Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1640
Views
0
Helpful
4
Replies

Unity Connection with Active Directory

hasankhan2009
Level 1
Level 1

‎01-24-2010 03:59 AM - edited ‎03-19-2019 12:20 AM

Hello,

We are integrating UC with AD in the lab. The issue is that whenever a user changes his password at the AD, the IMAP account in outlook always complains. But if the same user logins via PCA, he never has an issue with the password.

If we reimport the user, the new password works at IMAP.

Any idea, why changing password is causing IMAP to fail in authenticating with the AD.

We have 24 hours sync time and IMAP client is pointing to UC for import and export the voice mail

.

Thanks,

Hasan

Labels:
0 Helpful
4 Replies 4

Ginger Dillon
VIP Alumni
VIP Alumni

‎01-27-2010 08:17 AM

Hi -

I believe this is working as designed - check out this link - http://www.cisco.com/en/US/docs/voice_ip_comm/connection/7x/user_mac/guide/7xcucmac040.html#wp1266550

"For users who are able to access voice messages in an IMAP client, make sure that they understand that whenever they change their Cisco PCA password in the Cisco Unity Assistant, they also must update the password in their IMAP client. Passwords are not synchronized between IMAP clients and the Cisco PCA. If users have trouble receiving voice messages in an IMAP client after having updated their Cisco PCA password in both applications, see the "Troubleshooting IMAP Client Logon Problems" section in the "Configuring an Email Account to Access Cisco Unity Connection Voice Messages" chapter of the User Workstation Setup Guide for Cisco Unity Connection."

Hope this helps, Ginger

0 Helpful

hasankhan2009
Level 1
Level 1
In response to Ginger Dillon

‎01-27-2010 08:25 AM

No this is not the case. What you are describing is the case when UC is not connected to the AD. If we use Active Directory then user even could change the password at windows level and this password should be applied for PCA and IMAP client as well. I have worked on this with Cisco TAC and they confirm that this is a bug in UC. The work around is available but for work around you need Cisco TAC as it needs to create a root account in the system.

0 Helpful

Tommer Catlin
VIP Alumni
VIP Alumni
In response to hasankhan2009

‎01-27-2010 04:14 PM

CUCM or CUC does not sync any passwords to its local informix database.  Its a challenge / response type of authentication.  For example:

If a user tries to log into PCA or ccmuser page, CUC or CUCM will make an LDAP call to AD and ask for authentication.  AD will reply with a message saying yes or no to authenticate.

Outlook is just clunky.  If the password is changed in AD, the user has to manually change it in the IMAP profile.  There is no automatic way for this to happen.

0 Helpful

hasankhan2009
Level 1
Level 1
In response to Tommer Catlin

‎01-28-2010 07:37 AM

Yes that is correct. But the outlook is pointing towards to UC publisher which is supposed to forward the request to the AD. If the request is not forwarded then AD or outlook could not do any thing.

0 Helpful
Customers Also Viewed These Support Documents