12-06-2005 06:44 AM - edited 03-13-2019 11:27 AM
We change our AD administrator passwords periodically. We recently had callmgr 4.1 installed on our servers. We can't login to the Administration pages of call manager since we changed the AD admin password. How do I fix this?
12-06-2005 07:02 AM
Hi George,
Is the CallManager in a domain?
Are you using MLA?
If you are using MLA you might check the account used for authentication in the Directory under:
C:\dcdsrvr\DirectoryConfiguration.ini
Also check in regedit:
HKEY_LOCAL_MACHINE\SOFTWARE\Cisco Systems, Inc.\Directory Configuration
The MGRPW field.
Password is encrypted, you can use the passwordutils utility to encrypt your new password.
Open a cmd
passwordutils
Then reset IIS.
Let us know
HTH
12-06-2005 10:13 AM
I did the above listed, even tried a restart on IIS. Did not work. Still no web admin access. I even rebooted the machine. Any other suggestions?
12-06-2005 10:45 AM
Are you using MLA?
12-06-2005 12:40 PM
Yes, we are. I found a troubleshooting guide that recommended restarting some services, but that does not work either. What is dependent on that Active Directory admin password in call manager? any other suggestions? thanks.
12-07-2005 02:41 AM
When you install the Active Directory plugin for CallManager, you must supply a user account with certain read privilegs to AD. This user account is used to bind to AD and check for valid credential sets when you login to CallManager via MLA, CCMUser etc etc.
So, if you change the password for the account which CallManager uses to bind to AD w/, it breaks.
You're not completely out of luck though. When you install MLA, you configure an account with full admin access that you can use at any point that does not authenticate against AD. Most of the time this account is ccmadministrator and the local administrator password of the box, but could have been altered during install. Refer to the following doc for more detailed info: http://www.cisco.com/univercd/cc/td/doc/product/voice/c_callmg/4_1/sys_ad/4_1_3/ccmcfg/b07mla.htm.
Moving forward, I'd recommend creating a service account (denied interactive login to any boxes on your network) for the sole purpose of CallManager binding to LDAP. Make the password complex, mark it never to expire, user can't change, and you shouldn't have to change the password in the future.
Hope this helps!
12-07-2005 05:16 AM
We had an installer come in set the box up for CallManager so we were not told that changing a password would break callmanager. I have to be able to get into the administration via on the box or webpage, which I cannot do. I need to know how to get the web administration working to fix all this. I appreciate the link references, but this does not help me get the web interface back up. Is this beyond your expertise and do I need to call our cisco service tech to fix? Thanks.
12-07-2005 03:44 PM
Hi
As i can see u didn't change ccmadministrator password
or other CCM system accounts in call manager
When u change it in AD u also have to do it in CCM
with CCMPWDChanger through cmd, command prompt
Run->cmd->ccmpwdchanger-> and here u change passwords of ccmadministrator... after u change it in AD
Hope it helps
try it and give me a feedback if it helps please rate it
cheers
Vlad
12-08-2005 05:26 AM
We did not change the ccmadministrator password, only our AD admin password. We had to put a trouble ticket in for support and got the problem resolved. It required reinstalling a piece of software. But thanks for your help anyway.
12-08-2005 06:50 AM
thanx for feedback
07-01-2010 09:09 PM
What is the name of that software? Could you post it?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: