Manage End Users Overview
For information about assigning users to IM and Presence Service nodes and to set up users for IM and Presence Service, see the following guides:
As part of your administrative tasks for managing end users, you may have to manage the following tasks:
-
Configure a default policy for authorizing presence requests
-
Configure a scheduled system check for duplicate or invalid user IDs and directory URIs
-
Fix user ID and directory URI issues as they arise
For information on how to import and set up end users, see the "Configure End Users" section of the System Configuration Guide for Cisco Unified Communications Manager.
For information on completing bulk user contact list imports and exports, see Bulk Administration of Contact Lists.
Presence Authorization Overview
You must assign a system authorization policy for Presence Subscription requests. The Presence Authorization Policy determines, at a system level, whether end users on the system can view other end users' presence status without requiring the authorization of the end user whose presence is requested. This setting is configured via the Allow users to view the availability of other users without being prompted for approval check box in the Presence Settings configuration window. the available settings depends partially on which protocol is being deployed:
-
For SIP-based clients, you must configure the IM and Presence Service to authorize automatically all presence subscription requests or Presence will not function correctly (this is the default setting). When this option is configured, the IM and Presence Service authorizes all requests automatically with one exception: if the user whose presence is being requested has a blocked list configured in their Cisco Jabber client that includes the user making the request. In this case, the user will be prompted to approve the Presence request.
-
For XMPP-based clients, you can configure whether or not you want the IM and Presence Service to prompt users to authorize presence requests from other users, or whether those presence requests should be authorized automatically.
Note |
The authorization system settings can be overridden by the User Policy configuration that end users can configure within their Cisco Jabber clients |
User Policy Settings in Jabber
When authorizing a presence request, the IM and Presence Service also refers to the user policy that users configure within their Cisco Jabber clients. End users can add other users to a blocked list, which prevents those other users from viewing presence status without authorization, or they can add those users to an allowed list, which authorizes those users to view their presence status. These settings override the system default settings:
End users can configure the following within their Cisco Jabber clients:
-
Blocked list— Users can add other users (both local and external users) to a blocked list. If any users of the blocked users view that user's presence, they will always see the availability status of the user as unavailable regardless of the true status of the user. Users can also block a whole federated domain.
-
Allowed list— Users can allow other local and external users to always be able to view their availability. The user can also allow a whole external (federated) domain.
-
Default policy—The default policy settings for that user. The user can set the policy to block all users, or allow all users.
Validating User IDs and Directory URIs
For single cluster deployments, duplicate user IDs and directory URIs are not an issue as it is not possible to assign duplicates within the same cluster. However, with intercluster deployments, you can unintentionally assign the same user ID or directory URI value to different users on different clusters.
The IM and Presence Service provides the following validation tools to check for duplicate user IDs and duplicate directory URIs:
-
Cisco IM and Presence Data Monitor service—You can configure ongoing system checks with this service. The Cisco IM and Presence Data Monitor service checks the active directory entries for duplicate user IDs and duplicate, or empty, directory URIs for all IM and Presence Service intercluster nodes. Administrators are notified via an alarm or alert. You can use the Cisco Unified Real-Time Monitoring Tool to monitor alarms and to set up email alerts for Duplicate UserID and DuplicateDirectoryURI errors..
-
System Troubleshooter—Use the System Troubleshooter if you want to run an ad hoc check the system for errors, including duplicate directory URIs and user IDs. The Troubleshooter provides details for up to 10 users only. The System Troubleshooter can be accessed from the Cisco Unified CM IM and Presence Administration interface (
). -
Command Line Interface—To obtain a complete and detailed report of duplicate URIs and User IDs, run the
utils users validate all
CLI command.