Aastra BluStarTM 8000i Desktop Media Phone BAS-Mode Administrator Guide Release 4.0 41-001391-00 Rev 03 – 04.
Content Welcome . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Preface-i About this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Preface-i Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Content Form Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-5 Form Types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-7 User Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Content Chapter 6: BluStar Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-1 BluStar Device Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-1 BluStar 8000i Terminal Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Content User Session Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-12 USL Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-12 USL Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Content System Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-16 Platform Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-16 SIP Calls per Second Averages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Content Chapter 10: Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1 Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Content User Authentication Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-7 Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-7 SMB Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Welcome The Aastra BluStar™ 8000i Desktop Media Phone is designed to enhance the way you communicate and collaborate. Offering true HD video conferencing, the BluStar 8000i uses the latest in video and communications technology to enable a natural high-quality video experience. With its advanced business collaboration features and applications, the BluStar 8000i is a productivity enhancing desktop media phone that is intelligent, intuitive, and easy to use.
Welcome Typographical Conventions • Commands or text that should be entered verbatim are shown in a monospace font, for example: netstat -rn • Parts of commands or entered values that should be replaced with varying details are shown in italics, for example: less filename • Icons or links that should be “clicked on”, are shown as underlined text, for example Home.
Chapter 1 System Overview This guide is aimed at the administrator of a BluStar system and BluStar Application Server (BAS). This guide covers the usage and administration of the BluStar 8000i in BAS mode that includes the servers, services, and systems supporting these terminals, and that enable the terminals to communicate with each other. BluStar System Components The following image illustrates the typical interconnection options for the systems discussed in this document.
BluStar System Components The remainder of this document focuses on the management of the following components: BluStar Components Note: Please refer to the documentation included with each of the devices listed below for additional information regarding their installation, configuration, and/or use. • BluStar Application Server (BAS) and BluStar Application Server software (SIP Services, Web User Interface, and Database).
System Applications System Applications The BluStar system provides BluStar 8000i terminal users with the ability to: • Make video and audio calls to another BluStar 8000i terminal or user, or receive calls from them, within the same local network or intranet. • Make video and audio calls to a BluStar 8000i terminal or user located in other domains (e.g. other organizations, or independently administered branches of the same organization), or receive calls from them.
Chapter 2 BluStar Application Server and Software Installation The BluStar Application Server (BAS) is usually configured as a fail-over pair. The servers can be mounted in a 19 inch rack. The platform hardware is 1U high. Please refer to the documentation supplied with your unit for detailed information on specific hardware features; and for the following instructions: • Unpacking and physical installation. • Planning the installation, e.g., ventilation, power, network.
Software Installation and Network Configuration 3. Insert the installation CD and reboot the server by switching the server power off, waiting five seconds, and switching the server power on again. 4. At the boot: prompt, enter: install 5. During the installation process, the disk is formatted and partitioned, and the Linux operating systems and packages are installed. Note: Installing additional software on the server may pose security risks.
Software Installation and Network Configuration To run the BluStar Application Server Configuration tool: 1. Enter the following command at a command prompt: ./vconfig 2. A welcoming screen displays giving brief instructions for using the configuration tool. After reading the instructions, press Enter to begin.
Software Installation and Network Configuration Notes: • Network Configuration must be completed before attempting to perform any other operation listed on the Server Configuration menu. • Do not attempt to configure the networking parameters by directly editing any system files. You must use the Network Configuration operation provided via the menu to configure the networking parameters for this platform.
Software Installation and Network Configuration Single Node (Standalone) 1. Select Single Node (Standalone) and press Enter to continue. The BluStar Application Server Network Configuration menu displays: 2. Using the up and down arrow keys to select items on the menu, and the Enter key to edit the desired setting, enter the following information: Primary Interface Type Specify the interface type. E100 is only option available. Primary IP Address Enter the server primary IP address.
Software Installation and Network Configuration Master Node (High Availability) Note: If you choose this option, you must subsequently configure a second BluStar 8000i as the Slave Node for this Master Node. If you wish to configure the BluStar 8000i as the Master Node for a High-Availability configuration, the settings are specified on a menu similar to the one used for Single Node network configuration. 1. Select Master Node (High Availability) and press Enter to continue.
Software Installation and Network Configuration HA Shared IP Enter the shared IP address for the HA server. HA Shared Hostname Enter a shared hostname in fully qualified form (e.g., servername.mycompany.com) (Leave blank or None if not applicable). HA Multicast Group IP Enter the HA Multicast Group IP address. This address should be unique for the HA pair on this subnet. 3.
Software Installation and Network Configuration 3. Using the up and down arrow keys to select items on the menu, and the Enter key to edit the following settings: Local Primary Interface Type Specify the interface type. E100 is only option available. Local Primary IP Address Enter the slave server primary IP address. Local Primary Netmask Enter the slave server primary netmask. Local Hostname Enter a name for the slave server in fully qualified form (e.g., servername.mycompany.
Software Installation and Network Configuration Time Setup 1. On the BluStar Application Server Configuration menu, use the up and down arrow keys to select Time Setup, then press Enter. The following screen displays: 2. Press the spacebar to toggle the hardware clock setting. Note: Setting the hardware clock to GMT is recommended. 3. Press the Tab key to move to the list of time zones; then use the up and down arrow keys to select the desired time zone. 4.
Software Installation and Network Configuration 5. Read the information on this screen, then press Enter to continue. The following screen appears: 6. Use the Tab key to move the cursor to the field that you wish to change; then use the h, j, k, and l keys to change values. When finished, tab to OK, then press Enter. The following screen displays: 7. Use the Tab key to move the cursor to the field that you wish to change; then use the up and down arrow keys to change values.
Software Installation and Network Configuration SSL Certificate Generation Apache and BluStar Manager set up their own self signed certificates by default. BluStar 8000i terminals, however, require Certification Authority signed certificates. These can be generated as follows. To generate SSL certificates for your installation, do the following: 1. On the BluStar Application Server Configuration menu, use the up and down arrow keys to select SSL Certificate Generation, then press Enter.
Software Installation and Network Configuration 4. Press Enter to continue. The following screen displays indicating that the Apache and Database Daemon have been restarted: 5. Press Enter to return to the BluStar Application Server Configuration menu. Note: If you abort the SSL certificate setup before creating new certificates, the screen below displays.
Software Installation and Network Configuration Installing the BluStar Application Server Software Once initial configuration is completed (refer to Initial System Configuration on page 2-16), the Application Server is ready for installation of the BluStar Application Server software. 1. On the BluStar Application Server Configuration menu, use the up and down arrow keys to select Software Installation, then press Enter. 2. You are asked to confirm that you want to continue with the software installation.
Software Installation and Network Configuration 5. A dialog box displays asking you if you accept the terms and conditions of the license agreement. Type yes and press Enter if you agree. (If you answer no, the installation process aborts). 6. The Third Party Software Copyright and Licensing Information screen displays similar to the following: Please read the text, using the spacebar, arrow keys, etc., as needed to view the information. When finished, press Enter. The following screen displays: 7.
Software Installation and Network Configuration 8. The screen displays output indicating progress of the software installation. Near the end of the process which may take several minutes, the system prompts you as follows: BluStar Application Server software installation Complete! This server must be REBOOTED to start functioning. Do you want to reboot now? ([y]/n)? 9. Press Enter to accept the default y response, and reboot the server.
Software Installation and Network Configuration Most system management tasks can be performed remotely, i.e., across the network, using a web browser. Administration Web User Interface on page 3-3, describes how to use the web user interface, referred to as the Web UI in this guide. Initial System Configuration When all the required software has been installed on the BluStar Application Server, the initial configuration of the system needs to be specified.
Software Installation and Network Configuration Rebuilding a Failed High Availability Server If either the master or slave server fails, rebuilding the server may be necessary. This process synchronizes the failed server with the properly functioning one. The two scenarios are outlined below. Note: A PS/2 keyboard and VGA monitor (both user-supplied) must be connected to the server to complete either of the following procedures.
Software Installation and Network Configuration Slave server fails and master server takes over To get the slave server back online: 1. Insert the Application Server CD into the disk drive of the failed slave server. 2. Switch the slave server off. 3. Disconnect the slave server from the network. 4. Switch the slave server on, and confirm that it is booting from the CD. If it is not, make sure that the Application Server CD is properly inserted. 5. At the command prompt, type install.
Chapter 3 System Administration Mechanisms Console User Interface Remotely Accessing the Console Interface To remotely access the console interface, Secure Shell (SSH) client software is required. This is preinstalled on most new BSD variants or Linux. It may be obtained for most versions of Unix, Linux or BSD at http://www.openssh.org.
Console User Interface service The /sbin/service command is used to stop, start or restart, or to obtain the status of, any registered service installed on the platform. Example: To restart the Apache webserver daemon, type: service httpd restart top /usr/bin/top displays a list of the top processes currently running on the machine. The processes can be ordered by various values such as CPU usage, memory usage, etc. General information regarding the health of the system is also displayed.
Administration Web User Interface Administration Web User Interface Logging In and Out The Web User Interface, or Web UI, is compatible with most web browsers such as Internet Explorer 6, Netscape 7, Mozilla 1.7, Opera 7, or more recent versions of these browsers. The login screen and My BluStar pages of the Web UI can be viewed in either Simplified Chinese or Japanese in addition to English.
Administration Web User Interface Web User Interface Navigation The welcome screen appears as shown in the annotated image below. NAVIGATION BAR MENU BAR LOGOUT LINK MAIN FUNCTIONAL AREA INFORMATION AREA Note: The normal Back, Forward and Reload buttons provided by the browser should not be used to navigate the web administration interface.
Administration Web User Interface When one of the Menu Bar icons is selected, the Main Functional Area displays a submenu of the options available for the chosen Menu Bar item. Navigation Bar When the user selects an option from the Menu Bar or a submenu, the Navigation Bar changes, adding a link to the chosen menu (or submenu) item. This enables the user to jump back up the menu tree to a previous menu option. The user can also click on the Home icon to be taken back to the Welcome screen.
Administration Web User Interface Form Messages The messages section informs the user of current actions and their effects. This section appears only if there is a message that needs to be relayed to the user from the system. There are four types of messages that can be relayed to the user, each of which can be identified by the icon at the beginning of the message: Icon Message Help Information Warning Error The data area is where the data for the current menu option is displayed.
Administration Web User Interface Form Types Each of the following form types has its own basic set of operations and navigation: Basic View Edit Form An example of a Basic View Edit form is the Users :: SIP Authentication Support form. Forms of this type usually start in Viewing mode. Clicking the Edit button enables the user to edit the displayed fields. Note: If the Edit button is disabled, the user does not have privileges to edit the current information.
Administration Web User Interface Basic View, Edit, Add, and Delete Form An example of a Basic View, Edit, Add, and Delete form is the Users :: User Accounts form depicted in the image below. Forms of this type usually start in Filtering mode. Filtering Mode Some forms have a filter options section just beneath the form heading. Placing text in the field and clicking on Search updates the filter result.
Administration Web User Interface The filter results table also contains a [>>] button to the left of each record. The [>>] button displays the record in Editing Mode. Note: If the user is not allowed to edit a record, it will be displayed in Viewing Mode. Viewing Mode The user must select the records they want to view. If no records are selected and the View button is clicked, an error message displays at the top of the page, reminding the user to select at least one record.
Administration Web User Interface . The user can now browse through the selected records. If the user has the right to do so, clicking the Edit button changes the form to Editing Mode, while clicking the Delete button deletes the current record. Editing Mode As with Viewing mode the user should first select at least one record before pressing Edit. In Editing mode, the fields of each record are editable. The user can change the fields, then click the Save button.
Administration Web User Interface After the user completes the form and clicks Save, the data for the current record is saved. If the save attempt is not successful, the current record details remain on the form, and an error message informs the user of the error. If the save attempt was successful, the user is informed with an information message and all fields on the form are reset to default values to enable the user to add the next record.
Administration Web User Interface web-user-admin This role is designed specifically for the administrator to handle all user-related tasks (e.g. creating/editing users, setting up call forwarding and authentication, resetting forgotten passwords, and handling most queries by other users on the system).
Chapter 4 My BluStar The My BluStar section allows any user to manage contacts, change their password, set up call forwarding rules, and download software to a PC. For the web-terminal-user, this is the only available section of the Web UI. My Contacts Contacts can be edited individually using the contact editor, or they can be imported from a file created by another program. My BluStar contacts can also be exported.
My Contacts Contacts Import From this page, a user can import a contacts file that is accessible on the local machine. Import File Press the browse button to locate the contacts file. Field Delimiter Choose the delimiter, a value that separates items in the contact file. This can be chosen from the drop-down menu or specified as OTHER, with the delimiter to the right. First Line in File are Headings Check this box if the first line of the file contains headings, or leave blank (default).
My Contacts Contacts Export Contacts can be saved to an external file using this page. Number of Contacts (uneditable) Displays the number of contacts the user has in their contacts editor. Export Headings Choose whether or not to export the headings (Title, First Name, etc.) to the contacts file. Export File Character Format Choose the character format to be used in the exported file, either International, or the correct Chinese or Japanese format.
My Password My Password My Password refers to the password used to log in to the Web UI. This subsection of the Web UI allows any user to modify their password. Password Change To change your password, specify the old password, new password, and new password again. 41-001391-00 Rev 03 – 04.
My Call Handling Rules My Call Handling Rules Call Handling features can be configured for each user as required in User Call Handling Rules on page 5-25. The user can add, delete, enable/disable, modify, and control the order in which rules are applied by accessing this section of the Web UI. As an administrator accessing this page, these settings will affect only the call handling preferences of the administrator user. Presence True presence status of the user as set on the terminal.
PC Software Downloads PC Software Downloads PC software intended for use with the BluStar 8000i can be accessed and downloaded by clicking on the PC Software Downloads icon. The image below shows a typical listing of software available for download by the currently logged-in user. The listing shows the software Product name, the Operating System on which the software can be installed and used, and a Download link to the software package. Click on the software link to download the file.
Chapter 5 Users After installation, the default administrator is automatically created with a username of admin and a password identical to that of the root user on the server. User Accounts BluStar 8000i or SIP phone user accounts (referred to as “end users” in this document) can be created, modified or deleted via the Web UI. When the User Accounts icon is selected, a list of all configured user accounts followed by View, Edit, Add, and Delete buttons is shown below.
User Accounts Max Records Enter the maximum number of records to be shown on the filtered listing. Default value is 100. Click on the Refresh List button to filter the list per the values filled in above. Each entry in the listing has a check box next to it. If the box is checked, clicking on either the View or Edit buttons displays the record for viewing or editing, respectively. If more than one check box is checked, the records are displayed one-at-a-time.
User Accounts User Identity The User Identity panel is where the essential information for defining a new user is contained. This panel contains four fields: User Name, Display Name, Home Server, and SIP URL. Note: Entries are required in both the User Name and SIP URL fields. User Name The name that the user must use to log into a BluStar 8000i terminal. This name typically is the same as the Windows username. This is a required field. (The field cannot be blank.
User Accounts Phone Number Enter the primary phone number for the user here. Select one of the categories from the pull-down menu to define the type of phone number. SIP Alias List A user can be identified by the user’s assigned SIP URL, or can be identified by one or more aliases. If aliases have been assigned, the user will also be reachable by placing a call to alias@domain in addition to the user’s assigned SIP URL. Note: Each alias entry may only contain SIP URLs, e.g. sip:john.doe@company.
User Accounts Security Panel Security settings for the user, as well as the allowed login roles, are specified in the Security panel. The options presented depend upon the Authentication Type (LOCAL or SMB) that is selected. LOCAL Authentication Settings When the Authentication Type chosen is LOCAL, a screen similar to the following is displayed. Authentication Type Type of authentication between the web user and the WebUI. Changing this field also affects other fields on the page.
User Accounts Force Password Change Forces the user to change the account password on next login. Allowed Login Roles Login roles the user is permitted to assume. The different roles are defined in User Roles on page 3-11. SIP Authentication Type Type of authentication between SIP device and server. The various types are detailed in Authentication Types on page 5-23. SIP Static URL This setting is used for static SIP registration. Enter the SIP URL to which calls should be forwarded in this field.
User Accounts Minimum Number of Digits in Password Sets the minimum number of digits that must be in a password. Setting this to “0” (zero) disables checking. Minimum Number of Special Characters in Password Sets the minimum number of special characters that must be in a password. Setting this to “0” (zero) disables checking. Special Characters Allowed in Password Lists of special characters that are allowed to be entered in a password. Setting this to “All” enables any special character to be used.
User Accounts Access Control Allow User to Edit Call Handling Rules When checked, permits the account user to make changes to the Call Handling Rules for that account. Allow Execution of Remote Control Commands Allows the execution of remote control commands. Setting this to “No” disables execution of remote control commands.
User Accounts Proxy Registration The Proxy Registration panel is where you can set the proxy registrations for the user. When the user logs in to the BluStar 8000i , the BAS will login to the remote server on the user’s behalf. A user can have up to three proxy registrations. Proxy Registration The BAS will register the user to a remote server when the user logs in to their BluStar 8000i . Remote Username Username to login to the remote server. Remote Registrar SIP URL of remote server.
User Groups User Groups The User Groups page allows the administrator to do the following: • add and delete User Groups • add members to existing User Groups • edit User Group settings. User groups can be used to: • Apply configurations to specific groups of users. Creating a User Group A User Group is created as a “child” of a group. To create a new group: 1. Click on the icon next to the parent of the new group. 2. On the resulting screen, type the name of the new group. 3.
User Groups User are not prevented from joining more that one group. A user is always a member of the All Users group as well as any other group to which the user is assigned. The only instance where a group (A) will be disallowed from being a member of another group (B) is if B inherits from A (directly or indirectly). Understanding Group Settings A child group’s settings can be inherited from the parent group. However, the child group’s settings can also differ from the parent group’s settings.
User Groups The group priority setting is effective only if a setting is in conflict with another group setting at the same level. In the image below, Group2 and Group1 are at level 2 (i.e., they are immediate children of the All Users group). Group1a is at level 3 (an immediate child of Group1). In this scenario, the effective setting would be Min Password Length=3. (Because Group1a is the longest path (level 3) for the Min Password Length setting, its value becomes the effective setting.
User Groups Editing User Group Settings The user group settings page contains panels similar to those found in the Security settings panels of the User Accounts page. These include the following: Password Restraints Prevents users from choosing easily guessed passwords. Allow User to Change Password Permits the user to change the account password. Enable CrackLib Password Testing Prevents users from choosing easily guessed passwords.
User Groups Samba Authentication Settings The Samba settings are used to associate the account with the SMB Domain and SMB Server that are to be used for authenticating the user upon login. Refer to SMB Authentication Panel on page 5-8 for details. Access Control Settings Allow User to Edit Call Handling Rules When checked, permits the account users to make changes to the Call Handling Rules for that account.
Global Contacts Global Contacts Global contacts allows the system administrator to establish and maintain a contact list of all users on the BluStar system that is readily available to users from the BluStar 8000i terminal. This list is referred to on the terminals as the Global Address Book (GAB). GAB contacts can be assigned to categories (folders) if desired.
Global Contacts Each entry in the listing has a check box next to it. If the box is checked, clicking on either the View or Edit buttons displays the record for viewing or editing, respectively. If more than one check box is checked, the records are displayed oneat-a-time. Forward and backward navigation buttons allow the user to cycle through the selected records. The [>>] button next to a record take the user directly to the editing page for that record.
Global Contacts Global Contacts Access Lists If additional Global Folders have been created, this page displays a listing of Users and User Groups that are Allowed to access the folders that have been created in the GAB. A pop-up list allows the administrator to display the Allowed/Available status for the selected folder name. The Available column shows Users and User Groups that are not currently able to access the selected folder.
Global Contacts If GAB viewing is enabled, all users are permitted to view contacts that are not associated with folders. The ability to restrict access to contacts is possible only if the contact is associated with a folder. Note: The All Global Entries folder that appears on the BluStar 8000i terminal on the directories screen displays a combination of unfiled contacts (contacts not associated with at least one folder) and filed contacts.
Global Contacts Global Address Book Sync This page allows administrators to sync up global address book. In order for BAS X to obtain contacts from BAS Y, BAS X syncs from BAS Y. The first step is creating a connection between BAS X and BAS Y. Then BAS Y gives permission to BAS X to obtain BAS Y contacts. Finally, BAS X syncs from BAS Y and obtains BAS Y contacts. To Synch the Global Address Book: 1.
Global Contacts c) On BAS Y, go to Services :: Clustering :: Inbound BAS Connections. You must see BAS X entry as (Hostname: BAS X full-qualified-name, Certificate Common Name: BAS X IP-Address, Account Status: Enabled, Login Status: Registered, Connection Status: Connected, Roles Granted to Server: Remote BAS. d) Check the same on BAS X. e) On BAS X, go to Users :: Global Contacts :: Global Address Book Sync.
Global Contacts 4. BAS Y must grant the GAB Sync role to BAS X: a) On BAS Y, go to Services :: Clustering :: Inbound BAS Connections. b) Select BAS X entry and click Edit. c) Select the GAB Sync role and click Save. d) You must receive the information message "Inbound BAS Connections :: Connected BAS account rights updated.” Note that the connected BAS has been logged off in order for the access right to take effect. The connected BAS will automatically login again within the next 10 minutes.
Global Contacts g) On BAS Y, Services :: Clustering :: Inbound BAS Connections the status of BAS X changes to (Registered, Connected). 5. Enable Global Address Book Viewing on BAS Y. This will allow BAS X to obtain contacts from BAS Y. It will also allow BluStar 8000i terminals on BAS Y to show the contents of BAS Y GAB: a) If BAS Y has a fresh install (not upgrade), then on BAS Y Users :: Global Contacts :: Global Contact Editor, you should see the button Enable Global Address Book Viewing.
SIP Authentication Support SIP Authentication Support These settings are used to define the type of authentication needed to access the server from a device that can make or receive a SIP call. The authentication type for each user is specified in the SIP Authentication Type field in the Security panel when adding or editing any user account (see image below).
Registered Users Registered Users Registered users are users who have logged in to their terminals. The registered users page shows a list of users that are registered via SIP on the server. A list of user names, expiry times and registered addresses is shown. This page also shows remote proxy registers and if the registration was successful or if it failed. 41-001391-00 Rev 03 – 04.
User Call Handling Rules User Call Handling Rules The User Call Handling Rules page allows the system administrator to configure call handling rules for each user. Once configured, the system administrator can then control whether or not the user can modify, add, or delete rules via the My BluStar :: My Call Handling Rules page of the Web UI. This page contains a listing of all of the users administered by the server.
Troubleshooting The bottom pane allows the administrator to view, edit, add, and delete rules for the selected user. It also allows the administrator to change the order in which the rules for the selected user are applied to incoming calls. The figure below shows the editing view for a user rule. Please refer to My Call Handling Rules on page 4-5 for a detailed explanation of this pane.
Chapter 6 BluStar Devices The BluStar Devices section of the WebUI can be used to obtain information about BluStar Devices, or to configure BluStar Devices. BluStar Devices download settings and software releases from the BluStar Application Server (BAS). Third party SIP devices (e.g. SIP Phones) are regarded as BluStar Devices. BluStar Device Status Specific BluStar 8000i devices can be viewed or modified from this page.
BluStar Device Status BluStar 8000i Terminal Settings The settings for any BluStar 8000i terminal are described below: Notes: • The inherited check box specifies whether or not that setting is inherited from Global Terminal Settings. • The terminal settings listed below may differ depending on the specific software release that the respective terminal is currently running. Device Information Displays information about the specific BluStar 8000i terminal.
BluStar Device Status Force reboot time Reboot device at specified time. Format is yyyy-mm-dd hh:mm:ss (for ASAP use current date and time). Terminal Security Settings Disable dialing when logged off Specify whether or not to disable dialing when no user is logged in to the terminal. Disabling dialing will cause the terminal to not display the dial pad.
BluStar Device Status Locale Settings Time zone Specify the time zone by selecting an appropriate value from the list. Set the time zone globally if it is the same for all terminals. Otherwise select the appropriate time zone for each terminal. Language Specify the language to be used on the terminal user interface. DiffServ or IP Type of Service Settings IP TOS byte for audio Specify the IP Type of Service (TOS) byte which should be used for audio packets in this field.
BluStar Device Status Advanced LDAP Settings When configuring an LDAP directory the option is available to customize the directory using the advanced parameters listed below. These advanced parameters are available for both active and non-active directories. Note: Advanced LDAP settings are optional and are not required for configuring the BluStar 8000i to use a LDAP server for reading directories over an IP network. Parameter Description LDAP name title attribute list Specifies the LDAP name title (e.g.
BluStar Device Status Parameter Description LDAP home postal code attribute list Specifies the LDAP home postal code (e.g. 75034) for the attribute list. If this parameter contains more than one value, only the first matching value will be selected in the record. For example, Setting_LDAP home postal code attribute list=hcode LDAP home country attribute list Specifies the LDAP home country (e.g. U.S.A) for the attribute list.
BluStar Device Status Parameter Description LDAP network timeout Used to set the network timeout for LDAP requests. A range of 1 to 120 is applicable. For example, Setting_LDAP network timeout=50 LDAP initial download delay Used to set the LDAP initial download delay. Setting a value of 0 does not introduce any delay and the initial download is performed synchronously during the login process.
BluStar Device Status Show Collaboration Messages Use “NO” to hide docShare state messages. Enable Auto Reprogramming of Collaboration Firmware Not supported on BluStar terminals.
BluStar Device Groups BluStar Device Groups This page is the starting point for managing BluStar Device groups. By default, the server is configured with the groups shown above. The All BluStar Devices group is the top-level parent group and contains settings that affect all BluStar 8000i devices unless overridden for a particular device or child group. The remaining groups are child groups to the All BluStar Devices group. These control settings for all devices of a particular type.
BluStar Device Groups Creating a Device Group A Device Group is created as a “child” of a group. To create a new device group: 1. Click on the icon next to the parent of the new group. 2. On the resulting screen, type the name of the new group. 3. Click the Save button to complete the creation of the new group. Renaming a Device Group To rename a Device Group: 1. Click on the icon next to the group that is to be renamed. 2.
BluStar Device Groups Changing Member Priority To change the priority of the members of a group: 1. Click on the icon next to the group whose members’ priority you want to change. Note: This icon is disabled if the parent group has less that two child groups. 2. The resulting panel allows the administrator to change the priority of the group members in either of two ways. • Click the up or down arrow buttons next to a group member to move that member up or down the priority list.
BluStar Device Groups Release to be installed The software release to be installed by BluStar Devices can be selected from a drop-down list. The list is automatically created from all the BluStar Device software releases which have been installed to the BluStar Application Server. Note: BluStar Device software releases are typically distributed as “rpm” or “tar” files. For instructions with regard to installing software releases, see Download Software on page 6-17.
BluStar Device Categories BluStar Device Categories The Device Categories page allows you to modify the various device categories, create new ones, or remove old ones. Each device category has two options: Auto Add Accounts of this Type Specifies whether or not new accounts of this type will automatically be added. New Accounts should be Enabled New accounts of this type can enabled or disabled by default. 6-13 41-001391-00 Rev 03 – 04.
Telephony Devices Telephony Devices This interface is used for the configuration and update of telephony (PBX) devices that are integrated with the BluStar system. It is used to specify and set all parameters of the device, and define telephone lines which are to be assigned telephone numbers that will be allocated to the BluStar users in the BluStar user configuration section of the Web UI.
Telephony Devices Telephony Device Line Allocation Device Line Allocation allows an administrator to define telephone lines and allocate telephone numbers for later assignment to BluStar users (see User Identity on page 5-3). Start Line / End Line These fields are the line number range (inclusive) that are to be allocated by the server. These line numbers will later be added to users, and these users will then be automatically assigned a line on the telephony device.
Telephony Devices Filtering User Line Information Filter on may be set to one of three options: Display Name Not applicable to “pooled outgoing lines” and will therefore not filter that section. Username Not applicable to “pooled outgoing lines” and will therefore not filter that section. Phone number Affects both user assigned lines (incoming and outgoing) and pooled outgoing lines.
Download Software Download Software The Download Software page allows you to install terminal software builds onto the server. Once a terminal software build is on the server, you can configure specific BluStar 8000i devices pointing to the server to upgrade/install the software (see Software Upgrade Settings on page 6-2 for BluStar 8000i Terminal settings, and Software Upgrade Settings on page 6-11 for BluStar 8000i Device Group settings).
Download Software Adding Software to the Server To add terminal software to the server: 1. Click Add. The following page appears: 1. Type in the file name. Note: The file type must be either a .rpm or .tar. 2. Type in the FTP server (e.g., “generic.hostname.com” or “100.200.1.2/ftppath”), user name, and password (if applicable). 3. Click Save. You will see the following page appear. 4. Click Refresh to update the download status.
View Software View Software The View Software page displays all of the terminal software builds that are currently installed on the server. 6-19 41-001391-00 Rev 03 – 04.
Chapter 7 Services This section of the Web UI provides the ability to configure high-level functions of the Application Server not accessible from the command-line interface. The following sections provide details for these functions: • Licensing • SIP Service Configuration • Routing Rules • Presence Agent • User Session Log • Off-Server Backup • Clustering 41-001391-00 Rev 03 – 04.
Licensing Licensing The Licensing page provides the means to Install Licenses for various BluStar 8000i devices; and to View Licenses’ status information for installed licenses. The number of connected users is limited by the number of licenses for a BluStar Application Server. There can be up to 1000 users connected to a singular BAS at any given time. Note: A five (5) user license is enabled by default to provide functionality during installation and configuration.
Licensing 5. Click the Browse... button in the License to Install panel. In the resulting dialogue box, navigate to the license file that you received from the email, select it, then click on the Upload License button to install the license on the server. 6. When the upload has completed, the License to Install panel refreshes and displays the uploaded license file name and license details. Click on the Install License button to complete the license installation.
SIP Service Configuration SIP Service Configuration The SIP Service Configuration page, shown in the image below, provides the following options: Administrative Domain Names Calls with Request-URIs that exactly match the listed hostname(s) will be treated as local calls. Administrative Domain IPs Calls with Request-URIs that exactly match the listed IP address(es) will be treated as local calls. SIP message logging When checked, the Application Server enables logging of SIP messages.
Routing Rules Routing Rules The routing rules menu allows you to configure the server’s connections with other devices, manage bandwidth between networks, and customize call routing. There are two types of rules that are configured on the Routing Rules page. • General SIP routing rules These rules match “sip:” URL patterns. • Telephony Specific routing rules These rules match “tel:” or “sip:…;user=phone” URL patterns.
Routing Rules Regular Expression Rules Regular expression rules perform pattern matching on SIP Request-URIs and can then create a new Request-URI based on parts of the original Request-URI. This can be used for example to rewrite calls to telephone numbers to include prefixes for outside lines, area code or calling cards as appropriate. A brief summary of regular expression syntax is given below. • Characters not listed below as special characters match themselves. • Special characters: .
Routing Rules Local Regular Expression Rules Local regular expression rules, or Local Regex Rules, allow for the advanced routing of calls that are received at the local regex rules box in the call model diagram below. Local Regular Expression Rules are consulted by the Location Lookup if the URL was within the administrative domain, but the username part of the URL did not match any local users and was not a telephony URL (i.e. with “;user=phone” parameter).
Routing Rules Global Regular Expression Rules Global Regular Expression Rules (Global Regex Rules) are consulted by the Location Lookup before any other checks are done (including the administrative domain check), and are always consulted for every new call. They can be used to rewrite URLs of a certain nature, e.g., to rewrite a URL that would originally not be considered to be in the administrative domain so that it is in the administrative domain.
Routing Rules Bandwidth Manager The Bandwidth Manager menu contains the necessary pages for managing bandwidth on the network. By adding networks, WANs, and the links between them, you can define the topology of your network and the bandwidth limitations of the links. This allows successful implementation of calls accordingly.
Routing Rules Bandwidth Manager Policies Visual representations of how bandwidth policies affect the overall audio and video throughput on the network are displayed on this page. 7-10 41-001391-00 Rev 03 – 04.
Presence Agent Presence Agent The Presence Agent page lists devices that do not support SIP Presence Information Exchange (RFC 3856). The presence agent dynamically adds devices to a Bad Hosts List when it detects failures while attempting to obtain presence information from other hosts. The Dynamic Host List Configuration button displays a page that allows configuration of the duration that a host will remain in the Bad Hosts List, as well as the number of failures before a host is added to the list.
User Session Log User Session Log This page contains links that allow the administrator to configure user session log (USL) services and reporting options. When enabled, the user session log service creates logs for various SIP events managed by the server such as: point-topoint calls and conference calls.
User Session Log USL Export Settings This panel’s function is similar to that used for Off Server Backup. Refer to Off-Server Backup on page 7-17 for detailed explanations of these fields. USL Report The USL Report page controls the display of USL data. The administrator can select the Font Size (XS, S, M, L, XL) for the listing, and set the Number of Lines of USL records that may be displayed per page. Changes to these two parameters take effect when the Reload button is selected.
User Session Log If USL logging and viewing have been enabled (refer to USL Configuration on page 7-12), the USL Report page will display a listing of USL data.The data for each log entry contains the following data types: Session-ID: A unique identifier (index) for the logged session. Correlation-ID: Used for correlating a session to a call. From: Identifies the calling user (URI, phone number, alias). From-terminal: The IP address of the calling terminal.
User Session Log Status: The current status of the session: – CMPL - Call Complete – UNTR - Call uninitialized – INPR - Call in Progress – TSET - Call Setup in Progress – ERSE - Call Setup Error – ERNK - Call Setup Error, Network Error Type: Session type (point to point or multi-party). X-Guid: The Conference GUID (Globally Unique IDentifier) used to identify a conference, consolidating the parties under the single ID. Replication Timestamp This is not relevant to the USL.
User Session Log Time Window Allows the administrator to filter the USL records to those occurring within a specific window of time. The settings control the year, month, day, hour, minute and second for the upper and lower limits of the time window. Click the Search button to display the report.
Off-Server Backup Off-Server Backup The off-server backup service handles the periodic backup of the log files and database to an off-server location using SSH. The four types of off-server backups, configurable from the “Off-Server Backup” page, are outlined below: Server (Including databases, licences, certificates, and OS configuration) Not backed up locally. This option backs up the database, licences, security certificates, and Linux settings (e.g. IP address, DNS, time server settings).
Off-Server Backup User Name The user name required to connect to the remote server. Password The password required to connect to the remote server. Note: If an SSH public key is present on the remote server and allows the Application Server to connect, the password may not needed and may be left blank. For security sensitive sites, this may be the preferred method of authentication. Destination Path The remote path used by SSH (scp command).
Clustering Clustering Outbound BAS Connections The Outbound BAS Connections page shows all of the outbound BAS connections. The Test Connection button tests and establishes the outgoing connection between the two BASs. The Reload Certificate button reloads the certificate to restart the ‘trusted’ connection or conversation with the other server. Hostname BAS X IP-Address of the connected BAS. Status Status of the connection can be either disconnected or connected.
Clustering Inbound BAS Connections The Inbound BAS Connection page shows all of the information for the inbound BAS connection. The Reset Password button will reboot the encrypted conversation with a particular IP address/hostname. Hostname The full-qualified-name of the BAS. Certificate Common Name The IP address of the BAS. Account Status The account status is either Enabled or Disabled. Login Status Registered. Connection Status Connected.
Clustering Note that when you grant a role to the server, the connected BAS has been logged off in order for the access right to take effect. The connected BAS will automatically login again within the next 10 minutes. 41-001391-00 Rev 03 – 04.
Chapter 8 Platform The platform subsection of the Web UI provides the functionality for managing the BluStar Application Server platform, including viewing logs, enabling automatic monitoring of the server, defining static routes, and viewing system information. System Logs System logs provide an in-depth history of events on the server. The filter option for each log page is customized for that specific log and is discussed in each relevant section.
System Logs Log files are routinely deleted from the server to free up disk space. If a specific log entry can not be found, it is either because the log level specified in Platform :: System Logs :: BluStar Log Configuration is too high (see section BluStar Log Configuration on page 8- 4), or too much time has passed and the entry was deleted by the server. In this case, older logs may be retrieved from the server designated in Services :: Off-Server Backup.
System Logs Navigating Log Pages Viewing any log page shows the most recent entries at the time the log was created. These are located towards the bottom of the page. The default page view presents 25 lines from the log file. Three drop-down boxes, depicted below, allow you to further customize the view. Navigation Mode Two navigation modes are available: page and marker. Page mode, the default setting, allows you to browse the log page by page using the First, Prev, Next, and Last buttons.
System Logs Log Level Filter Limits the entries shown to those with a certain coding. Only types with a check under the column “Find” will be filtered. During the process of filtering, the level types may be given a different color coding. Note: To view the color coding scheme, press the “?” next to Color Coding. Message Data Filter Limits the entries shown to those that match the specified text. Only text strings with a check under the column “Find” will be filtered.
System Logs System Monitor and High Availability Log All messages from the System Monitor and High Availability features are logged here. System Monitor is a service that monitors the rest of the services on the Application Server and reports on their status and the actions it takes to correct any abnormalities. The High Availability messages are those messages related to a failover setup such as heartbeats skipped or the occurrence of a failover.
System Logs Additional Information When viewing any of the System Logs, the last log line on a page may be repeated as the first log line on the next page when the Next button is pressed. This is not the case with the Prev button (since it uses a different algorithm to search backwards). When none or fewer than the requested number of log lines are returned, one of the following situations could be the cause.
System Monitor Settings System Monitor Settings This subsection, shown below, controls the monitoring of the system and the issuing of notifications via e-mail, SNMP traps, or log messages. Monitored Services The System Monitor periodically verifies that essential BluStar Services are running and restarts them if needed. The services to be monitored should be selected by pressing Edit. 8-7 41-001391-00 Rev 03 – 04.
System Monitor Settings The System Monitor service itself is listed on the Platform :: System Status page, and can be Start(ed) / Stop(ped)/ Restart(ed) if desired. Note: In normal operational circumstances, all services should be monitored. Enable monitoring services whenever server software has been installed or reinstalled. Only disable service monitoring when services need to be manually started/stopped or upgraded. By default, all services but the Location Request Client are monitored.
System Monitor Settings Disk Space These parameters set a notification based on whether disk space usage exceeds a specified amount. A list of all disks and partitions is shown, with the current usage level as a percentage, as well as a dropdown list of usage percentages when the System Monitor will alert the administrator. To access this feature, enable disk space monitoring by setting the alerting threshold (% full) for each disk partition. Notes: • Usage should not exceed 80%.
System Monitor Settings CPU Temperature These parameters set a notification based on whether the CPU reaches the specified temperature (in degrees Celsius). Core Files These parameters set a notification based on whether an anomaly is detected in the core BAS files. Services These parameters set a notification to be issued at the change of status of a service. You can also specify the number of log lines to send in the notification, starting from the end of the log and going backwards.
System Monitor Settings HA Events These parameters set a notification based on whether an HA event (e.g., the HA master or slave goes up or down) occurs. BluStar Device Monitoring These parameters set a notification based on device authentication or disconnection events. User Monitoring These parameters set a notification based on user login events. 8-11 41-001391-00 Rev 03 – 04.
System Monitor Settings Bandwidth These parameters set a notification based on whether bandwidth usage on a link exceeds a specified percentage. Setting Email or SNMP Notifications In the Notifications area, press either E-Mail Notifications or SNMP Notifications to configure the notification channel. These settings determine how notifications are sent when the E-Mail or SNMP Trap options are selected as described in the above sections.
System Monitor Settings SNMP Manager Enter the address of the SNMP manager. For SNMP version 3 notifications, you must configure an SNMP user for each SNMP manager that should receive the notification traps. The user must also be configured on the SNMP manager. User Name User name for this SNMP user. SNMP Manager The address of the SNMP manager. Authentication Protocol The authentication protocol that this user will use. This protocol must match that running on the SNMP manager that this user will access.
System Settings System Settings The System Settings page allows you to view and Edit the Application Server's network settings. The upper panel contains the System Hostname and Time Server IP address, as well as a check box to enable/disable the SNMP daemon at startup. The middle panel contains IP Version 4 Settings. The bottom panel contains an IP Version 6 Status check box.
System Settings IP Version 6 Settings If the IP Version 6 Status check box is checked, the System Settings page displays the IP Version 6 Settings panel (see image below). The IP Version 6 Settings panel contains the System IP address, Primary Interface Prefix Length, Primary and Secondary Nameserver IP addresses, and the IP address of the Default Gateway. CAUTION! Changing network values will result in services being restarted. This operation may NOT return.
System Status System Status The System Status section displays information regarding the overall status of the Application Server. There are four possible information areas, one of which is only available for a High Availability system setup. Each section (except “SIP Calls per Second Average”) contains a check box with the text “more info” or “extended list”.
Auditing Auditing The Auditing page allows you to view and Edit the Application Server's auditing settings, which provide options for logging IPC (Inter Process Communications) transactions as well as recording changes made to the Application Server configuration. BluStar Audit Configuration This subsection allows you to specify what type of IPC (Inter Process Communications) transactions you want logged to the Audit log, if any. Place a check in the box next to the type(s) of transactions to log.
Auditing BluStar Audit Viewer This subsection displays all logged IPC messages of the type(s) enabled in Platform :: Audit Configuration. Note: The audit log increases in size rapidly. This process accelerates with the number of WebUI users. It should therefore not be enabled unnecessarily. Platform Audit Configuration This subsection allows you to specify what types of OS events you want logged to the System Log, if any.
Auditing The Audit Profile Conformance section indicates to what profile the auditing conforms. Note that in Edit mode you should always Save before the conformance. In Edit mode you are able to enable and disable individual rules. The Quick Selection section can be used to enable and disable rules collectively. When the page is saved it saves the rule selection to the database.
Change Database Password Change Database Password The database password may be changed via this page. The old password must be entered, and a new password entered and confirmed for the change to take effect. Failover Settings Shared Hostname Only editable through the vconfig application. Shared IP Only editable through the vconfig application. Multicast Group IP Used to monitor the status of the SIP services.
Version Info Version Info The Version Info page displays BluStar Application Server Version Information, including the release, build number, the distribution that included the software, and detailed package information. Network Routing The Network Routing page allows the addition of static routes to other networks. Static routes take precedence over routes defined by dynamic protocols.
Security Banners Security Banners The Security Banners page allows you to edit the text that displays when a user logs into the Application Server WebUI. 41-001391-00 Rev 03 – 04.
Security Certificates Security Certificates Security certificates are used to establish secured connections between the server and terminals. The Security Certificates page allows the generation, installation and viewing of security certificates. Certificate Signing Request The page allows the generation of a request containing the details of the server to obtain a certificate from other Certificate Authorities.
Security Certificates Organization Name Organization name. Organization Unit Organization unit name. State State name. Validity Length of time that the certificate should be value in seconds. The Signing Request consists of a the Signing Request itself and the private key of the certificate. The private key should be kept secret (and will be loaded later with the signed certificate). The Signing Request must be sent to the CA.
Chapter 9 Tools This section of the Web UI is used for server debugging and is not to be used without the assistance of a support representative. The only exception to this is the “Location Lookup” page discussed in Location Lookup on page 9-2. DB Connection Stats This subsection of the Tools interface is used for server debugging. While it is not possible to change any settings from this page, it should only be used with the assistance of a technical representative. 9-1 41-001391-00 Rev 03 – 04.
Location Lookup Location Lookup Location Lookup is used to determine if a server can resolve a Request URI, and shows the decisions made to do so. Request URI The SIP URI to be resolved From URI The SIP URI that originated the SIP message Via IP List A list of IPs that the message should pass through to get to the server. The IPs are processed in the order specified and can be modified to test various setups. The bottom IP is last IP before the message reaches the server.
SIP Proxy Information Elapsed Time (not editable) The time it took to complete the process. Note: The result of a lookup is cached to enhanced performance of the location lookup test. Therefore, the first time the lookup is completed, it will take much longer than subsequent lookups. SIP Proxy Information This subsection of the Tools interface is used for server debugging.
Bandwidth Manager Information Bandwidth Manager Information This subsection of the Tools interface is used for server debugging. While it is not possible to change any settings from this page, it should only be used with the assistance of a technical representative. Clearing Stale Calls Occasionally the Bandwidth Manager may maintain stale calls even though the call has been completed.
Chapter 10 Database Overview A database system runs on the Application Server. The database system comprises a relational SQL database subsystem (based on PostgreSQL) and a BluStar-specific Database Daemon. The Database Daemon provides centralized database access via a BluStar-specific api that runs on top of a CORBA IPC. Data Information stored in the database includes: • BluStar Application Server configuration (e.g.
Data Maintenance Data Maintenance The following maintenance tasks need to be considered for the database: • Manual backup and restore • Periodic automatic backup • Offserver backup • Debugger • Database failures Manual Backup and Restore The administrator can manually initiate creating a backup file by entering vipr_backup_db filename, for example enter: vipr_backup_db /tmp/db-before-move To delete all information in the database and restore the database contents from a backup file, first stop all BAS ser
Data Maintenance Backup Details The backup file contains the data of the database, but does not include the schema. The schema therefore has to be recreated before the backup file can be restored. Backup files can be restored even if the schema has changed in minor ways, e.g., addition of fields to tables can be accommodated. Because the backup file is a text file, the file can be restored on different platforms, or added to an existing database (i.e., merged with existing data).
Data Maintenance This shows the backup configuration. The Audit Log, Database, and System Logs can be set up individually to backup to specific servers at specified intervals. The following settings also need to be configured in this module to enable offserver backups: Remote server IP and path: @:[] • Destination Server • User name • Password • Destination Path • Backup interval.
Data Maintenance Database Daemon (DBD) The DBD Shell is a command line utility that allows you to run DBD commands from the command line. To start the DBD shell, from a command shell run the command /opt/m/vipr2/bin/dbdshell, then login as admin as follows: Welcome to the DBD shell: Version:$Id:dbdshell,v1.
Data Maintenance Database Failures Typical database failures are: • Disk full • Disk failure Disk Full When the Disk Full failure condition is detected, the database will refuse to start. Additional space must be freed up on the disk, and the database daemon (postmaster) must then be restarted to recover from this condition. Sometimes the database start-up fails silently.
Database In Depth Database In Depth Note: The information in this section is required only under special circumstances. Contact Technical Assistance before using these procedures. Controlling the PostgreSQL Service The PostgreSQL service is normally started when the BluStar Application Server boots. The following information is provided should it be necessary to manually start or stop the PostgreSQL service. PostgreSQL is started by entering the command: /sbin/service postgresql start at the console (i.e.
Chapter 11 Fail-Over Overview The aim of a High-Availability fail-over server configuration is to ensure the highest possible quality-of-service by providing redundant systems with redundant services that may be employed whenever the primary system becomes unserviceable. In this version of the Application Server a 1:1 redundancy is implemented (if configured).
Using a Serial Cable Using a Serial Cable The use of a serial cable is not absolutely necessary, but adds much more versatility to an HA Server pair. 1. Install a null-modem serial cable between the two servers. Connect the cable to the first serial port (COM1) in each case. 2. Monitor the BluStar HA log file to see if the serial cable was detected. 3. To manually verify connectivity in one direction, enter on the first server: cat /dev/ttyS0 4.
Chapter 12 Security Management Root Account The server platform comes preconfigured with a single administration account called “root” with password “blustar” (excluding the quotes). Some platforms are shipped with factory-generated passwords unique to each platform. In this case, the root password will be supplied with the platform hardware. On installation, the system requires the creation of a new root password.
Database Password Database Password All databases are encrypted using a common database password. This can be changed on the Platform :: Change Database Password page as shown below: To change the database password, you must enter the old password, the new password, and then re-enter the new password for confirmation. 12-2 41-001391-00 Rev 03 – 04.
Database Password Default Administrator Password for All BluStar Devices One of the first steps when starting to configure the BluStar Application Server through the Web UI should be to create an administrator password for the All BluStar Devices group. This will allow administrators access to all devices utilizing one default password. The default administrator password can be configured on the BluStar Devices :: BluStar Device Groups page as shown below: To create a default administrator password: 1.
Administration Web Interface Accounts Administration Web Interface Accounts For the administration Web UI, it is recommended that customers create an account for each person who will access the platform, and log in using each administrator’s account. Each administrator should be placed in a group commensurate with that administrator’s privilege level. This will: • Enable actions to be traced to specific individuals.
SSH Configuration SSH Configuration SSH keys are generated whenever the platform is rebooted or the SSH daemon is restarted, and no keys are found. If the platform was shipped with pre-installed software, keys may already have been generated. To ensure that keys are generated in your environment, i.e.
SSL Configuration SSL Configuration Install Webserver Certificates The initial configuration menu provides an option to generate and install certificates for the Apache webserver (refer to SSL Certificate Generation on page 2-11). 1. From the root account, run the command ./vconfig 2. Choose the SSL Certificate Generation menu item. 3. Fill in the required fields and select OK. 12-6 41-001391-00 Rev 03 – 04.
User Authentication Configuration User Authentication Configuration Overview The system can validate some users using the local database (i.e., the DB stored on the BluStar Application Server), and other users using the SMB (Windows domain) authentication system. If either of these matches, a password / username combination is accepted. If for a specific username the entries in the BluStar DB, and/or the SMB DB have different passwords, either of the passwords can be entered to authenticate that user.
Required Periodic Actions Login Banners Some customers require login banners. Login banners to be displayed on BluStar 8000i terminals before and after logon can be configured either globally (BluStar Devices :: BluStar Terminals :: Global Terminal Settings) or on a terminalspecific basis (BluStar Devices :: BluStar Terminals :: BluStar Terminal Status).
SBC Solution Configuration SBC Solution Configuration Session Border Controller (SBC) allows users to use their BluStar 8000i terminal at a remote location (outside the company’s firewall), while still accessing the corporate server. Administrators can configure SBC for users using the BAS and the user’s BluStar terminal. In order for administrators to configure SBC, IT must complete DNS, firewall, and SBC configuration (steps 1 and 2 below). Limitations • SBC is only supporting point-to-point calls.
SBC Solution Configuration e) On the BAS Web UI, go to the Services :: SIP Service Configuration page. Enter the second hostname (e.g. server1.aastra.com) in the Administrative Domain Names field of the Sip Service Configuration Section. The same should be done for the Administrative Domain IPs in the same section. f) On the BAS Web UI, go to the Platform :: System Settings page. Enter the hostname (e.g. server1.aastra.com), instead of the IP address of the BAS in the Local Hostname field.
SBC Solution Configuration g) On the BAS Web UI, go to the BluStar Devices :: BluStar Device Status page. Select the BluStar terminal device that will be used outside the corporate firewall. Include the following settings in the Other Settings section under Own. The registration parameters are used for SIP registration. – Outbound Proxy=SBC external IP address Note: Don't forget to configure the SBC in the Static URL for the user below (in step h). – Proxy=server1.aastra.com – Registrar=server1.aastra.
Chapter 13 SIP Services Overview SIP, the Session Initiation Protocol, is a standard developed by the Internet Engineering Task Force (IETF) as a signalling layer on top of IP for controlling various types of sessions (such as Voice over IP). The standard, originally put forth as RFC2543, can be found on the IETF website at: http://www.ietf.org/rfc/rfc3261.txt.
Abstract (from RFC3261): SIP supports five facets of establishing and terminating multimedia communications: • User location: determination of the end system to be used for communication; • User availability: determination of the willingness of the called party to engage in communications; • User capabilities: determination of the media and media parameters to be used; • Session setup: "ringing", establishment of session parameters at both called and calling party; • Session management: including transfer a
Abstract (from RFC3261): Outbound Proxy: A proxy that receives requests from a client, even though it may not be the server resolved by the Request-URI. Typically, a UA is manually configured with an outbound proxy, or can learn about one through auto-configuration protocols. Proxy, Proxy Server: An intermediary entity that acts as both a server and a client for the purpose of making requests on behalf of other clients.
Abstract (from RFC3261): The SIP Request-Response Transaction Mechanism The following description of the request-response transaction mechanism is composed of selected excerpts from the standard. SIP is a text-based protocol and uses the UTF-8 charset (RFC 2279). A SIP message is either a request from a client to a server, or a response from a server to a client. Both Request and Response messages use the basic format of RFC 2822, even though the syntax differs in character set and syntax specifics.
Abstract (from RFC3261): No CR or LF is allowed except in the final CRLF sequence. Status-Line = SIP-Version SP Status-Code SP Reason-Phrase CRLF The Status-Code is a 3-digit integer result code that indicates the outcome of an attempt to understand and satisfy a request. The Reason-Phrase is intended to give a short textual description of the Status-Code. The Status-Code is intended for use by automata, whereas the Reason-Phrase is intended for the human user.
Abstract (from RFC3261): 407 Proxy Authentication Required Indicates that the user agent needs to be authenticated before it can make a successful request. 408 Request Timeout Usually generated by a SIP stack when a request has not received any response for a certain period of time. 480 Temporarily Unavailable A user agent may use this response code as a “do not disturb” notice.
Abstract (from RFC3261): Location Lookup The Location Lookup procedure employs various methods to try and find a destination address for a call which is closer to the final endpoint, or finds reasons for rejecting a call (e.g. if the destination user has not logged on).
Service Administration Service Administration The SIP Service settings can be found in the Web User Interface under Services / SIP Service Configuration. Configurable variables include: • Administrative Domain Names - A list of the domain names which the SIP Service is responsible for. This value defaults to the hostname (or shared hostname in the case of an HA pair) of the server. • Administrative Domain IPs - A list of the IP addresses which the SIP Service is responsible for.
Appendix A Server Subsystems and Protocols BluStar Application Server 2.0 Port Usage The following table lists the protocols used by the various BluStar Services.
BluStar Application Server 2.0 Port Usage Port Service Protocol Usage Process Remotely Reachable 10000 CORBA Database Daemon IPC IIOP/TCP Passive Open Filtered dbd no Remaining - - Filtered - no 41-001391-00 Rev 03 – 04.
Index A O Administration Web Interface ..................................................................................................... 3-3 Applications system ................................................................................................................... 1-3 Automated Backup ...............................................................................................10-2 Obtaining Assistance .................................................................................
Disclaimer Aastra Telecom Inc. will not accept liability for any damages and/or long distance charges, which result from unauthorized and/or unlawful use. While every effort has been made to ensure accuracy, Aastra Telecom Inc. will not be liable for technical or editorial errors or omissions contained within this documentation. The information contained in this documentation is subject to change without notice. Copyright © 2012 Aastra Technologies Limited, www.aastra.com.