Message Archiver

Contents

Message Archiver 1

Contents. 1

Overview. 1

Requirements/Special Notes. 2

Connecting to Unity Connection 7.x or Later 2

Task 1: Configure a User with the Remote Administrator, Mailbox Access Delegate Account and System Administrator roles. 2

Task 2: Set the Database Proxy Service Shutdown Time. 3

Task 3: Activate the Remote Database Proxy Service. 3

Task 4: Login to the Remote Server. 3

Troubleshooting Remote Login Issues. 4

Double Check Connection Server Settings. 4

Disable CSA and all Virus Scanning Applications. 4

Make sure the Informix .NET Driver is Installed and the PATH Points to it. 4

Using Message Archiver with Unrestricted Versions of Connection. 5

Note about Secure Messages with CUMI 5

Using Message Archiver for Non-Voice Messages

Using Message Archiver 6

Welcome to Message Archiver. 6

Select Subscriber. 7

Select Messages. 9

Archive all Voice Messages. 10

Archive all Voice Messages for a Particular Subscriber between a Time Range. 11

View all Voice Messages. 12

Password for Secure Zipping. 13

Obtaining Updates. 14

Revision History. 14

 

Overview

The Message Archiver tool is designed to do one thing: fetch messages for selected users and save them locally as EML files.  This is most often used by administrators when monitoring an inbox or needing to save off a copy of a particular message for legal reasons or the like.  The Message Archiver is a read-only tool, it makes no updates to any message states, cannot delete messages etc.  Tool is also allows you to archive all voice messages into an ordinary zip file or a password protected zip file. If you need a tool for that the Message Archiver application may be what you're looking for.

Requirements/Special Notes

This version of Message Archiver runs on Windows XP/2000/2003/2008, Vista or Windows 7. 

You must install the 32 bit Informix Client SDK version 3.5 or later including the .NET drivers even if you are running on a 64 bit version of your operating system. See the Informix Driver Download Page for details.

You must enable the ODBC proxy service on the any Unity Connection servers you want to archive messages from.

This tool uses Microsoft’s full .NET 4.0 library (the limited “client” version of .NET 4.0 is not sufficient).  The installation will check to see if you have that installed and if not will offer you the option to download and install it automatically.

Connecting to Unity Connection 7.x or Later

For installations of 7.x and later you need to use the database proxy service for access to the database from off box for any DB tool including Message Archiver.

Task 1: Configure a User with the Remote Administrator, Mailbox Access Delegate Account and System Administrator roles

1.     Go to the Cisco Unity Connection Administration web interface for your installation.

2.     You can leverage a user with or without a mailbox for off box data access purposes, but it’s strongly suggested that you create a new user without a mailbox that is used solely for the purpose of remote administration tasks for security reasons.  This is also required if you want to export messages from a Connection 7.0(2) or later server – a user with a mailbox may not be allowed to extract messages from other mailboxes, whereas a user without a mailbox should have no problem.

3.     Be sure the web administration password for this user is not configured to require a change at first login on the “Password Policy” page for that user.

4.     If necessary, change the web administration password on the “Change Password” page.  Note that only the web application password comes into play for remote data access.

5.     For Unity Connection Server 7.x only: Finally, on the “Role” page for the user, add the “Remote Administrator” and the “System Administrator” roles to the “Assigned Roles” list and save. 

For Unity Connection Server 8.x and later: On the “Role” page for the user, add the “Remote Administrator”, “Mailbox Access Delegate Account” and the “System Administrator” roles to the “Assigned Roles” list and save.

You can assign any or all other roles as well but for the purposes of remote access to the database and making updates to users those two are necessary.

NOTE: For Unity Connection server 8.x and later: If you just want to view the voice message and do not want to archive them, in that case you need not to add the “Mailbox Access Delegate Account” role.Mailbox Access Delegate Account” role is only required when you want to archive voice messages for a subscriber on the Cisco Unity Connection 8.x and later.

Task 2: Set the Database Proxy Service Shutdown Time

For systems running Unity Connection 10.0 and later this step is not necessary.

Out of the box the database proxy service is not running and if you try to start the service it will shut down right away.  First you need to set the “Database Proxy: Service Shutdown Timer” value found in the System Settings -> Advanced -> Connection Administration section of the Cisco Unity Connection Administration page.  By default this is 0.  You can set it to as high as 999 days if you like.  After the number of days configured here the remote database proxy service will shut down.  This is useful if you want to do some migration work, for instance, and don’t want to forget to have the service disabled for security reasons.

NOTE: If you restart the server, the remote database proxy service will remain shut off.  After a system restart you have to go in and manually turn on the service again (see step 3)

Task 3: Activate the Remote Database Proxy Service

1.     Out of the box the service that listens to remote database requests is not active, you must turn it on.  To do this, go to the “Cisco Unity Connection Serviceability” web admin page.

2.     On the Tools menu, select the “Service Management” page.

3.     The “Connection Database Proxy” item under the “Optional Services” section will be marked as “Deactivated” and stopped.  Press the “Activate” button and it will be activated and started automatically.

 

Once you’ve started the proxy service you can connect with any tool that needs off box database access using the user name, web administration password and port “20532”.

NOTE: The service will automatically shut down after the number of days configured in step 2 above or if you restart the server.

Task 4: Login to the Remote Server

When you first start Message Archiver, you will see a login dialog box that will be empty except for port 20532 filled in as the default for the port. You must provide the server name or IP address for the “Server” field and provide the login and password for the database connection account.  Use the alias and web administration password of the database user created above for the login and password fields.

Description: Description: Description: Description: C:\AudioFiles\Help\MessageArchiver_image001.png

Message Archiver will remember your entries including the password (which is stored in a secure hash).  Each time you run Message Archiver it will load the settings of the last connection you made.  Every server you’ve successfully connected to in the past will be listed in the drop down list in the order in which you connected to it last – most recent to least recent.

NOTE: The login and password information is stored along with the local Windows login name.  Only those servers that have been attached to successfully using the current Windows login will be listed.  If you are logging into the same Windows server with different users you will only see servers connected to with that particular Windows login.

NOTE: Providing the wrong password or login will fail quickly and give you a chance to try a different pair.  Providing an incorrect server or port, however, results in a 60 second timeout while MESSAGE ARCHIVER waits for the Informix driver to return.  Unfortunately this cannot be shorted.  Type carefully.

Troubleshooting Remote Login Issues

The error message issued by the application should have some details for you on the failure reason based on the error codes issued by the Informix driver to help narrow down your investigation.  Here’s some general things to check that have been run across in the field for sites having trouble connecting to their remote Connection servers.

Double Check Connection Server Settings

Make sure the remote database proxy service is running.  This service does shut itself off after a period of time and does not start itself automatically on a server reboot.

Make sure the user you are logged in as has the remote administrator role assigned to their account, that their password is not set to reset at the next login and that their account is not currently locked. 

Make sure the server name or IP address you are using to connect with is reachable from your Windows client.  DNS issues often come up in connection failures.

Disable CSA and all Virus Scanning Applications

It’s a good idea to disable CSA and all virus scanning applications if you are having problems connecting to be sure the ODBC port (20532) is not being blocked.  Also check your firewall settings (assuming you are running one). 

Make sure the Informix .NET Driver is Installed and the PATH Points to it.

For 32 bit OS installs, the IBM Informix driver is installed in C:\Program Files\IBM\Informix\Client-SDK.  Make sure this path exists on your server and has not been removed or renamed.

The system PATH variable will also include a reference to the “\IBM\Informix\Client-SDK\bin” location where the driver is installed.  Make sure this path is referenced in the PATH.  Also, if the PATH is very long sometimes the Informix driver will not find it, try moving it to the beginning of the PATH statement.

If you had an older version of the IBM Informix Client SDK installed it's a good idea to uninstall all other versions and make sure you have a single instance of the SDK 3.5 or later.  Mixing versions of Informix drivers is not a good idea as only one can be active at a time.

Make Sure Firewalls are not Blocking Ports:

Two ports are used by Message Archiver:  7993 for secure IMAP (for extracting messages) and 20532 for the ODBC connection.  These are the only two ports used – HTTP, HTTP2, SMTP etc… are not needed or used by the application.

Using Message Archiver with Unrestricted Versions of Connection

Unrestricted versions of Unity Connection do not allow for secure IMAP connections by design – unrestricted means the version can ship all over the world including areas that ban forms of encryption necessary to support secure IMAP and super-user mail access.  By default the Message Archiver tool uses secure IMAP to fetch messages and, as such, if you’re running it against an unrestricted version of Connection you can see the messages but when you go to download them the fetch will fail since the secure IMAP login will be denied.

To get around this there is a command line option that will instead download messages using the HTTP REST based CUMI API.  This works only for 8.0 versions of Connection and later and requires you run the tool with the “/UseCUMI” command line option to be active.  If you are running an unrestricted install prior to version 8.0 you cannot fetch messages, only see the subjects and details.  You will have to upgrade to 8.0 or later to leverage this functionality.

Both CUMI and IMAP require the “Mailbox Access Delegate Account“ role for the user you log in with to fetch messages and both use ODBC for fetching message data, finding users etc… only the actual message content fetch is done using IMAP or CUMI.

Note about Secure Messages with CUMI

By default CUMI does not allow messages marked secure to be downloaded.  You will see an error message when secure messages are downloaded when using /UseCUMI command line option if you don’t configure the server to allow for this.  Assuming you want to include secure messages in your archive request, make sure the option for “Allow Access to Secure Message Recordings through CUMI” is checked in the Advanced Settings | API Settings section in the Unity Connection administration interface:

Note that by default the secure messages option is off and the “Allow Message Attachments through CUMI” is turned on – you’ll want to be sure BOTH are enabled if you want secure messages to be downloadable via the message archiver (or when exporting with COBRAS for that matter).

Using Message Archiver for Non-Voice Messages

 

Message Archiver allows administrator to view as well as archive non-voice messages like Email, Delivery Receipt message (DR), Non-Delivery Receipt message (NDR), Read Receipt Message (RR) etc. For archiving non-voice messages you have to check “Archive Non-Voice Message” under the ‘Option’ button by default it will remain uncheck so whenever you need view or archive non-voice messages you have to check. After this you can load all non-voice messages by hitting ‘Load Message’ button and also you can archive non-voice messages by hitting ‘Archive’ button.

 

 

Note: Message Arhiver does not provide support for archiving non-voice messages using /useCUMI command line option. You can only archive non-voice messages using IMAP.

Using Message Archiver

Welcome to Message Archiver

The Message Archiver is a simple wizard interface. Once you log into the Connection server you want to pull messages from via ODBC, the first page provide you following options:

Select Action:

·         Archive selected voice message for a particular subscriber: This option allows you to archive one or more voice messages for a selected subscriber at a time.

·         Archive all voice messages for a particular subscriber: This option allows you to archive all voice messages (including inbox and deleted items only) for a selected subscriber.

·         Archive all voice messages for a particular subscriber between a time zone: This option allows you to archive all voice messages for a selected subscriber between a specified time ranges.

·         View all voice messages for a particular subscriber: This option allows you to view all voice messages (including inbox, draft and deleted items only) for a selected subscriber.

 

Select Zip Type:

·         Archive all voice messages into an ordinary zip file: Set this option to archive all voice messages (currently available under the subscriber’ message folder on local system) for a subscriber into a simple zip file.

·         Archive all voice messages into a secure zip file: Set this option, if you want to archive all voice messages (currently available under the subscriber’ message folder on local system) for a subscriber into a password protected zip file. For secure zipping, you must select this option and provide a password used to encrypt the messages into a zip file. You will have to provide this password at the time of unzipping. If you forget this password those messages cannot be recovered, they are lost to you.

 

Description: Description: Description: Description: C:\AudioFiles\Help\MessageArchiver_image004.jpg

Select Subscriber

Once you’ve selected an option to “Archive selected voice message for a particular subscriber” you can move to second wizard i.e. Select a Subscriber. This will allows you to search and select a subscriber that homed on that Connection server.

Description: Description: Description: Description: C:\AudioFiles\Help\MessageArchiver_image005.jpg

The select subscriber dialog is pretty straight forward - you can choose a subscriber based on their extension, alias, first name or last name using a "starts with", "contains" or "is exactly" type query.  If you leave the text box blank it will fetch all subscribers.

Description: Description: Description: Description: C:\AudioFiles\Help\MessageArchiver_image006.jpg

Once you've selected a subscriber you can hit the "Next" button

Select Messages

Once you've selected a subscriber you can move to the Select a Message to Archive page.  You can load messages from the inbox folder, the deleted folder or both.

Note:  Deleted messages will only be saved to the deleted items folder if the subscriber’s class of service is configured to allow that.  Note that saved messages do not include binary attachment, only routing information so there's no option for archiving sent messages here.

Description: Description: Description: Description: C:\AudioFiles\Help\MessageArchiver_image007.jpg

To archive a message simply select it and either double click on that row or press the "Archive" button at the bottom of the form.  The message will be archived into a sub folder using the selected subscriber's alias and all messages selected for that user to be archived will appear in that sub folder using the date/time of the message along with a unique message ID to form the file name of the EML file.  This allows you to select as many messages for as many subscribers as you like in a session and easily be able to sort them out later. 

The folder for message archival is in the "Messages" folder under the installation directory you chose for the Message Archiver tool.

Archive all Voice Messages

When you’ve selected an option to “Archive all voice messages for a particular subscriber” from the welcome page, the second wizard that appears in front of you is Select a Subscriber to Archive all Voice Messages. This wizard will allow you to archive all voice messages for a selected subscriber. Here you need to select a subscriber same as above and click on “Archive” button at the bottom of the form.

Description: Description: Description: Description: C:\AudioFiles\Help\MessageArchiver_image012.jpg

Archive all Voice Messages for a Particular Subscriber between a Time Range

When you’ve selected an option to “Archive all voice messages for a particular subscriber between a time range” from the welcome page, the second wizard that appears in front of you is Select a Subscriber to Archive all Voice Messages between a time range. This wizard will allow you to archive all voice messages for a selected subscriber under a specified time range. Here you need to select a subscriber first same as above than you have to select a start date and end date. Once you specified the time range you have to click on “Archive” button at the bottom of the form.

View all Voice Messages

Once you've selected a subscriber you can move to the View all Voice Messages page. You can load messages from the inbox folder, the deleted folder or both or from the draft folder. 

Note:  You can view deleted messages if the subscriber’s class of service is configured to save deleted messages into the deleted items folder. 

Note: By default draft message are not saved on the Cisco Unity Connection. If selected subscriber has the configuration to save voice messages as draft messages then only you can view draft messages here. Another thing related to draft messages is, you cannot archive draft message.

Password for Secure Zipping

This wizard will appear in front of you when you’ve selected an option to “Archive all voice messages into a secure zip file” from the welcome page under selection zip type option. Here you need to provide a password that will be used to encrypt all voice messages for a subscriber into a secure zip file.

Note: Please remember this password as you will have to provide this password at the time of unzipping. If you forget this password those messages cannot be recovered, they are lost to you.

Obtaining Updates

To check for updates to this tool, visit http://www.CiscoUnityTools.com

Revision History

Version 1.0.15 – 11/10/2016

·         Updated to .NET 4.5

·         Updated HTTP connections for CUMI to handle forcing SSL3 connections when attaching to Unity Connection servers older than 10.0

Version 1.0.14 – 1/1/2016

·         Updated for Windows 10 deployments

 

Version 1.0.13 – 3/18/2015

·         Updated SQLite libraries

·         Updated setup to include all modern Windows versions as targets.

Version 1.0.12 – 9/4/2014

·         Added support to fetch non-voice messages from Unity Connection.

 

Version 1.0.11 – 4/4/2014

·         Added “/UseCUMI” command line option to fetch message content using the REST based CUMI API instead of the default secure IMAP path which is not available for unrestricted installations of Unity Connection.

 

Version 1.0.10 – 12/5/2013

·         Updated logic to allow administrator to archive voice messages form Unity Connection server 7.x. as ‘Mailbox Access Delegate Account’ role does not exists on Unity Connection server 7.x.

Version 1.0.9 – 10/24/2013

·         Updated logic to validate ‘Mailbox Access Delegate Account’ role for Unity Connection 8.0.

Version 1.0.8 – 7/23/2013

·         Added message duration column to the voice messages view grid.

·         Added logic to sort messages in grid by read, urgent or secure columns.

·         Added logic to show forwarded messages in to the voice message view grid.

·         Added a new message filter option to show draft messages in to the voice message view grid on “View all Voice Message” page.

·         Added logic to allow archiving of messages as an EML file only if the login user has the “Mailbox Access Delegate Account” role.

·         Added new option on welcome page to view all voice messages for a particular subscriber.

 

Version 1.0.7 – 5/15/2013

·         Added debug output option.

Version 1.0.6 – 5/2/2013

·         Added logic for simple zipping and password protected zipping.

Version 1.0.5 – 4/29/2013

·         Added logic to archive all voice messages for a subscriber between a time range

Version 1.0.4 – 4/26/2013

·         Added logic to archive all voice messages for a selected subscriber.

Version 1.0.3 – 4/23/2013

·         Added logic to archive more than one voice message for a selected subscriber at a time. 

Version 1.0.2 – 4/18/2013

·         Fixed an error where the splash screen would not dismiss on a login failure scenario.

Version 1.0.1 – 4/16/2013

·         First drop of beta tool.

 

© 2014 Cisco Systems, Inc. -- Company Confidential