Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
505
Views
0
Helpful
4
Replies

Unity UM installation and service account, in an existing Exchange design

manuel.rouze
Level 1
Level 1

‎01-27-2004 01:52 PM - edited ‎03-13-2019 03:32 AM

Hi,

I've 2 questions regarding UNITY UM installation into an existing Exchange Environment.

1. Is it possible to install the UNITY server without on-box Exchange, if the Exchange server which will be used for voicemailboxes is in another domain (the parent domain in this case) ?

2. There is requirement to assign "Send as" & "Receive as" permission to the Unity service account on the mailbox store. Isn't it a security concern as it will expose all the items in the mailboxes of that store to be read/write/delete by unity service account ?

Is it mandatory, and if yes what is the reason why we have to give this particular rights ?

Thanks for your answer.

Manuel

Labels:
0 Helpful
4 Replies 4

afuller
Level 4
Level 4

‎01-27-2004 02:50 PM

1. Unity can definitely be installed without Exchange on-box, and, in fact, in 4.x, that's the only supported configuration. You need to make sure you've installed the Exchange System Manager on the Unity server, however, before you'll be able to partner up with an Exchange server.

2. There is a "send as/receive as" permission requirement. You should review the Unity installation documentation.

http://www.cisco.com/univercd/cc/td/doc/product/voice/c_unity/unity40/inst/inst403/ex/index.htm

Appendix D reviews the permissions set by the Permissions Wizard and what each account needs.

adam

0 Helpful

kechambe
Level 7
Level 7
In response to afuller

‎01-27-2004 03:00 PM

Yes it technically does expose all of the messages in the store to Unity for read/write/deletes but that is what Unity is doing -- reading, writing and deleting messages. There really isn’t a feasible way for Unity to authenticate as the actual user which is why it must be done this way. Keep in mind that users will still need to authenticate to their mailbox through the TUI before Unity does a login on their behalf. Also, Unity can integrate with RSA SecurID to provide enhanced security if desired. Check out:

http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_administration_guide_chapter09186a00800ea811.html

At Cisco we really do take security very serious and several large enterprises as well as government and military installations use Unity. It really is very secure.

Hope this helps you out...

Keith

0 Helpful

manuel.rouze
Level 1
Level 1
In response to afuller

‎01-27-2004 10:07 PM

Thanks for your quick Response Adam.

I understand I have to install the Exchange System Manager on the Unity server itself.

But can the Exchange server be in a different domain (the parent domain) ?

If so, is there some requirements regarding the unity directory service account and the unity message store account, because I think they will need to be part of usergroups in separate domains, and have rights in both domains.

I think every CISCO installation document refers to a UNITY installation where Exchange is in the same domain.

Thank you for your answer.

Manuel.

0 Helpful

afuller
Level 4
Level 4
In response to manuel.rouze

‎01-27-2004 10:11 PM

Unity and Exchange must be in the same Active Directory forest, but they can be in different domains in that forest. The permissions that one would set for the service accounts if both boxes were in the same domain must be set in any other domain where there will be a Unity subscriber.

adam

0 Helpful
Customers Also Viewed These Support Documents