Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

LDAP contacts and photos for jabber ipad, iphone and Android not working

Hi Guys,

 

I have been up and down this forum and google following all the settings and configurations but I do not get my ldap directory synced with my mobile devices which means I do not see their photos nor any contact details I can only IM them from my contacts.

 

From my ipad and iphone logs I keep getting the following error.

-- 2014-06-25 11:11:18.181 DEBUG [a32c000] - [csf.person.ldap][bind] LDAP bind error. code=-1, msg=Can't contact LDAP server

 

My jabber-config.xml file works 100% for Jabber 4 Windows photos everything.

I have the UC Services configured and added to my end user.

I have the LDAP config on my TCT, TAB and BOT devices with no luck.

What am I missing or doing wrong? Why is it working 100% for J4W but not my mobile clients.

Any suggestions, examples or advise would be appreciated.

Links I have used:

https://supportforums.cisco.com/document/101766/troubleshooting-cisco-jabber-iphone

https://supportforums.cisco.com/document/129841/configure-directory-search-jabber-iphone

http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-version-85/113498-jabber-ldap-00.html

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/iPhone_iPad/JABI_BK_I30346C6_00_installation-and-configuration-guide-for-iOS/JABI_BK_I30346C6_00_installation-and-configuration-guide-for-iOS_chapter_0111.html

http://warcop.wordpress.com/2013/07/08/cisco-jabber-and-your-xml-file/

 

 

Voice CCIE #37771
Everyone's tags (6)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Do you have configure the

Do you have configure the LDAP UC service for the iPad, and the BDI directory entry for the mobile devices in you jabber-config.xml file?

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
21 REPLIES
Cisco Employee

Do you have configure the

Do you have configure the LDAP UC service for the iPad, and the BDI directory entry for the mobile devices in you jabber-config.xml file?

HTH

java

if this helps, please rate

www.cisco.com/go/pdi

Hi Jaime, I have added the

Hi Jaime,

 

I have added the following today yes:

<Directory> 

<DirectoryServerType>BDI</DirectoryServerType>
<BDILDAPServerType>AD</BDILDAPServerType>
<BDIPresenceDomain>mydomain.co.za</BDIPresenceDomain>
<BDIUseJabberCredentials>true</BDIUseJabberCredentials>
<BDIPrimaryServerName>my AD server</BDIPrimaryServerName>
<BDIServerPort1>389</BDIServerPort1>
<BDIEnableTLS>False</BDIEnableTLS>
<BDISearchBase1>ou=people,dc=mydomain,dc=co,dc=za</BDISearchBase1>
<BDIBaseFilter>(&amp;(&(objectCategory=person)(objectClass=user)(Pager=1))
</BDIBaseFilter>
<BDIDisplayName>displayName</BDIDisplayName>
<BDIEmailAddress>mail</BDIEmailAddress>
<BDISipUri>msRTCSIP-PrimaryUserAddress
</BDISipUri>
<BDIBusinessPhone>telephoneNumber</BDIBusinessPhone>
<BDIMobilePhone>mobile</BDIMobilePhone>
<BDIUserAccountName>sAMAccountName</BDIUserAccountName>
<BDIPhotoSource>thumbnailPhoto</BDIPhotoSource>

<BDIPredictiveSearchFilter>uid</BDIPredictiveSearchFilter>

</Directory> 

 

The UC services for LDAP on the CUCM is configured yes as well as on my IM&Presence server.

I have EDI directory config in for my Jabber 4 Windows as well above the BDI directory config.

Voice CCIE #37771
Cisco Employee

The very fact that you are

The very fact that you are receiving Bind error message signifies that the binding is not successful using "BDIUseJabberCredentials"; are your users provisioned for read only access to the LDAP; if not can you try to use " BDIConnectionUsername"  and "BDIConnectionPassword" to see if that resolves your issue.

 

- Please rate if this helps.

Hi Amit, Thanks I will give

Hi Amit,

 

Thanks I will give that a go and let you know.

 

Voice CCIE #37771

I have tried "

I have tried " BDIConnectionUsername"  and "BDIConnectionPassword" and still no directory bind.

angry

 

Just to add to my frustrations the Jabber voice works perfect. The screen icon but when I sign into the blue icon Jabber IM & Presence no AD info gets populated.

Voice CCIE #37771
New Member

I have the exact same problem

I have the exact same problem.

But this worked on Jabber for Windows 9.2.1 (and I think in early versions of the iPhone client).

https://supportforums.cisco.com/discussion/12243576/jabber-windows-iphone-issue-photo-and-search

Best regards,
René

New Member

Hii have the same

Hi
i have the same problem
jabber for windows can display photos and contacts but for android and iphone cannot
i have CUCM 10.5 ,CUPS 10.5 and also jabber 10.5 version
i used AD Edit photo to add user's photo on LDAP
as i found on the replies above i have to add BDI informations on jabber file
please i would like a jabber xml file that will be used for jabber client for windows ,android and iphone .

regards 

New Member

I have the OPPOSITE problem.

I have the OPPOSITE problem.  When Windows Users are connected to the VPN they cannot contact the LDAP Server.  

However MAC users connected to the VPN (also using Cisco AnyConnect) CAN connect to the LDAP and search the directory.

Is there a way to configure Windows clients to use BDI if EDI fails?

Cisco Employee

no there is no way for

no there is no way for windows to use the BDI code. BDI is meant for non windows OS only.

New Member

Since BDI works (as the MAC

Since BDI works (as the MAC users have full functionality) what is the next step for the Windows Users.

What steps need to be performed to find out WHY the Windows users cannot access LDAP on the VPN but MAC users CAN.

We don't have the bandwith to use UDS system wide.  

If I create two identical users in the system with the same profiles and one is on a MAC they have the Directory but the Window user does not.  

Cisco Employee

i havent read the complete

i havent read the complete conversation details; though running a wireshark from the PC spanning the vpn interface traffic and using "LDAP" as filter; might give us a clue on what is happening when the PC tries to connect to LDAP.

New Member

 Hello this configuration

 

Hello

 

this configuration works for me , android and iphone devices

<Directory>
<DirectoryServerType>BDI</DirectoryServerType>
<BDIPhotoURISubstitutionEnabled>True</BDIPhotoURISubstitutionEnabled>
<BDIPhotoURISubstitutionToken>sAMAccountName</BDIPhotoURISubstitutionToken>
<BDIPhotoURIWithToken>http://192.168.10.109/sAMAccountName.jpg</BDIPhotoURIWithToken>   ***must be create a web server and storage the contact photos on a folder, can put the ip add or www address***
<BDIOtherPhone>ipPhone</BDIOtherPhone>
<BDIEmailAddress>mail</BDIEmailAddress>
<BDIPresenceDomain>my Domain</BDIPresenceDomain>
<BDILDAPServerType>AD</BDILDAPServerType>
<BDIPrimaryServerName>192.168.10.109</BDIPrimaryServerName> ***ipadd of active directory**
<BDIServerPort1>389</BDIServerPort1>
<BDISearchBase1>ou=Domain Controllers,dc=example,dc=com</BDISearchBase1>
<BDIConnectionUserDN>CUCMLDAP@example.com</BDIConnectionUserDN>
<BDIConnectionPassword>password</BDIConnectionPassword>
<OtherPhone>ipPhone</OtherPhone>
</Directory>

 

create a web server , and select the folder of contact photos, must be with the username: isalazar.jpg

 

sure you can view the contact photos via web

 

New Member

Hi sirkalliemarie,after a few

Hi sirkalliemarie,

after a few days, I have got it now up and running with the attatched config.

Jabber for Mac (whoch also uses the BDI config) is now acting the same way as Jabber for Windows.

Jabber for iPhone/Android are working fine with the config. BUT, the contact photos (as well as the full username) does not show up automatically. Jabber for iPhone/Android retrieve them when I'am search the ldap.

It seems to me, that unlike Jabber for Windows/Mac the mobile clients do not automatically issue a ldap query at startup. After you search for a user the mobile client issue a ldap query as well as a query for your locale phone contacts.

 

A few things that I have learned so far:

1) Jabber for Mac/Android/iPhone (all BDI clients) does not seem to support more then one LDAP/AD server (unlike EDI integration)

2) Jabber for Mac/Android/iPhone (all BDI clients) does not seem to support more then one search base (unlike EDI integration)

3) BDI integration does not seem to support global catalog so you can't use DC=test,DC=local as search base -> that su** if your users are scattered over your directory

 

It works for me (now), but I'am really disappointed by Cisco. I hope that newer versions of Jabber for Mac/Android/Jabber will have EDI support. But I doubt that...

Kind Regards,

René


EDIT: I have just tested Jabber for iPad (the same app as for iPhone!) and it works as well as Jabber for Mac/Windows. Names in contact list are displayed "correctly" (not as UPN) and pictures are automatically retrieved from the directory. So just the iPhone/Android version of this app has such a crappy BDI integration.

Hi Rene, I also got it

Hi Rene,

 

I also got it working for iphone.ipad and android my issue was syntax in my xml file wordpad not such a good editor for xml files.

 

My Jabber for windows, ipad, iphone and android all works now from my single jabber-config.xml file with both EDI and BDI directory config.

Thank you very much oooo and yes I had to change the photosource to thumnailname under BDI config. Under EDI I use jpegPhoto as my photosource.

 

Voice CCIE #37771

Hi Jaime, Just to update. My

Hi Jaime,

 

Just to update.

 

My Jabber Voice the green icon for iphone works 100%.

See Jabber_voice pictures.

My Jabber IM for iOS does not integrate with AD at all the blue icon for iphone.

This is my issue. See Jabber IM pictures.

 

Voice CCIE #37771

Hi sirkalliemarie,Do you have

Hi sirkalliemarie,

Do you have these settings for BDI integration into jabber-config.xml?

   <BDIPhotoUriSubstitutionEnabled>true</BDIPhotoUriSubstitutionEnabled>

   <BDIPhotoUriSubstitutionToken>sAMAccountName</BDIPhotoUriSubstitutionToken>

 <BDIPhotoUriWithToken>http://x.x.x.x/photos/sAMAccountName.jpg</BDIPhotoUriWithToken>

Where x.x.x.x is your web server. 

These indicate to Apple devices where they have to acquired the avatars.

Regards.

New Member

So are you saying the BDI

So are you saying the BDI directory entry is necessary even if you have full LDAP integration done for CUCM and CUP?  Jabber for Windows has no issues pulling the correct information including photos from AD.

Hi Jim,

Hi Jim, Jabber for Windows is not the issue here, Jabber IM for ipad, iphone and android not pulling the correct info from AD.
Voice CCIE #37771
Cisco Employee

Yes, it doesn't matter if

Yes, it doesn't matter if CUCM is LDAP integrated, that's not related. J4W will use SRV records by default to try to locate EDI (default directory) and will look DIRECTLY into the LDAP/GC server for contact resolution.

If you want to change that behavior, field mapping, EDI/UDS, search base, etc, use the .xml file.

Jabber for other platforms, excluding Jabber Video for iPad, require BDI directory configuration in the .xml

Mac version also depends on the .xml config for this.

HTH

java

if this helps, please rate

www.cisco.com/go/pdi

Hi All, Just wanted to let

Hi All,

 

Just wanted to let you know I got everything working it was xml syntax errors spaces that was introduced due to making use of word pad I downloaded a xml editor and solved everything.

 

Please see my jabber-config.xml template attached.

 

I made use of EditiX is a cross-platform XML & XSL editor

Voice CCIE #37771

Hi All, Just wanted to let

Hi All,

 

Just wanted to let you know I got everything working it was xml syntax errors spaces that was introduced due to making use of word pad I downloaded a xml editor and solved everything.

 

Please see my jabber-config.xml template attached.

 

I made use of EditiX is a cross-platform XML & XSL editor

Voice CCIE #37771
7333
Views
5
Helpful
21
Replies
CreatePlease login to create content