Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5749
Views
3
Helpful
5
Replies

LDAP Authentication with UCCX

gbljoba
Level 1
Level 1

‎08-02-2010 08:39 AM - edited ‎03-14-2019 06:12 AM

Hi,

We are planning to integrate the LDAP authentication with our CUCM and remove extension mobility from users that are not using it. By doing this it will allow us to easier deploy CUCiMOC.

This is likely to break UCCX so i have a simmilar setup in the LAB environment. I have enabled LDAP sync and Auth on the CUCM and predictably the CRSAdmin pages will not accept the old username and password. Neither would it accept my LDAP credentials. So, i removed the LDAP authentication, logged back into the CRSAdmin pages with the old login and found my LDAP login in the User Managment page and gave myself Admin rights. Then i renabled LDAP Auth and still it would not let me into the CRSAdmin pages. It will let me into the CUCM admin pages with the LDAP credentials.

Does anyone know what i need to do to fix this?

Regards

Jon

Labels:
0 Helpful
5 Replies 5

Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎08-02-2010 09:05 AM

The way I have done this in the past is to replicate the local UCM user identically (username, first/last name, password, etc) in LDAP. UCM should see the same user object when performing AD synchronization and map the user together. This will allow you to login to CCX as before with the same user. You can add other user objects to the administrator role at that point.

gbljoba
Level 1
Level 1
In response to Jonathan Schulenberg

‎08-03-2010 07:15 AM

Thanks Jonathan. The problem with that is that the AD GPO will not let me set the password i am using...

Besides when i removed LDAP authentication i logged into the UCCX again and added the Administrator rights to my LDAP account but it wont autheticate me.

Do you have any other ideas?

/Jon

0 Helpful

Jonathan Schulenberg
Hall of Fame
Hall of Fame
In response to gbljoba

‎08-03-2010 07:19 AM 

The problem with that is that the AD GPO will not let me set the 
password i am using...

So change your non-LDAP account password in UCM to a password that AD will accept, test that it works for login on CCX, and then do the LDAP integration.

Besides when i removed LDAP authentication i logged into the UCCX again 
and added the Administrator rights to my LDAP account but it wont 
autheticate me.

No idea, but one guess would be that changes to the account may not hold when the account is marked as inactive in UCM. Just a guess though.

0 Helpful

gbljoba
Level 1
Level 1
In response to Jonathan Schulenberg

‎08-03-2010 09:02 AM

Ive even done the old com.cisco.crs.cluster.config.AppAdmin 'FRESH INSTALL' trick and then added my LDAP id in there and still it

will not let me in......

0 Helpful

Graham Old
Level 7
Level 7
In response to gbljoba

‎08-05-2010 01:01 PM

Check that you can login to the ccmuser page. https:///ccmuser

That validates your user ID and LDAP password

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents