I tried to set up CUCM V7.1.3 with LDAP Auth. I configured the CUCM to use UPN as username. I used email@example.com in LDAP Manager Distinguished Name in LDAP Directory and the LDAP user Search base is dc=netlab,dc=loc. It works fine. However, when I set up LDAP Auth and try to use the same name firstname.lastname@example.org in LDAP manager Distinguished Name, it fail. I tried different names and change the LDAP port to 3268 base on some Cisco documentation. Nothing works.
Solved! Go to Solution.
The UPN is not the same as the Distinguished Name (DN) in LDAP. UPN is an individual attribute on an LDAP object while DN is a fully-qualified object path within LDAP.
An example: CN=Example User,OU=Service Accounts,OU=People,DC=domain,DC=com.
In Active Directory the CN field is typically the Display Name field as shown in ADUC.
If i use Domain\user, I got this error
Error while Connecting to ldap://10.10.10.15:3268/netlab\sys.netlab, javax.naming.InvalidNameException: netlab\sys.netlab: [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090654, comment: Error processing name, data 0, vece]; remaining name \'netlab\sys.netlab\'
if I use the suggestion from Jonathan,
I got this error
Login Failure to Host ldap://10.10.10.15:3268, Please Re-Enter LDAP Manager Distinguished Name and Password
Even though the password is correct.
Just to add to my last post. If I use sAMAccountName not userPrincipalName in LDAP System Configuration. The same user "sys.netlab" would work in LDAP Auth.
Hi Jonathan, Hi David
Thank you for your nice suggestions. It is working now.
I use this in the LDAP Manager Distinguished Name in LDAP Auth
It works with either port # 389 or 3268.
I swear to god I tried this but I must have brain fart..:-)
Again I appreciated all your help.