Table Of Contents
Configuring Microsoft Exchange for Cisco TelePresence Manager
Contents
Introduction
Pre-Configuration Set-Up Guidelines
Configuring Microsoft Exchange for CTS-Manager
Deploying with Microsoft Exchange 2003
Deploying with Microsoft Exchange 2007
Migrating from Exchange 2003 to Exchange 2007
Configuring Microsoft Exchange for Cisco TelePresence Manager
Revised: August 12, 2009, OL-13673-04
First Published: November 27, 2006
Contents
•
Introduction
•Pre-Configuration Set-Up Guidelines
•Configuring Microsoft Exchange for CTS-Manager
• Deploying with Microsoft Exchange 2003
•Migrating from Exchange 2003 to Exchange 2007
Introduction
This document explains how to set up the Microsoft Outlook messaging software to be able to receive reminders and allow users to connect to a remote meeting site with the touch of a button.
To enable these features, you must provide CTS-Manager with the contact and access information it requires to connect to and talk with your network.
This chapter covers the steps needed to configure either Microsoft Exchange 2003 or 2007 and Active Directory.
•Microsoft Exchange versions—The following versions are supported by Cisco TelePresence Manager 1.5
–2003 SP1 or 2003 SP2
–Active Directory 2003
–2007 (Version: 08.00.0685.018) with or without SP1.
Note 2007 is supported only with WebDAV.
–Mmicrosoft Exchange (Version 5.2.3790.3959) on Microsoft Windows 2003 (64-bit and 32-bit editions)
•Scheduling Clients supported
–Outlook Versions 2003, 2007
•This release of Cisco TelePresence Manager is designed to work with Microsoft Internet Explorer version 6.0 or later. Cisco cannot guarantee correct system behavior using unsupported browsers.
•Cisco recommends you configure the system using static IP addressing so it will be easy to manage.
It is recommended that Chapter 8, "Initializing Cisco TelePresence Manager" Manager, LDAP sections be reviewed to ensure that user set up is performed correctly.
Pre-Configuration Set-Up Guidelines
The purpose of this section is to reference the chapters you will next need in order to pre-configure supporting software before installing the Cisco TelePresence Manager.
The flow of tasks you need to do for additional configurations before installing the CTS-Manager are provided in the following table.
Table 3-1 Pre-Configure Guidelines Before Installing CTS-Manager
Set-Up Procedures before Installing CTS-Manager
|
Description
|
Location
|
Configure Microsoft Exchange
|
This chapter covers the steps needed to configure Microsoft Exchange and Active Directory for the CTS-Manager system.
|
Current Chapter.
|
Next Steps After Microsoft Exchange Set-up
|
|
|
Configuring Cisco Unified CM.
|
Before installation, you must verify that Cisco Unified Communications Manager is configured for the CTS-Manager system.
|
Chapter 5, "Configuring Cisco Unified CM for Cisco TelePresence Manager"
|
Install and Configure PreQualification Assistant
|
Install and run the Pre-qualification Assistant to ensure that your pre-installation set up is performed correctly. The data you enter into the Tool Test Configuration forms are used to verify connections to the servers and get data from them in order to configure CTS Manager
|
Chapter 6, "Installing and Configuring Cisco PreQualification Assistant"
|
Configuring Microsoft Exchange for CTS-Manager
•If you are using secure mode, a certificate request must exist. If a certificate was not requested when Microsoft Exchange was installed, you can follow the procedure described in the tutorial found at the following Microsoft Exchange URL:
http://www.msexchange.org/tutorials/Securing-Exchange-Server-2003
-Outlook-Web-Access-Chapter5.html
–See the sections "Installing the Microsoft Certificate Service" and "Creating the Certificate Request."
•Make a copy of the certificate and place it in a folder accessible to the computer with browser access to the Cisco TelePresence Manager server.
•A copy of the certificate for Active Directory exists. To request a certificate for Active Directory, follow the below steps:
1. By default, the certificate file is named _.crt. An enterprise certificate authority (CA) automatically publishes the root certificates, and enterprise domain controllers automatically enroll for all domain controller certificates.
2. Make sure the certificate, the CA, and the CA web interface are all installed on the same server. Using Internet Explorer, connect to https://<CA server>/certsrv.
3. Authenticate as the administrator, making sure you specify the proper domain, for example, demotest\administrator.
4. Choose Download CA Certificate, using Distinguished Encoding Rules as the encoding method.
Deploying with Microsoft Exchange 2003
Step 1 Create an account in Microsoft Exchange 2003 for CTS-Manager, e.g. ctsmanaccount.
Step 2 Provide an adequate mailbox quota for the ctmmanaccount. Cisco recommends providing at least 1 GB of mailbox quota for a deployment of up to 125 Cisco TelePresence System endpoints. Additional mailbox quota is recommended if feasible.
Step 3 Login to the ctsmanaccount once to verify it is set up correctly.
Step 4 Create an account in Microsoft Exchange for each Cisco TelePresence System endpoint. You can use `Active Directory Users and Computers' to create the room accounts, or use any custom script to create the room account. If the room is already created, use the information from the Cisco Unified CM and skip this step.
Step 5 Log into the room account once using Outlook Web Access (OWA), or Outlook. This must be done or the room mailbox may not be set up properly in Exchange.
Step 6 The CTS-Manager account (e.g. ctsmanaccount) must have read permission on the Calendar folder for each room's mailbox. You can use Outlook to set Calendar Properties (the Permissions tab), or use Active Directory ("Full mailbox access" permissions).
Step 7 Verify the CTS-Manager account has permissions for all room accounts.
a. Use a supported browser and log onto the room account with OWA (http://<exchange ip address>/exchange/<roomaccountname>)
b. Log in using the CTA-Manager account (e.g. ctmmanaccount)
c. Validate the setup by sending a test email to any user in the same domain. Validate the user receives the email.
Step 8 Synchronize the system clock in the CTS Manager server to the same NTP server used by Exchange. Enter the hostname or IP address of one or more NTP servers. NTP Server 1 value is mandatory; NTP Servers 2-5 are optional. Thus, CTS-Manager and Exchange need to point to the same NTP and synch with the NTP to avoid having the room calendar not updating correctly.
Note Cisco strongly recommends that you enter the NTP server by which Cisco Unified CM synchronizes its clock as the primary NTP server. If these servers are out of synchronization, CTS-Manager may not update and delete unwanted meetings.
Deploying with Microsoft Exchange 2007
Microsoft Exchange management tools can be found in the start menu in the Exchange server - "Start > All Programs > Microsoft Exchange Server 2007". There are 2 tools available as options:
•Exchange Management Console - GUI version which has online help.
•Exchange Management Shell - shell version that can be useful for scripting.
Step 1 Create a user account in Exchange for CTS-Manager (e.g. ctsmanaccount).
.The user account is created from "Exchange Management Console" using the User Mailbox by doing the following:
a. Select Recipient Configuration > Mailbox, right-click and select "New Mailbox"
b. Select "User Mailbox" type and follow the dialog to create the mailbox.
Step 2 Provide an adequate mailbox quota for the ctmmanaccount. Cisco recommends providing at least 1 GB of mailbox quota for a deployment of up to 125 Cisco TelePresence System endpoints. Additional mailbox quota is recommended if feasible.
Step 3 Log into the CTS-Manager mailbox once to verify the user mailbox is set up correctly.
Step 4 IF a new room needs to be added, Admin needs to create the room in Calendaring server first with appropriate permissions for CTS-Manager application account and then create associated device(s) in CUCM. If admin ends up creating room in CUCM beforehand, then the room would appear in error in CTS Manager. Once room is configured in Calendaring server, admin can resync the room in CTS Manager and at that point error goes away.
Step 5 Create an account in Exchange for each Cisco TelePresence System endpoint. Use one of the following methods:
a. In "Exchange Management Console" (EMC), select "Recipient Configuration > Mailbox", right-click and select "New Mailbox." Select "Room Mailbox" type and follow the dialogs to create the mailbox.
b. Run "Exchange Management Shell" (EMS) cmdlet to create a Room mailbox / account.
Step 6 The CTS-Manager account needs to have full access on the Calendar folder of each room mailbox, or at minimum it needs to have read permission. Using EMS, run one of the 2 cmdlets in the following based on your preference:
a. Add-mailboxpermission -identity "TelepresenceRoom9" -accessRights FullAccess -user ctmperf\ctsmanaccount
b. Add-mailboxpermission -identity "TelepresenceRoom9" -accessRights ReadPermission -user ctmperf\ctsmanaccount
You can check the current permission setting of a Room by running one of the following cmdlets:
•Get-mailbox -server tsbu-ctmpc19 | get-mailboxpermission
•Get-mailboxpermission -identity TelepresenceRoom9
Step 7 Set the "DeleteSubject" and "AddOrganizerToSubject" properties in room mailbox calendar to False. This sets the parameters for the meeting to be displayed on the IP Phone.
a. Set-MailboxCalendarSettings -Identity TelepresenceRoom9 -DeleteSubject $false
b. Set-MailboxCalendarSettings -Identity TelepresenceRoom9 -AddOrganizerToSubject $false
Step 8 It is recommended to set Auto-accept to ON using EMS.
Note This works only with room mailbox, not with user mailbox. Also CTS-Manager will not process meetings that are tentative. Meetings that are accepted if Microsoft AAA Agent is off will only access proxy if accepted.
Set-MailboxCalendarSettings -Identity TelepresenceRoom9 -AutomateProcessing AutoAccept
c. Check if Auto-accept has been configured for the room.
Get-MailboxCalendarSettings -Identity TelepresenceRoom9 | fl
Step 9 Log into room mailbox once using Outlook Web Access (OWA) or Outlook 2007. This is an important step, as room mailbox will not be setup appropriately in MS Exchange. In Exchange 2007, you won't be able to directly log on to the room* mailbox using the room username, because the user account of the room mailbox is disabled by default. There are 2 possible scenarios (based on the decision made in step 5):
Note *Only when mailbox is created as "Room Mailbox" type. If mailbox is created as "User Mailbox" type, then it would be the same step as it is with Exchange 2003 to log on to the mailbox.
a. The CTS-Manager user (e.g. ctsmanaccount) has been given full access to the room mailboxes. In this case, use ctsmanaccount credential to log on to each room mailbox.
•First log into ctsmanaccount mailbox using OWA, using a supported web browser (IE 6.x) and typing: http://<exchange ip address>/owa/. Once logged on as ctsmanaccount user, click on the "ctsmanaccount" tab on the top, enter the room account name, and click "Open". It would open the room mailbox in another window.
•Alternatively, you can log on to room account using either Outlook 2007 or Outlook Web Access:
http://<exchange ip address>/owa/<room_name@domain_name>. Again, here you will need to log on using ctsmanaccount credential.
b. The second scenario is where the ctsmanaccount was only given read permission to the room mailboxes. In such case, you need to have a third user account which has "full access" to the room mailboxes, let's say this user is "Joe Smith." Use Joe Smith credential to log on to his mailbox using Outlook 2007, then follow the below steps:
•i. Once logged on, click on the Calendar on the left pane.
•ii Click Open a Shared Calendar ... and enter the room name.
•iii The room calendar would show up under People's Calendar on the left pane. In the screen-shot, the room is TelepresenceRoom10. Right-click on the room name, and select Properties.
•iv. Click Permissions tab
•v. Click on Add and select ctsmanaccount account name.
•vi. In "Permissions" > "Permission Level" drop-down field, select Reviewer.
•vii.In "Permissions" > "Read" section, check Full Details.
•viii. Click OK.
•ix. Repeat step ii to viii for each Room that will be managed by CTS-Manager.
Step 10 Form-based authentication (FBA) is enabled by default in Exchange 2007. In order for Cisco TelePresence Manager to work, disable FBA.
a. Go to EMC > Server Configuration > Client Access > Outlook Web Access > Exchange (Default Web Site) > Properties > Authentication tab
b. Select "Use one or more standard authentication method."
c. Check "Integrated Windows Authentication" and/or "Basic Authentication (password is sent in clear text)" boxes.
d. Click OK on the warning dialog box that says IIS restart is required.
e. Run "iisreset /noforce" from a command prompt, or go to "Services Manager" and restart "IIS Admin service."
Step 11 Open IIS Manager and enable WebDAV.
a. Go to "Internet Information Services" > [server_name] > "Web Service Extension"
b. Select "WebDAV" and click the "Allow" button, if it is showing "Prohibited" in Status.
a. Click the "Allow" button, if it is showing "Prohibited" in Status.
Step 12 Verify that the Web Sites Authentication Method is configured correctly for "Exchange" web site. Repeat these steps for the "Default Web Site" setting:
a. In "IIS Manager," go to "Internet Information Services" > [server_name] > "Web Sites" > "Exchange"
b. Right-click on the Exchange and select Properties.
c. Go to "Directory Security" tab
d. In "Authentication and access control" section:
•Click the Edit button
•Check the desired authentication access method - "Integrated Windows Authentication" and/or "Basic Authentication (password is sent in clear text)" boxes.
•Click OK
e. This step is required only if you need to configure CTS- Manager with the non-secure binding to the Exchange server. In "Secure communications" section:
•Click the Edit button
•Uncheck the "Require secure channel (SSL)" box, and click OK.
f. Click OK on all the dialog boxes that follow.
Step 13 Synchronize the system clock in the CTS Manager server to the same NTP server used by Exchange. Enter the hostname or IP address of one or more NTP servers. NTP Server 1 value is mandatory; NTP Servers 2-5 are optional. Thus, CTS-Manager and Exchange need to point to the same NTP and synch with the NTP to avoid having the room calendar not updating correctly.
Note Cisco strongly recommends that you enter the NTP server by which Cisco Unified CM synchronizes its clock as the primary NTP server. If these servers are out of synchronization, CTS-Manager may not update and delete unwanted meetings.
Migrating from Exchange 2003 to Exchange 2007
In Exchange 2003, there is no distinction between "User Mailbox" and "Room Mailbox" types. All mailboxes are created as "User Mailbox" in Exchange 2003. When you migrate the TelePresence room mailbox accounts from Exchange 2003 to Exchange 2007, you need to convert them into "Room Mailbox" type, especially if they are to be configured with Auto-Accept enabled.
Use the following procedure to migrate from Exchange 2003 to Exchange 2007:
Step 1 Install and configure the Exchange 2007 server.
Step 2 Migrate the CTS-Manager User mailbox to the Exchange 2007 server.
Step 3 Point CTS-Manager to the Exchange 2007 server.
Once step 1-3 are complete, the system will reboot.
Step 4 After the system has completed rebooting, shut down the CTS-Manager server.
This is important so that users may not use the system during migration.
Step 5 Migrate all Cisco TelePresence endpoints to the Exchange 2007 server.
Verify that all Cisco TelePresence endpoints are of type RoomMailbox, otherwise AutoAccept cannot be enabled.
After the migration is completed, add full access permission for the delegates to any proxy.
Feedback
