12-13-2016 03:51 AM - edited 03-17-2019 06:33 PM
Hi Guys,
Just installed Cisco Jabber 11.8 and updated the jabber-config to reflect the recent changes on directory integration (EDI/BDI to CDI), but since the upgrade I'm unable to resolve contacts.
Data:
Directory Type: OpenLDAP
Bind: Bind successful with specific credential (both on jabber-config and service profile)
As we are searching an openldap server, we're setting the jabber-config parameter "PredictiveSearchFilter" to CN, because ANR (Ambiguous Name Resolution) is an Active Directory Feature, not supported by openldap;
We're also setting the "Predictive Search Filter (Only used for Advance Directory)" on the Service Profile to CN, but all the searches are being made with ANR.
jabber-config - directory parameters:
Search filter captured on Wireshark:
(&(objectClass=person)(ANR=andre*))
This settings on 11.7 are working as expected. Does anyone encounter this issue?
Thanks,
Regards
01-09-2017 07:30 AM
Hi,
I can confirm the exact same behaviour here, all requests are made using the ANR and is ignoring the predicitvesearchfilter value
I was also not able to bind to my openldap using anonymous. (The new parameter UseAnonymousBinding seems to be ignored). I have to user credentials instead !
Regards,
Marc Zanuttini
01-09-2017 08:05 AM
Hello,
I can also confirm that we are encountering this as well. Reverting back to 11.7 was the only way to solve our issue.
Lookups to AD 2012 forest are failing.
Thank you!
01-10-2017 09:16 AM
Hello,
I have the same issue here.
To resolve it, I have to change OpenLDAP configuration and add this :
# filter: (&(objectClass=inetOrgPerson)(|(?ANR=curie*)))
# I get the "curie*" string and construct new filter with it to perform search with attribute cn, sn, givenName and o.
# I have some issue to configure regex with '(' ')' match so I construct new filter from scratch.
overlay rwm
rwm-rewriteEngine on
rwm-rewriteContext searchFilter
rwm-rewriteRule "^(.*)?ANR=([^)]*)" "(&(objectClass=inetOrgPerson)(|(|(|(cn=$2)(sn=$2))(givenName=$2))(o=$2)))"
####
In jabber configuration file, I have defined the basefilter, which is used to rewrite the filter.
<BaseFilter>(&(objectClass=inetOrgPerson)</BaseFilter>
But some fields are not displayed anymore on jabber client (like displayName, company) even if I force the mapping in jabber configuration file.
Maybe it's related with the UserAccountName used ("cn").
Regards,
Vincent PRADELL
01-11-2017 08:19 AM
Hi,
I have remapped all fields needed in jabber configuration, and now everything is fine with this configuration.
Regards,
Vincent PRADELL
01-17-2017 11:34 PM
Dear Vincent,
I am currently facing the same issue with Jabber always using ANR and would like to try your solution with rewriting but unfortunately I do not know how to implement this with our OpenLdap. Our LDAP server is configured to use OLC and I have no clue how to configure your proposed rewrite rules with it.
Can you help me with this ?
Thank you.
best regards
Andreas
01-18-2017 12:40 AM
Hello Vincent,
managed to implement it as follows:
Create new LDIF to activate rwm module
rwm_moduleAdd.ldif:
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: rwm
Add to LDAP config:
ldapmodify -D "cn=admin,cn=config" -x -W -f rwm_moduleAdd.ldif
Create new LDIF for rewrite configuration:
rwm_searchRewrite.ldif:
dn: olcOverlay={0}rwm,olcDatabase={1}hdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcRwmConfig
olcOverlay: {0}rwm
olcRwmRewrite: {0}rwm-rewriteEngine "on"
olcRwmRewrite: {1}rwm-rewriteContext "searchFilter"
olcRwmRewrite: {2}rwm-rewriteRule "^(.*)?ANR=([^)]*)" "(&(objectClass=inetOrgPerson)(|(|(|(cn=$2)(sn=$2))(givenName=$2))(o=$2)))"
olcRwmTFSupport: false
olcRwmNormalizeMapped: FALSE
Add to LDAP config:
ldapadd -D "cn=admin,cn=config" -x -W -f rwm_searchRewrite.ldif
Comment: !! olcDatabase={1}hdb might need to be changed for other environments !!
Hope this is correct :-)
best regards
Andreas
05-31-2017 11:09 PM
Hi,
which Version of Cisco Jabber for Windows do you use ?
We run with J4W 11.8.3 and we have no issue with contact search (Directory Source : OpenLdap)
example:
contact search "niep"...
2017-05-31 16:00:20,458 DEBUG [0x00000330] [rc\main\person-ldap\LdapSearcher.cpp(53)] [csf.person.ldap] [csf::person::ldap::LdapSearcher::search] - filter = (&(objectClass=inetOrgPerson)(|(sn=niep*))), baseDN=o=xxxxxxxx,c=xxxxxxxx
regards
Alex
09-12-2017 10:50 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide