User's Manual

ManualsBrandsAvaya ManualsMobile CommunicatorAvaya 3100 Mobile Communicator and Security

Administration and Security

Avaya 3100 Mobile Communicator

3.1

NN42030-600, 04.05

October 2010

Summary of content (116 pages)

PAGE 1
Administration and Security Avaya 3100 Mobile Communicator 3.1 NN42030-600, 04.
PAGE 2
© 2010 Avaya Inc. All Rights Reserved. Notice While reasonable efforts have been made to ensure that the information in this document is complete and accurate at the time of printing, Avaya assumes no liability for any errors. Avaya reserves the right to make changes and corrections to the information in this document without the obligation to notify any person or organization of such changes.
PAGE 3
Contents Chapter 1: New in this release.................................................................................................7 Features............................................................................................................................................................7 Administration enhancements..................................................................................................................7 Other changes....................................................
PAGE 4
Chapter 6: Mobile client administration................................................................................49 Client upgrade methods..................................................................................................................................49 Uploading the mobile client software files.......................................................................................................53 Deleting files in the software repository..............................................
PAGE 5
Obtaining the CA signed SSL/TLS certificate for Avaya 3100 Mobile Communicator Gateway Server.........94 Obtaining the CA-signed certificate for the Avaya 3100 Mobile Communicator Gateway Administration Server ........................................................................................................................................................................94 Installing the root and signed certificates on the Avaya 3100 Mobile Communicator Gateway Server..........
PAGE 6
Administration and Security October 2010
PAGE 7
Chapter 1: New in this release The following sections detail what's new in Avaya 3100 Mobile Communicator Administration and Security, NN42030-600 for Avaya 3100 Mobile Communicator Release 3.1. • Features on page 7 • Other changes on page 7 Features The following sections describe the features. Administration enhancements on page 7 For all the new Avaya 3100 Mobile Communicator features, see Avaya 3100 Mobile Communicator Fundamentals, NN42030-109.
PAGE 8
New in this release July 2010 Standard 04.04. This document is issued to support Avaya 3100 Mobile Communicator Release 3.1. This document contains editorial changes. November 2009 Standard 04.03. This document is issued to support Avaya 3100 Mobile Communicator Release 3.1.
PAGE 9
Other changes January 2009 Standard 03.04 This document is issued to support Avaya 3100 Mobile Communicator Release 3.0. Changes were made to address formatting issues, including changes to the procedure Configuring the device settings on page 34 and the creation of the procedure Configuring the emergency telephone numbers on page 37. December 2008 Standard 03.03. This document is issued to support Avaya 3100 Mobile Communicator Release 3.0.
PAGE 10
New in this release 10 Administration and Security October 2010
PAGE 11
Chapter 2: Introduction This document provides information about the administration and security of the Avaya 3100 Mobile Communicator.
PAGE 12
Introduction Navigation • Using the Avaya 3100 Mobile Communicator Web Administration Console on page 13 • Administration on page 21 • Gateway administration on page 23 • Mobile client administration on page 49 • User administration on page 61 • Audio prompt administration on page 69 • Security on page 85 • Server certificate management on page 87 • Client certificate management on page 99 • Server certificate administration on page 103 • Maintenance on page 109 • Common procedures on page 115 References
PAGE 13
Chapter 3: Using the Avaya 3100 Mobile Communicator Web Administration Console This chapter describes the Avaya 3100 Mobile Communicator Web Administration Console.
PAGE 14
Using the Avaya 3100 Mobile Communicator Web Administration Console Table 1: Web Administration Console buttons Button Screen Add Gateway System Configuration Displays the Add Gateway window. Only active when an Avaya 3100 Mobile Communicator Gateway server can be added. Advanced View User Info Displays all the configuration parameters. Browse Admin Portal, License Information Enables you to find a required file.
PAGE 15
Avaya 3100 Mobile Communicator Web Administration Console buttons Button Screen Description Help Web Administration Console main window Displays the Avaya 3100 Mobile Communicator pages on http:// www.avaya.com Install License Information Enables you to install the information. License System Configuration (Gateway Actions button) Displays the License Information window User ID (hyperlink) User Info Displays the User Statistics window for the selected user.
PAGE 16
Using the Avaya 3100 Mobile Communicator Web Administration Console Button Screen Description Unlock System Configuration (Gateway Actions button) Displays the Unlock Gateway window. View User Portal Admin Portal Displays the User Portal. Yes Removal Confirmation Enables you to confirm the removal of the file.
PAGE 17
Logging on to the Avaya 3100 Mobile Communicator Web Administration Console as a user https://:8553/adminserver 2. In the Username field, type the user name. 3. In the Password field, type the admin password. Important: Avaya recommends that you change the default administrator password. For more information, see Changing the Avaya 3100 Mobile Communicator Web Administration Console password on page 18. 4. Click Sign In. 5.
PAGE 18
Using the Avaya 3100 Mobile Communicator Web Administration Console • https://:8553/adminserver/ userportal.html 2. Press Enter. The User Portal screen displays. Variable definitions Variable Definition The name of the MCG server in fully qualified domain name (FQDN) format, or the IP address of the server.
PAGE 19
Resetting the Web Administration Console administrator password Variable definitions Variable Value Current Password Existing password. The default password for new servers is password New password New password for the Admin server. Secure passwords use a mix of letters, numbers and alphabetic characters and can be up to 19 characters in length. Confirm New Password New password for confirmation.
PAGE 20
Using the Avaya 3100 Mobile Communicator Web Administration Console 20 Administration and Security October 2010
PAGE 21
Chapter 5: Administration The following chapters describe administration procedures for the Avaya 3100 Mobile Communicator.
PAGE 22
Administration 22 Administration and Security October 2010
PAGE 23
Chapter 5: Gateway administration This chapter describes procedures for gateway administration.
PAGE 24
Gateway administration Important: In a redundant system, add the local server first. 3. Enter the Gateway Address as an IP Address or Fully Qualified Domain Name (FQDN). 4. Click OK. 5. If you receive a prompt to restart the gateway, To restart the gateway, click Yes. OR To restart at a later time, click No. Important: Avaya recommends that you restart the gateway. Procedure job aid Use the following table to help you understand the Add Gateway parameters.
PAGE 25
Locking and unlocking an Avaya 3100 Mobile Communicator Gateway server the Avaya 3100 Mobile Communicator Web Administration Console as an administrator on page 16. 1. Click System Configuration tab. 2. Select Gateway Actions > Remove from Group. 3. At the confirmation prompt, click Yes. The Avaya 3100 Mobile Communicator Gateway is deleted. The Avaya 3100 Mobile Communicator Gateway software remains installed. 4. If you receive a prompt to restart the gateway, To restart the gateway, click Yes.
PAGE 26
Gateway administration Prerequisites You must be logged in to the Avaya 3100 Mobile Communicator Web Administration Console as administrator. For more information on logging in as an administrator, see Logging on to the Avaya 3100 Mobile Communicator Web Administration Console as an administrator on page 16. 1. Click System Configuration tab. 2. To unlock the server, click Gateway Actions > Unlock. 3.
PAGE 27
Procedure job aid 7. Click Close. You receive a prompt to restart the server. 8. To restart the system, click Yes. The updated Gateway settings are applied. OR To restart the system at a later time, click No. The updated Gateway settings are applied when the system is restarted later. Important: Avaya recommends that you restart the gateway. 9. On a redundant system, open the Gateway Configuration window for both gateways and check that their settings match.
PAGE 28
Gateway administration Field Description 3100 Mobile Communicator Gateway, the prompts play in the language specified in this field. For more information on prompts, see Audio prompt administration on page 69. Incoming Call Reliable Timer Specify the amount of time, in seconds, that the Avaya 3100 Mobile Communicator Gateway waits after it plays the cellular voice mail avoidance prompt, while waiting for the pound (#) key to be pressed, before the call forwards to the Enterprise voice mail system.
PAGE 29
Procedure job aid Field Description Use HTTPS when a certificate infrastructure exists on the clients and Avaya 3100 Mobile Communicator Gateway. This parameter applies to both servers in the redundant configuration. HTTPS certificate password Enter the password used for the HTTPS certificate transmitted by clients to the Avaya 3100 Mobile Communicator Gateway server. The default is Avaya. This parameter applies to both servers in the redundant configuration.
PAGE 30
Gateway administration Field Description The mobile phone will dial +41123456789 for direct outbound calls. This PSTN number will be routed to the enterprise as a DID number. When the number arrives at the Enterprise we must manipulate the PSTN number (+41123456789) to be routed on the SIP network.
PAGE 31
Procedure job aid Field Description which the LDAP search begins. Obtain this value from the directory administrator. This parameter applies to both servers in the redundant configuration. LDAP Username Enter the user name required to gain access to the LDAP server that hosts the corporate directory. Obtain this value from the directory administrator. This parameter applies to both servers in the redundant configuration.
PAGE 32
Gateway administration Field Description This parameter applies to both servers in the redundant configuration. LDAP attribute tag that contains the user's email address Enter the tag for the User E-mail Address attribute on the LDAP server. The default is email. This parameter applies to both servers in the redundant configuration. LDAP attribute tag that contains the user's extension Enter the tag for the User Extension attribute on the LDAP server. The default is ipPhone.
PAGE 33
Variable definitions The system automatically inserts commas between the entries in the list. 8. To save the changes, click OK. Variable definitions Variable Value Represents the elements of a dialable number and what these elements translate to in order to be dialed.
PAGE 34
Gateway administration Configuring the device settings The mobile device settings can automatically download to all the clients. A null value downloads if a parameter is not configured. By default, whenever a user logs in, the device settings download to the device. You can change this behavior so that settings only download when the user first logs in. Prerequisites • You must be logged into the Avaya 3100 Mobile Communicator Web Administration Console as administrator.
PAGE 35
Procedure job aid Field Description External: Use Secure Connection Select Yes to enable HTTPS connections on the primary Avaya 3100 Mobile Communicator Gateway public interface using security certificates on the clients on Avaya 3100 Mobile Communicator Gateway. Select No to enable HTTP. Use HTTPS when the clients use certificates to encrypt communication with the Avaya 3100 Mobile Communicator Gateway.
PAGE 36
Gateway administration Field Description Internal: Address (IP/host:Port) Enter the address of the secondary Avaya 3100 Mobile Communicator Gateway private interface on the network. Configure this parameter if your Avaya 3100 Mobile Communicator system implementation uses BlackBerry devices that use the BES. Internal: Use Secure Connection Select Yes to enable HTTPS connections on the secondary Avaya 3100 Mobile Communicator Gateway private interface. Select No to enable HTTP.
PAGE 37
Configuring the emergency telephone numbers Field Native Dialing Numbers Description For information on configuring this field, see Configuring the emergency telephone numbers on page 37 Auto-Download of Device Configuration Allow Client Override Controls the automatic downloading of the device configuration (including blank values) to the clients. Select No to download the configuration every time a user logs in. The download overwrites local updates.
PAGE 38
Gateway administration Prerequisites • You must be logged into the Avaya 3100 Mobile Communicator Web Administration Console as administrator. For more information, see Logging on to the Avaya 3100 Mobile Communicator Web Administration Console as an administrator on page 16. • You must know the emergency telephone numbers for your location. 1. Select the Device Configuration tab. 2. Click Edit. 3. Click Native Dialing Numbers to display the Native Dialing Numbers dialog. 4.
PAGE 39
Procedure job aid To block access to a port, clear the corresponding check box for that port. 3. In the Admin Server Port Setting section, click Save. Procedure job aid Use the following table to help you understand the Admin Server Port Setting parameters. Each parameter contains two numbers. The first number indicates the total number of events since the server came online. The second number indicates the number of events since the table was last refreshed.
PAGE 40
Gateway administration Important: Make sure you save a backup copy of your license files in a secure location. You will need these files if you reinstall or perform major upgrades on the Avaya 3100 Mobile Communicator Gateway. Prerequisites • You must be logged in to the Avaya 3100 Mobile Communicator Web Administration Console as administrator.
PAGE 41
Checking Gateway server statistics Checking Gateway server statistics Check Gateway server statistics to check the number of outgoing calls, incoming calls, Instant Conferencing, log ins and log offs, and corporate directory searches by all registered users. As soon as the Gateway server comes online, the system records the number of events processed for all users.
PAGE 42
Gateway administration Field Description Incoming call (IC) The total number of incoming calls processed by the server for this user Outgoing call (OC) The total number of outgoing calls processed by the server for this user Move call (MV) The total number of calls that have been moved between the users' desktop phones and the client application. Swap call (SC) The total number of swap call operations. Transfer call (TC) The total number of call transfers.
PAGE 43
Checking Gateway server status Field Description Presence updates (PRU) The total number of presence status updates. Presence sets (PRS) The total number of presence status updates on the network. Presence queries The total number of presence status queries. (PRQ) Connection Login (LGI) The total number of log ins processed by the server. Logout (LGO) The total number of log outs processed by the server. Loss of service (LOS) The total number of times that clients have lost service.
PAGE 44
Gateway administration Field Description IP Address Contains the IP Address of the Gateway Server. Status information appears to the right of this field. Click the IP Address to view statistical data related to the associated server. If the IP Address displays in red, the server is not responding, which can indicate a server software problem or system outage. If the IP Address displays in grey, the server is unavailable.
PAGE 45
Checking Gateway server license file information Field Description messages clear. However, persistent error conditions (such as missing or incorrect configuration settings) immediately generate new alarms. To permanently delete an alarm, you must solve the original error condition. • Recurrent events only generate one alarm. Active Connections Indicates the current number of active connections (clients) handled by the server. The license key determines the maximum number of connections.
PAGE 46
Gateway administration Prerequisites You must be logged in to the Avaya 3100 Mobile Communicator Web Administration Console as administrator. For more information on logging in as an administrator, see Logging on to the Avaya 3100 Mobile Communicator Web Administration Console as an administrator on page 16. 1. Click the System Status tab. 2. Monitor the license file status using the Licenses field.
PAGE 47
Procedure job aid The Status field indicates which server is currently active. In a single-server system, this is always the local server. 2. To stop the server processes, click Gateway Actions beside the server to be stopped and select Stop. 3. To start the server processes, click Gateway Actions beside the server to be started and select Start. 4. To restart the server processes, click Gateway Actions beside the server to be restarted and select Restart.
PAGE 48
Gateway administration The system responds with the status of the server processes. 2. To start the server, enter appstart start 3. To stop the server, enter appstart stop 4. To restart the server, enter appstart restart Important: Some implementations of the Avaya 3100 Mobile Communicator Gateway do not include the restart command.
PAGE 49
Chapter 6: Mobile client administration This chapter provides information and describes procedures that you use to administer the mobile clients.
PAGE 50
Mobile client administration Table 3: Client upgrade comparisons Install or upgrade type From a computer Advantages Disadvantages retains a copy of the software on the computer for backup purposes • users must be connected to their computers • additional configuration may be required • users can select an incorrect load Over the air • users can install or update at any time, without being tied to their computers • reduces configuration steps no backup copy of the files for reloading so users need to
PAGE 51
Client upgrade methods Figure 1: Sample E-mail - Avaya 3100 Mobile Communicator - Client for BlackBerry over the air download on page 51 is a sample message you can send to a BlackBerry user for the over the air download. Substitute your server addresses for the in the message.
PAGE 52
Mobile client administration Figure 2: Sample E-mail - Avaya 3100 Mobile Communicator - Client for Nokia over the air download Figure 3: Sample E-mail - Avaya 3100 Mobile Communicator - Client for Windows Mobile over the air download on page 53 is a sample message that you could send to a Windows Mobile user for the over the air download. Substitute your server addresses for the in the message.
PAGE 53
Uploading the mobile client software files Figure 3: Sample E-mail - Avaya 3100 Mobile Communicator - Client for Windows Mobile over the air download Uploading the mobile client software files Use this procedure to manually upload new mobile client software files to the User Portal to provide access for users. When you upgrade the software (for example, for a Service Upissue), the mobile client software updates automatically on the User Portal.
PAGE 54
Mobile client administration Logging on to the Avaya 3100 Mobile Communicator Web Administration Console as an administrator on page 16. • You must have downloaded the updated files from the Avaya Web site, and have the files accessible from the PC running the Web Administration Console. 1. Click the Admin Portal tab. 2. Click Browse. 3. On the Choose File dialog box, navigate to the location of the zipped file. 4. Click the file to select it. 5. Click Open. The file is unzipped. 6.
PAGE 55
Filtering the mobile client software files Filtering the mobile client software files Filter the mobile client software files to view the files by product, platform, and language. Prerequisites You must be logged in to the Avaya 3100 Mobile Communicator Web Administration Console as administrator. For more information on logging in as an administrator, see Logging on to the Avaya 3100 Mobile Communicator Web Administration Console as an administrator on page 16. 1. Click the Admin Portal tab. 2.
PAGE 56
Mobile client administration 3100 Mobile Communicator - Client for Nokia User Guide, NN42030-102, or Avaya 3100 Mobile Communicator - Client for Windows Mobile User Guide, NN42030-107. Downloading client software from the software repository to a computer Users can download client software from the software repository to a PC prior to uploading the files to their mobile devices. This procedure can be used in the E-mail you send to the users, as described in Client upgrade methods on page 49.
PAGE 57
Tracking license usage • Avaya 3100 Mobile Communicator - Client Windows Mobile User Guide, NN42030-107 Variable definitions Variable Definition The name of the MCG server in fully qualified domain name (FQDN) format, or the IP address of the server. Tracking license usage Use this procedure to monitor the license usage. For information on troubleshooting license file problems, see Avaya 3100 Mobile Communicator Troubleshooting, NN42030-700.
PAGE 58
Mobile client administration Installing or upgrading the Avaya 3100 Mobile Communicator - Client for BlackBerry using the BlackBerry Enterprise Server You can deploy the Avaya 3100 Mobile Communicator for BlackBerry by placing the software on the BlackBerry Enterprise Server (BES), and allow the BES to push the software to the user. The user does not need to manually install or upgrade the software.
PAGE 59
Checking Instant Conferencing status Deployment option Uses and advantages connected to the wireless network. • Can be used to perform initial and upgrade software installations. • Enables the software to be deployed to multiple devices simultaneously. Limitations username and password) must be sent to the users, which can result in errors or cause security concerns. • The capacity of the wireless network limits the file transfer speed. Typical installations can take more than four hours.
PAGE 60
Mobile client administration Field Description Initiator The extension, telephone number, or mobile phone number of the Instant Conferencing initiator. Active Participants Displays the extension, telephone number, or mobile phone number of each participant, including the Instant Conference initiator, currently engaged in the Instant Conference. Missing Participants Indicates the number of participants not yet participating in the Instant Conference.
PAGE 61
Chapter 7: User administration This chapter describes procedures used to administer users.
PAGE 62
User administration Procedure job aid Field Description Server Address The IP Address or Fully Qualified Domain Name (FQDN) of the Avaya 3100 Mobile Communicator Gateway Server. Login Name The user's account user name on the network. Login Password The user's login password on the network. Mobile Phone Number The user device telephone number on the network. Important: Not all devices can autoconfigure this field.
PAGE 63
Removing users and reconfigure the username and password on the Enterprise Communication Server (ECS). The user can log on again using a new mobile device. If the user's password is reset on the ECS, you must manually log the user off the Avaya 3100 Mobile Communicator Gateway before the user can log in again with the new password. Prerequisites You must be logged in to the Avaya 3100 Mobile Communicator Web Administration Console as administrator.
PAGE 64
User administration Clearing a user message You can clear user messages if the user's queue exceeds normal levels due because of spam received while the user was logged off. You can clear the message queue for one user or multiple users. Prerequisites You must be logged in to the Avaya 3100 Mobile Communicator Web Administration Console as administrator.
PAGE 65
Procedure job aid the Avaya 3100 Mobile Communicator Web Administration Console as an administrator on page 16. 1. Click the User Info tab. The User Info page appears with the users currently registered to the Avaya 3100 Mobile Communicator Gateway. 2. Click Advanced View to view all fields. OR Click Default View to view a subset of all fields. 3. To sort the list, click on the field headings. 4. Monitor the status of the users.
PAGE 66
User administration Field Description - The client is disconnecting. • Out of Coverage: The client cannot communicate with the server. The Status field updates in real time. Permission Indicates the license type assigned to the user. Mobile Number The mobile phone number configured on the user's mobile device. Queued Messages The number of messages queued on the server for delivery to a client device or application. Last Status Change The date and time that the user's status last changed.
PAGE 67
Procedure job aid the Avaya 3100 Mobile Communicator Web Administration Console as an administrator on page 16. 1. Click the User Info tab. 2. On the User Info page, click the User ID of the user whose statistics you want to check. 3. Check the User statistics. 4. To update the statistics snapshot, click Refresh. OR To automatically refresh the statistics every 5 seconds, select the check box. Procedure job aid Use the following table to understand user statistics fields.
PAGE 68
User administration Field Description Buddy queries (BDQ) The total number of buddy queries. Buddy removes (BDR) The total number of buddies deleted. Features Conference (CF) The total number of conference calls. Instant The total number of instant conference calls. Conference (GC) Instant messages sent (IMS) The total number of instant messages sent. Instant messages received (IMR) The total number of instant messages received.
PAGE 69
Chapter 8: Audio prompt administration This chapter provides information and procedures for audio prompt administration. By default, the Avaya 3100 Mobile Communicator Gateway contains United States English language prompts only. However, the Avaya 3100 Mobile Communicator Gateway supports audio prompts in multiple languages. You configure the default language in the Gateway Settings. For more information, see Avaya 3100 Mobile Communicator Deployment Guide, NN42030-301.
PAGE 70
Audio prompt administration - Endian: little • Prompts should start with a 100 to 250 millisecond silence before the voice starts, to ensure that the prompt is not clipped on playback. • Prompts must be recorded at an appropriate volume. The system does not attenuate or amplify the audio. Creating a language pack Use this task to create and install a language pack.
PAGE 71
Creating a language pack task flow navigation Creating a language pack task flow navigation • Preparing prompt translations on page 71 • Record the prompts on page 78 • Preparing the file structure on page 78 • Packaging the prompt files on page 80 • Testing the language pack on page 80 • Installing the language packs on page 81 • Configuring the language on the Avaya 3100 Mobile Communicator Gateway on page 82 Preparing prompt translations Use this procedure to prepare for the new prompts. 1.
PAGE 72
Audio prompt administration Language and locale code job aid Use the following table to record the language code and local code. Code name Requirements Codes to be used language_code two characters, lowercase local_code two characters, uppercase Prompt localization job aid Photocopy and fill in the following table with your localized prompts. Only the spoken prompts are contained in this table. Tones do not require localization. Each module contains a number of prompt files.
PAGE 73
Prompt localization job aid Module Notes Filename Phrase Localized phrase conference lines available. GROUPCALL deniedlocke d.wav You could not be connected. The conference you tried to join is not accepting additional participants. GROUPCALL however.wa v … however, … GROUPCALL invalidbridge That is not a valid .wav bridge number. GROUPCALL invalidconfo ption.wav That is not a valid option. GROUPCALL invite2.wav You are being asked to join … GROUPCALL newnumber.
PAGE 74
Audio prompt administration Module Filename Phrase GROUPCALL optionmutes elf.wav GROUPCALL optionreport. Press '8' to report wav the number of participants. GROUPCALL optionreturn. Press '9' to exit wav conference options. GROUPCALL optiontermin Press '1' to end this ate.wav conference. GROUPCALL optiontitle.w av GROUPCALL optiontitlerer To re-record your ecord.wav title, press '2'. GROUPCALL optionunlock Press '7' to re-open 7.wav this conference to additional participants.
PAGE 75
Prompt localization job aid Module Notes GROUPCALL Filename Phrase thereare.wa v Including yourself, there are … MEDIA numbers 0 to 9 0.wav zero MEDIA numbers 0 to 9 1.wav one MEDIA numbers 0 to 9 2.wav two MEDIA numbers 0 to 9 locale ‘zh’ only 2_zh.wav Word indicating 2 people MEDIA numbers 0 to 9 3.wav three MEDIA numbers 0 to 9 4.wav four MEDIA numbers 0 to 9 5.wav five MEDIA numbers 0 to 9 6.wav six MEDIA numbers 0 to 9 7.wav seven MEDIA numbers 0 to 9 8.
PAGE 76
Audio prompt administration Module 76 Notes Filename Phrase MEDIA numbers 0 05.wav to 9 with “0” prefix oh five MEDIA numbers 0 06.wav to 9 with “0” prefix oh six MEDIA numbers 0 07.wav to 9 with “0” prefix oh seven MEDIA numbers 0 08.wav to 9 with “0” prefix oh eight MEDIA numbers 0 09.wav to 9 with “0” prefix oh nine MEDIA numbers 10.wav 10 and above (see note below) ten MEDIA numbers 11.wav 10 and above (see note below) eleven MEDIA numbers 12.
PAGE 77
Prompt localization job aid Module Notes Filename Phrase Localized phrase note below) MEDIA numbers 16.wav 10 and above (see note below) MEDIA numbers (and so on) 10 and above (see note below) MEDIA numbers 99.wav 10 and above (see note below) ninety nine MEDIA numbers 100.wav 10 and above (see note below) one hundred MEDIA numbers 200.wav 10 and above (see note below) two hundred MEDIA numbers (and so on) 10 and above (see note below) MEDIA numbers 900.
PAGE 78
Audio prompt administration Module Notes Filename Phrase Localized phrase above (see note below) MEDIA numbers (and so on) 10 and above (see note below) MEDIA numbers 9000.wav 10 and above (see note below) nine thousand MEDIA other and.wav and MEDIA other goodbye.wa v goodbye MEDIA other hundred.wa v hundred MEDIA other hundreds.w av hundreds MEDIA other oh.wav oh Note: These number phrases are optional. Typically, conferences have fewer than nine participants.
PAGE 79
Preparing the file structure Prerequisites • You need the information in Language and locale code job aid on page 72. • You need the individual prompt files, as created in Record the prompts on page 78. 1. Create a folder named prompts 2. Within the prompts folder, create the following subfolders: • ANNOUNCEMENT • GROUPCALL • MEDIA 3. Within each of these folders, create the subfolder _.
PAGE 80
Audio prompt administration Packaging the prompt files The prompt files must be packaged into a zip file to deploy the files. The installation process requires the specific folder structure. Prerequisites • You need an archive tool such as WinZip, 7-Zip, or zip (the UNIX command line tool). • You must have the file structure prepared, as described in Preparing the file structure on page 78. Use your selected archive tool to create a zip file, containing the prompts folder, and all subfolders and files.
PAGE 81
Installing the language packs If the langpack.sh tool encounters a problem, it returns a message describing the problem. Correct the error, recreate the zip file, and retest the language pack. Important: After the zip file is error-free, back up the zip file to another server or other media for long-term storage. Language files are not retained during upgrades or reinstallations, so you may need the language files at a later date.
PAGE 82
Audio prompt administration 1. If not already installed on the server, copy the tested zip file, .zip, to / home/nortel. 2. Stop the Avaya 3100 Mobile Communicator Gateway: appstart stop 3. Enter the following command: su If prompted, enter the root password. 4. Enter the following command: /opt/MobilityGateway/etc/langpack.sh --install /home/nortel/ .zip 5. Respond to the prompts that the langpack.sh tool outputs. 6. Enter the following command: exit 7.
PAGE 83
Removing a language pack Warning: If you configure a new default locale, and then later remove the language pack, the Avaya 3100 Mobile Communicator Gateway uses the system-default locale (en_US). Prerequisites You must be logged into the Avaya 3100 Mobile Communicator Web Administration Console as administrator. For more information, see Logging on to the Avaya 3100 Mobile Communicator Web Administration Console as an administrator on page 16. 1. Click the System Configuration tab. 2.
PAGE 84
Audio prompt administration appstart stop 3. Enter the following command: su If prompted, enter the root password. 4. Enter the following command: /opt/MobilityGateway/etc/langpack.sh --remove /home/nortel/ .zip 5. Respond to the prompts that the langpack.sh tool outputs. 6. Enter the following command: exit 7. Enter the following command: appstart start If prompted, enter the root password. 8. Repeat steps 1 to 7 for all servers in the system.
PAGE 85
Chapter 10: Security The following chapters provide security information and describe security procedures for the Avaya 3100 Mobile Communicator.
PAGE 86
Security 86 Administration and Security October 2010
PAGE 87
Chapter 10: Server certificate management This chapter describes the procedures that you use to manage server certificates. You implement a certificate infrastructure to encrypt the following traffic: • Signaling traffic exchanged between the client devices and the Avaya 3100 Mobile Communicator Gateway. This type of traffic includes caller ID information, call setup commands, instant messaging, and corporate directory search requests and results.
PAGE 88
Server certificate management Important: In some cases the root certificates for some well-known CAs (such as VeriSign and Entrust) are preinstalled on the server and many client devices. Do not download root certificates that you already have. In some cases the CA provides an intermediate certificate instead of, or in addition to, the root certificate. Read all instructions provided by the CA carefully. Follow the same procedure to download an intermediate certificate, as for the root certificate.
PAGE 89
Enrolling with a CA Result Server certificate management procedures • Enrolling with a CA on page 89 • Generating a CSR for Avaya 3100 Mobile Communicator Gateway Server on page 90 • Generating a CSR for Avaya 3100 Mobile Communicator Gateway Administration Server on page 91 • Obtaining a signed certificate on page 93 • Obtaining the CA signed SSL/TLS certificate for Avaya 3100 Mobile Communicator Gateway Server on page 94 • Obtaining the CA-signed certificate for the Avaya 3100 Mobile Communicator Gateway
PAGE 90
Server certificate management Generating a CSR for Avaya 3100 Mobile Communicator Gateway Server Generate a Certificate Signing Request (CSR) for the Avaya 3100 Mobile Communicator Gateway Server. Prerequisites • You must be logged into the Web Administration Console as administrator. For more information, see Logging on to the Avaya 3100 Mobile Communicator Web Administration Console as an administrator on page 16. • You must be logged into the server as superuser.
PAGE 91
Job aid 8. Change ownership of the Avaya 3100 Mobile Communicator Gateway Server keystore from root to mobility with the following two commands: chown mobility:mobility ssl-keystore chmod 755 ssl-keystore 9. Generate the certificate signing request for the Avaya 3100 Mobile Communicator Gateway Server. /usr/java/jdk1.6.0_03/bin/keytool -certreq -keyalg RSA alias smog-ssl -file mgcertreq.csr -keystore ssl-keystore 10. In the Web Administration Console, select the System Configuration tab. 11.
PAGE 92
Server certificate management 1. Change to the certificate keystore directory. cd /opt/mobilitygw-2.1/ server/default/data 2. Delete the default Avaya 3100 Mobile Communicator Administration Server keystore. rm admin-ssl-keystore If the keystore does not exist, you see the message rm: cannot Istat 'sslkeystore': No such file directory 3. Generate the Avaya 3100 Mobile Communicator Administration Server keystore and private key. /usr/java/jdk1.6.
PAGE 93
Obtaining a signed certificate /usr/java/jdk1.6.0_03/bin/java -cp ../lib/jbosssx.jar org.jboss.security.plugins.FilePassword mobility 13 keystore.password Variable definitions Variable Definition The new password for the keystore Default: mobility The number of days that the certificate is valid. Range: 0 to 3600 Obtaining a signed certificate Obtain your signed certificates from the Certificate Authority (CA) and save them in an accessible location.
PAGE 94
Server certificate management instructions on installing certificates on mobile clients, see Client certificate management on page 99. Obtaining the CA signed SSL/TLS certificate for Avaya 3100 Mobile Communicator Gateway Server Obtain your signed SSL/TLS certificates from the CA, and save them in an accessible location. 1. Use the certificate management tools provided by your CA to access the prompt or Web page where you can request certificates. 2. If prompted to specify a server type, select Apache.
PAGE 95
Installing the root and signed certificates on the Avaya 3100 Mobile Communicator Gateway Server 4. Paste the contents into the prompt or Web page. 5. Request your signed SSL/TLS certificate. The CA generates your signed SSL/TLS certificate and e-mail it to your enterprise certificate administrator. 6. Save the SSL/TLS certificate to a location that is accessible from the server.
PAGE 96
Server certificate management Variable Definition The full name of the Avaya 3100 Mobile Communicator Gateway TLS certificate, including the path Installing the root and signed certificates on the Administration Server Install the root and signed certificates onto the Avaya 3100 Mobile Communicator Gateway Administration Server. Prerequisites • You must be logged into the server as superuser. For more information, see Accessing the server command line as superuser on page 115.
PAGE 97
Copying single server keystore Important: Make a backup copy of your keystore databases (ssl-keystore and admin-sslkeystore) as a precaution against overwriting, deleting, or corrupting the file.
PAGE 98
Server certificate management 98 Administration and Security October 2010
PAGE 99
Chapter 11: Client certificate management This chapter describes the procedures that you use to manage client certificates on the devices. Typically, you E-mail the root certificate to your users, and they must install the certificates on their devices. Root certificates have two formats—DER and PEM. Distribute the DER-formatted certificates to Windows Mobile Version 5, Nokia and BlackBerry users. Distribute the PEM-formatted certificates to Windows Mobile Version 6 users.
PAGE 100
Client certificate management 12. Select OK. 13. When the Certificate Uses prompt appears, select the Internet check box. The root certificate is installed in the device. Installing a root certificate on a Windows Mobile device Install a root certificate on a Windows Mobile device to implement security and enable the user to engage in secure communications sessions. This procedure can be used in the E-mail you send to the users, as described in Client upgrade methods on page 49. 1.
PAGE 101
Installing a root certificate on a BlackBerry device in the non-BES configuration Installing a root certificate on a BlackBerry device in the non-BES configuration Install a root certificate on a BlackBerry in the non-BES configuration to implement security and enable the user to engage in secure communication sessions. This procedure can be used in the E-mail you send to the users, as described in Client upgrade methods on page 49. 1. Download the certificate to your computer. 2.
PAGE 102
Client certificate management 102 Administration and Security October 2010
PAGE 103
Chapter 12: Server certificate administration This chapter describes the procedures that you use to administer server certificates.
PAGE 104
Server certificate administration /usr/java/jdk1.6.0_03/bin/keytool -keypasswd -alias smog-ssl -keypass -new -keystore ssl-keystore 2. At the prompt, enter . 3. Change the keystore owner to mobility: chown mobility:mobility ssl-keystore 4. On the Avaya 3100 Mobile Communicator Gateway Web Administration Console, select System Configuration > Gateway Actions > Configure Gateway. 5. In the HTTPS certificate password field, enter 6. Click Save. 7.
PAGE 105
Generating a self-signed certificate for Avaya 3100 Mobile Communicator Gateway Server Prerequisites • You must be logged into the server as superuser. For more information, see Accessing the server command line as superuser on page 115. • You must be logged in to the Avaya 3100 Mobile Communicator Web Administration Console as administrator.
PAGE 106
Server certificate administration For information about how to install certificates on mobile clients see Client certificate management on page 99. Variable definitions Variable Definition The password for the keystore. The number of days that the certificate is valid.
PAGE 107
Generating a self-signed certificate for Avaya 3100 Mobile Communicator Gateway Administration Server Important: The admin-ssl-keystore password must always be mobility. 4. Respond to the prompts. For the common name (first and last name), enter a FQDN such as mg.domain.com. 5. Change ownership of the Avaya 3100 Mobile Communicator Gateway Administration keystore from root to mobility with the following command: chown mobility:mobility admin-ssl-keystore chmod 755 admin-ssl-keystore 6.
PAGE 108
Server certificate administration Variable 108 Administration and Security Definition The number of days that the certificate is valid.
PAGE 109
Chapter 13: Maintenance This chapter describes procedures for maintaining the Avaya 3100 Mobile Communicator.
PAGE 110
Maintenance Important: Avaya recommends that you copy this backup file to another server or other media. When preparing for an upgrade from Release 3.0 to Release 3.1, copy the backup file to the /tmp directory of the server. Restoring the Avaya 3100 Mobile Communicator Gateway server databases Use this procedure if you need to restore system parameters.
PAGE 111
Checking the Avaya 3100 Mobile Communicator Gateway Software Version Checking the Avaya 3100 Mobile Communicator Gateway Software Version The Avaya 3100 Mobile Communicator Gateway current software version appears on the System Configuration page. Prerequisites You must be logged in to the Avaya 3100 Mobile Communicator Web Administration Console as administrator.
PAGE 112
Maintenance A Notification Message Failed dialog box appears if the notification is not sent successfully. 5. Click Close. Sending a system notification to individual users Use this procedure to send a message to an individual registered user or a group of users. Prerequisites You must be logged in to the Avaya 3100 Mobile Communicator Web Administration Console as administrator.
PAGE 113
Network configuration changes Gateway after you run the script. For more information about the networkconfig script, see Linux Platform Base and Applications Installation and Commissioning, NN43001-315. Important: The license check uses the hostname as part of the machine identification. If you change the hostname of the Avaya 3100 Mobile Communicator Gateway, you must reactivate the license. After you reboot the Avaya 3100 Mobile Communicator Gateway, reload the license file to trigger the reactivation.
PAGE 114
Maintenance 114 Administration and Security October 2010
PAGE 115
Chapter 14: Common procedures This chapter contains commonly used procedures. • Accessing the server command line as nortel on page 115 • Accessing the server command line as superuser on page 115 Accessing the server command line as nortel Use this procedure to access the server command line as nortel. Prerequisites You require the password to the nortel userid on the server. 1. Use SSH to connect to the server. 2. At the userid prompt, enter nortel 3.
PAGE 116
Common procedures Prerequisites • You require the password to the nortel userid on the server. • You require the password to the superuser (root) userid on the server. 1. Use SSH to connect to the server. 2. At the userid prompt, enter nortel. 3. At the password prompt, enter . 4. To become the root user, enter su root. 5. At the prompt, enter . Variable definitions Variable 116 Value The password associated with the nortel userid.