Polycom OTD Service with Cisco Endpoints

January 26, 2019 by · 10 Comments 

This article about the Polycom One Touch Dial (OTD) service is another in a series which covers Polycom’s RealConnect service, a Microsoft Azure-based video interoperability service for Skype for Business and Microsoft Teams meetings.

Before performing any configuration steps in this article it is recommended to first review the Polycom One Touch Dial Service article to gain an understanding of how the services work and why the configuration differs between Polycom and Cisco endpoints.

Exchange Configuration

This section will walk through creating a new service account, followed by the initial OTD service portal configuration.  Then a Cloud Relay server will need to be deployed (covered in a separate article) and a single Cisco endpoint added to the OTD portal.  By contrast this configuration is more involved than the basic configuration for Polycom endpoints due to the Cisco endpoint not acting like a native Exchange calendaring client.

Prepare PowerShell

The following environment preparation steps are performed using Windows PowerShell to connect to multiple online modules.  The workstation used to perform these commands may need to have some initial setup steps performed to access these modules.  Only the Exchange Online PowerShell and MSOnline modules needs to be installed to support the cmdlets in this article.

  • Follow the steps in the Managing Office 365 with PowerShell article and then connect to both Exchange Online and the MSOnline modules as instructed.  (There is no need to connect to the AzureAD or Skype for Business modules.)

Connect-EXOPSSession
Connect-MsolService

image

Create Mailbox

This step may not be required as typically a mailbox already exists for a conferencing room space that is represented in Outlook to book as a resource.  If a new mailbox needs to be created for a specific VTC then the following steps can be used to create an Exchange Room Mailbox using PowerShell.

For this article a new resource mailbox will be created for use with a single Cisco endpoint.

  • Run the following New-Mailbox command to create a new resource mailbox of Room type, updating the red text with the desired unique ID, Alias, Name, and Password.

New-Mailbox -MicrosoftOnlineServicesID vtc2@msteams.net -Alias "vtc2" -Name "VTC 2 (Cisco)" -Room -EnableRoomMailboxAccount $true -RoomMailboxPassword (ConvertTo-SecureString -String "P@s5w04d" -AsPlainText -Force)

image

If a replication failure warning appears it can safely be ignored as it is just reporting that the new mailbox will take some time to be created and replicated within Exchange Online.  The following configuration steps can be performed immediately.

If needed, repeat this process to create a room mailbox for every Cisco VTC which will be used with OTD service.

Configure Mailbox

With either the new mailbox created above or an existing mailbox the following commands will ensure that the mailbox is correctly configured.  Depending on how existing resource mailboxes were created these parameters may already be set correctly, but sometimes the existing settings will purge the meeting invitation contents to save on mailbox storage.  Without that data included in the room’s copy of the invite then OTD has no information to process and then no ‘Join’ button would appear on the invited VTC.

  • Run the following Set-CalendarProcessing command against the new mailbox as identified by the Identity parameter.  Leave all other parameters at the documented vales, aside from the -AdditionalResponse setting which can be customized to include any message.

Set-CalendarProcessing -Identity vtc2@msteams.net -AutomateProcessing AutoAccept -AddOrganizerToSubject $false -AllowConflicts $false -DeleteComments $false -DeleteSubject $false -RemovePrivateProperty $false -AddAdditionalResponse $true -AdditionalResponse "This room is enabled for One Touch Dial with Polycom RealConnect"

image

If needed, repeat this process for every room mailbox (new or existing) that is (or will be) associated with a supported VTC to leverage OTD.

Create Service Account

For environments leveraging Exchange Online this account will require an appropriate Office 365 license.  At minimum an Exchange Online Kiosk license is the lowest-cost option that provides the necessary mailbox, but any Exchange Online, Business, or Enterprise license is more than adequate.  This service account must have a mailbox even though its own mailbox is never actually used throughout the OTD process.  Exchange can only delegate mailbox permission to other mailbox-enabled accounts, hence the need for a license.

  • Using the same process as outlined in the first section connect to both Exchange Online and the MSOnline PowerShell modules and then execute the Get-MsolAccountSku cmdlet to list all available license options currently applied to the Office 365 tenant.

Get-MsolAccountSku

image

The example tenant in this article has available Enterprise E5 licenses (ENTERPRISEPREMIUM), which is clearly overkill for this requirement.  As suggested above a less expensive option of Exchange Online Kiosk (EXCHANGEDESKLESS) can be used instead. 

  • Run the following New-MsolUser command to create a new user account which will be used by the OTD service to connect to Exchange over Exchange Web Services.  Update the red text in the example below with the desired Display Name, User Principal Name, Usage Location (appropriate two-letter country code), License Assignment, and Password.

New-MsolUser -DisplayName "OTD Service Account" -UserPrincipalName "otd@msteams.net" -UsageLocation "US" -LicenseAssignment "jschertz:EXCHANGEDESKLESS" -Password "P@s5w04d" -PasswordNeverExpires $true -ForceChangePassword $false

image

Delegate Mailbox Permissions

In order to use the new service account to access each and every resource mailbox it will need to be delegated the appropriate permissions to each mailbox.  The only rights this account requires is Read access to just the Calendar folder in each mailbox.

  • Run the Add-MailboxPermission command by providing the Identity of the desired source mailbox, as well as the User Principal Name of the newly created service account.

Add-MailboxFolderPermission -Identity "vtc2@msteams.net:\Calendar” -User “otd@msteams.net” -AccessRights “Reviewer”

image 

If needed, repeat this process to delegate permissions for each room mailbox’s Calendar to the single service account.

Verify Mailbox Permissions

Once all mailboxes are configured the following optional cmdlet can be used to report which mailboxes in the entire organization the service account has access to.

Run the following command to query every mailbox in the organization to verify if the service account has the needed Reviewer permissions to the Calendar folders of the room mailbox.

Get-Mailbox | ForEach-Object {Get-MailboxFolderPermission $_":\Calendar" -User "otd@msteams.net" -ErrorAction SilentlyContinue |ft Identity,FolderName,User,AccessRights}

image

Cloud Relay Deployment

As the Cloud Relay server is used by various services and it not meant only for providing One Touch Dial to Cisco endpoints located on private networks then this portion warrants a separate, complete article.

  • Refer to the Polycom Cloud Relay article to complete the installation and successful pairing of at least one Cloud Relay virtual server in the same routable private network as where the desired Cisco VTC is located.

Service Provisioning

This section covers the service-side configuration for connecting the OTD service to the target Exchange environment.

Configure One Touch Dial Service

To begin the provisioning process the Polycom One Touch Dial portal will need to be utilized.  As explained in the first article of this series the overall RealConnect service order/trial process would have included providing the email address of an administrative contact.  That supplied email address will have been specifically enabled by Polycom to access the OTP portal for the specific tenant enabled for the service.

image

  • Click the Sign in with Microsoft button and then enter the credentials of the account which was originally whitelisted for access to the OTD portal (e.g. jeff@msteams.net).

image

The first time that an authorized user signs into the portal a prompt will appear requesting permission for the Polycom app to sign in on behalf of and read the user’s profile information and data.

  • Review the requested permissions and then click the Accept button.  (If the "Consent on behalf of your organization" option appears it can be ignored as each user account authorized for the OTD portal will receive this same one-time prompt.  If desired, an administrator can select this option now and other accounts will not receive this prompt when they first sign in.  The behavior of the service is not impacted either way.)

image

If this is the first time the portal has been accessed it may report that no devices have been configured.

image

Endpoint Configuration

Now that the OTD service has been connected to the Exchange environment with the service account the first Cisco VTC can be configured.

  • Connect to the Cisco endpoint’s web management interface and verify that XMLAPI Mode is enabled.  This is required in order for the service to push the meeting invitations directly to the VTC.

image

  • Return to the One Touch Dial portal, select the Devices menu, and then click on the Connect a Device button.

image

  • Select the desired Cisco device option from the list (e.g. C SX DX EX MX Models).

image

  • In the General Information section enter a descriptive Name for the device (e.g. VTC2).
  • In the Calendaring section enter the VTC’s associated resource mailbox in the Calendaring Email field (e.g. vtc2@msteams.net).

  • In the Connection section select the appropriate configuration option.  If the Cisco VTC is assigned a public IP address and is directly reachable from the Internet (an unlikely and not recommended scenario) then select the Directly to Polycom One Touch Dial option.  For the typical use-case of the VTC being located on an internal network with a private IP address select the Via Polycom Cloud Relay option and enter the IP address of the Cisco endpoint (e.g. 172.31.16.76).

  • In the Credentials section enter an administrator username and password for the Cisco endpoint (e.g. admin).

image

  • Click Connect to save the configuration and then note the reported status will likely initially show as Pending.

image

  • Select the Devices menu and wait for the status to update to Connected.

image

At this point the Cisco VTC should show any meetings which have been scheduled on the room mailbox.  The Join button will be displayed prior to the scheduled meeting and trigger a call to the RealConnect service to join a Skype or Teams meeting.

image

About Jeff Schertz
Site Administrator

Comments

10 Responses to “Polycom OTD Service with Cisco Endpoints”
  1. ruskin snow says:

    hi Jeff. In our Melbourne office we have a new Cisco Spark Codec Plus. We have it setup in our OTD portal and I can see bookings on when I ssh to the endpoint and enter “xcommand bookings list”.
    However on the endpoint itself they see no meetings via the UI. Have you encountered configured one of these new Cisco Spark devices with OTD yet ?
    Thanks
    Ruskin

    • Jeff Schertz says:

      If the Spark is currently registered to the WebEx cloud then it cannot leverage OTD for RealConnect. The codec can only use a single calendaring source, which would be the WebEx Cloud in this scenario. If it’s not registered to WebEx then I understand that the local calendaring needs to be manually enabled on the endpoint. I haven’t seen any documentation from Cisco on how to accomplish that though.

  2. Renato says:

    Hi Jeff,

    We followed the procedure but a VTC Cisco TelePresence MX300 G2 is not receiving a booking and the status on One Touch Dial portal is still pending : any idea ?

    Here is the output from the VTC :

    xcommand bookings list

    OK
    *r Bookings ResultInfo TotalRows: 0
    *r Bookings LastUpdated: “Never”
    ** end

    • Jeff Schertz says:

      If the Cloud Relay shows as connected but the Cisco endpoint is not receiving any invites make sure to verify that the Cloud Relay can connect directly to the Cisco endpoint over TCP 80 and 443.

  3. Laszlo Olah says:

    Hi Jeff,

    Thanks for the OTD series, these are very helpful articles.
    I have two questions regarding the integration…
    As a Cisco VTC user you set up admin account, with all privileges: Admin, Audit, RoomControl, Integrator, User
    Do I have to set all of these?

    You mentioned that the OTD does not work in case of Webex registered endpoints. Why is that?
    If I use Exchange Room Mailbox and if I set up proper VTC service account, what prevents the OTD integration?

    Thanks in advance,
    Laszlo

    • Jeff Schertz says:

      The Cloud Relay simply needs ‘admin’ rights to connect to the Cisco VTC. I don’t know what individual privileges are required; I’ve not tested other configurations.
      If the Cisco VTC is registered to the WebEx Cloud and WebEx is managing the calendar for the endpoint then it cannot also use OTD; it’s one or the other.

  4. Jens says:

    Hi,

    we have the OTD server on premise and use the one touch dial with mostly all of our Polycom systems (Group and HDX). Now trying this also with out Cisco devices and we face an issue with the Webex Room Kits. Those devices are getting all of the meeting information except the SIP dial string to the Skype or TEAMS meeting and they recognize the protocol as H.323 instead of SIP.
    We tested the Cisco SX10, SX20 and DX80 devices and they are work like a charm with OTD (v1.7 HF7).
    Only the Webex Room Kits have this issue.
    The software version on all Cisco’s (SX, DC, Webex Room Kits) is the same (from the numbering). It is “ce 9.8.0” and “ce 9.8.1”.
    Does any one of you have the same issue and maybe a solution for this ?

    Thank you and regards
    Jens

  5. Graeme Roux says:

    Hi Jeff

    Is this all still current? No way to achieve this on Cisco Endpoints without Cloud Relay?

    Kind Regards
    Graeme

Trackbacks

Check out what others are saying about this post...
  1. […] how it works, and provides detailed configuration steps for using it with Polycom VTCs.  (A separate article covers the additional configuration for Cisco VTCs.) […]



Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!