[Index]

Model: data/RS_PBR_Config

Add PBR Config Records

Full HTML Help

Overview

Phone-based registration (PBR) supports a number of configuration parameters that define how the service operates in a specific provider or customer environment.

You will need to create PBR configuration (PBR config) records, as follows:

Related Topics

Provisioning PBR device records with site-wide PINs

Site-wide PINS are useful when PINs are required for either security or to address use-cases where DNs are not unique.

However, the operational overhead of provisioning a device record per unique device is not acceptable. In this case, create a single PBR device record at each site:

Note

Add PBR Config Records

This procedure configures the PBR registration. Instructions are provided for the PBR config record at the Provider level (global) and per customer.

To access the flowcharts, view the topic via the release documentation at: https://documentation.voss-solutions.com/automate.html

Important

Do not select the following options. These features are experimental and should not be enabled:

  1. In Automate, go to (default menus) Services > Phone Based Registration > PBR Config, then choose the hierarchy:

  2. Fill out a name for the PBR config record.

  3. Select the BAT Prefix Required checkbox.

    Note

    • It is recommended that PBR configuration should only allow the replacement of phones with fake MACs with device name prefix starting with BAT. This ensures that it is never possible for a user to replace a phone that is in active use.
    • Leave BAT DeviceName Format as default.

  4. Choose options based whether the use of PBR device records is required in this environment?

    1. The PBR device record allows an administrator to explicitly specify that a device is eligible for phone-based registration.

      Select the PBR Device Record Required checkbox, if required.

    2. The PBR device record allows an administrator to specify that a PIN that should be used when performing phone-based registration for a specific phone or for all phones at a site.

      Select the Pin Required checkbox, if required.

    3. The PBR device record can be used to guarantee that the correct device is replaced in environments where directory numbers are not unique within a CUCM cluster, for example, multiple directory numbers are configured with the same DN, but located in different partitions.

      In this case, clear the UseSiteWidePIN checkbox.

      Note

      By default, Automate requires a PBR device record per device, but in some cases, it may be sufficient to use a single pin per site. In this case, you can enable (select) the UseSiteWidePIN checkbox. This provides limited security to ensure that a PIN is still required to register a phone, but reduces the operational burden by eliminating the need to provision a PBR device record for each phone. See Provisioning PBR Device Records with Site Wide PINs

  5. At Phone Registration Portal Port and Phone Registration Portal Address, specify the port and the IP address or hostname:

    Note

    The phone registration portal address and the port you specify must be accessible from the phone network.

  6. At Phone Registration Portal API User and Phone Registration Portal API Password, fill out the email address for the API user previously created, and fill out the password.

    See Create a restricted API Role and Admin user

    Note

    The portal API user credentials (username and password), is required for both the Provider-level PBR config record and for the PBR config record for any customers.

  7. At Phone Registration Service Hierarchy, specify the hierarchy:

  8. At CUCM IP, specify the IP address of CUCM that is accessible to Automate using HTTPS SOAP requests.

  9. Save the PBR config record you configured, then run the following CLI command on the primary node to restart the services:

    cluster run all app start phone-based-registration

Configure the Phone Based Registration Add-On

To access the latest documentation, go to Documentation and Resources at: https://voss.portalshape.com

The Phone Based Registration (PBR) feature supports a number of configuration parameters that manage how the service operates in a specific provider or customer environment. This configuration is implemented using the Services > Phone Based Registration > PBR Config menu item.

Configuration is on VOSS Automate user interface:

Figure 5: Sample PBR Config record

When configuring the PBR service for a specific hierarchy the following considerations are important:

  1. VOSS recommends that PBR configuration should only allow the replacement of phones with fake MACs with device name prefix starting with BAT.

    This ensures that it is never possible for a user to replace a phone that is in active use.

    Select the BAT Prefix Required check box.

  2. Is the use of PBR Device records required in this environment?

    1. The PBR device record provides a mechanism for administrators to explicitly specify that a device is eligible for phone based registration.

      Select the PBR Device Record Required check box if this is desired.

    2. The PBR device record allows the administrator to specify a PIN that should be used when performing phone based registration for a specific phone or for all phones at a site.

      Select the Pin Required check box.

    3. The PBR device record can be used to guarantee that the correct device is replaced in environments where Directory numbers are not unique within a Unified CM cluster, e.g. multiple Directory numbers are configured with same DN but located in different partitions.

      In this case, clear the UseSiteWidePIN check box.

Phone Registration Portal Port:

Phone Registration Portal Address:

Phone Registration Portal API User Credentials:

Phone Registration Service Hierarchy:

CUCM IP:

By default, VOSS Automate requires a PBR device record per device, but in some cases, it could be sufficient to use a single pin per site:

  1. In this case, select the UseSiteWidePIN check box.
  2. This provides limited security to ensure that a PIN is still required to register a phone, but reduces the operational burden by eliminating the need to provision a PBR device record for each phone.

Additional options:

Important

After saving the above configuration in VOSS Automate, you must restart the services by running the following CLI command on the primary node:

cluster run all app start phone-based-registration

Related Topics

Phone Based Registration Configuration

Model Details: data/RS_PBR_Config

Title Description Details
Name * Name of the configuration. This MUST always be Default Default: Default
  • Field Name: Name
  • Type: String
  • Default: Default
  • MaxLength: 128
BAT Prefix Required * Only allow registration of phones with device name starting with BAT Default: True
  • Field Name: BATPrefixRequired
  • Type: Boolean
  • Default: True
BAT DeviceName Format Macro that describes how BAT device names are to be generated. This should be BAT Default: {{ fn.zeropad pwf.extension, 12 }}
  • Field Name: BATDeviceNameFormat
  • Type: String
  • Default: {{ fn.zeropad pwf.extension, 12 }}
Auto Provision PBR * Auto Provision PBR Device record for Subscriber BAT phones
  • Field Name: AutoProvisionPBR
  • Type: Boolean
Pin Required * Is the use of a pin required Default: True
  • Field Name: PINRequired
  • Type: Boolean
  • Default: True
UseSiteWidePin * Allow the use of a single PIN per site. When this is set then the device name and extension should be set to SITE in a single PBR device record at the site level and a Partition should be specified.
  • Field Name: UseSiteWidePin
  • Type: Boolean
PBR Device Record Required * Is the use of a PBR Device Record Required When this is set to false, then it is possible to replace any BAT phone with Phone based registration Default: True
  • Field Name: PBRDeviceRecordRequired
  • Type: Boolean
  • Default: True
Phone Registration Portal Address Phone Registration Portal Address. In environments that make use of NAT the address for VOSS Automate can be unique for each customer - if this is the case then configuring per-customer PBR config becomes mandatory. If HTTP access is desired then this should be map to the IP address of primary VOSS Automate Unified Node, for HTTPS this should map to a Web proxy. Redundancy across web proxies can be achieved using external load balancer or DNS.
  • Field Name: portal_address
  • Type: String
Phone Registration Portal Port Phone Registration Portal Port. This should be either port 8412 for HTTP or 443 for HTTPS.
  • Field Name: portal_port
  • Type: String
Phone Registration Portal API User * Phone Registration API User. This should be username dedicated to providing access to PBR web service with a Restricted API access role
  • Field Name: portal_user
  • Type: String
Phone Registration Portal API Password * Phone Registration API Password. This should be password of API user. This information is encrypted in VOSS Automate database
  • Field Name: portal_password
  • Type: String
  • Is Password: True
  • Store Encrypted: True
Phone Registration service Hierarchy Phone Registration Service Hierarchy. This should be the hierarchy of the VOSS Automate Provider
  • Field Name: portal_hierarchy
  • Type: String
CUCM IP IP of CUCM that this config applies to. The IP must be accessible to VOSS Automate
  • Field Name: cucm
  • Type: String