07-02-2010 02:28 AM - edited 03-20-2019 05:56 AM
Hi,
Yet another CUCiMOC dicussion
OK so we have CUCM integrated with AD, but not using AD authentication. All CUCM user IDs are tied to the telephoneNumber field in AD. We've got the basics of OCS and MOC working. Now we're trying to integrate CUCiMOC into our setup.
I've set all the CUCiMOC registry entries for AD/LDAP/Attribute names etc. Extension numbers aren't appearing in MOC but that's another problem.
I can only log into the conversation pane in CUCiMOC using the user id/PIN of CUCM. When I do, it logs in ok, I get phone control functionality but I continue to get the LDAP Server disconnnected message. I ran wireshark to see what was happenning and I'm getting LDAP authentication errors to my DC. Of course I am - it's trying to use the CUCM user id and PIN to authenticate to AD. I changed the LDAP attributes to use the telephoneNumber field as the login but the PIN in CUCM will never be the same as the password in AD so it continues to fail
So what do you do here - does it need to authenticate to both CUCM and AD correctly?? I don't see how this will ever be possible.
Maybe someone can explain if they've come across this??
Thanks,
Neil
07-02-2010 05:57 AM
Take a look at http://www.cisco.com/en/US/docs/voice_ip_comm/cucimoc/8_0/english/installguide/config_clients.html#wp1074207.
The one you're interested in was "ContactService_UseCredentialsFrom".
Michael
07-28-2010 03:07 AM
Hi Michael - sorry for the delay in coming back to you.
Thanks for the response, however I'm a little confused with these settings.
When I log onto the MOC client, I use my AD domain username/password. When I log onto CUCiMOC, I need to use my CUCM usernsme (extn number) and CUCM PIN. It logs me in fine but it's the CUCiMOC alerts where I get the LDAP authentication error. When I go into the CICiMOC settings, I can set an "account" username/password which I set to my AD domain username/password and the LDAP error goes away.
I dont' see where to specify this in the settings you pointed me to.
Can you give me some pointers?
Thank in advance,
Neil
07-28-2010 05:18 AM
If your CUCM is integrated with LDAP (Active Directory), you could save some additional credentials (because they use the same credential).
If your CUCM is NOT integrated with LDAP, you'll have to specify LDAP credentials (which you did).
There's no way for CUCIMOC to know that before hand. Thus you need to tell it with registry settings, which is described in the documentation.
Michael
07-28-2010 07:10 AM
Hi Michael,
OK I think I have a handle on it now.
I was logging into CUCiMOC with my CUCM user and my CUCM PIN. For some reason it was allowing me to log in with this. But what I hadn't realised was that the CUCM was AD integrated so I tried logging in with my CUCM user and AD password and up came the CTI control.
Once I sent the synchronise creds options to "No Sync", and once i manually set the LDAP creds in CUCiMOC options to use my AD user/password, it keeps it there when i log off/on again.
thanks for the great advise,
Neil
10-28-2010 07:12 AM
No Sir, When CUPC logins in we do a bind request each time. So we do not store paswword localy,
when login atatempt occurs we send bind request to the AD and check PWD there
10-14-2010 08:31 AM
Hi,
If the end user changes their ldap password, will they need to go to the LDAP settings on CUCIMoC and change their password each time?
10-27-2010 10:41 PM
Hi
I have another question related to this.
If the CUCM is not integrated with AD, but we specify LDAP authentication in the registry for CUCIMOC, will softphone and call control work?
The usernames will be the same, but the passwords will be different. CUCIMOC will authenticate the user via LDAP with AD and that'll work, but how does CUCIMOC client then speak to Call Manager?
Or does this require the user entering their call manager userid and pin manually?
Thanks
01-12-2011 09:04 AM
"If the end user changes their ldap password, will they need to go to the LDAP settings on CUCIMoC and change their password each time?"
Is there any solution? Any idea's, has anyone experienced the same.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide