting to V VMRs. Modifyy The full dia the addresss after the @ symbol to point to the DMA/RPA AD. Value Note: Dial Prefix V Dial Prefix partt of this selectio on The D shou ld match the A Auth Mode value e in the D DMA Config scrreen of the Serrvices Porta al. Template.ExternalConferences[#]. AccessP Points[#].Loca ation This shoulld match the llocation of the e POP in the Services P Portal for the DMA. Template.ExternalConferences[#]. AccessP Points[#].POP PAddress The addre ess of the DMA A/RPAD to be e used; this iss the same a as configured d on the Serviices Portal. Template.ExternalConferences[#]. AccessP Points[#].Transport The transp port type shou uld be SIP un nless stated otherwise.. Template.ExternalConferences[#]. AccessP Points[#].AuthenticationMode This is the e Authenticatio on Mode you want to assig gn to your acccess points. T The Authenticcation Mode selection h here should m match the Autth Mode value e in the DMA C Config screen n of the Servicces Portal. Template.ExternalConferences[#]. Conferen nceId This is the e conference IID code for esstablishing connection ns to VMRs. D Do Not chang ge unless instructed to. Template.ExternalConferences[#]. SharedC Credentials Enter the sshared SIP crredentials if th he AUTH mod de is set. Usernam me/Password Template.FeatureExtensions enu. Template.FeatureExtensions[#].me autoopen.query uture release feature; do n not edit. This is a fu Template.FeatureExtensions[#].me enu. autoopen.value This is a fu uture release feature; do n not edit. Polycom, Inc c. 90 Field Name Value/Description Template.FeatureExtensions[#].menu. frameid This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. menulocation This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. menurank This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. menuname This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. permissions This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. permissions[#] This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. resourcelocation This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. titleKey This is a future release feature; do not edit. Template.FeatureExtensions[#].menu.title This is a future release feature; do not edit. Template.FeatureExtensions[#].menu.type This is a future release feature; do not edit. Template.Settings. AllowAnonymousParticipants Controls whether anonymous participants are allowed into VMRs. Template.Settings. AuthenticatedUsersHostDomainJoinAs Controls the role a domain authenticated user is given when joining a VMR. Template.Settings. AuthenticatedUsersOtherDomainJoinAs Controls the role a non-domain authenticated user is given when joining a VMR. Template.Settings.DefaultSurfaceHeight Do not edit this variable. Template.Settings.DefaultSurfaceWidth Do not edit this variable. Template.Settings.HelpUrl This is a future release feature; do not edit. Template.Settings.Locked Do not edit this variable. Template.Settings.GeoLocation Do not edit this variable. Template.Settings.RecordingAvailable Do not edit this variable. Template.Settings.RequireDisplayName Do not edit this variable. Polycom, Inc. 91 Field Name Value/Description Template.Settings.RequireEmailAddress Do not edit this variable. Template.Settings.VideoPreference Do not edit this variable. Template.Settings.VideoPreference[#] Do not edit this variable. Add additional fields by clicking on the button. Click Submit. Polycom, Inc. 92 Configuring Connection Settings This section provides the field names and value descriptions needed to configure the Services Portal Connection (WSPConf) settings in the Administration application. 1. With the System Administration application open in your browser, make the following selections as shown below: Settings > Environment > Agents > WSPConf Settings. The following screen sample shows the initial data fields in the WSPConf Settings screen selection. Table 20 contains the complete list of these data field names with their value descriptions and includes nearly forty Template fields. Polycom, Inc. 93 Table 20: Conference Manager Agent on WSP Fields Field Name Value/Description Run Locally Specifies whether the DMA agent is running on this server or on a remote Startup Delay If there is a need to slow down the time between when the server starts and this agent starts, the number of seconds to delay startup should be entered here. This is especially relevant on older, slower servers. Auto Restart Determines if the agent can be automatically restarted when the configuration updates. This can affect call stability and is enabled by default. Agent Type Describes the type of agent this is. For WSPConf, the correct agent type is wsp-conferences/ polycom.mea.agent.wsp-conferences. Roles Describes which one of multiple role types should be assigned to an agent. Select Conference Manager for WSPConf. Experience Portal URL This field is for future product functionality. For now, leave blank unless explicitly told to do otherwise. Target Url This is the URL of the DMA (including the port for API communication) or the URL of the Services Portal (for a scheduling or authentication agent). Example: https:// servicesportal.example.com Target Credentials Enter your Username and Password to access this resource. Enforce Certificate Validation Check this option to verify the DMA’s certificate as a security measure. Routes This is a list of routes from the Lobby Codes that the agent has access to. The routes in this list are separated by commas, and there are NO spaces between any of the list elements. By default, this list should not be changed. Template Template.LobbyCode This is a future release feature; do not edit. Template.LobbyRoute This is a future release feature; do not edit. Polycom, Inc. 94 Template.Description This describes what the template is about and for. Template.OrganizerUserEmail This is a future release feature; do not edit. Template.ExitMeeting Actions This is a future release feature; do not edit. Template.ExitMeetingActions[#].Role Template.ExitMeetingActions[#].Url This is a future release feature; do not edit. Template.ExternalConferences This is a future release feature; do not edit. Template.ExternalConferences[#]. AccessPoints Template.ExternalConferences[#]. AccessPoints[#].DialString This is a future release feature; do not edit. Template.ExternalConferences[#]. AccessPoints[#].Location This is a future release feature; do not edit. Template.ExternalConferences[#]. AccessPoints[#].POPAddress This is a future release feature; do not edit. Template.ExternalConferences[#]. AccessPoints[#].Transport This is a future release feature; do not edit. Template.ExternalConferences[#]. AccessPoints[#].AuthenticationMode This is the Authentication Mode you want to assign to your access points. The Authentication Mode selection here should match the DMA value on the Services Portal. Template.ExternalConferences[#]. ConferenceId This is a future release feature; do not edit. Template.ExternalConferences[#]. SharedCredentials Enter the shared SIP credentials if the AUTH mode is set. Username/Password Template.FeatureExtensions This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. autoopen.query Template.FeatureExtensions[#].menu. autoopen.value This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. frameid This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. menulocation This is a future release feature; do not edit. Polycom, Inc. 95 Template.FeatureExtensions[#].menu. menurank This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. menuname This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. permissions This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. permissions[#] This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. resourcelocation This is a future release feature; do not edit. Template.FeatureExtensions[#].menu. titleKey This is a future release feature; do not edit. Template.FeatureExtensions[#].menu.title This is a future release feature; do not edit. Template.FeatureExtensions[#].menu.type This is a future release feature; do not edit. Template.Settings. AllowAnonymousParticipants This is a future release feature; do not edit. Template.Settings. AuthenticatedUsersHostDomainJoinAs This is a future release feature; do not edit. Template.Settings. AuthenticatedUsersOtherDomainJoinAs This is a future release feature; do not edit. Template.Settings.DefaultSurfaceHeight This is a future release feature; do not edit. Template.Settings.DefaultSurfaceWidth This is a future release feature; do not edit. Template.Settings.HelpUrl This is a future release feature; do not edit. Template.Settings.Locked This is a future release feature; do not edit. Template.Settings.GeoLocation This is a future release feature; do not edit. Template.Settings.RecordingAvailabled This is a future release feature; do not edit. Template.Settings.RequireDisplayName This is a future release feature; do not edit. Template.Settings.RequireEmailAddress This is a future release feature; do not edit. Template.Settings.VideoPreference This is a future release feature; do not edit. Template.Settings.VideoPreference[#] This is a future release feature; do not edit. 2. Click Submit when you have finished your configuration. Polycom, Inc. 96 Configuring Authentication Provider Settings This section uses a table with field names and value descriptions to help you configure the Services Portal Authentication Provider (WSPAuth) settings in the System Administration application. To configure the WSPAuth Settings 1 With the System Administration application open in your browser, select the Settings tab at the top, and then > Environment > Agents > WSPAuth Settings as in the following screen. The screen displays a list of text box fields as shown in the next two screen samples: Polycom, Inc. 97 2 The WSPAuth Settings Fields table that follows contains a list of fields found in the System Administration application’s WSPAuth Settings screen. Use the value descriptions for each field listed in the table to determine the values you need to enter in the WSPAuth Settings screen. Table 21: WSPAuth Settings Fields Field Name Value/Description Run Locally Specifies whether the DMA agent is running on this server or on a remote server in accordance with the future roadmap. For this release, this option should ALWAYS be checked. Startup Delay If you must slow down the time between when the server starts and this agent starts, the number of seconds to delay startup should be entered here. This is especially relevant on older, slower servers. Auto Restart Determines if the agent can be automatically restarted when the configuration updates. This can affect call stability and is enabled by default. Polycom, Inc. 98 Agent Type Describes the type of agent this is. For WSPAuth, the correct agent type is wsp-authentication/ polycom.mea.agent.wsp-authentication. Roles Describes which one of multiple role types should be assigned to an agent. Select Authentication Provider for WSPAuth. Experience Portal URL This field is for future product functionality. For now, leave blank unless explicitly told to do otherwise. Target Url This is the URL of the DMA (including the port for API communication) or the URL of the Services Portal (for a scheduling or authentication agent). Target Credentials Enter the Username and Password of the target URL to access this resource. Enforce Certificate Validation Check this option to verify the Services Portal’s certificate as a security measure. Realms This is a comma-separated list of realms from the AuthMatch page that are defined as valid for this agent. By default, includes the Services Portal address and the email domain of users who will be logging in with Presenter rights. Allow login to persist Check this option to allow users to be remembered during login. Click Submit. Viewing Experience Portal Log Files This section explains how to access, view, and clear your Experience Portal log files. To access the Experience Portal log files 1 Select Maintenance > Logs > List of log files as shown next. The List of log files screen appears. 2 Click Go. Polycom, Inc. 99 A list of hyperlinked logs appears as shown in the following screen sample. Note the Sort by dropdown box near the top of the screen for selecting a sorting mechanism. 3 Select any hyperlink from the list of logs to view that specific log, or right-click the hyperlink and select Save link as.. to save that log file to another location. To delete Experience Portal log files: 1 Select Maintenance > Logs > Clear logs. When selected and the Go button is pressed, the older log files are cleared from the hard drive. Applying Experience Portal Configurations The Experience Portal must be restarted to apply your configuration settings. Restart the Experience Portal either through the Administration tool or by rebooting the VMware console. This section explains a restart through the Administration tool using Apply Configuration and Restart server. The preferred method for applying the Experience Portal configuration from the Administration tool is to select Maintenance > Tools > Apply Configuration as in the following screen sample. Apply Configuration allows you to apply any configuration changes that have been saved from the Settings pages. Polycom, Inc. 100 A second method for applying the Experience Portal configuration from the Administration tool is to select Maintenance > Tools > Restart server as shown next. Restart server issues the command to restart the OS to the VM. This is similar to both the VMware command to restart the VM, and to the Linux command to reboot. Polycom, Inc. 101 Setting System Administration UI Properties This section explains how to set (and change) the properties of your System Administration user interface. The Admin UI menu item applies to all subcomponents. To access the Admin UI: 1 With the System Administration application open in your browser, select Settings > Admin UI as shown next. The next screen will display a list of text box fields as shown in the following partial sample screen. All of the fields that appear in the full Admin UI are listed in the Admin UI Settings Fields table. Polycom, Inc. 102 Table 22: Admin UI Setting Fields Field Name Value/Description admins admins[0] Provides the credentials for admin UI settings. Requires a Username and Password. admins[#] Provides additional administrator credentials. This optional field only appears each time the + certificates button is pressed. certificates SSL Certificate Polycom, Inc. Displays the raw text of the SSL identity certificate for the server. 103 Field Na ame Value/Desscription SSL Cerrtificate Privatte Key Displays th he raw text off the private kkey used to generate tthe certificate’s CSR. certificattes[0].usage Allows you u to choose b between serve er and trusted droot in determin ning how the certificate file e pair is used by the VM. port Default po ort setting for a accessing the e Experience Portal servver’s Admin U UI. DO NOT C CHANGE THIIS. securepo ort Default se cure port settting for accesssing the Experience e Portal serve er’s Admin UII. DO NOT CHANGE THIS Cautio on: Verify SSL L Certificate and a Private K Key Validity Ensure that both the e SSL Certificate and the S SSL Certificate Private Keyy are valid beffore g and restarting the serverr. entering To chang ge the System m Administra ation applica ation passwo ord: 1 Sele ect Settings > Admin UI. The Admin UI U screen app pears with two o text boxes (Username an nd Pas ssword) for ad dmins[0] as shown next. 2 To change c the password, ente er the new pa assword in the e Password field. Polycom, Inc c. 104 3 Click Submit. The password changes. Updating Experience Portal Software In order to deploy an updated version of Experience Portal software you must do the following: Obtain the new Experience Portal software OVA file Deploy it using the instructions found in “Deploying the Services Portal and Experience Portal Packages” Use the instructions that follow to migrate the provisioning and state information from the existing server running the older software to this new instance. Exporting the Experience Portal Configuration File Your configurations are saved in the Experience Portal’s settings.json file. This file can be exported from your Experience Portal server and enables you to import the file into another Experience Portal server or to save it as a backup. The file will be downloaded and saved based on your browser’s settings. This section explains how to export the Experience Portal settings file. For importing, see Updating Experience Portal Software In order to deploy an updated version of Experience Portal software you must do the following: Obtain the new Experience Portal software OVA file Deploy it using the instructions found in “Deploying the Services Portal and Experience Portal Packages” Use the instructions that follow to migrate the provisioning and state information from the existing server running the older software to this new instance. Exporting the Experience Portal Configuration File Polycom, Inc. 105 To export the Experience Portal configuration file: 1 Select Maintenance > Tools > Export Configuration. 2 Click Go. The setting.json configuration file downloads. Importing the Experience Portal Configuration File The Experience Portal’s settings.json file can be imported to your Experience Portal server. This enables you to transfer the Experience Portal configuration settings to another Experience Portal server. This section explains how to import the Experience Portal settings file. For exporting, see Updating Experience Portal Software. To deploy an updated version of Experience Portal software: Obtain the new Experience Portal software OVA file Deploy the software using the instructions found in Deploying the Services Portal and Experience Portal Packages. Use the following instructions to migrate the provisioning and state information from the existing server running the older software to this new instance. To import the Experience Portal: 1 Select Maintenance > Tools > Import Configuration as shown next. Polycom, Inc. 106 The e Import Conffiguration scre een displays as a shown nexxt. 2 Sele ect Choose File, F and loca ate the setti ings.json cconfiguration file you wantt to import to tthe serv ver. 3 Clic ck Upload. Th he page will re efresh. e: Configuratio on Application n Note Once e the configura ation is imported, apply the co onfiguration or rrestart the servver to apply the e confiiguration. Note e that the licens se will be deacttivated if two diifferent Instancces on the Expe erience Porta al are registere ed to the same Services Porta al server. Localizing the e Experiience Po ortal You can lo ocalize the Ex xperience Po ortal. Localizattion capabiliti es include: Upload a langua age pack Listt a language pack p e: Experience Portal Localiz zation Note Expe erience Portal localization is s currently on nly supported for the user e experience and d not the admin a portal. To upload d a language e pack: 1 Sele ect Localizattion > Upload d language pack p as show wn next. The e Upload lang guage pack sc creen displays s: Polycom, Inc c. 107 2 Click Choose File to select a specific language pack. Navigate to where you have downloaded the desired language pack, and click Upload to upload the language pack file. To list a language pack 1 Select Localization > List language pack. The List language pack screen displays: 2 Click Go to list your selected language pack. Polycom, Inc. 108 3: Creatin C ng an nd Managin ng Us ser Acc counts s After succ cessfully deploying and configuring your Services Po ortal, create user accounts locally or add d users thro ough the Activ ve Directory. The T account types you cre eate depend o on your accou unt role. Supe er admin acc counts add an nd manage su uper admin, admin, a and usser accounts. Admin accou unts add and manage admin a and use er accounts. User accountts cannot add d or manage a any accounts. This chap pter shows you the followin ng: Und derstanding Account A Roles s Cre eating Accoun nts Editting Accounts s Deleting Accounts Cha anging Your Password P Res setting a Pass sword Unde erstanding Accoun A nt Role es The Services Portal su upports three different acco ount roles. Ea ach role deterrmines your a account type a and a different set s of capabilities. See the following list for a brief de scription of each role: Sup per Admin Creates and manages the e Services Po ortal settings a and other sup per admin, admin, and d user accoun nts, but canno ot schedule meetings. m Sup per admin acccounts displayy the tabs sho own in Figure 4. Adm min Creates and manages admin acc counts, user a accounts, and d online video o conference meetings. Admin n accounts dis splay the tabs s shown in Fi gure 5. Use er Creates and a manages s online video o conference m meetings. Usser accounts d display the tabs sho own in Figure 6. Note: Identifying Yo our Role g in to the Services Portal and comparin ng your availa able tabs with h the following g Logging figures is a good way to confirm your y assigned d role. Polycom, Inc c. 109 Figure 4: Super S Admin Role Tabs Figure 5: Admin A Role Ta abs Figure 6: User U Role Tab bs Polycom, Inc c. 110 Crea ating Accoun A nts The Services Portal en nables super admin a and ad dmin users to create accou unts from the Active Directtory or locally. Th his section shows you how w to add active e directory ussers and how to create loca al accounts. e: Default Acco ounts Note The following deffault accounts s are required d and cannot be deleted: se for accessing the Servicces Portal (Username/Passsword = admin - Us admin/adm min) munication witth the Experie ence Portal. meaconf - Use for confference comm (Username e/Password = meaconf/me eaconf) erience Porta al. mmunication with the Expe meaauth - Use for authentication com (Username e/Password = meaauth/me eaauth) se communiccations with th he Experience e Portal. measys – Use for licens e/Password = measys/mea asys) (Username mins should en nsure that the e passwords ffor the above default accou unts are Super adm changed as s soon as pos ssible. Failure e to change th hese passwords would allo ow any level of use er to log in to the Services Portal with th hese credentials and with ssuper admin auth horization. Addin ng Active e Directtory Use ers The LDAP P server confiiguration enables access to Services Po ortal for all the users in the e Active Direcctory without re equiring the ad dministrator to o explicitly cre eate each Se ervices Portal account. By default, the Services Portal P assigns s user roles to o all the Activ ve Directory a accounts. Add d a user from Active Directtory only if you u need to cha ange the defau ult user role or o to block the e user. To cha ange the defa ault user role, see Editing Ac ccounts Creatted from the Active A Directo ory. Note: Before You Begin B ctive Directory y user accoun nt, you must log in to the S Services Porta al as Before adding an Ac min or super admin. an adm Adding Active A Directo ory users: 1. Select USER MANAGEMEN NT. The USER RS screen dissplays, shown n next. Polycom, Inc c. 111 2. Clic ck + LDAP US SER. The Imp port Active Diirectory Userss screen displays, shown n next. 3. In th he Import Acttive Directory y Users search h box, enter t he name of th he user you w want to add an nd press Enter E on your keyboard. 4. Place a checkma ark in the che eckbox of each user you wa ant to add. 5. Clic ck ADD. Note: Active Directo ory Default User Roles Users added a from th he Active Dire ectory are asssigned the use er role by deffault. To chan nge the role e type, see Ed diting Accounts. Polycom, Inc c. 112 Addin ng Locall Users The Services Portal en nables super admin a and ad dmin users to add other loccal users. Thiis section sho ows you how to t create local accounts. Note: Before You Begin B al user account, you must log in to the S Services Porttal as an admin or Before adding a loca a super admin. Adding local l users:: 1 Select User Man nagement. Th he Users scre een displays. ck + User. The Add a userr screen displa ays: 2 Clic Polycom, Inc c. 113 3 Entter the followin ng in the Add d a user scree en: ○ First F Name Enter the user’s first name. ○ Last L Name Enter the use er’s last name e. ○ User U Name Enter a userrname for the user. ○ Email E Address ○ Contact C Num mber ○ Title Enter the e user’s emaiil address. Enter the t user’s pho one number sstarting with the area code e. Enter the t user’s job b title. D Enter the us ser’s departm ment. ○ Department Polycom, Inc c. 114 ○ City C Enter the user’s city y. ○ User U Role Click C the User Role dropdo own box, and choose one of the followin ng options: » ROLE_SU UPER_ADMIN N This option is only avaiilable to supe er admin userss. When assig gned, the user has super adm min capabilitie es, which inclu udes creating g and managin ng user, admin, and super admin accou unts and confiiguring and m managing the core settingss, social policyy, DMA confiiguration, and d certificate up ploads. » ROLE_AD DMIN This option o is availa able to admin n and super a admin users. W When assigne ed, the user has admin priv vileges, which h includes cre eating and ma anaging user and admin accounts and a creating and a participatting in video cconference m meetings. » ROLE_US SER This op ption is available to both ad dmin and sup per admin use ers. When assigned, the user has standard use er privileges a and can only ccreate and pa articipate in meetings. 4 Clic ck Add. An em mail is sent to o the newly crreated user co ontaining theiir username, password, an nd URL. The Services Portal en nables you to edit or delete e the accountss you create. For more info ormation, see e Editing Ac ccounts and Deleting D Acco ounts. Editing Accounts s The Services Portal en nables admin and super ad dmin users to edit accountss created from m the Active Directory or locally. Yo ou can access s all fields in a locally creatted account, b but you can o only access tw wo fields (role e type and en nable/lock) in an account im mported from the Active Diirectory. This section show ws you how to t edit both Ac ctive Directorry and local ac ccounts. Editin ng Accou unts Cre eated fro om the A Active D Directory y This section shows you u how to edit an account created from t he Active Dire ectory. To reiiterate, you ca an only edit the t role type and a enable/lo ock options in accounts imp ported from th he Active Dire ectory. Also n note that only super s admin users u can cha ange a role ty ype to super a admin. Note: Before You Begin B a you must m log in to the Servicess Portal as either an admin n or a Before you edit an account, a super admin. To edit a user accoun nt created fro om the Activ ve Directory: 1. Select User Man nagement. Th he Users scre een displays, shown next. Polycom, Inc c. 115 2. Entter the user’s name in the search s box, and a press Entter on your ke eyboard or se earch using th he scroll bar. b 3. Clic ck the accoun nt’s icon. The T Edit Userr screen displa ays, shown next. d select one o 4. To edit the User Role, click th he dropdown box b arrow and ng options: of the followin R ER_ADMIN This option is s only availab ble to super ad dmin users. W When assigne ed, ○ ROLE_SUPE the t user has super s admin capabilities, which w include es creating an nd managing u user, admin, and super s admin accounts a and d configuring and a managing g the core se ettings, social policy, DMA system s config guration, and certificate up ploads. ○ ROLE_ADMI R on is available e to admin an nd super adm min users. Whe en assigned, the N This optio user u has adm min privileges, which includes creating a and managing g user and admin accountss and creating c and participating p in i video confe erence meetin ngs. ○ ROLE_USER R R This option n is available to both admi n and super a admin users. When assign ned, the t user has standard s user privileges an nd can only ccreate and pa articipate in meetings. 5. Clic ck to enter a check c mark in n the Enable User U checkbo ox and activatte the user’s a account, or rem move the chec ck mark and disable d the us ser’s account.. 6. Clic ck SAVE. Polycom, Inc c. 116 Editin ng Locally Creatted Userr Accounts Super adm min users can n change all of o the fields in n a locally cre ated accountt. Admin userss, meanwhile e, can change alll of the fields in a locally created account except for the role in a ssuper admin account. To determine e your accoun nt type, see Understanding U g Account Rolles. This section shows you u how to edit a locally crea ated user acco ount. Note: Before You Begin B a you must m log in to the Servicess Portal as an admin or sup per Before you edit an account, admin. To edit a local userr account: 1. Select User Man nagement. Th he Users scre een displays: 2. Loc cate the accou unt by enterin ng the user’s name n in the ssearch box an nd pressing E Enter on your keyboa ard. Polycom, Inc c. 117 3. Click the account’s icon; the Edit User screen displays: 4. Edit any of the following fields in the Edit User screen: ○ First Name Edit the user’s first name. ○ Last Name Edit the user’s last name. ○ User Name Edit a username for the user. ○ Email Address ○ Contact Number ○ Title Edit the user’s email address. Edit the user’s phone number with area code. Edit the user’s job title. ○ Department Edit the user’s department. Polycom, Inc. 118 ○ City C Edit the e user’s city. ○ User U Role Edit E the User Role by selec cting one of th he following o options: » ROLE_SU UPER_ADMIN N This option is only availa able to super a ned, admin users. When assign the user has super adm min capabilitie es, which inclu ude creating a and managing g user, admin n, and super adm min accounts and a configurin ng and manag ging the core e settings, soccial policy, DM MA system configuration, and a certificate uploads. » ROLE_AD DMIN This opttion is availab ble to admin a and super adm min users. W When assigned d, the user has admin a privileg ges, which inc clude creating g and managin ng user and a admin accoun nts and creatin ng and participating in vide eo conference e meetings. » ROLE_US SER This optio on is available to both adm min and superr admin userss. When assig gned, the user has standard user u privileges s and can on ly create and participate in n meetings. ○ Enable E User Click to ente er a check ma ark in the Ena able User che eckbox and acctivate the user’s account a or remove the che eck mark and disable the u user’s accoun nt. 5. Clic ck Save. An email e is sent to the owner of o the edited u user account containing th he username, password, and URL L. Deleting Accounts Users with h super admin accounts ca an delete othe er super adm min, admin, an nd user accou unts. (Users w with admin acc counts can on nly delete other admin and d user accoun nts.) To determ mine your acccount type, se ee Understan nding Accoun nt Roles. This section shows you u how to dele ete a user acc count. Cautio on: Default Ac ccounts The folllowing default accounts arre required an nd cannot be deleted: Admin A - Used d for accessin ng the Service es Portal. Meaconf M - Us sed for conferrence commu nication with the Experience Portal. Meaauth M - Us sed for authen ntication comm munication w with the Experience Portal. Measys M – Use ed for license e communicattions with the Experience P Portal. a should ensure thatt the passworrds for the abo ove default acccounts are Super admins change ed as soon as s possible. Failure to chang ge these passswords would d allow any levvel of user to log in to the Services S Porttal with these credentials a and with supe er admin zation. authoriz Note: Before You Begin B n account, you must log in to the Servicces Portal as an admin or ssuper Before you delete an admin. Polycom, Inc c. 119 To delete a user acc count: 2 Sele ect the User Management tab; the Use ers screen dissplays: 3 Loc cate the accou unt by enterin ng the user’s name n in the ssearch box an nd pressing E Enter. The use er’s nam me, username e, email addre ess, type, role e, and status all display ass in the followiing screen: 4 Clic ck the accoun nt’s icon; th he Delete this s User? scree en displays. 5 Clic ck Delete. Chan nging Your Y Passwo P ord This section explains how h to change e your password. ge your password: To chang 1 Log g into your Se ervices Portal account. You ur name appe ears in the top p right corner of the screen n. 2 Clic ck on the eft side of you ur name as sh hown next. icon on the le The e Change Pas ssword screen appears as shown next. Polycom, Inc c. 120 3 Enter the followin ng in the Cha ange Passworrd screen: ○ Current C Pass sword Ente er your current password. ○ New N Passwo ord Enter yo our new passw word. ○ Confirm C new w password Reenter you ur new passw word. 4 Clic ck Change to change yourr password. Rese etting a Pass sword This section shows how w an admin or o a super adm min can resett a user’s pas sword. Caution: Before Rese etting a Passwo ord Passworrds should onlyy be reset for accounts a with vvalid email add dresses. Resettting a passworrd for an account with an inaactive email ad ddress will lockk out the user. Note: Before You Begin B p you u must log in tto the Service es Portal as e either an adm min or Before you reset a password, a superr admin. Polycom, Inc c. 121 To resett a passworrd: 5 Clic ck User Mana agement. The e Users scree en displays ass shown nextt. 6 Loc cate the user in the NAME column, ente er the user’s n name from the e USERNAM ME column into o the sea arch box, and press Enter on your keypad. 7 Clic ck the accoun nt’s icon. The T Change th his user’s passsword? dialo og box displayys. 8 Enter a new password in the Password field’s window, a and click Cha ange. The Services Portal se ends the user an email con ntaining the ne ew password. Polycom, Inc c. 122 4: Provid P ding Secure S e Gue est Ac ccess s This chap pter shows you how to prov vide invited gu uests with co ntrolled accesss to your org ganization’s Unified Co ommunication ns infrastructu ure while prev venting unwe lcome intrusio on. Secu uring SIP S Guest Ac ccess Enabling SIP S guest acc cess is the most convenien nt way to ena able video and d audio accesss from organizatiions and indiv viduals that are not federatted with your organization.. For this rea ason, the CloudAXIS web client functions f by default d in a gu uest mode; it neither registters nor authe enticates itself with your organization’s SIP P gatekeeper (typically a Polycom P DMA A device). Thiss may be true e even if and w when it is used by individuals s who belong to your organ nization and/o or connect fro om within you ur organization nal firewall. Similarly, S the RealPresence R e® Mobile sofftware endpoiint for mobile devices, which has SIP registratio on and authen ntication capa abilities, does not register o or authenticatte with the tarrget SIP gatekeepe er when it join ns a conferen nce in respons se to the userr clicking on tthe Join Now w button from the CloudAXIS Experience e Portal. Authentica ated SIP acce ess may be enabled e for ve erified membe ers of your org ganization byy configuring tthe SIP Usern name and Password inform mation as part of the Servicces Portal DM MA settings (ssee Configuring DMA Setttings). In this case, membe ers of your org ganization wh ho have authe enticated to th he Services P Portal web interfface will have e these SIP au uthentication credentials a utomatically a and securely provided to supported d endpoints (the CloudAXIS S web client and a Polycom RealPresencce Mobile v3.1 and above). These end dpoints will th hen attempt to o authenticate e to the SIP g gatekeeper (iff challenged) using the sup pplied g, which mayy include acce credentialls, and can en njoy the bene efits of authen nticated dialing ess to a less restrictive e dial plan (see recommend dation below)). Guest userss who have not authenticated to the Services Portal P web intterface, but are merely sup pplied an exte ernal e-mail a address when n attempting to o join a meeting g, will not be provided p the SIP S credentia als and will alw ways dial as a an unauthentiicated SIP ca aller subject to o the dial rules s for unauthen nticated endp points. Because the t CloudAXIIS web client typically func ctions in guestt mode per th he above deta ails, the CloudAXIS Solution requires SIP gu uest access fo or external ussers wanting tto join meetin ngs via the We eb Client and d Experience Portal. H.323 3 guest acces ss may also b e provided att your discretiion to facilitate access fro om other type es of endpointts. Enablling Gue est Acce ess on Your Y Edg ge Proxy y To enable e guest acces ss via your org ganization’s edge e proxy de evice, please refer to one o of the followin ng Polycom publications. p Note: Enabling End dpoint Authen ntication portant to follo ow the recom mmendation fo or enabling en ndpoint authe entication on tthe It is imp applicable DMA dev vice as describ bed in the folllowing guidess: Polycom, Inc c. 123 See Chapter 2: Deploying the Basic RealPresence Access Director System Solution to Support Remote and Guest Users in the Deploying Polycom® Unified Communications in the RealPresence® Access Director™ System Environments Guide. See Chapter 2: Deploying the Polycom—Acme Packet Solution to Support Remote and Guest Users in the Deploying Polycom® Unified Communications in an Acme Packet® Environment Guide. Note that edge proxies, including the RealPresence Access Director, may require that authenticating and non-authenticating callers distinguish themselves by sending SIP requests to a different port or by using a special dialing prefix. To facilitate this, specify the correct Auth Mode when configuring access points in the Services Portal configuration (Configuring the Connection to the DMA System and RPAD Servers). It may be necessary or desirable to specify two different access points corresponding to the same edge device, one for AUTH users and one for NoAUTH users, with each access point entry specifying a different port number and/or dial prefix to use for the corresponding access case. Additional Recommendations for Greater Security See the following recommendations to secure the privacy of your conferences and prevent misuse of your videoconferencing infrastructure: Use temporary rather than persistent (personal) VMRs when creating meetings that include untrusted guests. This is the default Services Portal behavior used whenever the Use Personal VMR has not been selected. Using temporary VMRs helps ensure that guests will only be able to access the particular conference session you are inviting them to. Use the passcode option when creating meetings to provide an additional level of access control. Use the Services Portal DMA Config Option “Generate VMR From Range” to generate temporary conferencing IDs in a wide, random range, thus making them more difficult to access by random dialing. Restrict guest users to a subset of your dialing plan. By provisioning a dialing rule for unauthorized calls on your DMA device, you can limit guests to particular dial identifiers or ranges for which you prefer to provide access. For example, the following preliminary script restricts guest users to the dial ID range of 100,000 to 999,999 which could be configured to be the same auto-generation range used by the Services Portal to create temporary VMRs: // These values should correspond to the min and max room ID settings. // specified in the Services Portal DMA Config Option “Generate VMR // From Range” var maxGeneratedRoomId = 100000; var maxGeneratedRoomId = 999999; var number = parseInt(DIAL_STRING.replace(/^sip:([^@]*)@?(.*)/i,"$1")); if (NaN != number && number > minGeneratedRoomId && number < maxGeneratedRoomId) { return; } return NEXT_RULE; Polycom, Inc. 124 For more instructions on how to configure preliminary dialing scripts on the DMA device, see the Polycom DMA 7000 System Operations guide on the Polycom Support site. Securing Web Access Conferences take place in the Experience Portal. Providing conference access to guest users joining from outside your organization’s firewall requires allowing the Experience Portal to be accessed from the public internet. Access to the Services Portal, however, is only required for users who create and host conferences, which are typically members of your organization. Providing direct external access to the Services Portal component is left to the administrator’s discretion. There are at least two different options for providing access from external networks: 1. Configure NAT functionality in your organizational firewall, or another edge device, to map HTTPS port 443 from the external IP address assigned for the Experience Portal to its internal IP address. Do the same for the Services Portal (if desired). 2. Use a Reverse Proxy product to provide external HTTPS access to the Experience Portal. Do the same for the Services Portal (if desired). The proxy selected should support the following features: ○ Traffic routing based on HTTP host headers (required only when routing a single external IP address to multiple internal web applications). ○ Forwarding of the Web Sockets protocol (RFC 6455). Polycom, Inc. 125 5: Troubllesho ooting g the S Servic ces P Portal This chap pter shows you how to reso olve issues ex xperienced byy end users a and how to acccess your log g files for trouble eshooting mis scellaneous is ssues. This sec ction contains troubles shooting infformation o on the follow wing: Use er Cannot Cre eate Meetings s Use er Cannot Lau unch the Welcome Screen n Con nfigured Com mponents are Not Responding Sup per Admins and Admins Cannot Add an n Active Direcctory User Use er Cannot Send Email Notifications Use er Receives “Unable to Cre eate a Conferrence with a P Personal VMR R” Message Use er Receives “External Serv ver Not Set” Message M Obttaining Servic ces Portal Log g Files User Cannot C Create Meeting M s Confirm th he following iff users are un nable to creatte a meeting: At least one DMA A system is made m primary y The e DMA’s owne er username entered in the e Services Po ortal also exissts in the DMA A system. For info ormation on how to create a username for f the DMA ssystem, see the Polycom D DMA 7000 Syystem Ope erations Guid de on the Poly ycom Supportt site. The e DMA system m status is up p. User Cannot C Launch the Welcome S Screen When enttering a meetiing, the welco ome screen la aunches with video optionss for entering the meeting. If users are able to create a meeting but b are unable e to launch th he welcome sscreen, confirm m that the corrrect port numb bers and DMA A system FQD DN were ente ered when con nfiguring the Experience P Portal. See Configurin ng the Conne ection to the DMA D System and a RPAD Se ervers. Config gured Compone C ents are e Not Re espondin ng If compon nents are corrrectly configurred but not wo orking, try reb booting the Services Porta al server. Polycom, Inc c. 126 Superr Admins and Admins A Cannot C A Add an A Active D Directory y User If Services s Portal Admins and Supe er Admins are unable to ad dd an Active D Directory userr, confirm thatt the proper LD DAP server is configured with w the correc ct values listed d in Configuriing the Conne ection to the L LDAP Server. Both the Services S Portal and the Ex xperience Porrtal MUST be configured to o the SAME tiime zone and d NTP server in order o for Clou udAXIS Recording to work properly. To config gure the sam me time zone and NTP serrver: 1 Acc cess the CLI (see Appendix x D: CloudAX XIS Restricted d Shell) on eitther of the two o portals using “cax xis” as both your y Usernam me and Passw word. 2 Sele ect your time zone by using the CLI com mmand chang ge_timezone e. See Use Case - Set Sysstem Datte Time in Appendix D for details. d 3 Syn nc your serverr with the NTP P server by using the CLI ccommand ntp pdate. See U Use Case - Qu uick Syn nc System date-time with a Specific NTP P server in Ap ppendix D forr details. Rep peat the abov ve three steps s on the otherr portal. If the prob blem persists,, contact yourr IT administra ator to confirm m the values are correct. User Cannot C Send Em mail Nottification ns If users arre unable to send s email no otifications, co onfirm that the e proper SMT TP server is cconfigured witth the correct po ort numbers listed in Config guring the Co onnection to th he SMTP Serrver. If the pro oblem persistts, contact yo our IT adminis strator to conffirm the value es are correctt. User Receive R es “Unab ble to Crreate a C Conference with ha Perso onal VMR R” Mess sage See if the virtual meeting room existts on the conffigured DMA system. If it e exists, contacct Polycom Support. User Receive R es “Exterrnal Serrver Not Set” Me essage If receiving the “External Server Nott Set” messag ge after seleccting Meet No ow, confirm th hat the correcct FQDN is entered e in the e MEA Serverr textbox loca ated on Servicces Portal’s S Server Setting gs screen. See Configurin ng Additional Server Settin ngs. User Receive R es “Video o Resou urces Arre Not A Available e” Messa age This errorr message dis splays if the license trial pe eriod has end ed or when th he concurrentt license limit is exceeded d. Contact you ur Polycom re epresentative to purchase a as license to activate yourr CloudAXIS S Suite or to incre ease the user capacity. Polycom, Inc c. 127 Obtaining Services Portal Log Files Obtain your Services Portal log files to troubleshoot any issues you experience. To configure your log level and download your logs, see Selecting and Downloading Log Level. User Cannot Download Logs on Internet Explorer Follow the steps provided on the UI and retry loading the logs Polycom, Inc. 128 6: Getting G g Help Polycom and Parrtner Resour R rces For more information about a installing, configuring g, and admini stering Polyccom products,, refer to Documents and Downlloads at Polyc com Support.. To find alll Polycom parrtner solutions s, see Polyco om Strategic G Global Partne er Solutions. For more information on o solutions with w a specific Polycom parrtner, see the Strategic Partner Solution ns site at Polycom m Strategic Global G Partnerr Solutions. The Polyco om Commun nity The Polyc com Commun nity gives you access to the e latest develloper and sup pport informattion. Participa ate in discussion n forums to share ideas an nd solve problems with you ur colleaguess. To register w with the Polyccom Community, simply cre eate a Polycom online acco ount. When lo ogged in, you can access P Polycom supp port personnel and participa ate in develop per and suppo ort forums to find the latesst information on hardware, software, and partner solutions s topic cs. c. Polycom, Inc 129 A: Creating a Google Talk™ App Enabling access to Google Talk™ contacts from the Experience Portal requires creating a Google Talk™ app, selecting the Google Talk™ checkbox in the Services Portal’s Social Connector configuration screen, and entering the app’s Client ID and Client Secret in the respective Social Connector configuration screen text boxes. To access the Services Portal social connector configuration screen, see Polycom, Inc. 130 Configurin ng Social Poliicies. To get the t Client ID and a Client Se ecret, see step p 10 of the fo ollowing instruction ns. Before yo ou begin, set up u a neutral account a with credentials c tha at can be sha ared among d different perso ons in your team m. Do not use your persona al account to create c the ap pp. This helpss to avoid dep pendencies on na single perrson. In case a person currrently in charg ge of the app plication mainttenance leave es the compa any, the comm mon account credentials c can be passed on to the team m. In addition n, always maintain one-to--one mapping g between the e Services Po ortal server an nd the applica ation being use ed. Note: IP Address Change C A change in the serv ver’s IP does not require a new applicattion to be crea ated as long as t changed IP. the FQDN points to the Note: Reference for Creating a Google G App As you create your Google G app, you y can use tthe Google De evelopers Pa age as a reference. To create e a Google Ta alk™ app: 1 Log g into the sharred Google ac ccount. 2 Ope en the Google e APIs Conso ole page and select Create e Project. The Google AP PIs page opens with h menu option ns displayed on o the left, sh hown next. 3 Clic ck the API Pro oject dropdow wn menu, and d select Creatte as shown n next. Polycom, Inc c. 131 The e Create Proje ect dialog box x displays, shown next. 4 Enter a name in the Enter the e name for your project texxt entry box an nd click Creatte Project. A An exa ample shown next The e Google APIs s page dropdown menu na ame should c hange to the name of yourr project as shown nex xt. If the name e does not automatically display, click th he dropdown box arrow, an nd select it fro om the Recent Proje ects list. Polycom, Inc c. 132 5 Sele ect API Acce ess from the menu m options s, shown next . 6 Clic ck Create an OAuth 2.0 Client ID… Th he Create Clie ent ID screen displays, sho own next. Polycom, Inc c. 133 7 Enter the following: ○ Product Name recommended. Enter your product name. Naming with the prefix “CloudAXIS_” is ○ Product Logo Enter the URL to your product logo. ○ Home Page URL Enter the URL to your home page. 8 Click Next. The Client ID Settings options display, shown next. Polycom, Inc. 134 9 Select the following ○ Application Type Select Web-Application. ○ Your Site or Hostname Enter the Services Portal’s FQDN 10 Click Create Client ID. The Authorized API Access screen displays, shown next Polycom, Inc. 135 Note the Client ID and Client secret; these are both needed for the policy configuration. It is important to note that your client secret is always kept secret. 11 In the Authorized API Access screen, click Edit settings, the Edit Client Settings screen displays, shown next. Polycom, Inc. 136 12 In the Authorized Redirect URIs text box, enter https://<ServicesPortalFQDN>/wsp/oauth/callback-google and click Update. You are now ready to configure the Google Talk™ policy on the server. See Polycom, Inc. 137 Configuring Social Policies. Polycom, Inc. 138 B: Creating a Facebook App Enabling access to Facebook contacts from the Experience Portal requires creating a Facebook app, selecting the Facebook checkbox in the Services Portal’s Social Connector configuration screen, and entering the App ID and App Secret in the respective Social Connector configuration screen text boxes. To access the Services Portal social connector configuration screen, see Polycom, Inc. 139 Configurin ng Social Poliicies. To get the t App ID an nd App Secre t, see step 4 in the followin ng instruction ns. Before yo ou begin, set up u a neutral Facebook F dev veloper accou unt with crede entials that ca an be shared among diffferent person ns in your tea am. This helps s to avoid dep pendencies on a single person. If a persson currently in i charge of the application n maintenanc ce leaves the job, the comm mon account credentials ccan then be pa assed on to the team. Do not us se your person nal Facebook k account to create c the app p. To verify if your accountt is a developer account, see s the Faceb book help pag ge. Finally, always maintain one-to-one mapping bettween the Serrvices Portal server and th he application being use ed. Note: IP Address Change C A change in the serv ver’s IP does not require a new applicattion to be crea ated as long as t changed IP. the FQDN points to the Note: Reference for Creating a Facebook F Ap p As you create your app, a you can use the Face ebook Developers page ass reference. To create e a Facebook k app: 1 Log g into the sharred Facebook k account. 2 Ope en the Facebo ook Develope ers page. The e Facebook D Developers sccreen displayss. From the m menu at th he top of the page, click Apps (shown next). n If yo our Facebook k account is not n already reg gistered as a developer, yyou will see an n option for Reg gister as a Developer. Se elect Registerr as a Develo oper, complete the registra ation processs, and con ntinue. 3 Sele ect Create Ne ew App. The e Create New App screen d displays: Polycom, Inc c. 140 4 Enter a suitable name in the App A Name tex xt box (namin ng with the pre efix “CloudAX XIS_” is reco ommended) and a click Con ntinue. The Sample App sccreen displayys with the Ap pp ID and App p Sec cret as shown n next. Make a note of thes se for configu ring the Servvices Portal po olicy. 5 Sele ect Website with w Facebook as in the following f scre een example. The e Site URL te ext box appea ars, shown next 6 In th he Site URL text box, ente er https://< <ServicesP PortalFQDN> >/ 7 Sele ect App on Facebook F as shown next. Polycom, Inc c. 141 The e Basic Info sc creen appearrs: 8 Enter the followin ng: ○ Canvas C URL L Enter http://<Servi icesPortal FQDN>/ ○ Secure S Canv vas Width Enter E https: ://<Servic cesPortalFQ QDN>/ 9 In th he Basic Info options section (shown ne ext), enter the e <ServicsP PortalFQDN> > You are no ow ready to con nfigure the Fac cebook policy on o the server. S See Polycom, Inc c. 142 Configuring Social Policies. Polycom, Inc. 143 C: DMA Factory Conference Settings Impact The Polycom DMA system uses conference templates and global conference settings to manage conference behavior. This table describes the impact of the DMA system’s factory conference template settings on the CloudAXIS web client operations. For information on setting up a DMA system conference template, see the Polycom DMA 7000 System Operations Guide on the Polycom Support site. Table21: Conference Template Settings Impact Feature Subfeature General Settings Profile Settings Conference Settings Subfeature Description Web Client Behavior Use existing profile N/A RMX profile name N/A Conference Mode Only AVC is supported. This can be set to 'AVC only' or 'Mixed AVC and SVC'. For both options, the web client will use AVC. Cascade for bandwidth Works as documented Video Switching Works as documented H.264 High Profile Works as documented Resolution Works as documented Line Rate Fixed rate in web client Audio Only Not tested Encryption Tied to the URL scheme – OFF for http / ON for https LRP Works as documented Video Quality Works as documented Max resolution Works as documented Video Clarity Works as documented Advanced Settings Video Quality Polycom, Inc. People Video Definition 144 Feature Subfeature Content Video Definition Subfeature Description Web Client Behavior Auto Brightness Works as documented Content Settings Works as documented Content Protocol Works as documented Presentation Mode Works as documented. Send content to legacy endpoints No Impact Same layout Works as documented Lecture view switching Works as documented. Auto layout Works as documented Layout Works as documented Telepresence Mode Works as documented Telepresence layout mode Works as documented Echo suppression Works as documented Keyboard noise suppression Works as documented Audio Clarity Works as documented Video Settings Audio Settings Skins Works as documented Override default service Advanced – see the DMA guide. Conference IVR Service May require use of DTMF pad in menu. Conference IVR Polycom, Inc. 145 Feature Subfeature Conference requires chairperson Subfeature Description Web Client Behavior Enterprise users should be admitted to the conference; they will need to use DTMF to enter the chair pin again to start the video portion of the call. Anonymous users without the chair pin must wait in the web outer lobby. Recording Polycom, Inc. Record Conference Must be set to 'Immediately’ or 'Upon Request' to enable recording. Recording Link Must be configured to enable recording. Audio only Works as documented Indication of recording Works as documented Note If enabled, a recording indication will appear in both the video feed and in the web client GUI 146 D: Cloud C AXIS Resttricted d She ell Intro oductio on The Polyc com CloudAX XIS Restricted d Shell provide es a means fo or you to log in to CloudAX XIS products from either a co onsole or via an SSH conn nection and perform the be elow operation ns: Exe ecute a limited d set of restric cted comman nds View w log files Collect log files as a a .tar.gz pa ackage Cha ange Hostnam me Cha ange password for the 'cax xis' user Cha ange the time e zone of the system s Cha ange NTP setttings Reg generate certificates Res start services View w product info ormation (like e Version num mber) SCP P files (restric cted access) to t other mach hines Usag ge Sample Use U Cases of restricted r dshell are described d belo ow for referen nce. Use Case C - Lo ogin as 'caxis' via v Cons sole or v via a SSH Conne ection min Tip: CLI Lo ogin Adm Login to the CLI with w ‘caxis’ as both your use ername and p assword. Welcome to the Polyco om RealPrese ence CloudAX XIS Comman d Line Interfa ace (CLI). Type '?' fo or help caxis@loc calhost.locald domain: ? Supported comman nds in the Services S Portal and Exp perience Po ortal: Catt Find d Gre ep Polycom, Inc c. 147 Pwd Vi regenerate_certificates (This command is only supported in the Services Portal.) change_hostname collect_logs change_network_settings change_ntp show_network_info change_password show_product_info change_timezone ifconfig reboot service scp tail ntpdate cd echo exit Use Case - Change System Hostname caxis@localhost.localdomain: change_hostname Current System Hostname: localhost.localdomain Do you want to change the system hostname? [y/n]: y New System Hostname: polycom-cloudaxis Hostname changed successfully. caxis@localhost.localdomain: Use Case - Log Collection caxis@polycom-cloudaxis: collect_logs Log collection completed successfully. Location of log file: /home/caxis/log/plcm_caxis_logs_2013_03_26_16_59_50.tar.gz Polycom, Inc. 148 Use Case - Copying the generated logs to a different server caxis@polycom-cloudaxis: scp/home/caxis/log/plcm_caxis_logs_2013_03_26_16_59_50.tar.gz caxis@10.250.92.60:/var/log/cloudaxis_logs The authenticity of host '10.250.92.60 (10.250.92.60)' can't be established. RSA key fingerprint is fd:fd:94:17:62:87:37:5f:59:7b:f8:ad:c2:4a:47:40. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.250.92.60' (RSA) to the list of known hosts. caxis@10.250.92.60's password: plcm_caxis_logs_2013_03_26_16_59_50.tar.gz 100% 155KB 154.7KB/s 00:00 Use Case - Access Log Files caxis@polycom-cloudaxis: ls -Rm /var/log/ /var/log/: ActivateSecurity.sh.log, ConsoleKit, K99vm_network_fix.log, S02vm_network_fix.log, anaconda.ifcfg.log, anaconda.log, anaconda.program.log, anaconda.storage.log, anaconda.syslog, anaconda.yum.log, audit, boot.log, btmp, caxis-edge-service-portal-db-config.pg.log, caxis-edgeservice-portal-fts.log, caxis-restricted-shell, caxis-restricted-shellfts.log, cron, cups, dmesg, dmesg.old, dracut.log, exim, lastlog, maillog, messages, nginx, ntpstats, pgsql, secure, spooler, tallylog, tomcat6, wtmp /var/log/caxis-restricted-shell: caxis-2013_03_26_15_29_01.log, caxis-2013_03_26_16_41_50.log, caxis2013_03_26_16_55_27.log /var/log/cups: /bin/ls: cannot open directory /var/log/exim: Permission denied /var/log/nginx: access.log, error.log /var/log/ntpstats: /var/log/tomcat6: catalina.2013-03-26.log, catalina.out, cloudaxis_wsp.log, hostmanager.2013-03-26.log, localhost.2013-03-26.log, manager.2013-03-26.log, migration.log, tomcat6-initd.log Use Case - Changing Password of the 'caxis' User caxis@polycom-cloudaxis: change_password Do you want to change the password for the 'caxis' user? [y/n]: y New Password (not dispalyed on screen for security): Changing password for user caxis. passwd: all authentication tokens updated successfully. Polycom, Inc. 149 Password for the 'caxis' changed successfully. Use Case - Configure System NTP Settings caxis@polycom-cloudaxis: change_ntp List of NTP servers configured in the system: 0.centos.pool.ntp.org 1.centos.pool.ntp.org 2.centos.pool.ntp.org Do you want to change the list of NTP servers? [y/n]: y Specify a space separated list of new NTP servers after the prompt below. Please wait ... List of new NTP servers: 0.north-america.pool.ntp.org 1.northamerica.pool.ntp.org 2.north-america.pool.ntp.org 3.northamerica.pool.ntp.org Checking if the new NTP servers are reachable ... 0.north-america.pool.ntp.org: reachable. 1.north-america.pool.ntp.org: reachable. 2.north-america.pool.ntp.org: reachable. 3.north-america.pool.ntp.org: reachable. Do you want to continue updating the system NTP configuration? [y/n]: y Verifying NTP datetime sync with the server in the new list ... 0.north-america.pool.ntp.org: successful. 1.north-america.pool.ntp.org: successful. 2.north-america.pool.ntp.org: successful. 3.north-america.pool.ntp.org: successful. System NTP configuration updated successfully. Use Case - Quick Sync System date-time with a Specific NTP server caxis@polycom-cloudaxis: ntpdate -u 1.oceania.pool.ntp.org 26 Mar 12:47:56 ntpdate[12378]: adjust time server 27.54.95.11 offset 0.020587 sec Use Case - Show Product Version caxis@polycom-cloudaxis: show_product_info Product Version: 1.1.0.46-112007 Polycom, Inc. 150 Use Case - Regeneration of Certificates caxis@polycom-cloudaxis: regenerate_certificates Certificate regenerated successfully. Webserver and associated services should be restarted for the certificates to take effect. Do you want to restart the webserver? [y/n]: y Restarting the Webserver. Please wait ... Stopping tomcat6: [ OK ] Starting tomcat6: [ OK ] Stopping nginx: [ OK ] Starting nginx: [ OK ] Certificate regenerated and restarted the required services successfully. Use Case - Change System Timezone caxis@polycom-cloudaxis: change_timezone Current System Timezone: America/Denver Do you want to change the system timezone? [y/n]: y Select a timezone from the list below and specify the number listed within the []. Press the Return key to display the list .. Pressing the return key will display a sorted list of time-zones (paginated) to choose from. [1]: Africa [2]: Africa/Abidjan [3]: Africa/Accra [4]: Africa/Addis_Ababa [5]: Africa/Algiers [6]: Africa/Asmara [7]: Africa/Asmera [8]: Africa/Bamako [9]: Africa/Bangui [10]: Africa/Banjul [11]: Africa/Bissau [12]: Africa/Blantyre --More-[..truncated to conserve space on the wiki page..] --More-[590]: [591]: [592]: [593]: [594]: [595]: Polycom, Inc. US/Central US/Eastern US/East-Indiana US/Hawaii US/Indiana-Starke US/Michigan 151 [596]: [597]: [598]: [599]: [600]: [601]: [602]: Choose US/Mountain US/Pacific US/Samoa UTC WET W-SU Zulu a timezone (specify the number within []): 590 Timezone updated successfully. Use Case - Restarting Services caxis@polycom-cloudaxis: service tomcat6 restart Stopping tomcat6: [ OK ] Starting tomcat6: [ OK ] Use Case - Set System Date Time caxis@localhost: change_system_datetime Current System Date and Time: Mon Jun 24 20:27:27 UTC 2013 Do you want to change the system Date and Time? [y/n]: y Note: Timezone of the system will not be changed. Use 'change_timezone' command to change the system timezone. New System Date Time (format: Mon Jun 24 20:27:30 UTC 2013): Mon Jun 17 20:27:27 UTC 2013 System date and time set to '' successfully. caxis@localhost: change_system_datetime Current System Date and Time: Mon Jun 17 20:27:36 UTC 2013 Do you want to change the system Date and Time? [y/n]: n caxis@localhost: change_system_datetime Current System Date and Time: Mon Jun 17 20:27:43 UTC 2013 Do you want to change the system Date and Time? [y/n]: y Note: Timezone of the system will not be changed. Use 'change_timezone' command to change the system timezone. New System Date Time (format: Mon Jun 17 20:27:47 UTC 2013): Cannot apply empty date and time value. Please specify new system date and time using the format: Mon Jun 17 20:27:47 UTC 2013 and try again. caxis@localhost: Polycom, Inc. 152 Use Case - View System Network Information caxis@localhost.localdomain: show_network_info System Network Settings: DHCP Status="Enabled" HOSTNAME="localhost.localdomain" IPv4="10.250.88.117" SUBNET_MASK="255.255.252.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="dhcp" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" DNS Information: DOMAIN="polycom.com" DNS Servers: 172.21.6.161 172.21.5.204 Use Case - System Network Configuration is already set to use DHCP caxis@polycom-cloudaxis: change_network_settings System Network Settings: DHCP Status="Enabled" HOSTNAME="polycom-cloudaxis" IPv4="10.250.88.107" SUBNET_MASK="255.255.252.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="dhcp" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" DNS Information: DOMAIN="polycom.com" DNS Servers: 172.21.6.161 172.21.5.204 Do you want to disable DHCP and configure static network settings? [y/n]: n Do you want to change the DNS settings of the system? [y/n]: n Polycom, Inc. 153 Use Case - Enabling DHCP in a machine where DHCP is not enabled caxis@localhost.localdomain: change_network_settings System Network Settings: DHCP Status="Not Enabled" HOSTNAME="localhost.localdomain" IPv4="10.250.88.109" SUBNET_MASK="255.255.255.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="static" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" IPADDR=10.250.88.109 NETMASK=255.255.255.0 DNS Information: DOMAIN="polycom.com" DNS Servers: 172.21.6.161 172.21.5.204 Do you want to enable DHCP? [y/n]: y DHCP enabled successfully. Do you want to change the DNS settings of the system? [y/n]: n Do you want to restart network for the network settings changes to take effect? [y/n]: n Use Case - Configuring Static IP Address in a System where DHCP is in an 'Enabled' state caxis@localhost.localdomain: change_network_settings System Network Settings: DHCP Status="Enabled" HOSTNAME="localhost.localdomain" IPv4="10.250.88.109" SUBNET_MASK="255.255.255.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="dhcp" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" Polycom, Inc. 154 DNS Information: DOMAIN="" DNS Servers: Do you want to disable DHCP and configure static network settings? [y/n]: y Static IP Address: 10.250.88.107 Static Subnet Mask Address: 255.255.255.0 Gateway Address: 10.250.88.1 DHCP is disabled and static network settings configured successfully. Do you want to change the DNS settings of the system? [y/n]: y Search Domain: polycom.com Primay DNS Address: 172.21.6.161 Secondary DNS Address: 172.21.5.204 Do you prefer to configure the Tertiary DNS Address? [y/n]: n Updating the DNS setting in the system. Please wait ... DNS configuration updated successfully. Do you want to restart network for the network settings changes to take effect? [y/n]: y Note: You may lose connectivity if you are logged in via a SSH connection and if the IP address of the system changes as part of network restart. Restarting network interface for the DHCP changes to take effect. You may experience intermittent connectivity failure while the system network inteface is being restarted ... Shutting down interface eth0: -- Network Connectivity to 10.250.88.109 is lost here as the new IP address would have come to effect --- Connecting to new IP - 10.250.88.107 - via a SSH connection -ssh 10.250.88.107 -l caxis Warning: Permanently added '10.250.88.107' (RSA) to the list of known hosts. caxis@10.250.88.107's password: Welcome to the Polycom RealPresence CloudAxis Command Line Interface Type '?' for help caxis@localhost.localdomain: show_network_info System Network Settings: HOSTNAME="localhost.localdomain" IPv4="10.250.88.107" Polycom, Inc. 155 SUBNET_MASK="255.255.255.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="static" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" IPADDR=10.250.88.107 NETMASK=255.255.255.0 DNS Information: DOMAIN="polycom.com" DNS Servers: 172.21.6.161 172.21.5.204 Use Case - Configuring Static IP Address in a system where DHCP is in a 'Disabled' state caxis@localhost.localdomain: change_network_settings System Network Settings: DHCP Status="Not Enabled" HOSTNAME="localhost.localdomain" IPv4="10.250.88.109" SUBNET_MASK="255.255.255.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="static" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" DNS Information: DOMAIN="" DNS Servers: Do you want to enable DHCP? [y/n]: n Do you want to update the static network settings? [y/n]: y Static IP Address: 10.250.88.107 Static Subnet Mask Address: 255.255.255.0 Gateway Address: 10.250.88.1 DHCP is disabled and static network settings configured successfully. Do you want to change the DNS settings of the system? [y/n]: y Search Domain: polycom.com Polycom, Inc. 156 Primay DNS Address: 172.21.6.161 Secondary DNS Address: 172.21.5.204 Do you prefer to configure the Tertiary DNS Address? [y/n]: n Updating the DNS setting in the system. Please wait ... DNS configuration updated successfully. Do you want to restart network for the network settings changes to take effect? [y/n]: y Note: You may lose connectivity if you are logged in via a SSH connection and if the IP address of the system changes as part of network restart. Restarting network interface for the DHCP changes to take effect. You may experience intermittent connectivity failure while the system network inteface is being restarted ... Shutting down interface eth0: -- Network Connectivity to 10.250.88.109 is lost here as the new IP address would have come to effect --- Connecting to new IP - 10.250.88.107 - via a SSH connection -ssh 10.250.88.107 -l caxis Warning: Permanently added '10.250.88.107' (RSA) to the list of known hosts. caxis@10.250.88.107's password: Welcome to the Polycom RealPresence CloudAxis Command Line Interface Type '?' for help caxis@localhost.localdomain: show_network_info System Network Settings: HOSTNAME="localhost.localdomain" IPv4="10.250.88.107" SUBNET_MASK="255.255.255.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="static" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" IPADDR=10.250.88.107 NETMASK=255.255.255.0 DNS Information: DOMAIN="polycom.com" DNS Servers: Polycom, Inc. 157 172.21.6.161 172.21.5.204 Use Case - Configuring Static IP Address in a system where DHCP is in a 'Disabled' state with the currently assigned IP address caxis@localhost.localdomain: change_network_settings System Network Settings: DHCP Status="Not Enabled" HOSTNAME="localhost.localdomain" IPv4="10.250.88.109" SUBNET_MASK="255.255.255.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="static" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" DNS Information: DOMAIN="" DNS Servers: Do you want to enable DHCP? [y/n]: n Do you want to update the static network settings? [y/n]: y Static IP Address: 10.250.88.109 10.250.88.109 is pingable. Not recommended for use as it may cause a conflict. Do you still prefer to use the same IP? [y/n]: n Please use an unused IP. Network settings are partially configured. Please try again. Static IP Address: 10.250.88.109 10.250.88.109 is pingable. Not recommended for use as it may cause a conflict. Do you still prefer to use the same IP? [y/n]: y Static Subnet Mask Address: 255.255.255.0 Gateway Address: 10.250.88.1 DHCP is disabled and static network settings configured successfully. Do you want to change the DNS settings of the system? [y/n]: y Search Domain: polycom.com Polycom, Inc. 158 Primay DNS Address: 172.21.6.161 Secondary DNS Address: 172.21.5.204 Do you prefer to configure the Tertiary DNS Address? [y/n]: n Updating the DNS setting in the system. Please wait ... DNS configuration updated successfully. Do you want to restart network for the network settings changes to take effect? [y/n]: y Note: You may loose connectivity if you are logged in via a SSH connection and if the IP address of the system changes as part of network restart. Restarting network interface for the DHCP changes to take effect. You may experience intermittent connectivity failure while the system network inteface is being restarted ... Shutting down interface eth0: -- Network Connectivity to 10.250.88.109 is lost here as the new IP address would have come to effect --- Connecting to new IP - 10.250.88.109 - via a SSH connection -ssh 10.250.88.109 -l caxis Warning: Permanently added '10.250.88.109' (RSA) to the list of known hosts. caxis@10.250.88.109's password: Welcome to the Polycom RealPresence CloudAxis Command Line Interface Type '?' for help caxis@localhost.localdomain: show_network_info System Network Settings: HOSTNAME="localhost.localdomain" IPv4="10.250.88.109" SUBNET_MASK="255.255.255.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="static" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" IPADDR=10.250.88.107 NETMASK=255.255.255.0 DNS Information: DOMAIN="polycom.com" DNS Servers: Polycom, Inc. 159 172.21.6.161 172.21.5.204 Use Case - Attempting to configure manual DNS settings while DHCP is enabled in the system caxis@polycom-cloudaxis: change_network_settings System Network Settings: DHCP Status="Enabled" HOSTNAME="polycom-cloudaxis" IPv4="10.250.88.107" SUBNET_MASK="255.255.252.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="dhcp" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" DNS Information: DOMAIN="polycom.com" DNS Servers: 172.21.6.161 172.21.5.204 Do you want to disable DHCP and configure static network settings? [y/n]: n Do you want to change the DNS settings of the system? [y/n]: y Found that DHCP is enabled in the system. The DHCP client may overwrite your changes during network restart or system reboot. Changing system DNS configuration change is not supported in this stage. Please 'disable' DHCP and try again. Use Case - Using invalid network values [root@polycom-cloudaxis caxis]# bash /opt/polycom/caxis/restrictedshell/utils/network/change_network_settings -logfile /tmp/log System Network Settings: DHCP Status="Enabled" HOSTNAME="polycom-cloudaxis" IPv4="10.250.88.107" SUBNET_MASK="255.255.252.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="dhcp" Polycom, Inc. 160 NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" DNS Information: DOMAIN="polycom.com" DNS Servers: 172.21.6.161 172.21.5.204 Do you want to disable DHCP and configure static network settings? [y/n]: y Static IP Address: 1234.5.6.7 Invalid IP address - 1234.5.6.7. Please specify a valid one. Static IP Address: 10.250.88.108 Static Subnet Mask Address: 700.800.900.0 Invalid Subnet Mask Address - 700.800.900.0. Please specify a valid one. Static Subnet Mask Address: 255.255.255.0 Gateway Address: 10.250.88.1 DHCP is disabled and static network settings configured successfully. Restarting network interface for the DHCP changes to take effect. You may experience intermittent connectivity failure while the system network inteface is being restarted ... Shutting down interface eth0: -- Connectivity will be lost here if you are using the machine via a SSH connection as the IP address would have changed -- Use Case - Using an IP that is already assigned to a machine in the same network caxis@localhost.localdomain: change_network_settings System Network Settings: DHCP Status="Enabled" HOSTNAME="localhost.localdomain" IPv4="10.250.88.117" SUBNET_MASK="255.255.252.0" DEFAULT_GATEWAY="10.250.88.1" DEVICE="eth0" BOOTPROTO="dhcp" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" Polycom, Inc. 161 DNS Information: DOMAIN="polycom.com" DNS Servers: 172.21.6.161 172.21.5.204 Do you want to disable DHCP and configure static network settings? [y/n]: y Static IP Address: 10.250.88.117 10.250.88.117 is pingable. Cannot use it as it would may cause conflicts. Please use a non-used IP. Network settings are partially configured. Please try again. Static IP Address: 10.250.88.197 .... Use Case - Reboot System caxis@polycom-cloudaxis: reboot Broadcast message from root@polycom-cloudaxis (/dev/pts/0) at 12:50 ... The system is going down for reboot NOW! Use Case - Exit Restricted Shell caxis@polycom-cloudaxis: exit Use Case - Login Timeout: caxis@localhost.localdomain: Timeout. Logging off user. Polycom, Inc. 162 E: Third-Party Software This chapter provides the copyright statements for third-party software products that have been incorporated into the Polycom® RealPresence® CloudAXIS™ Suite application distribution. Table 2: Third-Party Software Product License Location CentOS CentOS Nginx Nginx Node js Node js CentOS GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program Polycom, Inc. 163 or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. Polycom, Inc. 164 If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM Polycom, Inc. 165 AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. One line to give the program's name and an idea of what it does. Copyright (C) yyyy name of author This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. signature of Ty Coon, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. Nginx Copyright Joyent, Inc. and other Node contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR Polycom, Inc. 166 PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ==== This license applies to all parts of Node that are not externally maintained libraries. The externally maintained libraries used by Node are: - V8, located at deps/v8. V8's license follows: """ This license applies to all parts of V8 that are not externally maintained libraries. The externally maintained libraries used by V8 are: - PCRE test suite, located in test/mjsunit/third_party/regexp-pcre.js. This is based on the test suite from PCRE-7.3, which is copyrighted by the University of Cambridge and Google, Inc. The copyright notice and license are embedded in regexp-pcre.js. - Layout tests, located in test/mjsunit/third_party. These are based on layout tests from webkit.org which are copyrighted by Apple Computer, Inc. and released under a 3-clause BSD license. - Strongtalk assembler, the basis of the files assembler-arm-inl.h, assembler-arm.cc, assembler-arm.h, assembleria32-inl.h, assembler-ia32.cc, assembler-ia32.h, assembler-x64-inl.h, assembler-x64.cc, assembler-x64.h, assembler-mips-inl.h, assembler-mips.cc, assembler-mips.h, assembler.cc and assembler.h. This code is copyrighted by Sun Microsystems Inc. and released under a 3-clause BSD license. - Valgrind client API header, located at third_party/valgrind/valgrind.h This is release under the BSD license. These libraries have their own licenses; we recommend you read them, as their terms may differ from the terms below. Copyright 2006-2012, the V8 project authors. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - C-Ares, an asynchronous DNS client, located at deps/cares. C-Ares licensefollows: """ Copyright 1998 by the Massachusetts Institute of Technology. Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. M.I.T. makes no representations about the suitability of this software for any purpose. It is provided "as is"without express or implied warranty. """ - OpenSSL located at deps/openssl. OpenSSL is cryptographic software writtenby Eric Young (eay@cryptsoft.com) to provide SSL/TLS encryption. OpenSSL's license follows: Polycom, Inc. 167 """ ==================================================================== Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact openssl-core@openssl.org. 5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names without prior written permission of the OpenSSL Project. 6. Redistributions of any form whatsoever must retain the following acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ==================================================================== This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com). """ HTTP Parser, located at deps/http_parser. HTTP Parser's license follows: """ http_parser.c is based on src/http/ngx_http_parse.c from NGINX copyright Igor Sysoev. Additional changes are licensed under the same terms as NGINX and copyright Joyent, Inc. and other Node contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ - Closure Linter is located at tools/closure_linter. Closure's license follows: """ Copyright (c) 2007, Google Inc. All rights reserved. Polycom, Inc. 168 Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - tools/cpplint.py is a C++ linter. Its license follows: """ Copyright (c) 2009 Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - lib/punycode.js is copyright 2011 Mathias Bynens http://mathiasbynens.be/ and released under the MIT license. """ * Punycode.js <http://mths.be/punycode> * Copyright 2011 Mathias Bynens <http://mathiasbynens.be/> * Available under MIT license <http://mths.be/mit> """ - tools/gyp. GYP is a meta-build system. GYP's license follows: """ Copyright (c) 2009 Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Polycom, Inc. 169 * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - Zlib at deps/zlib. zlib's license follows: """ zlib.h -- interface of the 'zlib' general purpose compression library version 1.2.4, March 14th, 2010 Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. 2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution. Jean-loup Gailly Mark Adler """ - npm is a package manager program located at deps/npm. npm's license follows: """ Copyright 2009-2012, Isaac Z. Schlueter (the "Original Author") All rights reserved. MIT +no-false-attribs License Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. Distributions of all or part of the Software intended to be used by the recipients as they would use the unmodified Software, containing modifications that substantially alter, remove, or disable functionality of the Software, outside of the documented configuration mechanisms provided by the Software, shall be modified such that the Original Author's bug reporting email addresses and urls are either replaced with the contact information of the parties responsible for the changes, or removed entirely. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Polycom, Inc. 170 Except where noted, this license applies to any and all software programs and associated documentation files created by the Original Author, when distributed with the Software. "Node.js" and "node" trademark Joyent, Inc. npm is not officially part of the Node.js project, and is neither owned by nor officially affiliated with Joyent, Inc. Packages published in the npm registry are not part of npm itself, are the sole property of their respective maintainers, and are not covered by this license. "npm Logo" created by Mathias Pettersson and Brian Hammond, used with permission. "Gubblebum Blocky" font Copyright (c) 2007 by Tjarda Koster, http://jelloween.deviantart.com included for use in the npm website and documentation, used with permission. This program uses "node-uuid", Copyright (c) 2010 Robert Kieffer, according to the terms of the MIT license. This program uses "request", Copyright (c) 2011 Mikeal Rogers, according to the terms of the Apache license. This program uses "mkdirp", Copyright (c) 2010 James Halliday, according to the terms of the MIT/X11 license. """ - tools/doc/node_modules/marked. Marked is a Markdown parser. Marked's license follows: """ Copyright (c) 2011-2012, Christopher Jeffrey (https://github.com/chjj/) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ - test/gc/node_modules/weak. Node-weak is a node.js addon that provides garbage collector notifications. Nodeweak's license follows: """ Copyright (c) 2011, Ben Noordhuis <info@bnoordhuis.nl> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. """ - src/ngx-queue.h. ngx-queue.h is taken from the nginx source tree. nginx's license follows: """ Copyright (C) 2002-2012 Igor Sysoev Copyright (C) 2011,2012 Nginx, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Polycom, Inc. 171 THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - wrk is located at tools/wrk. wrk's license follows: """ Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of Polycom, Inc. 172 their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, providedthat such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS Polycom, Inc. 173 Node js Copyright Joyent, Inc. and other Node contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ==== This license applies to all parts of Node that are not externally maintained libraries. The externally maintained libraries used by Node are: - V8, located at deps/v8. V8's license follows: """ This license applies to all parts of V8 that are not externally maintained libraries.The externally maintained libraries used by V8 are: - PCRE test suite, located in test/mjsunit/third_party/regexp-pcre.js.This is based on the test suite from PCRE-7.3, which is copyrighted by the University of Cambridge and Google, Inc.The copyright notice and license are embedded in regexp-pcre.js. - Layout tests, located in test/mjsunit/third_party.These are based on layout tests from webkit.org which are copyrighted by Apple Computer, Inc. and released under a 3-clause BSD license. - Strongtalk assembler, the basis of the files assembler-arm-inl.h, assembler-arm.cc, assembler-arm.h, assembleria32-inl.h, assembler-ia32.cc, assembler-ia32.h, assembler-x64-inl.h,assembler-x64.cc, assembler-x64.h, assembler-mips-inl.h, assembler-mips.cc, assembler-mips.h, assembler.cc and assembler.h. This code is copyrighted by Sun Microsystems Inc. and released under a 3-clause BSD license. - Valgrind client API header, located at third_party/valgrind/valgrind.h This release is under the BSD license. These libraries have their own licenses; we recommend you read them as their terms may differ from the terms below. Copyright 2006-2012, the V8 project authors. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - C-Ares, an asynchronous DNS client, located at deps/cares. C-Ares license follows: """ Polycom, Inc. 174 Copyright 1998 by the Massachusetts Institute of Technology. * Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. * M.I.T. makes no representations about the suitability of * this software for any purpose.It is provided "as is" without express or implied warranty. """ - OpenSSL located at deps/openssl. OpenSSL is cryptographic software written by Eric Young (eay@cryptsoft.com) to provide SSL/TLS encryption. OpenSSL's license follows: """ ==================================================================== Copyright (c) 1998-2011 The OpenSSL Project.All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgment: "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact openssl-core@openssl.org. 5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names without prior written permission of the OpenSSL Project. 6. Redistributions of any form whatsoever must retain the following acknowledgment: "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ==================================================================== This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).This product includes software written by Tim Hudson (tjh@cryptsoft.com). """ - HTTP Parser, located at deps/http_parser. HTTP Parser's license follows: """ http_parser.c is based on src/http/ngx_http_parse.c from NGINX copyright Igor Sysoev. Additional changes are licensed under the same terms as NGINX and copyright Joyent, Inc. and other Node contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE Polycom, Inc. 175 LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ - Closure Linter is located at tools/closure_linter. Closure's license follows: """ Copyright (c) 2007, Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - tools/cpplint.py is a C++ linter. Its license follows: """ Copyright (c) 2009 Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - lib/punycode.js is copyright 2011 Mathias Bynens http://mathiasbynens.be/ and released under the MIT license. """ Punycode.js <http://mths.be/punycode> Copyright 2011 Mathias Bynens <http://mathiasbynens.be/> Available under MIT license <http://mths.be/mit> """ - tools/gyp. GYP is a meta-build system. GYP's license follows: Polycom, Inc. 176 """ Copyright (c) 2009 Google Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - Zlib at deps/zlib. zlib's license follows: """ zlib.h -- interface of the 'zlib' general purpose compression library version 1.2.4, March 14th, 2010 Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty.In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. 2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution. Jean-loup Gailly Mark Adler """ - npm is a package manager program located at deps/npm. npm's license follows: """ Copyright 2009-2012, Isaac Z. Schlueter (the "Original Author") All rights reserved. MIT +no-false-attribs License Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. Distributions of all or part of the Software intended to be used by the recipients as they would use the unmodified Software, containing modifications that substantially alter, remove, or disable functionality of the Software, outside of the documented configuration mechanisms provided by the Software, shall be modified such that the Original Author's bug reporting email addresses and urls are either replaced with the contact information of the parties responsible for the changes, or removed entirely. Polycom, Inc. 177 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Except where noted, this license applies to any and all software programs and associated documentation files created by the Original Author, when distributed with the Software. "Node.js" and "node" trademark Joyent, Inc. npm is not officially part of the Node.js project, and is neither owned by nor officially affiliated with Joyent, Inc. Packages published in the npm registry are not part of npm itself, are the sole property of their respective maintainers, and are not covered by this license. "npm Logo" created by Mathias Pettersson and Brian Hammond, used with permission. "Gubblebum Blocky" font Copyright (c) 2007 by Tjarda Koster, http://jelloween.deviantart.com included for use in the npm website and documentation, used with permission. This program uses "node-uuid", Copyright (c) 2010 Robert Kieffer, according to the terms of the MIT license. This program uses "request", Copyright (c) 2011 Mikeal Rogers, according to the terms of the Apache license. This program uses "mkdirp",Copyright (c) 2010 James Halliday, according to the terms of the MIT/X11 license. """ - tools/doc/node_modules/marked. Marked is a Markdown parser. Marked's license follows: """ Copyright (c) 2011-2012, Christopher Jeffrey (https://github.com/chjj/) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ - test/gc/node_modules/weak. Node-weak is a node.js addon that provides garbage collector notifications. Nodeweak's license follows: """ Copyright (c) 2011, Ben Noordhuis <info@bnoordhuis.nl> Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. """ - src/ngx-queue.h. ngx-queue.h is taken from the nginx source tree. nginx's license follows: """ Copyright (C) 2002-2012 Igor Sysoev Copyright (C) 2011,2012 Nginx, Inc. Polycom, Inc. 178 Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ - wrk is located at tools/wrk. wrk's license follows: """ Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Polycom, Inc. 179 Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent noticesstating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. Polycom, Inc. 180 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS Polycom, Inc. 181