04-27-2010 04:13 PM - edited 03-19-2019 12:51 AM
Hi,
We're looking to filter our LDAP directory in CUC 7.1(3b) to only pull in accounts where the 'ipPhone' field contains something (or is not null).
We've been able to successfully implement this in CUCM, so that our Corporate Directory only lists AD accounts with the ipPhone field populated.
According to guides we've found online the command from CLI is, 'set cuc ldapfilter {insert filter}'
The syntax we're trying to use is:
set cuc ldapfilter '(&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2))(ipPhone=*))'
The problem is that the CUC CLI removes the ampersand (&) from the beginning of the string, so we end up with the following if we paste in the above filter:
set cuc ldapfilter '((objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2))(ipPhone=*))'
Has anyone successfully implemented LDAP filtering in CUC, if so can you please post a sample syntax?
Or, does anyone know how to type/enter an ampersand (&) in CUC CLI?
Solved! Go to Solution.
04-27-2010 04:57 PM
I believe that your syntax is incorrect.
From this guide: http://www.ciscosystems.com/en/US/docs/voice_ip_comm/cucm/cli_ref/7_1_3/cli_ref_713.html#wp39913
The 'set cuc ldapfilter' is a wizard based command. For example:
admin:set cuc ldapfilter
Please select the LDAP server type for which you wish to set the filter:
1 Microsoft Active Directory
2 Netscape or Sun ONE LDAP Server
3 OpenLDAP
4 Microsoft Active Directory Application Mode
Selection: 1
Current filter:
(&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))
New Filter:
(&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2))(ipPhone=*))
Filter updated successfully.
admin:
The items in blue and bold represent data you would input.
I just tested this on my 7.1(3b) lab system and the ampersand is not lost. So, try entering "set cuc ldapfilter" by itself and hit enter. Follow the wizard and see if you are still having problems.
HTH.
Regards,
Bill
Please remember to rate helpful responses and identify
04-27-2010 04:57 PM
I believe that your syntax is incorrect.
From this guide: http://www.ciscosystems.com/en/US/docs/voice_ip_comm/cucm/cli_ref/7_1_3/cli_ref_713.html#wp39913
The 'set cuc ldapfilter' is a wizard based command. For example:
admin:set cuc ldapfilter
Please select the LDAP server type for which you wish to set the filter:
1 Microsoft Active Directory
2 Netscape or Sun ONE LDAP Server
3 OpenLDAP
4 Microsoft Active Directory Application Mode
Selection: 1
Current filter:
(&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))
New Filter:
(&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2))(ipPhone=*))
Filter updated successfully.
admin:
The items in blue and bold represent data you would input.
I just tested this on my 7.1(3b) lab system and the ampersand is not lost. So, try entering "set cuc ldapfilter" by itself and hit enter. Follow the wizard and see if you are still having problems.
HTH.
Regards,
Bill
Please remember to rate helpful responses and identify
04-27-2010 05:21 PM
Awesome!
I just applied the filter successfully following your guide.
It wasn't clear in the Cisco Guides I'd read that the command 'set cuc ldapfilter' was a wizard.
Thanks so much for your help William.
Cheers,
Dave.
06-16-2010 07:06 AM
Hi Dave,
I noticed you sucessfully created custom filter in CUCM & wanted to check if you can provide more details to me. I am running CUCM 5.1.3.
i followed the steps mentioned at below forum but i am stuck becuase i am getting file not found error.
http://uccert.wikidot.com/forum/t-134148
C:\ccmUpgrade> java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\m
ail.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xer
cesImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=
cisco -host=10.236.18.17 -input=LDAPFilter.xml
java.io.FileNotFoundException: LDAPFilter.xml (The system cannot find the file s
pecified)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.
at java.io.FileInputStream.
at AxlSqlToolkit.execute(AxlSqlToolkit.java:188)
at AxlSqlToolkit.main(AxlSqlToolkit.java:244)
any idea what i am missing, i verified xml filename but it may be something on my sql command. Below is content of my sql commands under xml file. can you check what i am missing
please let me know if you can provide some easy seteps to do this.
thanks
06-16-2010 07:11 AM
Hi
The app isn't finding your LDAPFilter.xml file (as the error states).
In the -input parameter, specify the full path:
-input=c:\ccmupgrade\LDAPFilter.xml
Regards
Aaron
Please rate helpful posts...
06-16-2010 07:21 AM
Hi Aaron,
Thanks for the quick response !
i tried using the file path but ends up in same error.
see the output from my command prompt
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=test.xml
[Fatal Error] :13:48: The entity name must immediately follow the '&' in the ent
ity reference.
org.xml.sax.SAXParseException: The entity name must immediately follow the '&' i
n the entity reference.
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at AxlSqlToolkit.execute(AxlSqlToolkit.java:188)
at AxlSqlToolkit.main(AxlSqlToolkit.java:244)
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=test.xml
select * from ldapfilter where tkldapserver=1
*****************************************************************************
Sending message...
---------------------http://schemas.xmlsoap.org/soap/envelope/">
OAP-ENV:Header/>
lect * from ldapfilter where tkldapserver=1
---------------------
Positive response received.
---------------------
AP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
r/>
XL/API/1.0" xmlns:xsi="http://www.cisco.com/AXL/API/1.0" sequence="1276697871719
">
/tkldapserver>
countControl:1.2.840.113556.1.4.803:=2)))
---------------------
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=c:\ccmupgrade\LDAPFilter.xml
java.io.FileNotFoundException: c:\ccmupgrade\LDAPFilter.xml (The system cannot f
ind the file specified)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.
at java.io.FileInputStream.
at AxlSqlToolkit.execute(AxlSqlToolkit.java:188)
at AxlSqlToolkit.main(AxlSqlToolkit.java:244)
06-16-2010 07:50 AM
Hi
Where is your LDAPFilter file? Is it in c:\ccmupgrade?
The file you attached to the post earlier is named "LDAP Filter.xml" (with a space in the middle). If your file on disk has the space, rename it to remove the space.
Regards
Aaron
06-16-2010 08:42 AM
Yes the file is in C:\ccmUpgrade
see i have tried diffrent combinations and it still errrors, i think this has something to do with contents of xml file.
notice when i used a diffrent filename( test.xml) it didnt error though the path mentiond doesnt have C:\ccmUpgrade
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=c:\ccmupgrade\LDAP Filter1.xml
AxlTestDriver (Java) parameters and options:
-username=
-password=
-host=
-port=
-input=
-output=
nses
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=c:\ccmupgrade\LDAPFilter1.xml
java.io.FileNotFoundException: c:\ccmupgrade\LDAPFilter1.xml (The system cannot
find the file specified)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.
at java.io.FileInputStream.
at AxlSqlToolkit.execute(AxlSqlToolkit.java:188)
at AxlSqlToolkit.main(AxlSqlToolkit.java:244)
C:\ccmUpgrade>
C:\ccmUpgrade>
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=LDAPFilter1.xml
java.io.FileNotFoundException: LDAPFilter1.xml (The system cannot find the file
specified)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.
at java.io.FileInputStream.
at AxlSqlToolkit.execute(AxlSqlToolkit.java:188)
at AxlSqlToolkit.main(AxlSqlToolkit.java:244)
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=LDAP Filter1.xml
AxlTestDriver (Java) parameters and options:
-username=
-password=
-host=
-port=
-input=
-output=
nses
C:\ccmUpgrade>
in order to rule out that it is issue with file pathname or file name i used a diffrent filename ( just for testing ) and didnt error.
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=test.xml
select * from ldapfilter where tkldapserver=1
*****************************************************************************
Sending message...
---------------------http://schemas.xmlsoap.org/soap/envelope/">
OAP-ENV:Header/>
lect * from ldapfilter where tkldapserver=1
---------------------
Positive response received.
---------------------
AP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
r/>
XL/API/1.0" xmlns:xsi="http://www.cisco.com/AXL/API/1.0" sequence="1276702654499
">
/tkldapserver>
countControl:1.2.840.113556.1.4.803:=2)))
---------------------
06-16-2010 08:46 AM
if i rename to LDAFiter.xml to test.xml i get below error:
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=LDAPFilter1.xml
java.io.FileNotFoundException: LDAPFilter1.xml (The system cannot find the file
specified)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.
at java.io.FileInputStream.
at AxlSqlToolkit.execute(AxlSqlToolkit.java:188)
at AxlSqlToolkit.main(AxlSqlToolkit.java:244)
C:\ccmUpgrade>
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=test.xml
[Fatal Error] :13:48: The entity name must immediately follow the '&' in the ent
ity reference.
org.xml.sax.SAXParseException: The entity name must immediately follow the '&' i
n the entity reference.
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at AxlSqlToolkit.execute(AxlSqlToolkit.java:188)
at AxlSqlToolkit.main(AxlSqlToolkit.java:244)
06-16-2010 08:52 AM
OK - now you are getting somewhere.
The file is now found, however in XML '&' is a special character. It needs to be escaped by replacing the & in your LDAP query string with &
So an example would be:
Regards
Aaron
Please rate helpful posts and mark answered questions that you've got a satisfactory response from to help identify useful content in the forums...
https://supportforums.cisco.com/docs/DOC-6212
06-16-2010 08:47 AM
In my last post I suggested you rename the file, not use a space in the parameter.
If you put a space in the parameter it probably won't work, as it will see the space as the end of the filename. Your other test filenames don't have spaces...
FileNotFoundException means just that; it doesn't matter what the contents of the file are because the app can't find the file.
06-16-2010 09:09 AM
thanks aaron,
now when i replaced & with & i am getting another error:
C:\ccmUpgrade>java -cp .\classes;.\lib\saaj-api.jar;.\lib\saaj-impl.jar;.\lib\ma
il.jar;.\lib\activation.jar;.\lib\jaxm-api.jar;.\lib\jaxm-runtime.jar;.\lib\xerc
esImpl.jar;.\lib\xml-apis.jar AxlSqlToolkit -username=ccmapplication -password=c
isco -host=10.236.18.17 -input=c:\ccmupgrade\LDAPFilter.xml
[Fatal Error] :13:51: The reference to entity "amp" must end with the ';' delimi
ter.
org.xml.sax.SAXParseException: The reference to entity "amp" must end with the '
;' delimiter.
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at AxlSqlToolkit.execute(AxlSqlToolkit.java:188)
at AxlSqlToolkit.main(AxlSqlToolkit.java:244)
sorry i have not background to sql or vb , any idea where should this delimiter be inserted.
06-16-2010 09:23 AM
Hi
Looks like you have replaced & with & rather than &
You need the ; as well.
Regards
06-16-2010 09:55 AM
06-16-2010 10:05 AM
Hi
You have :
update ldapfilter set filter = ='(....
two = =
it should start:
update ldapfilter set filter = '(....
Regards
Aaron
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: