Jabber LDAP Mapping

Answered Question
Sep 24th, 2013
User Badges:

Question... When you click a user in jabber and right click and hit view profile you can see a field that says "Address" What field in active directory is this calling out for? I filled out the address field in AD and it is not pulling over.


Below is the ldap mapping fields i have on my presence server mappings for messenger. I cannot seem to get any field to pull this info into jabber. Or maybe is there a force sync for ldap i need to do to force the settings?


ad.PNG

Correct Answer by Jonathan Schulenberg about 3 years 10 months ago

When you chose UDS, Jabber doesn't query LDAP. Instead, it uses an API on CUCM itself and is limited to data held in CUCM's database, specifically the End User table. None of the address attributes are currently saved by CUCM when it syncs with LDAP.


You would need to change to either EDI or BDI to get address data. Note that the upcoming VPN-less remote access solution will require UDS since it uses an HTTPS/SIP reverse proxy and not a full VPN tunnel. My advise would be to keep UDS and tell people to look in the Outlook GAL if they really need to see address information.



Please remember to rate helpful responses and identify helpful or correct answers.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Christos Georgiadis Wed, 09/25/2013 - 01:46
User Badges:
  • Silver, 250 points or more

Hi Todd,


Here's the attribute mapping


http://www.cisco.com/en/US/docs/voice_ip_comm/jabber/Windows/9_2/JABW_BK_C9731738_00_jabber-windows-install-config_chapter_0101.html#JABW_RF_AA1BEF05_00


From what I see we use the streetAddress attribute from AD. These are the default values and of course you can change them by modifying the jabber-config.xml


HTH,

Christos

AmbryTodd Wed, 09/25/2013 - 07:43
User Badges:

I cannot seem to get it to pull in... Here is basically what i did below from AD and then did a sync in CUCM and waited 24hours to make sure presence would do an AD sync and still isint pulling it in.


I just cant seem to figure out why it will not pull in.


Christos Georgiadis Thu, 09/26/2013 - 00:21
User Badges:
  • Silver, 250 points or more

I did some testing in my lab and indeed if you feel in the Street field the value is populated in the streetAddress attribute.

Can you check if that is the case ? You can use any LDAP browser and a read access account to check it out or ADSIEdit tool from the AD (watch out with that)


Regards,

Christos

AmbryTodd Thu, 09/26/2013 - 08:31
User Badges:

Do you think it can be my jabber-config.xml file? only thing i can think of is this line.. I did it for pictures, we dont have pictures in our AD. However all the other fields pull in from AD like phone # and Job Title. shown below as well.


I used JXplorer and in the table editor i see StreetAddress as the field i changed it to. So it seems doing an LDAP query finds it.


UDS

  http://wiki/employee_photos/%%uid%%.jpg


Correct Answer
Jonathan Schulenberg Thu, 09/26/2013 - 08:54
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 IP Telephony

When you chose UDS, Jabber doesn't query LDAP. Instead, it uses an API on CUCM itself and is limited to data held in CUCM's database, specifically the End User table. None of the address attributes are currently saved by CUCM when it syncs with LDAP.


You would need to change to either EDI or BDI to get address data. Note that the upcoming VPN-less remote access solution will require UDS since it uses an HTTPS/SIP reverse proxy and not a full VPN tunnel. My advise would be to keep UDS and tell people to look in the Outlook GAL if they really need to see address information.



Please remember to rate helpful responses and identify helpful or correct answers.

AmbryTodd Thu, 09/26/2013 - 09:11
User Badges:

Changing it to EDI worked right away.


Jonathon where can I read more about that? I wonder if we will even want to use that at our company. Are you saying people can access our corp presence without a VPN connection?


also one last question sort of unrelated. I was never able to get the msi to compile with our Connection settings for server type of presence and the login server for our presence and domain name. But I did update the jabber config and added these lines.


   10.1.0.2

   company.local


However I realized when installing jabber it doesnt call out to the config until it actually connects after entering these commands for the first time... What is the point of adding these fields if it cannot populate to the install anyway?

Jonathan Schulenberg Thu, 09/26/2013 - 09:28
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 IP Telephony

The product hasn't shipped yet so is technically still under NDA. I'm limiting my mention to it to what I said above; since I have seen Cisco employees state that much publicly already I'm not disclosing something new. Reach out to your Cisco AM if you want additional details.


Those fields are not in the public XML schema that you upload to CUCM TFTP. Those are added to the local cached copy of the file and are what the IM&P cluster has told the client is it's primary server in the cluster. This way the client can start there at subsiquent logins instead of going through discovery again.


Ideally, you want to put the DNS SRV records in place instead of embedding it into the MSI file. The most you want to do to the MSI is set it to cloud or on-prem and maybe the language.




Please remember to rate helpful responses and identify helpful or correct answers.

AmbryTodd Thu, 09/26/2013 - 11:18
User Badges:

Jonathon, thanks for the reply. I guess I am asking more is it a jabber client we are talking about or a change to the Presence server?


Thanks for the DNS SRV records area. I will look into implementing that.

AmbryTodd Thu, 09/26/2013 - 11:48
User Badges:

Sorry Jonathon one more question. with the DNS SRV am i putting that on my main forward lookup zone on the domain.local tcp section? or am i putting it on the reverse lookup on the voice network?


below is a ss from the dns. is this basically what i want to do? i created a dns record for "cups" to resolve to the ip for the CUP server.


Jonathan Schulenberg Thu, 09/26/2013 - 12:00
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 IP Telephony

It goes in a Forward Lookup Zone but it needs to be the same one that user workstations/devices will get in their DHCP lease. Essentially Jabber does the lookup in _cuplogin._tcp.



Please remember to rate helpful responses and identify helpful or correct answers.

AmbryTodd Thu, 09/26/2013 - 12:20
User Badges:

Jonathon,


It is still not working. I did a fresh install of jabber (grabbed the msi and installed from my desktop) launched it and still get the box that pops up. It saves it after the first entry but this is more of a communal area where users switch who is using the PC where its an issue. I included my nslookup to show it appears to be working.


Jonathan Schulenberg Thu, 09/26/2013 - 13:15
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 IP Telephony

You still need to use an MST (e.g. Microsoft ORCA) to answer those two radio buttons automatically. The DNS SRV record only allows you to skip entering the server address .



Please remember to rate helpful responses and identify helpful or correct answers.

AmbryTodd Thu, 09/26/2013 - 13:26
User Badges:

Yeah for some reason i cannot get the orca to save. always errors out. there is a thread on here with other people that have the same issue. guess i will have to deal with it as is. Thanks anyway.

AmbryTodd Fri, 09/27/2013 - 14:44
User Badges:

So I ran into an issue. If i set it to EDI for some reason users who VPN in and try to use jabber for phone calls dont get the option to call. going to Help -> show connection status it doesnt seem to show it connecting to the directory. But if i switch it back to the UDS it allows to call but it still shows error in the directory. Thoughts? Local users have no problem just VPN users.

Actions

This Discussion

Related Content