Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

UCM 7.x Command Line Interface

Running call manager 7x. I moved some AD objects around and i can no longer log into the administration page. I get the error, " log on failed - invalid user id or password." I moved the objects back, but i still cannot log in. I believe i need UCM to sync with my LDAP in order to resolve this, but i am not familiar with the CLI commands to do kick off the LDAP sync. Any help would be great!

Brett

2 ACCEPTED SOLUTIONS

Accepted Solutions

UCM 7.x Command Line Interface

Hi Brett,

You can use the "utils  reset_ui_administrator_password" CLI command to reset the administration page password.

Gabriel.

Cisco Employee

UCM 7.x Command Line Interface

The accounts you created during the install for GUI are still there and that is unrelated to LDAP, you can use that one for login. The command only resets the built-in accounts, it's not related to end users privileges for ccmadmin. The command is for ui (User interface) you can review the CLI command guide if you want further info.

GUI accounts and CLI accounts are independent and exist in different places.

OS/CLI recovery procedure is different as it requires you to be local to the server to perform it since you need to use the DVD drive to confirm you're there.

HTH

java

If this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
7 REPLIES

UCM 7.x Command Line Interface

Hi Brett,

You can use the "utils  reset_ui_administrator_password" CLI command to reset the administration page password.

Gabriel.

Cisco Employee

UCM 7.x Command Line Interface

You don't do an LDAP sync via CLI, go to the LDAP config and you should have a sync now option there.

HTH

java

If this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
Community Member

UCM 7.x Command Line Interface

Gabriel,

Thanks for the feedback i may try that if i cannot get the ldap to sync. I thought local CUCM accounts were disabled once LDAP was enabled so i am not sure if this will work for me.

Brett

Cisco Employee

UCM 7.x Command Line Interface

That depends on what users you're talking about

End users are pulled from LDAP, you cannot longer create them via GUI once this is enabled.

app users are always created and held in the CUCM DB and are not related to LDAP.

End users if not found after an ldap sync will be marked as inactive and then be removed by the garbage disposal mechanism. If you get them back in the search OU you need to re-sync ldap to enable them again.

HTH

java

If this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

www.cisco.com/go/pdi

UCM 7.x Command Line Interface

Brett, if you know the application user used to log into the administration page then you can use the reset ui administrator password, because those users don't get inactive by the LDAP synch as Java told you already.

Gabriel.

Community Member

UCM 7.x Command Line Interface

java,

I use AD accounts to access the administration site in cucm. i am not sure if the local administrator account still exisits on call manager. i know the OS administrator account still works because i can access the CLI using it.

if i were to run utils reset_ui_administrator_password command does it reset the OS admin login for CLI or an account local to the website gui log in?

Thanks!

Cisco Employee

UCM 7.x Command Line Interface

The accounts you created during the install for GUI are still there and that is unrelated to LDAP, you can use that one for login. The command only resets the built-in accounts, it's not related to end users privileges for ccmadmin. The command is for ui (User interface) you can review the CLI command guide if you want further info.

GUI accounts and CLI accounts are independent and exist in different places.

OS/CLI recovery procedure is different as it requires you to be local to the server to perform it since you need to use the DVD drive to confirm you're there.

HTH

java

If this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
487
Views
0
Helpful
7
Replies
CreatePlease to create content