Cisco Unified Presence 8.0

Cisco Unified Operating System
Maintenance Guide for Cisco Unified

Presence
Release 8.0
March 22, 2010
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCDE, CCENT, CCSI, Cisco Eos, Cisco Explorer, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase,
Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco TrustSec, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip
Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and
Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the
Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity,
Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the
IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY,
PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are
registered trademarks of Cisco and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (1002R)
© 2010 Cisco Systems, Inc. All rights reserved.

CONTENTS
CHAPTER 1 Getting Started with Cisco Unified Operating System Administration 1-1
Logging In to Cisco Unified Operating System Administration 1-1
Recovering the Administrator Password 1-2
Creating a Customized Log-on Message 1-3
CHAPTER 2 Changing Settings in Cisco Unified Operating System 2-1
How to Change IP Settings 2-1

Changing Ethernet Settings 2-1
Changing the IP Publisher Node Address on Subsequent Nodes 2-2
Troubleshooting IP Publisher Node Address Change on a Subsequent Node 2-3
Configuring an NTP Server 2-3
Changing SMTP Settings 2-4
Changing Time Settings 2-5
Maintaining Correct Time Zone Data 2-5
CHAPTER 3 Shutting Down and Restarting the Cisco Unified Operating System 3-1
Shutting Down the System 3-1
How to Work with Disk Partitions 3-2

Reverting a Cisco Unified Presence Node to a Previous Version 3-2
Restarting the Current Version 3-2
CHAPTER 4 Securing the Cisco Unified Operating System 4-1
Preparing Your Browser to Optimize Security 4-1
How to Manage IPSEC Policies 4-1

Creating an IPSec Policy 4-2
Enabling or Disabling an Existing IPSec Policy 4-3
Deleting an IPSec Policy 4-4
Enabling Bulk Authorization for Certificates 4-4
CHAPTER 5 Managing Security Certificates in Cisco Unified Operating System 5-1
How to Manage Certificates and Certificate Trust Lists 5-1

Viewing Certificates 5-1
Downloading a Certificate or a Certificate Trust List 5-2
Cisco Unified Operating System Maintenance Guide for Cisco Unified Presence
3
Contents
Deleting a Certificate 5-3

Regenerating a Certificate 5-3
Uploading a Certificate or a Certificate Trust List 5-5
Upload a Directory Trust Certificate 5-5
How to Use Third Party CA Certificates 5-6
Managing the Third-Party Certificate Process 5-6
Generating a Certificate Signing Request 5-7
Downloading a Certificate Signing Request 5-7
Monitoring Certificate Expiration Dates 5-8
CHAPTER 6 Upgrading Software in Cisco Unified Operating System 6-1
About Software Upgrades 6-1

Pre-Upgrade Tasks 6-2
Additional Upgrade Considerations 6-2
Disabling Throttling to Decrease the Time Required to Upgrade 6-3
Effects of I/O Throttling 6-3
How to Upgrade and Install Software 6-6
Obtaining the Upgrade File 6-6
Upgrading and Installing from Local Source 6-6
Upgrading and Installing From Remote Source 6-7
How to Manage Locale-Specific Upgrades 6-9
Locale Installation 6-9
Installing Locales 6-10
Error Messages 6-10
CHAPTER 7 Using Cisco Unified Operating System Utilities 7-1

Using the Ping Utility 7-1
Using the Remote Support Utility 7-2

Configuring Remote Support 7-2
APPENDIX A Viewing Cluster Nodes Status A-1
Viewing Hardware Status A-2
Viewing Network Status A-2
Viewing Installed Software A-3
Viewing System Status A-4
Viewing IP Preferences A-4
INDEX
4
CH A P T E R 1
Getting Started with Cisco Unified Operating
System Administration
March 22, 2010
Use Microsoft Internet Explorer version 6.0 or a later release, or Mozilla Firefox version 3.0 or a later
release to access the Cisco Unified Operating System Administration interface.
• Logging In to Cisco Unified Operating System Administration, page 1

• Recovering the Administrator Password, page 2
• Creating a Customized Log-on Message, page 3
Logging In to Cisco Unified Operating System Administration

Before You Begin
If you are currently logged in to Cisco Unified Presence Administration, log out before proceeding.
Procedure
Step 1 Perform the following actions to access Cisco Unified Operating System Administration:
a. Select Navigation > Cisco Unified OS Administration from the menu in the upper, right corner of
the Cisco Unified Presence Administration window.
b. Click Go.
Step 2 Enter your Administrator username and password.
Step 3 Click Submit.
Troubleshooting Tips
• You can also access Cisco Unified Operating System Administration directly by entering the
following URL:
http://server-name/cmplatform
• The Administrator username and password are established during installation or created using the
command line interface.
1-1
Chapter 1 Getting Started with Cisco Unified Operating System Administration
Recovering the Administrator Password
Related Topics
Command Line Interface (CLI) Reference Guide for Cisco Unified Presence (on Cisco.com)
Recovering the Administrator Password

If you lose the Administrator password and cannot access the system, you can reset the Administrator
password.
Before You Begin

• During this procedure, you will be required to remove and then insert a valid CD or DVD in the disk
drive to prove that you have physical access to the system.
• The Administrator login must start with an alphabetic character, be at least six characters long, and
can contain alphanumeric characters, hyphens, and underscores.
Procedure
Step 1 Log in to the system with the following username and password:
• Username: pwrecovery
• Password: pwreset
Step 2 Press any key to continue.
Step 3 If you have a CD or DVD in the disk drive, remove it now.
Step 4 Press any key to continue.
The system tests to ensure that you have removed the CD or DVD from the disk drive.
Step 5 Insert a valid CD or DVD into the disk drive.
Step 6 After the system verifies that you have inserted the disk, you are prompted to enter a new Administrator
password.
Step 7 Reenter the new password.
Step 8 After the system verifies the strength of the new password, the password is reset, and you are prompted
to press any key to exit the password reset utility.
• If you want to set up a different Administrator password, use the CLI command set password.
• The system checks the new password that you enter for strength. If the password does not contain
enough different characters, you are prompted to enter a new password.
Related Topics
Command Line Interface Reference Guide for Cisco Unified Presence (on Cisco.com)
1-2
Creating a Customized Log-on Message

You can upload a text file that contains a customized log-on message that appears in each of the
Cisco Unified Presence applications administrative interfaces.
Procedure
Step 1 Sign in to Cisco Unified Communications Operating System Administration.

Step 2 Select Software Upgrades > Customized Logon Message.
Step 3 Select Browse to select the text file you want to upload.
Note Text files are the only supported format and must be smaller than 10KB.
Step 4 Select Upload File.

Step 5 To revert to the default log-on message, click Delete.
1-3
1-4
CH A P T E R 2
Changing Settings in Cisco Unified Operating
System
March 22, 2010
You can view and update the following operating system settings:
• IP—the IP addresses and Dynamic Host Configuration Protocol (DHCP) client settings that were
entered when the application was installed.
• SMTP—the SMTP host that the operating system uses for sending email notifications.
• How to Change IP Settings

• Changing NTP Settings
• Changing SMTP Settings
• Changing Time Settings
• Maintaining Correct Time Zone Data
How to Change IP Settings

• Changing Ethernet Settings, page 1
• Changing the IP Publisher Node Address on Subsequent Nodes, page 2
• Troubleshooting IP Publisher Node Address Change on a Subsequent Node, page 3
Changing Ethernet Settings

You can determine whether Dynamic Host Configuration Protocol (DHCP) is active and locate the
related Ethernet IP addresses, as well as the IP address for the network gateway.
Before You Begin

• All Ethernet settings apply only to Eth0. You cannot configure any settings for Eth1. The Maximum
Transmission Unit (MTU) on Eth0 defaults to 1500.
• Changing the Ethernet settings causes an immediate system restart.
2-1
Chapter 2 Changing Settings in Cisco Unified Operating System
How to Change IP Settings
Procedure
Step 1 Log in to Cisco Unified Operating System Administration.

Step 2 Select Settings > IP > Ethernet.
Step 3 Enter the new values in the appropriate fields to modify the Ethernet settings.
Table 2-1 Ethernet Settings Fields and Descriptions
Field Description
DHCP Indicates whether DHCP is Enabled or Disabled.
Hostname Shows the name of the host server.
Note You can only change the hostname after changes to these
configuration settings are complete:
• DNS
• Cisco Unified Communications Manager Application Server
List
• Cisco Unified Presence Topology
IP Address Shows the IP address of the system.
Note Changing the IP address or host on the Cisco Unified Presence
publisher server can affect system performance.
Subnet Mask Shows the IP subnet mask address.
Default Gateway Shows the IP address of the network gateway.
Step 4 Click Save to commit your changes.
If you enable DHCP, the system disables the Port and Gateway setting, and it cannot be changed.
Changing the IP Publisher Node Address on Subsequent Nodes

If, for network configuration purposes, you changed the IP address or hostname on the Cisco Unified
Presence publisher node, then you will need to update the IP address of the publisher node on subsequent
nodes in Cisco Unified Presence.
Before You Begin

Use this functionality only if you want a subsequent node in Cisco Unified Presence to point to a
different Cisco Unified Presence publisher node. If this node is the Cisco Unified Presence publisher
node, be aware that you cannot use this window to change the IP address.
Procedure
2-2
Changing NTP Settings
Step 2 Select Settings > IP > Publisher.

Step 3 Enter the new Publisher IP address.
Step 4 Click Save.
Following a fresh installation of Cisco Unified Presence, you can change the IP address of the
Cisco Unified Communications Manager publisher server. Select System > CUCM Publisher in
Cisco Unified Presence Administration
Related Topics
• Changing Ethernet Settings, page 1
• Troubleshooting IP Publisher Node Address Change on a Subsequent Node, page 3
• Configuration and Maintenance Guide for Cisco Unified Presence
Troubleshooting IP Publisher Node Address Change on a Subsequent Node

Before You Begin
If the IP address of the Cisco Unified Presence publisher node changes while a subsequent node is
offline, be aware that you may not be able to log in to Cisco Unified Presence Administration on the
subsequent node. If Cisco Unified Presence does not function properly, follow this procedure:
Procedure
Step 1 Log in directly to Operating System Administration on the subsequent node by using the following URL:
http://server-name/cmplatform
where server-name specifies the host name or IP address of the subsequent node.
Step 2 Enter your Administrator user name and password and click Submit.
Step 3 Select Settings > IP > Publisher.
Step 4 Enter the new IP address for the publisher server and click Save.
Step 5 Restart the subsequent node.
Related Topics
Changing the IP Publisher Node Address on Subsequent Nodes, page 2
Changing NTP Settings

By design, you cannot configure or change the NTP server following a fresh installation of
Cisco Unified Presence.
2-3
Changing SMTP Settings
Changing SMTP Settings

Before You Begin
You must configure an SMTP host if you want the system to send you email, for example, from the
Certificate Expiry Monitor.
Procedure

Step 2 Select Settings > SMTP.
Step 3 Enter or modify the SMTP hostname or IP address.
Step 4 Click Save.
Changing Time Settings

You can manually configure the server time if NTP is currently disabled.
Before You Begin

Before you can manually configure the server time, you must delete any NTP servers that you have
configured.
Procedure

Step 2 Select Settings > Time.
Step 3 Enter the date and time for the system.
Step 4 Click Save.
Related Topics
• Changing the IP Publisher Node Address on Subsequent Nodes, page 2, page 3
• Maintaining Correct Time Zone Data, page 4
Maintaining Correct Time Zone Data

Cisco Unified Presence Release 8.0 includes the latest time zone information and Cisco contacts you
about major time zone events. After you install Cisco Unified Presence, you can download a COP file
with the latest updates. For more information on how to correctly upgrade your time zone data, see the
Release Notes for Cisco Unified Presence (Release 8.x) on Cisco.com:
http://www.cisco.com/en/US/products/ps6837/prod_release_notes_list.html
2-4
CH A P T E R 3
Shutting Down and Restarting the Cisco Unified
Operating System
March 22, 2010
You may need to choose from the following options to shut down or restart the system:
• Shutdown—Stops all running software and shuts down the server.
• Switch Versions—Switches the active and inactive disk partitions and restarts the system. You
normally select this option after the inactive partition has been updated and you want to start running
a newer software version.
• Restart—Restarts the system without switching partitions.
Note To power down the server, press the power button. Note, however, that this action may lead to file system
corruption and is not recommended.
• Shutting Down the System

• How to Work with Disk Partitions
Shutting Down the System

Procedure

Step 2 Select Settings > Version.
Step 3 Perform one of the following actions:
a. Click Shutdown to halt all processes and shut down the system.
b. Click Cancel to stop the operation.
The hardware does not power down automatically. If you press the power button on the server, the system
will immediately shut down.
3-1
Chapter 3 Shutting Down and Restarting the Cisco Unified Operating System
How to Work with Disk Partitions
What To Do Next
How to Work with Disk Partitions, page 2

• Reverting a Cisco Unified Presence Node to a Previous Version, page 2
• Restarting the Current Version, page 2
Reverting a Cisco Unified Presence Node to a Previous Version

When you are upgrading to a newer software version and when you need to fall back to an earlier
software version, you can shut down the system that is running on the active disk partition and then
automatically restart the system using the software version on the inactive partition. The software
version running on both the active and inactive partitions is indicated.
Caution This procedure causes the system to restart and become temporarily out of service.
Before You Begin

Upgrade the database on the active partition. The database on the inactive partition does not get updated.
If you make changes to the database after an upgrade, you must repeat those changes after switching the
partition.
Procedure

a. Click Switch Versions to switch versions and restart the system.
• If you click Switch Versions, the system restarts, and the partition that is currently inactive becomes
active.
• After you verify that you want to restart the system, the system restarts, which might take up to 15
minutes.
Related Topics
Upgrading Software in Cisco Unified Operating System, page 1
Restarting the Current Version

You can restart the system on the current partition without switching versions.
3-2
Caution This procedure causes the system to restart and become temporarily out of service.
Before You Begin

Shut down the system on which the active version is running.
Procedure

a. Click Restart to restart the system.
If you click Restart, the system restarts on the current partition without switching versions.
Related Topics
Shutting Down the System, page 1
3-3
3-4
CH A P T E R 4
Securing the Cisco Unified Operating System
March 22, 2010
• Preparing Your Browser to Optimize Security, page 1

• How to Manage IPSEC Policies, page 1
• Enabling Bulk Export of Certificates, page 4
Preparing Your Browser to Optimize Security

To download certificates from the server, you must ensure that your Internet Explorer security settings
are configured correctly.
Procedure
Step 1 Start Internet Explorer.

Step 2 Select Tools > Internet Options.
Step 3 Click the Advanced tab.
Step 4 Scroll down to the Security section on the Advanced tab.
Step 5 If necessary, clear Do not save encrypted pages to disk.
Step 6 Click OK.
How to Manage IPSEC Policies

• Creating an IPSec Policy, page 2
• Enabling or Disabling an Existing IPSec Policy, page 3
• Deleting an IPSec Policy, page 4
Note IPSec is not automatically established between nodes in a cluster during a Cisco Unified Presence
installation.
4-1
Chapter 4 Securing the Cisco Unified Operating System
Creating an IPSec Policy

You can set up a new IPSec policy. Do not, however, attempt to create IPSec policies during a
Cisco Unified Presence server upgrade.
Caution IPSec, especially with encryption, will affect the performance of your system.
Before You Begin

To access the Security menu items, you must log in again to Cisco Unified Operating System
Administration using your Administrator password.
Procedure

Step 2 Select Security > IPSEC Configuration.
Step 3 Click Add New.
Step 4 Enter the new values in the appropriate fields.
Field Description
Policy Group Name Specifies the group name to which the IPSec policy belongs.
Policy Name Specifies the name of the IPSec policy.
Authentication Method Specifies the authentication method, for example, Certificate.
Preshared Key Specifies the preshared key if you selected Pre-shared Key in
the Authentication Method field.
Peer Type Specifies whether the peer is the same type or different.
Certificate Name Specifies the name of the certificate used for authentication.
Destination Address Specifies the IP address or FQDN of the destination.
Destination Port Specifies the port number at the destination.
Source Address Specifies the IP address or FQDN of the source.
Source Port Specifies the port number at the source.
Mode Specifies Tunnel or Transport mode.
Remote Port Specifies the port number to use at the destination.
Protocol Specifies the specific protocol, or Any:
• TCP
• UDP
• Any
Encryption Algorithm From the list box, select the encryption algorithm. Choices
include
• DES
• 3DES
4-2
Field Description
Hash Algorithm Specifies the hash algorithm:
• SHA1—Hash algorithm that is used in phase one IKE
negotiation
• MD5—Hash algorithm that is used in phase one IKE
negotiation
ESP Algorithm From the list box, select the ESP algorithm. Choices include
• NULL_ENC
• DES
• 3DES
• BLOWFISH
• RIJNDAEL
Phase One Life Time Specifies the lifetime for phase one IKE negotiation, in
seconds.
Phase One DH From the list box, select the phase one DH value. Choices
include 2, 1, 5, 14, 16, 17, and 18.
Phase Two Life Time Specifies the lifetime for phase two IKE negotiation, in
seconds.
Phase Two DH From the list box, select the phase two DH value. Choices
include 2, 1, 5, 14, 16, 17, and 18.
Enable Policy Check to enable the IPSec policy.
Step 5 Click Save.
What To Do Next
Enabling or Disabling an Existing IPSec Policy, page 3
Enabling or Disabling an Existing IPSec Policy

You can enable or disable an existing IPSec policy. Do not, however, attempt to create, enable or disable
IPSec policies during a Cisco Unified Presence server upgrade.
Before You Begin

Complete the steps in Creating an IPSec Policy, page 2.
4-3
Enabling Bulk Export of Certificates
Procedure
Step 1 Log in to Cisco Unified Operating System Administration. Perform one of the following actions in the
IPSEC Policy Configuration frame:
a. Check Enable Policy to enable the policy.
b. Uncheck Enable Policy to disable the policy.
Step 2 Click Save.
Deleting an IPSec Policy

You can delete one or more IPSec policies. Do not, however, attempt to delete IPSec policies during a
Cisco Unified Presence server upgrade.
Before You Begin

Procedure

Step 2 Select Security > IPSEC Configuration.
Step 3 Select the policy or policies that you want to delete.
Step 4 Click Delete.
Enabling Bulk Export of Certificates

This release of Cisco Unified Presence does not support the bulk authorization and export of certificates.
4-4
CH A P T E R 5
Managing Security Certificates in Cisco Unified
Operating System
March 22, 2010
The operating system security options enable you to manage security certificates in these two ways:
• Certificate Management—Manages certificates, Certificate Trust Lists (CTL), and Certificate
Signing Requests (CSR). You can display, upload, download, delete, and regenerate certificates.
• Certificate Monitor—Allows you to monitor the expiration dates of the certificates on the server.
• How to Manage Certificates and Certificate Trust Lists, page 1

• How to Use Third Party CA Certificates, page 6
How to Manage Certificates and Certificate Trust Lists

• Viewing Certificates, page 1
• Downloading a Certificate or a Certificate Trust List, page 2
• Deleting a Certificate, page 3
• Regenerating a Certificate, page 3
• Uploading a Certificate or a Certificate Trust List, page 4
• Upload a Directory Trust Certificate, page 5
Viewing Certificates
Before You Begin
Procedure

Step 2 Select Security > Certificate Management.
5-1
Chapter 5 Managing Security Certificates in Cisco Unified Operating System
If you want to: Action

Filter the certificate list Enter your search criteria, and use the Find controls as
follows:
a. To filter or search records, perform one of the
following actions:
– From the first list box, select a search parameter.
– From the second list box, select a search pattern.
– Specify the appropriate search text, if
applicable.
b. Click Find.
View details of a certificate or trust store Click the .PEM or .DER file name of the certificate.
Return to the Certificate List window a. Select Back To Find/List in the Related Links list.
b. Click Go.
Downloading a Certificate or a Certificate Trust List

Before You Begin
Procedure

Step 3 If required, use the Find controls to filter the certificate list as follows:
a. To filter or search records, perform one of the following actions:
– Specify the appropriate search text, if applicable.
b. Click Find.
Step 4 Click the file name of the certificate or CTL.
Step 5 Click Download.
Step 6 Click Save.
5-2
Deleting a Certificate
A trusted certificate is the only type of certificate that you can delete. You can not delete a self-signed
certificate that is generated by the system.
Caution Deleting a certificate can affect your system operations. If there is an existing CSR for the certificate
you select from the Certificate list, it is deleted from the system and you must generate a new CSR. For
more information, see the Generating a Certificate Signing Request, page 7.
Before You Begin

Procedure

Step 3 If required, use the Find controls to filter the certificate list as follows:
a. To filter or search records, perform one of the following actions:
– Specify the appropriate search text, if applicable.
b. Click Find.
Step 4 Click the file name of the certificate or CTL.
Step 5 Click Delete.
Regenerating a Certificate
A certificate of type “cert” is the only type of certificate that you can regenerate.
Caution Regenerating a certificate can affect your system operations.
Before You Begin

Procedure

Step 3 Click Generate New.
5-3
Step 4 Select a certificate name from the Certificate Name list.
Table 5-1 Certificate Names and Descriptions
Name Description
tomcat This self-signed root certificate is generated
during the installation of the HTTPS server.
ipsec This self-signed root certificate is generated
during the installation of secure IPSec server
connections.
cup This self-signed root certificate is generated
during the installation of the Cisco Unified
Presence server.
cup-xmpp This self-signed root certificate is generated
Presence server.
cup-xmpp-s2s This self-signed root certificate is generated
Presence server.
Note The trust certificates for cup-xmpp-s2s

are stored in cup-xmpp-trust along with
the general XMPP trust certificates.
Step 5 Click Generate New.
Restart the Tomcat web server after you upload or regenerate a Tomcat certificate, in a Cisco Unified
Presence cluster.
Uploading a Certificate or a Certificate Trust List
Caution Uploading a new certificate or certificate trust list (CTL) file can affect your system operations.
Before You Begin

• The system does not distribute trust certificates to other cluster nodes automatically. If you need to
have the same certificate on more than one node, you must upload the certificate to each node
individually.
• To access the Security menu items, you must log out and log back in to Cisco Unified Operating
System Administration using your Administrator password.
5-4
Procedure

Step 3 Click Upload Certificate.
Step 4 Select the name of the certificate or CTL from the Certificate Name list.
a. If you are uploading an application certificate that was issued by a third party CA, enter the name
of the CA root certificate in the Root Certificate text box.
b. If you are uploading a CA root certificate, leave Root Certificate text box empty.
Step 6 Select the file to upload by completing one or of the following actions:
• Enter the path to the file in the Upload File text box.
• Click Browse and navigate to the file.
• Click Open.
Step 7 Click Upload File to upload the file to the server.
Restart the Tomcat web server after you upload or regenerate a Tomcat certificate, in a Cisco Unified
Presence cluster.
Upload a Directory Trust Certificate

Procedure

Step 3 Click Upload Certificate.
Step 4 Select directory-trust from the Certificate Name list.
Step 5 Enter the file to upload in the Upload File field.
Step 6 Click Upload File.
Step 7 Log into Cisco Unified Serviceability.
Step 8 Select Tools > Control Center - Feature Services.
Step 9 Restart the service Cisco Dirsync.
Step 10 Log in to the Cisco Unified Operating System CLI as an administrator.
Step 11 Enter the command utils service restart Cisco Tomcat to restart the Tomcat service.
Step 12 After the services have been restarted, you can add the directory agreement for SSL.
5-5
How to Use Third Party CA Certificates

Cisco Unified Operating System supports certificates that a third-party Certificate Authority (CA) issues
with PKCS # 10 Certificate Signing Request (CSR).
To use an application certificate that a third-party CA issues, you must obtain both the signed application
certificate and the CA root certificate from the CA. Get information about obtaining these certificates
from your CA. The process varies among CAs.
CAPF and Cisco Unified Presence Certificate Signing Requests (CSRs) include extensions that you must
include in your request for an application certificate from the CA. If your CA does not support the
ExtensionRequest mechanism, you must enable the X.509 extensions that are listed in the final window
of the CSR generation process.
Cisco Unified Operating System generates certificates in DER and PEM encoding formats and generates
CSRs in PEM encoding format. It accepts certificates in DER and DER encoding formats.
Cisco verified third-party certificates that were obtained from Microsoft, Keon, and Verisign CAs.
Certificates from other CAs might work but have not been verified.
• Managing the Third-Party Certificate Process, page 6

• Generating a Certificate Signing Request, page 7
• Downloading a Certificate Signing Request, page 7
• Monitoring Certificate Expiration Dates, page 7
Managing the Third-Party Certificate Process

This procedure provides an overview of the third-party certificate process, with references to each step
in sequence:
Task For More Information

Step 1 Generate a CSR on the server. See Generating a Certificate Signing Request, page 7.
Step 2 Download the CSR to your PC. See Downloading a Certificate Signing Request, page 7.
Step 3 Use the CSR to obtain an Get information about obtaining application certificates from
application certificate from a CA. your CA.
Step 4 Obtain the CA root certificate. Get information about obtaining a root certificate from your CA.
Step 5 Upload the CA root certificate to See Uploading a Certificate or a Certificate Trust List, page 4.
the server.
Step 6 Upload the application certificate See Uploading a Certificate or a Certificate Trust List, page 4.
to the server.
Step 7 If you updated the certificate for See Uploading a Certificate or a Certificate Trust List, page 4.
CAPF or Cisco Unified Presence,
generate a new CTL file.
Step 8 Restart the services that are For all certificate types, restart the corresponding service (for
affected by the new certificate. example, restart the Tomcat service if you updated the Tomcat
certificate).
For information about restarting services, see the Cisco Unified
Serviceability Administration Guide for Cisco Unified Presence.
5-6
Generating a Certificate Signing Request

Before You Begin
• To access the Security menu items, you must log in again to Cisco Unified Operating System
• For the current release of the Cisco Unified Operating System, the Directory option is no longer
available in the list of Certificate Names. However, you can still upload a Directory Trust certificate
from a previous release, which is required for the DirSync service to work in Secure mode.
Procedure

Step 3 Click Generate CSR.
Step 4 Select the certificate name from the Certificate Name list.
Step 5 Click Generate CSR.
Related Topics
Upload a Directory Trust Certificate, page 5
Downloading a Certificate Signing Request

Before You Begin
Procedure

Step 3 Click Download CSR.
Step 4 Select the certificate name from the Certificate Name list.
Step 5 Click Download CSR.
Step 6 Click Save.
Monitoring Certificate Expiration Dates

The system can automatically send you an email when a certificate is close to its expiration date.
5-7
Procedure

Step 2 Select Security > Certificate Monitor to view the current Certificate Expiration Monitor configuration.
Step 3 Enter the required configuration information.
Table 5-2 Certificate Monitor Field Descriptions
Field Description
Notification Start Time Enter the number of days before the certificate
expires that you want to be notified.
Notification Frequency Enter the frequency for notification, either in
hours or days.
Enable E-mail Notification Check the check box to enable email notification.
E-mail IDs Enter the email address to which you want
notifications sent.
Note For the system to send notifications, you
must configure an SMTP host.
Step 4 Click Save.
5-8
CH A P T E R 6
Upgrading Software in Cisco Unified Operating
System
March 22, 2010
• About Software Upgrades, page 1

• How to Upgrade and Install Software, page 6
• How to Manage Locale-Specific Upgrades, page 9
About Software Upgrades

With this version of Cisco Unified Presence, you can install upgrade software on your server while the
system continues to operate. Two partitions exist on your system: an active, bootable partition and an
inactive, bootable partition. The system boots up and operates entirely on the partition that is marked as
the active partition.
When you install upgrade software, you install the software on the inactive partition. The system
continues to function normally while you are installing the software. When you are ready, you activate
the inactive partition and reboot the system with the new upgrade software. The current active partition
will then get identified as the inactive partition when the system restarts. The current software remains
in the inactive partition until the next upgrade. Your configuration information migrates automatically
to the upgraded version in the active partition.
If for any reason you decide to back out of the upgrade, you can restart the system to the inactive partition
that contains the older version of the software. However, any configuration changes that you made since
upgrading the software will get lost.
Note You can only make changes to the database on the active partition. The database on the inactive partition
does not get updated. If you make changes to the database after an upgrade, you must repeat those
changes after switching the partition.
• Pre-Upgrade Tasks, page 2

• Additional Upgrade Considerations, page 2
• Disabling Throttling to Decrease the Time Required to Upgrade, page 3
6-1
Chapter 6 Upgrading Software in Cisco Unified Operating System
Pre-Upgrade Tasks
Before you begin the upgrade, perform the following tasks:
• Read the release notes and documentation for the new release and be sure you understand the
supported upgrades, new features, and how the upgrade interacts with the other products associated
with your system.
Document Location
Hardware and Software Compatibility http://www.cisco.com/en/US/products/ps6837/pr
Information for Cisco Unified Presence oducts_device_support_tables_list.html
Release notes for Cisco Unified Presence http://www.cisco.com/en/US/products/ps6837/pr
od_release_notes_list.html
• Ensure that you have the necessary license files for the new release. If your Cisco Unified Presence
server is operating in Evaluation Evaluation-Expire mode following a fresh installation, you cannot
upgrade it until you enable Cisco Unified Presence in permanent Production mode. You must upload
the Cisco Unified Presence server license file that you previously acquired.
• Before you begin the upgrade, back up your system.
Related Topics
• See the Deployment Guide for Cisco Unified Presence for information about Cisco Unified Presence
licensing modes
What To Do Next
Additional Upgrade Considerations, page 2
Additional Upgrade Considerations

When you are upgrading Cisco Unified Presence, also consider the following:
• You can perform software installations and upgrades by using the Software Upgrades menu
options, or using the Command Line Interface. The system can only upload and process software
that Cisco approves.
• If you have a Cisco Unified Presence cluster comprisng multiple nodes, you must upgrade all nodes
in the cluster. If you have a multi-node cluster, where Node A is the publisher server and Node B is
the subscriber server, you must upgrade Node A prior to upgrading Node B. The system transfers
specific files and a copy of the database from Node A to Node B during an upgrade. Also, you cannot
perform a fresh installation on Node A and then perform an upgrade on Node B.
• You must also enable the SIP trunk in Cisco Unified Presence Administration.
• After upgrading Cisco Unified Presence, you must map line appearances to users to support
presence; the system does not base presence on line appearances mapping to the primary extensions
of users.
• Make sure that the Call Detail Record (CDR) Maintenance task is not running during an upgrade. If
not configured explicitly, the CDR maintenance tasks runs for two hours at midnight everyday. To
change the CDR maintenance time, change the Cisco AMC service parameter in Cisco Unified
Presence Administration.
6-2
Note If you have to upgrade Cisco Unified Communications Manager as part of your Cisco Unified Presence
upgrade, note the following:
• You must stop and restart Cisco Unified Presence Sync Agent service. To restart the Sync Agent
service, navigate to Cisco Unified Serviceability and select Tools > Control Center - Network
Services.
• You must configure a SIP PUBLISH trunk on Cisco Unified Communications Manager to
communicate with Cisco Unified Presence.
Related Topics
• Command Line Interface (CLI) Reference Guide for Cisco Unified Presence (on Cisco.com)
• Serviceability Configuration and Maintenance Guide for Cisco Unified Presence
• Cisco Unified Communications Manager System Guide
Disabling Throttling to Decrease the Time Required to Upgrade

To preserve system stability during upgrades, the system throttles the upgrade process, which may take
considerably longer to complete in Cisco Unified Presence 7.0(1) and later than it did in earlier releases.
However, if the upgrade process is taking much longer than you would like, you can disable throttling.
Although disabling throttling decreases the time it takes to perform the upgrade, it may degrade system
performance. For more information about throttling and the causes of slow upgrades, see the “Effects of
I/O Throttling” section on page 6-3. To disable throttling, use the following command in the CLI before
you start the upgrade: utils iothrottle disable
Note If you want to reenable throttling after you start the upgrade, you must cancel the upgrade, reenable
throttling, and then restart the upgrade.
Effects of I/O Throttling

This section describes how throttling affects the upgrade process, identifies possible causes of slow or
stalled upgrades, and provides actions you can take to speed up the upgrade.
This section contains the following information:
• Overview, page 3
• Disabling Throttling, page 4
• Server Models, page 4
• Write-Cache, page 4
Overview
Throttling may cause the upgrade to take longer. Throttling is enabled by default and is necessary if you
perform the upgrade during normal business hours.
6-3
Disabling Throttling
To disable throttling, use the following command: utils iothrottle disable
Note If you want to reenable throttling after you start the upgrade, you must cancel the upgrade, reenable
throttling, and then restart the upgrade.
Server Models
The Server model you have also impacts the upgrade speed. Upgrades on servers that have SATA hard
drives, such as MCS-7816 and MCS-7825, take longer than servers with SAS/SCSI hard drives, such as
MCS-7835 and MCS-7845.
Write-Cache
A disabled write-cache on the server also causes the upgrade process to run more slowly. Multiple factors
can cause the write-cache to become disabled, including dead batteries on older servers.
Before starting an upgrade, verify the status of the write-cache on the MCS-7835/45 disk controllers.
You do not need to verify the write-cache status on the MCS-7816, MCS-7825 servers. To verify
write-cache status, access the Cisco Unified Operating System Administration, and select Show >
Hardware.
If you determine that your write-cache is disabled because of a dead battery, you need to replace the hard
disk controller cache battery. Follow your local support procedures to get this battery replaced.
See the following examples of output from the Show > Hardware menu for details on determining the
battery and write-back cache status.
In the following example write-cache is enabled. The example indicates that 50 percent of the cache is
reserved for write and 50 percent of the cache is reserved for read. If the write-cache was disabled, 100
percent of the cache would be reserved for read or the Cache Status would not equal “OK”. Also, the
battery count equals “1”. If the controller battery was dead or missing, it would indicate “0”.
Example 6-1 7835/45-H1 and 7835/45-H2 Servers with Write-Cache Enabled
-------------------------------
RAID Details :
Smart Array 6i in Slot 0

Bus Interface: PCI
Slot: 0
Cache Serial Number: P75B20C9SR642P
RAID 6 (ADG) Status: Disabled
Controller Status: OK
Chassis Slot:
Hardware Revision: Rev B
Firmware Version: 2.80
Rebuild Priority: Low
Expand Priority: Low
Surface Scan Delay: 15 sec
Cache Board Present: True
Cache Status: OK
Accelerator Ratio: 50% Read / 50% Write
Total Cache Size: 192 MB
Battery Pack Count: 1
Battery Status: OK
SATA NCQ Supported: False
6-4
The following example indicates that the battery status is enabled and that the write-cache mode is
enabled.
Example 6-2 7835/45-I2 Servers with Write-Cache Enabled
----------
RAID Details :
Controllers found: 1
----------------------------------------------------------------------
Controller information
----------------------------------------------------------------------
Controller Status : Okay
Channel description : SAS/SATA
Controller Model : IBM ServeRAID 8k
Controller Serial Number : 20ee0001
Physical Slot : 0
Copyback : Disabled
Data scrubbing : Enabled
Defunct disk drive count : 0
Logical drives/Offline/Critical : 2/0/0
---------------------------------------------------
Controller Version Information
---------------------------------------------------
BIOS : 5.2-0 (15421)
Firmware : 5.2-0 (15421)
Driver : 1.1-5 (2412)
Boot Flash : 5.1-0 (15421)
---------------------------------------------------
Controller Battery Information
---------------------------------------------------
Status : Okay
Over temperature : No
Capacity remaining : 100 percent
Time remaining (at current draw) : 4 days, 18 hours, 40 minutes
---------------------------------------------------
Controller Vital Product Data
---------------------------------------------------
VPD Assigned# : 25R8075
EC Version# : J85096
Controller FRU# : 25R8076
Battery FRU# : 25R8088
----------------------------------------------------------------------
Logical drive information
----------------------------------------------------------------------
Logical drive number 1
Logical drive name : Logical Drive 1
RAID level : 1
Status of logical drive : Okay
Size : 69900 MB
Read-cache mode : Enabled
Write-cache mode : Enabled (write-back)
Write-cache setting : Enabled (write-back) when protected by battery
Number of chunks : 2
Drive(s) (Channel,Device) : 0,0 0,1
Logical drive number 2
Logical drive name : Logical Drive 2
RAID level : 1
Status of logical drive : Okay
Size : 69900 MB
Read-cache mode : Enabled
6-5
How to Upgrade and Install Software
Write-cache mode : Enabled (write-back)

Write-cache setting : Enabled (write-back) when protected by battery
Number of chunks : 2
Drive(s) (Channel,Device) : 0,2 0,3

You can access the upgrade file during the installation process from either a local DVD or from a remote
FTP or SFTP server. Be aware that directory names and filenames that you enter to access the upgrade
file are case-sensitive.
• Obtaining the Upgrade File, page 6
• Upgrading and Installing from Local Source, page 6
• Upgrading and Installing From Remote Source, page 7
Obtaining the Upgrade File

Before you begin the upgrade process, you must obtain the appropriate upgrade file from Cisco.com.
If you plan to download the upgrade file, complete the following tasks:
• Download the appropriate upgrade file from Cisco.com.
• Copy the upgrade file to a writable CD or DVD. Because of their size, some upgrade files may not
fit on a CD and will require a DVD.
• Do not rename the patch file before you install it because the system will not recognize it as a valid
file.
• Do not decompress the file. If you do, the system may not be able to read the upgrade files.
Upgrading and Installing from Local Source

You can install software from a CD or DVD that is located in the local disc drive and then start the
upgrade process.
Before You Begin

• Review the software upgrade process and ensure that you have completed the prerequisite system
backup procedures.
• Obtain the upgrade file from cisco.com.
Procedure
Step 1 Insert the CD or DVD into the disc drive on the local server that is to be upgraded.
Step 3 Select Software Upgrades > Install/Upgrade.
Step 4 Select DVD/CD from the Source list.
Step 5 Enter the path to the patch file on the CD or DVD in the Directory field. If the file is in the root directory,
enter a slash (/).
6-6
Step 6 Enter the server name in the Server field.

Step 7 Enter your user name in the User Name field.
Step 8 Enter your password in the User Password field.
Step 9 Select the transfer protocol from the Transfer Protocol field, for example, SFTP.
Step 10 Click Next to continue the upgrade process.
Step 11 Select the upgrade version that you want to install and click Next.
Step 12 Monitor the progress of the download, which includes the filename and the number of megabytes that
are getting transferred.
Step 13 When the download completes, verify the checksum value against the checksum for the file that you
downloaded that is shown on Cisco.com.

Install the upgrade and automatically Select Reboot to upgraded partition.
reboot to the upgraded partition
Install the upgrade and then manually Select Do not reboot after upgrade.
reboot to the upgraded partition at a later
time
Step 15 Click Next.

Step 16 Click Finish when the installation completes.
• You must reboot the system in order to activate the upgrade.
• If the upgrade file is located on a Linux or Unix server, you must enter a forward slash at the
beginning of the directory path that you want to specify. For example, if the upgrade file is in the
patches directory, you must enter /patches. If the upgrade file is located on a Windows server, check
with your system administrator for the correct directory path.
• The two checksum values must match to ensure the authenticity and integrity of the upgrade file. If
the checksum values do not match, download a fresh version of the file from Cisco.com and try the
upgrade again.
Related Topics
• How to Manage Locale-Specific Upgrades, page 9
• Obtaining the Upgrade File, page 6
• Reverting a Cisco Unified Presence Node to a Previous Version, page 2
Upgrading and Installing From Remote Source

You can install software from a network drive or remote server and then start the upgrade process.
6-7
Before You Begin

Review the software upgrade process and ensure that you have completed the prerequisite system backup
procedures.
Procedure

Step 2 Select Software Upgrades > Install/Upgrade.
Step 3 Select Remote Filesystem from the Source list.
Step 4 Enter the path to the patch file on the remote system in the Directory field.
Step 5 Enter the server name in the Server field.
Step 6 Enter your user name in the User Name field.
Step 7 Enter your password in the User Password field.
Step 8 Select the transfer protocol from the Transfer Protocol field, for example, SFTP.
Step 9 Click Next to continue the upgrade process.
Step 10 Select the upgrade version that you want to install and click Next.
Step 11 Monitor the progress of the download, which includes the filename and the number of megabytes that
are getting transferred.
Step 12 When the download completes, verify the checksum value against the checksum for the file that you
downloaded that is shown on Cisco.com.

Install the upgrade and automatically a. Select Reboot to upgraded partition.
reboot to the upgraded partition
Install the upgrade and then manually a. Select Do not reboot after upgrade.
reboot to the upgraded partition at a later
time
Step 14 Click Next.

Step 15 Click Finish when the installation completes.
• You must reboot the system in order to activate the upgrade.
• If the upgrade file is located on a Linux or Unix server, you must enter a forward slash at the
beginning of the directory path that you want to specify. For example, if the upgrade file is in the
patches directory, you must enter /patches. If the upgrade file is located on a Windows server, check
with your system administrator for the correct directory path.
• To ensure the authenticity and integrity of the upgrade file, the two checksum values must match. If
the checksum values do not match, download a fresh version of the file from Cisco.com and try the
upgrade again.
6-8
How to Manage Locale-Specific Upgrades
Related Topics
Reverting a Cisco Unified Presence Node to a Previous Version, page 2

• Locale Installation, page 9
• Installing Locales, page 10
• Error Messages, page 10
Locale Installation
Cisco provides locale-specific versions of the Cisco Unified Communications Manager Locale Installer
on www.cisco.com. Installed by the system administrator, the locale installer allows the user to
view/receive the chosen translated text or tones, if applicable, when a user works with supported
interfaces.
User Locales
User locale files provide translated text and voice prompts, if available, for phone displays, user
applications, and user web pages in the locale that the user selects. User-only locale installers exist on
the web.
Network Locales
Network locale files provide country-specific phone tones and gateway tones, if available. Network-only
locale installers exist on the web.
Cisco may combine multiple network locales in a single locale installer.
Note The Cisco Media Convergence Server (MCS) or Cisco-approved, customer-provided server can support
multiple locales. Installing multiple locale installers ensures that the user can select from a multitude of
locales.
Changes do not take effect until you reboot every server in the cluster. Cisco strongly recommends that
you do not reboot the servers until you have installed all locales on all servers in the cluster. Minimize
call-processing interruptions by rebooting the servers after regular business hours.
Cisco Unified Presence Locale Files

When installing Cisco Unified Presence locales, you must install both of the following files:
• User Locale files—Contain language information for a specific language and country and use the
following convention:
ps-locale-language-country-version.cop
• Combined Network Locale file—Contains country-specific files for all countries for various
network items, including phone tones, annunciators, and gateway tones. The combined network
locale file uses the following naming convention:
ps-locale-combinednetworklocale-version.cop
6-9
Installing Locales
You can install more than one locale file from either a local or a remote source. Perform one of the
following actions:
If you want to: For Additional Information

Install locale files from a local source a. See Locale Installation, page 9 for more information
about the locale files that you must install.
b. See How to Upgrade and Install Software, page 6
and follow the same procedure.
Install locale files from a remote source a. See Locale Installation, page 9 for more information
about the locale files that you must install.
b. See How to Upgrade and Install Software, page 6
and follow the same procedure.
Activate the newly installed locales Restart the server.
Error Messages
See Table 6-1 for a description of the messages that can occur during Locale Installer activation. If an
error occurs, you can view the messages in the installation log.
Table 6-1 Locale Installer Messages and Descriptions
Message Description
[LOCALE] File not found: This error occurs when the system cannot locate
<language>_<country>_user_locale.csv, the user the CSV file, which contains user locale
locale has not been added to the database. information to add to the database, which
indicates an error with the build process.
[LOCALE] File not found: This error occurs when the system cannot locate
<country>_network_locale.csv, the network the CSV file, which contains network locale
locale has not been added to the database. information to add to the database This indicates
an error with the build process.
[LOCALE] CSV file installer installdb is not You must ensure that an application called
present or not executable installdb is present. It reads information that a
CSV file contains and applies it correctly to the
target database. If this application is not found, it
did not get installed with the Cisco Unified
Communications application (very unlikely), has
been deleted (more likely), or the server does not
have a Cisco Unified Communications
application, such as Cisco Unified
Communications Manager or Cisco Unified
Presence, installed (most likely). Installation of
the locale will terminate because locales will not
work without the correct records in the database.
6-10
Table 6-1 Locale Installer Messages and Descriptions (continued)
Message Description
[LOCALE] Could not create These errors could occur when the system fails to
/usr/local/cm/application_locale/cmservices/ipm create a checksum file, which an absent Java
a/com/cisco/ipma/client/locales/maDialogs_<ll> executable,
_<CC>.properties.Checksum. /usr/local/thirdparty/java/j2sdk/jre/bin/java, an
absent or damaged Java archive file,
[LOCALE] Could not create
/usr/local/cm/jar/cmutil.jar, or an absent or
/usr/local/cm/application_locale/cmservices/ipm
damaged Java class, com.cisco.ccm.util.Zipper,
a/com/cisco/ipma/client/locales/maMessages_<ll
causes. Even if these errors occur, the locale will
>_<CC>.properties.Checksum.
continue to work correctly, with the exception of
[LOCALE] Could not create Cisco Unified Communications Manager
/usr/local/cm/application_locale/cmservices/ipm Assistant, which cannot detect a change in
a/com/cisco/ipma/client/locales/maGlobalUI_<ll localized Cisco Unified Communications
>_<CC>.properties.Checksum. Manager Assistant files.
[LOCALE] Could not create
/usr/local/cm/application_locale/cmservices/ipm
a/LocaleMasterVersion.txt.Checksum.
[LOCALE] Could not find This error occurs when the system does not find
/usr/local/cm/application_locale/cmservices/ipm the file in the correct location, which is most
a/LocaleMasterVersion.txt in order to update likely due to an error in the build process.
Unified CM Assistant locale information.
[LOCALE] Addition of This error occurs because the collective result of
<locale-installer-file-name> to the database has any failure that occurs when a locale is being
failed! installed causes it; it indicates a terminal
condition.
[LOCALE] Could not locate The system will not migrate this locale during an
<locale-installer-file-name> upgrade.
The downloaded locale installer file no longer
resides in the download location. The platform
may have moved or deleted it. This is noncritical
error indicates that after the Cisco Unified
Communications application has been upgraded,
you need to either reapply the locale installer or
download and apply a new locale installer.
[LOCALE] Could not copy You cannot copy the downloaded locale installer
<locale-installer-file-name> to migratory path. file to the migration path. This is noncritical error
This locale will not be migrated during an indicates that after the Cisco Unified
upgrade! Communications application has been upgraded,
you need to either reapply the locale installer or
download and apply a new locale installer.
[LOCALE] DRS registration failed The locale installer could not register with the
Disaster Recovery System. A backup or restore
record will not include the locale installer. Record
the installation log and contact Cisco TAC.
[LOCALE] DRS unregistration failed The locale installer could not deregister from the
Disaster Recovery System. A backup or restore
record will not include the locale installer. Record
the installation log and contact Cisco TAC.
6-11
Table 6-1 Locale Installer Messages and Descriptions (continued)
Message Description
[LOCALE] Backup failed! The Disaster Recovery System could not create a
tarball from the downloaded locale installer files.
Re-apply the local installer before attempting to
back up.
Note Manually reinstalling locales after a

system restore achieves the same goal.
[LOCALE] No COP files found in restored Corruption of backup files may prevent successful
tarball! extraction of locale installer files.
Note Manual reapplication of the locale
installer will restore the locale fully.
[LOCALE] Failed to successfully reinstall COP Corruption of backup files may damage locale
files! installer files.
[LOCALE] Failed to build script to reinstall COP The platform could not dynamically create the
files! script used to reinstall locales.
Record the installation log and contact
TAC.
6-12
CH A P T E R 7
Using Cisco Unified Operating System Utilities
March 22, 2010
The Cisco Unified Operating System application provides the following utilities:
• Ping—Checks connectivity with other network devices.
• Remote Support—Sets up an account that Cisco support personnel can use to access the system.
This account automatically expires after the number of days that you specify.
• Using the Ping Utility, page 1

• Using the Remote Support Utility, page 2
Using the Ping Utility

You can ping another server in the network and view the resulting statistics.
Procedure

Step 2 Select Services > Ping.
Step 3 Enter the IP address or network name for the system that you want to ping.
Step 4 Enter the ping interval in seconds.
Step 5 Enter the packet size.
Step 6 Enter the ping count, that is, the number of times that you want to ping the system.
Step 7 Select whether you want to validate IPSec. If you do, check Validate IPSec.
Step 8 Click Ping.
When you specify multiple pings, the ping command does not display the ping date and time in real time.
Be aware that the Ping command displays the data after the number of pings that you specified
completes.
7-1
Chapter 7 Using Cisco Unified Operating System Utilities
Using the Remote Support Utility

In the Remote Account Support window, you can set up a remote account, for a specified period of time,
that Cisco support personnel can use to access your system.
The remote support process works like this:
1. You set up a remote support account. This account includes a configurable time limit on how long
Cisco personnel can access it.
2. When you set up the remote support account, a pass phrase is generated.
3. You call Cisco support personnel and provides the remote support account name and pass phrase.
4. Cisco support personnel enter the pass phrase into a decoder program that generates a password.
5. Cisco support personnel log into the remote support account on your system by using the decoded
password.
When the account time limit expires, Cisco support personnel can no longer access your remote support
account.
• Configuring Remote Support, page 2
Configuring Remote Support

Procedure

Step 2 Select Services > Remote Support.
Step 3 If no remote support account is configured, click Add.
Step 4 Complete the fields in the Remote Access Configuration Status window, as described in the table below.
Table 7-1 Remote Access Configuration Fields and Descriptions
Field Description
Account name Enter an account name for the remote account. Ensure the account name
comprises at least six characters in all lowercase, alphabetic characters
Expiration Enter the account life duration in days.
Step 5 Click Save.

Step 6 Review these system-generated parameters:
Field Description
Passphrase Displays the generated pass phrase.
Decode version Indicates the version of the decoder in use.
Step 7 Contact your Cisco personnel to access the remote support system using the generated pass phrase.
7-2 OL-14093-01
OL-14093-01 7-3
7-4 OL-14093-01
A P P E N D I X A
Viewing the Status of Components in the
Cisco Unified Operating System
March 22, 2010
• Viewing Cluster Nodes Status, page 1

• Viewing Hardware Status, page 2
• Viewing Network Status, page 2
• Viewing Installed Software, page 3
• Viewing System Status, page 4
• Viewing IP Preferences, page 4
Viewing Cluster Nodes Status

Procedure

Step 2 Select Show > Cluster.
Step 3 Review the fields in the Cluster window.
Table A-1 Cluster Nodes Field Descriptions
Field Description
Hostname The complete hostname of the server.
IP Address The IP address of the server.
Alias The alias name of the server, when defined.
Type of Node Indicates whether the server is a publisher node or a subscriber
node.
A-1
Appendix A Viewing the Status of Components in the Cisco Unified Operating System
Viewing Hardware Status
Viewing Hardware Status

Procedure

Step 2 Select Show > Hardware.
Step 3 Review the fields in the Hardware Status window, as described in the table below.
Table A-2 Hardware Status Field Descriptions
Field Description
Platform Type The model identity of the platform server.
Serial Number The serial number of the platform server.
Processor Speed Processor speed (measured in MHz) in the platform server.
CPU Type The type of processor in the platform server.
Memory The total amount of memory in MBytes.
Object ID Used by SNMP to identify an object.
OS Version The version of the platform operating system.
RAID Details Status of the RAID controller and logical drive if the machine is RAID
enabled.
Viewing Network Status

Before You Begin
The network status information that displays depends on whether Network Fault Tolerance is enabled.
When Network Fault Tolerance is enabled, Ethernet port 1 automatically takes over network
communications if Ethernet port 0 fails. If Network Fault Tolerance is enabled, network status
information displays for the network ports Ethernet 0, Ethernet 1, and Bond 0. If Network Fault
Tolerance is not enabled, status information displays only for Ethernet 0.
Procedure

Step 2 Select Show > Network.
Step 3 Review the fields in the Network Configuration window, as described in the table below.
A-2
Viewing Installed Software
Table A-3 Network Settings Field Descriptions
Field Description
DHCP Indicates whether DHCP is enabled for Ethernet
port 0.
Status Indicates whether the port is Up or Down for
Ethernet ports 0 and 1.
IP Address The IP address of Ethernet port 0 (and Ethernet
port 1 if Network Fault Tolerance (NFT) is
enabled).
IP Mask The IP mask of Ethernet port 0 (and Ethernet port
1 if NFT is enabled).
Link Detected Indicates whether an active link exists.
Queue Length The length of the queue.
MTU The maximum transmission unit.
MAC Address The hardware address of the port.
Receive Statistics Information about received bytes and packets.
Transmit Statistics Information about transmitted bytes and packets.
Primary DNS The IP address of the primary domain name
server.
Secondary DNS The IP address of the secondary domain name
server.
Domain The domain of the server.
Gateway The IP address of the network gateway on
Ethernet port 0.
Viewing Installed Software

You can view the software versions and installed software options.
Procedure

Step 2 Select Show > Software.
Step 3 Review the fields in the Software Packages windows described in the table below.
A-3
Viewing System Status
Table A-4 Software Packages Field Descriptions
Field Description
Partition Versions The software version that is running on the active
and inactive partitions.
Active Version Installed Software Options The versions of installed software options,
including locales and dial plans, that are installed
on the active version.
Inactive Version Installed Software Options The versions of installed software options,
including locales and dial plans, that are installed
on the inactive version.
Viewing System Status

Procedure

Step 2 Select Show > System.
Step 3 Review the fields in the System Status window, as described in the table below.
Table A-5 Platform Status Field Descriptions
Field Description
Host Name The name of the Cisco MCS host where Cisco Unified Operating System
is installed.
Date/Time The date and time based on the continent and region that were specified
during operating system installation.
Time Zone The time zone that was chosen during installation.
Locale The language that was chosen during operating system installation.
Product Version The operating system version.
Platform Version The platform version.
Viewing IP Preferences
Procedure
A-4
Step 2 Select Show >IP Preferences.

Step 3 To filter or search records, perform one of the following actions:
• From the first list box, select a search parameter.
• From the second list box, select a search pattern.
• Specify the appropriate search text, if applicable.
Step 4 Click Find.
Step 5 Review the fields in the System Status window.
Table A-6 IP Preference Field Descriptions
Field Description
Application The name of the application.
Protocol The type of protocol that this application will use, for example, TCP or
UDP.
Port Number The port number that is configured for this application.
Type The type of transport that this application will use:
• Public
• Private
• Translated
Translated Port The translated port number that is configured for this application.
Status Indicates whether the application is enabled or disabled.
Description The description of the application.
A-5
A-6
INDEX
A H
administrator password 1-2 hardware, status

fields (table) A-2
procedure A-2
C
certificates
I
displaying 5-1
downloading 5-2 install/upgrade, menu 6-1
downloading a signing request 5-7 installed software
expiration monitor fields (table) 5-8 fields (table) A-4
managing 5-1 procedure A-3
monitoring expiration dates 5-8 installing
regenerating 5-3 locales 6-9, 6-10
uploading 5-5 Internet Explorer
Certificate Trust List set security options 4-1
See CTL IPSec
cluster nodes changing policy 4-3
fields (table) A-1 displaying policy 4-3
procedure A-1 management 4-1
configuration policy fields (table) 4-2
operating system A-1 setting up new policy 4-2
CTL
downloading 5-2
L
managing 5-1
uploading 5-5 locales
files 6-9
installation 6-9
E
installer
error messages error messages (table) 6-10
descriptions (table) 6-10 installing 6-10
logging in
overview 1-1
IN-1
Index
procedure 1-1
R
remote support
M setting up 7-2
menu status fields (table) 7-2
install/upgrade 6-1 restart

messages, error current version 3-2
system 3-1
N
S
network status
fields (table) A-3 security
procedure A-2 overview 4-1, 5-1
nodes, cluster set IE options 4-1
fields (table) A-1 services

procedure A-1 overview 7-1
NTP server settings 2-3 ping 7-1

remote support
overview 7-2
O setting up 7-2
operating system settings
administrator password 1-2 Ethernet
configuration A-1 fields (table) 2-2
hardware status NTP servers 2-3
fields (table) A-2 overview 2-1
procedure A-2 publisher 2-2
logging in 1-1 SMTP 2-4
network status fields (table) A-3 time 2-5
restart 3-2 shutdown, operating system 3-1
settings 2-1 SMTP settings 2-4
software upgrades 6-1 software
status A-1 installation 6-6

installed
fields (table) A-4
P procedure A-3
upgrades 6-1
password, recovering 1-2
from local source 6-6
ping 7-1
from remote source 6-7
publisher settings 2-2
overview 6-1
IN-2
Index
procedure 6-6
status
hardware
fields (table) A-2
procedure A-2
network
fields (table) A-3
procedure A-2
operating system A-1
system
fields (table) A-4, A-5
procedure A-4
system
restart 3-1
shutdown 3-1
status
fields (table) A-4, A-5
procedure A-4
time settings 2-5
version, restart 3-2
IN-3
Index
IN-4

Cisco Unified Presence 8.0

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cisco Unified Presence 8.0

Uploaded by

Copyright:

Available Formats

Cisco Unified Operating System

Maintenance Guide for Cisco Unified

© 2010 Cisco Systems, Inc. All rights reserved.

Logging In to Cisco Unified Operating System Administration 1-1

Recovering the Administrator Password 1-2

Creating a Customized Log-on Message 1-3

CHAPTER 2 Changing Settings in Cisco Unified Operating System 2-1

How to Change IP Settings 2-1

Configuring an NTP Server 2-3

Changing SMTP Settings 2-4

Changing Time Settings 2-5

Maintaining Correct Time Zone Data 2-5

Shutting Down the System 3-1

How to Work with Disk Partitions 3-2

CHAPTER 4 Securing the Cisco Unified Operating System 4-1

Preparing Your Browser to Optimize Security 4-1

How to Manage IPSEC Policies 4-1

CHAPTER 5 Managing Security Certificates in Cisco Unified Operating System 5-1

How to Manage Certificates and Certificate Trust Lists 5-1

Deleting a Certificate 5-3

CHAPTER 6 Upgrading Software in Cisco Unified Operating System 6-1

About Software Upgrades 6-1

CHAPTER 7 Using Cisco Unified Operating System Utilities 7-1

Using the Remote Support Utility 7-2

APPENDIX A Viewing Cluster Nodes Status A-1

Viewing Hardware Status A-2

Viewing Network Status A-2

Viewing Installed Software A-3

Viewing System Status A-4

Viewing IP Preferences A-4

March 22, 2010

• Logging In to Cisco Unified Operating System Administration, page 1

Logging In to Cisco Unified Operating System Administration

Recovering the Administrator Password

Before You Begin

Creating a Customized Log-on Message

Step 1 Sign in to Cisco Unified Communications Operating System Administration.

Step 4 Select Upload File.

March 22, 2010

• How to Change IP Settings

How to Change IP Settings

Changing Ethernet Settings

Before You Begin

Step 1 Log in to Cisco Unified Operating System Administration.

Table 2-1 Ethernet Settings Fields and Descriptions

Step 4 Click Save to commit your changes.

Changing the IP Publisher Node Address on Subsequent Nodes

Before You Begin

Step 1 Log in to Cisco Unified Operating System Administration.

Step 2 Select Settings > IP > Publisher.

Troubleshooting IP Publisher Node Address Change on a Subsequent Node

Changing NTP Settings

Changing SMTP Settings

Step 1 Log in to Cisco Unified Operating System Administration.

Changing Time Settings

Before You Begin

Step 1 Log in to Cisco Unified Operating System Administration.

Maintaining Correct Time Zone Data

March 22, 2010

• Shutting Down the System

Shutting Down the System

Step 1 Log in to Cisco Unified Operating System Administration.

How to Work with Disk Partitions