The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Contents
When the client’s host computer or device gets a network connection, the host computer or device also gets the address of a DNS name server from the DHCP settings. Depending on the network connection, that name server might be internal or external to the corporate network.
Cisco Jabber queries the name server that the host computer or device gets from the DHCP settings.
The services domain is discovered by the Cisco Jabber client in different ways.
See the appropriate version of the Installation and Configuration guide, for more detailed information.
After Cisco Jabber gets the services domain, it queries the name server that is configured to the client computer or device.
Note | Refer to the latest version of your Cisco Jabber client Installation and Configuration Guide for further information on configuring available services. |
In addition to querying the name server for SRV records to locate available services, Cisco Jabber sends an HTTP query to the CAS URL for the Cisco WebEx Messenger service. This request enables the client to determine cloud-based deployments and authenticate users to the Cisco WebEx Messenger service.
When the client gets a services domain from the user, it appends that domain to the following HTTP query:
http://loginp.webexconnect.com/cas/FederatedSSO?org=
For example, if the client gets example.com as the services domain from the user, it issues the following query:
http://loginp.webexconnect.com/cas/FederatedSSO?org=example.com
That query returns an XML response that the client uses to determine if the services domain is a valid Cisco WebEx domain.
If the client determines the services domain is a valid Cisco WebEx domain, it prompts users to enter their Cisco WebEx credentials. The client then authenticates to the Cisco WebEx Messenger service and retrieves the configuration and UC services configured in Cisco WebEx Org Admin.
If the client determines the services domain is not a valid Cisco WebEx domain, it uses the results of the query to the name server to locate available services.
When the client queries a name server, it sends separate, simultaneous requests to the name server for SRV records.
The client prompts users to manually enter setup and sign-in details.
When connecting to internal services, the goals are to determine the authenticator, sign users in, and connect to available services.
Cloud-based or hybrid cloud-based deployments.
On-premises deployments in the default product mode. The default product mode can be either full UC or IM only.
On-premises deployments in phone mode.
In an environment with multiple Cisco Unified Communications Manager clusters, you must configure the Intercluster Lookup Service (ILS). ILS enables the client to find the user's home cluster.
See the appropriate version of the Cisco Unified Communications Manager Features and Services Guide to learn how to configure ILS.
Cisco Unified Presence or Cisco Unified Communications Manager IM and Presence is the authenticator.
The Cisco WebEx Messenger service is the authenticator.
Note | As of this release, the client issues an HTTP query in addition to the query for SRV records. The HTTP query allows the client to determine if it should authenticate to the Cisco WebEx Messenger service. As a result of the HTTP query, the client connects to the Cisco WebEx Messenger service in cloud-based deployments. Setting the value of the Product type field to WebEx may have no practical effect if the client already discovered the WebEx service using a CAS lookup. |
If the service profile does not contain an IM and presence service configuration, the authenticator is Cisco Unified Communications Manager.
If the name server returns the _collab-edge SRV record, then the client attempts to connect to internal servers through Expressway Mobile and Remote Access.
Note | The Cisco VCS Control or Cisco Expressway-C server looks up the internal SRV records and provides the records to the Cisco VCS Expressway or Cisco Expressway-E server. |
After the client gets the internal SRV records, which must include _cisco-uds, it retrieves service profiles from Cisco Unified Communications Manager. The service profiles then provide the client with the user's home cluster, the primary source of authentication, and configuration.