Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1747
Views
0
Helpful
4
Replies

Call Manager 6.0 LDAP Sync Issue

Go to solution
steven.t27
Level 1
Level 1

‎07-06-2010 01:59 AM - edited ‎03-15-2019 11:34 PM

Hi

I have call manager 6.0 synchronise successfully with an active directory server via LDAP. However when the users are imported successfully via LDAP, the password and pin are not disclosed? I presume the password would be the login credentials of the user I have created in AD however as I login to the ccmuser page it tells me that the credentials are wrong. I use the UDP function as well so the PIN appears to be unknown as well? Any ideas to this?

Any feedback will be of great help. Let me know if you guys need any other info from me?

Thanks


ST

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame
In response to steven.t27

‎07-07-2010 05:07 AM 

Just 
having issues with the password. Do I need like a LDAP browser installed
 on my AD server?

No. There are a few basics I can think of:

  • Make sure you are not running on 2000 domain functional level. I think that has been dropped.
  • Check to ensure that your authentication search context covers the end user object you are trying to bind.
  • Check your LDAP servers shown in the authentication page and ensure the port is correct. 389 if not a GC; 3268 if it is. Leave SSL off until you get this working.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎07-06-2010 04:12 AM 

I have call manager 6.0 synchronise successfully with an active 
directory server via LDAP.

Are you only synchronizing end user objects; or, are you synchronizing and performing LDAP Authentication? These are two separate configuration items in the UCM Administation GUI. If the Password field on the End User Configuration page is enabled, you are not performing LDAP-based authentication.

 I presume the password would be the login credentials of the user I 
have created in AD however as I login to the ccmuser page it tells me 
that the credentials are wrong.

Ensure that the user has been added to the Standard CCM End Users group. This is a required group membership for access to the /ccmuser webapp.

I use the UDP function as well so the PIN appears to be unknown as well?

PINs are not synchronized with LDAP at all. You will need to set the value on the End User Configuration Page. Also ensure that the password is not set to require the user to change it at next login. If this is the case, Extension Mobility will fail to login with an error.

0 Helpful

Go to solution
steven.t27
Level 1
Level 1
In response to Jonathan Schulenberg

‎07-06-2010 07:39 PM

I have call manager 6.0 synchronise successfully with an active  directory server via LDAP.

Are you only synchronizing end user objects; or, are you synchronizing and performing LDAP Authentication? These are two separate configuration items in the UCM Administation GUI. If the Password field on the End User Configuration page is enabled, you are not performing LDAP-based authentication.

ST -> I am synchronising with LDAP Authentication as well. Therefore when I click on the End User Configuration Page the password field is not change-able.

I presume the password would be the login credentials of the user I  have created in AD however as I login to the ccmuser page it tells me  that the credentials are wrong.

Ensure that the user has been added to the Standard CCM End Users group. This is a required group membership for access to the /ccmuser webapp.

ST -> Yes I did enable End User group for the user in order to login as well.

I use the UDP function as well so the PIN appears to be unknown as well?

PINs are not synchronized with LDAP at all. You will need to set the value on the End User Configuration Page. Also ensure that the password is not set to require the user to change it at next login. If this is the case, Extension Mobility will fail to login with an error.

ST -> In regards to the PIN, im sure that i can update a bulk of entries using the BAT tool. Which is not a problem.

Just having issues with the password. Do I need like a LDAP browser installed on my AD server?

0 Helpful

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame
In response to steven.t27

‎07-07-2010 05:07 AM 

Just 
having issues with the password. Do I need like a LDAP browser installed
 on my AD server?

No. There are a few basics I can think of:

  • Make sure you are not running on 2000 domain functional level. I think that has been dropped.
  • Check to ensure that your authentication search context covers the end user object you are trying to bind.
  • Check your LDAP servers shown in the authentication page and ensure the port is correct. 389 if not a GC; 3268 if it is. Leave SSL off until you get this working.
0 Helpful

Go to solution
steven.t27
Level 1
Level 1
In response to Jonathan Schulenberg

‎07-09-2010 01:20 AM

Thanks Jonathan, your the CHAMP!

I've raised the domain functional level to Windows 2003 mode and try again; it works like charm!!

Simply Brilliant. Thanks for your help

ST

0 Helpful
Customers Also Viewed These Support Documents