Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
886
Views
0
Helpful
3
Replies

Jabber & AD integration

Juan Delgado Gutierrez
Level 1
Level 1

‎07-13-2020 01:57 AM

Hello All,

 

We have integrated CUCM (12.5) and a Active Directory but Jabber is not binding with, Contacts are not displayed and, therefore, searching, chatting... is not working either. 

 

In CUCM, AD has been configured as a UC services: 

- Enhanced Directory

- Connection Type: LDAP (I'm not sure if this should be set as Global Catalog)

And this has been set on the Service Profile - Directory Profile (here, is it necessary to fill the PSW? The same PSW set on System > LDAP > LDAP Directory is not accepted)

 

Analizying PTR we found:

[rc\main\person-ldap\LdapOptions.cpp(160)] [csf.person.ldap] [csf::person::ldap::LdapOptions::setLdapTLSOptions] - TLS version set to 1.0

 

[rc\main\person-ldap\LdapOptions.cpp(173)] [csf.person.ldap] [csf::person::ldap::LdapOptions::setLdapTLSOptions] - Setting require certificate succeeded

 

[rc\main\person-ldap\LdapOptions.cpp(190)] [csf.person.ldap] [csf::person::ldap::LdapOptions::setLdapTLSOptions] - Setting connection argument succeeded


[rc\main\person-ldap\LdapOptions.cpp(207)] [csf.person.ldap] [csf::person::ldap::LdapOptions::setLdapTLSOptions] - Setting verification callback succeeded

 

[rc\main\person-ldap\LdapOptions.cpp(226)] [csf.person.ldap] [csf::person::ldap::LdapOptions::setLdapReferral] - Setting LDAP referral disabled succeeded.


[src\main\person-ldap\LdapBinder.cpp(422)] [csf.person.ldap] [csf::person::ldap::LdapBinder::bindWithMechanism] - Trying to bind using EXTERNAL mechanism


 [src\main\person-ldap\LdapBinder.cpp(376)] [csf.person.ldap] [csf::person::ldap::LdapBinder::bind_external] - Implicit EXTERNAL bind has failed. This is most probably configuration issue on client machine. Check 'CertificateValidation' log lines for more info.

 

[src\main\person-ldap\LdapBinder.cpp(478)] [csf.person.ldap] [csf::person::ldap::LdapBinder::bindWithMechanism] - Ldap server is down. Stopping the bind. ldap=(181BE4D8)

 

[src\main\person-ldap\LdapBinder.cpp(597)] [csf.person.ldap] [csf::person::ldap::LdapBinder::bind] - Ldap server is down. Stopping the bind

 

Any idea about what is going wrong?

Thanks in advace. 

 

Juan

Labels:
0 Helpful
3 Replies 3

Mike_Brezicky
Cisco Employee
Cisco Employee

‎07-13-2020 04:12 AM

So on 12.x, the Jabber config file is created as a UC service in CUCM. Have you don this. There is a key under Directory section called DirectoryServerType.
If CUCM is laready syncing LDAP users, I would highly recommend having this set as UDS - and in the UC Service Profile, select no directory and check Use UDS for Contact Resolution.

If you have to use EDI for some reason, make sure its also properly set in the jabber config UC service.
0 Helpful

Juan Delgado Gutierrez
Level 1
Level 1
In response to Mike_Brezicky

‎07-13-2020 11:45 PM

Morning Mike,

 

AD must be configured as the directory since it's used for provisioning.  

 

Jabber-config.xml is well set with the proper features but i'm not sure about the difference between configuring the directory as LDAP or Global catalog connection and if this may be the cause of the issues we are facing. 

 

Thanks for replying¡

0 Helpful

Roger Kallberg
VIP
VIP

‎07-13-2020 04:36 AM

Jabber would per default do a service discovery for a LDAP server, see more in this document. https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/12_5/Planning_Guide/cjab_b_planning-guide-for-cisco-jabber-125/cjab_b_planning-guide-for-cisco-jabber-125_chapter_0110.html

This doesn't have a connection to the LDAP integration you have setup in CUCM or CUC.



Response Signature


0 Helpful
Customers Also Viewed These Support Documents