Cisco WebEx Connect
Transcription
Cisco WebEx Connect
Cisco WebEx Connect Administrator’s Guide Copyright WebEx Communications, Inc. reserves the right to make changes in the information contained in this publication without prior notice. The reader should in all cases consult WebEx Communications, Inc. to determine whether any such changes have been made. © 1997-2009. WebEx Communications, Inc. All Rights Reserved. WEBEX and the WEBEX LOGO are trademarks or registered trademarks of WebEx Communications, Inc. in the United States and other countries. Other product or brand names are trademarks or registered trademarks of their respective owners. U.S. Government End User Purchasers. The Documentation and related Services qualify as "commercial items," as that term is defined at Federal Acquisition Regulation ("FAR") (48 C.F.R.) 2.101. Consistent with FAR 12.212 and DoD FAR Supp. 227.7202-1 through 227.7202-4, and notwithstanding any other FAR or other contractual clause to the contrary in any agreement into which the Agreement may be incorporated, Customer may provide to Government end user or, if the Agreement is direct, Government end user will acquire, the Services and Documentation with only those rights set forth in the Agreement. Use of either the Services or Documentation or both constitutes agreement by the Government that the Services and Documentation are commercial items and constitutes acceptance of the rights and restrictions herein. UNPUBLISHED - RIGHTS RESERVED UNDER THE COPYRIGHTS LAW OF THE UNITED STATES. USE OF A COPYRIGHT NOTICE IS PRECAUTIONARY ONLY AND DOES NOT IMPLY PUBLICATION OR DISCLOSURE. OTHER BRANDS AND PRODUCTS ARE TRADEMARKS OR REGISTERED TRADEMARKS OF THEIR RESPECTIVE HOLDERS. RESTRICTED RIGHTS LEGEND. USE, DUPLICATION, OR DISCLOSURE BY THE GOVERNMENT IS SUBJECT TO RESTRICTIONS AS SET FORTH IN SUBPARAGRAPH (C) (1) (ii) OF THE RIGHTS IN TECHNICAL DATA AND COMPUTER SOFTWARE CLAUSE AT DFARS 252.227-7013, RIGHTS IN TECHNICAL DATA AND COMPUTER SOFTWARE (OCTOBER 1988). Version: 6/8/09 WebEx Communications, Inc. 3979 Freedom Circle Santa Clara, CA 95054 URL: www.webex.com Chapter 1 Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Client Site and Desktop Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Network Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 Capacity and Bandwidth Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 Bandwidth Requirement —P2P . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Bandwidth Requirement —With Server Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 WebEx Connect Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Advanced Auditor Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 IM Client Proxy Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Public IM Domain Names and URLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Cisco WebEx Connect Integration with Other Instant Messagers . . . . . . . . . . . . . . . 6 Communicating with LCS and Sametime Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 DNS Entry Format for Federating with Microsoft LCS . . . . . . . . . . . . . . . . . . . . . . .7 DNS Entry Format for all other Instant Messengers . . . . . . . . . . . . . . . . . . . . . . . . .7 Cisco WebEx Connect Admin Console Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 Logging in with Spaces Enabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 Logging in with Spaces Disabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Administrative Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Chapter 2 Adding Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Adding Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Searching Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Adding individual users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Importing multiple users from a CSV file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Editing users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Adding Users with Single Sign-on and Directory Integration Enabled . . . . . . . . . . . . . 16 i Assigning Spaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16 Adding Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17 Assigning the Org Administrator Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17 Group Administrator Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18 Adding groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 Editing groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Deleting groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 Cisco WebEx Connect Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 Default Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Chapter 3 Configuring Cisco WebEx Connect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Configuring Cisco WebEx Connect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23 Notifications, Emails, and Alert Templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27 Email Templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Premium Services Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 Calendar Application Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31 Migrating Cisco WebEx Connect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32 Chapter 4 Getting started with Cisco Unified Communications Manager for Click to Call . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35 Cisco Unified Communications Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36 Setup tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36 Configuring Cisco Unified IP Phones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 Adding a directory number to the phone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37 Configuring Cisco Unified Communications Manager for Click to Call . . . . . . . . . . . . . .38 ii Activating Cisco WebDialer on Cisco Unified Communications Manager. . . . . . . 39 Verifying the CTI Manager is running on Cisco Unified Communications Manager 39 Verifying the CCMCIP Service is running on Cisco Unified Communications Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 Verifying the correct phone devices are associated with the user. . . . . . . . . . . . . . 40 How to configure application dial rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Sample Application Dial Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Configuring Cisco WebDialer to automatically use application dial rules on Cisco Unified Communications Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Click to Call log files and configuration files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Click to Call Log Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Error Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Known Issues. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 Chapter 5 Using the Policy Editor to Define and Apply Policies . . . . . . . . . . . . . . . . . 49 Understanding policies and policy actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Defining & applying policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 About the Policy Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Adding Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Using Policy Actions Available in Cisco WebEx Connect . . . . . . . . . . . . . . . . . . . . . . . 52 About Encryption Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Adding actions to a policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 Applying policies to groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Chapter 6 Single Sign On and Directory Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Single Sign-on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 iii Single Sign-On Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Single Sign-On Configuration of the Admin Console . . . . . . . . . . . . . . . . . . . . . . . . . 64 Example for Installing Cisco WebEx Connect Client for SSO . . . . . . . . . . . . . . . . . . . 66 Using Single Sign-on integrated with Meeting Center . . . . . . . . . . . . . . . . . . . . . . . . 66 System Requirements for SSO and Meeting Center integration . . . . . . . . . . .67 Directory Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68 Directory Integration Import Process and File Formats . . . . . . . . . . . . . . . . . . . . . . . . . . . .69 User File Formats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 User file name format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69 User file format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69 Group File Formats. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 Group file name format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70 Group file format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70 Group Records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 Child Group Records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 Group Member Records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 User Inactivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 User inactivation file name format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72 Group Deletion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 Group Deletion file name format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72 Group Deletion file format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72 Chapter 7 Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 Cisco WebEx Connect Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73 Usage Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 User Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 iv Storage Consumption Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Generating Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Chapter 8 CSV File Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 CSV Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 CSV File Import Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 Sample CSV file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 Chapter 9 Library Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Adding Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Copying applications to a library . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Approving request to add application to public library . . . . . . . . . . . . . . . . . . . . . . . 81 Removing applications from a library . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 Restoring applications to a library . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Chapter 10 Cisco WebEx Connect Command-line Parameters . . . . . . . . . . . . . . . . . . 85 Command-line Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 v vi 1 Getting Started The Cisco WebEx Connect Admin Console enables administrators to monitor, manage, control, and enhance user access to Cisco WebEx Connect. This section includes a summary of tasks to quickly get started using the Cisco WebEx Connect Admin Console. For more detailed instructions, refer to the chapters in the rest of the document. For more information on using the Cisco WebEx Connect product, refer to the Cisco WebEx Connect Help. A Cisco WebEx Connect organization administrator can perform the following functions using the Cisco WebEx Connect Admin Console: Create new users Edit user properties Configure Cisco WebEx Connect settings for users Client Site and Desktop Requirements The following are the minimum and recommended desktop requirements to install and run the Cisco WebEx Connect Client. Platform Windows: Pentium processor running Windows XP Professional Service Pack 2 or Vista Hardware Intel Celeron CPU 2.40 GHz, 512 MB Memory Disk Space 60 MB free hard drive space (100 MB of temporary space for the installation) Browser Internet Explorer 7.0 or later, Mozilla Firefox 2.0 or later Internet Connection Internet connection that allows full Internet usage (not just a free email service). Minimum requirement: Dial-up 56 kbps. Recommended: Broadband connection. 1 Chapter 1: Getting Started Platform Windows: Pentium processor running Windows XP Professional Service Pack 2 or Vista Hardware Intel Celeron CPU 2.40 GHz, 512 MB Memory Email Program Microsoft Outlook 2000 SP4 or later, Microsoft Outlook Express, or Microsoft Outlook 2007 Audio Full duplex sound card and a headset Video At least 1.8 GHz CPU, 800x600 resolution, 256 colors or more, and a webcam Network Requirements The following are the Network requirements to access the Cisco WebEx Connect Service. The Client PC must have Internet connectivity and be able to connect to the following hosts and ports: Type of Connection Host Name Port Cisco WebEx Connect IM—Secure SSL connection slogin.oscar.aol.com 443 Cisco WebEx Connect Client configuration service (see note) https://aimpro.premiumservices.aol.com/cc/ClientCo 80 or 443 nfigurationWS.jws Cisco WebEx Connect VoIP/Video avsglobal.webex.com 80 or 443 Cisco WebEx Connect Desktop Sharing aimprods01.webex.com 80 or 443 Cisco WebEx Connect Premium service components.premiumservices.aol.com 80 or 443 aimpro.premiumservices.aol.com radaol-prod-web-rr.streamops.aol.com Note Cisco WebEx Connect Client uses the Web Proxy information configured in Internet Explorer to access the client configuration service. If the proxy in the customer network is an authenticated proxy, the proxy will be appropriately configured to allow access to this URL without requiring any authentication. Additionally, ensure that you allow access to all URLs that have webexconnect.com and webex.com in them. 2 Chapter 1: Getting Started Capacity and Bandwidth Requirements The following are the recommended bandwidth requirements for the Video sessions initiated from the Cisco WebEx Connect Client: Bandwidth Requirement —P2P Resolution Maximum Frame Rate (fps) Minimum Bandwidth (kbps) Maximum Bandwidth (kbps) QVGA(320X240) 15 35-80 250-300 QCIF(176X144) 15 30-60 150-200 Bandwidth Requirement —With Server Proxy Resolution Maximum Frame Rate (fps) Minimum Bandwidth (kbps) Maximum Bandwidth (kbps) QVGA(320X240) 10 25-70 160 QCIF(176X144) 10 20-50 90 Note The bandwidth matrix is intended as a guideline. Additional bandwidth might be required based on your usage. WebEx Connect Settings The following settings are required for Cisco WebEx Connect, including the type of connection, host name, port, and IP addresses. 3 Chapter 1: Getting Started Type of Connection Host name Port IM Service slogin.oscar.aol.com 443 VoIP/Video avsglobal.webex.com 80 and 443 Desktop Sharing aimprods01.webex.com 80 and 443 Premium service components.premiumservices.aol.com 80 and 443 aimpro.premiumservices.aol.com radaol-prod-web-rr.streamops.aol.com Connect Platform Swapi.webexconnect.com dms.webexconnect.com 80 and 443 User Registration and Market Place Marketplace.webex.com 80 and 443 Shortcut Redirect URLs, Downloads & Documentation URLs WebEx services www.webex.com 80 and 443 Incoming E-mails To receive automatic Username & Passwords, set your SPAM Filter to allow emails from mda.webex.com. Connect IP Addresses 66.163.32.0 – 66.163.63.255 209.197.192.0 - 209.197.223.255 AOL Network Range 205.188.0.0 – 205.188.255.255 64.12.0.0 – 64.12.255.255 80, 443, and 5190 Advanced Auditor Options The following settings are required for Advanced Auditor, including the type of connection, host name, and port Type of Connection Host name Port IM Service with Auditor Option slogin.webexaimpro.com 5191 Advanced Auditor admin Console https://<companyid>.webexaimpro.com 8443 WebEx AIM Pro - Secure SSL connections slogin.webexaimpro.com 5191 WebEx AIM Pro - Non-secure connections login.webexaimpro.com 5190 The Advanced Auditor Solution can also be used to manage and audit the traffic from/to public IM clients (Yahoo, MSN and/or GoogleTalk). IMA can be set to monitor/manage the public IM traffic in one of the two ways: 4 Configuring the public IM clients with the proxy address provided by WebEx Communications Inc. Configuring the DNS server to redirect the URLs used by public IM clients to WebEx IM A servers. Chapter 1: Getting Started IM Client Proxy Addresses Following table lists the proxy addresses for different IM clients. The firewalls need to be setup appropriately to allow public IM clients to access the proxy addresses. Type of Connection Host name Port Yahoo IM proxy.webexaimpro.com 1080 MSN Messenger proxy.webexaimpro.com 1080 GoogleTalk proxy.webexaimpro.com 1080 AIM proxy.webexaimpro.com 1080 (Note: AIM 6.1 does not allow proxy to be configured) Public IM Domain Names and URLs Following table lists the public IM domain names and the corresponding WebEx URLs. The DNS should be configured to redirect the public IM domain names to the URLs specified. The firewalls need to be setup appropriately to allow connectivity to the WebEx IMA addresses. Public IM Domain Name WebEx IMA domain names Port scs.msg.yahoo.com proxy.webexaimpro.com 5050 proxy.webexaimpro.com 1863 talk.google.com proxy.webexaimpro.com 5222, 5223 login.oscar.aol.com login.webexaimpro.com 5190 relay.msg.yahoo.com scsa.msg.yahoo.com scsb.msg.yahoo.com scsc.msg.yahoo.com scsd.msg.yahoo.com messenger.hotmail.com messenger.msn.com gateway.messenger.hotmail.com Note AIM 6.1 is not supported. Note Public IM clients such as Yahoo! Messenger and MSN are designed to evade the common firewall and proxy controls used by enterprises. For Advanced Auditor solution to monitor the traffic from/to public IM clients, it is required that any direct connectivity between the public IM clients and the public IM cloud be prevented. 5 Chapter 1: Getting Started Refer to the Facetime documentation on the latest information on IP addresses, URLs, and Ports that need to be denied access to block direct communication between public IM clients and the public IM cloud. Cisco WebEx Connect Integration with Other Instant Messagers Cisco WebEx Connect can federate with users of many leading Instant Messengers, including Jabber, IBM Lotus Sametime, and Microsoft Live Communications Server (LCS). Communicating with LCS and Sametime Users The following prerequisites are necessary so that third party Instant Messaging solutions, such as Microsoft Live Communications Server (LCS), Office Communications Server (OCS), and IBM Lotus Sametime work properly with Cisco WebEx Connect: The third party Instant Messaging solution must have federation with AIM network enabled. Connectivity between the third party Instant Messaging solution and AIM network has to be established through respective vendors of the third party solution. Intra-Company Federation (users who want to use the third party Instant Messaging solution and Cisco WebEx Connect) requires the use of different domain names for the two Instant Messaging solutions. Cisco WebEx Connect administrators need to make the following DNS changes in their domain to enable federation with the third party Instant Messaging solutions. Note IBM Lotus Sametime does not use any DNS / SRV capabilities to enable or disable instant messaging services for AIM connectivity. The federation with AOL is managed through local Sametime configuration. For more information about configuring Sametime, refer to IBM Sametime documentation. 6 Chapter 1: Getting Started DNS Entry Format for Federating with Microsoft LCS The federation between Microsoft LCS/OCS and AOL can be enabled through DNS or through local LCS/OCS configuration. For more information on configuring LCS/OCS, refer to Microsoft LCS/OCS documentation. If the LCS/OCS deployment has AOL federation enabled through DNS, create the DNS entry in the following format: _SIPFederationTLS._TCP.connectcustomer.com. 3600 IN SRV 0 1 5061 sip.oscar.aol.com (replace connectcustomer with your organization’s domain name). DNS Entry Format for all other Instant Messengers The format for all other supported third party solutions is: _sips._tcp.connectcustomer.com. 3600 IN SRV 0 1 5061 sip.oscar.aol.com (replace connectcustomer with your organization’s domain name). After the prerequisites are complete, Cisco WebEx Connect users can add the LCS or Sametime contacts with their screen name, just like any other contact and can begin exchanging IM conversations. Note Due to the DNS caching in the internet, changes to DNS settings can take a few hours (in some cases, up to 72 hours) to take effect. Note The domain name used by the enterprise system and the domain name used by Cisco WebEx Connect cannot be the same. 7 Chapter 1: Getting Started Cisco WebEx Connect Admin Console Setup You can access Cisco WebEx Connect administrative functionality the first time using the steps below. If you have Spaces disabled, see “Logging in with Spaces Disabled” on page 10. Logging in with Spaces Enabled To access to Cisco WebEx Connect administrative functionality the first time you log in, follow these steps: 1 Check your inbox for email from WebEx. The email is sent to the email address designated as the implementation contact when ordering the service. If you do not see the email from webex.com check your spam filter or contact WebEx Support. 2 Click on the URL in the email to reset the password. 3 Click on the URL in the email to download the latest Cisco WebEx Connect client. 4 Install and start Cisco WebEx Connect. 5 Log in using the email address and password from the initial account setup. 6 Click on the Spaces icon and then click on MyWebEx. 8 Chapter 1: Getting Started 7 Click on the Administrative Tools tab to enter the Cisco WebEx Connect Admin Console. For more information on using Cisco WebEx Connect, refer to the Cisco WebEx Connect Help. The following buttons appear on the User tab: Button Description Add User Add users on the User tab, one at a time. Edit User Open the Edit User dialog box to edit users. Import Users Import users from a CSV file. From the Administrative Tools tab, you can then: Customize emails you send to new Cisco WebEx Connect users and when users invite others to join Cisco WebEx Connect Team Spaces. For more information on customizing email templates, see “Notifications, Emails, and Alert Templates” on page 27. Add new Cisco WebEx Connect users from the User tab. Assign Roles and Groups to users. For more information on adding users, see “Adding individual users” on page 13. Configure Cisco WebEx Connect for users from the Configuration tab. For more information on configuring Cisco WebEx Connect, see “Configuring Cisco WebEx Connect” on page 23. 9 Chapter 1: Getting Started Use the Import Users button on the User tab to importing user information from a CSV (comma separated value) file. For more information on importing users, guidelines for formatting CSV files, and a sample CSV, see “CSV File Format” on page 77. For more information on importing users, see “CSV File Format” on page 77. Note For additional information and documentation, click on the About tab. Logging in with Spaces Disabled If you have Spaces disabled, you can access the Cisco WebEx Connect Admin Console by accessing this URL: http://www.webex.com/go/connectadmin Note Customers with Single Sign-On or Directory Integration enabled need to contact Cisco WebEx representative for assistance in getting started with launching Cisco WebEx Connect Admin Console. Administrative Tools The following tabs are available in the Cisco WebEx Connect Administrative Tools: 10 Tab Description User Add user information. Configuration Configure settings for users. Policy Editor Set policies and rules for users. Group Assign users to groups and assign group policies. Report View usage reports on users. About View Cisco WebEx Connect documentation and version. 2 Adding Users The User tab enables you to view, edit, and create, groups, users, and roles for any applications running on the Cisco WebEx Connect users. From the User tab, you can: Add users Import users from a CSV file Assign users to Groups Add new Groups Assign Roles to users Adding Users You can search for, create, and edit users, and assign groups and roles to users. The Org Administrator role can only be assigned to users who are members of the top level group. A top level group, with the name of the organization provided at the time of provisioning. The name of the top level group begins with the name of the organization. In addition to manually adding and editing users and groups, the process is different for adding and editing users when SSO and directory integration is enabled. For more information on configuration, see “Single Sign On and Directory Integration” on page 63. For more information on adding users with SSO and Directory Integration enabled, see “Adding Users with Single Sign-on and Directory Integration Enabled” on page 16. Note When you add a new user, it is mandatory to type a Screen Name for the user. In addition, the user’s Screen Name must be the user’s email address. 11 Chapter 2: Adding Users Searching Users By default, the User tab shows each user’s name, their email address, the primary group to which they belong and the assigned roles. The search field is case-sensitive. As an administrator you may have hundreds of users in your organization. If you want to view or change the details of one particular user, you want to be able to find that user easily. The Cisco WebEx Connect Admin Console has a filter and search feature that allows you to limit the number of user records showing at any one time or search for a specific entry. To search for users: 1 Click the Search arrow to the left of the search field to display the dropdown list search criteria. Choose to search by email, first name, last name, or group name from the dropdown list. 2 Enter at least the first three letters of the search criteria into the search field, except for Search by Org Admin, which does not require a search string. 3 Select Page Size for the number of users to display per page. 4 Click the search button to the right of the search criteria. Cisco WebEx Connect Admin Console displays the records that match the search criteria. You can filter the records by selecting a criteria option from the Search drop-down list. Table 2-1 • Filter criteria options 12 List by Definition User Name Enter at least three letters of the user’s first or last name on which to search. All users with a name matching those letters are displayed in the User pane. Email Address Enter an email address on which to search. All users with an email address matching that letter are displayed in the User pane. Group Name Enter a group name to search. All users in that group are displayed in the User pane. Chapter 2: Adding Users Table 2-1 • Filter criteria options List by Definition Inactive User Enter the inactive user’s first or last name. Org Admin Select this option to display all Org Admin users. You do not need to enter any search criteria. To find a specific Org Admin, enter the user’s first or last name. You can also limit the number of records displayed in the User pane. From the Page Size drop-down list, choose how many records to display per page. In addition, you can click First, Prev, Next, and Last buttons (shown below) to go to scroll through the list of records. Adding individual users Only an Org Administrator can add new users, one at a time from the User tab. A newly-created user doesn’t necessarily belong to any group unless the administrator explicitly assigns the user to a specific group. A new user’s default role is Group Member. To create a new user: 1 From the Cisco WebEx Connect Admin Console, select the User tab. 2 Click on the Add User icon to insert a new row. 3 Click in the Name field and enter the user’s name. 4 Click in the Email field and enter an email address. 5 Double-click the Home Group field to select a group. The User Group and Role Management screen appears. 6 Click on a Group Name to associate with this user and click Select. To create new groups, see “Adding Groups” on page 17. 7 Click on the Roles link to select a role. The User Group and Role Management screen appears. 8 Select the Role check box to assign to the user. You can select more than one role to assign to the user. 13 Chapter 2: Adding Users 9 Click Save. User records are automatically saved. 10 Continue adding users by clicking the Add User icon and repeating the previous steps. New users receive a welcome email based on the Welcome Email template in the Cisco WebEx Connect Admin Console. For details on email templates, see “Notifications, Emails, and Alert Templates” on page 27. Note If there is missing information or errors when you add new users, the errors are highlighted in yellow and a message is displayed. Importing multiple users from a CSV file To import users from a CSV file: 1 From the Cisco WebEx Connect Admin Console, select the User tab. 2 To import multiple users click the Import User button. The Import User dialog box appears above the user list. 3 Click Select File to select the CSV file you want to import and click Import. After the import is complete, the administrator who initiated the import, receives an email with the status of the import. The email states whether the import was a success, failure, or terminated. 14 Chapter 2: Adding Users The CSV file is imported and the users appear in the User tab. For more information on CSV file format and a sample file, see “CSV File Format” on page 77. Editing users As an administrator, you have permission to edit all the properties of an existing user. You can change the groups a user is assigned to and change the roles associated with that user. To edit a user: 1 Select the user you want to edit in the User tab. 2 Click the Edit User icon. The Edit User dialog box appears. All the current properties of the user are displayed. 3 Edit any properties in the Edit User dialog box. In addition, you can use this screen to reset the user password. Note The Screen Name format must match the Business Email format and must comply with the domain list. By default, this value is automatically populated. 4 Click Save. 15 Chapter 2: Adding Users Adding Users with Single Sign-on and Directory Integration Enabled In addition to manually adding and editing users and groups, the process is different for adding and editing users when SSO and directory integration is enabled. For more information on Single Sign-on (SSO) and Directory Integration, see “Single Sign On and Directory Integration” on page 63. When Directory Integration is implemented with Cisco WebEx Connect: Users and groups are created from corporate directory files provided by the company or organization. Org Administrators cannot directly edit the user and group data. When the user and group data needs updating, the company provides an updated corporate directory file that can be imported into Cisco WebEx Connect. The CSV file import function is not available. When Single Sign-On is implemented with Cisco WebEx Connect. New user accounts are automatically created when the user logs into Cisco WebEx Connect for the first time. When SSO is implemented, user accounts are automatically provisioned the first time the user logs into Cisco WebEx Connect. Assigning Spaces The Cisco WebEx Connect Administrator can reassign Spaces owned by a user to any other user. Once assigned the user to which the Space is assigned becomes the Space administrator for all the Spaces. For example, if an employee leaves a company, the Administrator can reassign this user’s Spaces to another user. You can turn off the Spaces feature by creating a policy. For more information, see “Using Policy Actions Available in Cisco WebEx Connect” on page 52. To reassign a Space to another user: 1 Right-click the name of a user from the User tab and select Assign User. 2 Enter the name of the user you want to be the Space owner for all the Spaces that belong to this user. 3 Click Assign. 16 Chapter 2: Adding Users Adding Groups The Cisco WebEx Connect Administrator organizes users into groups. The groups are assigned group policies to determine what actions should be taken when users belong to a particular group. Users can be members of one or more groups. However, policies applied to users’ home group overrides any other policies. The first time you open the Cisco WebEx Connect Admin Console there will be a default list of groups available. These groups cannot be edited or deleted at this time, however you can create new groups or edit or delete these new groups at any time. You can assign users to a group to which you apply a specific policy. When Cisco WebEx Connect is provisioned, an Organization is created the top level group: A top level group, with the name of the organization provided at the time of provisioning. The Org Administrator role can only be assigned to users who are members of the top level group. The name of the top level group begins with the name of the organization. Note Cisco WebEx Connect sees a personal library appear as a group associated with a user, but this group cannot be modified. Assigning the Org Administrator Role A user can be assigned an Org admin role, as long as the user is a member of top level group. A member of a group can be assigned Group Administrator Role. For LDAP only, users can be assigned the Org Admin role to the top level group by right-clicking on the user and selecting Assign Org Admin. 17 Chapter 2: Adding Users Group Administrator Role Group Administrator role allows a user to: View a list of users in the group, and in the sub-groups Search for users by group, and move users between the groups managed Apply policies to groups managed Be an administrator of only one group (home-group and its sub-groups) Create sub-groups A Group Administrator cannot: Create new users No migration tab, therefore cannot migrate users Create policies Note Users can only be a group administrators for their home group. Adding groups If you are an org or group administrator, you can create new groups. To create a new group: 1 From the User tab, double-click to select a group. 18 Chapter 2: Adding Users 2 From the User Group and Role Management dialog box, double-click to open the Select Group box. 3 Right click to Add a group. The default name New Group is assigned. 4 Enter the name of the group at the top of the dialog. 5 Select the group and click Select to save the group and close the Select Group dialog. 6 Click Save on the User Group and Role Management dialog box. Editing groups As an administrator, you can rename groups. To edit an existing group: 1 Select the group you want to edit in the User tab. 2 Double click the group name. The User Group and Role Management dialog box appears. 3 Double click the group name to open the Select Group dialog box. Edit any properties in the User Group and Role Management dialog box. 19 Chapter 2: Adding Users To rename a group, click at the top of the dialog box, next to Group Name and enter a new name. 4 Click Select on the Select Group dialog box. 5 Click Save on the User Group and Role Management dialog box. Deleting groups You can only delete a group if the group is empty and has no users associated with it. However, if a group is not empty, you can delete any users that belong to multiple groups. You cannot delete any default groups. To delete a group: 1 Select the group you want to edit in the User tab. 2 Double click the group name. The User Group and Role Management dialog box appears. 3 Double click the group name to open the Select Group dialog box. 4 Right click the name of the group and select Delete Group. 20 Chapter 2: Adding Users 5 Click Select on the Select Group dialog box. 6 Click Save on the User Group and Role Management dialog box. Cisco WebEx Connect Roles Roles grant specific privileges to individual users or groups and allow them to perform specific actions. There are some default roles and privileges. Each default role in the Cisco WebEx Connect Admin Console includes one or more privileges, which determines the level of access a user has to applications running on the Cisco WebEx Connect platform. Note A role can have one or more privileges, but the available privileges are determined by the choice and category already selected for that particular role. Default Roles The default roles are displayed on the User Group and Role Management screen. For a regular organization, the Org Administrator can assign Group Admin, Group Member, or Org Admin roles to users. The Group Administrator can assign only Group Admin and Group Member roles to users. The default roles in the Cisco WebEx Connect Admin Console are: Group Administrator—Role assigned to the person who has responsibility for all the actions and tasks relating to the group. Group Member—Role assigned to person who is a member of a group. Org Administrator—Role assigned to the user who manages the Cisco WebEx Connect organization. This role can only be assigned to a user who belongs to the top level group. 21 Chapter 2: Adding Users Note Currently, the ability to create and modify roles and privileges are limited. All roles except the Org Administrator’s role are limited in terms of the scope of activities they can perform and the privileges they have. 22 3 Configuring Cisco WebEx Connect As an administrator you can set a default user level storage allocation for the an organization or modify storage allocation on a user-by-user basis. You can also configure notification alerts that are sent to a user or an organization when a certain event occurs. Configuring Cisco WebEx Connect The Configuration tab allows you to set and control default settings Cisco WebEx Connect users. To configure Cisco WebEx Connect settings: 1 Click the Configuration tab. The Configuration screen appears. 23 Chapter 3: Configuring Cisco WebEx Connect 2 Enter the information in the settings fields. Field Definition SuperAdmin Settings Domain Name The list of domain names associated with the organization. This list determines the domain names that can be used as part of user screen names. The organization needs to own the domain names associated with the organization. The domain name list cannot be changed by the Org admin. To add new domain names into this list, contact support. Domain White List The Org Administrator can add domains to the white list. The list of domain names used for defining the trusted domains and companies for communication and collaboration. For example, Organizations can define the partner domain names and enforce communication policies using the domains specified in the white list. Domains that are added to the white list receive the same privileges as internal users. Resource Allocation Storage Purchased The amount of storage purchased by the company. (Read only field. Contact Cisco WebEx to make changes). Storage Used The storage amount used by the company. (Read only field). Number of users The number of company licensed Cisco WebEx Connect users. (Read only field. Contact Cisco WebEx to make changes). Enable storage enforcement of each user Check this box to limit the maximum allowed storage per user. Disabling this option allows the user to use the storage up to the org or department storage limit. Default Storage Allocation per User The maximum storage amount allowed for each user. Enter the storage amount to be allocated to all users. The Administrator can specify a unique amount for individual users on a case by case basis. When the default value is changed for all users, the unique allocations for the individual users is not affected. Default Settings Enable User Self-Registration Select Yes or No to allow users to register on www.webex.com/go/wc and become part of the organization without manual provisioning by the administrator. When this is disabled, users will get a message to contact their administrator. Display contact pictures in contact list Select Yes or No to allow users to display a picture with their name on the contact list. Configure URL 24 User Registration URL Specify custom messages with contact information and expose this page to any user attempting to register for a Guest Edition user with the domains owned by the Company. This URL is only effective is self-registration is disabled. Forgot Password URL This URL is used in rare customer-specific scenarios where Cisco WebEx Connect cannot support self-managed user password reset. Chapter 3: Configuring Cisco WebEx Connect Field Definition Connect Support URL The URL that is shown to users from Cisco WebEx Connect Help>Support menu. Leave this field blank to use default functionality. Center Site URL The URL for the center site. Connect Telephony Click-to-Call Select to enable Click-to-Call functionality. If enabled, enter the CUCM (Cisco Unified Communication Manager) IP address or URL. For more information about Click-to-Call, see Allow user to enter manual setting Select to allow manual setting. IM Settings User IM visibility Select Yes to enable the Invisible menu option for Instant Messaging users. Select No to disable the Invisible menu option. Disable offline messages Select Yes to disable sending IM messages to Cisco WebEx Connect users who are offline. Blocked URLs (Separate multiple values with semicolon) Enter the URLs that are not allowed to send instant messages to users. If you need to block multiple URLs, separate each URL with a semicolon. For example, http://www.example.com;http://www.example1.co m; http://www.myurl.com; Blocked file extensions (Separate multiple values with semicolon) Enter the file extensions that are not allowed to be transferred on IM conversations. If you need to block more than one file extension, separate each file extension with a semicolon. For example, exe;pdf;doc;zip; User Profile Override and View Settings User Profile Override Select Yes or No to allow users to override the default setting that the org administrator set for users to set their profile. User Profile View Setting Select from the dropdown menu who can view the user’s profile. Directory Input Scheduling Job Scheduling This is only used with Directory Integration. Enter the date and time you want the directory files to import into Cisco WebEx Connect. Use UNIX cron job format for this field. For details on cron format, see http://www.opensymphony.com/quartz/api/org/quartz/CronE xpression.html. Notification Emails This is only used with Directory Integration. Enter the email addresses for those you want to receive status of the import of directory files. Integrated Center Site 25 Chapter 3: Configuring Cisco WebEx Connect Field Definition Site URL This is required when you have enabled the integration between Meeting Center and SSO. Enter the Meeting Center Site URL that enables meeting hosts to schedule meetings. For more information about SSO-enabled Meeting Center sites and Cisco WebEx Connect, see “Using Single Sign-on integrated with Meeting Center” on page 66. Brief Description Enter a brief description for the Meeting Center Site. Security Settings Org, WebEx, and Federated Web SSO Certificate management Select one of the certificates to import. For more information, see “Directory Integration” on page 68. The Super Admin must give the Org Administrator permissions to update these settings. Calendar Application Configuration Locations Select conference room locations to appear in Calendar. Click Add to add locations. For more information, see “Calendar Application Configuration” on page 31. Notifications, Emails, and Alert Templates Emails and Notifications The notifications and alerts that are emailed to users when a certain event occurs. To edit Email templates, see “Notifications, Emails, and Alert Templates” on page 27. Premium Services Configuration Add/Delete Services Add premium services to Cisco WebEx Connect. For more information, see “Premium Services Configuration” on page 30. 3 To enable Click-to-Call feature, you also need to enable settings for the CUCM Account. From the Edit menu in Cisco WebEx Connect, select Settings. Select Click-to-Call, then Set Up Account. 26 Chapter 3: Configuring Cisco WebEx Connect Note The Cisco Unified Communications Manager Click-to-Call functionality is not available in Cisco WebEx Connect by default. You need to purchase it separately. Contact your Cisco sales representative for more information. 4 Select Use default server and click OK. 5 Click Save. Notifications, Emails, and Alert Templates Cisco WebEx Connect Admin Console provides templates for email notifications and alerts that Cisco WebEx Connect users receive. You can easily modify these templates. See “Email Templates” on page 28 for details on the templates and their macros. To modify email templates: 1 Click the Configuration tab. The Configuration screen appears where you can enter settings for users. 2 Scroll down to Notifications, Email & Alert Templates section of the Configuration tab. 3 Select the template that you want to modify and click Edit Mail Template. 27 Chapter 3: Configuring Cisco WebEx Connect The Edit Email Template dialog box appears. 4 Enter the appropriate information in each field starting with Email Name. 5 From the Format drop down list, select the format to send the email in: HTML or Text. Note If you change the email format from HTML to Text, you need to manually remove the HTML tags in the body of the email template. 6 In the Message box, enter the text of the email template. Note Every email template contains pre-existing message text in the Message box. You can customize or change it according to your requirements. 7 Click Save. Email Templates The Cisco WebEx Connect Admin Console provides templates for email notifications and alerts Cisco WebEx Connect users receive. You can easily modify these templates. 28 Chapter 3: Configuring Cisco WebEx Connect Note Cisco WebEx Connect email templates are pre-populated with appropriate templates for out of the box use. Email Variables and Macros Welcome Message—Default email contains links to reset password, download the client, documentation, and community links. %USERNAME%—The name of the user. %CLIENTDOWNLOADURL%—The URL that takes the user to the welcome message. %NEWPASSWORDURL%—The new password variable. Space Invitation Message—Connect User—Default template includes information on how to get to the Space and link to the community. %SPACEOWNER%—Name of the Space owner Space Invitation Message Non-Connect User—Default template includes information on where to get a Cisco WebEx Connect account, how to open a new Space, and link to the community. %SPACEOWNER%—The name of the Space owner. Get or Reset Password Email—Email is sent when Cisco WebEx Connect Administrator resets password. %NEWPASSWORDURL%—URL that will take the user to reset password. Notify Space Members Email—Default template for manual notifications sent from within Spaces. %UserMessage%—The message the user writes. IT purchase notification to Guest Edition Users—Email to notify Guest Edition users that their account will be deactivated. %USERNAME%—The name of the user. Add to Public Library Request—A request to copy an application to the public library. %USERNAME%—The name of the user. Deny Add to Public Library Request—A denied request to add to an application to the public library. %APPNAME%—The name of the application to copy to the library. Invitation to Guest Edition Users— Email to invite Guest Edition users to upgrade to Business Edition. %LINKTOINVITATION%—URL where the user can register as a Business Edition user. Department purchase Notification to Guest Edition—Email to Guest Edition users to change their password. %NEWPASSWORDURL%—URL where the user to reset password. %SPACENAME%—Name of the Space %USERDEFINEDMESSAGE%—Text entered by the Space owner at the time of creating the Space %SPACENAME%—The name of the user. %USERDEFINEDMESSAGE%— %REGISTERURL%—URL where the user can register as a Space user %ObjectLink%—The URL that takes the Space member to a particular location specified by the user. %SpaceName%—The name of the user’s Space. %APPNAME%—The name of the application to copy to the library. 29 Chapter 3: Configuring Cisco WebEx Connect Email Variables and Macros Storage Limit Exceeded—Notify user that their storage limit has been exceeded. %LIMIT%—maximum amount of storage allowed. Email Sent when user provision job completes, is interrupted, or fails—Email to notify user that the user import job completed, interrupted, or failed. %USERNAME%—The name of the user. Email sent when directory integration (group provisioning) job fails— Email to notify user that the batch import job failed. User is instructed to contact support for help. Email sent when directory integration (group deletion) job fails— Email to notify user that the batch group deletion job failed. User is instructed to contact support for help. Email sent when directory integration (user inactivation) job fails— Email to notify user that the batch user inactivation job failed. User is instructed to contact support for help. %ADMINEMAIL%—Cisco WebEx Connect Administrator’s email. The following is an example of the Welcome email template that a new user receives: Premium Services Configuration The Cisco WebEx Connect Admin Console allows the administrator to add and configure premium services to Cisco WebEx Connect. 30 Chapter 3: Configuring Cisco WebEx Connect To configure premium services: 1 Click the Configuration tab. The Configuration screen appears where you can enter settings for users. 2 Scroll down to the Premium Services Configuration part of the Configuration screen. 3 Check the box for each service you want to include. Use the buttons to the right of each service, to add, modify, or delete the service. 4 Click Save. Calendar Application Configuration The Cisco WebEx Connect Admin Console allows the administrator to add and configure premium services to Cisco WebEx Connect. To configure premium services: 1 Click the Configuration tab. 2 Scroll down to the Calendar Application Configuration section of Configuration. 3 Click the Add icon to add a calendar location. 4 Click Save. 31 Chapter 3: Configuring Cisco WebEx Connect Migrating Cisco WebEx Connect The Migration tab allows organizations using the Guest Edition of Cisco WebEx Connect to migrate their Guest Edition users to the licensed edition upon purchasing Cisco WebEx Connect for their organization. This eliminates the effort of the Cisco WebEx Connect administrator to manually add each individual Guest Edition user to the licensed edition. Migration is a simple, three-step process where the Org Administrator: identifies the Guest Edition users that need to be migrated to the licensed edition sends an email invitation to these users that contains a link that enables the migration when Guest Edition users accept the invitation and click the link, they are migrated to the licensed edition of Cisco WebEx Connect. When Guest Edition users click the link that enables migration, their account information including all Space and other collaboration information is carried over to the licensed edition. However, users who do not receive or accept the email invitation, are denied access to the licensed edition of Cisco WebEx Connect. The list of Guest Edition users appears in the Migration tab as long as they are not invited or have not clicked the migration link in the invitation email. The following graphic shows this list of users. Notice that the status of different users. A Pending status means the user has not received the invitation email. An Invited status means the user has not clicked the migration link in the invitation email. When a user with the Invited status clicks the migration link in the invitation email, the user’s name is removed from this list indicating that the migration was successful. Note Org Administrators can also (optionally) resend email invitations to users. 32 Chapter 3: Configuring Cisco WebEx Connect The following graphic shows a sample of the invitation email. The administrator has exclusive control over the domain names used in Cisco WebEx Connect, configuration, and migration of users. Without administrator provisioning, users cannot use Cisco WebEx Connect team collaboration features. To configure Cisco WebEx Connect migration: 1 Click the Migration tab. The Migration screen appears. 2 To invite a user to migrate to the licensed edition of Cisco WebEx Connect, select the appropriate user and click the Invite icon. 33 Chapter 3: Configuring Cisco WebEx Connect 34 4 Getting started with Cisco Unified Communications Manager for Click to Call Overview Cisco's call-processing software, telephones, and endpoint devices allow your organization to efficiently run voice, data, and video communications over a single, converged network. Cisco provides call-processing solutions for organizations of all sizes and types. These industry-leading IP private-branch-exchange (PBX) solutions manage voice, video, mobility, and presence services between IP phones, media processing devices, voice-over-IP (VoIP) gateways, mobile devices, and multimedia applications. Cisco call-processing solutions includes: Cisco Unified Communications Manager: This enterprise call-processing system is the core of Cisco Unified Communications. It provides voice, video, mobility, and presence services to IP phones, media-processing devices, VoIP gateways, mobile devices, and multimedia applications. A single system can support up to 30,000 users and scale to support up to 1 million users at up to 1000 sites. The Cisco Unified Communications Manager Click-to-Call functionality is an optional feature and not available in Cisco WebEx Connect by default. You need to purchase it separately. Contact your Cisco sales representative for more information. 35 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call Cisco Unified Communications Manager Cisco Unified Communications Manager is an enterprise-class IP telephony call-processing system that provides traditional telephony features as well as advanced capabilities, such as mobility, presence, preference, and rich conferencing services. This powerful call processing solution can help: Build productivity with feature-rich unified communications that help workers spend less time chasing people, and more time being productive. Enable mobility with software that has embedded unified mobility capabilities so mobile workers can remain productive wherever they are. Cisco Unified Communications Manager creates a unified workspace that supports a full range of communications features and applications with a solution that is highly: Scalable: Each Cisco Unified Communications Manager cluster can support up to 30,000 users. Distributable: For scalability, redundancy, and load balancing. Available: Support business continuity and improve collaboration with high availability that provides a foundation for multiple levels of server redundancy and survivability. Setup tasks To get started, open the Cisco Unified CM Administration tool. Tasks for setting up Cisco Unified Communications Manager include: Configuring phones More... Configuring the Cisco Unified Communications Manager for Click to Call More... Configuring Cisco Unified IP Phones Before a Cisco Unified IP Phone can be used, you must use this procedure to add the phone to Cisco Unified Communications Manager. You can also use this procedure to configure third-party phones that are running SIP, H.323 clients, CTI ports, the Cisco ATA 186 Telephone Adaptor, or the Cisco IP Communicator. To configure the phone 1 Select Device > Phone. 2 Select the Add New button. 3 From the Phone Type drop-down list, select the appropriate phone type or device and click Next. After you choose a phone type, you cannot modify it. 36 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call 4 If the Select the device protocol drop-down list displays, choose the appropriate protocol of the device and click Next. The Find and List Phones window appears. 5 Enter the appropriate settings. MAC Address Enter the Media Access Control (MAC) address that identifies Cisco Unified IP Phones (hardware phones only). The Media Access Control (MAC) address is a unique, 12-character hexadecimal number that identifies a Cisco Unified IP Phone or other hardware device. Locate the number on a label on the bottom of the phone (for example, 000B6A409C405 for Cisco Unified IP Phone 7900 family of phones or SS-00-0B-64-09-C4-05 for Cisco IP Phone SP 12+ and 30 VIP). Do not enter spaces or dashes and do not include the “SS” that may precede the MAC address on the label. For information on how to access the MAC address for your phone, refer to the Cisco Unified IP Phone Administration Guide for Cisco Unified Communications Manager that supports your phone model. Cisco Unified Communications Manager converts the MAC address for each device by Dropping the first two digits of the MAC address Shifting the MAC address two places to the left Adding the two-digit port number to the end of the MAC address (to the right of the number) EXAMPLE MAC Address for the Cisco VG248 is 000039A44218 the MAC address for registered port 12 in the Cisco Unified Communications Manager is 0039A4421812 Device Name Enter a name to identify software-based telephones, H.323 clients, and CTI ports. The value can include 1 to 15 characters, including alphanumeric characters, dot, dash, and underscores. Note To see the list of all phone configuration settings, go to the “Cisco Unified IP Phone Configuration” section of the Cisco Unified Communications Administration Guide 6 Select Save. Adding a directory number to the phone If you are adding a phone, a message is displayed, confirming that the phone has been added to the database. To add a directory number to this phone, click one of the line links, such as Line [1] - Add a new DN, in the Association Information pane that displays on the left side of the window. 37 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call To add a directory number: 1 Enter a dialable phone number. Values can include route pattern wildcards and numeric characters (0 through 9). Special characters such as a question mark (?), exclamation mark (!), backslash (\), brackets ([ ,] ), plus sign (+), dash (-), asterisk (*), caret (^), pound sign (#), and an X are also allowable. Special characters that are not allowed are a period (.), at sign (@), dollar sign ($), and percent sign (%). At the beginning of the pattern, enter \+ if you want to use the international escape character +. For this field, \+ does not represent a wildcard; instead, entering \+ represents a dialable digit. Note When a pattern is used as a directory number, the display on the phone and the caller ID that displays on the dialed phone will both contain characters other than digits. To avoid this, Cisco recommends that you provide a value for Display (Internal Caller ID), Line text label, and External phone number mask. The directory number that you enter can appear in more than one partition. 2 Select Save. 3 Select Reset Phone. For more information, see “Resetting a phone” in the Cisco Unified Communications Administration Guide. Note Restart devices as soon as possible. During this process, the system may drop calls on gateways. Configuring Cisco Unified Communications Manager for Click to Call Now that you have set up phones and users, you need to complete these tasks in the Cisco Unified Communications Manager: 38 Activate Cisco WebDialer on Cisco Unified Communications Manager More... Verify the CTI Manager is running on Cisco Unified Communications Manager More... Verify the CCMCIP Service is running on Cisco Unified Communications Manager More... Verify the correct phone devices are associated with the user More... Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call Activating Cisco WebDialer on Cisco Unified Communications Manager Note Click to Call uses the SOAP interface to interact with the WebDialer servlet on Cisco Unified Communications Manager. Because Click to Call does not use the HTTP interface, the application does not interact with the Redirector servlet. To activate the Cisco WebDialer 1 Select Cisco Unified Communications Manager Serviceability > Tools > Service Activation. 2 Select the Cisco Unified Communications Manager server from the server drop-down list. Select the server from this list 3 In CTI Services, check Cisco WebDialer Web Service. 4 Click Save. Verifying the CTI Manager is running on Cisco Unified Communications Manager The CTI Manager must be running on Cisco Unified Communications Manager for Click to Call to function properly. 1 Select Cisco Unified Communications Manager Serviceability > Tools > Control Center - Feature Services. 2 Select the Cisco Unified Communications Manager server from the server drop-down list. 3 In CM Services, verify that Cisco CTIManager is running. 39 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call Verifying the CCMCIP Service is running on Cisco Unified Communications Manager Click to Call retrieves the phone type for the user from the CCMCIP (Cisco CallManager Cisco IP Phone Services) service, and displays the phone type on the Phone Preferences screen in Click to Call. Because the CCMCIP service only runs on Cisco Unified Communications Manager release 6.x or later, this procedure is only applicable if you are running this Cisco Unified Communications Manager release. 1 Select Cisco Unified Communications Manager Serviceability > Tools > Control Center - Network Services. 2 Select the Cisco Unified Communications Manager server from the server drop-down list. 3 In CM Services, verify that Cisco CallManager Cisco IP Phone Services is running. Verifying the correct phone devices are associated with the user You need to verify that the correct phone devices are associated with the user on Cisco Unified Communications Manager. If a phone device is not correctly associated with the user on Cisco Unified Communications Manager, the phone is not listed on the Phone Preferences screen inClick to Call. 1 Select Cisco Unified Communications Manager Administration > User Management > End User. 2 Click Find. 3 Click on the appropriate user ID. 4 In the Device Association section, verify the correct devices are listed in the Controlled Devices window. 40 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call Note If you need to associate a phone device with the user, click Device Association. Consult the Cisco Unified Communications Manager online help for further information. How to configure application dial rules You can configure dial rules for applications, such as Cisco WebDialer, that automatically strip numbers from, or add numbers to, a telephone number that a user dials. For example, you can use dial rules to automatically prefix a digit to a telephone number to provide access to an outside line. You configure application dial rules on Cisco Unified Communications Manager from Cisco Unified Communications Manager Administration > Call Routing > Dial Rules > Application Dial Rules. This section provides a brief description of application dial rules. For detailed information on configuring the application dial rules on Cisco Unified Communications Manager, refer to these documents: The “Application Dial Rules Configuration” section in the Cisco Unified Communications Manager Administration Guide The “Dial Plans” section in the Cisco Unified Communications Manager Administration Guide Sample Application Dial Plan on page 42 Configuring Cisco WebDialer to automatically use application dial rules on Cisco Unified Communications Manager on page 43 41 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call Sample Application Dial Plan Name/Description Number Number of Begins With Digits Total Digits to be Removed Prefix with Pattern International 12 Digit + 12 1 9011 International 13 Digit International 14 Digit International 15 Digit Local 7 Digit + + + 13 14 15 7 1 1 1 9011 9011 9011 9 510 XXX-XXXX Local 10 Digit 10 3 9 (510) XXX-XXXX National 10 Digit 10 0 91 (XXX) XXX-XXXX National 11 Digit 11 9 1(XXX) XXX-XXXX In the sample application dial plan above, 9 represents the off-net access code for outside dialing. For domestic calls, you append the appropriate quantity of digits to the off-net access code to call either a local number or a national (long-distance) number. In each international dial rule, you replace the “+” with the off-net access code and the appropriate international dialing access code. These application dial rules are configured in the sample dial plan above: Any international number, the application dial rule removes “+” from the number, and prepends the off-net access code 9 and the international dialing access code 011 to the remaining digits. Any local seven digit number, the application dial rule prepends the off-net access code 9. Any local ten digit number that begins with 510, the application dial rule removes 510 from the number and prepends the off-net access code 9 to the remaining digits. Any national ten digit number, the application dial rule prepends the digits 91. Any national eleven digit number beginning with 1, the application dial rule prepends the off-net access code 9. If the Number Begins With field is blank, you leave the number of initial digits open that you wish to apply to the dial rule. For example, the initial digits 1, 1408, or 1408526 will each match the dialed number 14085264000. 42 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call You must configure the application dial rule list in order of priority. Cisco Unified Communications Manager applies the first dial rule match that it finds for the dialed number in the dial rule list; it does not attempt to find the best match in the list. For example, if you configure the dial rule conditions listed below, on receipt of the dialled number 14085264000, Cisco Unified Communications Manager will ignore dial rule 1, and apply dial rule 2 because it is the first match. Although dial rule 3 is the best match, Cisco Unified Communications Manager ignores any subsequent rules in the list after finding the first match. 1 Begins with 9 and is 8 digits long, then do X. 2 Begins with 1 and is 11 digits long, then do Y. 3 Begins with 1408 and is 11 digits long, then do Z. Note You can also configure directory lookup rules on Cisco Unified Communications Manager. Directory lookup rules transform the number the user dials into a directory number. For further information, refer to the “Directory Lookup dial Rules Configuration” in the Cisco Unified Communications Manager Administration Guide Configuring Cisco WebDialer to automatically use application dial rules on Cisco Unified Communications Manager You can configure the Cisco WebDialer service to automatically apply the application dial rules that are configured on 1 Select Cisco Unified Communications Manager Administration > System > Service Parameters. 2 Select the Cisco Unified Communications Manager server from the Server menu. 3 Select Cisco WebDialer Web Service from the Service menu. 4 Click True for the Apply Application Dial Rules on Dial parameter. 5 If you are running Cisco Unified Communications Manager release 6.x or 7.x, click True for the Apply Application Dial Rules on SOAP Dial parameter. 6 Restart the Cisco WebDialer service. 43 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call Troubleshooting Click to Call log files and configuration files The Click to Call configuration files are located here: Windows XP – C:\Documents and Settings\[Windows User Account Name]\Application Data\Cisco\Click to Call Windows Vista - C:\Users\[Windows User Account Name]\AppData\Roaming\Cisco\Click to Call Click to Call file descriptions: Configuration Files and Folders Description \Data\Outbound folder \Log folder clicktocall.xml file ClickToCallPhones.xml file Outbound call log for the end user Application log files Application settings for the user List of unsupported phone models Click to Call Log Files The Click to Call configuration files are located here: Windows XP – C:\Documents and Settings\[Windows User Account Name]\Application Data\Cisco\Click to Call Windows Vista - C:\Users\[Windows User Account Name]\AppData\Roaming\Cisco\Click to Call The folders contain these log files: clicktocall.log - Contains the application log MSclicktocall.log - Contains the Microsoft Office log OCclicktocall.log - Contains the Microsoft Outlook Contacts log PMclicktocall.log - Contains the Microsoft Outlook Persona Menu log Each log file rolls over when the maximum file size is reached, for example, clicktocall.log.1, clicktocall.log.2 and so on. The maximum number of log files is ten. Each log file stores up to 100KB of logged data. The Click to Call installer log file is called install.log and is also located in the C:\Program Files\Cisco Systems\Click to Call folder. Error Messages This table provides a list of error messages can appear in the Click to Call application and describes a recommended action for each error message. 44 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call Error message Problem and recommended action A connection error occurred. Please ensure Click to Call is running A call was attempted using the Click to Call functionality when the Click to Call application is not running. Ask the end user to restart the Click to Call application. A directory error occurred. Please contact your phone administrator The Cisco Unified Communications Manager directory service may be down. Allow a short time lapse and retry your connection. If the error A service error occurred. Retry the call. If the problem persists, please contact your phone administrator occurs again, contact your Cisco Unified Communications Manager system administrator. An internal error occurred in the WebDialer application. Contact your Cisco Unified Communications Manager system administrator. Cannot make call. Please ensure Click to Call is running Ask the end user to restart the Click to Call application. Click to Call cannot find Cisco IP Communicator. Please ensure it is running or select another phone Ask the end user to verify that their Cisco IP Communicator soft Click to Call is not fully configured One or more mandatory fields in the sign-in screen have been phone is running properly, or to select a phone to use with the Click to Call application. left blank. Ask the end user to enter the missing information in the sign-in Destination cannot be reached screen, and retry the login. The end user dialed the wrong number, or you have not applied the correct dial rules. Check that the Cisco WebDialer service is configured to use the Login failed. Please make sure your user name and password are correct application dial rules on Cisco Unified Communications Manager. Provide the end user with the correct username and password for the Cisco Unified Communications Manager server. Ask the end user to enter this username and password in the Login screen, and retry the login. No phone is available. Please contact your Ask the end user to verify and refresh the phone preferences in phone administrator the Phones screen of the Click to Call Preferences. No phone has been selected for use with Click to Call. Please select a phone The end user has no phone selected to use with the Click to Call application. Ask the end user to select a phone to use with the application Proxy authentication rights could not be found. Please contact your phone administrator Service is temporarily unavailable. Retry the call. If the problem persists, please contact your phone administrator from the Click to Call. Cisco WebDialer service sends this error. Contact your Cisco Unified Communications Manager system administrator. The Cisco Unified Communications Manager service is overloaded. It has reached its throttling limit of two concurrent sessions. Allow a short time lapse and retry your connection. If the error occurs again, contact your Cisco Unified Communications Manager system administrator. 45 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call Error message Problem and recommended action The service is overloaded. Retry the call. If the problem persists, please contact your phone administrator The Cisco Unified Communications Manager service is overloaded. It has reached its throttling limit of two concurrent sessions. Allow a short time lapse and retry your connection. If the error The URL you requested is not available. Please contact your phone administrator occurs again, contact your Cisco Unified Communications Manager system administrator. Provide the end user with the correct Cisco Web Dialer and/or Device Query service IP address. Ask the end users to enter this information in the sign-in screen, and retry the login. The XML command is not available in the request. Please contact your phone administrator This is an error sent from the Cisco WebDialer service. Contact <Number> cannot be converted to a valid phone number The phone number the end user has entered is invalid. The maximum phone number length is 32 digits The phone number the end user has entered is too long. Invalid XML command. Please contact your phone administrator Cisco WebDialer service cannot be found. Please ensure you entered the correct address The call failed. Please ensure you are logged into your Extension Mobility device. If the problem persists contact your phone administrator your Cisco Unified Communications Manager system administrator. Ask the end user to edit the phone number and try again. Ask the end user to edit the phone number and try to make the call. Cisco WebDialer service sends this error. Contact your Cisco Unified Communications Manager system administrator. Provide the end user with the correct Webdialer server address. Ask the end user to enter this server address in the Login screen, and retry the login. A call request is already in progress or the Cisco WebDialer service could not get a line on the phone device from the CTI. Wait a few moments and then retry your connection. If the error occurs again, contact your Cisco Unified Communications Manager system administrator. Known Issues Problem: After the user installs Click to Call, the application fails to launch and an error appears. Solution: Provide the appropriate workaround to your end users: For Microsoft Windows XP 1 Under the Start menu, select Regional and Language Options in the Control Panel. 2 Change the locale from your locale to a different locale. For example, if your locale is English (United States), change to a different locale, such as English (United Kingdom). 3 Click OK. 4 Change the locale back to your locale, for example, English (United States). 5 Click OK. 46 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call For Microsoft Windows Vista: 1 Under the Start menu, select Regional and Language Options in the Control Panel. 2 Select the Formats tab. 3 Change the locale from your locale to a different locale in the Current Format menu. For example, if your locale is English (United States), change to a different locale, such as English (United Kingdom). 4 Click OK. 5 Change the locale back to your locale, for example, English (United States). 6 Click OK. 47 Chapter 4: Getting started with Cisco Unified Communications Manager for Click to Call 48 5 Using the Policy Editor to Define and Apply Policies You can define and apply policies for your groups in Cisco WebEx Connect. Policies can be used to enable or disable features such as file transfer, desktop sharing, archiving IM sessions, and automatically upgrading Cisco WebEx Connect. You can apply policies for all Cisco WebEx Connect users within the organization or to specific groups of users. You cannot apply policies for an individual user. For more information about how policies and policy actions work, see “Understanding policies and policy actions” on page 49. Cisco WebEx Connect provides a Policy Editor to define and apply policies for your groups. Understanding policies and policy actions A policy is a set of rules that include actions, which determine what Cisco WebEx Connect features are available to groups of users or to the entire Connect Organization. Thus, a policy can include one or more actions enabled or disabled. For example, a customer who wants to restrict certain Cisco WebEx Connect capabilities for Contractors can create a policy named Contractor Policy. This policy can restrict the capabilities that need to be disabled by setting specific actions to FALSE. For instance, Contractor Policy may disable External File Transfer and External IM for Contractors as shown in the following graphic. 49 Chapter 5: Using the Policy Editor to Define and Apply Policies An action is a Cisco WebEx Connect capability that can be controlled through policies. For example, the External File Transfer action corresponds to the capability of exchanging files with users outside the organization. Defining & applying policies When you create new users in your Connect Organization, they do not belong to any groups by default. All default policy actions will therefore apply across your Connect Organization. This is because the top-level group, typically created by the Super Admin includes all the users of the Connect Organization. For more information about users and groups, see “Adding Users” on page 11 However, when the Org Administrator creates groups and applies specific policies to these groups, these group-level policies will override the organization-level policies. Users belonging to these groups will now be governed by these policies instead of the organization-level policies. For example, if the Org Administrator applies a policy that prohibits external VOIP communications for particular group, users of that group will be unable to communicate using VOIP. However, external VOIP communications may still be enabled for all other users in the organization. You can apply policies at the Organization level or to specific groups. However, if there is a conflict in policy settings between the Organization level and group level (or between a parent group and its sub-groups), the most restrictive actions will take effect. For example, if VOIP capability is turned on (set to TRUE) at the Organization level, but turned off (set to FALSE) at the group level, VOIP capability for all users within the group will be disabled. However, if VOIP capability is turned off at the Organization level but the group has enabled it, VOIP capability will still be disabled for the users of the group. The following graphic illustrates how policies are applied at the Organization and group levels. 50 Chapter 5: Using the Policy Editor to Define and Apply Policies Note that this restriction overrides the policy hierarchy described earlier. About the Policy Editor Use the Cisco WebEx Connect Admin Console to set policies. You can set different policies for each group and make changes to your policies at any time. Note If you have modified or updated any policy, you need to first sign out of Cisco WebEx Connect and then sign in again for the updated policy to take effect. To learn how to apply policies to your groups, see “Applying policies to groups” on page 60. Adding Policies To add or edit policies: 1 Click the Policy Editor tab. The Policy List appears to the left and the Actions List appears at the right of the Policy Editor screen. 2 Click the Add button (+) to add a new policy. New Policy appears as the policy name. Enter a unique name for the policy. 51 Chapter 5: Using the Policy Editor to Define and Apply Policies 3 To add Actions for this policy, see “Adding actions to a policy” on page 59. 4 Check the Applied box for the policy you want to apply. To complete applying the policy to the appropriate groups, see “Applying policies to groups” on page 60. Using Policy Actions Available in Cisco WebEx Connect This section describes the policy actions available in Cisco WebEx Connect. The description also includes information about the impact a policy action has on the features that it controls. This in turn enables you to set the most appropriate policies on the groups that you administer. For information on how to view and set policy actions, see “Adding actions to a policy” on page 59. By default, a newly provisioned Connect Organization has all the capabilities granted to all the users. This means all Cisco WebEx Connect features are available to all users by this default policy action. Note Only the AES Encryption policy is not enabled by default. The Org administrator needs to explicitly enable this policy. Administrators then need to create policies only if specific capabilities for all the users or specific groups of users need to be disabled. External users are users who do not belong to the Cisco WebEx Connect organization but can still user Cisco WebEx Connect to communicate with users who belong to the Cisco WebEx Connect organization. Table 5-1 • Policy Actions in Cisco WebEx Connect 52 Policy Action Description Impact Default Value External File Transfer Controls file transfer in an IM session between Connect Organization users and users outside the Organization. Setting this policy action to FALSE will stop all file transfers between the Connect Organization users and external users, including multi-party IM sessions with at least one external user. TRUE Internal File Transfer Controls file transfer in an IM session between Connect users within the Organization. Setting this policy action to FALSE will stop all internal file transfers. TRUE When this policy action is not explicitly set to FALSE, all the users within the Connect Organization will have the ability to exchange files with the internal users. Chapter 5: Using the Policy Editor to Define and Apply Policies Table 5-1 • Policy Actions in Cisco WebEx Connect Policy Action Description Impact Default Value External IM Controls IM sessions between users in the Connect Organization and users outside the Organization. Setting this policy action to FALSE will stop all IM sessions between users in the Connect Organization and users outside the Organization. This will also stop all dependent services like voice, video, and VOIP. TRUE External VOIP Controls VOIP communications in IM sessions between users in the Connect Organization and users outside the Organization Setting this policy action to FALSE will stop all VOIP communications in IM sessions between users in the Connect Organization and users outside the Organization. However, other services like text-based IM sessions and file transfers will be available. TRUE Internal VOIP Controls VOIP communications in IM sessions between users within the Connect Organization. Setting this policy action to FALSE will stop all VOIP communications in IM sessions between users within the Connect Organization. However, other services like text-based IM sessions and file transfers will be available. TRUE When this policy action is not explicitly set to FALSE, all the users within the Connect Organization will have the ability to use VOIP communications in IM sessions. External Video Controls video services in IM sessions between users in the Connect Organization and users outside the Organization Setting this policy action to FALSE will stop all video services in IM sessions between users within the Connect Organization and users outside the Organization. However, other services like text-based IM sessions and file transfers will be available. TRUE Internal Video Setting this policy action to FALSE will stop all video services in IM sessions between users within the Connect Organization. However, other services like text-based IM sessions and file transfers will be available. TRUE Controls video services in IM sessions between users within the Connect Organization. When this policy action is not explicitly set to FALSE, all the users within the Connect Organization will have the ability to use video communications in IM sessions. 53 Chapter 5: Using the Policy Editor to Define and Apply Policies Table 5-1 • Policy Actions in Cisco WebEx Connect Policy Action Description Impact Default Value Disable IM Catcher for External Communicatio ns Controls the behavior of IMCatcher with regard to text messages from users outside the Connect Organization who are not added to the Connect Organization user's contact list. Setting this policy action to FALSE allows users to change IMCatcher settings in the Cisco WebEx Connect client. FALSE Disable IM Catcher For Internal Controls the behavior of IMCatcher with regard to text messages between users within the Connect Organization. Local Archive Controls the ability of the user to locally archive IM text messages. When this policy action is not explicitly set to FALSE, users will not be able to change IMCatcher settings. Setting this policy action to FALSE allows users to change IMCatcher settings in the Cisco WebEx Connect client. FALSE When this policy action is not explicitly set to FALSE, users will not be able to change IMCatcher settings. Setting this policy action to FALSE prevents users from locally archiving IM text messages. TRUE In the Cisco WebEx Connect client, the following option is disabled: Edit >Settings>General IM>Message Archive. Join Workspace Join External Workspace 54 Controls the ability of users to join a Workspace within the Connect Organization. Setting this policy action to FALSE prevents users from joining a Space within the Connect Organization. Controls the ability of users within the Connect Organization to accept an invitation to join a Space external to the Connect Organization. In addition, this policy action controls the ability of these users to become a member of Spaces outside the Connect Organization. Setting this policy action to FALSE prevents users within the Connect Organization from accepting an invitation to join a Space external to the Connect Organization. Users can only view and delete the invitation. Additionally, the Org Administrator is not notified of such invitations to take a decision. TRUE When this policy action is not explicitly set to FALSE, users can accept an invitation to join a Space within the Connect Organization. TRUE Chapter 5: Using the Policy Editor to Define and Apply Policies Table 5-1 • Policy Actions in Cisco WebEx Connect Policy Action Description Impact Default Value External Desktop Share Controls the ability of users within the Connect Organization to share their desktop with users outside the Connect Organization. Setting this policy action to FALSE prevents users within the Connect Organization from sharing their (local) desktop with users outside the Connect Organization. TRUE Controls the ability of users within the Connect Organization to share their desktop with other users within the Connect Organization. Setting this policy action to FALSE prevents users within the Connect Organization from sharing their desktop with other users within the Connect Organization. Controls the ability of users (inside or outside the Organization) to view Spaces. Setting this policy action to FALSE prevents users from viewing Space-related features. Typically, the Spaces feature including the list of Spaces, and invitation to join Spaces will be disabled. Internal Desktopshare Workspace Feature Enables/Disables Space related features. When this policy is disabled, the user does not see any Space related information in the client Automatic Updates Controls the behavior of sending notifications to users whenever a new upgrade is available for the Cisco WebEx Connect client. When this policy action is not explicitly set to FALSE, users can share their (local) desktop with users outside the Connect Organization. TRUE When this policy action is not explicitly set to FALSE, users can share their desktop with other users inside the Connect Organization. TRUE When this policy action is not explicitly set to FALSE, users can view and work with all Space features. Note If this policy action is set to FALSE, the Join Workspace and Join External Workspace policy actions will be disabled by default. Setting this policy action to FALSE does not send notifications to users whenever a new upgrade is available for the Cisco WebEx Connect client. TRUE However, it is recommended to set this policy action to TRUE so that users will be notified when an upgrade is available. This makes the upgrade process simple and ensures that users always use the latest version of Cisco WebEx Connect. 55 Chapter 5: Using the Policy Editor to Define and Apply Policies Table 5-1 • Policy Actions in Cisco WebEx Connect Policy Action Description Invite Users Controls the ability To Workspace of users belonging to a Space in the Connect Organization to invite other users to join the Space. Impact Default Value Setting this policy action to FALSE will not allow users belonging to a Space in the Connect Organization to invite other users to join the Space. TRUE When this policy action is not explicitly set to FALSE, users belonging to a Space in the Connect Organization can invite other users to join the Space. Note This policy action will not work if Workspace Feature policy action is set to FALSE. Invite External Users To Workspace Support AES Encoding For IM Controls the ability of users within the Connect Organization belonging to a Space to invite contacts outside the Organization to join that Space. Enables you to specify whether you want to turn on support for AES Encryption for IM sessions. Setting this policy action to FALSE will not allow users belonging to a Space in the Connect Organization to invite contacts outside the Organization to join that Space. TRUE Note This policy action will not work if Workspace Feature policy action is set to FALSE. Setting this policy action to FALSE will disable support for AES Encryption for IM sessions. FALSE Note To apply this policy exclusively, the Support SSL Encoding For IM, and Support No Encoding For IM policies should be set to FALSE. If they are set to TRUE, the encryption level negotiated will be the highest level that the other party supports.This policy action is set to FALSE by default. For more information about encryption levels, see “About Encryption Levels” on page 57. Support SSL Encoding For IM 56 Enables you to specify whether you want to turn on support for SSL Encryption for IM sessions. Setting this policy action to FALSE will disable support for SSL Encryption for IM sessions. Note To apply this policy exclusively, the Support AES Encoding For IM, and Support No Encoding For IM policies should be set to FALSE. If they are set to TRUE, the encryption level negotiated will be the highest level that the other party supports.For more information about encryption levels, see “About Encryption Levels” on page 57. TRUE Chapter 5: Using the Policy Editor to Define and Apply Policies Table 5-1 • Policy Actions in Cisco WebEx Connect Policy Action Description Impact Default Value Support NO Encoding For IM Enables you to specify whether you want to turn off support for any kind of Encryption for IM sessions. To apply this policy exclusively, the Support AES Encoding For IM and Support SSL Encoding For IM policies should be set to FALSE. FALSE Note If you set this policy action to FALSE, you need to set one or both of the Support AES Encoding For IM and Support SSL Encoding For IM policies to TRUE. For more information about encryption levels, see “About Encryption Levels” on page 57. Allows IM within org or from domains in white list Controls IM communication between users within the Connect Organization and specific type of contacts. Setting this policy action to FALSE will stop users within the Connect Organization in a different domain name and specific domains(added to the white list), from using IM sessions with each other. However, this does not apply to users within the Connect Organization in the same domain. This will also disable other dependent services such as VOIP, Video and FileTransfer. TRUE Upload Widgets Controls the ability of Space members within a Connect Organization to upload widgets to the Spaces they belong to. Setting this policy action to FALSE prevents Space members within a Connect Organization to upload widgets to the Spaces they belong to. TRUE When this policy action is not explicitly to FALSE, Space members can upload widgets to the Spaces they belong to. About Encryption Levels Typically, all IM communication between Cisco WebEx Connect clients will be encrypted both within the Connect Organization and outside of it. The IM communication will be encrypted at the originating Cisco WebEx Connect client and decrypted at the destination client. This encryption applies to all forms of IM communication including text, desktop (and application) sharing, file transfer, VOIP, and video. Cisco WebEx Connect provides three levels of encryption: 256-bit Advanced Encryption Standard (AES): The highest level, where IM communication is encrypted end-to-end. 128-bit Secure Sockets Layer (SSL): Medium level of security, where IM 57 Chapter 5: Using the Policy Editor to Define and Apply Policies communication is encrypted only between a client and AOL. No encryption: All IM communications are not encrypted. The level of encryption depends on the policy set by the Org Administrator. The Org Administrator can apply the encryption policy either across the organization or to specific groups. The Cisco WebEx Connect client automatically determines its encryption level from the policy applicable to the user logged into the client. Therefore, if an organization’s policy settings do not allow a particular encryption level, the IM session will be disallowed, and an appropriate error message will be displayed to all the clients in the IM session. Note In a group IM scenario, the encryption level will be negotiated between all the users when the initial invite is sent out. After the IM session is established, subsequent attendees will need to support the negotiated encryption level to be able to participate. The following example explains a typical encryption policy for IM sessions. An organization that chooses to adopt a 256-bit AES Encryption level can choose from these policy options: Allow only 256-bit AES encryption. Allow both 256-bit AES encryption and SSL encryption. Allow 256-bit AES encryption, SSL encryption, and no encryption. The following table illustrates the impact of these policy options. Table 5-2 • Impact of Encryption Policy Options Client B Encryption Level Client A Policies 256-bit AES SSL No Encryption Only 256-bit AES 256-bit AES Don’t allow Don’t allow 256-bit AES or SSL 256-bit AES SSL Don’t allow 256-bit AES or SSL or no encryption 256-bit AES SSL No encryption In the Action Editor, you need to set TRUE or FALSE for each of these security levels based on the policy option you choose. 58 Chapter 5: Using the Policy Editor to Define and Apply Policies Adding actions to a policy To add actions to a policy: 1 Click the Policy Editor tab. The Policy List appears to the left and the Actions List appears at the right of the Policy Editor screen. 2 Select the Policy Name to which you want to add actions. 3 To add actions, click on the Add Action button under the Action List. The Action Editor screen appears. 4 Select an action from the Action Tag Name dropdown list. The list of available action tags appears. 59 Chapter 5: Using the Policy Editor to Define and Apply Policies Note For more information on these actions, see “Understanding policies and policy actions” on page 49. 5 Select options to configure actions from the dropdown lists under the Action Details Configuration section. 6 Set the Element Description Type for each action as True or False. The Element Description Type determines the behavior the policy action, that is, whether the policy action will be turned on or off or under what conditions the policy action will be turned on or off. 7 Click Save. 8 Check the Applied box for the policy you want to apply. This applies to the entire organization. Applying policies to groups To apply policies to a group: 1 Click the Group tab. The Policy List appears. 2 Enter the group name to find in the Group Name field. 60 Chapter 5: Using the Policy Editor to Define and Apply Policies 3 Select the group name in the Search Results. 4 Click the Applied checkbox for the policies you want to apply to this group. 61 Chapter 5: Using the Policy Editor to Define and Apply Policies 62 6 Single Sign On and Directory Integration This chapter includes information on the following: Single Sign-On (SSO) Directory Integration Single Sign-on In the standard configuration of Cisco WebEx Connect, the user’s log in name and password are independent from the authentication credentials used by their organization. This requires users to remember another set of log in credentials. Org Administrators also need to manage a separate set of user accounts. Single Sign-On (SSO) allows companies to use their on-premise SSO system to simplify the management of Cisco WebEx Connect. With SSO, users securely log in to Cisco WebEx Connect using their corporate log on credentials. The user’s log on credentials are not sent to Cisco, which protects the user’s corporate log on information. As an SSO configuration option, user accounts can be automatically created the first time a user logs into Cisco WebEx Connect. SSO also prevents users from accessing Cisco WebEx Connect if their corporate log in account is deactivated. Cisco WebEx Connect supports SSO systems based on the industry standard SAML protocol. Note Contact your Customer Success Manager for more information on which SSO systems are supported and to determine the steps for setting up your company’s SSO system to work with Cisco WebEx Connect. 63 Chapter 6: Single Sign On and Directory Integration Single Sign-On Requirements The following items are required when implementing SSO with Cisco WebEx Connect: Your company must have a Single Sign-On system that is SAML 2.0 compliant or meets the WS Federation 1.0 standard. You must provide a corporate X.509 public key certificate to be imported into the Cisco WebEx Connect Admin Console. SAML assertions sent to the Cisco WebEx Connect system are signed with the certificate’s private key. Your SSO system needs to be configured to provide a SAML assertion with the user account information and SAML system IDs needed by the Cisco WebEx Connect system. Provide the URL for the corporate SSO service to be entered in the Cisco WebEx Connect Admin Console. Users must install the Cisco WebEx Connect client with a command to configure the client for SSO and identify the name of your organization. Single Sign-On Configuration of the Admin Console The Cisco WebEx Connect Admin Console allows the administrator to configure single sign-on settings modify the security settings and certificates for Cisco WebEx Connect. Note Any changes to the single sign-on configuration will take up to one hour to take effect. 1 Click the Configuration tab. The Configuration screen appears. 2 Scroll down to Security Settings. 3 Click the Org Certificate Management link. This page is used to import your company’s X.509 certificate. Complete these steps: a In the Alias field, enter the company’s Connect org name. 64 Chapter 6: Single Sign On and Directory Integration b Click Select File to select the certificate to import and click Import Certificate. 4 Click the WebEx Certificate Management link. This page is used to generate a WebEx certificate to export to your SSO system. Complete these steps: a In the Alias field, enter your company’s Connect org name. b Enter a Valid for time in days. c Click Generate WebEx Certificate. d Export the certificate and import it to your corporate SSO system. 5 Click Federated Web SSO Configuration This page is used to configure SSO for Cisco WebEx Connect. Enter the following: a WebEx SAML Issuer: ID that identifies Cisco to the SSO server. The ID is returned in the SAML assertion. b Issuer for SAML: ID that identifies the issuer of the SAML assertion. The ID is returned in the SAML assertion. c Customer SSO Service Login URL: URL for your company’s SSO service. 65 Chapter 6: Single Sign On and Directory Integration d Click Save. Example for Installing Cisco WebEx Connect Client for SSO When SSO is enabled, the Cisco WebEx Connect client must be installed with a command specifying the org name. This enables SSO in the client and identifies the org to be used for SSO. Use the following example for installing the Cisco WebEx Connect client: 1 Example for installing the MSI file: msiexec.exe /i filename.msi SSO_ORG_NAME=OrgName 2 Example for installing the .exe file: filename.exe SSO_ORG_NAME=OrgName Using Single Sign-on integrated with Meeting Center The SSO integration with Cisco WebEx Meeting Center enables users with Meeting Center accounts to schedule and launch meetings directly from the Cisco WebEx Connect client without having to enter their logon credentials again. The Org Administrator can specify the default Meeting Center site to be used for starting meetings. Additionally, a user can change the default site to another Meeting Center site associated with Cisco WebEx Connect, or specify any Meeting Center site where the user has an account. 66 Chapter 6: Single Sign On and Directory Integration System Requirements for SSO and Meeting Center integration Item Requirement Notes IDP CA SiteMinder For enabling SSO, authentication management, policy-based authorization, identity federation and so on. Cisco WebEx Connect Org Admin domain gmail.com Cisco WebEx Connect hosting OPIS SSO standard for Cisco WebEx Connect SAML version 2.0 SSO standard for Meeting Center SAML versions 1.1, 2.0 This depends on the Meeting Center site version. At a minimum, you must be running Meeting Center site version T26 or T27. User Accounts Cisco WebEx Connect and Meeting Center Users should have an account in Meeting Center to use the SSO and Meeting Center integration feature. Note If no user account is detected in Meeting Center, an error message is displayed as shown in the graphic below this table. . To enable SSO integration with Meeting Center: 1 Make sure you’ve correctly entered the security settings as described in “Single Sign-On Configuration of the Admin Console” on page 64. 2 Under Integrated Center Site in the Configuration tab, enter the following information: Site URL: The Meeting Center site URL that’s integrated with Cisco WebEx Connect. When a meeting is scheduled, this site will be launched. Brief Description: A brief description of the Meeting Center site. 67 Chapter 6: Single Sign On and Directory Integration Note This Site URL must first be configured in the Super Admin interface. The Org Administrator can add more than one Meeting Center site and specify one site as default as shown in the following graphic. Directory Integration In the standard configuration of Cisco WebEx Connect, user information comes from multiple sources. The Org Administrator manages user accounts, users add their own information to their user profile and the Microsoft Outlook Address Book is used to add IM contacts and invite users to Spaces. Directory integration allows companies to integrate their corporate directory with Cisco WebEx Connect. This integration provides a single source of user data across the Cisco WebEx Connect system, providing several benefits: Accounts are automatically provisioned and updated from the corporate directory data The corporate directory data is used to add IM contacts and invite members to Spaces. A friendly display name can be specified for users. The user’s display name appears in the contact list and Space instead of their screen name. Users can easily add groups and group members to their IM contact list. Groups from the directory can be used for policy enforcement The directory data is used to automatically populate the profile information displayed in the business card. Users cannot edit the directory information in their profile. Note Implementing Directory Integration requires Single Sign-On (SSO). Contact your Customer Success Manager for implementation information. 68 Chapter 6: Single Sign On and Directory Integration Directory Integration Import Process and File Formats The corporate directory information is imported into the Cisco WebEx Connect system via a secure FTP server. The schedule for the import interval is set in the Configuration section of the Cisco WebEx Connect Admin Console. Note Contact your WebEx Customer Success Manager for information on importing directory data into Cisco WebEx Connect. User File Formats The directory information for users and groups is imported using files with the following formats. User and group data is imported in different files. User file name format User file name format: userFile_yyyy-mm-dd_n.csv Format Description yyyy-mm-dd The date on which the job is run. The date is based on the GMT timezone. n The job instance number for that particular day. Example: If the job is scheduled to run four times a day, and the job was running on 28th July 2008, the files would be named userFile_2008-07-28_1.csv, userFile_2008-07-28_2.csv, userFile_2008-07-28_3.csv, userFile_2008-07-28_4.csv User file format A header record should NOT be present in the file.The file format is: userSSOId,displayName,firstName,lastName,email,jobTitle,address 1,city,state,zip,country,phoneOffice,phoneCell,homeGroupSSOId,h omeGroupName,businessUnit,userProfilePhotoURL 69 Chapter 6: Single Sign On and Directory Integration Format Description userSSOID The SSO ID used internally by the organization. This is the main field which is used to determine the record to be updated. If a user is found with the same userSSOID already in the connect database, then his/her details are updated. If not, a new user is provisioned for the organization with all the details. homeGroupSSOID (optional) If a value is present, the user will be associated with that group. homeGroupSSOName The name for the group. If a name is not provided, the homeGroupSSOID itself will be used. businessUnit (optional) If present will be placed in the user’s profile area. userProfilePhotoURL A URL where the user’s profile photo is provided. This URL will be used as-is by the client to display the photo. Group File Formats The directory information for users and groups is imported using files with the following formats. User and group data is imported in different files. Group file name format Group file name format: groupFile_yyyy-mm-dd_n.csv Format Description yyyy-mm-dd The date on which the job is run. The date is based on the GMT timezone. n The job instance number for that particular day. Group file format A header record should NOT be present in the file. The group file contains 3 different types of records—Group Information, Child group information and Member information. Each of these types of records are differentiated by providing a recIndicator (Record Indicator). 70 Group Information record the record indicator— g Child group record the record indicator is — gg Group members record the record indicator is — gu Chapter 6: Single Sign On and Directory Integration Group Records The following table lists the group information records. recIndicator,ssoGroupId,groupName,groupType Format Description SSOGroupID The field used to determine if a group has been created in Connect or not. If already created, the group information is updated. Otherwise, a new group is created. groupType (optional) If present it has to have a numeric value. If the value is 4, only then the group will be available for searching on the client. Child Group Records The child group record fields are: recIndicator,ssoGroupId,RECURRING_subGroupSSOID For example, the subgroupSSOIDs are provided in a comma separated fashion after the parent record indicator and parent group id to which they belong to. Group Member Records The group member record fields are: recIndicator,ssoGroupId,RECURRING_memberSSOID The member SSOIDs are provided after the record indicator and group ID to which they belong. The group file can have many types of records, in any order. This example contains records of all three types in any order. g, groupSSOID1, Group SSO Name1 g, groupSSOID2, Group SSO Name2 g, groupSSOID3, Group SSO Name3 gu,groupSSOID2,userSSOId6, userSSOId7 g, groupSSOID4, Group SSO Name4 g, groupSSOID5, Group SSO Name5 gg, groupSSOID3, groupSSOID10 gu,groupSSOID1,userSSOId1,userSSOId2,userSSOId3, userSSOId4 gg, groupSSOID1, groupSSOID2, groupSSOID3, groupSSOID4, groupSSOID5 gg, groupSSOID2, groupSSOID3, groupSSOID4 71 Chapter 6: Single Sign On and Directory Integration User Inactivation User inactivation file name format User inactivation file name format: userInactivation_yyyy-mm-dd_n.csv Format Description yyyy-mm-dd The date on which the job is run. The date is based on the GMT timezone. n The job instance number for that particular day. A header record should NOT be present in the file. The file format is: userSSOID This file contains only userSSOIDs whose record must be inactivated. Group Deletion Group Deletion file name format Group deletion file name format: groupDeletion_yyyy-mm-dd_n.csv Format Description yyyy-mm-dd The date on which the job is run. The date is based on the GMT timezone. n The job instance number for that particular day. Group Deletion file format A header record should NOT be present in the file. Group deletion file format: SSOGroupID This file contains only SSOGroupIDs whose record must be inactivated. 72 7 Reports Cisco WebEx Connect Administrators can generate the following reports: Usage Report User Report Storage Consumption Report Cisco WebEx Connect Reports The Org Administrator can generate and save the following types of reports: Usage Report User Report Storage Consumption Report You can run one report at a time. When the report is complete, a Completed message appears under the status column. Then, you can display or save the report. The reports are saved for 7 days from the date the report is generated. 73 Chapter 7: Reports Usage Report The Usage Report includes summaries of the number and type of activities that are occurring in Connect based on a specific periodical frequency: monthly, hourly, weekly, and daily. The Usage Report includes the following columns (listed below in the order they appear from left to right in the report): Column Description Date and Time The specified period interval for the aggregated data. Connect Logins The number of Connect logins in the specified period. Number of IM Sessions The number of IM sessions in the specified period. Number of Meetings The number of Connect meetings hosted in the specified period. Number of Desktop Sessions The number of Desktop sessions initiated in the specified period. Number of Calls The number of Telephony calls initiated in the specified period. User Report The User Report covers information on what users are doing with Connect during a specific month. The User Report includes the following columns (listed below in the order they appear from left to right in the report): Column Description User Name The user’s name. Number of Logins The number of Connect logins in the specified month. Number of New Spaces Owned The number of new Spaces created by this user in the specified month. Number of New Spaces as Member The number of new Spaces to which this user belongs in the specified month. This includes the number of new Spaces this user created in the specified period. Number of Meetings Hosted The number of meetings this user hosted in the specified month. Number of IM Sessions The number of IM sessions for this user in the specified month. 74 Number of Calls The number of Telephony calls this user initiated in the specified month. Number of Desktop Share Sessions The number of Desktop Share sessions this user had in the specified month. Additional Storage Used (MB) The amount of additional storage this user used in the specified month. This includes all data that was saved in Connect Spaces. A negative value means that the user freed up more storage than was used during the month. Chapter 7: Reports Storage Consumption Report The Storage Consumption Report covers how much storage a Space is using in a particular month. The Storage Consumption Report includes the following columns (listed below in the order they appear from left to right in the report): Column Description Space Name The name of the Connect Space. Space Owner The user name for the Space owner. Additional Storage Used (MB) The amount of additional storage this Space used in the specified month. This includes all data that was saved in Connect Spaces. A negative value means that the Space freed up more storage than the user used in this month. Generating Reports For details on each report, see “Usage Report” on page 74, “User Report” on page 74, and “Storage Consumption Report” on page 75. Note The time zone used in reports is always Greenwich Mean Time (GMT). To generate a report: 1 Click the Report tab. 2 Select a Report Type from the dropdown list. 3 Select the Bucket Size from the dropdown list (hour, day, week, month). This is only applicable for the Usage Report. 4 Select the Month and Year for the report. 5 Click Generate Report. After a few minutes, the report appears in the list under the Report Name column in .CSV format. 6 Click the name of the report link to open or save the report. Report generation can be called while it is in progress 75 Chapter 7: Reports Note Only one report can be generated at a time. You must wait until the status of the generated report is Completed, before generating another report. 76 8 CSV File Format This section includes guidelines for creating a CSV (comma separated value) file to import users into Cisco WebEx Connect. In addition, the required fields and a sample file is included. CSV Fields The following fields should be included in the CSV file before you import users into Cisco WebEx Connect. They should appear in the following order. Field name Definition Screen Name Optional. Enter the user’s screen name. If empty, email is used as screen name. First Name Required. Enter the user’s first name. Last Name Required. Enter the user’s last name. Email Required. Enter the user’s email address. Address 1 Enter the first line of the user’s address. Address 2 Enter the second line of the user’s address. CIty Enter the city in which the user lives. State Enter the state in which the user lives. Country Enter the country in which the user lives. Zip Code Enter the user’s zip code. Office Phone Enter the user’s office phone number. Cell Phone Enter the user’s mobile/cell phone number. Account Status Default is Active. This field is populated in the output file if there is an error processing the record. An Inactive user cannot use Cisco WebEx Connect. PrimaryGroup Optional. This field is not required in the CSV file. If the field is included, the user is added to the group with this name, otherwise the user is added to the default group. 77 Chapter 8: CSV File Format CSV File Import Process The Cisco WebEx Connect Administrator or Group Administrator can log into the Cisco WebEx Connect Admin Console and upload a CSV file of users in the appropriate format. After the CSV is successfully imported, new users have the same process as manually creating users. For example, the Welcome e-mail is sent to the new users. The following occurs when importing the CSV file into Cisco WebEx Connect: Users are loaded into groups specified in the CSV file, if the group owner has the privilege to administer the groups. All the valid entries are imported even if one or more entries are not valid. Τhe status of the import is reported in the CSV file that replicates all the information from the input file, with a specific column indicating the status. If a user with the same email address is already in Cisco WebEx Connect, the existing record in the database is overwritten with the value in the CSV file. Updates will replace the previous settings. For example, if new roles are specified for the user, the previous roles are replaced. The import process runs in the background. You can continue other Cisco WebEx Connect Admin Console tasks, such as configuration, while the import process runs. After the import is complete, a confirmation email is sent to the person who initiated the CSV Import. The notification includes a summary of the import results. The Administrator can terminate an import operation that is in progress. Sample CSV file The following shows how a CSV file should appear, with all appropriate fields populated before importing into Cisco WebEx Connect. You can copy and paste the following text into a file to use as a template for your CSV file, or you can import into a spreadsheet program, like Microsoft Excel. The following sample includes the appropriate fields in a CSV format: Mike@webex.com,Mike,Demetri,mike@webex.com,1234 Orchid Way,apt. 3,Santa Clara,CA,95051,USA,408-555-1212,408-555-2121,Active,MyGroup 78 9 Library Management The Library (Application) Management application allows users to manage applications (widgets and templates) for an organization, such as uploading applications to a library, moving applications between libraries, and deleting applications. Users can upload applications to any library for which they have permission. In addition, users can copy applications from one library to another, and delete applications from a library. The user must have write permissions to the library in order to copy applications. If the user does not have permissions to a library, the user can send a notification to the Org Administrator to copy the application. For more information on using the Cisco WebEx Connect product and the Library Management widget, refer to the Cisco WebEx Connect Help and search for Library Management. Adding Applications A regular Cisco WebEx Connect user and the Org Administrator can add applications using the Library Management Widget. Regular users can only add or manage applications to their own personal libraries. The Org Administrator can manage applications in the public library, as well. 79 Chapter 9: Library Management Note For more details on adding applications (widgets) to a library, refer to the Cisco WebEx Connect Help. Copying applications to a library This is for regular Cisco WebEx Connect users and Org Administrators. To copy application from one library to another: 1 Navigate to the applications in your personal or public library. 2 Select an application from the list of applications and select Copy widget to …. 3 Select Public or Personal from the dropdown list and click on OK. If the user does not have permission to a library, an error message appears asking whether the user wants to send a request to the Org Administrator to complete this step. The user can click Yes or No. If the user selects Yes, a notification email is sent to the Org Administrator. When the Org Administrator logs onto Cisco WebEx Connect and opens the Library Management widget, the list of applications under the Pending Approval. The Org Administrator can use the mouse to hover over the widget to see details and Approve or Deny the request. For more information on approving requests to add applications, see “Approving request to add application to public library” on page 81. 80 Chapter 9: Library Management If the request is approved, it appears in the public library. If the request is denied, it is removed from the Pending Approval list and a notification is sent to the user. Approving request to add application to public library This is for users with Org Administrator privileges only. 1 The Org Administrator receives an email notification each time a user requests a widget/template to be copied to the public library. The email has a title such as, Request to copy application to the Public Library. 2 The Org Administrator needs to log into MyWebEx and navigate to the library management widget. 3 The Org Administrator will see a list of applications in the Pending Approval list. The Org Administrator can hover over the widget to see details (pop-up similar to the “Get More Apps” pop-up), and Accept or Deny the request. 4 If the request is approved, it appears in the public library. 5 If the request is denied, it is removed from the Pending Approval list and a notification is sent to the user. Removing applications from a library This is for regular Cisco WebEx Connect users and Org Administrators. 1 Navigate to the applications in the personal library (personal and public for org administrator user) 81 Chapter 9: Library Management 2 Select an application from the list of applications and select Remove The Widget.... 3 To confirm deleting the widget, click OK. The application is removed from the user’s personal library, and added to the Recycle Bin. Restoring applications to a library This is for Cisco WebEx Connect users and Org Administrators. 1 Navigate to the Recycle Bin list. 2 Select an application from the list of applications and select Restore. 82 Chapter 9: Library Management 3 The application is restored to the library it was originally removed from and is removed from the Recycle Bin. 83 Chapter 9: Library Management 84 10 Cisco WebEx Connect Command-line Parameters This section includes command-line parameters used in the Cisco WebEx Connect installer. The command-line parameters are passed into the Installer executable WebExConnect.exe or the MSI package apSetup.msi, or directly added into the MSI package. Command-line Parameters The following command-line parameters are listed with their values and descriptions. The default value is listed in bold text. The support URL can be set to organization's first level support page (for example, http://firstlevelsupport.mycompany.com, at the time of installation by installing the client software with the following command line parameter: msiexec /i “C:\apsetup.msi” SUPPORT_URL=http://firstlevelsupport.mycompany.com GET_SCREEN_NAME_URL=http://register.mycompany.com Note If the registry value can not be decrypted (for example, it was manually modified), an error is reported and the user cannot log in. Auto Update always runs WebExConnect.exe /m, so it saves the current settings, which are in system registry. For installation over an existing version, the command line parameters or the corresponding public properties in the MSI package overwrite the current settings. If not specified, the current settings, NOT DEFAULT, will be used. 85 Chapter 10: Cisco WebEx Connect Command-line Parameters Parameter Values Description YES Archive IMs. NO Do not archive IMs. <integer> The number of days to save archived IMs. This parameter works only when ARCHIVE is set to YES. Maximum is 9999. ARCHIVE ARCHIVEDAYS All values for this parameter are case-insensitive. HOMEPAGE AOL AOL is the homepage. MyWebEx MyWebEx is the homepage. None No homepage. French Support for French (FR) Japanese Support for Japanese (JP) English The default value of this parameter is English. YES Start Cisco WebEx Connect when Windows starts. NO Do not start Cisco WebEx Connect when Windows starts. LANGUAGE RUNATONCE The default value of this parameter is NO. CONNECT_OUTLO OK YES Connect to Microsoft Outlook when Cisco WebEx Connect starts. NO Do not Connect to Microsoft Outlook when Cisco WebEx Connect starts. YES Display my Cisco WebEx Connect presence status in Microsoft Outlook. This parameter works only when CONNECT_OUTLOOK is YES. NO Do not display my Cisco WebEx Connect presence status in Microsoft Outlook. DISPLAY_PRESEN CE SIGN_ME_OUT 86 Chapter 10: Cisco WebEx Connect Command-line Parameters Parameter Values Description YES Sign me out of Cisco WebEx Connect when I close my Contacts List window. NO Do not sign me out of Cisco WebEx Connect when I close my Contacts List window. <SupportURL> Support URL specified by <SupportURL> value. SUPPORT_URL The value overrides the default URLs provided by Cisco WebEx Connect. FORGOT_PASSWO RD_URL <ForgotPassword URL> URL for “forgot password” hyperlink, specified by <ForgotPasswordURL> value. The value overrides the default URLs provided by Cisco WebEx Connect. Note In organizations where Single Sign On is implemented, the Forgot Password? link on the Connect client opens the URL the Org Admin has specified for this parameter. However, if no URL is provided for this parameter, the forgot password page displays an error when you enter the user name and click Submit. GET_SCREEN_NA ME_URL <GetScreenName URL for “Get Screen Name” hyperlink, URL> specified by <GetScreenNameURL> value. The value overrides the default URLs provided by Cisco WebEx Connect. HOST_NAME <HostName> Host name in Connection Settings. The string is encrypted and stored in system registry. The default value is slogin.oscar.aol.com. To enforce auditing by the Advanced Auditor service, this must be set to slogin.webexaimpro.com. HOST_PORT <HostPort> Host port number in Connection Settings. The string is encrypted and stored in system registry. The default value is 443. 87 Chapter 10: Cisco WebEx Connect Command-line Parameters Parameter Values Description Secure Use secure connection. The entire string is encrypted and stored in system registry. Read-Only Connection Settings are read-only.The entire string is encrypted and stored in system registry. SECURE_CONNEC TION CONNECTION_SET TINGS_READONLY If the registry value cannot be decrypted (for example, was manually modified), the default value “Read-Only” is used. If <Permission> is read-only, all fields in Connection Settings are disabled, including the proxy settings. The username and password fields should be enabled if “Connect using proxy” checkbox is selected. Read-Write Connection Settings are read-write. UseProxy Use proxy. The entire string is encrypted and stored in system registry. NotUseProxy Do not use proxy. <ProxyName> Proxy name in Connection Settings. The value string is encrypted and stored in system registry. USE_PROXY PROXY_NAME The default value is a special GUID to indicate no proxy server to be used. If no proxy server is used, this value is ignored. PROXY_PORT HTTPS=443 HTTP=80 SOCKS4=1080 SOCKS5 =1080 Proxy port in Connection Settings. The value string is encrypted and stored in system registry. The default value depends on proxy protocol value. If no proxy server is used, this value is ignored. PROXY_PROTOCO L 88 Chapter 10: Cisco WebEx Connect Command-line Parameters Parameter Values Description HTTPS Protocol in Connection Settings. The value string is encrypted and stored in system registry. HTTP SOCKS4 SOCKS5 The default value depends on proxy protocol value: HTTPS – 443, HTTP – 80, SOCKS4 -1080, SOCKS5 -- 1080 If no proxy server is used, this value is ignored. USE_FACETIME_F OR_FILEXFER YES Required field to enable File Transfer through Advanced Auditor. NO Not required if Advanced Auditor is not enabled. login.webexaimpr o.com This is a required parameter to enable file transfer through Advanced Auditor Service. <OrgName> Required when SSO is implemented for the Org. The parameter enables SSO in the client and identifies the Org to be used for SSO. AOL_ARS_FILEXFE R_URL SSO_ORG_NAME When SSO is enabled, the Cisco WebEx Connect client must be installed with a command specifying the org name. This enables SSO in the client and identifies the org to be used for SSO. Use the following example for installing the Cisco WebEx Connect client: 1 Example for installing the MSI file: msiexec.exe /i filename.msi SSO_ORG_NAME=OrgName 2 Example for installing the .exe file: filename.exe SSO_ORG_NAME=OrgName 89 Chapter 10: Cisco WebEx Connect Command-line Parameters 90
Similar documents
InterCall Overview
From the Administrative Tools tab, you can then: Customize emails you send to new WebEx Connect users and when users invite others to join WebEx Connect Team Spaces. For more information on customi...
More information