This document describes the troubleshooting tips for Sign-In problems with IMAP Email clients in Unity Connection 9.x.
In Cisco Unity Connection Administration, configure the following settings on the System Settings > SMTP Configuration > Server page to match the SSL settings
in the IMAP email clients:-
Allow Connections From Untrusted IP Addresses
Require Authentication From Untrusted IP Addresses
Transport Layer Security From Untrusted IP Addresses Is (Disabled, Required, Optional)
IMAP email clients all include two fields in which you can enter either the IP address or the fully qualified domain name of the Connection server. When clustering is configured, enter the fully qualified domain name of a DNS A record that includes the Connection publisher and subscriber servers. If your DNS server allows you to specify the order in which DNS tries to contact Connection servers, specify that the server that is available most often is the first server contacted. This usually is the publisher server.Some IMAP email clients do not respect DNS A records. For those clients, if the first Connection server is not available, the client does not try to access the other Connection server.
When a user forwards or replies to a voice message from an IMAP email client, the message will be sent to recipients on the Connection server unless the user specifically configures the message to be sent through another account.
Unity Connection 9.x
Troubleshooting Sign-In Problems with IMAP Email Clients in Cisco Unity Connection 9.x (When LDAP Is Not Configured)
If users have trouble signing in to an IMAP client, or have trouble receiving voice messages in an IMAP client, consider the following possibilities:-
If the IMAP client application prompts a user for the Cisco Personal Communications Assistant (PCA) password, but does not accept it:
The Cisco Unity Connection user account may be locked because of too many invalid sign-in attempts.
The Connection user account may have been locked by an administrator.
The Connection user password may have expired.
The Connection user account may have been configured to require that the user specify a new password.
The Connection user may be entering the wrong password.
Users who belong to a class of service that allows access to the Messaging Assistant or to the Messaging Inbox can try to sign in to the Cisco PCA instead; the Cisco PCA displays an error message that explains why the sign-in attempt is failing. Users who cannot access the Messaging Assistant or the Messaging Inbox must contact an administrator for assistance.
If Microsoft Outlook users are not prompted for their Cisco PCA password, confirm that the Remember Password check box on the Internet Email Settings (IMAP) page is not checked. If this option is checked, and the password of the user has expired, changed, or is locked, Microsoft Outlook does not prompt the user to enter the Cisco PCA password. The result is that the user does not receive voice messages from Connection, and Outlook prompts for the username and password.
Troubleshooting Sign-In Problems with IMAP Email Clients in Cisco Unity Connection 9.x (When LDAP Is Configured)
If you are using LDAP authentication and using an IMAP email client to access Cisco Unity Connection voice messages, and if users who are integrated are with the LDAP are unable to authenticate, consider the following possibilities:
If you are using Active Directory, confirm that the server you are using for authentication is a global catalog server and that you are using port 3268.(if you are not using SSL to encrypt data that is transmitted between the LDAP server and the Connection server) or port 3269 (if you are using SSL). Authentication settings are on the System Settings > LDAP > LDAP Authentication page in Connection Administration.If you change any values on the LDAP Authentication page, and if IMAP clients are accessing Connection, restart the Connection IMAP Server service in Cisco Unity Connection Serviceability. If other web applications are accessing Connection (for example, Cisco Personal Communications Assistant), restart the server
If the problem occurs even though you are already using a global catalog server or you are not using Active Directory, try to sign in to the Cisco PCA by using an account that cannot sign in to an IMAP email client.
If that fails, then there are two likely causes: either the specifications on the LDAP Authentication page are incorrect, or there is a problem with user credentials on the LDAP server, for example, the password has expired or the user is specifying the wrong password.
If that succeeds, and if you have configured SSL to encrypt data that is transmitted between the LDAP server and the Connection server, there may be a problem with the SSL certificate. To confirm, uncheck the Use SSL check box, change the port to 3268, restart the Connection IMAP Server service in Cisco Unity Connection Serviceability, and try again.