Cisco (Tandberg) EX90 stuck in maintenance mode boot cycle

EX-90 in Maintenance mode.

Our eval kit EX90 rebooted during a jpg background upload, the file size limit for these is 2Mb, and I had select a 900kb file to do the company logo. When the machine came back up, it was in maintenance mode, suggesting 3 options of action: Restart, Factory rest or Software Upgrade.

I instantly restarted the machine, same situation. I powered it off, same situation. I removed the power altogether, same situation.

I contacted our Cisco rep for help. We didn’t want to factory reset it as we had put some considerable effort into it to configure the content channel for data (screen sharing AV etc). We decided to proceed with a software upgrade as we were 1 point behind the current release 7.1.3 and that wouldn’t affect any licensing. Downloading the file as always with cisco requires CCO download rights which we no longer have( cheers cisco, that’s frustrating when it requires the licence anyway, without it the download is useless!).

I opted to upload the package (pkg file) and auto load it. The screen goes to a predictable ‘this may take some time’ etc etc and then the browser timed out on me about 5 minutes in. I reloaded the page only to be presented with a log-in challenge again. I logged in and luckily the file had uploaded but had not been upgraded.

I proceeded with the upgrade, which took about 4 minutes, do file verification and various checks. Again after 2 reboots, the EX90 came up in maintenance mode.

There was only 1 option left, factory reset. This again took 2 reboots, the control surface taking the longest to complete. At this point it came up with a configuration menu and we were back to a configurable unit. We then painstakingly re-configured it all and we were back.

Faced with the situation again, I would instantly go for the factory reset with the current software as I don’t believe the software upgrade did anything to assist.

Extending your MeetingPlace Express installation lifeline

Whilst I’m always in favour of migrating to the latest technology and taking advantage of the features they offer, every once in a while you have some existing installation that simply does the job and you are happy with what it offers.

We’ve had an old installation of Cisco MeetingPlace Express 2.1, which dates back to circa 2006/7, it offers conference call facilities, screen sharing and presentation, all nice and simple. It’s been replaced by the latest Cisco offering of WebEx. Don’t get me wrong, it’s a great product, but we simply can’t justify the expense of it when the feature set we have now fulfils our needs. We’ve gone OSX on our desktop, and whilst MeetingPlace Express is strictly only supported under Windows, for the plugins etc, it’s perfectly useable from within the web based client. In order to use our existing install, we needed to make it use our backend Active Directory infrastructure and also change it to our current domain suffix, from a legacy one.
Initially, integrating it to Active Directory appeared daunting, as we had existing, stand alone users configured, with existing repeat meetings etc.

There is plenty of good documentation available here, but when we followed it, we managed to import users, but they were detached from their meetings, and as those meetings had no owners, they in turn vanished. This could have been a disaster, but we had of course made a full system backup before we did anything.

So, the aim was essentially 2 separate processes; change the DNS suffix and lookup; make the system AD integrated somehow.
In integrating MeetingPlace Express with an external directory, there are 2 methods to do it, LDAP and AXL SOAP API. They will both authenticate against CUCM or a CUCM related/generated directory. It pretty much depends which version of Call Manager (CUCM) you’re running, for 4.x and earlier, ldap is recommended and for 5.x and above, AXL is supported. As I wanted to authenticate against Active Directory and not CUCM, I opted to do it with ldap, it’s by far the simplest way.

The procedure is like this:

Export all users to csv text file.
Log in to Cisco Unified MeetingPlace Express and click Administration. Click System Configuration > Usage Configuration.
Complete the fields available

  • Cisco Unified Communications Manager/ Cisco Unified CallManager version: Set this field to Cisco Unified CallManager Release 4.x
  • LDAP URL: (Make sure that this URL starts with ldap) ldap://server.whateveryourdomain.com:389 (Make sure that there are no spaces after the URL)
  • Directory username: Use the format of an LDAP distinguished name: cn=serviceaccount,dc=whateveryourdomain,dc=com
  • Password: Self explanatory
  • Cisco base: Leave blank if you are not using the Cisco Unified CallManager DC-Directory to authenticate Cisco Unified MeetingPlace Express users.
  • User base: dc=whateveryourdomain,dc=com
  • Directory type: ADS  (Active Directory Services)
  • Click Test LDAP Configuration to test that the configuration parameters work correctly.
  • Click Save.

MeetingPlace Express Administration Center
The test should dictate your success.
So, if like us you have existing users and want to convert them to AD authentication, you will need to take your exported file and modify it.

The procedure is like this:
1 Export all users again as before, safety first.
2 Open the file in Excel and then import as comer separated CSV
3 Edit text file, and modify field ISUSERLOCAL set to NO
4 Save the file, as csv, (however you cannot import using csv, the file MUST be text or it will corrupt on import)
5 Drop into a file manager and rename the file extension to .txt
6 Now import user TXT file and select the option to overwrite any existing users
7 Check you can now still login with AD credentials
8 Check meetings are all still visible. Test

Don’t change settings for admin users, or guest user as these must stay local.

You should not have all your users still with their existing meetings, but authenticating against Active Directory!

Now to change the domain suffix…

To change network parameters post installation, you can use the net command to modify the network configuration settings. To access the net command, you can use the Meeting Place terminal via the GUI, or SSH into it as the user called mpxadmin and then enter the command net.
In order to change the network settings, you must shut down the application by entering the following: sudo mpx_sys stop

MeetingPlace CLI

The options pretty much speak for themselves, to change the DNS suffix, option 5; to change the DNS servers, option 6 and so on.
Option 8 when you’re done modifying settings, and don’t forget to reboot for the settings to take effect. (shutdown -r now)

With MeetingPlace now authenticating against your domain, any users who weren’t already enrolled will have accounts created on the fly when they attempt to login. It’s great, lowers the support overhead and is much quicker for the users too.

Cisco UC Product Tour

I had an interesting trip to see our friends at Cisco HQ (UK) today. It was a multi-purposed session to discuss a multitude of UC subjects.

We’re busy embarking on a Cisco Unity Connection install, to replace our old Unity 4.X installation. We’ve made a few test builds, but that’s largely been to get comfortable with the install process. We wanted to see some of the technology in action, hear some of the marketing and also get an informed demonstration.

Unity Connection:
Features like Visual Voicemail and its ability to store voicemail ‘offbox’ in Exchange are what have attracted us. It’s an interesting way to achieve Unified Messaging without incurring the expensive Microsoft licencing costs. I like that unlike Unity, Unity Connection is now a linux appliance, it’s AD integration isn’t some masked Exchange 2003 installation. The only aspect I am currently not impressed by is the personal contacts feature, it’s a manual upload of contacts, with limited fields. It’s not dynamic at all, not linked to Exchange, it’s a one time import via a web portal.

Jabber: Cisco have started to combine open standards based XMPP technology obtained through the Jabber acquisition. This is being integrated into the WebEx and CUPS and CUPC products. There are ‘Cisco Jabber’ applications available for the Android and Apple platforms, and lots of work in progress to bring in more features towards the end of the year. Blackberry solutions require MVS which is essentially some glue to get it to work under the RIM framework. It creates a SIP trunk into CM, to enable you to use your mobile to make calls via CM trunks.

Cisco Quad: A very interesting product, I’m sure there are many ways to describe it and frame what it is, but it’s essentially a fully fledged ‘corporate-facebook-intranet-in-a-box’ That somewhat undersells it, a recent piece of work has seen our company develop its own intranet with social collaboration in mind, this has met with mediocre success. The Quad product would have pretty much full-filled all the technical needs for us in a turn-key solution. I’m not saying it’s all things to all men, but I was suitable impressed. As a social collaboration suite, it tops my interested list. There are Android, iPad and iPhone applications available for Quad.

Cisco CUPS: I’ve known about CUPS for ages, but it’s always been this monstrously huge product, that was a sledge hammer to crack a nut. It always felt expensive and cumbersome. I’ve no doubt it’s still quite a challenging install, but it’s mediation/federation offering to lash together CUCM and OCS/Lync that mean I will definitely be looking it over again now. The CUPC client is also much improved and is very polished. It has become a very polished and attractive product. The product was re-written with the Jabber technology and is now open standards based. Federation will be achieved using XMPP. Version 8.5.

Show and Share: I’d describe it as corporate YouTube. It enables users to share and collaborate with video/media rich content, tagging and making video content searchable. You can record a piece via a video enabled device and with 1 click publish it as online content. Also known as Cisco Digital Media Manager.

Video Conferencing (Telepresence): Cisco has done a lot of work integrating the Tandberg end points into their product range. I was impressed with the speed that this integration seems to have happened.

Cisco Cucimoc download location

I had occasion to download the latest cucimoc version today, but cisco have recently revamped their entire site. I cheerfully put cucimoc into their search engine under product downloads, as I have done many times before… no results found. Then followed 5 minutes of putting every permutation of Cisco Unified I could think of. Again no results.

This is daft, I always found the download this way. I started going through the menu’s under Download Software, this took near on 30 mins of going down each avenue, only to not find it! Eventually I find it. So to save you all the incredulous searching here’s where it is! Cisco Unified Communications for Microsoft Office Communicator download

Here’s a pic to illustrate the menu layer

Hope it saves you a few minutess, oh and Cisco, fix that search engine, it’s pointless!

Connecting to OCS on Linux and Mac

I spend most of my compute time in a Windows OS, and probably mostly that’s still XP. Lately I’ve started to force myself to use linux gui and now, as a result of a change of focus at work, MacOS.
This means getting other clients to connect to OCS. Sure there is always the fallback of WebMOC, but nothing beats a full-fat client imho.
Getting it to work in linux was new territory for me, so I enlisted the help of one of our linux happy developers, who ran through a ‘how to’ for using empathy under Ubuntu. Now even as a linux newbie, can see how this would port to Pidgin etc, and other distributions.

Linux:

Create yourself some root certificates from your AD cert authority.
Download the .cer file(s) to your linux desktop from somewhere you can get to ftp;Smb etc
Drop into a terminal session and make sure you know the path to .cer file(s) (e.g /etc/*username)
#openssl x509 -inform der -in Certfilename.cer -out Certfilename.pem

Do this for as many .cer files as you have (perhaps 1 from primary, 1 from secondary)
# sudo mv Certfilname.pem /etc/ssl/certs
# sudo apt-get install pidgin-sipe telepathy-haze
# sudo shutdown -r “now”

Now restart empathy
# add an account (f4)
# type SIPE
# Account = mail address,domain\username
# Password = domain password
# Advanced – use defaults
# You can try with servername if you know it, though providing you setup SRV correctly, it should be a case of Apply.. You’re on…

Mac:

Create yourself some root certificates from your AD cert authority.
Download the .cer file(s) to your linux desktop from somewhere you can get to ftp;Smb etc
Connect to this share – Connect to server (under the Go in the Finder menu)

Smb://blabla.lukedarby.co.uk/sharename/Rootcerts

Put in your Active Directory username and password, domain\username
Open Certfilname.cer and add to login then select ‘Always Trust’ when asked, you’ll then be asked for the keychain password (mac)
Then do the same for an other certs (perhaps you do primary and secondary)
Install  MS Messenger 7.0.2  (currently)
You’ll need to copy the install to your Mac then install it.
Go with Defaults until your asked to choose between Personal or Corporate and you need to select Corporate.
Then you need to enter your details, for the user ID you need to put domain\username.
Complete… You’re on…

Now, I need to get an iPad client working. Currently all the available apps for for iPhone or iPod touch. The most interesting looking being ‘Fuze Messenger’ but this is only supported for OS 4.0, which at the date of writing isn’t available for iPad.
There are some others claiming to answer the issue (iOCS) but they’re iPhone apps and just blow up to an enormous size on an iPad and look..well, silly.