After having issues myself with Cisco Jabber for Mac 9.2 specifically with Active Directory lookups not working, or contact information not populating (and therefore not being able to call users from the contact list as no telephone information exists) I am including a sample jabber-config.xml file that works for me.
Please note: there are many different ways to configure this. What I will be showing is the method that works for me and my deployment, which is pretty standard.
As always and as a disclaimer, once again, this is what has worked for my deployment scenario. Always keep backups of your configuration files, and always be mindful of anything you have configured already, especially in the jabber-config.xml file.
My deployment is based on CUCM 9, with 1 publisher and 2 subscribers. I also have a CUCM IM & Presence 9.0 server. This assumes that you have already configured your deployment and Jabber is functioning already, albeit with the aforementioned issues.
As for Active Directory, my deployment will be based on Windows 2008 R2 Domain Controllers running in native 2008 mode. For this example, we will be searching directly against one of the DCs with a Global Catalogue role. Please be aware that in large deployments you will have to plan accordingly with regards to lookup traffic from Jabber clients to the DCs.
Also, as of Cisco Jabber for Mac 9, the client no longer can search via the CUCM internal directory (which may be made of local end users, Active Directory synced users, or a mix of both) and this must be done via a LDAP mechanism.
In this deployment scenario, Cisco Jabber for Windows is working properly - you can search and add people from Active Directory, and contacts in your contact list have all the appropriate fields populated from Active Directory. However, when trying the same with Jabber for Mac, Jabber for iPhone or Jabber for iPad you notice that you cannot perform a directory lookup, and if you add people directly (for example, [email protected]) the user only has the IM field populated. No telephone, email or additional information is displayed.
Whereas Cisco Jabber for Windows uses the EDI mechanism (native Windows), whereby when running from a computer that is on the domain (or in the event that you are search for contacts in another Active Directory domain where a domain trust exists) , Jabber for Mac / iPhone / iPad uses the BDI mechanism.
In this case, you will need to provision a jabber-config.xml file that you will upload to your TFTP server (or Publisher) that will be "downloaded" by your Jabber for Mac client and also used by the iPhone and iPad client. You can configure many options in the jabber-config.xml file, but for this example we will place just the information that we need to order for these clients to request and display Active Directory information.
Please note that the configuration may vary depending on your deployment, but at the very least we will be:
- Configuring a DC where we will perform the lookup.
- Configure credentials that will be used to perform the lookup. This will be an Active Directory account that has read rights on the Active Directory domain. Please note that these credentials are saved in plain text in the file, so ensure that the account that you will be using is not privileged.
- Configure the server port that we will be using to perform the lookup.
- Configure the Search Base. This is basically where we want the directory lookup to happen. You can either choose for this lookup to start at the "base" of the domain (and therefore the search will iterate through all the user accounts and and OUs below the root base) or define a specific OU where you want to search.
- There is a current limitation with Cisco Jabber for Mac whereby you can only have 1 search base configured. Please keep this in mind if, like me, you have multiple OUs (like an OU for each company in your organization) and under these OUs you have sub OUs as a user account container.
- If using the top level search base, unless you specify a filter, you will potentially be able to search for all user accounts in the domain. You will need to configure the <BDIBaseFilter> parameter if you want to fine tune your search ability.
These are the steps I have followed. Other steps or considerations may vary.
- Log in to your TFTP server and download the jabber-config.xml file and keep it as a backup. If you are already using the jabber-config.xml file for other purposes, do not worry - you can add your BDI information parameters inside.
- Remove the jabber-config.xml file
- Edit the jabber-config.xml file and configure thus:
<?xml version="1.0" encoding="UTF-8"?>
<BDIPrimaryServerName>DOMAIN CONTROLLER IP ADDRESS</BDIPrimaryServerName>
<BDIPresenceDomain>YOUR PRESENCE DOMAIN</BDIPresenceDomain>
<BDISearchBase1>YOUR SEARCH BASE</BDISearchBase1>
For example, let´s assume the following:
- Domain controller IP address is 10.1.1.2 .
- Your presence domain is test.local .
- Your search base will be test.local using the top level of the domain.
- Your username with which you will be doing your searches is called walt . Usually you can either identify walt as test.local\walt or [email protected] . It is always best, in these sort of scenarios, to use the UPN convention so we will be configuring a [email protected] .
- The password is the Active Directory password for the account walt .
- I have disabled TLS in my case. There are issues with the Jabber for Mac client when using other security methods.
<?xml version="1.0" encoding="UTF-8"?>
One you have configured the jabber-config.xml file, you will now need to upload it to you TFTP server. Once uploaded, you will need to restart the Cisco TFTP service. Again, my TFTP server is on my CUCM publisher, so:
- I go to Cisco Unified OS Administration on my Publisher server, TFTP File Management and I upload jabber-config.xml to / directory
- I then go to Cisco Unified Serviceability on my Publisher server, I locate the Cisco TFTP service and I restart the service
Once this is done, you can figure up your Jabber for Mac client. As a test, on your Mac (using Terminal) go to:
/Users/username/Library/Application Support/Cisco/Unified Communications/Jabber/Config
In here you will see several files, but what we want to see is jabber-config.xml . As soon as you start the Jabber for Mac client and log in, the jabber-config.xml file will download from your TFTP server and get saved here. When you see it appear, just type in your terminal window more jabber-config.xml and make sure that the output is the same as the xml file you created.
From there, try doing directory search. If you have previously added contacts and they still lack attribute information, you will need to remove them (sometimes it will not refresh properly) and add them again from the directory.
I will be updating this guide and ammending anything that is incorrect, but this is meant to be a quick checklist and steps to get this, at least in the most very basic version, up and running for Jabber for Mac.