Configure the service properties using the following CLIs for the features.
Note
|
The CLIs require Cisco Finesse Tomcat restart except for desktop related properties.
|
Security Banner Message for Administrators
Cisco Finesse supports custom banner messages in the administration Sign In page. The administrator defines the banner message
for the users so that they are aware of the security policy while using Cisco Finesse. The banner message can have a maximum
of 220 characters. It supports both alphanumeric and special characters. By default, the banner message is not displayed.
The following example displays the sample security banner that is defined for the administrator Sign In page.
admin:utils finesse set_property admin adminSecurityBannerMessage "IMPORTANT: Finesse may only be accessed by authorized users!"
Property successfully updated.
Ensure property is updated in all Finesse nodes in the cluster.
Restart Cisco Finesse Tomcat Service for the changes to take effect:
utils service restart Cisco Finesse Tomcat
Enable or Disable User Authentication Discovery API
Use the following CLI commands to enable or disable the UserAuthMode API. This API allows a client to discover the authentication mode of a user in Unified CCE deployments when the system is
in hybrid mode (SSO or non-SSO). By default, this API is enabled.
Note
|
This API does not require HTTP BASIC authentication. It is provided for third-party integration to decide if the user authentication
must proceed with SSO or non-SSO authentication modes.
|
Enable or Disable Plain XMPP Socket—Port 5222
Use the following CLI commands to enable or disable the Cisco Finesse Notification Service plain XMPP port (5222). This port can be enabled only if you have third-party solutions that connect
directly to the Cisco Finesse Notification Service over plain Transmission Control Protocol (TCP) connection. This port is not required for the Finesse
desktop or BOSH/WebSocket based integrations. By default, the port is disabled.
Enable or Disable Secure XMPP Socket—Port 5223
Use the following CLI commands to enable or disable the external access to the Cisco Finesse Notification Service TCP-based XMPP port (5223). The port must be enabled for external client connectivity only if you have
third-party solutions that connect directly to the Cisco Finesse Notification Service over this port. By default, the port is enabled (value is set to true).
When the port is enabled, it can be accessed by the Cisco Finesse nodes (primary and secondary) and by external clients. When
the port is disabled, it cannot be accessed by external clients.
Note
|
Restart Cisco Finesse Tomcat and Cisco Finesse Notification Services for the
changes to take effect.
|
Restricting Access to the External XMPP Notification Port 5223
Use the following CLI commands to restrict the IP addresses from accessing the TCP-based XMPP notification port (5223) available
for external client connectivity. You can add, delete, or view the configured IP addresses only when the enableExternalNotificationPortAccess property is enabled on all the Finesse nodes in the cluster.
Note
|
These restrictions do not affect the desktop XMPP notification port 7443.
|
To enable access to port 5223 use the CLI command utils finesse set_property webservices enableExternalNotificationPortAccess true.
-
utils finesse notification external_port_access add
[ip1,ip2,ip3]—This command adds one or more IP addresses to the list of hosts that are configured to access Cisco Finesse XMPP notification
port 5223. Multiple IP addresses can be provided as a comma-separated list. Wildcard character * is not supported.
Example
admin:utils finesse notification external_port_access add 10.10.10.21,10.10.255.25
Successfully added 2 IP address(es). Ensure that the IP address(es) are added,
and verify that external notification port access is enabled in all the Finesse nodes in the cluster.
Please refer to 'utils finesse show_property webservices enableExternalNotificationPortAccess'.
Restart Cisco Finesse Notification Service for the changes to take effect:
utils service restart Cisco Finesse Notification Service
-
utils finesse notification external_port_access delete—This command deletes one or more IP addresses from the list of hosts that are configured to access Cisco Finesse XMPP notification
port 5223. Multiple IP addresses can be provided as a comma-separated list.
Example
admin:utils finesse notification external_port_access delete 10.10.10.21,10.10.255.25
Successfully deleted 2 IP address(es). Verify that the IP address(es) are deleted in all the Finesse nodes in the cluster.
Restart Cisco Finesse Notification Service for the changes to take effect:
utils service restart Cisco Finesse Notification Service
-
utils finesse notification external_port_access delete_all—This command deletes all the configured IP addresses allowed to access the Cisco Finesse XMPP notification port 5223.
Example
admin:utils finesse notification external_port_access delete_all
Do you want to delete all IP address(es) (y/n): y
Successfully deleted all IP address(es). Verify that the IP address(es) are deleted in all the Finesse nodes in the cluster.
Restart Cisco Finesse Notification Service for the changes to take effect:
utils service restart Cisco Finesse Notification Service
-
utils finesse notification external_port_access list—This command lists all the configured IP addresses allowed to access the Cisco Finesse XMPP notification port 5223.
Example
admin:utils finesse notification external_port_access list
The following IP address(es) are configured to access the notification port:
10.10.10.21
10.10.255.25
External notification port access is disabled in the present node. Verify that is enabled in all the Finesse nodes in the cluster.
Please refer to 'utils finesse show_property webservices enableExternalNotificationPortAccess'.
Enable or Disable Enforcement of X.509 Certificate Trust Validation
Use the following CLI commands to enable or disable the validation of the X.509 CA or the selfsigned certificate. From Release
12.5(1) onwards, Cisco Finesse validates SSL certificates of all the servers (CUCM and Customer Collaboration Platform) it communicates. This requires the custom CA providers or the selfsigned certificates of the server it communicates to be
present in the Cisco Finesse Tomcat trust store. If the certificates are not added into the Cisco Finesse trust store, then
certain interactions can fail. It is advised to add the certificates into the Cisco Finesse trust store. If any user chooses
to ignore the validation, enforcement can be turned off. This CLI allows users to disable or enable validation. By default,
the validation is turned on.
Enable or Disable Call Variables Logging
Use the following CLI commands to enable or disable the call variables logging. The callVariables contain sensitive user information
and this property allows the administrator to decide whether the information must be captured in the logs. By default the
property is disabled.
-
To enable:
utils finesse set_property webservices logCallVariables true
utils finesse set_property fippa logCallVariables true
-
To disable:
utils finesse set_property webservices logCallVariables false
utils finesse set_property fippa logCallVariables false
Permissions to Drop Participants from Conference
Note
|
To enable this CLI in Cisco Finesse, install Finesse 12.5(1) ES3 COP or higher.
|
Use the following commands to allow an agent or a supervisor, who is the participant in a conference call, to drop another
agent, supervisor, or caller (participants) from the conference call.
Note
|
Only agents and supervisors can drop participants in the conference call.
|
-
utils finesse set_property webservices enableDropParticipantFor supervisor_only—This command allows only the supervisor, who is a participant of the conference call, to drop other agents in the conference
call. The supervisor cannot drop a CTI Route Point, IVR port, a device to which no agent is signed in, or a caller device.
By default, this property is set to supervisor_only.
-
utils finesse set_property webservices enableDropParticipantFor conference_controller_and_supervisor—This command allows,
-
the supervisor to drop any agents, CTI Route Point, IVR port, a device to which no agent is signed in, or a caller device
in the conference call.
-
the conference controller (an agent who initiated the conference call) to drop another agent, supervisor, CTI Route Point,
IVR port, a device to which no agent is signed in, or a caller device in the conference call.
Note
|
To enable the supervisor or call controller to drop an unmonitored extension in Cisco Unified CCE, in Release 12.0(1) or higher,
set the DropAnyPartyEnabled registry key to 1 in the Dynamic Registry of the CTI server. The supervisor cannot drop a CTI Route Point, IVR port, a device to which no agent
is signed in, a caller device, or other agents for whom SILENT_MONITOR is not initiated by the supervisor.
For more information, see the Enable Dropping Call Participants from a Conference Call section in Cisco Contact Center Gateway Deployment Guide for Cisco Unified ICM/CCE at https://www.cisco.com/c/en/us/support/customer-collaboration/unified-contact-center-enterprise/products-programming-reference-guides-list.html.
|
-
utils finesse set_property webservices enableDropParticipantFor all—This command allows any agent or supervisor in the conference call to drop another agent, supervisor or the caller. To ensure
that this feature works properly on Finesse desktop, you must update the enableDropParticipantFor value for desktop also. For more information on enabling the desktop property, refer to Drop Participants from Conference.
Enable Team API Access for All Users
A new configuration property enableTeamAPIAccessForAllusers
is added for enabling the Team API access for all agents and supervisors. When you enable this property, all agents and supervisors
will be able to access information of all the teams without any restriction.
If this property is disabled, only administrator and supervisors can access the Team API. Supervisors can access the information
of the teams that they are assigned to and Administrators can access all the teams. By default this property is disabled.
Use the following command to enable this configuration property:
utils finesse set_property webservices enableTeamAPIAccessForAllusers true.
Example:
admin:utils finesse set_property webservices enableTeamAPIAccessForAllusers true
Property successfully updated.
Ensure property is updated in all Finesse nodes in the cluster.
Restart Cisco Finesse Tomcat Service for the changes to take effect:
utils service restart Cisco Finesse Tomcat
Use the following command to disable this configuration property:
utils finesse set_property webservices enableTeamAPIAccessForAllusers false
Example:
admin:utils finesse set_property webservices enableTeamAPIAccessForAllusers false
Property successfully updated.
Ensure property is updated in all Finesse nodes in the cluster.
Restart Cisco Finesse Tomcat Service for the changes to take effect:
utils service restart Cisco Finesse Tomcat