Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Presence Calendar Integration with Exchange 2010

I have just upgraded to CUPS 8.6.4, which resolves the Subject Alternative Name" Certificate issue, and am trying to get Calendar Integration working with Presence. When I look at the Presence Engine logs, It is sending the email address as the log on credentials to OWA. I need it to send domain\username. Is that possible?

Thanks, in advance,

Doug        

  • Unified Communications Applications
17 REPLIES
Cisco Employee

Presence Calendar Integration with Exchange 2010

Hey Doug,

There is no configuration where we can change the way CUPS performs EWS queries.

Is there any error message you see in the PE logs with the following syntax in the logs:

EWSCalendarInfo::initiateRecovery

Also if you can tell me that if the impersonation account formatted as "@domian" in the CUPS Presence Gateway?

Is the Exchange 2010 running with AD 2003 or 2008?

Regards,

Jas

New Member

Presence Calendar Integration with Exchange 2010

When I look at the PE logs, I see :

11:47:55.550 |system.pe.pa.owa.backend 1241894 INFO received SUBSCRIBE response for doug.davidson@epl.net: 401 Unauthorized
HTTP/1.1 401 Unauthorized
x-powered-by: ASP.NET
date: Wed, 23 May 2012 16:47:54 GMT
content-length: 0
set-cookie: exchangecookie=895f546a4d8d43f1bd481f052f4e43e7; expires=Thu, 23-May-2013 16:47:55 GMT; path=/; HttpOnly
www-authenticate: Negotiate, NTLM, Basic realm="webmail.epl.net"
server: Microsoft-IIS/7.5


11:47:55.550 |system.pe.pa.owa.backend 1241894 DEBUG <----QMS::SUBSCRIBE doug.davidson@epl.net

11:47:55.550 |system.pe.pa.owa.backend 1241894 DEBUG -->SessionManager::setConnected: webmail.epl.net:443 0

11:47:55.550 |system.pe.pa.owa.backend 1241894 DEBUG <--SessionManager::setConnected 0

11:47:55.550 |system.pe.pa.owa.backend 1241894 ERROR -->EWSSubscription::initiateRecovery: doug.davidson@epl.net POST 3 Authentication failure on server; Could not authenticate to server: ignoring empty Negotiate continuation, rejected NTLM challenge, rejected Basic challenge

11:47:55.550 |system.pe.pa.owa.backend 1241894 DEBUG <--EWSSubscription::clearResubscribe

11:47:55.550 |system.pe.pa.owa.backend 1241894 DEBUG <--EWSSubscription::scheduleResubscribe - interval (secs): 1080

11:47:55.550 |system.pe.pa.owa.backend 1241894 DEBUG <--EWSSubscription::initiateRecovery: POST

11:47:55.550 |system.pe.pa.owa.backend 1241894 DEBUG <--EWSSubscription::processSubscribeRequest

11:47:55.550 |system.pe.pa.owa.backend 1241894 DEBUG <--QMS::SUBSCRIBE

The account in the Exchange gateway is domain\ExCalendar.

We are running AD 2003.

Thanks,

Doug

New Member

Presence Calendar Integration with Exchange 2010

Hi Doug/Jasmeet,

Was there ever a work around to get this working, I've got the exact same problem with Exchange 2010 EWS and on Win2008.

The AD configured email address doesn't match the actual internal address used in Exchange, e.g. john.doe@domain.com is configured in the AD End User information.

However the real Exchange address is jdoe16@domain.internal

Jasmeet, what impact does the format of the impersonation account have?

I have entered our impersonation account for the gateway as domain\cupimacc

Regards,

Mike.

Super Bronze

Presence Calendar Integration with Exchange 2010

Hi Michael

So your 'mail' attribute in CUCM has john.doe@domain.com, or jdoe16@domain.internal?

The format of the imp account in the CUPS config should usually be as you have it - domain\username. That's the default format for OWA/EWS and isn't usually changed.

Aaron

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
New Member

Presence Calendar Integration with Exchange 2010

Hi Aaron,

The CUCM mail attribute is john.doe@domain.com, this is sync'ed from AD. Our example user id is jdoe16.

The Exchange guys tell me internally to Exchange all the email accounts are @domain.internal, somehow they these two email addresses map to the same user.

Exchange EWS requires the CUP server to subscribe as domain\userid, but debugs are showing john.doe@domain.com not domain\userid

Is there a parameter that will allow me to configure the domain\username for the Exchange EWS?

When we log in to Jabber the we use userid and password, the jabber  domain is domain.com.au, which is configured in the CUP server.

Regards,

Mike.

New Member

Presence Calendar Integration with Exchange 2010

Hi,

i have also a problem with calendar status. Looks like yours. See here the PE log:

10:29:13.288 |system.pe.pa.owa.backend 1244158 ERROR -->EWSSubscription::initiateRecovery:

@

POST 3 Authentication failure on server; Could not authenticate to  server: ignoring empty Negotiate continuation, rejected Basic challenge

AD proxy adress for users is -> SMTP: @

Impersonation User configuration in CUPS -> domain\user

How could i simply verify impersonation user have the right permissions?

Any suggestions how to fix?

Regards

Thorsten

Super Bronze

Presence Calendar Integration with Exchange 2010

Hi

It's normal to see auth fails, usually followed by another connection where CUPS sends the credentials - it's a bit like when you browse to something password protected; you see the auth dialog in internet explorer as a result of receiving a permissions error, the retry with permissions.

You can use a free SOAP tool to test your impersonation permissions :

https://supportforums.cisco.com/community/netpro/collaboration-voice-video/unified-comm-application/blog/2012/12/04/using-the-soap-tool-to-verify-ews-permissions-for-unity-connection-sib-cases

Aaron

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
New Member

Presence Calendar Integration with Exchange 2010

Thx for the Tool. Great. :-)

There was also a problem with impersonate user but i have still a problem with status. I have make a detailed trace now:

14:53:05.723 |system.pe.pa.owa.backend 1243654 INFO received FINDITEM response for @: 401 Unauthorized

HTTP/1.1 401 Unauthorized

x-powered-by: ASP.NET

date: Mon, 11 Feb 2013 13:52:17 GMT

content-length: 0

www-authenticate: Negotiate, NTLM, Basic realm=""

server: Microsoft-IIS/7.0

This is what i got often in the log.

Any suggestion?

Super Bronze

Presence Calendar Integration with Exchange 2010

Hi

So I take it the tool can impersonate this user OK?

Did you specify the same username format that you used in CUPS admin? And did you use basic auth with the test tool?

Aaron

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
2068
Views
5
Helpful
17
Replies
This widget could not be displayed.