[cisco-voip] Expressway 8.5 is out

Jason Aarons (AM) jason.aarons at dimensiondata.com
Fri Dec 19 12:31:06 EST 2014


From a security standpoint and collaboration standpoint pictures are helpful and I would say becoming more common.

When someone walks in the door from another office, you can at least see their picture in Outlook and confirm they are who they say they are. Most corporations use the same AD picture to issue badges that have security tokens/door access.

Jabber has some security and cache issues with pictures.

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Lelio Fulgenzi
Sent: Friday, December 19, 2014 11:46 AM
To: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] Expressway 8.5 is out


Are contact pictures a common thing in enterprises? I can't imagine the headache it is to maintain those things. We have almost 4000 staff, and having to manage pictures for them all would be daunting to say the least.

Are there applications out there that help people submit/manage their avatar? I'm guessing there would need to be some policies around what people can wear, etc. as well as a final 'approval' stage so people like me don't submit Bubbles as their avatar.


---
Lelio Fulgenzi, B.A.
Senior Analyst, Network Infrastructure
Computing and Communications Services (CCS)
University of Guelph

519‐824‐4120 Ext 56354
lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>
www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs>
Room 037, Animal Science and Nutrition Building
Guelph, Ontario, N1G 2W1

________________________________
From: "Matthew Loraditch" <MLoraditch at heliontechnologies.com<mailto:MLoraditch at heliontechnologies.com>>
To: "Dennis Heim" <Dennis.Heim at wwt.com<mailto:Dennis.Heim at wwt.com>>, "Lelio Fulgenzi" <lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>>, "Josh Warcop" <josh at warcop.com<mailto:josh at warcop.com>>
Cc: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Sent: Friday, December 19, 2014 10:55:56 AM
Subject: RE: [cisco-voip] Expressway 8.5 is out
Maybe… I have something odd going on, but my pictures work? I added my internal server to the http allow list and it works.

Matthew G. Loraditch – CCNP-Voice, CCNA-R&S, CCDA
Network Engineer
Direct Voice: 443.541.1518
Facebook<https://www.facebook.com/heliontech?ref=hl> | Twitter<https://twitter.com/HelionTech> | LinkedIn<https://www.linkedin.com/company/helion-technologies?trk=top_nav_home> | G+<https://plus.google.com/+Heliontechnologies/posts>

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Heim, Dennis
Sent: Friday, December 19, 2014 9:07 AM
To: Lelio Fulgenzi; Josh Warcop
Cc: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Subject: Re: [cisco-voip] Expressway 8.5 is out

They should make it so that Expressway can be a proxy for the pictures. Then we can stop having to export pictures to a web server.

Dennis Heim | Emerging Technology Architect (Collaboration)
World Wide Technology, Inc. | +1 314-212-1814
[twitter]<https://twitter.com/CollabSensei>
[chat][Phone]<tel:+13142121814>[video]
"Innovation happens on project squared" -- http://www.projectsquared.com


From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Lelio Fulgenzi
Sent: Thursday, December 18, 2014 8:40 PM
To: Josh Warcop
Cc: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Subject: Re: [cisco-voip] Expressway 8.5 is out


That's good news. That will be a good start.

I'm not sure about moving from to AD to LDAP as our source. There are other issues there, namely LDAP version compatibility.

I'll have to see about convincing the AD team to import the vanity accounts into the domain. Even if they import them into a hidden container, I should be able to create another import config to bring those in.

Another question if you don't mind.

With URI dialing, which extension does it use?




Sent from my iPhone

On Dec 18, 2014, at 8:14 PM, Josh Warcop <josh at warcop.com<mailto:josh at warcop.com>> wrote:
That is configurable via the CUCM Ldap Directory configuration. What is returned when searching is not related to the primary extension on the user account. The CUCM LDAP directory configuration allows you to pick from telephoneNumber or ipPhone.

You're not limited to connecting only to Active Directory. I would look into bringing in that other LDAP directory source.

Sent from my Windows Phone
________________________________
From: Lelio Fulgenzi<mailto:lelio at uoguelph.ca>
Sent: ‎12/‎18/‎2014 7:49 PM
To: Josh Warcop<mailto:josh at warcop.com>
Cc: NateCCIE<mailto:nateccie at gmail.com>; cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Subject: Re: [cisco-voip] Expressway 8.5 is out

Thanks Josh.

Right now we create pseudo-userids in our LDAP directory for just about any directory entry users want, e.g. College of Arts, so they can find the extension easily. This extends to many, many non user based entries. This allows us to have a many to one relationship directory entries to extensions. This is what we use as our public facing telephone directory.

Unless there is another directory search option available with jabber (over expressway), it means that only those users that are imported via AD into CUCM will be searchable.

In our current deployment, only a subset of LDAP entries are populated into AD. So we wouldn't get the correct results.

Question: when it does return results, does it return the telephone number in the user's AD profile? Or does it use the primary extension configured?




Sent from my iPhone

On Dec 18, 2014, at 6:31 PM, Josh Warcop <josh at warcop.com<mailto:josh at warcop.com>> wrote:
I'm trying to understand what you're pointing out. Expressway is an HTTPS proxy so there wouldn't be any LDAP sent over the Internet. So UDS serves that purpose so that off premise clients can search the directory.

From what I'm reading this is more of your security setup and nothing wrong particularly with UDS. Are you saying your directory on CUCM is invalid?

Direct Access isn't supported and I wouldn't recommend it. There are more clients to consider than endpoints that run Windows.

Sent from my Windows Phone
________________________________
From: Lelio Fulgenzi<mailto:lelio at uoguelph.ca>
Sent: ‎12/‎18/‎2014 6:14 PM
To: NateCCIE<mailto:nateccie at gmail.com>
Cc: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Subject: Re: [cisco-voip] Expressway 8.5 is out
I notice contact search is limited to UDS still. I was hoping LDAP would have been enabled.

We have scenarios where people don't want their extensions known, so through LDAP we publish public extensions for those people.

With UDS, it looks like it reveals this information, especially if you dial via URI.

It also seems there are are few limitations when using the expressway solution vs direct access.

In all honest, I was hoping to deploy expressway as an on-campus solution as well.

We don't have a split view DNS set up, which I'm gathering is what is necessary to deploy Expressway for MRA only for off campus.

I'm just starting to read up on this stuff, so I might be off my rocker in some areas.  :)

Lelio

Sent from my iPhone

On Dec 18, 2014, at 5:01 PM, NateCCIE <nateccie at gmail.com<mailto:nateccie at gmail.com>> wrote:

Talking about stuff sneaking out, expressway 8.5 is on CCO.  Here is the release notes:



http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/release_note/Cisco-Expressway-Release-Note-X8-5.pdf





The Expressway can now work with the Cisco DX Series endpoints, and with the 8800 Series and 7800

Series IP phones.

-Nate VanMaren

CCIE #7911
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip



itevomcid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141219/6c3dc05e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 3876 bytes
Desc: image001.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141219/6c3dc05e/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 1389 bytes
Desc: image002.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141219/6c3dc05e/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 1292 bytes
Desc: image003.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141219/6c3dc05e/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 1391 bytes
Desc: image004.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141219/6c3dc05e/attachment-0003.png>


More information about the cisco-voip mailing list