- Preface
- Introduction to Unified Messaging in Cisco Unity Connection 10.x
- Configuring Cisco Unity Connection 10.x and Microsoft Exchange for Unified Messaging
- Configuring Cisco Unity Connection 10.x and Microsoft Office 365 for Unified Messaging
- Moving Microsoft Exchange Mailboxes for Cisco Unity Connection 10.x Unified Messaging User Accounts
- Restoring Microsoft Exchange Mailboxes in Cisco Unity Connection 10.x with Single Inbox
- Configuring Cisco Unity Connection 10.x and Cisco Unified MeetingPlace for Unified Messaging
- Index
- Task List for Configuring Unity Connection and Exchange for Unified Messaging
- Task List for Configuring Existing Unity Connection Users for Unified Messaging
- Exchange Server Communication with Unity Connection
- Confirming Exchange Authentication and SSL Settings for Unity Connection
- Creating the Unified Messaging Services Account in Active Directory and Granting Permissions for Unity Connection
- Task list for Creating the Unified Messaging Services Account and Granting Permissions for Unity Connection
- Confirming that the Local Computer Account is a Member of the Windows Authorization Access Group on Client Access Servers (Exchange 2007 Only)
- Assigning the Application Impersonation Management Role to Unified Messaging Services Accounts (Exchange 2016, Exchange2013, and Exchange2010 Only)
- Granting Rights to the Unified Messaging Services Account (Exchange2007 Only)
- Determining the Exchange Server
- Settings Configured on Unity Connection Users
- Creating a Unified Messaging Service to Access Exchange
- Uploading CA Public Certificates for Exchange and Active Directory Servers to Unity Connection
- Uploading Certificates for Office 365 and Cisco Unity Connection
- Testing Unified Messaging Services for Unity Connection
- Creating Unified Messaging Accounts to Link Unity Connection Users to Exchange Mailboxes
- Testing Unified Messaging Accounts for Unity Connection
- Testing the Unified Messaging Configuration
Task List for Configuring Unity Connection and Exchange for Unified Messaging
To configure one or more unified messaging features, complete the following tasks in the order presented.
1. Review the “Requirements for Using Unified Messaging Features” section in the System Requirements for Cisco Unity Connection Release 10.x at http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/connection/10x/requirements/10xcucsysreqs.html#pgfId-515351 .
2. Ensure you have sufficient licenses for voicemail users:
a. Navigate to Cisco Unity Connection Administration, expand System Settings and select Licenses.
b. On the Licenses page, in the License Usage section, check Total number of Voicemail Users.
3. If Unity Connection is integrated with an LDAP directory: Navigate to Cisco Unity Connection Administration and make sure of the following:
- Expand System Settings and select LDAP Directory Configuration. Select the applicable LDAP directory configuration. On the LDAP Directory Configuration page, make sure the Mail ID field in Cisco Unified Communications Manager User Fields is synchronized with the mail in LDAP Attribute.
This causes values in the LDAP mail field to appear in the Corporate Email Address field in an LDAP imported user.
Note For more information, see the “LDAP” chapter in the System Administration Guide for Cisco Unity Connection Release 10.x, available at http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/connection/10x/administration/guide/10xcucsagx/10xcucsag120.html.
- Expand Users and select Users. Select the applicable user. On the Edit User Basics page, value in the Corporate Email Address field is specified.
4. If you are using single inbox and you want users to be able to use ViewMail for Outlook to send new voice messages, or to forward or reply to voice messages: Install Cisco Unity Connection ViewMail for Microsoft Outlook on user workstations. For more information on installing ViewMail for Outlook, see the Release Notes for Cisco Unity Connection ViewMail for Microsoft Outlook Release for the latest release at http://www.cisco.com/en/US/products/ps6509/prod_release_notes_list.html .
5. Decide whether you want Unity Connection to communicate with a specific Exchange 2016, Exchange 2013, Exchange 2010, or Exchange 2007 client access server, or you want Unity Connection to be able to search for and communicate with different Exchange servers as required. See the Exchange Server Communication with Unity Connection section.
When you are using Exchange 2016, Exchange 2013, Exchange 2010, and/or Exchange 2007, Unity Connection searches for Exchange servers as described in Microsoft White Paper for Exchange Servers available at http://www.msexchange.org/white-papers/ .
Note Unity Connection determines whether to use the HTTP or HTTPS protocol and whether to validate certificates based on settings in the applicable unified messaging service.
6. If you decided in Task 5. to allow Unity Connection to search for and communicate with different Exchange servers as required, and if Unity Connection is not already configured to use DNS, use the following CLI commands to configure DNS:
We recommend that you configure Unity Connection to use the same DNS environment in which the Active Directory environment is publishing its records.
For more information on the CLI commands, see the applicable Command Line Interface Reference Guide for Cisco Unified Communications Solutions at http://www.cisco.com/en/US/products/ps6509/prod_maintenance_guides_list.html .
7. Confirm that all of the Exchange servers that Unity Connection access are configured to use the desired authentication mode (Basic, Digest, or NTLM) and web-based protocol (HTTPS or HTTP). See the Confirming Exchange Authentication and SSL Settings for Unity Connection section.
Note If you want to configure SSL to encrypt the communication between Unity Connection and Exchange, configure Exchange to use HTTPS for the web-based protocol.
8. Create an Active Directory account to be used for Unity Connection unified messaging services, and grant the account the applicable permissions. See the Creating the Unified Messaging Services Account in Active Directory and Granting Permissions for Unity Connection section.
9. Determining the Exchange Server. For more information, see the Determining the Exchange Server section.
10. Update the settings for Unity Connection users. For more information, see the Settings Configured on Unity Connection Users section.
11. Configure a unified messaging service in Unity Connection. For more information, see the Creating a Unified Messaging Service to Access Exchange section.
12. Selected configurations: In either or both of the following configurations, upload SSL certificates on the Unity Connection server to encrypt communication between Unity Connection and Exchange and between Unity Connection and Active Directory:
– If you configured Exchange to use HTTPS in Task 7. and configured unified messaging services to validate certificates for Exchange servers in Task 14.
– If you configured Unity Connection to search for and communicate with different Exchange servers, to use LDAPS to communicate with domain controllers, and to validate certificates for domain controllers in Task 14.
Caution When you allow Unity Connection to search for and communicate with different Exchange servers, Unity Connection communicates with Active Directory servers using Basic authentication. By default, the user name and password of the unified messaging services account and all other communication between the Unity Connection and Active Directory servers is sent in clear text. If you want this data to be encrypted, in Task 14. you must configure unified messaging services to communicate with Active Directory domain controllers using the secure LDAP (LDAPS) protocol.
For more information, see the Uploading CA Public Certificates for Exchange and Active Directory Servers to Unity Connection section.
13. Test the unified messaging services. See the Testing Unified Messaging Services for Unity Connection section.
14. Create unified messaging accounts for Unity Connection users. See the Creating Unified Messaging Accounts to Link Unity Connection Users to Exchange Mailboxes section.
15. Test unified messaging accounts for Unity Connection users. See the Testing Unified Messaging Accounts for Unity Connection section.
16. Test the unified messaging configuration. See the Testing the Unified Messaging Configuration section.
17. If Unity Connection voice messages are automatically being moved to the Outlook Junk Items folder: Change the Outlook configuration to add the sender of the voice message or the sender’s domain to the safe sender’s list. For more information, see Outlook Help.
18. To teach users how to use the Unity Connection calendar, refer them to the following:
– For listing, joining, and scheduling meetings, see the “Working With Cisco Unity Connection By Phone” chapter of the User Guide for the Cisco Unity Connection Phone Interface at http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/connection/10x/user/guide/phone/b_10xcucugphone/b_10xcucugphone_chapter_01.html .
– For importing Exchange contacts, see the “Managing Your Contacts” chapter of the User Guide for the Cisco Unity Connection Messaging Assistant Web Tool at http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/connection/10x/user/guide/assistant/b_10xcucugasst/b_10xcucugasst_chapter_01001.html .
– For using personal call transfer rules, see the “Personal Call Transfer Rules Web Tool” at User Guide for the Cisco Unity Connection Personal Call Transfer Rules Web Tool at http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/connection/10x/user/guide/pctr/b_10xcucugpctr/b_10xcucugpctr_chapter_00.html .
Task List for Configuring Existing Unity Connection Users for Unified Messaging
After you configure unified messaging following the Task List for Configuring Unity Connection and Exchange for Unified Messaging section, do the following tasks to add unified messaging features for existing Unity Connection users.
1. Ensure you have sufficient licenses for voicemail users:
a. Navigate to Cisco Unity Connection Administration, expand System Settings and select Licenses.
b. On the Licenses page, in the License Usage section, check Total number of Voicemail Users.
2. Update the settings for Unity Connection users. For more information, see the Settings Configured on Unity Connection Users section.
3. Create unified messaging accounts for Unity Connection users. See the Creating Unified Messaging Accounts to Link Unity Connection Users to Exchange Mailboxes section.
4. Test unified messaging accounts for Unity Connection users. See the Testing Unified Messaging Accounts for Unity Connection section.
5. If Unity Connection voice messages are automatically being moved to the Outlook Junk Items folder: Change the Outlook configuration to add the sender of the voice message or the domain of the sender to the safe sender’s list. For more information, see Outlook Help.
Exchange Server Communication with Unity Connection
When you add a unified messaging service that defines the communication between Unity Connection and Exchange, you can select whether you want Unity Connection to communicate directly with a specific Exchange server or you want Unity Connection to search for Exchange servers.
The choice you make determines which Exchange mailboxes Unity Connection can access:
- If you select a specific Exchange 2007 client access server, Unity Connection can access all Exchange 2007 mailboxes in the Exchange organization, but cannot access Exchange 2010, Exchange 2013, or Exchange 2016 mailboxes.
- If you select a specific Exchange 2010 client access server, Unity Connection can access all Exchange 2010 and Exchange 2007 mailboxes in the Exchange organization, but cannot access Exchange 2013 or Exchange 2016 mailboxes.
- If you select a specific Exchange 2013 client access server, Unity Connection can access all Exchange 2013, Exchange 2010, and Exchange 2007 mailboxes in the Exchange organization, but cannot access Exchange 2016 mailboxes.
- If you select a specific Exchange 2016 client access server, Unity Connection can access all Exchange 2016, Exchange 2013, Exchange 2010, and Exchange 2007 mailboxes in the Exchange organization.
- If you select to allow Unity Connection to search for Exchange servers, then you need to select from the following two options:
– Exchange 2007 and/or 2010: Unity Connection can access every mailbox in the Exchange organization, or just Exchange 2007, Exchange 2010, Exchange 2013, and Exchange 2016.
– Exchange 2003, 2007 and /or 2010: Unity Connection can access every mailbox in the Exchange organization, or just Exchange 2003, Exchange 2007, and Exchange 2010.
Note In Cisco Unity Connection Administration interface, the options available for Exchange Server Type on the Unified Messaging Service page will be updated in 10.5(2) Service Update 4 to reflect the support for Exchange 2013 and Exchange 2016.
- If you select to allow Unity Connection to search for Exchange servers, you need to give permissions to the Exchange servers.
- If you want to select a specific Exchange server when you add a unified messaging service, you may need to add more than one unified messaging service to allow Unity Connection to access all of the mailboxes in the Exchange organization. Table 2-1 explains when you need to add more than one unified messaging service.
Table 2-1 Adding Unified Messaging Services Based on Versions of Exchange
- If you select to allow Unity Connection to search for Exchange servers, Unity Connection can automatically detect when you move mailboxes from one version of Exchange to another and can automatically update Unity Connection user settings.
- If you select a specific Exchange server, Unity Connection can sometimes detect when you move mailboxes from one Exchange server to another, and can automatically access the Exchange mailbox in the new location. When Unity Connection cannot detect mailbox moves, you must manually update unified messaging services or unified messaging accounts:
– If you moved all of the Exchange mailboxes accessed by a unified messaging service: Update the unified messaging service to access a different Exchange server.
– If you moved only some of the Exchange mailboxes accessed by a unified messaging service: Update unified messaging account settings to use a unified messaging service that accesses mailboxes in the new location.
Table 2-2 identifies when Unity Connection can and cannot automatically detect mailbox moves between Exchange servers. For information on updating Unity Connection user settings when Unity Connection cannot detect mailbox moves, see the “Moving Microsoft Exchange Mailboxes for Cisco Unity Connection Unified Messaging User Accounts” chapter.
Table 2-2 Selecting a Specific Exchange Server: When Unity Connection Detect Moving a Mailbox Between Exchange Servers
- If Unity Connection is not configured to use DNS, you must select a specific Exchange server. If this does not allow you to access all of the Exchange mailboxes in the organization as described earlier in this section, you must create more than one unified messaging service.
- If you select a specific Exchange server and that server stops functioning, Unity Connection cannot access any Exchange mailboxes. If you select to allow Unity Connection to search for Exchange servers and if the Exchange server that Unity Connection is currently communicating with stops functioning, Unity Connection searches for another Exchange server and begins accessing mailboxes through that server.
Confirming Exchange Authentication and SSL Settings for Unity Connection
After selecting the Exchange server accessed by Unity Connection for unified messaging as described in Exchange Server Communication with Unity Connection, confirm that the Exchange servers are configured to use the desired authentication mode (Basic, Digest, or NTLM) and web-based protocol (HTTPS or HTTP).
Note Unity Connection 10.5(1) and later supports NTLMv2 based authentication when a user selects NTLM authentication mode for configuring unified messaging.
After configuring the authentication mode and web- based protocols on Exchange servers, create one or more Unity Connection unified messaging services, and select the same authentication mode and web-based protocol that you specify in the servers.
Confirming Exchange 2013 or 2016 Authentication and SSL Settings
To Confirm Exchange 2013 or 2016 Authentication and SSL Settings
Step 1 Decide the type of authentication (Basic or NTLM) you want Unity Connection to use to sign in to Exchange 2013 or Exchange 2016 client access servers. You must configure the following servers to use the same type of authentication:
Step 2 Decide whether you want the communication between Unity Connection and Exchange 2013 or Exchange 2016 client access servers to be SSL encrypted. If so, you must specify the same SSL setting on the following servers:
Step 3 Sign in to a server that has access to the same Exchange 2013 or Exchange 2016 client access servers as accessed by the Unity Connection server. Use an account that is a member of the local Administrators group.
Step 4 On the Windows Start menu, select Programs > Administrative Tools > Internet Information Services (IIS) Manager .
Step 5 For the first Exchange 2013 or Exchange 2016 client access server for which you want to confirm settings, in the left pane, expand <servername> > Sites > Default Website > EWS .
Step 6 Under Default Website, select Autodiscover .
Step 7 In the middle pane, in the IIS section, double-click Authentication .
Step 8 Confirm that the Status column says Enabled for the type of authentication that you want the unified messaging services account to use to sign in to Exchange client access servers. When you create a unified messaging services account, configure Unity Connection to use the same type of authentication.
Unity Connection supports only the following types of authentication:
Step 9 If you changed any settings, in the right pane, select Apply .
Step 10 In the left pane, select Autodiscover again.
Step 11 In the middle pane, double-click SSL Settings .
Step 12 If the Require SSL check box is checked:
Step 13 If you changed any settings, in the right pane, select Apply .
Step 14 In the left pane, under Default Website, select EWS .
Step 15 In the middle pane, in the IIS section, double-click Authentication .
Step 16 Confirm that the Status column says Enabled for the type of authentication that you want the unified messaging services account to use to sign in to Exchange mailboxes. When you create a unified messaging services account, configure Unity Connection to use the same type of authentication.
Caution The unified messaging services account must use the same type of authentication for EWS that you specified for autodiscover in Step 8.
Step 17 If you changed any settings, in the right pane, select Apply .
Step 18 In the left pane, select EWS again.
Step 19 In the middle pane, double-click SSL Settings .
Step 20 If the Require SSL check box is checked:
Caution The unified messaging services account must use the same SSL settings for EWS that you specified for autodiscover in Step 12.
Step 21 If you changed any settings, in the right pane, select Apply .
Step 22 Repeat Step 5 through Step 22 for the other Exchange 2013 or Exchange 2016 client access servers that Unity Connection can access.
Confirming Exchange 2010 Authentication and SSL Settings
To Confirm Exchange 2010 Authentication and SSL Settings
Step 1 Decide the type of authentication (Basic, Digest, or NTLM) you want Unity Connection to use to sign in to Exchange 2010 client access servers. You must configure the following servers to use the same type of authentication:
Step 2 Decide whether you want the communication between Unity Connection and Exchange 2010 client access servers to be SSL encrypted. If so, you must specify the same SSL setting on the following servers:
Step 3 Sign in to a server that has access to the same Exchange 2010 client access servers that Unity Connection has. Use an account that is a member of the local Administrators group.
Step 4 On the Windows Start menu, select Programs > Administrative Tools > Internet Information Services (IIS) Manager .
Step 5 For the first Exchange 2010 client access server for which you want to confirm settings, in the left pane, expand <servername> > Sites > Default Website .
Step 6 Under Default Website, select Autodiscover .
Step 7 In the middle pane, in the IIS section, double-click Authentication .
Step 8 Confirm that the Status column says Enabled for the type of authentication that you want the unified messaging services account to use to sign in to Exchange client access servers. When you create a unified messaging services account, configure Unity Connection to use the same type of authentication.
Unity Connection supports only the following types of authentication:
Step 9 If you changed any settings, in the right pane, select Apply .
Step 10 In the left pane, select Autodiscover again.
Step 11 In the middle pane, double-click SSL Settings .
Step 12 If the Require SSL check box is checked:
Step 13 If you changed any settings, in the right pane, select Apply .
Step 14 In the left pane, under Default Website, select EWS .
Step 15 In the middle pane, in the IIS section, double-click Authentication .
Step 16 Confirm that the Status column says Enabled for the type of authentication that you want the unified messaging services account to use to sign in to Exchange mailboxes. When you create a unified messaging services account, configure Unity Connection to use the same type of authentication.
Caution The unified messaging services account must use the same type of authentication for EWS that you specified for autodiscover in Step 8.
Step 17 If you changed any settings, in the right pane, select Apply .
Step 18 In the left pane, select EWS again.
Step 19 In the middle pane, double-click SSL Settings .
Step 20 If the Require SSL check box is checked:
Caution The unified messaging services account must use the same SSL settings for EWS that you specified for autodiscover in Step 12.
Step 21 If you changed any settings, in the right pane, select Apply .
Step 22 If you have installed Exchange 2010 Service Pack 1 or later, skip to Step 23.
If you have not installed Exchange 2010 Service Pack 1 or later, edit the Exchange web.config files for EWS and for autodiscovery to match the settings in IIS Manager:
- For EWS, see “Enable or Disable SSL on Exchange Web Services Virtual Directories” on the Microsoft Technet website.
- No comparable document exists for autodiscovery, but you can use the applicable procedure in the EWS document to edit the web.config file in the \Exchange Server\V14\ClientAccess\Autodiscover directory.
Step 23 Repeat Step 5 through Step 22 for the other Exchange 2010 client access servers that Unity Connection can access.
Confirming Exchange 2007 Authentication and SSL Settings
To Confirm Exchange 2007 Authentication and SSL Settings
Step 1 Decide the type of authentication (Basic, Digest, or NTLM) you want Unity Connection to use to sign in to Exchange 2007 client access servers. You must configure the following servers to use the same type of authentication:
Step 2 Decide whether you want the communication between Unity Connection and Exchange 2007 client access servers to be SSL encrypted. If so, you must specify the same SSL setting on the following servers:
Step 3 Sign in to a server that has access to the same Exchange 2007 client access servers as Unity Connection has. Use an account that is a member of the local Administrators group.
Step 4 On the Windows Start menu, select Programs > Administrative Tools > Internet Information Services (IIS) Manager .
Step 5 For the first Exchange 2007 server for which you want to confirm settings, in the left pane, expand <servername> > Sites > Default Website .
Step 6 Under Default Website, right-click Autodiscover , and select Properties .
Step 7 In the Autodiscover Properties dialog box, select the Directory Security tab.
Step 8 In the Authentication and Access Control section, select Edit .
Step 9 In the Authentication Methods dialog box, confirm that the check box is checked for the type of authentication that you want the unified messaging services account to use to find Exchange servers. When you create a unified messaging services account, configure Unity Connection to use the same type of authentication.
Unity Connection supports only the following types of authentication:
Step 11 In the Secure Communications section, select Edit .
Step 12 In the Secure Communications dialog box, if the Require Secure Channel (SSL) check box is checked:
Step 14 In the left pane, under Default Website, right-click EWS , and select Properties .
Step 15 In the EWS Properties dialog box, select the Directory Security tab.
Step 16 In the Authentication and Access Control section, select Edit .
Step 17 In the Authentication Methods dialog box, confirm that the check box is checked for the type of authentication that you want the unified messaging services account to use to find Exchange servers. When you create a unified messaging services account, configure Unity Connection to use the same type of authentication.
Caution The unified messaging services account must use the same type of authentication for EWS that you specified for autodiscover in Step 9.
Step 19 In the Secure Communications section, select Edit .
Step 20 In the Secure Communications dialog box, if the Require Secure Channel (SSL) check box is checked:
Caution The unified messaging services account must use the same SSL settings for EWS that you specified for autodiscover in Step 12.
Step 22 Repeat Step 5 through Step 21 for the other Exchange 2007 client access servers that Unity Connection can access.
Creating the Unified Messaging Services Account in Active Directory and Granting Permissions for Unity Connection
Unity Connection accesses Exchange mailboxes using an Active Directory account called the unified messaging services account. After you create the account, you grant it the rights necessary for Unity Connection to perform operations on behalf of the user. For Exchange 2016, Exchange 2013, Exchange 2010, and 2007, operations are performed through Exchange Web Services (EWS).These operations include uploading messages into Exchange mailboxes, tracking changes to the messages in Exchange, updating the messages with changes made in Unity Connection, deleting messages in Exchange when the messages are deleted in Unity Connection, tracking when messages are deleted in Exchange so they can be moved to the deleted items folder in Unity Connection, and so on.
- Task list for Creating the Unified Messaging Services Account and Granting Permissions for Unity Connection
- Confirming that the Local Computer Account is a Member of the Windows Authorization Access Group on Client Access Servers (Exchange 2007 Only)
- Assigning the Application Impersonation Management Role to Unified Messaging Services Accounts (Exchange 2016, Exchange 2013, and Exchange 2010 Only)
- Granting Rights to the Unified Messaging Services Account (Exchange 2007 Only)
Task list for Creating the Unified Messaging Services Account and Granting Permissions for Unity Connection
1. Create one or more domain user accounts in the Active Directory forest that includes the Exchange servers with which you want Unity Connection to communicate. Note the following:
– Give the account a name that identifies it as the unified messaging services account for Unity Connection.
– Do not create an Exchange mailbox for the account.
– Do not add the account to any administrator group.
– Do not disable the account, or Unity Connection cannot use it to access Exchange mailboxes.
– Specify a password that satisfies the password-security requirements of your company.
Note The password is encrypted with AES 128-bit encryption and stored in the Unity Connection database. The key that is used to encrypt the password is accessible only with root access, and root access is available only with assistance from Cisco TAC.
– When you are configuring unified messaging for a Unity Connection cluster, Unity Connection automatically uses the same unified messaging services account for both Unity Connection servers.
– When you are configuring unified messaging for intersite networking or for intrasite networking, you can use the same unified messaging services account for more than one Unity Connection server. However, this is not a requirement and does not affect functionality or performance.
2. If you are using Exchange 2007: For all client access servers, confirm that the local computer account is a member of the Windows Authorization Access group. See the Confirming that the Local Computer Account is a Member of the Windows Authorization Access Group on Client Access Servers (Exchange 2007 Only) section.
3. For each version of Exchange that you want Unity Connection to be able to access, do the procedure in the corresponding section:
– Assigning the Application Impersonation Management Role to Unified Messaging Services Accounts (Exchange 2016, Exchange 2013, and Exchange 2010 Only)
– Granting Rights to the Unified Messaging Services Account (Exchange 2007 Only)
Confirming that the Local Computer Account is a Member of the Windows Authorization Access Group on Client Access Servers (Exchange 2007 Only)
If you are configuring unified messaging for Unity Connection users whose Exchange mailboxes are homed on Exchange 2007 servers, do the following procedure to confirm that the local computer accounts for those servers are members of the Windows Authorization Access group, as they are by default. Do the procedure for all Exchange 2007 client access servers that Unity Connection can access.
To Confirm Local Computer Account is a Member of Windows Authorization Access Group
Step 1 Sign in to a server on which Active Directory Users and Computers is installed. Use an account that is a member of the Domain Admins group.
Step 2 On the Windows Start menu, select Administrative Tools > Active Directory Users and Computers.
Step 3 In the left pane, expand the name of a domain that contains Exchange 2007 client access servers that Unity Connection can access, and select Builtin .
Step 4 In the right pane, right-click Windows Authorization Access Group, and select Properties .
Step 5 In the Windows Authorization Access Group Properties dialog box, select the Members tab.
Step 7 In the Select Users, Contacts, Computers, or Groups dialog box, select Object Types .
Step 8 Check the Computers check box.
Step 9 Select OK to close the Object Types dialog box.
Step 10 On the Select Users, Contacts, Computers, or Groups dialog box, enter the names of all of the Exchange 2007 client access servers in the domain that you expanded in Step 3.
Step 12 Select OK to close the Select Users, Contacts, Computers, or Groups dialog box.
Step 13 Select OK to close the Windows Authorization Access Group Properties dialog box.
Step 14 Repeat Step 3 through Step 13 for the other domains that contain Exchange 2007 client access servers that Unity Connection can access.
Assigning the Application Impersonation Management Role to Unified Messaging Services Accounts (Exchange 2016, Exchange 2013, and Exchange 2010 Only)
To Assign the ApplicationImpersonation Management Role to Unified Messaging Services Accounts (Exchange 2016, Exchange 2013, and Exchange 2010 Only)
Step 1 Sign in to a server on which Exchange Management Shell is installed. Sign in using either an account that is a member of the Enterprise Admins group or an account that has permission to grant permissions on Exchange objects in the configuration container.
Step 2 Run the following command in Exchange Management Shell to assign the ApplicationImpersonation management role to the unified messaging services account for Exchange 2016, Exchange 2013 and Exchange 2010.
new-ManagementRoleAssignment -Name: RoleName -Role:ApplicationImpersonation -User:' Account '
Step 3 If you created more than one unified messaging services account, repeat Step 2 for the remaining accounts. Specify a different value for RoleName for each unified messaging services account.
Note When configuring Unified Messaging service account for Exchange 2016, Exchange 2013, or Exchange 2010, you need to assign the ApplicationImpersonation management role to the Unified Messaging service account
Granting Rights to the Unified Messaging Services Account (Exchange 2007 Only)
To Grant Rights to the Unified Messaging Services Account (Exchange 2007 Only)
Step 1 Sign in to a server on which Exchange Management Shell is installed. Sign in using either an account that is a member of the Enterprise Admins group or an account that has permission to grant rights on Exchange objects in the configuration container.
Step 2 Run the following commands in Exchange Management Shell to grant the required rights to the unified messaging services account for Exchange 2007:
Add-ADPermission -Identity ( PermissionLevel ).DistinguishedName -User (Get-User -Identity Account | select-object).identity -ExtendedRight ms-Exch-EPI-Impersonation
Add-ADPermission -Identity ( PermissionLevel ).DistinguishedName -User (Get-User -Identity Account | select-object).identity -ExtendedRight ms-Exch-EPI-May-Impersonate
Add-ADPermission -Identity ( PermissionLevel ).DistinguishedName -User (Get-User -Identity Account | select-object).identity -ExtendedRights Receive-As
- PermissionLevel is determined by whether you want to grant the unified messaging services account rights to access individual servers or rights to access all Exchange 2007 servers in the organization:
– To grant the unified messaging services account rights to access individual Exchange servers, replace PermissionLevel with:
Get-ExchangeServer -Identity ServerName
where ServerName is the name of the Exchange 2007 server to which you want the unified messaging services account to have access.
– To grant the unified messaging services account rights to access all Exchange 2007 servers in the Exchange organization, replace PermissionLevel with:
For more information on the Add-ADPermission commandlet and the Identity parameter, see Exchange 2007 Help.
Step 3 If you created more than one unified messaging services account, repeat Step 2 for the remaining accounts.
Step 4 If you set permissions on individual Exchange server in Step 2 and you have more than one Exchange 2007 server, repeat Step 1 through Step 3 on the following servers:
To Grant Unified Messaging Services Accounts the Permission to Sign In Locally for Unity Connection (Exchange 2007 Only)
Step 1 On an Exchange 2007 client access server that Unity Connection can access, sign in using an account that is a member of the local Administrators group.
Step 2 On the Windows Start menu, select Administrative Tools > Local Security Policy .
Step 3 In the left pane, expand Local Policies , and select User Rights Assignment .
Step 4 In the right pane, right-click Allow Log on Locally , and select Properties .
Step 5 In the Allow Log on Locally Properties dialog box, on the Local Security Setting tab, select Add User or Group .
Step 6 On the Select Users, Computers, or Groups dialog box, enter the name of the unified messaging services account that you created in Task 1. of the Task list for Creating the Unified Messaging Services Account and Granting Permissions for Unity Connection section.
If intrasite networking or intersite networking is configured, and if you created more than one unified messaging services account, enter the names of the unified messaging services accounts for the Unity Connection servers that access this Exchange 2007 client access server.
Step 8 Select OK to close the Select Users, Computers, or Groups dialog box.
Step 9 Select OK to close the Allow Log on Locally Properties dialog box.
Step 10 Close Local Security Settings.
Step 11 Repeat Step 1 through Step 10 on the following servers:
Configuring EWS Limits for Unified Messaging Users (Exchange 2013 and Later)
If any unified users’ Exchange mailboxes have more than 1000 messages, which includes voice messages and receipts, then enable the EWS paged view search functionality at Unity Connection. To enable the paged view functionality for messages, you must set the value of the 'System.Messaging.MbxSynch.MbxSynchUsePaging' parameter to 1.
To Enable the Paged View Functionality, Perform the Following Steps
Step 1 Run the following CLI command:
run cuc dbquery unitydirdb execute procedure csp_ConfigurationModifyBool(pFullName='System.Messaging.MbxSynch.MbxSynchUsePaging',pvalue=1)
Note When a Cisco Unity Connection cluster is configured, you can run the command on publisher or subscriber server.
Step 2 To set the maximum limit of voice messages items that can be managed by Unity Connection with the Paged view search functionality, run the following CLI command:
run cuc dbquery unitydirdb execute procedure csp_ConfigurationModify(pFullName='System.Messaging.MbxSynch.MbxSynchVoiceMailCountLimit',pvalue="newvalue")
where, new value specifies the value of the voicemails count limit that you can view after the paging parameter is enabled. Unity Connection by default manages the first 25000 voice messages per mailbox that avoid any delay in message synchronization between Unity Connection and Exchange server. This voicemail count limit can be increased maximum up to 75000.
Configuring EWS Limits for Unified Messaging Users (Exchange 2010 SP2 RU4 and Later)
Microsoft has enabled the client throttling policy feature by default. If there is no throttling policy already configured, Microsoft Exchange applies a default policy to all users. The default throttling policy is tailored for end user's load and not for an enterprise application like, Unity Connection using impersonation. If any Unity Connection users who are configured for unified messaging have mailboxes in Exchange 2010, configure the Exchange 2010 EWS limits for the unified messaging users mailbox by creating and applying a new mailbox policy to the unified messaging user mailbox account. If you do not configure EWS limits, messages may not be synchronized, and status changes (for example, from unread to read), changes to the subject line, and changes to the priority may not be replicated. In addition, attempts to access Exchange calendars and contacts may fail.
Note Prior to Exchange 2010 SP2 RU4, the throttling limit was calculated against the calling account (In Our Case Service Account). Starting with, Exchange 2010 SP2 RU4, this limit has been changed. Now, the charges are counted against the target mailbox instead of the calling account.
Note Make sure to enable the paged view functionality for FindItem calls. For more information on how to enable the paged view functionality, see the To Enable the Paged View Functionality, Perform the Following Steps section. If you have the paged view functionality disabled, configure the EWS limits by following the below steps.
To Configure EWS Limits for Unified Messaging Users (Exchange 2010 Service Pack 2 RU4 and Later)
Step 1 Sign in to a server on which Exchange Management Shell is installed. Sign in using either an account that is a member of the Enterprise Admins group or an account that has permission to grant permissions on Exchange objects in the configuration container.
Step 2 Create a new policy with the following EWS connections where Exchange mailboxes have more than 1000 messages, which includes voice messages and receipts. For Exchange mailboxes having 10000 messages, then the new throttling policy is:
New-ThrottlingPolicy -Name " <ConnectionUnifiedMessagingServicesPolicy> " -EWSPercentTimeInCAS 300 -EWSPercentTimeInMailboxRPC 200 -EWSFindCountLimit 10000 -EWSPercentTimeinAD 100
where ConnectionUnifiedMessagingServicesPolicy is the name that you want to assign to the policy. Refer to the Table 2-3 to have detailed description on the throttling policy parameters.
Step 3 Apply the new policy to all the unified messaging user mailbox. For each user mailbox, run the following command:
Set-ThrottlingPolicyAssociation -Identity " < ConnectionUnifiedMessagingusermailbox > " -ThrottlingPolicy " < ConnectionUnifiedMessagingServicesPolicy > "
- ConnectionUnifiedMessagingusermailbox is the name of the user mailbox.
- ConnectionUnifiedMessagingServicesPolicy is the name of the policy that you created in Step 2.
Step 4 Confirm that the mailbox is using the new policy:
Get-ThrottlingPolicyAssociation -Identity " < ConnectionUnifiedMessagingusermailbox >" | findstr "ThrottlingPolicy"
Step 5 On each Exchange 2010 server that has the CAS role, restart the Microsoft Exchange RPC Client Access service.
Table 2-3 Recommended Throttle Policy Parameter Values With 10000 Items in User’s Mailbox
Configuring EWS Limits for the Unified Messaging Users (Exchange 2010 SP2 RU3 and Earlier Releases)
If any Unity Connection users who are configured for unified messaging have mailboxes in Exchange 2010, configure the Exchange 2010 EWS limits for the unified messaging service account by creating and applying a new mailbox policy to the unified messaging services account. If you do not configure EWS limits, messages may not be synchronized, and status changes (for example, from unread to read), changes to the subject line, and changes to the priority may not be replicated. In addition, attempts to access Exchange calendars and contacts may fail.
Note Prior to Exchange 2010 Service Pack 1, EWS limits were off by default. If you have not yet installed Service Pack 1, which turns limits on by default, we still recommend that you do the following procedure. Otherwise, when you install Service Pack 1, Unity Connection functionality is affected.
To Remove EWS Limits for Unified Messaging Users for Unity Connection (Exchange 2010 SP2 RU3 and Earlier Releases)
Step 1 Sign in to a server on which Exchange Management Shell is installed. Sign in using either an account that is a member of the Enterprise Admins group or an account that has permission to grant permissions on Exchange objects in the configuration container.
Step 2 Create a new policy with unlimited EWS connections:
New-ThrottlingPolicy -Name " <ConnectionUnifiedMessagingServicesPolicy> " -EWSMaxConcurrency $null -EWSMaxSubscriptions $null -EWSPercentTimeInCAS $null -EWSPercentTimeInMailboxRPC $null -EWSFindCountLimit $null -EWSPercentTimeinAD $null
where ConnectionUnifiedMessagingServicesPolicy is the name that you want to assign to the policy.
Step 3 Apply the new policy to the unified messaging services account and the user mailbox:
Set-ThrottlingPolicyAssociation -Identity " < ConnectionUnifiedMessagingServicesAccount > " -ThrottlingPolicy " < ConnectionUnifiedMessagingServicesPolicy > "
- ConnectionUnifiedMessagingServicesAccount is the name of the account that you created in the “Creating the Unified Messaging Services Account in Active Directory and Granting Permissions for Unity Connection” section.
- ConnectionUnifiedMessagingServicesPolicy is the name of the policy that you created in Step 2.
Note The Set-ThrottlingPolicyAssociation command is not supported with Exchange 2010 version 14.00.0639.021. The users having Exchange 2010 with version 14.00.0639.021 are not allowed to modify an existing throttling policy settings, hence the default policy gets applied here.
Step 4 Confirm that the mailbox is using the new policy:
Get-ThrottlingPolicyAssociation -Identity " < ConnectionUnifiedMessagingServicesAccount >" | findstr "ThrottlingPolicy"
Step 5 If you created more than one unified messaging services account, repeat Step 3 and Step 4 for the remaining accounts.
Step 6 On each Exchange 2010 server that has the CAS role, restart the Microsoft Exchange RPC Client Access service.
Table 2-4 Throttling Policy Parameter Descriptions and Values
Configuring Unified Messaging on a Unity Connection Server
- Settings Configured on Unity Connection Users
- Creating a Unified Messaging Service to Access Exchange
- Uploading CA Public Certificates for Exchange and Active Directory Servers to Unity Connection
- Testing Unified Messaging Services for Unity Connection
- Creating Unified Messaging Accounts to Link Unity Connection Users to Exchange Mailboxes
- Testing Unified Messaging Accounts for Unity Connection
- Testing the Unified Messaging Configuration
Settings Configured on Unity Connection Users
To Update the User Settings and Configure them for Unified Messaging
Step 1 In Cisco Unity Connection Administration, expand Class of Service and select Class of Service. On the Search Class of Service page, select the class of service assigned to users in which you want to configure unified messaging. (For information on each field, see Help> This Page).
Step 2 On the Edit Class of Service page, in the Licensed Features section, check the Allow Users to Access Voicemail Using an IMAP Client and/ or Single Inbox check box.
You must configure message aging or message quotas. For more information, see the “Message Storage” chapter of the System Administration Guide for Cisco Unity Connection , Release 10.x, available at http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/connection/10x/administration/guide/10xcucsagx/10xcucsag090.html .
Note Make sure to check the Delete Messages Without Saving to Deleted Items Folder check box in the Message Options section.
Step 3 (for Text-to-Speech feature only): In the Licensed Features section, check the Allow Access to Advanced Features and the Allow Access to Exchange Email by Using Text to Speech (TTS) check boxes.
Step 5 (optional) If you are using single inbox and users do not already have added SMTP proxy addresses, add proxy addresses to Unity Connection user accounts:
a. In Cisco Unity Connection Administration, expand Users and select Users. Select an applicable user.
b. On the Edit User Basics page, in the Edit menu, select SMTP Proxy Addresses.
c. On the SMTP Proxy Addresses page, select Add New to add an address and then select Save.
Creating a Unified Messaging Service to Access Exchange
To Create a Unified Messaging Service to Access Exchange from Unity Connection
Step 1 In Cisco Unity Connection Administration, expand Unified Messaging and select Unified Messaging Services .
Step 2 On the Search Unified Messaging Services page, select Add New .
Step 3 On the New Unified Messaging Service page, in the Type list, select Exchange/BPOS -D. Check the Enabled check box to enable the service and enter the values of the required fields. Select Save. For more information on each field, see Help> This Page ).
Caution When you select Search for Exchange Servers, Unity Connection communicates with Active Directory servers using Basic authentication regardless of the authentication method you selected in the Web-Based Authentication Mode list. As a result, the username and password of the unified messaging services account and all other communication between the Unity Connection and Active Directory servers is in clear text. If you want this data to be encrypted, you must select Secure LDAP (LDAPS) in the Protocol Used to Communicate with Domain Controllers list and upload certificates from the certification authority that issued the SSL certificates for Active Directory servers to both tomcat-trust and Connection-trust locations. See Task 12. in the Task List for Configuring Unity Connection and Exchange for Unified Messaging section.
Step 4 Under Service Capabilities, select the features that you want this unified messaging service to allow.
Note When you configure unified messaging for Unity Connection users, you can disable for an individual user any feature that you enable here. However, you cannot enable for an individual user any feature that you disable here.
For information on synchronization behavior if you later disable a unified messaging service for which single inbox is enabled, see the Disabling and Re-enabling Single Inbox Affects the Synchronization of Unity Connection and Exchange/ Office 365 Mailboxes section.
Note If you selected HTTPS in the Web-Based Protocol list, or if you selected Secure LDAP (LDAPS) in the Protocol Used to Communicate with Domain Controllers list, you cannot test the configuration until after you have uploaded SSL certificates in Task 12. of the Task List for Configuring Unity Connection and Exchange for Unified Messaging section because the security-related tests fail.
Step 5 If you are configuring Unity Connection to communicate with individual Exchange servers, repeat Step 2 through Step 4 to create additional unified messaging services as explained in Exchange Server Communication with Unity Connection section.
Uploading CA Public Certificates for Exchange and Active Directory Servers to Unity Connection
When you created unified messaging services, if you selected the option to validate certificates for Exchange servers or for Active Directory domain controllers (DCs), you must upload the public certificates from the certification authority (CA) that signed the certificates on the Exchange servers and DCs. Otherwise, Unity Connection cannot communicate with Exchange servers or with DCs to find Exchange servers, and unified messaging functionality do not work. Do the following tasks:
1. If you selected the option to validate certificates for Exchange servers, and if SSL certificates are not already installed on all of the following servers: Get and install certificates:
– Exchange 2016, Exchange 2013, or Exchange 2010 client access servers.
– Exchange 2007 client access servers, if there are Exchange 2007 mailboxes that you want Unity Connection to be able to access.
In addition, if you selected the option to validate certificates for Active Directory domain controllers, and if SSL certificates are not already installed on your DCs, get and install certificates.
2. If you used an external CA (for example, Verisign) to issue the SSL certificates installed on the servers listed in Task 1., and if you have the public certificates for the CA in .pem format: Save the files to a network location accessible to the Unity Connection server. Then skip to Task 6.
3. If you used Microsoft Certificate Services or Active Directory Certificate Services to issue the SSL certificates, or if you used an external CA and you do not have the public certificate for the CA in .pem format: Download and install OpenSSL or another application that can convert public certificates to .pem format. Unity Connection cannot upload public certificates in other formats.
4. If you used Microsoft Certificate Services to issue the SSL certificates: Do the To Save the Public Certificate for Microsoft Certificate Services or Active Directory Certificate Services to a File section.
5. If you used Microsoft Certificate Services, Active Directory Certificate Services, or an external CA, and if you do not have public certificates in .pem format: Use the application that you downloaded in Task 3. to convert the public certificate to .pem format, and save the file to a network location accessible to the Unity Connection server.
6. Upload the public certificates to the Unity Connection server. See the To Upload the Public Certificates to the Unity Connection Server section.
To Save the Public Certificate for Microsoft Certificate Services or Active Directory Certificate Services to a File
Step 1 Sign in to the server on which you installed Microsoft Certificate Services and issued SSL certificates for the following servers:
Step 2 On the Windows Start menu, select Programs > Administrative Tools > Certification Authority .
Step 3 In the left pane of the Certification Authority MMC, right-click the server name, and select Properties .
Step 4 In the <servername> Properties dialog box, on the General tab, select View Certificate .
Step 5 In the Certificate dialog box, select the Details tab.
Step 6 On the Details tab, select Copy to File .
Step 7 On the Welcome to the Certificate Export Wizard page, select Next .
Step 8 On the Export File Format page, select Next to accept the default value of DER Encoded Binary X.509 (.CER) .
Step 9 On the File to Export page, specify the full path of the public certificate, including a location that is accessible to the Unity Connection server, and a file name.
Step 11 On the Completing the Certificate Export Wizard page, select Finish .
Step 12 Select OK three times to close a message box and two dialog boxes.
Step 13 Close the Certification Authority MMC.
Step 14 If you issued SSL certificates for all of the servers listed in Step 1 using the same installation of Microsoft Certificate Services, you are finished with this procedure. Return to the task list for this section.
If you issued SSL certificates for all of the servers listed in Step 1 using different installations of Microsoft Certificate Services, repeat Step 1 through Step 13 to get one public certificate for each instance of Microsoft Certificate Services. Then return to the task list for this section.
To Upload the Public Certificates to the Unity Connection Server
Step 1 In Cisco Unified Operating System Administration, expand Certificate Management and select Upload Certificate .
Step 2 In the Certificate Name list, select tomcat-trust .
Step 3 Optional: Enter a description (for example, the name of the certification authority) in the Description field.
Step 5 Browse to the location where you saved the public certificates in .pem format, and select one of the converted certificates.
Step 7 Repeat Step 1 through Step 6, but select Unity Connection-trust in the Certificate Name list.
Step 8 If you have public certificates from more than one certification authority, repeat Step 1 through Step 6
Uploading Certificates for Office 365 and Cisco Unity Connection
At the time of creating unified messaging services, if you select "Validate Certificates for Exchange Servers" for Office 365, you must perform the following steps to upload Office 365 root certificate to the tomcat-trust of Cisco Unity Connection.
Step 1 Select the Office 365 EWS endpoint URL https://outlook.office365.com/EWS/Exchange.ASMX and download the Office 365 root certificate.
Step 2 In Cisco Unified Operating System Administration, expand Security and select Certificate Management.
Step 3 On the Certificate Management page, select Upload Certificate.
Step 4 In the Certificate Name list, select tomcat-trust.
Step 5 (Optional) Enter a description in the Description field and select Browse
Step 6 Browse to the location where you saved the Office 365 root certificate, and select the certificate.
Testing Unified Messaging Services for Unity Connection
To Test Unified Messaging Services for Unity Connection
Step 1 In Cisco Unity Connection Administration, expand Unified Messaging , then select Unified Messaging Services . On the Search Unified Messaging Services page, select the service that you want to test.
Step 2 On the Edit Unified Messaging Service page, select Test .
Step 3 If the test results showed configuration problems, resolve the problems, then repeat the test.
Step 4 If you configured two or more unified messaging services, repeat Step 1 through Step 3 to test the remaining services.
Unified Messaging Accounts and User Accounts Related for Unity Connection
Unified messaging accounts tie Unity Connection users to unified messaging services. Unified messaging accounts are separate objects from user accounts:
- When you create a user account, Unity Connection does not automatically create a unified messaging account for that user.
- You can create more than one unified messaging account for a user, but a user’s unified messaging accounts cannot have overlapping features. For example, you cannot create two unified messaging accounts for the same user that both enable single inbox.
Creating multiple unified messaging accounts for a user is one way to control access to unified messaging features. For example, if you want all users to have single inbox but only a few users to have text-to-speech access to Exchange email, you can create two unified messaging services. One activates single inbox and the other activates TTS. You then create unified messaging accounts for all users to give them access to single inbox, and you create a second unified messaging account for the users who you want to have TTS.
- When you add a unified messaging account, the associated user account is updated with a reference to the unified messaging account. The user account does not contain the information on the unified messaging account.
- When you delete a user account, all unified messaging accounts for that user are also deleted. However, when you delete a unified messaging account, the corresponding user account is not deleted. The user account is updated only to remove the reference to the unified messaging account.
Creating Unified Messaging Accounts for Unity Connection
Do the following procedure to create one or more unified messaging accounts for Unity Connection users using Unity Connection Administration. You can also create large numbers of unified messaging accounts using the Bulk Administration Tool. For more information, see the “Bulk Administration Tool” appendix in the System Administration Guide for Cisco Unity Connection , Release 10.x at
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/connection/10x/administration/guide/10xcucsagx/10xcucsagappb.html.
Note Each unified messaging account is associated with a user, but a unified messaging account is a separate object in the Unity Connection database. If you delete a unified messaging account, the associated user account is not deleted.
To Create Unified Messaging Accounts to Link Unity Connection Users to Exchange Mailboxes
Step 1 In Cisco Unity Connection Administration, expand Users and select Users . On the Search Users page, select an applicable user.
Step 2 On the Edit User Basics page, on the Edit menu, select Unified Messaging Accounts .
Step 3 On the Unified Messaging Accounts page, select Add New .
Step 4 On the New Unified Messaging Account page, in the Unified Messaging Service list, select the name of the service that you want to use for this user. You entered the name when you created the service in the To Create a Unified Messaging Service to Access Exchange from Unity Connection section.
The display-only Service Type field should display “Exchange.” If it displays another value, select a different unified messaging service.
Step 5 In the Account Information section, select the applicable option for the Exchange mailbox that you want to access.
Step 6 Verify that the user has an SMTP proxy address that matches the email address that you specified in Step 5, either by entering a value for the Use This Email Address option or selecting to use the corporate email address:
a. On the Edit menu, select SMTP Proxy Address .
b. If the SMTP Proxy Addresses page includes an entry for the email address that you specified in Step 5, skip to Step 7. Otherwise, continue with Step 6 c .
d. Add the email address that you specified in Step 5.
Step 7 The Service Capabilities section displays the options that are enabled in the unified messaging service that you selected in Step 4. If you want to disable any of the services for this user, uncheck the corresponding check box.
You can add more than one unified messaging service for a user, but the same service capability cannot be enabled in more than one unified messaging service for the same user. This also applies to Exchange calendars and MeetingPlace: you cannot configure a user to access Exchange calendars and MeetingPlace scheduling and joining.
For information on synchronization behavior if you later disable single inbox in a unified messaging account, see the Disabling and Re-enabling Single Inbox Affects the Synchronization of Unity Connection and Exchange/ Office 365 Mailboxes section.
Step 9 To check the configuration for the user, select Test . The Task Execution Results window appears with the test results.
If any part of the test fails, verify the configuration for Exchange, Active Directory, Unity Connection, and the Unity Connection user.
Step 10 Repeat Step 1 through Step 9 for all remaining users.
Testing Unified Messaging Accounts for Unity Connection
Do the following procedure to test one or more of the unified messaging accounts that you created in the “Creating Unified Messaging Accounts to Link Unity Connection Users to Exchange Mailboxes” section.
To Test User Access to Exchange for Individual Unity Connection Users
Step 1 In Cisco Unity Connection Administration, expand Users and select Users . On the Search Users page, select the alias of a user who is configured for one or more unified messaging features for Exchange.
Step 2 On the Edit User Basics page, on the Edit menu, select Unified Messaging Accounts . Select a unified messaging account for Exchange.
Step 3 On the Edit Unified Messaging Account page, select Test .
Step 4 Review the results, resolve problems, if any, and re-run the test until no more problems are found.
Summary of Configuration of the Unified Messaging Accounts
You can view a summary of the configuration for all of the unified messaging accounts on a Unity Connection server, including:
- Current status of Unity Connection configuration settings for each unified messaging account, which indicates whether consistency problems with Unity Connection settings prevent unified messaging from functioning correctly. When you select the status icon for a unified messaging account, the Unified Messaging Account page appears, and the status area of the page lists both problems and possible problems, if any.
You can also test whether a unified messaging account has connectivity with other servers using the Test Connectivity button on the Unified Messaging Account page.
- The alias of the user associated with the account. When you select the alias for a unified messaging account, the Edit Unified Messaging Account page appears, and the status area of the page lists problems and possible problems, if any.
- The display name of the user associated with the unified messaging account.
- The name of the unified messaging service that is associated with the unified messaging account. When you select the service name, the Unified Messaging Services page appears with the settings for the service.
- The current unified messaging settings for each unified messaging account.
To View a Summary of the Configuration of Unified Messaging Accounts for Unity Connection
Step 1 In Cisco Unity Connection Administration, expand Unified Messaging and select Unified Messaging Account Status .
Step 2 To sort by the values in a column in ascending order, select the heading for the column. To sort in descending order, select the heading again.
Step 3 To display the Unified Messaging Accounts page for an account, select the icon or the value of the Alias column in the applicable row.
Step 4 To display the Unified Messaging Services page for an account, select the value of the UM Services column in the applicable row.
Testing System Configuration and Unified Messaging with Exchange and Unity Connection
You can run a Unity Connection system test that includes tests of the unified messaging configuration and that provides summary data on configuration problems, if any, for example, the number of accounts assigned to a specified unified messaging service that has configuration problems.
To Check System Configuration, Including Unified Messaging Configuration for Cisco Unity Connection
Step 1 In Cisco Unity Connection Administration, expand Tools and select Task Management .
Step 2 On the Task Definitions page, select Check System Configuration and Run Now .
Step 3 Select Refresh to display links to the latest results.
Step 4 Review the results, resolve problems, if any, and re-run the Check System Configuration task until no more problems are found.
Testing Access to Exchange Calendars for Unity Connection
To Test Access to Exchange Calendars for Unity Connection
Step 2 On the Go menu, select Calendar .
Step 3 On the File menu, select New > Meeting Request .
Step 4 Enter values in the required fields to schedule a new meeting for the current time, and invite a user who has an account on Unity Connection.
Step 6 Sign in to the Unity Connection mailbox of the user that you invited to the Outlook meeting in Step 4.
Step 7 If the user account is configured for speech access, say Play Meetings .
If the user account is not configured for speech access, press 6 , and then follow the prompts to list meetings.
Unity Connection reads the information about the Exchange meeting.
Resolving SMTP Domain Name Configuration Issues
When a single inbox user receives a voice message, it is synchronized from Unity Connection to Microsoft Exchange. The email address of sender/recipient has Unity Connection domain name, for example, userid@CUC-hostname. Due to this, email clients like Microsoft Outlook or IBM Lotus Notes adds the Unity Connection address as “recent contacts” in the address book. When a user replies to an email or adds recipient while composing an email, the user can enter/select the Unity Connection address, which may lead to NDR. If you want the email address of sender/recipient to be displayed as the corporate email address, for example, userid@corp-hostname, when the voice message is synchronized for single inbox users from Unity Connection to Exchange, you must perform the following steps:
Step 1 In Cisco Unity Connection Administration, expand System Settings > SMTP Configuration , then select Smart Host.
Step 2 On the Smart Host page, in the Smart Host field, enter the IP address or fully qualified domain name of the SMTP smart host server and select Save.
Note Microsoft Exchange server can be used as a smart host.
Step 3 In Cisco Unity Connection Administration, expand System Settings and select General Configuration.
Step 4 On the General Configuration page, in the When a recipient cannot be found list, select Relay message to smart host so that if the Recipient is not found, the message is sent to the smart host.
Step 6 In Cisco Unity Connection Administration, expand Users and select Users. Select an applicable user. On the Edit User Basics page, in the Edit menu, select Message Actions. Select the Accept the message option from the Voicemail drop- down list. Make sure to select the Relay the message option from the Email, Fax, and receipt drop -down lists and select Save.
Step 7 Setup a recipient policy on Exchange Server such that the Unity Connection alias resolves to the corporate email Id.
– For Exchange 2013 or Exchange 2010, see the following link:
http://technet.microsoft.com/en-us/library/bb232171.aspx
– For Exchange 2007, see the following link: http://technet.microsoft.com/en-us/library/bb232171(v=exchg.80).aspx
Feedback