Archive for the ‘CUCM’ Category

Oh it’s hot hot hot….not chilly hot but hot hot!

it’s 42 degree outside here in Sydney today and is also a long weekend . This is so boring as I can’t do any outdoor activities. My mind got  crazy and then I thought to play with my new toy – CCM  version 6.x.

Warning: Before you read this post, please note -do not try to apply it on your production server. If you perform this on your production CUCM box, you may voiding Cisco contract. This is only for lab and learning purpose!

Quite often, when we are working on a production (or Lab) server and need a shell access to CUCM, we had to call Cisco TAC and wait for ages before we get access to the CUCM root shell. Many of us Linux geeks sometime want to jump onto the CUCM Linux shell, just like we natively access any other *NIX based server.Oh yeah, much more fun and seriously you can debug and troubleshoot things quicker. Without native shell accessing CUCM files or other thing using Cisco recommended method (CUCM OS) is like eating a banana without peeling it. Well you are eating the banana but eating the skin too, not so tasty :(. You got the point!  One of my friends asked me last week – is there anyway to get access to the CUCM root shell. I asked why do u want to access the root shell to start with. He replied, I recently upgraded CUCM from v5 to 6x and the disk space creped up on  and want to clear up some files. He was not aware of he could delete using CUCM OS CLI ‘file delete activelog blah..’ command but contented to get shell access to CUCM. I think Cisco did a good job in locking down the root access to the box. It make complete sense, why would anyone fiddle with a production box.

I tried with my old trick like we used to break Linux server password using normal old school way and surprisingly it worked. Cisco has not locked these down. I was expecting Cisco would really make it almost impossible to get access to the root but that was not the case. Today I got some time to do some research on this and found out a less effort method which you can safely apply to your production server without breaking anything related to Cisco’s software. Using the below mentioned method anyone would be able to get access to CUCM in less than 10 minutes. If you’re *NIX folk , you don’t have to wait for TAC to login to shell. I think there is the reason they are not allowing this officially. Vendor like Broadsoft give you root access to their softswitch linux servers. Why don’t they lock you down, just like cisco – I’d never have a clue.

I have given step-by-step method to break the root password of CUCM:

STEP#0: Download *nix bootable media

Download fedora9, redhat linux 4 or above or centos disk1. burn it on a CD or dvd. this disk will be used in the step #3. Google and you’ll find the ISO image.

STEP#1: Create remote account on your CUCM.

ssh to your CUCM box. I use Ubuntu as a desktop, if you are billy fane you can use ssh or secureCRT.

frog# ssh administrator@

You’ll get below prompt like this:


Now Create a account and enable remote account to this box:

admin:utils remote_account create frog  100
admin:utils remote_account enable

noticed 100 in the above is number of days ‘frog’ username / account will be valid. If you want it forever, then just type 0

STEP#2: Reboot the server:

admin:utils system restart

STEP#3: Create password for ‘frog’ remote user

While server reboots, pop-in a linux booteble disk (downloaded centos or redhat first disk) to MCS server or your lab toy. When you see boot prompt type ‘linux rescue:

boot:linux rescue

That will give you the root shell access of root#


Rescue disk mounts the CCM hard disk image as a /mnt/sysimage. Now chroot to this image to change in the /etc/ files or passwords:

#chroot /mnt/sysimage

[root#ccm-] #

Note1: if you don’t’ see the root prompt and /etc/pass file, then you may need to mount your sysimage.

Note2: If you are Open Source freak and know very well how the penguin computing works, u may jump direct to the step#4. Actually adding user here vs adding them when u get root# shell using a booteble CD is that u don’t have to apply all admin groups to remote user. You got the sense I guess now.

The remote user must be a member of the following groups in CCM BOX:
disk, sys, adm, bin, wheel and root

STEP#4: change attribute of /etc files and create ‘frog’ user’s password:

Cisco have locked the attribute to read only to all /etc/passwd /etc/group /etc/shadow and /etc/gshadow file to protect those files. Make all of below files attribute from read only to read/write. So when you change ‘frog’ users password the system will let you change it.

root#chattr -i /etc/passwd
root#chattr -i /etc/shadow
root#chattr -i /etc/group
root#chattr -i /etc/gshadow

root#passwd frog <press enter>

Now restart the server,  use reboot command

Dont’ forget to remove your DVD/CD from MCS server. Once that is done, access to the ccm from your favourite ssh client. mine is ubuntu these days.

frog# ssh frog@

Welcome to Remote Support


All done for now. This is your little linux toy box. Do anything just like you do  with any other *NIX based operating system – no biggie. I will install freeRADIUS and some other cool tool like NMAP on this Cisco box.


As many of you know that I have not posted anything for a while. That doesn’t mean that I have been hibernating! lol Simply I was busy doing a lot of other new non-UC stuffs.
Recently, I have written a few workbook chapters for one of the CCIE training vendors and didn’t have time to do anything about online.

Now what is the deal with the bootable disk and Cisco CUCM?

Well, have you ever stuck at the customer site and feel/saw the  non-recoverable CUCM and wanted to install it from scratch?
Then tried downloading Cisco CUCM ISO images from and then got worried about it’s not booting when popped into the physical server?

Keep on reading… The simple solution for you is to keep this (click here to download boot.blf) small bootable file in your pocket and download CUCM ISO image from CCO and then use UltraISO software to make non-bootable into bootable disk. No more hassles or waiting for a disk shipped to you via snail mail.

The Concept!

It’s very simple, I guess one of those black magic which Cisco wants to keep secret for obvious reasons!. Insert a boot info file (see instruction below how to get it)  into a CUCM ISO image.
Make sure you download CUCM non-bootable disks and join both downloaded files (copy -b or cat command on Linux). Then use a free software called UltraISO and insert the boot it into the CUCM non-boot disk and burn it as a regular way!
You’ll only need
a) Boot info file (BIF)
b) Cisco non-bootable CUCM ISO image (combine them)
c)  A UltraISO CD burning software from
d) A few dead brain cells (well its that simple)

Here are the steps for you:

Step#1:  extract the bootinfo file from exiting Linux destroy!

Download above makelinuxboot.bif file.  Sorry if the URL link is broken, I can’t guarantee. Alternately, you can extract it from existing CUCM or Red Hat Enterprise Linux 5 or above bootable disk.
To extract boot info file from a bootable disk
– Install UltraISO on  PC/Laptop
– Insert the existing CentOS 5 or RHEL or existing CUCM Bootable disk.
– Open UltraISO and then go to>Bootable> Extract Boot File from CD/DVD. Save file as a “makelinuxboot.bif” (you can name it anything u like but remember the extension must be .bif)

Step#2: Insert above extracted makelinuxboot.bif file into the non-bootable CUCM image.

Click on UltraISO> Bootable>Tick on “Generate Bootinfotable”
-Click on UltraISO>bootable> Loadbootfile. Then, once it prompts you, select the makelinuxboot.bif file

Step#3: Save the bootable ISO file

– Go to UltraISO>File>Save-as>CUCM-Linux boot. ISO

Burn the CUCM-BOOTABLE.iso. Pop the bootable CUCM disk into the server and then Finish.. and bingo!

Hue.. Isn’t this simple black magic?

Note: just make sure that the bootable disk of any LINUX OS you are going to extract bootfile info is EL-TORITO standard. The ISO9660 won’t work. I spent about 8 hours just on this issue.


How to configure Mobile Voice Access (MVA) in Cisco CUCM 6.x/7x

Hum.. I am still on Christmas-New year holiday but can’t rest myself, especially when I have nothing to do. In the past 2009, I have been too busy doing so many other stuffs and I really didn’t have any time left for blogging.
Mobile voice access (MVA) am a fairly expensive to run in an enterprise. Specially the enterprise who are tight on the telecom budget. If you are one of them, then I’d recommend not to use this feature since MVA actually hairpin the call and then Teleco charges you for hairpining the call.
Well, again, there are always some deals on offer with Teleco(s) which you can put up-front before signing a telecom contract with your preferred Teleco and negotiate with them to include hairpinning call cost to “ZERO”. Telstra or Optus in Australia may provide this kind of deal. Hey, after all todays’ Telecom world is very competitive and everyone wants a customer on board :). I am sure the upcoming National broadband project will expand the customer experience more.
Well, that is being said, I will not go into the detail about sales stuffs but was just going to give you a pointer. Let’s quickly take a deep dive on the step-by-step guideline to configure MVA on Cisco Call manager 6x/7x. Well being an old freek of Cisco Voice, I still call it CCM.
Cisco CUCM Feature MVA Concept:
Using Cisco MVA feature, a PSTN phone user (who’ve access to CUCM) can dial into the office DID number (9999 2222 for an example) and can use his mobile phone as a “INTERNAL” phone device. The mobile phone operates in a similar fashion like any other IP Deskphone inside the company. In real use, the folks who are working from home, this is a lifeline for them is assuming they do not have CIPC or newly CUCM 8 remote agent features.
In the past, I used to achieve this functionality by using IPCC script or Unity but now it’s available within CUCM. Cisco has integrated the IVR script within MVA and is shipping it with CUCM.
An example: A user with a mobile phone 0412 748 484 dials into his office MVA/DID number 9999 2222, and then CUCM integrated VXML script prompts the user to enter a PIN. Once the user enters his/her correct pin, the CUCM system provides a dial tone. After the PSTN user gets a dial-tone, he is just like any other phone inside the CUCM system. The connected user can now ring outside (of course saves his billing), can transfer, can ring any extension, can use MOH, etc..
Just a side note, once a user is connected to CUCM System, the following default pre-configured keys are available for call handling:Put a call in hold *81
Put a call in an exclusive hold *82
To resume a call *83
To transfer a call *84
To conference a party *85I hope an MVA user won’t go hibernate like a frog during an active MVA call 🙂 duh!
Typical Scenario:
PSTN connected to a Cisco voice gateway (38xx/2800/29xx series router) using ISDN 30 channel E1.
The PSTN gateway is configured for H323 protocol and has been added in the call manager as a H323 trunks. Well, why did I choose H323 and not MGCP? Well, it’s depend on your choice. I particularly do not like MGCP unless I “HAVE” to use it in a creepy situation. The H323 is my best friend :).
There is only one call manager publisher which is also doing call processing. No subscribers.
The voice gateway is H323
The phones are associated with users and RDP. User pins are already configured.
The calls are already going in/out of the CCM. PRI E1 is up and running.
Remote destination profile (RDP) and Remote Destination Number (RDN) are already configured.
You already know how to create PT/CSS and why to create. You may need to create a separate set of CSS/PT for MVA for security reasons.
Step-1 Change CUCM Clusterwide Parameters for MVA
CUCM admin page>SYSTEM>Service Parameters>
server = IP address of CCM
service= Cisco CallManager
Now you’ll get a new page displayed. Search for “Clusterwide parameter”. Then Under clusterwide parameters change the following parameters under System-Mobility sub-option:
a) Enable Enterprise Feature Access = True
b) Enable Mobile Voice Access (MVA) =
) Mobile Voice Access number = 9999 2222 (You can choose your custom one)
d) Matching Caller ID with Remote Destination = Partial match Once you’ve configured above 4 parameters, “SAVE” it by clicking Save button on GUI page.
Step-2 Configure Mobile Access DN
Media Resources TAB>Mobile Voice Access> and enter below (or your customized ones).
a) Mobile Voice Access DN = 9999 2223
b) Mobile voice Access Partition = “Internal” (it should be accessible from the phones)
c) Locale. = Your local setting (US or whatever)
Step-3 – Voice Gateway (H323)
or telnet to your Voice gateway router and first enable the call hairpinning and a VXML URL:
config t
voice service voip
allow-connections h323 to h323
! Add the VXML url under application
Service frog
Note: Verify above application sync with CCM by using the following command:
“ show call application voice frog”
dial-peer voice 10 voip
destination-pattern 9999 XXXX ! Normal DID
session target ipv4:
dtmf-relay h245-alphanumeric
codec g711ulaw
no vaddial-peer voice 20 voip
service frog
session target ipv4:
incoming called-number 9999 2222 ! MVA DID Number
codec g711ulaw
no vad
Note: is CUCM Publisher which has Call processing enabled:)
Step-4 Add H323 Gateway in CUCM/CCM and create Route Group/RouteList
CUCM AdminPage> Device>Gateway>Add New> Select H323 Gateway
a) Device name = (Your Gateway IP Addie)
b) Device Pool = HQ_DP
d) Location = HQ_LOC
e) MTP = Check the box
f) Call routing information> Inbound Calls> select all CSS(s) = GW_CSS (or your customized one)Save all parameters.Now create a route Group (RG) and add above H323 gateway in the route group.
CUCM AdminPage>Call Routing>RG> add RG
Then create a Route list (RL) and add above RG to this RL. Lets name route list as a MVA_RL
CUCMAdminPage>call routing> RL> add RLThe final hierarchy would be something like this:

RL_MVA_RL>>>RG_MVA_RG>>>H323 GW name

Step-5 Add a route pattern for MVA DID
AdminPage>Call Routing>Route Patterns>Add new RPa) RP = 9999 2222
b) Route List = RL_MVA
c) PT / CSS = whatever,…….
d) call classificaiton = Off-Net
e) Provide Outside Dial Tone = TICK-THIS
Save above.
Step-7 Troublshooting and testing
1. Dial 9999 2222 from you mobile phone (04222 22222 blah).
2. UCM VXML script will answer to your call and you should get a VXML prompt saying “enter your pin”. This is how CUCM authenticates the users.
3. Enter your pin whatever you’ve configured in CUCM for a particular user. This user must have an MVA in his profile enabled.
4. Once your pin has been authenticated successfully, you should get a dial tone (same as inside CUCM phone do).
5. Then you can dial whatever and wherever you want. Also can transfer calls, put on hold using the following digits.
a. Put a call in hold *81
b. Put a call in an exclusive hold *82
c. To resume a call *83
d. To transfer a call *84
e. To conference a party *85
well, I hope you’ll find the above information useful. If you wish to add /suggest few things please feel free to send me an email.
Good luck and if you are stuck then below are the life saver commands:
1. Make sure your IOS is the latest version. If it doesn’t work, try to upgrade your IOS. I stuck when I was running old IOS image and fixed it by using the latest 12.4.(15).
2. Some commands. For VXML – grab the CUCM MVA/SDL/SDItraces
3. For H323 Gateway –
– favorite command “debug ISDN q931”
debug voice ccapi inout
debug voice application vxml all
For more information:
-Push Bhatkoti

How to check DHCP leases status on cisco CCM 6x

Cisco CCM 5/6/7x still have built-in DHCP server.

Cisco call manager : Obviously, this is a big enterprise level IPTELEPHONY product which really “WORKS”. No product is perfect and there is always a room for improvement.

One of the issues I came across was the issue with “How to check” what address is allocated to which IP phone.
It was long due in my TODO list, but I have been flat out recently at work and didn’t have time to do a blog:

Today I just got home and as usual, I  was checking my personal email and found an email message from a guy who came through google and hit my  blog asking for the same thing 🙂
Thanks Leonardo for reminding this.

On Mon, Feb 16, 2009 at 5:11 AM, Leonardo D’Urso <>wrote:

hi Pushkar

I am an enthusiastic reader of your blog, it’s great. I have worked with Cisco since 2002.
I have a question for you. Have you ever configured a dhcp service directly on ccm 6.x?

Any idea if it is possible to display via CLI the dhcp leases or scope like in the Microsoft dhcp server or
Like on Cisco equipment (for ex. ios: show ip dhcp bindings)?

kind regards

Leonardo D’Urso

After reading above request, I decided to flock through the CCM and cross this off my “to do list”

In the past, so far I have done 12-16 call manages 5/6x installation, but most of the customers were using their dedicated DHCP and a few of them were using Call manager’s built-in DHCP server. Back to CCM 4x days, Cisco used to use Microsoft DHCP server (WIN3k or WIN2k) which was full flag and can tell who have what Address at any given time.

In CCM 5/6/7x there is no easy way to check the DHCP lease(es) allocated to IP phones by the DHCP server.

CCM new boxes are Linux based and the DHCP server implementation is also open source software.

It’s basically open source DHCPD daemon (/etc/dhcpd. conf style) which is good and stable but what a shame, this BIG commercial product and it doesn’t give us a GUI or CLI interface to see what address are leased!
I believe Cisco will give it a go and improve it in the future.

For the time being, here is my workaround to find out the leases (not the easiest method though as I said above).

There is also some other method to know the status of DHCP leases in the Cisco CCM DHCP server

Basic information can be collected via SNMP or SYSLOG server:
– CCM sends DHCP alarm/trap alerts to an SNMP platform (HPopenview, Ciscoworks etc.)
– CCM also sends same alarms/alerts for a preconfigured SYSLOG server.

The above information is very basic and that still doesn’t’ really tell the status of the leases. It’s noticeable and I have observed that the SNMP/SYSLOG alert only triggers  when there is something really wrong with DHCPD. For example DHCP pool gets full or there are no IP addresses to allocate to DHCP clients.

The above methods are useless as nobody will wait when there is really problematic. Everyone wants to see the leases when they want and when they fell. Just think about  stressing alert telling “Hey buddy the DHCP server has no IP address” Sent to you when you were in a night club.

Another way to see the lease alerts could be RTMT tool. But it still doesn’t do the best job. My method 100% shows DHCP leases. It’s a bit hard work but really works.

Here is my method which really works, just need to get the root access to the box. To get access to root shell you have 2 ways:

1. Create a remote account from “disk recovery” menu and ask TAC to provide your password.

2. Risky method: the following steps detail the process on how GRUB is reinstalled on the master boot record:

  • Boot the system from an installation boot medium.
  • Type Linux rescue at the installation boot prompt to enter the rescue environment.
  • Type chroot /mnt/sysimage to mount the root partition.
  • Then create username as u create in regular LINUX. ‘useradd‘ password
  • Edit /etc/passwd file and set created users userID and GUID to 0:0
  • Note: 0:0 is for root
  • After that you can simply ssh it using putty.exe or ssh user@ipaddresofccm

Once you got access to CCM root have a look at this file:

cat /etc/dhcp3/dhcp.conf <———-this is the main DHCPD config file

Here in that file you will not see anything about where the lease file will be pointing to. This is by default pointed to

Now create a file which is visible through the operating system CLI (damn CLI).

Type touch /common/download/dhcpleases. hehe

Now link default dhcpleases. hehe file to dhcpd. lease file which is in /var/lib/dhcp/dhcpd.leases. /var/lib/dhcp/dhcpd.leases is the default file where DHCPD daemon writes all leaes status.

Alternatively, if you are comfortable with Linux you can just simply do this:

Edit the /etc/dhcpd.conf file and just add this line:

lease-file-name “/common/download/dhcpd.leases”

Restart the DHCP daemon by issuing ‘service dhcpd restart or service dhcp3-server restart’

It will write all status of dhcp leases to /common/download/dhcp.leases file.

Now jump to your CCM friendly (hey did I say friendly?) GUI and download the dhcpdlease. hehe file and you can see who have what leases. So that’s all about it.

Those brainless programmers did not think about doing this little job from the Administrator point of view. I know there is a RTMT tool, but it would be nice to see it somewhere on the GUI.

Another tip on DHCP server:

How to make sure that whatever is configured via CCM GUI under DHCP server is 100% correct and working?
Yes, you can confirm this using SQL query command:

STEP#1: Login using ssh to the CCM server

– To check DHCP servers: issue “run sql select * from dhcpserver

– To check DHCP scopes: issue “run sql select * from dhcpsubnet

Good luck and happy learning…

PS: if you found this article useful, don’t forget to send me a postcard!! hehe..


Step#1 List number of node in the cluster using CLI:

admin: run sql select name,nodeid from ProcessNode

name               nodeid

================== ======

EnterpriseWideData   1          4          2

Step#2   : Check the replication status of each subscriber/node in the cluster

admin: show perf query class "Number of Replicates Created and State of Replication"

==>query class :

- Perf class (Number of Replicates Created and State of Replication)

has instances and values:

ReplicateCount  -> Number of Replicates Created   = 344

ReplicateCount  -> Replicate_State                = 2

The following list shows the possible values for Replicate_State:

0—Replication Not Started. Either no subscribers exist, or the Database Layer Monitor service is not running and has not been running since the subscriber was installed.

1—Replicates have been created, but their count is incorrect.

2—Replication is good.

3—Replication is bad in the cluster.

4—Replication setup did not succeed.

Noticed 2 means replication stats between the two surveys are okay up and running.

STEP#3 :To check network connectivity and DNS server configuration:

Enter the CLI command that is shown in below:

admin: utils diagnose module validate_network

Log file: /var/log/active/platform/log/diag1.log

Starting diagnostic test(s)


test - validate_network    : Passed                      

Diagnostics Completed


 Cheers, Push

Recovering CCM Administrator and Security Passwords

This section replaces the section Recovering the Administrator Password in the “Log In to Cisco Unified Communications Operating System Administration” chapter” of the Cisco Unified Communications Operating System Administration Guide for releases 5.0(4), 5.1(1), 6.0(1), and 6.1(1a).

If you lose the administrator password or security password, use the following procedure to reset these passwords.

Note During this procedure, you must remove and then insert a valid CD or DVD in the disk drive to prove that you have physical access to the system. He he .. you must walk to the Server room or a datacenter to do this. Use KVM switch or similar thing to access VGA of CM.


Step 1 Log in to the system with the following username and password:

Username: pwrecovery

Password: pwreset

The Welcome to platform password reset window displays.

Step 2 Press any key to continue.

Step 3 If you have a CD or DVD in the disk drive, remove it now.

Step 4 To continue, press any key.

The system tests to ensure that you have removed the CD or DVD from the disk drive.

Step 5 Insert a valid CD or DVD into the disk drive.

The system tests to ensure that you have inserted the disk.

Step 6 After the system verifies that you have inserted the disk, you get prompted to enter one of the following options to continue:

To reset the administrator password, enter a.

To reset the security password, enter s.

To quit, enter q.

Step 7 Enter a new password of the type that you chose.

Step 8 Reenter the new password.

The password must contain at least 6 characters. The system checks the new password for strength. If the password does not pass the strength check, you get prompted to enter a new password.

Step 9 After the system verifies the strength of the new password, the password gets reset, and you get prompted to press any key to exit the password reset utility.

Caution The security password on all nodes in a cluster must match. Change the security password on all machines, or the cluster nodes will not communicate.

Software Feature License Information Omitted from

[root@ccm5 bin]#
[root@ccm5 bin]# pwd
[root@ccm5 bin]#

[root@ccm5 bin]# ./pwreset

**                                                    **
**   Welcome to Platform password reset               **
**   Admin and Security password reset are possible   **
**                                                    **

You will be required to remove, then insert any valid CD/DVD media
In order to prove you have physical access to the system.

To begin you will need to remove any media from the CD/DVD drive.
You may press Control-C at any time to abort.

Remove any media from the CD/DVD drive and press any key when ready…
testing for removal of CD/DVD media
Please insert any valid CD/DVD media.
Press any key when ready…

You must insert the CD/DVD media to continue
Press any key when ready…

Thank you, you may now proceed with Platform password reset.

Enter a for admin password reset.
Enter s for security password reset.
Enter q to Quit.


Cheers, Push

This contain was removed after complaints from Cisco Systems.

It is advised , not to think about chrooting the production CUCM server. It will avoid Cisco TAC warrantee. Let Cisco TAC do the job.


Cheers, Push

One of  our customers was upgrading  CUCM version 5x cluster to version 6x. They wanted a fresh install of CCM6. x cluster cluster and were wondering how to get the old MOH file from CUCM v5x cluster so that they can put it on the new CUCM v6 cluster. Therefore, they contact an expert [of resource me] for help. The fact was that I never did this in the past. I had to dig through google and  the solution for him and that really worked. I that this will help other folks who are looking for downloading no file from cucm 5/6/7 servers. Trust me on this, it’s a piece of cake, there are 2 ways to do this:


Step#1: SSH to CCM 5/6/7x publisher
Unfortunately, there is no way we can pull MoH file via a GUI interface. The only way I know is via CLI. You can use putty.exe if you are a Windows  fan or I use Ubuntu so I just open a terminal window and simply use ‘ssh root@ccmip’ to log into a call manager publisher. After ssh you will get a prompt similar below:

Step#2  Setup an FTP server to put  files from no server to an FTP server.
Setup a SFTP server. I use SSHD as a SFTP server. For windows you can download filezilla sftp server from below url:
Create a username and password in sftp. We will use this username and password in step #$

Step#3  List MOH related filesin the call manager
Use a command called “file list activelog mohprep/*” to list all moh files in the mohprep directory.
You will see output similar to below:
admin:file list activelog mohprep/* ← note * means all files

Step#4 Download the moh files to a SFTP server
Use a command called “file get activelog mohprep/filename”to download above listed file(s), here is an example:
file get activelog mohprep/ SampleAudioSource.alaw.wav
Enter SFTP server IP: ← SFTP server IP
Enter SFTP username: test
Enter SFTP password: test
That’s all, your file is transferred to the FTP Server and you can use GUI interface to put the file to a new/other call manager publisher.
admin:file list activelog mohprep/*
CiscoMOHSourceReport.xml                SampleAudioSource.alaw.wav
SampleAudioSource.g729.wav              SampleAudioSource.ulaw.wav
SampleAudioSource.wb.wav                SampleAudioSource.xml
dir count = 0, file count = 6
admin:file list activelog mohprep/*
CiscoMOHSourceReport.xml                SampleAudioSource.alaw.wav
SampleAudioSource.g729.wav              SampleAudioSource.ulaw.wav
SampleAudioSource.wb.wav                SampleAudioSource.xml
dir count = 0, file count = 6
admin:file get
file get activelog
file get inactivelog
file get install
file get tftp

admin:file get active
admin:file get activelog ?
file get activelog file-spec [options]
file-spec   mandatory   file to transfer
options     optional    reltime months|weeks|days|hours|minutes timevalue
abstime hh:mm:MM/DD/YY hh:mm:MM/DD/YY
match regex

admin:file get activelog mohprep/SampleAudioSource.xml
Please wait while the system is gathering files info… done.
Subdirectories were not traversed.
Number of files affected: 1
Total size in Bytes: 606
Total size in Kbytes: 0.5917969
Would you like to proceed [y/n]? y
SFTP server IP:
SFTP server port [22]:
User ID: push
Password: ********
Download directory: /home/push

This is the script when you add moh file and that gets replicated to all nodes:

[root@ccm5 bin]# more
# script will make a tar ball for backup targets
# <log path> <status file path> <target node>
# Checking parameters
if [ $# –lt 3 ]
echo “Usage: $0 <log path> <status file path> <target node>”
exit 1


echo “0”  > $STATUS_FILE
echo “Starting MOH backup” >> ${LOGFILE}
sudo -u root /bin/tar cvfpP – /usr/local/cm/sftp/mohprep/* 2>>${LOGFILE} | sudo
u drfuser ssh drfuser@${NODE}


if [ $RESULT –gt 0 ]
echo “MOH: Backup failed ($RESULT)”  >> ${LOGFILE}
exit 106
# update status file to 100%
echo “100” > $STATUS_FILE

echo “MOH: Finished backup” >> ${LOGFILE}
exit 0

[root@ccm5 bin]#
[root@ccm5 bin]#
—————————–end of snippetts——————-


This is probably the easier option than the Option#1. One of my blog reader shared this option with me. Now I am wondering this would have been probably the easiest way. Thanks  Hamid (from ) for sharing this.
– Login to CUCM DR option and backup CUCM to a sFTP server. It will push CUCM backup to sFTP server in .tar.gz file.
Step#2 – Extract the backup (.tar.gz) file and look for the MoH file. Bingo…. There you go, your catch, the MOH file.

I hope this will help someone!

Cheers, Push

1994: Multimedia Manager

Selsius System developed for HP-UX using SDL-88 programming language. Supported NT 3.5 as well. Maximum 4 ISDN PRI and used for video conferencing system.

1997 –  Selsius-CallManager (SCM) 1.0

Multimedia manager was renamed as a Selsius Call manager. This is when Call manager was born! On top of the video conferencing feature of the MM, voice call routing was added. Voice call was routed via IP networks (not traditional switching). I think this was the breakthrough. SCCP and SGCP were supported and OS was WinNT 4x.

1998  SCM 2.0

A few features were added on top of call manager v1. Cisco Acquired Selsius.

2000: Cisco CallManager (CCM) 3.0

This is when SCM became famous CCM. MGCP and multiple node clustering was added. SQL clustering (YES).

2001: CCM 3.1

More device support, MOH added for the first time, XML and HTML support in the phones. This was also the first time when TAPI and Extension Mobility (EM) feature was added.

2001: CCM 3.2

CCM v3.2 was the first enterprise level IPT solution. Clustering feature was enriched. Some of the features below were added:

  • GUI localization
  • Added handfree, auto-answer and intercom
  • ATA support
  • PRI MGCP  protocol support
  • Drop last conference party
  • WebAttendant consult transfer
  • MWI
  • MCS and ICS server support for CCM

2002: CCM 3.3

More features were added like:

  • IPMA
  • CCM cluster can support up to 30K phones (WOW)
  • H323 support for the first time
  • Configurable call waiting tone

2004: CCM v4.0

Success of previous CCM, this version had been just add-on on top of the previous version with the following improvements:

Some new features and enhancements added during this release were:

  • 2 calls per line to 150 calls per line (configurable)
  • Hunt group
  • Call barge
  • RTP encryption
  • Call transfer and join (conferencing)
  • Windows 2000 based version CCM

This version was made EOL in 2008.

2004: CCM 4.1

More features were added, like:

  • RTP and Signaling encryption support
  • DNA tool
  • Time of day routing (TOD routing)

2006: Cisco Unified CallManager (CUCM) 4.2

CUCM 4.2 was released with CUCM 5. In March 2006. At the same time Cisco also launched some new products – IPCC and Meeting Place for voice and video offering.

Hunt group login and call forward no coverage, call forward on unavailable or busy was introduced. No SIP endpoint support though.

2007: CUCM 4.3

Well, this release was the first version to support Windows 2003.

2006: CUCM 5.0

CUCM 5.0 (well first Linux based) and CUCM 4.2  were released in March 2006. Introduces SIP end point support for the first time.

2007: CUCM 5.1

No major features were released, but fixed many of those annoying bugs in v5. 0

2007: CUCM 6.0

Cisco further renamed Cisco Unified Call manager (CUCM) to Cisco Unified Communication Manager (CUCM). So abbrviation still the same. This version was way too much advanced in terms of installation, configuration and licensing. Cisco dropped supporting Windows based version and commit to focus on Linux based (may be windows is not secure and stable enough?)
– Added intercom between endpoints
– Licensing improvement – feature and DLU based licensing
– Support to be installed in VMware for lab purpose only.

Cisco also launched new products, CUCMBE (aka cucumber) for small business. Cisco Unity connection v2 was born.

Version 6.1 was released in January 2008 and contained bug fixes. This was very stable release.

2007: CUCM 6.1

Performance improvements and Cisco’s flagship product in IPTEL space! Obviously bug fixes of CUCM 6.0

2008: CUCM 7.0

There was a talk about Cisco releasing both windows and Linux based CUCM 7.0 but the reality was the only Linux based came out of the hat :). Informix database for everything from now on and Presence was born.
Cisco released 7.1 mega cluster support and it was the stable version of all.

2009-2011: CUCM 8.x
CUCM 8.5 and 8.6 – product just got robust and a lot of features were added.
– Cisco Unified Boarder Element (CUBE) support
– Officially VMware support
– UC on UCS was born. Cisco started porting CUCM on their own UCS servers

Keep it simple? No, keep it simpler!

IPMA never been my favorite topic.  I hated it from the beginning when it comes to PT/CSS, voicemail and AAR related issues – I really didn’t like it. I always consider it to be left alone and didn’t try it until my 3rd attempt.

One day, I let my ego down and agreed to have a look and nail it.  Before doing this, I took a long breath, but wasn’t confident enough to put my hands on the lab gears. I decided to gain some confidence and went to a pub [benefit of living in the City, bloody pubs are at your doorstep] and had a few drinks.  Came back to home and I was on high thinking that I am going to fight with my enemy [mrs. IPMA].

A friend of mine told me that there is a video on from Vik Malhi. I really liked his approach. He mentioned a few times during the video lecture that you don’t have to use 2 partition’s [not directly though]. But I that make it simple and stupid.

After watching the video for 3 times, I started loving it and on first go, it worked as expected [smile] worked straight away. Re-set my CCM VMware image again and did it for a few times.
Guess what? – After doing it a few times, I thought it was the easiest topic I ever studied. It’s on top of my head now.

You can just create ‘pt_manager’ and ‘css_manager’ only. Assuming all your phones are in NULL partition.
[end of the day why would u want to assign any phone any partition, wanna to kill your time?]

ManagerDN= 5001
proxy line = 5003
manager-intercom = 5555

Here are the steps:

Step#1- start tomcat service on both pub+sub
Step#2- create a pt-manager
Step#3- create a css-manager and put pt-manager in it
Step#3- modify the phone button template according to the requirement for a manager and Assistant
Step#4- create an IP Phone service for manager (just create at this stage, but don’t not to assign yet).
TIPS: to get an IP phone service URL, just search on CCM help for “IPMA checklist”.
Step#4- configure the manager phone now {thinks if u configuring your boss’s phone, put a sniffer on it lol}

  1. Assign phone button-temp
  2. softkey template (standard ipma manager or modified according to your need)
  3. Put 5001 to pt_manager
  4. Add 2nd line and put a dent of 5555, tick on auto speakerphone
  5. Add speed dial, name it appropriately e.g. to-assistant and put a dn of 5556
  6. Subscribe IPMA service to manage phone only [don’t subscribe to assistant phone]

STEP#5- configuring  the Assistant’s phone

  1. Assign a phone button template [remember in the previous step you created, modified the template?]
  2. Assign phone softkey template [according to your need]
  3. Add 2nd line as a  proxy line, assign DN 5003 and assign css_manager to it.
  4. Add 3rd line as an intercom line, assign DN 5556, speaker phone ticked.
  5. Add speed dial den-5555, name it appropriately e.g. to-manager  dn 5555
  6. Don’t assign ipma service to this phone. Restart the phone.

Step#6-  configure CTI route point to intercept the call form 5001.

  1. Add cti route point, stick to your standard practice regarding assigning
    Other  parameters, e.g. device-pool, EPNM, or etc.
  2. add dn 5001 to it [it must be a manager’s number] to ctirp, the partition must be same as all phones
    Because all phones need to dial this number.  Assign CSS_manager to this as well.
  3. Tick on only on Forward No Answer Internal/external put 5001, select – CSS_manager. This is fair
    When an assistance phone line is down or she is logged out or tomcat is down call will be routed to manager phone.
  4. When the assistant is logged in and not picking up the phone it shud go to vm of manager. just tick       on vm for Forward Busy/non Internal/ext (4 of these ticks)

STEP#7 Adding users, etc… The left over;
– Add the assistant user
-Device association
– Add as ipma assistant
– Add the Manager user
-Device association
-Add an ipma manager
-Add assistant

STEP#8 At the last, Configure IPMA service parameter (only need to configure first 5 options, leave everything else as they are the default)
– CTI manager –,
– Route point -select it whatever you named routepoint
– IPMA server –,1

Restart your tomcat services on both – pub and sub, restart the CCM services as well. You should see the strange icons on the manager’s phone.
Download the ipma console and install it on your laptop/pub/sub where ever you wanna it. login as an assistant and verify that intercept, and call divert all and other function are still working. Also logout from ipma and dial 5001 and see if it rings to 5001’s VM. If 5001 is busy/non, it should go to his VM. If it doesn’t, then check the 5001’s phone [the manager-pt one, not the ctirp’s dn.]

Real Goachas with IPMA and how to solve them;

Issue#1  Voicemail issue,
Configure MWI cs’s (to take care of the IPMA voicemail issue)
Create a new css_mwi with pt_manager+ pt_local + ld+local and assign it to Unity MWI ports
Issue#2  AAR related issue;
– Assign or-group hq_aar to proxy-line 5003
– Make sure mwi, RP, proxyline has access to PT_manager. Put them into a correct css.
– Make sure 5001, 5001-rp, proxy-line have the epnm and appropriate location HQ/mainsite on them.

Finally Restart Tomcat service

Issue#3: IPCC and Tomcat port conflict issue – when you press service button on phone1 it doesn’t work or your IPCC doesn’t work.
–  Go to c;\program files\wfavvid\tomcat\conf\server.mcvd.xml,
Search for string ‘8009’ and change it to 8010 – tomcat service port conflicts

More to come…… … Any QoS scenario in 10 minutes…. Stay tuned!

Please feel free to leave your comments, if time permits, I will answer them ASAP.

Cheers, Push