Friday, December 13, 2013

Cisco CUCM modify or create custom ringtone

You can find specifics regarding the required CUCM ringtone file type in your phones administration guide.  One example is here:

Download a ringtone to a SFTP server.  I am using FreeFTPd from on a Win7 laptop.

Just a note about FreeFTPd... I would suggest NOT installing it as a service if you only run it occasionally as administration is much easier, and if on Win7, when starting the application, right click and run as administrator to allow changes being committed to the FreeFTPd config (i.e. users, home directories, etc.).

Here's an example of how to download a ringtone (in this case, Vibe) via the CUCM CLI:

login as: platformadministrator
platformadministrator@'s password:
Command Line Interface is starting up, please wait ...

   Welcome to the Platform Command Line Interface

VMware Installation:
        2 vCPU: Intel(R) Xeon(R) CPU           E5506  @ 2.13GHz
        Disk 1: 80GB
        4096 Mbytes RAM

admin:file get tftp Vibe.raw
Please wait while the system is gathering files info ...done.
Sub-directories were not traversed.
Number of files affected: 1
Total size in Bytes: 16080
Total size in Kbytes: 15.703125
Would you like to proceed [y/n]? y
SFTP server IP:
SFTP server port [22]:
User ID: sftp
Password: ********

Download directory: /
Transfer completed.

Since the ring files are in a headerless / RAW format, you'll need an application to open, play and manipulate them, accordingly.  I use Audacity from

Audacity will not know the format of the file, so rather than simply using File | Open, use File | Import | Raw Data.

There you will need to change the Encoding to U-Law and the sample rate to 8000.

At that point, you should have the file open, and be able to play or modify it to your liking.

When you are happy with the modifications, rather than simply saving, you will need to use the File | Export menu option.

When prompted with the Export File dialog box, enter a file name and location for your modified ringtone. The Save as type should be Other Uncompressed files.  Then click the Options button.

When prompted with the Specify Uncompressed Options dialog, set the header to RAW and the Encoding to U-Law. Click OK and Save.

You now have a new ringtone that can be uploaded to your CUCM server(s).

Wednesday, December 04, 2013

Cisco CUCM SIP CUBE calls fail early media

This fix is documented in various places on Cisco's site, but a common point of confusion.

See Update below for symptoms found after first resolution

I've run into two different scenarios where a users on a CUCM deployment with CUBE routers as the demarcation point to the PSTN via SIP trunks has had problems dialing numbers terminating on IVR or automated attendants.  One, frighteningly, was calls to 911, the emergency number in the US.  The callers would either experience continuous ringing, or no audio although the call did not appear to be dropped.

You don't want emergency calls going to dead air.

CUCM -> SIP trunk -> CUBE -> SIP trunk -> PSTN

The short story is that "early media" cut-through needed to be enabled.

This is enabled by default on the CUBE routers but could be potentially disabled or modified on the router using the "disable-early-media" command.  After reviewing the configuration, I found no variations of the command applied to the CUBE configuration.

The answer then is to send a PRACK via the CUCM configuration.  This is disabled by default in CUCM.

In CUCM, navigate to Device | Device Settings | SIP Profile.
Find the profile associated with the SIP trunk between CUCM and CUBE.
Modify the SIP Rel1XX Options. I've found Send PRACK for all 1XX messages to be universally successful.



From CUCM help:

This field configures SIP Rel1XX, which determines whether all SIP provisional responses (other than 100 Trying messages) get sent reliably to the remote SIP endpoint. Valid values follow:

Disabled (default) — Disables SIP Rel1XX.
Send PRACK if 1XX contains SDP — Acknowledges a 1XX message with PRACK, only if the 1XX message contains SDP.
Send PRACK for all 1XX messages — Acknowledges all1XX messages with PRACK.


Found with this configuration above, users had issues with transferring incoming PSTN calls to external PSTN calls.  Incoming PSTN call could not be transferred or conference with another off premise call until until the callee answered.

I found disabling the SIP Rel1XX options and simply checking Early Offer support for voice and video calls (insert MTP if needed) allowed both successful calls to the network based IVRs and transfer / conferencing in a timely basis.


Friday, November 29, 2013

Cisco UCS C220 C-series serial numbers

Note: this post originally did not include the correct cURL commands.  Blogger does not allow < or > characters in posts without HTML encoding, so my hasty copy and paste of  the raw script excluded many details.  Sorry for the confusion. 

After a Cisco UCS C220 server was rebuilt piece by piece by TAC and then ultimately declared DOA, I was requested by our Smartnet manager to retrieve all the serial numbers for all the minor components. Because it was a stand alone rack mount server, I did not have UCSM available to pull the information.  I was also disappointed to find CIMC did not provide the serial numbers for all the components.

Outside of disassembling the server, it seems then that the UCS XML API interface was my answer.

By the time I managed to find all the class IDs of all the components and get a script working, we found the serial numbers on packing labels, a much simpler solution.  For those interested in some real UCS XML API examples, below is a snippet of a script I was putting together.

I was using Strawberry Perl from on MS Win7 for scripting and curl from for the communication with the UCS XML interface.

#! perl

use 5.010;
use strict;
use warnings;

my $cookie;

# print info re: script
sub print_header {
print "####################\n";
print "#\n";
print "# Get serial numbers from the UCS server\n";
print "# and it's components\n";
print "#\n";
print "# Ray Maslanka 11/29/2013\n";
print "#\n";
print "####################\n";

# log into UCS server, get and return cookie
sub curl_ucs_login_and_get_cookie {
    my $cookie;
print "Logging into UCS via web...\n";
# use curl to return login info and redirect stderr to stdout via 2>&1
my $curl = `curl -d "<aaaLogin inName='$ucsuser' inPassword='$ucspassword'></aaaLogin>" https://$ucsip/nuova -k 2>&1`;
print "Finding UCS cookie...\n";
if ($curl =~ /(outCookie=")(.{47})/){ # look for stuff starting with outCookie=" and then any 47 characters
print "Found cookie: $2\n"; # throw confirmation on screen
$cookie = $2; # put the regex in a variable to return
} else {
print "Can't find a cookie\n"; # something's bad, add some error checking
return $cookie;

# get UCS chassis serial number
sub curl_ucs_chassis_serial {
my ($cookie) = @_;
my $serial;
print "Getting chassis sumary from server...\n";
my $curl = `curl -d "<configResolveClass cookie='$cookie' inHierarchical='false' classId='computeRackUnit'/>" https://$ucsip/nuova -k 2>&1`; # use curl to return login info and redirect stderr to stdout via 2>&1
print "Finding chassis serial number...\n";
if ($curl =~ /(serial=")(.+?)(")/){ # look for stuff starting with serial=" 
print "Found chassis serial: $2\n"; # throw confirmation on screen
$serial = $2; # put the regex in a variable to return
} else {
print "Can't find a chassis serial number\n"; # something's bad, add some error checking
return $serial;

# get power supply serial numbers
sub curl_ucs_ps_serial {
my ($cookie) = @_;
print "Getting power supply details from server...\n";
my $curl = `curl -d "<configResolveClass cookie='$cookie' inHierarchical='false' classId='equipmentPsu'/>" https://$ucsip/nuova -k 2>&1`; # use curl to return login info and redirect stderr to stdout via 2>&1
local $/ = undef;
print "Retrieving power supply serial...\n";
while ($curl =~ /(serial=")(.+?)(")/g){
print "Found power supply serial: $2\n";

# get HDD serial numbers
sub curl_ucs_hdd_serial {
my ($cookie) = @_;
print "Getting HDD details from server...\n";
my $curl = `curl -d "<configResolveClass cookie='$cookie' inHierarchical='false' classId='storageLocalDisk'/>" https://$ucsip/nuova -k 2>&1`; # use curl to return login info and redirect stderr to stdout via 2>&1
local $/ = undef;
print $curl;
print "Retrieving HDD serial...\n";
while ($curl =~ /(driveserialnumber=")(.+?)(")/g){
print "Found HDD serial: $2\n";

# log out of UCS server
sub curl_ucs_logout {
my ($cookie) = @_;
print "Logging out of UCS via web...\n";
# use curl to return login info and redirect stderr to stdout via 2>&1
my $curl = `curl -d "<aaaLogout inCookie='$cookie'/>" https://$ucsip/nuova -k 2>&1`;
print "Logged out.\n";

# run the program
$cookie = curl_ucs_login_and_get_cookie ();
curl_ucs_chassis_serial ($cookie);
curl_ucs_ps_serial ($cookie);
curl_ucs_hdd_serial ($cookie);
curl_ucs_logout ($cookie);

I hope this serves as a starting point for someone.  It at least demonstrates basic techniques for logging in, retrieving and using the UCS 'cookie', retrieving component information, finding interesting things via regex in perl, and logging off.

If you happen to finish this so all the serial numbers are retrieved, please link to a location where others may benefit from it.

Thursday, November 21, 2013

Cisco Unity Connection Single Inbox 401 Authentication Errors - Windows Authentication and NTLM

After setting up a new Unity Connection 9 cluster to integrate with Exchange 2010, I ran into an issue with the authentication failures when running the test on individual Unified Messaging Accounts.  Running the test against the Unified Messaging Service passed, but this typically only verifies basic network access, domain name resolution and access to the Exchange EWS interface.  The Single Inbox feature will fail if the users' Unified Messaging Accounts can't authenticate to Exchange.

The "Unified Messaging Guide for Cisco Unity Connection Release 9.x" integration guide is quite good and covers about all the scenarios I've ever run into. Follow the guide, and all of the guide, and you should be in good shape.

Following that during a pretty typical setup (a single Exchange 2010 CAS server and another 2010 mailbox server with no DAG), I had an issue where testing the Unified Messaging Accounts failed with a "Failed accessing Diagnostic=[] Verb =[] url=[] request=[] response[]" message.  It is a 401 error, pointing to basic authentication against Exchange issues.

Basic troubleshooting steps, found in just about every Unity Connection gude are:

Check the authentication method on both sides. Check settings in Internet Information Services (IIS) for both AutoDiscover and EWS.
- This was confirmed to be NTLM and HTTPS, under both EWS and Autodiscovery

Try different UM messaging account name formats (i.e. NAME, DOMAIN\NAME, NAME@DOMAIN).
- Tried every combination of names
Reset the UM messaging account password, and enter the password again on Unity Connection.
- Verified name and password via OWA
The UM account should not have a mailbox.
- Verified no Exchange mailbox with admin.
- Another nice method to confirm this again using OWA to check the username and password above.  You should be returned an error indicating there is no mailbox for the user.

Ultimately the issue was that assumptions were made that since Windows Authentication was enabled in Exchange in the EWS and Autodiscovery areas, that NTLM was enabled. The names are commonly interchangeable, but if you are not savvy in Microsoft technologies you may not realize NTLM is technically just a provider available under Windows Authentication.

The fix: Once you find Windows Authentication is enabled, you need to verify NTLM is added as a provider under Windows Authentication.

After losing hours checking and rechecking settings in Unity Connection, grepping Unity Connection logs for anything telling beyond the 401 error, rechecking Exchange settings and the service profile user roles, and furious Googling, my only consolation is that there appears to be an abundance of confusion by Exchange admins regarding this topic and how to effectively set it up in various scenarios.

FYI, while bashing around in Exchange looking for clues, we found some errors that look rather concerning.  Microsoft indicates those are "expected behavior".


Thursday, October 17, 2013

Win7 - add application to All Programs or Search field

I use PSFTP.EXE as a light SFTP client to help troubleshoot SFTP server access.  You can find it here:

Unfortunately, since there is no real Windows "install" required,  Win7 just considers it a file.  You won't find it via Start | All Programs, and if you move it to your C:\Program Files or C:\Program Files (x86) folder to keep your application directory structure organized, you won't find it by simply typing the executable name either.

The easy way to get around this for me is:

Right click the executable and choose Send To | Desktop (create shortcut)

Then, move the shortcut to the C:\Users\your alias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs folder.

Tuesday, October 15, 2013

Cisco IM&P 9.1.1 adding high availability error

After upgrading a Cisco CUPS server from 8.5 to IM&P (9.1.1SU1), I installed a second node to be used for high availability in the same cluster. Following the "Deployment Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 9.1(1)", after the install I was happy to see the database status report showed good replication and no issues with any network connectivity, rhosts, etc.  All looked good.

Unfortunately I then found via the System Dashboard that the new high availability server was reporting "The node is not installed or is unreachable".

The same was confirmed via the troubleshooter menu option.

Regardless, I attempted to add the high availability option in the cluster topology.  The resulting error was "High Availability action failed - a mismatch detected between server versions".  Odd, as both servers reported after running show version active at the CLI.  It's also actually difficult to install a mismatched server version, even if you wanted to.

Ultimately, running
show os secure status
returned enforcing.

utils os secure permissive
and then rebooting the cluster eliminated all the errors and allowed the high availability feature add.


Monday, September 30, 2013

Upgrades are prohibited during License Grace Period, find and delete licexpiry.txt file - v2

See for original post and background information.

Given you are prompted with the "Upgrades are prohibited during Licensing Grace Period" error message during a Cisco CUCM upgrade attempt, here's an unsupported method to perform a procedure Cisco TAC might use.

It is essentially a way to get access to the CUCM file system, then find and delete the licexpiry.txt file.

Boot your CUCM server off of a CentOS version 5 disk. I am using the i386 disk 1 from CentOS version 5.9.  You can find the CentOS mirrors here:

Type "linux rescue", or, as shown below, after you pressed F5 when prompted for Rescue.

Choose your language, your keyboard and skip the networking, as it's not really necessary.

Press Continue when prompted to find your linux environment.

If you are prompted to pick a partition containing your linux installation, you can pick sda1.

If successful, the CUCM linux system will be mounted under /mnt/sysimage.

At that point, you should be able to change to the CUCM file system, find and delete the licexpiry.txt file.

The commands are:

To change to the CUCM file system location:
chroot /mnt/sysimage 

To find the file called licexpiry.txt:
find / -iname licexpiry.txt

To change to the location of the found file:
cd /usr/local/platform/conf
If the CUCM server being upgraded exists on a different partition, you might see partB in the path returned by the find command.  In that case, add partB, or whatever, to the cd command:
cd /partB/usr/local/platform/conf

to remove the file
rm licexpiry.txt

It should look something like this (here I mistakenly tried to use del instead of rm):

If you run into the partB scenario, it might look like this (here I mistakenly first typed the path without the partB reference):

After both rm commands above, I ran the find command again to verify the licexpiry.txt file is gone.

Type "exit" a couple times and your server should reboot after automatically after exiting the CentOS shell.

Happy unsupported upgrades!

Monday, September 09, 2013

Cisco VG224 CPTONE usage and send custom tones to FXS port

See some official documentation here:

Customer had requirements of a third party fax server, served by analog ports on a VG224, to send custom tones to the devices on the FXS side.  The devices in this case were analog Dialogic board ports of some sort.

My first instinct was to create a new voice class and apply it to the voice ports like so:

voice class custom-cptone MyFax
dualtone busy
frequency 425
cadence 250 250
dualtone reorder
frequency 425
cadence 320 320

voice-port 1/1/0
 supervisory custom-cptone MyFax

This not only won't work, it's not what it's for.

You need to use the "test voice tones" command.  The fact that the command is test seems counter-intuitive, but it works.

First, do a "test voice tones show" to display the default defined values. The C1 values are below:

MyVG224#test voice tone C1 show
Code: C1   Country: Custom1
DTMF freq.(Hz) Row / col:  697,  770,  852,  941 / 1209, 1336, 1477, 1633
Pulse dial: normal, Percent make: 40%, DTMF low Amp. = 65446,  high Amp. = 65467,   Pcm: u-Law
BUSY           2   480   620    -170    -170    -240    -170    -170    -240   500   500     0     0     0     0     0     0
RING_BACK      2   440   480    -160    -160    -190    -160    -160    -190  2000  4000     0     0     0     0     0     0
CONGESTION     2   480   620    -170    -170    -190    -170    -170    -240   250   250     0     0     0     0     0     0
NUM_UNOBTAINAB 2   480   620    -170    -170    -190    -170    -170    -240   250   250     0     0     0     0     0     0
DIALTONE       2   350   440    -165    -165    -185    -165    -165    -185 65535     0     0     0     0     0     0     0
DIAL_TONE2     2   350   440    -165    -165    -185    -165    -165    -185 65535     0     0     0     0     0     0     0
OUT_OF_SERVICE 1   950     0    -150    -150    -185      0      0      0   330   330     0     0     0     0     0     0
ADDR_ACK       1   600     0    -240    -240    -240      0      0      0   125   125   125 65535     0     0     0     0
DISCONNECT     1   600     0    -150    -150    -185      0      0      0   330   330   330 65535     0     0     0     0
OFFHOOK_NOTICE 2  1400  2040    -240    -240    -240    -240    -240    -240   100   100     0     0     0     0     0     0
OFFHOOK_ALERT  4  1400  2040    -150    -150    -185    -150    -150    -185   100   100     0     0     0     0     0     0

If, for example you want to modify what dial tone sounds like when an FXS port goes off-hook, you would execute:

test voice tone C1 DIALTONE       2   340   440    -165    -165    -185    -165    -165    -185 65535     0     0     0     0     0     0     0

In this case, I am changing the first frequency in a dual tone frequency from the default 350 to 340.

You then simply apply the new settings to the voice port via 

voice-port 2/0
 cptone C1

You can verify the changes / new settings by simply running "test voice tone C1 show" again, and your modifications should have replaced the defaults.

This change DOES NOT show in the running-configuration and WILL NOT survive a gateway reboot.

The make them "permanent" you need to add commands to reapply the changes when a syslog "restarted" event is raised.  For example, to make my change above get reapplied after a reboot, you must add the following to your running config:

event manager applet Tone-application
 event syslog pattern "%SYS-5-RESTART: System restarted"
 action 1.0 cli command "enable"
 action 1.1 cli command "test voice tone C1 DIALTONE       2   340   440    -165    -165    -185    -165    -165    -185 65535     0     0     0     0     0     0     0"

Note here that you can make changes to any number of tones like BUSY, RING_BACK, etc. by adding additional lines to the config and incrementing the action 1.X command.  For example, changing both DIALTONE and BUSY on a restart, you would enter the following.

event manager applet Tone-application
 event syslog pattern "%SYS-5-RESTART: System restarted"
 action 1.0 cli command "enable"
 action 1.1 cli command "test voice tone C1 DIALTONE       2   340   440    -165    -165    -185    -165    -165    -185 65535     0     0     0     0     0     0     0"
 action 1.2 cli command "test voice tone C1 BUSY           2   500     0    -170    -170    -240    -170    -170    -240   550   550     0     0     0     0     0     0"

If you want to get crazy, try changing the DIALTONE and RING_BACK tones to something high like 1000 and / or changing the on / off times to something short like 100 so you're confident, just by ear, the changes are effective.

Wednesday, August 14, 2013

Cisco CUCM NTP servers, VMWare, re-licensing and what NOT to do

Let's assume you have a Cisco CUCM server(s) setup to use public NTP servers.
Let's assume those servers are unreliable, have been retired or are unreachable and you want to change them in CUCM.
Let's also assume you are running in CUCM in VMWare and you realize changing the NTP servers will invalidate your licenses because the license MAC will change.
Let's assume rehosting the licenses might be time consuming, or for whatever reason, an issue.
Let's assume you know you could, but don't want to root the CUCM server to spoof the license MAC.

You know what I mean, right?

Here's a dirty little hack.

Use a voice gateway as your NTP master (you could use any device with a real clock):

; setup your time zone correctly
clock timezone EST -5
clock summer-time EDT recurring
; setup name look ups 
ip name-server
ip name-server
; setup some name servers
ntp server
ntp server
ntp server
; setup the gateway as an NTP master
ntp master 5
; add a loopback interface 
; use the address of the CUCM NTP server that's unreliable
interface Loopback10
ip address
; verify your NTP status
show ntp associations
show ntp status

If the voice gateway is not your CUCM's default gateway, add a route to your new time server (you could have just made the default gateway the NTP master, but let's say it's an old layer 3 switch without an internal clock):

; create a static route to the old unreliable NTP server
; and route it to the voice gateway address
ip route

You now are using an internal NTP  server (the voice gateway's loopback) that you have control over (courtesy of some basic routing), synching with a reliable list of public clocks, and don't have to fiddle with CUCM.

Maybe dirty. Definitely works. Go nuts.

Sunday, August 11, 2013

IPCelerate IPSession, Status Solutions, Dukane nurse call and stattap.exe crashing

Running IPCelerate IPSession version 5.8.4 with a Dukane nurse call integration.  Status Solutions provides the interface between the Dukane TAP page output and IPCelerate SAM.

After the server hung during a Microsoft update application it was hard booted. At first the problem was that alerts designed to be presented to a single 7925 WiFi phone were being presented to all phones in the IPSession page group.  Then I found the stattap.exe application (the "Status Solutions TAP Interface" service) was crashing shortly after startup.  Several pending alerts could be sent and then the stattap.exe would crash.  A symptom was that the IPCelerate SAM web GUI would display a "Got error 134 from table handler", rather than a grid of recent alerts.

Ultimately, the issue was a corrupted alarm_device table in the MySQL statsol database.

You can gain access to the MySQL database by running:
c:\ipcelerate\statsol\mysql\bin\mysql -u root -pstatsoldb statsol

You can see the tables in the statsol database by using:

The output should look similar to the following:
| Tables_in_statsol           |
| action                      |
| alarm                       |
| alarm_device                |
| alarm_device_image          |
| alarm_device_type           |
| alarm_log                   |
| alarm_log_2000_q1           |

The list continues but it's not shown here...

With that, wanting to check tables without being potentially destructive and having the most control during the process, I started checking tables by running:

Given the number of tables in the list, I was happy to find the alarm_device table was an offender.  The check, repair and recheck output is shown below:

The bad check...

mysql> check table alarm_device;
| Table                | Op    | Msg_type | Msg_text
| statsol.alarm_device | check | warning  | 3 clients are using or haven't close
d the table properly |
| statsol.alarm_device | check | error    | Unexpected byte: 0 at link: 179536
| statsol.alarm_device | check | error    | Corrupt
3 rows in set (0.05 sec)

The repair...

mysql> repair table alarm_device;
| Table                | Op     | Msg_type | Msg_text
| statsol.alarm_device | repair | warning  | Number of rows changed from 1645 to
 1644 |
| statsol.alarm_device | repair | status   | OK
2 rows in set (0.09 sec)

A good check...

mysql> check table alarm_device;
| Table                | Op    | Msg_type | Msg_text |
| statsol.alarm_device | check | status   | OK       |
1 row in set (0.01 sec)

After some discussions with Status Solutions support staff, they confirmed that the alarm_device table is a common issue after unclean reboots.  They also indicated running mysqlcheck should not cause any issues while MySQL is running.

A much more efficient command is then:
C:\IPcelerate\statsol\mysql\bin\mysqlcheck --repair --check-only-changed -uroot -pstatsoldb statsol

The output should be similar to this:
statsol.action                                     Table is already up to date
statsol.alarm                                      OK
statsol.alarm_device                               OK
statsol.alarm_device_image                         Table is already up to date
statsol.alarm_device_type                          OK
statsol.alarm_log                                  OK
statsol.alarm_log_2000_q1                          Table is already up to date

The list continues below but is not shown...

mysqlcheck appears to run the manual check and appropriate repair in one process, as shown here:

Monday, August 05, 2013

Cisco UCCX Application Manager in partial service

See here or he like for typical troubleshooting techniques:

Problem: You find your Cisco UCCX server(s) in partial service, and after drilling down find the Application Manager is in partial service.  One option is to change the trace levels to debug on the APP_MGR, restart the engine(s) or server(s) and then examine the MIVR logs.  Searching the logs for PARTIAL_SERVICE or ERROR at the time of reboots can be telling as it may reference an offending script.  At at high profile installations, restarting / rebooting is not a practical option, and pulling logs from the Linux appliances is not as easy as it was on the older Windows based systems.

Possible easy solution:  Check the Real Time Reporting in UCCX.  From the administrative GUI, choose Tools | Real Time Reporting | Report | Applications.  You should find a grid of the applications on your deployment and a column on the right titled Valid.

If any of them have a value of false, you can be sure the partial service is at least partially attributable to that application.  Validating the script via the script editor, checking for valid sub flows, etc. is in order.

If you don't "own" the administration of UCCX and have various administrators not checking server health after their changes, this is a nice easy option, pointed out to me by a customer in just such an environment.  It appears to be available in at least versions 7 through 9.

Wednesday, July 31, 2013

Cisco CUCM check database replication via CLI basics

Cisco has made reviewing CUCM server replication on newer versions pretty easy via the GUI. Choose Cisco Unified Reporting in the upper right, log in and choose System Reports | Unified CM Database Status and then choose Generate a new report.

You can also look for 2s in RTMT if that is available.

Sometimes the CLI is the only way to go, and I never remember the exact commands.

Check the DB replication status on all Cisco Unified Communications Manager nodes in the cluster to ensure that all servers are replicating database changes successfully. You can check by using either RTMT or a CLI command.

via CLI:
show perf query class "Number of Replicates Created and State of Replication"

– 0—Replication Not Started. Either no subscribers exist, or the Database Layer Monitor service has not been running since the subscriber was installed.
– 1—Replicates have been created, but their count is incorrect.
– 2—Replication is good.
– 3—Replication is bad in the cluster.
– 4—Replication setup did not succeed.

Just as an aside, there's another CLI command I like, where validate_network is not available via the question mark.  To check network connectivity and DNS server configuration, enter the CLI command below:
utils diagnose module validate_network

Monday, July 22, 2013

Upgrades are prohibited during License Grace Period and licexpiry.txt location

You might sometime find yourself in the position where you need to manipulate files on Cisco CUCM, such as the licexpiry.txt file. Some background on that particular situation can be found here:

This is something you need to have TAC assist with, as they have methods to generate temporary root access to the Linux OS and these files can't be accessed via the normal platform administration CLI commands.

You may also realize there are plenty of documented methods to gain root access on a Cisco CUCM server yourself, but my favorite, in that it includes good screen shots and Vi text editing keystrokes help can be found here:

Of course, you shouldn't do this.  It's unsupported by Cisco, Cisco TAC, likely voids warranties and service contracts, could be illegal, and who knows what else.  Don't do it.

When Cisco TAC is assisting you, you might find some of the documentation associated with removing the licexpiry.txt file is incorrect.


To find the actual location of the file, you Cisco TAC could run:

find / -iname licexpiry.txt

This should return the real location of the file, something like:


With that information, to remove the file you can run:

cd /usr/local/platform/conf
rm licexpiry.txt

Good luck, maniacs.

Edit 9/30/2013: see for some additional information on gaining access to the CUCM file system.

Monday, July 15, 2013

Convert WAV to 8 bit, 8 KHz u-Law format, version 2

So you have a wonderful new recording you would like to upload to Cisco UCCX (or IPCC, Unity Connection, Unity Express, or whatever) and know that it needs to be in a 8bit, 8KHz, u-Law format.

How do you convert it?

In Windows XP, the Sound Recorder application would allow you to simply change the format by opening it, choosing to save it and then selecting Change in the dialog box. The correct format there is Format: CCITT u-Law and Attributes: 8.000 khz, 8 Bit, Mono.

Now that Microsoft has apparently sucked the life out of Sound Recorder in Windows 7, my next preference is using Audacity.  Unfortunately Audacity, while extremely feature rich, can be a bit overkill for this purpose.

If you are so inclined, you can find my original post regarding how to convert files in Audacity here:

My new preference is using the Windows XP version of Sound Recorder on Windows 7.

What?! How, you say?

The first step is to find an XP machine that you can steal files from. You can find the Sound Recorder executable on a typical XP machine at C:\WINDOWS\system32\sndrec32.exe.  Copy that file and move it to your Win 7 machine's C:\WINDOWS\system32 folder.

Edit 09/14/2015:  You can find a copy of the 32 bit Sound Recorder application from Windows XP by searching for here:

Now, running that executable may pop an error indicating "There was an error updating the registry".

Here I suggest you:

  • Close the message box.
  • Close the Sound Recorder application.
  • Right click the sndrec32.exe and choose "Run as Administrator".
  • The XP version of Sound Recorder should run without issue.
  • Close the application and simply run or open it again, not as an administrator.

If it runs successfully, you should be all set.

To make life easy, now:

  • Right click sndrec32.exe and choose Send to | Desktop (create Shortcut)
  • Rename the short cut as Sound Recorder XP, or something similar.
  • Drag that short cut to the Windows start bubble, over All Programs, over Accessories and wait for the accessories list to expand.  
  • Then drop it in the list of accessories.

You should then be able to search for, find and run the Sound Recorder XP application with the CCITT u-Law options, as well as the newer version if you'd like.


Calls from Cisco 9971 / video phones fail

As video enabled phones become more prevalent on users' networks and audio and video enabled devices continue to converge and ride on the same facilities, I imagine this will become a more common problem, but it's the first time I've bumped into it.

The symptom was a user testing new 9971 video phones found they could dial throughout the Cisco CUCM enterprise, and the video feature was attractive.   They then found that they were unable to call from the 9971 phones to the Avaya PBX phones they were migrating away from.  Other 7900 and 6900 series phones could call the Avaya phones without issue.  The facility between the Cisco CUCM and Avaya PBX was an H.323 gateway supporting a single PRI.

Ultimately the issue was that the ISDN Q.931 SETUP message from Cisco indicated the Transfer Capability was Unrestricted Digital, and the Avay PBX was rejecting the call.

The fix was to add bearer-cap speech to the voice port configuration on the H.323 gateway.

An example of the failed call using debug isdn q31 where Transfer Capability = Unrestricted Digital is the offending message is:

Jul 11 15:14:20.163: ISDN Se0/0/0:23 Q931: Applying typeplan for sw-type 0xD is 0x0 0x0, Calling num 3990
Jul 11 15:14:20.163: ISDN Se0/0/0:23 Q931: Sending SETUP  callref = 0x115D callID = 0x90E9 switch = primary-ni interface = User
Jul 11 15:14:20.163: ISDN Se0/0/0:23 Q931: TX - > SETUP pd = 8  callref = 0x115D
Bearer Capability i = 0x8890
Standard = CCITT
Transfer Capability = Unrestricted Digital
Transfer Mode = Circuit
Transfer Rate = 64 kbit/s
Channel ID i = 0xA98387
Exclusive, Channel 7
Calling Party Number i = 0x0081, '3990'
Plan:Unknown, Type:Unknown
Called Party Number i = 0x80, '7121'
Plan:Unknown, Type:Unknown
Jul 11 15:14:20.191: ISDN Se0/0/0:23 Q931: RX < - CALL_PROC pd = 8  callref = 0x915D
Channel ID i = 0xA98387
Exclusive, Channel 7
Jul 11 15:14:20.195: ISDN Se0/0/0:23 Q931: RX < - DISCONNECT pd = 8  callref = 0x915D
Cause i = 0x81D8 - Incompatible destination
Jul 11 15:14:20.195: ISDN Se0/0/0:23 Q931: TX - > RELEASE pd = 8  callref = 0x115D
Jul 11 15:14:20.227: ISDN Se0/0/0:23 Q931: RX < - RELEASE_COMP pd = 8  callref = 0x915D

An example of a successful call at the same site over the same circuit with a Transfer Capability = Speech is here:

Jul 11 15:13:02.743: ISDN Se0/0/0:23 Q931: Applying typeplan for sw-type 0xD is 0x0 0x0, Calling num 7510
Jul 11 15:13:02.743: ISDN Se0/0/0:23 Q931: Sending SETUP  callref = 0x1157 callID = 0x90E3 switch = primary-ni interface = User 
Jul 11 15:13:02.743: ISDN Se0/0/0:23 Q931: TX -> SETUP pd = 8  callref = 0x1157 
Bearer Capability i = 0x8090A2 
Standard = CCITT 
Transfer Capability = Speech  
Transfer Mode = Circuit 
Transfer Rate = 64 kbit/s 
Channel ID i = 0xA98382 
Exclusive, Channel 2 
Calling Party Number i = 0x0081, '7510' 
Plan:Unknown, Type:Unknown 
Called Party Number i = 0x80, '3427' 
Plan:Unknown, Type:Unknown
Jul 11 15:13:02.767: ISDN Se0/0/0:23 Q931: RX < - CALL_PROC pd = 8  callref = 0x9157
Channel ID i = 0xA98382 
Exclusive, Channel 2
Jul 11 15:13:02.775: ISDN Se0/0/0:23 Q931: RX < - ALERTING pd = 8  callref = 0x9157
Progress Ind i = 0x8188 - In-band info or appropriate now available 
Jul 11 15:13:10.475: ISDN Se0/0/0:23 Q931: RX < - CONNECT pd = 8  callref = 0x9157
Progress Ind i = 0x8182 - Destination address is non-ISDN  
Connected Number i = 0xA1, '3427' 
Locking Shift to Codeset 6 
Codeset 6 IE 0x28  i = 'LAB FAX'
Jul 11 15:13:10.475: %ISDN-6-CONNECT: Interface Serial0/0/0:1 is now connected to 3427 N/A

The change in the configuration to correct the issue was:

2901-VGW(config)#voice-port 0/0/0:23
2901-VGW(config-voiceport)#bearer-cap ?
  3100hz   enable 3100hz
  speech   enable speech
2901-VGW(config-voiceport)#bearer-cap speech

No configuration change in Cisco CUCM was necessary and the voice-port did not need to be reset.

Further information and detail can be found here:

Friday, May 31, 2013

Voice Elements and Cisco CUCM 7

Had an interesting engagement trying to get a Voice Elements IVR platform to use a Cisco CUCM 7 server as the connection to the PSTN.

The plan was to accept incoming calls via PRI(s) registered to the Cisco CUCM server, and pass the caller to the Voice Element server to be answered by home grown IVRs.  The Voice Elements server will also be hosting applications that generate outbound campaigns, signalling CUCM to pass the call to the PSTN.

The Voice Elements set up is fairly basic, requiring defining the IP address and port on which the Voice Elements server software will listen for incoming SIP traffic, and the IP address and port that Voice Elements will use to send traffic to.

You can find the details here:

The only significant change to the CUCM server was a requirement to use UDP as the transport.  At least on CUCM version 7, it appears that the default is TCP.

You can modify that via System | Security Profile | SIP Trunk Security Profile.

I suggest making a copy of the default profile, modifying the Outgoing Transport Type, and applying it to the trunk.

Here's a screenshot of my working config.

If you need any additional details, let me know.

Monday, May 20, 2013

Cisco Unity 8 license inconsistency between servers

Customer running Cisco Unity 8 with servers in three locations using digital networking.  Found the license counts on each server were not the same and although licenses were available in the pool, subscribers could not be added at one site.

You may find errors re: "Stale license pool data" and / or communication failures with AD or global catalog servers.


The fix was running DOHPropTest and performing total resyncs.

  1. Open DohPropTest.exe from \commserver\techtools\.  The tool is available from the Unity Tools Depot as well and appears to execute the same application.
  2. Choose OK but do not enter the password.  This runs DOHPropTest in "read only" mode, which is rather comforting given what I've seen you can do if you actually provide a password.
  3. Choose ignore to password check.
  4. Choose AD Monitor, and choose TotalResync. Close the window.
  5. Choose GC Monitor, and choose TotalResync. Close the window.

There are some links that indicate this can be business impacting and should be done in a maintenace window, however my experience indicates your results may vary.  It took only seconds to complete (can verify in MS Event Viewer) and there was no indication users were impacted (approximately 500 users accross three servers).

Monday, May 13, 2013

Cisco UCCX IPPA clients slow or unable to log in or go ready - requesting or XML Parse Error

After some power outages in a data center hosting a Cisco UC enviroment, users using Cisco IP Phone Agent (IPPA) indicated they recieved only a "requesting" message in the phone display when attempting to log in or go ready.  If a user was able to get to a state where they were taking calls, they also reported seeing XML (4) Parse Error intermittantly between calls.

The users were equipped with IPPA and "one button login" only, but some remote testing using the CAD fat client indicated users could log in immediately if not already logged in.

The short story fix was restarting some services on CUCM and UCCX.  I would suggest using stop and start commands rather than restart commands and do them in this order.

Stop CTI Manager on CUCM Pub
Stop CTI Manager on CUCM Sub
Start CTI Manager on CUCM Pub
Start CTI Manager on CUCM Sub
Stop Cisco Tomcat on CUCM Pub (via CLI only with utils service stop Cisco Tomcat)
Stop Cisco Tomcat on CUCM Sub
Start Cisco Tomcat on CUCM Pub (via CLI only with utils service start Cisco Tomcat)
Start Cisco Tomcat on CUCM Sub
Stop IPPA service on UCCX
Start IPPA service on UCCX

Note: there were only two CUCM servers and one UCCX server deployed.

Note:  This process will be business impacting in this scenario.  CUCM CTI Manager is responsible for applications using JTAPI (and TAPI) so UCCX will out of order at this point.  The UCCX IPPA service handles requests for agents using IPPA so you'll likely be logging agents out at this point.

Thursday, May 02, 2013

Cisco CME CUCME "MAC address is already assigned with ephone" and DECEASED state

Customer complained that a Cisco 7941 on the CME would occasionally drop calls and reboot, also interupting pass-thru data connectivity.

After testing the physical layer between the phone and CME, we decided to replace the device with a spare as the original showed evidence of being treated with some disrespect.

It seems the method to do so would be to modify the MAC address in the ephone configuration, but of course that's more difficult than should be.

; let's get rid off the configuration related to the replacement phone
CME(config)#no ephone 24

; let's put the mac address of the replacement phone in the 
; ephone configuration of the faulty phone 
CME(config)#ephone  17 
CME(config-ephone)#mac-address 0011.2B2B.B9B9
;  be startled that you can't do this
MAC address is already assigned with ephone 24.
Can not assign same MAC address with mutilple ephone.

Ultimately what seemed to work was re-configuring ephone 24 with a dummy MAC, and then configuring ephone 17.

CME(config)#ephone  24 
CME(config-ephone)#mac-address aaaa.bbbb.cccc
CME(config)#ephone  17 
CME(config-ephone)#mac-address 0011.2B2B.B9B9

Now, to confuse the issue, the replacement device now registered as ephone 17 exhibits the same disconnect and reset symptom.  When running show ephone, the state of ephone-17 shows DECEASED.  That looks bad.

The official description of that state is:

The Cisco Unified IP phone is active and registered. Alternative states are UNREGISTERED (indicating that the connection to the Cisco Unified IP phone was closed in a normal manner) and DECEASED (indicating that the connection to the Cisco Unified IP phone was closed because of a keepalive timeout). 

With that, if the keepalive attempts are timing out it still seems there may be a network issue.  Given the cabling was tested, and the switch configuration simplicity and lack of errors, I doubt it, but we'll see.

As a test, I now removed any evidence of ephone 17 and ephone 24, created a new ephone 25 with the MAC address of the replacement phone, re-created the cnf files under telephony-services, and am monitoring the situation.

Saturday, April 27, 2013

Asterisk and Cisco 7940 basic config file examples

Here are some very basic examples of configurations used to get a Cisco 7940 running on Asterisk.  The phone I'm using is running P0S3-8-12-00 and it's Asterisk 11.3.

Basic files used by the phone:

# file is downloaded by phone at boot up
# name is case sensitive

#image_version shows the firmware image to get from the TFTP server.
image_version: P0S3-08-12-00

# NAT/Firewall Traversal
# this seens to be required by the 7940s
# debugging SIP on the Asterisk server indicates authentication failures without it
# which in my case had nothing to do with users and passwords
nat_enable: "0"

# define your proxy / SIP server
proxy1_address: ""
# tell the phone to register to the proxy
proxy_register: "1"

# define dialplan.xml as the file defining the phones dial plan
# this is not required but
# to at least avoid users needing to press the "dial" key after dialing
# or waiting for an inter-digit timeout, create a file that defines well known patterns
dial_template: "dialplan"

# define number to be dialed by messages button
# not required but given the phone has a big "messages" button
# it seems like it should work
messages_uri: "6500"

# file is downloaded by phone at boot up
# name is case sensitive
# format is SIP.cnf

# Text next to button on phone
# Like a CUCM Line Label
line1_name: Office1

# name used in Asterisk sip.conf to define SIP peer
line1_authname: "Office1"
line1_displayname: "Office1"

# secret used in Asterisk sip.conf

# using MAC address here to keep it complicated but easily remembered
line1_password: "0006D725E4D4"

# Phone Label displayed in upper right corner with no effect on SIP
# this is just cosmetic
phone_label: "7164330263"

# file is downloaded by phone at boot up
# name is case sensitive
# this is optional and will only be downloaded if exists in
# the SIPDefault.cnf file

    <TEMPLATE MATCH="011*" Timeout="6" User="Phone"/><!-- International calls -->
    <TEMPLATE MATCH="1.........." Timeout="0" User="Phone"/> <!-- Long Distance are 1+10 digits -->
    <TEMPLATE MATCH="......." Timeout="0" User="Phone"/><!-- Local numbers are 7 digits here -->
    <TEMPLATE MATCH="*" Timeout="5"/><!-- Anything else, don't really care right now -->

Basic file elements used by Asterisk:

; see extensions.conf file for how the 
: contexts below are used
; below is very important
; others said insecure = very is appropriate
; research


; line 1 on 7940 phone
callerid="7164330263" <6002>

; include access to outgoing routes from users

; how to call my phone and forward to vmail

;this provides access to users extensions from pstn-incoming (SIP ciscorouter1)

; dial 7 for out and strip 1

; I use GMail and will use them as my SMTP server
; T believe this requires something besides sendmail
; due to the way GMail uses TLS / SSL
; mailcmd=/usr/sbin/sendmail -t
; nice write up here:
mailcmd=/usr/sbin/ssmtp -t

; here's my voicemail context and a basic mailbox that will forward to GMail
6002 => 12345,Somebody's Name,,,attach=yes|tz=eastern

Thursday, April 25, 2013

Find Cisco phone devices associated with CUCM NumberOfRegisteredPhonesDropped alert

See: for similar information related to MGCP gateways dropping.

After configuring RTMT NumberOfRegisteredPhonesDropped alert to deliver information via email, I found associated phone device details are not included in the email. This can be a real problem on larger scale deployments and no other reporting tools available.

To find the devices in question:
  1. Freak out when receiving [RTMT-ALERT-StandAloneCluster] NumberOfRegisteredPhonesDropped alert.
  2. Hope the traces have been enabled in CUCM. The default Error level on CallManager should be sufficient.
  3. Go to RTMT | SysLog Viewer, and select a Node at the top of the right pane (the logs are specific to servers, so this might be tedious).
  4. In the Logs tab, go to Application Logs | AlternateSyslog .
    1. Your results may vary depending on versions.  Your option may be Application Logs | Archive | CiscoSysLog or something similar.
  5. In the bottom grid, scroll to the approximate time of the alert.
    1. If you choose the Save button at the bottom of the screen, you can save the AlternateSyslog to a text file to be searched with a text editor (Use something besides MS Notepad to save yourself headaches. I like Notepad++ at
  6. Search for EndPointUnregistered, StationConnectionError or maybe DeviceTransientConnection in the Message column.
  7. The DeviceName, IP address, Description, etc. of the affected device(s) will be included in the message.
  8. Note the Reason value in the message. It will shed light on why the device is unregistered.
  9. Search for System Error Messages for Cisco Unified Communications Manager  and find one appropriate to your CUCM version.
  10. Search that document for EndPointUnregistered for a description of why a phone was unregistered.
  11. Fix something.
Of course, your results may vary.

If you're in the right place, here's what it looks like on a CUCM 8.6 using RTMT 8.91:

Sunday, April 14, 2013

Asterisk voice mail and not requiring entering a mailbox number for retrieval

My Cisco Unity Express module exploded recently, so being without a (world's most expensive) home answering machine, I thought I'd just commit to running Asterisk and it's voice mail system instead.

I haven't fiddled with starting up Asterisk from scratch in years, but given I might actually use it now, it seemed to be worth the effort familiarizing myself with all the CLI / configuration options again.

I managed to get a new version of X-Lite 4 from running and registered, was able to forward it to voice mail  and could retrieve voice mail by dialing an extension for the VoiceMailMain application.  I struggled with removing the requirement to enter an extension number though.

What I found is that I needed to pass the caller id of my X-Lite 4 device via the SIP.CONF configuration, to be handled by the ${CALLERID(num) variable in the EXTENSIONS.CONF entry.

Here's the relevant snippets:



; below define caller id that will be processed by the VoiceMailMain / CALLERID(num) variable
callerid="web1" <6001>




; test xlite phone

; generic voicemail retrieval app
; below catch caller id that represents voice mail box number



; simple voice mail box setup
6001 => 12345,Web,,,attach=no|tz=eastern

Tuesday, April 09, 2013

Cisco CUCM and Caller ID / CLID sending

I don't know where I scraped up this information originally, but it now seems to live at:

How to send / places to configure CLID (caller id) from Cisco CUCM
1.  "Directory Number Configuration" page.

Scroll down to "External Phone Number Mask". Enter here the number that you want to send to the PSTN. Then click on "update" at the top of the page. You have to repeat this same procedure for the other extensions configured for this IP Phone (if you want to send those numbers also to the PSTN).
2.  "Route Pattern Configuration" page.

Locate the route pattern that you are using for doing calls to the PSTN.

Scroll down to the "Calling Party Transformations" section.

- If you check the "Use Calling Party's External Phone Number Mask" checkbox, you will use the number that you configured in the "Directory Number Configuration" page as caller ID.

- If you uncheck that checkbox, then you can configure the "Calling Party Transform Mask". Just enter here a number like, as an example, 978858xxxx (CUCM will fill out the xxxx with phone's 4-digit extension).
3.  "Route List Detail Configuration" page.

Go to the "Calling Party Transformations" section.

If you set "Use Calling Party's External Phone Number Mask"  to "on", you will use the number that you configured in the "Directory Number Configuration" page as caller ID. If you set it to "off", then you need to configure the "Calling Party Transform Mask" (next line on this same page). The setting that you use here will override the settings that you configured in the "Route Pattern Configuration" page.

You configure the "Calling Party Transform Mask" here in the same way as explained for the "Route Pattern Configuration" page.
4.  "Gateway Configuration" page.

Go to the Gateway and select the PRI that you are using for outgoing calls. Under 'Outbound Calls' you should see the Caller ID DN field. In here you can configure also the Caller ID.
In other words Caller ID works as follows:

  1. Gateway configuration overrides everything else.
  2. Route List configuration overrides the Route Pattern and the Directory Number Configuration.
  3. Route Pattern overrides only the Directory Number configuration.

Tuesday, March 19, 2013

Cisco CDR delivery failures to billing servers

This is documented all over so I'll skip any narative.  Assume this is just a note to myself....

First location to check for outgoing CDR records by date (03-15-2013):
file list activelog /cm/cdr_repository/preserve/20130315

Locations for records destined for billing servers number 1 and 2
file list activelog /cm/cdr_repository/destination1/20130315
file list activelog /cm/cdr_repository/destination2/20130315

Pull errors via SQL (version 8):
run sql car select count(*) as cnt, error_codes from car:tbl_billing_error group by error_codes order by cnt desc

run sql car select count(*) as cnt, origdevicename from car:tbl_billing_error where datetimeconnect = '0' group by origdevicename order by cnt desc

Cisco VG224 and redundant uplinks

Cisco VG224 and redundant uplinks

Customer was asking about the feasibility of using both FastEthernet interfaces on a Cisco VG224 to provide an additional level of reliability / redundancy to analog voice ports.  Given they are not running a dynamic routing protocol internally, I suggested they rely on spanning tree to make the decisions between what uplinks should be used actively, and modify the configurations appropriately.

Here's my before and after snippets...


interface FastEthernet0/0
 ip address
 duplex full
 speed 100
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
ip route


interface FastEthernet0/0
 no ip address  (ip address can't be here anymore)
 duplex full
 speed 100
 bridge-group 1
interface FastEthernet0/1  (this is normally shut, make sure to no shut)
 no ip address
 duplex auto
 speed auto
 bridge-group 1
ip route
interface BVI1
 mac-address 0123.0123.0123  (fictitious)
 ip address  (same IP previously on F0/0)
bridge irb  (Integrated Routing and Bridging)
bridge 1 priority 65535  (make as high as possible to reduce possibility of becoming root bridge)
bridge 1 protocol ieee  (this is standard spanning tree protocol)
bridge 1 route ip  

PsExec and running CMD remotely / on remote PCs

PsExec at

This little application may not work in all situations, but it's a time saver when it does.

I needed to verify some IP configuration, run ipconfig, nslookup, ping, etc. on a PC that was miles away and where the user was not going to be cooperative.  The basic challenge was to execute a command prompt on a remote PC without installing software there or interrupting the user.

PsExec is a little executable that allows you to run applications on remote machines without installing client software.  One very cool option is the ability run interactive command prompts, like cmd.exe or ipconfig without user intervention.  There appear to be limitations re: access to network resources on the target PC, possibly user privileges on the remote and target PC, and maybe some antivirus / anti-malware applications objecting to its usage, so tread carefully.

Here's some CLI options from Microsoft's technet page:

The following command launches an interactive command prompt on \\marklap:

psexec \\marklap cmd

This command executes IpConfig on the remote system with the /all switch, and displays the resulting output locally:

psexec \\marklap ipconfig /all

This command copies the program test.exe to the remote system and executes it interactively:

psexec \\marklap -c test.exe

Specify the full path to a program that is already installed on a remote system if its not on the system's path:

psexec \\marklap c:\bin\test.exe

Run Regedit interactively in the System account to view the contents of the SAM and SECURITY keys::

psexec -i -d -s c:\windows\regedit.exe

To run Internet Explorer as with limited-user privileges use this command:

psexec -l -d "c:\program files\internet explorer\iexplore.exe"

Wednesday, March 06, 2013

Windows 2008 R2 RDP MSTSC Sound Redirection

While looking to run Cisco IP Communicator in an administrative RDP session to a Windows 2008 R2 server running in VMWare, I struggled to get  a sound card driver installed to allow IP Communicator to start and redirect audio to the MSTSC client.  This is not supported, and I never got it to work, but having done so would have saved me a long trip to a remote site to make some test calls.  Oh well.

One step in my experiment was to simply allow sound redirection to the RDP session without major server reconfiguration, namely adding the Remote Desktop Session Host server role.  I only need access to the server for administrative purposes and didn't want to add, break or cause any licensing issues that might affect the server and loaded applications long term.

After confirming the client was set to redirect sounds to the local computer, the missing tidbit to get at least the Windows log on audio WAV to play was a relatively minor adjustment on the server.

From the server, run tsconfig.msc.
In the resulting window, right click the RDP-Tcp connection in the Connection table.
Choose Properties.
Click the Client Settings tab.
Uncheck the Audio and video playback option, and the Audio recording option.
Click OK.

My experience is that at this point, you should at very least hear remotely the Windows log on WAV or any Windows alert WAVs when appropriate.