Archive for January 2009

« Older Entries
Newer Entries »

Using the Night Ringer in CME 7.0.0.1

Tuesday, January 20th, 2009 by tburns

I was asked by a customer to set up a group of phones that would ring after-hours; only on select days; and only during select hours. I was charged with ringing all eight phones simultaneously when calls were placed to the main number. The phones were to ring 3 to 4 times, and Call Forward No Answer was to be set to the Auto Attendant. Because standard ephone-hunt groups in CME do not ring in broadcast mode like they do in Cisco’s Call Manager, I used a ‘voice hunt-group’:
This 2821 router is running CME v.7.0.0.1 with Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 12.4(20)T.

!
voice hunt-group 1 parallel
 final 101
 list 210,214,220,221,222,223,224,241
 timeout 20
 pilot 600
!

Read more »

Posted in VoIP | 4 Comments »

hardware conferencing (ad-hoc) in CME 7.0.0.1

Monday, January 19th, 2009 by tburns

I installed this per a customer’s request on a 2821 router
with this IOS version: Cisco IOS Software, 2800 Software (C2800NM-SPSERVICESK9-M), Version 12.4(22)T, RELEASE
SOFTWARE (fc1); and Call Manager Express v.7.0.0.1.
These are the DSPs as displayed by a show tech:
32-channel (G.711) Voice/Fax PVDMII DSP SIMM PVDM daughter card
64-channel (G.711) Voice/Fax PVDMII DSP SIMM PVDM daughter card

These are custom join and leave tones for conference participants. They are referenced later under the dspfarm profile 1 conference config:

!
voice class custom-cptone leavetone
dualtone conference
frequency 400 800
cadence 400 50 200 50 200 50
!
voice class custom-cptone jointone
dualtone conference
frequency 600 900
cadence 300 150 300 100 300 50
!

Be sure you have adequate dsp resources. Here is a cisco dsp calculator. And here is dsp information based on hardware type 

!
voice-card 0
dspfarm
dsp services dspfarm
!

These are the device interfaces. I used loopback interfaces to avoid having to change the ip addresses for the Service Module. The Service Module is touchy. Change its address and risk having to reset/rebuild it

!
interface Loopback0
ip address 1.2.3.4 255.255.255.0
!
interface GigabitEthernet0/0
ip address 10.1.100.1 255.255.255.0
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
ip address 10.1.208.2 255.255.255.0
duplex auto
speed auto
!
interface Integrated-Service-Engine1/0
ip unnumbered Loopback0
service-module ip address 1.2.3.5 255.255.255.0
service-module ip default-gateway 1.2.3.4
no keepalive
!

This is running Cisco Unity Express (CUE) version 3.2.2. A static route is necessary for the CUE to be able to find its way home:

!
ip route 1.2.3.5 255.255.255.255 Integrated-Service-Engine1/0
!

Here’s the skinny… 1) specify the sccp interface and its version, and enable it. 2) Then configure the group, associate it, and configure its profile name. The profile name is arbitrary. 3) Then configure the dspfarm parameters pulling in those join and leave tones you configured earlier.

!
sccp local Loopback0
sccp ccm 1.2.3.4 identifier 1 version 7.0
sccp
!
sccp ccm group 1
associate ccm 1 priority 1
associate profile 1 register 1234567890
!
dspfarm profile 1 conference
codec g711ulaw
maximum sessions 8
conference-join custom-cptone jointone
conference-leave custom-cptone leavetone
associate application SCCP
!

Now configure the telephony-service parameters which are necessary for the local call manager to manage per device/instance

!
telephony-service
sdspfarm units 1
sdspfarm tag 1 1234567890
conference hardware
!

Assign a template that can use the conferencing services. These softkeys were designed for non-conference administrator phones. Conference administrator phones can have assigned many more softkeys to manage
participants, add/drop participants, list participants, etc.

!
ephone-template 1
conference drop-mode creator
conference admin
softkeys remote-in-use Newcall
softkeys hold Newcall Resume Select
softkeys idle Redial Cfwdall Dnd Newcall
softkeys seized Redial Cfwdall Endcall
softkeys alerting Endcall
softkeys connected Hold Park Trnsfer Confrn Endcall
softkeys ringing Answer Dnd
paging-dn 110
!

This system is configured for 8 participants in a conference, so it needs 4 ephone-dns as dual-line. These follow… the other DNs are for additional, simultaneous conferences.

!
ephone-dn 120 dual-line
number 300
conference ad-hoc
no huntstop
!
ephone-dn 121 dual-line
number 300
conference ad-hoc
preference 1
no huntstop
!
ephone-dn 122 dual-line
number 300
conference ad-hoc
preference 2
no huntstop
!
ephone-dn 123 dual-line
number 300
conference ad-hoc
preference 3
!
ephone-dn 124 dual-line
number 301
conference ad-hoc
no huntstop
!

ephone-dn 125 dual-line
number 301
conference ad-hoc
preference 1
no huntstop
!
ephone-dn 126 dual-line
number 301
conference ad-hoc
preference 2
!
ephone-dn 127 dual-line
number 302
conference ad-hoc
no huntstop
!
ephone-dn 128 dual-line
number 302
conference ad-hoc
preference 1
no huntstop
!
ephone-dn 129 dual-line
number 302
conference ad-hoc
preference 2
!

To assign conference admin status to a phone:

!
ephone 25
conference admin
mac-address 0021.A02B.DE68
ephone-template 1
type 7965
no dnd feature-ring
button 1:22
!

That’s about it… There are lot of conference possibilities in CME and the UC500 series appliances… there are administrator assignments that allow for more control over conference participants… as well as Meet-Me conferencing standard 3-way conferencing, additional sofkey assignments… etc.

Posted in VoIP | No Comments »

adding users to a samba server

Sunday, January 18th, 2009 by tburns

This is an adduser script for a linux machine. I wrote it when I had to migrate a substantial number of users from several windows file servers to a newly-built linux server running samba. This new server, located at corporate headquarters, became the primary company file server, which meant it served files up to a large number of local – as well as remote – users. Many of these users did not need a home directory because their home directories lived elsewhere. But, because they had the need for access to files based on group membership, they needed accounts on the machine along with user-based access to group-managed files. This script made the job of moving them all – and assigning them group membership rights – a lot easier.

#!/bin/sh

   ##############################################
   #                                            #
   #    Adduser script for Linux Servers        #
   #                                            #
   #  Allows for variables to be added for      #
   #  customization: groups, home directories,  #
   #  comments, and more...                     #
   #                                            #
   #                                            #
   #     last modified: 01/18/09 by tburns      #
                      SCRIPT_VERSION="1.2"      #
   #                                            #
   #                                            #
   ##############################################

USERADD=/usr/sbin/useradd

USER_HOME_DEFAULT="0"   # if the home directory is /home enter a 1.
                        # Otherwise, enter "0" and a location below

if [ $USER_HOME_DEFAULT = "0" ]; then
     USER_HOME="/sambaFiles/clientFiles/users"
   else
     USER_HOME="/home"
fi

#Enter user data as prompted:
#First, prompt for userid
echo -e "Enter the userid: \c"
read USER_ID
echo ""

#Second, prompt for user's full name
echo -e "Enter the user's full name to be created: \c"
read USER_FULL_NAME
echo ""

#Third, prompt for primary group
echo -e "Enter the user's primary group name: \c"
read PRIMARY_GROUP
echo ""

#Fourth, find out if they need a home directory or not:
echo -e "Should this user have a home directory on this machine? y/n \c"
read CREATE_HOME_DIR
echo ""

#The following routine is for the fat-fingered:

if [ $CREATE_HOME_DIR = "Y" ] || [ $CREATE_HOME_DIR = "y" ]; then
   echo " Ok... The Home directory will be created here: $USER_HOME "
 elif [ $CREATE_HOME_DIR = "N" ] || [ $CREATE_HOME_DIR = "n" ]; then
   echo " This user will not have a Home directory locally "
 else
   echo "You entered $CREATE_HOME_DIR when prompted for a Y/y or an N/n. Try it again"
   echo ""
   echo -e "Should this user have a home directory on this machine? y/n \c"
     read CREATE_HOME_DIR

#But, if the fat-fingered can't get it right... we offer a bailout option:

    if [ $CREATE_HOME_DIR != "Y" ] || [ $CREATE_HOME_DIR != "y" ] ||[ $CREATE_HOME_DIR != "N" ] || [ $CREATE_HOME_DIR$
       echo ""
       echo "That's enough... check your facts! Here's what you entered:  "
       echo " USERADD = $USERADD "
       echo " USER_ID = $USER_ID "
       echo " USER_FULL_NAME = $USER_FULL_NAME "
       echo " PRIMARY_GROUP = $PRIMARY_GROUP "
       echo " CREATE_HOME_DIR = $CREATE_HOME_DIR "
       echo " Now, go back and try again "
    fi
exit 1
fi
echo ""

# Now, make all that stuff work together
echo "Here's what you've got so far: "
       echo " USERADD = $USERADD "
       echo " USER_ID = $USER_ID "
       echo " USER_FULL_NAME = $USER_FULL_NAME "
       echo " PRIMARY_GROUP = $PRIMARY_GROUP "
       echo " CREATE_HOME_DIR = $CREATE_HOME_DIR "
       echo " USER_HOME = $USER_HOME "

#Assuming we are still moving along... and that we may
#actually get to the end of this thing:
echo -e "Do you want to continue? y/n \c"
read CONTINUE
if [ $CONTINUE = "Y" ] || [ $CONTINUE = "y" ]; then
   if [ $CREATE_HOME_DIR = "Y" ] || [ $CREATE_HOME_DIR = "y" ]; then
        if [ $USER_HOME_DEFAULT = "0" ]; then
           echo " mkdir $USER_HOME/$USER_ID "
#          mkdir $USER_HOME/$USER_ID
           USER_HOME_DIR="$USER_HOME/$USER_ID"
           echo " $USERADD -G $PRIMARY_GROUP -c \"$USER_FULL_NAME\" -d $USER_HOME_DIR $USER_ID"
           `$USERADD -G $PRIMARY_GROUP -c "$USER_FULL_NAME" -d $USER_HOME_DIR $USER_ID`
           echo " chown $USER_ID $USER_HOME_DIR"
           chown $USER_ID:$USER_ID $USER_HOME_DIR
        else
           echo " $USERADD -G $PRIMARY_GROUP -c \"$USER_FULL_NAME\" $USER_ID"
           `$USERADD -G $PRIMARY_GROUP -c "$USER_FULL_NAME" $USER_ID`
        fi
   else
      echo " $USERADD -M -G $PRIMARY_GROUP -c \"$USER_FULL_NAME\" $USER_ID"
      `$USERADD -M -G $PRIMARY_GROUP -c "$USER_FULL_NAME" $USER_ID`
   fi
  else
    echo "Ok... we'll stop here..."
    echo ""
exit 1
fi

exit 0

Posted in Scripting | No Comments »

SSH for remote device management

Sunday, January 18th, 2009 by tburns

This allows login to a remote machine without having to exchange a password with the SSH connection prompt. I have used this frequently to allow scripts to execute commands on remote machines. I have used it to schedule device management scripts that run nightly, or on some ad-hoc basis, that require prompt-free interaction with remote devices.

1. Generate a key for both the local and remote users. On both machines, run the following:

[tburns@localserver ~]$ssh-keygen -t rsa

This will generate the following output. Follow the prompts to completion:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/tburns/.ssh/id_rsa):
Created directory '/home/tburns/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/tburns/.ssh/id_rsa.
Your public key has been saved in /home/tburns/.ssh/id_rsa.pub.
The key fingerprint is:
6f:6b:37:26:fa:f5:bc:07:b1:7b:dc:c4:98:25:f0:a9 tburns@localserver

In the above example, no passphrase was entered. Entering a passphrase, obviously, allows for an extended level of security. However, this precludes the ability to run scripts as hands-free cron jobs.

2. Looking first at the local machine, this process, then, creates the following directory/file structure:

[tburns@localserver ~]$ ls .ssh
id_rsa  id_rsa.pub

View the contents of id_rsa.pub and you will output similar to this:

[tburns@localserver ~]$ cat .ssh/id_rsa.pub

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwxMrgp5/Yd0XbxJhD7
cgbweOp6A6IW90xVRtUoKSFPljMB42MOyyt0jpOcoTXDBi78T7eSVk
aOTLd/MdeZNTFUbc6Hnlhln7X8/YVQQmtXLDwdcSN/A/KHN5SOcrXf
NYpJ1OVxf0saJo+EWmEd8C12CjXEYBpEXH2thfq33Qr7uYKsufxqCe
ss5znFc6pkPkNymgz02AIgUrNo0lHPdWTWLf8fTPhe07A/niQkhavS
8b1avCr0spJ41x8H1SxHs9qphVdhwjoMKjaxs/PU3pmGBTwufAF9kJ
5R2/F71my/hmmpGOKE9/xXijcgeFye39ZstVCHxwD2Je0A9OJ4Bpw==
tburns@localserver

Copy this file to a file called authorized_keys, and put it up in the remote machine’s username/.ssh directory:

[tburns@localserver ~]$ cp .ssh/id_rsa.pub .ssh/authorized_keys

Now, copy the authorized_keys file to the remote machine. (You did remember to run the ssh-keygen process on the remote machine, right?):

[tburns@localserver ~]$ scp .ssh/authorized_keys tburns@remoteserver:/home/tburns/.ssh

3. Ensure that file permissions are set correctly. On the remote machine, set the file permissions to be 0600 to allow openssh to be able to read the file

[tburns@remoteserver ~]$chmod 0600 .ssh/authorized_keys

Now, test it from the local machine. Because the authorized_keys file is only on the remote machine, you can only login without a password in the one direction. If you want to go from remote machine to local machine, you’ll have to follow these same procedures on the remote side.

[tburns@localserver ~]$ssh tburns@remoteserver

or use old-school switches

[tburns@localserver ~]$ssh -l tburns remoteserver

or use the remote server’s ip address

[tburns@localserver ~]$ssh -l tburns 123.234.123.234

Posted in Linux | 1 Comment »

Some cron jobs of value

Saturday, January 17th, 2009 by tburns

#This runs at 12:05am.  It deletes all the mail in sendmail’s queue that is older than 7 days
05 00 * * * (/usr/bin/find /var/spool/mqueue -type f -mtime +7 -print | xargs rm -rf) >/dev/null 2>&1

#This deletes subdirectories (created by mimedefang) that are older than 7 days
01 00 * * * (/usr/bin/find /var/spool/MIMEDefang -type d -mtime +7 -maxdepth 1 -print | xargs rm -rf) >/dev/null 2>&1

#This syncs the clock with time.nist.gov everyday at 2:00am
00 2 * * * /usr/sbin/ntpdate -s -b -p 8 192.43.244.18

#Rotates the system logs based on what is in the config file
00 00 * * * /usr/sbin/logrotate /etc/logrotate.conf

Posted in Linux | No Comments »

« Older Entries
Newer Entries »