Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1955
Views
10
Helpful
5
Replies

Flexible JID: UDS for directory search and local users possible?

mcaldogne
Level 3
Level 3

‎12-23-2017 03:52 AM - edited ‎03-17-2019 07:15 PM

Hi everyone!

I have a new project for CUCM+IMP for a customer, so I was thinking to setup flexible JID.

Because of by the customer not all users are Active Directory users  (there are come external consultans working there), my idea was to use UDS for directory search for all users, synch with LDAP for AD users and create local user for the others. 

 

Until now I could try to test the login with jabber from a PC that is not in the Windows domain. Discovering CUCM and IMP is working well using the email address of a AD user and also LDAP authentication is OK. 

The only strange thing is, that in the upper area as user-id@presencedomain is displayed and not the first and last name of the user. Is because the PC is not in the domain?

 

The biggest problem is with the local users: even if for the local users there are directory URI and email in the CUCM configuration, it is not possible to login into Jabber. 

 

Can you help me to find the right way to go? I have no experience with flexible JID.

Thanks

Mirko

 

 

0 Helpful
5 Replies 5

Slavik Bialik
Level 7
Level 7

‎12-23-2017 10:20 AM

Hi,

I'm not 100% sure about the issue. The issue is that there are external employees that their PCs aren't in the domain, so this makes them enter their user URI all the time when they log in instead of auto discover the _cisco-uds and _cuplogin SRV records? If that's the case, and those employees are sitting in the internal network (only not in the domain) you can install their Cisco Jabber with installation arguments and set the service domain to be the internal domain, so that Jabber will be able to go and discover the SRVs under this service domain (that of course if those external PCs when they're on the internal networking are also getting the internal DNS servers of the organization via DHCP, if not, it won't work).

 

So, you can just go and install Cisco Jabber with arguments like that:

msiexec.exe /i CiscoJabberSetup.msi CLEAR=1 SERVICES_DOMAIN=domain.com

 

And of course you must set the directory URI of the local user in the CUCM to be their PC username as a user part URI, and with the 'domain.com', like that: username@domain.com.

 

Hope it helps.

mcaldogne
Level 3
Level 3
In response to Slavik Bialik

‎12-23-2017 11:04 AM - edited ‎12-23-2017 11:14 AM

Hi,

I will try to install Jabber with the arguments as you proposed and test Jabber login.

Yes, they are sitting in the internal network but not in the domain.

The local user in CUCM are still configured with the directory URI as username@domain, my doubt was if it is possible to have local users and flexible JID.

Thanks a lot,

Mirko

0 Helpful

Jaime Valencia
Cisco Employee
Cisco Employee
In response to mcaldogne

‎12-26-2017 09:25 AM

Yes, you can have flexible JID and local users, IM&P doesn't care if the users are local or LDAP, it only matters the mail entries have the different domains.

HTH

java

if this helps, please rate

mcaldogne
Level 3
Level 3
In response to Jaime Valencia

‎01-08-2018 02:42 AM

Hi!

thanks for your reply, it works!

I have some local user and I cannot login with the email address, search other users, chat...

 

I have only a problem with the LDAP synchronized users:

these users can login, search, click to call and so on, but different to the local users they see the own user-id@presencedomain in Jabber and not first and lastname.


jabber_01.jpg

cucm_01.jpg

 

Here the jabber-config.xml file:

<?xml version="1.0" encoding="utf-8"?>
<config version="1.0">
<Policies>
<InitialPhoneSelection>deskphone</InitialPhoneSelection>
<ServiceDiscoveryExcludedServices>WEBEX</ServiceDiscoveryExcludedServices>
<Screen_Capture_Enabled>true</Screen_Capture_Enabled>
<File_Transfer_Enabled>true</File_Transfer_Enabled>
<Video_Disabled>false</Video_Disabled>
<EnableAccessoriesManager>true</EnableAccessoriesManager>
<EnableCallPickup>true</EnableCallPickup>
<EnableBFCPVideoDesktopShare>false</EnableBFCPVideoDesktopShare>
<TelemetryEnabled>False</TelemetryEnabled>
<DirectoryURI>mail</DirectoryURI>
</Policies>
<Directory>
<DirectoryServerType>UDS</DirectoryServerType>
<IMAddresses use-default="false">
<IMAddress>mail</IMAddress>
</IMAddresses>
<UseSIPURIToResolveContacts>true</UseSIPURIToResolveContacts>
<SipUri>mail</SipUri>
<DirectoryServerType>UDS</DirectoryServerType>
</Directory>
</config>

 

What could be the reason?

Thanks

Mirko

0 Helpful

mcaldogne
Level 3
Level 3
In response to mcaldogne

‎01-11-2018 02:01 PM

Hi!

In the meantime the issue is solved: the cause was that I hadn't change the the IM Address Scheme to Directory URI in the advanced presence settings.

Thank you so much for your help.

Mirko

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents