Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1161
Views
0
Helpful
4
Replies

Does Hybrid Jabber SSO REQUIRE CUCM and CUC also be SSO?

Stephanie Knoop
VIP Alumni
VIP Alumni

‎11-07-2017 01:00 PM - edited ‎03-17-2019 07:11 PM

If I want to SSO enable Jabber (Messenger/Cloud), is it a requirement that I simultaneously enable SSO on CUCM and CUC for the phone and voicemail services to connect in Jabber, or can the end user still manually set the account name for phone and voicemail services?  Elementary question, but I can't find the answer.  Thank you.


Response Signature
1 person had this problem
0 Helpful
4 Replies 4

Mark Swanson
Level 4
Level 4

‎11-15-2017 12:39 PM

Are you trying to integrate voicemail and associate devices to users, for click-to-x purposes within Jabber? 

0 Helpful

Stephanie Knoop
VIP Alumni
VIP Alumni
In response to Mark Swanson

‎11-15-2017 01:10 PM

Jabber will be deployed (is deployed already) as a full UC client. We do integrate with CUCM and CUC today. I've been asked to SSO the jabber login (Messenger cloud), but am concerned about the user experience if I don't simultaneously SSO CUCM and CUC. To have to SSO all 3 at once seems like asking for trouble, so wanted to know what is possible here from a phased approach. So, to answer your question...click to call is not the goal here; not breaking the UC integration is the goal (allowing users to place and receive calls/voicemail, period is). Thanks for your time!



Response Signature
0 Helpful

Mark Swanson
Level 4
Level 4
In response to Stephanie Knoop

‎11-16-2017 10:21 AM

No, you shouldn't have to configure SSO for CUCM and CUC as well. Are you using UDS, if so, what does your Service Profile configs look like? And, what does your jabber-config.xml look like?

Within your Service Profile which is located here; CUCM Admin > User Management > User Settings > Service Profile. You specify the Primary and Secondary servers for the IM and Presence Profile. This could be 'Unified CM (IM and Presence)' or 'WebEx (IM and Presence). If you declared 'WebEx (IM and Presence)' as the UC Service Type, then authentication is handled by WebEx.

If you haven't already done so, you can alter the default parameters for Cisco Jabber, to include;

SSO_Enabled - default value is true

Start_Client_On_Start_OS - default value is false

Before the user logins, they should select the 'Automatic Sign-in' checkbox. This causes Jabber to cache your credentials under the CSF > Credentials folder. This trust file is referenced during the login process.

The main benefits of using SSO via IdP is...

- So users with Common Access Cards (CAC) or tokens could bypass the login process by establishing a trust relationship with the IdP because in this case, users don't have passwords.

- So users can SSO into CUCM Admin, IM&P Admin, Unity Admin, etc. webpages or CUCM Self-Care Portal and yes, WebEx as well.

However, most users don't login or need access to these services... the only exception might be CUCM Self-Care Portal.

Check out these websites;

https://supportforums.cisco.com/t5/jabber-clients/webex-login-for-jabber/td-p/2627735

https://www.cisco.com/c/en/us/support/unified-communications/jabber-windows/products-installation-guides-list.html

0 Helpful

peng_wang1
Level 1
Level 1
In response to Stephanie Knoop

‎02-11-2019 11:01 PM

I have the same questions too. Have you already implemented SSO? I'm wondering what's the user experience vs. non-SSO and what's recommended steps if we have to go for SSO. Thanks!

0 Helpful
Customers Also Viewed These Support Documents