Friday, July 07, 2017

Unity Connection Cobras Export Import Schedule Detail Missing

I recently used the Cobras Export and Import tools found at http://ciscounitytools.com to perform a physical to virtual migration and upgrade from Unity Connection 8.6 to 11.5.

One issue I found was that schedules with multiple details weren't imported completely.  I don't know if this is an issue with the export or the import process or possibly with the Connection versions but after checking the target 11.5 cluster I found only the first detail in the schedules with multiple details was restored.

It may also be worth noting that all the detail in each of the affected schedules were named the same, for example "Detail for All Hours - All Days" used multiple times to describe individual detail for each day.  I don't remember seeing anyone use this technique elsewhere so it may also have been a contributing factor.

Lesson learned: check your schedules after your import is complete.


The Cobras Export for Connection version was 8.0.76 and Import for Connection was 8.0.92.

Friday, June 30, 2017

Failed to mount Cisco Prime Collaboration Deployments export as NFS store to the ESXi host.

Running Cisco PCD 11.5.3 to migrate / upgrade CUCM and IM&P from version 8 to 11, and from physical to new virtual C240 chassis.  After installing PCD on one of the chassis and adding the CUCM cluster to inventory, I had trouble adding the new C240 ESXi hosts to inventory.

After entering the correct ESXi interface address and double checking the root password, I was consistently returned an error that says:

"Failed to mount Cisco Prime Collaboration Deployments export as NFS store to the ESXi Host.  Please look at the exception details in PCD logs and check the ESXi logs for further details of the exceptions reported on PCD."


There were no obvious events in VMware corresponding to trying to add the hosts to inventory in PCD.  The PCD logs did have entries showing Java exceptions but there was no verbose comments to indicate what raised the errors, nor could I find any Cisco documentation regarding deciphering the logs.

There are lots of discussions on the Internet and Cisco's support forums regarding the common causes of this problem.

  1. Your VMware license type may be unsupported.  If you have the Cisco UC Virtualization Hypervisor (appears as "Hypervisor Edition" in vSphere Client) license installed, you can remove it temporarily and use the Evaluation Mode license.  I had no license installed yet and was in Evaluation Mode.
  2. Network issues like firewalls between PCD and the host or poor DNS implementations may cause this.  In my case, PCD was running on the same host I was trying to import with no firewall or ACLs between the PCD and ESXi networks.  DNS resolution worked forward and reverse everywhere.
  3. Vmware being in lockdown mode may cause this.  This was easy to confirm from the VMware and ESXi configurations and I went so far as tring to set "utils os secure permissive" in the event something was overly restrictive in PCD's OS.

Ultimately my problem was an issue with an OVERLY COMPLEX PASSWORD on the ESXi root user account.

I didn't want to change the root user password as it was terribly complex and few knew it.  Adding a new user with a password comprised of just alpha characters allowed me to complete the ESXi import almost instantly though.

One challenge is ESXi 6 now enforces complex passwords by default, so this is easier said than done.

To support less complex password in ESXi 6 you can modify the security setting string under "Advanced Settings | Security".  The default ESXi 6 string is "retry=3 min=disabled,disabled,disabled,7,7"  From VMware's site "With this setting, passwords with one or two character classes and pass phases are not allowed, because the first three items are disabled. Passwords from three- and four-character classes require seven characters."

First I modified that string on the two chassis that would be running the enterprise. The much less restrictive string found in ESXi 5 is "retry=3 min=8,8,8,7,6".


Then I added a new user through my vSphere client that I would use for PCD purposes.  I planned to then delete it when the project was complete.  Here I added the "pcd" user, and because I already modified the ESXi security string I could use a simple password like "MyPassword".


Then I added the Administrator role to the pcd user so that PCD could actually manage the host.  This provides more privileges than is actually required but I did not want to troubleshoot permissions during the project and would be removing this account later regardless.


Adding the ESXi hosts to PCD inventory then worked instantly using the new "pcd" user and password.

In hindsight the PCD logs did reference:

2017-06-29 15:24:32,863 ERROR [pool-3-thread-14] db.DBEntity.hexStringToByteArray - Exception parsing int
java.lang.NumberFormatException: For input string: "y2"

I imagine if PCD is looking at the ESXi inventory password as a string of hex characters then using extended characters might break the process.  This is just conjecture though.

Monday, May 22, 2017

Cisco Quality Manager 11.5.1 SR6 with Microsoft SQL Server Express 2014

After smashing around in SQL for too long to get the basic QM communication to work (shown below), I found that Andrzej Gołębiowski  documented the same requirements at http://blog.citrix24.com/configure-sql-express-to-accept-remote-connections/ back in 2014.  He has some additional detail regarding SQL versions, service usage and best practices there. I encourage you to check it out.  My info is limited to the basics required to get QM running on a rainy Tuesday morning.

I was recently tasked with spinning up a Cisco WFO QM / Quality Manager instance for a demo to be run out of our own office.  Given it was only a demo I used a small stand alone OVA for QM (version 11.5(1) currently available here),  a trial version of Windows Server 2012 R2 ( https://www.microsoft.com/en-US/evalcenter/evaluate-windows-server-2012) and a  version of MS SQL Express 2014 (https://www.microsoft.com/en-US/download/details.aspx?id=42299).

When downloading MS SQL Express, choose the ExpressAndTools 64BIT\SQLEXPRWT_x64_ENU.exe version.  You may have to scroll down a bit on MS's page to find it.  Having the extra administration tools available up front is worth the extra few minutes it takes to download the media.

If you are not typically administering MS SQL servers, you will need to perform some SQL setup that is not documented in the Cisco QM install information.

You will need to enable TCP connections to SQL server.

  • Run Microsoft SQL Server Management Studio.
  • Right Click on your SQL server and choose Properties.
  • Verify Allow remote connections to this server is checked.




  • Run SQL Server Configuration Manager.
  • Expand SQL SErver Network Configuration and select Protocols for SQLEXPRESS
  • Right Click TCP/IP and choose Enable.

You will need to set SQL Server to listen on a static port.

  • Still in SQL Server Configuration Manager...
  • Expand SQL Server Network Configuration and select Protocols for SQLEXPRESS
  • Right Click TCP/IP and choose Properties.
  • Choose the IP Addresses tab.
  • Scroll down to the IPAll section.
  • Remove the value in TCP Dynamic Ports.
  • Enter 1433 as the TCP Port


  • Still in SQL Server Configuration Manager...
  • Choose SQL Server Services.
  • Right Click SQL Server (SQLEXPRESS) and choose Restart
  • After the server is restarted, make note of the Process ID.
  • From the windows CLI, run netstat -ano | find /i "<your process ID>" 
The listening port should now be 1433.
 You will need to turn on the SQL Server Browser Services

  • Still in SQL Server Configuration Manager
  • Choose SQL Server Services.
  • Right Click SQL Server Browser and choose Properties.
  • On the Service tab,  change the Start Mode to Automatic.
  • On the Log On tab, choose the Start Button.




Assuming you've previously followed the Cisco QM Installation guides, you should now be able to have QM make successful connections to SQL server.

Sunday, May 07, 2017

MS Windows 10 desk top icons detail and list view


Edit: As of May 19, 2017 this feature seems to have been broken by some Windows updates. Crl Shift 1 - 4 resize the icons but I can no longer get them to appear in "ListView".

For years I've had a small program running at startup on my Windows 7 based PC.  It would convert the icons and text on my Win7 desktop to what look likes the list view in Windows Explorer, allowing me access to dozens of frequently used shortcuts, files and folders there without consuming much real estate or requiring flipping between my applications and my desktop view.

My internal IT team was kind enough to upgrade my laptop recently and I was happy to find Windows 10 now has this feature built in.

To emulate my old experience, while your desktop has the focus, press Ctrl Shift 5.


If you'd like additional detail, Ctrl Shift 6 changes the view what appears to be the Explorer Details view.

It seems Ctrl Shift 0 through 9 may provide easy switching between various views.

Cool.  Thanks Windows 10.

Friday, May 05, 2017

2N Helios IP Force and CUCM IP Phone Services

Client acquired several 2N Helios IP Force door phones with integrated cameras with the intention of using them to open door locks nearby.  In addition to the normal DTMF triggering method, they wanted to have the ability to unlock them without calls to the door in progress.  The plan was to use the Helios automation features to respond to CUCM device Service URL button pushes.

The Helios units require the "Enhanced Integration" or "gold" license to use the automation features.
Navigate to System | License and check the License Status area to confirm you have it available.


In my environment we will be using the first relay on the Helios device to trigger an electronic door lock.  We need to flip the Helios relay for 5 seconds, which will unlock the door, and then flip it back to allow the lock to re-engage.

Navigate to Hardware | Switches and the Switch 1 tab.
Confirm "Switch Enabled" is checked.
Confirm Switch Mode is Monostable.  This means it will flip on and stay on for X amount of seconds, then flip off. 
Set Switch-On Duration to however many seconds you need the switch on.
Assuming you have already wired the door lock to activate via this switch, you can press the Test the Switch button here and verify it works.


Navigate to Services | Automation
Pick a function tab and confirm "Function Enabled" is checked
On row ID 1, change OBJECT TYPE to Event.HttpTrigger.  On the same row in the PARAMETERS field enter "Name=opendoor" 

 This now defines a trigger for a function that the Helios IP Force will perform when it handles an HTTP request.  The word "opendoor" on the HTTP URL is what triggers this particular function.

Now make your function actually do something.  Our something is pretty simple.

On row ID 2, change the OBJECT TYPE to Action.ActivateSwitch.  On the same row in the PARAMETERS field enter Switch=1;Event=1.

The Event=1 parameter means do something when the event on row 1 happens (our opendoor HTTP trigger above).
The Switch=1 parameter means do something to the switch number 1 on your Helios unit (different units may or may not have the same number of switches).
The Action. ActivateSwitch is similar to pressing the Test the Switch button above.  Depending on how your switch is configured (i.e. Monostable) defines what ActivateSwitch actually does. 

Again, because the HttpTrigger (opendoor) happens on row one (ActivateSwitch and Event=1), switch number one is turned on (ActivateSwitch and Switch=1) for five seconds (Switch-On Duration) and then turned back off (Switch Mode is Monostable).

In a browser enter http://<IP address of Helios endpoint>/enu/trigger/opendoor

Navigate to Status | Events to see the Helios responding and check your work.  You should see switch=1 changing to true and then five seconds later to false.


If this works, you can now have CUCM users (receptionists, safety staff, etc.) perform this function from a button on a phone.

In CUCM navigate to Device | Device Settings | Phone Services
Add a new service using the Service Category "Web Link" and the Service Type "Standard IP Phone Service"


In CUCM navigate to Device | Phone and find the phone that will press a button to open the door.
Choose Subscribe / Unsubscribe Services from Related Links.  Choose the Service you created above.



On the same device, add a Service URL button and configure with the subscribed service.



Pressing that button should now trigger the HTTP Event and function that turns on the Helios switch 1, opening the attached door.