Solved: CUCM Phone Config with CTS SW 1.7 / MIDlets: External Data Location Settings

THOMAS KRUEGER · ‎01-19-2011

Q: am I right to leave the Authentication Server URL blank or is it still necessary in the Phone Config with 1.7 SW / MIDlets running??

(Background: Access to the phone screenshot URL is handled differently with 1.6 and 1.7 CTS endpoints (see here) )

Cisco Unified Communications Manager Configuration Guide for the Cisco TelePresence System is not clear regarding phone config / the authentication URL:

On one hand:

- with SW 1.7 MIDlets are requiered

and

- table 2-6 says "Leave all fields blank to use the default." (this of course also means the "Authentication Server" field)

On the other hand:

- Chapter "Configuring a Remote Phone" says

"...enter the following in the Authentication Server field: http://<your CTS IP Address>:8080/authenticate.html."

NOT differentiating between 1.7 SW or earlier SW, not differentiating between MIDlet/ non MIDlet Solutions.

and

- chapter Configuring the MIDlets IP Phone Interface Step 9 just lets me remove Service URL and Idle URL, says nothing about Authentication URL

Just to put it straight:

1.7. midlet works both ways either if Auth. Server is configured on phone (pointing to the CTS) or if is left blank and the Enterprise Parameter has effect

But Access to Phone screenshot URL is only possible if I leave it blank and associate the phone with an existing CUCM User

Thanks for any response

gogasca · ‎01-20-2011

Thanks for the feedback we will work on clarifying our docs.

As you know the phone asks the codec for authorization and now due to security change the codec will deny the request starting release 1.7.

A few things we need to do now in 1.7

- Remove authentication URL from all the IP Phones
- Create a new application user account on CUCM (example: admin/cisco), with ONLY
the rights needed to do screenshots and associate phone.
- Configure the Authentication URL in the CUCM Enterprise parameters with an IP instead of Hostname
- Open up Ports in the ACL's to allow phone to communicate with CUCM

View solution in original post

gogasca · ‎01-20-2011

Thanks for the feedback we will work on clarifying our docs.

As you know the phone asks the codec for authorization and now due to security change the codec will deny the request starting release 1.7.

A few things we need to do now in 1.7

- Remove authentication URL from all the IP Phones
- Create a new application user account on CUCM (example: admin/cisco), with ONLY
the rights needed to do screenshots and associate phone.
- Configure the Authentication URL in the CUCM Enterprise parameters with an IP instead of Hostname
- Open up Ports in the ACL's to allow phone to communicate with CUCM

THOMAS KRUEGER · ‎01-21-2011

Hi Gonzalo,

thank you very much for your feedback!

Thomas

gvijendr · ‎05-05-2011

This was great tip. Thanks

THOMAS KRUEGER · ‎05-06-2011

Yes, gonzalos tip is even better than the added description in the now updated Cisco Unified Communications Manager Configuration Guide for the Cisco TelePresence System because the Guide refers to add screenshot functionality via an End User. see here

- IMHO - the way to implement screenshot functionality via App User is the better one because people use the corporate directory for lookup regularly and wil see this screenshot Enduser. Plus you have a clean separation of "normal" accounts (End User) and accounts with special rights for Administration, Operation, Machine-Machine Communication etc (App User).

added "deep link" to screenshot functionality description (...see here ...)