Activation Codes Overview
Activation codes make onboarding newly provisioned phones easy. An activation code is a single-use, 16-digit value that a user must enter on a phone while registering the phone. Activation codes provide a simple method for provisioning and onboarding phones without requiring an administrator to collect and input the MAC Address for each phone manually. This method is a simple alternative to autoregistration that you can use this method to provision a large number of phones, a single phone, or even to re-register existing phones.
Activation codes provide the following benefits:
-
Onboarding using activation codes ensures that all newly provisioned phones or untrusted phones have their Manufacturing Installed Certificate (MIC) assessed and verified by Unified Communications Manager.
Note
Cisco Manufacturing Root certificates must be present in the CallManager-trust store to perform onboarding activity.
-
No need to manually enter actual MAC addresses. Administrators can use dummy MAC addresses and the phone updates the configuration automatically with the real MAC address during registration.
-
No need to deploy an IVR, such as TAPS, to convert phone names from BAT to SEP.
Phone users can obtain their activation codes via the Self-Care Portal, provided the Show Phones Ready to Activate enterprise parameter is set to True. Otherwise, administrators must provide the codes to phone users.
Note |
When you provision with dummy MAC addresses, activation codes are tied to the phone model. You must enter an activation code that matches the phone model in order to activate the phone. For added security, you can provision the phone with the actual MAC address of the phone. This option involves more configuration because the administrator must gather and input each phone's MAC address during provisioning, but provides greater security because users must enter the activation code that matches the actual MAC address on their phone. |
Onboarding Process Flow in
Following is the process flow for onboarding new phones via activation codes when dummy MAC addresses are used:
-
Administrator sets the configuration to require the user to enter an activation code for onboarding.
-
Administrator provisions and configures the phone. If dummy MAC addresses are being used, the administrator does not enter the actual MAC address.
-
Phone gets an IP address for TFTP via a DHCP opt 150, or from an alternate TFTP as configured in Phone settings. The phone downloads the XMLDefault file, and detects that an activation code is in use.
-
The user enters the activation code on the phone.
-
The Phone authenticates to Cisco Unified Communications Manager via the activation code and manufacturer-installed certificate.
-
The Phone requires the TVS service when the activation code is used for onboarding phones. The ITL file provides this TVS function which contains the certificate of the TVS service that runs on the Unified CM server TCP port 2445.
-
Cisco Unified Communications Manager updates the device configuration with the actual MAC address. The TFTP server sense the device configuration to the phone, allowing the phone to register. Note that device registration can be up to five minutes.
Note
It's recommended to add an additional subscriber to the default communication manager group for on-premise activation code onboarding. Else, when the node in the default communication manager group goes down, you may face onboarding issues.